[v3,29/55] tls/sw: Support MSG_SPLICE_PAGES

Message ID	20230331160914.1608208-30-dhowells@redhat.com (mailing list archive)
State	New
Headers	show Return-Path: <owner-linux-mm@kvack.org> From: David Howells <dhowells@redhat.com> To: Matthew Wilcox <willy@infradead.org>, "David S. Miller" <davem@davemloft.net>, Eric Dumazet <edumazet@google.com>, Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com> Cc: David Howells <dhowells@redhat.com>, Al Viro <viro@zeniv.linux.org.uk>, Christoph Hellwig <hch@infradead.org>, Jens Axboe <axboe@kernel.dk>, Jeff Layton <jlayton@kernel.org>, Christian Brauner <brauner@kernel.org>, Chuck Lever III <chuck.lever@oracle.com>, Linus Torvalds <torvalds@linux-foundation.org>, netdev@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, linux-mm@kvack.org, Boris Pismenny <borisp@nvidia.com>, John Fastabend <john.fastabend@gmail.com> Subject: [PATCH v3 29/55] tls/sw: Support MSG_SPLICE_PAGES Date: Fri, 31 Mar 2023 17:08:48 +0100 Message-Id: <20230331160914.1608208-30-dhowells@redhat.com> In-Reply-To: <20230331160914.1608208-1-dhowells@redhat.com> References: <20230331160914.1608208-1-dhowells@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: owner-linux-mm@kvack.org Precedence: bulk
Series	splice, net: Replace sendpage with sendmsg(MSG_SPLICE_PAGES) \| expand [v3,00/55] splice, net: Replace sendpage with sendmsg(MSG_SPLICE_PAGES) [v3,01/55] netfs: Fix netfs_extract_iter_to_sg() for ITER_UBUF/IOVEC [v3,02/55] iov_iter: Remove last_offset member [v3,03/55] net: Declare MSG_SPLICE_PAGES internal sendmsg() flag [v3,04/55] mm: Move the page fragment allocator from page_alloc.c into its own file [v3,05/55] mm: Make the page_frag_cache allocator use multipage folios [v3,06/55] mm: Make the page_frag_cache allocator use per-cpu [v3,07/55] tcp: Support MSG_SPLICE_PAGES [v3,08/55] tcp: Make sendmsg(MSG_SPLICE_PAGES) copy unspliceable data [v3,09/55] tcp: Convert do_tcp_sendpages() to use MSG_SPLICE_PAGES [v3,10/55] tcp_bpf: Inline do_tcp_sendpages as it's now a wrapper around tcp_sendmsg [v3,11/55] espintcp: Inline do_tcp_sendpages() [v3,12/55] tls: Inline do_tcp_sendpages() [v3,13/55] siw: Inline do_tcp_sendpages() [v3,14/55] tcp: Fold do_tcp_sendpages() into tcp_sendpage_locked() [v3,15/55] ip, udp: Support MSG_SPLICE_PAGES [v3,16/55] ip, udp: Make sendmsg(MSG_SPLICE_PAGES) copy unspliceable data [v3,17/55] ip6, udp6: Support MSG_SPLICE_PAGES [v3,18/55] udp: Convert udp_sendpage() to use MSG_SPLICE_PAGES [v3,19/55] af_unix: Support MSG_SPLICE_PAGES [v3,20/55] af_unix: Make sendmsg(MSG_SPLICE_PAGES) copy unspliceable data [v3,21/55] crypto: af_alg: Pin pages rather than ref'ing if appropriate [v3,22/55] crypto: af_alg: Use netfs_extract_iter_to_sg() to create scatterlists [v3,23/55] crypto: af_alg: Indent the loop in af_alg_sendmsg() [v3,24/55] crypto: af_alg: Support MSG_SPLICE_PAGES [v3,25/55] crypto: af_alg: Convert af_alg_sendpage() to use MSG_SPLICE_PAGES [v3,26/55] crypto: af_alg/hash: Support MSG_SPLICE_PAGES [v3,27/55] tls/device: Support MSG_SPLICE_PAGES [v3,28/55] tls/device: Convert tls_device_sendpage() to use MSG_SPLICE_PAGES [v3,29/55] tls/sw: Support MSG_SPLICE_PAGES [v3,30/55] tls/sw: Convert tls_sw_sendpage() to use MSG_SPLICE_PAGES [v3,31/55] chelsio: Support MSG_SPLICE_PAGES [v3,32/55] chelsio: Convert chtls_sendpage() to use MSG_SPLICE_PAGES [v3,33/55] kcm: Support MSG_SPLICE_PAGES [v3,34/55] kcm: Convert kcm_sendpage() to use MSG_SPLICE_PAGES [v3,35/55] splice, net: Use sendmsg(MSG_SPLICE_PAGES) rather than ->sendpage() [v3,36/55] splice, net: Reimplement splice_to_socket() to pass multiple bufs to sendmsg() [v3,37/55] Remove file->f_op->sendpage [v3,38/55] siw: Use sendmsg(MSG_SPLICE_PAGES) rather than sendpage to transmit [v3,39/55] ceph: Use sendmsg(MSG_SPLICE_PAGES) rather than sendpage [v3,40/55] iscsi: Use sendmsg(MSG_SPLICE_PAGES) rather than sendpage [v3,41/55] iscsi: Assume "sendpage" is okay in iscsi_tcp_segment_map() [v3,42/55] tcp_bpf: Make tcp_bpf_sendpage() go through tcp_bpf_sendmsg(MSG_SPLICE_PAGES) [v3,43/55] net: Use sendmsg(MSG_SPLICE_PAGES) not sendpage in skb_send_sock() [v3,44/55] algif: Remove hash_sendpage*() [v3,45/55] ceph: Use sendmsg(MSG_SPLICE_PAGES) rather than sendpage() [v3,46/55] rds: Use sendmsg(MSG_SPLICE_PAGES) rather than sendpage [v3,47/55] dlm: Use sendmsg(MSG_SPLICE_PAGES) rather than sendpage [v3,48/55] sunrpc: Use sendmsg(MSG_SPLICE_PAGES) rather then sendpage [v3,49/55] nvme: Use sendmsg(MSG_SPLICE_PAGES) rather then sendpage [v3,50/55] kcm: Use sendmsg(MSG_SPLICE_PAGES) rather then sendpage [v3,51/55] smc: Drop smc_sendpage() in favour of smc_sendmsg() + MSG_SPLICE_PAGES [v3,52/55] ocfs2: Use sendmsg(MSG_SPLICE_PAGES) rather than sendpage() [v3,53/55] drbd: Use sendmsg(MSG_SPLICE_PAGES) rather than sendmsg() [v3,54/55] drdb: Send an entire bio in a single sendmsg

Message ID

20230331160914.1608208-30-dhowells@redhat.com (mailing list archive)

State

New

Headers

From: David Howells <dhowells@redhat.com>
To: Matthew Wilcox <willy@infradead.org>,
	"David S. Miller" <davem@davemloft.net>,
	Eric Dumazet <edumazet@google.com>,
	Jakub Kicinski <kuba@kernel.org>,
	Paolo Abeni <pabeni@redhat.com>
Cc: David Howells <dhowells@redhat.com>,
	Al Viro <viro@zeniv.linux.org.uk>,
	Christoph Hellwig <hch@infradead.org>,
	Jens Axboe <axboe@kernel.dk>,
	Jeff Layton <jlayton@kernel.org>,
	Christian Brauner <brauner@kernel.org>,
	Chuck Lever III <chuck.lever@oracle.com>,
	Linus Torvalds <torvalds@linux-foundation.org>,
	netdev@vger.kernel.org,
	linux-fsdevel@vger.kernel.org,
	linux-kernel@vger.kernel.org,
	linux-mm@kvack.org,
	Boris Pismenny <borisp@nvidia.com>,
	John Fastabend <john.fastabend@gmail.com>
Subject: [PATCH v3 29/55] tls/sw: Support MSG_SPLICE_PAGES
Date: Fri, 31 Mar 2023 17:08:48 +0100
Message-Id: <20230331160914.1608208-30-dhowells@redhat.com>
In-Reply-To: <20230331160914.1608208-1-dhowells@redhat.com>
References: <20230331160914.1608208-1-dhowells@redhat.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: owner-linux-mm@kvack.org
Precedence: bulk

Series

splice, net: Replace sendpage with sendmsg(MSG_SPLICE_PAGES) | expand

Commit Message

David Howells March 31, 2023, 4:08 p.m. UTC

Make TLS's sendmsg() support MSG_SPLICE_PAGES.  This causes pages to be
spliced from the source iterator if possible and copied the data if not.

This allows ->sendpage() to be replaced by something that can handle
multiple multipage folios in a single transaction.

Signed-off-by: David Howells <dhowells@redhat.com>
cc: Chuck Lever <chuck.lever@oracle.com>
cc: Boris Pismenny <borisp@nvidia.com>
cc: John Fastabend <john.fastabend@gmail.com>
cc: Jakub Kicinski <kuba@kernel.org>
cc: Eric Dumazet <edumazet@google.com>
cc: "David S. Miller" <davem@davemloft.net>
cc: Paolo Abeni <pabeni@redhat.com>
cc: Jens Axboe <axboe@kernel.dk>
cc: Matthew Wilcox <willy@infradead.org>
cc: netdev@vger.kernel.org
---
 net/tls/tls_sw.c | 57 +++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 56 insertions(+), 1 deletion(-)

Comments

David Howells March 31, 2023, 4:27 p.m. UTC | #1

Here's a trivial TLS server that can be used to test this.

David
---
/*
 * TLS-over-TCP sink server
 */

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <fcntl.h>
#include <unistd.h>
#include <netinet/in.h>
#include <netinet/tcp.h>
#include <linux/tls.h>

#define OSERROR(X, Y) do { if ((long)(X) == -1) { perror(Y); exit(1); } } while(0)

static unsigned char buffer[512 * 1024] __attribute__((aligned(4096)));

static void set_tls(int sock)
{
	struct tls12_crypto_info_aes_gcm_128 crypto_info;

	crypto_info.info.version = TLS_1_2_VERSION;
	crypto_info.info.cipher_type = TLS_CIPHER_AES_GCM_128;
	memset(crypto_info.iv,		0, TLS_CIPHER_AES_GCM_128_IV_SIZE);
	memset(crypto_info.rec_seq,	0, TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
	memset(crypto_info.key,		0, TLS_CIPHER_AES_GCM_128_KEY_SIZE);
	memset(crypto_info.salt,	0, TLS_CIPHER_AES_GCM_128_SALT_SIZE);

	OSERROR(setsockopt(sock, SOL_TCP, TCP_ULP, "tls", sizeof("tls")),
		"TCP_ULP");
	OSERROR(setsockopt(sock, SOL_TLS, TLS_TX, &crypto_info, sizeof(crypto_info)),
		"TLS_TX");
	OSERROR(setsockopt(sock, SOL_TLS, TLS_RX, &crypto_info, sizeof(crypto_info)),
		"TLS_RX");
}

int main(int argc, char *argv[])
{
	struct sockaddr_in sin = { .sin_family = AF_INET, .sin_port = htons(5556) };
	int sfd, afd;

	sfd = socket(AF_INET, SOCK_STREAM, 0);
	OSERROR(sfd, "socket");
	OSERROR(bind(sfd, (struct sockaddr *)&sin, sizeof(sin)), "bind");
	OSERROR(listen(sfd, 1), "listen");

	for (;;) {
		afd = accept(sfd, NULL, NULL);
		if (afd != -1) {
			set_tls(afd);
			while (read(afd, buffer, sizeof(buffer)) > 0) {}
			close(afd);
		}
	}
}

David Howells March 31, 2023, 4:28 p.m. UTC | #2

Here's a trivial TLS client program for testing this.

David
---
/*
 * TLS-over-TCP send client
 */

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <fcntl.h>
#include <unistd.h>
#include <netdb.h>
#include <netinet/in.h>
#include <netinet/tcp.h>
#include <sys/stat.h>
#include <sys/sendfile.h>
#include <linux/tls.h>

#define OSERROR(X, Y) do { if ((long)(X) == -1) { perror(Y); exit(1); } } while(0)

static unsigned char buffer[4096] __attribute__((aligned(4096)));

static void set_tls(int sock)
{
	struct tls12_crypto_info_aes_gcm_128 crypto_info;

	crypto_info.info.version = TLS_1_2_VERSION;
	crypto_info.info.cipher_type = TLS_CIPHER_AES_GCM_128;
	memset(crypto_info.iv,		0, TLS_CIPHER_AES_GCM_128_IV_SIZE);
	memset(crypto_info.rec_seq,	0, TLS_CIPHER_AES_GCM_128_REC_SEQ_SIZE);
	memset(crypto_info.key,		0, TLS_CIPHER_AES_GCM_128_KEY_SIZE);
	memset(crypto_info.salt,	0, TLS_CIPHER_AES_GCM_128_SALT_SIZE);

	OSERROR(setsockopt(sock, SOL_TCP, TCP_ULP, "tls", sizeof("tls")),
		"TCP_ULP");
	OSERROR(setsockopt(sock, SOL_TLS, TLS_TX, &crypto_info, sizeof(crypto_info)),
		"TLS_TX");
	OSERROR(setsockopt(sock, SOL_TLS, TLS_RX, &crypto_info, sizeof(crypto_info)),
		"TLS_RX");
}

int main(int argc, char *argv[])
{
	struct sockaddr_in sin = { .sin_family = AF_INET, .sin_port = htons(5556) };
	struct hostent *h;
	struct stat st;
	ssize_t r, o;
	int sf = 0;
	int cfd, fd;

	if (argc > 1 && strcmp(argv[1], "-s") == 0) {
		sf = 1;
		argc--;
		argv++;
	}
	
	if (argc != 3) {
		fprintf(stderr, "tcp-send [-s] <server> <file>\n");
		exit(2);
	}

	h = gethostbyname(argv[1]);
	if (!h) {
		fprintf(stderr, "%s: %s\n", argv[1], hstrerror(h_errno));
		exit(3);
	}

	if (!h->h_addr_list[0]) {
		fprintf(stderr, "%s: No addresses\n", argv[1]);
		exit(3);
	}

	memcpy(&sin.sin_addr, h->h_addr_list[0], h->h_length);
	
	cfd = socket(AF_INET, SOCK_STREAM, 0);
	OSERROR(cfd, "socket");
	OSERROR(connect(cfd, (struct sockaddr *)&sin, sizeof(sin)), "connect");
	set_tls(cfd);

	fd = open(argv[2], O_RDONLY);
	OSERROR(fd, argv[2]);
	OSERROR(fstat(fd, &st), argv[2]);

	if (!sf) {
		for (;;) {
			r = read(fd, buffer, sizeof(buffer));
			OSERROR(r, argv[2]);
			if (r == 0)
				break;

			o = 0;
			do {
				ssize_t w = write(cfd, buffer + o, r - o);
				OSERROR(w, "write");
				o += w;
			} while (o < r);
		}
	} else {
		off_t off = 0;
		r = sendfile(cfd, fd, &off, st.st_size);
		OSERROR(r, "sendfile");
		if (r != st.st_size) {
			fprintf(stderr, "Short sendfile\n");
			exit(1);
		}
	}

	OSERROR(close(cfd), "close/c");
	OSERROR(close(fd), "close/f");
	return 0;
}

diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c
index 782d3701b86f..ce0c289e68ca 100644
--- a/net/tls/tls_sw.c
+++ b/net/tls/tls_sw.c
@@ -929,6 +929,49 @@  static int tls_sw_push_pending_record(struct sock *sk, int flags)
 				   &copied, flags);
 }
 
+static int rls_sw_sendmsg_splice(struct sock *sk, struct msghdr *msg,
+				 struct sk_msg *msg_pl, size_t try_to_copy,
+				 ssize_t *copied)
+{
+	struct page *page, **pages = &page;
+
+	do {
+		ssize_t part;
+		size_t off;
+		bool put = false;
+
+		part = iov_iter_extract_pages(&msg->msg_iter, &pages,
+					      try_to_copy, 1, 0, &off);
+		if (part <= 0)
+			return part ?: -EIO;
+
+		if (!sendpage_ok(page)) {
+			const void *p = kmap_local_page(page);
+			void *q;
+
+			q = page_frag_memdup(NULL, p + off, part,
+					     sk->sk_allocation, ULONG_MAX);
+			kunmap_local(p);
+			if (!q) {
+				iov_iter_revert(&msg->msg_iter, part);
+				return -ENOMEM;
+			}
+			page = virt_to_page(q);
+			off = offset_in_page(q);
+			put = true;
+		}
+
+		sk_msg_page_add(msg_pl, page, part, off);
+		sk_mem_charge(sk, part);
+		if (put)
+			put_page(page);
+		*copied += part;
+		try_to_copy -= part;
+	} while (try_to_copy && !sk_msg_full(msg_pl));
+
+	return 0;
+}
+
 int tls_sw_sendmsg(struct sock *sk, struct msghdr *msg, size_t size)
 {
 	long timeo = sock_sndtimeo(sk, msg->msg_flags & MSG_DONTWAIT);
@@ -1016,6 +1059,17 @@  int tls_sw_sendmsg(struct sock *sk, struct msghdr *msg, size_t size)
 			full_record = true;
 		}
 
+		if (try_to_copy && (msg->msg_flags & MSG_SPLICE_PAGES)) {
+			ret = rls_sw_sendmsg_splice(sk, msg, msg_pl,
+						    try_to_copy, &copied);
+			if (ret < 0)
+				goto send_end;
+			tls_ctx->pending_open_record_frags = true;
+			if (full_record || eor || sk_msg_full(msg_pl))
+				goto copied;
+			continue;
+		}
+
 		if (!is_kvec && (full_record || eor) && !async_capable) {
 			u32 first = msg_pl->sg.end;
 
@@ -1078,8 +1132,9 @@  int tls_sw_sendmsg(struct sock *sk, struct msghdr *msg, size_t size)
 		/* Open records defined only if successfully copied, otherwise
 		 * we would trim the sg but not reset the open record frags.
 		 */
-		tls_ctx->pending_open_record_frags = true;
 		copied += try_to_copy;
+copied:
+		tls_ctx->pending_open_record_frags = true;
 		if (full_record || eor) {
 			ret = bpf_exec_tx_verdict(msg_pl, sk, full_record,
 						  record_type, &copied,

[v3,29/55] tls/sw: Support MSG_SPLICE_PAGES

Commit Message

Comments

Patch