[PATCH v2] mptcp:diag: prefix exposed items
by Matthieu Baerts
To conform with the rest.
And only exposed one init function for diag.c
Suggested-by: Davide Caratti <dcaratti(a)redhat.com>
Suggested-by: Paolo Abeni <pabeni(a)redhat.com>
Signed-off-by: Matthieu Baerts <matthieu.baerts(a)tessares.net>
---
Notes:
To be squashed in "mptcp: allow dumping subflow context to userspace"
v2:
- MPTCP_SUBFLOW_FLAGS_ -> MPTCP_SUBFLOW_FLAG_ (Davide)
- only exposed a new function: mptcp_diag_subflow_init (Davide, Paolo)
include/uapi/linux/mptcp.h | 18 +++++++++---------
net/mptcp/diag.c | 28 +++++++++++++++++-----------
net/mptcp/protocol.h | 3 +--
net/mptcp/subflow.c | 4 ++--
4 files changed, 29 insertions(+), 24 deletions(-)
diff --git a/include/uapi/linux/mptcp.h b/include/uapi/linux/mptcp.h
index 2856b89cc36e..3912a9808fa2 100644
--- a/include/uapi/linux/mptcp.h
+++ b/include/uapi/linux/mptcp.h
@@ -4,15 +4,15 @@
#include <linux/types.h>
-#define SUBFLOW_FLAGS_MCAP_REM BIT(0)
-#define SUBFLOW_FLAGS_MCAP_LOC BIT(1)
-#define SUBFLOW_FLAGS_JOIN_REM BIT(2)
-#define SUBFLOW_FLAGS_JOIN_LOC BIT(3)
-#define SUBFLOW_FLAGS_BKUP_REM BIT(4)
-#define SUBFLOW_FLAGS_BKUP_LOC BIT(5)
-#define SUBFLOW_FLAGS_4THACK BIT(6)
-#define SUBFLOW_FLAGS_CONNECTED BIT(7)
-#define SUBFLOW_FLAGS_MAPVALID BIT(8)
+#define MPTCP_SUBFLOW_FLAG_MCAP_REM BIT(0)
+#define MPTCP_SUBFLOW_FLAG_MCAP_LOC BIT(1)
+#define MPTCP_SUBFLOW_FLAG_JOIN_REM BIT(2)
+#define MPTCP_SUBFLOW_FLAG_JOIN_LOC BIT(3)
+#define MPTCP_SUBFLOW_FLAG_BKUP_REM BIT(4)
+#define MPTCP_SUBFLOW_FLAG_BKUP_LOC BIT(5)
+#define MPTCP_SUBFLOW_FLAG_4THACK BIT(6)
+#define MPTCP_SUBFLOW_FLAG_CONNECTED BIT(7)
+#define MPTCP_SUBFLOW_FLAG_MAPVALID BIT(8)
enum {
MPTCP_SUBFLOW_UNSPEC,
diff --git a/net/mptcp/diag.c b/net/mptcp/diag.c
index 27acd1ad485c..830a2adfc0fa 100644
--- a/net/mptcp/diag.c
+++ b/net/mptcp/diag.c
@@ -13,7 +13,7 @@
#include <uapi/linux/mptcp.h>
#include "protocol.h"
-int subflow_get_info(const struct sock *sk, struct sk_buff *skb)
+static int subflow_get_info(const struct sock *sk, struct sk_buff *skb)
{
struct mptcp_subflow_context *sf;
struct nlattr *start;
@@ -32,23 +32,23 @@ int subflow_get_info(const struct sock *sk, struct sk_buff *skb)
}
if (sf->mp_capable)
- flags |= SUBFLOW_FLAGS_MCAP_REM;
+ flags |= MPTCP_SUBFLOW_FLAG_MCAP_REM;
if (sf->request_mptcp)
- flags |= SUBFLOW_FLAGS_MCAP_LOC;
+ flags |= MPTCP_SUBFLOW_FLAG_MCAP_LOC;
if (sf->mp_join)
- flags |= SUBFLOW_FLAGS_JOIN_REM;
+ flags |= MPTCP_SUBFLOW_FLAG_JOIN_REM;
if (sf->request_join)
- flags |= SUBFLOW_FLAGS_JOIN_LOC;
+ flags |= MPTCP_SUBFLOW_FLAG_JOIN_LOC;
if (sf->backup)
- flags |= SUBFLOW_FLAGS_BKUP_REM;
+ flags |= MPTCP_SUBFLOW_FLAG_BKUP_REM;
if (sf->request_bkup)
- flags |= SUBFLOW_FLAGS_BKUP_LOC;
+ flags |= MPTCP_SUBFLOW_FLAG_BKUP_LOC;
if (sf->fourth_ack)
- flags |= SUBFLOW_FLAGS_4THACK;
+ flags |= MPTCP_SUBFLOW_FLAG_4THACK;
if (sf->conn_finished)
- flags |= SUBFLOW_FLAGS_CONNECTED;
+ flags |= MPTCP_SUBFLOW_FLAG_CONNECTED;
if (sf->map_valid)
- flags |= SUBFLOW_FLAGS_MAPVALID;
+ flags |= MPTCP_SUBFLOW_FLAG_MAPVALID;
if (nla_put_u32(skb, MPTCP_SUBFLOW_TOKEN_REM, sf->remote_token) ||
nla_put_u32(skb, MPTCP_SUBFLOW_TOKEN_LOC, sf->token) ||
@@ -75,7 +75,7 @@ int subflow_get_info(const struct sock *sk, struct sk_buff *skb)
return err;
}
-size_t subflow_get_info_size(const struct sock *sk)
+static size_t subflow_get_info_size(const struct sock *sk)
{
size_t size = 0;
@@ -93,3 +93,9 @@ size_t subflow_get_info_size(const struct sock *sk)
0;
return size;
}
+
+void mptcp_diag_subflow_init(struct tcp_ulp_ops *ops)
+{
+ ops->get_info = subflow_get_info;
+ ops->get_info_size = subflow_get_info_size;
+}
diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h
index ecbabf794fd3..3c66f69a734d 100644
--- a/net/mptcp/protocol.h
+++ b/net/mptcp/protocol.h
@@ -315,7 +315,6 @@ static inline bool before64(__u64 seq1, __u64 seq2)
#define after64(seq2, seq1) before64(seq1, seq2)
-size_t subflow_get_info_size(const struct sock *sk);
-int subflow_get_info(const struct sock *sk, struct sk_buff *skb);
+void mptcp_diag_subflow_init(struct tcp_ulp_ops *ops);
#endif /* __MPTCP_PROTOCOL_H */
diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c
index ab93dd86e33d..ebe93525b0aa 100644
--- a/net/mptcp/subflow.c
+++ b/net/mptcp/subflow.c
@@ -505,8 +505,6 @@ static struct tcp_ulp_ops subflow_ulp_ops __read_mostly = {
.init = subflow_ulp_init,
.release = subflow_ulp_release,
.clone = subflow_ulp_clone,
- .get_info = subflow_get_info,
- .get_info_size = subflow_get_info_size,
};
static int subflow_ops_init(struct request_sock_ops *subflow_ops)
@@ -542,6 +540,8 @@ void mptcp_subflow_init(void)
subflow_specific.sk_rx_dst_set = subflow_finish_connect;
subflow_specific.rebuild_header = subflow_rebuild_header;
+ mptcp_diag_subflow_init(&subflow_ulp_ops);
+
if (tcp_register_ulp(&subflow_ulp_ops) != 0)
panic("MPTCP: failed to register subflows to ULP\n");
}
--
2.20.1
7 months, 4 weeks
[GIT] Sync with net-next on 20191006: 1 conflict
by Matthieu Baerts
Hello,
Just to inform you that we got a conflict when integrating last changes
from net-next:
diff --cc include/net/netns/mib.h
index 59fcaef98fb8,b5fdb108d602..000000000000
--- a/include/net/netns/mib.h
+++ b/include/net/netns/mib.h
@@@ -24,9 -24,9 +24,12 @@@ struct netns_mib
#ifdef CONFIG_XFRM_STATISTICS
DEFINE_SNMP_STAT(struct linux_xfrm_mib, xfrm_statistics);
#endif
+ #if IS_ENABLED(CONFIG_TLS)
+ DEFINE_SNMP_STAT(struct linux_tls_mib, tls_statistics);
+ #endif
+#ifdef CONFIG_MPTCP
+ DEFINE_SNMP_STAT(struct mptcp_mib, mptcp_statistics);
+#endif
};
#endif
Again very easy to fix, it is due to d26b698dd3cd (net/tls: add skeleton
of MIB statistics) by Jakub Kicinski. It is fixed with 6ba3c8c3fd81 in
t/mptcp-add-MIB-counter-infrastructure.
Tests are still OK!
Cheers,
Matt
--
Matthieu Baerts | R&D Engineer
matthieu.baerts(a)tessares.net
Tessares SA | Hybrid Access Solutions
www.tessares.net
1 Avenue Jean Monnet, 1348 Louvain-la-Neuve, Belgium
7 months, 4 weeks
[Weekly meetings] MoM - 3rd of October 2019
by Matthieu Baerts
Hello,
Yesterday, we had our 69th meeting with Mat, Peter and Ossama (Intel
OTC), Christoph (Apple), Paolo and Davide (RedHat) and myself (Tessares).
Thanks again for this new good meeting!
Here are the minutes of the meeting:
Accepted patches:
- mptcp: Prefix crypto routines with mptcp_:
- by Peter
- applied by Florian
- squashed
- mptcp: fix retransmit timer update:
- by Paolo
- follow up for "mptcp: implement retransmit infrastructure"
- Accept by Mat
- squashed
- mptcp: prefix subflow routines with mptcp_:
- by Matth
- accepted by Florian
- squashed (no signed-off added)
- mptcp: Remove all traces of checksum support:
- by Peter
- v2 sent
- Split in 6 patches, all squashed
- applied patch is slightly different, see ML ("unused" field +
changes in pm.c)
- mptcp: removed unused fields in structures:
- by Matth
- applied without review :-O → no, Peter said OK (after)
- mptcp: prefix pm routines with mptcp_:
- by Matth
- (also applied without review O:-) )
- mptcp: allow dumping subflow context to userspace:
- by Davide
- accepted by Paolo
- mptcp: add MIB counter infrastructure:
- by Florian
- v2 sent
- mptcp: allow MPTCP sockets by default:
- by Matth
- v2 sent
- needs to update the commit message
Pending patches:
- mptcp: Interim Path Manager:
- by Peter
- v2 sent
- Waiting for accept
- mptcp_poll should not block on each subflow:
- by Florian
- no longer an RFC
- waiting for review/accept
- selftests: prepare for mptcp ipv6 support:
- by Florian
- commented by Paolo and Peter (+ who can do what) and Alexander
- Waiting for a last review
- mptcp:options: merge two holes in one:
- by Matth
- Commented by Peter
- we can drop it if we clean up the structure
- mptcp:diag: prefix exposed items:
- by Matth
- Commented by Davide
- to conform with the rest
RFCv2 sent to netdev:
- Feedback: Dave M says 40-some patches is way too many, and to
repost series with no more than 12-20 patches
https://lore.kernel.org/netdev/20191002.171229.1495727500341484392.davem@...
- Mat regrets accidentally posting an older snapshot to netdev. It
was export/20191001T075519 plus Florian's IPv6 selftest series. Given
Dave's feedback, he did not continue with reposting the correct 43
patches as RFCv3.
- We could squash more aggressively to reduce in-series code churn
and the patch count
- Or we send less (less at a time)
- Or we do both (squash + send less at a time)
- Maybe easier to send a first subset and then squash other patches
later?
- Idea from Florian and Paolo would be to only include:
net: Make sock protocol value checks more specific
sock: Make sk_protocol a 16-bit value
tcp: Define IPPROTO_MPTCP
# new # tcp: Add MPTCP option number
tcp, ulp: Add clone operation to tcp_ulp_ops
# new # mptcp: Add MPTCP to skb extensions
tcp: Prevent coalesce/collapse when skb has MPTCP extensions
(requires MPTCP skb extensions)
tcp: Export low-level TCP functions
tcp: Check for filled TCP option space before SACK
tcp: clean ext on tx recycle
tcp: Expose tcp struct and routine for MPTCP
- and regarding: "tcp: clean ext on tx recycle" →
https://github.com/multipath-tcp/mptcp_net-next/commit/bd623dbb9c27d43996...
- it does have some minimal MPTCP dependencies that can't be
removed without making such patch a no-op, so perhaps we should also
include some very minimal MPTCP stub definitions:
- mptcp: Add MPTCP to skb extensions
- tcp: Add MPTCP option number
- Or we rework the patches above not to include them now (first
patch set). But easier for us if they are there
→ decision: we take the list we have above and if there is an issue
with upstream, we drop and rework patches
→ *@Florian*: may you comment this please? (linked to the discussion
we had on "RFCv2 for netdev: what's missing?" mail thread.
- We can send a first set (↑), then up to kselftests (with possible
re-ordered/squashed patches like refactoring of recv/sendmsg) as a
second batch, then other chunks later
- It looks like a good idea to send the first set "now" / very soon.
- Matth can re-order the commits and check that each commit can be
compiled without issues
- planning:
- Wait for Florian comment about that (there was a new comment
by Florian linked to that on the ML after the meeting)
- Matth does the rebase
- We let half to one day for the review
- Paolo sends coffee to Mat
- Mat sends that to Netdev as a non RFC
- (maybe: Mat, may you already send a new draft for the
cover-letter for this first batch?)
Second part of the "initial" submission:
- Squash "mptcp: Make MPTCP socket block/wakeup ignore
sk_receive_queue" earlier in the series? (Question by Mat)
-
https://github.com/multipath-tcp/mptcp_net-next/commit/de814755d1e5f7fe5e...
- We can squash it, maybe in MPTCP receive path.
- *@Mat*: To be confirmed by Mat after the meeting
mptcp_recvmsg():
- Paolo is working on another refactoring of mptcp_recvmsg()
- Ideally, we should squash it with the previous one
- Paolo hopes having something to share next week
Another idea of squash:
- the ones related to sendmsg():
- mptcp: use sk_page_frag() in sendmsg
- mptcp: sendmsg() do spool all the provided data
- mptcp: allow collapsing consecutive sendpages on the same
substream
- they modified incrementally the code made by the previous one
- It might be easier for the reviewers to have everything in one
- Maybe we can rework them in 1, 2 patches: one introducing helpers
- Paolo can look at that (in the near future)
Rebase:
- If someone wants to do some rebases, please notify the list,
mainly Matth, to pause the work on the "main" branch (TopGit tree)
MPTCPv1:
- because Apple is reserving some rights, it might be an issue.
- MPTCPv1 (RFC6824bis) should be published soon so that's good:
Apple will reserve less rights but still a few (protection)
- we should explain in the commit message what it means and point
reviewers/maintainers to the patent and what Apple said in IETF documents.
- still would be better without this patent (another track in progress)
Remaining items for the initial submission:
- IPv6 support:
- Peter is working on it
- MPTCP v1 support:
- question about complexity: might be more complex to implement
the new MP_CAPABLE way of working (delayed client's "key")
- Paolo is pointing us to a URL in the ML:
https://lists.01.org/hyperkitty/list/mptcp@lists.01.org/thread/IEL4AEXZZZ...
- DATA_FIN:
- Mat is working on it
- Working on having the correct state machine
- Florian might be interesting to help on that
- Shared recv window:
- Do we need this for the initial submission? Will be needed
only with multiple concurrent flows
- If we accept multiple subflows, the other end might send data
over multiple flows (concurrently), even if the backup flag is set
- (this backup flag is more a way to inform the other side the
subflow should be used "as a backup" or "with a lower priority")
- we at least need protection again "deadlocks", see
recommendations sent by Christoph previously.
- → Work to be done
- Active backup support:
- Paolo is looking at that, the mptcp_recvmsg() refactoring is
part of it
- It also means we need a basic scheduler for the xmit side
- Limit subflow ULP visibility to kernel space:
- there used to be a way to limit them
- we should have a similar way again
- to avoid the userspace to attach subflow to MPTCP flow
- Davide can look at it
- optimisation of options in TCP "struct mptcp_options_received":
- idea would be to add unions for options that cannot be used
together
- e.g. MP_CAPABLE and MP_JOIN cannot live together
- but ADD/RM_ADDR can be present with DSS
- MP_FAST_CLOSE, seems not implemented:
- Do we want to add it now?
- We might be able to live without it *for the moment*
- implementation is easier with MPTCPv1
- We can continue discussing about that next week (running out
of time)
New ML interface:
- https://lists.01.org/hyperkitty/list/mptcp@lists.01.org/
- Old archive links no longer work
- previous subscribers are still subscribed
- *@Mat* can fix the links in the meetings in the wiki
Next meeting:
- We propose to have it next Thursday, the 10rd of October.
- Usual time: 16:00 UTC (9am PDT, 6pm CEST)
- Still open to everyone!
- https://annuel2.framapad.org/p/mptcp_upstreaming_20191010
Feel free to comment on these points and propose new ones for the next
meeting!
Talk to you next week,
Matt
--
Matthieu Baerts | R&D Engineer
matthieu.baerts(a)tessares.net
Tessares SA | Hybrid Access Solutions
www.tessares.net
1 Avenue Jean Monnet, 1348 Louvain-la-Neuve, Belgium
8 months
[PATCH mptcp] options: copy entire extension area to option struct
by Florian Westphal
No reason to copy each member individually, just copy everything.
This means we will also copy ext->data_fin which was not done before.
squashto: "mptcp: Write MPTCP DSS headers to outgoing data packets"
Signed-off-by: Florian Westphal <fw(a)strlen.de>
---
net/mptcp/options.c | 9 ++-------
1 file changed, 2 insertions(+), 7 deletions(-)
diff --git a/net/mptcp/options.c b/net/mptcp/options.c
index a33c202db009..d00e86550d8b 100644
--- a/net/mptcp/options.c
+++ b/net/mptcp/options.c
@@ -402,13 +402,8 @@ static bool mptcp_established_options_dss(struct sock *sk, struct sk_buff *skb,
if (map_size <= remaining) {
remaining -= map_size;
dss_size = map_size;
- if (mpext) {
- opts->ext_copy.data_seq = mpext->data_seq;
- opts->ext_copy.subflow_seq = mpext->subflow_seq;
- opts->ext_copy.data_len = mpext->data_len;
- opts->ext_copy.use_map = 1;
- opts->ext_copy.dsn64 = mpext->dsn64;
- }
+ if (mpext)
+ opts->ext_copy = *mpext;
} else {
opts->ext_copy.use_map = 0;
WARN_ONCE(1, "MPTCP: Map dropped");
--
2.21.0
8 months
[PATCH] mptcp:diag: prefix exposed items
by Matthieu Baerts
To conform with the rest.
Signed-off-by: Matthieu Baerts <matthieu.baerts(a)tessares.net>
---
include/uapi/linux/mptcp.h | 18 +++++++++---------
net/mptcp/diag.c | 22 +++++++++++-----------
net/mptcp/protocol.h | 4 ++--
net/mptcp/subflow.c | 4 ++--
4 files changed, 24 insertions(+), 24 deletions(-)
diff --git a/include/uapi/linux/mptcp.h b/include/uapi/linux/mptcp.h
index 2856b89cc36e..04bd134c1807 100644
--- a/include/uapi/linux/mptcp.h
+++ b/include/uapi/linux/mptcp.h
@@ -4,15 +4,15 @@
#include <linux/types.h>
-#define SUBFLOW_FLAGS_MCAP_REM BIT(0)
-#define SUBFLOW_FLAGS_MCAP_LOC BIT(1)
-#define SUBFLOW_FLAGS_JOIN_REM BIT(2)
-#define SUBFLOW_FLAGS_JOIN_LOC BIT(3)
-#define SUBFLOW_FLAGS_BKUP_REM BIT(4)
-#define SUBFLOW_FLAGS_BKUP_LOC BIT(5)
-#define SUBFLOW_FLAGS_4THACK BIT(6)
-#define SUBFLOW_FLAGS_CONNECTED BIT(7)
-#define SUBFLOW_FLAGS_MAPVALID BIT(8)
+#define MPTCP_SUBFLOW_FLAGS_MCAP_REM BIT(0)
+#define MPTCP_SUBFLOW_FLAGS_MCAP_LOC BIT(1)
+#define MPTCP_SUBFLOW_FLAGS_JOIN_REM BIT(2)
+#define MPTCP_SUBFLOW_FLAGS_JOIN_LOC BIT(3)
+#define MPTCP_SUBFLOW_FLAGS_BKUP_REM BIT(4)
+#define MPTCP_SUBFLOW_FLAGS_BKUP_LOC BIT(5)
+#define MPTCP_SUBFLOW_FLAGS_4THACK BIT(6)
+#define MPTCP_SUBFLOW_FLAGS_CONNECTED BIT(7)
+#define MPTCP_SUBFLOW_FLAGS_MAPVALID BIT(8)
enum {
MPTCP_SUBFLOW_UNSPEC,
diff --git a/net/mptcp/diag.c b/net/mptcp/diag.c
index 27acd1ad485c..0e4607d56fe5 100644
--- a/net/mptcp/diag.c
+++ b/net/mptcp/diag.c
@@ -13,7 +13,7 @@
#include <uapi/linux/mptcp.h>
#include "protocol.h"
-int subflow_get_info(const struct sock *sk, struct sk_buff *skb)
+int mptcp_diag_subflow_get_info(const struct sock *sk, struct sk_buff *skb)
{
struct mptcp_subflow_context *sf;
struct nlattr *start;
@@ -32,23 +32,23 @@ int subflow_get_info(const struct sock *sk, struct sk_buff *skb)
}
if (sf->mp_capable)
- flags |= SUBFLOW_FLAGS_MCAP_REM;
+ flags |= MPTCP_SUBFLOW_FLAGS_MCAP_REM;
if (sf->request_mptcp)
- flags |= SUBFLOW_FLAGS_MCAP_LOC;
+ flags |= MPTCP_SUBFLOW_FLAGS_MCAP_LOC;
if (sf->mp_join)
- flags |= SUBFLOW_FLAGS_JOIN_REM;
+ flags |= MPTCP_SUBFLOW_FLAGS_JOIN_REM;
if (sf->request_join)
- flags |= SUBFLOW_FLAGS_JOIN_LOC;
+ flags |= MPTCP_SUBFLOW_FLAGS_JOIN_LOC;
if (sf->backup)
- flags |= SUBFLOW_FLAGS_BKUP_REM;
+ flags |= MPTCP_SUBFLOW_FLAGS_BKUP_REM;
if (sf->request_bkup)
- flags |= SUBFLOW_FLAGS_BKUP_LOC;
+ flags |= MPTCP_SUBFLOW_FLAGS_BKUP_LOC;
if (sf->fourth_ack)
- flags |= SUBFLOW_FLAGS_4THACK;
+ flags |= MPTCP_SUBFLOW_FLAGS_4THACK;
if (sf->conn_finished)
- flags |= SUBFLOW_FLAGS_CONNECTED;
+ flags |= MPTCP_SUBFLOW_FLAGS_CONNECTED;
if (sf->map_valid)
- flags |= SUBFLOW_FLAGS_MAPVALID;
+ flags |= MPTCP_SUBFLOW_FLAGS_MAPVALID;
if (nla_put_u32(skb, MPTCP_SUBFLOW_TOKEN_REM, sf->remote_token) ||
nla_put_u32(skb, MPTCP_SUBFLOW_TOKEN_LOC, sf->token) ||
@@ -75,7 +75,7 @@ int subflow_get_info(const struct sock *sk, struct sk_buff *skb)
return err;
}
-size_t subflow_get_info_size(const struct sock *sk)
+size_t mptcp_diag_subflow_get_info_size(const struct sock *sk)
{
size_t size = 0;
diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h
index 25f62679903e..452e873dc722 100644
--- a/net/mptcp/protocol.h
+++ b/net/mptcp/protocol.h
@@ -313,7 +313,7 @@ static inline bool before64(__u64 seq1, __u64 seq2)
#define after64(seq2, seq1) before64(seq1, seq2)
-size_t subflow_get_info_size(const struct sock *sk);
-int subflow_get_info(const struct sock *sk, struct sk_buff *skb);
+size_t mptcp_diag_subflow_get_info_size(const struct sock *sk);
+int mptcp_diag_subflow_get_info(const struct sock *sk, struct sk_buff *skb);
#endif /* __MPTCP_PROTOCOL_H */
diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c
index 0f4a2a19d246..99cbb8351584 100644
--- a/net/mptcp/subflow.c
+++ b/net/mptcp/subflow.c
@@ -492,8 +492,8 @@ static struct tcp_ulp_ops subflow_ulp_ops __read_mostly = {
.init = subflow_ulp_init,
.release = subflow_ulp_release,
.clone = subflow_ulp_clone,
- .get_info = subflow_get_info,
- .get_info_size = subflow_get_info_size,
+ .get_info = mptcp_diag_subflow_get_info,
+ .get_info_size = mptcp_diag_subflow_get_info_size,
};
static int subflow_ops_init(struct request_sock_ops *subflow_ops)
--
2.20.1
8 months
RFCv2 for netdev: what's missing?
by Matthieu Baerts
Hi,
At the last meeting, we said it would be good to send a new RFCv2 to
netdev before the next meeting while windows are closed. I guess today
would be good, no?
What do we still need to do?
- the cover letter: Mat is it still OK to do it on your side?
- any other patches to apply before this?
Here are the pending patches:
- mptcp: Interim Path Manager: Waiting for accept (last review)
- mptcp_poll should not block on each subflow: Waiting for review
- mptcp: allow dumping subflow context to userspace: can be applied
- selftests: prepare for mptcp ipv6 support: Waiting for accept (last
review)
- mptcp: Remove all traces of checksum support: do we want it?
- mptcp: add MIB counter infrastructure: Waiting for accept (last review)
- mptcp: allow MPTCP sockets by default: can be applied
- mptcp: prefix mptcp_ to exposed pm_ routines.
For the moment, I am blocked with "mptcp: Remove all traces of checksum
support" but I can drop this rebase to work on other patches if others
are required for the RFCv2.
What's your point of view on this?
Cheers,
Matt
--
Matthieu Baerts | R&D Engineer
matthieu.baerts(a)tessares.net
Tessares SA | Hybrid Access Solutions
www.tessares.net
1 Avenue Jean Monnet, 1348 Louvain-la-Neuve, Belgium
8 months
[PATCH v2] mptcp: allow MPTCP sockets by default
by Matthieu Baerts
At LPC2019, the feedback was that it should be easy to create MPTCP
sockets to have testers. But still important to have ways to disable the
creation of new MPTCP sockets. It can be easily done via this new
sysctl, CGroups or SELinux. Netfilter can also be used to close existing
MPTCP connections if needed.
Signed-off-by: Matthieu Baerts <matthieu.baerts(a)tessares.net>
---
Notes:
To be squashed in "mptcp: new sysctl to control the activation per NS"
v2:
- fix typo spotted by Mat ("static int" instead of "static void")
.topmsg | 7 +++----
net/mptcp/ctrl.c | 7 +++++++
tools/testing/selftests/net/mptcp/mptcp_connect.sh | 14 ++++++++++----
3 files changed, 20 insertions(+), 8 deletions(-)
diff --git a/.topmsg b/.topmsg
index 7ff9f3c96ff3..373f94c4b4bd 100644
--- a/.topmsg
+++ b/.topmsg
@@ -5,10 +5,9 @@ New MPTCP sockets will return -ENOPROTOOPT if MPTCP support is disabled
for the current net namespace.
For security reasons, it is interesting to have a global switch for
-MPTCP. To start, MPTCP will be disabled by default and only privileged
-users will be able to modify this. The reason is that because MPTCP is
-new, it will not be tested and reviewed by many and security issues can
-then take time to be discovered and fixed.
+MPTCP. The reason is that because MPTCP is new, it will not be tested
+and reviewed by many and security issues can then take time to be
+discovered and fixed.
The value of this new sysctl can be different per namespace. We can then
restrict the usage of MPTCP to the selected NS. In case of serious
diff --git a/net/mptcp/ctrl.c b/net/mptcp/ctrl.c
index 8d9f15f02369..33de3ced2ba7 100644
--- a/net/mptcp/ctrl.c
+++ b/net/mptcp/ctrl.c
@@ -43,6 +43,11 @@ static struct ctl_table mptcp_sysctl_table[] = {
{}
};
+static void mptcp_pernet_set_defaults(struct mptcp_pernet *pernet)
+{
+ pernet->mptcp_enabled = 1;
+}
+
static int mptcp_pernet_new_table(struct net *net, struct mptcp_pernet *pernet)
{
struct ctl_table_header *hdr;
@@ -85,6 +90,8 @@ static int __net_init mptcp_net_init(struct net *net)
{
struct mptcp_pernet *pernet = mptcp_get_pernet(net);
+ mptcp_pernet_set_defaults(pernet);
+
return mptcp_pernet_new_table(net, pernet);
}
diff --git a/tools/testing/selftests/net/mptcp/mptcp_connect.sh b/tools/testing/selftests/net/mptcp/mptcp_connect.sh
index d029bdc5946d..7d312bd9ac77 100755
--- a/tools/testing/selftests/net/mptcp/mptcp_connect.sh
+++ b/tools/testing/selftests/net/mptcp/mptcp_connect.sh
@@ -45,7 +45,6 @@ trap cleanup EXIT
for i in 1 2 3 4;do
ip netns add ns$i || exit $ksft_skip
ip -net ns$i link set lo up
- ip netns exec ns$i sysctl -q net.mptcp.enabled=1
done
# ns1 ns2 ns3 ns4
@@ -111,7 +110,14 @@ check_mptcp_disabled()
{
disabled_ns="ns_disabled"
ip netns add ${disabled_ns} || exit $ksft_skip
- # by default: sysctl net.mptcp.enabled=0
+
+ # net.mptcp.enabled should be enabled by default
+ if [ "$(ip netns exec ${disabled_ns} sysctl net.mptcp.enabled | awk '{ print $3 }')" -ne 1 ]; then
+ echo -e "net.mptcp.enabled sysctl is not 1 by default\t[ FAIL ]"
+ ret=1
+ return 1
+ fi
+ ip netns exec ${disabled_ns} sysctl -q net.mptcp.enabled=0
local err=0
LANG=C ip netns exec ${disabled_ns} ./mptcp_connect -t $timeout -p 10000 -s MPTCP 127.0.0.1 < "$cin" 2>&1 | \
@@ -119,12 +125,12 @@ check_mptcp_disabled()
ip netns delete ${disabled_ns}
if [ ${err} -eq 0 ]; then
- echo -e "MPTCP is not disabled by default as expected\t[ FAIL ]"
+ echo -e "New MPTCP socket cannot be blocked via sysctl\t[ FAIL ]"
ret=1
return 1
fi
- echo -e "MPTCP is disabled by default as expected\t[ OK ]"
+ echo -e "New MPTCP socket can be blocked via sysctl\t[ OK ]"
return 0
}
--
2.20.1
8 months
[PATCH] mptcp: prefix pm routines with mptcp_
by Matthieu Baerts
"pm" is currently used for Power Manager in the kernel. Better not to
pollute this namespace.
Signed-off-by: Matthieu Baerts <matthieu.baerts(a)tessares.net>
---
Notes:
Here is the patch I applied directly + follow-up. I made sure each commit
compiles:
- 49825d3998b9: "squashed" in "mptcp: Add path manager interface"
- 398e8a1c8bb5: build-fix in "mptcp: Add ADD_ADDR handling"
- d74222a10684: build-fix in "mptcp: Add handling of incoming MP_JOIN requests"
- 9f39c3681b37: conflict in t/mptcp-Add-handling-of-outgoing-MP_JOIN-requests
- 0f837758795a: mptcp: fix style typo (extra line added in one commit, removed in another one later)
- 008467ef92e5..eeb324e54935: result
net/mptcp/options.c | 7 ++++---
net/mptcp/pm.c | 38 ++++++++++++++++++++------------------
net/mptcp/protocol.c | 6 +++---
net/mptcp/protocol.h | 28 +++++++++++++++-------------
4 files changed, 42 insertions(+), 37 deletions(-)
diff --git a/net/mptcp/options.c b/net/mptcp/options.c
index 602cf40f72a6..ee53f9d356f9 100644
--- a/net/mptcp/options.c
+++ b/net/mptcp/options.c
@@ -405,10 +405,11 @@ void mptcp_incoming_options(struct sock *sk, struct sk_buff *skb,
if (msk && mp_opt->add_addr) {
if (mp_opt->family == MPTCP_ADDR_IPVERSION_4)
- pm_add_addr(msk, &mp_opt->addr, mp_opt->addr_id);
+ mptcp_pm_add_addr(msk, &mp_opt->addr, mp_opt->addr_id);
#if IS_ENABLED(CONFIG_IPV6)
else if (mp_opt->family == MPTCP_ADDR_IPVERSION_6)
- pm_add_addr6(msk, &mp_opt->addr6, mp_opt->addr_id);
+ mptcp_pm_add_addr6(msk, &mp_opt->addr6,
+ mp_opt->addr_id);
#endif
mp_opt->add_addr = 0;
}
@@ -439,7 +440,7 @@ void mptcp_incoming_options(struct sock *sk, struct sk_buff *skb,
mpext->data_fin = mp_opt->data_fin;
if (msk)
- pm_fully_established(msk);
+ mptcp_pm_fully_established(msk);
}
diff --git a/net/mptcp/pm.c b/net/mptcp/pm.c
index 933dd805c9b2..9fa000c3abdc 100644
--- a/net/mptcp/pm.c
+++ b/net/mptcp/pm.c
@@ -10,59 +10,60 @@
/* path manager command handlers */
-int pm_announce_addr(u32 token, sa_family_t family, u8 local_id,
- struct in_addr *addr)
+int mptcp_pm_announce_addr(u32 token, sa_family_t family, u8 local_id,
+ struct in_addr *addr)
{
return -ENOTSUPP;
}
-int pm_remove_addr(u32 token, u8 local_id)
+int mptcp_pm_remove_addr(u32 token, u8 local_id)
{
return -ENOTSUPP;
}
-int pm_create_subflow(u32 token, u8 remote_id)
+int mptcp_pm_create_subflow(u32 token, u8 remote_id)
{
return -ENOTSUPP;
}
-int pm_remove_subflow(u32 token, u8 remote_id)
+int mptcp_pm_remove_subflow(u32 token, u8 remote_id)
{
return -ENOTSUPP;
}
/* path manager event handlers */
-void pm_new_connection(struct mptcp_sock *msk, int server_side)
+void mptcp_pm_new_connection(struct mptcp_sock *msk, int server_side)
{
pr_debug("msk=%p", msk);
msk->pm.server_side = server_side;
}
-void pm_fully_established(struct mptcp_sock *msk)
+void mptcp_pm_fully_established(struct mptcp_sock *msk)
{
pr_debug("msk=%p", msk);
msk->pm.fully_established = 1;
}
-void pm_connection_closed(struct mptcp_sock *msk)
+void mptcp_pm_connection_closed(struct mptcp_sock *msk)
{
pr_debug("msk=%p", msk);
}
-void pm_subflow_established(struct mptcp_sock *msk, u8 id)
+void mptcp_pm_subflow_established(struct mptcp_sock *msk, u8 id)
{
pr_debug("msk=%p", msk);
}
-void pm_subflow_closed(struct mptcp_sock *msk, u8 id)
+void mptcp_pm_subflow_closed(struct mptcp_sock *msk, u8 id)
{
pr_debug("msk=%p", msk);
}
-void pm_add_addr(struct mptcp_sock *msk, const struct in_addr *addr, u8 id)
+void mptcp_pm_add_addr(struct mptcp_sock *msk, const struct in_addr *addr,
+ u8 id)
{
pr_debug("msk=%p, addr=%x, remote_id=%d", msk, addr->s_addr, id);
@@ -72,20 +73,21 @@ void pm_add_addr(struct mptcp_sock *msk, const struct in_addr *addr, u8 id)
msk->pm.remote_valid = 1;
}
-void pm_add_addr6(struct mptcp_sock *msk, const struct in6_addr *addr, u8 id)
+void mptcp_pm_add_addr6(struct mptcp_sock *msk, const struct in6_addr *addr,
+ u8 id)
{
pr_debug("msk=%p", msk);
}
-void pm_rm_addr(struct mptcp_sock *msk, u8 id)
+void mptcp_pm_rm_addr(struct mptcp_sock *msk, u8 id)
{
pr_debug("msk=%p", msk);
}
/* path manager helpers */
-int pm_addr_signal(struct mptcp_sock *msk, u8 *id,
- struct sockaddr_storage *saddr)
+int mptcp_pm_addr_signal(struct mptcp_sock *msk, u8 *id,
+ struct sockaddr_storage *saddr)
{
struct sockaddr_in *addr = (struct sockaddr_in *)saddr;
@@ -102,8 +104,8 @@ int pm_addr_signal(struct mptcp_sock *msk, u8 *id,
return 0;
}
-int pm_get_local_id(struct request_sock *req, struct sock *sk,
- const struct sk_buff *skb)
+int mptcp_pm_get_local_id(struct request_sock *req, struct sock *sk,
+ const struct sk_buff *skb)
{
struct mptcp_subflow_request_sock *subflow_req = mptcp_subflow_rsk(req);
struct mptcp_sock *msk = mptcp_sk(sk);
@@ -119,6 +121,6 @@ int pm_get_local_id(struct request_sock *req, struct sock *sk,
return 0;
}
-void pm_init(void)
+void mptcp_pm_init(void)
{
}
diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c
index 754172af8748..b03b88c5a75a 100644
--- a/net/mptcp/protocol.c
+++ b/net/mptcp/protocol.c
@@ -653,7 +653,7 @@ static struct sock *mptcp_accept(struct sock *sk, int flags, int *err,
mptcp_token_update_accept(new_sock->sk, new_mptcp_sock);
msk->subflow = NULL;
- pm_new_connection(msk, 1);
+ mptcp_pm_new_connection(msk, 1);
mptcp_crypto_key_sha1(msk->remote_key, NULL, &ack_seq);
msk->write_seq = subflow->idsn + 1;
@@ -786,7 +786,7 @@ void mptcp_finish_connect(struct sock *sk, int mp_capable)
msk->token = subflow->token;
pr_debug("msk=%p, token=%u", msk, msk->token);
- pm_new_connection(msk, 0);
+ mptcp_pm_new_connection(msk, 0);
mptcp_crypto_key_sha1(msk->remote_key, NULL, &ack_seq);
msk->write_seq = subflow->idsn + 1;
@@ -1014,7 +1014,7 @@ void __init mptcp_init(void)
mptcp_stream_ops.shutdown = mptcp_shutdown;
mptcp_subflow_init();
- pm_init();
+ mptcp_pm_init();
if (proto_register(&mptcp_prot, 1) != 0)
panic("Failed to register MPTCP proto.\n");
diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h
index 32fc273eb60d..b3f2e2382a93 100644
--- a/net/mptcp/protocol.h
+++ b/net/mptcp/protocol.h
@@ -199,19 +199,21 @@ static inline void mptcp_crypto_key_gen_sha1(u64 *key, u32 *token, u64 *idsn)
void mptcp_crypto_hmac_sha1(u64 key1, u64 key2, u32 nonce1, u32 nonce2,
u32 *hash_out);
-void pm_init(void);
-void pm_new_connection(struct mptcp_sock *msk, int server_side);
-void pm_fully_established(struct mptcp_sock *msk);
-void pm_connection_closed(struct mptcp_sock *msk);
-void pm_subflow_established(struct mptcp_sock *msk, u8 id);
-void pm_subflow_closed(struct mptcp_sock *msk, u8 id);
-void pm_add_addr(struct mptcp_sock *msk, const struct in_addr *addr, u8 id);
-void pm_add_addr6(struct mptcp_sock *msk, const struct in6_addr *addr, u8 id);
-void pm_rm_addr(struct mptcp_sock *msk, u8 id);
-int pm_addr_signal(struct mptcp_sock *msk, u8 *id,
- struct sockaddr_storage *saddr);
-int pm_get_local_id(struct request_sock *req, struct sock *sk,
- const struct sk_buff *skb);
+void mptcp_pm_init(void);
+void mptcp_pm_new_connection(struct mptcp_sock *msk, int server_side);
+void mptcp_pm_fully_established(struct mptcp_sock *msk);
+void mptcp_pm_connection_closed(struct mptcp_sock *msk);
+void mptcp_pm_subflow_established(struct mptcp_sock *msk, u8 id);
+void mptcp_pm_subflow_closed(struct mptcp_sock *msk, u8 id);
+void mptcp_pm_add_addr(struct mptcp_sock *msk, const struct in_addr *addr,
+ u8 id);
+void mptcp_pm_add_addr6(struct mptcp_sock *msk, const struct in6_addr *addr,
+ u8 id);
+void mptcp_pm_rm_addr(struct mptcp_sock *msk, u8 id);
+int mptcp_pm_addr_signal(struct mptcp_sock *msk, u8 *id,
+ struct sockaddr_storage *saddr);
+int mptcp_pm_get_local_id(struct request_sock *req, struct sock *sk,
+ const struct sk_buff *skb);
static inline struct mptcp_ext *mptcp_get_ext(struct sk_buff *skb)
{
--
2.20.1
8 months
[PATCH v2 0/2] mptcp: add MIB counters
by Florian Westphal
As mentioned earlier, here is v2 of the MIB counter patch set.
I've tossed all counters that aren't used (= have no spot that
increments them).
Tests still pass, counters get incremented, you can show them
via 'nstat' or "netststat -s".
8 months