| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20251230224137.3600355-1-rjethwani@purestorage.com> Date: Tue, 30 Dec 2025 15:41:35 -0700 From: Rishikesh Jethwani <rjethwani@...estorage.com> To: netdev@...r.kernel.org Cc: saeedm@...dia.com, tariqt@...dia.com, mbloch@...dia.com, borisp@...dia.com, john.fastabend@...il.com, kuba@...nel.org, sd@...asysnail.net, davem@...emloft.net, Rishikesh Jethwani <rjethwani@...estorage.com> Subject: [PATCH net-next 0/2] tls: Add TLS 1.3 hardware offload support Hi all, This patch series adds TLS 1.3 support to the kernel TLS hardware offload infrastructure, enabling hardware acceleration for TLS 1.3 connections. Background ========== Currently, the kernel TLS device offload only supports TLS 1.2. With TLS 1.3 being the current standard and widely deployed, there is a growing need to extend hardware offload support to TLS 1.3 connections. TLS 1.3 differs from TLS 1.2 in its record format: TLS 1.2: [Header (5)] + [Explicit IV (8)] + [Ciphertext] + [Tag (16)] TLS 1.3: [Header (5)] + [Ciphertext + ContentType (1)] + [Tag (16)] The key difference is that TLS 1.3 eliminates the explicit IV and instead appends the content type byte to the plaintext before encryption. This content type byte must be encrypted along with the payload for proper authentication tag computation per RFC 8446. Patch 1: Core TLS infrastructure (tls_device.c) ================================================ - Extended version validation to accept TLS_1_3_VERSION in both tls_set_device_offload() and tls_set_device_offload_rx() - Modified tls_device_record_close() to append the content type byte before the authentication tag for TLS 1.3 records - Pre-populated dummy_page with valid record types for memory allocation failure fallback path Patch 2: mlx5 driver enablement =============================== - TLS 1.3 version detection and validation with proper capability checking - TLS 1.3 crypto context configuration using MLX5E_STATIC_PARAMS_CONTEXT_TLS_1_3 - Correct IV handling for TLS 1.3 (12-byte IV vs TLS 1.2's 4-byte salt) - Hardware offload for both TLS 1.3 AES-GCM-128 and AES-GCM-256 Testing ======= Tested on the following hardware: - Broadcom BCM957608 (Thor 2) - Mellanox ConnectX-6 Dx (Crypto Enabled) Both TX and RX hardware offload verified working with: - TLS 1.3 AES-GCM-128 - TLS 1.3 AES-GCM-256 Test methodology: ktls_test : https://github.com/insanum/ktls_test/tree/master Please review and provide feedback. Thanks, Rishikesh Rishikesh Jethwani (2): tls: TLS 1.3 hardware offload support mlx5: TLS 1.3 hardware offload support drivers/net/ethernet/mellanox/mlx5/core/en_accel/ktls.h | 8 ++++- drivers/net/ethernet/mellanox/mlx5/core/en_accel/ktls_txrx.c | 14 +++++++--- net/tls/tls_device.c | 48 +++++++++++++++++++++++++++++++++++++++++--- 3 files changed, 63 insertions(+), 7 deletions(-) -- 2.25.1
Powered by blists - more mailing lists