From nobody Sun Mar 22 08:25:57 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5FDFC35836F for ; Tue, 17 Mar 2026 09:13:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738816; cv=none; b=CD7aJf1kWLHSCgRKyWV3ndhyQjYzNJ6bgoWWKC36aor51sOxsfBiBPPiECx2mcsO34wh4apJO8+QMv1BfzpJgRACC68lt8a/rmvSzI/57jHlV5BeWfnGD8jGjNxLTV5+r5Dh1mSaJ9agkOvsKWM62mfjY37oT3d9izedZ0GfRqA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738816; c=relaxed/simple; bh=UefsDU3FPKLQUMrAaw7Ven5+aMb/HMw3/+MaqT+6/gM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=FMCbIS7VmMJ+FPNaK07AxjYi3Ct7b0pfEPL5a+oOXVNi03sSyjY4zTRfBSEFkrj85VrDOjOodYe7lr6bWHdAFrdbT1SgFe5GMUxiihY7BQZw0sf9IS6UOli+L7bnDfJYwmVX3sFbZpewtTBgzQa5o3Egke4/fE+74dqSCHgR/Kc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=nSC7HbRQ; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="nSC7HbRQ" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 2A667C4CEF7; Tue, 17 Mar 2026 09:13:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773738816; bh=UefsDU3FPKLQUMrAaw7Ven5+aMb/HMw3/+MaqT+6/gM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=nSC7HbRQDGmxKuug9ayZnC5GV0lA2Y+riecYz74anvzR2LZjMCzLUvu345ZLX3306 RZeJg9CYvyFBZDuAOwX0eOlqOtQWvQTJhOqcf9C7ik+gSAg7uEW9lxTAQQqEQv67Us AhDALPerhL78vxiLJZ9iomCIFp35MP21M1hhyTI0H+fUN2z/8plCGaTxobcloX3UG8 sZpA6eoRHUeuvC2cDwOwTv1w04X/eLtNEn8Ym4JM0ugbNFJWowcn2X2NINPOaMLskn DeW1c69cBhnQns7bffeaRHDP3T3QOUFfLEAjxIM0NniO8f53yH942WkBvLUfD16Gtp GcXDTDN66og7Q== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v10 01/14] tls: introduce struct tls_prot_ops for protocol ops Date: Tue, 17 Mar 2026 17:12:37 +0800 Message-ID: X-Mailer: git-send-email 2.53.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang To extend MPTCP support based on TCP TLS, a tls_prot_ops structure has been introduced for TLS, encapsulating TCP-specific helpers within this structure. Add registering, validating and finding functions for this structure to add, validate and find a tls_prot_ops on the global list tls_prot_ops_list. Register TCP-specific structure tls_tcp_ops in tls_init(). Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- include/net/tls.h | 19 +++++++++++ net/tls/tls_main.c | 82 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 101 insertions(+) diff --git a/include/net/tls.h b/include/net/tls.h index ebd2550280ae..40001110bccb 100644 --- a/include/net/tls.h +++ b/include/net/tls.h @@ -220,6 +220,25 @@ struct tls_prot_info { u16 tail_size; }; =20 +struct tls_prot_ops { + int protocol; + struct module *owner; + struct list_head list; + + int (*inq)(struct sock *sk); + int (*sendmsg_locked)(struct sock *sk, struct msghdr *msg, size_t size); + struct sk_buff *(*recv_skb)(struct sock *sk, u32 *off); + int (*read_sock)(struct sock *sk, read_descriptor_t *desc, + sk_read_actor_t recv_actor); + void (*read_done)(struct sock *sk, size_t len); + u32 (*get_skb_off)(struct sk_buff *skb); + u32 (*get_skb_seq)(struct sk_buff *skb); + __poll_t (*poll)(struct file *file, struct socket *sock, + struct poll_table_struct *wait); + bool (*epollin_ready)(const struct sock *sk); + void (*check_app_limited)(struct sock *sk); +}; + struct tls_context { /* read-only cache line */ struct tls_prot_info prot_info; diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c index fd39acf41a61..e628b729cbd3 100644 --- a/net/tls/tls_main.c +++ b/net/tls/tls_main.c @@ -128,6 +128,24 @@ static struct proto_ops tls_proto_ops[TLS_NUM_PROTS][T= LS_NUM_CONFIG][TLS_NUM_CON static void build_protos(struct proto prot[TLS_NUM_CONFIG][TLS_NUM_CONFIG], const struct proto *base); =20 +static DEFINE_SPINLOCK(tls_prot_ops_lock); +static LIST_HEAD(tls_prot_ops_list); + +/* Must be called with rcu read lock held */ +static struct tls_prot_ops *tls_prot_ops_find(int protocol) +{ + struct tls_prot_ops *ops, *ret =3D NULL; + + list_for_each_entry_rcu(ops, &tls_prot_ops_list, list) { + if (ops->protocol =3D=3D protocol) { + ret =3D ops; + break; + } + } + + return ret; +} + void update_sk_prot(struct sock *sk, struct tls_context *ctx) { int ip_ver =3D sk->sk_family =3D=3D AF_INET6 ? TLSV6 : TLSV4; @@ -1236,6 +1254,68 @@ static struct tcp_ulp_ops tcp_tls_ulp_ops __read_mos= tly =3D { .get_info_size =3D tls_get_info_size, }; =20 +static int tls_validate_prot_ops(const struct tls_prot_ops *ops) +{ + if (!ops->inq || !ops->sendmsg_locked || + !ops->recv_skb || !ops->read_sock || + !ops->read_done || !ops->get_skb_seq || + !ops->poll || !ops->epollin_ready || + !ops->check_app_limited) { + pr_err("%d does not implement required ops\n", ops->protocol); + return -EINVAL; + } + + return 0; +} + +static int tls_register_prot_ops(struct tls_prot_ops *ops) +{ + int ret; + + ret =3D tls_validate_prot_ops(ops); + if (ret) + return ret; + + spin_lock(&tls_prot_ops_lock); + if (tls_prot_ops_find(ops->protocol)) { + spin_unlock(&tls_prot_ops_lock); + return -EEXIST; + } + list_add_tail_rcu(&ops->list, &tls_prot_ops_list); + spin_unlock(&tls_prot_ops_lock); + + pr_debug("tls_prot_ops %d registered\n", ops->protocol); + return 0; +} + +static struct sk_buff *tls_tcp_recv_skb(struct sock *sk, u32 *off) +{ + return tcp_recv_skb(sk, tcp_sk(sk)->copied_seq, off); +} + +static u32 tls_tcp_get_skb_seq(struct sk_buff *skb) +{ + return TCP_SKB_CB(skb)->seq; +} + +static bool tls_tcp_epollin_ready(const struct sock *sk) +{ + return tcp_epollin_ready(sk, INT_MAX); +} + +static struct tls_prot_ops tls_tcp_ops =3D { + .protocol =3D IPPROTO_TCP, + .inq =3D tcp_inq, + .sendmsg_locked =3D tcp_sendmsg_locked, + .recv_skb =3D tls_tcp_recv_skb, + .read_sock =3D tcp_read_sock, + .read_done =3D tcp_read_done, + .get_skb_seq =3D tls_tcp_get_skb_seq, + .poll =3D tcp_poll, + .epollin_ready =3D tls_tcp_epollin_ready, + .check_app_limited =3D tcp_rate_check_app_limited, +}; + static int __init tls_register(void) { int err; @@ -1254,6 +1334,8 @@ static int __init tls_register(void) =20 tcp_register_ulp(&tcp_tls_ulp_ops); =20 + tls_register_prot_ops(&tls_tcp_ops); + return 0; err_strp: tls_strp_dev_exit(); --=20 2.53.0 From nobody Sun Mar 22 08:25:57 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1B75235836F for ; Tue, 17 Mar 2026 09:13:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738818; cv=none; b=Mse10N9eeCxt2Dg05i8gbnkMugHwWM2xYWJdfSAPQDPsmSihaP0/QbgYpWbUrHu+OfSEqACzeNEd1y0iyXjShemjfXGVShIS8IKM2J8f1J+Q+NvUa02khnMXS2WetVgQXz89zeyH05Z/wqqW1R889jE9W7i7oaq+hMZTi6ZAPPI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738818; c=relaxed/simple; bh=PV/w9+r+ciuDscd9fw5x/4NRmhwZfXkP+AFCndwH1oQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ami8cWdJq/C4ToBbTLOibbckZvYpXnzWGahVW17qMOfbBn8gsYZxmd+gpPL5nBSoRoKKL4aD1wmxBGHXeU4R+O+zyW5LM7qd5fo4tCRthRDGnqsZYF+A8dzBSh78G5LlVBTvxaESmS/rJ/Mi3Su6VjTvS1pJ3kSt0O2K1QHKj44= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=aCXyl5rs; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="aCXyl5rs" Received: by smtp.kernel.org (Postfix) with ESMTPSA id BA782C4CEF7; Tue, 17 Mar 2026 09:13:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773738817; bh=PV/w9+r+ciuDscd9fw5x/4NRmhwZfXkP+AFCndwH1oQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=aCXyl5rsmfuiLsqTRToDzz+GErTClqg3mWpOLcXXt9aTf+NJys/Xl2ERTRJdl2nkB noBcxv5RAp9Wr+Cae4g4OIcsVDF2yIgyFHk74toe0OtvXgyFq6wQQSKEKmHN/c+5C0 Jedp3ED7AyoVuHuh6IwB54XMHi0wGxWjQ8jYa/uvQu3UFPzKznJKKI5flP4UMaCzos UqwPBPpKgC9i+1V0jDVrvGXnhBLdXyCWyqVheNUubORBGGvxsqa4e69zLqgs1mzrOS Ak007ICZHj/LBWFWiPnsGkJeFMSs0ad2qVov6sNkAbaTHQA84buLDyydAQumdtgQwL Xt5l276BQEqXw== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v10 02/14] tls: add tls_prot_ops pointer to tls_context Date: Tue, 17 Mar 2026 17:12:38 +0800 Message-ID: <3bb6df399aed55a47d223079446f53952bdffeef.1773737371.git.tanggeliang@kylinos.cn> X-Mailer: git-send-email 2.53.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang A pointer to struct tls_prot_ops, named 'ops', has been added to struct tls_context. The places originally calling TLS-specific helpers have now been modified to indirectly invoke them via 'ops' pointer in tls_context. In do_tls_setsockopt_conf(), ctx->ops is assigned either 'tls_mptcp_ops' or 'tls_tcp_ops' based on the socket protocol. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- include/net/tls.h | 1 + net/tls/tls_main.c | 15 +++++++++++---- net/tls/tls_strp.c | 29 +++++++++++++++++++---------- net/tls/tls_sw.c | 7 +++++-- 4 files changed, 36 insertions(+), 16 deletions(-) diff --git a/include/net/tls.h b/include/net/tls.h index 40001110bccb..3c67c45f13be 100644 --- a/include/net/tls.h +++ b/include/net/tls.h @@ -277,6 +277,7 @@ struct tls_context { struct sock *sk; =20 void (*sk_destruct)(struct sock *sk); + const struct tls_prot_ops *ops; =20 union tls_crypto_context crypto_send; union tls_crypto_context crypto_recv; diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c index e628b729cbd3..fe8ba116504a 100644 --- a/net/tls/tls_main.c +++ b/net/tls/tls_main.c @@ -206,13 +206,13 @@ int tls_push_sg(struct sock *sk, ctx->splicing_pages =3D true; while (1) { /* is sending application-limited? */ - tcp_rate_check_app_limited(sk); + ctx->ops->check_app_limited(sk); p =3D sg_page(sg); retry: bvec_set_page(&bvec, p, size, offset); iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, &bvec, 1, size); =20 - ret =3D tcp_sendmsg_locked(sk, &msg, size); + ret =3D ctx->ops->sendmsg_locked(sk, &msg, size); =20 if (ret !=3D size) { if (ret > 0) { @@ -427,14 +427,14 @@ static __poll_t tls_sk_poll(struct file *file, struct= socket *sock, u8 shutdown; int state; =20 - mask =3D tcp_poll(file, sock, wait); + tls_ctx =3D tls_get_ctx(sk); + mask =3D tls_ctx->ops->poll(file, sock, wait); =20 state =3D inet_sk_state_load(sk); shutdown =3D READ_ONCE(sk->sk_shutdown); if (unlikely(state !=3D TCP_ESTABLISHED || shutdown & RCV_SHUTDOWN)) return mask; =20 - tls_ctx =3D tls_get_ctx(sk); ctx =3D tls_sw_ctx_rx(tls_ctx); psock =3D sk_psock_get(sk); =20 @@ -1094,6 +1094,13 @@ static int tls_init(struct sock *sk) ctx->tx_conf =3D TLS_BASE; ctx->rx_conf =3D TLS_BASE; ctx->tx_max_payload_len =3D TLS_MAX_PAYLOAD_SIZE; + ctx->ops =3D tls_prot_ops_find(sk->sk_protocol); + if (!ctx->ops) { + tls_ctx_free(sk, ctx); + inet_csk(sk)->icsk_ulp_ops =3D NULL; + rc =3D -EINVAL; + goto out; + } update_sk_prot(sk, ctx); out: write_unlock_bh(&sk->sk_callback_lock); diff --git a/net/tls/tls_strp.c b/net/tls/tls_strp.c index 98e12f0ff57e..ef1a8659ee18 100644 --- a/net/tls/tls_strp.c +++ b/net/tls/tls_strp.c @@ -120,6 +120,7 @@ struct sk_buff *tls_strp_msg_detach(struct tls_sw_conte= xt_rx *ctx) int tls_strp_msg_cow(struct tls_sw_context_rx *ctx) { struct tls_strparser *strp =3D &ctx->strp; + struct tls_context *tls_ctx; struct sk_buff *skb; =20 if (strp->copy_mode) @@ -132,7 +133,8 @@ int tls_strp_msg_cow(struct tls_sw_context_rx *ctx) tls_strp_anchor_free(strp); strp->anchor =3D skb; =20 - tcp_read_done(strp->sk, strp->stm.full_len); + tls_ctx =3D tls_get_ctx(strp->sk); + tls_ctx->ops->read_done(strp->sk, strp->stm.full_len); strp->copy_mode =3D 1; =20 return 0; @@ -376,6 +378,7 @@ static int tls_strp_copyin(read_descriptor_t *desc, str= uct sk_buff *in_skb, =20 static int tls_strp_read_copyin(struct tls_strparser *strp) { + struct tls_context *ctx =3D tls_get_ctx(strp->sk); read_descriptor_t desc; =20 desc.arg.data =3D strp; @@ -383,13 +386,14 @@ static int tls_strp_read_copyin(struct tls_strparser = *strp) desc.count =3D 1; /* give more than one skb per call */ =20 /* sk should be locked here, so okay to do read_sock */ - tcp_read_sock(strp->sk, &desc, tls_strp_copyin); + ctx->ops->read_sock(strp->sk, &desc, tls_strp_copyin); =20 return desc.error; } =20 static int tls_strp_read_copy(struct tls_strparser *strp, bool qshort) { + struct tls_context *ctx =3D tls_get_ctx(strp->sk); struct skb_shared_info *shinfo; struct page *page; int need_spc, len; @@ -398,7 +402,7 @@ static int tls_strp_read_copy(struct tls_strparser *str= p, bool qshort) * to read the data out. Otherwise the connection will stall. * Without pressure threshold of INT_MAX will never be ready. */ - if (likely(qshort && !tcp_epollin_ready(strp->sk, INT_MAX))) + if (likely(qshort && !ctx->ops->epollin_ready(strp->sk))) return 0; =20 shinfo =3D skb_shinfo(strp->anchor); @@ -434,12 +438,13 @@ static int tls_strp_read_copy(struct tls_strparser *s= trp, bool qshort) static bool tls_strp_check_queue_ok(struct tls_strparser *strp) { unsigned int len =3D strp->stm.offset + strp->stm.full_len; + struct tls_context *ctx =3D tls_get_ctx(strp->sk); struct sk_buff *first, *skb; u32 seq; =20 first =3D skb_shinfo(strp->anchor)->frag_list; skb =3D first; - seq =3D TCP_SKB_CB(first)->seq; + seq =3D ctx->ops->get_skb_seq(first); =20 /* Make sure there's no duplicate data in the queue, * and the decrypted status matches. @@ -449,7 +454,7 @@ static bool tls_strp_check_queue_ok(struct tls_strparse= r *strp) len -=3D skb->len; skb =3D skb->next; =20 - if (TCP_SKB_CB(skb)->seq !=3D seq) + if (ctx->ops->get_skb_seq(skb) !=3D seq) return false; if (skb_cmp_decrypted(first, skb)) return false; @@ -460,11 +465,11 @@ static bool tls_strp_check_queue_ok(struct tls_strpar= ser *strp) =20 static void tls_strp_load_anchor_with_queue(struct tls_strparser *strp, in= t len) { - struct tcp_sock *tp =3D tcp_sk(strp->sk); + struct tls_context *ctx =3D tls_get_ctx(strp->sk); struct sk_buff *first; u32 offset; =20 - first =3D tcp_recv_skb(strp->sk, tp->copied_seq, &offset); + first =3D ctx->ops->recv_skb(strp->sk, &offset); if (WARN_ON_ONCE(!first)) return; =20 @@ -483,6 +488,7 @@ static void tls_strp_load_anchor_with_queue(struct tls_= strparser *strp, int len) =20 bool tls_strp_msg_load(struct tls_strparser *strp, bool force_refresh) { + struct tls_context *ctx =3D tls_get_ctx(strp->sk); struct strp_msg *rxm; struct tls_msg *tlm; =20 @@ -490,7 +496,7 @@ bool tls_strp_msg_load(struct tls_strparser *strp, bool= force_refresh) DEBUG_NET_WARN_ON_ONCE(!strp->stm.full_len); =20 if (!strp->copy_mode && force_refresh) { - if (unlikely(tcp_inq(strp->sk) < strp->stm.full_len)) { + if (unlikely(ctx->ops->inq(strp->sk) < strp->stm.full_len)) { WRITE_ONCE(strp->msg_ready, 0); memset(&strp->stm, 0, sizeof(strp->stm)); return false; @@ -511,9 +517,10 @@ bool tls_strp_msg_load(struct tls_strparser *strp, boo= l force_refresh) /* Called with lock held on lower socket */ static int tls_strp_read_sock(struct tls_strparser *strp) { + struct tls_context *ctx =3D tls_get_ctx(strp->sk); int sz, inq; =20 - inq =3D tcp_inq(strp->sk); + inq =3D ctx->ops->inq(strp->sk); if (inq < 1) return 0; =20 @@ -583,10 +590,12 @@ static void tls_strp_work(struct work_struct *w) =20 void tls_strp_msg_done(struct tls_strparser *strp) { + struct tls_context *ctx =3D tls_get_ctx(strp->sk); + WARN_ON(!strp->stm.full_len); =20 if (likely(!strp->copy_mode)) - tcp_read_done(strp->sk, strp->stm.full_len); + ctx->ops->read_done(strp->sk, strp->stm.full_len); else tls_strp_flush_anchor_copy(strp); =20 diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index a656ce235758..b6959ebcded8 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -1952,13 +1952,14 @@ tls_read_flush_backlog(struct sock *sk, struct tls_= prot_info *prot, size_t len_left, size_t decrypted, ssize_t done, size_t *flushed_at) { + struct tls_context *tls_ctx =3D tls_get_ctx(sk); size_t max_rec; =20 if (len_left <=3D decrypted) return false; =20 max_rec =3D prot->overhead_size - prot->tail_size + TLS_MAX_PAYLOAD_SIZE; - if (done - *flushed_at < SZ_128K && tcp_inq(sk) > max_rec) + if (done - *flushed_at < SZ_128K && tls_ctx->ops->inq(sk) > max_rec) return false; =20 *flushed_at =3D done; @@ -2445,6 +2446,7 @@ int tls_rx_msg_size(struct tls_strparser *strp, struc= t sk_buff *skb) size_t cipher_overhead; size_t data_len =3D 0; int ret; + u32 seq; =20 /* Verify that we have a full TLS header, or wait for more data */ if (strp->stm.offset + prot->prepend_size > skb->len) @@ -2487,8 +2489,9 @@ int tls_rx_msg_size(struct tls_strparser *strp, struc= t sk_buff *skb) goto read_failure; } =20 + seq =3D tls_ctx->ops->get_skb_seq(skb); tls_device_rx_resync_new_rec(strp->sk, data_len + TLS_HEADER_SIZE, - TCP_SKB_CB(skb)->seq + strp->stm.offset); + seq + strp->stm.offset); return data_len + TLS_HEADER_SIZE; =20 read_failure: --=20 2.53.0 From nobody Sun Mar 22 08:25:57 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6660F35AC0F for ; Tue, 17 Mar 2026 09:13:39 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738819; cv=none; b=GAPcj36Ygfgt3tlnAtpHCxWXxucArxSWLX/8HGNE6Ktvj8HawDvLDut1swcbUyNT1bPjBrwWLuhEf+hKybw/5gU8zYJLFPR+tYYmlZYWTiBnRfq2T05FY6Zlel9TzLoqSS29Skfp6j1og3wzi6EkJhcIQBVeLOyEgsGI9bDGbjI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738819; c=relaxed/simple; bh=IpOEgkWeR/fGuGvjz34os5dYQma6F4rBZsAwJ7DQ8No=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=UuZfJKXGBksotrU1Wa6/E4vROOO1YfVbumA5ZK+6cUquBkJDN3dKcDl5+ejBosTZoV0Z0bU0Qzdr4SDl7GtKiUUKufX9Ji6o2pUXu7yT4wba7QCMaGIOdSG2u4xeHJi1Mjs28di1NKf+FNEsGo8ASi0MgHMucb8cadG0DTUvbvU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=By1k3TgF; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="By1k3TgF" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 3137DC19425; Tue, 17 Mar 2026 09:13:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773738819; bh=IpOEgkWeR/fGuGvjz34os5dYQma6F4rBZsAwJ7DQ8No=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=By1k3TgFAZ0sts23EGD9OVSWv0DNBwObhEOB1e0AAOvcZZikfTrNfJaDmad/uu8B0 DVzKIMWczEwvjU9+5X+CgjRQq5IJr20Dkm1P1mPsNMkS6JWdVb27uweKcvgSHPY4Nv vdoFLdSzl37ADPCqJ+BxC2LQ8JukHbNJoBADY9s39o1CYAO6xxbkaFkhbndtYbMwMa wX+BcZPeSH5H79XIwTP+nKlQRLtPiUusUsWXfSwQ5F9SEank7QTaYrKxlCRtCtx6UH JbzqQyqXK1Sw/ZwQqd2Rmpq42c2UxAmvvdHQCDmhc++XA44gDMtDZzNMdbaD9Tr8EV d0S0l2keNQvKg== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Gang Yan , Geliang Tang Subject: [RFC mptcp-next v10 03/14] tls: add MPTCP SKB offset check in strp queue walk Date: Tue, 17 Mar 2026 17:12:39 +0800 Message-ID: X-Mailer: git-send-email 2.53.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Gang Yan In MPTCP, subflow SKBs can have non-zero offsets due to out-of-order handling or partial delivery. When walking the TLS strp queue for sequence and decryption checks, validate each SKB's offset except the first using get_skb_off() to ensure queue consistency. This is specific to MPTCP, as TCP does not require offset checks. If any invalid offset is found, return false to trigger resynchronization. Co-developed-by: Geliang Tang Signed-off-by: Geliang Tang Signed-off-by: Gang Yan --- net/tls/tls_strp.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/net/tls/tls_strp.c b/net/tls/tls_strp.c index ef1a8659ee18..b6798d09c922 100644 --- a/net/tls/tls_strp.c +++ b/net/tls/tls_strp.c @@ -454,6 +454,9 @@ static bool tls_strp_check_queue_ok(struct tls_strparse= r *strp) len -=3D skb->len; skb =3D skb->next; =20 + if (ctx->ops->get_skb_off && + ctx->ops->get_skb_off(skb)) + return false; if (ctx->ops->get_skb_seq(skb) !=3D seq) return false; if (skb_cmp_decrypted(first, skb)) --=20 2.53.0 From nobody Sun Mar 22 08:25:57 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B268735B138 for ; Tue, 17 Mar 2026 09:13:40 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738820; cv=none; b=reGDptq6MVRwjGvkSrOWezGfBBmer33m2o6uawBYg30/Fh0EhCXiIpl0KkuVDhs8FUmbkbY1Ux0GngA5rFi0GAtN8WIvP7GfEl0nKn898pNQ1wqn16gU7uEohcYJ7IZ5NdWJOsosyCK9eaFN2l/cBPu5DPWu9Dv2vF42dGBCmBk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738820; c=relaxed/simple; bh=gKHyvosmK+Ox2nSYitqTgWp5DrHAaeGPnAjnUS+lgOc=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=n4E52h7gnIBufBJKZ0/AaQA8UV0pIFGMbSbXK3uRJ0GXCeKiFF8Ug5m7h5YH0LgY14OsGGZONi6WS3BtnAxlPCY5j5McW8j/d5A14+NjBfkc5RQyzVy8M9pbvs5xwjCMR42th77Gv6Saduze5iAWCL7WR7oRQTk8RCDKMImSaA8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=hEAH0eBG; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="hEAH0eBG" Received: by smtp.kernel.org (Postfix) with ESMTPSA id A19E0C4CEF7; Tue, 17 Mar 2026 09:13:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773738820; bh=gKHyvosmK+Ox2nSYitqTgWp5DrHAaeGPnAjnUS+lgOc=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=hEAH0eBGL+f0aJPcaiapZ3tVQB3EFn6H3/dJYx0iNlD0R70HhPOz48A1HwVq8W+xB pU198wXy/gLhLKOAJ4oCeGNv+hxshsf+sq5BG57gUgQb02N8lZIdgifOd1AhnNQc4o DajHmwx6qJWeKS1qq0ph47wBNpDgPzPdsprzwntzfyUOM8Jd7rH09a7r3ykp6wdSr0 irzGLC6k+a+MpDSvCI2xVsvtIljsRCyYjutVfA5TRuLV5YCFf6J7AC2VF8JVg2n8Gv +ceOCERARp3RWouHcFkI+RG2w7Eq+X19Ie6D9vUBarvU7oFz/yYT5LUh/CUXDHn1eL 9igWQdRD7SOIQ== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Gang Yan , Geliang Tang Subject: [RFC mptcp-next v10 04/14] mptcp: update mptcp_check_readable for TLS use Date: Tue, 17 Mar 2026 17:12:40 +0800 Message-ID: <78af1d93ccd2297c4048528858bc41bbc7663dbc.1773737371.git.tanggeliang@kylinos.cn> X-Mailer: git-send-email 2.53.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Gang Yan This patch makes mptcp_check_readable() aligned with TCP, and renames it to mptcp_stream_is_readable(). It will be used in the case of KTLS, because 'prot' will be modified, tls_sw_sock_is_readable() is expected to be called from prot->sock_is_readable(). Co-developed-by: Geliang Tang Signed-off-by: Geliang Tang Signed-off-by: Gang Yan --- net/mptcp/protocol.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c index 023a4fb68617..5585f43cf879 100644 --- a/net/mptcp/protocol.c +++ b/net/mptcp/protocol.c @@ -3309,9 +3309,11 @@ void __mptcp_unaccepted_force_close(struct sock *sk) __mptcp_destroy_sock(sk); } =20 -static __poll_t mptcp_check_readable(struct sock *sk) +static bool mptcp_stream_is_readable(struct sock *sk) { - return mptcp_epollin_ready(sk) ? EPOLLIN | EPOLLRDNORM : 0; + if (mptcp_epollin_ready(sk)) + return true; + return sk_is_readable(sk); } =20 static void mptcp_check_listen_stop(struct sock *sk) @@ -4373,7 +4375,8 @@ static __poll_t mptcp_poll(struct file *file, struct = socket *sock, mask |=3D EPOLLIN | EPOLLRDNORM | EPOLLRDHUP; =20 if (state !=3D TCP_SYN_SENT && state !=3D TCP_SYN_RECV) { - mask |=3D mptcp_check_readable(sk); + if (mptcp_stream_is_readable(sk)) + mask |=3D EPOLLIN | EPOLLRDNORM; if (shutdown & SEND_SHUTDOWN) mask |=3D EPOLLOUT | EPOLLWRNORM; else --=20 2.53.0 From nobody Sun Mar 22 08:25:57 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5C58735A389 for ; Tue, 17 Mar 2026 09:13:42 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738822; cv=none; b=HjJwLJpNx/PjgQVLn/VEb6BqWIXZsg0Z66axJV+xkPRDLhE5Xy3K02vWaYjTYw6UWKN+jgFX5qw6CRsrUU/3LF0K2RN4kPZBH56ZfEMb91VzGVkTnzEi7IMEqv22tYao51eRBDUJZVd9P3Xv/1gzSGwyYEiniUNrABaUHL3ofqk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738822; c=relaxed/simple; bh=+YJMWzBa+SbUbHxydiURNRfqH3ZTcgWPX4vlh9xC+/g=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ULwUQccSghnMqNzzy5vBFVwSFUYxyLrHbP9OQdDWwVZ2qxZPhT0uSpV/CMDXPVo1+t6V5C4R0lXzxM69ExCzJNQiwLI1FB80Upt73UrHjku97DA+B7mttdtNyntfb9nhlMg2Anj9uJg5NpcTWtQzLYwqxnBkvGji5EheIwiI8Ns= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=q7DHi0ZP; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="q7DHi0ZP" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 18082C19425; Tue, 17 Mar 2026 09:13:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773738822; bh=+YJMWzBa+SbUbHxydiURNRfqH3ZTcgWPX4vlh9xC+/g=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=q7DHi0ZPJgnS2vRk5QfUbUo0R+cwzu/6iw/uEb6D1Gqba3jHddS4iakB97k2JhvAM ePpN83nJdhGmPHKQX7h66aWqQihC3g7Uq/vB6t3g3Plbrvh29gdpZ98YXbkBNcD6h0 +3B1ZhU2KP5kEp6uE8aGxEiiJByrdNVseSTe0LviRh2XkL6Q92l+ikS012LuRL7frl OZCHrczKND4RcbIILwNmm0uyQpBdAbX2/zPLsf+Gp/+QsyEQYvviSO4MX/gbrjBC/h 3wD3+hOC+B0RuEBkSYiIdBWyyFyI1blaJ480BsUOSyaDsbzR+h0ls1XEMXpt0Kl452 Ysc0OS3tPNgFA== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v10 05/14] mptcp: avoid sleeping in read_sock path under softirq Date: Tue, 17 Mar 2026 17:12:41 +0800 Message-ID: X-Mailer: git-send-email 2.53.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang When mptcp_read_sock() is called from softirq context via TLS read_sock, lock_sock_fast() in mptcp_rcv_space_adjust() and mptcp_cleanup_rbuf() may trigger might_sleep() warnings or illegal sleeps, as softirq context cannot block. Replace lock_sock_fast() with spin_trylock_bh() to make locking non-blocking and context-safe. Skip operations if the lock cannot be acquired. Also introduce mptcp_data_trylock() in mptcp_move_skbs() to make data locking non-blocking in the read_sock path. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- net/mptcp/protocol.c | 21 +++++++++++---------- net/mptcp/protocol.h | 1 + 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c index 5585f43cf879..1903f5b1fc44 100644 --- a/net/mptcp/protocol.c +++ b/net/mptcp/protocol.c @@ -561,12 +561,11 @@ static void mptcp_send_ack(struct mptcp_sock *msk) =20 static void mptcp_subflow_cleanup_rbuf(struct sock *ssk, int copied) { - bool slow; - - slow =3D lock_sock_fast(ssk); - if (tcp_can_send_ack(ssk)) + if (!spin_trylock_bh(&ssk->sk_lock.slock)) + return; + if (!sock_owned_by_user(ssk) && tcp_can_send_ack(ssk)) tcp_cleanup_rbuf(ssk, copied); - unlock_sock_fast(ssk, slow); + spin_unlock_bh(&ssk->sk_lock.slock); } =20 static bool mptcp_subflow_could_cleanup(const struct sock *ssk, bool rx_em= pty) @@ -2194,14 +2193,15 @@ static void mptcp_rcv_space_adjust(struct mptcp_soc= k *msk, int copied) */ mptcp_for_each_subflow(msk, subflow) { struct sock *ssk; - bool slow; =20 ssk =3D mptcp_subflow_tcp_sock(subflow); - slow =3D lock_sock_fast(ssk); + if (!spin_trylock_bh(&ssk->sk_lock.slock)) + continue; /* subflows can be added before tcp_init_transfer() */ - if (tcp_sk(ssk)->rcvq_space.space) + if (!sock_owned_by_user(ssk) && + tcp_sk(ssk)->rcvq_space.space) tcp_rcvbuf_grow(ssk, copied); - unlock_sock_fast(ssk, slow); + spin_unlock_bh(&ssk->sk_lock.slock); } } =20 @@ -2299,7 +2299,8 @@ static bool mptcp_move_skbs(struct sock *sk) bool enqueued =3D false; u32 moved; =20 - mptcp_data_lock(sk); + if (!mptcp_data_trylock(sk)) + return false; while (mptcp_can_spool_backlog(sk, &skbs)) { mptcp_data_unlock(sk); enqueued |=3D __mptcp_move_skbs(sk, &skbs, &moved); diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h index f0eaba2c61fa..7d8531837736 100644 --- a/net/mptcp/protocol.h +++ b/net/mptcp/protocol.h @@ -378,6 +378,7 @@ struct mptcp_sock { }; =20 #define mptcp_data_lock(sk) spin_lock_bh(&(sk)->sk_lock.slock) +#define mptcp_data_trylock(sk) spin_trylock_bh(&(sk)->sk_lock.slock) #define mptcp_data_unlock(sk) spin_unlock_bh(&(sk)->sk_lock.slock) =20 #define mptcp_for_each_subflow(__msk, __subflow) \ --=20 2.53.0 From nobody Sun Mar 22 08:25:57 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C8C8835B138 for ; Tue, 17 Mar 2026 09:13:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738823; cv=none; b=u2e57kd/f9UtQxxs2DAIdZaEPiT68e4XB4I+ZG4jLSq3CPE+tnJCx8BFq0L+kIOTzIRid9jrTxQLaVXAakWih0yxmm2iUreVl3jdMj1025YFFUqBiXM1ynv+hweAiIWNpqb0je1r8XAwrONkg0b+ybg3js5xmsWaaaTysRX0BeA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738823; c=relaxed/simple; bh=RXJAq+Mo+9sFIMRI0ntFHMkFvzN0dyO8rUGOeV/dQ+g=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=FTDh4aK0g3kk41I9PNxB6RzRLIGPArVj7CbaOPLHdfN6XyrIR1d6XGPS5FRFXdA0fbonqkmdtGnDwJdQs2s759oMnj1KVK5XqWGiej7oJ+fARWPPk3HUUcQdPz3WYZSzsyZx6Gh7FIlyMo1ckbVFGSsYyt7gNfz1+gUaGlp5Bes= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=lRlBqgFo; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="lRlBqgFo" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 8348AC19425; Tue, 17 Mar 2026 09:13:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773738823; bh=RXJAq+Mo+9sFIMRI0ntFHMkFvzN0dyO8rUGOeV/dQ+g=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=lRlBqgFo1CoqVa52EFJ9E46SXL/1EQcPiXL9D1auVrzVI5fpHMZ8iRcpgtSrTba/u VHVu79gceqP1OyDMFlYZj2WgoG/kGhuEkbeW4RnhaM8QHhRvVWWOEa+MDybKvfdVnZ jCQMU548JEY+GzkT2z0duJrT9uwX8XEQpQJGmYF8AgR7DubYcFOdadbel3jBxDNt4H XQrOURDBhRCvup5bDoe6npRoPKBH6dGMq/li7b55R3gVO79SplpYKZ8W5rxOxUjTU1 vV29qrOX6emugfgw/HU7GXkVUJQ5x8uxDE0eHcwTJCeeXSTLXNuHojB30Iacpxi9zI Cc5W0CNh0FUyw== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v10 06/14] mptcp: implement tls_mptcp_ops for MPTCP TLS Date: Tue, 17 Mar 2026 17:12:42 +0800 Message-ID: X-Mailer: git-send-email 2.53.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang This patch implements the MPTCP-specific struct tls_prot_ops, named 'tls_mptcp_ops'. Note that there is a slight difference between mptcp_inq() and mptcp_inq_hint(), it does not return 1 when the socket is closed or shut down; instead, it returns 0. Otherwise, it would break the condition "inq < 1" in tls_strp_read_sock(). Passing an MPTCP socket to tcp_sock_rate_check_app_limited() can trigger a crash. Here, an MPTCP version of check_app_limited() is implemented, which calls tcp_sock_rate_check_app_limited() for each subflow. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- include/net/mptcp.h | 2 + include/net/tcp.h | 1 + net/ipv4/tcp.c | 9 +++- net/mptcp/protocol.c | 106 ++++++++++++++++++++++++++++++++++++++++--- net/tls/tls_main.c | 3 ++ 5 files changed, 113 insertions(+), 8 deletions(-) diff --git a/include/net/mptcp.h b/include/net/mptcp.h index 4cf59e83c1c5..02564eceeb7e 100644 --- a/include/net/mptcp.h +++ b/include/net/mptcp.h @@ -132,6 +132,8 @@ struct mptcp_pm_ops { void (*release)(struct mptcp_sock *msk); } ____cacheline_aligned_in_smp; =20 +extern struct tls_prot_ops tls_mptcp_ops; + #ifdef CONFIG_MPTCP void mptcp_init(void); =20 diff --git a/include/net/tcp.h b/include/net/tcp.h index f87bdacb5a69..b198938945bf 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h @@ -851,6 +851,7 @@ static inline int tcp_bound_to_half_wnd(struct tcp_sock= *tp, int pktsize) =20 /* tcp.c */ void tcp_get_info(struct sock *, struct tcp_info *); +void tcp_sock_rate_check_app_limited(struct tcp_sock *tp); void tcp_rate_check_app_limited(struct sock *sk); =20 /* Read 'sendfile()'-style from a TCP socket */ diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c index dfd677c689ef..23a35201a05a 100644 --- a/net/ipv4/tcp.c +++ b/net/ipv4/tcp.c @@ -1110,9 +1110,9 @@ int tcp_sendmsg_fastopen(struct sock *sk, struct msgh= dr *msg, int *copied, } =20 /* If a gap is detected between sends, mark the socket application-limited= . */ -void tcp_rate_check_app_limited(struct sock *sk) +void tcp_sock_rate_check_app_limited(struct tcp_sock *tp) { - struct tcp_sock *tp =3D tcp_sk(sk); + struct sock *sk =3D (struct sock *)tp; =20 if (/* We have less than one packet to send. */ tp->write_seq - tp->snd_nxt < tp->mss_cache && @@ -1125,6 +1125,11 @@ void tcp_rate_check_app_limited(struct sock *sk) tp->app_limited =3D (tp->delivered + tcp_packets_in_flight(tp)) ? : 1; } + +void tcp_rate_check_app_limited(struct sock *sk) +{ + tcp_sock_rate_check_app_limited(tcp_sk(sk)); +} EXPORT_SYMBOL_GPL(tcp_rate_check_app_limited); =20 int tcp_sendmsg_locked(struct sock *sk, struct msghdr *msg, size_t size) diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c index 1903f5b1fc44..04f9b3a0ab29 100644 --- a/net/mptcp/protocol.c +++ b/net/mptcp/protocol.c @@ -24,11 +24,12 @@ #include #include #include +#include #include #include "protocol.h" #include "mib.h" =20 -static unsigned int mptcp_inq_hint(const struct sock *sk); +static unsigned int mptcp_inq_hint(struct sock *sk); static bool mptcp_can_spool_backlog(struct sock *sk, struct list_head *skb= s); static void mptcp_backlog_spooled(struct sock *sk, u32 moved, struct list_head *skbs); @@ -1927,7 +1928,7 @@ static void mptcp_rps_record_subflows(const struct mp= tcp_sock *msk) } } =20 -static int mptcp_sendmsg(struct sock *sk, struct msghdr *msg, size_t len) +static int mptcp_sendmsg_locked(struct sock *sk, struct msghdr *msg, size_= t len) { struct mptcp_sock *msk =3D mptcp_sk(sk); struct page_frag *pfrag; @@ -1938,8 +1939,6 @@ static int mptcp_sendmsg(struct sock *sk, struct msgh= dr *msg, size_t len) /* silently ignore everything else */ msg->msg_flags &=3D MSG_MORE | MSG_DONTWAIT | MSG_NOSIGNAL | MSG_FASTOPEN; =20 - lock_sock(sk); - mptcp_rps_record_subflows(msk); =20 if (unlikely(inet_test_bit(DEFER_CONNECT, sk) || @@ -2047,7 +2046,6 @@ static int mptcp_sendmsg(struct sock *sk, struct msgh= dr *msg, size_t len) __mptcp_push_pending(sk, msg->msg_flags); =20 out: - release_sock(sk); return copied; =20 do_error: @@ -2058,6 +2056,17 @@ static int mptcp_sendmsg(struct sock *sk, struct msg= hdr *msg, size_t len) goto out; } =20 +static int mptcp_sendmsg(struct sock *sk, struct msghdr *msg, size_t len) +{ + int ret; + + lock_sock(sk); + ret =3D mptcp_sendmsg_locked(sk, msg, len); + release_sock(sk); + + return ret; +} + static void mptcp_rcv_space_adjust(struct mptcp_sock *msk, int copied); =20 static void mptcp_eat_recv_skb(struct sock *sk, struct sk_buff *skb) @@ -2312,7 +2321,7 @@ static bool mptcp_move_skbs(struct sock *sk) return enqueued; } =20 -static unsigned int mptcp_inq_hint(const struct sock *sk) +static int mptcp_inq(struct sock *sk) { const struct mptcp_sock *msk =3D mptcp_sk(sk); const struct sk_buff *skb; @@ -2327,6 +2336,16 @@ static unsigned int mptcp_inq_hint(const struct sock= *sk) return (unsigned int)hint_val; } =20 + return 0; +} + +static unsigned int mptcp_inq_hint(struct sock *sk) +{ + unsigned int inq =3D mptcp_inq(sk); + + if (inq) + return inq; + if (sk->sk_state =3D=3D TCP_CLOSE || (sk->sk_shutdown & RCV_SHUTDOWN)) return 1; =20 @@ -4752,3 +4771,78 @@ int __init mptcp_proto_v6_init(void) return err; } #endif + +static void mptcp_read_done(struct sock *sk, size_t len) +{ + struct mptcp_sock *msk =3D mptcp_sk(sk); + struct sk_buff *skb; + size_t left; + u32 offset; + + msk_owned_by_me(msk); + + if (sk->sk_state =3D=3D TCP_LISTEN) + return; + + left =3D len; + while (left && (skb =3D mptcp_recv_skb(sk, &offset)) !=3D NULL) { + int used; + + used =3D min_t(size_t, skb->len - offset, left); + msk->bytes_consumed +=3D used; + MPTCP_SKB_CB(skb)->offset +=3D used; + MPTCP_SKB_CB(skb)->map_seq +=3D used; + left -=3D used; + + if (skb->len > offset + used) + break; + + mptcp_eat_recv_skb(sk, skb); + } + + mptcp_rcv_space_adjust(msk, len - left); + + /* Clean up data we have read: This will do ACK frames. */ + if (left !=3D len) + mptcp_cleanup_rbuf(msk, len - left); +} + +static u32 mptcp_get_skb_off(struct sk_buff *skb) +{ + return MPTCP_SKB_CB(skb)->offset; +} + +static u32 mptcp_get_skb_seq(struct sk_buff *skb) +{ + return MPTCP_SKB_CB(skb)->map_seq; +} + +static void mptcp_check_app_limited(struct sock *sk) +{ + struct mptcp_sock *msk =3D mptcp_sk(sk); + struct mptcp_subflow_context *subflow; + + mptcp_for_each_subflow(msk, subflow) { + struct sock *ssk =3D mptcp_subflow_tcp_sock(subflow); + bool slow; + + slow =3D lock_sock_fast(ssk); + tcp_sock_rate_check_app_limited(tcp_sk(ssk)); + unlock_sock_fast(ssk, slow); + } +} + +struct tls_prot_ops tls_mptcp_ops =3D { + .protocol =3D IPPROTO_MPTCP, + .inq =3D mptcp_inq, + .sendmsg_locked =3D mptcp_sendmsg_locked, + .recv_skb =3D mptcp_recv_skb, + .read_sock =3D mptcp_read_sock, + .read_done =3D mptcp_read_done, + .get_skb_off =3D mptcp_get_skb_off, + .get_skb_seq =3D mptcp_get_skb_seq, + .poll =3D mptcp_poll, + .epollin_ready =3D mptcp_epollin_ready, + .check_app_limited =3D mptcp_check_app_limited, +}; +EXPORT_SYMBOL(tls_mptcp_ops); diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c index fe8ba116504a..d98beec89ddb 100644 --- a/net/tls/tls_main.c +++ b/net/tls/tls_main.c @@ -1342,6 +1342,9 @@ static int __init tls_register(void) tcp_register_ulp(&tcp_tls_ulp_ops); =20 tls_register_prot_ops(&tls_tcp_ops); +#ifdef CONFIG_MPTCP + tls_register_prot_ops(&tls_mptcp_ops); +#endif =20 return 0; err_strp: --=20 2.53.0 From nobody Sun Mar 22 08:25:57 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D531B35AC0F for ; Tue, 17 Mar 2026 09:13:45 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738825; cv=none; b=eUe/YfLikNi7SSdzAztyXUUji0Z4mNNIgOGX5qPi70RqHSUC1MkcUhnJ5nQTSI4VbGyK++TqAWg65ekd9PChzVLXGzRxu1R+W7lZiJS8gkCFqwC/z+KCKvTicgIa5pm0LiJDb/22vPyg8q6Qm2B08SIJQuqN4KLaJ4X6g/8AfN8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738825; c=relaxed/simple; bh=QCtkSjLWnfBnI8wObN2ozkvWfxp89TiXkwvv7ih34Nw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=MaNrVnt9hXjtIDX++d4BuoyKgT0YWnRqjOZIJAyf60515gbjnJ1Q2wXesPz8uDTGc4p/1yk0P0i/PPWYNBMKFmApGN/wioTIDYJYjDKpj0Dv9QTuvo2aW9GeDnmqwTiTYXLtGbgDmpKDef+zty8l6mvjsrWk7DPaaGNC6CLYjIg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=cU2PsoIC; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="cU2PsoIC" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 36BB3C19425; Tue, 17 Mar 2026 09:13:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773738825; bh=QCtkSjLWnfBnI8wObN2ozkvWfxp89TiXkwvv7ih34Nw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=cU2PsoICA7t/ah8ANqRg6hmecYhAmUqeUX3YxbLsAvMqGiDXG+moRjimjoWAEJQoE oJ3hwktYsnv4MmirerP2zy+bgX2l0lrVUjvVq4vFrllhRjeXwVTGKWk9DwS1brQN6k ubYUfx+0eS8R28zZcjqVS0o+iD/ELY5MXLdkusPJppCKmXfSX8HgL01k/DNWvNyd5H KxKZEUocE0kGOcbs7hYkhoPgJw5KPuZaEUKiX8/5Bn4KdkOPnp0mGM0FWn5McieKyt Z92mYUhX6l8z+VNd5hMp3EmOVO5FkD3CXT4ksPOvdczJaXSwkGRb45TGwz8FqwTEg3 h7g5cPOiSBGdQ== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v10 07/14] tls: disable device offload for MPTCP sockets Date: Tue, 17 Mar 2026 17:12:43 +0800 Message-ID: <5faecaef56eb3dc2809807a693dcf95be4516076.1773737371.git.tanggeliang@kylinos.cn> X-Mailer: git-send-email 2.53.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang MPTCP TLS hardware offload is not yet implemented. Return -EOPNOTSUPP when attempting to enable device offload on MPTCP sockets. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- net/tls/tls_device.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c index 99c8eff9783e..6744c2494740 100644 --- a/net/tls/tls_device.c +++ b/net/tls/tls_device.c @@ -1074,6 +1074,9 @@ int tls_set_device_offload(struct sock *sk) ctx =3D tls_get_ctx(sk); prot =3D &ctx->prot_info; =20 + if (sk->sk_protocol =3D=3D IPPROTO_MPTCP) + return -EOPNOTSUPP; + if (ctx->priv_ctx_tx) return -EEXIST; =20 @@ -1196,6 +1199,9 @@ int tls_set_device_offload_rx(struct sock *sk, struct= tls_context *ctx) struct net_device *netdev; int rc =3D 0; =20 + if (sk->sk_protocol =3D=3D IPPROTO_MPTCP) + return -EOPNOTSUPP; + if (ctx->crypto_recv.info.version !=3D TLS_1_2_VERSION) return -EOPNOTSUPP; =20 --=20 2.53.0 From nobody Sun Mar 22 08:25:57 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6E1752222C5 for ; Tue, 17 Mar 2026 09:13:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738827; cv=none; b=iFdVaxCu+FTECe5guJSFQU3J9yfW2TIj+/X0n9yG+22wvVTv1AZ4I3jNVWJTpBpULZaZJjjp7zRnsnOfdl7EuXz89hD4gMS9LPY7Z+v5wI2feHjxhG90+AnzvtfPRJY3n3sQWzOVlAzLzlaTmZGrlhZ2MnWxbEfUDu7M4zdsxbk= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738827; c=relaxed/simple; bh=Br96xUOeotLpe4KwgDWfp58kFiwJy9hqm5vdUL2bFyI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=eHdfZyOTLZwgGN/T/yWMVcQ5+iJABuFFd6DBezqZCM+dZ3yS5XAtAdZAPFH/YL7AOtmOtLyj4X5g7yMoUfg3unJ9Dz1ANjX6xugMvdhHAy6F74VVeiDg2Jqn7+j4X3KUwSEMMhlY9ZzYtxpON+Pac22b81Sre3zSA+Jb0dzquzs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=jwUgdLIJ; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="jwUgdLIJ" Received: by smtp.kernel.org (Postfix) with ESMTPSA id F4046C19425; Tue, 17 Mar 2026 09:13:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773738827; bh=Br96xUOeotLpe4KwgDWfp58kFiwJy9hqm5vdUL2bFyI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=jwUgdLIJFPtDiVrQoQD4y5NK6Iw4O+CkJPZfEaHlCWC+b8tSCgpdcpJ6xhoTio1ZP 0myIw+jbHHsYPKTuVkxtPMbfzp/5/mwZQxFKcJAtUNzZ0+fMQ9L+Qlw8yCEsYuLS0/ jd7wSTqWlG7vl/hnDNtWjdCBpr5ZDXoK71eK1WTao/KUfgbPSTtPBSKEKXVWhYwFHS EUDj8MgOj6q6081Z8BacaZPFB4pzc7HKFxtz9n8h8XT6h7W/a5Eo2Ttb0+FuIeGVnx 7nyR07vK5W4p1n4cyDnf6uNhQi6KAfnRaS6FNGfv1huRk0eZbbYj5z+sOhF/7xH2pi kyB7XVQqBfo2w== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v10 08/14] mptcp: update ULP getsockopt for TLS support Date: Tue, 17 Mar 2026 17:12:44 +0800 Message-ID: X-Mailer: git-send-email 2.53.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang This patch extracts TCP_ULP getsockopt operation into a tcp_sock_get_ulp() helper so that it can also be used in MPTCP. TCP_ULP was obtained by calling mptcp_getsockopt_first_sf_only() to get ULP of the first subflow. Now that the mechanism has changed, a new helper mptcp_getsockopt_tcp_ulp() is added to get ULP of msk. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- include/linux/tcp.h | 1 + net/ipv4/tcp.c | 36 ++++++++++++++++++++++-------------- net/mptcp/sockopt.c | 12 ++++++++++++ 3 files changed, 35 insertions(+), 14 deletions(-) diff --git a/include/linux/tcp.h b/include/linux/tcp.h index 6982f10e826b..2bb1cbd3eeab 100644 --- a/include/linux/tcp.h +++ b/include/linux/tcp.h @@ -653,6 +653,7 @@ void tcp_sock_set_quickack(struct sock *sk, int val); int tcp_sock_set_syncnt(struct sock *sk, int val); int tcp_sock_set_user_timeout(struct sock *sk, int val); int tcp_sock_set_maxseg(struct sock *sk, int val); +int tcp_sock_get_ulp(struct sock *sk, sockptr_t optval, sockptr_t optlen); =20 static inline bool dst_tcp_usec_ts(const struct dst_entry *dst) { diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c index 23a35201a05a..55d8fb848842 100644 --- a/net/ipv4/tcp.c +++ b/net/ipv4/tcp.c @@ -4495,6 +4495,27 @@ struct sk_buff *tcp_get_timestamping_opt_stats(const= struct sock *sk, return stats; } =20 +int tcp_sock_get_ulp(struct sock *sk, sockptr_t optval, sockptr_t optlen) +{ + struct inet_connection_sock *icsk =3D inet_csk(sk); + int len; + + if (copy_from_sockptr(&len, optlen, sizeof(int))) + return -EFAULT; + len =3D min_t(unsigned int, len, TCP_ULP_NAME_MAX); + if (!icsk->icsk_ulp_ops) { + len =3D 0; + if (copy_to_sockptr(optlen, &len, sizeof(int))) + return -EFAULT; + return 0; + } + if (copy_to_sockptr(optlen, &len, sizeof(int))) + return -EFAULT; + if (copy_to_sockptr(optval, icsk->icsk_ulp_ops->name, len)) + return -EFAULT; + return 0; +} + int do_tcp_getsockopt(struct sock *sk, int level, int optname, sockptr_t optval, sockptr_t optlen) { @@ -4604,20 +4625,7 @@ int do_tcp_getsockopt(struct sock *sk, int level, return 0; =20 case TCP_ULP: - if (copy_from_sockptr(&len, optlen, sizeof(int))) - return -EFAULT; - len =3D min_t(unsigned int, len, TCP_ULP_NAME_MAX); - if (!icsk->icsk_ulp_ops) { - len =3D 0; - if (copy_to_sockptr(optlen, &len, sizeof(int))) - return -EFAULT; - return 0; - } - if (copy_to_sockptr(optlen, &len, sizeof(int))) - return -EFAULT; - if (copy_to_sockptr(optval, icsk->icsk_ulp_ops->name, len)) - return -EFAULT; - return 0; + return tcp_sock_get_ulp(sk, optval, optlen); =20 case TCP_FASTOPEN_KEY: { u64 key[TCP_FASTOPEN_KEY_BUF_LENGTH / sizeof(u64)]; diff --git a/net/mptcp/sockopt.c b/net/mptcp/sockopt.c index de90a2897d2d..a6230f7910fd 100644 --- a/net/mptcp/sockopt.c +++ b/net/mptcp/sockopt.c @@ -1393,6 +1393,17 @@ static int mptcp_put_int_option(struct mptcp_sock *m= sk, char __user *optval, return 0; } =20 +static int mptcp_getsockopt_tcp_ulp(struct sock *sk, char __user *optval, + int __user *optlen) +{ + int ret; + + lock_sock(sk); + ret =3D tcp_sock_get_ulp(sk, USER_SOCKPTR(optval), USER_SOCKPTR(optlen)); + release_sock(sk); + return ret; +} + static int mptcp_getsockopt_sol_tcp(struct mptcp_sock *msk, int optname, char __user *optval, int __user *optlen) { @@ -1400,6 +1411,7 @@ static int mptcp_getsockopt_sol_tcp(struct mptcp_sock= *msk, int optname, =20 switch (optname) { case TCP_ULP: + return mptcp_getsockopt_tcp_ulp(sk, optval, optlen); case TCP_CONGESTION: case TCP_INFO: case TCP_CC_INFO: --=20 2.53.0 From nobody Sun Mar 22 08:25:57 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 921C835B138 for ; Tue, 17 Mar 2026 09:13:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738828; cv=none; b=C5x42dmD9f6rGZ8ml70D+ztE1TZjR2s45s6NtzWmP42O+8Cd71Gk8eyYllr3ATJdF7fHDClm7ANJ+Eprg8TdF7Z7+JwquuPS0O8AwVi1EVEXAAALpcDWBZ6RTFloJWIJRcd2bt7xAG4PdMNgX4wIJbAVXEwascDZdlDWRbt8q+o= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738828; c=relaxed/simple; bh=+0BOLVFV8WRz9YaB5apP5PLt30g76/hz+1Ru+LI4UNk=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ne/Z2CKHC6EjV7z2KI0ddJLtOsmRKxOLe/9F38lEIwOuFSD/dOELFnZzwjIRoR6J8SLkWiNNV+Eiw7mEqGYXZ3UT43t++T2EmufMcsM45GAvXWs/d7hHPZiS6MeUNqFHS760g6mDm3BquOIFDJ+t9nK4yV91kU6QZlOaIRxwEt4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=ulbz+hKU; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="ulbz+hKU" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 83400C4CEF7; Tue, 17 Mar 2026 09:13:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773738828; bh=+0BOLVFV8WRz9YaB5apP5PLt30g76/hz+1Ru+LI4UNk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=ulbz+hKUHCumrQpD6UddTnMRBOXvWlLFQbZ6hm2GY1823I2xx3B8jaUjTQWzg42bS ktUvq22LWF41TavrwF/vxYq6FFphjfn/I7LhO1IvTiorf6xSXohS7/Gs+eycsPgKoo +Z8QFeWUiwSwZTM83U4fQOjoa9qFXEHIdPW9S3lu+kRM+ZjkqYY8sWjngD2ggJclLJ j6FNI3FgJOqiE5BKZjkQaadaD8DtoTkMQvvUPqOQGvOLDWw0xXmQ3HX/Fq6iYiQANz nsxxrYI5m6auRgGYOyRv08ruDTOmyBAH1CLJ+7P29Fmr7QgqyfwF8AVqCGfiWhuo4G 7vp9tHp9d4FDQ== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v10 09/14] mptcp: enable ULP setsockopt for TLS support Date: Tue, 17 Mar 2026 17:12:45 +0800 Message-ID: <353ae2f0052d54a8bb1a1a46bb7f29ebf8ff23f1.1773737371.git.tanggeliang@kylinos.cn> X-Mailer: git-send-email 2.53.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang This patch extracts TCP_ULP setsockopt operation into a tcp_sock_set_ulp() helper so that it can also be used in MPTCP. Add MPTCP ULP setsockopt support in mptcp_setsockopt_sol_tcp(). This option cannot be set when the socket is in CLOSE or LISTEN state. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- include/linux/tcp.h | 1 + net/ipv4/tcp.c | 42 ++++++++++++++++++++++++------------------ net/mptcp/sockopt.c | 27 ++++++++++++++++++++++++++- 3 files changed, 51 insertions(+), 19 deletions(-) diff --git a/include/linux/tcp.h b/include/linux/tcp.h index 2bb1cbd3eeab..00538b1aa2f0 100644 --- a/include/linux/tcp.h +++ b/include/linux/tcp.h @@ -654,6 +654,7 @@ int tcp_sock_set_syncnt(struct sock *sk, int val); int tcp_sock_set_user_timeout(struct sock *sk, int val); int tcp_sock_set_maxseg(struct sock *sk, int val); int tcp_sock_get_ulp(struct sock *sk, sockptr_t optval, sockptr_t optlen); +int tcp_sock_set_ulp(struct sock *sk, sockptr_t optval, unsigned int optle= n); =20 static inline bool dst_tcp_usec_ts(const struct dst_entry *dst) { diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c index 55d8fb848842..8ebd2402847e 100644 --- a/net/ipv4/tcp.c +++ b/net/ipv4/tcp.c @@ -3858,6 +3858,28 @@ int tcp_sock_set_maxseg(struct sock *sk, int val) return 0; } =20 +int tcp_sock_set_ulp(struct sock *sk, sockptr_t optval, unsigned int optle= n) +{ + char name[TCP_ULP_NAME_MAX]; + int err =3D 0; + size_t len; + int val; + + if (optlen < 1) + return -EINVAL; + + len =3D min_t(long, TCP_ULP_NAME_MAX - 1, optlen); + val =3D strncpy_from_sockptr(name, optval, len); + if (val < 0) + return -EFAULT; + name[val] =3D 0; + + sockopt_lock_sock(sk); + err =3D tcp_set_ulp(sk, name); + sockopt_release_sock(sk); + return err; +} + /* * Socket option code for TCP. */ @@ -3891,24 +3913,8 @@ int do_tcp_setsockopt(struct sock *sk, int level, in= t optname, sockopt_release_sock(sk); return err; } - case TCP_ULP: { - char name[TCP_ULP_NAME_MAX]; - - if (optlen < 1) - return -EINVAL; - - val =3D strncpy_from_sockptr(name, optval, - min_t(long, TCP_ULP_NAME_MAX - 1, - optlen)); - if (val < 0) - return -EFAULT; - name[val] =3D 0; - - sockopt_lock_sock(sk); - err =3D tcp_set_ulp(sk, name); - sockopt_release_sock(sk); - return err; - } + case TCP_ULP: + return tcp_sock_set_ulp(sk, optval, optlen); case TCP_FASTOPEN_KEY: { __u8 key[TCP_FASTOPEN_KEY_BUF_LENGTH]; __u8 *backup_key =3D NULL; diff --git a/net/mptcp/sockopt.c b/net/mptcp/sockopt.c index a6230f7910fd..d04eb98aaa32 100644 --- a/net/mptcp/sockopt.c +++ b/net/mptcp/sockopt.c @@ -12,6 +12,7 @@ #include #include #include +#include #include "protocol.h" =20 #define MIN_INFO_OPTLEN_SIZE 16 @@ -567,6 +568,7 @@ static bool mptcp_supported_sockopt(int level, int optn= ame) case TCP_FASTOPEN_CONNECT: case TCP_FASTOPEN_KEY: case TCP_FASTOPEN_NO_COOKIE: + case TCP_ULP: return true; } =20 @@ -815,6 +817,29 @@ static int mptcp_setsockopt_all_sf(struct mptcp_sock *= msk, int level, return ret; } =20 +static int mptcp_setsockopt_tcp_ulp(struct sock *sk, sockptr_t optval, + unsigned int optlen) +{ + char name[TCP_ULP_NAME_MAX]; + size_t len; + int val; + + if (optlen < 1) + return -EINVAL; + + len =3D min_t(long, TCP_ULP_NAME_MAX - 1, optlen); + val =3D strncpy_from_sockptr(name, optval, len); + if (val < 0) + return -EFAULT; + name[val] =3D 0; + + if (strcmp(name, "tls\0")) + return -EOPNOTSUPP; + if ((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN)) + return -ENOTCONN; + return tcp_sock_set_ulp(sk, optval, optlen); +} + static int mptcp_setsockopt_sol_tcp(struct mptcp_sock *msk, int optname, sockptr_t optval, unsigned int optlen) { @@ -823,7 +848,7 @@ static int mptcp_setsockopt_sol_tcp(struct mptcp_sock *= msk, int optname, =20 switch (optname) { case TCP_ULP: - return -EOPNOTSUPP; + return mptcp_setsockopt_tcp_ulp(sk, optval, optlen); case TCP_CONGESTION: return mptcp_setsockopt_sol_tcp_congestion(msk, optval, optlen); case TCP_DEFER_ACCEPT: --=20 2.53.0 From nobody Sun Mar 22 08:25:57 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4D8862222C5 for ; Tue, 17 Mar 2026 09:13:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738830; cv=none; b=cLFtUCetExixQroRLINkClogCtICOOe+v3SWEBtjXBO2jgJkXbR4eKgkvIrLG4HyP2dhdJiBYoARwm6KgNgVfPK+qvWqA6JUR85I2Hw2MlrYN6DU1DRaiqUPg7I1jZrqr16pvTOqRGo6tXAkDd6Je2mXqdIi1xy3qd4p4j1ZCpg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738830; c=relaxed/simple; bh=/LebqvnknnL06basaKBFF0yShgEpaL6raWlnbLgcSj8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=Ts0g/HEgh0xev0DaAGeB8MyTxJoOBRldLXLJ5ahkDicGtx1QGR4rz9BWw8YcyLzsbi1xxABursvrr57Ov+Qxs/tzjEn7cGMAs/WormYGNrF9ZcLLqg7ONnXx/IaMjyCnoxpWXFl5mgUBpitA2GF0snBmrbJ1NGhtNeC7MwFh6Lc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=sWbG4r8G; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="sWbG4r8G" Received: by smtp.kernel.org (Postfix) with ESMTPSA id EC901C19425; Tue, 17 Mar 2026 09:13:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773738829; bh=/LebqvnknnL06basaKBFF0yShgEpaL6raWlnbLgcSj8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=sWbG4r8GWzrH+nR464Jzkf2vrD8ELnDD3SNApWycjQRl69lPJchGt79+pcXr60C93 ETQuYTRzBIp3KWEGcofJkzRYHUAy2XvXcXw6tSn/50v0xkHaTwnNAYFnD7IWLMOqjO t1vj3//bYLbF/W86EJ5QgP+P3lU3h2+TIRQFz5DVH/bf6Zg0QJZdgvcQN/kVBNxZhZ ajkqZTkfdmbhhr0UOhEIrtBiQUCXT1fOSUmgarejgBOgj7LRzn9PazdcY3F/MQrc5r S2eGfoMWYX55enEETtEjMJZYmw6g12iCOPjxJY3PSgBR9+iVHg+sCm8FuO4xo8eRsf iZDOWSPRyppXg== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v10 10/14] selftests: mptcp: connect: use espintcp for ULP test Date: Tue, 17 Mar 2026 17:12:46 +0800 Message-ID: X-Mailer: git-send-email 2.53.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang With KTLS being implemented, "tls" should no longer be used in sock_test_tcpulp(), it breaks mptcp_connect.sh tests. Another ULP name, "espintcp", is set instead in this patch. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- tools/testing/selftests/net/mptcp/config | 1 + tools/testing/selftests/net/mptcp/mptcp_connect.c | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/net/mptcp/config b/tools/testing/selft= ests/net/mptcp/config index 59051ee2a986..18bd29ac5b24 100644 --- a/tools/testing/selftests/net/mptcp/config +++ b/tools/testing/selftests/net/mptcp/config @@ -34,3 +34,4 @@ CONFIG_NFT_SOCKET=3Dm CONFIG_NFT_TPROXY=3Dm CONFIG_SYN_COOKIES=3Dy CONFIG_VETH=3Dy +CONFIG_TLS=3Dy diff --git a/tools/testing/selftests/net/mptcp/mptcp_connect.c b/tools/test= ing/selftests/net/mptcp/mptcp_connect.c index cbe573c4ab3a..0d4a944c4269 100644 --- a/tools/testing/selftests/net/mptcp/mptcp_connect.c +++ b/tools/testing/selftests/net/mptcp/mptcp_connect.c @@ -289,7 +289,7 @@ static void sock_test_tcpulp(int sock, int proto, unsig= ned int line) if (ret =3D=3D 0) X("setsockopt"); } else if (proto =3D=3D IPPROTO_MPTCP) { - ret =3D do_ulp_so(sock, "tls"); + ret =3D do_ulp_so(sock, "espintcp"); if (ret !=3D -1) X("setsockopt"); } --=20 2.53.0 From nobody Sun Mar 22 08:25:57 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A773435C1B6 for ; Tue, 17 Mar 2026 09:13:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738831; cv=none; b=HiogSezpOeOu4xEu+SthCDXdkt0jrOHZDs5NcQuaAqhtMO94K90dP+P6JKC0Ym2+gsGteaiDPtzgZshaFEGhmuKr7GdxGJQC2eqlV5NR//sNQnq5vzDsn0gsgJAyAhgdj3Bc9qPCQErsK/GmmNAD7ZjHZaY70hR2CgYPsMVqguo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738831; c=relaxed/simple; bh=Ws6RugjMpk0QczTIYqDOQId6ELUadNjUojJMRPqKSWw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=cqeO5+8TcyIeHIin8X8KHKMnx4vrOo0CJWku8D7HCoIYzywVthNgKqRJVFEcyEHbrMNAtMZst3rouePx7FSbt+Jkuvs31C8E2adOBv4X9G257VZ2nq5tADK2jOAdtKJcOiL+CqzOvHnInkdRNdehj8gCepqGg9xq5+friiTeD8Q= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=mKW976fg; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="mKW976fg" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 61DC4C2BC9E; Tue, 17 Mar 2026 09:13:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773738831; bh=Ws6RugjMpk0QczTIYqDOQId6ELUadNjUojJMRPqKSWw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=mKW976fgsGw4RKfLRCVYL15cICuxxFiJPS8HHLqDXw2x1MJz8SE5toKrCDeeJhfGM otuHluFLpL9ggnc/1fqpwFHJ5dYWcXJ5xPz6Kn7O/Rex+lhnf34n0LtCfAVv5LTQUr CILY8O40ULsB8bUbOvItVPtpjujC9IhUyh8xPQgXA6LN3bjdddQuAoIDOXK7jiBJn8 7OlgjwAuEQ2aBf3QI64wOCpBqPMElT51muPQKe0VrVJ7dDnvb3seuNcwkgw/kldQxv u9kX7E9iD10r5+BWZiUiUWQoUXdeAKV5mMus8nChQOcHP3JUY6nMfcZPlkxBwEcFs/ pcv4QCnHAYy5g== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v10 11/14] selftests: tls: add MPTCP variants for testing Date: Tue, 17 Mar 2026 17:12:47 +0800 Message-ID: <6c3d13576a6ad7b201e30e20174871f04270edb6.1773737371.git.tanggeliang@kylinos.cn> X-Mailer: git-send-email 2.53.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang To enable easy MPTCP socket creation in MPTCP TLS tests, two protocol parameters (cli_proto and srv_proto) have been added to ulp_sock_pair(). These are passed as third arguments of socket(): 0 creates TCP sockets, IPPROTO_MPTCP creates MPTCP sockets. New variants "mptcp" are added both in FIXTURE_VARIANT(tls) and FIXTURE(tls_err) to control whether to create MPTCP sockets or not for tests. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- tools/testing/selftests/net/tls.c | 37 +++++++++++++++++++++---------- 1 file changed, 25 insertions(+), 12 deletions(-) diff --git a/tools/testing/selftests/net/tls.c b/tools/testing/selftests/ne= t/tls.c index 9e2ccea13d70..539a2bbea103 100644 --- a/tools/testing/selftests/net/tls.c +++ b/tools/testing/selftests/net/tls.c @@ -26,6 +26,10 @@ #define TLS_PAYLOAD_MAX_LEN 16384 #define SOL_TLS 282 =20 +#ifndef IPPROTO_MPTCP +#define IPPROTO_MPTCP 262 +#endif + static int fips_enabled; =20 struct tls_crypto_info_keys { @@ -109,7 +113,8 @@ static void memrnd(void *s, size_t n) } =20 static void ulp_sock_pair(struct __test_metadata *_metadata, - int *fd, int *cfd, bool *notls) + int *fd, int *cfd, bool *notls, + int cli_proto, int srv_proto) { struct sockaddr_in addr; socklen_t len; @@ -122,8 +127,8 @@ static void ulp_sock_pair(struct __test_metadata *_meta= data, addr.sin_addr.s_addr =3D htonl(INADDR_ANY); addr.sin_port =3D 0; =20 - *fd =3D socket(AF_INET, SOCK_STREAM, 0); - sfd =3D socket(AF_INET, SOCK_STREAM, 0); + *fd =3D socket(AF_INET, SOCK_STREAM, cli_proto); + sfd =3D socket(AF_INET, SOCK_STREAM, srv_proto); =20 ret =3D bind(sfd, &addr, sizeof(addr)); ASSERT_EQ(ret, 0); @@ -232,7 +237,7 @@ FIXTURE(tls_basic) =20 FIXTURE_SETUP(tls_basic) { - ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls); + ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls, 0, 0); } =20 FIXTURE_TEARDOWN(tls_basic) @@ -310,6 +315,7 @@ FIXTURE_VARIANT(tls) uint16_t tls_version; uint16_t cipher_type; bool nopad, fips_non_compliant; + bool mptcp; }; =20 FIXTURE_VARIANT_ADD(tls, 12_aes_gcm) @@ -407,7 +413,9 @@ FIXTURE_SETUP(tls) tls_crypto_info_init(variant->tls_version, variant->cipher_type, &tls12, 0); =20 - ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls); + ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls, + variant->mptcp ? IPPROTO_MPTCP : 0, + variant->mptcp ? IPPROTO_MPTCP : 0); =20 if (self->notls) return; @@ -2473,7 +2481,7 @@ FIXTURE_SETUP(zero_len) tls_crypto_info_init(TLS_1_2_VERSION, TLS_CIPHER_AES_CCM_128, &tls12, 0); =20 - ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls); + ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls, 0, 0); if (self->notls) return; =20 @@ -2534,6 +2542,7 @@ FIXTURE(tls_err) FIXTURE_VARIANT(tls_err) { uint16_t tls_version; + bool mptcp; }; =20 FIXTURE_VARIANT_ADD(tls_err, 12_aes_gcm) @@ -2554,8 +2563,12 @@ FIXTURE_SETUP(tls_err) tls_crypto_info_init(variant->tls_version, TLS_CIPHER_AES_GCM_128, &tls12, 0); =20 - ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls); - ulp_sock_pair(_metadata, &self->fd2, &self->cfd2, &self->notls); + ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls, + variant->mptcp ? IPPROTO_MPTCP : 0, + variant->mptcp ? IPPROTO_MPTCP : 0); + ulp_sock_pair(_metadata, &self->fd2, &self->cfd2, &self->notls, + variant->mptcp ? IPPROTO_MPTCP : 0, + variant->mptcp ? IPPROTO_MPTCP : 0); if (self->notls) return; =20 @@ -2906,7 +2919,7 @@ TEST(tls_12_tx_max_payload_len) tls_crypto_info_init(TLS_1_2_VERSION, TLS_CIPHER_AES_CCM_128, &tls12, 0); =20 - ulp_sock_pair(_metadata, &fd, &cfd, ¬ls); + ulp_sock_pair(_metadata, &fd, &cfd, ¬ls, 0, 0); =20 if (notls) exit(KSFT_SKIP); @@ -2955,7 +2968,7 @@ TEST(tls_12_tx_max_payload_len_open_rec) tls_crypto_info_init(TLS_1_2_VERSION, TLS_CIPHER_AES_CCM_128, &tls12, 0); =20 - ulp_sock_pair(_metadata, &fd, &cfd, ¬ls); + ulp_sock_pair(_metadata, &fd, &cfd, ¬ls, 0, 0); =20 if (notls) exit(KSFT_SKIP); @@ -3058,7 +3071,7 @@ TEST(keysizes) { tls12.info.version =3D TLS_1_2_VERSION; tls12.info.cipher_type =3D TLS_CIPHER_AES_GCM_256; =20 - ulp_sock_pair(_metadata, &fd, &cfd, ¬ls); + ulp_sock_pair(_metadata, &fd, &cfd, ¬ls, 0, 0); =20 if (!notls) { ret =3D setsockopt(fd, SOL_TLS, TLS_TX, &tls12, @@ -3084,7 +3097,7 @@ TEST(no_pad) { tls12.info.version =3D TLS_1_3_VERSION; tls12.info.cipher_type =3D TLS_CIPHER_AES_GCM_256; =20 - ulp_sock_pair(_metadata, &fd, &cfd, ¬ls); + ulp_sock_pair(_metadata, &fd, &cfd, ¬ls, 0, 0); =20 if (notls) exit(KSFT_SKIP); --=20 2.53.0 From nobody Sun Mar 22 08:25:57 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3111F35836F for ; Tue, 17 Mar 2026 09:13:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738833; cv=none; b=TGPRsnZr3oxVaJAEt9lLdO/ZlXOHMOsj78F2LJrVlyA0vXT95nkUt4yTieHK+TcFQ/lXO9Xz6ANlz/WHy831m+zWzFPOl72hpe5CQHwSkiUsvV0J2La0nw0uDyRqSrF5DkIKLp52aYAPsugJxJvYBblDnZ11EBS7mHLq+IP+CqA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738833; c=relaxed/simple; bh=wz2TPddIX2ais3ZwMSM2O0EVMElNivilhxtgca2EIvE=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=j2k88xNdmRCKjRGl9qLRy/+bXA0MgXQs6tL6ShqQhHwmpUTnsl4n7nvWVnrhxb6zBYCIidQkKiBzqUYeRlQT09dkUPtCvz3V8k+69y4ooiwhLmm2KEHnbgdXciKW3xumtyXkugm67dNJL0OJmlB9nK/cLKVbPpZ9wQ3RmO9LnJA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=lD4pxD4u; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="lD4pxD4u" Received: by smtp.kernel.org (Postfix) with ESMTPSA id DE4B9C4CEF7; Tue, 17 Mar 2026 09:13:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773738833; bh=wz2TPddIX2ais3ZwMSM2O0EVMElNivilhxtgca2EIvE=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=lD4pxD4uAnoUNs0v4OmnhQqK8EpxI2Wf9CRrYb+pBJffP255FdDZnbNqd2OS9nGa2 BXu9X9laqgyCjWUkChhp34/B13HCteh2e8qnqov0/agJX5h+E/fQs+fElC9smFEeMt u9LDjCIP1fqfCHZQwAvcpac+2KZyIua4Dfpt3XxK7sglJLzl3O3mp5y0L0WYfSH86f 2IvoBhPn+wZahyE4jirB7ZnPEpPVmhjBzaX83r8ok60JCAetPv6StE0HTkV7S/OnNM vGmMrHzzTtkZiOh/ELSej7JTgTW5/HFryTf2LwUHv/0bxrasvFMdnC0/zsqYgN68jU PZurt0+s7f7iQ== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v10 12/14] selftests: tls: adjust timeouts and data for MPTCP Date: Tue, 17 Mar 2026 17:12:48 +0800 Message-ID: X-Mailer: git-send-email 2.53.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang MPTCP requires longer timeouts in poll/epoll tests due to subflow establishment delays and slower state transitions. Increase timeout values to prevent false failures. Double the data size in nonblocking test to accommodate MPTCP's multi-subflow behavior and ensure sufficient data for testing. In shutdown_reuse tests, add a delay after shutdown to ensure sockets transition to TCPF_CLOSE before bind() reuse. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- tools/testing/selftests/net/tls.c | 30 ++++++++++++++++++++---------- 1 file changed, 20 insertions(+), 10 deletions(-) diff --git a/tools/testing/selftests/net/tls.c b/tools/testing/selftests/ne= t/tls.c index 539a2bbea103..24ed6deb40fd 100644 --- a/tools/testing/selftests/net/tls.c +++ b/tools/testing/selftests/net/tls.c @@ -1293,6 +1293,7 @@ TEST_F(tls, bidir) =20 TEST_F(tls, pollin) { + int timeout =3D variant->mptcp ? 100 : 20; char const *test_str =3D "test_poll"; struct pollfd fd =3D { 0, 0, 0 }; char buf[10]; @@ -1302,11 +1303,11 @@ TEST_F(tls, pollin) fd.fd =3D self->cfd; fd.events =3D POLLIN; =20 - EXPECT_EQ(poll(&fd, 1, 20), 1); + EXPECT_EQ(poll(&fd, 1, timeout), 1); EXPECT_EQ(fd.revents & POLLIN, 1); EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); /* Test timing out */ - EXPECT_EQ(poll(&fd, 1, 20), 0); + EXPECT_EQ(poll(&fd, 1, timeout), 0); } =20 TEST_F(tls, poll_wait) @@ -1398,6 +1399,9 @@ TEST_F(tls, nonblocking) int flags; int res; =20 + if (variant->mptcp) + data *=3D 2; + flags =3D fcntl(self->fd, F_GETFL, 0); fcntl(self->fd, F_SETFL, flags | O_NONBLOCK); fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK); @@ -1677,6 +1681,9 @@ TEST_F(tls, shutdown_reuse) shutdown(self->cfd, SHUT_RDWR); close(self->cfd); =20 + if (variant->mptcp) + usleep(500000); + addr.sin_family =3D AF_INET; addr.sin_addr.s_addr =3D htonl(INADDR_ANY); addr.sin_port =3D 0; @@ -2725,6 +2732,7 @@ TEST_F(tls_err, timeo) =20 TEST_F(tls_err, poll_partial_rec) { + int timeout =3D variant->mptcp ? 100 : 1; struct pollfd pfd =3D { }; ssize_t rec_len; char rec[256]; @@ -2735,7 +2743,7 @@ TEST_F(tls_err, poll_partial_rec) =20 pfd.fd =3D self->cfd2; pfd.events =3D POLLIN; - EXPECT_EQ(poll(&pfd, 1, 1), 0); + EXPECT_EQ(poll(&pfd, 1, timeout), 0); =20 memrnd(buf, sizeof(buf)); EXPECT_EQ(send(self->fd, buf, sizeof(buf), 0), sizeof(buf)); @@ -2747,18 +2755,19 @@ TEST_F(tls_err, poll_partial_rec) /* ... no full record should mean no POLLIN */ pfd.fd =3D self->cfd2; pfd.events =3D POLLIN; - EXPECT_EQ(poll(&pfd, 1, 1), 0); + EXPECT_EQ(poll(&pfd, 1, timeout), 0); /* Now write the rest, and it should all pop out of the other end. */ EXPECT_EQ(send(self->fd2, rec + 100, rec_len - 100, 0), rec_len - 100); pfd.fd =3D self->cfd2; pfd.events =3D POLLIN; - EXPECT_EQ(poll(&pfd, 1, 1), 1); + EXPECT_EQ(poll(&pfd, 1, timeout), 1); EXPECT_EQ(recv(self->cfd2, rec, sizeof(rec), 0), sizeof(buf)); EXPECT_EQ(memcmp(buf, rec, sizeof(buf)), 0); } =20 TEST_F(tls_err, epoll_partial_rec) { + int timeout =3D variant->mptcp ? 100 : 0; struct epoll_event ev, events[10]; ssize_t rec_len; char rec[256]; @@ -2776,7 +2785,7 @@ TEST_F(tls_err, epoll_partial_rec) ev.data.fd =3D self->cfd2; ASSERT_GE(epoll_ctl(epollfd, EPOLL_CTL_ADD, self->cfd2, &ev), 0); =20 - EXPECT_EQ(epoll_wait(epollfd, events, 10, 0), 0); + EXPECT_EQ(epoll_wait(epollfd, events, 10, timeout), 0); =20 memrnd(buf, sizeof(buf)); EXPECT_EQ(send(self->fd, buf, sizeof(buf), 0), sizeof(buf)); @@ -2786,10 +2795,10 @@ TEST_F(tls_err, epoll_partial_rec) /* Write 100B, not the full record ... */ EXPECT_EQ(send(self->fd2, rec, 100, 0), 100); /* ... no full record should mean no POLLIN */ - EXPECT_EQ(epoll_wait(epollfd, events, 10, 0), 0); + EXPECT_EQ(epoll_wait(epollfd, events, 10, timeout), 0); /* Now write the rest, and it should all pop out of the other end. */ EXPECT_EQ(send(self->fd2, rec + 100, rec_len - 100, 0), rec_len - 100); - EXPECT_EQ(epoll_wait(epollfd, events, 10, 0), 1); + EXPECT_EQ(epoll_wait(epollfd, events, 10, timeout), 1); EXPECT_EQ(recv(self->cfd2, rec, sizeof(rec), 0), sizeof(buf)); EXPECT_EQ(memcmp(buf, rec, sizeof(buf)), 0); =20 @@ -2798,6 +2807,7 @@ TEST_F(tls_err, epoll_partial_rec) =20 TEST_F(tls_err, poll_partial_rec_async) { + int timeout =3D variant->mptcp ? 100 : 20; struct pollfd pfd =3D { }; char token =3D '\0'; ssize_t rec_len; @@ -2841,13 +2851,13 @@ TEST_F(tls_err, poll_partial_rec_async) /* Child should sleep in poll(), never get a wake */ pfd.fd =3D self->cfd2; pfd.events =3D POLLIN; - EXPECT_EQ(poll(&pfd, 1, 20), 0); + EXPECT_EQ(poll(&pfd, 1, timeout), 0); =20 EXPECT_EQ(write(p[1], &token, 1), 1); /* Barrier #1 */ =20 pfd.fd =3D self->cfd2; pfd.events =3D POLLIN; - EXPECT_EQ(poll(&pfd, 1, 20), 1); + EXPECT_EQ(poll(&pfd, 1, timeout), 1); =20 exit(!__test_passed(_metadata)); } --=20 2.53.0 From nobody Sun Mar 22 08:25:57 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9A29B2222C5 for ; Tue, 17 Mar 2026 09:13:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738834; cv=none; b=uvz5fWGgvb59/jHo+rRJjDwUtSlH7LxWT8swszOS9RtzknBIipYKsv9C6vxE8p0pX3Vxl9rUyRScm/Ec3mVgOgHSC8O8cBfRLapEzNDmdSJ6N9X2zZWOLUdC1w8ow/SwQjMWe77RYV5WinbIiXB+yZ5GOGpBGCey6RMdOvdzNZc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738834; c=relaxed/simple; bh=DAhqmes8lq4I5kESvCZxK9ljYODHdIOoyPCk7ez2J1w=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=tqqy4jEyYysSWZnCb38EEOLp0uLum8bk7PxrvtC4DSfqq56yNpm0DF1sBQgXoVAOjp/gwMyROXmQQPrnd7g8N1CfrvdkOM4PykxneQrFTYl/mnMZFfIRxd2Bfg+R6GhMrnmb4bFy64rvLiKYQj0XjvhTLdG+AAShcYyARV11qJA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=hYO/k69J; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="hYO/k69J" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 8B5A5C4CEF7; Tue, 17 Mar 2026 09:13:53 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773738834; bh=DAhqmes8lq4I5kESvCZxK9ljYODHdIOoyPCk7ez2J1w=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=hYO/k69JNZ34uK5l4sHGS8m+WwVsLTyu5dl/FhbASY+y9jG7Ild8nwR9StuxFtTUA x/phFSLMSUmHl96b/gA5Dkj0ZBw5WS1HNDwVFF3Ot8Jz36GQ9DteKyZ+IbAy2qddg1 MhFM/H/9m40HNpTFizGrG/Vuo/8FwSKMSw1msYj4lKA8EIqOJ/9NU1DcJNNmsI2AHn bgAT2GBqzkUceG49BqCf8hsr7tEzmNcBZV0UoPjRkdfSjhNp09b3LKn3YAZzzN4G/k LKlQMxsgmrpqTnCnV4G5w/ZzMxJmu3IW0J6LF9mtaMhYXH8jPmCMM0vDcqSE+demy6 zXoztsgigurog== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v10 13/14] selftests: tls: add MPTCP test cases Date: Tue, 17 Mar 2026 17:12:49 +0800 Message-ID: X-Mailer: git-send-email 2.53.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang This patch introduces MPTCP test cases for the TLS fixture. These "mptcp" variants are configured to create MPTCP sockets specifically for MPTCP TLS testing purposes. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- tools/testing/selftests/net/tls.c | 108 ++++++++++++++++++++++++++++++ 1 file changed, 108 insertions(+) diff --git a/tools/testing/selftests/net/tls.c b/tools/testing/selftests/ne= t/tls.c index 24ed6deb40fd..b50dd855e407 100644 --- a/tools/testing/selftests/net/tls.c +++ b/tools/testing/selftests/net/tls.c @@ -401,6 +401,102 @@ FIXTURE_VARIANT_ADD(tls, 12_aria_gcm_256) .cipher_type =3D TLS_CIPHER_ARIA_GCM_256, }; =20 +FIXTURE_VARIANT_ADD(tls, 12_aes_gcm_mptcp) +{ + .tls_version =3D TLS_1_2_VERSION, + .cipher_type =3D TLS_CIPHER_AES_GCM_128, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 13_aes_gcm_mptcp) +{ + .tls_version =3D TLS_1_3_VERSION, + .cipher_type =3D TLS_CIPHER_AES_GCM_128, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 12_chacha_mptcp) +{ + .tls_version =3D TLS_1_2_VERSION, + .cipher_type =3D TLS_CIPHER_CHACHA20_POLY1305, + .fips_non_compliant =3D true, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 13_chacha_mptcp) +{ + .tls_version =3D TLS_1_3_VERSION, + .cipher_type =3D TLS_CIPHER_CHACHA20_POLY1305, + .fips_non_compliant =3D true, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 13_sm4_gcm_mptcp) +{ + .tls_version =3D TLS_1_3_VERSION, + .cipher_type =3D TLS_CIPHER_SM4_GCM, + .fips_non_compliant =3D true, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 13_sm4_ccm_mptcp) +{ + .tls_version =3D TLS_1_3_VERSION, + .cipher_type =3D TLS_CIPHER_SM4_CCM, + .fips_non_compliant =3D true, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 12_aes_ccm_mptcp) +{ + .tls_version =3D TLS_1_2_VERSION, + .cipher_type =3D TLS_CIPHER_AES_CCM_128, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 13_aes_ccm_mptcp) +{ + .tls_version =3D TLS_1_3_VERSION, + .cipher_type =3D TLS_CIPHER_AES_CCM_128, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 12_aes_gcm_256_mptcp) +{ + .tls_version =3D TLS_1_2_VERSION, + .cipher_type =3D TLS_CIPHER_AES_GCM_256, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 13_aes_gcm_256_mptcp) +{ + .tls_version =3D TLS_1_3_VERSION, + .cipher_type =3D TLS_CIPHER_AES_GCM_256, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 13_nopad_mptcp) +{ + .tls_version =3D TLS_1_3_VERSION, + .cipher_type =3D TLS_CIPHER_AES_GCM_128, + .nopad =3D true, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 12_aria_gcm_mptcp) +{ + .tls_version =3D TLS_1_2_VERSION, + .cipher_type =3D TLS_CIPHER_ARIA_GCM_128, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 12_aria_gcm_256_mptcp) +{ + .tls_version =3D TLS_1_2_VERSION, + .cipher_type =3D TLS_CIPHER_ARIA_GCM_256, + .mptcp =3D true, +}; + FIXTURE_SETUP(tls) { struct tls_crypto_info_keys tls12; @@ -2562,6 +2658,18 @@ FIXTURE_VARIANT_ADD(tls_err, 13_aes_gcm) .tls_version =3D TLS_1_3_VERSION, }; =20 +FIXTURE_VARIANT_ADD(tls_err, 12_aes_gcm_mptcp) +{ + .tls_version =3D TLS_1_2_VERSION, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls_err, 13_aes_gcm_mptcp) +{ + .tls_version =3D TLS_1_3_VERSION, + .mptcp =3D true, +}; + FIXTURE_SETUP(tls_err) { struct tls_crypto_info_keys tls12; --=20 2.53.0 From nobody Sun Mar 22 08:25:57 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2C1902222C5 for ; Tue, 17 Mar 2026 09:13:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738836; cv=none; b=RgQbxWrTIQ65CMgMzHMMviX8GTdVeASfLZitBUxnSSNz3nBMF7hr3eAca62G882L6yXOGfcOoIYzCzoDWYJo/2R+h9yjSpm0+gjOsN+e/UhwE4vCz4SgoVrk8FH5CrmOqqtC5jevvl3AxMaqIlulqnqE3YtZcnYywYNM/dqcj0g= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1773738836; c=relaxed/simple; bh=s4hYwr7J4oysu97lIHiAPdaBs/2LesW9OkezYRV4JeQ=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=UZ64cjCs5XI8/rhncyiJwM+dPUi24dA9W2Uu5usuzSYLop7NBygB9X1OqFjCXkXqbIE1Lm5CcPbG8LwRxhPIY65p3puytU6lszEbx+b0N8y+N83IUZ7AnEAjTQT7/3J3S88NGbV8vtylXKHBWTenUPcp4lAMmPam4nedFDJBZ0w= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=jZFPBj8s; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="jZFPBj8s" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 13F2DC2BCAF; Tue, 17 Mar 2026 09:13:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1773738836; bh=s4hYwr7J4oysu97lIHiAPdaBs/2LesW9OkezYRV4JeQ=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=jZFPBj8suxxg8vVRj1JTTz39oZbp/V/jFKbB36MryyaACEE75xH30p8WzeT2Ojb+e 63kHdeUQklrQTknhmn1mvLIqvkdj9BDp07qj7hHmdGwYmbI0htq8egY2076ZzJ3mM5 dkm0A2ZmZfO8eMYnlL0ZC3hF52RRfyyYrUc70+ZEKt+RMWpKNdqdGwwJVUq/tC/jNA X7rw4+aFrP/jdLcx7wapdmLv5D4oqLqNokA9A71Upz2gwPp5cFdzhj4i+HY57pppgC TVEcRzVFbI02ztSqCI5xw9/DbZlOfz5OcCbDQAlf2zg5/HZ1Ql8kh9y4W6Pg4izwjF 9cBhCzneMvcmg== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v10 14/14] selftests: mptcp: add TLS tests to CI Date: Tue, 17 Mar 2026 17:12:50 +0800 Message-ID: <24e730917f3990af772106132857e63c73c0f05c.1773737371.git.tanggeliang@kylinos.cn> X-Mailer: git-send-email 2.53.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang The mptcp tests for tls.c is available now, this patch adds mptcp_tls.sh to test it in the MPTCP CI by default. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- tools/testing/selftests/net/mptcp/Makefile | 2 + tools/testing/selftests/net/mptcp/config | 3 ++ .../testing/selftests/net/mptcp/mptcp_tls.sh | 49 +++++++++++++++++++ tools/testing/selftests/net/mptcp/tls.c | 1 + 4 files changed, 55 insertions(+) create mode 100755 tools/testing/selftests/net/mptcp/mptcp_tls.sh create mode 120000 tools/testing/selftests/net/mptcp/tls.c diff --git a/tools/testing/selftests/net/mptcp/Makefile b/tools/testing/sel= ftests/net/mptcp/Makefile index 22ba0da2adb8..f7c959a25b3b 100644 --- a/tools/testing/selftests/net/mptcp/Makefile +++ b/tools/testing/selftests/net/mptcp/Makefile @@ -14,6 +14,7 @@ TEST_PROGS :=3D \ mptcp_connect_splice.sh \ mptcp_join.sh \ mptcp_sockopt.sh \ + mptcp_tls.sh \ pm_netlink.sh \ simult_flows.sh \ userspace_pm.sh \ @@ -25,6 +26,7 @@ TEST_GEN_FILES :=3D \ mptcp_inq \ mptcp_sockopt \ pm_nl_ctl \ + tls \ # end of TEST_GEN_FILES =20 TEST_FILES :=3D \ diff --git a/tools/testing/selftests/net/mptcp/config b/tools/testing/selft= ests/net/mptcp/config index 18bd29ac5b24..471c7e0ba2be 100644 --- a/tools/testing/selftests/net/mptcp/config +++ b/tools/testing/selftests/net/mptcp/config @@ -35,3 +35,6 @@ CONFIG_NFT_TPROXY=3Dm CONFIG_SYN_COOKIES=3Dy CONFIG_VETH=3Dy CONFIG_TLS=3Dy +CONFIG_CRYPTO_ARIA=3Dy +CONFIG_CRYPTO_CHACHA20POLY1305=3Dm +CONFIG_CRYPTO_SM4_GENERIC=3Dy diff --git a/tools/testing/selftests/net/mptcp/mptcp_tls.sh b/tools/testing= /selftests/net/mptcp/mptcp_tls.sh new file mode 100755 index 000000000000..b91be338ad0b --- /dev/null +++ b/tools/testing/selftests/net/mptcp/mptcp_tls.sh @@ -0,0 +1,49 @@ +#!/bin/bash +# SPDX-License-Identifier: GPL-2.0 + +. "$(dirname "${0}")/mptcp_lib.sh" + +cleanup() +{ + if [ -n "$pid" ] && kill -0 "$pid" 2>/dev/null; then + kill "$pid" 2>/dev/null + wait "$pid" 2>/dev/null + fi + + mptcp_lib_ns_exit "$ns1" +} + +init() +{ + mptcp_lib_ns_init ns1 + + local i + for i in $(seq 1 4); do + mptcp_lib_pm_nl_add_endpoint "$ns1" \ + "127.0.0.1" flags signal port 1000"$i" + done + + mptcp_lib_pm_nl_set_limits "$ns1" 8 8 + + ip netns exec "$ns1" ip mptcp endpoint show + ip netns exec "$ns1" ip mptcp limits +} + +init +trap cleanup EXIT + +ip netns exec "$ns1" ./tls -v 12_aes_gcm_mptcp \ + -v 13_aes_gcm_mptcp \ + -v 12_chacha_mptcp \ + -v 13_chacha_mptcp \ + -v 13_sm4_gcm_mptcp \ + -v 13_sm4_ccm_mptcp \ + -v 12_aes_ccm_mptcp \ + -v 13_aes_ccm_mptcp \ + -v 12_aes_gcm_256_mptcp \ + -v 13_aes_gcm_256_mptcp \ + -v 13_nopad_mptcp \ + -v 12_aria_gcm_mptcp \ + -v 12_aria_gcm_256_mptcp & +pid=3D$! +wait $pid diff --git a/tools/testing/selftests/net/mptcp/tls.c b/tools/testing/selfte= sts/net/mptcp/tls.c new file mode 120000 index 000000000000..724b1f047c89 --- /dev/null +++ b/tools/testing/selftests/net/mptcp/tls.c @@ -0,0 +1 @@ +../tls.c \ No newline at end of file --=20 2.53.0