upvote

points

by still_grokking12 hours ago |
comments
upvoteby p_l6 hours ago|
next
[-]
AF_ALG if I remember correctly predates userspace-accessible crypto acceleration and was way more important back when it meant you had actual need for "SSL accelerator" cards in servers, among other things
reply
upvoteby ryukoposting2 hours ago|
prev|
next
[-]
Hi, embedded firmware engineer here. I give it a B-

There's a weird area between the workloads that fit on a microcontroller, and the stuff that demands a full-blown CPU. Think softcore processors on FPGAs, super tiny MIPS and RISC-V cores on an ASIC, etc. Typically you run something like Yocto on a core like that. Maybe MontaVista or QNX if you've got the right nerd running the show.

So you have serious compute needs, and security concerns that justify virtual memory. But you don't have infinite space to work with, so hardware acceleration is important. Having a standard API built into the kernel seems like a decent idea I guess.

And yet, I've never heard of AF_ALG. I've never seen it used. The thing is, if you have some bizzaro softcore, there's a good chance you also have a bizzaro crypto engine with no upstream kernel driver. If you're going to the trouble of rolling your own kernel with drivers for special crypto engines, why would you bother hooking it into this thing? Roll your own API that fits your needs and doesn't have a gigantic attack surface.

reply
upvoteby buckle801711 hours ago|
prev|
[-]
You should take note that this is written by the person that wrote the bad patch.

So grain of salt.

reply
upvoteby still_grokking11 hours ago|
parent|
next
[-]
I've said I'm not sure about the validity of that reasoning.

I've liked it nevertheless for context, as augmentation to parent's post.

reply
upvoteby asveikau9 hours ago|
parent|
prev|
next
[-]
I feel like it should be possible to fulfill these advantages with a minimal, not very complex API. I.e. the grandparent's comment about IPsec implementation details doesn't make the cut, but a hardware accelerated cipher implementation does.
reply
upvoteby mihaaly4 hours ago|
parent|
prev|
[-]
But is it true or not? Whoever wrote it. (for objective truth the subjects are unimportant)
reply
upvoteby buckle801757 minutes ago|
parent|
next
[-]
It might have been true in 2002 but it hasn't been true since at least about 2010.

You've almost certainly never had a system that supported any hardware accelerated crypto that also required a kernel module.

It's much easier to expose as cpu extensions.

reply
upvoteby skywhopper3 hours ago|
parent|
prev|
[-]
When you can’t know the objective truth or when there isn’t one (as is the case in making decisions about security tradeoffs in software design), knowing the source of the argument is vital to interpreting its validity.
reply
upvoteby bawolff32 minutes ago|
parent|
[-]
I disagree 100%. Software security tradeoffs are definitely the sort of thing where you can evaluate arguments on their merits.
reply