From: Wilfred Mallawa <wilfred.opensource@gmail.com>
To: alistair.francis@wdc.com, dlemoal@kernel.org,
chuck.lever@oracle.com, davem@davemloft.net, edumazet@google.com,
kuba@kernel.org, pabeni@redhat.com, horms@kernel.org,
donald.hunter@gmail.com, corbet@lwn.net, kbusch@kernel.org,
axboe@kernel.dk, hch@lst.de, sagi@grimberg.me, kch@nvidia.com,
borisp@nvidia.com, john.fastabend@gmail.com, jlayton@kernel.org,
neil@brown.name, okorniev@redhat.com, Dai.Ngo@oracle.com,
tom@talpey.com, trondmy@kernel.org, anna@kernel.org,
kernel-tls-handshake@lists.linux.dev, netdev@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org,
linux-nvme@lists.infradead.org, linux-nfs@vger.kernel.org,
Wilfred Mallawa <wilfred.mallawa@wdc.com>
Subject: [RFC 2/4] net/tls/tls_sw: use the record size limit specified
Date: Tue, 29 Jul 2025 12:41:50 +1000 [thread overview]
Message-ID: <20250729024150.222513-5-wilfred.opensource@gmail.com> (raw)
In-Reply-To: <20250729024150.222513-2-wilfred.opensource@gmail.com>
From: Wilfred Mallawa <wilfred.mallawa@wdc.com>
Currently, for tls_sw, the kernel uses the default 16K
TLS_MAX_PAYLOAD_SIZE for records. However, if an endpoint has specified
a record size much lower than that, it is currently not respected.
This patch adds support to using the record size limit specified by an
endpoint if it has been set.
Signed-off-by: Wilfred Mallawa <wilfred.mallawa@wdc.com>
---
include/net/tls.h | 1 +
net/tls/tls_sw.c | 10 +++++++++-
2 files changed, 10 insertions(+), 1 deletion(-)
diff --git a/include/net/tls.h b/include/net/tls.h
index 857340338b69..6248beb4a6c1 100644
--- a/include/net/tls.h
+++ b/include/net/tls.h
@@ -241,6 +241,7 @@ struct tls_context {
struct scatterlist *partially_sent_record;
u16 partially_sent_offset;
+ u32 tls_record_size_limit;
bool splicing_pages;
bool pending_open_record_frags;
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index fc88e34b7f33..4c64f1436832 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -1024,6 +1024,7 @@ static int tls_sw_sendmsg_locked(struct sock *sk, struct msghdr *msg,
ssize_t copied = 0;
struct sk_msg *msg_pl, *msg_en;
struct tls_rec *rec;
+ u32 tls_record_size_limit;
int required_size;
int num_async = 0;
bool full_record;
@@ -1045,6 +1046,13 @@ static int tls_sw_sendmsg_locked(struct sock *sk, struct msghdr *msg,
}
}
+ if (tls_ctx->tls_record_size_limit > 0) {
+ tls_record_size_limit = min(tls_ctx->tls_record_size_limit,
+ TLS_MAX_PAYLOAD_SIZE);
+ } else {
+ tls_record_size_limit = TLS_MAX_PAYLOAD_SIZE;
+ }
+
while (msg_data_left(msg)) {
if (sk->sk_err) {
ret = -sk->sk_err;
@@ -1066,7 +1074,7 @@ static int tls_sw_sendmsg_locked(struct sock *sk, struct msghdr *msg,
orig_size = msg_pl->sg.size;
full_record = false;
try_to_copy = msg_data_left(msg);
- record_room = TLS_MAX_PAYLOAD_SIZE - msg_pl->sg.size;
+ record_room = tls_record_size_limit - msg_pl->sg.size;
if (try_to_copy >= record_room) {
try_to_copy = record_room;
full_record = true;
--
2.50.1
next prev parent reply other threads:[~2025-07-29 7:43 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-29 2:41 [RFC 0/4] net/tls: add support for the record size limit extension Wilfred Mallawa
2025-07-29 2:41 ` [RFC 1/4] net/handshake: get negotiated tls record size limit Wilfred Mallawa
2025-07-29 8:07 ` Damien Le Moal
2025-07-29 8:12 ` Hannes Reinecke
2025-08-07 0:03 ` Wilfred Mallawa
2025-07-29 2:41 ` Wilfred Mallawa [this message]
2025-07-29 8:13 ` [RFC 2/4] net/tls/tls_sw: use the record size limit specified Damien Le Moal
2025-08-07 0:04 ` Wilfred Mallawa
2025-07-29 2:41 ` [RFC 3/4] nvme/host/tcp: set max record size in the tls context Wilfred Mallawa
2025-07-29 8:16 ` Hannes Reinecke
2025-07-29 2:41 ` [RFC 4/4] nvme/target/tcp: " Wilfred Mallawa
2025-07-29 8:16 ` Hannes Reinecke
2025-07-29 13:37 ` [RFC 0/4] net/tls: add support for the record size limit extension Chuck Lever
2025-08-07 0:14 ` Wilfred Mallawa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250729024150.222513-5-wilfred.opensource@gmail.com \
--to=wilfred.opensource@gmail.com \
--cc=Dai.Ngo@oracle.com \
--cc=alistair.francis@wdc.com \
--cc=anna@kernel.org \
--cc=axboe@kernel.dk \
--cc=borisp@nvidia.com \
--cc=chuck.lever@oracle.com \
--cc=corbet@lwn.net \
--cc=davem@davemloft.net \
--cc=dlemoal@kernel.org \
--cc=donald.hunter@gmail.com \
--cc=edumazet@google.com \
--cc=hch@lst.de \
--cc=horms@kernel.org \
--cc=jlayton@kernel.org \
--cc=john.fastabend@gmail.com \
--cc=kbusch@kernel.org \
--cc=kch@nvidia.com \
--cc=kernel-tls-handshake@lists.linux.dev \
--cc=kuba@kernel.org \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
--cc=linux-nvme@lists.infradead.org \
--cc=neil@brown.name \
--cc=netdev@vger.kernel.org \
--cc=okorniev@redhat.com \
--cc=pabeni@redhat.com \
--cc=sagi@grimberg.me \
--cc=tom@talpey.com \
--cc=trondmy@kernel.org \
--cc=wilfred.mallawa@wdc.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).