|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: /dev/crypto
From: Michal Ludvig (michal-bsd
logix.cz)
Date: Fri Aug 06 2004 - 10:17:54 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, 3 Aug 2004, Theo de Raadt wrote:
> > could anyone please explain (or give some links) why the "unusual"
> > semantics of /dev/crypto usage was chosen?
> >
> > I don't really understand why it is necessary to first open the device and
> > obtain a file descriptor and then issue an ioctl(CRIOGET) to get another
> > one for the actual crypto operations.
>
> Lack of cloning device nodes.
What does it mean?
> > Why is this approach better that
> > opening the device everytime it is needed?
>
> Oh, that would be very silly and not work. Most crypto hardware
> devices maintain state.
Indeed not *everytime*, you misunderstood me ;-)
I ment - what is the difference when an application is doing:
fd=open(/dev/crypto)
ioctl(fd,CRIOGET,&fd_new1);
ioctl(fd,CRIOGET,&fd_new2);
ioctl(fd_new1,CIOCGSESSION);
ioctl(fd_new2,CIOCGSESSION);
ioctl(fd_new1,CIOCRYPT);
ioctl(fd_new2,CIOCRYPT);
...
instead of:
fd_new1 = open(/dev/crypto);
fd_new2 = open(/dev/crypto);
ioctl(fd_new1,CIOCGSESSION);
ioctl(fd_new2,CIOCGSESSION);
ioctl(fd_new1,CIOCRYPT);
ioctl(fd_new2,CIOCRYPT);
...
Wouldn't opening the device twice give two independent descriptors?
BTW I'm not pushing you to any change, I just want to understand why it is
as it is ;-)
Thanks!
Michal Ludvig
--
* A mouse is a device used to point at the xterm you want to type in.
* Personal homepage - http://www.logix.cz/michal
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]