Re: [PATCH 0/2] Add TLS record layer encryption module

From: Cristian Stoica
Date: Fri Aug 01 2014 - 04:25:12 EST

Next message: Wanpeng Li: "Re: [PATCH 2/2] KVM: nVMX: fix acknowledge interrupt on exit when APICv is in use"
Previous message: Namhyung Kim: "[PATCH] perf script: Fix possible memory leaks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>> This set of patches introduces support for TLS 1.0 record layer
>> encryption/decryption with a corresponding algorithm called
>> tls10(hmac(<hash>),cbc(<cipher>)).
>>
>> Similarly to authenc.c on which it is based, this module mixes the base
>> algorithms in software to produce an algorithm that does record layer
>> encryption and decryption for TLS1.0.
>> Any combination of hw and sw base algorithms is possible, but the purpose
>> is to take advantage of hardware acceleration for TLS record layer offloading
>> when hardware acceleration is present.
>
> What is this used for? AF_ALG? I find it hard to believe that the
> kernel will ever want to use this internally.

Yes, AF_ALG is what we have in mind.

Cristian S.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Wanpeng Li: "Re: [PATCH 2/2] KVM: nVMX: fix acknowledge interrupt on exit when APICv is in use"
Previous message: Namhyung Kim: "[PATCH] perf script: Fix possible memory leaks"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]