svn commit: r359374 - in head: . share/man/man4 share/man/man7 share/man/man9 sys/crypto/aesni sys/crypto/armv8 sys/crypto/blake2 sys/crypto/ccp sys/crypto/via sys/dev/cesa sys/dev/cxgbe sys/dev/cx...

[John-Mark Gurney]

Alexey Dokuchaev wrote this message on Mon, Apr 13, 2020 at 04:32 +0000:
> On Sun, Apr 12, 2020 at 01:08:49PM -0700, Xin Li via svn-src-all wrote:
> > On 3/27/20 11:25 AM, John Baldwin wrote:
> > >   - Drivers no longer register a list of supported algorithms. [...]
> > 
> > For user-visible interface, it seems like we are essentially treating
> > "accelerated software" like AES-NI the same way of plain software.  For
> > example, geom_eli would now say:
> > 
> > GEOM_ELI: Encryption: AES-XTS 128
> > GEOM_ELI:     Crypto: software
> > 
> > Instead of:
> > 
> > GEOM_ELI: Encryption: AES-XTS 128
> > GEOM_ELI:     Crypto: hardware
> > 
> > [...] and it's much easier for system administrators if we expose the
> > fact that they are using some kind of acceleration than asking them to
> > run DTrace etc. to find out.  Personally, I think it's probably better
> > to change the notion to either "accelerated" (by either hardware or
> > software) and "software"...
> 
> +1 for "accelerated" vs. "software".  For most users "accelerated" would
> mean AES-NI (dedicated crypto cards are not as common), and since most
> modern CPUs have those, not being able to easily distinguish between that
> and "pure software" (unaccelerated) mode is rather frustrating.

Yeah, w/o a differentiation, people can't tell if the aesni.ko module
was loaded or not...  I use this to make sure things will go fast.. If
I see software, I know it'll be slow...

-- 
  John-Mark Gurney				Voice: +1 415 225 5579

     "All that I will do, has been done, All that I have, has not."