Date: Tue, 04 Mar 2008 15:52:56 -0700 (MST) From: "M. Warner Losh" <imp@bsdimp.com> To: chargen@gmail.com Cc: current@freebsd.org Subject: Re: IPSEC/crypto is broken in FreeBSD/powerpc 7.0-RELEASE! Message-ID: <20080304.155256.910758059.imp@bsdimp.com> In-Reply-To: <292361ab0803041437t48245090y3db91d2e7d9a0c9b@mail.gmail.com> References: <0B526200-AE42-436D-BB28-51B396D95FC5@rabson.org> <20080304.083144.1219863991.imp@bsdimp.com> <292361ab0803041437t48245090y3db91d2e7d9a0c9b@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message: <292361ab0803041437t48245090y3db91d2e7d9a0c9b@mail.gmail.com>
Chargen <chargen@gmail.com> writes:
: On Tue, Mar 4, 2008 at 4:31 PM, M. Warner Losh <imp@bsdimp.com> wrote:
:
: > digging deeper...
: >
: > The crypto code looks good to me. It explicitly sets the driver name.
: > Drivers that have a class explicitly set will have that driver's probe
: > called, and only that driver's probe. In arm, amd64, sparc64, i386
: > and ia64, all of the devices for the nexus routine are added this way,
: > so there's no problem.
: >
: > I think that the real problem is that both 'real' hardware and 'fake'
: > hardware is being attached to the nexus driver for the AIM. The
: > grackle, uninorth and unin drivers all ask the nexus for their names.
: > That's because they really should be children of a openfirmware device
: > that enumerates these things. However, since there's now a 'fake'
: > device on nexus that doesn't ask the nexus for its name (since that's
: > not how children of nexus work) there's a problem.
: >
: > So the fix to the problem is to add a layer for the AIM class of
: > machine to attach grackle, uninorth or unin to a ofw device.
: >
:
: on the topic of IPSEC/Crypto/Cryptodev (soft), is anyone interested in
: testing pr- 120270 (feature request
: http://www.freebsd.org/cgi/query-pr.cgi?pr=120270 ) - because there are
: still some features missing like AES-192/256 hardware support
There seems to be a number of changes swizzled together in the diff in
this PR. Things like:
#if defined(__OpenBSD__) || defined(__FreeBSD__)
- ENGINE_load_cryptodev();
+#define HAVE_CRYPTODEV
#endif
#endif
+#ifdef HAVE_CRYPTODEV
+ ENGINE_load_cryptodev();
+#endif
and then later
void *ENGINE_get_static_state(void);
-#if defined(__OpenBSD__) || defined(__FreeBSD__)
+#if defined(__OpenBSD__) || defined(__FreeBSD__) || defined(HAVE_CRYPTODEV)
void ENGINE_setup_bsd_cryptodev(void);
and the like.
Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080304.155256.910758059.imp>