Kernel-level SSL Software


The patched Linux source trees are also provided: You may use these patches with other versions of linux kernel and OpenSSL and other architectures although you need modification by hand to apply the patches. Note that you adjust the system call number of 'certctl' in arch/i386/entry.S and include/asm-i386/unistd.h if you use another version of linux kernel.


  1. Extract the source code of the Linux kernel.
  2. Extract the source code of the OpenSSL on top of the kernel source tree.
  3. Extract the kssl-*.tar.gz package on top of the kernel source tree. The whole source tree is like:
       linux-2.* -+- openssl-0.9.*/
                  +- install
                  +- kssl-kernel-kssl.tar.gz
                  +- kssl-kernel.patch.gz
                  +- kssl-openssl-makefiles.tar.gz
                  +- kssl-openssl.patch.gz
  4. Change the current directory to linux-2.* and run ./install.
  5. Select Kernel SSL in the toplevel kernel configuration.

Sample programs

They include a server and a client for kernel SSL. When you run the server and then the client on the same host, these communicate some messages using SSL.