6:12 a.m.
This is several accumulated fixes that are required for MP_JOIN
(secondary subflows) plus the outgoing code.
Both outgoing and incoming MP_JOIN now inter-operate
with the multipath.org implementation although there is
still a deadlock when incoming is fully established.
Since the incoming direction did not work at all before
this is an improvement. I have not yet tested running our
implmentation against itself.
The final patch in the set is an "interim path manager", this
is throw-away code that I include for testing purposes. For an
incoming connection it is necessary for the server to advertise
a secondary address and for my testing I have been hard-coding the IP
address of my secondary interface when I build the kernel.
Obviously not the final solution but we need to discuss what
approach to use for the self tests. I also think we may not want
to publish this patch on our net-next branch.
Peter Krystad (9):
Extend path manager interface
Fix locking in mptcp_finish_join.
Fix parsing MP_JOIN third ACK.
Re-factor and fixes for crypto_hmac_sha1()
Rename mptcp_attach_dss()
Fix return value if no DSS option is created.
Move setting request_ fields of subflow to MPTCP layer
mptcp: Add handling of outgoing MP_JOIN requests
mptcp: Implement interim path manager
include/net/mptcp.h | 12 +--
net/ipv4/tcp_input.c | 4 +-
net/mptcp/crypto.c | 23 +++---
net/mptcp/options.c | 77 ++++++++++++++++---
net/mptcp/pm.c | 171 +++++++++++++++++++++++++++++++++++++++++--
net/mptcp/protocol.c | 29 ++++++--
net/mptcp/protocol.h | 54 +++++++++++---
net/mptcp/subflow.c | 72 ++++++++++++++++--
net/mptcp/token.c | 82 ++++++++++++++++++---
9 files changed, 452 insertions(+), 72 deletions(-)
--
2.17.2
6:12 a.m.
New subject: [PATCH 1/9] Extend path manager interface
A little more functionality and some comments clarifying
which routines are for a path manager to call and which are
callbacks.
squashto: Add path manager interface
Signed-off-by: Peter Krystad <peter.krystad(a)linux.intel.com>
---
net/mptcp/options.c | 19 +++++++++--
net/mptcp/pm.c | 77 ++++++++++++++++++++++++++++++++++++++++----
net/mptcp/protocol.c | 5 +--
net/mptcp/protocol.h | 35 ++++++++++++++++----
4 files changed, 117 insertions(+), 19 deletions(-)
diff --git a/net/mptcp/options.c b/net/mptcp/options.c
index 58215f19829a..0d0d47f84adb 100644
--- a/net/mptcp/options.c
+++ b/net/mptcp/options.c
@@ -412,10 +412,10 @@ static bool mptcp_established_options_addr(struct sock *sk,
struct subflow_context *subflow = subflow_ctx(sk);
struct mptcp_sock *msk = mptcp_sk(subflow->conn);
- if (subflow->fourth_ack)
- return pm_addr_signal(msk, size, remaining, opts);
+ if (!msk)
+ return false;
- return false;
+ return pm_addr_signal(msk, size, remaining, opts);
}
bool mptcp_established_options(struct sock *sk, struct sk_buff *skb,
@@ -479,11 +479,20 @@ bool mptcp_synack_options(const struct request_sock *req, unsigned
int *size,
void mptcp_attach_dss(struct sock *sk, struct sk_buff *skb,
struct tcp_options_received *opt_rx)
{
+ struct subflow_context *subflow = subflow_ctx(sk);
+ struct mptcp_sock *msk = mptcp_sk(subflow->conn);
struct mptcp_options_received *mp_opt;
struct mptcp_ext *mpext;
mp_opt = &opt_rx->mptcp;
+ if (mp_opt->add_addr && mp_opt->family == MPTCP_ADDR_IPVERSION_4) {
+ if (msk) {
+ pm_add_addr(msk, &mp_opt->addr, mp_opt->addr_id);
+ mp_opt->add_addr = 0;
+ }
+ }
+
if (!mp_opt->dss)
return;
@@ -510,6 +519,10 @@ void mptcp_attach_dss(struct sock *sk, struct sk_buff *skb,
}
mpext->data_fin = mp_opt->data_fin;
+
+ if (msk)
+ pm_fully_established(msk);
+
}
void mptcp_write_options(__be32 *ptr, struct mptcp_out_options *opts)
diff --git a/net/mptcp/pm.c b/net/mptcp/pm.c
index 9e9c681a4544..0d53a0f23d2d 100644
--- a/net/mptcp/pm.c
+++ b/net/mptcp/pm.c
@@ -8,14 +8,42 @@
#include <net/mptcp.h>
#include "protocol.h"
-void pm_new_connection(struct mptcp_sock *msk)
+/* path manager command handlers */
+
+int pm_announce_addr(u32 token, sa_family_t family, u8 id, struct in_addr *addr)
+{
+ return -ENOTSUPP;
+}
+
+int pm_remove_addr(u32 token, u8 id)
+{
+ return -ENOTSUPP;
+}
+
+int pm_create_subflow(u32 token, u8 local_id, u8 remote_id)
+{
+ return -ENOTSUPP;
+}
+
+int pm_remove_subflow(u32 token, u8 local_id, u8 remote_id)
+{
+ return -ENOTSUPP;
+}
+
+/* path manager event handlers */
+
+void pm_new_connection(struct mptcp_sock *msk, int server_side)
{
pr_debug("msk=%p", msk);
+
+ msk->pm.server_side = server_side;
}
void pm_fully_established(struct mptcp_sock *msk)
{
pr_debug("msk=%p", msk);
+
+ msk->pm.fully_established = 1;
}
void pm_connection_closed(struct mptcp_sock *msk)
@@ -35,7 +63,13 @@ void pm_subflow_closed(struct mptcp_sock *msk, u8 id)
void pm_add_addr(struct mptcp_sock *msk, const struct in_addr *addr, u8 id)
{
- pr_debug("msk=%p", msk);
+ pr_debug("msk=%p, addr=%x, remote_id=%d", msk, addr->s_addr, id);
+
+ msk->pm.remote_valid = 1;
+ msk->pm.remote_token = msk->token;
+ msk->pm.remote_addr.s_addr = addr->s_addr;
+ msk->pm.remote_id = id;
+ msk->pm.remote_family = AF_INET;
}
void pm_add_addr6(struct mptcp_sock *msk, const struct in6_addr *addr, u8 id)
@@ -48,19 +82,48 @@ void pm_rm_addr(struct mptcp_sock *msk, u8 id)
pr_debug("msk=%p", msk);
}
+/* path manager helpers */
+
bool pm_addr_signal(struct mptcp_sock *msk, unsigned int *size,
unsigned int remaining, struct mptcp_out_options *opts)
{
- if (!msk || !msk->addr_signal)
+ if (!msk->pm.fully_established || !msk->addr_signal)
return false;
- if (msk->pm.family == AF_INET && remaining < TCPOLEN_MPTCP_ADD_ADDR)
+ if (!msk->pm.local_valid)
return false;
- pr_debug("msk=%p", msk);
+ if (msk->pm.local_family == AF_INET &&
+ remaining < TCPOLEN_MPTCP_ADD_ADDR)
+ return false;
+
+ pr_debug("msk=%p, addr_id=%d", msk, msk->pm.local_id);
opts->suboptions |= OPTION_MPTCP_ADD_ADDR;
- opts->addr_id = msk->pm.addr_id;
- opts->addr.s_addr = msk->pm.addr.s_addr;
+ opts->addr_id = msk->pm.local_id;
+ opts->addr.s_addr = msk->pm.local_addr.s_addr;
+ *size = TCPOLEN_MPTCP_ADD_ADDR;
+ msk->addr_signal = 0;
return true;
}
+
+int pm_get_local_id(struct request_sock *req, struct sock *sk,
+ const struct sk_buff *skb)
+{
+ struct subflow_request_sock *subflow_req = subflow_rsk(req);
+ struct mptcp_sock *msk = mptcp_sk(sk);
+
+ if (!msk->pm.local_valid)
+ return -1;
+
+ /* @@ check if address actually matches... */
+
+ pr_debug("msk=%p, addr_id=%d", msk, msk->pm.local_id);
+ subflow_req->local_id = msk->pm.local_id;
+
+ return 0;
+}
+
+void pm_init(void)
+{
+}
diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c
index 774ed25d3b6d..a56085742cf7 100644
--- a/net/mptcp/protocol.c
+++ b/net/mptcp/protocol.c
@@ -632,7 +632,7 @@ static struct sock *mptcp_accept(struct sock *sk, int flags, int
*err,
token_update_accept(new_sock->sk, new_mptcp_sock);
msk->subflow = NULL;
- pm_new_connection(msk);
+ pm_new_connection(msk, 1);
crypto_key_sha1(msk->remote_key, NULL, &ack_seq);
msk->write_seq = subflow->idsn + 1;
@@ -759,7 +759,7 @@ void mptcp_finish_connect(struct sock *sk, int mp_capable)
msk->token = subflow->token;
pr_debug("msk=%p, token=%u", msk, msk->token);
- pm_new_connection(msk);
+ pm_new_connection(msk, 0);
crypto_key_sha1(msk->remote_key, NULL, &ack_seq);
msk->write_seq = subflow->idsn + 1;
@@ -1008,6 +1008,7 @@ void __init mptcp_init(void)
token_init();
crypto_init();
subflow_init();
+ pm_init();
if (proto_register(&mptcp_prot, 1) != 0)
panic("Failed to register MPTCP proto.\n");
diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h
index 7f15f6aab93d..8c04774ea2ec 100644
--- a/net/mptcp/protocol.h
+++ b/net/mptcp/protocol.h
@@ -77,15 +77,33 @@ static inline u32 mptcp_option(u8 subopt, u8 len, u8 nib, u8 field)
((nib & 0xF) << 8) | field);
}
-struct pm_data {
- u8 addr_id;
- sa_family_t family;
+struct mptcp_pm_data {
+ u8 local_valid;
+ u8 local_id;
+ sa_family_t local_family;
+ union {
+ struct in_addr local_addr;
+#if IS_ENABLED(CONFIG_IPV6)
+ struct in6_addr local_addr6;
+#endif
+ };
+ u8 remote_valid;
+ u8 remote_id;
+ sa_family_t remote_family;
union {
- struct in_addr addr;
+ struct in_addr remote_addr;
#if IS_ENABLED(CONFIG_IPV6)
- struct in6_addr addr6;
+ struct in6_addr remote_addr6;
#endif
};
+ u32 remote_token;
+ u8 server_side : 1,
+ fully_established : 1;
+
+ /* for interim path manager */
+ struct work_struct addr_work;
+ struct work_struct subflow_work;
+ u32 token;
};
/* MPTCP connection sock */
@@ -99,7 +117,7 @@ struct mptcp_sock {
u32 token;
struct list_head conn_list;
struct socket *subflow; /* outgoing connect/listener/!mp_capable */
- struct pm_data pm;
+ struct mptcp_pm_data pm;
u8 addr_signal;
};
@@ -222,7 +240,8 @@ void crypto_key_sha1(u64 key, u32 *token, u64 *idsn);
void crypto_hmac_sha1(u64 key1, u64 key2, u32 *hash_out,
int arg_num, ...);
-void pm_new_connection(struct mptcp_sock *msk);
+void pm_init(void);
+void pm_new_connection(struct mptcp_sock *msk, int server_side);
void pm_fully_established(struct mptcp_sock *msk);
void pm_connection_closed(struct mptcp_sock *msk);
void pm_subflow_established(struct mptcp_sock *msk, u8 id);
@@ -232,6 +251,8 @@ void pm_add_addr6(struct mptcp_sock *msk, const struct in6_addr *addr,
u8 id);
void pm_rm_addr(struct mptcp_sock *msk, u8 id);
bool pm_addr_signal(struct mptcp_sock *msk, unsigned int *size,
unsigned int remaining, struct mptcp_out_options *opts);
+int pm_get_local_id(struct request_sock *req, struct sock *sk,
+ const struct sk_buff *skb);
static inline struct mptcp_ext *mptcp_get_ext(struct sk_buff *skb)
{
--
2.17.2
3:29 p.m.
New subject: [PATCH 1/9] Extend path manager interface
Hi,
I have some questions out of sheer ignorance on my side, please see
below ;)
On Wed, 2019-07-17 at 15:12 -0700, Peter Krystad wrote:
@@ -48,19 +82,48 @@ void pm_rm_addr(struct mptcp_sock *msk, u8 id)
pr_debug("msk=%p", msk);
}
+/* path manager helpers */
+
bool pm_addr_signal(struct mptcp_sock *msk, unsigned int *size,
unsigned int remaining, struct mptcp_out_options *opts)
{
- if (!msk || !msk->addr_signal)
+ if (!msk->pm.fully_established || !msk->addr_signal)
return false;
- if (msk->pm.family == AF_INET && remaining < TCPOLEN_MPTCP_ADD_ADDR)
+ if (!msk->pm.local_valid)
return false;
- pr_debug("msk=%p", msk);
+ if (msk->pm.local_family == AF_INET &&
+ remaining < TCPOLEN_MPTCP_ADD_ADDR)
+ return false;
+
+ pr_debug("msk=%p, addr_id=%d", msk, msk->pm.local_id);
opts->suboptions |= OPTION_MPTCP_ADD_ADDR;
- opts->addr_id = msk->pm.addr_id;
- opts->addr.s_addr = msk->pm.addr.s_addr;
+ opts->addr_id = msk->pm.local_id;
+ opts->addr.s_addr = msk->pm.local_addr.s_addr;
+ *size = TCPOLEN_MPTCP_ADD_ADDR;
+ msk->addr_signal = 0;
Strictly speaking not related to this patch, but more to the existing
code... perhaps 'opts' updating belong to
options.c/mptcp_established_options_addr() more than the path manager?
index 7f15f6aab93d..8c04774ea2ec 100644
--- a/net/mptcp/protocol.h
+++ b/net/mptcp/protocol.h
@@ -77,15 +77,33 @@ static inline u32 mptcp_option(u8 subopt, u8 len, u8 nib, u8 field)
((nib & 0xF) << 8) | field);
}
-struct pm_data {
- u8 addr_id;
- sa_family_t family;
+struct mptcp_pm_data {
+ u8 local_valid;
+ u8 local_id;
+ sa_family_t local_family;
+ union {
+ struct in_addr local_addr;
+#if IS_ENABLED(CONFIG_IPV6)
+ struct in6_addr local_addr6;
+#endif
+ };
+ u8 remote_valid;
+ u8 remote_id;
+ sa_family_t remote_family;
union {
- struct in_addr addr;
+ struct in_addr remote_addr;
#if IS_ENABLED(CONFIG_IPV6)
- struct in6_addr addr6;
+ struct in6_addr remote_addr6;
#endif
};
Are we going to need a list/container here? (to handle multiples addrs)
I see is likely too early to cope with the extra complexity, just to
have a clearer picture of the road ahead ;)
Cheers,
Paolo
1:45 a.m.
New subject: [PATCH 1/9] Extend path manager interface
On Thu, 2019-07-18 at 09:29 +0200, Paolo Abeni wrote:
Hi,
I have some questions out of sheer ignorance on my side, please see
below ;)
On Wed, 2019-07-17 at 15:12 -0700, Peter Krystad wrote:
> @@ -48,19 +82,48 @@ void pm_rm_addr(struct mptcp_sock *msk, u8 id)
> pr_debug("msk=%p", msk);
> }
>
> +/* path manager helpers */
> +
> bool pm_addr_signal(struct mptcp_sock *msk, unsigned int *size,
> unsigned int remaining, struct mptcp_out_options *opts)
> {
> - if (!msk || !msk->addr_signal)
> + if (!msk->pm.fully_established || !msk->addr_signal)
> return false;
>
> - if (msk->pm.family == AF_INET && remaining <
TCPOLEN_MPTCP_ADD_ADDR)
> + if (!msk->pm.local_valid)
> return false;
>
> - pr_debug("msk=%p", msk);
> + if (msk->pm.local_family == AF_INET &&
> + remaining < TCPOLEN_MPTCP_ADD_ADDR)
> + return false;
> +
> + pr_debug("msk=%p, addr_id=%d", msk, msk->pm.local_id);
> opts->suboptions |= OPTION_MPTCP_ADD_ADDR;
> - opts->addr_id = msk->pm.addr_id;
> - opts->addr.s_addr = msk->pm.addr.s_addr;
> + opts->addr_id = msk->pm.local_id;
> + opts->addr.s_addr = msk->pm.local_addr.s_addr;
> + *size = TCPOLEN_MPTCP_ADD_ADDR;
> + msk->addr_signal = 0;
Strictly speaking not related to this patch, but more to the existing
code... perhaps 'opts' updating belong to
options.c/mptcp_established_options_addr() more than the path manager?
Agreed, I'll revise.
> index 7f15f6aab93d..8c04774ea2ec 100644
> --- a/net/mptcp/protocol.h
> +++ b/net/mptcp/protocol.h
> @@ -77,15 +77,33 @@ static inline u32 mptcp_option(u8 subopt, u8 len, u8 nib, u8
field)
> ((nib & 0xF) << 8) | field);
> }
>
> -struct pm_data {
> - u8 addr_id;
> - sa_family_t family;
> +struct mptcp_pm_data {
> + u8 local_valid;
> + u8 local_id;
> + sa_family_t local_family;
> + union {
> + struct in_addr local_addr;
> +#if IS_ENABLED(CONFIG_IPV6)
> + struct in6_addr local_addr6;
> +#endif
> + };
> + u8 remote_valid;
> + u8 remote_id;
> + sa_family_t remote_family;
> union {
> - struct in_addr addr;
> + struct in_addr remote_addr;
> #if IS_ENABLED(CONFIG_IPV6)
> - struct in6_addr addr6;
> + struct in6_addr remote_addr6;
> #endif
> };
Are we going to need a list/container here? (to handle multiples addrs)
I see is likely too early to cope with the extra complexity, just to
have a clearer picture of the road ahead ;)
Indeed. For now this is a list of length one. :)
Although you night argue for some of our primary use cases this is probably
enough...
Peter.
Cheers,
Paolo
6:12 a.m.
New subject: [PATCH 2/9] Fix locking in mptcp_finish_join.
Lock was being taken on the subflow sock, not mptcp_sock.
squashto: Add handling of incoming MP_JOIN requests
Signed-off-by: Peter Krystad <peter.krystad(a)linux.intel.com>
---
net/mptcp/protocol.c | 9 +++++----
net/mptcp/protocol.h | 2 +-
net/mptcp/subflow.c | 2 +-
3 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c
index a56085742cf7..1664a69c8e30 100644
--- a/net/mptcp/protocol.c
+++ b/net/mptcp/protocol.c
@@ -777,18 +777,19 @@ void mptcp_finish_connect(struct sock *sk, int mp_capable)
inet_sk_state_store(sk, TCP_ESTABLISHED);
}
-void mptcp_finish_join(struct sock *conn, struct sock *sk)
+void mptcp_finish_join(struct sock *sk)
{
struct subflow_context *subflow = subflow_ctx(sk);
- struct mptcp_sock *msk = mptcp_sk(conn);
+ struct mptcp_sock *msk = mptcp_sk(subflow->conn);
pr_debug("msk=%p, subflow=%p", msk, subflow);
local_bh_disable();
- bh_lock_sock_nested(sk);
+ bh_lock_sock_nested(subflow->conn);
list_add_tail(&subflow->node, &msk->conn_list);
- bh_unlock_sock(sk);
+ bh_unlock_sock(subflow->conn);
local_bh_enable();
+ inet_sk_state_store(sk, TCP_ESTABLISHED);
}
bool mptcp_sk_is_subflow(const struct sock *sk)
diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h
index 8c04774ea2ec..9d6b10e5479c 100644
--- a/net/mptcp/protocol.h
+++ b/net/mptcp/protocol.h
@@ -210,7 +210,7 @@ void mptcp_get_options(const struct sk_buff *skb,
struct tcp_options_received *opt_rx);
void mptcp_finish_connect(struct sock *sk, int mp_capable);
-void mptcp_finish_join(struct sock *conn, struct sock *sk);
+void mptcp_finish_join(struct sock *sk);
void token_init(void);
void token_new_request(struct request_sock *req, const struct sk_buff *skb);
diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c
index fdc5aecab897..32652f7d1497 100644
--- a/net/mptcp/subflow.c
+++ b/net/mptcp/subflow.c
@@ -171,7 +171,7 @@ static struct sock *subflow_syn_recv_sock(const struct sock *sk,
if (token_new_join(child))
goto close_child;
else
- mptcp_finish_join(ctx->conn, child);
+ mptcp_finish_join(child);
}
}
--
2.17.2
6:12 a.m.
New subject: [PATCH 3/9] Fix parsing MP_JOIN third ACK.
There is a reserved byte of zero's in there.
squashto: Add handling of incoming MP_JOIN requests
Signed-off-by: Peter Krystad <peter.krystad(a)linux.intel.com>
---
net/mptcp/options.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/mptcp/options.c b/net/mptcp/options.c
index 0d0d47f84adb..b5a86f47f097 100644
--- a/net/mptcp/options.c
+++ b/net/mptcp/options.c
@@ -92,7 +92,7 @@ void mptcp_parse_option(const unsigned char *ptr, int opsize,
mp_opt->backup, mp_opt->join_id,
mp_opt->thmac, mp_opt->nonce);
} else if (opsize == TCPOLEN_MPTCP_MPJ_ACK) {
- ptr++;
+ ptr += 2;
memcpy(mp_opt->hmac, ptr, MPTCPOPT_HMAC_LEN);
pr_debug("MP_JOIN hmac");
} else {
--
2.17.2
6:12 a.m.
New subject: [PATCH 4/9] Re-factor and fixes for crypto_hmac_sha1()
Re-factor to use parameters specific to MPTCP use case similar to
crypto_key_sha1() and get rid of var args. Also fix endianness issues.
squash to: Add key generation and token tree
and: Add handling of incoming MP_JOIN requests
Signed-off-by: Peter Krystad <peter.krystad(a)linux.intel.com>
---
net/mptcp/crypto.c | 23 +++++++++--------------
net/mptcp/protocol.h | 4 ++--
net/mptcp/token.c | 19 ++++++++-----------
3 files changed, 19 insertions(+), 27 deletions(-)
diff --git a/net/mptcp/crypto.c b/net/mptcp/crypto.c
index 26a68aa1933a..7ab22b3de2d2 100644
--- a/net/mptcp/crypto.c
+++ b/net/mptcp/crypto.c
@@ -118,23 +118,23 @@ void crypto_key_sha1(u64 key, u32 *token, u64 *idsn)
*idsn = ((u64)mptcp_hashed_key[3] << 32) + mptcp_hashed_key[4];
}
-void crypto_hmac_sha1(u64 key1, u64 key2, u32 *hash_out,
- int arg_num, ...)
+void crypto_hmac_sha1(u64 key1, u64 key2, u32 nonce1, u32 nonce2, u32 *hash_out)
{
u32 workspace[SHA_WORKSPACE_WORDS];
u8 input[128]; /* 2 512-bit blocks */
int i;
int index;
- int length;
- u8 *msg;
- va_list list;
u8 key_1[8];
u8 key_2[8];
+ u8 nonce_1[4];
+ u8 nonce_2[4];
memset(workspace, 0, sizeof(workspace));
put_unaligned_be64(key1, key_1);
put_unaligned_be64(key2, key_2);
+ put_unaligned_be32(nonce1, nonce_1);
+ put_unaligned_be32(nonce2, nonce_2);
/* Generate key xored with ipad */
memset(input, 0x36, 64);
@@ -143,16 +143,11 @@ void crypto_hmac_sha1(u64 key1, u64 key2, u32 *hash_out,
for (i = 0; i < 8; i++)
input[i + 8] ^= key_2[i];
- va_start(list, arg_num);
index = 64;
- for (i = 0; i < arg_num; i++) {
- length = va_arg(list, int);
- msg = va_arg(list, u8 *);
- WARN_ON(index + length > 125); /* Message is too long */
- memcpy(&input[index], msg, length);
- index += length;
- }
- va_end(list);
+ memcpy(&input[index], nonce_1, 4);
+ index = 68;
+ memcpy(&input[index], nonce_2, 4);
+ index = 72;
input[index] = 0x80; /* Padding: First bit after message = 1 */
memset(&input[index + 1], 0, (126 - index));
diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h
index 9d6b10e5479c..ff4f38da9276 100644
--- a/net/mptcp/protocol.h
+++ b/net/mptcp/protocol.h
@@ -237,8 +237,8 @@ u32 crypto_v6_get_nonce(const struct in6_addr *saddr,
const struct in6_addr *daddr,
__be16 sport, __be16 dport);
void crypto_key_sha1(u64 key, u32 *token, u64 *idsn);
-void crypto_hmac_sha1(u64 key1, u64 key2, u32 *hash_out,
- int arg_num, ...);
+void crypto_hmac_sha1(u64 key1, u64 key2, u32 nonce1, u32 nonce2,
+ u32 *hash_out);
void pm_init(void);
void pm_new_connection(struct mptcp_sock *msk, int server_side);
diff --git a/net/mptcp/token.c b/net/mptcp/token.c
index c2f4fcb37566..c9160f50f047 100644
--- a/net/mptcp/token.c
+++ b/net/mptcp/token.c
@@ -114,12 +114,11 @@ static void new_req_join(struct request_sock *req, struct sock *sk,
}
subflow_req->local_nonce = nonce;
- crypto_hmac_sha1(msk->local_key,
- msk->remote_key,
- (u32 *)hmac, 2,
- 4, (u8 *)&subflow_req->local_nonce,
- 4, (u8 *)&subflow_req->remote_nonce);
- subflow_req->thmac = *(u64 *)hmac;
+ crypto_hmac_sha1(msk->local_key, msk->remote_key,
+ subflow_req->local_nonce, subflow_req->remote_nonce,
+ (u32 *)hmac);
+
+ subflow_req->thmac = get_unaligned_be64(hmac);
pr_debug("local_nonce=%u, thmac=%llu", subflow_req->local_nonce,
subflow_req->thmac);
}
@@ -131,11 +130,9 @@ static int new_join_valid(struct request_sock *req, struct sock *sk,
struct mptcp_sock *msk = mptcp_sk(sk);
u8 hmac[MPTCPOPT_HMAC_LEN];
- crypto_hmac_sha1(msk->remote_key,
- msk->local_key,
- (u32 *)hmac, 2,
- 4, (u8 *)&subflow_req->remote_nonce,
- 4, (u8 *)&subflow_req->local_nonce);
+ crypto_hmac_sha1(msk->remote_key, msk->local_key,
+ subflow_req->remote_nonce, subflow_req->local_nonce,
+ (u32 *)hmac);
return memcmp(hmac, (char *)rx_opt->mptcp.hmac, MPTCPOPT_HMAC_LEN);
}
--
2.17.2
3:06 p.m.
New subject: [PATCH 4/9] Re-factor and fixes for crypto_hmac_sha1()
Hi,
On Wed, 2019-07-17 at 15:12 -0700, Peter Krystad wrote:
Re-factor to use parameters specific to MPTCP use case similar to
diff --git a/net/mptcp/token.c b/net/mptcp/token.c
index c2f4fcb37566..c9160f50f047 100644
--- a/net/mptcp/token.c
+++ b/net/mptcp/token.c
@@ -114,12 +114,11 @@ static void new_req_join(struct request_sock *req, struct sock
*sk,
}
subflow_req->local_nonce = nonce;
>local_key,
- msk->remote_key,
- (u32 *)hmac, 2,
- 4, (u8 *)&subflow_req->local_nonce,
- 4, (u8 *)&subflow_req->remote_nonce);
- subflow_req->thmac = *(u64 *)hmac;
+ crypto_hmac_sha1(msk->local_key, msk->remote_key,
+ subflow_req->local_nonce, subflow_req->remote_nonce,
+ (u32 *)hmac);
+
+ subflow_req->thmac = get_unaligned_be64(hmac);
pr_debug("local_nonce=%u, thmac=%llu", subflow_req->local_nonce,
subflow_req->thmac);
}
It looks like this is going to conflict with Davide's pending patch
"net: mptcp: randomness improvements for crypto.c"
Other than this, LGTM!
Paolo
1:46 a.m.
New subject: [PATCH 4/9] Re-factor and fixes for crypto_hmac_sha1()
On Thu, 2019-07-18 at 09:06 +0200, Paolo Abeni wrote:
Hi,
On Wed, 2019-07-17 at 15:12 -0700, Peter Krystad wrote:
> Re-factor to use parameters specific to MPTCP use case similar to
> diff --git a/net/mptcp/token.c b/net/mptcp/token.c
> index c2f4fcb37566..c9160f50f047 100644
> --- a/net/mptcp/token.c
> +++ b/net/mptcp/token.c
> @@ -114,12 +114,11 @@ static void new_req_join(struct request_sock *req, struct sock
*sk,
> }
> subflow_req->local_nonce = nonce;
> >local_key,
> - msk->remote_key,
> - (u32 *)hmac, 2,
> - 4, (u8 *)&subflow_req->local_nonce,
> - 4, (u8 *)&subflow_req->remote_nonce);
> - subflow_req->thmac = *(u64 *)hmac;
> + crypto_hmac_sha1(msk->local_key, msk->remote_key,
> + subflow_req->local_nonce, subflow_req->remote_nonce,
> + (u32 *)hmac);
> +
> + subflow_req->thmac = get_unaligned_be64(hmac);
> pr_debug("local_nonce=%u, thmac=%llu", subflow_req->local_nonce,
> subflow_req->thmac);
> }
It looks like this is going to conflict with Davide's pending patch
"net: mptcp: randomness improvements for crypto.c"
I will revise this once his is merged.
Peter.
Other than this, LGTM!
Paolo
6:12 a.m.
New subject: [PATCH 5/9] Rename mptcp_attach_dss()
Other incoming MPTCP options will be handled in this routine.
squashto: Implement MPTCP receive path
Signed-off-by: Peter Krystad <peter.krystad(a)linux.intel.com>
---
include/net/mptcp.h | 10 +++++-----
net/ipv4/tcp_input.c | 4 ++--
net/mptcp/options.c | 4 ++--
3 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/include/net/mptcp.h b/include/net/mptcp.h
index 6cd650838ddf..bb2dd193c0c5 100644
--- a/include/net/mptcp.h
+++ b/include/net/mptcp.h
@@ -68,9 +68,8 @@ bool mptcp_synack_options(const struct request_sock *req, unsigned int
*size,
bool mptcp_established_options(struct sock *sk, struct sk_buff *skb,
unsigned int *size, unsigned int remaining,
struct mptcp_out_options *opts);
-
-void mptcp_attach_dss(struct sock *sk, struct sk_buff *skb,
- struct tcp_options_received *opt_rx);
+void mptcp_incoming_options(struct sock *sk, struct sk_buff *skb,
+ struct tcp_options_received *opt_rx);
static inline bool mptcp_skb_ext_exist(const struct sk_buff *skb)
{
@@ -128,8 +127,9 @@ static inline bool mptcp_established_options(struct sock *sk,
return false;
}
-static inline void mptcp_attach_dss(struct sock *sk, struct sk_buff *skb,
- struct tcp_options_received *opt_rx)
+static inline void mptcp_incoming_options(struct sock *sk,
+ struct sk_buff *skb,
+ struct tcp_options_received *opt_rx)
{
}
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
index b92985b4762c..ca2fea882281 100644
--- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c
@@ -5668,9 +5668,9 @@ void tcp_rcv_established(struct sock *sk, struct sk_buff *skb)
/* Process urgent data. */
tcp_urg(sk, skb, th);
- /* Prepare MPTCP sequence data */
+ /* Process MPTCP options */
if (sk_is_mptcp(sk))
- mptcp_attach_dss(sk, skb, &tp->rx_opt);
+ mptcp_incoming_options(sk, skb, &tp->rx_opt);
/* step 7: process the segment text */
tcp_data_queue(sk, skb);
diff --git a/net/mptcp/options.c b/net/mptcp/options.c
index b5a86f47f097..1a46cfb1f664 100644
--- a/net/mptcp/options.c
+++ b/net/mptcp/options.c
@@ -476,8 +476,8 @@ bool mptcp_synack_options(const struct request_sock *req, unsigned int
*size,
return false;
}
-void mptcp_attach_dss(struct sock *sk, struct sk_buff *skb,
- struct tcp_options_received *opt_rx)
+void mptcp_incoming_options(struct sock *sk, struct sk_buff *skb,
+ struct tcp_options_received *opt_rx)
{
struct subflow_context *subflow = subflow_ctx(sk);
struct mptcp_sock *msk = mptcp_sk(subflow->conn);
--
2.17.2
6:12 a.m.
New subject: [PATCH 6/9] Fix return value if no DSS option is created.
Strictly speaking mptcp_established_options_dss() should
return false if no DSS option is created.
squashto: Write MPTCP DSS headers to outgoing data packets
Signed-off-by: Peter Krystad <peter.krystad(a)linux.intel.com>
---
net/mptcp/options.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/net/mptcp/options.c b/net/mptcp/options.c
index 1a46cfb1f664..b0e3a1edc0ff 100644
--- a/net/mptcp/options.c
+++ b/net/mptcp/options.c
@@ -400,6 +400,9 @@ static bool mptcp_established_options_dss(struct sock *sk, struct
sk_buff *skb,
WARN(1, "MPTCP: Ack dropped");
}
+ if (!dss_size)
+ return false;
+
*size = ALIGN(dss_size, 4);
return true;
}
--
2.17.2
6:12 a.m.
New subject: [PATCH 7/9] Move setting request_ fields of subflow to MPTCP layer
For secondary subflows a different set of request_ fields will
be added that will be set differently based on subflow type
(initial vs secondary).
squashto: Associate MPTCP context with TCP socket
Signed-off-by: Peter Krystad <peter.krystad(a)linux.intel.com>
---
net/mptcp/protocol.c | 13 +++++++++++++
net/mptcp/protocol.h | 2 +-
net/mptcp/subflow.c | 7 ++-----
3 files changed, 16 insertions(+), 6 deletions(-)
diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c
index 1664a69c8e30..fe73379a81df 100644
--- a/net/mptcp/protocol.c
+++ b/net/mptcp/protocol.c
@@ -840,6 +840,7 @@ static int mptcp_stream_connect(struct socket *sock, struct sockaddr
*uaddr,
int addr_len, int flags)
{
struct mptcp_sock *msk = mptcp_sk(sock->sk);
+ struct subflow_context *subflow;
int err = -ENOTSUPP;
pr_debug("msk=%p", msk);
@@ -853,6 +854,11 @@ static int mptcp_stream_connect(struct socket *sock, struct sockaddr
*uaddr,
return err;
}
+ subflow = subflow_ctx(msk->subflow->sk);
+ subflow->request_mptcp = 1; /* @@ if MPTCP enabled */
+ subflow->request_cksum = 1; /* @@ if checksum enabled */
+ subflow->request_version = 0; /* only v0 supported */
+
return inet_stream_connect(msk->subflow, uaddr, addr_len, flags);
}
@@ -902,6 +908,7 @@ static int mptcp_getname(struct socket *sock, struct sockaddr *uaddr,
static int mptcp_listen(struct socket *sock, int backlog)
{
struct mptcp_sock *msk = mptcp_sk(sock->sk);
+ struct subflow_context *subflow;
int err;
pr_debug("msk=%p", msk);
@@ -911,6 +918,12 @@ static int mptcp_listen(struct socket *sock, int backlog)
if (err)
return err;
}
+
+ subflow = subflow_ctx(msk->subflow->sk);
+ subflow->request_mptcp = 1; /* @@ if MPTCP enabled */
+ subflow->request_cksum = 1; /* @@ if checksum enabled */
+ subflow->request_version = 0; /* only v0 supported */
+
return inet_listen(msk->subflow, backlog);
}
diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h
index ff4f38da9276..1ce9130dee66 100644
--- a/net/mptcp/protocol.h
+++ b/net/mptcp/protocol.h
@@ -168,10 +168,10 @@ struct subflow_context {
u16 map_data_len;
u16 request_mptcp : 1, /* send MP_CAPABLE */
request_cksum : 1,
+ request_version : 4,
mp_capable : 1, /* remote is MPTCP capable */
mp_join : 1, /* remote is JOINing */
fourth_ack : 1, /* send initial DSS */
- version : 4,
conn_finished : 1,
use_checksum : 1,
map_valid : 1,
diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c
index 32652f7d1497..b9a40cdb1d4d 100644
--- a/net/mptcp/subflow.c
+++ b/net/mptcp/subflow.c
@@ -62,8 +62,8 @@ static void subflow_v4_init_req(struct request_sock *req,
if (rx_opt.mptcp.mp_capable && listener->request_mptcp) {
subflow_req->mp_capable = 1;
- if (rx_opt.mptcp.version >= listener->version)
- subflow_req->version = listener->version;
+ if (rx_opt.mptcp.version >= listener->request_version)
+ subflow_req->version = listener->request_version;
else
subflow_req->version = rx_opt.mptcp.version;
if ((rx_opt.mptcp.flags & MPTCP_CAP_CHECKSUM_REQD) ||
@@ -224,9 +224,6 @@ int subflow_create_socket(struct sock *sk, struct socket **new_sock)
*new_sock = sf;
subflow->conn = sk;
- subflow->request_mptcp = 1; // @@ if MPTCP enabled
- subflow->request_cksum = 1; // @@ if checksum enabled
- subflow->version = 0;
return 0;
}
--
2.17.2
3:31 p.m.
New subject: [PATCH 7/9] Move setting request_ fields of subflow to MPTCP layer
On Wed, 2019-07-17 at 15:12 -0700, Peter Krystad wrote:
diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c
index 1664a69c8e30..fe73379a81df 100644
--- a/net/mptcp/protocol.c
+++ b/net/mptcp/protocol.c
@@ -853,6 +854,11 @@ static int mptcp_stream_connect(struct socket *sock, struct sockaddr
*uaddr,
return err;
}
+ subflow = subflow_ctx(msk->subflow->sk);
+ subflow->request_mptcp = 1; /* @@ if MPTCP enabled */
+ subflow->request_cksum = 1; /* @@ if checksum enabled */
+ subflow->request_version = 0; /* only v0 supported */
+
Since this chunck is replicated a few lines below, and possibly some
more code is going to be added to this section, with time, what about
adding an helper for that?
Cheers,
Paolo
1:49 a.m.
New subject: [PATCH 7/9] Move setting request_ fields of subflow to MPTCP layer
On Thu, 2019-07-18 at 09:31 +0200, Paolo Abeni wrote:
On Wed, 2019-07-17 at 15:12 -0700, Peter Krystad wrote:
> diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c
> index 1664a69c8e30..fe73379a81df 100644
> --- a/net/mptcp/protocol.c
> +++ b/net/mptcp/protocol.c
> @@ -853,6 +854,11 @@ static int mptcp_stream_connect(struct socket *sock, struct
sockaddr *uaddr,
> return err;
> }
>
> + subflow = subflow_ctx(msk->subflow->sk);
> + subflow->request_mptcp = 1; /* @@ if MPTCP enabled */
> + subflow->request_cksum = 1; /* @@ if checksum enabled */
> + subflow->request_version = 0; /* only v0 supported */
> +
Since this chunck is replicated a few lines below, and possibly some
more code is going to be added to this section, with time, what about
adding an helper for that?
OK, will do.
Cheers,
Paolo
6:12 a.m.
New subject: [PATCH 8/9] mptcp: Add handling of outgoing MP_JOIN requests
Subflow creation may be initiated by the path manager when
the primary connection is fully established and a remote
address has been received via ADD_ADDR.
Create an in-kernel sock and use kernel_connect() to
initiate connection. When a valid SYN-ACK is received the
new sock is added to the tail of the mptcp sock conn_list
where it will not interfere with data flow on the original
connection.
Data flow and connection failover not addressed by this commit.
Signed-off-by: Peter Krystad <peter.krystad(a)linux.intel.com>
---
include/net/mptcp.h | 2 ++
net/mptcp/options.c | 51 ++++++++++++++++++++++++++++++++---
net/mptcp/protocol.c | 2 ++
net/mptcp/protocol.h | 11 ++++++++
net/mptcp/subflow.c | 63 +++++++++++++++++++++++++++++++++++++++++++-
net/mptcp/token.c | 63 ++++++++++++++++++++++++++++++++++++++++++++
6 files changed, 187 insertions(+), 5 deletions(-)
diff --git a/include/net/mptcp.h b/include/net/mptcp.h
index bb2dd193c0c5..50cd1b31ebdd 100644
--- a/include/net/mptcp.h
+++ b/include/net/mptcp.h
@@ -40,6 +40,8 @@ struct mptcp_out_options {
u8 backup;
u32 nonce;
u64 thmac;
+ u32 token;
+ u8 hmac[20];
struct mptcp_ext ext_copy;
#endif
};
diff --git a/net/mptcp/options.c b/net/mptcp/options.c
index b0e3a1edc0ff..6bc83a9a29a9 100644
--- a/net/mptcp/options.c
+++ b/net/mptcp/options.c
@@ -300,6 +300,16 @@ bool mptcp_syn_options(struct sock *sk, unsigned int *size,
opts->sndr_key = subflow->local_key;
*size = TCPOLEN_MPTCP_MPC_SYN;
return true;
+ } else if (subflow->request_join) {
+ pr_debug("token=%u, nonce=%u", subflow->token,
+ subflow->local_nonce);
+ opts->suboptions = OPTION_MPTCP_MPJ_SYN;
+ opts->join_id = subflow->remote_id;
+ opts->token = subflow->token;
+ opts->nonce = subflow->local_nonce;
+ opts->backup = subflow->request_bkup;
+ *size = TCPOLEN_MPTCP_MPJ_SYN;
+ return true;
}
return false;
}
@@ -309,10 +319,17 @@ void mptcp_rcv_synsent(struct sock *sk)
struct tcp_sock *tp = tcp_sk(sk);
struct subflow_context *subflow = subflow_ctx(sk);
- pr_debug("subflow=%p", subflow);
if (subflow->request_mptcp && tp->rx_opt.mptcp.mp_capable) {
subflow->mp_capable = 1;
subflow->remote_key = tp->rx_opt.mptcp.sndr_key;
+ pr_debug("subflow=%p, remote_key=%llu", subflow,
+ subflow->remote_key);
+ } else if (subflow->request_join && tp->rx_opt.mptcp.mp_join) {
+ subflow->mp_join = 1;
+ subflow->thmac = tp->rx_opt.mptcp.thmac;
+ subflow->remote_nonce = tp->rx_opt.mptcp.nonce;
+ pr_debug("subflow=%p, thmac=%llu, remote_nonce=%u", subflow,
+ subflow->thmac, subflow->remote_nonce);
}
}
@@ -322,7 +339,8 @@ static bool mptcp_established_options_mp(struct sock *sk, unsigned int
*size,
{
struct subflow_context *subflow = subflow_ctx(sk);
- if (!subflow->fourth_ack && remaining >= TCPOLEN_MPTCP_MPC_ACK) {
+ if (subflow->mp_capable && !subflow->fourth_ack &&
+ remaining >= TCPOLEN_MPTCP_MPC_ACK) {
opts->suboptions = OPTION_MPTCP_MPC_ACK;
opts->sndr_key = subflow->local_key;
opts->rcvr_key = subflow->remote_key;
@@ -331,6 +349,14 @@ static bool mptcp_established_options_mp(struct sock *sk, unsigned
int *size,
pr_debug("subflow=%p, local_key=%llu, remote_key=%llu",
subflow, subflow->local_key, subflow->remote_key);
return true;
+ } else if (subflow->mp_join && !subflow->fourth_ack &&
+ remaining >= TCPOLEN_MPTCP_MPJ_ACK) {
+ opts->suboptions = OPTION_MPTCP_MPJ_ACK;
+ memcpy(opts->hmac, subflow->hmac, MPTCPOPT_HMAC_LEN);
+ *size = TCPOLEN_MPTCP_MPJ_ACK;
+ subflow->fourth_ack = 1;
+ pr_debug("subflow=%p", subflow);
+ return true;
}
return false;
}
@@ -425,10 +451,11 @@ bool mptcp_established_options(struct sock *sk, struct sk_buff
*skb,
unsigned int *size, unsigned int remaining,
struct mptcp_out_options *opts)
{
+ struct subflow_context *subflow = subflow_ctx(sk);
unsigned int opt_size = 0;
bool ret = false;
- if (!subflow_ctx(sk)->mp_capable)
+ if (!subflow->mp_capable && !subflow->mp_join)
return false;
opts->suboptions = 0;
@@ -525,7 +552,6 @@ void mptcp_incoming_options(struct sock *sk, struct sk_buff *skb,
if (msk)
pm_fully_established(msk);
-
}
void mptcp_write_options(__be32 *ptr, struct mptcp_out_options *opts)
@@ -574,6 +600,16 @@ void mptcp_write_options(__be32 *ptr, struct mptcp_out_options
*opts)
0, opts->addr_id);
}
+ if (OPTION_MPTCP_MPJ_SYN & opts->suboptions) {
+ *ptr++ = mptcp_option(MPTCPOPT_MP_JOIN,
+ TCPOLEN_MPTCP_MPJ_SYN,
+ opts->backup, opts->join_id);
+ put_unaligned_be32(opts->token, ptr);
+ ptr += 1;
+ put_unaligned_be32(opts->nonce, ptr);
+ ptr += 1;
+ }
+
if (OPTION_MPTCP_MPJ_SYNACK & opts->suboptions) {
*ptr++ = mptcp_option(MPTCPOPT_MP_JOIN,
TCPOLEN_MPTCP_MPJ_SYNACK,
@@ -584,6 +620,13 @@ void mptcp_write_options(__be32 *ptr, struct mptcp_out_options
*opts)
ptr += 1;
}
+ if (OPTION_MPTCP_MPJ_ACK & opts->suboptions) {
+ *ptr++ = mptcp_option(MPTCPOPT_MP_JOIN,
+ TCPOLEN_MPTCP_MPJ_ACK, 0, 0);
+ memcpy(ptr, opts->hmac, MPTCPOPT_HMAC_LEN);
+ ptr += 5;
+ }
+
if (opts->ext_copy.use_ack || opts->ext_copy.use_map) {
struct mptcp_ext *mpext = &opts->ext_copy;
u8 len = TCPOLEN_MPTCP_DSS_BASE;
diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c
index fe73379a81df..26047d681dd3 100644
--- a/net/mptcp/protocol.c
+++ b/net/mptcp/protocol.c
@@ -758,6 +758,8 @@ void mptcp_finish_connect(struct sock *sk, int mp_capable)
msk->local_key = subflow->local_key;
msk->token = subflow->token;
pr_debug("msk=%p, token=%u", msk, msk->token);
+ msk->dport = ntohs(inet_sk(msk->subflow->sk)->inet_dport);
+ pr_debug("dport=%d", msk->dport);
pm_new_connection(msk, 0);
diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h
index 1ce9130dee66..0e265759c575 100644
--- a/net/mptcp/protocol.h
+++ b/net/mptcp/protocol.h
@@ -48,8 +48,10 @@
#define TCPOLEN_MPTCP_ADD_ADDR6 20
#define TCPOLEN_MPTCP_RM_ADDR 4
+/* MPTCP MP_JOIN flags */
#define MPTCPOPT_BACKUP BIT(0)
#define MPTCPOPT_HMAC_LEN 20
+#define MPTCPOPT_THMAC_LEN 8
/* MPTCP MP_CAPABLE flags */
#define MPTCP_VERSION_MASK (0x0F)
@@ -115,6 +117,7 @@ struct mptcp_sock {
u64 write_seq;
u64 ack_seq;
u32 token;
+ u16 dport;
struct list_head conn_list;
struct socket *subflow; /* outgoing connect/listener/!mp_capable */
struct mptcp_pm_data pm;
@@ -167,7 +170,9 @@ struct subflow_context {
u32 ssn_offset;
u16 map_data_len;
u16 request_mptcp : 1, /* send MP_CAPABLE */
+ request_join : 1, /* send MP_JOIN */
request_cksum : 1,
+ request_bkup : 1,
request_version : 4,
mp_capable : 1, /* remote is MPTCP capable */
mp_join : 1, /* remote is JOINing */
@@ -179,6 +184,7 @@ struct subflow_context {
u32 remote_nonce;
u64 thmac;
u32 local_nonce;
+ u8 hmac[MPTCPOPT_HMAC_LEN];
u8 local_id;
u8 remote_id;
@@ -202,6 +208,8 @@ mptcp_subflow_tcp_socket(const struct subflow_context *subflow)
}
void subflow_init(void);
+int subflow_connect(struct sock *sk, struct sockaddr_in *local,
+ struct sockaddr_in *remote, u8 remote_id);
int subflow_create_socket(struct sock *sk, struct socket **new_sock);
extern const struct inet_connection_sock_af_ops ipv4_specific;
@@ -215,13 +223,16 @@ void mptcp_finish_join(struct sock *sk);
void token_init(void);
void token_new_request(struct request_sock *req, const struct sk_buff *skb);
int token_join_request(struct request_sock *req, const struct sk_buff *skb);
+int token_join_response(struct sock *sk);
int token_join_valid(struct request_sock *req,
struct tcp_options_received *rx_opt);
void token_destroy_request(u32 token);
void token_new_connect(struct sock *sk);
+void token_new_subflow(struct sock *sk);
void token_new_accept(struct sock *sk);
int token_new_join(struct sock *sk);
void token_update_accept(struct sock *sk, struct sock *conn);
+struct sock *token_lookup(u32 token);
void token_release(u32 token);
void token_destroy(u32 token);
diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c
index b9a40cdb1d4d..135948423b00 100644
--- a/net/mptcp/subflow.c
+++ b/net/mptcp/subflow.c
@@ -22,6 +22,9 @@ static int subflow_rebuild_header(struct sock *sk)
if (subflow->request_mptcp && !subflow->token) {
pr_debug("subflow=%p", sk);
token_new_connect(sk);
+ } else if (subflow->request_join && !subflow->local_nonce) {
+ pr_debug("subflow=%p", sk);
+ token_new_subflow(sk);
}
return inet_sk_rebuild_header(sk);
@@ -95,7 +98,10 @@ static void subflow_finish_connect(struct sock *sk, const struct
sk_buff *skb)
inet_sk_rx_dst_set(sk, skb);
- if (subflow->conn && !subflow->conn_finished) {
+ if (!subflow->conn)
+ return;
+
+ if (subflow->mp_capable && !subflow->conn_finished) {
pr_debug("subflow=%p, remote_key=%llu", subflow_ctx(sk),
subflow->remote_key);
mptcp_finish_connect(subflow->conn, subflow->mp_capable);
@@ -105,6 +111,17 @@ static void subflow_finish_connect(struct sock *sk, const struct
sk_buff *skb)
pr_debug("synack seq=%u", TCP_SKB_CB(skb)->seq);
subflow->ssn_offset = TCP_SKB_CB(skb)->seq;
}
+ } else if (subflow->mp_join && !subflow->conn_finished) {
+ pr_debug("subflow=%p, thmac=%llu, remote_nonce=%u",
+ subflow_ctx(sk), subflow->thmac,
+ subflow->remote_nonce);
+ if (token_join_response(sk)) {
+ subflow->mp_join = 0;
+ // @@ need to trigger RST
+ } else {
+ mptcp_finish_join(sk);
+ subflow->conn_finished = 1;
+ }
}
}
@@ -201,6 +218,50 @@ static void subflow_data_ready(struct sock *sk)
}
}
+int subflow_connect(struct sock *sk, struct sockaddr_in *local,
+ struct sockaddr_in *remote, u8 remote_id)
+{
+ struct mptcp_sock *msk = mptcp_sk(sk);
+ struct subflow_context *subflow;
+ struct socket *sf;
+ u32 token;
+ int err;
+
+ err = subflow_create_socket(sk, &sf);
+ if (err)
+ return err;
+
+ err = kernel_bind(sf, (struct sockaddr *)local,
+ sizeof(struct sockaddr_in));
+ if (err) {
+ pr_debug("bind err=%d", err);
+ goto failed;
+ }
+
+ subflow = subflow_ctx(sf->sk);
+ subflow->remote_key = msk->remote_key;
+ subflow->local_key = msk->local_key;
+ crypto_key_sha1(msk->remote_key, &token, NULL);
+ pr_debug("msk=%p token=%u", msk, token);
+ subflow->token = token;
+ subflow->remote_id = remote_id;
+ subflow->request_join = 1;
+ subflow->request_bkup = 1;
+
+ err = kernel_connect(sf, (struct sockaddr *)remote,
+ sizeof(struct sockaddr_in), O_NONBLOCK);
+ if (err && err != -EINPROGRESS) {
+ pr_debug("connect err=%d", err);
+ goto failed;
+ }
+
+ return 0;
+
+failed:
+ /* @@ cleanup the socket */
+ return err;
+}
+
int subflow_create_socket(struct sock *sk, struct socket **new_sock)
{
struct subflow_context *subflow;
diff --git a/net/mptcp/token.c b/net/mptcp/token.c
index c9160f50f047..550f5e165c8d 100644
--- a/net/mptcp/token.c
+++ b/net/mptcp/token.c
@@ -123,6 +123,28 @@ static void new_req_join(struct request_sock *req, struct sock *sk,
subflow_req->thmac);
}
+static int new_rsp_join(struct sock *sk)
+{
+ struct subflow_context *subflow = subflow_ctx(sk);
+ u8 hmac[MPTCPOPT_HMAC_LEN];
+ u64 thmac;
+
+ crypto_hmac_sha1(subflow->remote_key, subflow->local_key,
+ subflow->remote_nonce, subflow->local_nonce,
+ (u32 *)hmac);
+
+ thmac = get_unaligned_be64(hmac);
+ pr_debug("thmac=%llu", thmac);
+ if (thmac != subflow->thmac)
+ return -1;
+
+ crypto_hmac_sha1(subflow->local_key, subflow->remote_key,
+ subflow->local_nonce, subflow->remote_nonce,
+ (u32 *)subflow->hmac);
+
+ return 0;
+}
+
static int new_join_valid(struct request_sock *req, struct sock *sk,
struct tcp_options_received *rx_opt)
{
@@ -252,6 +274,15 @@ int token_join_request(struct request_sock *req, const struct sk_buff
*skb)
return -1;
}
+/* validate received truncated hmac and create hmac for third ACK */
+int token_join_response(struct sock *sk)
+{
+ struct subflow_context *subflow = subflow_ctx(sk);
+
+ pr_debug("subflow=%p, token=%u", subflow, subflow->token);
+ return new_rsp_join(sk);
+}
+
/* validate hmac received in third ACK */
int token_join_valid(struct request_sock *req,
struct tcp_options_received *rx_opt)
@@ -289,6 +320,27 @@ void token_new_connect(struct sock *sk)
spin_unlock_bh(&token_tree_lock);
}
+/* create nonce for secondary subflow */
+void token_new_subflow(struct sock *sk)
+{
+ struct subflow_context *subflow = subflow_ctx(sk);
+ struct inet_sock *inet = inet_sk(sk);
+ u32 nonce;
+
+ pr_debug("subflow=%p", sk);
+
+ if (sk->sk_family == AF_INET)
+ nonce = crypto_v4_get_nonce(inet->inet_saddr, inet->inet_daddr,
+ inet->inet_sport, inet->inet_dport);
+#if IS_ENABLED(CONFIG_IPV6)
+ else
+ nonce = crypto_v6_get_nonce(&inet6_sk(sk)->saddr,
+ &sk->sk_v6_daddr,
+ inet->inet_sport, inet->inet_dport);
+#endif
+ subflow->local_nonce = nonce;
+}
+
void token_new_accept(struct sock *sk)
{
struct subflow_context *subflow = subflow_ctx(sk);
@@ -329,6 +381,17 @@ int token_new_join(struct sock *sk)
return -1;
}
+struct sock *token_lookup(u32 token)
+{
+ struct sock *conn;
+
+ conn = lookup_token(token);
+ if (conn)
+ sock_hold(conn);
+
+ return conn;
+}
+
void token_destroy_request(u32 token)
{
pr_debug("token=%u", token);
--
2.17.2
3:50 p.m.
New subject: [PATCH 8/9] mptcp: Add handling of outgoing MP_JOIN requests
On Wed, 2019-07-17 at 15:12 -0700, Peter Krystad wrote:
@@ -329,6 +381,17 @@ int token_new_join(struct sock *sk)
return -1;
}
+struct sock *token_lookup(u32 token)
+{
+ struct sock *conn;
+
+ conn = lookup_token(token);
+ if (conn)
+ sock_hold(conn);
+
+ return conn;
+}
+
Really not a big deal, but this is small, unused in this patch and
looks unrelated to the code added here. As it will be used by the next
one, possibly it's cleaner move definition and declaration there.
Paolo
1:50 a.m.
New subject: [PATCH 8/9] mptcp: Add handling of outgoing MP_JOIN requests
On Thu, 2019-07-18 at 09:50 +0200, Paolo Abeni wrote:
On Wed, 2019-07-17 at 15:12 -0700, Peter Krystad wrote:
> @@ -329,6 +381,17 @@ int token_new_join(struct sock *sk)
> return -1;
> }
>
> +struct sock *token_lookup(u32 token)
> +{
> + struct sock *conn;
> +
> + conn = lookup_token(token);
> + if (conn)
> + sock_hold(conn);
> +
> + return conn;
> +}
> +
Really not a big deal, but this is small, unused in this patch and
looks unrelated to the code added here. As it will be used by the next
one, possibly it's cleaner move definition and declaration there.
Yes, if we split the next patch as you suggest then I can move this to the
"keeper" of those two patches.
Peter.
Paolo
4:04 p.m.
New subject: [PATCH 8/9] mptcp: Add handling of outgoing MP_JOIN requests
On Wed, 2019-07-17 at 15:12 -0700, Peter Krystad wrote:
@@ -329,6 +381,17 @@ int token_new_join(struct sock *sk)
return -1;
}
+struct sock *token_lookup(u32 token)
+{
+ struct sock *conn;
+
Possibly some locking is missing ??? like:
spin_lock_bh(&token_tree_lock);
+ conn = lookup_token(token);
+ if (conn)
+ sock_hold(conn);
+
spin_unlock_bh(&token_tree_lock);
Sorry for not noticing earlier,
Paolo
1:58 a.m.
New subject: [PATCH 8/9] mptcp: Add handling of outgoing MP_JOIN requests
On Thu, 2019-07-18 at 10:04 +0200, Paolo Abeni wrote:
On Wed, 2019-07-17 at 15:12 -0700, Peter Krystad wrote:
> @@ -329,6 +381,17 @@ int token_new_join(struct sock *sk)
> return -1;
> }
>
> +struct sock *token_lookup(u32 token)
> +{
> + struct sock *conn;
> +
Possibly some locking is missing ??? like:
spin_lock_bh(&token_tree_lock);
> + conn = lookup_token(token);
> + if (conn)
> + sock_hold(conn);
> +
spin_unlock_bh(&token_tree_lock);
Yes, I think you are right. Will clean up.
Peter.
Sorry for not noticing earlier,
Paolo
6:12 a.m.
New subject: [PATCH 9/9] mptcp: Implement interim path manager
Two features: 1) When a new connection occurs announce
a local address and 2) When an outgoing connection is fully
established (and a remote address was received) initiate a
secondary subflow.
The second local address must be hard-coded for now.
Signed-off-by: Peter Krystad <peter.krystad(a)linux.intel.com>
---
net/mptcp/pm.c | 100 +++++++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 97 insertions(+), 3 deletions(-)
diff --git a/net/mptcp/pm.c b/net/mptcp/pm.c
index 0d53a0f23d2d..69df6332b4d0 100644
--- a/net/mptcp/pm.c
+++ b/net/mptcp/pm.c
@@ -8,21 +8,84 @@
#include <net/mptcp.h>
#include "protocol.h"
+struct workqueue_struct *mptcp_wq;
+static void announce_addr_worker(struct work_struct *work);
+static void create_subflow_worker(struct work_struct *work);
+
/* path manager command handlers */
int pm_announce_addr(u32 token, sa_family_t family, u8 id, struct in_addr *addr)
{
- return -ENOTSUPP;
+ struct mptcp_sock *msk = mptcp_sk(token_lookup(token));
+ int err = 0;
+
+ if (!msk)
+ return -EINVAL;
+
+ if (msk->pm.local_valid) {
+ err = -EBADR;
+ goto announce_put;
+ }
+
+ pr_debug("msk=%p, id=%d, addr=%x", msk, id, addr->s_addr);
+ msk->pm.local_valid = 1;
+ msk->pm.local_id = id;
+ msk->pm.local_family = family;
+ msk->pm.local_addr.s_addr = addr->s_addr;
+ msk->addr_signal = 1;
+
+announce_put:
+ sock_put((struct sock *)msk);
+ return err;
}
int pm_remove_addr(u32 token, u8 id)
{
- return -ENOTSUPP;
+ struct mptcp_sock *msk = mptcp_sk(token_lookup(token));
+
+ if (!msk)
+ return -EINVAL;
+
+ pr_debug("msk=%p", msk);
+ msk->pm.local_valid = 0;
+
+ sock_put((struct sock *)msk);
+ return 0;
}
int pm_create_subflow(u32 token, u8 local_id, u8 remote_id)
{
- return -ENOTSUPP;
+ struct mptcp_sock *msk = mptcp_sk(token_lookup(token));
+ struct sockaddr_in remote;
+ struct sockaddr_in local;
+ int err;
+
+ if (!msk)
+ return -EINVAL;
+
+ pr_debug("msk=%p", msk);
+ if (!msk->pm.local_valid || local_id != msk->pm.local_id) {
+ err = -EBADR;
+ goto create_put;
+ }
+ local.sin_family = AF_INET;
+ local.sin_port = 0;
+ local.sin_addr.s_addr = INADDR_ANY;
+
+ if (!msk->pm.remote_valid || remote_id != msk->pm.remote_id) {
+ err = -EBADR;
+ goto create_put;
+ }
+
+ remote.sin_family = msk->pm.remote_family;
+ remote.sin_port = htons(msk->dport);
+ remote.sin_addr.s_addr = htonl(msk->pm.remote_addr.s_addr);
+
+ err = subflow_connect((struct sock *)msk, &local, &remote, remote_id);
+
+create_put:
+ sock_put((struct sock *)msk);
+ return err;
}
int pm_remove_subflow(u32 token, u8 local_id, u8 remote_id)
@@ -37,12 +100,22 @@ void pm_new_connection(struct mptcp_sock *msk, int server_side)
pr_debug("msk=%p", msk);
msk->pm.server_side = server_side;
+
+ /* trigger announce address in interim local path manager */
+ INIT_WORK(&msk->pm.addr_work, announce_addr_worker);
+ msk->pm.token = msk->token;
+ queue_work(mptcp_wq, &msk->pm.addr_work);
}
void pm_fully_established(struct mptcp_sock *msk)
{
pr_debug("msk=%p", msk);
+ /* trigger create subflow in interim local local path manager */
+ if (!msk->pm.server_side && !msk->pm.fully_established) {
+ INIT_WORK(&msk->pm.subflow_work, create_subflow_worker);
+ queue_work(mptcp_wq, &msk->pm.subflow_work);
+ }
msk->pm.fully_established = 1;
}
@@ -126,4 +199,25 @@ int pm_get_local_id(struct request_sock *req, struct sock *sk,
void pm_init(void)
{
+ mptcp_wq = alloc_workqueue("mptcp_wq", WQ_UNBOUND | WQ_MEM_RECLAIM, 8);
+ if (!mptcp_wq)
+ panic("Failed to allocate workqueue");
+}
+
+static void announce_addr_worker(struct work_struct *work)
+{
+ struct mptcp_pm_data *pm = container_of(work, struct mptcp_pm_data,
+ addr_work);
+ struct in_addr addr;
+
+ /* @@ hard-code address to announce here... */
+ pm_announce_addr(pm->token, AF_INET, 1, &addr);
+}
+
+static void create_subflow_worker(struct work_struct *work)
+{
+ struct mptcp_pm_data *pm = container_of(work, struct mptcp_pm_data,
+ subflow_work);
+
+ pm_create_subflow(pm->token, pm->local_id, pm->remote_id);
}
--
2.17.2
4:17 p.m.
New subject: [PATCH 9/9] mptcp: Implement interim path manager
On Wed, 2019-07-17 at 15:12 -0700, Peter Krystad wrote:
diff --git a/net/mptcp/pm.c b/net/mptcp/pm.c
index 0d53a0f23d2d..69df6332b4d0 100644
--- a/net/mptcp/pm.c
+++ b/net/mptcp/pm.c
@@ -8,21 +8,84 @@
[...]
int pm_create_subflow(u32 token, u8 local_id, u8 remote_id)
{
- return -ENOTSUPP;
+ struct mptcp_sock *msk = mptcp_sk(token_lookup(token));
+ struct sockaddr_in remote;
+ struct sockaddr_in local;
+ int err;
+
+ if (!msk)
+ return -EINVAL;
+
+ pr_debug("msk=%p", msk);
+ if (!msk->pm.local_valid || local_id != msk->pm.local_id) {
+ err = -EBADR;
+ goto create_put;
+ }
+ local.sin_family = AF_INET;
+ local.sin_port = 0;
+ local.sin_addr.s_addr = INADDR_ANY;
It's unclear to me the 'local_id' usage here. I thought 'local_id ==
msk->pm.local_id' would imply 'local.sin_addr.s_addr == msk-
pm.local_addr.s_addr' ???
Is the PM supposed to validate the local address vs. the known one? or
should it allow binding to arbitrary local address? I thought the local
address should be usually unspecified - otherwise the PM should have a
deep knowledge of the routing tables/policies to get the correct local
address for a given destination, likely resorting to a route lookup
before pm_create_subflow() ???
@@ -37,12 +100,22 @@ void pm_new_connection(struct mptcp_sock *msk,
int server_side)
pr_debug("msk=%p", msk);
msk->pm.server_side = server_side;
+
+ /* trigger announce address in interim local path manager */
+ INIT_WORK(&msk->pm.addr_work, announce_addr_worker);
+ msk->pm.token = msk->token;
+ queue_work(mptcp_wq, &msk->pm.addr_work);
IIRC we not going to support subflow opening from the server towards
the client - at least initially. Can we restrict announce to server
side only?
@@ -126,4 +199,25 @@ int pm_get_local_id(struct request_sock *req,
struct sock *sk,
void pm_init(void)
{
+ mptcp_wq = alloc_workqueue("mptcp_wq", WQ_UNBOUND | WQ_MEM_RECLAIM, 8);
+ if (!mptcp_wq)
+ panic("Failed to allocate workqueue");
+}
+
+static void announce_addr_worker(struct work_struct *work)
+{
+ struct mptcp_pm_data *pm = container_of(work, struct mptcp_pm_data,
+ addr_work);
+ struct in_addr addr;
+
+ /* @@ hard-code address to announce here... */
+ pm_announce_addr(pm->token, AF_INET, 1, &addr);
+}
What about a temporary (to be dropped with a later patch when a saner
interface will be available) boot parameter/sysctl/other nasty and
quick hack to select/disable/enable the announce address, so that we
can start self-testing this code early?
Thanks!
Paolo
7:02 a.m.
New subject: [PATCH 9/9] mptcp: Implement interim path manager
Sorry for not responding to these last few comments Paolo, here we are:
On Thu, 2019-07-18 at 10:17 +0200, Paolo Abeni wrote:
On Wed, 2019-07-17 at 15:12 -0700, Peter Krystad wrote:
> diff --git a/net/mptcp/pm.c b/net/mptcp/pm.c
> index 0d53a0f23d2d..69df6332b4d0 100644
> --- a/net/mptcp/pm.c
> +++ b/net/mptcp/pm.c
> @@ -8,21 +8,84 @@
[...]
> int pm_create_subflow(u32 token, u8 local_id, u8 remote_id)
> {
> - return -ENOTSUPP;
> + struct mptcp_sock *msk = mptcp_sk(token_lookup(token));
> + struct sockaddr_in remote;
> + struct sockaddr_in local;
> + int err;
> +
> + if (!msk)
> + return -EINVAL;
> +
> + pr_debug("msk=%p", msk);
> + if (!msk->pm.local_valid || local_id != msk->pm.local_id) {
> + err = -EBADR;
> + goto create_put;
> + }
> + local.sin_family = AF_INET;
> + local.sin_port = 0;
> + local.sin_addr.s_addr = INADDR_ANY;
It's unclear to me the 'local_id' usage here. I thought 'local_id ==
msk->pm.local_id' would imply 'local.sin_addr.s_addr == msk-
> pm.local_addr.s_addr' ???
Is the PM supposed to validate the local address vs. the known one? or
should it allow binding to arbitrary local address? I thought the local
address should be usually unspecified - otherwise the PM should have a
deep knowledge of the routing tables/policies to get the correct local
address for a given destination, likely resorting to a route lookup
before pm_create_subflow() ???
Yes, for our purposes I agree the bind address should always be unspecified. I
will remove the local_id parameter and the check against it.
> @@ -37,12 +100,22 @@ void pm_new_connection(struct mptcp_sock *msk, int
server_side)
> pr_debug("msk=%p", msk);
>
> msk->pm.server_side = server_side;
> +
> + /* trigger announce address in interim local path manager */
> + INIT_WORK(&msk->pm.addr_work, announce_addr_worker);
> + msk->pm.token = msk->token;
> + queue_work(mptcp_wq, &msk->pm.addr_work);
IIRC we not going to support subflow opening from the server towards
the client - at least initially. Can we restrict announce to server
side only?
Good point, I'll add this restriction.
> @@ -126,4 +199,25 @@ int pm_get_local_id(struct request_sock *req, struct sock *sk,
>
> void pm_init(void)
> {
> + mptcp_wq = alloc_workqueue("mptcp_wq", WQ_UNBOUND | WQ_MEM_RECLAIM, 8);
> + if (!mptcp_wq)
> + panic("Failed to allocate workqueue");
> +}
> +
> +static void announce_addr_worker(struct work_struct *work)
> +{
> + struct mptcp_pm_data *pm = container_of(work, struct mptcp_pm_data,
> + addr_work);
> + struct in_addr addr;
> +
> + /* @@ hard-code address to announce here... */
> + pm_announce_addr(pm->token, AF_INET, 1, &addr);
> +}
What about a temporary (to be dropped with a later patch when a saner
interface will be available) boot parameter/sysctl/other nasty and
quick hack to select/disable/enable the announce address, so that we
can start self-testing this code early?
How about once Matthieu's sysctl change is merged I will add such fields (a
value field and a enable/disable field) to the interim path manager patch?
I plan to separate that patch from this patchset so it stands alone as the
"throwaway" patch.
Peter.
Thanks!
Paolo
4:27 p.m.
Hi,
On Wed, 2019-07-17 at 15:12 -0700, Peter Krystad wrote:
This is several accumulated fixes that are required for MP_JOIN
(secondary subflows) plus the outgoing code.
This is great work! Thank you!
I had a few question on individual patches, but I think the only
functionally relevant is about locking on 8/9.
Both outgoing and incoming MP_JOIN now inter-operate
with the multipath.org implementation although there is
still a deadlock when incoming is fully established.
Since the incoming direction did not work at all before
this is an improvement. I have not yet tested running our
implmentation against itself.
I think we can possibly have to revisit part of the current locking
schema - specifically I think we could/should substiture acquiring the
msk lock in *_finish_connect() with a new spinlock.
The final patch in the set is an "interim path manager",
this
is throw-away code that I include for testing purposes. For an
incoming connection it is necessary for the server to advertise
a secondary address and for my testing I have been hard-coding the IP
address of my secondary interface when I build the kernel.
Obviously not the final solution but we need to discuss what
approach to use for the self tests. I also think we may not want
to publish this patch on our net-next branch.
I think that patch is actually good/needed - at least 'transiently'. I
think we can expand it a bit to allow self-testing on different
hosts/setups without re-compiling the kernel.
Perhpas it can be split in 2 parts, the first one containing the code
we intend to keep in the git repo (e.g. pm_create_subflow(),
pm_remove_addr() and pm_create_subflow() looks goot to me!) and the 2nd
half contaning only the hacks to enable self-tests - to be reverted
dropped later.
WDYT?
Paolo
7:11 a.m.
On Thu, 2019-07-18 at 10:27 +0200, Paolo Abeni wrote:
Hi,
On Wed, 2019-07-17 at 15:12 -0700, Peter Krystad wrote:
> This is several accumulated fixes that are required for MP_JOIN
> (secondary subflows) plus the outgoing code.
This is great work! Thank you!
I had a few question on individual patches, but I think the only
functionally relevant is about locking on 8/9.
> Both outgoing and incoming MP_JOIN now inter-operate
> with the multipath.org implementation although there is
> still a deadlock when incoming is fully established.
> Since the incoming direction did not work at all before
> this is an improvement. I have not yet tested running our
> implmentation against itself.
I think we can possibly have to revisit part of the current locking
schema - specifically I think we could/should substiture acquiring the
msk lock in *_finish_connect() with a new spinlock.
I suspect this may be true unless I resolve above mention deadlock....
> The final patch in the set is an "interim path manager", this
> is throw-away code that I include for testing purposes. For an
> incoming connection it is necessary for the server to advertise
> a secondary address and for my testing I have been hard-coding the IP
> address of my secondary interface when I build the kernel.
> Obviously not the final solution but we need to discuss what
> approach to use for the self tests. I also think we may not want
> to publish this patch on our net-next branch.
I think that patch is actually good/needed - at least 'transiently'. I
think we can expand it a bit to allow self-testing on different
hosts/setups without re-compiling the kernel.
Perhpas it can be split in 2 parts, the first one containing the code
we intend to keep in the git repo (e.g. pm_create_subflow(),
pm_remove_addr() and pm_create_subflow() looks goot to me!) and the 2nd
half contaning only the hacks to enable self-tests - to be reverted
dropped later.
WDYT?
Good idea. For v2 of the MP_JOIN patchset I will split it like this, with the
keeper code in this patchset and the throwaway code in a patch that I will
post separately (with sysctl for announce address).
Peter.
Paolo
8:11 a.m.
On Jul 17, 2019, at 3:12 PM, Peter Krystad
<peter.krystad(a)linux.intel.com> wrote:
This is several accumulated fixes that are required for MP_JOIN
(secondary subflows) plus the outgoing code.
Both outgoing and incoming MP_JOIN now inter-operate
with the multipath.org implementation although there is
still a deadlock when incoming is fully established.
Since the incoming direction did not work at all before
this is an improvement. I have not yet tested running our
implmentation against itself.
The final patch in the set is an "interim path manager", this
is throw-away code that I include for testing purposes. For an
incoming connection it is necessary for the server to advertise
a secondary address
Just as an FYI:
if you are testing the upstreaming-MPTCP on the server-side and multipath-tcp.org
<http://multipath-tcp.org/> on the client-side, you can configure on the client the
ndiffports path-manager. That makes the client establish subflows even if there are not
multiple IPs on the host, simply among the same IP-addresses by using different
port-numbers.
That way you don't need to force the ADD_ADDR from the server.
Cheers,
Christoph
and for my testing I have been hard-coding the IP
address of my secondary interface when I build the kernel.
Obviously not the final solution but we need to discuss what
approach to use for the self tests. I also think we may not want
to publish this patch on our net-next branch.
Peter Krystad (9):
Extend path manager interface
Fix locking in mptcp_finish_join.
Fix parsing MP_JOIN third ACK.
Re-factor and fixes for crypto_hmac_sha1()
Rename mptcp_attach_dss()
Fix return value if no DSS option is created.
Move setting request_ fields of subflow to MPTCP layer
mptcp: Add handling of outgoing MP_JOIN requests
mptcp: Implement interim path manager
include/net/mptcp.h | 12 +--
net/ipv4/tcp_input.c | 4 +-
net/mptcp/crypto.c | 23 +++---
net/mptcp/options.c | 77 ++++++++++++++++---
net/mptcp/pm.c | 171 +++++++++++++++++++++++++++++++++++++++++--
net/mptcp/protocol.c | 29 ++++++--
net/mptcp/protocol.h | 54 +++++++++++---
net/mptcp/subflow.c | 72 ++++++++++++++++--
net/mptcp/token.c | 82 ++++++++++++++++++---
9 files changed, 452 insertions(+), 72 deletions(-)
--
2.17.2
_______________________________________________
mptcp mailing list
mptcp(a)lists.01.org
https://lists.01.org/mailman/listinfo/mptcp
551
days inactive
560
days old
24 comments
3 participants
participants (3)
-
Christoph Paasch -
Paolo Abeni -
Peter Krystad