From: David Ahern <dsahern@kernel.org>
To: Leonard Crestez <cdleonard@gmail.com>,
Paolo Abeni <pabeni@redhat.com>,
Eric Dumazet <edumazet@google.com>
Cc: Francesco Ruggeri <fruggeri@arista.com>,
Salam Noureddine <noureddine@arista.com>,
Philip Paeps <philip@trouble.is>, Shuah Khan <shuah@kernel.org>,
"David S. Miller" <davem@davemloft.net>,
Herbert Xu <herbert@gondor.apana.org.au>,
Kuniyuki Iwashima <kuniyu@amazon.co.jp>,
Hideaki YOSHIFUJI <yoshfuji@linux-ipv6.org>,
Jakub Kicinski <kuba@kernel.org>,
Yuchung Cheng <ycheng@google.com>,
Mat Martineau <mathew.j.martineau@linux.intel.com>,
Christoph Paasch <cpaasch@apple.com>,
Ivan Delalande <colona@arista.com>,
Caowangbao <caowangbao@huawei.com>,
Priyaranjan Jha <priyarjha@google.com>,
netdev@vger.kernel.org, linux-crypto@vger.kernel.org,
linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org,
Dmitry Safonov <0x7f454c46@gmail.com>
Subject: Re: [PATCH v8 01/26] tcp: authopt: Initial support and key management
Date: Thu, 8 Sep 2022 04:53:01 -0600 [thread overview]
Message-ID: <5e6eb6d6-3221-856e-daa1-7c27b1a1d659@kernel.org> (raw)
In-Reply-To: <589e17df-e321-c8ad-5360-e286c10cb1a3@gmail.com>
On 9/8/22 4:47 AM, Leonard Crestez wrote:
> On 9/8/22 09:35, Paolo Abeni wrote:
>> On Mon, 2022-09-05 at 10:05 +0300, Leonard Crestez wrote:
>> [...]
>>> diff --git a/net/ipv4/tcp_authopt.c b/net/ipv4/tcp_authopt.c
>>> new file mode 100644
>>> index 000000000000..d38e9c89c89d
>>> --- /dev/null
>>> +++ b/net/ipv4/tcp_authopt.c
>>> @@ -0,0 +1,317 @@
>>> +// SPDX-License-Identifier: GPL-2.0-or-later
>>> +
>>> +#include <net/tcp_authopt.h>
>>> +#include <net/ipv6.h>
>>> +#include <net/tcp.h>
>>> +#include <linux/kref.h>
>>> +
>>> +/* This is enabled when first struct tcp_authopt_info is allocated
>>> and never released */
>>> +DEFINE_STATIC_KEY_FALSE(tcp_authopt_needed_key);
>>> +EXPORT_SYMBOL(tcp_authopt_needed_key);
>>> +
>>> +static inline struct netns_tcp_authopt *sock_net_tcp_authopt(const
>>> struct sock *sk)
>>> +{
>>> + return &sock_net(sk)->tcp_authopt;
>>> +}
>>
>> Please have a look at PW report for this series, there are a bunch of
>> issues to be addressed, e.g. above 'static inline' should be just
>> 'static'
>
> What is a "PW report"? I can't find any info about this.
patchworks: https://patchwork.kernel.org/project/netdevbpf/list/
This set:
https://patchwork.kernel.org/project/netdevbpf/list/?series=&submitter=116101&state=7&q=&archive=&delegate=
>> I'm sorry to bring the next topic this late (If already discussed, I
>> missed that point), is possible to split this series in smaller chunks?
>
> It's already 26 patches and 3675 added lines, less that 150 lines per
> patch seems reasonable?
>
> The split is already somewhat artificial, for example there are patches
> that "add crypto" without actually using it because then it would be too
> large.
>
> Some features could be dropped for later in order to make this smaller,
> for example TCP_REPAIR doesn't have many usecases. Features like
> prefixlen, vrf binding and ipv4-mapped-ipv6 were explicitly requested by
> maintainers so I included them as separate patches in the main series.
>
The tests could be dropped from the first set along with TCP_REPAIR and
/proc/net/tcp_authopt patch. That would get it down to 21 patches. From
there the refactor patches could be sent first in a separate PR that
would get it down to 19. Those 19 are the core feature split into small
patches; they should come in together IMHO.
next prev parent reply other threads:[~2022-09-08 10:53 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-09-05 7:05 [PATCH v8 00/26] tcp: Initial support for RFC5925 auth option Leonard Crestez
2022-09-05 7:05 ` [PATCH v8 01/26] tcp: authopt: Initial support and key management Leonard Crestez
2022-09-06 22:57 ` Eric Dumazet
2022-09-07 16:19 ` Leonard Crestez
2022-09-07 16:28 ` Eric Dumazet
2022-09-07 18:09 ` Leonard Crestez
2022-09-08 6:35 ` Paolo Abeni
2022-09-08 10:47 ` Leonard Crestez
2022-09-08 10:53 ` David Ahern [this message]
2022-09-05 7:05 ` [PATCH v8 02/26] docs: Add user documentation for tcp_authopt Leonard Crestez
2022-09-05 7:05 ` [PATCH v8 03/26] tcp: authopt: Add crypto initialization Leonard Crestez
2022-09-05 7:05 ` [PATCH v8 04/26] tcp: Refactor tcp_sig_hash_skb_data for AO Leonard Crestez
2022-09-05 7:05 ` [PATCH v8 05/26] tcp: authopt: Compute packet signatures Leonard Crestez
2022-09-05 7:05 ` [PATCH v8 06/26] tcp: Refactor tcp_inbound_md5_hash into tcp_inbound_sig_hash Leonard Crestez
2022-09-05 7:05 ` [PATCH v8 07/26] tcp: authopt: Hook into tcp core Leonard Crestez
2022-09-05 7:05 ` [PATCH v8 08/26] tcp: authopt: Disable via sysctl by default Leonard Crestez
2022-09-06 23:11 ` Eric Dumazet
2022-09-07 16:53 ` Leonard Crestez
2022-09-07 17:04 ` Eric Dumazet
2022-09-07 17:58 ` Leonard Crestez
2022-09-07 22:49 ` Herbert Xu
2022-09-07 22:58 ` Eric Dumazet
2022-09-05 7:05 ` [PATCH v8 09/26] tcp: authopt: Implement Sequence Number Extension Leonard Crestez
2022-09-05 7:05 ` [PATCH v8 10/26] tcp: ipv6: Add AO signing for tcp_v6_send_response Leonard Crestez
2022-09-05 7:05 ` [PATCH v8 11/26] tcp: authopt: Add support for signing skb-less replies Leonard Crestez
2022-09-05 7:05 ` [PATCH v8 12/26] tcp: ipv4: Add AO signing for " Leonard Crestez
2022-09-05 7:05 ` [PATCH v8 13/26] tcp: authopt: Add NOSEND/NORECV flags Leonard Crestez
2022-09-05 7:05 ` [PATCH v8 14/26] tcp: authopt: Add initial l3index support Leonard Crestez
2022-09-05 7:05 ` [PATCH v8 15/26] tcp: authopt: Add prefixlen support Leonard Crestez
2022-09-05 7:05 ` [PATCH v8 16/26] tcp: authopt: Add send/recv lifetime support Leonard Crestez
2022-09-05 7:05 ` [PATCH v8 17/26] tcp: authopt: Add key selection controls Leonard Crestez
2022-09-05 7:05 ` [PATCH v8 18/26] tcp: authopt: Add v4mapped ipv6 address support Leonard Crestez
2022-09-05 7:05 ` [PATCH v8 19/26] tcp: authopt: Add /proc/net/tcp_authopt listing all keys Leonard Crestez
2022-09-05 7:05 ` [PATCH v8 20/26] tcp: authopt: If no keys are valid for send report an error Leonard Crestez
2022-09-05 7:05 ` [PATCH v8 21/26] tcp: authopt: Try to respect rnextkeyid from SYN on SYNACK Leonard Crestez
2022-09-05 7:05 ` [PATCH v8 22/26] tcp: authopt: Initial support for TCP_AUTHOPT_FLAG_ACTIVE Leonard Crestez
2022-09-05 7:05 ` [PATCH v8 23/26] tcp: authopt: Initial implementation of TCP_REPAIR_AUTHOPT Leonard Crestez
2022-09-05 7:06 ` [PATCH v8 24/26] selftests: nettest: Rename md5_prefix to key_addr_prefix Leonard Crestez
2022-09-05 7:06 ` [PATCH v8 25/26] selftests: nettest: Initial tcp_authopt support Leonard Crestez
2022-09-05 7:06 ` [PATCH v8 26/26] selftests: net/fcnal: " Leonard Crestez
2022-09-09 21:41 ` [PATCH v8 00/26] tcp: Initial support for RFC5925 auth option Salam Noureddine
2022-11-28 14:06 ` Leonard Crestez
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5e6eb6d6-3221-856e-daa1-7c27b1a1d659@kernel.org \
--to=dsahern@kernel.org \
--cc=0x7f454c46@gmail.com \
--cc=caowangbao@huawei.com \
--cc=cdleonard@gmail.com \
--cc=colona@arista.com \
--cc=cpaasch@apple.com \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=fruggeri@arista.com \
--cc=herbert@gondor.apana.org.au \
--cc=kuba@kernel.org \
--cc=kuniyu@amazon.co.jp \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=mathew.j.martineau@linux.intel.com \
--cc=netdev@vger.kernel.org \
--cc=noureddine@arista.com \
--cc=pabeni@redhat.com \
--cc=philip@trouble.is \
--cc=priyarjha@google.com \
--cc=shuah@kernel.org \
--cc=ycheng@google.com \
--cc=yoshfuji@linux-ipv6.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox