Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 7 Feb 2003 16:15:37 -0800
From:      "Bruce A. Mah" <bmah@freebsd.org>
To:        Sam Leffler <sam@errno.com>
Cc:        Jack Xiao <jack_xiao99@hotmail.com>, freebsd-security@freebsd.org
Subject:   Re: hardware encryption under freebsd
Message-ID:  <20030208001537.GA81860@intruder.bmah.org>
In-Reply-To: <05d201c2ced6$49f96700$52557f42@errno.com>
References:  <OE66ELVP4zi6UUG7WGM000064ef@hotmail.com> <05d201c2ced6$49f96700$52557f42@errno.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

--EeQfGwPcQSOJBaQU
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

If memory serves me right, Sam Leffler wrote:
> > It's said "A new in-kernel cryptographic framework (see crypto(4) and
> > crypto(9)) has been imported from OpenBSD. It provides a consistent
> > interface to hardware and software implementations of cryptographic
> > algorithms for use by the kernel and access to cryptographic hardware f=
or
> > user-mode applications. Hardware device drivers are provided to support
> > hifn-based cards ( hifn(4)) and Broadcom-based cards ( ubsec(4))."
> >
> > "A FAST_IPSEC kernel option now allows the IPsec implementation to use =
the
> > kernel crypto(4) framework, along with its support for hardware
> > cryptographic acceleration. More information can be found in the
> > fast_ipsec(4) manual page."
> >
> > In this case, if I want to use hardware encryption/decryption, should I
> use
> > fast_ipsec instead of ipsec in the kenerl option? By the way, I am using
> > FreeBSD 4.7 Release. I am also curious if anybody has such experience in
> > this group before my trial. How's the performance?
>=20
> 4.7-release does not have the new ipsec code.  I can't recall if the cryp=
to
> code got in.

No, it's a 4.7-STABLE thing.  Note that the original poster quoted the
release notes from 4.7-STABLE, even though he's running 4.7-RELEASE.

Bruce.

--EeQfGwPcQSOJBaQU
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (FreeBSD)

iD8DBQE+REwo2MoxcVugUsMRAoTvAKCV4MqjD/udxlHxjA6bHByIxiUZvwCeICKN
9M7Bh+0lhQxzcsJjDaeUUQA=
=7o8Z
-----END PGP SIGNATURE-----

--EeQfGwPcQSOJBaQU--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030208001537.GA81860>