[net-next,v3,0/7] In-kernel support for the TLS Alert protocol

Message ID	169047923706.5241.1181144206068116926.stgit@oracle-102.nfsv4bat.org (mailing list archive)
Headers	show Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E887F8BE8; Thu, 27 Jul 2023 17:35:08 +0000 (UTC) Subject: [PATCH net-next v3 0/7] In-kernel support for the TLS Alert protocol From: Chuck Lever <cel@kernel.org> To: davem@davemloft.net, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com Cc: netdev@vger.kernel.org, kernel-tls-handshake@lists.linux.dev Date: Thu, 27 Jul 2023 13:34:56 -0400 Message-ID: <169047923706.5241.1181144206068116926.stgit@oracle-102.nfsv4bat.org> User-Agent: StGit/1.5 Precedence: bulk MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit
Series	In-kernel support for the TLS Alert protocol \| expand [net-next,v3,0/7] In-kernel support for the TLS Alert protocol [net-next,v3,1/7] net/tls: Move TLS protocol elements to a separate header [net-next,v3,2/7] net/tls: Add TLS Alert definitions [net-next,v3,3/7] net/handshake: Add API for sending TLS Closure alerts [net-next,v3,4/7] SUNRPC: Send TLS Closure alerts before closing a TCP socket [net-next,v3,5/7] net/handshake: Add helpers for parsing incoming TLS Alerts [net-next,v3,6/7] SUNRPC: Use new helpers to handle TLS Alerts [net-next,v3,7/7] net/handshake: Trace events for TLS Alert helpers

Message ID

169047923706.5241.1181144206068116926.stgit@oracle-102.nfsv4bat.org (mailing list archive)

Headers

Subject: [PATCH net-next v3 0/7] In-kernel support for the TLS Alert protocol
From: Chuck Lever <cel@kernel.org>
To: davem@davemloft.net, edumazet@google.com, kuba@kernel.org,
 pabeni@redhat.com
Cc: netdev@vger.kernel.org, kernel-tls-handshake@lists.linux.dev
Date: Thu, 27 Jul 2023 13:34:56 -0400
Message-ID: 
 <169047923706.5241.1181144206068116926.stgit@oracle-102.nfsv4bat.org>
User-Agent: StGit/1.5
Precedence: bulk
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit

Series

In-kernel support for the TLS Alert protocol | expand

Message

Chuck Lever July 27, 2023, 5:34 p.m. UTC

IMO the kernel doesn't need user space (ie, tlshd) to handle the TLS
Alert protocol. Instead, a set of small helper functions can be used
to handle sending and receiving TLS Alerts for in-kernel TLS
consumers.


Changes since v2:
* Simplify header dependencies

Changes since v1:
* Address review comments from Hannes

---

Chuck Lever (7):
      net/tls: Move TLS protocol elements to a separate header
      net/tls: Add TLS Alert definitions
      net/handshake: Add API for sending TLS Closure alerts
      SUNRPC: Send TLS Closure alerts before closing a TCP socket
      net/handshake: Add helpers for parsing incoming TLS Alerts
      SUNRPC: Use new helpers to handle TLS Alerts
      net/handshake: Trace events for TLS Alert helpers


 .../chelsio/inline_crypto/chtls/chtls.h       |   1 +
 include/net/handshake.h                       |   5 +
 include/net/tls.h                             |   4 -
 include/net/tls_prot.h                        |  68 ++++++++
 include/trace/events/handshake.h              | 160 ++++++++++++++++++
 net/handshake/Makefile                        |   2 +-
 net/handshake/alert.c                         | 110 ++++++++++++
 net/handshake/handshake.h                     |   6 +
 net/handshake/tlshd.c                         |  23 +++
 net/handshake/trace.c                         |   2 +
 net/sunrpc/svcsock.c                          |  50 +++---
 net/sunrpc/xprtsock.c                         |  45 ++---
 net/tls/tls.h                                 |   1 +
 13 files changed, 431 insertions(+), 46 deletions(-)
 create mode 100644 include/net/tls_prot.h
 create mode 100644 net/handshake/alert.c

--
Chuck Lever

Comments

patchwork-bot+netdevbpf@kernel.org July 28, 2023, 10:40 p.m. UTC | #1

Hello:

This series was applied to netdev/net-next.git (main)
by Jakub Kicinski <kuba@kernel.org>:

On Thu, 27 Jul 2023 13:34:56 -0400 you wrote:
> IMO the kernel doesn't need user space (ie, tlshd) to handle the TLS
> Alert protocol. Instead, a set of small helper functions can be used
> to handle sending and receiving TLS Alerts for in-kernel TLS
> consumers.
> 
> 
> Changes since v2:
> * Simplify header dependencies
> 
> [...]

Here is the summary with links:
  - [net-next,v3,1/7] net/tls: Move TLS protocol elements to a separate header
    https://git.kernel.org/netdev/net-next/c/6a7eccef47b2
  - [net-next,v3,2/7] net/tls: Add TLS Alert definitions
    https://git.kernel.org/netdev/net-next/c/0257427146e8
  - [net-next,v3,3/7] net/handshake: Add API for sending TLS Closure alerts
    https://git.kernel.org/netdev/net-next/c/35b1b538d422
  - [net-next,v3,4/7] SUNRPC: Send TLS Closure alerts before closing a TCP socket
    https://git.kernel.org/netdev/net-next/c/5dd5ad682cfe
  - [net-next,v3,5/7] net/handshake: Add helpers for parsing incoming TLS Alerts
    https://git.kernel.org/netdev/net-next/c/39d0e38dcced
  - [net-next,v3,6/7] SUNRPC: Use new helpers to handle TLS Alerts
    https://git.kernel.org/netdev/net-next/c/39067dda1d86
  - [net-next,v3,7/7] net/handshake: Trace events for TLS Alert helpers
    https://git.kernel.org/netdev/net-next/c/b470985c76df

You are awesome, thank you!