| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20200714.133849.786362008823993310.davem@davemloft.net>
Date: Tue, 14 Jul 2020 13:38:49 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: borisp@...lanox.com
Cc: kuba@...nel.org, john.fastabend@...il.com, daniel@...earbox.net,
tariqt@...lanox.com, netdev@...r.kernel.org
Subject: Re: [PATCH] tls: add zerocopy device sendpage
From: Boris Pismenny <borisp@...lanox.com>
Date: Tue, 14 Jul 2020 10:31:25 +0300
> At the time, Dave objected when we presented this on the netdev conference,
> and we didn't want to delay the entire series just to argue this point. It's
> all a matter of timing and priorities. Now we have an ASIC that uses this API,
> and I'd like to show the best possible outcome, and not the best possible given
> an arbitrary limitation that avoids an error where the user does something
> erroneous.
It's not arbitrary, and what the user is doing is not "erroneous".
Imagine a userspace fileserver using sendpage, other users in the system can
write to the files while the fileserver sends it off to a client.
And that's perfectly legitimate and fine. We get the IP checksums
correct, everything works.
And, therefore, if TLS is used, the signatures should be correct too.
And I'm also happy to hear that from the very start I was against an
implementation that would knowingly send incorrect signatures.
I'm not moving on this point, sorry. Correctness over performance.
Powered by blists - more mailing lists