From nobody Sat Apr 11 11:23:27 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A85F428690 for ; Thu, 2 Apr 2026 07:47:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116078; cv=none; b=QypzhRSJts6Zl3brOSRdDnljiN0+Awr9Com94ehpRzDJ+j4cmNEVV9P5TdNblw+mr2/Zw9dciR6Dii0w+JEap0lFKtIUzqj+9GciI7wzu54HoMTG/RfdMiXu7q27AxSDtKvB58A68E+v87dTUa7Qm5Mlg+NOihUtuqn5pLrdbfc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116078; c=relaxed/simple; bh=JVurSmLyeZMlXBj4E7l1+mJJMl9u3MQsQjPhcbMEW8o=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=e1AkaRUmwGIU0plZ3O0jARqWs18+FdGsUneARj18NSG65MJYuVHGIBbd1kmRaijWPagVGmsrYkneCb/bg9XmYqzhTTyu/xSndKrt72bBwaMCyEop8rLeV6iMCjiKA86o0smekKNp76gc0QX5tQ1g/yPD8aKIlaXnHvBTAw7Rad4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=W/IpIe/1; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="W/IpIe/1" Received: by smtp.kernel.org (Postfix) with ESMTPSA id C1ABAC19423; Thu, 2 Apr 2026 07:47:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1775116078; bh=JVurSmLyeZMlXBj4E7l1+mJJMl9u3MQsQjPhcbMEW8o=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=W/IpIe/1NUMzbe/FMIJK5Sho1typolq/tuBRB9FzcJzOd7nyw57NtRIeICsjvmVC8 cNVKGVrv9OPjvKmslE13pO7QIS4ck6WkTkkx8i1T5nq/LJka2nASwA0sGLSvMjBN6b Lidw8Y4KN2LOudyyrUX3HyuG4ldip2sNbDVIgqyrdn3G8T883nWySMZ6k5y/Y34XDS RU1mnxCSBlN2L4TA0F83DPCuhzALyjwGs3yDZP0eBZZCAyn0+BXE51YgsyHY9/XPQD IBTV671UAq5pO5fozxaF9eQV6dCNaghYUFOWFWjpqY0k/hAoRlXnSCFd9l2Rbwfxdj uNQffbAOTpQUA== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v12 01/15] tls: introduce struct tls_prot_ops Date: Thu, 2 Apr 2026 15:47:36 +0800 Message-ID: X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang To extend MPTCP support based on TCP TLS, a tls_prot_ops structure has been introduced for TLS, encapsulating TCP-specific helpers within this structure. Add registering, validating and finding functions for this structure to add, validate and find a tls_prot_ops on the global list tls_prot_ops_list. Register TCP-specific structure tls_tcp_ops in tls_init(). Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- include/net/tls.h | 20 +++++++++++ net/tls/tls_main.c | 89 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 109 insertions(+) diff --git a/include/net/tls.h b/include/net/tls.h index ebd2550280ae..cf85f7a0c931 100644 --- a/include/net/tls.h +++ b/include/net/tls.h @@ -220,6 +220,26 @@ struct tls_prot_info { u16 tail_size; }; =20 +struct tls_prot_ops { + int protocol; + struct module *owner; + struct list_head list; + + int (*inq)(struct sock *sk); + int (*sendmsg_locked)(struct sock *sk, struct msghdr *msg, size_t size); + struct sk_buff *(*recv_skb)(struct sock *sk, u32 *off); + bool (*lock_is_held)(struct sock *sk); + int (*read_sock)(struct sock *sk, read_descriptor_t *desc, + sk_read_actor_t recv_actor); + void (*read_done)(struct sock *sk, size_t len); + u32 (*get_skb_off)(struct sk_buff *skb); + u32 (*get_skb_seq)(struct sk_buff *skb); + __poll_t (*poll)(struct file *file, struct socket *sock, + struct poll_table_struct *wait); + bool (*epollin_ready)(const struct sock *sk); + void (*check_app_limited)(struct sock *sk); +}; + struct tls_context { /* read-only cache line */ struct tls_prot_info prot_info; diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c index fd39acf41a61..5ee7c7d60942 100644 --- a/net/tls/tls_main.c +++ b/net/tls/tls_main.c @@ -128,6 +128,24 @@ static struct proto_ops tls_proto_ops[TLS_NUM_PROTS][T= LS_NUM_CONFIG][TLS_NUM_CON static void build_protos(struct proto prot[TLS_NUM_CONFIG][TLS_NUM_CONFIG], const struct proto *base); =20 +static DEFINE_SPINLOCK(tls_prot_ops_lock); +static LIST_HEAD(tls_prot_ops_list); + +/* Must be called with rcu read lock held */ +static struct tls_prot_ops *tls_prot_ops_find(int protocol) +{ + struct tls_prot_ops *ops, *ret =3D NULL; + + list_for_each_entry_rcu(ops, &tls_prot_ops_list, list) { + if (ops->protocol =3D=3D protocol) { + ret =3D ops; + break; + } + } + + return ret; +} + void update_sk_prot(struct sock *sk, struct tls_context *ctx) { int ip_ver =3D sk->sk_family =3D=3D AF_INET6 ? TLSV6 : TLSV4; @@ -1236,6 +1254,75 @@ static struct tcp_ulp_ops tcp_tls_ulp_ops __read_mos= tly =3D { .get_info_size =3D tls_get_info_size, }; =20 +static int tls_validate_prot_ops(const struct tls_prot_ops *ops) +{ + if (!ops->inq || !ops->sendmsg_locked || + !ops->recv_skb || !ops->lock_is_held || + !ops->read_sock || !ops->read_done || + !ops->get_skb_seq || + !ops->poll || !ops->epollin_ready || + !ops->check_app_limited) { + pr_err("%d does not implement required ops\n", ops->protocol); + return -EINVAL; + } + + return 0; +} + +static int tls_register_prot_ops(struct tls_prot_ops *ops) +{ + int ret; + + ret =3D tls_validate_prot_ops(ops); + if (ret) + return ret; + + spin_lock(&tls_prot_ops_lock); + if (tls_prot_ops_find(ops->protocol)) { + spin_unlock(&tls_prot_ops_lock); + return -EEXIST; + } + list_add_tail_rcu(&ops->list, &tls_prot_ops_list); + spin_unlock(&tls_prot_ops_lock); + + pr_debug("tls_prot_ops %d registered\n", ops->protocol); + return 0; +} + +static struct sk_buff *tls_tcp_recv_skb(struct sock *sk, u32 *off) +{ + return tcp_recv_skb(sk, tcp_sk(sk)->copied_seq, off); +} + +static bool tls_tcp_lock_is_held(struct sock *sk) +{ + return sock_owned_by_user_nocheck(sk); +} + +static u32 tls_tcp_get_skb_seq(struct sk_buff *skb) +{ + return TCP_SKB_CB(skb)->seq; +} + +static bool tls_tcp_epollin_ready(const struct sock *sk) +{ + return tcp_epollin_ready(sk, INT_MAX); +} + +static struct tls_prot_ops tls_tcp_ops =3D { + .protocol =3D IPPROTO_TCP, + .inq =3D tcp_inq, + .sendmsg_locked =3D tcp_sendmsg_locked, + .recv_skb =3D tls_tcp_recv_skb, + .lock_is_held =3D tls_tcp_lock_is_held, + .read_sock =3D tcp_read_sock, + .read_done =3D tcp_read_done, + .get_skb_seq =3D tls_tcp_get_skb_seq, + .poll =3D tcp_poll, + .epollin_ready =3D tls_tcp_epollin_ready, + .check_app_limited =3D tcp_rate_check_app_limited, +}; + static int __init tls_register(void) { int err; @@ -1254,6 +1341,8 @@ static int __init tls_register(void) =20 tcp_register_ulp(&tcp_tls_ulp_ops); =20 + tls_register_prot_ops(&tls_tcp_ops); + return 0; err_strp: tls_strp_dev_exit(); --=20 2.51.0 From nobody Sat Apr 11 11:23:27 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A8A5635AC07 for ; Thu, 2 Apr 2026 07:48:00 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116080; cv=none; b=DyVgYzHFkyKUqX9CxlQJnBJqL/5zBGv0wH1n9/gGqsat++5SG6gyXrUbMn7tCp8DJsCKvAQS4viw0EcM7uVnpHhAeKlPZSHCaGbM2LTWjhS5oPhjLaIadNPLUdw2e2PGcDdELhPBz420Jo0iPx8ntadVOwhhJT2Kh1RAujhD3iQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116080; c=relaxed/simple; bh=7Yfxjed2+wpvEgWkLvqyPDRjsTQ4usyd8RSh9SXTMLg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=uVqsAllVTKN1heBXGCIbKbRVGyDGlYigBkkiEwH8JSub4qazIdVo8/F0nJKp+ijIQYoZ7jUMlwABnnS5Udu20kLvOwFE5pfSQ1HP7yfDgAHjZk1NKYnPq46yAKP78XGEyFLUMiiGFvBuUN7d+3SQfvHx/d/7SNW68e9glUXhwhs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=kGnRw9qM; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="kGnRw9qM" Received: by smtp.kernel.org (Postfix) with ESMTPSA id EB9BFC19423; Thu, 2 Apr 2026 07:47:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1775116080; bh=7Yfxjed2+wpvEgWkLvqyPDRjsTQ4usyd8RSh9SXTMLg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=kGnRw9qM7bTXCFnk00o4sAMpxpcqZGBLQu5jGqqcPgCoAepkLqlPiWvoe3mJUDDyi a3tzvTByx/u0xVUdeMFF/x9jGLxUXNpKMEuB53cFCMqUhEAZd0XgIKuWXLUZH3TT7t K98mvuCSLbFlsbRLST3o7OXraKOxY4zFaa0sdL+QuW+eqhnxIQpuGkazHRU5CNnMNk Wi2BP+EWelLbQkAC0L0diJlNyJ+Z/PW86hQYogy1tDhLWhn3FUl1xGlKvC2nuyw9wl hRXNwKyorL/hCAVkOWn83lt3ZFoq8PFk1xB5fA42K7RSDcDrIHQlUULLrLwIAxHkx2 0mtqDgAA7m0TQ== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v12 02/15] tls: add tls_prot_ops pointer to tls_context Date: Thu, 2 Apr 2026 15:47:37 +0800 Message-ID: X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang A pointer to struct tls_prot_ops, named 'ops', has been added to struct tls_context. The places originally calling TLS-specific helpers have now been modified to indirectly invoke them via 'ops' pointer in tls_context. In do_tls_setsockopt_conf(), ctx->ops is assigned either 'tls_mptcp_ops' or 'tls_tcp_ops' based on the socket protocol. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- include/net/tls.h | 1 + net/tls/tls_main.c | 15 +++++++++++---- net/tls/tls_strp.c | 33 ++++++++++++++++++++++----------- net/tls/tls_sw.c | 7 +++++-- 4 files changed, 39 insertions(+), 17 deletions(-) diff --git a/include/net/tls.h b/include/net/tls.h index cf85f7a0c931..e323bfdeba4f 100644 --- a/include/net/tls.h +++ b/include/net/tls.h @@ -278,6 +278,7 @@ struct tls_context { struct sock *sk; =20 void (*sk_destruct)(struct sock *sk); + const struct tls_prot_ops *ops; =20 union tls_crypto_context crypto_send; union tls_crypto_context crypto_recv; diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c index 5ee7c7d60942..5f324887390d 100644 --- a/net/tls/tls_main.c +++ b/net/tls/tls_main.c @@ -206,13 +206,13 @@ int tls_push_sg(struct sock *sk, ctx->splicing_pages =3D true; while (1) { /* is sending application-limited? */ - tcp_rate_check_app_limited(sk); + ctx->ops->check_app_limited(sk); p =3D sg_page(sg); retry: bvec_set_page(&bvec, p, size, offset); iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, &bvec, 1, size); =20 - ret =3D tcp_sendmsg_locked(sk, &msg, size); + ret =3D ctx->ops->sendmsg_locked(sk, &msg, size); =20 if (ret !=3D size) { if (ret > 0) { @@ -427,14 +427,14 @@ static __poll_t tls_sk_poll(struct file *file, struct= socket *sock, u8 shutdown; int state; =20 - mask =3D tcp_poll(file, sock, wait); + tls_ctx =3D tls_get_ctx(sk); + mask =3D tls_ctx->ops->poll(file, sock, wait); =20 state =3D inet_sk_state_load(sk); shutdown =3D READ_ONCE(sk->sk_shutdown); if (unlikely(state !=3D TCP_ESTABLISHED || shutdown & RCV_SHUTDOWN)) return mask; =20 - tls_ctx =3D tls_get_ctx(sk); ctx =3D tls_sw_ctx_rx(tls_ctx); psock =3D sk_psock_get(sk); =20 @@ -1094,6 +1094,13 @@ static int tls_init(struct sock *sk) ctx->tx_conf =3D TLS_BASE; ctx->rx_conf =3D TLS_BASE; ctx->tx_max_payload_len =3D TLS_MAX_PAYLOAD_SIZE; + ctx->ops =3D tls_prot_ops_find(sk->sk_protocol); + if (!ctx->ops) { + tls_ctx_free(sk, ctx); + inet_csk(sk)->icsk_ulp_ops =3D NULL; + rc =3D -EINVAL; + goto out; + } update_sk_prot(sk, ctx); out: write_unlock_bh(&sk->sk_callback_lock); diff --git a/net/tls/tls_strp.c b/net/tls/tls_strp.c index 98e12f0ff57e..71f44bf9ed59 100644 --- a/net/tls/tls_strp.c +++ b/net/tls/tls_strp.c @@ -120,6 +120,7 @@ struct sk_buff *tls_strp_msg_detach(struct tls_sw_conte= xt_rx *ctx) int tls_strp_msg_cow(struct tls_sw_context_rx *ctx) { struct tls_strparser *strp =3D &ctx->strp; + struct tls_context *tls_ctx; struct sk_buff *skb; =20 if (strp->copy_mode) @@ -132,7 +133,8 @@ int tls_strp_msg_cow(struct tls_sw_context_rx *ctx) tls_strp_anchor_free(strp); strp->anchor =3D skb; =20 - tcp_read_done(strp->sk, strp->stm.full_len); + tls_ctx =3D tls_get_ctx(strp->sk); + tls_ctx->ops->read_done(strp->sk, strp->stm.full_len); strp->copy_mode =3D 1; =20 return 0; @@ -376,6 +378,7 @@ static int tls_strp_copyin(read_descriptor_t *desc, str= uct sk_buff *in_skb, =20 static int tls_strp_read_copyin(struct tls_strparser *strp) { + struct tls_context *ctx =3D tls_get_ctx(strp->sk); read_descriptor_t desc; =20 desc.arg.data =3D strp; @@ -383,13 +386,14 @@ static int tls_strp_read_copyin(struct tls_strparser = *strp) desc.count =3D 1; /* give more than one skb per call */ =20 /* sk should be locked here, so okay to do read_sock */ - tcp_read_sock(strp->sk, &desc, tls_strp_copyin); + ctx->ops->read_sock(strp->sk, &desc, tls_strp_copyin); =20 return desc.error; } =20 static int tls_strp_read_copy(struct tls_strparser *strp, bool qshort) { + struct tls_context *ctx =3D tls_get_ctx(strp->sk); struct skb_shared_info *shinfo; struct page *page; int need_spc, len; @@ -398,7 +402,7 @@ static int tls_strp_read_copy(struct tls_strparser *str= p, bool qshort) * to read the data out. Otherwise the connection will stall. * Without pressure threshold of INT_MAX will never be ready. */ - if (likely(qshort && !tcp_epollin_ready(strp->sk, INT_MAX))) + if (likely(qshort && !ctx->ops->epollin_ready(strp->sk))) return 0; =20 shinfo =3D skb_shinfo(strp->anchor); @@ -434,12 +438,13 @@ static int tls_strp_read_copy(struct tls_strparser *s= trp, bool qshort) static bool tls_strp_check_queue_ok(struct tls_strparser *strp) { unsigned int len =3D strp->stm.offset + strp->stm.full_len; + struct tls_context *ctx =3D tls_get_ctx(strp->sk); struct sk_buff *first, *skb; u32 seq; =20 first =3D skb_shinfo(strp->anchor)->frag_list; skb =3D first; - seq =3D TCP_SKB_CB(first)->seq; + seq =3D ctx->ops->get_skb_seq(first); =20 /* Make sure there's no duplicate data in the queue, * and the decrypted status matches. @@ -449,7 +454,7 @@ static bool tls_strp_check_queue_ok(struct tls_strparse= r *strp) len -=3D skb->len; skb =3D skb->next; =20 - if (TCP_SKB_CB(skb)->seq !=3D seq) + if (ctx->ops->get_skb_seq(skb) !=3D seq) return false; if (skb_cmp_decrypted(first, skb)) return false; @@ -460,11 +465,11 @@ static bool tls_strp_check_queue_ok(struct tls_strpar= ser *strp) =20 static void tls_strp_load_anchor_with_queue(struct tls_strparser *strp, in= t len) { - struct tcp_sock *tp =3D tcp_sk(strp->sk); + struct tls_context *ctx =3D tls_get_ctx(strp->sk); struct sk_buff *first; u32 offset; =20 - first =3D tcp_recv_skb(strp->sk, tp->copied_seq, &offset); + first =3D ctx->ops->recv_skb(strp->sk, &offset); if (WARN_ON_ONCE(!first)) return; =20 @@ -483,6 +488,7 @@ static void tls_strp_load_anchor_with_queue(struct tls_= strparser *strp, int len) =20 bool tls_strp_msg_load(struct tls_strparser *strp, bool force_refresh) { + struct tls_context *ctx =3D tls_get_ctx(strp->sk); struct strp_msg *rxm; struct tls_msg *tlm; =20 @@ -490,7 +496,7 @@ bool tls_strp_msg_load(struct tls_strparser *strp, bool= force_refresh) DEBUG_NET_WARN_ON_ONCE(!strp->stm.full_len); =20 if (!strp->copy_mode && force_refresh) { - if (unlikely(tcp_inq(strp->sk) < strp->stm.full_len)) { + if (unlikely(ctx->ops->inq(strp->sk) < strp->stm.full_len)) { WRITE_ONCE(strp->msg_ready, 0); memset(&strp->stm, 0, sizeof(strp->stm)); return false; @@ -511,9 +517,10 @@ bool tls_strp_msg_load(struct tls_strparser *strp, boo= l force_refresh) /* Called with lock held on lower socket */ static int tls_strp_read_sock(struct tls_strparser *strp) { + struct tls_context *ctx =3D tls_get_ctx(strp->sk); int sz, inq; =20 - inq =3D tcp_inq(strp->sk); + inq =3D ctx->ops->inq(strp->sk); if (inq < 1) return 0; =20 @@ -556,6 +563,8 @@ void tls_strp_check_rcv(struct tls_strparser *strp) /* Lower sock lock held */ void tls_strp_data_ready(struct tls_strparser *strp) { + struct tls_context *ctx =3D tls_get_ctx(strp->sk); + /* This check is needed to synchronize with do_tls_strp_work. * do_tls_strp_work acquires a process lock (lock_sock) whereas * the lock held here is bh_lock_sock. The two locks can be @@ -563,7 +572,7 @@ void tls_strp_data_ready(struct tls_strparser *strp) * allows a thread in BH context to safely check if the process * lock is held. In this case, if the lock is held, queue work. */ - if (sock_owned_by_user_nocheck(strp->sk)) { + if (ctx->ops->lock_is_held(strp->sk)) { queue_work(tls_strp_wq, &strp->work); return; } @@ -583,10 +592,12 @@ static void tls_strp_work(struct work_struct *w) =20 void tls_strp_msg_done(struct tls_strparser *strp) { + struct tls_context *ctx =3D tls_get_ctx(strp->sk); + WARN_ON(!strp->stm.full_len); =20 if (likely(!strp->copy_mode)) - tcp_read_done(strp->sk, strp->stm.full_len); + ctx->ops->read_done(strp->sk, strp->stm.full_len); else tls_strp_flush_anchor_copy(strp); =20 diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index 20f8fc84c5f5..ad8066c2e248 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -1953,13 +1953,14 @@ tls_read_flush_backlog(struct sock *sk, struct tls_= prot_info *prot, size_t len_left, size_t decrypted, ssize_t done, size_t *flushed_at) { + struct tls_context *tls_ctx =3D tls_get_ctx(sk); size_t max_rec; =20 if (len_left <=3D decrypted) return false; =20 max_rec =3D prot->overhead_size - prot->tail_size + TLS_MAX_PAYLOAD_SIZE; - if (done - *flushed_at < SZ_128K && tcp_inq(sk) > max_rec) + if (done - *flushed_at < SZ_128K && tls_ctx->ops->inq(sk) > max_rec) return false; =20 *flushed_at =3D done; @@ -2445,6 +2446,7 @@ int tls_rx_msg_size(struct tls_strparser *strp, struc= t sk_buff *skb) size_t cipher_overhead; size_t data_len =3D 0; int ret; + u32 seq; =20 /* Verify that we have a full TLS header, or wait for more data */ if (strp->stm.offset + prot->prepend_size > skb->len) @@ -2487,8 +2489,9 @@ int tls_rx_msg_size(struct tls_strparser *strp, struc= t sk_buff *skb) goto read_failure; } =20 + seq =3D tls_ctx->ops->get_skb_seq(skb); tls_device_rx_resync_new_rec(strp->sk, data_len + TLS_HEADER_SIZE, - TCP_SKB_CB(skb)->seq + strp->stm.offset); + seq + strp->stm.offset); return data_len + TLS_HEADER_SIZE; =20 read_failure: --=20 2.51.0 From nobody Sat Apr 11 11:23:27 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A5462312803 for ; Thu, 2 Apr 2026 07:48:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116082; cv=none; b=Ci42QTJp5WGLeWxwDJEANvJ+geA0fBCuSbXK8wtzOH7oyYQcrlKD/FcYTPNqlxN+QGTTQNICBq/YGiNJ2B2oOfDXWzpBxCOR+pdMBjRHeFdkEaI0kxoLGecrPPqzD0hKIArvR0pVq9ILZL2zfeaGMH38jDhFNbvh76MZMy/+6no= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116082; c=relaxed/simple; bh=a9BA3RROZ+6Yrz+vdVhG7rEBjuXHlU7FP7q/LlVozCg=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=nG34djEveOy8JU6KUKoAzntE4S4qvAoT4VARSJsVLmn8s0Yp1NY6A62x9FOiocSIf2qQTT+5hFv83+wCA4Zqb2SluMFD3s4e9ek9boPUJ5NGUAe7MHzPJP86+wTcyT/EEDRmqrhAv1YnDfZZ44qOKmUTIyszXbT4e9k6hAWAk10= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=SLL6sLLd; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="SLL6sLLd" Received: by smtp.kernel.org (Postfix) with ESMTPSA id F10E1C19423; Thu, 2 Apr 2026 07:48:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1775116082; bh=a9BA3RROZ+6Yrz+vdVhG7rEBjuXHlU7FP7q/LlVozCg=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=SLL6sLLdkBppuk0bhgToHc9ZPRfX0dZJ0EOBVZSlXQAjJMRwoeaKP4JFRyjIwBFlX QDIQAa1dTWmfdqNe03cql1Ck9zas56zhtOsHHX0qPsejHFrX7wwR032IWG80oIoiZG cFuNm7gHjTijlt1vVEJxg57/rpzt8oJtSvcxY5sEqwXjmlghC42UaNxo8UegtHBv3J C2Nfxic5nli2UdDwCQJxL83yPuyiR+KX1dWhbkyYzWrbqoBNywAh/ZpxnVxLLeHNN7 f56N2OKfM8KApJjx8objSak1FlcCwH9eWGu0wxZxMmZkDzI+sgUiQMeaBvlcMbC6n0 GgVMrHFqM+w2Q== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Gang Yan , Geliang Tang Subject: [RFC mptcp-next v12 03/15] tls: add skb offset check for mptcp Date: Thu, 2 Apr 2026 15:47:38 +0800 Message-ID: <066da609f001a94f70ef30cfeec7e968514b9d71.1775115102.git.tanggeliang@kylinos.cn> X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Gang Yan In MPTCP, subflow SKBs can have non-zero offsets due to out-of-order handling or partial delivery. When walking the TLS strp queue for sequence and decryption checks, validate each SKB's offset except the first using get_skb_off() to ensure queue consistency. This is specific to MPTCP, as TCP does not require offset checks. If any invalid offset is found, return false to trigger resynchronization. Co-developed-by: Geliang Tang Signed-off-by: Geliang Tang Signed-off-by: Gang Yan --- net/tls/tls_strp.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/net/tls/tls_strp.c b/net/tls/tls_strp.c index 71f44bf9ed59..feef440d49fd 100644 --- a/net/tls/tls_strp.c +++ b/net/tls/tls_strp.c @@ -454,6 +454,9 @@ static bool tls_strp_check_queue_ok(struct tls_strparse= r *strp) len -=3D skb->len; skb =3D skb->next; =20 + if (ctx->ops->get_skb_off && + ctx->ops->get_skb_off(skb)) + return false; if (ctx->ops->get_skb_seq(skb) !=3D seq) return false; if (skb_cmp_decrypted(first, skb)) --=20 2.51.0 From nobody Sat Apr 11 11:23:27 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C3C032765C4 for ; Thu, 2 Apr 2026 07:48:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116084; cv=none; b=XUDr3OIX+00DH1CnJmTRUwHAAh5twZL2WM/hmQcsS6++dUuuDym6Z7w6Fw4tPLQWvKuvJ9QoCqjGHGA8gS7uQF1DLLHKSCK7L+5bFJAsC1MAMSVyusq6UT79Ikhb6MHTVaiQylSRW1RRva7rLeKK1T92wIA82AViEZ5ObnhWIG8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116084; c=relaxed/simple; bh=2xZp9/IYGEFRhh10+V43/rCgkiNtKTgKgP6vogiIakU=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=juOlaPw4PonksvIzVhaTCdfEjNiUn3/ZXNBbT5UlxONM2KBwe1tGKwdFqcGMZWD4JdZxKFifIA9GQ4NqctN/bnmHuNi7IRWrSpz4zGTlj9Mds/NyYSJbvcxVWxgv5grsmkby1y0p7EuPPPPKe4lyfnL9DkIB7MGmhucU4ohK1wY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=u1SWKt18; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="u1SWKt18" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 0916AC2BC9E; Thu, 2 Apr 2026 07:48:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1775116084; bh=2xZp9/IYGEFRhh10+V43/rCgkiNtKTgKgP6vogiIakU=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=u1SWKt18JvdYRXI1FEju7DN5OPUrO7Bk9TtPZG0q0zmokm8gXahuTThJJ8pdCVpfH Dox7LKnBgFIU4jxRHec4ZCn0mjvK62KbqHj6vbxKVfisDu22WrOOBh3K7A+OTxUJde kiLHgsKfO5lhkl/QooHAViTD87W1PsLsWo0FIQdtXZWqhAZbbAkZOCSyTaWmlbeUhT 4SuCyU0315y6DAKkrSaGbWb0i0H8rpgELkKpt67FwpGCJZARK9oo1wM7biyyI89EIG iDnuwsCIyZ5UkN57rDIyCvsWeav7wUybFV/O92+8v4jn//PrnQG/whhH2uPfx2/BZ+ rSrKZk7pba/Ww== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Gang Yan , Geliang Tang Subject: [RFC mptcp-next v12 04/15] mptcp: update mptcp_check_readable Date: Thu, 2 Apr 2026 15:47:39 +0800 Message-ID: <16ec7f5220b1accf1047893498196abaae7d0e4c.1775115102.git.tanggeliang@kylinos.cn> X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Gang Yan This patch makes mptcp_check_readable() aligned with TCP, and renames it to mptcp_stream_is_readable(). It will be used in the case of KTLS, because 'prot' will be modified, tls_sw_sock_is_readable() is expected to be called from prot->sock_is_readable(). Co-developed-by: Geliang Tang Signed-off-by: Geliang Tang Signed-off-by: Gang Yan --- net/mptcp/protocol.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c index 3630a230be53..975c54f36f7a 100644 --- a/net/mptcp/protocol.c +++ b/net/mptcp/protocol.c @@ -3322,9 +3322,11 @@ void __mptcp_unaccepted_force_close(struct sock *sk) __mptcp_destroy_sock(sk); } =20 -static __poll_t mptcp_check_readable(struct sock *sk) +static bool mptcp_stream_is_readable(struct sock *sk) { - return mptcp_epollin_ready(sk) ? EPOLLIN | EPOLLRDNORM : 0; + if (mptcp_epollin_ready(sk)) + return true; + return sk_is_readable(sk); } =20 static void mptcp_check_listen_stop(struct sock *sk) @@ -4386,7 +4388,8 @@ static __poll_t mptcp_poll(struct file *file, struct = socket *sock, mask |=3D EPOLLIN | EPOLLRDNORM | EPOLLRDHUP; =20 if (state !=3D TCP_SYN_SENT && state !=3D TCP_SYN_RECV) { - mask |=3D mptcp_check_readable(sk); + if (mptcp_stream_is_readable(sk)) + mask |=3D EPOLLIN | EPOLLRDNORM; if (shutdown & SEND_SHUTDOWN) mask |=3D EPOLLOUT | EPOLLWRNORM; else --=20 2.51.0 From nobody Sat Apr 11 11:23:27 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3F98D263F5E for ; Thu, 2 Apr 2026 07:48:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116086; cv=none; b=ipY6p/0AtpqdzvXTWaM+rwYp6WedrDZ8MwXNs0EkBIUrgp8ehpmFuvC2Ie/OxhT6Drhxzrzsb+vQGai2YPd3G2ioKBY03o5j4P9/H+E2zhnKevkxAjIx1GUih2wdJp9c9hRFhNU7hMuC8/4O1TbP5nIlAskKgTb+dg/WN9OPZXE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116086; c=relaxed/simple; bh=owTmm6vxhl9s72MESc55HGuD6c99DGxGVP7bh3VGJTY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=fNEnmHIgklWAO3ZMz0kZUq6+K711fekTlcnfEUx8vCOMvMtA4NMPBKKUy8YXH9/GWJP3z/wMGp/rkcx2lOYdedyzmn7Eg1S4brxSk+qacuW8uU6knZIqPlodzgjca+Mtgbu8lr2+dNd2GLiYoiwUosu9ZlEABtT+uu7uNxDENMk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=leOAyl8x; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="leOAyl8x" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 04425C2BC9E; Thu, 2 Apr 2026 07:48:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1775116086; bh=owTmm6vxhl9s72MESc55HGuD6c99DGxGVP7bh3VGJTY=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=leOAyl8xzfyh1Z6zvKujCNcuvZpF6SogSrOivwtDsm/P+6y4tv0RfzzMPESjhsXlO 87Ean8yZydXCbYwAZAwWl3mmvfjuTuNPCD/jTME9NiFM7LCE9ABtkhvXhYevog/dpD qV0vqg+KboVewBZpEtnqWFW6I2vjlBzVkCGMsGl7WEsS6iUDA09VVVzXoyjf7X3ygA JXjMx6dsJgGgCrVxtfqeXqazxm9psF/MzqBXkn0+/awUmStj8LKIoynJOmdH6yET0L 1A6/UzjIifzJN/SPlY+A8gEizsL75BZte7qBcrh4L8/qv/2vAms5zJlGT1k29nIO8L Sw3quOnjRaq4Q== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v12 05/15] mptcp: implement tls_mptcp_ops Date: Thu, 2 Apr 2026 15:47:40 +0800 Message-ID: <4231d50db9c3a97e5162f6f277deec4524533189.1775115102.git.tanggeliang@kylinos.cn> X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang This patch implements the MPTCP-specific struct tls_prot_ops, named 'tls_mptcp_ops'. Note that there is a slight difference between mptcp_inq() and mptcp_inq_hint(), it does not return 1 when the socket is closed or shut down; instead, it returns 0. Otherwise, it would break the condition "inq < 1" in tls_strp_read_sock(). Passing an MPTCP socket to tcp_sock_rate_check_app_limited() can trigger a crash. Here, an MPTCP version of check_app_limited() is implemented, which calls tcp_sock_rate_check_app_limited() for each subflow. When MPTCP implements lock_is_held interface, it not only checks sock_owned_by_user_nocheck(sk) as TCP does, but also needs to check whether the MPTCP data lock is held. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- include/net/mptcp.h | 2 + include/net/tcp.h | 1 + net/ipv4/tcp.c | 9 +++- net/mptcp/protocol.c | 113 ++++++++++++++++++++++++++++++++++++++++--- net/tls/tls_main.c | 3 ++ 5 files changed, 120 insertions(+), 8 deletions(-) diff --git a/include/net/mptcp.h b/include/net/mptcp.h index 4cf59e83c1c5..02564eceeb7e 100644 --- a/include/net/mptcp.h +++ b/include/net/mptcp.h @@ -132,6 +132,8 @@ struct mptcp_pm_ops { void (*release)(struct mptcp_sock *msk); } ____cacheline_aligned_in_smp; =20 +extern struct tls_prot_ops tls_mptcp_ops; + #ifdef CONFIG_MPTCP void mptcp_init(void); =20 diff --git a/include/net/tcp.h b/include/net/tcp.h index 6156d1d068e1..2a10bfffebf6 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h @@ -851,6 +851,7 @@ static inline int tcp_bound_to_half_wnd(struct tcp_sock= *tp, int pktsize) =20 /* tcp.c */ void tcp_get_info(struct sock *, struct tcp_info *); +void tcp_sock_rate_check_app_limited(struct tcp_sock *tp); void tcp_rate_check_app_limited(struct sock *sk); =20 /* Read 'sendfile()'-style from a TCP socket */ diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c index f2d2884652ea..4b8cf7ca2695 100644 --- a/net/ipv4/tcp.c +++ b/net/ipv4/tcp.c @@ -1100,9 +1100,9 @@ int tcp_sendmsg_fastopen(struct sock *sk, struct msgh= dr *msg, int *copied, } =20 /* If a gap is detected between sends, mark the socket application-limited= . */ -void tcp_rate_check_app_limited(struct sock *sk) +void tcp_sock_rate_check_app_limited(struct tcp_sock *tp) { - struct tcp_sock *tp =3D tcp_sk(sk); + struct sock *sk =3D (struct sock *)tp; =20 if (/* We have less than one packet to send. */ tp->write_seq - tp->snd_nxt < tp->mss_cache && @@ -1115,6 +1115,11 @@ void tcp_rate_check_app_limited(struct sock *sk) tp->app_limited =3D (tp->delivered + tcp_packets_in_flight(tp)) ? : 1; } + +void tcp_rate_check_app_limited(struct sock *sk) +{ + tcp_sock_rate_check_app_limited(tcp_sk(sk)); +} EXPORT_SYMBOL_GPL(tcp_rate_check_app_limited); =20 int tcp_sendmsg_locked(struct sock *sk, struct msghdr *msg, size_t size) diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c index 975c54f36f7a..7d567597f26b 100644 --- a/net/mptcp/protocol.c +++ b/net/mptcp/protocol.c @@ -24,11 +24,12 @@ #include #include #include +#include #include #include "protocol.h" #include "mib.h" =20 -static unsigned int mptcp_inq_hint(const struct sock *sk); +static unsigned int mptcp_inq_hint(struct sock *sk); =20 #define CREATE_TRACE_POINTS #include @@ -1933,7 +1934,7 @@ static void mptcp_rps_record_subflows(const struct mp= tcp_sock *msk) } } =20 -static int mptcp_sendmsg(struct sock *sk, struct msghdr *msg, size_t len) +static int mptcp_sendmsg_locked(struct sock *sk, struct msghdr *msg, size_= t len) { struct mptcp_sock *msk =3D mptcp_sk(sk); struct page_frag *pfrag; @@ -1944,8 +1945,6 @@ static int mptcp_sendmsg(struct sock *sk, struct msgh= dr *msg, size_t len) /* silently ignore everything else */ msg->msg_flags &=3D MSG_MORE | MSG_DONTWAIT | MSG_NOSIGNAL | MSG_FASTOPEN; =20 - lock_sock(sk); - mptcp_rps_record_subflows(msk); =20 if (unlikely(inet_test_bit(DEFER_CONNECT, sk) || @@ -2053,7 +2052,6 @@ static int mptcp_sendmsg(struct sock *sk, struct msgh= dr *msg, size_t len) __mptcp_push_pending(sk, msg->msg_flags); =20 out: - release_sock(sk); return copied; =20 do_error: @@ -2064,6 +2062,17 @@ static int mptcp_sendmsg(struct sock *sk, struct msg= hdr *msg, size_t len) goto out; } =20 +static int mptcp_sendmsg(struct sock *sk, struct msghdr *msg, size_t len) +{ + int ret; + + lock_sock(sk); + ret =3D mptcp_sendmsg_locked(sk, msg, len); + release_sock(sk); + + return ret; +} + static void mptcp_rcv_space_adjust(struct mptcp_sock *msk, int copied); =20 static void mptcp_eat_recv_skb(struct sock *sk, struct sk_buff *skb) @@ -2324,7 +2333,7 @@ static bool mptcp_move_skbs(struct sock *sk) return enqueued; } =20 -static unsigned int mptcp_inq_hint(const struct sock *sk) +static int mptcp_inq(struct sock *sk) { const struct mptcp_sock *msk =3D mptcp_sk(sk); const struct sk_buff *skb; @@ -2339,6 +2348,16 @@ static unsigned int mptcp_inq_hint(const struct sock= *sk) return (unsigned int)hint_val; } =20 + return 0; +} + +static unsigned int mptcp_inq_hint(struct sock *sk) +{ + unsigned int inq =3D mptcp_inq(sk); + + if (inq) + return inq; + if (sk->sk_state =3D=3D TCP_CLOSE || (sk->sk_shutdown & RCV_SHUTDOWN)) return 1; =20 @@ -4762,3 +4781,85 @@ int __init mptcp_proto_v6_init(void) return err; } #endif + +static bool mptcp_lock_is_held(struct sock *sk) +{ + return sock_owned_by_user_nocheck(sk) || + lockdep_is_held(&sk->sk_lock.slock); +} + +static void mptcp_read_done(struct sock *sk, size_t len) +{ + struct mptcp_sock *msk =3D mptcp_sk(sk); + struct sk_buff *skb; + size_t left; + u32 offset; + + msk_owned_by_me(msk); + + if (sk->sk_state =3D=3D TCP_LISTEN) + return; + + left =3D len; + while (left && (skb =3D mptcp_recv_skb(sk, &offset)) !=3D NULL) { + int used; + + used =3D min_t(size_t, skb->len - offset, left); + msk->bytes_consumed +=3D used; + MPTCP_SKB_CB(skb)->offset +=3D used; + MPTCP_SKB_CB(skb)->map_seq +=3D used; + left -=3D used; + + if (skb->len > offset + used) + break; + + mptcp_eat_recv_skb(sk, skb); + } + + mptcp_rcv_space_adjust(msk, len - left); + + /* Clean up data we have read: This will do ACK frames. */ + if (left !=3D len) + mptcp_cleanup_rbuf(msk, len - left); +} + +static u32 mptcp_get_skb_off(struct sk_buff *skb) +{ + return MPTCP_SKB_CB(skb)->offset; +} + +static u32 mptcp_get_skb_seq(struct sk_buff *skb) +{ + return MPTCP_SKB_CB(skb)->map_seq; +} + +static void mptcp_check_app_limited(struct sock *sk) +{ + struct mptcp_sock *msk =3D mptcp_sk(sk); + struct mptcp_subflow_context *subflow; + + mptcp_for_each_subflow(msk, subflow) { + struct sock *ssk =3D mptcp_subflow_tcp_sock(subflow); + bool slow; + + slow =3D lock_sock_fast(ssk); + tcp_sock_rate_check_app_limited(tcp_sk(ssk)); + unlock_sock_fast(ssk, slow); + } +} + +struct tls_prot_ops tls_mptcp_ops =3D { + .protocol =3D IPPROTO_MPTCP, + .inq =3D mptcp_inq, + .sendmsg_locked =3D mptcp_sendmsg_locked, + .recv_skb =3D mptcp_recv_skb, + .lock_is_held =3D mptcp_lock_is_held, + .read_sock =3D mptcp_read_sock, + .read_done =3D mptcp_read_done, + .get_skb_off =3D mptcp_get_skb_off, + .get_skb_seq =3D mptcp_get_skb_seq, + .poll =3D mptcp_poll, + .epollin_ready =3D mptcp_epollin_ready, + .check_app_limited =3D mptcp_check_app_limited, +}; +EXPORT_SYMBOL(tls_mptcp_ops); diff --git a/net/tls/tls_main.c b/net/tls/tls_main.c index 5f324887390d..8a9d8deb1f93 100644 --- a/net/tls/tls_main.c +++ b/net/tls/tls_main.c @@ -1349,6 +1349,9 @@ static int __init tls_register(void) tcp_register_ulp(&tcp_tls_ulp_ops); =20 tls_register_prot_ops(&tls_tcp_ops); +#ifdef CONFIG_MPTCP + tls_register_prot_ops(&tls_mptcp_ops); +#endif =20 return 0; err_strp: --=20 2.51.0 From nobody Sat Apr 11 11:23:27 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8DD56263F5E for ; Thu, 2 Apr 2026 07:48:08 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116088; cv=none; b=YjBU8Kg2UInexpLHAGtg0Fmm6zDLOvVft/1l9fqyyQIMm7+idkKKsIa7BBV2eBs6+dT2xGmrDWlZljH9vY59lEOM/GhvRbe5l2i1wb139LClfyPPWgJiGJKmaYdiTySBBaCyGaAxcOWYy30YaOsK/qJtnPI77a9njmiiFOgYqRM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116088; c=relaxed/simple; bh=6GzcsaFMq28d0FWn520aOq92c8IsBigTgiZ49vjCiME=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=NUNWAQzDAU7Ybv+U2e3Xxp+joDa3neekG8fl+ONfhbxkTn2LPsr7ts1S6Cnd1z1RNFcfNDb6yTdzbnwWUowDDkR4Ah+lMDeWIMRNkqHshkyjHfV15K3h7WjqppeQkfFZ3EgW3/FWtCRBRCZ4m5Ej8Cy5jwsIQeTLMltm1dCqkyQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=D/eDnXAq; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="D/eDnXAq" Received: by smtp.kernel.org (Postfix) with ESMTPSA id B4000C19423; Thu, 2 Apr 2026 07:48:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1775116088; bh=6GzcsaFMq28d0FWn520aOq92c8IsBigTgiZ49vjCiME=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=D/eDnXAqNeWgzGmkou72t8HKOdRmcufIToQ9t6zv4mBI3YK+GGOkO+n5fLilv0NB7 srmAzu8OMNI45qoYBuoNjqUXWyzQjDgDVBUCPq5DdgrJZ1V03yAY+RoXD1NNjCCgFv DYaX/oRR1yYP7db+/nARTW/T0jsoCM/ndxMXC0p4eFvnn4m8X+UGgqxYTTfP4P84rH UBWR4MXXX4l//GMGlX26qfgIJS7ZPn6Hpi68QcKw63aTsCc23jWfuar/h/6WcwqE3K qWEip5zGB0YJG888/3b8/oWm09Aw7lw2uGrU9PrqDUipbQW+2t3rvNgno7kC0SV9Vw rhIerPxz+cStQ== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v12 06/15] tls: disable device offload for mptcp sockets Date: Thu, 2 Apr 2026 15:47:41 +0800 Message-ID: X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang MPTCP TLS hardware offload is not yet implemented. Return -EOPNOTSUPP when attempting to enable device offload on MPTCP sockets. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- net/tls/tls_device.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c index 99c8eff9783e..6744c2494740 100644 --- a/net/tls/tls_device.c +++ b/net/tls/tls_device.c @@ -1074,6 +1074,9 @@ int tls_set_device_offload(struct sock *sk) ctx =3D tls_get_ctx(sk); prot =3D &ctx->prot_info; =20 + if (sk->sk_protocol =3D=3D IPPROTO_MPTCP) + return -EOPNOTSUPP; + if (ctx->priv_ctx_tx) return -EEXIST; =20 @@ -1196,6 +1199,9 @@ int tls_set_device_offload_rx(struct sock *sk, struct= tls_context *ctx) struct net_device *netdev; int rc =3D 0; =20 + if (sk->sk_protocol =3D=3D IPPROTO_MPTCP) + return -EOPNOTSUPP; + if (ctx->crypto_recv.info.version !=3D TLS_1_2_VERSION) return -EOPNOTSUPP; =20 --=20 2.51.0 From nobody Sat Apr 11 11:23:27 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 481B733F8C5 for ; Thu, 2 Apr 2026 07:48:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116090; cv=none; b=O1npwmZYImy6QDrYP01lqP85D/wgSlIAN7f1C2t4A2ZdRWs0uWp25j/K1N4GaDQt9QwmksaBsiKPhXZu3j7zGPnlt8c9Z4x5l5w4tMAehU9XXZLnufi47QMi9USmMowkDOXzCcWoCeGmUxO3ZQQW3G2G21a9raQRYcQDO33zZ/Y= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116090; c=relaxed/simple; bh=BDYMd/3BoKsa2+jGZVE+d4xGft9Yo7RJsCIgC4AOSz0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=G+nCM9nBlxDyTr9tNdch8ObyFIB/LTYIuCPoxbU2ZNxDWcYOgHJHmAk37/bB28FL6b+LO7QvC1oMO53K0OhGF5yQceWh3Bsrprg5KrWmS8MU0ZkICHWd7WMrFZWcpqucTLIsOgsL3kGsUfGMpVBXKidQB0tIQXbadDTuXVwSLvA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=MeSOLm0z; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="MeSOLm0z" Received: by smtp.kernel.org (Postfix) with ESMTPSA id A41F4C2BC9E; Thu, 2 Apr 2026 07:48:08 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1775116089; bh=BDYMd/3BoKsa2+jGZVE+d4xGft9Yo7RJsCIgC4AOSz0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=MeSOLm0zB0DKVMar+5gBV7qhP3m7MK71100wy60rVLZ9dz/LX4l1Rvs1ovwPkOxye Pf6o2MKs9mAKeNj6wlx+rVKFXvWr/FQ457X4o/yTRNZDWkaODji7yZ7AKtgyCVgJAs /zhXtGpyx6MtD/aQ/K+ysy0xvB5oSxTUxs3JGJ+3WYdygdian2XvpV+hd6+t/vDkuI 6cj713csmETvPP8Qax3k9+ugGoOL2QETwT3kVi7ZIowSV/Rhfy1f0fMEAyY6ovbms4 KkNPH76GDw/Af2chR5J2dkJLRuDyHDa1OFWRf4Ocg1SQlr4fXQ3icD9Sq4LAt8wFha QjzQm814+Bw0w== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v12 07/15] mptcp: update ulp getsockopt for tls support Date: Thu, 2 Apr 2026 15:47:42 +0800 Message-ID: <9ae5e092aec53f3057aa5dd98cd2705528d31bc4.1775115102.git.tanggeliang@kylinos.cn> X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang This patch extracts TCP_ULP getsockopt operation into a tcp_sock_get_ulp() helper so that it can also be used in MPTCP. TCP_ULP was obtained by calling mptcp_getsockopt_first_sf_only() to get ULP of the first subflow. Now that the mechanism has changed, a new helper mptcp_getsockopt_tcp_ulp() is added to get ULP of msk. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- include/linux/tcp.h | 1 + net/ipv4/tcp.c | 36 ++++++++++++++++++++++-------------- net/mptcp/sockopt.c | 12 ++++++++++++ 3 files changed, 35 insertions(+), 14 deletions(-) diff --git a/include/linux/tcp.h b/include/linux/tcp.h index 6982f10e826b..2bb1cbd3eeab 100644 --- a/include/linux/tcp.h +++ b/include/linux/tcp.h @@ -653,6 +653,7 @@ void tcp_sock_set_quickack(struct sock *sk, int val); int tcp_sock_set_syncnt(struct sock *sk, int val); int tcp_sock_set_user_timeout(struct sock *sk, int val); int tcp_sock_set_maxseg(struct sock *sk, int val); +int tcp_sock_get_ulp(struct sock *sk, sockptr_t optval, sockptr_t optlen); =20 static inline bool dst_tcp_usec_ts(const struct dst_entry *dst) { diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c index 4b8cf7ca2695..c3c6cd6ee95a 100644 --- a/net/ipv4/tcp.c +++ b/net/ipv4/tcp.c @@ -4473,6 +4473,27 @@ struct sk_buff *tcp_get_timestamping_opt_stats(const= struct sock *sk, return stats; } =20 +int tcp_sock_get_ulp(struct sock *sk, sockptr_t optval, sockptr_t optlen) +{ + struct inet_connection_sock *icsk =3D inet_csk(sk); + int len; + + if (copy_from_sockptr(&len, optlen, sizeof(int))) + return -EFAULT; + len =3D min_t(unsigned int, len, TCP_ULP_NAME_MAX); + if (!icsk->icsk_ulp_ops) { + len =3D 0; + if (copy_to_sockptr(optlen, &len, sizeof(int))) + return -EFAULT; + return 0; + } + if (copy_to_sockptr(optlen, &len, sizeof(int))) + return -EFAULT; + if (copy_to_sockptr(optval, icsk->icsk_ulp_ops->name, len)) + return -EFAULT; + return 0; +} + int do_tcp_getsockopt(struct sock *sk, int level, int optname, sockptr_t optval, sockptr_t optlen) { @@ -4582,20 +4603,7 @@ int do_tcp_getsockopt(struct sock *sk, int level, return 0; =20 case TCP_ULP: - if (copy_from_sockptr(&len, optlen, sizeof(int))) - return -EFAULT; - len =3D min_t(unsigned int, len, TCP_ULP_NAME_MAX); - if (!icsk->icsk_ulp_ops) { - len =3D 0; - if (copy_to_sockptr(optlen, &len, sizeof(int))) - return -EFAULT; - return 0; - } - if (copy_to_sockptr(optlen, &len, sizeof(int))) - return -EFAULT; - if (copy_to_sockptr(optval, icsk->icsk_ulp_ops->name, len)) - return -EFAULT; - return 0; + return tcp_sock_get_ulp(sk, optval, optlen); =20 case TCP_FASTOPEN_KEY: { u64 key[TCP_FASTOPEN_KEY_BUF_LENGTH / sizeof(u64)]; diff --git a/net/mptcp/sockopt.c b/net/mptcp/sockopt.c index de90a2897d2d..a6230f7910fd 100644 --- a/net/mptcp/sockopt.c +++ b/net/mptcp/sockopt.c @@ -1393,6 +1393,17 @@ static int mptcp_put_int_option(struct mptcp_sock *m= sk, char __user *optval, return 0; } =20 +static int mptcp_getsockopt_tcp_ulp(struct sock *sk, char __user *optval, + int __user *optlen) +{ + int ret; + + lock_sock(sk); + ret =3D tcp_sock_get_ulp(sk, USER_SOCKPTR(optval), USER_SOCKPTR(optlen)); + release_sock(sk); + return ret; +} + static int mptcp_getsockopt_sol_tcp(struct mptcp_sock *msk, int optname, char __user *optval, int __user *optlen) { @@ -1400,6 +1411,7 @@ static int mptcp_getsockopt_sol_tcp(struct mptcp_sock= *msk, int optname, =20 switch (optname) { case TCP_ULP: + return mptcp_getsockopt_tcp_ulp(sk, optval, optlen); case TCP_CONGESTION: case TCP_INFO: case TCP_CC_INFO: --=20 2.51.0 From nobody Sat Apr 11 11:23:27 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 51F902765C4 for ; Thu, 2 Apr 2026 07:48:12 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116092; cv=none; b=S4PPuZmkZYXSJjLg0tWMlGiHBcWsxr2BLY4sx7IPq7irveObch5dkMbVYJTXcImS02Ta8y4C+3droSfLBZeld0jD47fTgrbEtzb+ZjlrPizErHXbRix65Msbpsq9Q7r2TIQPtN6L9ZDZLtJnllO0l0oD0ZvUlNqJWYEpwAhCOxE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116092; c=relaxed/simple; bh=XgMMfHt6zqsaFn8z4UVMoVPRpuphbxyTHuEoHw7laAI=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=B8o2YJf5qmWp8YubgnKmVPsAveSu8vEQuD3l+9NG0BL5Eb5ieAhwBXsj0PvAg0+aqRGhZlRTEVsAuw1+TiquIsho64hVnLWLAv8N2ZUVRWfx5MaR63x5i+WCu63dwpDWBmFiYS7r4ZzsT9SoaIAPvYfvFk5e1lhvN5t5S72VDYs= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=q2zJTmaQ; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="q2zJTmaQ" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 81B5EC19423; Thu, 2 Apr 2026 07:48:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1775116092; bh=XgMMfHt6zqsaFn8z4UVMoVPRpuphbxyTHuEoHw7laAI=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=q2zJTmaQXn5F6egSLkW8bOP+6OdecBY2toqvZiRKKY70Xu86eL07bWBcI/MAExdxc Ne2FmemIyjVzK7yKI4psksCp4h7EILUQfxU+H/rHQ0Uo9SoqOKBoWTJujkBNMhXs+s YFNTnYuB41Wgk9dpjkcG/+brXGcNq2Zwa4bqWCXKhEcZelptD2NdmjDZKk8sg7mKqC aLdT0tI1u8RoakKtAD4Z8gxZVGdf+GVnsjzbiRXhcH2FT61fTyQnzUByMm1M1l22mN qHsNaENpKT8jfzoNbDnHfScWQ1d7j6Cy8bb+d80mwe94wTUr//WT0ZMNRePqMVYJNU jrioBt3MABYiQ== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v12 08/15] mptcp: enable ulp setsockopt for tls support Date: Thu, 2 Apr 2026 15:47:43 +0800 Message-ID: <41c41365b71034a28f50ca2f9f8f30a86549963d.1775115102.git.tanggeliang@kylinos.cn> X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang This patch extracts TCP_ULP setsockopt operation into a tcp_sock_set_ulp() helper so that it can also be used in MPTCP. Add MPTCP ULP setsockopt support in mptcp_setsockopt_sol_tcp(). This option cannot be set when the socket is in CLOSE or LISTEN state. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- include/linux/tcp.h | 1 + net/ipv4/tcp.c | 42 ++++++++++++++++++++++++------------------ net/mptcp/sockopt.c | 27 ++++++++++++++++++++++++++- 3 files changed, 51 insertions(+), 19 deletions(-) diff --git a/include/linux/tcp.h b/include/linux/tcp.h index 2bb1cbd3eeab..00538b1aa2f0 100644 --- a/include/linux/tcp.h +++ b/include/linux/tcp.h @@ -654,6 +654,7 @@ int tcp_sock_set_syncnt(struct sock *sk, int val); int tcp_sock_set_user_timeout(struct sock *sk, int val); int tcp_sock_set_maxseg(struct sock *sk, int val); int tcp_sock_get_ulp(struct sock *sk, sockptr_t optval, sockptr_t optlen); +int tcp_sock_set_ulp(struct sock *sk, sockptr_t optval, unsigned int optle= n); =20 static inline bool dst_tcp_usec_ts(const struct dst_entry *dst) { diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c index c3c6cd6ee95a..94802d03c74b 100644 --- a/net/ipv4/tcp.c +++ b/net/ipv4/tcp.c @@ -3837,6 +3837,28 @@ int tcp_sock_set_maxseg(struct sock *sk, int val) return 0; } =20 +int tcp_sock_set_ulp(struct sock *sk, sockptr_t optval, unsigned int optle= n) +{ + char name[TCP_ULP_NAME_MAX]; + int err =3D 0; + size_t len; + int val; + + if (optlen < 1) + return -EINVAL; + + len =3D min_t(long, TCP_ULP_NAME_MAX - 1, optlen); + val =3D strncpy_from_sockptr(name, optval, len); + if (val < 0) + return -EFAULT; + name[val] =3D 0; + + sockopt_lock_sock(sk); + err =3D tcp_set_ulp(sk, name); + sockopt_release_sock(sk); + return err; +} + /* * Socket option code for TCP. */ @@ -3870,24 +3892,8 @@ int do_tcp_setsockopt(struct sock *sk, int level, in= t optname, sockopt_release_sock(sk); return err; } - case TCP_ULP: { - char name[TCP_ULP_NAME_MAX]; - - if (optlen < 1) - return -EINVAL; - - val =3D strncpy_from_sockptr(name, optval, - min_t(long, TCP_ULP_NAME_MAX - 1, - optlen)); - if (val < 0) - return -EFAULT; - name[val] =3D 0; - - sockopt_lock_sock(sk); - err =3D tcp_set_ulp(sk, name); - sockopt_release_sock(sk); - return err; - } + case TCP_ULP: + return tcp_sock_set_ulp(sk, optval, optlen); case TCP_FASTOPEN_KEY: { __u8 key[TCP_FASTOPEN_KEY_BUF_LENGTH]; __u8 *backup_key =3D NULL; diff --git a/net/mptcp/sockopt.c b/net/mptcp/sockopt.c index a6230f7910fd..d04eb98aaa32 100644 --- a/net/mptcp/sockopt.c +++ b/net/mptcp/sockopt.c @@ -12,6 +12,7 @@ #include #include #include +#include #include "protocol.h" =20 #define MIN_INFO_OPTLEN_SIZE 16 @@ -567,6 +568,7 @@ static bool mptcp_supported_sockopt(int level, int optn= ame) case TCP_FASTOPEN_CONNECT: case TCP_FASTOPEN_KEY: case TCP_FASTOPEN_NO_COOKIE: + case TCP_ULP: return true; } =20 @@ -815,6 +817,29 @@ static int mptcp_setsockopt_all_sf(struct mptcp_sock *= msk, int level, return ret; } =20 +static int mptcp_setsockopt_tcp_ulp(struct sock *sk, sockptr_t optval, + unsigned int optlen) +{ + char name[TCP_ULP_NAME_MAX]; + size_t len; + int val; + + if (optlen < 1) + return -EINVAL; + + len =3D min_t(long, TCP_ULP_NAME_MAX - 1, optlen); + val =3D strncpy_from_sockptr(name, optval, len); + if (val < 0) + return -EFAULT; + name[val] =3D 0; + + if (strcmp(name, "tls\0")) + return -EOPNOTSUPP; + if ((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN)) + return -ENOTCONN; + return tcp_sock_set_ulp(sk, optval, optlen); +} + static int mptcp_setsockopt_sol_tcp(struct mptcp_sock *msk, int optname, sockptr_t optval, unsigned int optlen) { @@ -823,7 +848,7 @@ static int mptcp_setsockopt_sol_tcp(struct mptcp_sock *= msk, int optname, =20 switch (optname) { case TCP_ULP: - return -EOPNOTSUPP; + return mptcp_setsockopt_tcp_ulp(sk, optval, optlen); case TCP_CONGESTION: return mptcp_setsockopt_sol_tcp_congestion(msk, optval, optlen); case TCP_DEFER_ACCEPT: --=20 2.51.0 From nobody Sat Apr 11 11:23:27 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 608BB30BF4E for ; Thu, 2 Apr 2026 07:48:14 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116094; cv=none; b=K6R8ZVRfmdMzUq/IMOzl0G4+pjEAOxabuAY6D6rUoK9bkkrfwtqdBWmOHndL+9W2VFRYmAF++FMIt1J/ePUwsj/g4ZAnXx3W+XGvpw/LAq/0or+hta7oIOmC2nr8MEGip67LdEGPtHtJnuxizuOCJ3JXdwRYAYB4WB7tMMsmJJE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116094; c=relaxed/simple; bh=R5QTa+UMnwEotML4wVygilpV5Ox1rdyBp9tddMx9YDs=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=lkkii/WG+gX0jXVp1xs08hq5JX5qDyFgtMvEqqxmYkCZnM/SWFwkm2Uh6JV9wOWuof9NROQfy1WxXlaIe2CLxNdX8vcWfUj2tefclwV0ptrMGl1wH/MFqxqtMlfBVjeP0DRZzXIYAMmZ5hAuTTGH10mMH5Bok9BWf1sVHfxRJ8A= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=PBIX2+Pc; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="PBIX2+Pc" Received: by smtp.kernel.org (Postfix) with ESMTPSA id A56A3C2BC9E; Thu, 2 Apr 2026 07:48:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1775116094; bh=R5QTa+UMnwEotML4wVygilpV5Ox1rdyBp9tddMx9YDs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=PBIX2+PcWWGAWH66vtXQCOrCXgBboHmbv2MERw0fMvE6jY2Rv5lcJ8wcKeru1nkla 5SksnnTi/cymvEL1h5yKXX8LheaX4jS5X8i1QXcuCCKEz1j7L48BezUOi4lHNlbPyd B7/giTEMHSgYKRNcRpVMM3uYF14UuYIlHaqc2BFkyBAQNz3guzlapzfe3C9GCMzkkK ZBjwW31xGtOg9qjKfL6CPqwbHDUUY/iWhKn9MBofY1HUQwydcYw4BYsEIQZj4/gRCb 8FxezSEMpDzo4/T/gglt7xvc81ftXGjK6UBohW/946v9IQ12lSLD7Lx+7GAAJi5fwE 5T/oSqXUooRcw== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v12 09/15] selftests: mptcp: connect: use espintcp for ulp test Date: Thu, 2 Apr 2026 15:47:44 +0800 Message-ID: <650a889fff06714d81f2b816e60c20dc4c5594b4.1775115102.git.tanggeliang@kylinos.cn> X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang With KTLS being implemented, "tls" should no longer be used in sock_test_tcpulp(), it breaks mptcp_connect.sh tests. Another ULP name, "espintcp", is set instead in this patch. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- tools/testing/selftests/net/mptcp/mptcp_connect.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/testing/selftests/net/mptcp/mptcp_connect.c b/tools/test= ing/selftests/net/mptcp/mptcp_connect.c index cbe573c4ab3a..0d4a944c4269 100644 --- a/tools/testing/selftests/net/mptcp/mptcp_connect.c +++ b/tools/testing/selftests/net/mptcp/mptcp_connect.c @@ -289,7 +289,7 @@ static void sock_test_tcpulp(int sock, int proto, unsig= ned int line) if (ret =3D=3D 0) X("setsockopt"); } else if (proto =3D=3D IPPROTO_MPTCP) { - ret =3D do_ulp_so(sock, "tls"); + ret =3D do_ulp_so(sock, "espintcp"); if (ret !=3D -1) X("setsockopt"); } --=20 2.51.0 From nobody Sat Apr 11 11:23:27 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E3DA7363099 for ; Thu, 2 Apr 2026 07:48:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116096; cv=none; b=cFpa28owyFOSzzBl5AOtHzLRN+q/zMDRo3CSum1q+d6EAKMhArbl8O1xkVB8ZhuggcqIyHJHURKD6wc6kpRbGOVpiDDpxqq0nnGBPbfQzFkEL7+puQt7Cs+oq9b7tj6RE3ohCUV8jo+btdKe3UUccH5bsBUocmNFlUhAaOaCBeg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116096; c=relaxed/simple; bh=qrU3sKYEkBSERqVF7f2biwcg9r5WGKDa4/InwomZMkw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=nIKS/QURx4bMVUouxVHWLSk7GmUmsMuehn6Spk9fjCFRcvKpr1p9QDZryz3JSDCuxDLiTo7Swa6LLhr0keSvPD9H28emywiKAeXKJ/ZDUKBZYnVrdOkHnrSS07DNIOwTKySZVlwPVRj4G137KFl7AfCFKgo5Ypx/iEQ6Aa1OQHU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=nl/wg4nI; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="nl/wg4nI" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 80115C2BC9E; Thu, 2 Apr 2026 07:48:14 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1775116095; bh=qrU3sKYEkBSERqVF7f2biwcg9r5WGKDa4/InwomZMkw=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=nl/wg4nICvegZf7Krc93a3ypEWwmd2mNTlwaulING3n50O8tJcbf+Ktmxs9mKU+CI fXR96AMlwEgkrUZJqUMW9COfkkIhhT1f3J4c7x7b3ujUdwy9S9V3Wy/QDT9gZsQWxX HCmyLX9YBtd+PCeZ2OziypBQwK0DaaMpl2m2HwLY4pLVDuuvAg1Gtm1njpWfKn7hbE fM1cTm1Cs2ljmgRpZMjO8V3AVmjuO9BwS9vQCZ2mXmNLAtljmowzYOmCt9EPRVz/pv P4DcBjg+T8CJKQfg0UYHzEkCUzIGelr3TVSJCD4UL8Fn7quhe0ln3ru6C54fHF+M+I EM1+CZzhTkAbg== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v12 10/15] selftests: tls: add mptcp variant for testing Date: Thu, 2 Apr 2026 15:47:45 +0800 Message-ID: <47bfa28d9204732ece9954a3a9ab11f2bffa4ce1.1775115102.git.tanggeliang@kylinos.cn> X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang To enable easy MPTCP socket creation in MPTCP TLS tests, two protocol parameters (cli_proto and srv_proto) have been added to ulp_sock_pair(). These are passed as third arguments of socket(): 0 creates TCP sockets, IPPROTO_MPTCP creates MPTCP sockets. A new variant "mptcp" is added both in FIXTURE_VARIANT(tls) to control whether to create MPTCP sockets or not for tests. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- tools/testing/selftests/net/tls.c | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/tools/testing/selftests/net/tls.c b/tools/testing/selftests/ne= t/tls.c index 9e2ccea13d70..903e80c4267f 100644 --- a/tools/testing/selftests/net/tls.c +++ b/tools/testing/selftests/net/tls.c @@ -26,6 +26,10 @@ #define TLS_PAYLOAD_MAX_LEN 16384 #define SOL_TLS 282 =20 +#ifndef IPPROTO_MPTCP +#define IPPROTO_MPTCP 262 +#endif + static int fips_enabled; =20 struct tls_crypto_info_keys { @@ -108,8 +112,9 @@ static void memrnd(void *s, size_t n) *byte++ =3D rand(); } =20 -static void ulp_sock_pair(struct __test_metadata *_metadata, - int *fd, int *cfd, bool *notls) +static void __ulp_sock_pair(struct __test_metadata *_metadata, + int *fd, int *cfd, bool *notls, + int cli_proto, int srv_proto) { struct sockaddr_in addr; socklen_t len; @@ -122,8 +127,8 @@ static void ulp_sock_pair(struct __test_metadata *_meta= data, addr.sin_addr.s_addr =3D htonl(INADDR_ANY); addr.sin_port =3D 0; =20 - *fd =3D socket(AF_INET, SOCK_STREAM, 0); - sfd =3D socket(AF_INET, SOCK_STREAM, 0); + *fd =3D socket(AF_INET, SOCK_STREAM, cli_proto); + sfd =3D socket(AF_INET, SOCK_STREAM, srv_proto); =20 ret =3D bind(sfd, &addr, sizeof(addr)); ASSERT_EQ(ret, 0); @@ -153,6 +158,12 @@ static void ulp_sock_pair(struct __test_metadata *_met= adata, ASSERT_EQ(ret, 0); } =20 +static void ulp_sock_pair(struct __test_metadata *_metadata, + int *fd, int *cfd, bool *notls) +{ + return __ulp_sock_pair(_metadata, fd, cfd, notls, 0, 0); +} + /* Produce a basic cmsg */ static int tls_send_cmsg(int fd, unsigned char record_type, void *data, size_t len, int flags) @@ -310,6 +321,7 @@ FIXTURE_VARIANT(tls) uint16_t tls_version; uint16_t cipher_type; bool nopad, fips_non_compliant; + bool mptcp; }; =20 FIXTURE_VARIANT_ADD(tls, 12_aes_gcm) @@ -407,7 +419,9 @@ FIXTURE_SETUP(tls) tls_crypto_info_init(variant->tls_version, variant->cipher_type, &tls12, 0); =20 - ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls); + __ulp_sock_pair(_metadata, &self->fd, &self->cfd, &self->notls, + variant->mptcp ? IPPROTO_MPTCP : 0, + variant->mptcp ? IPPROTO_MPTCP : 0); =20 if (self->notls) return; --=20 2.51.0 From nobody Sat Apr 11 11:23:27 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EE8642765C4 for ; Thu, 2 Apr 2026 07:48:17 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116098; cv=none; b=Ctb746DBW/Xg7H0YWmVTW9FQN+K5x0sVzzCsVkT5yR12iHF5vHwex0dpJIhUjpuZwuV43k19kfsNJGG8Hqqaoq7Nfcg4+yhiRR0c+GkQy3YJbL3gXqd1DOw1I0fr9B3kyeMDnLWtAGmTzRh9NkaECzsRM8mHrFvFhIwamECPvzI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116098; c=relaxed/simple; bh=hpMcMQ4pZ/fJu+msC3l2kv7L8UrDzJcO72LJcBD3ah8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=uVKkQqsbhgnTnl4Vf3nUWmmaY4Ga7kSNF9OPsDUoDy9NDRbrn5SjNhMM5CArNel5mtuLARMXDS6/4xat+sXdIfb5zEJ5w+5KEwu+IuFihqZs9UK8BiUfSxiwIKsleqf205Q9mASstW9RNWe6+SGBFuqvG0zS0i4rgS6/ftk7m8Y= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=JG1T/DMS; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="JG1T/DMS" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 726E2C19423; Thu, 2 Apr 2026 07:48:16 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1775116097; bh=hpMcMQ4pZ/fJu+msC3l2kv7L8UrDzJcO72LJcBD3ah8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=JG1T/DMS/35HKRIXBzrqsOZGpUag3T3d0p7Qo0Fb2YDFJ021iCnk5eMq9UYd7YHOB S6wS5MCinW2WxTVvbAFnStasbOO+4Sb1gdCX4q9XNkyq7BfyEbDwwBtSX6ycWGFvK/ O6hPLZ+rcMY2x1XvuITWe1MVQu/BIZmo2aAxnKdk3xYnODk3ywroKnrN2oZXdc7Xl/ uiPCNscPcrADJW50W+W36E/T5UlsNzZP2XU91Qko+mGsoUY5KYNP+ox6J2OtLDQH4g EcT7Ng89Hgd7EjemkB1+/mrmTkclaRsGP/VblvmXX3J5QV0PFmhTlhR4kFOC5tM6VL F7W3tP+C5jnMA== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v12 11/15] selftests: tls: increase pollin timeouts for mptcp Date: Thu, 2 Apr 2026 15:47:46 +0800 Message-ID: X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang MPTCP requires longer timeouts in pollin test due to subflow establishment delays and slower state transitions. Increase timeout values to prevent false failures: # RUN tls.13_sm4_ccm_mptcp.pollin ... # tls.c:1411:pollin:Expected poll(&fd, 1, 20) (0) =3D=3D 1 (1) # tls.c:1412:pollin:Expected fd.revents & POLLIN (0) =3D=3D 1 (1) # pollin: Test failed # FAIL tls.13_sm4_ccm_mptcp.pollin not ok 357 tls.13_sm4_ccm_mptcp.pollin Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- tools/testing/selftests/net/tls.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/tools/testing/selftests/net/tls.c b/tools/testing/selftests/ne= t/tls.c index 903e80c4267f..64e999c6e14d 100644 --- a/tools/testing/selftests/net/tls.c +++ b/tools/testing/selftests/net/tls.c @@ -1299,6 +1299,7 @@ TEST_F(tls, bidir) =20 TEST_F(tls, pollin) { + int timeout =3D variant->mptcp ? 100 : 20; char const *test_str =3D "test_poll"; struct pollfd fd =3D { 0, 0, 0 }; char buf[10]; @@ -1308,11 +1309,11 @@ TEST_F(tls, pollin) fd.fd =3D self->cfd; fd.events =3D POLLIN; =20 - EXPECT_EQ(poll(&fd, 1, 20), 1); + EXPECT_EQ(poll(&fd, 1, timeout), 1); EXPECT_EQ(fd.revents & POLLIN, 1); EXPECT_EQ(recv(self->cfd, buf, send_len, MSG_WAITALL), send_len); /* Test timing out */ - EXPECT_EQ(poll(&fd, 1, 20), 0); + EXPECT_EQ(poll(&fd, 1, timeout), 0); } =20 TEST_F(tls, poll_wait) --=20 2.51.0 From nobody Sat Apr 11 11:23:27 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1A2F8263F5E for ; Thu, 2 Apr 2026 07:48:19 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116100; cv=none; b=asCuu/DhSmUCsssvySSAwbNz7MSSi8N3sLNk7747gfkpgUqJXCm3AX1h21PJiEhjuPljRXnPtj2p+cZKK0fJ0NBluTHIkhwRYqBFxfjQ4uOmcY+5meV6DyFspcm9W9cYPlonr8/u7FltmpD91PDKhK19r5buo5T4b+5izbWGx5g= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116100; c=relaxed/simple; bh=EvfTd40wLYuAuTYtIwMKsXtjNvkZfSXFg941Fz/UDf8=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=PnUYgDCuUrR/YFN94KNwR+bF7CH7GA9CKB8cS6j3toWAOG2uPWgammWcnA3p//Nj9XpL/4fM0rZY1wb9dxv5bUp/Mo0PE+RFwTOAEX4yT2sQxUGX96fMJRtAM2lx56AtCoubJx5UZK1QXrZW5eR8eY2NQg0XL0wgMaAlsOM6Zx8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=i+GLVb68; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="i+GLVb68" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7DB33C19423; Thu, 2 Apr 2026 07:48:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1775116099; bh=EvfTd40wLYuAuTYtIwMKsXtjNvkZfSXFg941Fz/UDf8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=i+GLVb68mYPU5EOB5FpTTOh8rEezBo7z0FYzWSwjEElnR0aJYHHloU3W2xj4Ls3df fw4pfOsCtGgVsD4/Pjm9uT9b3mALQT2ubdb2jfCJbAyuGN6X7vTAXDSw1GcbBaE44k WP40cOEkJBMMjlAartuZ8SQg+QZ05D9LpZUQ+w8cPIn1zfAFva8nGYZIaBRR3vEqcy L8WRQKCmaeOJK2P51S5MSn0fIWrofRAEO/K2bLHNW6wEIouV448pwR5smm97oiqKUR gdpwYbQdq8jFy/imnW+HN6S2k3aZmAjHVN5VCanGhfeq81+t8UowAO0Js3Y3v0SKGZ OLsV054hQnwcQ== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v12 12/15] selftests: tls: increase nonblocking data size for mptcp Date: Thu, 2 Apr 2026 15:47:47 +0800 Message-ID: <46ad3cae861014200cefd0826138416c10a433fd.1775115102.git.tanggeliang@kylinos.cn> X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang Increase the data size in nonblocking tests to accommodate MPTCP's multi-subflow behavior and ensure sufficient data for testing, avoiding the following errors: # RUN tls.12_aria_gcm_mptcp.nonblocking ... # tls.c:1534:nonblocking:Expected 0 (0) !=3D eagain (0) # nonblocking: Test failed Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- tools/testing/selftests/net/tls.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tools/testing/selftests/net/tls.c b/tools/testing/selftests/ne= t/tls.c index 64e999c6e14d..c3227b718160 100644 --- a/tools/testing/selftests/net/tls.c +++ b/tools/testing/selftests/net/tls.c @@ -1405,6 +1405,9 @@ TEST_F(tls, nonblocking) int flags; int res; =20 + if (variant->mptcp) + data *=3D 4; + flags =3D fcntl(self->fd, F_GETFL, 0); fcntl(self->fd, F_SETFL, flags | O_NONBLOCK); fcntl(self->cfd, F_SETFL, flags | O_NONBLOCK); --=20 2.51.0 From nobody Sat Apr 11 11:23:27 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 0FAF6312803 for ; Thu, 2 Apr 2026 07:48:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116102; cv=none; b=hCAEe1oFL7D3CNk4ha4wxZGyNMp6yumQietQ7uj9CaOQ/SjC0FcVAndCi/+wO7TI94k5DZjzRbMCxEJodYQTTpiOf8PLgjgLf+Fs++vf9WkU5zHdfgmgWU9gWVm9bq6NG28KrotpW0tUzOzTILc1meZGll7cTUyOeb7eOMEOJx8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116102; c=relaxed/simple; bh=xoJ3bBSG1SCcawQx4SYTYaiMdeRLt6DS489jattyxn0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=d0dmh220Y0l2mNIbYKe+SZDUMZkUaYHpZu+KOG0Ij9OSkbz2FPbaHLFmy0c0UoTacZLF8mmI2kvvBT1WaiyP/b4tCfYd8YDPY+hgj8WRCbVCPUSBboxutOOD0As+zmN0vIUEBvKiC+RXDhxtqx88m5cNjc0TY1LcQ/HEvfmdNZg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=BXYGTiMM; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="BXYGTiMM" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 53DE4C19423; Thu, 2 Apr 2026 07:48:20 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1775116101; bh=xoJ3bBSG1SCcawQx4SYTYaiMdeRLt6DS489jattyxn0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=BXYGTiMM0LukphugAfvMblAnC9VKYOK0+6KkhfTe9bo1L4vlkOxr/FWCCcxobX5r8 9c+Cx5UGyz+thy7qnBDF45sgXMeBtGpHj4xiuDrfhQshMjHl5jlzd6TBJsIH4GEiJ8 AOY+Nkr6bgM8sdmws8V4XUxrvY9Oj0V62ufxmPdsl6aPgzZraVgOd6JcPhPztiDgRH DTRCXpHjLYEvU+K+FasxFIofjbAXY4vsjvec6JKcRZFxW+2Ud6T4h1i+JYm4yGew09 y227t8SbfgPEesVDOFUKxLaxr/HB+OnzJq3SJG4+UGaVAbBAHLDqOtTxUS+08BxNHW Liyx8Kw4dESgw== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v12 13/15] selftests: tls: wait close in shutdown_reuse for mptcp Date: Thu, 2 Apr 2026 15:47:48 +0800 Message-ID: <2990c1cf84bd8789ec8f9bc83db71e76cf4d7b7b.1775115102.git.tanggeliang@kylinos.cn> X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang In shutdown_reuse tests, add a delay after shutdown to wait for MPTCP sockets to reach TCP_CLOSE state before reuse via bind(), avoiding the following errors: # RUN tls.12_aes_gcm_mptcp.shutdown_reuse ... # tls.c:1790:shutdown_reuse:Expected ret (-1) =3D=3D 0 (0) # shutdown_reuse: Test failed # FAIL tls.12_aes_gcm_mptcp.shutdown_reuse not ok 14 tls.12_aes_gcm_mptcp.shutdown_reuse # RUN tls.13_aes_gcm_mptcp.shutdown_reuse ... # tls.c:1790:shutdown_reuse:Expected ret (-1) =3D=3D 0 (0) # shutdown_reuse: Test failed # FAIL tls.13_aes_gcm_mptcp.shutdown_reuse not ok 15 tls.13_aes_gcm_mptcp.shutdown_reuse # RUN tls.12_chacha_mptcp.shutdown_reuse ... # OK tls.12_chacha_mptcp.shutdown_reuse ok 16 tls.12_chacha_mptcp.shutdown_reuse # RUN tls.13_chacha_mptcp.shutdown_reuse ... # OK tls.13_chacha_mptcp.shutdown_reuse ok 17 tls.13_chacha_mptcp.shutdown_reuse # RUN tls.13_sm4_gcm_mptcp.shutdown_reuse ... # tls.c:1790:shutdown_reuse:Expected ret (-1) =3D=3D 0 (0) # shutdown_reuse: Test failed # FAIL tls.13_sm4_gcm_mptcp.shutdown_reuse not ok 18 tls.13_sm4_gcm_mptcp.shutdown_reuse Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- tools/testing/selftests/net/tls.c | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/tools/testing/selftests/net/tls.c b/tools/testing/selftests/ne= t/tls.c index c3227b718160..f12744b178d5 100644 --- a/tools/testing/selftests/net/tls.c +++ b/tools/testing/selftests/net/tls.c @@ -30,6 +30,10 @@ #define IPPROTO_MPTCP 262 #endif =20 +#ifndef TCP_CLOSE +#define TCP_CLOSE 7 +#endif + static int fips_enabled; =20 struct tls_crypto_info_keys { @@ -1678,6 +1682,25 @@ TEST_F(tls, shutdown_unsent) shutdown(self->cfd, SHUT_RDWR); } =20 +static bool wait_for_tcp_close(struct __test_metadata *_metadata, + int fd, int max) +{ + struct tcp_info info; + socklen_t len; + int i, ret; + + len =3D sizeof(info); + for (i =3D 0; i < max; i++) { + ret =3D getsockopt(fd, IPPROTO_TCP, TCP_INFO, &info, &len); + EXPECT_EQ(ret, 0); + if (info.tcpi_state =3D=3D TCP_CLOSE) + return true; + usleep(1000); + } + + return false; +} + TEST_F(tls, shutdown_reuse) { struct sockaddr_in addr; @@ -1687,6 +1710,9 @@ TEST_F(tls, shutdown_reuse) shutdown(self->cfd, SHUT_RDWR); close(self->cfd); =20 + if (variant->mptcp) + EXPECT_TRUE(wait_for_tcp_close(_metadata, self->fd, 1000)); + addr.sin_family =3D AF_INET; addr.sin_addr.s_addr =3D htonl(INADDR_ANY); addr.sin_port =3D 0; --=20 2.51.0 From nobody Sat Apr 11 11:23:27 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2469130BF4E for ; Thu, 2 Apr 2026 07:48:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116104; cv=none; b=ij5S1mFZ1p8XHks9Dpj0PzDsGJFH0qXEym1oK9FhDnLVYN/FD1jOu1be4PQOP+JNsek6vFAnGoktlar1X1WO6ouhrAlZTA+FEU2+uUcQBv7QhwOaQACONykkgGC5dQb7J68zLVJfS84Lm9SFLQ5LaLEHkC7lGz5GV/qD+QYNSjA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116104; c=relaxed/simple; bh=p0qYBqpbw66PP8VLwieqAe4CkoR2mwTO5NNKpq93sNM=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=ZHiulF9XtRTzr7K/x9fOif7FIN50nIpZTwb7Llj/lLnmXjAV71q8HsvSQI5/EUECREltnKko8X/njpYyZEP3TZ0Suf03Xqab1+yhatyijfG1zPSrKbLaq6j1rBiBIF3cmuEueSFyP0fTKtAPmOL9pjXfFCh3Spq47OllyteT+i4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=KbdfLbjH; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="KbdfLbjH" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 473C6C19423; Thu, 2 Apr 2026 07:48:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1775116103; bh=p0qYBqpbw66PP8VLwieqAe4CkoR2mwTO5NNKpq93sNM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=KbdfLbjHTKB+dxiuceZafocSnwL3TRlaww/V0GQcagHYBFEohZYeVTlbZWRYx0Pme nrGXHiL9No2B+mxcBZtPQK27cNJkdbPhtCcNvyNwMeUct1pPEfkDNDVABOi8fscCeY T6EU6kBJJNoF0cmH4Zrr+PJ2IW0H5r7bs/C5e2yoX9wQr/7rccLWG9zlt2jpoYsgT7 FmpHf5cqSOoAGg9AHQgJnnAGpVww7UVUC83+cUOzUXhCtzpfX70VzVnF90j5uaDr/W kbUX/9nDndEh8iRkylyLIl761vRyC4r3edHXUDeRsP849tnpuFh9QwC2cNT/TLXJlN K2B8La0YZyWpg== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v12 14/15] selftests: tls: add mptcp test cases Date: Thu, 2 Apr 2026 15:47:49 +0800 Message-ID: X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang This patch introduces MPTCP test cases for the TLS fixture. These "mptcp" variants are configured to create MPTCP sockets specifically for MPTCP TLS testing purposes. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- tools/testing/selftests/net/tls.c | 96 +++++++++++++++++++++++++++++++ 1 file changed, 96 insertions(+) diff --git a/tools/testing/selftests/net/tls.c b/tools/testing/selftests/ne= t/tls.c index f12744b178d5..b4ea696fefb0 100644 --- a/tools/testing/selftests/net/tls.c +++ b/tools/testing/selftests/net/tls.c @@ -411,6 +411,102 @@ FIXTURE_VARIANT_ADD(tls, 12_aria_gcm_256) .cipher_type =3D TLS_CIPHER_ARIA_GCM_256, }; =20 +FIXTURE_VARIANT_ADD(tls, 12_aes_gcm_mptcp) +{ + .tls_version =3D TLS_1_2_VERSION, + .cipher_type =3D TLS_CIPHER_AES_GCM_128, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 13_aes_gcm_mptcp) +{ + .tls_version =3D TLS_1_3_VERSION, + .cipher_type =3D TLS_CIPHER_AES_GCM_128, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 12_chacha_mptcp) +{ + .tls_version =3D TLS_1_2_VERSION, + .cipher_type =3D TLS_CIPHER_CHACHA20_POLY1305, + .fips_non_compliant =3D true, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 13_chacha_mptcp) +{ + .tls_version =3D TLS_1_3_VERSION, + .cipher_type =3D TLS_CIPHER_CHACHA20_POLY1305, + .fips_non_compliant =3D true, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 13_sm4_gcm_mptcp) +{ + .tls_version =3D TLS_1_3_VERSION, + .cipher_type =3D TLS_CIPHER_SM4_GCM, + .fips_non_compliant =3D true, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 13_sm4_ccm_mptcp) +{ + .tls_version =3D TLS_1_3_VERSION, + .cipher_type =3D TLS_CIPHER_SM4_CCM, + .fips_non_compliant =3D true, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 12_aes_ccm_mptcp) +{ + .tls_version =3D TLS_1_2_VERSION, + .cipher_type =3D TLS_CIPHER_AES_CCM_128, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 13_aes_ccm_mptcp) +{ + .tls_version =3D TLS_1_3_VERSION, + .cipher_type =3D TLS_CIPHER_AES_CCM_128, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 12_aes_gcm_256_mptcp) +{ + .tls_version =3D TLS_1_2_VERSION, + .cipher_type =3D TLS_CIPHER_AES_GCM_256, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 13_aes_gcm_256_mptcp) +{ + .tls_version =3D TLS_1_3_VERSION, + .cipher_type =3D TLS_CIPHER_AES_GCM_256, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 13_nopad_mptcp) +{ + .tls_version =3D TLS_1_3_VERSION, + .cipher_type =3D TLS_CIPHER_AES_GCM_128, + .nopad =3D true, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 12_aria_gcm_mptcp) +{ + .tls_version =3D TLS_1_2_VERSION, + .cipher_type =3D TLS_CIPHER_ARIA_GCM_128, + .mptcp =3D true, +}; + +FIXTURE_VARIANT_ADD(tls, 12_aria_gcm_256_mptcp) +{ + .tls_version =3D TLS_1_2_VERSION, + .cipher_type =3D TLS_CIPHER_ARIA_GCM_256, + .mptcp =3D true, +}; + FIXTURE_SETUP(tls) { struct tls_crypto_info_keys tls12; --=20 2.51.0 From nobody Sat Apr 11 11:23:27 2026 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CB03928690 for ; Thu, 2 Apr 2026 07:48:26 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116106; cv=none; b=OSEYgpZvVNJA5dCCUjj9bqUK5LsHlc66tpq0aofxJ5sriFOT07MOiOFZQDQNC7VQMQWLnb0k8sOJBFdgivPZVu/M6J5ach4fX6fE//piYcsZiwP1LJ8too2JVmiJ12ka1mu53UB+d9NKODYi75jznVgWGRVU970PdQyIh30r0EE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775116106; c=relaxed/simple; bh=jxO0rKZKX21hgLtBr/ebVlNpts7QVcm316lo50AUX9M=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=e3uMhQ4oz5yhWvem/xraYxHd069wd3WkQioj5KwcRsbAQaJ2hAqJb+BQQXoqKE6JKr+0scBmBDop0/uTHSXqOea0sWXA1NG/eUTOjMT/WC9kzOmFrcE37YpVXtBfujh/S5XV2iL+UMhuAjKjyXta+eZztaQirXiEBAlIkrWHY54= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Ewy5soNq; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Ewy5soNq" Received: by smtp.kernel.org (Postfix) with ESMTPSA id DF5C0C2BC9E; Thu, 2 Apr 2026 07:48:24 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1775116106; bh=jxO0rKZKX21hgLtBr/ebVlNpts7QVcm316lo50AUX9M=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Ewy5soNqxPwdtHN20KYX7LGyXGrE4ythnDZ7yp9f8MVJHDjDa2hB4tT81+WAlzNQq jQy1WDlY1vPgY6dVbfmaAoJnvlsC63WlmmQ0ke4cN6opMV4Btuu/JkJAzwKiHsa0Ch 8vCR7+MFyKKpYbEzOO31X3ohYOS1vvifYmKYAkrvxpTdEQmtcJJK82HI6S7OUk7XDb eG/ZR8Uybyc4dIQmZk7RCyoh+grr3eS6Puxo1lK4Yrnen8TqlB70IRbQ97WNsdnIdt ULq2fnH/cah1DN8nV4+V4i9EzC9a2vZF13N7cq3Z97dqex4Ysq9blXTw72JtqPcHsD fMj90kLYbz/ZA== From: Geliang Tang To: mptcp@lists.linux.dev Cc: Geliang Tang , Gang Yan Subject: [RFC mptcp-next v12 15/15] selftests: mptcp: cover mptcp tls tests Date: Thu, 2 Apr 2026 15:47:50 +0800 Message-ID: X-Mailer: git-send-email 2.51.0 In-Reply-To: References: Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Geliang Tang The mptcp tests for tls.c is available now, this patch adds mptcp_tls.sh to test it in the MPTCP CI by default. Co-developed-by: Gang Yan Signed-off-by: Gang Yan Signed-off-by: Geliang Tang --- tools/testing/selftests/net/mptcp/Makefile | 2 + tools/testing/selftests/net/mptcp/config | 4 ++ .../testing/selftests/net/mptcp/mptcp_tls.sh | 55 +++++++++++++++++++ tools/testing/selftests/net/mptcp/tls.c | 1 + 4 files changed, 62 insertions(+) create mode 100755 tools/testing/selftests/net/mptcp/mptcp_tls.sh create mode 120000 tools/testing/selftests/net/mptcp/tls.c diff --git a/tools/testing/selftests/net/mptcp/Makefile b/tools/testing/sel= ftests/net/mptcp/Makefile index 22ba0da2adb8..f7c959a25b3b 100644 --- a/tools/testing/selftests/net/mptcp/Makefile +++ b/tools/testing/selftests/net/mptcp/Makefile @@ -14,6 +14,7 @@ TEST_PROGS :=3D \ mptcp_connect_splice.sh \ mptcp_join.sh \ mptcp_sockopt.sh \ + mptcp_tls.sh \ pm_netlink.sh \ simult_flows.sh \ userspace_pm.sh \ @@ -25,6 +26,7 @@ TEST_GEN_FILES :=3D \ mptcp_inq \ mptcp_sockopt \ pm_nl_ctl \ + tls \ # end of TEST_GEN_FILES =20 TEST_FILES :=3D \ diff --git a/tools/testing/selftests/net/mptcp/config b/tools/testing/selft= ests/net/mptcp/config index 59051ee2a986..471c7e0ba2be 100644 --- a/tools/testing/selftests/net/mptcp/config +++ b/tools/testing/selftests/net/mptcp/config @@ -34,3 +34,7 @@ CONFIG_NFT_SOCKET=3Dm CONFIG_NFT_TPROXY=3Dm CONFIG_SYN_COOKIES=3Dy CONFIG_VETH=3Dy +CONFIG_TLS=3Dy +CONFIG_CRYPTO_ARIA=3Dy +CONFIG_CRYPTO_CHACHA20POLY1305=3Dm +CONFIG_CRYPTO_SM4_GENERIC=3Dy diff --git a/tools/testing/selftests/net/mptcp/mptcp_tls.sh b/tools/testing= /selftests/net/mptcp/mptcp_tls.sh new file mode 100755 index 000000000000..b35d17857393 --- /dev/null +++ b/tools/testing/selftests/net/mptcp/mptcp_tls.sh @@ -0,0 +1,55 @@ +#!/bin/bash +# SPDX-License-Identifier: GPL-2.0 + +. "$(dirname "${0}")/mptcp_lib.sh" + +ret=3D0 +ns1=3D"" + +# This function is used in the cleanup trap +#shellcheck disable=3DSC2317,SC2329 +cleanup() +{ + if [ -n "$pid" ] && kill -0 "$pid" 2>/dev/null; then + kill "$pid" 2>/dev/null + wait "$pid" 2>/dev/null + fi + + mptcp_lib_ns_exit "$ns1" +} + +init() +{ + mptcp_lib_ns_init ns1 + + mptcp_lib_pm_nl_set_limits "$ns1" 8 8 + + local i + for i in $(seq 1 4); do + mptcp_lib_pm_nl_add_endpoint "$ns1" \ + "127.0.0.1" flags signal port 1000"$i" + done +} + +init +trap cleanup EXIT + +ip netns exec "$ns1" ./tls -v 12_aes_gcm_mptcp \ + -v 13_aes_gcm_mptcp \ + -v 12_chacha_mptcp \ + -v 13_chacha_mptcp \ + -v 13_sm4_gcm_mptcp \ + -v 13_sm4_ccm_mptcp \ + -v 12_aes_ccm_mptcp \ + -v 13_aes_ccm_mptcp \ + -v 12_aes_gcm_256_mptcp \ + -v 13_aes_gcm_256_mptcp \ + -v 13_nopad_mptcp \ + -v 12_aria_gcm_mptcp \ + -v 12_aria_gcm_256_mptcp & +pid=3D$! +wait $pid +ret=3D$? + +mptcp_lib_result_print_all_tap +exit $ret diff --git a/tools/testing/selftests/net/mptcp/tls.c b/tools/testing/selfte= sts/net/mptcp/tls.c new file mode 120000 index 000000000000..724b1f047c89 --- /dev/null +++ b/tools/testing/selftests/net/mptcp/tls.c @@ -0,0 +1 @@ +../tls.c \ No newline at end of file --=20 2.51.0