Jakub Sitnicki wrote:
> When a TCP socket gets inserted into a sockmap, its sk_prot callbacks get
> replaced with tcp_bpf callbacks built from regular tcp callbacks. If TLS
> gets enabled on the same socket, sk_prot callbacks get replaced once again,
> this time with kTLS callbacks built from tcp_bpf callbacks.
>
> Now, we allow removing a socket from a sockmap that has kTLS enabled. After
> removal, socket remains with kTLS configured. This is where things things
> get tricky.
>
> Since the socket has a set of sk_prot callbacks that are a mix of kTLS and
> tcp_bpf callbacks, we need to restore just the tcp_bpf callbacks to the
> original ones. At the moment, it comes down to the the unhash operation.
>
> We had a regression recently because tcp_bpf callbacks were not cleared in
> this particular scenario of removing a kTLS socket from a sockmap. It got
> fixed in commit 4da6a196f93b ("bpf: Sockmap/tls, during free we may call
> tcp_bpf_unhash() in loop").
>
> Add a test that triggers the regression so that we don't reintroduce it in
> the future.
>
> Signed-off-by: Jakub Sitnicki <jakub@xxxxxxxxxxxxxx>
> ---
> .../selftests/bpf/prog_tests/sockmap_ktls.c | 123 ++++++++++++++++++
> 1 file changed, 123 insertions(+)
> create mode 100644 tools/testing/selftests/bpf/prog_tests/sockmap_ktls.c
>
I'll push the patches I have on my stack to run some more of the
sockmap tests with ktls this week as well to get our coverage up.
Acked-by: John Fastabend <john.fastabend@xxxxxxxxx>
