From: Herbert Xu Subject: Re: IPSec ESP Authenc Offload Date: Thu, 29 May 2008 17:01:30 +1000 Message-ID: <20080529070130.GC18007@gondor.apana.org.au> References: <20080526112058.GA16525@gondor.apana.org.au> <0CA0A16855646F4FA96D25A158E299D604814C4A@SDCEXCHANGE01.ad.amcc.com> <20080528063434.GA1173@gondor.apana.org.au> <0CA0A16855646F4FA96D25A158E299D604814F16@SDCEXCHANGE01.ad.amcc.com> <20080528222246.GA7798@gondor.apana.org.au> <0CA0A16855646F4FA96D25A158E299D604815113@SDCEXCHANGE01.ad.amcc.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: linux-crypto@vger.kernel.org To: Loc Ho Return-path: Received: from rhun.apana.org.au ([64.62.148.172]:48943 "EHLO arnor.apana.org.au" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751271AbYE2HBe (ORCPT ); Thu, 29 May 2008 03:01:34 -0400 Content-Disposition: inline In-Reply-To: <0CA0A16855646F4FA96D25A158E299D604815113@SDCEXCHANGE01.ad.amcc.com> Sender: linux-crypto-owner@vger.kernel.org List-ID: On Wed, May 28, 2008 at 04:02:11PM -0700, Loc Ho wrote: > > It doesn't help if it is generated by software. The driver still needs a > context SA for each operation. In addition, the driver will have to > increment seq (or load from request) and load SEQ and IV into each > context SA. It is much cleaner if our driver knows the whole header > length. Even if the hardware rewrites the SPI and SEQ again, it is all > handled by hardware offload and will not be a problem for IPSEC ESP. I'm happy to add support for ESP offload. However, I don't think we should add it onto the AEAD interface. We should instead create an ESP interface that specifically does this. I still think that you can use the existing interface though and just throw away the ESP work since that's trivial anyway. Having a context SA is not a problem since each tfm corresponds to a single SA and you can just store the context in its context area. Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt