svn commit: r360914 - in head/sys: netinet netinet6
Andrew Gallatin
gallatin at FreeBSD.org
Mon May 11 19:17:34 UTC 2020
Author: gallatin
Date: Mon May 11 19:17:33 2020
New Revision: 360914
URL: https://svnweb.freebsd.org/changeset/base/360914
Log:
Ktls: never skip stamping tags for NIC TLS
The newer RACK and BBR TCP stacks have added a mechanism
to disable hardware packet pacing for TCP retransmits.
This mechanism works by skipping the send-tag stamp
on rate-limited connections when the TCP stack calls
ip_output() with the IP_NO_SND_TAG_RL flag set.
When doing NIC TLS, we must ignore this flag, as
NIC TLS packets must always be stamped. Failure
to stamp a NIC TLS packet will result in crypto
issues.
Reviewed by: hselasky, rrs
Sponsored by: Netflix, Mellanox
Modified:
head/sys/netinet/ip_output.c
head/sys/netinet6/ip6_output.c
Modified: head/sys/netinet/ip_output.c
==============================================================================
--- head/sys/netinet/ip_output.c Mon May 11 19:16:49 2020 (r360913)
+++ head/sys/netinet/ip_output.c Mon May 11 19:17:33 2020 (r360914)
@@ -242,6 +242,10 @@ ip_output_send(struct inpcb *inp, struct ifnet *ifp, s
error = EAGAIN;
goto done;
}
+ /*
+ * Always stamp tags that include NIC ktls.
+ */
+ stamp_tag = true;
}
#endif
#ifdef RATELIMIT
Modified: head/sys/netinet6/ip6_output.c
==============================================================================
--- head/sys/netinet6/ip6_output.c Mon May 11 19:16:49 2020 (r360913)
+++ head/sys/netinet6/ip6_output.c Mon May 11 19:17:33 2020 (r360914)
@@ -353,6 +353,10 @@ ip6_output_send(struct inpcb *inp, struct ifnet *ifp,
error = EAGAIN;
goto done;
}
+ /*
+ * Always stamp tags that include NIC ktls.
+ */
+ stamp_tag = true;
}
#endif
#ifdef RATELIMIT
More information about the svn-src-head
mailing list