On Thu, Apr 30, 2009 at 2:29 PM, Matthew Dempsky <matt...@dempsky.org> wrote: > I've been thinking of playing with improving the speed of OpenBSD's > cryptography primitives. My tentative plans:
> My long term goal/hope is to speed up IPsec, but in the interim I only > have one machine to work with, so for now I'll probably just measure > the time it takes to handle requests from user-space. > > If anyone has feedback/suggestions on the above plans, I'm happy to hear them. All your plans address making the crypto code faster, but I'm not sure that's actually the slow point. I think the crypto framework still does too many context switches for small operations. IIRC It also doesn't do much load balancing when you have multiple accelerators in the system. For instance, you have a hifn and a via cpu. Which does [should] crypto use?
