[OE-core] [PATCH] openssl: disable cryptodev by default
Mark Hatle
mark.hatle at windriver.com
Wed Mar 8 17:44:33 UTC 2017
On 3/8/17 11:35 AM, Richard Purdie wrote:
> On Wed, 2017-03-08 at 11:28 -0600, Mark Hatle wrote:
>> On 3/8/17 10:57 AM, Ross Burton wrote:
>>>
>>> Cryptodev is a way for userspace to access the kernel crypto
>>> drivers (and so,
>>> hardware crypto).
>> If the BSP does not support crypto dev, what is the harm in this? It
>> should fall back to standard behaviors.
>
> Note that the implication here is that openssl depends on the kernel
> building and many other pieces of the system depend on openssl so it
> does bottleneck the build somewhat.
I thought the crypto dev interface had been standardized and no longer required
a specific kernel-specific instance. If this is not true, then it's effectively
machine specific already.
> It also means a kernel rebuild ends up triggering half the userspace to
> rebuild which is annoying for users.
>
>
>>> Not all hardware supports cryptodev so this is something that
>>> should be enabled
>>> in a BSP layer instead of in oe-core.
>> This would make the package be machine specific, which I'm not sure
>> is good for
>> a package like openssl. (Distro specific, I'm fine with -- machine
>> I've got
>> concerns.)
>
> How commonly are kernel crypto drivers used?
We are seeing it used a lot, especially on IA platforms. (I have seen some
usage on an arm platform, but don't remember which.)
--Mark
> Cheers,
>
> Richard
>
More information about the Openembedded-core
mailing list