copy on write for splice() from file to pipe?
Herbert Xu
herbert at gondor.apana.org.au
Mon Feb 20 04:54:44 UTC 2023
On Fri, Feb 17, 2023 at 03:13:14PM -0800, Andy Lutomirski wrote:
>
> I can certainly imagine TLS or similar protocols breaking if data
> changes if the implementation is too clever and retransmission
> happens. Suppose 2000 bytes are sent via splice using in-kernel TLS,
> and it goes out on the wire as two TCP segments. The first segment is
> dropped but the second is received. The kernel resends the first
> segment using different data. This really ought to cause an integrity
> check at the far end to fail.
The TLS layer is completely separate from TCP so it's like any
normal TCP user from user-space. IOW the encrypted data will be
held by TCP until acknowledged so during retransmission it will
simply resend the previously encrypted data rather than encrypting
the same data twice.
Cheers,
--
Email: Herbert Xu <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
More information about the samba-technical
mailing list