Removing crypto(9) "opencrypto" and /dev/crypto
Aaron LI
aly at aaronly.me
Sun Aug 10 07:07:37 PDT 2025
> On Aug 10, 2025, at 21:38, Michael Neumann <mneumann at ntecs.de> wrote:
>
> On Sun, Aug 10, 2025 at 09:59:44AM +0800, Aaron LI wrote:
>>> On 8/8/25 6:20 PM, Michael Neumann wrote:
>>> Hi,
>>
>> Hi Michael,
>>
>> Great job!
>
> Hi Aaron,
>
>
>>> I'd like to commit the following two patches, removing a lot of "bloat":
>>>
>>> https://leaf.dragonflybsd.org/~mneumann/0001-crypto-remove-dev-crypto-pseudo-device.patch
>>
>> Some suggestions:
>>
>> 1. UPDATING:
>> As we're removing 'device cryptodev' from the default kernel config, I
>> suggest we first make 'cryptdev' a no-op and then remove it in a later
>> release. The UPDATING file said similar notes for the FFS_ROOT option.
>
> Thanks for the notice! I am trying to accomplish that with a line
> in sys/conf/files like:
>
> NOOP optional cryptodev no-obj \
> warning "device cryptodev removed"
>
> And the same for the other removed devices like "aesni", "safe", etc.
>
> I just did a "make buildworld" with a "device cryptodev" in the
> kernel config and with this line it succeeds.
Cool!
>>> https://leaf.dragonflybsd.org/~mneumann/0002-opencrypto-remove-in-kernel-crypto-9-framework.patch
>>
>> Some suggestions:
>>
>> 1. Makefile_upgrade.inc
>> Remove /usr/include/crypto directory,
>> also remove /boot/kernel/aesni.ko
>>
>> 2. Again bump __DragonFly_version, as we're removing
>> "/usr/include/crypto" and changing kernel API, also the removal of
>> aesni(4) device.
>
> Bump it twice?
>
> I removed other unused crypto devices ("safe", padlock, hifn, ubsec) in the past without bumping __DragonFly_version. Shall I cover that in a single version
> bump, and another one for removing cryptodev, (which includes
> /usr/include/crypto).
It’s no harm to bump the version twice. On the other hand, we could also commit the removals and finally bump the version in a separate commit.
Regards,
Aaron
More information about the Kernel
mailing list