Hi,
Christoph, Igor, and I have worked on an API that facilitates TFO key
rotation. This is a follow up to the series that Christoph previously
posted, with an API that meets both of our use-cases. Here's a
link to the previous work:
https://patchwork.ozlabs.org/cover/1013753/
Thanks,
-Jason
Changes in v2:
-spelling fixes in ip-sysctl.txt (Jeremy Sowden)
-re-base to latest net-next
Christoph Paasch (1):
tcp: introduce __tcp_fastopen_cookie_gen_cipher()
Jason Baron (5):
tcp: add backup TFO key infrastructure
tcp: add support to TCP_FASTOPEN_KEY for optional backup key
tcp: add support for optional TFO backup key to
net.ipv4.tcp_fastopen_key
Documentation: ip-sysctl.txt: Document tcp_fastopen_key
selftests/net: add TFO key rotation selftest
Documentation/networking/ip-sysctl.txt | 20 ++
include/net/tcp.h | 41 ++-
include/uapi/linux/snmp.h | 1 +
net/ipv4/proc.c | 1 +
net/ipv4/sysctl_net_ipv4.c | 93 ++++--
net/ipv4/tcp.c | 29 +-
net/ipv4/tcp_fastopen.c | 233 +++++++++-----
tools/testing/selftests/net/.gitignore | 1 +
tools/testing/selftests/net/Makefile | 2 +
.../selftests/net/tcp_fastopen_backup_key.c | 336 +++++++++++++++++++++
.../selftests/net/tcp_fastopen_backup_key.sh | 55 ++++
11 files changed, 694 insertions(+), 118 deletions(-)
create mode 100644 tools/testing/selftests/net/tcp_fastopen_backup_key.c
create mode 100755 tools/testing/selftests/net/tcp_fastopen_backup_key.sh
--
2.7.4
