On Tue, Jun 30, 2009 at 12:56:38PM +1000, David McCullough wrote: > > Change the speed test to only test sizes up to 4096. Most cryptodev > HW drivers fail with 8192 sized requests. 4K seems like a reasonable > limit to test up to.
No. This is a bug in whatever "cryptodev HW drivers" you are referring to. If a driver can't handle a request which can be generated by the SSL layer (or which is legal to be directly invoked by the OpenSSL API) it needs to split that request accordingly, not blindly fail it. This is true of OpenSSL engines in general. Since you say "cryptodev" perhaps you think this is a generic limitation of /dev/crypto. But it's not. I _might_ not be averse to changing the single engine for /dev/crypto to split requests to 4K, but it would take some persuasion since that is not a documented limitation of the API and many backend drivers DTRT. If you change the speed test this way, it won't even give any indication that some hardware drivers don't work right. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
