Next: 6.8 creation of MAST
Up: 6 Milestone definitions
Previous: 6.6 algorithm database work
Work on redoing the receive functions using the algorithm database will
begin in September and will be completed and tested for a release in
November. This will have no externally visible changes to customers, the
major goal of this stage is readability.
This work will consist of the following steps:
- rename ``tdb'' structure to ``ipsec_sa'', add reference count.
- create lifetime structure, moving all lifetime checks to common code.
- create an ident structure to be friendlier to PF_KEY.
- create transform data structure and ops structure containing a pointer
to function for each each existing case statement of all ``switch'' clauses.
- create per-packet state structure (``job'') using the skb->options area and appropriate macros.
- split up into pre-crypto, crypto and post-crypto stages, calling each
one directly. (i.e. not through queues or callbacks yet)
- use of low-level generic algorithm functions (e.g. 3DES, SHA1, MD5) to
perform crypto.
- a later effort will transform the receive function into the software
path of the target architecture.
Next: 6.8 creation of MAST
Up: 6 Milestone definitions
Previous: 6.6 algorithm database work
Michael Richardson
2001-09-16