On Tue, Sep 13, 2016 at 12:58:59PM +0200, Paolo Bonzini wrote: > > > On 13/09/2016 11:54, Daniel P. Berrange wrote: > > > OK, I agree with you :) But if we support multiple backends, can > > > we keep cryptodev-linux module as one option? > > > > I'm personally against any support for out of tree kernel modules > > in QEMU, regardless of whether QEMU also implements alternative > > backends, unless there is a strong sign that the module in question > > is on the verge of being accepted into mainline Linux. That does > > not seem to be the case there - mainline settled on AF_ALG as the > > only supported approach AFAICT. > > Is there any reason to embed knowledge of AF_ALG directly in QEMU, > rather than delegating that to gcrypt/nettle?
Actually looking at the code again, neither of those libraries will ever delegate to the kernel. So if we did want AF_ALG, we would have to provide a backend in QEMU to use that. Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
