From: Hannes Reinecke <hare@suse.de>
To: Alistair Francis <alistair23@gmail.com>
Cc: chuck.lever@oracle.com, hare@kernel.org,
kernel-tls-handshake@lists.linux.dev, netdev@vger.kernel.org,
linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org,
linux-nvme@lists.infradead.org, linux-nfs@vger.kernel.org,
kbusch@kernel.org, axboe@kernel.dk, hch@lst.de, sagi@grimberg.me,
kch@nvidia.com, Alistair Francis <alistair.francis@wdc.com>
Subject: Re: [PATCH v2 6/7] nvme-tcp: Support KeyUpdate
Date: Wed, 17 Sep 2025 12:12:32 +0200 [thread overview]
Message-ID: <e168255c-82a0-4b9a-b155-cb90e6162870@suse.de> (raw)
In-Reply-To: <CAKmqyKM6_Fp9rc5Fz0qCsNq7yCGGb-o66XhycJez2nzcEs5GmA@mail.gmail.com>
On 9/17/25 05:14, Alistair Francis wrote:
> On Tue, Sep 16, 2025 at 11:04 PM Hannes Reinecke <hare@suse.de> wrote:
>>
[ .. ]
>> Oh bugger. Seems like gnutls is generating the KeyUpdate message
>> itself, and we have to wait for that.
>
> Yes, we have gnutls generate the message.
>
>> So much for KeyUpdate being transparent without having to stop I/O...
>>
>> Can't we fix gnutls to make sending the KeyUpdate message and changing
>> the IV parameters an atomic operation? That would be a far better
>
> I'm not sure I follow.
>
> ktls-utils will first restore the gnutls session. Then have gnutls
> trigger a KeyUpdate.gnutls will send a KeyUpdate and then tell the
> kernel the new keys. The kernel cannot send or encrypt any data after
> the KeyUpdate has been sent until the keys are updated.
>
> I don't see how we could make it an atomic operation. We have to stop
> the traffic between sending a KeyUpdate and updating the keys.
> Otherwise we will send invalid data.
>
Fully agree with that.
But thing is, the KeyUpdate message is a unidirectional thing.
Host A initiating a KeyUpdate must only change the _sender_ side
keys after sending a KeyUpdate message to host B; the receiver
side keys on host A can only be update once it received the
corresponding KeyUpdate from host B. If both keys on host A
are modified at the same time we cannot receive the KeyUpdate
message from host B as that will be encoded with the old
keys ...
I wonder how that can be modeled in gnutls; I only see
gnutls_session_key_update() which apparently will update both
keys at once.
Which would fit perfectly for host B receiving the initial KeyUpdate,
(and is probably the reason why you did that side first :-)
but what to do for host A?
Looking at the code gnutls seem to expect to read the handshake
message from the socket, but that message is already processed by
the in-kernel TLS socket.
So either we need to patch gnutls or push a fake handshake
message onto the socket for gnutls to read. Bah.
Cheers,
Hannes
--
Dr. Hannes Reinecke Kernel Storage Architect
hare@suse.de +49 911 74053 688
SUSE Software Solutions GmbH, Frankenstr. 146, 90461 Nürnberg
HRB 36809 (AG Nürnberg), GF: I. Totev, A. McDonald, W. Knoblich
next prev parent reply other threads:[~2025-09-17 10:12 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-05 2:46 [PATCH v2 0/7] nvme-tcp: Support receiving KeyUpdate requests alistair23
2025-09-05 2:46 ` [PATCH v2 1/7] net/handshake: Store the key serial number on completion alistair23
2025-09-05 13:18 ` Simon Horman
2025-09-05 2:46 ` [PATCH v2 2/7] net/handshake: Make handshake_req_cancel public alistair23
2025-09-05 14:11 ` kernel test robot
2025-09-05 2:46 ` [PATCH v2 3/7] net/handshake: Expose handshake_sk_destruct_req publically alistair23
2025-09-05 2:46 ` [PATCH v2 4/7] nvmet: Expose nvmet_stop_keep_alive_timer publically alistair23
2025-09-05 2:46 ` [PATCH v2 5/7] net/handshake: Support KeyUpdate message types alistair23
2025-09-05 13:23 ` Simon Horman
2025-09-05 2:46 ` [PATCH v2 6/7] nvme-tcp: Support KeyUpdate alistair23
2025-09-16 13:04 ` Hannes Reinecke
2025-09-17 3:14 ` Alistair Francis
2025-09-17 10:12 ` Hannes Reinecke [this message]
2025-09-17 10:56 ` Alistair Francis
2025-09-05 2:46 ` [PATCH v2 7/7] nvmet-tcp: " alistair23
2025-09-05 5:52 ` Maurizio Lombardi
2025-09-05 13:19 ` Maurizio Lombardi
2025-09-05 13:25 ` Simon Horman
2025-09-05 14:01 ` kernel test robot
2025-09-15 11:44 ` [PATCH v2 0/7] nvme-tcp: Support receiving KeyUpdate requests Hannes Reinecke
2025-09-15 16:31 ` Olga Kornievskaia
2025-09-16 0:50 ` Alistair Francis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e168255c-82a0-4b9a-b155-cb90e6162870@suse.de \
--to=hare@suse.de \
--cc=alistair.francis@wdc.com \
--cc=alistair23@gmail.com \
--cc=axboe@kernel.dk \
--cc=chuck.lever@oracle.com \
--cc=hare@kernel.org \
--cc=hch@lst.de \
--cc=kbusch@kernel.org \
--cc=kch@nvidia.com \
--cc=kernel-tls-handshake@lists.linux.dev \
--cc=linux-doc@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
--cc=linux-nvme@lists.infradead.org \
--cc=netdev@vger.kernel.org \
--cc=sagi@grimberg.me \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox