From mboxrd@z Thu Jan 1 00:00:00 1970 From: Daniel Borkmann Subject: Re: [bpf PATCH v2 2/2] bpf: sockmap only allow ESTABLISHED sock state Date: Sat, 9 Jun 2018 22:51:56 +0200 Message-ID: References: <20180608145951.15153.80520.stgit@john-Precision-Tower-5810> <20180608150644.15153.4135.stgit@john-Precision-Tower-5810> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Cc: netdev@vger.kernel.org To: John Fastabend , edumazet@google.com, weiwan@google.com, ast@kernel.org Return-path: Received: from www62.your-server.de ([213.133.104.62]:60480 "EHLO www62.your-server.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753221AbeFIUwA (ORCPT ); Sat, 9 Jun 2018 16:52:00 -0400 In-Reply-To: <20180608150644.15153.4135.stgit@john-Precision-Tower-5810> Content-Language: en-US Sender: netdev-owner@vger.kernel.org List-ID: Hi John, On 06/08/2018 05:06 PM, John Fastabend wrote: > Per the note in the TLS ULP (which is actually a generic statement > regarding ULPs) > > /* The TLS ulp is currently supported only for TCP sockets > * in ESTABLISHED state. > * Supporting sockets in LISTEN state will require us > * to modify the accept implementation to clone rather then > * share the ulp context. > */ > > After this patch we only allow socks that are in ESTABLISHED state or > are being added via a sock_ops event that is transitioning into an > ESTABLISHED state. By allowing sock_ops events we allow users to > manage sockmaps directly from sock ops programs. The two supported > sock_ops ops are BPF_SOCK_OPS_PASSIVE_ESTABLISHED_CB and > BPF_SOCK_OPS_ACTIVE_ESTABLISHED_CB. > > Also tested with 'netserver -6' and 'netperf -H [IPv6]' as well as > 'netperf -H [IPv4]'. > > Reported-by: Eric Dumazet > Signed-off-by: John Fastabend Please also add a Fixes tag to this one. Ok to just reply with one. Thanks, Daniel