From owner-freebsd-hackers@freebsd.org Tue Oct 27 21:15:15 2020 Return-Path: Delivered-To: freebsd-hackers@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C75E845A9A3 for ; Tue, 27 Oct 2020 21:15:15 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) Received: from CAN01-QB1-obe.outbound.protection.outlook.com (mail-eopbgr660069.outbound.protection.outlook.com [40.107.66.69]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "GlobalSign Organization Validation CA - SHA256 - G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CLPcM1jtJz4DJ4; Tue, 27 Oct 2020 21:15:14 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cXonT/yLJMvay2+MO2W5DpX0XHWFl+UZa2GQ9bum2gg0rR/by+byxVJfdo6NCcM+7QQdPRf6U7Q7/OCbMqFDgPnuVUVQ4fEfIG6DFzphqjmDBnpX9ol7ssSZjJUokpBqlfMvz8ujL0odR1HfD9P/x0dZnc3WPZxiFr67NUW9Pbhjzs+ALEduJHP3IsmMt7Lqo63aAv5NYj83UFwUwNavPEXs3L9mYdb1BJGPFJdww0+mkmDMLBAzcYfcbHyBJ3fT83kcH8MG7upyWYevts4HY8iaTzj0H6VJHHQhW780Nk6VebtMbCABjKgEzOtBibF5v++GdnfPlnNNth3R9gOaMQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0bOPvMGsqxHGUn7qzqyw3q49LsQecjxJzKe4ATPte6U=; b=jgJNCnS4xZAeJIWKwdXskYVAyg0Jj+NmlHnUezfGv1U5RJJZtgVbHN40Zu8hGZCCqwRVbGZkla3pl2HVmHLkLNrFBo38m943x3my9VB4rA94JsfHiWZH9ykGLCDizw6RmGLhqVmILs4QrEsWeLgNUOZG9GMR9eT26l49Z3o3olxBn4V700c/fs2i7Bu94PnV0sNyO3adQqVP3pO9ZVZngr6WX8rYmALKsTcjvKe7OIOfP+Yp+8u++A3s8dNwQmN375ehIRYkSFKlRLN1+yitNXQ8HaFctFkzZIkaEnEnzCczyVVCs8ZNoh42mqgXUT6Fhuh4pumL3kA/jx5LlLtYoA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=uoguelph.ca; dmarc=pass action=none header.from=uoguelph.ca; dkim=pass header.d=uoguelph.ca; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=uoguelph.ca; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=0bOPvMGsqxHGUn7qzqyw3q49LsQecjxJzKe4ATPte6U=; b=QqziR2Xhx9QYcLJvnA7RXph/Zlb20WcxVKSXFtftr4J8BMx0VsRAqgHDUa2ZECuO3iACbZ375v9gF93FvBGPdZOT9dI2BFlI2jTKU9uVp1kG5MlZ1j8a3jD0stmtL0p6evkl35fTis0cRCWViOOtNiFodfBTwk3KtUpG0LaukOsFOv/h58N7twsqV7oIf/6nUhZ4j8dcH1CwenyDoldfoBrTvtik7vJwVwVTMUqUUaYN5OEbw5hpScnLSsuKMXXqx6fnuY72qVAa7MvnOaLBC7NO+i4QN08wDx/3PtncqmhCKudB9sPY9eMe3l47BQhbxBNItCj6xQiWnUyWbb/Scg== Received: from YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:b01:24::27) by YTBPR01MB3007.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:b01:1c::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3499.18; Tue, 27 Oct 2020 21:15:12 +0000 Received: from YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM ([fe80::687f:d85a:a0a3:bd20]) by YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM ([fe80::687f:d85a:a0a3:bd20%6]) with mapi id 15.20.3499.018; Tue, 27 Oct 2020 21:15:12 +0000 From: Rick Macklem To: Mark Johnston CC: Neel Chauhan , "freebsd-hackers@freebsd.org" , "jhb@FreeBSD.org" Subject: Re: QAT driver Thread-Topic: QAT driver Thread-Index: AQHWrA1RAR1VF3VbeUCYrguyOo0PK6mqygwAgAAP+qiAAI6rAIAAiTi9 Date: Tue, 27 Oct 2020 21:15:12 +0000 Message-ID: References: <20201026200059.GA66299@raichu> <723fbd7326df42ce30cd5e361db9c736@neelc.org> <20201027032720.GB31663@raichu> , <20201027125508.GD31663@raichu> In-Reply-To: <20201027125508.GD31663@raichu> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: ac741dde-75ea-4f2d-8df7-08d87abd6474 x-ms-traffictypediagnostic: YTBPR01MB3007: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:6430; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: WEWRXB8eTYQ0w6ViMVx8YYpGCjB6Ej1JrlFhvMmBHviDqc+jeM0WJIM5+cysWCRiXhoHOPS9Gf2Jmmkdc9v+QklOCg1tubYQ8YnuL0aWdjfhZLg1YM7kVDXeg7wzD76zclj7nTrGQammpp+movRAPElLVLWaW6ZTeZG4zB4cC63gh8RN1yMf02SfwYBnoQxUKjW9pnuz3cqgs2EBC49eJLupEMOUHbiQNcf3IMlo3QEJcJGU3tXoRTE0+/dYzgMzQPjnx3pbZauvhL74WuBUuhY+//rSrOAVFHJtq1CxrnLi/N0khK2+tQKfjjl/kB4QCDwXzF8I6HPG5sBe4kPvjRDfplOqhF+u4/kbz5erkjlXF9wWHwI292bfIJeornxh/tUqgLfMNCbZddRk4pJeeA== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(346002)(396003)(366004)(136003)(376002)(39860400002)(71200400001)(66446008)(966005)(5660300002)(66946007)(76116006)(91956017)(64756008)(66556008)(66476007)(8676002)(83380400001)(9686003)(6916009)(8936002)(86362001)(4326008)(478600001)(52536014)(33656002)(186003)(3480700007)(2906002)(7696005)(7116003)(316002)(54906003)(55016002)(6506007)(786003); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata: F8QANAFsjG53G2Al+SRoHG2VjzVGa1ogx/mLsOHZxBMhbfMVlIetL50MEF3bRpHzbhXSLZMOXk2YUyXH9JOuWwCbbthY/rIDQC0lr9us5MrFD/kAsw7MZPORDbUrvqz7bZ9rC0yEGviiwFGWn3HaZWl9X0Z7y1QeZ5jNK1FuMmKpBASDFCb37dxL31SMifTcyV3Mw/E0T6505UCnXEBqnHzFiomL1b1H+/jyAmBMzguYjUGaW3mW0ABRho/v0nQKylNsNhNRu5rkTa2GeOAWDUmAr7niJtyTGWvMFM/CRXNsNDGf4Ruj6sXn6DpxJxfgn8WaUGibnBSPKMZUrXUJby+gq0Sq0oX6FhjCOdMxJaoX1J1w+tG34vnlMsDlN1BDmc7Td0mrtjB83mhZxgE1k5f5jY0bzCi7FkwMy6Jm6FjFaS0RYfL0vGSzPkTdzip98kVyaMaDj1StHMttGRJRKG8U7W639Z3exI27ypjHLaDZorJFwcX8lR05tF9novLJNRfH+qOp9NEdC6abOMVIqP3NeKyykEG2LVFnnCNGou/JY/zFc23jmun1lKHvicIsKOpKv7C4bP55t1UmTMZKSgz4H57fdYmHrVtmQT6bF6ds1BGD7SNF2xLjCChBs3ogCR+i3UDQMg+C6p0Xj9+n71xJf0LfZH2B8G3/+c95b869Q+EnPsxnTgXSRbOSjdICT+Vw1nVyVLZ1DctCZdntnw== x-ms-exchange-transport-forked: True Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: uoguelph.ca X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: YTBPR01MB3966.CANPRD01.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-Network-Message-Id: ac741dde-75ea-4f2d-8df7-08d87abd6474 X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Oct 2020 21:15:12.4643 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: be62a12b-2cad-49a1-a5fa-85f4f3156a7d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: BdOnJRB4qRaJlmoAGtswuTQIPhjPkivoxBihPyE1xo76W9+jbC0hRx9PPTd6VQf1WBDC7YcyUOHAHJBS0PZ57w== X-MS-Exchange-Transport-CrossTenantHeadersStamped: YTBPR01MB3007 X-Rspamd-Queue-Id: 4CLPcM1jtJz4DJ4 X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:8075, ipnet:40.104.0.0/14, country:US] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Oct 2020 21:15:15 -0000 Mark Johnston wrote:=0A= >On Tue, Oct 27, 2020 at 04:32:40AM +0000, Rick Macklem wrote:=0A= [stuff snipped]=0A= >> Can it be made to work with the KERN_TLS in head?=0A= >> (KERN_TLS works fine for me using the ktls_ocf and aesni modules.)=0A= >> I think it is only head and requires the patched OpenSSL3 that jhb@=0A= >> currently has.=0A= >=0A= >I hadn't looked at ktls_ocf.c before but at a glance it looks like it=0A= >can make use of any hardware or software opencrypto driver that supports= =0A= >the requested algorithms. The qat(4) port implements the algorithms=0A= >referenced by ktls_ocf_try().=0A= Well, if you were inspired to try it out, the basic doc for NFS-over-TLS is= here:=0A= https://people.freebsd.org/~rmacklem/nfs-over-tls-setup.txt=0A= (Same file is in base/projects/nfs-over-tls on subversion.)=0A= For someone who is used to building/running head kernels, it should be=0A= pretty straightforward.=0A= =0A= You could become the first tester in the whole wide world;-) rick=0A= ps: Although the NFS code uses it in the kernel, I think that an applicatio= n=0A= that uses OpenSSL's SSL_read()/SSL_write via a patched OpenSSL library= ,=0A= has the encrypt/decrypt done in the kernel and the userspace library= =0A= code just does socket I/O with unencrypted data.=0A= pss: Hopefully jhb@ will correct me if I got this wrong.=0A= =0A= > I know nothing about it, except that it seems to work well, doing=0A= > the TLS application data records in the kernel for a TCP socket=0A= > enabled by the patched OpenSSL library.=0A= > I've cc'd jhb@, so hopefully he can let us know what it needs?=0A= =0A=