There's no locking in the hardware, all the xcrypt commands are ring3 accessible. Shouldn't be an issue to use either.
> Michael Reifenberger wrote: > > On Wed, 19 Jul 2006, Oliver Fromme wrote: > > ... > > > You will also need "cryptodev" in addition to "crypto". > > > "crypto" manages only in-kernel access to the cryptographic > > > facilities (including hardware acceleration through the > > > padlock driver), which is used by FAST_IPSEC, for example. > > > "cryptodev" will enable access by userland applications > > > (e.g. scp) and libraries (OpenSSL) through /dev/crypto. > > > > With OpenSSL you have two choices: > > engine cryptodev : uses /dev/crypto > > engine padlock : uses the xcrypt commands directly > > > > engine padlock should be the fastest of course. > > Is there any kind of locking (in hardware or software)? > I mean, what happens if both padlock(4) and OpenSSL try > to access the ACE engine directly? > > (If the answer is "don't do that", then it's probably > better to use cryptodev with OpenSSL, even if it's a > little less efficient.) > > Best regards > Oliver > > -- > Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing > Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd > Any opinions expressed in this message may be personal to the author > and may not necessarily reflect the opinions of secnetix in any way. > > "One of the main causes of the fall of the Roman Empire was that, > lacking zero, they had no way to indicate successful termination > of their C programs." > -- Robert Firth > _______________________________________________ > freebsd-hackers@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-hackers > To unsubscribe, send any mail to "[EMAIL PROTECTED]" > _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
