lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <9ce530f5-cfe7-b1d4-ede6-d88801a769ba@novek.ru>
Date:   Wed, 9 Jun 2021 01:27:01 +0100
From:   Vadim Fedorenko <vfedorenko@...ek.ru>
To:     Alexander Aring <aahringo@...hat.com>
Cc:     netdev@...r.kernel.org, linux-nfs@...r.kernel.org,
        linux-cifs@...r.kernel.org, smfrench@...il.com,
        Leif Sahlberg <lsahlber@...hat.com>,
        Steven Whitehouse <swhiteho@...hat.com>
Subject: Re: quic in-kernel implementation?

On 08.06.2021 22:06, Alexander Aring wrote:
> Hi Vadim,
> 
> On Tue, Jun 8, 2021 at 4:59 PM Vadim Fedorenko <vfedorenko@...ek.ru> wrote:
>>
>> On 07.06.2021 16:25, Alexander Ahring Oder Aring wrote:
>>> Hi,
>>>
>>> as I notice there exists several quic user space implementations, is
>>> there any interest or process of doing an in-kernel implementation? I
>>> am asking because I would like to try out quic with an in-kernel
>>> application protocol like DLM. Besides DLM I've heard that the SMB
>>> community is also interested into such implementation.
>>>
>>> - Alex
>>>
>>
>> Hi!
>> I'm working on test in-kernel implementation of quic. It's based on the
>> kernel-tls work and uses the same ULP approach to setup connection
>> configuration. It's mostly about offload crypto operations of short header
>> to kernel and use user-space implementation to deal with any other types
>> of packets. Hope to test it till the end of June with some help from
>> Jakub.
> 
> Thanks, sounds interesting. Does this allow the kernel to create a quic socket?
> 

Not exactly. It's based on top of UDP socket and is configured by setsockopt
like it's done for Kernel TLS implementation. The main point of this work is to
offload cryptography only without implementing special address family.


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ