From owner-freebsd-arch@freebsd.org Sun Jan 10 14:40:47 2021 Return-Path: Delivered-To: freebsd-arch@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D16184CE97F for ; Sun, 10 Jan 2021 14:40:47 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) Received: from CAN01-TO1-obe.outbound.protection.outlook.com (mail-eopbgr670088.outbound.protection.outlook.com [40.107.67.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "GlobalSign Organization Validation CA - SHA256 - G3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4DDKJZ5Jlxz4kGk; Sun, 10 Jan 2021 14:40:46 +0000 (UTC) (envelope-from rmacklem@uoguelph.ca) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=IG/a+LShu8xVMA4no+TngsRxQ+exjJ3SgQEKUSUrvlenrijSM6zcl0qLOEko190lScuz77cDrGRF34L1C/vVQtSUu+1r9j16u4mRhOIaroZ9ggPWEDvA3slt92o4FGtzpBNHA26dHNnVCUqYp7TWaBWOYw+K//2lM1671L2OXm/8f0FAD641Z6pAuwY1+zZop2NPtKZwGP5yBhknXeHePRIPCJoCwvGYUW3UP8h+EOs73aV27uFfR3fI9+dOwlLoPq847DeSwwBhefDvo887V/YFB/XeNBHT7fNmFCIqeD6vhGZ4BaaOPV4HmuMyGlZh63v0XFeNsBahly5OQ/jxLw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NxJRWlgF/wHhK7IDwGZLKZFfxMYpJd9fD7Nd9vSB4Ew=; b=BL79nFVsxITuvW9pmspJbgCHVXaOff02C4bqBdnnqyRB4jJXVtFi5QXw3hoX+xw0DeRPdyzH04GZv5SRV67S4vzdp9Ku1zsS55X5EURPt2DimLWBnTcahJL+pVYJaNlx6VFTKJ5o/Zv92M3ou1N99AdzCjXzU/DU3Rz8Rcjfh/R3zRJaP2zu4lkTjqTo7dgtr+dsp/uSNjrGfjMJMTRHlQlGZNt13SeK4jNK/uI3co5H+ErpvVKajJs6RiCP9iO6QUrk/Yd2qimD1tQL7xw99s59Z9yk7FOy3y9zvLrx/Q2X2OqOeiNFe8gjv7+cP5J8CaT16/bY9TDb3bSvBYrjPA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=uoguelph.ca; dmarc=pass action=none header.from=uoguelph.ca; dkim=pass header.d=uoguelph.ca; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=uoguelph.ca; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NxJRWlgF/wHhK7IDwGZLKZFfxMYpJd9fD7Nd9vSB4Ew=; b=f/J4AodY68RUJXYY0t9fKAODfnwcEKd4osjQiSZe74HKvgPqfSJqTumvg+Hik05y6x1TC7bl5mVs5RVtAPCsHSkNCnE+X8CgAAhKXEM48juzzoj/vOfop3aGMjzuUpINm93NwbjIYJWy1WDbQV/f2cFyVudTGzom3gOSlrj9VKpLzMtBOdGofEu+A359E8TBn5v9NAkdV/jjUQP7mnXc4yraebwMqYmZwIm5hAT+rlbVeZ3xNGAT+19UvH62qbCERU0SkVxnXhUqDtJXjHOWNaJPvHkfylBXmhC3xmckiae0s85lX+mgnOrN9S8OyNXn1T4yRKZucX9ouB82usQVtQ== Received: from YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:c00:19::29) by YQXPR01MB2711.CANPRD01.PROD.OUTLOOK.COM (2603:10b6:c00:45::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3742.11; Sun, 10 Jan 2021 14:40:44 +0000 Received: from YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM ([fe80::3d86:c7f9:bc4c:40c0]) by YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM ([fe80::3d86:c7f9:bc4c:40c0%6]) with mapi id 15.20.3742.012; Sun, 10 Jan 2021 14:40:44 +0000 From: Rick Macklem To: "freebsd-arch@FreeBSD.org" , John Baldwin , Allan Jude Subject: Re: Should we enable KERN_TLS on amd64 for FreeBSD 13? Thread-Topic: Should we enable KERN_TLS on amd64 for FreeBSD 13? Thread-Index: AQHW5eNvRyaqghxs0EmWNOwUeGmWsqoeQzCAgAA3aoCAANV/34AATsIAgAB/hOWAANKV2g== Date: Sun, 10 Jan 2021 14:40:44 +0000 Message-ID: References: <8eff83e5-49bc-d410-626e-603c03877b80@cs.duke.edu> <20210108214446.GJ31099@funkthat.com> <4fe4a57c-8c43-a677-4872-d0671104c414@FreeBSD.org> , <121d9135-e2a1-11ac-2538-f9fbb7505d89@quip.cz>, In-Reply-To: Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 2755da84-93bc-4ee6-ac7a-08d8b575b64a x-ms-traffictypediagnostic: YQXPR01MB2711: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: zqUkcCOnDXWpjGY8jQV0nK+OVH3hoIA2/NOL+hQ4kmBOt5y9grQ1RDKXoH8ePIMQxYacwI2n7+5fZeo3ZLSrxbvZnWBZbRwm/5DBFIFWe46F5X29xW8OPZ1s+10B1/MvG9AnQQMeN4+Wmlx/aGBvXUeJwNAqcz2neF2gFCNTpPRw+6bNJlxq1jJr9qG3fwBVovw8HOntLLVnEhWNLR+wI8xDEoCrdP0WXehPspyk8QohqoKx7oWBYgxagNq1+Mw2zqtBptwifE63P8xh+8b2v/7AZhh9Hos/CHLIDvjOTb+kFbidW4ZKQz0m0akwyr/bqjrJ4k+tJwk86n+nO9nZOxHU5hrVjlw+yoIuZBfARrPKan7PzxZe+YiqwSX3X4cgXE9v3mRGUSJehRvmZVNbTZL6wLRHz+D1qPtaemr2caZLwfreIwAuSR06zPpX8gGC1SV8w+8Wv1s9Zh19YkyZcA== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(136003)(366004)(346002)(376002)(39850400004)(396003)(83380400001)(8936002)(786003)(316002)(55016002)(66476007)(66556008)(9686003)(52536014)(6506007)(66446008)(8676002)(478600001)(7696005)(966005)(66946007)(5660300002)(86362001)(71200400001)(450100002)(33656002)(2906002)(76116006)(91956017)(110136005)(2940100002)(186003)(64756008); DIR:OUT; SFP:1101; x-ms-exchange-antispam-messagedata: hpO3cRBGEH5rhHZjwTZg7kGAVPhMxML02SXrbfR1suElfG8j9+MUmXJ7zS6qwatv+m9hmwIEQHZz3a+2BNKDv7wkS96r1i7JoLS5W8BMgpAJ3QBvrwLqn7rzN0YhgSy/DL+oAR5tdhwynPKe/IkPBbkBWLBTmhP9+UPw8Pww+/q6fQiGpAXQDL/tjCDM1GCzRtnd/8CNRhVq7crJiljOpsr8K8kWnL9ftalrOda9Vyjv6vlSlLyl0nU0wN0ZDmR8ZinHK4x3WTlUqvaTLmyhFjGTVJLunGLknJbfCcUVnPfCIosJBK7bgXIet1wfABnSskyl1dD9DRKjJ1RpauNqX7Asa+JjxWlFRTfdO91xTRrxDelHhOS1UG/grHkForJx0dIP8kRRlGXpIZkx/pRTBFz6Dn0G6zaRjn18mdFH5ujom1dqvqSKmSvqTy5gcUbimat6vRRKwa1ERzaY9wOt8NTBNYMTimOr1tZJ6BaVIdgDHryKx7LQfvyvkBLj0C+cv2TYp8KOrcbTvK5aOdHa2DALpZ9vozYcdsJR8lGofmSaHLiAHyTjRWdM628Z0LhOYVJNOrlG4c23xQXlcuu9KDLtJxxhNfOqYhT/HkbzvnTcuCVNDNZBgcAslh9KPOfc+QY+mc6BQeJ4XcEI7rF07jqKT79te/ArBlI2OnWsBTw+9ImQlPyZZsTDkOSws6ZU7TEjqU3+7vLXwr0VoBx7AiZm1DuGfivgHebaWquY/XchCwcDPaPNJ0V7DPOmFNPOfB/GUwPkELVO5mayzvGZzRfGswad4lXDvtY/KkGy+fQ= x-ms-exchange-transport-forked: True Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-OriginatorOrg: uoguelph.ca X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: YQXPR0101MB0968.CANPRD01.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-Network-Message-Id: 2755da84-93bc-4ee6-ac7a-08d8b575b64a X-MS-Exchange-CrossTenant-originalarrivaltime: 10 Jan 2021 14:40:44.6313 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: be62a12b-2cad-49a1-a5fa-85f4f3156a7d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: a4rhenOiQGPRK1P2KA9WYmRyYLdk/auZQTkZLyes0Olqy8d5rKtiEb/o+7E9aVtvTjFFpt5YtdBRe1oPHai3cA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: YQXPR01MB2711 X-Rspamd-Queue-Id: 4DDKJZ5Jlxz4kGk X-Spamd-Bar: ----- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=uoguelph.ca header.s=selector1 header.b=f/J4AodY; arc=pass (microsoft.com:s=arcselector9901:i=1); dmarc=pass (policy=none) header.from=uoguelph.ca; spf=pass (mx1.freebsd.org: domain of rmacklem@uoguelph.ca designates 40.107.67.88 as permitted sender) smtp.mailfrom=rmacklem@uoguelph.ca X-Spamd-Result: default: False [-5.10 / 15.00]; TO_DN_EQ_ADDR_SOME(0.00)[]; TO_DN_SOME(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:40.107.0.0/16]; RCVD_COUNT_THREE(0.00)[3]; DKIM_TRACE(0.00)[uoguelph.ca:+]; DMARC_POLICY_ALLOW(-0.50)[uoguelph.ca,none]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RCVD_IN_DNSWL_LOW(-0.10)[40.107.67.88:from]; SUBJECT_ENDS_QUESTION(1.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[40.107.67.88:from]; ARC_ALLOW(-1.00)[microsoft.com:s=arcselector9901:i=1]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:8075, ipnet:40.104.0.0/14, country:US]; RCVD_TLS_LAST(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[uoguelph.ca:s=selector1]; FREEFALL_USER(0.00)[rmacklem]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; MIME_GOOD(-0.10)[text/plain]; SPAMHAUS_ZRD(0.00)[40.107.67.88:from:127.0.2.255]; DWL_DNSWL_LOW(-1.00)[uoguelph.ca:dkim]; FROM_EQ_ENVFROM(0.00)[]; RWL_MAILSPIKE_POSSIBLE(0.00)[40.107.67.88:from]; MAILMAN_DEST(0.00)[freebsd-arch] X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 10 Jan 2021 14:40:47 -0000 Miroslav Lachman wrote:=0A= >Rick Macklem wrote:=0A= [stuff snipped]=0A= >>=0A= >> I don't know what the relationship between ports and packages is,=0A= >> but if there is soon a package for openssl-devel (with KTLS enabled=0A= >> like it is in ports), then no build from sources would be needed for=0A= >> openssl.=0A= >=0A= >If package is built with dependency on base OpenSSL then it will not use= =0A= >libraries installed by openssl-devel.=0A= >If packgage is built with dependency on ports OpenSSL (security/openssl)= =0A= >then it pulls openssl package and openssl-devel will be deinstalled as=0A= >it conflicts with other SSL implementations. They cannot coexist.=0A= Sorry, what I meant by relationship is if/when a port becomes a package.=0A= =0A= I am not at home, so I can't try:=0A= # pkg install openssl-devel=0A= to see if it works.=0A= =0A= My point was "if it works or will work soon, then having KERN_TLS in=0A= GENERIC would be nice, since then nothing needs to be built from source.=0A= =0A= rick=0A= =0A= =0A= > --> It is unfortunate that Openssl3 (openssl-devel) is still in alpha tes= t.=0A= >=0A= > If there is a package for an openssl with KTLS support, then having KERN_= TLS=0A= > in GENERIC might be nice, since no source builds would be needed.=0A= > (I have no preference w.r.t "enabled by default", since the=0A= > sysctl can easily be set via sysctl.conf.)=0A= >=0A= > Although nfs-over-tls is not yet implemented for non-FreeBSD=0A= > systems, I would like to see it become easy to enable during the=0A= > FreeBSD release cycle and having KERN_TLS in GENERIC would=0A= > be a step in that direction.=0A= >=0A= > Oh, and I'm not saying it is worth changing, but having Openssl=0A= > use KTLS and the kernel use KERN_TLS slightly obscures the fact=0A= > that they refer to related code.=0A= =0A= _______________________________________________=0A= freebsd-arch@freebsd.org mailing list=0A= https://lists.freebsd.org/mailman/listinfo/freebsd-arch=0A= To unsubscribe, send any mail to "freebsd-arch-unsubscribe@freebsd.org"=0A= =0A=