Re: Kernel TLS

From: Jeffrey Walton <noloader@gmail.com>
To: "Valentin Vidić" <vvidic@valentin-vidic.from.hr>
Cc: kernelnewbies <kernelnewbies@kernelnewbies.org>
Subject: Re: Kernel TLS
Date: Fri, 29 Nov 2019 15:04:43 -0500	[thread overview]
Message-ID: <CAH8yC8mwnoVBfcLW46HGTjYO72oLUy2ftPR80BZXjN3hi37AwQ@mail.gmail.com> (raw)
In-Reply-To: <CAH8yC8nSCZwRwT=9RDRc0EFgC3dJeMektHYYrwG5Ym1Y=tXMHQ@mail.gmail.com>

On Fri, Nov 29, 2019 at 2:57 PM Jeffrey Walton <noloader@gmail.com> wrote:
>
> On Fri, Nov 29, 2019 at 2:48 PM Valentin Vidić
> <vvidic@valentin-vidic.from.hr> wrote:
> >
> > On Fri, Nov 29, 2019 at 02:36:10PM -0500, Jeffrey Walton wrote:
> > > I'm trying to run through the example at
> > > https://www.kernel.org/doc/html/latest/networking/tls.html#kernel-tls
> > > .
> > >
> > > I'm working on Fedora 31 x86_64 (fully patched). Running my program results in:
> > >
> > >     $ ./ktls
> > >     setsockopt failed, 2, No such file or directory
> > >
> > > I observed:
> > >
> > >     $ cat /proc/sys/net/ipv4/tcp_available_ulp
> > >     $
> > >
> > > Is there a way to enable ULP at boot? Or is this a kernel config
> > > option? Or maybe I am doing something else wrong?
> >
> > strace gives me:
> >
> > ...
> > socket(AF_INET, SOCK_STREAM, IPPROTO_IP) = 3
> > setsockopt(3, SOL_TCP, TCP_ULP, [7564404], 4) = -1 ENOENT (No such file or directory)
> > fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(0x88, 0x2), ...}) = 0
> > brk(NULL)                               = 0x55d76b14e000
> > brk(0x55d76b16f000)                     = 0x55d76b16f000
> > write(1, "setsockopt failed, 2, No such fi"..., 48setsockopt failed, 2, No such file or directory
> > ) = 48
> > exit_group(1)                           = ?
> > +++ exited with 1 +++
> >
> > $ grep TLS /boot/config-4.19.0-6-amd64
> > CONFIG_HAVE_COPY_THREAD_TLS=y
> > # CONFIG_TLS is not set
> > # CONFIG_VIDEO_IVTV_DEPRECATED_IOCTLS is not set
> >
> > So you probably need to rebuild the kernel with CONFIG_TLS to get this working.
>
> Thanks Valentin.
>
> Here's what I am seeing:
>
>     $ grep TLS /boot/config-5.3.12-300.fc31.x86_64
>     CONFIG_HAVE_COPY_THREAD_TLS=y
>     CONFIG_TLS=m
>     ...
>
> I believe the 'm' means a loadable module. But:
>
>     $ insmod tls
>     insmod: ERROR: could not load module tls: No such file or directory

My bad, I needed modprobe, not insmod.

So now I am at:

    $ gcc -Wall -g2 -O1 ktls.c -o ktls
    $ ./ktls
    setsockopt failed, 524, Unknown error 524

Jeff

_______________________________________________
Kernelnewbies mailing list
Kernelnewbies@kernelnewbies.org
https://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies