[Ocf-linux-users] some questions on OCF
Brought to you by:
david-m
Menu
▾
▴
[Ocf-linux-users] some questions on OCF
|
From: avital s. <avi...@gm...> - 2010-03-17 15:25:00
|
Hello David, I am working on porting our custom AES and SHA drivers written for native crypto to OCF. As a start I modified the cryptosoft driver by removing the crypto_done call in case of HMAC/MAC and block cipher and replacing the appropriate crypto op calls with ones that enqueue the requests to the drivers. The drivers then from interrupt context call crypto_done. I also changed the registration to Hardware. Using crytotest I verifed that everything works fine (and produces pretty good results as compared with SW only crypto). With this approach I was able to make use of all your existing skbuff/uiov manipulation code which seems non trivial at all. The one problem I see with this approach is that I won't be able to make use of alg chaining which I will eventually need for ipsec. Is my understanding on the trade off (using a lot of existing code versus optimal performance) correct or am I missing something else? Is it possible that with very small buffers the hw processing , the corrosponding interrupt and the call to crypto_done will complete before the crypto_process routine returns? If that happens will that be a problem? As far as I could tell, there is no way to get the native kernel IPSEC to call the OCF driver so I need to change to the KLIPS stack. Is this true? With the current drivers I use setkey to manually setup a tunnel . Will I still be able to do that with the KLIPS stack? Thanks a lot for your time. |
