[tahoe-dev] Running Tahoe on ARM plugs
Jack Lloyd
lloyd at randombit.net
Sun Feb 20 11:23:34 PST 2011
On Sun, Feb 20, 2011 at 07:44:20AM -0500, Greg Troxel wrote:
> I don't quite follow how a device only being accessible from
> the kernel (which is true for substantially all devices except
> perhaps via libusb)
In some cases (eg the Intel and VIA AES extensions) the crypto
operations are accessible from userspace. And ARM has a
preexisting ISA convention for userspace access to
implementation-specific coprocessors, so it's really quite
surprising that it seems like instead you have to access the
crypto hardware via talking to DMA-mapped registers set at fixed
offsets in physical memory.
> This problem has been pretty much solved in *BSD, via the opencrypto
> framework. Each accelerator has a driver, there's a kernel-mode API,
> user-space access to the operations, and integration with OpenSSL.
The coprocessor drivers are in many cases included in mainline
kernels, and there is an in-kernel API for using them, however
the /dev/crypto implementations are not in mainline. So they can
be used for kernel operations (disk encryption, IPsec) but are
not usable from userspace (unless you patch a /dev/crypto
implementation into your kernel).
-Jack
More information about the tahoe-dev
mailing list