public inbox for newlib-cvs@sourceware.org help / color / mirror / Atom feed
From: Sebastian Huber <sh@sourceware.org> To: newlib-cvs@sourceware.org Subject: [newlib-cygwin] Initial support for kernel offload of TLS receive. Date: Mon, 11 Jul 2022 11:51:54 +0000 (GMT) [thread overview] Message-ID: <20220711115154.2A92A385AE6D@sourceware.org> (raw) https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=7293d1e7b6f1ef012710b1a2e0e7d89889c782e6 commit 7293d1e7b6f1ef012710b1a2e0e7d89889c782e6 Author: John Baldwin <jhb@FreeBSD.org> Date: Mon Apr 27 23:17:19 2020 +0000 Initial support for kernel offload of TLS receive. - Add a new TCP_RXTLS_ENABLE socket option to set the encryption and authentication algorithms and keys as well as the initial sequence number. - When reading from a socket using KTLS receive, applications must use recvmsg(). Each successful call to recvmsg() will return a single TLS record. A new TCP control message, TLS_GET_RECORD, will contain the TLS record header of the decrypted record. The regular message buffer passed to recvmsg() will receive the decrypted payload. This is similar to the interface used by Linux's KTLS RX except that Linux does not return the full TLS header in the control message. - Add plumbing to the TOE KTLS interface to request either transmit or receive KTLS sessions. - When a socket is using receive KTLS, redirect reads from soreceive_stream() into soreceive_generic(). - Note that this interface is currently only defined for TLS 1.1 and 1.2, though I believe we will be able to reuse the same interface and structures for 1.3. Diff: --- newlib/libc/sys/rtems/include/netinet/tcp.h | 3 +++ 1 file changed, 3 insertions(+) diff --git a/newlib/libc/sys/rtems/include/netinet/tcp.h b/newlib/libc/sys/rtems/include/netinet/tcp.h index b5f01b3bc..5dc13eca2 100644 --- a/newlib/libc/sys/rtems/include/netinet/tcp.h +++ b/newlib/libc/sys/rtems/include/netinet/tcp.h @@ -178,6 +178,8 @@ struct tcphdr { device */ #define TCP_TXTLS_ENABLE 39 /* TLS framing and encryption for transmit */ #define TCP_TXTLS_MODE 40 /* Transmit TLS mode */ +#define TCP_RXTLS_ENABLE 41 /* TLS framing and encryption for receive */ +#define TCP_RXTLS_MODE 42 /* Receive TLS mode */ #define TCP_CONGESTION 64 /* get/set congestion control algorithm */ #define TCP_CCALGOOPT 65 /* get/set cc algorithm specific options */ #define TCP_DELACK 72 /* socket option for delayed ack */ @@ -388,6 +390,7 @@ struct tcp_function_set { * TCP Control message types */ #define TLS_SET_RECORD_TYPE 1 +#define TLS_GET_RECORD 2 /* * TCP specific variables of interest for tp->t_stats stats(9) accounting.
reply other threads:[~2022-07-11 11:51 UTC|newest] Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20220711115154.2A92A385AE6D@sourceware.org \ --to=sh@sourceware.org \ --cc=newlib-cvs@sourceware.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).