After some time of struggle trying to fix all hidden bugs that Sabrina has found...here is v20! Notable changes since v19: * copyright years updated to 2025 * rtnl_link_ops.newlink adapted to new signature * removed admindown del-peer-reason attribute from netlink API (it should have gone away in v19 already) * removed asynchronous socket cleanup. All cleanup now happens in the same context as the peer removal. I used a "deferred list" to collect all peers that needed socket release and traversed it after releasing the socket. This wasy there was no need to spawn workers to leave the atomic context. Code looks way more linear now * provided implementation for sk_prot->close() in order to catch when userspace is releasing a socet and act accordingly. This way we can avoid the dangling netns problem discussed in v19 * due to the previous item, it is now expected that the process that created a socket stays alive all time long. * kselftest scripts have been re-arranged as per the previous item in order to keep ovpn-cli processes alive in background during the tests * improved TCP shutdown coordination across involved components * fixed false deadlock reporting by using nested lock class (thanks a lot to Sean Anderson!) * exported udpv6_prot via EXPORT_SYMBOL_GPL * merged patch for exporting inet6_stream_ops with its user * moved TCP code that may sleep during detach out of lock_sock area * reverted tcp_release_cb to EXPORT_SYMBOL * improved kselftest Makefile to allow kselftest_deps.sh to detect all dependencies Please note that some patches were already reviewed/tested by a few people. These patches have retained the tags as they have hardly been touched. (Due to the amount of changes applied to the kselftest scripts, I dropped the Reviewed-by Shuah Khan tag on that specific patch) The latest code can also be found at: https://github.com/OpenVPN/ovpn-net-next Thanks a lot! Best Regards, Antonio Quartulli OpenVPN Inc. --- Antonio Quartulli (25): mailmap: remove unwanted entry for Antonio Quartulli net: introduce OpenVPN Data Channel Offload (ovpn) ovpn: add basic netlink support ovpn: add basic interface creation/destruction/management routines ovpn: keep carrier always on for MP interfaces ovpn: introduce the ovpn_peer object ovpn: introduce the ovpn_socket object ovpn: implement basic TX path (UDP) ovpn: implement basic RX path (UDP) ovpn: implement packet processing ovpn: store tunnel and transport statistics ovpn: implement TCP transport skb: implement skb_send_sock_locked_with_flags() ovpn: add support for MSG_NOSIGNAL in tcp_sendmsg ovpn: implement multi-peer support ovpn: implement peer lookup logic ovpn: implement keepalive mechanism ovpn: add support for updating local UDP endpoint ovpn: add support for peer floating ovpn: implement peer add/get/dump/delete via netlink ovpn: implement key add/get/del/swap via netlink ovpn: kill key and notify userspace in case of IV exhaustion ovpn: notify userspace when a peer is deleted ovpn: add basic ethtool support testing/selftests: add test tool and scripts for ovpn module .mailmap | 1 - Documentation/netlink/specs/ovpn.yaml | 371 +++ Documentation/netlink/specs/rt_link.yaml | 16 + MAINTAINERS | 11 + drivers/net/Kconfig | 15 + drivers/net/Makefile | 1 + drivers/net/ovpn/Makefile | 22 + drivers/net/ovpn/bind.c | 55 + drivers/net/ovpn/bind.h | 101 + drivers/net/ovpn/crypto.c | 211 ++ drivers/net/ovpn/crypto.h | 145 ++ drivers/net/ovpn/crypto_aead.c | 408 ++++ drivers/net/ovpn/crypto_aead.h | 33 + drivers/net/ovpn/io.c | 462 ++++ drivers/net/ovpn/io.h | 34 + drivers/net/ovpn/main.c | 350 +++ drivers/net/ovpn/main.h | 14 + drivers/net/ovpn/netlink-gen.c | 213 ++ drivers/net/ovpn/netlink-gen.h | 41 + drivers/net/ovpn/netlink.c | 1249 ++++++++++ drivers/net/ovpn/netlink.h | 18 + drivers/net/ovpn/ovpnpriv.h | 57 + drivers/net/ovpn/peer.c | 1341 +++++++++++ drivers/net/ovpn/peer.h | 163 ++ drivers/net/ovpn/pktid.c | 129 ++ drivers/net/ovpn/pktid.h | 87 + drivers/net/ovpn/proto.h | 118 + drivers/net/ovpn/skb.h | 61 + drivers/net/ovpn/socket.c | 241 ++ drivers/net/ovpn/socket.h | 53 + drivers/net/ovpn/stats.c | 21 + drivers/net/ovpn/stats.h | 47 + drivers/net/ovpn/tcp.c | 571 +++++ drivers/net/ovpn/tcp.h | 36 + drivers/net/ovpn/udp.c | 478 ++++ drivers/net/ovpn/udp.h | 27 + include/linux/skbuff.h | 2 + include/uapi/linux/if_link.h | 15 + include/uapi/linux/ovpn.h | 110 + include/uapi/linux/udp.h | 1 + net/core/skbuff.c | 18 +- net/ipv4/tcp_output.c | 2 +- net/ipv6/af_inet6.c | 1 + net/ipv6/udp.c | 1 + tools/testing/selftests/Makefile | 1 + tools/testing/selftests/net/ovpn/.gitignore | 2 + tools/testing/selftests/net/ovpn/Makefile | 31 + tools/testing/selftests/net/ovpn/common.sh | 92 + tools/testing/selftests/net/ovpn/config | 10 + tools/testing/selftests/net/ovpn/data64.key | 5 + tools/testing/selftests/net/ovpn/ovpn-cli.c | 2395 ++++++++++++++++++++ tools/testing/selftests/net/ovpn/tcp_peers.txt | 5 + .../testing/selftests/net/ovpn/test-chachapoly.sh | 9 + .../selftests/net/ovpn/test-close-socket-tcp.sh | 9 + .../selftests/net/ovpn/test-close-socket.sh | 45 + tools/testing/selftests/net/ovpn/test-float.sh | 9 + tools/testing/selftests/net/ovpn/test-tcp.sh | 9 + tools/testing/selftests/net/ovpn/test.sh | 113 + tools/testing/selftests/net/ovpn/udp_peers.txt | 5 + 59 files changed, 10084 insertions(+), 7 deletions(-) --- base-commit: 91c8d8e4b7a38dc099b26e14b22f814ca4e75089 change-id: 20241002-b4-ovpn-eeee35c694a2 Best regards, -- Antonio Quartulli <antonio@xxxxxxxxxxx>
