* Rust in-kernel TLS handshake
@ 2022-12-28 1:33 FUJITA Tomonori
2022-12-28 13:50 ` Alex Gaynor
2023-01-06 9:57 ` Vincenzo Palazzo
0 siblings, 2 replies; 4+ messages in thread
From: FUJITA Tomonori @ 2022-12-28 1:33 UTC (permalink / raw)
To: rust-for-linux
Hi,
I've started in-kernel TLS handshake implementation in Rust.
https://github.com/fujita/rust-tls
There is some debate over in-kernel TLS handshake mainly because of
the complexity. I'd like to see if Rust could help with auditing such
complicated security-relevant code in the kernel.
I worked on QUIC as a consumer of TLS. This can establish a QUIC connection
with Quinn's example client, Rust QUIC implementation. Only minimum
server side functionality and connection establishment are supported.
From the perspective of Rust-for-Linux, the main work is implementing
APIs for crypto subsystem. Also libraries such as working with buffers
(like Tokio's bytes) would be helpful, I think (should be useful for
other projects). I'll work for mainline. Meanwhile you can compile
this kernel module
with my fork.
Opinions?
Resend due to a delivery issue. Sorry if you got this twice.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Rust in-kernel TLS handshake
2022-12-28 1:33 Rust in-kernel TLS handshake FUJITA Tomonori
@ 2022-12-28 13:50 ` Alex Gaynor
2022-12-29 23:34 ` FUJITA Tomonori
2023-01-06 9:57 ` Vincenzo Palazzo
1 sibling, 1 reply; 4+ messages in thread
From: Alex Gaynor @ 2022-12-28 13:50 UTC (permalink / raw)
To: FUJITA Tomonori; +Cc: rust-for-linux
Very cool! I'm excited to see demos like this!
There's many reasons to be leery of complexity in the kernel, but
security vulnerabilities due to memory unsafety is definitely a big
one, so I think you're completely correct that Rust can significantly
change the equation on that risk.
On Tue, Dec 27, 2022 at 8:49 PM FUJITA Tomonori
<fujita.tomonori@gmail.com> wrote:
>
> Hi,
>
> I've started in-kernel TLS handshake implementation in Rust.
> https://github.com/fujita/rust-tls
>
> There is some debate over in-kernel TLS handshake mainly because of
> the complexity. I'd like to see if Rust could help with auditing such
> complicated security-relevant code in the kernel.
>
> I worked on QUIC as a consumer of TLS. This can establish a QUIC connection
> with Quinn's example client, Rust QUIC implementation. Only minimum
> server side functionality and connection establishment are supported.
>
> From the perspective of Rust-for-Linux, the main work is implementing
> APIs for crypto subsystem. Also libraries such as working with buffers
> (like Tokio's bytes) would be helpful, I think (should be useful for
> other projects). I'll work for mainline. Meanwhile you can compile
> this kernel module
> with my fork.
>
I think a Rust API for the crypto subsystem would be great, I'd be
happy to help review patches for that.
When you say Tokio's bytes, what parts of it are you interested -- the
lifetime management (e.g. refcounting), or the APIs that are useful
for handling network protocols (e.g. put_u16)?
> Opinions?
>
> Resend due to a delivery issue. Sorry if you got this twice.
Cheers,
Alex
--
All that is necessary for evil to succeed is for good people to do nothing.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Rust in-kernel TLS handshake
2022-12-28 13:50 ` Alex Gaynor
@ 2022-12-29 23:34 ` FUJITA Tomonori
0 siblings, 0 replies; 4+ messages in thread
From: FUJITA Tomonori @ 2022-12-29 23:34 UTC (permalink / raw)
To: Alex Gaynor; +Cc: rust-for-linux
Hi,
Thanks for the comments!
On Wed, Dec 28, 2022 at 10:50 PM Alex Gaynor <alex.gaynor@gmail.com> wrote:
> There's many reasons to be leery of complexity in the kernel, but
> security vulnerabilities due to memory unsafety is definitely a big
> one, so I think you're completely correct that Rust can significantly
> change the equation on that risk.
Surely, I'll work on it to see how things work.
> > I worked on QUIC as a consumer of TLS. This can establish a QUIC connection
> > with Quinn's example client, Rust QUIC implementation. Only minimum
> > server side functionality and connection establishment are supported.
> >
> > From the perspective of Rust-for-Linux, the main work is implementing
> > APIs for crypto subsystem. Also libraries such as working with buffers
> > (like Tokio's bytes) would be helpful, I think (should be useful for
> > other projects). I'll work for mainline. Meanwhile you can compile
> > this kernel module
> > with my fork.
> >
>
> I think a Rust API for the crypto subsystem would be great, I'd be
> happy to help review patches for that.
Thanks, I'll try.
> When you say Tokio's bytes, what parts of it are you interested -- the
> lifetime management (e.g. refcounting), or the APIs that are useful
> for handling network protocols (e.g. put_u16)?
Probably, both.
For now I use something simple like the latter for playing with TLS
and QUIC messages.
I guess that a Rust API for the crypto might need the former; passing
buffers to the crypto subsystem via scatterlist.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: Rust in-kernel TLS handshake
2022-12-28 1:33 Rust in-kernel TLS handshake FUJITA Tomonori
2022-12-28 13:50 ` Alex Gaynor
@ 2023-01-06 9:57 ` Vincenzo Palazzo
1 sibling, 0 replies; 4+ messages in thread
From: Vincenzo Palazzo @ 2023-01-06 9:57 UTC (permalink / raw)
To: FUJITA Tomonori, rust-for-linux
This sounds pretty exciting, and I think to play with it a little
the bit will help to see what the future looks like, also this
seems a really good use case of rust in the Kernel.
Let me know if there is a need for help, I had some free time in
the next coming months.
Cheers!
Vincent.
On Wed Dec 28, 2022 at 2:33 AM CET, FUJITA Tomonori wrote:
> Hi,
>
> I've started in-kernel TLS handshake implementation in Rust.
> https://github.com/fujita/rust-tls
>
> There is some debate over in-kernel TLS handshake mainly because of
> the complexity. I'd like to see if Rust could help with auditing such
> complicated security-relevant code in the kernel.
>
> I worked on QUIC as a consumer of TLS. This can establish a QUIC connection
> with Quinn's example client, Rust QUIC implementation. Only minimum
> server side functionality and connection establishment are supported.
>
> From the perspective of Rust-for-Linux, the main work is implementing
> APIs for crypto subsystem. Also libraries such as working with buffers
> (like Tokio's bytes) would be helpful, I think (should be useful for
> other projects). I'll work for mainline. Meanwhile you can compile
> this kernel module
> with my fork.
>
> Opinions?
>
> Resend due to a delivery issue. Sorry if you got this twice.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2023-01-06 9:57 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-12-28 1:33 Rust in-kernel TLS handshake FUJITA Tomonori
2022-12-28 13:50 ` Alex Gaynor
2022-12-29 23:34 ` FUJITA Tomonori
2023-01-06 9:57 ` Vincenzo Palazzo
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.