--- /dev/null
+if PACKAGE_libopenssl-afalg_sync
+ comment "Build Options"
+
+ config AFALG_DIGESTS
+ bool "Build support for digest acceleration"
+ help
+ Digests are fast in software, and accessing AF_ALG adds latency, so
+ you'll need a large request (16KB) just to match software speed.
+ This increases memory usage, and has problems when process fork
+ with open digest contexts (openssh will not work because of it).
+
+ config AFALG_FALLBACK
+ bool "Enable software fallback feature"
+ default y
+ help
+ Use software to fulfill small requests. Using AF_ALG adds latency,
+ which makes it slow to perform small requests. Enabling this
+ option overcomes this problem, at the cost of increased memory
+ and CPU usage. This is a new, experimental feature; if you
+ encounter any problem, this is the first option to disable.
+ The fallback will fail if you enable this engine alongside
+ devcrypto, so you'll not be able to install both at the same
+ time if this option is enabled.
+
+ config AFALG_UPDATE_CTR_IV
+ bool "Don't rely on kernel to update CTR IV"
+ default y
+ help
+ Don't count on the kernel driver to update the CTR-mode counter
+ (IV). At least one driver does not update the IV as a workaround
+ for DMA issues. With this option turned on, the engine will keep
+ track of the counter, and the IV will be sent with every update.
+ If fallback is enabled, then the counter needs to be updated by
+ the engine anyway, and sent with the request everytime there's a
+ switch from software to hardware, so this won't bring much gain in
+ that case.
+
+ config AFALG_ZERO_COPY
+ bool "Use Zero-Copy Mode"
+ help
+ Uses a Zero-Copy interface. Even though it is supposed to improve
+ performance, actual measurements indicate otherwise.
+endif
include $(TOPDIR)/rules.mk
PKG_NAME:=afalg_engine
-PKG_VERSION:=1.1.0
+PKG_VERSION:=1.2.0-beta.1
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://github.com/cotequeiroz/afalg_engine/archive/v$(PKG_VERSION)
-PKG_HASH:=0c0304558e9450752656522a8f9036130f4e745c4818f02f92cb8d6c99357ed6
+PKG_HASH:=6f0da98a3c12eaf50331ac7cd81f7b8800abf54b96fd73bd3e37cc50fd3d2ba8
PKG_MAINTAINER:=Eneas U de Queiroz <cotequeiroz@gmail.com>
PKG_LICENSE:=Apache-2.0
PKG_LICENSE_FILES:=LICENSE
-PKG_CONFIG_DEPENDS:= CONFIG_AFALG_ZERO_COPY
+PKG_CONFIG_DEPENDS:= \
+ CONFIG_AFALG_DIGESTS \
+ CONFIG_AFALG_FALLBACK \
+ CONFIG_AFALG_UPDATE_CTR_IV \
+ CONFIG_AFALG_ZERO_COPY
include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/cmake.mk
URL:=https://github.com/cotequeiroz/afalg_engine
DEPENDS:=libopenssl @OPENSSL_ENGINE @!OPENSSL_ENGINE_BUILTIN_AFALG \
+libopenssl-conf +kmod-crypto-user
- CONFLICTS:=libopenssl-afalg
+ CONFLICTS:=libopenssl-afalg $(if $(CONFIG_AFALG_FALLBACK),libopenssl-devcrypto)
+ MENU:=1
endef
define Package/libopenssl-afalg_sync/description
engine, but using the AF_ALG interface instead of /dev/crypto
It is different than the AF_ALG engine that ships with OpenSSL:
+ - it is faster
- it uses sync calls, instead of async
- it suports more algorithms
endef
define Package/libopenssl-afalg_sync/config
- config AFALG_ZERO_COPY
- depends on PACKAGE_libopenssl-afalg_sync
- bool "Use Zero-Copy Mode"
- help
- Uses a Zero-Copy interface. Even though it is supposed to improve
- performance, actual measurements indicate otherwise.
+ source "$(SOURCE)/Config.in"
endef
CMAKE_OPTIONS += \
-DOPENSSL_ENGINES_DIR=/usr/lib/$(ENGINES_DIR) \
+ -DDIGESTS=$(if $(CONFIG_AFALG_DIGESTS),ON,OFF) \
+ -DFALLBACK=$(if $(CONFIG_AFALG_FALLBACK),ON,OFF) \
+ -DUPDATE_CTR_IV=$(if $(CONFIG_AFALG_UPDATE_CTR_IV),ON,OFF) \
-DUSE_ZERO_COPY=$(if $(CONFIG_AFALG_ZERO_COPY),ON,OFF)
define Package/libopenssl-afalg_sync/install
projects / feed / packages.git / commitdiff