diff options
| author | John Baldwin <jhb@FreeBSD.org> | 2020-10-29 03:23:16 +0300 |
|---|---|---|
| committer | Sebastian Huber <sebastian.huber@embedded-brains.de> | 2022-07-11 12:52:46 +0300 |
| commit | 5ea36d92e66fce3932c15a35c427653973efb115 (patch) | |
| tree | 7c37773d04023765f6d141d718f8a6b547d20241 /newlib/libc/sys | |
| parent | b8e36b9251f938a32958cdfb7adac59c04a4a5ee (diff) | |
Support hardware rate limiting (pacing) with TLS offload.
- Add a new send tag type for a send tag that supports both rate
limiting (packet pacing) and TLS offload (mostly similar to D22669
but adds a separate structure when allocating the new tag type).
- When allocating a send tag for TLS offload, check to see if the
connection already has a pacing rate. If so, allocate a tag that
supports both rate limiting and TLS offload rather than a plain TLS
offload tag.
- When setting an initial rate on an existing ifnet KTLS connection,
set the rate in the TCP control block inp and then reset the TLS
send tag (via ktls_output_eagain) to reallocate a TLS + ratelimit
send tag. This allocates the TLS send tag asynchronously from a
task queue, so the TLS rate limit tag alloc is always sleepable.
- When modifying a rate on a connection using KTLS, look for a TLS
send tag. If the send tag is only a plain TLS send tag, assume we
failed to allocate a TLS ratelimit tag (either during the
TCP_TXTLS_ENABLE socket option, or during the send tag reset
triggered by ktls_output_eagain) and ignore the new rate. If the
send tag is a ratelimit TLS send tag, change the rate on the TLS tag
and leave the inp tag alone.
- Lock the inp lock when setting sb_tls_info for a socket send buffer
so that the routines in tcp_ratelimit can safely dereference the
pointer without needing to grab the socket buffer lock.
- Add an IFCAP_TXTLS_RTLMT capability flag and associated
administrative controls in ifconfig(8). TLS rate limit tags are
only allocated if this capability is enabled. Note that TLS offload
(whether unlimited or rate limited) always requires IFCAP_TXTLS[46].
Reviewed by: gallatin, hselasky
Relnotes: yes
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D26691
Diffstat (limited to 'newlib/libc/sys')
| -rw-r--r-- | newlib/libc/sys/rtems/include/net/if.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/newlib/libc/sys/rtems/include/net/if.h b/newlib/libc/sys/rtems/include/net/if.h index c9f07eca7..4147cd0f4 100644 --- a/newlib/libc/sys/rtems/include/net/if.h +++ b/newlib/libc/sys/rtems/include/net/if.h @@ -250,6 +250,7 @@ struct if_data { #define IFCAP_TXTLS6 0x10000000 /* can do TLS encryption and segmentation for TCP6 */ #define IFCAP_VXLAN_HWCSUM 0x20000000 /* can do IFCAN_HWCSUM on VXLANs */ #define IFCAP_VXLAN_HWTSO 0x40000000 /* can do IFCAP_TSO on VXLANs */ +#define IFCAP_TXTLS_RTLMT 0x80000000 /* can do TLS with rate limiting */ #define IFCAP_HWCSUM_IPV6 (IFCAP_RXCSUM_IPV6 | IFCAP_TXCSUM_IPV6) |