Re: [PATCH] /dev/crypto for Linux

[Michal Ludvig]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Michael Halcrow told me that:
> On Tue, Aug 24, 2004 at 11:37:27PM +0200, Michal Ludvig wrote:
>
>>attached is a driver for OpenBSD-like /dev/crypto device (aka
>>CryptoDev) that makes a way for userspace processes to access
>>ciphers provided by in-kernel CryptoAPI modules.
>
> Cool!  Now if I'm interpreting this right, this is only good for
> working on up to one page worth of data at a time, right?

Of course the userspace can request encrypting any amount of data (well,
multiple of blocksize), but only at most one page at a time is copied
into the kernel, encrypted and returned back to the process' memory.

IMHO It is faster than allocating e.g. 4 MB in the kernel, copying all
of this from userspace, encrypting and returning back. That wouldn't use
the CPU cache too efficiently.

> In cryptfs, I have written some functions that essentially do what
> your FILL_SG() macro does, only it spreads across multiple sg's, if
> necessary.  Do you think this might be appropriate for /dev/crypto?

As I'm currently working only on one kernel page at a time I think
FILL_SG() is sufficient. But I'm definitely interested how to use
multiple sg's at once (although I don't immediately ned it). Where can I
see these functions? Maybe thay could go to some library directly in
linux/crypto/...?

Michal Ludvig
- --
SUSE Labs                    mludvig@xxxxxxx
(+420) 296.542.396        http://www.suse.cz
Personal homepage http://www.logix.cz/michal
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFBLEGhDDolCcRbIhgRApPrAJ9ghoyWXhxnk+wUQL9evde3o5uDqgCfdde8
OsMo/MlzKifupt1+pbNovYk=
=yKGK
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/