tls: add bpf support to sk_msg handling
authorJohn Fastabend <john.fastabend@gmail.com>
Sat, 13 Oct 2018 00:46:01 +0000 (02:46 +0200)
committerAlexei Starovoitov <ast@kernel.org>
Mon, 15 Oct 2018 19:23:19 +0000 (12:23 -0700)
commitd3b18ad31f93d0b6bae105c679018a1ba7daa9ca
tree0bf6b0040a0104aa209bcffc7dd0d8821f11a6b2
parent924ad65ed01ee0eec5d2a3280c01c394343d6df7
tls: add bpf support to sk_msg handling

This work adds BPF sk_msg verdict program support to kTLS
allowing BPF and kTLS to be combined together. Previously kTLS
and sk_msg verdict programs were mutually exclusive in the
ULP layer which created challenges for the orchestrator when
trying to apply TCP based policy, for example. To resolve this,
leveraging the work from previous patches that consolidates
the use of sk_msg, we can finally enable BPF sk_msg verdict
programs so they continue to run after the kTLS socket is
created. No change in behavior when kTLS is not used in
combination with BPF, the kselftest suite for kTLS also runs
successfully.

Joint work with Daniel.

Signed-off-by: John Fastabend <john.fastabend@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
include/linux/skmsg.h
net/tls/tls_sw.c