From owner-freebsd-net@freebsd.org Thu Jul 2 05:40:32 2015 Return-Path: Delivered-To: freebsd-net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 74D5B992AE7 for ; Thu, 2 Jul 2015 05:40:32 +0000 (UTC) (envelope-from vrock28@gmail.com) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 5702A2B12 for ; Thu, 2 Jul 2015 05:40:32 +0000 (UTC) (envelope-from vrock28@gmail.com) Received: by mailman.ysv.freebsd.org (Postfix) id 56423992AE6; Thu, 2 Jul 2015 05:40:32 +0000 (UTC) Delivered-To: net@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 3BC70992AE5 for ; Thu, 2 Jul 2015 05:40:32 +0000 (UTC) (envelope-from vrock28@gmail.com) Received: from mail-wg0-x236.google.com (mail-wg0-x236.google.com [IPv6:2a00:1450:400c:c00::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id CEE722B11 for ; Thu, 2 Jul 2015 05:40:31 +0000 (UTC) (envelope-from vrock28@gmail.com) Received: by wgjx7 with SMTP id x7so53212029wgj.2 for ; Wed, 01 Jul 2015 22:40:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type; bh=uwi8kNxxeiUY3wwF4xbNGkhnFEr8ormj0k2zJbg1VMI=; b=skrqQ96FQM/2W3nwlUWHS85/pG+UY2mtEgZhq07QDadX6X27G33G758HAxzCEPBJHY Qye/zZTs8Vm9nzjofz0d+99ReGbAvWMc1pW41SczLNKhkAUmJ2QqXeXjmv18bWvS/bu/ EK4i12fjB1X6+YiyrxtO8i1pQjq5MUJeym3ZENo7yx2SQvZ57MOFSaWE95iw7GcLIyII OZWsB56UJaoApEjKiesCX3AJiiUsfV0OxuEkhZ+yp8SDtzK4pxqyTTK5JAE8xEJK8v9E cIqOejMpqvHKzDb+ja00dcTttm2svIazVHd4Srty0Dew0vswVCeQ9ECiotVoOqmHslPT 7oAQ== X-Received: by 10.194.81.67 with SMTP id y3mr54087202wjx.7.1435815630196; Wed, 01 Jul 2015 22:40:30 -0700 (PDT) MIME-Version: 1.0 Received: by 10.194.85.48 with HTTP; Wed, 1 Jul 2015 22:40:10 -0700 (PDT) In-Reply-To: References: From: Rakshith Venkatesh Date: Thu, 2 Jul 2015 11:10:10 +0530 Message-ID: Subject: Fwd: Integrating OpenSSL app with NetMap [Help needed] To: net@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Jul 2015 05:40:32 -0000 Hi , As we all know, OpenSSL community moved away from the kernel implementation to a user-space one not so long ago. Now trying to port the latest OpenSSL code into FreeBSD kernel is one of the items i was looking at and after having exhaustive rounds of discussion with relavent stake-holders, we decided not to pursue the path of porting the whole user-space OpenSSL code into kernel. Now we have decided to retain openSSL library in user-space but i wanted to integrate NetMAP API's so that known system overheads such as context switches etc are eliminated and we could get good performance. Now the workflow that i have in mind is that the encrypted packet gets pulled in from the MMAP'd region and OpenSSL code in user-space goes about doing the de-cryption part. But before that, i wanted to know which library can be used to actually do the TCP/IP packet processing in user-space. The next part is how to push the decrypted packets back to kernel for services in kernel to consume. Can NetMap API's push the decrypted packets down to lets say another MMAP'd region so that kernel services/components can act on the de-crypted packet to proceed with execution further? Your inputs and Giudance would be really helpful. Thanks!