On 15.06.2018 17:10, Farhan Ali wrote: > > > On 06/15/2018 09:17 AM, Viktor VM Mihajlovski wrote: [...] >> >> With the current virtio-crypto backend functionality offered (CBC AES >> only) it may seem a bit over-engineered to offer a configuration option >> to remove the only supported algorithm... >> >> What I could imagine to be useful though, would be to allow the backend >> to advertise its capabilities to the guest virtio-crypto device, so that >> the guest driver can register the algorithms supported dynamically. >> Currently, the algorithms are hard-coded on both sides which makes it a >> bit hard to extend the backends to support new algorithms (or write new >> backends if so desired). > > I posted some kernel patches > (https://www.spinics.net/lists/kvm/msg170332.html), that takes care of > registering algorithms based on what the backend advertises. > Sorry, I missed that. Sounds as if the principal mechanism to configure guest virtio-crypto based on the host capabilities would be established with the patches. > >> >> Whether the backend itself was configurable would be of less importance >> then (but still could make sense). >> > >
-- Regards, Viktor Mihajlovski
