But we can't, as the existing mechanisms (at least for NVMe) creates the socket in-kernel. Having to create the socket in userspace would require a completely new interface for nvme and will not be backwards compatible.Currently the prototype does not handle multiple listeners that overlap -- multiple listeners in the same net namespace that have overlapping bind addresses.Create the socket in user space, do all the handshakes you need there and then pass it to the kernel. This is how NBD + TLS works. Scales better and requires much less kernel code.
And we will still need the upcall anyways when we reconnect (re-establish the socket)
