LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Weekly Edition

Return to the Kernel page

Recent Features

LWN.net Weekly Edition for May 24, 2012

A uTouch architecture introduction

LWN.net Weekly Edition for May 17, 2012

Tasting the Ice Cream Sandwich

Highlights from the PostgreSQL 9.2 beta

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Supporting hardware crypto in the kernel

[Posted December 18, 2002 by corbet]

Now that the kernel has its own cryptographic API, James Morris is thinking about how to support cryptographic hardware. A number of cards which perform cryptographic functions exist, and it would be nice to be able to make full use of these cards with a Linux system. Quite a few issues need to be considered on the way there, however, including:

  • How should multiple cards be supported? This gets tricky, especially for session-oriented crypto operations.

  • How should card failures (and resource exhaustion) be handled? The current crypto API isn't designed around this sort of failure.

  • Some network cards can do their own IPsec processing; taking advantage of that capability may require a higher-level interface.

  • User space may want to be able to use cryptographic devices as well, meaning that some sort of interface needs to be designed.

  • Many devices lack useful programming documentation, which will make creating a Linux driver harder (or impossible).

And so on. Now is the time to get these decisions right; anybody who is interested in the interface to cryptographic hardware should probably have a look at James's posting and join the discussion.

(Log in to post comments)

Copyright © 2002, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds