Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 21 Dec 2025 14:46:38 +0000
From:      Andrew Gallatin <gallatin@FreeBSD.org>
To:        src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
Subject:   git: 4d692068f685 - main - ktls: Capture initial tls seqno at time offload is initiated
Message-ID:  <6948084e.39145.65287bf8@gitrepo.freebsd.org>
index | next in thread | raw e-mail 

The branch main has been updated by gallatin:

URL: https://cgit.FreeBSD.org/src/commit/?id=4d692068f6850282dabde9e35b3098a4ebec9592

commit 4d692068f6850282dabde9e35b3098a4ebec9592
Author:     Andrew Gallatin <gallatin@FreeBSD.org>
AuthorDate: 2025-12-20 21:10:12 +0000
Commit:     Andrew Gallatin <gallatin@FreeBSD.org>
CommitDate: 2025-12-21 14:45:25 +0000

    ktls: Capture initial tls seqno at time offload is initiated
    
    Some drivers want the TLS seqno when offload starts. Capture this
    for them by adding a union for initial_seqno, sharing space with
    the TLS 1.0 next_seqno.
    
    Reviewed by: jhb
    Sponsored by: Netflix
    Differential Revision: https://reviews.freebsd.org/D54275
    MFC After: 1 month
---
 sys/kern/uipc_ktls.c | 3 +++
 sys/sys/ktls.h       | 9 ++++++---
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/sys/kern/uipc_ktls.c b/sys/kern/uipc_ktls.c
index 66ce1b5a081d..35009ad77722 100644
--- a/sys/kern/uipc_ktls.c
+++ b/sys/kern/uipc_ktls.c
@@ -1406,6 +1406,9 @@ ktls_enable_tx(struct socket *so, struct tls_enable *en)
 	if (error)
 		return (error);
 
+	/* some ktls offload NICs require initial seqno to start offload */
+	tls->initial_offload_seqno = be64dec(en->rec_seq);
+
 	/* Prefer TOE -> ifnet TLS -> software TLS. */
 #ifdef TCP_OFFLOAD
 	error = ktls_try_toe(so, tls, KTLS_TX);
diff --git a/sys/sys/ktls.h b/sys/sys/ktls.h
index a940bcfaba25..6c7e7d3c5ee3 100644
--- a/sys/sys/ktls.h
+++ b/sys/sys/ktls.h
@@ -221,9 +221,12 @@ struct ktls_session {
 	bool tx;
 	bool sync_dispatch;
 	bool sequential_records;
-
-	/* Only used for TLS 1.0. */
-	uint64_t next_seqno;
+	union {
+		/* Only used for TLS 1.0. */
+		uint64_t next_seqno;
+		/* Needed by some ktls offload NICs */
+		uint64_t initial_offload_seqno;
+	};
 	STAILQ_HEAD(, mbuf) pending_records;
 
 	/* Used to destroy any kTLS session */
help

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6948084e.39145.65287bf8>