From: Chuck Lever <cel@kernel.org>
To: John Fastabend <john.fastabend@gmail.com>,
Jakub Kicinski <kuba@kernel.org>,
Sabrina Dubroca <sd@queasysnail.net>
Cc: Eric Dumazet <edumazet@google.com>,
Simon Horman <horms@kernel.org>, Paolo Abeni <pabeni@redhat.com>,
netdev@vger.kernel.org, kernel-tls-handshake@lists.linux.dev,
Chuck Lever <chuck.lever@oracle.com>,
Hannes Reinecke <hare@suse.de>, Sagi Grimberg <sagi@grimberg.me>,
Alistair Francis <alistair.francis@wdc.com>
Subject: [PATCH net-next v10 0/7] tls: receive-path fixes and clean-ups
Date: Mon, 11 May 2026 19:25:51 -0400 [thread overview]
Message-ID: <20260511-tls-read-sock-v10-0-279fc5015f0e@oracle.com> (raw)
I'd like to encourage in-kernel kTLS consumers (NFSD, NVMe/TCP) to
coalesce on the use of read_sock. While auditing read_sock for that
purpose, Hannes flagged a few rough edges in the receive paths.
This series is a set of clean-ups, not a performance series. Async
batch decryption and its submit/deliver scaffolding were dropped
during previous review: async_capable is always false for TLS 1.3,
the version NFSD and NVMe/TCP both require, so async-related
improvements were unreachable for the in-kernel consumers this
work targets.
A subsequent series will introduce infrastructure to support
KeyUpdate for in-kernel kTLS consumers, which need to handle TLS
Alert messages that trigger a tlshd upcall.
---
Changes since v9:
- Recast cover letter: this is a clean-up series, not a
performance series (Jakub, Sabrina)
- Rephrase subject to describe the refactor (Jakub)
- Split 2/5 into two patches separating the do/while
loop-structure cleanup from the partial-consume fix (Sabrina)
- Continue the loop after a partial consume to match
__tcp_read_sock() semantics, instead of exiting (Jakub)
- Drop kdoc on the internal function and rename
tls_strp_msg_release() to tls_strp_msg_consume() (Jakub)
- Drop kdoc on tls_strp_check_rcv() and un-wrap the "Defer
notification" comment (Jakub)
- Rename tls_strp_check_rcv() parameter wake to announce, and
tls_rx_msg_ready() to tls_rx_msg_maybe_announce() (Jakub)
- Drop tls_rx_handoff(); fold the per-record path back into
tls_rx_rec_done() and fire the deferred announce from
tls_rx_reader_release() (Jakub)
- New patch: Preserve sk_err across recvmsg() when data has
been copied, so a connection abort during sk_flush_backlog()
surfaces on the next read instead of vanishing when the
caller returns the bytes already accumulated
Changes since v8:
- Address review comments from sashiko
- Patch 2: Requeue partially consumed skb to prevent leak
- Patch 5: Re-check sk_err so RST during flush surfaces as
-ECONNRESET instead of EOF
- Address review comments from gpt-5.5
- Patch 4: Restore msg_ready early-return in tls_strp_check_rcv()
so the queued strp_work doesn't double-wake the consumer
- Patch 4: Add tls_strparser msg_announced bit so the recvmsg
exit-point handoff doesn't re-fire saved_data_ready() for a
record BH or the worker already announced (rx_list-only drain
path)
Changes since v7:
- Rebased on net-next (v7.1-rc1)
Changes since v6:
- Rebased on net-next, v5's 1/6 was merged upstream
Changes since v5:
- Patch 6: Set released = true when sk_flush_backlog() returns
true, so tls_strp_msg_load() knows the socket lock was
released (Sabrina)
- Patch 6: Drop Fixes tag; submit bug fix separately via net
if warranted (Sabrina)
- Patch 6: Note redundant flush on cold path in commit message
(Sabrina)
Changes since v4:
- Drop batch async decryption and submit/deliver restructure:
async_capable is always false for TLS 1.3, so the new code
was unreachable for NFS and NVMe/TCP
- Purge async_hold directly in tls_decrypt_async_wait() and drop
the tls_decrypt_async_drain() wrapper
- Merge tls_strp_check_rcv_quiet() into tls_strp_check_rcv() with
a bool wake parameter; fix lost wakeup on the recvmsg exit path
Changes since v3:
- Clarify why tls_decrypt_async_drain() is separate from _wait()
- Fold tls_err_abort() into tls_rx_one_record(), drop tls_rx_decrypt_record()
- Move backlog flush into tls_rx_rec_wait() so all RX paths benefit
Changes since v2:
- Fix short read self tests
Changes since v1:
- Add C11 reference
- Extend data_ready reduction to recvmsg and splice
- Restructure read_sock and recvmsg using shared helpers
---
Chuck Lever (7):
tls: Move decrypt-failure abort into tls_rx_one_record()
tls: Avoid evaluating freed skb in tls_sw_read_sock() loop
tls: Re-present partially-consumed records in tls_sw_read_sock()
tls: Factor tls_strp_msg_consume() from tls_strp_msg_done()
tls: Suppress spurious saved_data_ready on all receive paths
tls: Flush backlog before waiting for a new record
tls: Preserve sk_err across recvmsg() when data has been copied
include/net/tls.h | 5 +++
net/tls/tls.h | 6 ++--
net/tls/tls_main.c | 2 +-
net/tls/tls_strp.c | 26 +++++++++-----
net/tls/tls_sw.c | 103 ++++++++++++++++++++++++++++++++++++++++-------------
5 files changed, 105 insertions(+), 37 deletions(-)
---
base-commit: 63751099502d10f0aa6bb35273e56c5800cc4e3a
change-id: 20260317-tls-read-sock-a0022c9df265
Best regards,
--
Chuck Lever <chuck.lever@oracle.com>
next reply other threads:[~2026-05-11 23:26 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-11 23:25 Chuck Lever [this message]
2026-05-11 23:25 ` [PATCH net-next v10 1/7] tls: Move decrypt-failure abort into tls_rx_one_record() Chuck Lever
2026-05-11 23:25 ` [PATCH net-next v10 2/7] tls: Avoid evaluating freed skb in tls_sw_read_sock() loop Chuck Lever
2026-05-11 23:25 ` [PATCH net-next v10 3/7] tls: Re-present partially-consumed records in tls_sw_read_sock() Chuck Lever
2026-05-11 23:25 ` [PATCH net-next v10 4/7] tls: Factor tls_strp_msg_consume() from tls_strp_msg_done() Chuck Lever
2026-05-11 23:25 ` [PATCH net-next v10 5/7] tls: Suppress spurious saved_data_ready on all receive paths Chuck Lever
2026-05-11 23:25 ` [PATCH net-next v10 6/7] tls: Flush backlog before waiting for a new record Chuck Lever
2026-05-11 23:25 ` [PATCH net-next v10 7/7] tls: Preserve sk_err across recvmsg() when data has been copied Chuck Lever
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260511-tls-read-sock-v10-0-279fc5015f0e@oracle.com \
--to=cel@kernel.org \
--cc=alistair.francis@wdc.com \
--cc=chuck.lever@oracle.com \
--cc=edumazet@google.com \
--cc=hare@suse.de \
--cc=horms@kernel.org \
--cc=john.fastabend@gmail.com \
--cc=kernel-tls-handshake@lists.linux.dev \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=sagi@grimberg.me \
--cc=sd@queasysnail.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox