Cryptodev-linux is a Linux-kernel device that allows user-space access to hardware cryptographic accelerators.
C Makefile C++
Clone or download
horiag and cristian-stoica ioctl.c: Fix build with linux 4.17
Since kernel 4.17-rc1, sys_* syscalls can no longer be called directly:
819671ff849b ("syscalls: define and explain goal to not call syscalls in the kernel")

Since cryptodev uses sys_close() - and this has been removed in commit:
2ca2a09d6215 ("fs: add ksys_close() wrapper; remove in-kernel calls to sys_close()")
cryptodev has to be updated to use the ksys_close() wrapper.

Signed-off-by: Horia Geantă <>
Latest commit f60aa08 May 24, 2018


This is a /dev/crypto device driver, equivalent to those in OpenBSD or
FreeBSD. The main idea is to access of existing ciphers in kernel space 
from userspace, thus enabling the re-use of a hardware implementation of a

For questions and suggestions please use the mailing lists at:

=== How to combine with cryptographic libraries ===

* GnuTLS: 

GnuTLS needs to be compiled with --enable-cryptodev in order to take
advantage of /dev/crypto. GnuTLS 3.0.14 or later is recommended.

* OpenSSL:

Note that OpenSSL's cryptodev implementation is outdated, and there
are issues with it. For that we recommend to use the patches
below, that we have provided to the openssl project.

After applying the patches you can add cryptodev support by using the
-DHAVE_CRYPTODEV and -DUSE_CRYPTODEV_DIGESTS flags during compilation.
Note that the latter flag (digests) may induce a performance penalty
in some systems. 

=== Modifying and viewing verbosity at runtime ===

For debugging often the verbosity of the driver needs to be adjusted.
The sysctl tool can be used for that.

# sysctl ioctl.cryptodev_verbosity
ioctl.cryptodev_verbosity = 0

# sysctl ioctl.cryptodev_verbosity=3
ioctl.cryptodev_verbosity = 3