git: 4d692068f685 - main - ktls: Capture initial tls seqno at time offload is initiated
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sun, 21 Dec 2025 14:46:38 UTC
The branch main has been updated by gallatin:
URL: https://cgit.FreeBSD.org/src/commit/?id=4d692068f6850282dabde9e35b3098a4ebec9592
commit 4d692068f6850282dabde9e35b3098a4ebec9592
Author: Andrew Gallatin <gallatin@FreeBSD.org>
AuthorDate: 2025-12-20 21:10:12 +0000
Commit: Andrew Gallatin <gallatin@FreeBSD.org>
CommitDate: 2025-12-21 14:45:25 +0000
ktls: Capture initial tls seqno at time offload is initiated
Some drivers want the TLS seqno when offload starts. Capture this
for them by adding a union for initial_seqno, sharing space with
the TLS 1.0 next_seqno.
Reviewed by: jhb
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D54275
MFC After: 1 month
---
sys/kern/uipc_ktls.c | 3 +++
sys/sys/ktls.h | 9 ++++++---
2 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/sys/kern/uipc_ktls.c b/sys/kern/uipc_ktls.c
index 66ce1b5a081d..35009ad77722 100644
--- a/sys/kern/uipc_ktls.c
+++ b/sys/kern/uipc_ktls.c
@@ -1406,6 +1406,9 @@ ktls_enable_tx(struct socket *so, struct tls_enable *en)
if (error)
return (error);
+ /* some ktls offload NICs require initial seqno to start offload */
+ tls->initial_offload_seqno = be64dec(en->rec_seq);
+
/* Prefer TOE -> ifnet TLS -> software TLS. */
#ifdef TCP_OFFLOAD
error = ktls_try_toe(so, tls, KTLS_TX);
diff --git a/sys/sys/ktls.h b/sys/sys/ktls.h
index a940bcfaba25..6c7e7d3c5ee3 100644
--- a/sys/sys/ktls.h
+++ b/sys/sys/ktls.h
@@ -221,9 +221,12 @@ struct ktls_session {
bool tx;
bool sync_dispatch;
bool sequential_records;
-
- /* Only used for TLS 1.0. */
- uint64_t next_seqno;
+ union {
+ /* Only used for TLS 1.0. */
+ uint64_t next_seqno;
+ /* Needed by some ktls offload NICs */
+ uint64_t initial_offload_seqno;
+ };
STAILQ_HEAD(, mbuf) pending_records;
/* Used to destroy any kTLS session */