Date: Tue, 1 Feb 2022 00:44:34 GMT From: John Baldwin <jhb@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: d782385e9bc7 - main - tcp_ratelimit: Handle some edge cases with TLS + RL send tags. Message-ID: <202202010044.2110iYLr072639@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=d782385e9bc7bf14ab0f6577bad7526cc51b6b64 commit d782385e9bc7bf14ab0f6577bad7526cc51b6b64 Author: John Baldwin <jhb@FreeBSD.org> AuthorDate: 2022-02-01 00:40:04 +0000 Commit: John Baldwin <jhb@FreeBSD.org> CommitDate: 2022-02-01 00:40:04 +0000 tcp_ratelimit: Handle some edge cases with TLS + RL send tags. - After a connection has fallen back from NIC TLS to SW TLS, any pacing rate changes should modify the inpcb send tag even though SB_TLS_IFNET is set. - If a connection tries to modify the pacing rate before the send tag has been converted from plain TLS to TLS + RL, don't fail the rate request set but let it fall through to setting the rate on the non-TLS inpcb RL tag. Reviewed by: gallatin, rrs, hselasky Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D34085 --- sys/netinet/tcp_ratelimit.c | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) diff --git a/sys/netinet/tcp_ratelimit.c b/sys/netinet/tcp_ratelimit.c index 2f36cea4faed..dc9a6b6650e1 100644 --- a/sys/netinet/tcp_ratelimit.c +++ b/sys/netinet/tcp_ratelimit.c @@ -1403,18 +1403,30 @@ tcp_chg_pacing_rate(const struct tcp_hwrate_limit_table *crte, #ifdef KERN_TLS if (tp->t_inpcb->inp_socket->so_snd.sb_flags & SB_TLS_IFNET) { tls = tp->t_inpcb->inp_socket->so_snd.sb_tls_info; - MPASS(tls->mode == TCP_TLS_MODE_IFNET); - if (tls->snd_tag != NULL && + if (tls->mode != TCP_TLS_MODE_IFNET) + tls = NULL; + else if (tls->snd_tag != NULL && tls->snd_tag->sw->type != IF_SND_TAG_TYPE_TLS_RATE_LIMIT) { + if (!tls->reset_pending) { + /* + * NIC probably doesn't support + * ratelimit TLS tags if it didn't + * allocate one when an existing rate + * was present, so ignore. + */ + tcp_rel_pacing_rate(crte, tp); + if (error) + *error = EOPNOTSUPP; + return (NULL); + } + /* - * NIC probably doesn't support ratelimit TLS - * tags if it didn't allocate one when an - * existing rate was present, so ignore. + * The send tag is being converted, so set the + * rate limit on the inpcb tag. There is a + * race that the new NIC send tag might use + * the current rate instead of this one. */ - tcp_rel_pacing_rate(crte, tp); - if (error) - *error = EOPNOTSUPP; - return (NULL); + tls = NULL; } } #endif
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202202010044.2110iYLr072639>