13-15 November 2018
America/Vancouver timezone

Combining kTLS and BPF for Introspection and Policy Enforcement

14 Nov 2018, 09:55
35m
Junior-Ballroom-C (Sheraton Vancouver Wall Center)

Junior-Ballroom-C

Sheraton Vancouver Wall Center

67

Speakers

Daniel Borkmann (Cilium) John Fastabend (Cilium)

Description

This talk is divided into two parts, first we present on kTLS, the current kernel's
sockmap BPF architecture for L7 policy enforcement, as well as the kernel's ULP and
strparser framework which is utilized by both in order to hook into socket callbacks
and determine message boundaries for subsequent processing.

We further elaborate on the challenges we face when trying to combine kTLS with the
power of BPF for the eventual goal of allowing in-kernel introspection and policy
enforcement of application data before encryption. Besides others, this includes a
discussion on various approaches to address the shortcomings of the current ULP layer,
optimizations for strparser, and the consolidation of scatter/gather processing for
kTLS and sockmap as well as future work on top of that.

Presentation Materials

Platinum sponsors

Gold sponsors

Silver sponsors

Catchbox sponsor
T-Shirt sponsor
Breakfast sponsor
Your browser is out of date!

Update your browser to view this website correctly. Update my browser now

×