Re: [PATCH bpf-next v2 0/8] sockmap integration for ktls

[PATCH bpf-next v2 0/8] sockmap integration for ktls · Daniel Borkmann <daniel@iogearbox.net> · 2018-10-13
[PATCH bpf-next v2 1/8] tcp, ulp: enforce sock_owned_by_me upon ulp init and cleanup · Daniel Borkmann <daniel@iogearbox.net> · 2018-10-13
Re: [PATCH bpf-next v2 1/8] tcp, ulp: enforce sock_owned_by_me upon ulp init and cleanup · Eric Dumazet <hidden> · 2018-10-16
Re: [PATCH bpf-next v2 1/8] tcp, ulp: enforce sock_owned_by_me upon ulp init and cleanup · Daniel Borkmann <daniel@iogearbox.net> · 2018-10-16
[PATCH bpf-next v2 2/8] tcp, ulp: remove ulp bits from sockmap · Daniel Borkmann <daniel@iogearbox.net> · 2018-10-13
[PATCH bpf-next v2 5/8] tls: replace poll implementation with read hook · Daniel Borkmann <daniel@iogearbox.net> · 2018-10-13
[PATCH bpf-next v2 4/8] tls: convert to generic sk_msg interface · Daniel Borkmann <daniel@iogearbox.net> · 2018-10-13
Re: [PATCH bpf-next v2 4/8] tls: convert to generic sk_msg interface · Eric Dumazet <hidden> · 2018-10-17
Re: [PATCH bpf-next v2 4/8] tls: convert to generic sk_msg interface · Daniel Borkmann <daniel@iogearbox.net> · 2018-10-18
[PATCH bpf-next v2 8/8] bpf, doc: add maintainers entry to related files · Daniel Borkmann <daniel@iogearbox.net> · 2018-10-13
[PATCH bpf-next v2 7/8] bpf: add tls support for testing in test_sockmap · Daniel Borkmann <daniel@iogearbox.net> · 2018-10-13
Re: [PATCH bpf-next v2 7/8] bpf: add tls support for testing in test_sockmap · Andrey Ignatov <hidden> · 2018-10-16
Re: [PATCH bpf-next v2 7/8] bpf: add tls support for testing in test_sockmap · Daniel Borkmann <daniel@iogearbox.net> · 2018-10-16
[PATCH bpf-next v2 6/8] tls: add bpf support to sk_msg handling · Daniel Borkmann <daniel@iogearbox.net> · 2018-10-13
[PATCH bpf-next v2 3/8] bpf, sockmap: convert to generic sk_msg interface · Daniel Borkmann <daniel@iogearbox.net> · 2018-10-13
Re: [PATCH bpf-next v2 0/8] sockmap integration for ktls · Alexei Starovoitov <hidden> · 2018-10-16

From: Alexei Starovoitov <hidden>
Date: 2018-10-16 03:14:27

On Sat, Oct 13, 2018 at 02:45:55AM +0200, Daniel Borkmann wrote:

This work adds a generic sk_msg layer and converts both sockmap
and later ktls over to make use of it as a common data structure
for application data (similarly as sk_buff for network packets).
With that in place the sk_msg framework spans accross ULP layer
in the kernel and allows for introspection or filtering of L7
data with the help of BPF programs operating on a common input
context.

In a second step, we enable the latter for ktls which was previously
not possible, meaning, ktls and sk_msg verdict programs were
mutually exclusive in the ULP layer which created challenges for
the orchestrator when trying to apply TCP based policy, for
example. Leveraging the prior consolidation we can finally overcome
this limitation.

Note, there's no change in behavior when ktls is not used in
combination with BPF, and also no change in behavior for stand
alone sockmap. The kselftest suites for ktls, sockmap and ktls
with sockmap combined also runs through successfully. For further
details please see individual patches.

Thanks!

v1 -> v2:
  - Removed leftover comment spotted by Alexei
  - Improved commit messages, rebase

Applied, Thanks

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help