From owner-freebsd-stable@freebsd.org Sat Dec 8 00:04:57 2018 Return-Path: Delivered-To: freebsd-stable@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 68789132544B for ; Sat, 8 Dec 2018 00:04:57 +0000 (UTC) (envelope-from ian@freebsd.org) Received: from outbound1.eu.mailhop.org (outbound1.eu.mailhop.org [52.28.251.132]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BB3DA7E952 for ; Sat, 8 Dec 2018 00:04:56 +0000 (UTC) (envelope-from ian@freebsd.org) ARC-Seal: i=1; a=rsa-sha256; t=1544227494; cv=none; d=outbound.mailhop.org; s=arc-outbound20181012; b=qOAM6FtXHlRRkbxLq9ok0/ZR88x5jFZ25OzMzeJUGNZGpYTZg4n4VLTPwMozIZMle2uTz1OSzMy3I g7+qbWGVUnCX+WTAgskUZJesdNSo1OIrec0kIK8MB0V4iSx90e+qTXsj/CphNmiXlU61C+AV9CQ6CN qA0NWPeCHZ3gsvzy3GwmCWcbM7mBPImXt5a+k8xozcSITfTYeo/PPHx92h/VCp3ZH+XfOX63AIg/v3 /uGRItDsR8IUGTDkzO+cWj+Oa/7s8nqM/yEFus1QX4+DFbFjpteP3LInjVJXKt7dWugpR5KFJtiCah 4jKF9aI1k2OBQouytsi7OYTBv5Qs8ew== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=arc-outbound20181012; h=content-transfer-encoding:mime-version:content-type:references:in-reply-to: date:to:from:subject:message-id:dkim-signature:from; bh=LgaA0JDqgWo0yakZ3JPstNVu8x3WvkYvLtPmdPXhaQU=; b=XVgfnE8+D8LCobAxRjrd3F+d1+4c63g1hN4wDt7ihTYa/546EcTt7UWHTjV/0ktJPjNnfMwSw+/v0 7Q1N8MvdDrhglJsooKTd39Tnz5lSbWX9S5EAfJNcYlcmjuq+GwGcSgeULgHe6ExBO+fptMnJ25jORw 4AhDE+0Ql3SIPhd/CwOq1k6XvQHxFMFsI4wzKpRDns1220s5UwqSt7uuXiPf97DGpWFSEjrdV8FRYd QOTRBnth8VzZPEwMZMnJ6um1rUdrTrJyqOCprgU7+C3yKECmxoATRg+NvJZsuHX3Qno1JfUbzG7Ebp TWeerJu6Pj5F4y8iJxrNXX1D6IigmsA== ARC-Authentication-Results: i=1; outbound3.eu.mailhop.org; spf=softfail smtp.mailfrom=freebsd.org smtp.remote-ip=67.177.211.60; dmarc=none header.from=freebsd.org; arc=none header.oldest-pass=0; DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outbound.mailhop.org; s=dkim-high; h=content-transfer-encoding:mime-version:content-type:references:in-reply-to: date:to:from:subject:message-id:from; bh=LgaA0JDqgWo0yakZ3JPstNVu8x3WvkYvLtPmdPXhaQU=; b=ickuNb0lFfN2de81v73tzJAgXLadJwY92DH2R3fAbdhUVYpLZAOA/DueOIFyMM/7ESvweurmMqztJ UblfZAkrT+w2RRzC4q2lQK6dOnFe1g4jVT2IcX9OTaXjEJBP8ESS1ysfedGtob1Z9zrqAV9VZY3WPH B5Bmyzr50fSmMCLIIN+mdMAVRaEiF4GHWx+Gj88XUuiH1hMBnpPc7M1DKYLEbdV8sGsZdeIlHEvDKA 89bhvgqzjzaKWhJZ83nwaiYVkW38XQK54edFONjVaHamZnsduxQu+BLNgPosc10UAhdpHBNYb54WRs wS6h5PNUPA8Gvc62pO5jdkd0EZdr++w== X-MHO-RoutePath: aGlwcGll X-MHO-User: e178b12d-fa7c-11e8-8a28-a1efd8da9a94 X-Report-Abuse-To: https://support.duocircle.com/support/solutions/articles/5000540958-duocircle-standard-smtp-abuse-information X-Originating-IP: 67.177.211.60 X-Mail-Handler: DuoCircle Outbound SMTP Received: from ilsoft.org (unknown [67.177.211.60]) by outbound3.eu.mailhop.org (Halon) with ESMTPSA id e178b12d-fa7c-11e8-8a28-a1efd8da9a94; Sat, 08 Dec 2018 00:04:52 +0000 (UTC) Received: from rev (rev [172.22.42.240]) by ilsoft.org (8.15.2/8.15.2) with ESMTP id wB804nIS065593; Fri, 7 Dec 2018 17:04:49 -0700 (MST) (envelope-from ian@freebsd.org) Message-ID: <1544227489.1860.321.camel@freebsd.org> Subject: Re: /dev/crypto not being used in 12-STABLE From: Ian Lepore To: Jung-uk Kim , Jeremy Chadwick , freebsd-stable@freebsd.org Date: Fri, 07 Dec 2018 17:04:49 -0700 In-Reply-To: <995cddb8-f4ce-b9c9-aa8f-5e7cd5c465e2@FreeBSD.org> References: <20181207020124.GA87799@icarus.home.lan> <995cddb8-f4ce-b9c9-aa8f-5e7cd5c465e2@FreeBSD.org> Content-Type: text/plain; charset="ISO-8859-1" X-Mailer: Evolution 3.18.5.1 FreeBSD GNOME Team Port Mime-Version: 1.0 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: BB3DA7E952 X-Spamd-Result: default: False [-2.99 / 15.00]; local_wl_from(0.00)[freebsd.org]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; NEURAL_HAM_SHORT(-0.99)[-0.993,0]; NEURAL_HAM_LONG(-1.00)[-0.995,0]; ASN(0.00)[asn:16509, ipnet:52.28.0.0/16, country:US] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Dec 2018 00:04:57 -0000 On Fri, 2018-12-07 at 18:38 -0500, Jung-uk Kim wrote: > > So while OpenSSL now uses more of its own native C and assembly code > > (e.g. for AES-NI support), and that's certainly faster than all the > > overhead that cryptodev(4) brings with it (see jhb@'s post), I wonder: > >  > > 1. What happens to people using crypto hardware accelerators, ex. > > hifn(4), padlock(4), ubsec(4), and safe(4)?  How exactly would OpenSSL > > utilise these H/W accelerators if the devcrypto engine is disabled? > > padlock has a dynamic engine, i.e., /usr/lib/engines/padlock.so.  I > believe glxsb, hifn(4), safe(4), and ubsec(4) users are very rare > nowadays.  If we have significant number of users and they show > reasonable performance, then I will reconsider my decision. What about non-x86 hardware? Most 32-bit ARM chips have crypto accelleration hardware which is not implemenented as cpu instructions (or accessible in any way from userland). -- Ian