kTLS support in Linux

Newer Linux kernels have TLS embedded, which aloud to do Zero-Copy transfer, and thus improve performance. Here is the paper: https://netdevconf.org/1.2/papers/ktls.pdf. Currently, it supports TLSv1.2 with AES-128-GCM and AES-256-GCM. Quick documentation: https://github.com/torvalds/linux/blob/master/Documentation/networking/tls.rst.
The general idea is to do the handshake in userspace, then pass the credentials to kernel space afterward. Two examples: GnuTLS (with gnutls_record_get_state function): https://github.com/ktls/af_ktls-tool/blob/RX/ktls.c#L35 and OpenSSL: https://github.com/crazyguitar/ktls-example/blob/master/lib/ktls.c#L72.

My question is, how do I achieve this offload with MbedTLS?

Through email, I received this answer:

Have you considered implementating an alternative gcm that will implement the Mbed TLS gcm API, calling the kernel gcm? This will remove the need to extract information from the ssl context, and all the relevant gcm input will be given as parameters to your gcm implementation.

which is, a priori, over killed. That being said, if we can have a C file example, that would be awesome!

Hi @concatime
I believe what you are looking for is the MBEDTLS_SSL_EXPORT_KEYS feature which is mentioned here .

Using the GCM implemented in kernel space, and the user-spaceTLS stack would call the Mbed TLS gcm implementation in kernel space, would achieve similar performance, IMHO.

Mbed TLS Team member