lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 15 Apr 2019 14:40:03 +0530
From:   Atul Gupta <atul.gupta@...lsio.com>
To:     David Miller <davem@...emloft.net>, jakub.kicinski@...ronome.com
Cc:     herbert@...dor.apana.org.au, linux-crypto@...r.kernel.org,
        netdev@...r.kernel.org, dt@...lsio.com
Subject: Re: [crypto 0/4] Inline TLS client and v6 support


On 4/12/2019 12:22 AM, David Miller wrote:
> From: Jakub Kicinski <jakub.kicinski@...ronome.com>
> Date: Thu, 11 Apr 2019 11:45:06 -0700
>
>> I think the "netdev community" feels pretty strongly about preventing
>> protocol ossification and bypassing crucial parts of the infrastructure.
> Correct.

I understand the concern, the objective of complete offload of TLS record is an option to kTLS and other solutions. Have taken care to keep code out of netdev into crypto driver and allow user to choose record offload capability. Application buffer from socket is posted to HW for encryption, Segmentation and Tx on wire. The path provides near line-rate [100Gbps] Inline encrypt/decrypt b/w. If community feels this path adds value and can sit in crypto driver then I will work on build comments and resend v1?

Regards

Atul

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ