netdev - [RFC PATCH v2 26/45] mptcp: Add path manager interface

lists.openwall.net		lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20191002233655.24323-27-mathew.j.martineau@linux.intel.com>
Date:   Wed,  2 Oct 2019 16:36:36 -0700
From:   Mat Martineau <mathew.j.martineau@...ux.intel.com>
To:     netdev@...r.kernel.org, edumazet@...gle.com
Cc:     Peter Krystad <peter.krystad@...ux.intel.com>, cpaasch@...le.com,
        fw@...len.de, pabeni@...hat.com, dcaratti@...hat.com,
        matthieu.baerts@...sares.net
Subject: [RFC PATCH v2 26/45] mptcp: Add path manager interface

From: Peter Krystad <peter.krystad@...ux.intel.com>

Add enough of a path manager interface to allow sending of ADD_ADDR
when an incoming MPTCP connection is created. Capable of sending only
a single IPv4 ADD_ADDR option. The 'pm_data' element of the connection
sock will need to be expanded to handle multiple interfaces and IPv6.

This is a skeleton interface definition for events generated by
MPTCP.

Signed-off-by: Peter Krystad <peter.krystad@...ux.intel.com>
---
 include/linux/tcp.h  |   9 ++++
 net/mptcp/Makefile   |   2 +-
 net/mptcp/options.c  |  16 ++++++
 net/mptcp/pm.c       | 124 +++++++++++++++++++++++++++++++++++++++++++
 net/mptcp/protocol.c |   6 ++-
 net/mptcp/protocol.h |  48 +++++++++++++++++
 6 files changed, 203 insertions(+), 2 deletions(-)
 create mode 100644 net/mptcp/pm.c

diff --git a/include/linux/tcp.h b/include/linux/tcp.h
index 0f0d6c188f52..31e546fe9643 100644
--- a/include/linux/tcp.h
+++ b/include/linux/tcp.h
@@ -117,6 +117,15 @@ struct tcp_options_received {
 			use_ack:1,
 			ack64:1,
 			__unused:2;
+		u8	add_addr : 1,
+			family : 4;
+		u8	addr_id;
+		union {
+			struct	in_addr	addr;
+#if IS_ENABLED(CONFIG_IPV6)
+			struct	in6_addr addr6;
+#endif
+		};
 	} mptcp;
 #endif
 };
diff --git a/net/mptcp/Makefile b/net/mptcp/Makefile
index 178ae81d8b66..7fe7aa64eda0 100644
--- a/net/mptcp/Makefile
+++ b/net/mptcp/Makefile
@@ -1,4 +1,4 @@
 # SPDX-License-Identifier: GPL-2.0
 obj-$(CONFIG_MPTCP) += mptcp.o
 
-mptcp-y := protocol.o subflow.o options.o token.o crypto.o
+mptcp-y := protocol.o subflow.o options.o token.o crypto.o pm.o
diff --git a/net/mptcp/options.c b/net/mptcp/options.c
index caea320cd2a6..2981c0daa12c 100644
--- a/net/mptcp/options.c
+++ b/net/mptcp/options.c
@@ -396,11 +396,23 @@ bool mptcp_synack_options(const struct request_sock *req, unsigned int *size,
 void mptcp_incoming_options(struct sock *sk, struct sk_buff *skb,
 			    struct tcp_options_received *opt_rx)
 {
+	struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk);
+	struct mptcp_sock *msk = mptcp_sk(subflow->conn);
 	struct mptcp_options_received *mp_opt;
 	struct mptcp_ext *mpext;
 
 	mp_opt = &opt_rx->mptcp;
 
+	if (msk && mp_opt->add_addr) {
+		if (mp_opt->family == MPTCP_ADDR_IPVERSION_4)
+			pm_add_addr(msk, &mp_opt->addr, mp_opt->addr_id);
+#if IS_ENABLED(CONFIG_IPV6)
+		else if (mp_opt->family == MPTCP_ADDR_IPVERSION_6)
+			pm_add_addr6(msk, &mp_opt->addr6, mp_opt->addr_id);
+#endif
+		mp_opt->add_addr = 0;
+	}
+
 	if (!mp_opt->dss)
 		return;
 
@@ -427,6 +439,10 @@ void mptcp_incoming_options(struct sock *sk, struct sk_buff *skb,
 	}
 
 	mpext->data_fin = mp_opt->data_fin;
+
+	if (msk)
+		pm_fully_established(msk);
+
 }
 
 void mptcp_write_options(__be32 *ptr, struct mptcp_out_options *opts)
diff --git a/net/mptcp/pm.c b/net/mptcp/pm.c
new file mode 100644
index 000000000000..933dd805c9b2
--- /dev/null
+++ b/net/mptcp/pm.c
@@ -0,0 +1,124 @@
+// SPDX-License-Identifier: GPL-2.0
+/* Multipath TCP
+ *
+ * Copyright (c) 2019, Intel Corporation.
+ */
+#include <linux/kernel.h>
+#include <net/tcp.h>
+#include <net/mptcp.h>
+#include "protocol.h"
+
+/* path manager command handlers */
+
+int pm_announce_addr(u32 token, sa_family_t family, u8 local_id,
+		     struct in_addr *addr)
+{
+	return -ENOTSUPP;
+}
+
+int pm_remove_addr(u32 token, u8 local_id)
+{
+	return -ENOTSUPP;
+}
+
+int pm_create_subflow(u32 token, u8 remote_id)
+{
+	return -ENOTSUPP;
+}
+
+int pm_remove_subflow(u32 token, u8 remote_id)
+{
+	return -ENOTSUPP;
+}
+
+/* path manager event handlers */
+
+void pm_new_connection(struct mptcp_sock *msk, int server_side)
+{
+	pr_debug("msk=%p", msk);
+
+	msk->pm.server_side = server_side;
+}
+
+void pm_fully_established(struct mptcp_sock *msk)
+{
+	pr_debug("msk=%p", msk);
+
+	msk->pm.fully_established = 1;
+}
+
+void pm_connection_closed(struct mptcp_sock *msk)
+{
+	pr_debug("msk=%p", msk);
+}
+
+void pm_subflow_established(struct mptcp_sock *msk, u8 id)
+{
+	pr_debug("msk=%p", msk);
+}
+
+void pm_subflow_closed(struct mptcp_sock *msk, u8 id)
+{
+	pr_debug("msk=%p", msk);
+}
+
+void pm_add_addr(struct mptcp_sock *msk, const struct in_addr *addr, u8 id)
+{
+	pr_debug("msk=%p, addr=%x, remote_id=%d", msk, addr->s_addr, id);
+
+	msk->pm.remote_addr.s_addr = addr->s_addr;
+	msk->pm.remote_id = id;
+	msk->pm.remote_family = AF_INET;
+	msk->pm.remote_valid = 1;
+}
+
+void pm_add_addr6(struct mptcp_sock *msk, const struct in6_addr *addr, u8 id)
+{
+	pr_debug("msk=%p", msk);
+}
+
+void pm_rm_addr(struct mptcp_sock *msk, u8 id)
+{
+	pr_debug("msk=%p", msk);
+}
+
+/* path manager helpers */
+
+int pm_addr_signal(struct mptcp_sock *msk, u8 *id,
+		   struct sockaddr_storage *saddr)
+{
+	struct sockaddr_in *addr = (struct sockaddr_in *)saddr;
+
+	if (!msk->pm.local_valid)
+		return -1;
+
+	if (msk->pm.local_family != AF_INET)
+		return -1;
+
+	*id = msk->pm.local_id;
+	addr->sin_family = msk->pm.local_family;
+	addr->sin_addr.s_addr = msk->pm.local_addr.s_addr;
+
+	return 0;
+}
+
+int pm_get_local_id(struct request_sock *req, struct sock *sk,
+		    const struct sk_buff *skb)
+{
+	struct mptcp_subflow_request_sock *subflow_req = mptcp_subflow_rsk(req);
+	struct mptcp_sock *msk = mptcp_sk(sk);
+
+	if (!msk->pm.local_valid)
+		return -1;
+
+	/* @@ check if address actually matches... */
+
+	pr_debug("msk=%p, addr_id=%d", msk, msk->pm.local_id);
+	subflow_req->local_id = msk->pm.local_id;
+
+	return 0;
+}
+
+void pm_init(void)
+{
+}
diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c
index 6b31c0e460d9..932362e6047e 100644
--- a/net/mptcp/protocol.c
+++ b/net/mptcp/protocol.c
@@ -655,6 +655,8 @@ static struct sock *mptcp_accept(struct sock *sk, int flags, int *err,
 		mptcp_token_update_accept(new_sock->sk, new_mptcp_sock);
 		msk->subflow = NULL;
 
+		pm_new_connection(msk, 1);
+
 		mptcp_crypto_key_sha1(msk->remote_key, NULL, &ack_seq);
 		msk->write_seq = subflow->idsn + 1;
 		ack_seq++;
@@ -784,9 +786,10 @@ void mptcp_finish_connect(struct sock *sk, int mp_capable)
 		msk->remote_key = subflow->remote_key;
 		msk->local_key = subflow->local_key;
 		msk->token = subflow->token;
-
 		pr_debug("msk=%p, token=%u", msk, msk->token);
 
+		pm_new_connection(msk, 0);
+
 		mptcp_crypto_key_sha1(msk->remote_key, NULL, &ack_seq);
 		msk->write_seq = subflow->idsn + 1;
 		ack_seq++;
@@ -1013,6 +1016,7 @@ void __init mptcp_init(void)
 	mptcp_stream_ops.shutdown = mptcp_shutdown;
 
 	mptcp_subflow_init();
+	pm_init();
 
 	if (proto_register(&mptcp_prot, 1) != 0)
 		panic("Failed to register MPTCP proto.\n");
diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h
index 7dae12cfcf14..599c380145e3 100644
--- a/net/mptcp/protocol.h
+++ b/net/mptcp/protocol.h
@@ -52,6 +52,38 @@
 #define MPTCP_DSS_HAS_ACK	BIT(0)
 #define MPTCP_DSS_FLAG_MASK	(0x1F)
 
+/* MPTCP ADD_ADDR flags */
+#define MPTCP_ADDR_IPVERSION_4	4
+#define MPTCP_ADDR_IPVERSION_6	6
+
+struct mptcp_pm_data {
+	u8	local_valid;
+	u8	local_id;
+	sa_family_t local_family;
+	union {
+		struct in_addr local_addr;
+#if IS_ENABLED(CONFIG_IPV6)
+		struct in6_addr local_addr6;
+#endif
+	};
+	u8	remote_valid;
+	u8	remote_id;
+	sa_family_t remote_family;
+	union {
+		struct in_addr remote_addr;
+#if IS_ENABLED(CONFIG_IPV6)
+		struct in6_addr remote_addr6;
+#endif
+	};
+	u8	server_side : 1,
+		fully_established : 1;
+
+	/* for interim path manager */
+	struct	work_struct addr_work;
+	struct	work_struct subflow_work;
+	u32	token;
+};
+
 /* MPTCP connection sock */
 struct mptcp_sock {
 	/* inet_connection_sock must be the first member */
@@ -63,6 +95,7 @@ struct mptcp_sock {
 	u32		token;
 	struct list_head conn_list;
 	struct socket	*subflow; /* outgoing connect/listener/!mp_capable */
+	struct mptcp_pm_data	pm;
 };
 
 #define mptcp_for_each_subflow(__msk, __subflow)			\
@@ -80,6 +113,7 @@ struct mptcp_subflow_request_sock {
 		checksum : 1,
 		backup : 1,
 		version : 4;
+	u8	local_id;
 	u64	local_key;
 	u64	remote_key;
 	u64	idsn;
@@ -168,6 +202,20 @@ static inline void mptcp_crypto_key_gen_sha1(u64 *key, u32 *token, u64 *idsn)
 void mptcp_crypto_hmac_sha1(u64 key1, u64 key2, u32 nonce1, u32 nonce2,
 			    u32 *hash_out);
 
+void pm_init(void);
+void pm_new_connection(struct mptcp_sock *msk, int server_side);
+void pm_fully_established(struct mptcp_sock *msk);
+void pm_connection_closed(struct mptcp_sock *msk);
+void pm_subflow_established(struct mptcp_sock *msk, u8 id);
+void pm_subflow_closed(struct mptcp_sock *msk, u8 id);
+void pm_add_addr(struct mptcp_sock *msk, const struct in_addr *addr, u8 id);
+void pm_add_addr6(struct mptcp_sock *msk, const struct in6_addr *addr, u8 id);
+void pm_rm_addr(struct mptcp_sock *msk, u8 id);
+int pm_addr_signal(struct mptcp_sock *msk, u8 *id,
+		   struct sockaddr_storage *saddr);
+int pm_get_local_id(struct request_sock *req, struct sock *sk,
+		    const struct sk_buff *skb);
+
 static inline struct mptcp_ext *mptcp_get_ext(struct sk_buff *skb)
 {
 	return (struct mptcp_ext *)skb_ext_find(skb, SKB_EXT_MPTCP);
-- 
2.23.0