Google Git
Sign in
quiche / quiche / 434c4c0b1d32a5462499c0a1006c785b4a766bb6
commit434c4c0b1d32a5462499c0a1006c785b4a766bb6[log] [tgz]
authorQUICHE team <quiche-dev@google.com>Thu Sep 10 07:27:56 2020 -0700
committerCopybara-Service <copybara-worker@google.com>Thu Sep 10 07:28:27 2020 -0700
tree90b39dbf16c09a27776730e1a5d27a5c7bd2e90c
parentd5e8c8e71d9e2bd70157750e6ac432663c46d8f8 [diff]
Self-instrument for QUIC library via setsockopt for on-host-monitoring.

go/secure-protocols-on-host-detection is our design to implement
on-host monitoring for connection tracking. It requires code creating
sockets to tag the socket through an additional syscall. Most of our
traffic is covered through Stubby, but Quic also generates a lot of
traffic and manages raw sockets itself.

This CL should close the monitoring gap for Quic.

Given that we already do setsockopt tagging inside Stubby2 and GRPC (which the GFE uses), we chose not to flag protect this code path, as this is basically a tested feature at this point. Please see CL Discussion.

gfe-relnote: Self-instrument for QUIC library via setsockopt for on-host-monitoring.
PiperOrigin-RevId: 330932821
Change-Id: Ibf83cbdbe6792119b83e702e0f702b22bcb6253d
2 files changed
tree: 90b39dbf16c09a27776730e1a5d27a5c7bd2e90c
  1. common/
  2. epoll_server/
  3. http2/
  4. quic/
  5. spdy/
  6. CONTRIBUTING.md
  7. LICENSE
  8. README.md
README.md

QUICHE

QUICHE (QUIC, Http/2, Etc) is Google‘s implementation of QUIC and related protocols. It powers Chromium as well as Google’s QUIC servers and some other projects.