Re: [PATCH 00/19] RFC, v2: "New" /dev/crypto user-space interface

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Ted Ts'o

Subject: Re: [PATCH 00/19] RFC, v2: "New" /dev/crypto user-space interface

Date: Friday, August 20, 2010 - 6:56 am

On Fri, Aug 20, 2010 at 10:45:43AM +0200, Miloslav Trmač wrote:
quoted text> Hello, following is a patchset providing an user-space interface to
> the kernel crypto API.  It is based on the older, BSD-compatible,
> implementation, but the user-space interface is different.

What's the goal of exporting the kernel crypto routines to userspace,
as opposed to just simply doing the crypto in userspace?  Is it to
access hardware crypto accelerators?  (1) I wasn't aware the kernel
crypto routines actually used crypto accelerators, and (2) more often
than not, by the time you take into account the time to move the
crypto context as well as the data into kernel space and back out, and
after you take into account price/performance, most hardware crypto
accellerators have marginal performance benefits; in fact, more often
than not, it's a lose.

If the goal is access to hardware-escrowed keys, don't we have the TPM
interface for that already?

So I'm bit at a list what's the whole point of this patch series.
Could you explain that in the documentation, please?  Especially for
crypto, explaining when something should be used, what the threat
model is, etc., is often very important.

Thanks, regards,

						- Ted

--
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

[PATCH 00/19] RFC, v2: "New" /dev/crypto user-space interface, =?UTF-8?q?Miloslav=2 ..., (Fri Aug 20, 1:45 am)

[PATCH 01/19] User-space API definition, =?UTF-8?q?Miloslav=2 ..., (Fri Aug 20, 1:45 am)

[PATCH 02/19] Add CRYPTO_USERSPACE config option, =?UTF-8?q?Miloslav=2 ..., (Fri Aug 20, 1:45 am)

[PATCH 03/19] Add libtommath headers, =?UTF-8?q?Miloslav=2 ..., (Fri Aug 20, 1:45 am)

[PATCH 04/19] Add libtomcrypt headers, =?UTF-8?q?Miloslav=2 ..., (Fri Aug 20, 1:45 am)

[PATCH 05/19] Add internal /dev/crypto implementation headers, =?UTF-8?q?Miloslav=2 ..., (Fri Aug 20, 1:45 am)

[PATCH 06/19] Add ioctl() argument and attribute handling ..., =?UTF-8?q?Miloslav=2 ..., (Fri Aug 20, 1:45 am)

[PATCH 07/19] Add crypto API utilities., =?UTF-8?q?Miloslav=2 ..., (Fri Aug 20, 1:45 am)

[PATCH 08/19] Add per-process and per-user limits, =?UTF-8?q?Miloslav=2 ..., (Fri Aug 20, 1:45 am)

[PATCH 09/19] Add libtommath implementation, =?UTF-8?q?Miloslav=2 ..., (Fri Aug 20, 1:45 am)

[PATCH 10/19] Add libtomcrypt implementation, =?UTF-8?q?Miloslav=2 ..., (Fri Aug 20, 1:45 am)

[PATCH 10/19] Add libtommath implementation, =?UTF-8?q?Miloslav=2 ..., (Fri Aug 20, 1:45 am)

[PATCH 11/19] Add algorithm properties table., =?UTF-8?q?Miloslav=2 ..., (Fri Aug 20, 1:45 am)

[PATCH 12/19] Add DH implementation and pubkey abstraction ..., =?UTF-8?q?Miloslav=2 ..., (Fri Aug 20, 1:45 am)

[PATCH 13/19] Add /dev/crypto auditing infrastructure, =?UTF-8?q?Miloslav=2 ..., (Fri Aug 20, 1:45 am)

[PATCH 14/19] Add most operations on key objects., =?UTF-8?q?Miloslav=2 ..., (Fri Aug 20, 1:45 am)

[PATCH 15/19] Add key wrapping operations, =?UTF-8?q?Miloslav=2 ..., (Fri Aug 20, 1:45 am)

[PATCH 16/19] Add helpers for zero-copy userspace access, =?UTF-8?q?Miloslav=2 ..., (Fri Aug 20, 1:46 am)

[PATCH 17/19] Add session operations, =?UTF-8?q?Miloslav=2 ..., (Fri Aug 20, 1:46 am)

[PATCH 18/19] Add ioctl handlers, =?UTF-8?q?Miloslav=2 ..., (Fri Aug 20, 1:46 am)

[PATCH 19/19] Finally, add the /dev/crypto device., =?UTF-8?q?Miloslav=2 ..., (Fri Aug 20, 1:46 am)

Re: [PATCH 01/19] User-space API definition, Stefan Richter, (Fri Aug 20, 5:48 am)

Re: [PATCH 06/19] Add ioctl() argument and attribute handl ..., Stefan Richter, (Fri Aug 20, 5:59 am)

Re: [PATCH 00/19] RFC, v2: "New" /dev/crypto user-space in ..., Ted Ts'o, (Fri Aug 20, 6:56 am)

Re: [PATCH 00/19] RFC, v2: "New" /dev/crypto user-space in ..., Nikos Mavrogiannopoulos, (Fri Aug 20, 10:03 am)

Re: [PATCH 01/19] User-space API definition, Randy Dunlap, (Fri Aug 20, 10:12 am)

Re: [PATCH 00/19] RFC, v2: "New" /dev/crypto user-space in ..., Ted Ts'o, (Fri Aug 20, 4:48 pm)

Re: [PATCH 01/19] User-space API definition, Nikos Mavrogiannopoulos, (Sat Aug 21, 12:35 am)

Re: [PATCH 01/19] User-space API definition, Kyle Moffett, (Sat Aug 21, 6:09 am)

Re: [PATCH 01/19] User-space API definition, Nikos Mavrogiannopoulos, (Sat Aug 21, 7:54 am)

Re: [PATCH 00/19] RFC, v2: "New" /dev/crypto user-space in ..., Arnd Bergmann, (Sat Aug 21, 10:08 am)

Re: [PATCH 00/19] RFC, v2: "New" /dev/crypto user-space in ..., Nikos Mavrogiannopoulos, (Sun Aug 22, 12:52 am)

Re: [PATCH 01/19] User-space API definition, David Howells, (Sun Aug 22, 3:22 am)

Re: [PATCH 00/19] RFC, v2: "New" /dev/crypto user-space in ..., Tomas Mraz, (Sun Aug 22, 11:39 pm)

Re: [PATCH 00/19] RFC, v2: "New" /dev/crypto user-space in ..., Arnd Bergmann, (Mon Aug 23, 1:09 am)

Re: [PATCH 00/19] RFC, v2: "New" /dev/crypto user-space in ..., Nikos Mavrogiannopoulos, (Mon Aug 23, 2:34 am)

Re: [PATCH 00/19] RFC, v2: "New" /dev/crypto user-space in ..., Pavel Machek, (Tue Aug 24, 11:20 pm)

Re: [PATCH 00/19] RFC, v2: "New" /dev/crypto user-space in ..., Tomas Mraz, (Tue Aug 24, 11:44 pm)

Re: [PATCH 01/19] User-space API definition, Herbert Xu, (Fri Sep 3, 2:18 am)

Re: [PATCH 01/19] User-space API definition, Nikos Mavrogiannopoulos, (Fri Sep 3, 2:34 am)

Re: [PATCH 01/19] User-space API definition, Nikos Mavrogiannopoulos, (Fri Sep 3, 8:20 am)


linux-kernel:
Fortier,Vincent [Montreal]	2.6.21.5 june 30th to july 1st date hang?
Jeff Dike	[ PATCH 2/6 ] UML - Formatting fixes around os_{read_write}_file callers
Liam Girdwood	[PATCH 07/13] regulator: regulator test harness
Oleg Nesterov	Re: Getting the new RxRPC patches upstream
Stefan Seyfried	Re: 2.6.19-rc5: grub is much slower resuming from suspend-to-disk than in 2.6.18
linux-netdev:
Arnaud Ebalard	Re: [REGRESSION,BISECTED] MIPv6 support broken by f4f914b58019f0
Jan Engelhardt	Re: [PATCH iptables] extension: add xt_cpu match
Jarek Poplawski	Re: [PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
Sebastian Andrzej Siewior	[PATCH 8/8] net/emergency: remove locking from reycling pool if emergncy pools are...
David Miller	Re: [PATCH] qlcnic: dont assume NET_IP_ALIGN is 2
git:
Jakub Narebski	Re: git on MacOSX and files with decomposed utf-8 file names
Brandon Casey	Re: Thunderbird and patches (was Re: [PATCH v2] Enable setting attach as the def...
Christian Couder	[PATCH 1/3] rev-parse: add test script for "--verify"
Ramkumar Ramachandra	Re: [GSoC update] git-remote-svn: The final one
Junio C Hamano	Re: git-rm isn't the inverse action of git-add
openbsd-misc:
Joachim Schipper	Re: UVC Webcams
Florin Andrei	SOLVED [was: firewall is very slow, something's wrong]
Todd Alan Smith	Re: Microsoft gets the Most Secure Operating Systems award
Neal Hogan	Re: Need Advice: Thinkpad T60 or T61?
Sam Fourman Jr.	Re: Real men don't attack straw men
git-commits-head:
Linux Kernel Mailing List	ACPI: Disable ARB_DISABLE on platforms where it is not needed
Linux Kernel Mailing List	m68knommu: add read_barrier_depends() and irqs_disabled_flags()
Linux Kernel Mailing List	[MTD] Add mtd panic_write function pointer
Linux Kernel Mailing List	[ARM] pxa: remove duplicate select statements from Kconfig
Linux Kernel Mailing List	mlx4_core: Don't read reserved fields in mlx4_QUERY_ADAPTER()