From nobody Thu May  2 19:51:33 2024
Return-Path: <linux-kernel-owner@vger.kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 555E6C7EE24
	for <linux-kernel@archiver.kernel.org>; Fri,  2 Jun 2023 15:08:59 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S236418AbjFBPI6 (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Fri, 2 Jun 2023 11:08:58 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57704 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S236399AbjFBPIw (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 2 Jun 2023 11:08:52 -0400
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 200B3E40
        for <linux-kernel@vger.kernel.org>;
 Fri,  2 Jun 2023 08:08:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1685718487;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=704Gul1es5vKB8f3fNlqLP0xfed1dEhsuWb+SLm3klg=;
        b=ezR4Jv+I6jK3jXYv4Os435NCkQLkWH+QFa6voNVOGu37lgyXsC1FG8PjvIVcfA/rLhPr9z
        HcPho5yui9kWCYBvizxf1c68PmHhRwMFwTju1E8BzAV5cwgJNIewW+iy1SywY1UV9bdN3l
        s7b0svNiz1Ud6NXxK73iggfLCho87tQ=
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-157-98r-sCduMDuRZbV631FDtg-1; Fri, 02 Jun 2023 11:08:02 -0400
X-MC-Unique: 98r-sCduMDuRZbV631FDtg-1
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com
 [10.11.54.4])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 86197185A792;
        Fri,  2 Jun 2023 15:08:01 +0000 (UTC)
Received: from warthog.procyon.org.uk (unknown [10.42.28.182])
        by smtp.corp.redhat.com (Postfix) with ESMTP id 7F0642026D49;
        Fri,  2 Jun 2023 15:07:59 +0000 (UTC)
From: David Howells <dhowells@redhat.com>
To: netdev@vger.kernel.org,
        Linus Torvalds <torvalds@linux-foundation.org>
Cc: David Howells <dhowells@redhat.com>,
        Chuck Lever <chuck.lever@oracle.com>,
        Boris Pismenny <borisp@nvidia.com>,
        John Fastabend <john.fastabend@gmail.com>,
        Jakub Kicinski <kuba@kernel.org>,
        "David S. Miller" <davem@davemloft.net>,
        Eric Dumazet <edumazet@google.com>,
        Paolo Abeni <pabeni@redhat.com>,
        Willem de Bruijn <willemdebruijn.kernel@gmail.com>,
        David Ahern <dsahern@kernel.org>,
        Matthew Wilcox <willy@infradead.org>,
        Jens Axboe <axboe@kernel.dk>, linux-mm@kvack.org,
        linux-kernel@vger.kernel.org
Subject: [PATCH net-next v3 01/11] net: Block MSG_SENDPAGE_* from being passed
 to sendmsg() by userspace
Date: Fri,  2 Jun 2023 16:07:42 +0100
Message-ID: <20230602150752.1306532-2-dhowells@redhat.com>
In-Reply-To: <20230602150752.1306532-1-dhowells@redhat.com>
References: <20230602150752.1306532-1-dhowells@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="utf-8"

It is necessary to allow MSG_SENDPAGE_* to be passed into ->sendmsg() to
allow sendmsg(MSG_SPLICE_PAGES) to replace ->sendpage().  Unblocking them
in the network protocol, however, allows these flags to be passed in by
userspace too[1].

Fix this by marking MSG_SENDPAGE_NOPOLICY, MSG_SENDPAGE_NOTLAST and
MSG_SENDPAGE_DECRYPTED as internal flags, which causes sendmsg() to object
if they are passed to sendmsg() by userspace.  Network protocol ->sendmsg()
implementations can then allow them through.

Note that it should be possible to remove MSG_SENDPAGE_NOTLAST once
sendpage is removed as a whole slew of pages will be passed in in one go by
splice through sendmsg, with MSG_MORE being set if it has more data waiting
in the pipe.

Signed-off-by: David Howells <dhowells@redhat.com>
cc: Jakub Kicinski <kuba@kernel.org>
cc: Chuck Lever <chuck.lever@oracle.com>
cc: Boris Pismenny <borisp@nvidia.com>
cc: John Fastabend <john.fastabend@gmail.com>
cc: Eric Dumazet <edumazet@google.com>
cc: "David S. Miller" <davem@davemloft.net>
cc: Paolo Abeni <pabeni@redhat.com>
cc: Jens Axboe <axboe@kernel.dk>
cc: Matthew Wilcox <willy@infradead.org>
cc: netdev@vger.kernel.org
Link: https://lore.kernel.org/r/20230526181338.03a99016@kernel.org/ [1]
---
 include/linux/socket.h | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/include/linux/socket.h b/include/linux/socket.h
index bd1cc3238851..3fd3436bc09f 100644
--- a/include/linux/socket.h
+++ b/include/linux/socket.h
@@ -339,7 +339,9 @@ struct ucred {
 #endif
=20
 /* Flags to be cleared on entry by sendmsg and sendmmsg syscalls */
-#define MSG_INTERNAL_SENDMSG_FLAGS (MSG_SPLICE_PAGES)
+#define MSG_INTERNAL_SENDMSG_FLAGS \
+	(MSG_SPLICE_PAGES | MSG_SENDPAGE_NOPOLICY | MSG_SENDPAGE_NOTLAST | \
+	 MSG_SENDPAGE_DECRYPTED)
=20
 /* Setsockoptions(2) level. Thanks to BSD these must match IPPROTO_xxx */
 #define SOL_IP		0
From nobody Thu May  2 19:51:33 2024
Return-Path: <linux-kernel-owner@vger.kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 1347FC7EE24
	for <linux-kernel@archiver.kernel.org>; Fri,  2 Jun 2023 15:09:09 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S236415AbjFBPJH (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Fri, 2 Jun 2023 11:09:07 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57802 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S236428AbjFBPJC (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 2 Jun 2023 11:09:02 -0400
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9A7F5E58
        for <linux-kernel@vger.kernel.org>;
 Fri,  2 Jun 2023 08:08:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1685718494;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=GIUHoDHkYJ6R7Kj3TX2onke+6WDgXd+OHlld+dEFkxk=;
        b=K7bnd8twd7hgXUrlrbkuYcTXvI35JEwwy7sLT5HygS4SFSW4rHpqL6lQj3cGaoPYAGmMPm
        34Ejx362mplMJ5a6ZbCjsltZBxXFVxZLPppoL5sgKxGiIPQQYg4qnRjeBg95H8nmF+angD
        Op3XTK0qIUH/rTJb694QWa31y+tOHHs=
Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com
 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-575-BOuQHjwKMQyEta6FCH7Pyw-1; Fri, 02 Jun 2023 11:08:11 -0400
X-MC-Unique: BOuQHjwKMQyEta6FCH7Pyw-1
Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com
 [10.11.54.9])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mimecast-mx02.redhat.com (Postfix) with ESMTPS id CAA3D3C0BE44;
        Fri,  2 Jun 2023 15:08:10 +0000 (UTC)
Received: from warthog.procyon.org.uk (unknown [10.42.28.182])
        by smtp.corp.redhat.com (Postfix) with ESMTP id 8D922492B00;
        Fri,  2 Jun 2023 15:08:07 +0000 (UTC)
From: David Howells <dhowells@redhat.com>
To: netdev@vger.kernel.org,
        Linus Torvalds <torvalds@linux-foundation.org>
Cc: David Howells <dhowells@redhat.com>,
        Chuck Lever <chuck.lever@oracle.com>,
        Boris Pismenny <borisp@nvidia.com>,
        John Fastabend <john.fastabend@gmail.com>,
        Jakub Kicinski <kuba@kernel.org>,
        "David S. Miller" <davem@davemloft.net>,
        Eric Dumazet <edumazet@google.com>,
        Paolo Abeni <pabeni@redhat.com>,
        Willem de Bruijn <willemdebruijn.kernel@gmail.com>,
        David Ahern <dsahern@kernel.org>,
        Matthew Wilcox <willy@infradead.org>,
        Jens Axboe <axboe@kernel.dk>, linux-mm@kvack.org,
        linux-kernel@vger.kernel.org
Subject: [PATCH net-next v3 02/11] tls: Allow MSG_SPLICE_PAGES but treat it as
 normal sendmsg
Date: Fri,  2 Jun 2023 16:07:43 +0100
Message-ID: <20230602150752.1306532-3-dhowells@redhat.com>
In-Reply-To: <20230602150752.1306532-1-dhowells@redhat.com>
References: <20230602150752.1306532-1-dhowells@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="utf-8"

Allow MSG_SPLICE_PAGES to be specified to sendmsg() but treat it as normal
sendmsg for now.  This means the data will just be copied until
MSG_SPLICE_PAGES is handled.

Signed-off-by: David Howells <dhowells@redhat.com>
cc: Chuck Lever <chuck.lever@oracle.com>
cc: Boris Pismenny <borisp@nvidia.com>
cc: John Fastabend <john.fastabend@gmail.com>
cc: Jakub Kicinski <kuba@kernel.org>
cc: Eric Dumazet <edumazet@google.com>
cc: "David S. Miller" <davem@davemloft.net>
cc: Paolo Abeni <pabeni@redhat.com>
cc: Jens Axboe <axboe@kernel.dk>
cc: Matthew Wilcox <willy@infradead.org>
cc: netdev@vger.kernel.org
---
 net/tls/tls_device.c | 3 ++-
 net/tls/tls_sw.c     | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c
index a959572a816f..9ef766e41c7a 100644
--- a/net/tls/tls_device.c
+++ b/net/tls/tls_device.c
@@ -447,7 +447,8 @@ static int tls_push_data(struct sock *sk,
 	long timeo;
=20
 	if (flags &
-	    ~(MSG_MORE | MSG_DONTWAIT | MSG_NOSIGNAL | MSG_SENDPAGE_NOTLAST))
+	    ~(MSG_MORE | MSG_DONTWAIT | MSG_NOSIGNAL | MSG_SENDPAGE_NOTLAST |
+	      MSG_SPLICE_PAGES))
 		return -EOPNOTSUPP;
=20
 	if (unlikely(sk->sk_err))
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index 6e6a7c37d685..cac1adc968e8 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -953,7 +953,7 @@ int tls_sw_sendmsg(struct sock *sk, struct msghdr *msg,=
 size_t size)
 	int pending;
=20
 	if (msg->msg_flags & ~(MSG_MORE | MSG_DONTWAIT | MSG_NOSIGNAL |
-			       MSG_CMSG_COMPAT))
+			       MSG_CMSG_COMPAT | MSG_SPLICE_PAGES))
 		return -EOPNOTSUPP;
=20
 	ret =3D mutex_lock_interruptible(&tls_ctx->tx_lock);
From nobody Thu May  2 19:51:33 2024
Return-Path: <linux-kernel-owner@vger.kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 90C7FC7EE24
	for <linux-kernel@archiver.kernel.org>; Fri,  2 Jun 2023 15:09:17 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S236437AbjFBPJP (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Fri, 2 Jun 2023 11:09:15 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57892 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S236379AbjFBPJJ (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 2 Jun 2023 11:09:09 -0400
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8E1D5E52
        for <linux-kernel@vger.kernel.org>;
 Fri,  2 Jun 2023 08:08:23 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1685718502;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=GeaP7/vo94ZZDrAoROnlgLmkpbcL++cZl5U43JLGl7Y=;
        b=ZILjBOuXaBZFx/j7kah5/nSZvZSoEBPDxV/Ao9wvNxs/6wh7n7htuhXZrwIBJEo4rh5fln
        AFKyO+zdQs/qHXTHXN4v8M8iimeStyWHNAe2GhwgXb+PEq2dnRu97PpF8H+ZacToZ/WUzT
        OckRcHLv0cD45SAkfGZuX1Zd2XAoJAQ=
Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com
 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-675-r53cRdYeNt22xXrH4BTZSw-1; Fri, 02 Jun 2023 11:08:17 -0400
X-MC-Unique: r53cRdYeNt22xXrH4BTZSw-1
Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com
 [10.11.54.1])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 77FF23C0BE49;
        Fri,  2 Jun 2023 15:08:16 +0000 (UTC)
Received: from warthog.procyon.org.uk (unknown [10.42.28.182])
        by smtp.corp.redhat.com (Postfix) with ESMTP id 7D52340CFD46;
        Fri,  2 Jun 2023 15:08:14 +0000 (UTC)
From: David Howells <dhowells@redhat.com>
To: netdev@vger.kernel.org,
        Linus Torvalds <torvalds@linux-foundation.org>
Cc: David Howells <dhowells@redhat.com>,
        Chuck Lever <chuck.lever@oracle.com>,
        Boris Pismenny <borisp@nvidia.com>,
        John Fastabend <john.fastabend@gmail.com>,
        Jakub Kicinski <kuba@kernel.org>,
        "David S. Miller" <davem@davemloft.net>,
        Eric Dumazet <edumazet@google.com>,
        Paolo Abeni <pabeni@redhat.com>,
        Willem de Bruijn <willemdebruijn.kernel@gmail.com>,
        David Ahern <dsahern@kernel.org>,
        Matthew Wilcox <willy@infradead.org>,
        Jens Axboe <axboe@kernel.dk>, linux-mm@kvack.org,
        linux-kernel@vger.kernel.org
Subject: [PATCH net-next v3 03/11] tls/sw: Use zero-length sendmsg() without
 MSG_MORE to flush
Date: Fri,  2 Jun 2023 16:07:44 +0100
Message-ID: <20230602150752.1306532-4-dhowells@redhat.com>
In-Reply-To: <20230602150752.1306532-1-dhowells@redhat.com>
References: <20230602150752.1306532-1-dhowells@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.1
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="utf-8"

Allow userspace to end a TLS record without supplying any data by calling
send()/sendto()/sendmsg() with no data and no MSG_MORE flag.  This can be
used to flush a previous send/splice that had MSG_MORE or SPLICE_F_MORE set
or a sendfile() that was incomplete.

Without this, a zero-length send to tls-sw is just ignored.  I think
tls-device will do the right thing without modification.

Signed-off-by: David Howells <dhowells@redhat.com>
cc: Chuck Lever <chuck.lever@oracle.com>
cc: Boris Pismenny <borisp@nvidia.com>
cc: John Fastabend <john.fastabend@gmail.com>
cc: Jakub Kicinski <kuba@kernel.org>
cc: Eric Dumazet <edumazet@google.com>
cc: "David S. Miller" <davem@davemloft.net>
cc: Paolo Abeni <pabeni@redhat.com>
cc: Jens Axboe <axboe@kernel.dk>
cc: Matthew Wilcox <willy@infradead.org>
cc: netdev@vger.kernel.org
---
 net/tls/tls_sw.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index cac1adc968e8..6aa6d17888f5 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -945,7 +945,7 @@ int tls_sw_sendmsg(struct sock *sk, struct msghdr *msg,=
 size_t size)
 	struct tls_rec *rec;
 	int required_size;
 	int num_async =3D 0;
-	bool full_record;
+	bool full_record =3D false;
 	int record_room;
 	int num_zc =3D 0;
 	int orig_size;
@@ -971,6 +971,9 @@ int tls_sw_sendmsg(struct sock *sk, struct msghdr *msg,=
 size_t size)
 		}
 	}
=20
+	if (!msg_data_left(msg) && eor)
+		goto just_flush;
+
 	while (msg_data_left(msg)) {
 		if (sk->sk_err) {
 			ret =3D -sk->sk_err;
@@ -1082,6 +1085,7 @@ int tls_sw_sendmsg(struct sock *sk, struct msghdr *ms=
g, size_t size)
 		 */
 		tls_ctx->pending_open_record_frags =3D true;
 		copied +=3D try_to_copy;
+just_flush:
 		if (full_record || eor) {
 			ret =3D bpf_exec_tx_verdict(msg_pl, sk, full_record,
 						  record_type, &copied,
From nobody Thu May  2 19:51:33 2024
Return-Path: <linux-kernel-owner@vger.kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id EDD24C77B7A
	for <linux-kernel@archiver.kernel.org>; Fri,  2 Jun 2023 15:09:14 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S236448AbjFBPJN (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Fri, 2 Jun 2023 11:09:13 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57868 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S236419AbjFBPJJ (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 2 Jun 2023 11:09:09 -0400
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 569FC123
        for <linux-kernel@vger.kernel.org>;
 Fri,  2 Jun 2023 08:08:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1685718504;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=C5MeH3bkXFVlppirWEf/JAhtMhZSTtHegYn7rkL31b8=;
        b=a9ZFCp+CzmXnUTLEnhLLiWWC5jI8je+i8xJ7/+LMIpxecd6wMaZn82ZrDCbFJVs0YiW1KG
        V7jbIbl0S+g+rvBi1wMFuyU1JLSjDSCi9m/1MvGjNoTA6Tt97jR1z9RN42hzatcTlH9mmu
        iZSjoQfEnd8JJZXDTrLmPRC6Hi/Joh4=
Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com
 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-277-qdBthDuGP0-agnm9gHhsBw-1; Fri, 02 Jun 2023 11:08:22 -0400
X-MC-Unique: qdBthDuGP0-agnm9gHhsBw-1
Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com
 [10.11.54.6])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 811FE3802268;
        Fri,  2 Jun 2023 15:08:21 +0000 (UTC)
Received: from warthog.procyon.org.uk (unknown [10.42.28.182])
        by smtp.corp.redhat.com (Postfix) with ESMTP id 5EEA72166B25;
        Fri,  2 Jun 2023 15:08:18 +0000 (UTC)
From: David Howells <dhowells@redhat.com>
To: netdev@vger.kernel.org,
        Linus Torvalds <torvalds@linux-foundation.org>
Cc: David Howells <dhowells@redhat.com>,
        Chuck Lever <chuck.lever@oracle.com>,
        Boris Pismenny <borisp@nvidia.com>,
        John Fastabend <john.fastabend@gmail.com>,
        Jakub Kicinski <kuba@kernel.org>,
        "David S. Miller" <davem@davemloft.net>,
        Eric Dumazet <edumazet@google.com>,
        Paolo Abeni <pabeni@redhat.com>,
        Willem de Bruijn <willemdebruijn.kernel@gmail.com>,
        David Ahern <dsahern@kernel.org>,
        Matthew Wilcox <willy@infradead.org>,
        Jens Axboe <axboe@kernel.dk>, linux-mm@kvack.org,
        linux-kernel@vger.kernel.org
Subject: [PATCH net-next v3 04/11] splice,
 net: Use sendmsg(MSG_SPLICE_PAGES) rather than ->sendpage()
Date: Fri,  2 Jun 2023 16:07:45 +0100
Message-ID: <20230602150752.1306532-5-dhowells@redhat.com>
In-Reply-To: <20230602150752.1306532-1-dhowells@redhat.com>
References: <20230602150752.1306532-1-dhowells@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.6
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="utf-8"

Replace generic_splice_sendpage() + splice_from_pipe + pipe_to_sendpage()
with a net-specific handler, splice_to_socket(), that calls sendmsg() with
MSG_SPLICE_PAGES set instead of calling ->sendpage().

MSG_MORE is used to indicate if the sendmsg() is expected to be followed
with more data.

This allows multiple pipe-buffer pages to be passed in a single call in a
BVEC iterator, allowing the processing to be pushed down to a loop in the
protocol driver.  This helps pave the way for passing multipage folios down
too.

Protocols that haven't been converted to handle MSG_SPLICE_PAGES yet should
just ignore it and do a normal sendmsg() for now - although that may be a
bit slower as it may copy everything.

Signed-off-by: David Howells <dhowells@redhat.com>
cc: "David S. Miller" <davem@davemloft.net>
cc: Eric Dumazet <edumazet@google.com>
cc: Jakub Kicinski <kuba@kernel.org>
cc: Paolo Abeni <pabeni@redhat.com>
cc: Jens Axboe <axboe@kernel.dk>
cc: Matthew Wilcox <willy@infradead.org>
cc: netdev@vger.kernel.org
---
 fs/splice.c            | 158 +++++++++++++++++++++++++++++++++--------
 include/linux/fs.h     |   2 -
 include/linux/splice.h |   2 +
 net/socket.c           |  26 +------
 4 files changed, 131 insertions(+), 57 deletions(-)

diff --git a/fs/splice.c b/fs/splice.c
index 3e06611d19ae..9b1d43c0c562 100644
--- a/fs/splice.c
+++ b/fs/splice.c
@@ -33,6 +33,7 @@
 #include <linux/fsnotify.h>
 #include <linux/security.h>
 #include <linux/gfp.h>
+#include <linux/net.h>
 #include <linux/socket.h>
 #include <linux/sched/signal.h>
=20
@@ -448,30 +449,6 @@ const struct pipe_buf_operations nosteal_pipe_buf_ops =
=3D {
 };
 EXPORT_SYMBOL(nosteal_pipe_buf_ops);
=20
-/*
- * Send 'sd->len' bytes to socket from 'sd->file' at position 'sd->pos'
- * using sendpage(). Return the number of bytes sent.
- */
-static int pipe_to_sendpage(struct pipe_inode_info *pipe,
-			    struct pipe_buffer *buf, struct splice_desc *sd)
-{
-	struct file *file =3D sd->u.file;
-	loff_t pos =3D sd->pos;
-	int more;
-
-	if (!likely(file->f_op->sendpage))
-		return -EINVAL;
-
-	more =3D (sd->flags & SPLICE_F_MORE) ? MSG_MORE : 0;
-
-	if (sd->len < sd->total_len &&
-	    pipe_occupancy(pipe->head, pipe->tail) > 1)
-		more |=3D MSG_SENDPAGE_NOTLAST;
-
-	return file->f_op->sendpage(file, buf->page, buf->offset,
-				    sd->len, &pos, more);
-}
-
 static void wakeup_pipe_writers(struct pipe_inode_info *pipe)
 {
 	smp_mb();
@@ -652,7 +629,7 @@ static void splice_from_pipe_end(struct pipe_inode_info=
 *pipe, struct splice_des
  * Description:
  *    This function does little more than loop over the pipe and call
  *    @actor to do the actual moving of a single struct pipe_buffer to
- *    the desired destination. See pipe_to_file, pipe_to_sendpage, or
+ *    the desired destination. See pipe_to_file, pipe_to_sendmsg, or
  *    pipe_to_user.
  *
  */
@@ -833,8 +810,9 @@ iter_file_splice_write(struct pipe_inode_info *pipe, st=
ruct file *out,
=20
 EXPORT_SYMBOL(iter_file_splice_write);
=20
+#ifdef CONFIG_NET
 /**
- * generic_splice_sendpage - splice data from a pipe to a socket
+ * splice_to_socket - splice data from a pipe to a socket
  * @pipe:	pipe to splice from
  * @out:	socket to write to
  * @ppos:	position in @out
@@ -846,13 +824,131 @@ EXPORT_SYMBOL(iter_file_splice_write);
  *    is involved.
  *
  */
-ssize_t generic_splice_sendpage(struct pipe_inode_info *pipe, struct file =
*out,
-				loff_t *ppos, size_t len, unsigned int flags)
+ssize_t splice_to_socket(struct pipe_inode_info *pipe, struct file *out,
+			 loff_t *ppos, size_t len, unsigned int flags)
 {
-	return splice_from_pipe(pipe, out, ppos, len, flags, pipe_to_sendpage);
-}
+	struct socket *sock =3D sock_from_file(out);
+	struct bio_vec bvec[16];
+	struct msghdr msg =3D {};
+	ssize_t ret;
+	size_t spliced =3D 0;
+	bool need_wakeup =3D false;
+
+	pipe_lock(pipe);
+
+	while (len > 0) {
+		unsigned int head, tail, mask, bc =3D 0;
+		size_t remain =3D len;
+
+		/*
+		 * Check for signal early to make process killable when there
+		 * are always buffers available
+		 */
+		ret =3D -ERESTARTSYS;
+		if (signal_pending(current))
+			break;
+
+		while (pipe_empty(pipe->head, pipe->tail)) {
+			ret =3D 0;
+			if (!pipe->writers)
+				goto out;
+
+			if (spliced)
+				goto out;
+
+			ret =3D -EAGAIN;
+			if (flags & SPLICE_F_NONBLOCK)
+				goto out;
+
+			ret =3D -ERESTARTSYS;
+			if (signal_pending(current))
+				goto out;
+
+			if (need_wakeup) {
+				wakeup_pipe_writers(pipe);
+				need_wakeup =3D false;
+			}
+
+			pipe_wait_readable(pipe);
+		}
+
+		head =3D pipe->head;
+		tail =3D pipe->tail;
+		mask =3D pipe->ring_size - 1;
+
+		while (!pipe_empty(head, tail)) {
+			struct pipe_buffer *buf =3D &pipe->bufs[tail & mask];
+			size_t seg;
=20
-EXPORT_SYMBOL(generic_splice_sendpage);
+			if (!buf->len) {
+				tail++;
+				continue;
+			}
+
+			seg =3D min_t(size_t, remain, buf->len);
+			seg =3D min_t(size_t, seg, PAGE_SIZE);
+
+			ret =3D pipe_buf_confirm(pipe, buf);
+			if (unlikely(ret)) {
+				if (ret =3D=3D -ENODATA)
+					ret =3D 0;
+				break;
+			}
+
+			bvec_set_page(&bvec[bc++], buf->page, seg, buf->offset);
+			remain -=3D seg;
+			if (seg >=3D buf->len)
+				tail++;
+			if (bc >=3D ARRAY_SIZE(bvec))
+				break;
+		}
+
+		if (!bc)
+			break;
+
+		msg.msg_flags =3D MSG_SPLICE_PAGES;
+		if (flags & SPLICE_F_MORE)
+			msg.msg_flags |=3D MSG_MORE;
+		if (remain && pipe_occupancy(pipe->head, tail) > 0)
+			msg.msg_flags |=3D MSG_MORE;
+
+		iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, bvec, bc,
+			      len - remain);
+		ret =3D sock_sendmsg(sock, &msg);
+		if (ret <=3D 0)
+			break;
+
+		spliced +=3D ret;
+		len -=3D ret;
+		tail =3D pipe->tail;
+		while (ret > 0) {
+			struct pipe_buffer *buf =3D &pipe->bufs[tail & mask];
+			size_t seg =3D min_t(size_t, ret, buf->len);
+
+			buf->offset +=3D seg;
+			buf->len -=3D seg;
+			ret -=3D seg;
+
+			if (!buf->len) {
+				pipe_buf_release(pipe, buf);
+				tail++;
+			}
+		}
+
+		if (tail !=3D pipe->tail) {
+			pipe->tail =3D tail;
+			if (pipe->files)
+				need_wakeup =3D true;
+		}
+	}
+
+out:
+	pipe_unlock(pipe);
+	if (need_wakeup)
+		wakeup_pipe_writers(pipe);
+	return spliced ?: ret;
+}
+#endif
=20
 static int warn_unsupported(struct file *file, const char *op)
 {
diff --git a/include/linux/fs.h b/include/linux/fs.h
index 21a981680856..f8254c3acf83 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -2759,8 +2759,6 @@ extern ssize_t generic_file_splice_read(struct file *=
, loff_t *,
 		struct pipe_inode_info *, size_t, unsigned int);
 extern ssize_t iter_file_splice_write(struct pipe_inode_info *,
 		struct file *, loff_t *, size_t, unsigned int);
-extern ssize_t generic_splice_sendpage(struct pipe_inode_info *pipe,
-		struct file *out, loff_t *, size_t len, unsigned int flags);
 extern long do_splice_direct(struct file *in, loff_t *ppos, struct file *o=
ut,
 		loff_t *opos, size_t len, unsigned int flags);
=20
diff --git a/include/linux/splice.h b/include/linux/splice.h
index a55179fd60fc..991ae318b6eb 100644
--- a/include/linux/splice.h
+++ b/include/linux/splice.h
@@ -84,6 +84,8 @@ extern long do_splice(struct file *in, loff_t *off_in,
=20
 extern long do_tee(struct file *in, struct file *out, size_t len,
 		   unsigned int flags);
+extern ssize_t splice_to_socket(struct pipe_inode_info *pipe, struct file =
*out,
+				loff_t *ppos, size_t len, unsigned int flags);
=20
 /*
  * for dynamic pipe sizing
diff --git a/net/socket.c b/net/socket.c
index 3df96e9ba4e2..c4d9104418c8 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -57,6 +57,7 @@
 #include <linux/mm.h>
 #include <linux/socket.h>
 #include <linux/file.h>
+#include <linux/splice.h>
 #include <linux/net.h>
 #include <linux/interrupt.h>
 #include <linux/thread_info.h>
@@ -126,8 +127,6 @@ static long compat_sock_ioctl(struct file *file,
 			      unsigned int cmd, unsigned long arg);
 #endif
 static int sock_fasync(int fd, struct file *filp, int on);
-static ssize_t sock_sendpage(struct file *file, struct page *page,
-			     int offset, size_t size, loff_t *ppos, int more);
 static ssize_t sock_splice_read(struct file *file, loff_t *ppos,
 				struct pipe_inode_info *pipe, size_t len,
 				unsigned int flags);
@@ -162,8 +161,7 @@ static const struct file_operations socket_file_ops =3D=
 {
 	.mmap =3D		sock_mmap,
 	.release =3D	sock_close,
 	.fasync =3D	sock_fasync,
-	.sendpage =3D	sock_sendpage,
-	.splice_write =3D generic_splice_sendpage,
+	.splice_write =3D splice_to_socket,
 	.splice_read =3D	sock_splice_read,
 	.show_fdinfo =3D	sock_show_fdinfo,
 };
@@ -1066,26 +1064,6 @@ int kernel_recvmsg(struct socket *sock, struct msghd=
r *msg,
 }
 EXPORT_SYMBOL(kernel_recvmsg);
=20
-static ssize_t sock_sendpage(struct file *file, struct page *page,
-			     int offset, size_t size, loff_t *ppos, int more)
-{
-	struct socket *sock;
-	int flags;
-	int ret;
-
-	sock =3D file->private_data;
-
-	flags =3D (file->f_flags & O_NONBLOCK) ? MSG_DONTWAIT : 0;
-	/* more is a combination of MSG_MORE and MSG_SENDPAGE_NOTLAST */
-	flags |=3D more;
-
-	ret =3D kernel_sendpage(sock, page, offset, size, flags);
-
-	if (trace_sock_send_length_enabled())
-		call_trace_sock_send_length(sock->sk, ret, 0);
-	return ret;
-}
-
 static ssize_t sock_splice_read(struct file *file, loff_t *ppos,
 				struct pipe_inode_info *pipe, size_t len,
 				unsigned int flags)
From nobody Thu May  2 19:51:33 2024
Return-Path: <linux-kernel-owner@vger.kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id AAE3BC7EE2A
	for <linux-kernel@archiver.kernel.org>; Fri,  2 Jun 2023 15:09:32 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S236468AbjFBPJb (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Fri, 2 Jun 2023 11:09:31 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57956 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S236461AbjFBPJR (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 2 Jun 2023 11:09:17 -0400
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 50395E49
        for <linux-kernel@vger.kernel.org>;
 Fri,  2 Jun 2023 08:08:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1685718509;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=jyBtAHnxIDOUxFx8QcCqc48iyvS91zdxptS6bgS5LhE=;
        b=Kwvr6nEJPCjtsqpQeS5DkJPp4skcMBfsM/eEaY66xVcEBuUvWEFlEnigdnjbEL9T9Fyd48
        fl0Q1GLtics6RaaYtjVPFa2IN43Jh0npXlLE3kDeZUl3VNIo9KvdWrqvBVEcRKzUzqkY16
        cztjpvx+9dgyMEGN8N0rmwlRkp3Q2n0=
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-652-HJKW5r7wNUG_h4BsM00Cfg-1; Fri, 02 Jun 2023 11:08:26 -0400
X-MC-Unique: HJKW5r7wNUG_h4BsM00Cfg-1
Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com
 [10.11.54.9])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 42DA4811E8F;
        Fri,  2 Jun 2023 15:08:25 +0000 (UTC)
Received: from warthog.procyon.org.uk (unknown [10.42.28.182])
        by smtp.corp.redhat.com (Postfix) with ESMTP id 30388492B00;
        Fri,  2 Jun 2023 15:08:22 +0000 (UTC)
From: David Howells <dhowells@redhat.com>
To: netdev@vger.kernel.org,
        Linus Torvalds <torvalds@linux-foundation.org>
Cc: David Howells <dhowells@redhat.com>,
        Chuck Lever <chuck.lever@oracle.com>,
        Boris Pismenny <borisp@nvidia.com>,
        John Fastabend <john.fastabend@gmail.com>,
        Jakub Kicinski <kuba@kernel.org>,
        "David S. Miller" <davem@davemloft.net>,
        Eric Dumazet <edumazet@google.com>,
        Paolo Abeni <pabeni@redhat.com>,
        Willem de Bruijn <willemdebruijn.kernel@gmail.com>,
        David Ahern <dsahern@kernel.org>,
        Matthew Wilcox <willy@infradead.org>,
        Jens Axboe <axboe@kernel.dk>, linux-mm@kvack.org,
        linux-kernel@vger.kernel.org, Christoph Hellwig <hch@lst.de>,
        Al Viro <viro@zeniv.linux.org.uk>, Jan Kara <jack@suse.cz>,
        Jeff Layton <jlayton@kernel.org>,
        David Hildenbrand <david@redhat.com>,
        Christian Brauner <brauner@kernel.org>,
        linux-fsdevel@vger.kernel.org, linux-block@vger.kernel.org
Subject: [PATCH net-next v3 05/11] splice,
 net: Fix SPLICE_F_MORE signalling in splice_direct_to_actor()
Date: Fri,  2 Jun 2023 16:07:46 +0100
Message-ID: <20230602150752.1306532-6-dhowells@redhat.com>
In-Reply-To: <20230602150752.1306532-1-dhowells@redhat.com>
References: <20230602150752.1306532-1-dhowells@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="utf-8"

splice_direct_to_actor() doesn't manage SPLICE_F_MORE correctly[1] - and,
as a result, it incorrectly signals/fails to signal MSG_MORE when splicing
to a socket.  The problem I'm seeing happens when a short splice occurs
because we got a short read due to hitting the EOF on a file: as the length
read (read_len) is less than the remaining size to be spliced (len),
SPLICE_F_MORE (and thus MSG_MORE) is set.

The issue is that, for the moment, we have no way to know *why* the short
read occurred and so can't make a good decision on whether we *should* keep
MSG_MORE set.  Further, the argument can be made that it should be left to
userspace to decide how to handle it - userspace could perform some sort of
cancellation for example.

MSG_SENDPAGE_NOTLAST was added to work around this, but that is also set
incorrectly under some circumstances - for example if a short read fills a
single pipe_buffer, but the next read would return more (seqfile can do
this).

This was observed with the multi_chunk_sendfile tests in the tls kselftest
program.  Some of those tests would hang and time out when the last chunk
of file was less than the sendfile request size:

	build/kselftest/net/tls -r tls.12_aes_gcm.multi_chunk_sendfile

This has been observed before[2] and worked around in AF_TLS[3].

Fix this by making splice_direct_to_actor() always signal SPLICE_F_MORE if
we haven't yet hit the requested operation size.  SPLICE_F_MORE remains
signalled if the user passed it in to splice() but otherwise gets cleared
when we've read sufficient data to fulfill the request.  The cleanup of a
short splice to userspace is left to userspace.

[!] Note that this changes user-visible behaviour.  It will cause the
    multi_chunk_sendfile tests in the TLS kselftest to fail.  This failure
    in the testsuite will be addressed in a subsequent patch by making
    userspace do a zero-length send().

It appears that SPLICE_F_MORE is only used by splice-to-socket.

Signed-off-by: David Howells <dhowells@redhat.com>
cc: Linus Torvalds <torvalds@linux-foundation.org>
cc: Jakub Kicinski <kuba@kernel.org>
cc: Jens Axboe <axboe@kernel.dk>
cc: Christoph Hellwig <hch@lst.de>
cc: Al Viro <viro@zeniv.linux.org.uk>
cc: Matthew Wilcox <willy@infradead.org>
cc: Jan Kara <jack@suse.cz>
cc: Jeff Layton <jlayton@kernel.org>
cc: David Hildenbrand <david@redhat.com>
cc: Christian Brauner <brauner@kernel.org>
cc: Chuck Lever <chuck.lever@oracle.com>
cc: Boris Pismenny <borisp@nvidia.com>
cc: John Fastabend <john.fastabend@gmail.com>
cc: Eric Dumazet <edumazet@google.com>
cc: "David S. Miller" <davem@davemloft.net>
cc: Paolo Abeni <pabeni@redhat.com>
cc: linux-fsdevel@vger.kernel.org
cc: linux-block@vger.kernel.org
cc: linux-mm@kvack.org
cc: netdev@vger.kernel.org

Link: https://lore.kernel.org/r/499791.1685485603@warthog.procyon.org.uk/ [=
1]
Link: https://lore.kernel.org/r/1591392508-14592-1-git-send-email-pooja.tri=
vedi@stackpath.com/ [2]
Link: https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/c=
ommit/?id=3Dd452d48b9f8b1a7f8152d33ef52cfd7fe1735b0a [3]
---
 fs/splice.c | 18 ++++++++++--------
 1 file changed, 10 insertions(+), 8 deletions(-)

diff --git a/fs/splice.c b/fs/splice.c
index 9b1d43c0c562..c71bd8e03469 100644
--- a/fs/splice.c
+++ b/fs/splice.c
@@ -1052,13 +1052,17 @@ ssize_t splice_direct_to_actor(struct file *in, str=
uct splice_desc *sd,
 	 */
 	bytes =3D 0;
 	len =3D sd->total_len;
+
+	/* Don't block on output, we have to drain the direct pipe. */
 	flags =3D sd->flags;
+	sd->flags &=3D ~SPLICE_F_NONBLOCK;
=20
 	/*
-	 * Don't block on output, we have to drain the direct pipe.
+	 * We signal MORE until we've read sufficient data to fulfill the
+	 * request and we keep signalling it if the caller set it.
 	 */
-	sd->flags &=3D ~SPLICE_F_NONBLOCK;
 	more =3D sd->flags & SPLICE_F_MORE;
+	sd->flags |=3D SPLICE_F_MORE;
=20
 	WARN_ON_ONCE(!pipe_empty(pipe->head, pipe->tail));
=20
@@ -1074,14 +1078,12 @@ ssize_t splice_direct_to_actor(struct file *in, str=
uct splice_desc *sd,
 		sd->total_len =3D read_len;
=20
 		/*
-		 * If more data is pending, set SPLICE_F_MORE
-		 * If this is the last data and SPLICE_F_MORE was not set
-		 * initially, clears it.
+		 * If we now have sufficient data to fulfill the request then
+		 * we clear SPLICE_F_MORE if it was not set initially.
 		 */
-		if (read_len < len)
-			sd->flags |=3D SPLICE_F_MORE;
-		else if (!more)
+		if (read_len >=3D len && !more)
 			sd->flags &=3D ~SPLICE_F_MORE;
+
 		/*
 		 * NOTE: nonblocking mode only applies to the input. We
 		 * must not do the output in nonblocking mode as then we
From nobody Thu May  2 19:51:33 2024
Return-Path: <linux-kernel-owner@vger.kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 0E7A0C7EE24
	for <linux-kernel@archiver.kernel.org>; Fri,  2 Jun 2023 15:09:43 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S236520AbjFBPJl (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Fri, 2 Jun 2023 11:09:41 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58030 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S236407AbjFBPJY (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 2 Jun 2023 11:09:24 -0400
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.129.124])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 14E75E4A
        for <linux-kernel@vger.kernel.org>;
 Fri,  2 Jun 2023 08:08:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1685718514;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=2ZNhwXeGIbA58IS6DHid2Q6FV7QVgcqbxppr3d+VzBk=;
        b=aUCtBTl9gsDcwQXshNUm3oCfKjR4vr1TUw/JScwzeZdfnv9/WgcSr2TrRQQmzCr6+QkeaV
        mCkc2eTk/Ay5X2K+bdq2A1Mfpp9VjEv+h7gnu16ygs5sKd8wvKiNy78nBRPExmpFn3ZgOk
        b3W/K1LluMVOtzsVc6mfSI0gvUAxABg=
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-257-hxUTvV89POCJp7sspC3Tpw-1; Fri, 02 Jun 2023 11:08:29 -0400
X-MC-Unique: hxUTvV89POCJp7sspC3Tpw-1
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com
 [10.11.54.5])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 49A92811E96;
        Fri,  2 Jun 2023 15:08:28 +0000 (UTC)
Received: from warthog.procyon.org.uk (unknown [10.42.28.182])
        by smtp.corp.redhat.com (Postfix) with ESMTP id 255369E60;
        Fri,  2 Jun 2023 15:08:26 +0000 (UTC)
From: David Howells <dhowells@redhat.com>
To: netdev@vger.kernel.org,
        Linus Torvalds <torvalds@linux-foundation.org>
Cc: David Howells <dhowells@redhat.com>,
        Chuck Lever <chuck.lever@oracle.com>,
        Boris Pismenny <borisp@nvidia.com>,
        John Fastabend <john.fastabend@gmail.com>,
        Jakub Kicinski <kuba@kernel.org>,
        "David S. Miller" <davem@davemloft.net>,
        Eric Dumazet <edumazet@google.com>,
        Paolo Abeni <pabeni@redhat.com>,
        Willem de Bruijn <willemdebruijn.kernel@gmail.com>,
        David Ahern <dsahern@kernel.org>,
        Matthew Wilcox <willy@infradead.org>,
        Jens Axboe <axboe@kernel.dk>, linux-mm@kvack.org,
        linux-kernel@vger.kernel.org
Subject: [PATCH net-next v3 06/11] tls: Address behaviour change in
 multi_chunk_sendfile kselftest
Date: Fri,  2 Jun 2023 16:07:47 +0100
Message-ID: <20230602150752.1306532-7-dhowells@redhat.com>
In-Reply-To: <20230602150752.1306532-1-dhowells@redhat.com>
References: <20230602150752.1306532-1-dhowells@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.5
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="utf-8"

The multi_chunk_sendfile tests in the TLS kselftest now fail because the
behaviour of sendfile()[*] changed when SPLICE_F_MORE signalling was fixed.
Now MSG_MORE is signalled to the socket until we have read sufficient data
to fulfill the request - which means if we get a short read, MSG_MORE isn't
seen to be dropped and the TLS record remains pending.

[*] This will also affect splice() if SPLICE_F_MORE isn't included in the
    flags.

Fix the TLS multi_chunk_sendfile kselftest to attempt to flush the
outstanding TLS record if we get a short sendfile() by doing a zero-length
send() with MSG_MORE unset.

Signed-off-by: David Howells <dhowells@redhat.com>
cc: Chuck Lever <chuck.lever@oracle.com>
cc: Boris Pismenny <borisp@nvidia.com>
cc: John Fastabend <john.fastabend@gmail.com>
cc: Jakub Kicinski <kuba@kernel.org>
cc: Eric Dumazet <edumazet@google.com>
cc: "David S. Miller" <davem@davemloft.net>
cc: Paolo Abeni <pabeni@redhat.com>
cc: Jens Axboe <axboe@kernel.dk>
cc: Matthew Wilcox <willy@infradead.org>
cc: netdev@vger.kernel.org
---
 tools/testing/selftests/net/tls.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/tools/testing/selftests/net/tls.c b/tools/testing/selftests/ne=
t/tls.c
index e699548d4247..8f4bed8aacc0 100644
--- a/tools/testing/selftests/net/tls.c
+++ b/tools/testing/selftests/net/tls.c
@@ -377,7 +377,7 @@ static void chunked_sendfile(struct __test_metadata *_m=
etadata,
 	char buf[TLS_PAYLOAD_MAX_LEN];
 	uint16_t test_payload_size;
 	int size =3D 0;
-	int ret;
+	int ret =3D 0;
 	char filename[] =3D "/tmp/mytemp.XXXXXX";
 	int fd =3D mkstemp(filename);
 	off_t offset =3D 0;
@@ -398,6 +398,10 @@ static void chunked_sendfile(struct __test_metadata *_=
metadata,
 		size -=3D ret;
 	}
=20
+	/* Flush the TLS record on a short read. */
+	if (ret < chunk_size)
+		EXPECT_EQ(send(self->fd, "", 0, 0), 0);
+
 	EXPECT_EQ(recv(self->cfd, buf, test_payload_size, MSG_WAITALL),
 		  test_payload_size);
From nobody Thu May  2 19:51:33 2024
Return-Path: <linux-kernel-owner@vger.kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 0DF98C77B7A
	for <linux-kernel@archiver.kernel.org>; Fri,  2 Jun 2023 15:09:38 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S236503AbjFBPJg (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Fri, 2 Jun 2023 11:09:36 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58040 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S236449AbjFBPJY (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 2 Jun 2023 11:09:24 -0400
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id F3732E59
        for <linux-kernel@vger.kernel.org>;
 Fri,  2 Jun 2023 08:08:36 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1685718516;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=VkjM4EGYNz4bsSc92zEJRjklGPZ81HVRDlJ8Fsl+T7k=;
        b=CRZ+loX6AIcvDMEHOvuFEDM/QYCDgkxX0VPtK5tGjDzb6kgIi3xj80YL4wwk9M5GSgw+xU
        YTkOP8E/gdbrHDzJc4OlLn9dE/qlxzELueataA4HO6K67HQ6RpqCm/UgDysCm5uFKp7/VC
        NbufJZXUq1XbPQ0twODJaAhf/1Rz+f0=
Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com
 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-552-_zaZ26ErPBGk4yKO8qBKjw-1; Fri, 02 Jun 2023 11:08:32 -0400
X-MC-Unique: _zaZ26ErPBGk4yKO8qBKjw-1
Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com
 [10.11.54.9])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 6021929AB3FA;
        Fri,  2 Jun 2023 15:08:31 +0000 (UTC)
Received: from warthog.procyon.org.uk (unknown [10.42.28.182])
        by smtp.corp.redhat.com (Postfix) with ESMTP id 1B13C40146F;
        Fri,  2 Jun 2023 15:08:29 +0000 (UTC)
From: David Howells <dhowells@redhat.com>
To: netdev@vger.kernel.org,
        Linus Torvalds <torvalds@linux-foundation.org>
Cc: David Howells <dhowells@redhat.com>,
        Chuck Lever <chuck.lever@oracle.com>,
        Boris Pismenny <borisp@nvidia.com>,
        John Fastabend <john.fastabend@gmail.com>,
        Jakub Kicinski <kuba@kernel.org>,
        "David S. Miller" <davem@davemloft.net>,
        Eric Dumazet <edumazet@google.com>,
        Paolo Abeni <pabeni@redhat.com>,
        Willem de Bruijn <willemdebruijn.kernel@gmail.com>,
        David Ahern <dsahern@kernel.org>,
        Matthew Wilcox <willy@infradead.org>,
        Jens Axboe <axboe@kernel.dk>, linux-mm@kvack.org,
        linux-kernel@vger.kernel.org
Subject: [PATCH net-next v3 07/11] tls/sw: Support MSG_SPLICE_PAGES
Date: Fri,  2 Jun 2023 16:07:48 +0100
Message-ID: <20230602150752.1306532-8-dhowells@redhat.com>
In-Reply-To: <20230602150752.1306532-1-dhowells@redhat.com>
References: <20230602150752.1306532-1-dhowells@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="utf-8"

Make TLS's sendmsg() support MSG_SPLICE_PAGES.  This causes pages to be
spliced from the source iterator if possible.

This allows ->sendpage() to be replaced by something that can handle
multiple multipage folios in a single transaction.

Signed-off-by: David Howells <dhowells@redhat.com>
cc: Chuck Lever <chuck.lever@oracle.com>
cc: Boris Pismenny <borisp@nvidia.com>
cc: John Fastabend <john.fastabend@gmail.com>
cc: Jakub Kicinski <kuba@kernel.org>
cc: Eric Dumazet <edumazet@google.com>
cc: "David S. Miller" <davem@davemloft.net>
cc: Paolo Abeni <pabeni@redhat.com>
cc: Jens Axboe <axboe@kernel.dk>
cc: Matthew Wilcox <willy@infradead.org>
cc: netdev@vger.kernel.org
---

Notes:
    ver #2)
     - "rls_" should be "tls_".

 net/tls/tls_sw.c | 46 +++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 45 insertions(+), 1 deletion(-)

diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index 6aa6d17888f5..14636cc6c3a4 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -929,6 +929,38 @@ static int tls_sw_push_pending_record(struct sock *sk,=
 int flags)
 				   &copied, flags);
 }
=20
+static int tls_sw_sendmsg_splice(struct sock *sk, struct msghdr *msg,
+				 struct sk_msg *msg_pl, size_t try_to_copy,
+				 ssize_t *copied)
+{
+	struct page *page =3D NULL, **pages =3D &page;
+
+	do {
+		ssize_t part;
+		size_t off;
+		bool put =3D false;
+
+		part =3D iov_iter_extract_pages(&msg->msg_iter, &pages,
+					      try_to_copy, 1, 0, &off);
+		if (part <=3D 0)
+			return part ?: -EIO;
+
+		if (WARN_ON_ONCE(!sendpage_ok(page))) {
+			iov_iter_revert(&msg->msg_iter, part);
+			return -EIO;
+		}
+
+		sk_msg_page_add(msg_pl, page, part, off);
+		sk_mem_charge(sk, part);
+		if (put)
+			put_page(page);
+		*copied +=3D part;
+		try_to_copy -=3D part;
+	} while (try_to_copy && !sk_msg_full(msg_pl));
+
+	return 0;
+}
+
 int tls_sw_sendmsg(struct sock *sk, struct msghdr *msg, size_t size)
 {
 	long timeo =3D sock_sndtimeo(sk, msg->msg_flags & MSG_DONTWAIT);
@@ -1021,6 +1053,17 @@ int tls_sw_sendmsg(struct sock *sk, struct msghdr *m=
sg, size_t size)
 			full_record =3D true;
 		}
=20
+		if (try_to_copy && (msg->msg_flags & MSG_SPLICE_PAGES)) {
+			ret =3D tls_sw_sendmsg_splice(sk, msg, msg_pl,
+						    try_to_copy, &copied);
+			if (ret < 0)
+				goto send_end;
+			tls_ctx->pending_open_record_frags =3D true;
+			if (full_record || eor || sk_msg_full(msg_pl))
+				goto copied;
+			continue;
+		}
+
 		if (!is_kvec && (full_record || eor) && !async_capable) {
 			u32 first =3D msg_pl->sg.end;
=20
@@ -1083,8 +1126,9 @@ int tls_sw_sendmsg(struct sock *sk, struct msghdr *ms=
g, size_t size)
 		/* Open records defined only if successfully copied, otherwise
 		 * we would trim the sg but not reset the open record frags.
 		 */
-		tls_ctx->pending_open_record_frags =3D true;
 		copied +=3D try_to_copy;
+copied:
+		tls_ctx->pending_open_record_frags =3D true;
 just_flush:
 		if (full_record || eor) {
 			ret =3D bpf_exec_tx_verdict(msg_pl, sk, full_record,
From nobody Thu May  2 19:51:33 2024
Return-Path: <linux-kernel-owner@vger.kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 962AEC7EE24
	for <linux-kernel@archiver.kernel.org>; Fri,  2 Jun 2023 15:15:15 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S236067AbjFBPPO (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Fri, 2 Jun 2023 11:15:14 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:34952 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S236742AbjFBPPD (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 2 Jun 2023 11:15:03 -0400
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 67D9BE58
        for <linux-kernel@vger.kernel.org>;
 Fri,  2 Jun 2023 08:13:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1685718827;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=dyjSa8hJz7UgTqVeMMh3QM5bpfol5ixZ+Ouwr1vUw7E=;
        b=GopkkhdE5CYc8dAB7kUkTA7ycqER7/uBfU+GukBWOvJaxAfCmBMjO/n9G1uzKpzw3VzXwG
        2k3w8/0zeotoVv+uoTamqo9AkZOx8/rvSWErx84R2uhXp+RYJYL3LPxPHjooYFRB5VUHys
        pY6XpHAqVExb2JH07nLsbTw74aqV92M=
Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com
 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-354-g2k8_go1Pi2GTrqqkIP0gg-1; Fri, 02 Jun 2023 11:13:44 -0400
X-MC-Unique: g2k8_go1Pi2GTrqqkIP0gg-1
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com
 [10.11.54.4])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mimecast-mx02.redhat.com (Postfix) with ESMTPS id B5BB63802267;
        Fri,  2 Jun 2023 15:08:36 +0000 (UTC)
Received: from warthog.procyon.org.uk (unknown [10.42.28.182])
        by smtp.corp.redhat.com (Postfix) with ESMTP id A31F72026D49;
        Fri,  2 Jun 2023 15:08:32 +0000 (UTC)
From: David Howells <dhowells@redhat.com>
To: netdev@vger.kernel.org,
        Linus Torvalds <torvalds@linux-foundation.org>
Cc: David Howells <dhowells@redhat.com>,
        Chuck Lever <chuck.lever@oracle.com>,
        Boris Pismenny <borisp@nvidia.com>,
        John Fastabend <john.fastabend@gmail.com>,
        Jakub Kicinski <kuba@kernel.org>,
        "David S. Miller" <davem@davemloft.net>,
        Eric Dumazet <edumazet@google.com>,
        Paolo Abeni <pabeni@redhat.com>,
        Willem de Bruijn <willemdebruijn.kernel@gmail.com>,
        David Ahern <dsahern@kernel.org>,
        Matthew Wilcox <willy@infradead.org>,
        Jens Axboe <axboe@kernel.dk>, linux-mm@kvack.org,
        linux-kernel@vger.kernel.org, bpf@vger.kernel.org
Subject: [PATCH net-next v3 08/11] tls/sw: Convert tls_sw_sendpage() to use
 MSG_SPLICE_PAGES
Date: Fri,  2 Jun 2023 16:07:49 +0100
Message-ID: <20230602150752.1306532-9-dhowells@redhat.com>
In-Reply-To: <20230602150752.1306532-1-dhowells@redhat.com>
References: <20230602150752.1306532-1-dhowells@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="utf-8"

Convert tls_sw_sendpage() and tls_sw_sendpage_locked() to use sendmsg()
with MSG_SPLICE_PAGES rather than directly splicing in the pages itself.

[!] Note that tls_sw_sendpage_locked() appears to have the wrong locking
    upstream.  I think the caller will only hold the socket lock, but it
    should hold tls_ctx->tx_lock too.

This allows ->sendpage() to be replaced by something that can handle
multiple multipage folios in a single transaction.

Signed-off-by: David Howells <dhowells@redhat.com>
cc: Chuck Lever <chuck.lever@oracle.com>
cc: Boris Pismenny <borisp@nvidia.com>
cc: John Fastabend <john.fastabend@gmail.com>
cc: Jakub Kicinski <kuba@kernel.org>
cc: Eric Dumazet <edumazet@google.com>
cc: "David S. Miller" <davem@davemloft.net>
cc: Paolo Abeni <pabeni@redhat.com>
cc: Jens Axboe <axboe@kernel.dk>
cc: Matthew Wilcox <willy@infradead.org>
cc: netdev@vger.kernel.org
cc: bpf@vger.kernel.org
---
 net/tls/tls_sw.c | 165 +++++++++--------------------------------------
 1 file changed, 31 insertions(+), 134 deletions(-)

diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index 14636cc6c3a4..4caed478bef8 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -961,7 +961,8 @@ static int tls_sw_sendmsg_splice(struct sock *sk, struc=
t msghdr *msg,
 	return 0;
 }
=20
-int tls_sw_sendmsg(struct sock *sk, struct msghdr *msg, size_t size)
+static int tls_sw_sendmsg_locked(struct sock *sk, struct msghdr *msg,
+				 size_t size)
 {
 	long timeo =3D sock_sndtimeo(sk, msg->msg_flags & MSG_DONTWAIT);
 	struct tls_context *tls_ctx =3D tls_get_ctx(sk);
@@ -984,15 +985,6 @@ int tls_sw_sendmsg(struct sock *sk, struct msghdr *msg=
, size_t size)
 	int ret =3D 0;
 	int pending;
=20
-	if (msg->msg_flags & ~(MSG_MORE | MSG_DONTWAIT | MSG_NOSIGNAL |
-			       MSG_CMSG_COMPAT | MSG_SPLICE_PAGES))
-		return -EOPNOTSUPP;
-
-	ret =3D mutex_lock_interruptible(&tls_ctx->tx_lock);
-	if (ret)
-		return ret;
-	lock_sock(sk);
-
 	if (unlikely(msg->msg_controllen)) {
 		ret =3D tls_process_cmsg(sk, msg, &record_type);
 		if (ret) {
@@ -1197,157 +1189,62 @@ int tls_sw_sendmsg(struct sock *sk, struct msghdr =
*msg, size_t size)
=20
 send_end:
 	ret =3D sk_stream_error(sk, msg->msg_flags, ret);
-
-	release_sock(sk);
-	mutex_unlock(&tls_ctx->tx_lock);
 	return copied > 0 ? copied : ret;
 }
=20
-static int tls_sw_do_sendpage(struct sock *sk, struct page *page,
-			      int offset, size_t size, int flags)
+int tls_sw_sendmsg(struct sock *sk, struct msghdr *msg, size_t size)
 {
-	long timeo =3D sock_sndtimeo(sk, flags & MSG_DONTWAIT);
 	struct tls_context *tls_ctx =3D tls_get_ctx(sk);
-	struct tls_sw_context_tx *ctx =3D tls_sw_ctx_tx(tls_ctx);
-	struct tls_prot_info *prot =3D &tls_ctx->prot_info;
-	unsigned char record_type =3D TLS_RECORD_TYPE_DATA;
-	struct sk_msg *msg_pl;
-	struct tls_rec *rec;
-	int num_async =3D 0;
-	ssize_t copied =3D 0;
-	bool full_record;
-	int record_room;
-	int ret =3D 0;
-	bool eor;
-
-	eor =3D !(flags & MSG_SENDPAGE_NOTLAST);
-	sk_clear_bit(SOCKWQ_ASYNC_NOSPACE, sk);
-
-	/* Call the sk_stream functions to manage the sndbuf mem. */
-	while (size > 0) {
-		size_t copy, required_size;
-
-		if (sk->sk_err) {
-			ret =3D -sk->sk_err;
-			goto sendpage_end;
-		}
-
-		if (ctx->open_rec)
-			rec =3D ctx->open_rec;
-		else
-			rec =3D ctx->open_rec =3D tls_get_rec(sk);
-		if (!rec) {
-			ret =3D -ENOMEM;
-			goto sendpage_end;
-		}
-
-		msg_pl =3D &rec->msg_plaintext;
-
-		full_record =3D false;
-		record_room =3D TLS_MAX_PAYLOAD_SIZE - msg_pl->sg.size;
-		copy =3D size;
-		if (copy >=3D record_room) {
-			copy =3D record_room;
-			full_record =3D true;
-		}
-
-		required_size =3D msg_pl->sg.size + copy + prot->overhead_size;
-
-		if (!sk_stream_memory_free(sk))
-			goto wait_for_sndbuf;
-alloc_payload:
-		ret =3D tls_alloc_encrypted_msg(sk, required_size);
-		if (ret) {
-			if (ret !=3D -ENOSPC)
-				goto wait_for_memory;
-
-			/* Adjust copy according to the amount that was
-			 * actually allocated. The difference is due
-			 * to max sg elements limit
-			 */
-			copy -=3D required_size - msg_pl->sg.size;
-			full_record =3D true;
-		}
-
-		sk_msg_page_add(msg_pl, page, copy, offset);
-		sk_mem_charge(sk, copy);
-
-		offset +=3D copy;
-		size -=3D copy;
-		copied +=3D copy;
-
-		tls_ctx->pending_open_record_frags =3D true;
-		if (full_record || eor || sk_msg_full(msg_pl)) {
-			ret =3D bpf_exec_tx_verdict(msg_pl, sk, full_record,
-						  record_type, &copied, flags);
-			if (ret) {
-				if (ret =3D=3D -EINPROGRESS)
-					num_async++;
-				else if (ret =3D=3D -ENOMEM)
-					goto wait_for_memory;
-				else if (ret !=3D -EAGAIN) {
-					if (ret =3D=3D -ENOSPC)
-						ret =3D 0;
-					goto sendpage_end;
-				}
-			}
-		}
-		continue;
-wait_for_sndbuf:
-		set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
-wait_for_memory:
-		ret =3D sk_stream_wait_memory(sk, &timeo);
-		if (ret) {
-			if (ctx->open_rec)
-				tls_trim_both_msgs(sk, msg_pl->sg.size);
-			goto sendpage_end;
-		}
+	int ret;
=20
-		if (ctx->open_rec)
-			goto alloc_payload;
-	}
+	if (msg->msg_flags & ~(MSG_MORE | MSG_DONTWAIT | MSG_NOSIGNAL |
+			       MSG_CMSG_COMPAT | MSG_SPLICE_PAGES |
+			       MSG_SENDPAGE_NOTLAST | MSG_SENDPAGE_NOPOLICY))
+		return -EOPNOTSUPP;
=20
-	if (num_async) {
-		/* Transmit if any encryptions have completed */
-		if (test_and_clear_bit(BIT_TX_SCHEDULED, &ctx->tx_bitmask)) {
-			cancel_delayed_work(&ctx->tx_work.work);
-			tls_tx_records(sk, flags);
-		}
-	}
-sendpage_end:
-	ret =3D sk_stream_error(sk, flags, ret);
-	return copied > 0 ? copied : ret;
+	ret =3D mutex_lock_interruptible(&tls_ctx->tx_lock);
+	if (ret)
+		return ret;
+	lock_sock(sk);
+	ret =3D tls_sw_sendmsg_locked(sk, msg, size);
+	release_sock(sk);
+	mutex_unlock(&tls_ctx->tx_lock);
+	return ret;
 }
=20
 int tls_sw_sendpage_locked(struct sock *sk, struct page *page,
 			   int offset, size_t size, int flags)
 {
+	struct bio_vec bvec;
+	struct msghdr msg =3D { .msg_flags =3D flags | MSG_SPLICE_PAGES, };
+
 	if (flags & ~(MSG_MORE | MSG_DONTWAIT | MSG_NOSIGNAL |
 		      MSG_SENDPAGE_NOTLAST | MSG_SENDPAGE_NOPOLICY |
 		      MSG_NO_SHARED_FRAGS))
 		return -EOPNOTSUPP;
+	if (flags & MSG_SENDPAGE_NOTLAST)
+		msg.msg_flags |=3D MSG_MORE;
=20
-	return tls_sw_do_sendpage(sk, page, offset, size, flags);
+	bvec_set_page(&bvec, page, size, offset);
+	iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, &bvec, 1, size);
+	return tls_sw_sendmsg_locked(sk, &msg, size);
 }
=20
 int tls_sw_sendpage(struct sock *sk, struct page *page,
 		    int offset, size_t size, int flags)
 {
-	struct tls_context *tls_ctx =3D tls_get_ctx(sk);
-	int ret;
+	struct bio_vec bvec;
+	struct msghdr msg =3D { .msg_flags =3D flags | MSG_SPLICE_PAGES, };
=20
 	if (flags & ~(MSG_MORE | MSG_DONTWAIT | MSG_NOSIGNAL |
 		      MSG_SENDPAGE_NOTLAST | MSG_SENDPAGE_NOPOLICY))
 		return -EOPNOTSUPP;
+	if (flags & MSG_SENDPAGE_NOTLAST)
+		msg.msg_flags |=3D MSG_MORE;
=20
-	ret =3D mutex_lock_interruptible(&tls_ctx->tx_lock);
-	if (ret)
-		return ret;
-	lock_sock(sk);
-	ret =3D tls_sw_do_sendpage(sk, page, offset, size, flags);
-	release_sock(sk);
-	mutex_unlock(&tls_ctx->tx_lock);
-	return ret;
+	bvec_set_page(&bvec, page, size, offset);
+	iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, &bvec, 1, size);
+	return tls_sw_sendmsg(sk, &msg, size);
 }
=20
 static int
From nobody Thu May  2 19:51:33 2024
Return-Path: <linux-kernel-owner@vger.kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 95C45C7EE24
	for <linux-kernel@archiver.kernel.org>; Fri,  2 Jun 2023 15:10:14 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S236545AbjFBPJy (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Fri, 2 Jun 2023 11:09:54 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58170 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S236485AbjFBPJf (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 2 Jun 2023 11:09:35 -0400
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 53AD0E41
        for <linux-kernel@vger.kernel.org>;
 Fri,  2 Jun 2023 08:08:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1685718524;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=i1bosU+FfxRloSp1wkQbe5FyZjgR/CpUzjqQmhn8VOU=;
        b=XSK5j4vASOImozX0qe4hzxcz/uK711ej2eOOYUvLPorXWnzfvrjm2/H6gZPd+1pUk/mhq4
        3TM6gXr4JjzwBqvLndNFc3mmmNgIWc2Y/jA+kXXxV6KsShIk26mryVROjXPm8sS1NNoG0z
        TGdTkp4BPsku9ypYK26VBu6ahaaX8So=
Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-618-i_fo6rKYNaiI2OVO_0s6fw-1; Fri, 02 Jun 2023 11:08:41 -0400
X-MC-Unique: i_fo6rKYNaiI2OVO_0s6fw-1
Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com
 [10.11.54.10])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mimecast-mx02.redhat.com (Postfix) with ESMTPS id A77CA8028B2;
        Fri,  2 Jun 2023 15:08:40 +0000 (UTC)
Received: from warthog.procyon.org.uk (unknown [10.42.28.182])
        by smtp.corp.redhat.com (Postfix) with ESMTP id 785D0492B0C;
        Fri,  2 Jun 2023 15:08:37 +0000 (UTC)
From: David Howells <dhowells@redhat.com>
To: netdev@vger.kernel.org,
        Linus Torvalds <torvalds@linux-foundation.org>
Cc: David Howells <dhowells@redhat.com>,
        Chuck Lever <chuck.lever@oracle.com>,
        Boris Pismenny <borisp@nvidia.com>,
        John Fastabend <john.fastabend@gmail.com>,
        Jakub Kicinski <kuba@kernel.org>,
        "David S. Miller" <davem@davemloft.net>,
        Eric Dumazet <edumazet@google.com>,
        Paolo Abeni <pabeni@redhat.com>,
        Willem de Bruijn <willemdebruijn.kernel@gmail.com>,
        David Ahern <dsahern@kernel.org>,
        Matthew Wilcox <willy@infradead.org>,
        Jens Axboe <axboe@kernel.dk>, linux-mm@kvack.org,
        linux-kernel@vger.kernel.org
Subject: [PATCH net-next v3 09/11] tls/device: Support MSG_SPLICE_PAGES
Date: Fri,  2 Jun 2023 16:07:50 +0100
Message-ID: <20230602150752.1306532-10-dhowells@redhat.com>
In-Reply-To: <20230602150752.1306532-1-dhowells@redhat.com>
References: <20230602150752.1306532-1-dhowells@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.10
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="utf-8"

Make TLS's device sendmsg() support MSG_SPLICE_PAGES.  This causes pages to
be spliced from the source iterator if possible.

This allows ->sendpage() to be replaced by something that can handle
multiple multipage folios in a single transaction.

Signed-off-by: David Howells <dhowells@redhat.com>
cc: Chuck Lever <chuck.lever@oracle.com>
cc: Boris Pismenny <borisp@nvidia.com>
cc: John Fastabend <john.fastabend@gmail.com>
cc: Jakub Kicinski <kuba@kernel.org>
cc: Eric Dumazet <edumazet@google.com>
cc: "David S. Miller" <davem@davemloft.net>
cc: Paolo Abeni <pabeni@redhat.com>
cc: Jens Axboe <axboe@kernel.dk>
cc: Matthew Wilcox <willy@infradead.org>
cc: netdev@vger.kernel.org
---
 net/tls/tls_device.c | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c
index 9ef766e41c7a..f2f1aff19e4a 100644
--- a/net/tls/tls_device.c
+++ b/net/tls/tls_device.c
@@ -509,6 +509,29 @@ static int tls_push_data(struct sock *sk,
 			tls_append_frag(record, &zc_pfrag, copy);
=20
 			iter_offset.offset +=3D copy;
+		} else if (copy && (flags & MSG_SPLICE_PAGES)) {
+			struct page_frag zc_pfrag;
+			struct page **pages =3D &zc_pfrag.page;
+			size_t off;
+
+			rc =3D iov_iter_extract_pages(iter_offset.msg_iter,
+						    &pages, copy, 1, 0, &off);
+			if (rc <=3D 0) {
+				if (rc =3D=3D 0)
+					rc =3D -EIO;
+				goto handle_error;
+			}
+			copy =3D rc;
+
+			if (WARN_ON_ONCE(!sendpage_ok(zc_pfrag.page))) {
+				iov_iter_revert(iter_offset.msg_iter, copy);
+				rc =3D -EIO;
+				goto handle_error;
+			}
+
+			zc_pfrag.offset =3D off;
+			zc_pfrag.size =3D copy;
+			tls_append_frag(record, &zc_pfrag, copy);
 		} else if (copy) {
 			copy =3D min_t(size_t, copy, pfrag->size - pfrag->offset);
=20
@@ -572,6 +595,9 @@ int tls_device_sendmsg(struct sock *sk, struct msghdr *=
msg, size_t size)
 	union tls_iter_offset iter;
 	int rc;
=20
+	if (!tls_ctx->zerocopy_sendfile)
+		msg->msg_flags &=3D ~MSG_SPLICE_PAGES;
+
 	mutex_lock(&tls_ctx->tx_lock);
 	lock_sock(sk);
From nobody Thu May  2 19:51:33 2024
Return-Path: <linux-kernel-owner@vger.kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 6FFA6C7EE24
	for <linux-kernel@archiver.kernel.org>; Fri,  2 Jun 2023 15:10:18 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S236441AbjFBPKR (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Fri, 2 Jun 2023 11:10:17 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58224 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S236514AbjFBPJk (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 2 Jun 2023 11:09:40 -0400
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B8A36E55
        for <linux-kernel@vger.kernel.org>;
 Fri,  2 Jun 2023 08:08:52 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1685718532;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=mKfCy+bv0BFrGREXI3gIfX89zPW0d4xX2aV4J5lMm9c=;
        b=B1yB6LDiavCc6qtjXftc1Sm+eRdq2T3dXRan8gP2cLIofT3n8i1+Se4aKHSnD28Rr7TBx3
        S0KGwANd5eB7JvfapO+iQHT1nA6kutEWvy760neOkcxXn6qxiyG0k1KrO6eD4QrVPZLtsz
        xn0dkWf3BBwBFFPqmhKWtTncgxSCq9A=
Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com
 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-486-9ryx0VvIPr2I-ceTIrBRHQ-1; Fri, 02 Jun 2023 11:08:45 -0400
X-MC-Unique: 9ryx0VvIPr2I-ceTIrBRHQ-1
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com
 [10.11.54.2])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mimecast-mx02.redhat.com (Postfix) with ESMTPS id A84EF3C0C89F;
        Fri,  2 Jun 2023 15:08:44 +0000 (UTC)
Received: from warthog.procyon.org.uk (unknown [10.42.28.182])
        by smtp.corp.redhat.com (Postfix) with ESMTP id 6F1AF40C6EC4;
        Fri,  2 Jun 2023 15:08:42 +0000 (UTC)
From: David Howells <dhowells@redhat.com>
To: netdev@vger.kernel.org,
        Linus Torvalds <torvalds@linux-foundation.org>
Cc: David Howells <dhowells@redhat.com>,
        Chuck Lever <chuck.lever@oracle.com>,
        Boris Pismenny <borisp@nvidia.com>,
        John Fastabend <john.fastabend@gmail.com>,
        Jakub Kicinski <kuba@kernel.org>,
        "David S. Miller" <davem@davemloft.net>,
        Eric Dumazet <edumazet@google.com>,
        Paolo Abeni <pabeni@redhat.com>,
        Willem de Bruijn <willemdebruijn.kernel@gmail.com>,
        David Ahern <dsahern@kernel.org>,
        Matthew Wilcox <willy@infradead.org>,
        Jens Axboe <axboe@kernel.dk>, linux-mm@kvack.org,
        linux-kernel@vger.kernel.org
Subject: [PATCH net-next v3 10/11] tls/device: Convert tls_device_sendpage()
 to use MSG_SPLICE_PAGES
Date: Fri,  2 Jun 2023 16:07:51 +0100
Message-ID: <20230602150752.1306532-11-dhowells@redhat.com>
In-Reply-To: <20230602150752.1306532-1-dhowells@redhat.com>
References: <20230602150752.1306532-1-dhowells@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="utf-8"

Convert tls_device_sendpage() to use sendmsg() with MSG_SPLICE_PAGES rather
than directly splicing in the pages itself.  With that, the tls_iter_offset
union is no longer necessary and can be replaced with an iov_iter pointer
and the zc_page argument to tls_push_data() can also be removed.

This allows ->sendpage() to be replaced by something that can handle
multiple multipage folios in a single transaction.

Signed-off-by: David Howells <dhowells@redhat.com>
cc: Chuck Lever <chuck.lever@oracle.com>
cc: Boris Pismenny <borisp@nvidia.com>
cc: John Fastabend <john.fastabend@gmail.com>
cc: Jakub Kicinski <kuba@kernel.org>
cc: Eric Dumazet <edumazet@google.com>
cc: "David S. Miller" <davem@davemloft.net>
cc: Paolo Abeni <pabeni@redhat.com>
cc: Jens Axboe <axboe@kernel.dk>
cc: Matthew Wilcox <willy@infradead.org>
cc: netdev@vger.kernel.org
---
 net/tls/tls_device.c | 84 +++++++++++---------------------------------
 1 file changed, 20 insertions(+), 64 deletions(-)

diff --git a/net/tls/tls_device.c b/net/tls/tls_device.c
index f2f1aff19e4a..c698d6d60219 100644
--- a/net/tls/tls_device.c
+++ b/net/tls/tls_device.c
@@ -422,16 +422,10 @@ static int tls_device_copy_data(void *addr, size_t by=
tes, struct iov_iter *i)
 	return 0;
 }
=20
-union tls_iter_offset {
-	struct iov_iter *msg_iter;
-	int offset;
-};
-
 static int tls_push_data(struct sock *sk,
-			 union tls_iter_offset iter_offset,
+			 struct iov_iter *iter,
 			 size_t size, int flags,
-			 unsigned char record_type,
-			 struct page *zc_page)
+			 unsigned char record_type)
 {
 	struct tls_context *tls_ctx =3D tls_get_ctx(sk);
 	struct tls_prot_info *prot =3D &tls_ctx->prot_info;
@@ -500,22 +494,13 @@ static int tls_push_data(struct sock *sk,
 		record =3D ctx->open_record;
=20
 		copy =3D min_t(size_t, size, max_open_record_len - record->len);
-		if (copy && zc_page) {
-			struct page_frag zc_pfrag;
-
-			zc_pfrag.page =3D zc_page;
-			zc_pfrag.offset =3D iter_offset.offset;
-			zc_pfrag.size =3D copy;
-			tls_append_frag(record, &zc_pfrag, copy);
-
-			iter_offset.offset +=3D copy;
-		} else if (copy && (flags & MSG_SPLICE_PAGES)) {
+		if (copy && (flags & MSG_SPLICE_PAGES)) {
 			struct page_frag zc_pfrag;
 			struct page **pages =3D &zc_pfrag.page;
 			size_t off;
=20
-			rc =3D iov_iter_extract_pages(iter_offset.msg_iter,
-						    &pages, copy, 1, 0, &off);
+			rc =3D iov_iter_extract_pages(iter, &pages,
+						    copy, 1, 0, &off);
 			if (rc <=3D 0) {
 				if (rc =3D=3D 0)
 					rc =3D -EIO;
@@ -524,7 +509,7 @@ static int tls_push_data(struct sock *sk,
 			copy =3D rc;
=20
 			if (WARN_ON_ONCE(!sendpage_ok(zc_pfrag.page))) {
-				iov_iter_revert(iter_offset.msg_iter, copy);
+				iov_iter_revert(iter, copy);
 				rc =3D -EIO;
 				goto handle_error;
 			}
@@ -537,7 +522,7 @@ static int tls_push_data(struct sock *sk,
=20
 			rc =3D tls_device_copy_data(page_address(pfrag->page) +
 						  pfrag->offset, copy,
-						  iter_offset.msg_iter);
+						  iter);
 			if (rc)
 				goto handle_error;
 			tls_append_frag(record, pfrag, copy);
@@ -592,7 +577,6 @@ int tls_device_sendmsg(struct sock *sk, struct msghdr *=
msg, size_t size)
 {
 	unsigned char record_type =3D TLS_RECORD_TYPE_DATA;
 	struct tls_context *tls_ctx =3D tls_get_ctx(sk);
-	union tls_iter_offset iter;
 	int rc;
=20
 	if (!tls_ctx->zerocopy_sendfile)
@@ -607,8 +591,8 @@ int tls_device_sendmsg(struct sock *sk, struct msghdr *=
msg, size_t size)
 			goto out;
 	}
=20
-	iter.msg_iter =3D &msg->msg_iter;
-	rc =3D tls_push_data(sk, iter, size, msg->msg_flags, record_type, NULL);
+	rc =3D tls_push_data(sk, &msg->msg_iter, size, msg->msg_flags,
+			   record_type);
=20
 out:
 	release_sock(sk);
@@ -619,44 +603,18 @@ int tls_device_sendmsg(struct sock *sk, struct msghdr=
 *msg, size_t size)
 int tls_device_sendpage(struct sock *sk, struct page *page,
 			int offset, size_t size, int flags)
 {
-	struct tls_context *tls_ctx =3D tls_get_ctx(sk);
-	union tls_iter_offset iter_offset;
-	struct iov_iter msg_iter;
-	char *kaddr;
-	struct kvec iov;
-	int rc;
+	struct bio_vec bvec;
+	struct msghdr msg =3D { .msg_flags =3D flags | MSG_SPLICE_PAGES, };
=20
 	if (flags & MSG_SENDPAGE_NOTLAST)
-		flags |=3D MSG_MORE;
-
-	mutex_lock(&tls_ctx->tx_lock);
-	lock_sock(sk);
+		msg.msg_flags |=3D MSG_MORE;
=20
-	if (flags & MSG_OOB) {
-		rc =3D -EOPNOTSUPP;
-		goto out;
-	}
-
-	if (tls_ctx->zerocopy_sendfile) {
-		iter_offset.offset =3D offset;
-		rc =3D tls_push_data(sk, iter_offset, size,
-				   flags, TLS_RECORD_TYPE_DATA, page);
-		goto out;
-	}
-
-	kaddr =3D kmap(page);
-	iov.iov_base =3D kaddr + offset;
-	iov.iov_len =3D size;
-	iov_iter_kvec(&msg_iter, ITER_SOURCE, &iov, 1, size);
-	iter_offset.msg_iter =3D &msg_iter;
-	rc =3D tls_push_data(sk, iter_offset, size, flags, TLS_RECORD_TYPE_DATA,
-			   NULL);
-	kunmap(page);
+	if (flags & MSG_OOB)
+		return -EOPNOTSUPP;
=20
-out:
-	release_sock(sk);
-	mutex_unlock(&tls_ctx->tx_lock);
-	return rc;
+	bvec_set_page(&bvec, page, size, offset);
+	iov_iter_bvec(&msg.msg_iter, ITER_SOURCE, &bvec, 1, size);
+	return tls_device_sendmsg(sk, &msg, size);
 }
=20
 struct tls_record_info *tls_get_record(struct tls_offload_context_tx *cont=
ext,
@@ -721,12 +679,10 @@ EXPORT_SYMBOL(tls_get_record);
=20
 static int tls_device_push_pending_record(struct sock *sk, int flags)
 {
-	union tls_iter_offset iter;
-	struct iov_iter msg_iter;
+	struct iov_iter iter;
=20
-	iov_iter_kvec(&msg_iter, ITER_SOURCE, NULL, 0, 0);
-	iter.msg_iter =3D &msg_iter;
-	return tls_push_data(sk, iter, 0, flags, TLS_RECORD_TYPE_DATA, NULL);
+	iov_iter_kvec(&iter, ITER_SOURCE, NULL, 0, 0);
+	return tls_push_data(sk, &iter, 0, flags, TLS_RECORD_TYPE_DATA);
 }
=20
 void tls_device_write_space(struct sock *sk, struct tls_context *ctx)
From nobody Thu May  2 19:51:33 2024
Return-Path: <linux-kernel-owner@vger.kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 6D182C77B7A
	for <linux-kernel@archiver.kernel.org>; Fri,  2 Jun 2023 15:10:22 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S236488AbjFBPKU (ORCPT <rfc822;linux-kernel@archiver.kernel.org>);
        Fri, 2 Jun 2023 11:10:20 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58378 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S236534AbjFBPJs (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 2 Jun 2023 11:09:48 -0400
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 61B1BE44
        for <linux-kernel@vger.kernel.org>;
 Fri,  2 Jun 2023 08:08:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
        s=mimecast20190719; t=1685718534;
        h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
         to:to:cc:cc:mime-version:mime-version:
         content-transfer-encoding:content-transfer-encoding:
         in-reply-to:in-reply-to:references:references;
        bh=lEYVSGbA7NoXu+U2Wu0+Nhg1lTDv/9jIqEWNAqaEbTg=;
        b=gRUtiLsDP1a4Tijg0wsJvDwRP6cHs7ebcWdylsUfRs8U6K+gSF3zInwg8bax1bolUJHeS/
        OBonc5n16ipCbUknkVuXcwuY+T7vUchWt6C0LcBBlgNk0MMjSq7GQqQjqWV5Hx5p6ECbvh
        NwgrF049Rw80Ir8N0+Pjar+N6roAQT8=
Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com
 [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-450-ueIYBq1NPI23Vhe8TEewXA-1; Fri, 02 Jun 2023 11:08:50 -0400
X-MC-Unique: ueIYBq1NPI23Vhe8TEewXA-1
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com
 [10.11.54.4])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mimecast-mx02.redhat.com (Postfix) with ESMTPS id E85EF3C0C897;
        Fri,  2 Jun 2023 15:08:48 +0000 (UTC)
Received: from warthog.procyon.org.uk (unknown [10.42.28.182])
        by smtp.corp.redhat.com (Postfix) with ESMTP id 6DE7C2026D49;
        Fri,  2 Jun 2023 15:08:45 +0000 (UTC)
From: David Howells <dhowells@redhat.com>
To: netdev@vger.kernel.org,
        Linus Torvalds <torvalds@linux-foundation.org>
Cc: David Howells <dhowells@redhat.com>,
        Chuck Lever <chuck.lever@oracle.com>,
        Boris Pismenny <borisp@nvidia.com>,
        John Fastabend <john.fastabend@gmail.com>,
        Jakub Kicinski <kuba@kernel.org>,
        "David S. Miller" <davem@davemloft.net>,
        Eric Dumazet <edumazet@google.com>,
        Paolo Abeni <pabeni@redhat.com>,
        Willem de Bruijn <willemdebruijn.kernel@gmail.com>,
        David Ahern <dsahern@kernel.org>,
        Matthew Wilcox <willy@infradead.org>,
        Jens Axboe <axboe@kernel.dk>, linux-mm@kvack.org,
        linux-kernel@vger.kernel.org,
        Herbert Xu <herbert@gondor.apana.org.au>
Subject: [PATCH net-next v3 11/11] net: Add samples for network I/O and
 splicing
Date: Fri,  2 Jun 2023 16:07:52 +0100
Message-ID: <20230602150752.1306532-12-dhowells@redhat.com>
In-Reply-To: <20230602150752.1306532-1-dhowells@redhat.com>
References: <20230602150752.1306532-1-dhowells@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
X-Scanned-By: MIMEDefang 3.1 on 10.11.54.4
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Type: text/plain; charset="utf-8"

Add some small sample programs for doing network I/O including splicing.

There are three IPv4/IPv6 servers: tcp-sink, tls-sink and udp-sink.  They
can be given a port number by passing "-p <port>" and will listen on an
IPv6 socket unless given a "-4" flag, in which case they'll listen for IPv4
only.

There are three IPv4/IPv6 clients: tcp-send, tls-send and udp-send.  They
are given a file to get data from (or "-" for stdin) and the name of a
server to talk to.  They can also be given a port number by passing "-p
<port>", "-4" or "-6" to force the use of IPv4 or IPv6, "-s" to indicate
they should use splice/sendfile to transfer the data and "-n" to specify
how much data to copy.  If "-s" is given, the input will be spliced if it's
a pipe and sendfiled otherwise.

A driver program, splice-out, is provided to splice data from a file/stdin
to stdout and can be used to pipe into the aforementioned clients for
testing splice.  This takes the name of the file to splice from (or "-" for
stdin).  It can also be given "-w <size>" to indicate the maximum size of
each splice, "-k <size>" if a chunk of the input should be skipped between
splices to prevent coalescence and "-s" if sendfile should be used instead
of splice.

Additionally, there is an AF_UNIX client and server.  These are similar to
the IPv[46] programs, except both take a socket path and there is no option
to change the port number.

And then there are two AF_ALG clients (there is no server).  These are
similar to the other clients, except no destination is specified.  One
exercised skcipher encryption and the other hashing.

Examples include:

	./splice-out -w0x400 /foo/16K 4K | ./alg-encrypt -s -
	./splice-out -w0x400 /foo/1M | ./unix-send -s - /tmp/foo
	./splice-out -w0x400 /foo/16K 16K -w1 | ./tls-send -s6 -n16K - servbox
	./tcp-send /bin/ls 192.168.6.1
	./udp-send -4 -p5555 /foo/4K localhost

where, for example, /foo/16K is a 16KiB file.

Signed-off-by: David Howells <dhowells@redhat.com>
cc: Willem de Bruijn <willemdebruijn.kernel@gmail.com>
cc: Boris Pismenny <borisp@nvidia.com>
cc: John Fastabend <john.fastabend@gmail.com>
cc: Herbert Xu <herbert@gondor.apana.org.au>
cc: "David S. Miller" <davem@davemloft.net>
cc: Eric Dumazet <edumazet@google.com>
cc: Jakub Kicinski <kuba@kernel.org>
cc: Paolo Abeni <pabeni@redhat.com>
cc: Jens Axboe <axboe@kernel.dk>
cc: netdev@vger.kernel.org
---
 samples/Kconfig           |  14 +++
 samples/Makefile          |   1 +
 samples/net/Makefile      |  13 +++
 samples/net/alg-encrypt.c | 206 ++++++++++++++++++++++++++++++++++++++
 samples/net/alg-hash.c    | 147 +++++++++++++++++++++++++++
 samples/net/splice-out.c  | 147 +++++++++++++++++++++++++++
 samples/net/tcp-send.c    | 177 ++++++++++++++++++++++++++++++++
 samples/net/tcp-sink.c    |  80 +++++++++++++++
 samples/net/tls-send.c    | 188 ++++++++++++++++++++++++++++++++++
 samples/net/tls-sink.c    | 104 +++++++++++++++++++
 samples/net/udp-send.c    | 156 +++++++++++++++++++++++++++++
 samples/net/udp-sink.c    |  84 ++++++++++++++++
 samples/net/unix-send.c   | 151 ++++++++++++++++++++++++++++
 samples/net/unix-sink.c   |  54 ++++++++++
 14 files changed, 1522 insertions(+)
 create mode 100644 samples/net/Makefile
 create mode 100644 samples/net/alg-encrypt.c
 create mode 100644 samples/net/alg-hash.c
 create mode 100644 samples/net/splice-out.c
 create mode 100644 samples/net/tcp-send.c
 create mode 100644 samples/net/tcp-sink.c
 create mode 100644 samples/net/tls-send.c
 create mode 100644 samples/net/tls-sink.c
 create mode 100644 samples/net/udp-send.c
 create mode 100644 samples/net/udp-sink.c
 create mode 100644 samples/net/unix-send.c
 create mode 100644 samples/net/unix-sink.c

diff --git a/samples/Kconfig b/samples/Kconfig
index b2db430bd3ff..928e06b08b99 100644
--- a/samples/Kconfig
+++ b/samples/Kconfig
@@ -280,6 +280,20 @@ config SAMPLE_KMEMLEAK
           Build a sample program which have explicitly leaks memory to test
           kmemleak
=20
+config SAMPLE_NET
+	bool "Build example programs for driving network protocols"
+	depends on NET
+	help
+	  Build example userspace programs for driving network protocols.  Most
+	  of the programs (tcp, udp, tls, unix) come as client-server pairs
+	  that allow the test to be split across a network (but not in the unix
+	  case); but some, such as the AF_ALG samples are standalone as there
+	  is no server per se.
+
+	  The programs allow sendfile and splice to be used.  An additional
+	  program is provided that allows sendfile/splice to stdout for use in
+	  piping in to the other programs to operate splice there.
+
 source "samples/rust/Kconfig"
=20
 endif # SAMPLES
diff --git a/samples/Makefile b/samples/Makefile
index 7727f1a0d6d1..b9fbf80a53be 100644
--- a/samples/Makefile
+++ b/samples/Makefile
@@ -37,3 +37,4 @@ obj-$(CONFIG_SAMPLE_KMEMLEAK)		+=3D kmemleak/
 obj-$(CONFIG_SAMPLE_CORESIGHT_SYSCFG)	+=3D coresight/
 obj-$(CONFIG_SAMPLE_FPROBE)		+=3D fprobe/
 obj-$(CONFIG_SAMPLES_RUST)		+=3D rust/
+obj-$(CONFIG_SAMPLE_NET)		+=3D net/
diff --git a/samples/net/Makefile b/samples/net/Makefile
new file mode 100644
index 000000000000..0ccd68a36edf
--- /dev/null
+++ b/samples/net/Makefile
@@ -0,0 +1,13 @@
+# SPDX-License-Identifier: GPL-2.0-only
+userprogs-always-y +=3D \
+	alg-hash \
+	alg-encrypt \
+	splice-out \
+	tcp-send \
+	tcp-sink \
+	tls-send \
+	tls-sink \
+	udp-send \
+	udp-sink \
+	unix-send \
+	unix-sink
diff --git a/samples/net/alg-encrypt.c b/samples/net/alg-encrypt.c
new file mode 100644
index 000000000000..3851b5fbaeda
--- /dev/null
+++ b/samples/net/alg-encrypt.c
@@ -0,0 +1,206 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/* AF_ALG hash test
+ *
+ * Copyright (C) 2023 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ */
+
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdbool.h>
+#include <string.h>
+#include <getopt.h>
+#include <limits.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <sys/un.h>
+#include <sys/socket.h>
+#include <sys/stat.h>
+#include <sys/sendfile.h>
+#include <linux/if_alg.h>
+
+#define OSERROR(X, Y) \
+	do { if ((long)(X) =3D=3D -1) { perror(Y); exit(1); } } while (0)
+#define min(x, y) ((x) < (y) ? (x) : (y))
+
+static unsigned char buffer[4096 * 32] __attribute__((aligned(4096)));
+static unsigned char iv[16];
+static unsigned char key[16];
+
+static const struct sockaddr_alg sa =3D {
+	.salg_family	=3D AF_ALG,
+	.salg_type	=3D "skcipher",
+	.salg_name	=3D "cbc(aes)",
+};
+
+static void format(void)
+{
+	fprintf(stderr, "alg-send [-ds] [-n<size>] <file>|-\n");
+	exit(2);
+}
+
+static void algif_add_set_op(struct msghdr *msg, unsigned int op)
+{
+	struct cmsghdr *__cmsg;
+
+	__cmsg =3D msg->msg_control + msg->msg_controllen;
+	__cmsg->cmsg_len	=3D CMSG_LEN(sizeof(unsigned int));
+	__cmsg->cmsg_level	=3D SOL_ALG;
+	__cmsg->cmsg_type	=3D ALG_SET_OP;
+	*(unsigned int *)CMSG_DATA(__cmsg) =3D op;
+	msg->msg_controllen +=3D CMSG_ALIGN(__cmsg->cmsg_len);
+}
+
+static void algif_add_set_iv(struct msghdr *msg, const void *iv, size_t iv=
len)
+{
+	struct af_alg_iv *ivbuf;
+	struct cmsghdr *__cmsg;
+
+	printf("%zx\n", msg->msg_controllen);
+	__cmsg =3D msg->msg_control + msg->msg_controllen;
+	__cmsg->cmsg_len	=3D CMSG_LEN(sizeof(*ivbuf) + ivlen);
+	__cmsg->cmsg_level	=3D SOL_ALG;
+	__cmsg->cmsg_type	=3D ALG_SET_IV;
+	ivbuf =3D (struct af_alg_iv *)CMSG_DATA(__cmsg);
+	ivbuf->ivlen =3D ivlen;
+	memcpy(ivbuf->iv, iv, ivlen);
+	msg->msg_controllen +=3D CMSG_ALIGN(__cmsg->cmsg_len);
+}
+
+int main(int argc, char *argv[])
+{
+	struct msghdr msg;
+	struct stat st;
+	const char *filename;
+	unsigned char ctrl[4096];
+	unsigned int flags =3D O_RDONLY;
+	ssize_t r, w, o, ret;
+	size_t size =3D LONG_MAX, total =3D 0, i, out =3D 160;
+	char *end;
+	bool use_sendfile =3D false, all =3D true;
+	int opt, alg, sock, fd =3D 0;
+
+	while ((opt =3D getopt(argc, argv, "dn:s")) !=3D EOF) {
+		switch (opt) {
+		case 'd':
+			flags |=3D O_DIRECT;
+			break;
+		case 'n':
+			size =3D strtoul(optarg, &end, 0);
+			switch (*end) {
+			case 'K':
+			case 'k':
+				size *=3D 1024;
+				break;
+			case 'M':
+			case 'm':
+				size *=3D 1024 * 1024;
+				break;
+			}
+			all =3D false;
+			break;
+		case 's':
+			use_sendfile =3D true;
+			break;
+		default:
+			format();
+		}
+	}
+
+	argc -=3D optind;
+	argv +=3D optind;
+	if (argc !=3D 1)
+		format();
+	filename =3D argv[0];
+
+	alg =3D socket(AF_ALG, SOCK_SEQPACKET, 0);
+	OSERROR(alg, "AF_ALG");
+	OSERROR(bind(alg, (struct sockaddr *)&sa, sizeof(sa)), "bind");
+	OSERROR(setsockopt(alg, SOL_ALG, ALG_SET_KEY, key, sizeof(key)),
+		"ALG_SET_KEY");
+	sock =3D accept(alg, NULL, 0);
+	OSERROR(sock, "accept");
+
+	if (strcmp(filename, "-") !=3D 0) {
+		fd =3D open(filename, flags);
+		OSERROR(fd, filename);
+		OSERROR(fstat(fd, &st), filename);
+		size =3D st.st_size;
+	} else {
+		OSERROR(fstat(fd, &st), argv[2]);
+	}
+
+	memset(&msg, 0, sizeof(msg));
+	msg.msg_control =3D ctrl;
+	algif_add_set_op(&msg, ALG_OP_ENCRYPT);
+	algif_add_set_iv(&msg, iv, sizeof(iv));
+
+	OSERROR(sendmsg(sock, &msg, MSG_MORE), "sock/sendmsg");
+
+	if (!use_sendfile) {
+		bool more =3D false;
+
+		while (size) {
+			r =3D read(fd, buffer, sizeof(buffer));
+			OSERROR(r, filename);
+			if (r =3D=3D 0)
+				break;
+			size -=3D r;
+
+			o =3D 0;
+			do {
+				more =3D size > 0;
+				w =3D send(sock, buffer + o, r - o,
+					 more ? MSG_MORE : 0);
+				OSERROR(w, "sock/send");
+				total +=3D w;
+				o +=3D w;
+			} while (o < r);
+		}
+
+		if (more)
+			send(sock, NULL, 0, 0);
+	} else if (S_ISFIFO(st.st_mode)) {
+		do {
+			r =3D splice(fd, NULL, sock, NULL, size,
+				   size > 0 ? SPLICE_F_MORE : 0);
+			OSERROR(r, "sock/splice");
+			size -=3D r;
+			total +=3D r;
+		} while (r > 0 && size > 0);
+		if (size && !all) {
+			fprintf(stderr, "Short splice\n");
+			exit(1);
+		}
+	} else {
+		r =3D sendfile(sock, fd, NULL, size);
+		OSERROR(r, "sock/sendfile");
+		if (r !=3D size) {
+			fprintf(stderr, "Short sendfile\n");
+			exit(1);
+		}
+		total =3D r;
+	}
+
+	while (total > 0) {
+		ret =3D read(sock, buffer, min(sizeof(buffer), total));
+		OSERROR(ret, "sock/read");
+		if (ret =3D=3D 0)
+			break;
+		total -=3D ret;
+
+		if (out > 0) {
+			ret =3D min(out, ret);
+			out -=3D ret;
+			for (i =3D 0; i < ret; i++)
+				printf("%02x", (unsigned char)buffer[i]);
+		}
+		printf("...\n");
+	}
+
+	OSERROR(close(sock), "sock/close");
+	OSERROR(close(alg), "alg/close");
+	OSERROR(close(fd), "close");
+	return 0;
+}
diff --git a/samples/net/alg-hash.c b/samples/net/alg-hash.c
new file mode 100644
index 000000000000..df63c87e7661
--- /dev/null
+++ b/samples/net/alg-hash.c
@@ -0,0 +1,147 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/* AF_ALG hash test
+ *
+ * Copyright (C) 2023 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ */
+
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdbool.h>
+#include <string.h>
+#include <getopt.h>
+#include <limits.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <sys/un.h>
+#include <sys/socket.h>
+#include <sys/stat.h>
+#include <sys/sendfile.h>
+#include <linux/if_alg.h>
+
+#define OSERROR(X, Y) \
+	do { if ((long)(X) =3D=3D -1) { perror(Y); exit(1); } } while (0)
+
+static unsigned char buffer[4096 * 32] __attribute__((aligned(4096)));
+
+static const struct sockaddr_alg sa =3D {
+	.salg_family	=3D AF_ALG,
+	.salg_type	=3D "hash",
+	.salg_name	=3D "sha1",
+};
+
+static void format(void)
+{
+	fprintf(stderr, "alg-send [-ds] [-n<size>] <file>|-\n");
+	exit(2);
+}
+
+int main(int argc, char *argv[])
+{
+	struct stat st;
+	const char *filename;
+	unsigned int flags =3D O_RDONLY;
+	ssize_t r, w, o, ret;
+	size_t size =3D LONG_MAX, i;
+	char *end;
+	int use_sendfile =3D 0;
+	int opt, alg, sock, fd =3D 0;
+
+	while ((opt =3D getopt(argc, argv, "n:s")) !=3D EOF) {
+		switch (opt) {
+		case 'd':
+			flags |=3D O_DIRECT;
+			break;
+		case 'n':
+			size =3D strtoul(optarg, &end, 0);
+			switch (*end) {
+			case 'K':
+			case 'k':
+				size *=3D 1024;
+				break;
+			case 'M':
+			case 'm':
+				size *=3D 1024 * 1024;
+				break;
+			}
+			break;
+		case 's':
+			use_sendfile =3D true;
+			break;
+		default:
+			format();
+		}
+	}
+
+	argc -=3D optind;
+	argv +=3D optind;
+	if (argc !=3D 1)
+		format();
+	filename =3D argv[0];
+
+	alg =3D socket(AF_ALG, SOCK_SEQPACKET, 0);
+	OSERROR(alg, "AF_ALG");
+	OSERROR(bind(alg, (struct sockaddr *)&sa, sizeof(sa)), "bind");
+	sock =3D accept(alg, NULL, 0);
+	OSERROR(sock, "accept");
+
+	if (strcmp(filename, "-") !=3D 0) {
+		fd =3D open(filename, flags);
+		OSERROR(fd, filename);
+		OSERROR(fstat(fd, &st), filename);
+		size =3D st.st_size;
+	} else {
+		OSERROR(fstat(fd, &st), argv[2]);
+	}
+
+	if (!use_sendfile) {
+		bool more =3D false;
+
+		while (size) {
+			r =3D read(fd, buffer, sizeof(buffer));
+			OSERROR(r, filename);
+			if (r =3D=3D 0)
+				break;
+			size -=3D r;
+
+			o =3D 0;
+			do {
+				more =3D size > 0;
+				w =3D send(sock, buffer + o, r - o,
+					 more ? MSG_MORE : 0);
+				OSERROR(w, "sock/send");
+				o +=3D w;
+			} while (o < r);
+		}
+
+		if (more)
+			send(sock, NULL, 0, 0);
+	} else if (S_ISFIFO(st.st_mode)) {
+		r =3D splice(fd, NULL, sock, NULL, size, 0);
+		OSERROR(r, "sock/splice");
+		if (r !=3D size) {
+			fprintf(stderr, "Short splice\n");
+			exit(1);
+		}
+	} else {
+		r =3D sendfile(sock, fd, NULL, size);
+		OSERROR(r, "sock/sendfile");
+		if (r !=3D size) {
+			fprintf(stderr, "Short sendfile\n");
+			exit(1);
+		}
+	}
+
+	ret =3D read(sock, buffer, sizeof(buffer));
+	OSERROR(ret, "sock/read");
+
+	for (i =3D 0; i < ret; i++)
+		printf("%02x", (unsigned char)buffer[i]);
+	printf("\n");
+
+	OSERROR(close(sock), "sock/close");
+	OSERROR(close(alg), "alg/close");
+	OSERROR(close(fd), "close");
+	return 0;
+}
diff --git a/samples/net/splice-out.c b/samples/net/splice-out.c
new file mode 100644
index 000000000000..224010dfd387
--- /dev/null
+++ b/samples/net/splice-out.c
@@ -0,0 +1,147 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/* Splice or sendfile from the given file/stdin to stdout.
+ *
+ * Format: splice-out [-s] <file>|- [<size>]
+ *
+ * Copyright (C) 2023 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ */
+
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdbool.h>
+#include <string.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <getopt.h>
+#include <sys/stat.h>
+#include <sys/sendfile.h>
+
+#define OSERROR(X, Y) \
+	do { if ((long)(X) =3D=3D -1) { perror(Y); exit(1); } } while (0)
+#define min(x, y) ((x) < (y) ? (x) : (y))
+
+static unsigned char buffer[4096];
+
+static void format(void)
+{
+	fprintf(stderr, "splice-out [-dkN][-s][-wN] <file>|- [<size>]\n");
+	exit(2);
+}
+
+int main(int argc, char *argv[])
+{
+	struct stat st;
+	const char *filename;
+	unsigned int flags =3D O_RDONLY;
+	ssize_t r;
+	size_t size =3D 1024 * 1024, skip =3D 0, unit =3D 0, part;
+	char *end;
+	bool use_sendfile =3D false, all =3D true;
+	int opt, fd =3D 0;
+
+	while ((opt =3D getopt(argc, argv, "dk:sw:")),
+	       opt !=3D -1) {
+		switch (opt) {
+		case 'd':
+			flags |=3D O_DIRECT;
+			break;
+		case 'k':
+			/* Skip size - prevent coalescence. */
+			skip =3D strtoul(optarg, &end, 0);
+			if (skip < 1 || skip >=3D 4096) {
+				fprintf(stderr, "-kN must be 0<N<4096\n");
+				exit(2);
+			}
+			break;
+		case 's':
+			use_sendfile =3D 1;
+			break;
+		case 'w':
+			/* Write unit size */
+			unit =3D strtoul(optarg, &end, 0);
+			if (!unit) {
+				fprintf(stderr, "-wN must be >0\n");
+				exit(2);
+			}
+			switch (*end) {
+			case 'K':
+			case 'k':
+				unit *=3D 1024;
+				break;
+			case 'M':
+			case 'm':
+				unit *=3D 1024 * 1024;
+				break;
+			}
+			break;
+		default:
+			format();
+		}
+	}
+
+	argc -=3D optind;
+	argv +=3D optind;
+
+	if (argc !=3D 1 && argc !=3D 2)
+		format();
+
+	filename =3D argv[0];
+	if (argc =3D=3D 2) {
+		size =3D strtoul(argv[1], &end, 0);
+		switch (*end) {
+		case 'K':
+		case 'k':
+			size *=3D 1024;
+			break;
+		case 'M':
+		case 'm':
+			size *=3D 1024 * 1024;
+			break;
+		}
+		all =3D false;
+	}
+
+	OSERROR(fstat(1, &st), "stdout");
+	if (!S_ISFIFO(st.st_mode)) {
+		fprintf(stderr, "stdout must be a pipe\n");
+		exit(3);
+	}
+
+	if (strcmp(filename, "-") !=3D 0) {
+		fd =3D open(filename, flags);
+		OSERROR(fd, filename);
+		OSERROR(fstat(fd, &st), filename);
+		if (!all && size > st.st_size) {
+			fprintf(stderr, "%s: Specified size larger than file\n",
+				filename);
+			exit(3);
+		}
+	}
+
+	do {
+		if (skip) {
+			part =3D skip;
+			do {
+				r =3D read(fd, buffer, skip);
+				OSERROR(r, filename);
+				part -=3D r;
+			} while (part > 0 && r > 0);
+		}
+
+		part =3D unit ? min(size, unit) : size;
+		if (use_sendfile) {
+			r =3D sendfile(1, fd, NULL, part);
+			OSERROR(r, "sendfile");
+		} else {
+			r =3D splice(fd, NULL, 1, NULL, part, 0);
+			OSERROR(r, "splice");
+		}
+		if (!all)
+			size -=3D r;
+	} while (r > 0 && size > 0);
+
+	OSERROR(close(fd), "close");
+	return 0;
+}
diff --git a/samples/net/tcp-send.c b/samples/net/tcp-send.c
new file mode 100644
index 000000000000..608055354789
--- /dev/null
+++ b/samples/net/tcp-send.c
@@ -0,0 +1,177 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * TCP send client.  Pass -s to use splice/sendfile; -z to use MSG_ZEROCOP=
Y.
+ *
+ * Copyright (C) 2023 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ */
+
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdbool.h>
+#include <string.h>
+#include <getopt.h>
+#include <limits.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <netdb.h>
+#include <netinet/in.h>
+#include <sys/stat.h>
+#include <sys/sendfile.h>
+
+#define OSERROR(X, Y) \
+	do { if ((long)(X) =3D=3D -1) { perror(Y); exit(1); } } while (0)
+
+static unsigned char buffer[4096] __attribute__((aligned(4096)));
+
+static void format(void)
+{
+	fprintf(stderr,
+		"tcp-send [-46dsz][-p<port>][-n<size>] <file>|- <server>\n");
+	exit(2);
+}
+
+int main(int argc, char *argv[])
+{
+	struct addrinfo *addrs =3D NULL, hints =3D {};
+	struct stat st;
+	const char *filename, *sockname, *service =3D "5555";
+	unsigned int flags =3D O_RDONLY;
+	ssize_t r, w, o;
+	size_t size =3D LONG_MAX;
+	char *end;
+	bool use_sendfile =3D false, use_zerocopy =3D false, all =3D true;
+	int opt, sock, fd =3D 0, gai;
+
+	hints.ai_family   =3D AF_UNSPEC;
+	hints.ai_socktype =3D SOCK_STREAM;
+
+	while ((opt =3D getopt(argc, argv, "46dn:p:sz")) !=3D EOF) {
+		switch (opt) {
+		case '4':
+			hints.ai_family =3D AF_INET;
+			break;
+		case '6':
+			hints.ai_family =3D AF_INET6;
+			break;
+		case 'd':
+			flags |=3D O_DIRECT;
+			break;
+		case 'n':
+			size =3D strtoul(optarg, &end, 0);
+			switch (*end) {
+			case 'K':
+			case 'k':
+				size *=3D 1024;
+				break;
+			case 'M':
+			case 'm':
+				size *=3D 1024 * 1024;
+				break;
+			}
+			all =3D false;
+			break;
+		case 'p':
+			service =3D optarg;
+			break;
+		case 's':
+			use_sendfile =3D true;
+			break;
+		case 'z':
+			use_zerocopy =3D true;
+			break;
+		default:
+			format();
+		}
+	}
+
+	argc -=3D optind;
+	argv +=3D optind;
+	if (argc !=3D 2)
+		format();
+	filename =3D argv[0];
+	sockname =3D argv[1];
+
+	gai =3D getaddrinfo(sockname, service, &hints, &addrs);
+	if (gai) {
+		fprintf(stderr, "%s: %s\n", sockname, gai_strerror(gai));
+		exit(3);
+	}
+
+	if (!addrs) {
+		fprintf(stderr, "%s: No addresses\n", sockname);
+		exit(3);
+	}
+
+	sockname =3D addrs->ai_canonname;
+	sock =3D socket(addrs->ai_family, addrs->ai_socktype, addrs->ai_protocol);
+	OSERROR(sock, "socket");
+	OSERROR(connect(sock, addrs->ai_addr, addrs->ai_addrlen), "connect");
+
+	if (strcmp(filename, "-") !=3D 0) {
+		fd =3D open(filename, flags);
+		OSERROR(fd, filename);
+		OSERROR(fstat(fd, &st), filename);
+		if (size > st.st_size)
+			size =3D st.st_size;
+	} else {
+		OSERROR(fstat(fd, &st), filename);
+	}
+
+	if (!use_sendfile) {
+		unsigned int flags =3D 0;
+
+		if (use_zerocopy) {
+			int zcflag =3D 1;
+
+			OSERROR(setsockopt(sock, SOL_SOCKET, SO_ZEROCOPY,
+					   &zcflag, sizeof(zcflag)),
+				"SOCK_ZEROCOPY");
+			flags |=3D MSG_ZEROCOPY;
+		}
+
+		while (size) {
+			r =3D read(fd, buffer, sizeof(buffer));
+			OSERROR(r, filename);
+			if (r =3D=3D 0)
+				break;
+			size -=3D r;
+
+			o =3D 0;
+			do {
+				flags &=3D ~MSG_MORE;
+				if (size > 0)
+					flags |=3D MSG_MORE;
+				w =3D send(sock, buffer + o, r - o, flags);
+				OSERROR(w, "sock/send");
+				o +=3D w;
+			} while (o < r);
+		}
+
+		if (flags & MSG_MORE)
+			send(sock, NULL, 0, flags & ~MSG_MORE);
+	} else if (S_ISFIFO(st.st_mode)) {
+		do {
+			r =3D splice(fd, NULL, sock, NULL, size,
+				   size > 0 ? SPLICE_F_MORE : 0);
+			OSERROR(r, "sock/splice");
+			size -=3D r;
+		} while (r > 0 && size > 0);
+		if (size && !all) {
+			fprintf(stderr, "Short splice\n");
+			exit(1);
+		}
+	} else {
+		r =3D sendfile(sock, fd, NULL, size);
+		OSERROR(r, "sock/sendfile");
+		if (r !=3D size) {
+			fprintf(stderr, "Short sendfile\n");
+			exit(1);
+		}
+	}
+
+	OSERROR(close(sock), "sock/close");
+	OSERROR(close(fd), "close");
+	return 0;
+}
diff --git a/samples/net/tcp-sink.c b/samples/net/tcp-sink.c
new file mode 100644
index 000000000000..5c27c24dfb76
--- /dev/null
+++ b/samples/net/tcp-sink.c
@@ -0,0 +1,80 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * TCP sink server
+ *
+ * Copyright (C) 2023 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdbool.h>
+#include <string.h>
+#include <getopt.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <netinet/in.h>
+
+#define OSERROR(X, Y) \
+	do { if ((long)(X) =3D=3D -1) { perror(Y); exit(1); } } while (0)
+
+static unsigned char buffer[512 * 1024];
+
+static void format(void)
+{
+	fprintf(stderr, "tcp-sink [-4][-p<port>]\n");
+	exit(2);
+}
+
+int main(int argc, char *argv[])
+{
+	unsigned int port =3D 5555;
+	bool ipv6 =3D true;
+	int opt, server_sock, sock;
+
+
+	while ((opt =3D getopt(argc, argv, "4p:")) !=3D EOF) {
+		switch (opt) {
+		case '4':
+			ipv6 =3D false;
+			break;
+		case 'p':
+			port =3D atoi(optarg);
+			break;
+		default:
+			format();
+		}
+	}
+
+	if (!ipv6) {
+		struct sockaddr_in sin =3D {
+			.sin_family =3D AF_INET,
+			.sin_port   =3D htons(port),
+		};
+		server_sock =3D socket(AF_INET, SOCK_STREAM, 0);
+		OSERROR(server_sock, "socket");
+		OSERROR(bind(server_sock, (struct sockaddr *)&sin, sizeof(sin)),
+			"bind");
+		OSERROR(listen(server_sock, 1), "listen");
+	} else {
+		struct sockaddr_in6 sin6 =3D {
+			.sin6_family =3D AF_INET6,
+			.sin6_port   =3D htons(port),
+		};
+		server_sock =3D socket(AF_INET6, SOCK_STREAM, 0);
+		OSERROR(server_sock, "socket");
+		OSERROR(bind(server_sock, (struct sockaddr *)&sin6,
+			     sizeof(sin6)),
+			"bind");
+		OSERROR(listen(server_sock, 1), "listen");
+	}
+
+	for (;;) {
+		sock =3D accept(server_sock, NULL, NULL);
+		if (sock !=3D -1) {
+			while (read(sock, buffer, sizeof(buffer)) > 0)
+				;
+			close(sock);
+		}
+	}
+}
diff --git a/samples/net/tls-send.c b/samples/net/tls-send.c
new file mode 100644
index 000000000000..d99b79aaf536
--- /dev/null
+++ b/samples/net/tls-send.c
@@ -0,0 +1,188 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * TLS-over-TCP send client.  Pass -s to splice.
+ *
+ * Copyright (C) 2023 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ */
+
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdbool.h>
+#include <string.h>
+#include <getopt.h>
+#include <limits.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <netdb.h>
+#include <netinet/in.h>
+#include <netinet/tcp.h>
+#include <sys/stat.h>
+#include <sys/sendfile.h>
+#include <linux/tls.h>
+
+#define OSERROR(X, Y) \
+	do { if ((long)(X) =3D=3D -1) { perror(Y); exit(1); } } while (0)
+
+static unsigned char buffer[4096];
+
+static void format(void)
+{
+	fprintf(stderr,
+		"tls-send [-46ds][-n<size>][-p<port>] <file>|- <server>\n");
+	exit(2);
+}
+
+static void set_tls(int sock)
+{
+	struct tls12_crypto_info_aes_gcm_128 crypto_info;
+
+	crypto_info.info.version =3D TLS_1_2_VERSION;
+	crypto_info.info.cipher_type =3D TLS_CIPHER_AES_GCM_128;
+	memset(crypto_info.iv,		0, TLS_CIPHER_AES_GCM_128_IV_SIZE);
+	memset(crypto_info.rec_seq,	0, TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
+	memset(crypto_info.key,		0, TLS_CIPHER_AES_GCM_128_KEY_SIZE);
+	memset(crypto_info.salt,	0, TLS_CIPHER_AES_GCM_128_SALT_SIZE);
+
+	OSERROR(setsockopt(sock, SOL_TCP, TCP_ULP, "tls", sizeof("tls")),
+		"TCP_ULP");
+	OSERROR(setsockopt(sock, SOL_TLS, TLS_TX, &crypto_info,
+			   sizeof(crypto_info)),
+		"TLS_TX");
+	OSERROR(setsockopt(sock, SOL_TLS, TLS_RX, &crypto_info,
+			   sizeof(crypto_info)),
+		"TLS_RX");
+}
+
+int main(int argc, char *argv[])
+{
+	struct addrinfo *addrs =3D NULL, hints =3D {};
+	struct stat st;
+	const char *filename, *sockname, *service =3D "5556";
+	unsigned int flags =3D O_RDONLY;
+	ssize_t r, w, o;
+	size_t size =3D LONG_MAX;
+	char *end;
+	bool use_sendfile =3D false, all =3D true;
+	int opt, sock, fd =3D 0, gai;
+
+	hints.ai_family   =3D AF_UNSPEC;
+	hints.ai_socktype =3D SOCK_STREAM;
+
+	while ((opt =3D getopt(argc, argv, "46dn:p:s")) !=3D EOF) {
+		switch (opt) {
+		case '4':
+			hints.ai_family =3D AF_INET;
+			break;
+		case '6':
+			hints.ai_family =3D AF_INET6;
+			break;
+		case 'd':
+			flags |=3D O_DIRECT;
+			break;
+		case 'n':
+			size =3D strtoul(optarg, &end, 0);
+			switch (*end) {
+			case 'K':
+			case 'k':
+				size *=3D 1024;
+				break;
+			case 'M':
+			case 'm':
+				size *=3D 1024 * 1024;
+				break;
+			}
+			all =3D false;
+			break;
+		case 'p':
+			service =3D optarg;
+			break;
+		case 's':
+			use_sendfile =3D true;
+			break;
+		default:
+			format();
+		}
+	}
+
+	argc -=3D optind;
+	argv +=3D optind;
+	if (argc !=3D 2)
+		format();
+	filename =3D argv[0];
+	sockname =3D argv[1];
+
+	gai =3D getaddrinfo(sockname, service, &hints, &addrs);
+	if (gai) {
+		fprintf(stderr, "%s: %s\n", sockname, gai_strerror(gai));
+		exit(3);
+	}
+
+	if (!addrs) {
+		fprintf(stderr, "%s: No addresses\n", sockname);
+		exit(3);
+	}
+
+	sockname =3D addrs->ai_canonname;
+	sock =3D socket(addrs->ai_family, addrs->ai_socktype, addrs->ai_protocol);
+	OSERROR(sock, "socket");
+	OSERROR(connect(sock, addrs->ai_addr, addrs->ai_addrlen), "connect");
+	set_tls(sock);
+
+	if (strcmp(filename, "-") !=3D 0) {
+		fd =3D open(filename, flags);
+		OSERROR(fd, filename);
+		OSERROR(fstat(fd, &st), filename);
+		if (size > st.st_size)
+			size =3D st.st_size;
+	} else {
+		OSERROR(fstat(fd, &st), filename);
+	}
+
+	if (!use_sendfile) {
+		bool more =3D false;
+
+		while (size) {
+			r =3D read(fd, buffer, sizeof(buffer));
+			OSERROR(r, filename);
+			if (r =3D=3D 0)
+				break;
+			size -=3D r;
+
+			o =3D 0;
+			do {
+				more =3D size > 0;
+				w =3D send(sock, buffer + o, r - o,
+					 more ? MSG_MORE : 0);
+				OSERROR(w, "sock/send");
+				o +=3D w;
+			} while (o < r);
+		}
+
+		if (more)
+			send(sock, NULL, 0, 0);
+	} else if (S_ISFIFO(st.st_mode)) {
+		do {
+			r =3D splice(fd, NULL, sock, NULL, size,
+				   size > 0 ? SPLICE_F_MORE : 0);
+			OSERROR(r, "sock/splice");
+			size -=3D r;
+		} while (r > 0 && size > 0);
+		if (size && !all) {
+			fprintf(stderr, "Short splice\n");
+			exit(1);
+		}
+	} else {
+		r =3D sendfile(sock, fd, NULL, size);
+		OSERROR(r, "sock/sendfile");
+		if (r !=3D size) {
+			fprintf(stderr, "Short sendfile\n");
+			exit(1);
+		}
+	}
+
+	OSERROR(close(sock), "sock/close");
+	OSERROR(close(fd), "close");
+	return 0;
+}
diff --git a/samples/net/tls-sink.c b/samples/net/tls-sink.c
new file mode 100644
index 000000000000..67900b74d6d6
--- /dev/null
+++ b/samples/net/tls-sink.c
@@ -0,0 +1,104 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * TLS-over-TCP sink server
+ *
+ * Copyright (C) 2023 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdbool.h>
+#include <string.h>
+#include <getopt.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <netinet/in.h>
+#include <netinet/tcp.h>
+#include <linux/tls.h>
+
+#define OSERROR(X, Y) \
+	do { if ((long)(X) =3D=3D -1) { perror(Y); exit(1); } } while (0)
+
+static unsigned char buffer[512 * 1024];
+
+static void format(void)
+{
+	fprintf(stderr, "tls-sink [-4][-p<port>]\n");
+	exit(2);
+}
+
+static void set_tls(int sock)
+{
+	struct tls12_crypto_info_aes_gcm_128 crypto_info;
+
+	crypto_info.info.version =3D TLS_1_2_VERSION;
+	crypto_info.info.cipher_type =3D TLS_CIPHER_AES_GCM_128;
+	memset(crypto_info.iv,		0, TLS_CIPHER_AES_GCM_128_IV_SIZE);
+	memset(crypto_info.rec_seq,	0, TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
+	memset(crypto_info.key,		0, TLS_CIPHER_AES_GCM_128_KEY_SIZE);
+	memset(crypto_info.salt,	0, TLS_CIPHER_AES_GCM_128_SALT_SIZE);
+
+	OSERROR(setsockopt(sock, SOL_TCP, TCP_ULP, "tls", sizeof("tls")),
+		"TCP_ULP");
+	OSERROR(setsockopt(sock, SOL_TLS, TLS_TX, &crypto_info,
+			   sizeof(crypto_info)),
+		"TLS_TX");
+	OSERROR(setsockopt(sock, SOL_TLS, TLS_RX, &crypto_info,
+			   sizeof(crypto_info)),
+		"TLS_RX");
+}
+
+int main(int argc, char *argv[])
+{
+	unsigned int port =3D 5556;
+	bool ipv6 =3D true;
+	int opt, server_sock, sock;
+
+
+	while ((opt =3D getopt(argc, argv, "4p:")) !=3D EOF) {
+		switch (opt) {
+		case '4':
+			ipv6 =3D false;
+			break;
+		case 'p':
+			port =3D atoi(optarg);
+			break;
+		default:
+			format();
+		}
+	}
+
+	if (!ipv6) {
+		struct sockaddr_in sin =3D {
+			.sin_family =3D AF_INET,
+			.sin_port   =3D htons(port),
+		};
+		server_sock =3D socket(AF_INET, SOCK_STREAM, 0);
+		OSERROR(server_sock, "socket");
+		OSERROR(bind(server_sock, (struct sockaddr *)&sin, sizeof(sin)),
+			"bind");
+		OSERROR(listen(server_sock, 1), "listen");
+	} else {
+		struct sockaddr_in6 sin6 =3D {
+			.sin6_family =3D AF_INET6,
+			.sin6_port   =3D htons(port),
+		};
+		server_sock =3D socket(AF_INET6, SOCK_STREAM, 0);
+		OSERROR(server_sock, "socket");
+		OSERROR(bind(server_sock, (struct sockaddr *)&sin6,
+			     sizeof(sin6)),
+			"bind");
+		OSERROR(listen(server_sock, 1), "listen");
+	}
+
+	for (;;) {
+		sock =3D accept(server_sock, NULL, NULL);
+		if (sock !=3D -1) {
+			set_tls(sock);
+			while (read(sock, buffer, sizeof(buffer)) > 0)
+				;
+			close(sock);
+		}
+	}
+}
diff --git a/samples/net/udp-send.c b/samples/net/udp-send.c
new file mode 100644
index 000000000000..7c6c27eb0fcc
--- /dev/null
+++ b/samples/net/udp-send.c
@@ -0,0 +1,156 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * UDP send client.  Pass -s to splice.
+ *
+ * Copyright (C) 2023 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ */
+
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdbool.h>
+#include <string.h>
+#include <getopt.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <netdb.h>
+#include <netinet/in.h>
+#include <sys/stat.h>
+#include <sys/sendfile.h>
+
+#define OSERROR(X, Y) \
+	do { if ((long)(X) =3D=3D -1) { perror(Y); exit(1); } } while (0)
+#define min(x, y) ((x) < (y) ? (x) : (y))
+
+static unsigned char buffer[65536];
+
+static void format(void)
+{
+	fprintf(stderr,
+		"udp-send [-46s][-n<size>][-p<port>] <file>|- <server>\n");
+	exit(2);
+}
+
+int main(int argc, char *argv[])
+{
+	struct addrinfo *addrs =3D NULL, hints =3D {};
+	struct stat st;
+	const char *filename, *sockname, *service =3D "5555";
+	unsigned int flags =3D O_RDONLY, len;
+	ssize_t r, o, size =3D 65535;
+	char *end;
+	bool use_sendfile =3D false;
+	int opt, sock, fd =3D 0, gai;
+
+	hints.ai_family   =3D AF_UNSPEC;
+	hints.ai_socktype =3D SOCK_DGRAM;
+
+	while ((opt =3D getopt(argc, argv, "46dn:p:s")) !=3D EOF) {
+		switch (opt) {
+		case '4':
+			hints.ai_family =3D AF_INET;
+			break;
+		case '6':
+			hints.ai_family =3D AF_INET6;
+			break;
+		case 'd':
+			flags |=3D O_DIRECT;
+			break;
+		case 'n':
+			size =3D strtoul(optarg, &end, 0);
+			switch (*end) {
+			case 'K':
+			case 'k':
+				size *=3D 1024;
+				break;
+			}
+			if (size > 65535) {
+				fprintf(stderr,
+					"Too much data for UDP packet\n");
+				exit(2);
+			}
+			break;
+		case 'p':
+			service =3D optarg;
+			break;
+		case 's':
+			use_sendfile =3D true;
+			break;
+		default:
+			format();
+		}
+	}
+
+	argc -=3D optind;
+	argv +=3D optind;
+	if (argc !=3D 2)
+		format();
+	filename =3D argv[0];
+	sockname =3D argv[1];
+
+	gai =3D getaddrinfo(sockname, service, &hints, &addrs);
+	if (gai) {
+		fprintf(stderr, "%s: %s\n", sockname, gai_strerror(gai));
+		exit(3);
+	}
+
+	if (!addrs) {
+		fprintf(stderr, "%s: No addresses\n", sockname);
+		exit(3);
+	}
+
+	sockname =3D addrs->ai_canonname;
+	sock =3D socket(addrs->ai_family, addrs->ai_socktype, addrs->ai_protocol);
+	OSERROR(sock, "socket");
+	OSERROR(connect(sock, addrs->ai_addr, addrs->ai_addrlen), "connect");
+
+	if (strcmp(filename, "-") !=3D 0) {
+		fd =3D open(filename, flags);
+		OSERROR(fd, filename);
+		OSERROR(fstat(fd, &st), filename);
+		if (size > st.st_size)
+			size =3D st.st_size;
+	} else {
+		OSERROR(fstat(fd, &st), filename);
+	}
+
+	len =3D htonl(size);
+	OSERROR(send(sock, &len, 4, MSG_MORE), "sock/send");
+
+	if (!use_sendfile) {
+		while (size) {
+			r =3D read(fd, buffer, sizeof(buffer));
+			OSERROR(r, filename);
+			if (r =3D=3D 0)
+				break;
+			size -=3D r;
+
+			o =3D 0;
+			do {
+				ssize_t w =3D send(sock, buffer + o, r - o,
+						 size > 0 ? MSG_MORE : 0);
+				OSERROR(w, "sock/send");
+				o +=3D w;
+			} while (o < r);
+		}
+	} else if (S_ISFIFO(st.st_mode)) {
+		r =3D splice(fd, NULL, sock, NULL, size, 0);
+		OSERROR(r, "sock/splice");
+		if (r !=3D size) {
+			fprintf(stderr, "Short splice\n");
+			exit(1);
+		}
+	} else {
+		r =3D sendfile(sock, fd, NULL, size);
+		OSERROR(r, "sock/sendfile");
+		if (r !=3D size) {
+			fprintf(stderr, "Short sendfile\n");
+			exit(1);
+		}
+	}
+
+	OSERROR(close(sock), "sock/close");
+	OSERROR(close(fd), "close");
+	return 0;
+}
diff --git a/samples/net/udp-sink.c b/samples/net/udp-sink.c
new file mode 100644
index 000000000000..f23c64acec4a
--- /dev/null
+++ b/samples/net/udp-sink.c
@@ -0,0 +1,84 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * UDP sink server
+ *
+ * Copyright (C) 2023 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdbool.h>
+#include <string.h>
+#include <getopt.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <netinet/in.h>
+
+#define OSERROR(X, Y) \
+	do { if ((long)(X) =3D=3D -1) { perror(Y); exit(1); } } while (0)
+
+static unsigned char buffer[512 * 1024];
+
+static void format(void)
+{
+	fprintf(stderr, "udp-sink [-4][-p<port>]\n");
+	exit(2);
+}
+
+int main(int argc, char *argv[])
+{
+	struct iovec iov[1] =3D {
+		[0] =3D {
+			.iov_base	=3D buffer,
+			.iov_len	=3D sizeof(buffer),
+		},
+	};
+	struct msghdr msg =3D {
+		.msg_iov	=3D iov,
+		.msg_iovlen	=3D 1,
+	};
+	unsigned int port =3D 5555;
+	bool ipv6 =3D true;
+	int opt, sock;
+
+	while ((opt =3D getopt(argc, argv, "4p:")) !=3D EOF) {
+		switch (opt) {
+		case '4':
+			ipv6 =3D false;
+			break;
+		case 'p':
+			port =3D atoi(optarg);
+			break;
+		default:
+			format();
+		}
+	}
+
+	if (!ipv6) {
+		struct sockaddr_in sin =3D {
+			.sin_family =3D AF_INET,
+			.sin_port   =3D htons(port),
+		};
+		sock =3D socket(AF_INET, SOCK_DGRAM, 0);
+		OSERROR(sock, "socket");
+		OSERROR(bind(sock, (struct sockaddr *)&sin, sizeof(sin)),
+			"bind");
+	} else {
+		struct sockaddr_in6 sin6 =3D {
+			.sin6_family =3D AF_INET6,
+			.sin6_port   =3D htons(port),
+		};
+		sock =3D socket(AF_INET6, SOCK_DGRAM, 0);
+		OSERROR(sock, "socket");
+		OSERROR(bind(sock, (struct sockaddr *)&sin6, sizeof(sin6)),
+			"bind");
+	}
+
+	for (;;) {
+		ssize_t r;
+
+		r =3D recvmsg(sock, &msg, 0);
+		printf("rx %zd\n", r);
+	}
+}
diff --git a/samples/net/unix-send.c b/samples/net/unix-send.c
new file mode 100644
index 000000000000..5950fcf1ccd2
--- /dev/null
+++ b/samples/net/unix-send.c
@@ -0,0 +1,151 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * AF_UNIX stream send client.  Pass -s to use splice/sendfile.
+ *
+ * Copyright (C) 2023 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ */
+
+#define _GNU_SOURCE
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdbool.h>
+#include <string.h>
+#include <getopt.h>
+#include <limits.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <sys/un.h>
+#include <sys/socket.h>
+#include <sys/stat.h>
+#include <sys/sendfile.h>
+
+#define OSERROR(X, Y) \
+	do { if ((long)(X) =3D=3D -1) { perror(Y); exit(1); } } while (0)
+#define min(x, y) ((x) < (y) ? (x) : (y))
+
+static unsigned char buffer[4096];
+
+static void format(void)
+{
+	fprintf(stderr, "unix-send [-ds] [-n<size>] <file>|- <socket-file>\n");
+	exit(2);
+}
+
+int main(int argc, char *argv[])
+{
+	struct sockaddr_un sun =3D { .sun_family =3D AF_UNIX, };
+	struct stat st;
+	const char *filename, *sockname;
+	unsigned int flags =3D O_RDONLY;
+	ssize_t r, w, o, size =3D LONG_MAX;
+	size_t plen, total =3D 0;
+	char *end;
+	bool use_sendfile =3D false, all =3D true;
+	int opt, sock, fd =3D 0;
+
+	while ((opt =3D getopt(argc, argv, "dn:s")) !=3D EOF) {
+		switch (opt) {
+		case 'd':
+			flags |=3D O_DIRECT;
+			break;
+		case 'n':
+			size =3D strtoul(optarg, &end, 0);
+			switch (*end) {
+			case 'K':
+			case 'k':
+				size *=3D 1024;
+				break;
+			case 'M':
+			case 'm':
+				size *=3D 1024 * 1024;
+				break;
+			}
+			all =3D false;
+			break;
+		case 's':
+			use_sendfile =3D true;
+			break;
+		default:
+			format();
+		}
+	}
+
+	argc -=3D optind;
+	argv +=3D optind;
+	if (argc !=3D 2)
+		format();
+	filename =3D argv[0];
+	sockname =3D argv[1];
+
+	plen =3D strlen(sockname);
+	if (plen =3D=3D 0 || plen > sizeof(sun.sun_path) - 1) {
+		fprintf(stderr, "socket filename too short or too long\n");
+		exit(2);
+	}
+	memcpy(sun.sun_path, sockname, plen + 1);
+
+	sock =3D socket(AF_UNIX, SOCK_STREAM, 0);
+	OSERROR(sock, "socket");
+	OSERROR(connect(sock, (struct sockaddr *)&sun, sizeof(sun)), "connect");
+
+	if (strcmp(filename, "-") !=3D 0) {
+		fd =3D open(filename, flags);
+		OSERROR(fd, filename);
+		OSERROR(fstat(fd, &st), filename);
+		if (size > st.st_size)
+			size =3D st.st_size;
+	} else {
+		OSERROR(fstat(fd, &st), argv[2]);
+	}
+
+	if (!use_sendfile) {
+		bool more =3D false;
+
+		while (size) {
+			r =3D read(fd, buffer, min(sizeof(buffer), size));
+			OSERROR(r, filename);
+			if (r =3D=3D 0)
+				break;
+			size -=3D r;
+
+			o =3D 0;
+			do {
+				more =3D size > 0;
+				w =3D send(sock, buffer + o, r - o,
+					 more ? MSG_MORE : 0);
+				OSERROR(w, "sock/send");
+				o +=3D w;
+				total +=3D w;
+			} while (o < r);
+		}
+
+		if (more)
+			send(sock, NULL, 0, 0);
+	} else if (S_ISFIFO(st.st_mode)) {
+		do {
+			r =3D splice(fd, NULL, sock, NULL, size,
+				   size > 0 ? SPLICE_F_MORE : 0);
+			OSERROR(r, "sock/splice");
+			size -=3D r;
+			total +=3D r;
+		} while (r > 0 && size > 0);
+		if (size && !all) {
+			fprintf(stderr, "Short splice\n");
+			exit(1);
+		}
+	} else {
+		r =3D sendfile(sock, fd, NULL, size);
+		OSERROR(r, "sock/sendfile");
+		if (r !=3D size) {
+			fprintf(stderr, "Short sendfile\n");
+			exit(1);
+		}
+		total +=3D r;
+	}
+
+	printf("Sent %zu bytes\n", total);
+	OSERROR(close(sock), "sock/close");
+	OSERROR(close(fd), "close");
+	return 0;
+}
diff --git a/samples/net/unix-sink.c b/samples/net/unix-sink.c
new file mode 100644
index 000000000000..9f0a5ac9c578
--- /dev/null
+++ b/samples/net/unix-sink.c
@@ -0,0 +1,54 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * UNIX stream sink server
+ *
+ * Copyright (C) 2023 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <sys/un.h>
+#include <sys/socket.h>
+
+#define OSERROR(X, Y) \
+	do { if ((long)(X) =3D=3D -1) { perror(Y); exit(1); } } while (0)
+
+static unsigned char buffer[512 * 1024];
+
+int main(int argc, char *argv[])
+{
+	struct sockaddr_un sun =3D { .sun_family =3D AF_UNIX, };
+	size_t plen;
+	int server_sock, sock;
+
+	if (argc !=3D 2) {
+		fprintf(stderr, "unix-sink <socket-file>\n");
+		exit(2);
+	}
+
+	plen =3D strlen(argv[1]);
+	if (plen =3D=3D 0 || plen > sizeof(sun.sun_path) - 1) {
+		fprintf(stderr, "socket filename too short or too long\n");
+		exit(2);
+	}
+	memcpy(sun.sun_path, argv[1], plen + 1);
+
+	server_sock =3D socket(AF_UNIX, SOCK_STREAM, 0);
+	OSERROR(server_sock, "socket");
+	OSERROR(bind(server_sock, (struct sockaddr *)&sun, sizeof(sun)),
+		"bind");
+	OSERROR(listen(server_sock, 1), "listen");
+
+	for (;;) {
+		sock =3D accept(server_sock, NULL, NULL);
+		if (sock !=3D -1) {
+			while (read(sock, buffer, sizeof(buffer)) > 0)
+				;
+			close(sock);
+		}
+	}
+}