Hello.
I'm pleased to announce asynchronous crypto layer (acrypto) [1] release
for 2.6.18 kernel tree. Acrypto allows to handle crypto requests
asynchronously in hardware.
Combined patchset includes:
* acrypto core
* IPsec ESP4 port to acrypto
* dm-crypt port to acrypto
* OCF to acrypto bridge
Acrypto supports following crypto providers:
* SW crypto provider
* HIFN 795x adapters
* VIA nehemiah CPU
* SuperCrypt CE99C003B
* devices supported by OCF
With this release of combined patchset for 2.6.18 I drop feature
extensions for 2.6.16 and 2.6.17 trees and move them into maintenance
state.
Combined patchset [190k] and drivers for various acrypto providers can
be found on project's homepage.
1. Acrypto homepage.
http://tservice.net.ru/~s0mbre/old/?section=projects&item=acrypto
Signed-off-by: Evgeniy Polyakov <[email protected]>
--
Evgeniy Polyakov
--
Evgeniy Polyakov
Evgeniy Polyakov wrote:
> Hello.
>
> I'm pleased to announce asynchronous crypto layer (acrypto) [1] release
> for 2.6.18 kernel tree. Acrypto allows to handle crypto requests
> asynchronously in hardware.
>
> Combined patchset includes:
> * acrypto core
> * IPsec ESP4 port to acrypto
> * dm-crypt port to acrypto
so I should be able to replace a plain 2.6.18 kernel with one
with this patchset and use dm-crypt'ed partitions (e.g. swap,
encrypted root filesystem) as usual without further changes?
Did anyone test this with success?
Regards, Andreas
On Thu, Sep 28, 2006 at 03:23:43PM +0200, Andreas Jellinghaus ([email protected]) wrote:
> Evgeniy Polyakov wrote:
> >Hello.
> >
> >I'm pleased to announce asynchronous crypto layer (acrypto) [1] release
> >for 2.6.18 kernel tree. Acrypto allows to handle crypto requests
> >asynchronously in hardware.
> >
> >Combined patchset includes:
> > * acrypto core
> > * IPsec ESP4 port to acrypto
> > * dm-crypt port to acrypto
>
> so I should be able to replace a plain 2.6.18 kernel with one
> with this patchset and use dm-crypt'ed partitions (e.g. swap,
> encrypted root filesystem) as usual without further changes?
>
> Did anyone test this with success?
>
> Regards, Andreas
As I answered in your first e-mail, yes, you just need to patch 2.6.18
tree and load one of the crypto provider.
Acrypto works with request/response model, i.e. you ask acrypto core to
perform some operation on given buffers and if it can, it will call
your callback when it is ready (or some error happend and acrypto was
unable to reroute request to other device), otherwise it will return error.
With such a model it is possible to extend acrypto to any kind of
operations on buffers, not only crypto related, for example it is
possible to onload IPsec header transformation, perform DMA between
specified areas and much more.
--
Evgeniy Polyakov
>>>>> "Evgeniy" == Evgeniy Polyakov <[email protected]> writes:
Evgeniy> Hello. I'm pleased to announce asynchronous crypto layer
Evgeniy> (acrypto) [1] release for 2.6.18 kernel tree. Acrypto allows
Evgeniy> to handle crypto requests asynchronously in hardware.
Would userspace programs benefit from this patch? In particular, would
OpenSSL get better performances on Via nehemiah CPUs or does it need
to be patched?
Sam
--
Samuel Tardieu -- [email protected] -- http://www.rfc1149.net/
On Fri, Sep 29, 2006 at 12:17:58PM +0200, Samuel Tardieu ([email protected]) wrote:
> >>>>> "Evgeniy" == Evgeniy Polyakov <[email protected]> writes:
>
> Evgeniy> Hello. I'm pleased to announce asynchronous crypto layer
> Evgeniy> (acrypto) [1] release for 2.6.18 kernel tree. Acrypto allows
> Evgeniy> to handle crypto requests asynchronously in hardware.
>
> Would userspace programs benefit from this patch? In particular, would
> OpenSSL get better performances on Via nehemiah CPUs or does it need
> to be patched?
Userspace supports Via Nehemiah CPUs crypto engine quite for a long time
without any external patching.
> Sam
> --
> Samuel Tardieu -- [email protected] -- http://www.rfc1149.net/
--
Evgeniy Polyakov