Ok, So far I was able to do:
opkg install usbutils kmod-usb-storage block-mount
To be able to use USB block mass storage.
When dmesg
:
scsi host1: sata_mv
ata1: SATA max UDMA/133 irq 32
ata1: SATA link down (SStatus 0 SControl F300)
scsi 0:0:0:0: Direct-Access WDC WD60 PURX-64T0ZY1 PQ: 0 ANSI: 5
sd 0:0:0:0: [sda] Very big device. Trying to use READ CAPACITY(16).
sd 0:0:0:0: [sda] 11721045168 512-byte logical blocks: (6.00 TB/5.45 TiB)
sd 0:0:0:0: [sda] Write Protect is off
sd 0:0:0:0: [sda] Mode Sense: 28 00 00 00
sd 0:0:0:0: [sda] No Caching mode page found
sd 0:0:0:0: [sda] Assuming drive cache: write through
sd 0:0:0:0: [sda] Very big device. Trying to use READ CAPACITY(16).
sda: unknown partition table
sd 0:0:0:0: [sda] Very big device. Trying to use READ CAPACITY(16).
sd 0:0:0:0: [sda] Attached SCSI disk
Bus 001 Device 002: ID 152d:2337 JMicron Technology Corp. / JMicron USA Technology Corp. ATA/ATAPI Brid
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
To be able to use block encryption:
opkg install cryptsetup # installs: kmod-crypto-aead, kmod-crypto-pcompress, kmod-crypto-manager, kmod-dm, libdevmapper, libreadline, lvm2, libgpg-error, libgcrypt, libpopt
opkg install kmod-crypto-aes kmod-crypto-xts
opkg install kmod-crypto-user kmod-crypto-iv kmod-crypto-misc # installs kmod-crypto-rng kmod-crypto-wq
To do some speed tests as is:
cryptsetup benchmark
To test Cryptographic Hardware Acceleration:
# OCF - Open Cryptographic Framework, Crypto API
# CESA - Cryptographic Engine and Security Acceleration
opkg install kmod-crypto-mv-cesa # 3.18.23-1 - Marvell crypto engine
opkg install kmod-cryptodev # - 3.18.21+1.7-kirkwood-2 - This is a driver for that allows to use the Linux kernel supported hardware ciphers by user-space applications.
opkg install kmod-crypto-core # Already installed ?
Check for hw:
cat /proc/crypto
# lines says: "module : mv_cesa"
ps | grep mv_crypto
# line say: "[mv_crypto]"
To do some speed tests:
cryptsetup benchmark
To test using openssl "speed" benchmark feature:
opkg install openssl-util
openssl version
#OpenSSL 1.0.2g 1 Mar 2016
openssl engine
#(dynamic) Dynamic engine loading support
Do some tests (not done yet):
openssl speed -evp aes-128-cbc
openssl speed -evp bf-cbc aes-128-cbc
openssl speed -elapsed -evp aes-128-cbc
Benchmark using cryptsetup benchmark
:
#Tests are approximate using memory only (no storage IO).
#PBKDF2-sha1 38102 iterations per second
#PBKDF2-sha256 24637 iterations per second
#PBKDF2-sha512 5407 iterations per second
#PBKDF2-ripemd160 36008 iterations per second
#PBKDF2-whirlpool 3648 iterations per second
## Algorithm | Key | Encryption | Decryption
# aes-cbc 128b 17.1 MiB/s 13.9 MiB/s
# serpent-cbc 128b N/A N/A
# twofish-cbc 128b N/A N/A
# aes-cbc 256b 16.3 MiB/s 16.5 MiB/s
# serpent-cbc 256b N/A N/A
# twofish-cbc 256b N/A N/A
# aes-xts 256b 9.0 MiB/s 9.1 MiB/s
# serpent-xts 256b N/A N/A
# twofish-xts 256b N/A N/A
# aes-xts 512b 7.1 MiB/s 7.3 MiB/s
# serpent-xts 512b N/A N/A
# twofish-xts 512b N/A N/A
Not tested this yet (I just saw the cryptsetup-openssl
package, and I read on internet that OpenSSL is capable of use hw crypto acc.:
opkg remove cryptsetup; opkg install cryptsetup-openssl