| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250815050210.1518439-1-alistair.francis@wdc.com> Date: Fri, 15 Aug 2025 15:02:02 +1000 From: alistair23@...il.com To: chuck.lever@...cle.com, hare@...nel.org, kernel-tls-handshake@...ts.linux.dev, netdev@...r.kernel.org, linux-kernel@...r.kernel.org, linux-doc@...r.kernel.org, linux-nvme@...ts.infradead.org, linux-nfs@...r.kernel.org Cc: kbusch@...nel.org, axboe@...nel.dk, hch@....de, sagi@...mberg.me, kch@...dia.com, alistair23@...il.com, Alistair Francis <alistair.francis@....com> Subject: [PATCH 0/8] nvme-tcp: Support receiving KeyUpdate requests From: Alistair Francis <alistair.francis@....com> The TLS 1.3 specification allows the TLS client or server to send a KeyUpdate. This is generally used when the sequence is about to overflow or after a certain amount of bytes have been encrypted. The TLS spec doesn't mandate the conditions though, so a KeyUpdate can be sent by the TLS client or server at any time. This includes when running NVMe-OF over a TLS 1.3 connection. As such Linux should be able to handle a KeyUpdate event, as the other NVMe side could initiate a KeyUpdate. Upcoming WD NVMe-TCP hardware controllers implement TLS support and send KeyUpdate requests. This series builds on top of the existing TLS EKEYEXPIRED work, which already detects a KeyUpdate request. We can now pass that information up to the NVMe layer (target and host) and then pass it up to userspace. Userspace (ktls-utils) will need to save the connection state in the keyring during the initial handshake. The kernel then provides the key serial back to userspace when handling a KeyUpdate. Userspace can use this to restore the connection information and then update the keys, this final process is similar to the initial handshake. Link: https://datatracker.ietf.org/doc/html/rfc8446#section-4.6.3 Alistair Francis (8): net/handshake: Store the key serial number on completion net/handshake: Make handshake_req_cancel public net/handshake: Expose handshake_sk_destruct_req publically tls: Allow callers to clear errors net/handshake: Support KeyUpdate message types nvme-tcp: Support KeyUpdate net/handshake: Support decoding the HandshakeType nvmet-tcp: Support KeyUpdate Documentation/netlink/specs/handshake.yaml | 19 +++++- Documentation/networking/tls-handshake.rst | 4 +- drivers/nvme/host/tcp.c | 78 ++++++++++++++++++++-- drivers/nvme/target/tcp.c | 71 ++++++++++++++++++-- include/net/handshake.h | 18 ++++- include/net/tls.h | 6 ++ include/net/tls_prot.h | 17 +++++ include/uapi/linux/handshake.h | 14 ++++ net/handshake/alert.c | 26 ++++++++ net/handshake/genl.c | 5 +- net/handshake/handshake-test.c | 1 + net/handshake/handshake.h | 1 - net/handshake/request.c | 17 +++++ net/handshake/tlshd.c | 46 +++++++++++-- net/sunrpc/svcsock.c | 3 +- net/sunrpc/xprtsock.c | 3 +- 16 files changed, 300 insertions(+), 29 deletions(-) -- 2.50.1
Powered by blists - more mailing lists