dashboard System Information - inconsistent crypto information
built on Wed Aug 23 15:31:27 CDT 2017
The pfSense Crypto HW information is inconsistent.
The "CPU Type" field now includes output detecting AES-NI CPU Crypto hardware
Example: AES-NI CPU Crypto: Yes (active)
NB AES-NI is only applicable to x86/amd64 architectures. Future support for other variants such as QAT or ARM AES?
Next, the "Hardware crypto" field actually shows kernel crypto support.
Suggestion: move CPU Crypto information to Hardware Crypto field.
Kernel support: AES-CBC,AES-XTS,AES-GCM,AES-ICM
#1 Updated by Jim Pingle about 3 years ago
- Status changed from New to Rejected
That is by design. The information in the CPU section is specific to the CPU, and shows up even when support for the hardware is not loaded. It shows AES-NI for amd64, and on other platforms it shows what the CPU could be capable of using. For example, on SG-1000 it shows "am335x built-in CPU Crypto (inactive)" (because it has no drivers yet)
The other section is for any active detected crypto hardware, not only what can be found in the CPU, and often shows which ciphers are accelerated as well depending on the detection string for the hardware device.