linux kernel implementation?
linas at austin.ibm.com
Wed Dec 13 18:02:59 CET 2006
On Tue, Dec 12, 2006 at 11:11:40PM -0800, Nicholas Murphy wrote:
> Has anyone ever tried to port GMP for use within the Linux kernel?
> If not, any idea what would be involved? Would it just be a matter
> of stripping out printf's and replacing malloc with kmalloc, etc.?
Well, although there's some basic crypto in the kernel, I doubt
the kernel hackers would allow gmp code into the kernel. Most
want less, not more, code in the kernel. Thus, the canonical
rejoinder is to do it in user space, and communicate with kernel
with a netlink.
I presme the point of putting it in the kernel is to gain additional
security. For that, I suggest that the gmp-using server run in its
own security domain (if using selinux), or, what surely is easier, run
it in its own virtual domain (using vserver). If its acceptable to
run only on the latest hardware, then look at using the hypervisor
features to isolate your server from the bad guys.
More information about the gmp-discuss