[PATCH net-next 00/11] mptcp: Add port parameter to ADD_ADDR option
by Mat Martineau
The ADD_ADDR MPTCP option is used to announce available IP addresses
that a peer may connect to when adding more TCP subflows to an existing
MPTCP connection. There is an optional port number field in that
ADD_ADDR header, and this patch set adds capability for that port number
to be sent and received.
Patches 1, 2, and 4 refactor existing ADD_ADDR code to simplify implementation
of port number support.
Patches 3 and 5 are the main functional changes, for sending and
receiving the port number in the MPTCP ADD_ADDR option.
Patch 6 sends the ADD_ADDR option with port number on a bare TCP ACK,
since the extra length of the option may run in to cases where
sufficient TCP option space is not available on a data packet.
Patch 7 plumbs in port number support for the in-kernel MPTCP path
manager.
Patches 8-11 add some optional debug output and a little more cleanup
refactoring.
Geliang Tang (11):
mptcp: unify ADD_ADDR and echo suboptions writing
mptcp: unify ADD_ADDR and ADD_ADDR6 suboptions writing
mptcp: add port support for ADD_ADDR suboption writing
mptcp: use adding up size to get ADD_ADDR length
mptcp: add the outgoing ADD_ADDR port support
mptcp: send out dedicated packet for ADD_ADDR using port
mptcp: add port parameter for mptcp_pm_announce_addr
mptcp: print out port and ahmac when receiving ADD_ADDR
mptcp: drop rm_addr_signal flag
mptcp: rename add_addr_signal and mptcp_add_addr_status
mptcp: use the variable sk instead of open-coding
include/net/mptcp.h | 1 +
net/mptcp/options.c | 103 ++++++++++++++++++++++++++---------------
net/mptcp/pm.c | 40 +++++++++++-----
net/mptcp/pm_netlink.c | 31 +++++++++----
net/mptcp/protocol.h | 50 ++++++++++++--------
5 files changed, 146 insertions(+), 79 deletions(-)
--
2.29.2
2 months, 3 weeks
[RFC PATCH] selinux: handle MPTCP consistently with TCP
by Paolo Abeni
The MPTCP protocol uses a specific protocol value, even if
it's an extension to TCP. Additionally, MPTCP sockets
could 'fall-back' to TCP at run-time, depending on peer MPTCP
support and available resources.
As a consequence of the specific protocol number, selinux
applies the raw_socket class to MPTCP sockets.
Existing TCP application converted to MPTCP - or forced to
use MPTCP socket with user-space hacks - will need an
updated policy to run successfully.
This change lets selinux attach the TCP socket class to
MPTCP sockets, too, so that no policy changes are needed in
the above scenario.
Signed-off-by: Paolo Abeni <pabeni(a)redhat.com>
---
security/selinux/hooks.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 6b1826fc3658..9a6b4bf1bc5b 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1120,7 +1120,8 @@ static inline u16 inode_mode_to_security_class(umode_t mode)
static inline int default_protocol_stream(int protocol)
{
- return (protocol == IPPROTO_IP || protocol == IPPROTO_TCP);
+ return (protocol == IPPROTO_IP || protocol == IPPROTO_TCP ||
+ protocol == IPPROTO_MPTCP);
}
static inline int default_protocol_dgram(int protocol)
@@ -1152,7 +1153,7 @@ static inline u16 socket_type_to_security_class(int family, int type, int protoc
return SECCLASS_TCP_SOCKET;
else if (extsockclass && protocol == IPPROTO_SCTP)
return SECCLASS_SCTP_SOCKET;
- else
+ elseextsockclass
return SECCLASS_RAWIP_SOCKET;
case SOCK_DGRAM:
if (default_protocol_dgram(protocol))
--
2.26.2
2 months, 3 weeks
[MPTCP][PATCH v6 mptcp-next 0/9] ADD_ADDR: ports support
by Geliang Tang
v6:
- create and bind the listening socket in mptcp_nl_cmd_add_addr.
- drop the patch "mptcp: add port number listened in kernel check" in
v5.
v5:
- use the per netns listening socket.
- First 8 patches in v4 had been merged to the export branch, drop them
from this patchset.
v4:
- hold msk->pm.lock in mptcp_pm_sport_in_anno_list.
- Merge the patchset 'Squash to "ADD_ADDR: ports support v3"' into v4.
v3:
- add two new patches, 8 and 11
- add more IS_ENABLED(CONFIG_MPTCP_IPV6) in patch 2
- define TCPOLEN_MPTCP_ADD_ADDR_HMAC in patch 4
- add flags check in patch 10
- update the testcases
v2:
- change mptcp_out_options's port field in CPU bype order.
- keep mptcp_options_received's port field in CPU bype order.
- add two new patches to simplify ADD_ADDR suboption writing.
- update mptcp_add_addr_len helper use adding up size.
- add more commit messages.
v1:
This series is the first version of ADD_ADDR ports support. I have solved
the listener problem which I mentioned at the meeting on 15th of October
by adding a new listening socket from the userspace (see patch 8). Up to
now this patchset works well.
Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/54
Geliang Tang (9):
mptcp: create the listening socket for new port
mptcp: set the listening socket's subflow
mptcp: release the listening socket
mptcp: add port number check for MP_JOIN
mptcp: add port number announced check
mptcp: deal with MPTCP_PM_ADDR_ATTR_PORT in PM netlink
selftests: mptcp: add port argument for pm_nl_ctl
mptcp: add the mibs for ADD_ADDR with port
selftests: mptcp: add testcases for ADD_ADDR with port
net/mptcp/mib.c | 4 +
net/mptcp/mib.h | 4 +
net/mptcp/options.c | 4 +
net/mptcp/pm_netlink.c | 91 +++++++++++++-
net/mptcp/protocol.h | 5 +
net/mptcp/subflow.c | 80 +++++++++++-
.../testing/selftests/net/mptcp/mptcp_join.sh | 114 +++++++++++++++++-
tools/testing/selftests/net/mptcp/pm_nl_ctl.c | 24 +++-
8 files changed, 315 insertions(+), 11 deletions(-)
--
2.26.2
2 months, 3 weeks
[MPTCP][PATCH v2 mptcp-next 0/6] MP_PRIO support
by Geliang Tang
v2:
- add set_flags command
v1:
- add MP_PRIO PM netlink support
Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/51
Geliang Tang (6):
mptcp: add the outgoing MP_PRIO support
mptcp: add the incoming MP_PRIO support
mptcp: add set_flags command in PM netlink
selftests: mptcp: add set_flags command in pm_nl_ctl
mptcp: add the mibs for MP_PRIO
selftests: mptcp: add the MP_PRIO testcases
include/uapi/linux/mptcp.h | 2 +
net/mptcp/mib.c | 2 +
net/mptcp/mib.h | 2 +
net/mptcp/options.c | 56 ++++++++++
net/mptcp/pm.c | 8 ++
net/mptcp/pm_netlink.c | 102 ++++++++++++++++++
net/mptcp/protocol.h | 13 ++-
.../testing/selftests/net/mptcp/mptcp_join.sh | 72 ++++++++++++-
tools/testing/selftests/net/mptcp/pm_nl_ctl.c | 87 ++++++++++++++-
9 files changed, 341 insertions(+), 3 deletions(-)
--
2.26.2
2 months, 3 weeks
[MPTCP][PATCH mptcp-next] Squash to "mptcp: parse and act on incoming FASTCLOSE option": a small cleanup
by Geliang Tang
Just a small cleanup.
Signed-off-by: Geliang Tang <geliangtang(a)gmail.com>
---
net/mptcp/options.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/net/mptcp/options.c b/net/mptcp/options.c
index cdb7f7f265a8..a7262c807f63 100644
--- a/net/mptcp/options.c
+++ b/net/mptcp/options.c
@@ -281,6 +281,7 @@ static void mptcp_parse_option(const struct sk_buff *skb,
mp_opt->rm_id = *ptr++;
pr_debug("RM_ADDR: id=%d", mp_opt->rm_id);
break;
+
case MPTCPOPT_MP_FASTCLOSE:
if (opsize != TCPOLEN_MPTCP_FASTCLOSE)
break;
@@ -290,6 +291,7 @@ static void mptcp_parse_option(const struct sk_buff *skb,
ptr += 8;
mp_opt->fastclose = 1;
break;
+
default:
break;
}
--
2.26.2
2 months, 3 weeks
[MPTCP][PATCH v2 mptcp-next 0/2] remove address when netlink flush addrs and testcase
by Geliang Tang
v2:
- update the testcase.
This patchset removes address when netlink do flush addrs command, and
adds the testcase for flush addrs command.
Geliang Tang (2):
mptcp: remove address when netlink flush addrs
selftests: mptcp: add the flush addrs testcase
net/mptcp/pm_netlink.c | 15 ++++--
.../testing/selftests/net/mptcp/mptcp_join.sh | 50 +++++++++++++------
2 files changed, 46 insertions(+), 19 deletions(-)
--
2.26.2
2 months, 3 weeks
[MPTCP][PATCH mptcp-next] mptcp: add the address ID assignment bitmap
by Geliang Tang
Currently the address ID set by the netlink PM from user-space is
overridden by the kernel. This patch added the address ID assignment
bitmap to allow user-space to set the address ID.
Use a per netns bitmask id_bitmap (256 bits) to keep track of in-use IDs.
And use next_id to keep track of the highest ID currently in use. If the
user-space provides an ID at endpoint creation time, try to use it. If
already in use, endpoint creation fails. Otherwise pick the first ID
available after the highest currently in use, with wrap-around.
Test:
# pm_nl_ctl add 10.0.0.1
# pm_nl_ctl add 10.0.0.2
# pm_nl_ctl add 10.0.0.3 id 100
# pm_nl_ctl add 10.0.0.4
# pm_nl_ctl add 10.0.0.5 id 254
# pm_nl_ctl add 10.0.0.6
# pm_nl_ctl add 10.0.0.7
# pm_nl_ctl add 10.0.0.8
# pm_nl_ctl dump
id 1 flags 10.0.0.1
id 2 flags 10.0.0.2
id 3 flags 10.0.0.7
id 4 flags 10.0.0.8
id 100 flags 10.0.0.3
id 101 flags 10.0.0.4
id 254 flags 10.0.0.5
id 255 flags 10.0.0.6
Closes: https://github.com/multipath-tcp/mptcp_net-next/issues/117
Signed-off-by: Geliang Tang <geliangtang(a)gmail.com>
---
net/mptcp/pm_netlink.c | 63 +++++++++++++++++++++++++++---------------
1 file changed, 41 insertions(+), 22 deletions(-)
diff --git a/net/mptcp/pm_netlink.c b/net/mptcp/pm_netlink.c
index 54c6b6359144..0463a6b38633 100644
--- a/net/mptcp/pm_netlink.c
+++ b/net/mptcp/pm_netlink.c
@@ -37,6 +37,9 @@ struct mptcp_pm_add_entry {
u8 retrans_times;
};
+#define MAX_ADDR_ID 255
+#define BITMAP_SZ DIV_ROUND_UP(MAX_ADDR_ID + 1, 8 * sizeof(long))
+
struct pm_nl_pernet {
/* protects pernet updates */
spinlock_t lock;
@@ -47,6 +50,7 @@ struct pm_nl_pernet {
unsigned int local_addr_max;
unsigned int subflows_max;
unsigned int next_id;
+ unsigned long id_bitmap[BITMAP_SZ];
};
#define MPTCP_PM_ADDR_MAX 8
@@ -548,10 +552,12 @@ static int mptcp_pm_nl_append_new_local_addr(struct pm_nl_pernet *pernet,
/* to keep the code simple, don't do IDR-like allocation for address ID,
* just bail when we exceed limits
*/
- if (pernet->next_id > 255)
- goto out;
+ if (pernet->next_id == MAX_ADDR_ID)
+ pernet->next_id = 1;
if (pernet->addrs >= MPTCP_PM_ADDR_MAX)
goto out;
+ if (test_bit(entry->addr.id, pernet->id_bitmap))
+ goto out;
/* do not insert duplicate address, differentiate on port only
* singled addresses
@@ -568,7 +574,14 @@ static int mptcp_pm_nl_append_new_local_addr(struct pm_nl_pernet *pernet,
if (entry->addr.flags & MPTCP_PM_ADDR_FLAG_SUBFLOW)
pernet->local_addr_max++;
- entry->addr.id = pernet->next_id++;
+ if (!entry->addr.id) {
+ entry->addr.id = find_next_zero_bit(pernet->id_bitmap,
+ MAX_ADDR_ID + 1,
+ pernet->next_id);
+ }
+ __set_bit(entry->addr.id, pernet->id_bitmap);
+ if (entry->addr.id > pernet->next_id)
+ pernet->next_id = entry->addr.id;
pernet->addrs++;
list_add_tail_rcu(&entry->list, &pernet->local_addr_list);
ret = entry->addr.id;
@@ -941,6 +954,7 @@ static int mptcp_nl_cmd_del_addr(struct sk_buff *skb, struct genl_info *info)
pernet->addrs--;
list_del_rcu(&entry->list);
+ __clear_bit(entry->addr.id, pernet->id_bitmap);
spin_unlock_bh(&pernet->lock);
mptcp_nl_remove_subflow_and_signal_addr(sock_net(skb->sk), &entry->addr);
@@ -978,6 +992,8 @@ static int mptcp_nl_cmd_flush_addrs(struct sk_buff *skb, struct genl_info *info)
spin_lock_bh(&pernet->lock);
list_splice_init(&pernet->local_addr_list, &free_list);
__reset_counters(pernet);
+ pernet->next_id = 1;
+ bitmap_zero(pernet->id_bitmap, MAX_ADDR_ID + 1);
spin_unlock_bh(&pernet->lock);
__flush_addrs(sock_net(skb->sk), &free_list);
return 0;
@@ -1076,35 +1092,37 @@ static int mptcp_nl_cmd_dump_addrs(struct sk_buff *msg,
struct netlink_callback *cb)
{
struct net *net = sock_net(msg->sk);
- struct mptcp_pm_addr_entry *entry;
struct pm_nl_pernet *pernet;
- int id = cb->args[0];
- void *hdr;
+ int id;
pernet = net_generic(net, pm_nl_pernet_id);
spin_lock_bh(&pernet->lock);
- list_for_each_entry(entry, &pernet->local_addr_list, list) {
- if (entry->addr.id <= id)
- continue;
-
- hdr = genlmsg_put(msg, NETLINK_CB(cb->skb).portid,
- cb->nlh->nlmsg_seq, &mptcp_genl_family,
- NLM_F_MULTI, MPTCP_PM_CMD_GET_ADDR);
- if (!hdr)
- break;
+ for (id = 0; id < MAX_ADDR_ID + 1; id++) {
+ if (test_bit(id, pernet->id_bitmap)) {
+ struct mptcp_pm_addr_entry *entry;
+ void *hdr;
+
+ entry = __lookup_addr_by_id(pernet, id);
+ if (!entry)
+ break;
+
+ hdr = genlmsg_put(msg, NETLINK_CB(cb->skb).portid,
+ cb->nlh->nlmsg_seq, &mptcp_genl_family,
+ NLM_F_MULTI, MPTCP_PM_CMD_GET_ADDR);
+ if (!hdr)
+ break;
+
+ if (mptcp_nl_fill_addr(msg, entry) < 0) {
+ genlmsg_cancel(msg, hdr);
+ break;
+ }
- if (mptcp_nl_fill_addr(msg, entry) < 0) {
- genlmsg_cancel(msg, hdr);
- break;
+ genlmsg_end(msg, hdr);
}
-
- id = entry->addr.id;
- genlmsg_end(msg, hdr);
}
spin_unlock_bh(&pernet->lock);
- cb->args[0] = id;
return msg->len;
}
@@ -1234,6 +1252,7 @@ static int __net_init pm_nl_init_net(struct net *net)
INIT_LIST_HEAD_RCU(&pernet->local_addr_list);
__reset_counters(pernet);
pernet->next_id = 1;
+ bitmap_zero(pernet->id_bitmap, MAX_ADDR_ID + 1);
spin_lock_init(&pernet->lock);
return 0;
}
--
2.26.2
2 months, 4 weeks