lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <1affa813-f977-4815-8eef-b4701785fb11@nvidia.com>
Date: Sun, 4 Jan 2026 23:07:07 +0200
From: Mark Bloch <mbloch@...dia.com>
To: Rishikesh Jethwani <rjethwani@...estorage.com>, netdev@...r.kernel.org
Cc: saeedm@...dia.com, tariqt@...dia.com, borisp@...dia.com,
 john.fastabend@...il.com, kuba@...nel.org, sd@...asysnail.net,
 davem@...emloft.net
Subject: Re: [PATCH] mlx5: TLS 1.3 hardware offload support



On 31/12/2025 0:41, Rishikesh Jethwani wrote:
> Add TLS 1.3 hardware offload support to mlx5 driver, enabling both
> TX and RX hardware acceleration for TLS 1.3 connections on Mellanox
> ConnectX-6 Dx and newer adapters.
> 
> This patch enables:
> - TLS 1.3 version detection and validation with proper capability
> checking
> - TLS 1.3 crypto context configuration using
> MLX5E_STATIC_PARAMS_CONTEXT_TLS_1_3 (0x3)
> - Correct IV handling for TLS 1.3 (12-byte IV vs TLS 1.2's 4-byte salt)
> - Hardware offload for both TLS 1.3 AES-GCM-128 and AES-GCM-256 cipher
> suites
> 
> Key differences from TLS 1.2:
> - TLS 1.2: Only 4-byte salt copied to gcm_iv, explicit IV in each record
> - TLS 1.3: Full 12-byte IV (salt + iv) copied to gcm_iv + implicit_iv
>   * salt (4 bytes) → gcm_iv[0:3]
>   * iv (8 bytes)   → gcm_iv[4:7] + implicit_iv[0:3]
>   * Note: gcm_iv and implicit_iv are contiguous in memory
> 
> The EXTRACT_INFO_FIELDS macro is updated to also extract the 'iv' field
> which is needed for TLS 1.3.
> 
> Testing:
> Verified on Mellanox ConnectX-6 Dx (Crypto Enabled) (MT2892) using
> ktls_test suite. Both TX and RX hardware offload working successfully
> with TLS 1.3 AES-GCM-128 and AES-GCM-256 cipher suites.
> 

Thanks for the patch.

Some of the team is still returning from the holiday break,
so testing may take a little time. That said, we’ll start
testing internally as soon as possible and will update once
we have results.

Thanks for your patience.

Mark

> Signed-off-by: Rishikesh Jethwani <rjethwani@...estorage.com>
> ---
>  .../mellanox/mlx5/core/en_accel/ktls.h        |  8 +++++-
>  .../mellanox/mlx5/core/en_accel/ktls_txrx.c   | 14 ++++++++++++++++---
>  2 files changed, 18 insertions(+), 4 deletions(-)
> 
> diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ktls.h b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ktls.h
> index f11075e67658..b2d4f887582c 100644
> --- a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ktls.h
> +++ b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ktls.h
> @@ -29,7 +29,9 @@ static inline bool mlx5e_is_ktls_device(struct mlx5_core_dev *mdev)
>  		return false;
>  
>  	return (MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_128) ||
> -		MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_256));
> +		MLX5_CAP_TLS(mdev, tls_1_2_aes_gcm_256) ||
> +		MLX5_CAP_TLS(mdev, tls_1_3_aes_gcm_128) ||
> +		MLX5_CAP_TLS(mdev, tls_1_3_aes_gcm_256));
>  }
>  
>  static inline bool mlx5e_ktls_type_check(struct mlx5_core_dev *mdev,
> @@ -39,10 +41,14 @@ static inline bool mlx5e_ktls_type_check(struct mlx5_core_dev *mdev,
>  	case TLS_CIPHER_AES_GCM_128:
>  		if (crypto_info->version == TLS_1_2_VERSION)
>  			return MLX5_CAP_TLS(mdev,  tls_1_2_aes_gcm_128);
> +		else if (crypto_info->version == TLS_1_3_VERSION)
> +			return MLX5_CAP_TLS(mdev,  tls_1_3_aes_gcm_128);
>  		break;
>  	case TLS_CIPHER_AES_GCM_256:
>  		if (crypto_info->version == TLS_1_2_VERSION)
>  			return MLX5_CAP_TLS(mdev,  tls_1_2_aes_gcm_256);
> +		else if (crypto_info->version == TLS_1_3_VERSION)
> +			return MLX5_CAP_TLS(mdev,  tls_1_3_aes_gcm_256);
>  		break;
>  	}
>  
> diff --git a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ktls_txrx.c b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ktls_txrx.c
> index 570a912dd6fa..2e845f88a86c 100644
> --- a/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ktls_txrx.c
> +++ b/drivers/net/ethernet/mellanox/mlx5/core/en_accel/ktls_txrx.c
> @@ -6,6 +6,7 @@
>  
>  enum {
>  	MLX5E_STATIC_PARAMS_CONTEXT_TLS_1_2 = 0x2,
> +	MLX5E_STATIC_PARAMS_CONTEXT_TLS_1_3 = 0x3,
>  };
>  
>  enum {
> @@ -15,8 +16,10 @@ enum {
>  #define EXTRACT_INFO_FIELDS do { \
>  	salt    = info->salt;    \
>  	rec_seq = info->rec_seq; \
> +	iv      = info->iv;      \
>  	salt_sz    = sizeof(info->salt);    \
>  	rec_seq_sz = sizeof(info->rec_seq); \
> +	iv_sz      = sizeof(info->iv);      \
>  } while (0)
>  
>  static void
> @@ -25,8 +28,8 @@ fill_static_params(struct mlx5_wqe_tls_static_params_seg *params,
>  		   u32 key_id, u32 resync_tcp_sn)
>  {
>  	char *initial_rn, *gcm_iv;
> -	u16 salt_sz, rec_seq_sz;
> -	char *salt, *rec_seq;
> +	u16 salt_sz, rec_seq_sz, iv_sz;
> +	char *salt, *rec_seq, *iv;
>  	u8 tls_version;
>  	u8 *ctx;
>  
> @@ -59,7 +62,12 @@ fill_static_params(struct mlx5_wqe_tls_static_params_seg *params,
>  	memcpy(gcm_iv,      salt,    salt_sz);
>  	memcpy(initial_rn,  rec_seq, rec_seq_sz);
>  
> -	tls_version = MLX5E_STATIC_PARAMS_CONTEXT_TLS_1_2;
> +	if (crypto_info->crypto_info.version == TLS_1_3_VERSION) {
> +		memcpy(gcm_iv + salt_sz, iv, iv_sz);
> +		tls_version = MLX5E_STATIC_PARAMS_CONTEXT_TLS_1_3;
> +	} else {
> +		tls_version = MLX5E_STATIC_PARAMS_CONTEXT_TLS_1_2;
> +	}
>  
>  	MLX5_SET(tls_static_params, ctx, tls_version, tls_version);
>  	MLX5_SET(tls_static_params, ctx, const_1, 1);

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ