Re: [PATCH v15 net-next 00/12] Chelsio Inline TLS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

On 4/1/2018 6:37 AM, David Miller wrote:
From: Atul Gupta <atul.gupta@xxxxxxxxxxx>
Date: Sat, 31 Mar 2018 21:41:51 +0530

Series for Chelsio Inline TLS driver (chtls)

Series applied, thank you.


Sorry for being late to the party, could you please help answer a few questions to help me understand better.

1. What happens if someone attempts to set a TCP socket option for a socket whose TCP stack resides in the TCP offload engine(TOE)? Do you emulate all Linux socket options? What about IP socket options?

If I follow the code correctly, then the original TCP/IP setsockopt is called. But, it doesn't change any of the parameters of the TCP/IP offload engine in hardware.

2. I can't find where is the TLS record sequence number pushed to hardware. Is that on purpose?

FYI, ignoring this parameter might cause a record sequence number reuse which breaks the integrity of the AES-GCM TLS ciphersuite.

3. How does a TOE handle Tx only or Rx only?

4. What happens when there is a routing change that redirects traffic to a different netdev? Is there a software fallback?

5. The TLS socket option is set in the middle of a TCP connection. What happens to the existing TCP connection and the data that is currently queued in the TCP write queue?

Thanks,
Boris.




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux