From: Alexei Starovoitov Date: Mon, 15 Oct 2018 19:23:20 +0000 (-0700) Subject: Merge branch 'sockmap_and_ktls' X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=d04fb13c9fcdad850c0fcaeb155863de3d8169a0;p=openwrt%2Fstaging%2Fblogic.git Merge branch 'sockmap_and_ktls' Daniel Borkmann says: ==================== This work adds a generic sk_msg layer and converts both sockmap and later ktls over to make use of it as a common data structure for application data (similarly as sk_buff for network packets). With that in place the sk_msg framework spans accross ULP layer in the kernel and allows for introspection or filtering of L7 data with the help of BPF programs operating on a common input context. In a second step, we enable the latter for ktls which was previously not possible, meaning, ktls and sk_msg verdict programs were mutually exclusive in the ULP layer which created challenges for the orchestrator when trying to apply TCP based policy, for example. Leveraging the prior consolidation we can finally overcome this limitation. Note, there's no change in behavior when ktls is not used in combination with BPF, and also no change in behavior for stand alone sockmap. The kselftest suites for ktls, sockmap and ktls with sockmap combined also runs through successfully. For further details please see individual patches. Thanks! v1 -> v2: - Removed leftover comment spotted by Alexei - Improved commit messages, rebase ==================== Signed-off-by: Alexei Starovoitov --- d04fb13c9fcdad850c0fcaeb155863de3d8169a0