From patchwork Thu Oct 11 00:45:39 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Daniel Borkmann <daniel@iogearbox.net>
X-Patchwork-Id: 982150
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming-netdev@ozlabs.org
Delivered-To: patchwork-incoming-netdev@ozlabs.org
Authentication-Results: ozlabs.org;
	spf=none (mailfrom) smtp.mailfrom=vger.kernel.org
	(client-ip=209.132.180.67; helo=vger.kernel.org;
	envelope-from=netdev-owner@vger.kernel.org;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none)
	header.from=iogearbox.net
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 42Vsj05Shnz9sBZ
	for <patchwork-incoming-netdev@ozlabs.org>;
	Thu, 11 Oct 2018 11:46:12 +1100 (AEDT)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1726214AbeJKIKu (ORCPT
	<rfc822;patchwork-incoming-netdev@ozlabs.org>);
	Thu, 11 Oct 2018 04:10:50 -0400
Received: from www62.your-server.de ([213.133.104.62]:50838 "EHLO
	www62.your-server.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1726029AbeJKIKu (ORCPT
	<rfc822;netdev@vger.kernel.org>); Thu, 11 Oct 2018 04:10:50 -0400
Received: from [62.203.87.61] (helo=localhost)
	by www62.your-server.de with esmtpsa
	(TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89_1)
	(envelope-from <daniel@iogearbox.net>)
	id 1gAP78-0002j7-7u; Thu, 11 Oct 2018 02:46:06 +0200
From: Daniel Borkmann <daniel@iogearbox.net>
To: alexei.starovoitov@gmail.com
Cc: john.fastabend@gmail.com, davejwatson@fb.com,
	netdev@vger.kernel.org, Daniel Borkmann <daniel@iogearbox.net>
Subject: [PATCH bpf-next 0/8] sockmap integration for ktls
Date: Thu, 11 Oct 2018 02:45:39 +0200
Message-Id: <20181011004547.16662-1-daniel@iogearbox.net>
X-Mailer: git-send-email 2.9.5
X-Authenticated-Sender: daniel@iogearbox.net
X-Virus-Scanned: Clear (ClamAV 0.100.1/25025/Wed Oct 10 22:52:47 2018)
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

This work adds a generic sk_msg layer and converts both sockmap
and later ktls over to make use of it as a common data structure
for application data (similarly as sk_buff for network packets).
With that in place the sk_msg framework spans accross ULP layer
in the kernel and allows for introspection or filtering of L7
data with the help of BPF programs operating on a common input
context.

In a second step, we enable the latter for ktls which was previously
not possible, meaning, ktls and sk_msg verdict programs were
mutually exclusive in the ULP layer which created challenges for
the orchestrator when trying to apply TCP based policy, for
example. Leveraging the prior consolidation we can finally overcome
this limitation. 

Note, there's no change in behavior when ktls is not used in
combination with BPF, and also no change in behavior for stand
alone sockmap. The kselftest suites for ktls, sockmap and ktls
with sockmap combined also runs through successfully. For further
details please see individual patches.

Thanks!

Daniel Borkmann (5):
  tcp, ulp: enforce sock_owned_by_me upon ulp init and cleanup
  tcp, ulp: remove ulp bits from sockmap
  bpf, sockmap: convert to generic sk_msg interface
  tls: convert to generic sk_msg interface
  bpf, doc: add maintainers entry to related files

John Fastabend (3):
  tls: replace poll implementation with read hook
  tls: add bpf support to sk_msg handling
  bpf: add tls support for testing in test_sockmap

 MAINTAINERS                                |   10 +
 include/linux/bpf.h                        |   33 +-
 include/linux/bpf_types.h                  |    2 +-
 include/linux/filter.h                     |   21 -
 include/linux/skmsg.h                      |  410 +++++
 include/net/sock.h                         |    4 -
 include/net/tcp.h                          |   28 +-
 include/net/tls.h                          |   24 +-
 kernel/bpf/Makefile                        |    5 -
 kernel/bpf/core.c                          |    2 -
 kernel/bpf/sockmap.c                       | 2629 ----------------------------
 kernel/bpf/syscall.c                       |    6 +-
 net/Kconfig                                |   11 +
 net/core/Makefile                          |    2 +
 net/core/filter.c                          |  270 +--
 net/core/skmsg.c                           |  802 +++++++++
 net/core/sock.c                            |   61 -
 net/core/sock_map.c                        | 1002 +++++++++++
 net/ipv4/Makefile                          |    1 +
 net/ipv4/tcp_bpf.c                         |  655 +++++++
 net/ipv4/tcp_ulp.c                         |   73 +-
 net/strparser/Kconfig                      |    4 +-
 net/tls/Kconfig                            |    1 +
 net/tls/tls_device.c                       |    2 +-
 net/tls/tls_main.c                         |   11 +-
 net/tls/tls_sw.c                           |  900 ++++++----
 tools/testing/selftests/bpf/test_sockmap.c |   89 +
 27 files changed, 3666 insertions(+), 3392 deletions(-)
 create mode 100644 include/linux/skmsg.h
 delete mode 100644 kernel/bpf/sockmap.c
 create mode 100644 net/core/skmsg.c
 create mode 100644 net/core/sock_map.c
 create mode 100644 net/ipv4/tcp_bpf.c