Re: Question regarding TLS Key update for NVMe-TCP protocol

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Sabrina Dubroca <sd@queasysnail.net>
To: Hannes Reinecke <hare@suse.de>
Cc: Chuck Lever III <chuck.lever@oracle.com>,
	Narayan Ayalasomayajula <Narayan.Ayalasomayajula@wdc.com>,
	"fkrenzel@redhat.com" <fkrenzel@redhat.com>,
	kernel-tls-handshake <kernel-tls-handshake@lists.linux.dev>
Subject: Re: Question regarding TLS Key update for NVMe-TCP protocol
Date: Fri, 6 Dec 2024 16:40:56 +0100	[thread overview]
Message-ID: <Z1MbCCLxxd9hWgCg@hog> (raw)
In-Reply-To: <de5448a1-c5a6-4dab-afca-484eb9d6c445@suse.de>

2024-12-06, 15:26:08 +0100, Hannes Reinecke wrote:
> On 12/6/24 14:05, Sabrina Dubroca wrote:
> > 2024-12-06, 13:09:23 +0100, Hannes Reinecke wrote:
> > > But how does userspace get the KeyUpdate message in the first place?
> > > I _think_ we should get something like TLS_ALERT from the ktls stack.
> > > How is that implemented?
> > 
> > (talking strictly about "pure" ktls, not tls-handshake/tlshd)
> > 
> > Data records are passed to userspace via a simple recv(). Non-data
> > records (for example a KeyUpdate) need cmsg: the record type is
> > stuffed into a cmsg, the payload goes in the usual buffer. If the next
> > available record is non-data and no cmsg is provided, the read will
> > fail. See Documentation/networking/tls.rst (or
> > https://docs.kernel.org/networking/tls.html) for more details on how
> > cmsg is used.
> > 
> 
> Ah, right. And that's the issue.
> NVMe-TLS is using the 'read_sock()' interface, which doesn't do control
> messages. And changing it over to recvmsg() would not only be a major churn,
> but we also lose the ability to calculate data digests.
> 
> So if you have ideas how to handle that ...

But you have to use recvmsg for the control record if read_sock can't
read anything, which will happen when you hit a control record in the
stream. At this point you have to call recvmsg() to dequeue the
non-data record, process it, and then you can go back to read_sock
until the next non-data record arrives. Like a splice-based userspace
application, I guess. As long as you don't pop that control record
from the socket, you can't read the rest of the stream.

On the TX side, if you have to initiate a KeyUpdate because you've hit
the limit on the current key (or the peer sent its own KeyUpdate and
requested you to also update your key), you'll have to send that
KeyUpdate with sendmsg and the correct cmsg (see the selftest patch
for basic examples from a userspace program [1]).

[1] mainly TEST_F(tls, rekey), and maybe TEST_F(tls, splice_rekey) if
read_sock is similar enough to splice
https://lore.kernel.org/netdev/e00a6aed157b20573afbfc6c2353af2afa54f48e.1731597571.git.sd@queasysnail.net/

-- 
Sabrina

next prev parent reply	other threads:[~2024-12-06 15:40 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <BYAPR04MB53982DF8F2777C6D28A23067EF282@BYAPR04MB5398.namprd04.prod.outlook.com>
     [not found] ` <BYAPR04MB6102F3173201AF0983DB6166FF292@BYAPR04MB6102.namprd04.prod.outlook.com>
     [not found]   ` <BYAPR04MB5398745DD2E7E66981384342EF292@BYAPR04MB5398.namprd04.prod.outlook.com>
     [not found]     ` <BYAPR04MB61020B390B594196C8726D85FF292@BYAPR04MB6102.namprd04.prod.outlook.com>
     [not found]       ` <SN6PR04MB5406D4D68F82EBFFC1C580F3EF352@SN6PR04MB5406.namprd04.prod.outlook.com>
2024-12-02 18:50         ` Question regarding TLS Key update for NVMe-TCP protocol Chuck Lever III
2024-12-03  7:17           ` Hannes Reinecke
2024-12-03 14:33             ` Chuck Lever III
2024-12-03 15:20               ` Hannes Reinecke
2024-12-06 11:26                 ` Sabrina Dubroca
2024-12-06 12:09                   ` Hannes Reinecke
2024-12-06 13:05                     ` Sabrina Dubroca
2024-12-06 14:26                       ` Hannes Reinecke
2024-12-06 15:40                         ` Sabrina Dubroca [this message]
2024-12-06 16:23                           ` Hannes Reinecke
2024-12-06 17:04                             ` Chuck Lever
2024-12-06 15:22                   ` Chuck Lever

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Z1MbCCLxxd9hWgCg@hog \
    --to=sd@queasysnail.net \
    --cc=Narayan.Ayalasomayajula@wdc.com \
    --cc=chuck.lever@oracle.com \
    --cc=fkrenzel@redhat.com \
    --cc=hare@suse.de \
    --cc=kernel-tls-handshake@lists.linux.dev \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.