From nobody Wed Jul 1 00:55:03 2026 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4gqhPg5kjKz6kGW2 for ; Wed, 01 Jul 2026 00:55:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "YR1" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4gqhPg2cmcz3ZQV for ; Wed, 01 Jul 2026 00:55:03 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1782867303; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=y2EbYtut83jjbXjP2jjzlaySxqVy8sban/nIy6g4J90=; b=ntFFxZFNGSXFFwz/gTsi/CYLT0Zonq6uDFhRHirlfGKD98/ngM2gLQjXVdWfy91/A08QmP ZAQWCkpxTvLLEaYVN13HObv6QaM3JGqlxewKUg5Sqv7nN6LGlHfGZ1zxiKHnlKJ/zES3/1 BbWafJAB6/IWdyhGCiGkzi1SfI+bbNwfprfGX99cCKe1WqNauhBkd7PNhw0pND05Axx9dJ 0uce7bJ2EN78uhknSFC2TXVKgAZYIjLFfLr/xRggXCQbm7c71qL4SpYSIa4uLBqgYWCYoz Jd5pydoWMj69dCOAn4DQqCyH+cKG78Ss/ZSHGv+okBQ0p01wiKTvHU6FlzTgkg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1782867303; a=rsa-sha256; cv=none; b=T3cKcveCUQL03mReFPghB0l9PyoLlUoZ6U/1OIZZwPYdGeSf/BK1BoHExgjaRl0U4y6T45 AGRD2Ws7lQOlEBTrVBkiBBtU34ualN/b5j8cLXZxuP1sMyTEOo0ExgLPldRUrX0Qf4EVyV q/1wWmbSBIT3me/9RzJ3u9C7ECPnen4opD8lF+nNwxDyQsaFht/MElgSPzVSG20EiVWLRQ FPAfnC1n2MJNW8D9OZbavWWf5+Se1hPjD3Kvgnmeh6ZtfcjSraqjF3Sa5cxNBWbZMksw52 YPnrS48GbyzQVXp2xaVLIjESjMN+/Pkn/ivoj6ddkqW3O+Y0bKnEyzrw4sOKLw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1782867303; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=y2EbYtut83jjbXjP2jjzlaySxqVy8sban/nIy6g4J90=; b=j3oAO8CGA2mmIorp6V5OXpDm26EN9z+F3tknnD8v09s+QnHeYM8ImMK6anljL8kxYpXqpM MRNURAY+b4OQmsHakev6cqoTUUhUAWS9eofya1xUZj1/c7loUA83jF4bdbJI496F975IkT bbJeLN9AKex5yqcTEi7YKuNa6cody4irupfthUpsy2V/YJGuXVqDKNijvoMGSE63jbLkgC qawN0CSkO6w6Rr2/XyDJjc2UOvTkDJA6QsqmdUxIG5g/P2+UFlpfTl4q8z4KtNRn8yXuBL Vso1eHYJMX9km3yledP5QSPHFP5l3wXf8IsB0JdX5Rr9Zgk1LbUTWcwMB306lQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4gqhPg1Sppz16gp for ; Wed, 01 Jul 2026 00:55:03 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 26930 by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Wed, 01 Jul 2026 00:55:03 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Cc: Andrew Gallatin From: John Baldwin Subject: git: 08cda4bcd43c - main - ktls: Add a tunable to disable TLS receive List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org List-Id: List-Post: List-Help: List-Subscribe: List-Unsubscribe: List-Owner: Precedence: list MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jhb X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 08cda4bcd43cfcb2c0b1abd29bc7cd30896727bc Auto-Submitted: auto-generated Date: Wed, 01 Jul 2026 00:55:03 +0000 Message-Id: <6a446567.26930.1bd63359@gitrepo.freebsd.org> The branch main has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=08cda4bcd43cfcb2c0b1abd29bc7cd30896727bc commit 08cda4bcd43cfcb2c0b1abd29bc7cd30896727bc Author: Andrew Gallatin AuthorDate: 2026-07-01 00:53:15 +0000 Commit: John Baldwin CommitDate: 2026-07-01 00:54:02 +0000 ktls: Add a tunable to disable TLS receive TLS receive offload is really only beneficial for in-kernel use cases (such as NFS over TLS) or when using a hardware offload. In addition, several recent SAs have involved the TLS receive path, but the only current mitigation for those is to disable TLS offload entirely. Reviewed by: ziaee, gallatin, markj Relnotes: yes Sponsored by: Netflix Sponsored by: Chelsio Communications Co-authored-by: John Baldwin Differential Revision: https://reviews.freebsd.org/D57974 --- share/man/man4/ktls.4 | 4 ++- sys/kern/uipc_ktls.c | 7 +++- tests/sys/kern/ktls_test.c | 90 +++++++++++++++++++++++++++++----------------- 3 files changed, 67 insertions(+), 34 deletions(-) diff --git a/share/man/man4/ktls.4 b/share/man/man4/ktls.4 index 56b03d45faf7..5fca616dae4d 100644 --- a/share/man/man4/ktls.4 +++ b/share/man/man4/ktls.4 @@ -29,7 +29,7 @@ .\" .\" * Other names and brands may be claimed as the property of others. .\" -.Dd October 31, 2024 +.Dd June 30, 2026 .Dt KTLS 4 .Os .Sh NAME @@ -182,6 +182,8 @@ A few of them are described below: .Bl -tag -width ".Va kern.ipc.tls.cbc_enable" .It Va kern.ipc.tls.enable Determines if new kernel TLS sessions can be created. +.It Va kern.ipc.tls.rx_enable +Determines if new kernel TLS receive sessions can be created. .It Va kern.ipc.tls.cbc_enable Determines if new kernel TLS sessions with a cipher suite using AES-CBC can be created. diff --git a/sys/kern/uipc_ktls.c b/sys/kern/uipc_ktls.c index 629fe8923466..0966c930ca0f 100644 --- a/sys/kern/uipc_ktls.c +++ b/sys/kern/uipc_ktls.c @@ -148,6 +148,11 @@ SYSCTL_BOOL(_kern_ipc_tls, OID_AUTO, enable, CTLFLAG_RWTUN, &ktls_offload_enable, 0, "Enable support for kernel TLS offload"); +static bool ktls_rx_offload_enable = true; +SYSCTL_BOOL(_kern_ipc_tls, OID_AUTO, rx_enable, CTLFLAG_RWTUN, + &ktls_rx_offload_enable, 0, + "Enable support for kernel TLS receive offload"); + static bool ktls_cbc_enable = true; SYSCTL_BOOL(_kern_ipc_tls, OID_AUTO, cbc_enable, CTLFLAG_RWTUN, &ktls_cbc_enable, 1, @@ -1285,7 +1290,7 @@ ktls_enable_rx(struct socket *so, struct tls_enable *en) struct ktls_session *tls; int error; - if (!ktls_offload_enable) + if (!ktls_offload_enable || !ktls_rx_offload_enable) return (ENOTSUP); counter_u64_add(ktls_offload_enable_calls, 1); diff --git a/tests/sys/kern/ktls_test.c b/tests/sys/kern/ktls_test.c index 7003b86fb4e2..e0bcf17262f2 100644 --- a/tests/sys/kern/ktls_test.c +++ b/tests/sys/kern/ktls_test.c @@ -69,6 +69,28 @@ require_ktls(void) #define ATF_REQUIRE_KTLS() require_ktls() +static void +require_ktls_rx(void) +{ + size_t len; + bool enable; + + ATF_REQUIRE_KTLS(); + + len = sizeof(enable); + if (sysctlbyname("kern.ipc.tls.rx_enable", &enable, &len, NULL, 0) == + -1) { + if (errno == ENOENT) + atf_tc_skip("kernel does not support TLS offload"); + atf_libc_error(errno, "Failed to read kern.ipc.tls.rx_enable"); + } + + if (!enable) + atf_tc_skip("Kernel TLS receive is disabled"); +} + +#define ATF_REQUIRE_KTLS_RX() require_ktls_rx() + static void check_tls_mode(const atf_tc_t *tc, int s, int sockopt) { @@ -2286,7 +2308,7 @@ ATF_TC_BODY(ktls_receive_##cipher_name##_##name, tc) \ struct tls_enable en; \ uint64_t seqno; \ \ - ATF_REQUIRE_KTLS(); \ + ATF_REQUIRE_KTLS_RX(); \ seqno = random(); \ build_tls_enable(tc, cipher_alg, key_size, auth_alg, minor, \ seqno, &en); \ @@ -2306,7 +2328,7 @@ ATF_TC_BODY(ktls_receive_##cipher_name##_bad_data, tc) \ struct tls_enable en; \ uint64_t seqno; \ \ - ATF_REQUIRE_KTLS(); \ + ATF_REQUIRE_KTLS_RX(); \ seqno = random(); \ build_tls_enable(tc, cipher_alg, key_size, auth_alg, minor, \ seqno, &en); \ @@ -2326,7 +2348,7 @@ ATF_TC_BODY(ktls_receive_##cipher_name##_bad_mac, tc) \ struct tls_enable en; \ uint64_t seqno; \ \ - ATF_REQUIRE_KTLS(); \ + ATF_REQUIRE_KTLS_RX(); \ seqno = random(); \ build_tls_enable(tc, cipher_alg, key_size, auth_alg, minor, \ seqno, &en); \ @@ -2346,7 +2368,7 @@ ATF_TC_BODY(ktls_receive_##cipher_name##_truncated_record, tc) \ struct tls_enable en; \ uint64_t seqno; \ \ - ATF_REQUIRE_KTLS(); \ + ATF_REQUIRE_KTLS_RX(); \ seqno = random(); \ build_tls_enable(tc, cipher_alg, key_size, auth_alg, minor, \ seqno, &en); \ @@ -2366,7 +2388,7 @@ ATF_TC_BODY(ktls_receive_##cipher_name##_bad_major, tc) \ struct tls_enable en; \ uint64_t seqno; \ \ - ATF_REQUIRE_KTLS(); \ + ATF_REQUIRE_KTLS_RX(); \ seqno = random(); \ build_tls_enable(tc, cipher_alg, key_size, auth_alg, minor, \ seqno, &en); \ @@ -2386,7 +2408,7 @@ ATF_TC_BODY(ktls_receive_##cipher_name##_bad_minor, tc) \ struct tls_enable en; \ uint64_t seqno; \ \ - ATF_REQUIRE_KTLS(); \ + ATF_REQUIRE_KTLS_RX(); \ seqno = random(); \ build_tls_enable(tc, cipher_alg, key_size, auth_alg, minor, \ seqno, &en); \ @@ -2406,7 +2428,7 @@ ATF_TC_BODY(ktls_receive_##cipher_name##_##name, tc) \ struct tls_enable en; \ uint64_t seqno; \ \ - ATF_REQUIRE_KTLS(); \ + ATF_REQUIRE_KTLS_RX(); \ seqno = random(); \ build_tls_enable(tc, cipher_alg, key_size, auth_alg, minor, \ seqno, &en); \ @@ -2426,7 +2448,7 @@ ATF_TC_BODY(ktls_receive_##cipher_name##_split_##name, tc) \ struct tls_enable en; \ uint64_t seqno; \ \ - ATF_REQUIRE_KTLS(); \ + ATF_REQUIRE_KTLS_RX(); \ seqno = random(); \ build_tls_enable(tc, cipher_alg, key_size, auth_alg, minor, \ seqno, &en); \ @@ -2622,7 +2644,7 @@ ATF_TC_BODY(ktls_receive_##cipher_name##_bad_padding, tc) \ struct tls_enable en; \ uint64_t seqno; \ \ - ATF_REQUIRE_KTLS(); \ + ATF_REQUIRE_KTLS_RX(); \ seqno = random(); \ build_tls_enable(tc, cipher_alg, key_size, auth_alg, minor, \ seqno, &en); \ @@ -2679,7 +2701,7 @@ ATF_TC_BODY(ktls_receive_##cipher_name##_bad_iv, tc) \ struct tls_enable en; \ uint64_t seqno; \ \ - ATF_REQUIRE_KTLS(); \ + ATF_REQUIRE_KTLS_RX(); \ seqno = random(); \ build_tls_enable(tc, cipher_alg, key_size, auth_alg, minor, \ seqno, &en); \ @@ -2722,7 +2744,7 @@ ATF_TC_BODY(ktls_receive_##cipher_name##_bad_type, tc) \ struct tls_enable en; \ uint64_t seqno; \ \ - ATF_REQUIRE_KTLS(); \ + ATF_REQUIRE_KTLS_RX(); \ seqno = random(); \ build_tls_enable(tc, cipher_alg, key_size, auth_alg, minor, \ seqno, &en); \ @@ -2781,7 +2803,7 @@ ATF_TC_BODY(ktls_receive_invalid_##name, tc) \ struct tls_enable en; \ uint64_t seqno; \ \ - ATF_REQUIRE_KTLS(); \ + ATF_REQUIRE_KTLS_RX(); \ seqno = random(); \ build_tls_enable(tc, cipher_alg, key_size, auth_alg, minor, \ seqno, &en); \ @@ -2820,7 +2842,7 @@ ATF_TC_BODY(ktls_receive_unsupported_##name, tc) \ struct tls_enable en; \ uint64_t seqno; \ \ - ATF_REQUIRE_KTLS(); \ + ATF_REQUIRE_KTLS_RX(); \ seqno = random(); \ build_tls_enable(tc, cipher_alg, key_size, auth_alg, minor, \ seqno, &en); \ @@ -2881,29 +2903,18 @@ ATF_TC_BODY(ktls_sendto_baddst, tc) * Make sure that listen(2) returns an error for KTLS-enabled sockets, and * verify that an attempt to enable KTLS on a listening socket fails. */ -ATF_TC_WITHOUT_HEAD(ktls_listening_socket); -ATF_TC_BODY(ktls_listening_socket, tc) +static void +ktls_listening_socket(const atf_tc_t *tc, int optname) { struct tls_enable en; struct sockaddr_in sin; int s; - ATF_REQUIRE_KTLS(); - - s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); - ATF_REQUIRE(s >= 0); - build_tls_enable(tc, CRYPTO_AES_NIST_GCM_16, 128 / 8, 0, - TLS_MINOR_VER_THREE, (uint64_t)random(), &en); - ATF_REQUIRE(setsockopt(s, IPPROTO_TCP, TCP_TXTLS_ENABLE, &en, - sizeof(en)) == 0); - ATF_REQUIRE_ERRNO(EINVAL, listen(s, 1) == -1); - ATF_REQUIRE(close(s) == 0); - s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); ATF_REQUIRE(s >= 0); build_tls_enable(tc, CRYPTO_AES_NIST_GCM_16, 128 / 8, 0, TLS_MINOR_VER_THREE, (uint64_t)random(), &en); - ATF_REQUIRE(setsockopt(s, IPPROTO_TCP, TCP_RXTLS_ENABLE, &en, + ATF_REQUIRE(setsockopt(s, IPPROTO_TCP, optname, &en, sizeof(en)) == 0); ATF_REQUIRE_ERRNO(EINVAL, listen(s, 1) == -1); ATF_REQUIRE(close(s) == 0); @@ -2918,12 +2929,26 @@ ATF_TC_BODY(ktls_listening_socket, tc) build_tls_enable(tc, CRYPTO_AES_NIST_GCM_16, 128 / 8, 0, TLS_MINOR_VER_THREE, (uint64_t)random(), &en); ATF_REQUIRE_ERRNO(ENOTCONN, - setsockopt(s, IPPROTO_TCP, TCP_TXTLS_ENABLE, &en, sizeof(en)) != 0); - ATF_REQUIRE_ERRNO(ENOTCONN, - setsockopt(s, IPPROTO_TCP, TCP_RXTLS_ENABLE, &en, sizeof(en)) != 0); + setsockopt(s, IPPROTO_TCP, optname, &en, sizeof(en)) != 0); ATF_REQUIRE(close(s) == 0); } +ATF_TC_WITHOUT_HEAD(ktls_listening_socket_tx); +ATF_TC_BODY(ktls_listening_socket_tx, tc) +{ + ATF_REQUIRE_KTLS(); + + ktls_listening_socket(tc, TCP_TXTLS_ENABLE); +} + +ATF_TC_WITHOUT_HEAD(ktls_listening_socket_rx); +ATF_TC_BODY(ktls_listening_socket_rx, tc) +{ + ATF_REQUIRE_KTLS_RX(); + + ktls_listening_socket(tc, TCP_RXTLS_ENABLE); +} + /* * Verify that the KTLS receive path does not overwrite data belonging * to a file whose payload is transmitted over a loopback connection @@ -2947,7 +2972,7 @@ ATF_TC_BODY(ktls_receive_loopback_sendfile, tc) int mode, shm, sockets[2]; socklen_t slen; - ATF_REQUIRE_KTLS(); + ATF_REQUIRE_KTLS_RX(); seqno = random(); build_tls_enable(tc, CRYPTO_AES_NIST_GCM_16, 128 / 8, 0, TLS_MINOR_VER_TWO, seqno, &en); @@ -3040,7 +3065,8 @@ ATF_TP_ADD_TCS(tp) /* Miscellaneous */ ATF_TP_ADD_TC(tp, ktls_sendto_baddst); - ATF_TP_ADD_TC(tp, ktls_listening_socket); + ATF_TP_ADD_TC(tp, ktls_listening_socket_tx); + ATF_TP_ADD_TC(tp, ktls_listening_socket_rx); ATF_TP_ADD_TC(tp, ktls_receive_loopback_sendfile); return (atf_no_error());