From: Sabrina Dubroca <sd@queasysnail.net>
To: Rishikesh Jethwani <rjethwani@everpuredata.com>
Cc: netdev@vger.kernel.org, saeedm@nvidia.com, tariqt@nvidia.com,
mbloch@nvidia.com, borisp@nvidia.com, john.fastabend@gmail.com,
kuba@kernel.org, davem@davemloft.net, pabeni@redhat.com,
edumazet@google.com, leon@kernel.org
Subject: Re: [PATCH v13 5/6] tls: add hardware offload key update support
Date: Thu, 21 May 2026 15:57:23 +0200 [thread overview]
Message-ID: <ag8PQ2pxvKMHglWV@krikkit> (raw)
In-Reply-To: <CAKaoeS2=W-WFxAmo2M_FOzS4d65L-1WM+3CJ2x3dy0U0NvMapA@mail.gmail.com>
2026-05-12, 10:55:35 -0700, Rishikesh Jethwani wrote:
> > Not blaming you for NIC behavior, but... the NIC passes up as
> > "decrypted" records that have failed decryption (because it was using
> > the wrong (old) key), or passes as "encrypted" the incorrectly
> > decrypted data (that it has "decrypted" with the old key)?
> >
> > Or this is only the first record(s) after the KeyUpdate message, if
> > they fall within the same packet, the whole packet was "decrypted"
> > with the old key but only the KeyUpdate itself (and maybe some more
> > records before it) decrypted correctly ; but subsequent packets get
> > passed as !decrypted and don't need this reencrypt dance?
> >
> > (this is maybe more of a question for Tariq or the other @nvidia
> > folks)
> >
> >
> > I haven't reviewed the whole patch at this point, because of Paolo's
> > suggestion and this confusion with the RX rekey.
> >
> > The traces show how both NICs behave during the key transition:
>
> Broadcom (NIC preserves decrypted flags):
> - decrypted=1: NIC fully decrypted these with the old key; one reencrypt
> pass (retry=0) re-encrypts those frags back to ciphertext, then SW decrypts
> with the new key.
> - encrypted=0, decrypted=0: boundary-straddling record; same single
> reencrypt pass.
> - encrypted=1: NIC never touched these; SW decrypts directly with the new
> key.
>
> Mellanox (NIC clears decrypted flags on auth failure):
> - encrypted=0, decrypted=0: NIC partially processed the record but
> cleared all decrypted flags on auth failure. retry=0 reencrypts with the
> wrong frag interpretation and gets EBADMSG; retry=1 toggles the flags and
> succeeds.
> - encrypted=1: NIC reported these as untouched; SW decrypts directly.
>
> The retry path exists specifically for the Mellanox case: cleared flags
> hide which frags the NIC actually touched, so the first pass may pick the
> wrong interpretation and need to flip it.
Thanks for describing this.
I don't think the core TLS implementation should implement workarounds
for HW/drivers doing strange things. IMO this should instead be
stuffed into a driver CB, which would implement the necessary steps to
perform during a rekey.
The core can provide a helper, but I would move the whole
"reencrypt+maybe retry" logic to a CB.
--
Sabrina
next prev parent reply other threads:[~2026-05-21 13:57 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-29 18:10 [PATCH net-next v13 0/6] tls: Add TLS 1.3 hardware offload support Rishikesh Jethwani
2026-04-29 18:10 ` [PATCH v13 1/6] net: tls: reject TLS 1.3 offload in chcr_ktls and nfp drivers Rishikesh Jethwani
2026-04-29 18:10 ` [PATCH v13 2/6] net/mlx5e: add TLS 1.3 hardware offload support Rishikesh Jethwani
2026-04-29 18:10 ` [PATCH v13 3/6] tls: " Rishikesh Jethwani
2026-04-29 18:10 ` [PATCH v13 4/6] tls: split tls_set_sw_offload into init and finalize stages Rishikesh Jethwani
2026-04-29 18:10 ` [PATCH v13 5/6] tls: add hardware offload key update support Rishikesh Jethwani
2026-05-05 8:40 ` Paolo Abeni
2026-05-05 8:41 ` Paolo Abeni
2026-05-06 10:37 ` Sabrina Dubroca
2026-05-06 11:30 ` Sabrina Dubroca
[not found] ` <CAKaoeS2=W-WFxAmo2M_FOzS4d65L-1WM+3CJ2x3dy0U0NvMapA@mail.gmail.com>
2026-05-21 13:57 ` Sabrina Dubroca [this message]
2026-04-29 18:10 ` [PATCH v13 6/6] selftests: net: add TLS hardware offload test Rishikesh Jethwani
2026-05-06 17:07 ` Sabrina Dubroca
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ag8PQ2pxvKMHglWV@krikkit \
--to=sd@queasysnail.net \
--cc=borisp@nvidia.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=john.fastabend@gmail.com \
--cc=kuba@kernel.org \
--cc=leon@kernel.org \
--cc=mbloch@nvidia.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=rjethwani@everpuredata.com \
--cc=saeedm@nvidia.com \
--cc=tariqt@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox