[PATCH v7 0/5] nvme-tcp: Support receiving KeyUpdate requests
From: <hidden>
Date: 2026-03-04 05:36:27
Also in:
linux-doc, linux-nfs, linux-nvme, lkml
From: Alistair Francis <redacted> The TLS 1.3 specification allows the TLS client or server to send a KeyUpdate. This is generally used when the sequence is about to overflow or after a certain amount of bytes have been encrypted. The TLS spec doesn't mandate the conditions though, so a KeyUpdate can be sent by the TLS client or server at any time. This includes when running NVMe-OF over a TLS 1.3 connection. As such Linux should be able to handle a KeyUpdate event, as the other NVMe side could initiate a KeyUpdate. Upcoming WD NVMe-TCP hardware controllers implement TLS support and send KeyUpdate requests. This series builds on top of the existing TLS EKEYEXPIRED work, which already detects a KeyUpdate request. We can now pass that information up to the NVMe layer (target and host) and then pass it up to userspace. Userspace (ktls-utils) will need to save the connection state in the keyring during the initial handshake. The kernel then provides the key serial back to userspace when handling a KeyUpdate. Userspace can use this to restore the connection information and then update the keys, this final process is similar to the initial handshake. This series depends on the read_sock_cmsg() kernel patch: https://lore.kernel.org/kernel-tls-handshake/20260217222033.1929211-1-cel@kernel.org ktls-utils (tlshd) userspace patches are available at: https://lore.kernel.org/kernel-tls-handshake/CAKmqyKNpFhPtM8HAkgRMKQA8_N7AgoeqaSTe2=0spPnb+Oz2ng@mail.gmail.com/T/#mb277f5c998282666d0f41cc02f4abf516fcc4e9c Link: https://datatracker.ietf.org/doc/html/rfc8446#section-4.6.3 Based-on: 20260217222033.1929211-1-cel@kernel.org v7: - Don't use recvmsg() (see [1]) instead use read_sock_cmsg() - Remove reviews from patch 4, as it changed a bit to support read_sock_cmsg() v6: - Don't free handshake request on completion (handshake_sk_destruct_req()) - Add handshake_req_keyupdate() which reuses existing handshake request for a KeyUpdate - Other small improvements and tidyups v5: - Cleanup code flow for nvme-tcp - When using recvmsg in the host code first check for MSG_CTRUNC in the msg_flags returned from recvmsg() and use that to determine if it's a control message - Drop clientkeyupdaterequest and serverkeyupdaterequest v4: - Don't stop the keep-alive timer - Remove any support for sending a KeyUpdate - Add tls_client_keyupdate_psk()' and 'tls_server_keyupdate_psk()' - Code cleanups - Change order of patches v3: - Rebase on the recvmsg() workflow patch - Add debugfs support for the host - Don't cancel an ongoing request - Ensure a request is destructed on completion v2: - Change "key-serial" to "session-id" - Fix reported build failures - Drop tls_clear_err() function - Stop keep alive timer during KeyUpdate - Drop handshake message decoding in the NVMe layer 1: https://lists.infradead.org/pipermail/linux-nvme/2026-February/061252.html Alistair Francis (5): net/handshake: Store the key serial number on completion net/handshake: Define handshake_req_keyupdate net/handshake: Support KeyUpdate message types nvme-tcp: Support KeyUpdate nvmet-tcp: Support KeyUpdate Documentation/netlink/specs/handshake.yaml | 20 +- Documentation/networking/tls-handshake.rst | 1 + drivers/nvme/host/tcp.c | 80 +++++++- drivers/nvme/target/tcp.c | 213 ++++++++++++++------- include/net/handshake.h | 11 +- include/uapi/linux/handshake.h | 12 ++ net/handshake/genl.c | 5 +- net/handshake/handshake.h | 2 + net/handshake/request.c | 97 ++++++++++ net/handshake/tlshd.c | 97 +++++++++- net/sunrpc/svcsock.c | 4 +- net/sunrpc/xprtsock.c | 4 +- 12 files changed, 467 insertions(+), 79 deletions(-) -- 2.53.0