Bug 217401

Summary: TCP_ULP option is not working for tls
Product: Linux Reporter: Sumit (sumit.200744)
Component: KernelAssignee: Virtual assignee for kernel bugs (linux-kernel)
Status: RESOLVED DISTRO_KERNEL    
Severity: normal CC: kubakici
Priority: P3 Flags: mricon: bugbot+
Hardware: All   
OS: Linux   
Kernel Version: 5.15 Subsystem: NETWORKING [TLS]
Regression: No Bisected commit-id:

Description Sumit 2023-05-04 11:55:36 UTC 
TCP socket was created as below
int sfd = socket(AF_INET,SOCK_STREAM,0).

socket connection was established between server and client using accept and connect calls.

To enable TCP_ULP, setsockopt was used as below
Client:
setsockopt(sfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));
Server:
setsockopt(nsfd, IPPROTO_TCP, TCP_ULP, "tls", sizeof("tls"));

but setsockopt is returning -1 with error ENOENT - "No such file or directory". Is anything missing for above usage ?

Which kernel version has TLS option enabled which is mentioned in https://www.kernel.org/doc/html/latest/networking/tls.html#kernel-tls ?
Comment 1 Konstantin Ryabitsev 2023-05-04 15:19:12 UTC 
What kernel version is this?
Comment 2 Sumit 2023-05-04 15:46:56 UTC 
I tried it on 5.15.78 where I'm getting the above failure -  "No such file or directory for setsockopt.
Not sure on which linux kernel this TLS option is introduced.
Comment 3 Bugspray Bot 2023-05-04 16:57:56 UTC 
Jakub Kicinski <kuba@kernel.org> replies to comment #2:

On Thu,  4 May 2023 16:19:29 +0000 (UTC) Kernel.org Bugbot wrote:
> I tried it on 5.15.78 where I'm getting the above failure -  "No such
> file or directory for setsockopt. Not sure on which linux kernel this
> TLS option is introduced.

Can you show the output of:

  modprobe tls
  cat /proc/sys/net/ipv4/tcp_available_ulp
  grep CONFIG_TLS /boot/config-*

?

(via https://msgid.link/20230504095114.6656e611@kernel.org)
Comment 4 Sumit 2023-05-05 07:08:06 UTC 
Trying it on android platform. Seems TLS is not enabled in kernel

# modprobe tls
modprobe: No module configuration directories given.

# insmod tls
insmod: tls: No such file or directory

# cat /proc/sys/net/ipv4/tcp_available_ulp

# grep CONFIG_TLS /boot/config-*
grep: /boot/config-*: No such file or directory
Comment 5 Jakub Kicinski 2023-05-05 19:41:00 UTC 
Sounds like it. I'm not familiar with the Android kernel but the tls code either needs to be loaded as a module or compiled in, and since /proc/sys/net/ipv4/tcp_available_ulp is empty - neither seems to be the case on your system.