The branch main has been updated by gallatin: URL: https://cgit.FreeBSD.org/src/commit/?id=4d692068f6850282dabde9e35b3098a4ebec9592
commit 4d692068f6850282dabde9e35b3098a4ebec9592 Author: Andrew Gallatin <[email protected]> AuthorDate: 2025-12-20 21:10:12 +0000 Commit: Andrew Gallatin <[email protected]> CommitDate: 2025-12-21 14:45:25 +0000 ktls: Capture initial tls seqno at time offload is initiated Some drivers want the TLS seqno when offload starts. Capture this for them by adding a union for initial_seqno, sharing space with the TLS 1.0 next_seqno. Reviewed by: jhb Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D54275 MFC After: 1 month --- sys/kern/uipc_ktls.c | 3 +++ sys/sys/ktls.h | 9 ++++++--- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/sys/kern/uipc_ktls.c b/sys/kern/uipc_ktls.c index 66ce1b5a081d..35009ad77722 100644 --- a/sys/kern/uipc_ktls.c +++ b/sys/kern/uipc_ktls.c @@ -1406,6 +1406,9 @@ ktls_enable_tx(struct socket *so, struct tls_enable *en) if (error) return (error); + /* some ktls offload NICs require initial seqno to start offload */ + tls->initial_offload_seqno = be64dec(en->rec_seq); + /* Prefer TOE -> ifnet TLS -> software TLS. */ #ifdef TCP_OFFLOAD error = ktls_try_toe(so, tls, KTLS_TX); diff --git a/sys/sys/ktls.h b/sys/sys/ktls.h index a940bcfaba25..6c7e7d3c5ee3 100644 --- a/sys/sys/ktls.h +++ b/sys/sys/ktls.h @@ -221,9 +221,12 @@ struct ktls_session { bool tx; bool sync_dispatch; bool sequential_records; - - /* Only used for TLS 1.0. */ - uint64_t next_seqno; + union { + /* Only used for TLS 1.0. */ + uint64_t next_seqno; + /* Needed by some ktls offload NICs */ + uint64_t initial_offload_seqno; + }; STAILQ_HEAD(, mbuf) pending_records; /* Used to destroy any kTLS session */
