Add a new security/isal-kmod port.
ClosedPublic
Actions

Authored by jhb on Jun 29 2020, 10:57 PM.

Details

Reviewers

kevans
mat

Commits

rP544254: Add a new security/isal-kmod port.

Summary

This port builds a kernel crypto device driver which uses routines from
Intel's ISA-L crypto library to perform AES-GCM encryption and decryption.

Test Plan

make check-plist for the port
have tested the driver with KTLS + ktls_ocf.ko and with cryptocheck

Diff Detail

Repository

rP FreeBSD ports repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

jhb created this revision.Jun 29 2020, 10:57 PM

Herald added a subscriber: mat. · View Herald TranscriptJun 29 2020, 10:57 PM

jhb requested review of this revision.Jun 29 2020, 10:57 PM

Harbormaster completed remote builds in B32051: Diff 73894.Jun 29 2020, 10:57 PM

This might get some more testing of the driver before it should be committed, but this isn't a bad place to coordinate testing if others are interested in testing I suppose. On my wimpy little 4-core Haswell box KTLS with aesni was able to push about 35 Gbps in a simple https benchmark vs 41-42 Gbps with this module (and 42-43 Gbps with the KTLS-specific ktls-isa_l-crypto-kmod port).

jhb added a reviewer: kevans.Jun 29 2020, 11:00 PM

kevans added inline comments.Jun 29 2020, 11:22 PM

security/isal-kmod/Makefile
14 ↗	(On Diff #73894)	I think you want to tack on IGNORE_FreeBSD_11= ... and presumably IGNORE_FreeBSD_12= .... It's unfortunate that we don't have an ONLY_FOR_FreeBSD_13= since this probably won't build against, e.g., Dragonfly.

cem added inline comments.Jun 30 2020, 1:54 AM

security/isal-kmod/Makefile
11 ↗	(On Diff #73894)	If it's BSD3CLAUSE, why not base?

lwhsu added a subscriber: lwhsu.Jun 30 2020, 6:42 AM

lwhsu added inline comments.

security/isal-kmod/pkg-descr
7 ↗	(On Diff #73894)	Do you want to mention that the source of this port is from https://github.com/bsdjhb/ocf_isa_l and 01org is the upstream?

jhb added inline comments.Jun 30 2020, 4:48 PM

security/isal-kmod/Makefile
11 ↗	(On Diff #73894)	It requires yasm or nasm to compile the assembly files which we don't have in base.

jhb marked 2 inline comments as done.Jul 16 2020, 5:47 PM

jhb added inline comments.

security/isal-kmod/Makefile
14 ↗	(On Diff #73894)	It would need to be some kind of ONLY_FOR_FreeBSD_13+ to mean 13 and beyond. I think it's simpler to add the IGNORE for 11 and 12. OTOH, an ONLY_FOR_FreeBSD would perhaps be helpful.
security/isal-kmod/pkg-descr
7 ↗	(On Diff #73894)	I added my repo as a WWW, not sure if I need words as well?

Address some review feedback.
Bump to a newer hash with cosmetic cleanups, NFC.

Harbormaster completed remote builds in B32364: Diff 74533.Jul 16 2020, 5:48 PM

mat requested changes to this revision.Jul 21 2020, 12:29 PM

mat added inline comments.

security/isal-kmod/Makefile
30 ↗	(On Diff #74533)	No need for that. And change the include at the end to `bsd.port.mk`.
security/isal-kmod/pkg-descr
7–8 ↗	(On Diff #74533)	Only one `WWW` line supported.

This revision now requires changes to proceed.Jul 21 2020, 12:29 PM

gbe added a subscriber: gbe.Jul 21 2020, 1:23 PM

Address feedback from mat@.

Harbormaster completed remote builds in B32496: Diff 74816.Jul 22 2020, 8:51 PM

Ping @mat

Is there a reason to not import this into base? The isa-l library is BSD-licensed and has a very small footprint.

In D25514#574176, @gbe wrote:

Is there a reason to not import this into base? The isa-l library is BSD-licensed and has a very small footprint.

The problem is that the isa-l library requires yasm to compile

In D25514#574326, @gallatin wrote:

In D25514#574176, @gbe wrote:

Is there a reason to not import this into base? The isa-l library is BSD-licensed and has a very small footprint.

The problem is that the isa-l library requires yasm to compile