lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <20241016-b4-ovpn-v9-0-aabe9d225ad5@openvpn.net>
Date: Wed, 16 Oct 2024 03:03:00 +0200
From: Antonio Quartulli <antonio@...nvpn.net>
To: Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, 
 Paolo Abeni <pabeni@...hat.com>, Donald Hunter <donald.hunter@...il.com>, 
 Antonio Quartulli <antonio@...nvpn.net>, Shuah Khan <shuah@...nel.org>, 
 donald.hunter@...il.com, sd@...asysnail.net, ryazanov.s.a@...il.com, 
 Andrew Lunn <andrew@...n.ch>
Cc: netdev@...r.kernel.org, linux-kernel@...r.kernel.org, 
 openvpn-devel@...ts.sourceforge.net, linux-kselftest@...r.kernel.org, 
 steffen.klassert@...unet.com, antony.antony@...unet.com
Subject: [PATCH net-next v9 00/23] Introducing OpenVPN Data Channel Offload

This is the 9th version of the ovpn patchset.

It re-introduces the RTNL Link ops and brings some changes
to the Netlink API as well.

Notably:
* removed CMD_DEV_NEW/DEL from netlink API
* re-added rtnl_link_ops.newlink implementation
* removed all 'value-start: 0' from ovpn.yaml
* added CMD_KEY_GET in Netlink API to retrieve non-sensible key data
* used key-get in notify attribute of key-swap-nft
* ensured that all netdev references are tracked
* added IFF_NO_QUEUE to device priv_flags
* set netdev devtype to ovpn_type
* added implementation of .ndo_uninit
* used workqueue to release socket (TCP detach may block)
* removed inclusion of linux/version.h in main.c
* removed commented inclusion of linux/rcupdate.h in main.c
* fixed file path in MAINTAINERS file
* properly sorted files in MAINTAINERS file

Please note that patches previously reviewed by Andrew Lunn have
retained the Reviewed-by tag as they have been simply rebased without
major modifications.

The latest code can also be found at:

https://github.com/OpenVPN/linux-kernel-ovpn

Thanks a lot!
Best Regards,

Antonio Quartulli
OpenVPN Inc.

---
Antonio Quartulli (23):
      netlink: add NLA_POLICY_MAX_LEN macro
      net: introduce OpenVPN Data Channel Offload (ovpn)
      ovpn: add basic netlink support
      ovpn: add basic interface creation/destruction/management routines
      ovpn: keep carrier always on
      ovpn: introduce the ovpn_peer object
      ovpn: introduce the ovpn_socket object
      ovpn: implement basic TX path (UDP)
      ovpn: implement basic RX path (UDP)
      ovpn: implement packet processing
      ovpn: store tunnel and transport statistics
      ovpn: implement TCP transport
      ovpn: implement multi-peer support
      ovpn: implement peer lookup logic
      ovpn: implement keepalive mechanism
      ovpn: add support for updating local UDP endpoint
      ovpn: add support for peer floating
      ovpn: implement peer add/dump/delete via netlink
      ovpn: implement key add/del/swap via netlink
      ovpn: kill key and notify userspace in case of IV exhaustion
      ovpn: notify userspace when a peer is deleted
      ovpn: add basic ethtool support
      testing/selftest: add test tool and scripts for ovpn module

 Documentation/netlink/specs/ovpn.yaml             |  362 ++++
 MAINTAINERS                                       |   11 +
 drivers/net/Kconfig                               |   15 +
 drivers/net/Makefile                              |    1 +
 drivers/net/ovpn/Makefile                         |   22 +
 drivers/net/ovpn/bind.c                           |   54 +
 drivers/net/ovpn/bind.h                           |  117 ++
 drivers/net/ovpn/crypto.c                         |  172 ++
 drivers/net/ovpn/crypto.h                         |  141 ++
 drivers/net/ovpn/crypto_aead.c                    |  356 ++++
 drivers/net/ovpn/crypto_aead.h                    |   31 +
 drivers/net/ovpn/io.c                             |  461 +++++
 drivers/net/ovpn/io.h                             |   25 +
 drivers/net/ovpn/main.c                           |  337 ++++
 drivers/net/ovpn/main.h                           |   24 +
 drivers/net/ovpn/netlink-gen.c                    |  212 ++
 drivers/net/ovpn/netlink-gen.h                    |   41 +
 drivers/net/ovpn/netlink.c                        | 1039 ++++++++++
 drivers/net/ovpn/netlink.h                        |   18 +
 drivers/net/ovpn/ovpnstruct.h                     |   61 +
 drivers/net/ovpn/packet.h                         |   40 +
 drivers/net/ovpn/peer.c                           | 1197 ++++++++++++
 drivers/net/ovpn/peer.h                           |  165 ++
 drivers/net/ovpn/pktid.c                          |  130 ++
 drivers/net/ovpn/pktid.h                          |   87 +
 drivers/net/ovpn/proto.h                          |  104 +
 drivers/net/ovpn/skb.h                            |   61 +
 drivers/net/ovpn/socket.c                         |  178 ++
 drivers/net/ovpn/socket.h                         |   55 +
 drivers/net/ovpn/stats.c                          |   21 +
 drivers/net/ovpn/stats.h                          |   47 +
 drivers/net/ovpn/tcp.c                            |  505 +++++
 drivers/net/ovpn/tcp.h                            |   44 +
 drivers/net/ovpn/udp.c                            |  406 ++++
 drivers/net/ovpn/udp.h                            |   26 +
 include/net/netlink.h                             |    1 +
 include/uapi/linux/if_link.h                      |   15 +
 include/uapi/linux/ovpn.h                         |  109 ++
 include/uapi/linux/udp.h                          |    1 +
 tools/net/ynl/ynl-gen-c.py                        |    4 +-
 tools/testing/selftests/Makefile                  |    1 +
 tools/testing/selftests/net/ovpn/.gitignore       |    2 +
 tools/testing/selftests/net/ovpn/Makefile         |   16 +
 tools/testing/selftests/net/ovpn/config           |   10 +
 tools/testing/selftests/net/ovpn/data-test-tcp.sh |    9 +
 tools/testing/selftests/net/ovpn/data-test.sh     |  157 ++
 tools/testing/selftests/net/ovpn/data64.key       |    5 +
 tools/testing/selftests/net/ovpn/float-test.sh    |  122 ++
 tools/testing/selftests/net/ovpn/ovpn-cli.c       | 2136 +++++++++++++++++++++
 tools/testing/selftests/net/ovpn/tcp_peers.txt    |    5 +
 tools/testing/selftests/net/ovpn/udp_peers.txt    |    5 +
 51 files changed, 9163 insertions(+), 1 deletion(-)
---
base-commit: 6d858708d465669ba7de17e9c5691eb4019166e8
change-id: 20241002-b4-ovpn-eeee35c694a2

Best regards,
-- 
Antonio Quartulli <antonio@...nvpn.net>


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ