From: Sabrina Dubroca <sd@queasysnail.net>
To: Rishikesh Jethwani <rjethwani@everpuredata.com>
Cc: netdev@vger.kernel.org, saeedm@nvidia.com, tariqt@nvidia.com,
mbloch@nvidia.com, borisp@nvidia.com, john.fastabend@gmail.com,
kuba@kernel.org, davem@davemloft.net, pabeni@redhat.com,
edumazet@google.com, leon@kernel.org
Subject: Re: [PATCH v13 5/6] tls: add hardware offload key update support
Date: Thu, 21 May 2026 15:57:23 +0200 [thread overview]
Message-ID: <ag8PQ2pxvKMHglWV@krikkit> (raw)
In-Reply-To: <CAKaoeS2=W-WFxAmo2M_FOzS4d65L-1WM+3CJ2x3dy0U0NvMapA@mail.gmail.com>
2026-05-12, 10:55:35 -0700, Rishikesh Jethwani wrote:
> > Not blaming you for NIC behavior, but... the NIC passes up as
> > "decrypted" records that have failed decryption (because it was using
> > the wrong (old) key), or passes as "encrypted" the incorrectly
> > decrypted data (that it has "decrypted" with the old key)?
> >
> > Or this is only the first record(s) after the KeyUpdate message, if
> > they fall within the same packet, the whole packet was "decrypted"
> > with the old key but only the KeyUpdate itself (and maybe some more
> > records before it) decrypted correctly ; but subsequent packets get
> > passed as !decrypted and don't need this reencrypt dance?
> >
> > (this is maybe more of a question for Tariq or the other @nvidia
> > folks)
> >
> >
> > I haven't reviewed the whole patch at this point, because of Paolo's
> > suggestion and this confusion with the RX rekey.
> >
> > The traces show how both NICs behave during the key transition:
>
> Broadcom (NIC preserves decrypted flags):
> - decrypted=1: NIC fully decrypted these with the old key; one reencrypt
> pass (retry=0) re-encrypts those frags back to ciphertext, then SW decrypts
> with the new key.
> - encrypted=0, decrypted=0: boundary-straddling record; same single
> reencrypt pass.
> - encrypted=1: NIC never touched these; SW decrypts directly with the new
> key.
>
> Mellanox (NIC clears decrypted flags on auth failure):
> - encrypted=0, decrypted=0: NIC partially processed the record but
> cleared all decrypted flags on auth failure. retry=0 reencrypts with the
> wrong frag interpretation and gets EBADMSG; retry=1 toggles the flags and
> succeeds.
> - encrypted=1: NIC reported these as untouched; SW decrypts directly.
>
> The retry path exists specifically for the Mellanox case: cleared flags
> hide which frags the NIC actually touched, so the first pass may pick the
> wrong interpretation and need to flip it.
Thanks for describing this.
I don't think the core TLS implementation should implement workarounds
for HW/drivers doing strange things. IMO this should instead be
stuffed into a driver CB, which would implement the necessary steps to
perform during a rekey.
The core can provide a helper, but I would move the whole
"reencrypt+maybe retry" logic to a CB.
--
Sabrina
next prev parent reply other threads:[~2026-05-21 13:57 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-29 18:10 [PATCH net-next v13 0/6] tls: Add TLS 1.3 hardware offload support Rishikesh Jethwani
2026-04-29 18:10 ` [PATCH v13 1/6] net: tls: reject TLS 1.3 offload in chcr_ktls and nfp drivers Rishikesh Jethwani
2026-04-29 18:10 ` [PATCH v13 2/6] net/mlx5e: add TLS 1.3 hardware offload support Rishikesh Jethwani
2026-04-29 18:10 ` [PATCH v13 3/6] tls: " Rishikesh Jethwani
2026-04-29 18:10 ` [PATCH v13 4/6] tls: split tls_set_sw_offload into init and finalize stages Rishikesh Jethwani
2026-04-29 18:10 ` [PATCH v13 5/6] tls: add hardware offload key update support Rishikesh Jethwani
2026-05-05 8:40 ` Paolo Abeni
2026-05-05 8:41 ` Paolo Abeni
2026-05-06 10:37 ` Sabrina Dubroca
2026-05-06 11:30 ` Sabrina Dubroca
[not found] ` <CAKaoeS2=W-WFxAmo2M_FOzS4d65L-1WM+3CJ2x3dy0U0NvMapA@mail.gmail.com>
2026-05-21 13:57 ` Sabrina Dubroca [this message]
2026-04-29 18:10 ` [PATCH v13 6/6] selftests: net: add TLS hardware offload test Rishikesh Jethwani
2026-05-06 17:07 ` Sabrina Dubroca
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ag8PQ2pxvKMHglWV@krikkit \
--to=sd@queasysnail.net \
--cc=borisp@nvidia.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=john.fastabend@gmail.com \
--cc=kuba@kernel.org \
--cc=leon@kernel.org \
--cc=mbloch@nvidia.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=rjethwani@everpuredata.com \
--cc=saeedm@nvidia.com \
--cc=tariqt@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.