lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 13 May 2022 10:57:06 +0300
From:   Maxim Mikityanskiy <maximmi@...dia.com>
To:     Jakub Kicinski <kuba@...nel.org>
Cc:     "David S. Miller" <davem@...emloft.net>,
        Daniel Borkmann <daniel@...earbox.net>,
        Paolo Abeni <pabeni@...hat.com>,
        Boris Pismenny <borisp@...dia.com>,
        Tariq Toukan <tariqt@...dia.com>,
        Saeed Mahameed <saeedm@...dia.com>,
        Gal Pressman <gal@...dia.com>, netdev@...r.kernel.org
Subject: Re: [PATCH net-next v2] tls: Add opt-in zerocopy mode of sendfile()

On 2022-05-13 02:34, Jakub Kicinski wrote:
> On Wed, 11 May 2022 15:15:25 +0300 Maxim Mikityanskiy wrote:
>> TLS device offload copies sendfile data to a bounce buffer before
>> transmitting. It allows to maintain the valid MAC on TLS records when
>> the file contents change and a part of TLS record has to be
>> retransmitted on TCP level.
>>
>> In many common use cases (like serving static files over HTTPS) the file
>> contents are not changed on the fly. In many use cases breaking the
>> connection is totally acceptable if the file is changed during
>> transmission, because it would be received corrupted in any case.
>>
>> This commit allows to optimize performance for such use cases to
>> providing a new optional mode of TLS sendfile(), in which the extra copy
>> is skipped. Removing this copy improves performance significantly, as
>> TLS and TCP sendfile perform the same operations, and the only overhead
>> is TLS header/trailer insertion.
>>
>> The new mode can only be enabled with the new socket option named
>> TLS_TX_ZEROCOPY_SENDFILE on per-socket basis. It preserves backwards
>> compatibility with existing applications that rely on the copying
>> behavior.
>>
>> The new mode is safe, meaning that unsolicited modifications of the file
>> being sent can't break integrity of the kernel. The worst thing that can
>> happen is sending a corrupted TLS record, which is in any case not
>> forbidden when using regular TCP sockets.
>>
>> Sockets other than TLS device offload are not affected by the new socket
>> option.
> 
> What about the reporting via sock diag? Am I misremembering something?

I recall we discussed that "zerocopy is active" can be restored as 
"hardware offload && setsockopt flag requested", and I saw that 
tls_get_info exposes the hardware offload state for the socket, so I 
thought the existing information in sock_diag was enough.

If you think, though, that it will be better to have an explicit 
indication of the zerocopy flag to sock_diag, I can add it, it's not a 
problem.

Does the rest of the patch look good to you?

Thanks,
Max

Powered by blists - more mailing lists