| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAKaoeS0f7z_pjJhij8dFpgPPJfiWGsn25k6rgBUMUM4wiFHurA@mail.gmail.com> Date: Fri, 23 Jan 2026 11:03:44 -0800 From: Rishikesh Jethwani <rjethwani@...estorage.com> To: Jakub Kicinski <kuba@...nel.org> Cc: netdev@...r.kernel.org, saeedm@...dia.com, tariqt@...dia.com, mbloch@...dia.com, borisp@...dia.com, john.fastabend@...il.com, sd@...asysnail.net, davem@...emloft.net, pabeni@...hat.com, edumazet@...gle.com, leon@...nel.org Subject: Re: [PATCH v5 0/3] tls: Add TLS 1.3 hardware offload support On Thu, Jan 22, 2026 at 5:48 PM Jakub Kicinski <kuba@...nel.org> wrote: > > On Thu, 22 Jan 2026 12:28:48 -0700 Rishikesh Jethwani wrote: > > - Rekey handling: HW offload key update (rekey) is not yet supported. > > Not sure this series will be merged without rekeying. > We'll need to discuss pros and cons. Rekey support is in [PATCH v5 2/3]. Split into a separate patch to make review easier. > > Testing > > ======= > > Tested on Mellanox ConnectX-6 Dx (Crypto Enabled). > > > > Both TX and RX hardware offload verified working with: > > - TLS 1.3 AES-GCM-128 > > - TLS 1.3 AES-GCM-256 > > - Multiple KeyUpdate cycles (rekey) > > > > Test methodology: ktls_test : https://github.com/insanum/ktls_test/tree/master > > > > Please review and provide feedback. > > Selftests are a hard requirement, I already shared a link with more > info with you. I will run the existing TLS selftests to verify no regressions.
Powered by blists - more mailing lists