| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <601354bc-10b7-f008-c3d2-88d715eba812@chelsio.com>
Date: Thu, 11 Apr 2019 09:47:09 +0530
From: Atul Gupta <atul.gupta@...lsio.com>
To: Jakub Kicinski <jakub.kicinski@...ronome.com>
Cc: herbert@...dor.apana.org.au, davem@...emloft.net,
linux-crypto@...r.kernel.org, netdev@...r.kernel.org,
dt@...lsio.com
Subject: Re: [crypto 0/4] Inline TLS client and v6 support
On 4/10/2019 9:28 PM, Jakub Kicinski wrote:
> On Wed, 10 Apr 2019 10:56:37 +0530, Atul Gupta wrote:
>> On 4/9/2019 11:31 PM, Jakub Kicinski wrote:
>>> On Tue, 9 Apr 2019 08:22:34 -0700, Atul Gupta wrote:
>>>> Extends Inline TLS record processing to TLS client. connect
>>>> API is added to tls_context to setup hardware for TLS
>>>> connection and handshake. Functionality wise, this makes the solution
>>>> end-to-end Inline TLS capable. TLS server and client
>>>> can operate in Inline mode and leverage hardware for complete
>>>> TLS record offload.
>>>> [0004] Adds the IPv6 support for Inline TLS server/client.
>>>>
>>>> RFC series for this patch was created against net-next and
>>>> submitted on 18 Jan'2019.
>>>> This series is created against Herbert branch.
>>> Sorry if someone already asked this, but is your HW doing full ToE
>>> for all this TLS "record offload" stuff?
>> Yes Jakub
> So from what I grok you already feed all the data directly to the
> socket completely bypassing the lower layers of the networking stack,
> and with this patch set you'd also move 3WHS into the FW?
Yes, that's correct.
Powered by blists - more mailing lists