This implementation is against the upstream draft PSP protocol as published at https://github.com/wdebruij/psp/tree/linux-v5.15-psp-v1.1 This is for demonstration purposes only: an upstream Linux ABI is expected to look significantly different.
Tested:
Test psp scripts with a psp-capable tuntap device in qemu
step 1: build kernel with psp support
git clone https://github.com/wdebruij/psp.git
cd psp
git checkout origin/linux-v5.15-psp-v1.1
make defconfig
make kvm_guest.config
sed -i 's/#\ CONFIG_TUN\ is\ not\ set/CONFIG_TUN=y/' .config
make -j $(nproc) bzImage
step 2 inside qemu, build and run packetdrill
git clone github.com/google/packetdrill
cd gtests/net/packetdrill
make && make tests
PDIR=${PWD}
Add packetdrill support for the PSP encryption protocol, both in tunnel and transport mode.
For more information on PSP, see the architecture spec at https://github.com/google/psp/blob/main/doc/PSP_Arch_Spec.pdf
Implementation by to Dimitris Michailidis dmichail@google.com
This implementation is against the upstream draft PSP protocol as published at https://github.com/wdebruij/psp/tree/linux-v5.15-psp-v1.1 This is for demonstration purposes only: an upstream Linux ABI is expected to look significantly different.
Tested: Test psp scripts with a psp-capable tuntap device in qemu
step 1: build kernel with psp support
git clone https://github.com/wdebruij/psp.git cd psp git checkout origin/linux-v5.15-psp-v1.1 make defconfig make kvm_guest.config sed -i 's/#\ CONFIG_TUN\ is\ not\ set/CONFIG_TUN=y/' .config make -j $(nproc) bzImage
step 2 inside qemu, build and run packetdrill
git clone github.com/google/packetdrill cd gtests/net/packetdrill make && make tests PDIR=${PWD}
cd ../tcp $PDIR/in_netns.sh $PDIR/packetdrill --ip_version=ipv6 --mtu=1520 psp/psp_client_sockopt.pkt $PDIR/in_netns.sh $PDIR/packetdrill --ip_version=ipv6 --mtu=1520 psp/psp_server_sockopt.pkt