From owner-freebsd-questions@freebsd.org Thu Mar 9 09:47:19 2017 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id E25AFD02B96 for ; Thu, 9 Mar 2017 09:47:19 +0000 (UTC) (envelope-from mynidiravichandra@gmail.com) Received: from mail-it0-x22e.google.com (mail-it0-x22e.google.com [IPv6:2607:f8b0:4001:c0b::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id AB2EA1A8F for ; Thu, 9 Mar 2017 09:47:19 +0000 (UTC) (envelope-from mynidiravichandra@gmail.com) Received: by mail-it0-x22e.google.com with SMTP id g138so63309859itb.0 for ; Thu, 09 Mar 2017 01:47:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=4/Rtvrm1GWSD04e0L2+D15Lr+z56gv+gD1v0H2NniyQ=; b=R0zE/EnX+xLvsbc2wwwmi0LW/frMGFIeYCiVHwNtElKKF3BH7ov+gEBIE50/YAkgPH p3vsJQew6XM1Zqhsnf4Q7sGk5lqyF/hcGqDuEy0vMDNq0zJWQVJziXUUovu4uAYGeQbW kZ1AUOetJCdIwa00NpkdpONiunt8gqE4V4Py/IhHbHCbVfy24BJQDiuKrdGEArQik3eA 9ZFycdpUI5pYoswAHel08CmIfSX4X/90J1Sevc+n9bV121Dia9VcwYC/L42X6dFtFY3/ aAsBAsF9vt1rJrDRyruPzE8jFG9syDNZwLUFZUIQ18LwRTyTAb+GeGdXz+hlIEggmegG MLmA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=4/Rtvrm1GWSD04e0L2+D15Lr+z56gv+gD1v0H2NniyQ=; b=GOZidxeKcgqmSwkgSnotN1rQ418ntrA2ph1ef9Lkh6kgDYoINsQPgdaLaK5UjuftL7 ppm4TeEQYgqJSqmY2iU1ZnQJePGa6mU8VrhJ37/I8xtoXR8MzQ0lnv7VnnT1G3L2laBV dPSKefrn1neVChnuoIBwv99sHCEZrHeUOsdXmRgqoy1Kb8f3v6H9BF4MKp+8cnlxDa2m LM8OWMP5cqk8qWp2vzlF90xpQHC+/uRy76Cm/6nIlMb3nmueQnGhiurkWiPAPzBxIyT+ dy7wNNwPgkXDDSzlasT38jzmXHWlZJSKNMSl1Jfj4tVzZVW19MkAd2cV7sRkCS2qDeRi kRrQ== X-Gm-Message-State: AMke39m5YwYv4ebO9ciPLvaGShCLROGFcELZcqolxqVgPCeTIJuHFQNwaLpxiTWOnPgegQzzYkaVfEAzvkTs9Q== X-Received: by 10.36.68.18 with SMTP id o18mr10970927ita.43.1489052839195; Thu, 09 Mar 2017 01:47:19 -0800 (PST) MIME-Version: 1.0 Received: by 10.36.217.134 with HTTP; Thu, 9 Mar 2017 01:47:18 -0800 (PST) In-Reply-To: References: From: Ravichandra Date: Thu, 9 Mar 2017 15:17:18 +0530 Message-ID: Subject: Re: Support of TLS processing in kernel To: Ben Woods Cc: freebsd-questions@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Mar 2017 09:47:20 -0000 Hi Ben, I have looked at this paper. I couldn't find any patch or support being added to FreeBSD kernel. Do you know if this implementation is done? Thanks Ravichandra On Thu, Mar 9, 2017 at 3:12 PM, Ben Woods wrote: > On Wed, 8 Mar 2017 at 7:03 pm, Ravichandra > wrote: > >> Hi, >> Recently some work is done by people at facebook about TLS processing in >> kernel. >> It is called as kernel TLS by them. A kernel patch for the same is >> submitted on >> linux kernel. I am trying to see something similar can be done for FreeBSD >> too. I see >> that stream parsing(strparsing module) support which is leveraged by this >> kernel TLS >> module is present in linux kernel and not in FreeBSD. This stream parsing >> module >> helps the kernel to custom parse the TCP data according to a application >> layer protocol >> requirement. Is there a way that helps to achieve the same in FreeBSD? >> >> Thanks >> Ravichandra > > > Netflix have previously done TLS in the FreeBSD kernel. > > You can see their paper on it here: > > https://people.freebsd.org/~rrs/asiabsd_tls_improved.pdf > > Regards, > Ben > >> -- > > -- > From: Benjamin Woods > woodsb02@gmail.com >