copy on write for splice() from file to pipe?
metze at samba.org
Thu Feb 9 14:29:18 UTC 2023
Am 09.02.23 um 15:11 schrieb Matthew Wilcox:
> On Thu, Feb 09, 2023 at 02:55:59PM +0100, Stefan Metzmacher wrote:
>> Hi Linus and others,
>> as written in a private mail before, I'm currently trying to
>> make use of IORING_OP_SPLICE in order to get zero copy support
>> in Samba.
> I have to ask why. In a modern network, isn't all data encrypted?
No people use plain connections for performance sensitive
workloads and have client and server in isolated vlans.
> So you have to encrypt into a different buffer, and then you checksum
> that buffer. So it doesn't matter if writes can change the page cache
> after you called splice(), you just need to have the data be consistent
> so the checksum doesn't change.
SMB offers checksuming (signing) only as well as authenticated
For signing only I experimented with splice() in combination with
tee(), so that I can checksum the data after reading from tee,
while I can still splice() into the socket.
For encryption the async_memcpy flag to preadv2 could be usefull
if we keep using userspace encryption using gnutls.
If using the kernel crypto socket, we could also use splice to
add the file data into the crypto functions and the same problem
can happen, because some algorithms may encrypt and sign the data
in separate steps and it doesn't expect the data to be changed.
More information about the samba-technical