All of lore.kernel.org
 help / color / mirror / Atom feed
From: Boris Pismenny <borisp@mellanox.com>
To: David Miller <davem@davemloft.net>
Cc: kuba@kernel.org, john.fastabend@gmail.com, daniel@iogearbox.net,
	tariqt@mellanox.com, netdev@vger.kernel.org
Subject: Re: [PATCH] tls: add zerocopy device sendpage
Date: Tue, 14 Jul 2020 01:15:26 +0300	[thread overview]
Message-ID: <9d13245f-4c0d-c377-fecf-c8f8d9eace2a@mellanox.com> (raw)
In-Reply-To: <20200713.120530.676426681031141505.davem@davemloft.net>

On 13/07/2020 22:05, David Miller wrote:
> From: Boris Pismenny <borisp@mellanox.com>
> Date: Mon, 13 Jul 2020 10:49:49 +0300
>
>> An alternative approach that requires no knobs is to change the
>> current TLS_DEVICE sendfile flow to skip the copy. It is really
>> not necessary to copy the data, as the guarantees it provides to
>> users, namely that users can modify page cache data sent via sendfile
>> with no error, justifies the performance overhead.
>> Users that sendfile data from the pagecache while modifying
>> it cannot reasonably expect data on the other side to be
>> consistent. TCP sendfile guarantees nothing except that
>> the TCP checksum is correct. TLS sendfile with copy guarantees
>> the same, but TLS sendfile zerocopy (with offload) will send
>> the modified data, and this can trigger an authentication error
>> on the TLS layer when inconsistent data is received. If the data
>> is inconsistent, then letting the user know via an error is desirable,
>> right?
>>
>> If there are no objections, I'd gladly resubmit it with the approach
>> described above.
> The TLS signatures are supposed to be even stronger than the protocol
> checksum, and therefore we should send out valid ones rather than
> incorrect ones.

Right, but one is on packet payload, while the other is part of the payload.

>
> Why can't the device generate the correct TLS signature when
> offloading?  Just like for the protocol checksum, the device should
> load the payload into the device over DMA and make it's calculations
> on that copy.

Right. The problematic case is when some part of the record is already
received by the other party, and then some (modified) data including
the TLS authentication tag is re-transmitted.
The modified tag is calculated over the new data, while the other party
will use the already received old data, resulting in authentication error.

>
> For SW kTLS, we must copy.  Potentially sending out garbage signatures
> in a packet cannot be an "option".
Obviously, SW kTLS must encrypt the data into a different kernel buffer,
which is the same as copying for that matter. TLS_DEVICE doesn't require this.


  reply	other threads:[~2020-07-13 22:15 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <1594550649-3097-1-git-send-email-borisp@mellanox.com>
     [not found] ` <20200712.153233.370000904740228888.davem@davemloft.net>
2020-07-13  7:49   ` [PATCH] tls: add zerocopy device sendpage Boris Pismenny
2020-07-13 19:05     ` David Miller
2020-07-13 22:15       ` Boris Pismenny [this message]
2020-07-13 22:59         ` Jakub Kicinski
2020-07-14  7:31           ` Boris Pismenny
2020-07-14 16:23             ` Jakub Kicinski
2020-07-14 20:38             ` David Miller
2020-07-14  1:02         ` David Miller
2020-07-14  7:27           ` Boris Pismenny
2020-07-14 20:42             ` David Miller
2020-07-14 20:56               ` Boris Pismenny
2020-07-12 10:53 Boris Pismenny

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=9d13245f-4c0d-c377-fecf-c8f8d9eace2a@mellanox.com \
    --to=borisp@mellanox.com \
    --cc=daniel@iogearbox.net \
    --cc=davem@davemloft.net \
    --cc=john.fastabend@gmail.com \
    --cc=kuba@kernel.org \
    --cc=netdev@vger.kernel.org \
    --cc=tariqt@mellanox.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.