Re: comparison of the AF_ALG interface with the /dev/crypto

[Nikos Mavrogiannopoulos]

On Thu, Sep 1, 2011 at 4:59 PM, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxxx> wrote:

>> latency, maybe(?) high throughput or so). Thus, I designed this
>> benchmark with a use-case in mind, i.e., a TLS or DTLS tunnel
>> executing in a system with such an accelerator. There might be other
>> benchmarks with other use cases in mind, but I haven't seen any.
> Putting TLS data-path in user-space is always going to be less
> than optimal, especially with hardware crypto offload, since you'll
> be crossing the user-space/kernel boundary multiple times.

Indeed but today that's what we have in some systems. User-space TLS
implementations (GnuTLS and OpenSSL) and kernel-space crypto
offloading. The purpose of the /dev/crypto and AF_ALG interfaces is to
connect those together. It would be interesting to have a partial
kernel-space TLS implementation but I don't know whether such a thing
could ever make it to kernel.

regards,
Nikos
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/