>-----Original Message----- >From: owner-openssl-...@openssl.org [mailto:owner-openssl- >d...@openssl.org] On Behalf Of Andy Polyakov >Sent: Tuesday, August 03, 2010 1:47 PM >To: openssl-dev@openssl.org >Subject: Re: [openssl-dev] Engine support for enabling Intel >Atom Security (SEP) processor > >>> Which things describe what "SEP" is ? >>> >> There isn't a lot of online information at this time. >> The product name is: Intel Smart & Secure Technology (Intel >S&ST). >> A very brief high level description is in this Intel Atom >Processor >> fact sheet: >> >> >http://download.intel.com/pressroom/kits/atom/z6xx/pdf/Fact_S >heet_Intel_Atom_Processor_Platform.pdf >> >> The S&ST component is part of the Intel Platform Controller >Hub (PCH) MP20. > >It doesn't sound like it will available for direct access >from user-land >for example through instruction set extension, i.e. access >would have to >be assisted by kernel driver.
Yes, access to the S&ST engine would be through the driver. >Given that primary goal would >be Linux >(a.k.a. Android, MeeGo), it would be time to wish there was >equivalent >to BSD's /dev/crypto. At least it would be hardly appropriate >to develop >kernel module targeting some specific user-land library such >as OpenSSL. >But anyway. What I would like to point out in the context is >impact >kernel call overhead has on performance, naturally on small >blocks. Or >rather that as far as kernel-assisted crypto access goes my >vote would >go for "synthetic" implementation, which would turn to kernel >only when >it actually pays off to do so and rely on user-land software >implementation otherwise. A. Just to make sure I understand what you are saying. Would this implementation do something like applying some rules to the requested operation, based on the parameters passed, and then decide whether to use the S&ST HW, or the OpenSSL SW function? For the performance reasons you listed, I have been thinking about doing something along those lines. Is there an good reference example for this type of implementation? Thank you, Don J. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
