On Tue, Nov 17, 2015 at 09:26:57PM +0000, Short, Todd wrote: > Embedded systems don�t have the luxury of mbuf-type of buffer scheme (as > you describe for NSS). Many have ethernet-frame sized buffers in > locked/pinned memory that read in a whole ethernet frame, and then strip > off headers by advancing pointers into the frame. This minimizes copies, > and the goal is to have a zero-copy network stack.
Right, both IP and TCP add padding after options to align the payload on a 32-bit boundary. So the TLS record layer always starts at a 32-bit aligned address, which ensures that the record payload is always misaligned. Padding the record header with zeros to the next multiple of 32-bits could plausibly improve the performance of bare-metal zero-copy implementations. -- Viktor. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls