From nobody Thu Nov 27 12:37:16 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CFCE5481DD for ; Sat, 22 Nov 2025 08:45:34 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763801134; cv=none; b=eIVk3h4WKhksg2aBzJ16sYDR8dNeXtRMvrFJ9iCInpHi+C7O5pe8CCwlV4q/p53KG7zAPpP7AlG3XF/bPcc6JRmMB9vOqX+2zGYHQ6eM+dZNJoXKdj5WhMRraQu1uA70jv/aR5P4+/+3geVGOI2JgzIwCG03xK7DcZx6UR5ZH10= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763801134; c=relaxed/simple; bh=NnOiyeJD9+3Ac2AR7L7+v0ZZEcz5+6eh+Qqt5PSAppU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=qsE7hZ316bz/mfxXzrhdZxMrqVX2oUj4/5NSF3Zo0IktZkXLtlX9RIgjqOfnD3EWNUySMKyhnaajWtyAZsKgIrRr3HV8kZLn+kBiqvSvZLlvMqpqY9uCzd1k4FY6D+1Koyu4FnMghXCgCUyi2C4EJAGBohz22SSI0xfcjWl+F7o= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=BBr2e/+M; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="BBr2e/+M" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 6D521C4CEFB; Sat, 22 Nov 2025 08:45:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1763801134; bh=NnOiyeJD9+3Ac2AR7L7+v0ZZEcz5+6eh+Qqt5PSAppU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=BBr2e/+MrW5G+lJgK1UrhNgTBYVrKAvrRKpOWPJ1LeddkWQMj/FFDbMUhbfb5nzBi Kc3LhONq5XcvH+P4e0pDtVsMwQu6jrpQIXdmUX1fJZjsTTYQKSVfXNx+Gz9zxFPoy6 RS/30CrFDXbY8pchtzVEA8lAKoguYSF2qlKT3Q9pitEPaePVocuifvsJri3Q2W86kW yatX76WaKxUSK5N9ICBd/Ok4Q9bOxGmTkfZpYS6k/kkBE3/dyA4cxCSyOQI7ozBHMF OfszEyMQQEm8bMDMIdDwgNDuoklzrblQnFb/KYmIv6qojVlljkHd6T7vU1qLaGdIPN 3uDhCs33X0ycw== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v3 1/8] selftests: mptcp: sockopt: add protocol arguments Date: Sat, 22 Nov 2025 16:45:20 +0800 Message-ID: X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang Add -t and -r options to specify tx/rx protocols (TCP/MPTCP). This increases testing flexibility by allowing explicit protocol selection for both transmission and reception paths. These codes are from mptcp_inq.c. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- .../selftests/net/mptcp/mptcp_sockopt.c | 29 +++++++++++++++---- 1 file changed, 24 insertions(+), 5 deletions(-) diff --git a/tools/testing/selftests/net/mptcp/mptcp_sockopt.c b/tools/test= ing/selftests/net/mptcp/mptcp_sockopt.c index 286164f7246e..e4752f848f08 100644 --- a/tools/testing/selftests/net/mptcp/mptcp_sockopt.c +++ b/tools/testing/selftests/net/mptcp/mptcp_sockopt.c @@ -27,6 +27,8 @@ #include =20 static int pf =3D AF_INET; +static int proto_tx =3D IPPROTO_MPTCP; +static int proto_rx =3D IPPROTO_MPTCP; =20 #ifndef IPPROTO_MPTCP #define IPPROTO_MPTCP 262 @@ -135,7 +137,7 @@ static void die_perror(const char *msg) =20 static void die_usage(int r) { - fprintf(stderr, "Usage: mptcp_sockopt [-6]\n"); + fprintf(stderr, "Usage: mptcp_sockopt [-6] [-t tcp|mptcp] [-r tcp|mptcp]\= n"); exit(r); } =20 @@ -201,7 +203,7 @@ static int sock_listen_mptcp(const char * const listena= ddr, hints.ai_family =3D pf; =20 for (a =3D addr; a; a =3D a->ai_next) { - sock =3D socket(a->ai_family, a->ai_socktype, IPPROTO_MPTCP); + sock =3D socket(a->ai_family, a->ai_socktype, proto_rx); if (sock < 0) continue; =20 @@ -259,11 +261,22 @@ static int sock_connect_mptcp(const char * const remo= teaddr, return sock; } =20 +static int protostr_to_num(const char *s) +{ + if (strcasecmp(s, "tcp") =3D=3D 0) + return IPPROTO_TCP; + if (strcasecmp(s, "mptcp") =3D=3D 0) + return IPPROTO_MPTCP; + + die_usage(1); + return 0; +} + static void parse_opts(int argc, char **argv) { int c; =20 - while ((c =3D getopt(argc, argv, "h6")) !=3D -1) { + while ((c =3D getopt(argc, argv, "h6t:r:")) !=3D -1) { switch (c) { case 'h': die_usage(0); @@ -271,6 +284,12 @@ static void parse_opts(int argc, char **argv) case '6': pf =3D AF_INET6; break; + case 't': + proto_tx =3D protostr_to_num(optarg); + break; + case 'r': + proto_rx =3D protostr_to_num(optarg); + break; default: die_usage(1); break; @@ -776,10 +795,10 @@ static int client(int pipefd) =20 switch (pf) { case AF_INET: - fd =3D sock_connect_mptcp("127.0.0.1", "15432", IPPROTO_MPTCP); + fd =3D sock_connect_mptcp("127.0.0.1", "15432", proto_tx); break; case AF_INET6: - fd =3D sock_connect_mptcp("::1", "15432", IPPROTO_MPTCP); + fd =3D sock_connect_mptcp("::1", "15432", proto_tx); break; default: xerror("Unknown pf %d\n", pf); --=20 2.51.0 From nobody Thu Nov 27 12:37:16 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2224D217736 for ; Sat, 22 Nov 2025 08:45:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763801136; cv=none; b=iHt76VXZLfxUKP9dDIY16I7x4JrZ+XuVoJCHR9uxNUtX3dJX4a2mhdJ0kh8n8JuCFnQH16ShysQrscjNc0ghI2sZiqZ7ftF0PAU+ut+oGXukiNrcJuxdG+l7laCGYRlbk8NgrNmLxWQpHNgFcFyHl/R5UPz3oKSZ8dZOoU4MZgY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763801136; c=relaxed/simple; bh=VXXhMIWRk75Y+wF6TeqPMxrdMOAbO+YPNhwyoipvOE4=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=tGK2moTpwMlIsqi3Ru8Lc85S7kA5Z3MBAIo0qbiGb9P/hhfz+fq2QMBWYDfTHhm9+AfFhA0BjUlA2mjhnc/aRXcWSWbWZ6UwUTiN65VMIO4azaW7velgeOUzPaEMKCPrOR81w1OQB3sMv8Z9PlAjgtIzP7rm0jmMvL7ePKne7xI= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=ijO/ldmR; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="ijO/ldmR" Received: by smtp.kernel.org (Postfix) with ESMTPSA id F0349C4CEF5; Sat, 22 Nov 2025 08:45:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1763801136; bh=VXXhMIWRk75Y+wF6TeqPMxrdMOAbO+YPNhwyoipvOE4=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=ijO/ldmRfzcBqV2jupMatlqJBCyHcgxdNl57A2PEqGQ9GJ1yv1DuPbi5wj3cPm2V8 tDq1u0bk8NnnKJhzBl9FiRe4k7QGxJ4pzq1FK5+3tGqiuqu50se62EBGilBBmWXe+j mAFwrwQv6kARrpnHPeFPpsn8Mflt5V0eBOvui/uMHHFf9LLLN1zxxCymlwSFY5RCQC zMiwD9mG1bXuyvfkjIyHcqMoVGk2arkD4ciekG+0M+Q4SlFTWdE91POjCuNbylfb6b ZoDmukCA5jUDVhKW1DRlkvt+0qapOoUIpZKmkq2fMpSz9ItS0y27eQYEaCP2jKF0R9 mNOEbitbtWyyA== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v3 2/8] selftests: mptcp: sockopt: enhance compatibility with TCP tests Date: Sat, 22 Nov 2025 16:45:21 +0800 Message-ID: <6202d8db428d857b42a565bdf5908b87c5fc9969.1763800601.git.tanggeliang@kylinos.cn> X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang Enhance compatibility with TCP tests in mptcp_sockopt.c, skip mptcp getsockopt checks during tcp tests since MPTCP socket options are not available for them. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- .../selftests/net/mptcp/mptcp_sockopt.c | 25 +++++++++++++------ 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/tools/testing/selftests/net/mptcp/mptcp_sockopt.c b/tools/test= ing/selftests/net/mptcp/mptcp_sockopt.c index e4752f848f08..8fb04c19af5c 100644 --- a/tools/testing/selftests/net/mptcp/mptcp_sockopt.c +++ b/tools/testing/selftests/net/mptcp/mptcp_sockopt.c @@ -383,8 +383,11 @@ static void do_getsockopt_mptcp_info(struct so_state *= s, int fd, size_t w) olen =3D sizeof(i); ret =3D getsockopt(fd, SOL_MPTCP, MPTCP_INFO, &i, &olen); =20 - if (ret < 0) + if (ret < 0) { + if (errno =3D=3D EOPNOTSUPP || errno =3D=3D ENOPROTOOPT) + return; die_perror("getsockopt MPTCP_INFO"); + } =20 s->pkt_stats_avail =3D olen >=3D sizeof(i); =20 @@ -414,8 +417,11 @@ static void do_getsockopt_tcp_info(struct so_state *s,= int fd, size_t r, size_t olen =3D sizeof(ti); =20 ret =3D getsockopt(fd, SOL_MPTCP, MPTCP_TCPINFO, &ti, &olen); - if (ret < 0) + if (ret < 0) { + if (errno =3D=3D EOPNOTSUPP || errno =3D=3D ENOPROTOOPT) + return; xerror("getsockopt MPTCP_TCPINFO (tries %d, %m)"); + } =20 assert(olen <=3D sizeof(ti)); assert(ti.d.size_kernel > 0); @@ -469,8 +475,11 @@ static void do_getsockopt_subflow_addrs(struct so_stat= e *s, int fd) olen =3D sizeof(addrs); =20 ret =3D getsockopt(fd, SOL_MPTCP, MPTCP_SUBFLOW_ADDRS, &addrs, &olen); - if (ret < 0) + if (ret < 0) { + if (errno =3D=3D EOPNOTSUPP || errno =3D=3D ENOPROTOOPT) + return; die_perror("getsockopt MPTCP_SUBFLOW_ADDRS"); + } =20 assert(olen <=3D sizeof(addrs)); assert(addrs.d.size_kernel > 0); @@ -541,10 +550,8 @@ static void do_getsockopt_mptcp_full_info(struct so_st= ate *s, int fd) =20 ret =3D getsockopt(fd, SOL_MPTCP, MPTCP_FULL_INFO, &mfi, &olen); if (ret < 0) { - if (errno =3D=3D EOPNOTSUPP) { - perror("MPTCP_FULL_INFO test skipped"); + if (errno =3D=3D EOPNOTSUPP || errno =3D=3D ENOPROTOOPT) return; - } xerror("getsockopt MPTCP_FULL_INFO"); } =20 @@ -650,7 +657,8 @@ static void connect_one_server(int fd, int pipefd) if (eof) total +=3D 1; /* sequence advances due to FIN */ =20 - assert(s.mptcpi_rcv_delta =3D=3D (uint64_t)total); + if (s.mptcpi_rcv_delta) + assert(s.mptcpi_rcv_delta =3D=3D (uint64_t)total); close(fd); } =20 @@ -685,7 +693,8 @@ static void process_one_client(int fd, int pipefd) xerror("expected EOF, got %lu", ret3); =20 do_getsockopts(&s, fd, ret, ret2); - if (s.mptcpi_rcv_delta !=3D (uint64_t)ret + 1) + if (s.mptcpi_rcv_delta && + s.mptcpi_rcv_delta !=3D (uint64_t)ret + 1) xerror("mptcpi_rcv_delta %" PRIu64 ", expect %" PRIu64 ", diff %" PRId64, s.mptcpi_rcv_delta, ret + 1, s.mptcpi_rcv_delta - (ret + 1)); =20 --=20 2.51.0 From nobody Thu Nov 27 12:37:16 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 04909481DD for ; Sat, 22 Nov 2025 08:45:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763801138; cv=none; b=exsiK/FW6kxDFHGuRNQWYHseaKX5PxMcjwGVkGR1XJOvfwKd9f/GPuMHo+Mv8zhFM86tdD8U+0QoTSQIsiXMsxSd35C1ay74Gqna2HZC6ZJJoHVHwhytqlBHAFiYHweH8vfTScyJt8SzZqHAbazt/Jgxh/MzXaGlH9oAkRB2Xjk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763801138; c=relaxed/simple; bh=NDUsXhQIjTBPiT7RwlGMQVAOjltDevatsIBVed3w35o=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=rrDssdskWKI8ZnK5zikR3vMwXBs5/MuIra2vyE4COnVswU/un1oj6pWP4biqP6ysxynD7UdNtVzvjWa0UH/HwPvYGzIYc05r2gpXQe4OALlbxLwhxeTJpUoVViy0G2kvnC0WZJ+aPqideNdT7uxqioUHG6UWTsytO/nRFgESxcQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=t7XqL+dQ; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="t7XqL+dQ" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7E958C4CEF5; Sat, 22 Nov 2025 08:45:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1763801137; bh=NDUsXhQIjTBPiT7RwlGMQVAOjltDevatsIBVed3w35o=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=t7XqL+dQL43MT2hex3Sanm8XBaqryfNeGr+xPZNeeSKAKj2TVV5nhloHmnO6rvdL/ xuiFmNWjYJ1qNTQ7yZn99H0uReMC9Q+IePquAtuNFoCLGghXkAapwPYmFXPVRQG7/k QAvO0VM11HfEU+6F65svl5MgaUGlZ0akNV4XkD06yY3KTrgHykN7/DkqiOCQzGwFD6 G+HQ33utH5jHqn7TxA1NUp8FI6qxKfQv4QEDOFP2MTvJ7TFj1FTKuR+m/3KWc5vopG G5vR3JWX8eIiF0tHVLBM8wHznYQ/OU/Kyfk5xUBq5Ncwxeu4AUpoNpnAgMHt05Uos7 iXpwsJaLxaA5Q== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v3 3/8] selftests: mptcp: sockopt: implement TCP TLS tests Date: Sat, 22 Nov 2025 16:45:22 +0800 Message-ID: X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang This patch adds Kernel TLS (KTLS) testing infrastructure to MPTCP sockopt selftest, introducing a new '-c' option to enable TLS tests. It includes a helper for configuring TLS socket options and implements TCP-specific KTLS test cases for both IPv4 and IPv6, along with the necessary header includes and config updates. TLS_OVERHEAD_SIZE macro is defined to account for the overhead in sent and received data length. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- tools/testing/selftests/net/mptcp/config | 1 + .../selftests/net/mptcp/mptcp_sockopt.c | 75 ++++++++++++++++++- .../selftests/net/mptcp/mptcp_sockopt.sh | 36 +++++++++ 3 files changed, 110 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/net/mptcp/config b/tools/testing/selft= ests/net/mptcp/config index 59051ee2a986..18bd29ac5b24 100644 --- a/tools/testing/selftests/net/mptcp/config +++ b/tools/testing/selftests/net/mptcp/config @@ -34,3 +34,4 @@ CONFIG_NFT_SOCKET=3Dm CONFIG_NFT_TPROXY=3Dm CONFIG_SYN_COOKIES=3Dy CONFIG_VETH=3Dy +CONFIG_TLS=3Dy diff --git a/tools/testing/selftests/net/mptcp/mptcp_sockopt.c b/tools/test= ing/selftests/net/mptcp/mptcp_sockopt.c index 8fb04c19af5c..444851221473 100644 --- a/tools/testing/selftests/net/mptcp/mptcp_sockopt.c +++ b/tools/testing/selftests/net/mptcp/mptcp_sockopt.c @@ -25,10 +25,12 @@ #include =20 #include +#include =20 static int pf =3D AF_INET; static int proto_tx =3D IPPROTO_MPTCP; static int proto_rx =3D IPPROTO_MPTCP; +static bool tls; =20 #ifndef IPPROTO_MPTCP #define IPPROTO_MPTCP 262 @@ -36,6 +38,9 @@ static int proto_rx =3D IPPROTO_MPTCP; #ifndef SOL_MPTCP #define SOL_MPTCP 284 #endif +#ifndef TCP_ULP +#define TCP_ULP 31 +#endif =20 #ifndef MPTCP_INFO struct mptcp_info { @@ -137,7 +142,7 @@ static void die_perror(const char *msg) =20 static void die_usage(int r) { - fprintf(stderr, "Usage: mptcp_sockopt [-6] [-t tcp|mptcp] [-r tcp|mptcp]\= n"); + fprintf(stderr, "Usage: mptcp_sockopt [-6] [-t tcp|mptcp] [-r tcp|mptcp] = [-c]\n"); exit(r); } =20 @@ -184,6 +189,54 @@ static void xgetaddrinfo(const char *node, const char = *service, } } =20 +#define TLS_OVERHEAD_SIZE 29 + +static int do_setsockopt_tls(int fd) +{ + struct tls12_crypto_info_aes_gcm_128 tls_tx =3D { + .info =3D { + .version =3D TLS_1_2_VERSION, + .cipher_type =3D TLS_CIPHER_AES_GCM_128, + }, + }; + struct tls12_crypto_info_aes_gcm_128 tls_rx =3D { + .info =3D { + .version =3D TLS_1_2_VERSION, + .cipher_type =3D TLS_CIPHER_AES_GCM_128, + }, + }; + int so_buf =3D 6553500; + int err; + + err =3D setsockopt(fd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls")); + if (err) { + perror("setsockopt TCP_ULP"); + return err; + } + err =3D setsockopt(fd, SOL_TLS, TLS_TX, (void *)&tls_tx, sizeof(tls_tx)); + if (err) { + perror("setsockopt TLS_TX"); + return err; + } + err =3D setsockopt(fd, SOL_TLS, TLS_RX, (void *)&tls_rx, sizeof(tls_rx)); + if (err) { + perror("setsockopt TLS_RX"); + return err; + } + err =3D setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &so_buf, sizeof(so_buf)); + if (err) { + perror("setsockopt SO_SNDBUF"); + return err; + } + err =3D setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &so_buf, sizeof(so_buf)); + if (err) { + perror("setsockopt SO_RCVBUF"); + return err; + } + + return 0; +} + static int sock_listen_mptcp(const char * const listenaddr, const char * const port) { @@ -276,7 +329,7 @@ static void parse_opts(int argc, char **argv) { int c; =20 - while ((c =3D getopt(argc, argv, "h6t:r:")) !=3D -1) { + while ((c =3D getopt(argc, argv, "h6t:r:c")) !=3D -1) { switch (c) { case 'h': die_usage(0); @@ -289,6 +342,8 @@ static void parse_opts(int argc, char **argv) break; case 'r': proto_rx =3D protostr_to_num(optarg); + case 'c': + tls =3D true; break; default: die_usage(1); @@ -652,6 +707,11 @@ static void connect_one_server(int fd, int pipefd) if (s.tcpi_rcv_delta) assert(s.tcpi_rcv_delta <=3D total); =20 + if (tls) { + ret +=3D TLS_OVERHEAD_SIZE; + total +=3D TLS_OVERHEAD_SIZE; + } + do_getsockopts(&s, fd, ret, ret); =20 if (eof) @@ -692,6 +752,11 @@ static void process_one_client(int fd, int pipefd) if (ret3 !=3D 0) xerror("expected EOF, got %lu", ret3); =20 + if (tls) { + ret +=3D TLS_OVERHEAD_SIZE; + ret2 +=3D TLS_OVERHEAD_SIZE; + } + do_getsockopts(&s, fd, ret, ret2); if (s.mptcpi_rcv_delta && s.mptcpi_rcv_delta !=3D (uint64_t)ret + 1) @@ -752,6 +817,9 @@ static int server(int pipefd) alarm(15); r =3D xaccept(fd); =20 + if (tls) + do_setsockopt_tls(r); + process_one_client(r, pipefd); =20 close(fd); @@ -815,6 +883,9 @@ static int client(int pipefd) =20 test_ip_tos_sockopt(fd); =20 + if (tls) + do_setsockopt_tls(fd); + connect_one_server(fd, pipefd); =20 return 0; diff --git a/tools/testing/selftests/net/mptcp/mptcp_sockopt.sh b/tools/tes= ting/selftests/net/mptcp/mptcp_sockopt.sh index ab8bce06b262..6dcc0a100094 100755 --- a/tools/testing/selftests/net/mptcp/mptcp_sockopt.sh +++ b/tools/testing/selftests/net/mptcp/mptcp_sockopt.sh @@ -351,6 +351,41 @@ do_tcpinq_tests() return $? } =20 +do_tls_test() +{ + print_title "KTLS $*" | head -c 53 + ip netns exec "$ns_sbox" ./mptcp_sockopt "$@" + local lret=3D$? + if [ $lret -ne 0 ];then + ret=3D$lret + mptcp_lib_pr_fail + mptcp_lib_result_fail "KTLS: $*" + return $lret + fi + + mptcp_lib_pr_ok + mptcp_lib_result_pass "KTLS: $*" + return $lret +} + +do_tls_tests() +{ + local lret=3D0 + + mptcp_lib_print_info "sockopt KTLS" + + local args + for args in "-c -t tcp -r tcp" "-6 -c -t tcp -r tcp"; do + do_tls_test $args + lret=3D$? + if [ $lret -ne 0 ] ; then + return $lret + fi + done + + return $lret +} + sin=3D$(mktemp) sout=3D$(mktemp) cin=3D$(mktemp) @@ -366,6 +401,7 @@ run_tests $ns1 $ns2 dead:beef:1::1 =20 do_mptcp_sockopt_tests do_tcpinq_tests +do_tls_tests =20 mptcp_lib_result_print_all_tap exit $ret --=20 2.51.0 From nobody Thu Nov 27 12:37:16 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 7A78720468E for ; Sat, 22 Nov 2025 08:45:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763801139; cv=none; b=bDmUvXJiUas2wYep87muESSCsmH+4KmZY9qZP+fLpi+hf0pe7zT17kOUurMtg962CT4KCmRt3sdtd05tJypoofMJ1csWYbCrP1WDj0l7T4+/20NszBxjynrJZXXsrmCY6EzMqzWcYaHUaPaeFKgj4+PYDZEIUy4A8hSiKdx+2+Y= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763801139; c=relaxed/simple; bh=5oD+cx5b8zX4HYWLmhLKo8bWgMLYOgMqpQugEi47zdw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=qu2U9VE5Q/EwpZm/Hh2n6GIM9XeDtTD3Kz8xdz43NJ+Ljz2TUVJIstbOB0IOD1SW9YA6NLUaY/xBadyAjUahtR1okDEOdsSX1e/MIPwKIDAB2qvJ5BYiYNukwkyP5F3hGWKYAqKAi4B7lz7cwmUqw0aW6i+s3tw+uHxgUSsDBc4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=pZmQjO1J; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="pZmQjO1J" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0D98DC116D0; Sat, 22 Nov 2025 08:45:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1763801139; bh=5oD+cx5b8zX4HYWLmhLKo8bWgMLYOgMqpQugEi47zdw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=pZmQjO1J7i1L0vvEfO1tNAZRc9SGS+ut9i7sND66uX7UhiXRTb0i5U9Vrih69ZrXs nB1nQQ5dtHHWpXOX2atA8OuHFk6wb6HuO17uFoG03PMr925D8P4DAUO1BlGz30F8Yf WQbY9cvq94AQRqYAKy6DO+fj4Z1p7jhPTnpsDT5ylqAJY+ADCFyUy8up1mKF5PLH9g 0vbdojlbiWOIZ3CrwGgX4FiYni7yTuEGdVL8bQ7+eu3LOAFD6bN1UHqFUFRyNAib0i SH8eA6nTaugGt00qr08sWoqpvc17FDPhyHfSS/UxkNRr+PJuWXKq5ystuZdAZU/NA3 oN02P3RTKK0OA== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v3 4/8] tls: add MPTCP protocol support Date: Sat, 22 Nov 2025 16:45:23 +0800 Message-ID: <2a0f438fbd4c5ddf7d8153bfc8aa44cfefa58c45.1763800601.git.tanggeliang@kylinos.cn> X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang To extend MPTCP support based on TCP TLS, corresponding MPTCP-specific helpers have been implemented, including: - mptcp_sendmsg_locked() for TLS record transmission - mptcp_inq_hint() and mptcp_recv_skb() for receive side handling - mptcp_read_done() for data reading - mptcp_disconnect() for connection teardown. TLS implementation switches between the respective TCP and MPTCP helpers based on the detected protocol. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- include/net/mptcp.h | 33 +++++++++++++++++++++++ net/mptcp/protocol.c | 62 +++++++++++++++++++++++++++++++++++++------- net/tls/tls_device.c | 8 ++++-- net/tls/tls_main.c | 6 ++++- net/tls/tls_strp.c | 16 +++++++++--- net/tls/tls_sw.c | 4 ++- 6 files changed, 113 insertions(+), 16 deletions(-) diff --git a/include/net/mptcp.h b/include/net/mptcp.h index 4cf59e83c1c5..1fca3bca439c 100644 --- a/include/net/mptcp.h +++ b/include/net/mptcp.h @@ -237,6 +237,16 @@ static inline __be32 mptcp_reset_option(const struct s= k_buff *skb) } =20 void mptcp_active_detect_blackhole(struct sock *sk, bool expired); + +int mptcp_sendmsg_locked(struct sock *sk, struct msghdr *msg, size_t len); + +unsigned int mptcp_inq_hint(const struct sock *sk); + +struct sk_buff *mptcp_recv_skb(struct sock *sk, u32 *off); + +void mptcp_read_done(struct sock *sk, size_t len); + +int mptcp_disconnect(struct sock *sk, int flags); #else =20 static inline void mptcp_init(void) @@ -323,6 +333,29 @@ static inline struct request_sock *mptcp_subflow_reqsk= _alloc(const struct reques static inline __be32 mptcp_reset_option(const struct sk_buff *skb) { retu= rn htonl(0u); } =20 static inline void mptcp_active_detect_blackhole(struct sock *sk, bool exp= ired) { } + +static inline int mptcp_sendmsg_locked(struct sock *sk, struct msghdr *msg, + size_t len) +{ + return 0; +} + +static inline unsigned int mptcp_inq_hint(const struct sock *sk) +{ + return 0; +} + +static inline struct sk_buff *mptcp_recv_skb(struct sock *sk, u32 *off) +{ + return NULL; +} + +static inline void mptcp_read_done(struct sock *sk, size_t len) { } + +static inline int mptcp_disconnect(struct sock *sk, int flags) +{ + return 0; +} #endif /* CONFIG_MPTCP */ =20 #if IS_ENABLED(CONFIG_MPTCP_IPV6) diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c index b31724523ed5..5d796b42bc6b 100644 --- a/net/mptcp/protocol.c +++ b/net/mptcp/protocol.c @@ -1752,8 +1752,6 @@ static void __mptcp_subflow_push_pending(struct sock = *sk, struct sock *ssk, bool } } =20 -static int mptcp_disconnect(struct sock *sk, int flags); - static int mptcp_sendmsg_fastopen(struct sock *sk, struct msghdr *msg, size_t len, int *copied_syn) { @@ -1862,7 +1860,7 @@ static void mptcp_rps_record_subflows(const struct mp= tcp_sock *msk) } } =20 -static int mptcp_sendmsg(struct sock *sk, struct msghdr *msg, size_t len) +int mptcp_sendmsg_locked(struct sock *sk, struct msghdr *msg, size_t len) { struct mptcp_sock *msk =3D mptcp_sk(sk); struct page_frag *pfrag; @@ -1873,8 +1871,6 @@ static int mptcp_sendmsg(struct sock *sk, struct msgh= dr *msg, size_t len) /* silently ignore everything else */ msg->msg_flags &=3D MSG_MORE | MSG_DONTWAIT | MSG_NOSIGNAL | MSG_FASTOPEN; =20 - lock_sock(sk); - mptcp_rps_record_subflows(msk); =20 if (unlikely(inet_test_bit(DEFER_CONNECT, sk) || @@ -1982,7 +1978,6 @@ static int mptcp_sendmsg(struct sock *sk, struct msgh= dr *msg, size_t len) __mptcp_push_pending(sk, msg->msg_flags); =20 out: - release_sock(sk); return copied; =20 do_error: @@ -1993,6 +1988,17 @@ static int mptcp_sendmsg(struct sock *sk, struct msg= hdr *msg, size_t len) goto out; } =20 +static int mptcp_sendmsg(struct sock *sk, struct msghdr *msg, size_t len) +{ + int ret; + + lock_sock(sk); + ret =3D mptcp_sendmsg_locked(sk, msg, len); + release_sock(sk); + + return ret; +} + static void mptcp_rcv_space_adjust(struct mptcp_sock *msk, int copied); =20 static void mptcp_eat_recv_skb(struct sock *sk, struct sk_buff *skb) @@ -2224,7 +2230,7 @@ static bool mptcp_move_skbs(struct sock *sk) return enqueued; } =20 -static unsigned int mptcp_inq_hint(const struct sock *sk) +unsigned int mptcp_inq_hint(const struct sock *sk) { const struct mptcp_sock *msk =3D mptcp_sk(sk); const struct sk_buff *skb; @@ -3329,7 +3335,7 @@ static void mptcp_destroy_common(struct mptcp_sock *m= sk) mptcp_pm_destroy(msk); } =20 -static int mptcp_disconnect(struct sock *sk, int flags) +int mptcp_disconnect(struct sock *sk, int flags) { struct mptcp_sock *msk =3D mptcp_sk(sk); =20 @@ -4271,7 +4277,7 @@ static __poll_t mptcp_poll(struct file *file, struct = socket *sock, return mask; } =20 -static struct sk_buff *mptcp_recv_skb(struct sock *sk, u32 *off) +struct sk_buff *mptcp_recv_skb(struct sock *sk, u32 *off) { struct mptcp_sock *msk =3D mptcp_sk(sk); struct sk_buff *skb; @@ -4453,6 +4459,44 @@ static ssize_t mptcp_splice_read(struct socket *sock= , loff_t *ppos, return ret; } =20 +void mptcp_read_done(struct sock *sk, size_t len) +{ + struct mptcp_sock *msk =3D mptcp_sk(sk); + struct sk_buff *skb; + size_t left; + u32 offset; + + msk_owned_by_me(msk); + + if (sk->sk_state =3D=3D TCP_LISTEN) + return; + + left =3D len; + while (left && (skb =3D mptcp_recv_skb(sk, &offset)) !=3D NULL) { + int used; + + used =3D min_t(size_t, skb->len - offset, left); + left -=3D used; + msk->bytes_consumed +=3D used; + MPTCP_SKB_CB(skb)->offset +=3D used; + MPTCP_SKB_CB(skb)->map_seq +=3D used; + + if (skb->len > offset + used) + break; + + mptcp_eat_recv_skb(sk, skb); + } + + mptcp_rcv_space_adjust(msk, len - left); + + /* Clean up data we have read: This will do ACK frames. */ + if (left !=3D len) { + mptcp_recv_skb(sk, &offset); + mptcp_cleanup_rbuf(msk, len - left); + } +} +EXPORT_SYMBOL(mptcp_read_done); + static const struct proto_ops mptcp_stream_ops =3D { .family =3D PF_INET, .owner =3D THIS_MODULE, diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c index 82ea407e520a..9a69037b9a1f 100644 --- a/net/tls/tls_device.c +++ b/net/tls/tls_device.c @@ -805,7 +805,9 @@ void tls_device_rx_resync_new_rec(struct sock *sk, u32 = rcd_len, u32 seq) /* head of next rec is already in, note that the sock_inq will * include the currently parsed message when called from parser */ - sock_data =3D tcp_inq(sk); + sock_data =3D sk->sk_protocol =3D=3D IPPROTO_MPTCP ? + mptcp_inq_hint(sk) : + tcp_inq(sk); if (sock_data > rcd_len) { trace_tls_device_rx_resync_nh_delay(sk, sock_data, rcd_len); @@ -864,7 +866,9 @@ static void tls_device_core_ctrl_rx_resync(struct tls_c= ontext *tls_ctx, rxm =3D strp_msg(skb); =20 /* head of next rec is already in, parser will sync for us */ - if (tcp_inq(sk) > rxm->full_len) { + if ((sk->sk_protocol =3D=3D IPPROTO_MPTCP ? + mptcp_inq_hint(sk) : + tcp_inq(sk)) > rxm->full_len) { trace_tls_device_rx_resync_nh_schedule(sk); ctx->resync_nh_do_now =3D 1; } else { diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c index 56ce0bc8317b..7d7bde1702c1 100644 --- a/net/tls/tls_main.c +++ b/net/tls/tls_main.c @@ -194,7 +194,9 @@ int tls_push_sg(struct sock *sk, bvec_set_page(&bvec, p, size, offset); iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, &bvec, 1, size); =20 - ret =3D tcp_sendmsg_locked(sk, &msg, size); + ret =3D sk->sk_protocol =3D=3D IPPROTO_MPTCP ? + mptcp_sendmsg_locked(sk, &msg, size) : + tcp_sendmsg_locked(sk, &msg, size); =20 if (ret !=3D size) { if (ret > 0) { @@ -907,6 +909,8 @@ static int tls_setsockopt(struct sock *sk, int level, i= nt optname, =20 static int tls_disconnect(struct sock *sk, int flags) { + if (sk->sk_protocol =3D=3D IPPROTO_MPTCP) + return mptcp_disconnect(sk, flags); return -EOPNOTSUPP; } =20 diff --git a/net/tls/tls_strp.c b/net/tls/tls_strp.c index 98e12f0ff57e..0fd19c6a579a 100644 --- a/net/tls/tls_strp.c +++ b/net/tls/tls_strp.c @@ -132,6 +132,8 @@ int tls_strp_msg_cow(struct tls_sw_context_rx *ctx) tls_strp_anchor_free(strp); strp->anchor =3D skb; =20 + strp->sk->sk_protocol =3D=3D IPPROTO_MPTCP ? + mptcp_read_done(strp->sk, strp->stm.full_len) : tcp_read_done(strp->sk, strp->stm.full_len); strp->copy_mode =3D 1; =20 @@ -464,7 +466,9 @@ static void tls_strp_load_anchor_with_queue(struct tls_= strparser *strp, int len) struct sk_buff *first; u32 offset; =20 - first =3D tcp_recv_skb(strp->sk, tp->copied_seq, &offset); + first =3D strp->sk->sk_protocol =3D=3D IPPROTO_MPTCP ? + mptcp_recv_skb(strp->sk, &offset) : + tcp_recv_skb(strp->sk, tp->copied_seq, &offset); if (WARN_ON_ONCE(!first)) return; =20 @@ -490,7 +494,9 @@ bool tls_strp_msg_load(struct tls_strparser *strp, bool= force_refresh) DEBUG_NET_WARN_ON_ONCE(!strp->stm.full_len); =20 if (!strp->copy_mode && force_refresh) { - if (unlikely(tcp_inq(strp->sk) < strp->stm.full_len)) { + if (unlikely((strp->sk->sk_protocol =3D=3D IPPROTO_MPTCP ? + mptcp_inq_hint(strp->sk) : + tcp_inq(strp->sk)) < strp->stm.full_len)) { WRITE_ONCE(strp->msg_ready, 0); memset(&strp->stm, 0, sizeof(strp->stm)); return false; @@ -513,7 +519,9 @@ static int tls_strp_read_sock(struct tls_strparser *str= p) { int sz, inq; =20 - inq =3D tcp_inq(strp->sk); + inq =3D strp->sk->sk_protocol =3D=3D IPPROTO_MPTCP ? + mptcp_inq_hint(strp->sk) : + tcp_inq(strp->sk); if (inq < 1) return 0; =20 @@ -586,6 +594,8 @@ void tls_strp_msg_done(struct tls_strparser *strp) WARN_ON(!strp->stm.full_len); =20 if (likely(!strp->copy_mode)) + strp->sk->sk_protocol =3D=3D IPPROTO_MPTCP ? + mptcp_read_done(strp->sk, strp->stm.full_len) : tcp_read_done(strp->sk, strp->stm.full_len); else tls_strp_flush_anchor_copy(strp); diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index 9937d4c810f2..375f6f8304c3 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -1958,7 +1958,9 @@ tls_read_flush_backlog(struct sock *sk, struct tls_pr= ot_info *prot, return false; =20 max_rec =3D prot->overhead_size - prot->tail_size + TLS_MAX_PAYLOAD_SIZE; - if (done - *flushed_at < SZ_128K && tcp_inq(sk) > max_rec) + if (done - *flushed_at < SZ_128K && (sk->sk_protocol =3D=3D IPPROTO_MPTCP= ? + mptcp_inq_hint(sk) : + tcp_inq(sk)) > max_rec) return false; =20 *flushed_at =3D done; --=20 2.51.0 From nobody Thu Nov 27 12:37:16 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B32E9481DD for ; Sat, 22 Nov 2025 08:45:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763801140; cv=none; b=uV8+lSWYq6jyLbsse9xXjg99eLH24iLQzZwNYPLYX+B0gPI4T+CK0E4npj9gSMbGfiOUOXipKJEiisWKgntmawBow0GD7cFLnBGxCKN+SMXYAH6DJFCN+/JgA/ln8GYHcq+Q3NKtQDUvlYSsX4V5B/GPnkRcRQUz/JR9CLIekTs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763801140; c=relaxed/simple; bh=tqQxCtBYZEYSb0VBK/bDrbQYT/Rsb0f9OomcFxC4SKU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=h4Mu1IYIHgKe7SefuatLxOGuGpalCkNWBLBswx/aoneBS6XMPPEHgYCv7E8ei1zn8Wp2qQukFeJu4+Q3Is0R2uLcQtpKjogJQqtunqu1dn8KrzYlk2nM9DOPq8wjcGyGT+RLNFWTbvtqT0tMuQz031Wxv1hlI1LObL+7znfl/JU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=rvDsOETE; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="rvDsOETE" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 907FEC4CEFB; Sat, 22 Nov 2025 08:45:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1763801140; bh=tqQxCtBYZEYSb0VBK/bDrbQYT/Rsb0f9OomcFxC4SKU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=rvDsOETEt+3/uO3nhYRKwQ2jodu2ecJgq8bfY4Ay/NIJ1tYwg7tV43ZFgE1S5Gcti Vk1nVit4cIbkHc8DTMKfzz/42M0vAJ4TsWSXCUloigotgv10tNYxRQuVUX9v8w5MOi HfPYFBGpQ6VWcEoW37DNjA1RdcdFAiKS9i3Nob+0CgD2sIZKZ+NWzbt+HW07JKrg0Z y48zRilk8CH4OYra6tXJIFmtflS7azht6P1F+gmq2137C0tu2adtHTwnTCeOVvOx5U ujHZF1Y3lfOZar+aCIPyj0Cb7K3yK4h75/xM4JQ0xXQ2MrBlPgTo4LBzBbkkF0LaRi AgSAPZOCtqqwg== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v3 5/8] mptcp: update ULP getsockopt Date: Sat, 22 Nov 2025 16:45:24 +0800 Message-ID: <1cc7652f6caedbf0029355caec2970071ce3fc99.1763800601.git.tanggeliang@kylinos.cn> X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang TCP_ULP was obtained by calling mptcp_getsockopt_first_sf_only() to get the ULP of the first subflow. Now that the mechanism has changed, a new helper needs to be implemented to get the ULP of the msk. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- net/mptcp/sockopt.c | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/net/mptcp/sockopt.c b/net/mptcp/sockopt.c index de90a2897d2d..f3db4f2e8f81 100644 --- a/net/mptcp/sockopt.c +++ b/net/mptcp/sockopt.c @@ -1393,6 +1393,17 @@ static int mptcp_put_int_option(struct mptcp_sock *m= sk, char __user *optval, return 0; } =20 +static int mptcp_getsockopt_msk(struct sock *sk, int level, int optname, + char __user *optval, int __user *optlen) +{ + int ret; + + lock_sock(sk); + ret =3D tcp_getsockopt(sk, level, optname, optval, optlen); + release_sock(sk); + return ret; +} + static int mptcp_getsockopt_sol_tcp(struct mptcp_sock *msk, int optname, char __user *optval, int __user *optlen) { @@ -1400,6 +1411,7 @@ static int mptcp_getsockopt_sol_tcp(struct mptcp_sock= *msk, int optname, =20 switch (optname) { case TCP_ULP: + return mptcp_getsockopt_msk(sk, SOL_TCP, optname, optval, optlen); case TCP_CONGESTION: case TCP_INFO: case TCP_CC_INFO: --=20 2.51.0 From nobody Thu Nov 27 12:37:16 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 82A511AA7A6 for ; Sat, 22 Nov 2025 08:45:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763801142; cv=none; b=qcLbeBw9kerhkq+2zA6gdIavy5s23SMuCkBy74jnPPRwgAo52ADL0REVVtDYAs3TOEQcAEsAX7LGbL2i+IFdry2xzryUCeWxftMRTI6dpQUhd7iwmG0eB5vyuUdiDLogDJ7WpuUgQ1LyqRM8WC0wkjGa0f0m7InyakxnS0I6024= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763801142; c=relaxed/simple; bh=oq0zKgX05uRcbn7PAy3rOmQlIOOnqg7bERQHSUE3Ymo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=QJpIYf3/Y95VNexA+uzA2TkMK0EsBAv7vkgrgutPtOSm0jK+LxkVVwvLq7lSTxGfOtBAY/PS4R5C1UWHHy6d/4o/WJNAxlJkctFMYlvBpr9CjsTECyiiQ9Si7y2Lee3wKWh2vf+IpM/TnizJI7XL6Kf7Wss2U7IAJR68goB2ecQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=bA4ujQY6; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="bA4ujQY6" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 1F28AC4CEFB; Sat, 22 Nov 2025 08:45:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1763801142; bh=oq0zKgX05uRcbn7PAy3rOmQlIOOnqg7bERQHSUE3Ymo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=bA4ujQY6V2a2WempFfWuQjLF7Y10FwjW2RvwW2OUZhQ+ngR+Zzsjk9BaQDrA9VQqL ch99I70CUQl6X4VA9ugRIyvjPBTDcFwkPKySgjeMGRck6fZFn6P/IoZqvP6Et9+Ka7 rf1DO2glYtENIFELSEwWnpYq/YJT2nDwatkBNtHaifRF2qHHbQAoFBHHi0y4NuKEF2 B3U815uIkTu9BKAflYIXkDXKtzBKeigvmHrW1kf5VsXWhfDatABVX2LK+VC06wwExY +12Ws8ADsmBBT72JnvOubTrWf+Z3ShaD54o58ZCKzgXAwPVAWwAEQ4dYUw19YE0v9Z EebB4EIRmcEfQ== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v3 6/8] mptcp: enable TLS setsockopt Date: Sat, 22 Nov 2025 16:45:25 +0800 Message-ID: <968e3f9c2a71a8a7a9a7009ac9930400ccc34c64.1763800601.git.tanggeliang@kylinos.cn> X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang This patch adds MPTCP TLS setsockopt support. It allows setting the TCP_ULP option to 'tls' exclusively, and enables configuration of the TLS_TX and TLS_RX options at the SOL_TLS level. This option cannot be set when the socket is in CLOSE or LISTEN state. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- net/mptcp/sockopt.c | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/net/mptcp/sockopt.c b/net/mptcp/sockopt.c index f3db4f2e8f81..52ff75702404 100644 --- a/net/mptcp/sockopt.c +++ b/net/mptcp/sockopt.c @@ -12,6 +12,7 @@ #include #include #include +#include #include "protocol.h" =20 #define MIN_INFO_OPTLEN_SIZE 16 @@ -567,6 +568,7 @@ static bool mptcp_supported_sockopt(int level, int optn= ame) case TCP_FASTOPEN_CONNECT: case TCP_FASTOPEN_KEY: case TCP_FASTOPEN_NO_COOKIE: + case TCP_ULP: return true; } =20 @@ -576,6 +578,13 @@ static bool mptcp_supported_sockopt(int level, int opt= name) * TCP_REPAIR_WINDOW are not supported, better avoid this mess */ } + if (level =3D=3D SOL_TLS) { + switch (optname) { + case TLS_TX: + case TLS_RX: + return true; + } + } return false; } =20 @@ -819,11 +828,18 @@ static int mptcp_setsockopt_sol_tcp(struct mptcp_sock= *msk, int optname, sockptr_t optval, unsigned int optlen) { struct sock *sk =3D (void *)msk; + char ulp[4] =3D ""; int ret, val; =20 switch (optname) { case TCP_ULP: - return -EOPNOTSUPP; + if (copy_from_user(ulp, optval.user, 4)) + return -EFAULT; + if (strcmp(ulp, "tls\0")) + return -EOPNOTSUPP; + if ((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN)) + return -EINVAL; + return tcp_setsockopt(sk, SOL_TCP, optname, optval, optlen); case TCP_CONGESTION: return mptcp_setsockopt_sol_tcp_congestion(msk, optval, optlen); case TCP_DEFER_ACCEPT: --=20 2.51.0 From nobody Thu Nov 27 12:37:16 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id BC102481DD for ; Sat, 22 Nov 2025 08:45:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763801143; cv=none; b=BD+MCr5roJsvNv5ChFln0bkRZDXQrqgHxkrFgYN0AG6juXTkNjMpl8Him08UnGqoGP7Qh9Mxm9uPCfLLn/sa61TkXiyI31ZYScfMSgQ/O992voTFdhvZLagjh1tIuSFX6oYiPUqUnYwppjZw9lWNajsVkUC/6sX+J91nOukKqXY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763801143; c=relaxed/simple; bh=srkbzZW6tEfIzXr/sQxnW+HG+iq67Ia/AS+NfDU9miY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=gbsnHoQJd2cDvXBZHVPV2hArJit7SAJKhpR8oK+TvKwNXydK2uhy2ekZi83JK2q1OPNi2FKYgJsICl3hs/mB0kPHPuhmJSA/s6JG6rzf7ChYm3rthW0w6ZFAAOqhX1/5tUM/hEQcbReesjZg8T1jDbtCnog9w/c4DP3O2TKgBn8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=LTFKWHPs; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="LTFKWHPs" Received: by smtp.kernel.org (Postfix) with ESMTPSA id A1B82C116D0; Sat, 22 Nov 2025 08:45:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1763801143; bh=srkbzZW6tEfIzXr/sQxnW+HG+iq67Ia/AS+NfDU9miY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=LTFKWHPssI0Nuxax/ft2+HSvOYhP0zJm9ml4rvxXHeXHDybC59xJiiiHlMkVby2/U 76qUAskgc0wLLDrjtRe7DpKN/8dXgEoo03FYXzKuORX7EXT9Jg6IABCab3S7iSnjMm kivWX5N/t+ikCPZVSP8nLzeyyN21SuDUbwmH0/4io4ODnjvHcvvlvGbYfKZWhgFyKt y/wmFk59exRiBKbYHiSxWx5ZtJSRyGxbMmk3N85gwXX+fw7QzDq07o8iKI0fHAx8vX Xpi0IdqntoHDYQiiSKD1wHK1WRcmQhi58S4ytFeMom+120D0h2Ej30zB17lbdRTShz uz+oWU/JRAiAA== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v3 7/8] selftests: mptcp: connect: update sock_test_tcpulp Date: Sat, 22 Nov 2025 16:45:26 +0800 Message-ID: X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang Improve sock_test_tcpulp() to properly validate TLS ULP setup on MPTCP sockets. The updated logic verifies that TLS can be correctly configured based on the socket protocol type and state. fallback() helper has been implemented to verify fallback scenarios, ensuring that MPTCP fallback-to-TCP tests continue to pass. Initialize 'peer' pointer to NULL in main_loop() to fix the compiler warning 'peer' may be used uninitialized. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- .../selftests/net/mptcp/mptcp_connect.c | 36 ++++++++++++------- 1 file changed, 24 insertions(+), 12 deletions(-) diff --git a/tools/testing/selftests/net/mptcp/mptcp_connect.c b/tools/test= ing/selftests/net/mptcp/mptcp_connect.c index 2e50d6f93640..64c1a57fe72b 100644 --- a/tools/testing/selftests/net/mptcp/mptcp_connect.c +++ b/tools/testing/selftests/net/mptcp/mptcp_connect.c @@ -266,13 +266,25 @@ static void set_mptfo(int fd, int pf) perror("TCP_FASTOPEN"); } =20 +static int fallback(int fd) +{ + int is_mptcp =3D 0; + socklen_t optlen; + + optlen =3D sizeof(is_mptcp); + if (getsockopt(fd, IPPROTO_TCP, TCP_IS_MPTCP, &is_mptcp, &optlen) =3D=3D = -1) + perror("TCP_IS_MPTCP"); + + return !is_mptcp; +} + static int do_ulp_so(int sock, const char *name) { return setsockopt(sock, IPPROTO_TCP, TCP_ULP, name, strlen(name)); } =20 #define X(m) xerror("%s:%u: %s: failed for proto %d at line %u", __FILE__,= __LINE__, (m), proto, line) -static void sock_test_tcpulp(int sock, int proto, unsigned int line) +static void sock_test_tcpulp(int sock, int proto, int expect, unsigned int= line) { socklen_t buflen =3D 8; char buf[8] =3D ""; @@ -282,14 +294,14 @@ static void sock_test_tcpulp(int sock, int proto, uns= igned int line) X("getsockopt"); =20 if (buflen > 0) { - if (strcmp(buf, "mptcp") !=3D 0) + if (strcmp(buf, fallback(sock) ? "mptcp" : "tls") !=3D 0) xerror("unexpected ULP '%s' for proto %d at line %u", buf, proto, line); ret =3D do_ulp_so(sock, "tls"); if (ret =3D=3D 0) X("setsockopt"); } else if (proto =3D=3D IPPROTO_MPTCP) { ret =3D do_ulp_so(sock, "tls"); - if (ret !=3D -1) + if (ret !=3D expect) X("setsockopt"); } =20 @@ -300,7 +312,7 @@ static void sock_test_tcpulp(int sock, int proto, unsig= ned int line) #undef X } =20 -#define SOCK_TEST_TCPULP(s, p) sock_test_tcpulp((s), (p), __LINE__) +#define SOCK_TEST_TCPULP(s, p, e) sock_test_tcpulp((s), (p), (e), __LINE__) =20 static int sock_listen_mptcp(const char * const listenaddr, const char * const port) @@ -325,7 +337,7 @@ static int sock_listen_mptcp(const char * const listena= ddr, if (sock < 0) continue; =20 - SOCK_TEST_TCPULP(sock, cfg_sock_proto); + SOCK_TEST_TCPULP(sock, cfg_sock_proto, -1); =20 if (-1 =3D=3D setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one))) @@ -352,7 +364,7 @@ static int sock_listen_mptcp(const char * const listena= ddr, return sock; } =20 - SOCK_TEST_TCPULP(sock, cfg_sock_proto); + SOCK_TEST_TCPULP(sock, cfg_sock_proto, -1); =20 if (listen(sock, 20)) { perror("listen"); @@ -360,7 +372,7 @@ static int sock_listen_mptcp(const char * const listena= ddr, return -1; } =20 - SOCK_TEST_TCPULP(sock, cfg_sock_proto); + SOCK_TEST_TCPULP(sock, cfg_sock_proto, -1); =20 return sock; } @@ -388,7 +400,7 @@ static int sock_connect_mptcp(const char * const remote= addr, continue; } =20 - SOCK_TEST_TCPULP(sock, proto); + SOCK_TEST_TCPULP(sock, proto, -1); =20 if (cfg_mark) set_mark(sock, cfg_mark); @@ -425,7 +437,7 @@ static int sock_connect_mptcp(const char * const remote= addr, =20 freeaddrinfo(addr); if (sock !=3D -1) - SOCK_TEST_TCPULP(sock, proto); + SOCK_TEST_TCPULP(sock, proto, fallback(sock) ? -1 : 0); return sock; } =20 @@ -1202,7 +1214,7 @@ int main_loop_s(int listensock) xerror("can't open %s: %d", cfg_input, errno); } =20 - SOCK_TEST_TCPULP(remotesock, 0); + SOCK_TEST_TCPULP(remotesock, 0, 0); =20 memset(&winfo, 0, sizeof(winfo)); err =3D copyfd_io(fd, remotesock, 1, true, &winfo); @@ -1364,7 +1376,7 @@ void xdisconnect(int fd) int main_loop(void) { int fd =3D 0, ret, fd_in =3D 0; - struct addrinfo *peer; + struct addrinfo *peer =3D NULL; struct wstate winfo; =20 if (cfg_input && cfg_sockopt_types.mptfo) { @@ -1381,7 +1393,7 @@ int main_loop(void) again: check_getpeername_connect(fd); =20 - SOCK_TEST_TCPULP(fd, cfg_sock_proto); + SOCK_TEST_TCPULP(fd, cfg_sock_proto, -1); =20 if (cfg_rcvbuf) set_rcvbuf(fd, cfg_rcvbuf); --=20 2.51.0 From nobody Thu Nov 27 12:37:16 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9A36986347 for ; Sat, 22 Nov 2025 08:45:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763801145; cv=none; b=BUoGtwmurE4Bv/bO1DmNRLVPiNkEeKcpcDkBB8yaZF0bhnqeKX1AI2C60wV7ZZWtlLqwy8sbQ6BCfBzRndPaAUgp5VXf8Ko2+eoqiH5tSbyVTW9FYItXEdfTKKEVURa8RkABMoSdnhr0R+C8OmEvIDaf5Vaz9HIa02dqChN/+T0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1763801145; c=relaxed/simple; bh=iAuiZkPh5nUT9dQExOk9+PVKGbGN0rR3KtfKCt+ygwQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=bcbTmtoDGLISalSyuh48jTqWGteVTjWFIErzGO9yPpRMZHM/IIEixtYmWhF25wLcopMAm5YS5cNa6FOFMn+tKKRL5dnZp2sRto2Qo+R+UkCYqnofV7y8dkYtV4JrA0UnnHl6fIUU+CoixPGSxvgscRn1G2LBdJH4VYcHKOhAv38= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=QufltKgb; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="QufltKgb" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 306EEC4CEFB; Sat, 22 Nov 2025 08:45:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1763801145; bh=iAuiZkPh5nUT9dQExOk9+PVKGbGN0rR3KtfKCt+ygwQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=QufltKgbGVgW/LoO9/7SmCfu1NdZusqJxgAQuZtoHg/zU3phbnvp4+CP5uau58aVD bA363FzYBKAM8nU7w2UFjO9wK+Nacdrkzjmd8nKmXuL5Dq5y0VMTNP1TcHS3s+MQcR iVB6BDsa7u3IoIEo+RP6xnbE0ELD6z4/coPFWlhvIf6jBvBCLXanU2iQjCPK8UEKWR CVdktXjSNiW0v2P8uzfrMUbo1SVBgRHizANLqedOlJuIayyNnHPMdWm4NRkC6b/oEU LlOTO9YylMntlq95AYVH0/bICa2QFGzsGKImVnbaHqPnB29CPWuKjXNHSVpXhDh2kP 5pj0IHuy4JWtg== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v3 8/8] selftests: mptcp: sockopt: cover MPTCP KTLS test cases Date: Sat, 22 Nov 2025 16:45:27 +0800 Message-ID: <448d97973d16701ebcbfc86e05fa2d182d740aa9.1763800601.git.tanggeliang@kylinos.cn> X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang Now that MPTCP KTLS support is implemented, extend the existing TCP KTLS test cases to cover MPTCP for both IPv4 and IPv6. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- tools/testing/selftests/net/mptcp/mptcp_sockopt.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/net/mptcp/mptcp_sockopt.sh b/tools/tes= ting/selftests/net/mptcp/mptcp_sockopt.sh index 6dcc0a100094..c1f99dd1532b 100755 --- a/tools/testing/selftests/net/mptcp/mptcp_sockopt.sh +++ b/tools/testing/selftests/net/mptcp/mptcp_sockopt.sh @@ -375,7 +375,7 @@ do_tls_tests() mptcp_lib_print_info "sockopt KTLS" =20 local args - for args in "-c -t tcp -r tcp" "-6 -c -t tcp -r tcp"; do + for args in "-c -t tcp -r tcp" "-6 -c -t tcp -r tcp" "-c" "-6 -c"; do do_tls_test $args lret=3D$? if [ $lret -ne 0 ] ; then --=20 2.51.0