Google Git
Sign in
android-kvm / linux / 1fba70e5b6bed53496ba1f1f16127f5be01b5fb6^! / . / include
commit1fba70e5b6bed53496ba1f1f16127f5be01b5fb6[log] [tgz]
authorYuchung Cheng <ycheng@google.com>Wed Oct 18 11:22:51 2017 -0700
committerDavid S. Miller <davem@davemloft.net>Fri Oct 20 13:21:36 2017 +0100
tree22b060a68ca7b36f052b8f943c91c7ba78b8ddcf
parentce12f7ddff2df63b8f9abf33d6fe020e35de4059 [diff]
tcp: socket option to set TCP fast open key

New socket option TCP_FASTOPEN_KEY to allow different keys per
listener.  The listener by default uses the global key until the
socket option is set.  The key is a 16 bytes long binary data. This
option has no effect on regular non-listener TCP sockets.

Signed-off-by: Yuchung Cheng <ycheng@google.com>
Reviewed-by: Eric Dumazet <edumazet@google.com>
Reviewed-by: Christoph Paasch <cpaasch@apple.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/include/net/request_sock.h b/include/net/request_sock.h
index 23e2205..3470155 100644
--- a/include/net/request_sock.h
+++ b/include/net/request_sock.h

@@ -150,6 +150,8 @@ struct fastopen_queue {
 	spinlock_t	lock;
 	int		qlen;		/* # of pending (TCP_SYN_RECV) reqs */
 	int		max_qlen;	/* != 0 iff TFO is currently enabled */
+
+	struct tcp_fastopen_context __rcu *ctx; /* cipher context for cookie */
 };
 
 /** struct request_sock_queue - queue of request_socks

diff --git a/include/net/tcp.h b/include/net/tcp.h
index 3b3b9b9..1efe836 100644
--- a/include/net/tcp.h
+++ b/include/net/tcp.h

@@ -1555,9 +1555,10 @@ struct tcp_fastopen_request {
 	int				copied;	/* queued in tcp_connect() */
 };
 void tcp_free_fastopen_req(struct tcp_sock *tp);
-
+void tcp_fastopen_destroy_cipher(struct sock *sk);
 void tcp_fastopen_ctx_destroy(struct net *net);
-int tcp_fastopen_reset_cipher(struct net *net, void *key, unsigned int len);
+int tcp_fastopen_reset_cipher(struct net *net, struct sock *sk,
+			      void *key, unsigned int len);
 void tcp_fastopen_add_skb(struct sock *sk, struct sk_buff *skb);
 struct sock *tcp_try_fastopen(struct sock *sk, struct sk_buff *skb,
 			      struct request_sock *req,

diff --git a/include/uapi/linux/tcp.h b/include/uapi/linux/tcp.h
index 15c25ec..69c7493 100644
--- a/include/uapi/linux/tcp.h
+++ b/include/uapi/linux/tcp.h

@@ -119,6 +119,7 @@ enum {
 #define TCP_FASTOPEN_CONNECT	30	/* Attempt FastOpen with connect */
 #define TCP_ULP			31	/* Attach a ULP to a TCP connection */
 #define TCP_MD5SIG_EXT		32	/* TCP MD5 Signature with extensions */
+#define TCP_FASTOPEN_KEY	33	/* Set the key for Fast Open (cookie) */
 
 struct tcp_repair_opt {
 	__u32	opt_code;