d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
b99781834f
freebsd-skq/sys
History
Andrew Gallatin b99781834f TCP: remove special treatment for hardware (ifnet) TLS 
Remove most special treatment for ifnet TLS in the TCP stack, except
for code to avoid mixing handshakes and bulk data.

This code made heroic efforts to send down entire TLS records to
NICs. It was added to improve the PCIe bus efficiency of older TLS
offload NICs which did not keep state per-session, and so would need
to re-DMA the first part(s) of a TLS record if a TLS record was sent
in multiple TCP packets or TSOs. Newer TLS offload NICs do not need
this feature.

At Netflix, we've run extensive QoE tests which show that this feature
reduces client quality metrics, presumably because the effort to send
TLS records atomically causes the server to both wait too long to send
data (leading to buffers running dry), and to send too much data at
once (leading to packet loss).

Reviewed by:	hselasky,  jhb, rrs
Sponsored by:	Netflix
Differential Revision:	https://reviews.freebsd.org/D26103
2020-08-19 17:59:06 +00:00
..
amd64 Remove some noisy ACPI tables messages from verbose dmesg. 2020-08-19 16:09:36 +00:00
arm None of system, subsystem, or type may have spaces in them. Convert the spaces 2020-08-18 20:20:45 +00:00
arm64 Remove some noisy ACPI tables messages from verbose dmesg. 2020-08-19 16:09:36 +00:00
bsm bsm: add AUE_CLOSERANGE 2020-04-24 01:27:25 +00:00
cam vfs: drop the error parameter from vn_isdisk, introduce vn_isdisk_error 2020-08-19 02:51:17 +00:00
cddl zfs: add an option to the bootloader to rewind the ZFS checkpoint 2020-08-18 19:48:04 +00:00
compat vfs: drop the error parameter from vn_isdisk, introduce vn_isdisk_error 2020-08-19 02:51:17 +00:00
conf Add prng(9) API 2020-08-13 20:48:14 +00:00
contrib pcg-c: Add 'static' to inline function definitions 2020-08-15 18:46:26 +00:00
crypto padlock: fix Via Padlock with 192-bit keys 2020-07-20 16:12:14 +00:00
ddb [PowerPC] More relocation fixes 2020-06-21 03:39:26 +00:00
dev Avoid evaluating the XHCI control endpoint context. 2020-08-19 11:50:12 +00:00
dts Remove licenses 2020-06-04 17:20:58 +00:00
fs vfs: remove the always-curthread td argument from VOP_RECLAIM 2020-08-19 07:28:01 +00:00
gdb gdb(4): Support empty qSupported queries 2020-08-18 20:59:10 +00:00
geom gpart(8): Recognize apple-zfs and solaris-reserved partition ids 2020-08-17 17:07:05 +00:00
gnu Import DTS files for arm, arm64, riscv from Linux 5.8 2020-08-04 19:44:43 +00:00
i386 Remove some noisy ACPI tables messages from verbose dmesg. 2020-08-19 16:09:36 +00:00
isa
kern Add VFS FS events for mount and unmount to devctl/devd 2020-08-19 17:10:04 +00:00
kgssapi Add support for optional separate output buffers to in-kernel crypto. 2020-05-25 22:12:04 +00:00
libkern Add prng(9) API 2020-08-13 20:48:14 +00:00
mips Include virtio support in std.MALTA 2020-07-31 11:28:09 +00:00
modules Unbreak building cp2112(8) as a module outside of kernel build environment. 2020-08-16 12:59:43 +00:00
net For consistency and to avoid any problems getting past the 31bit 2020-08-17 13:51:25 +00:00
net80211 net80211: replace magic number by define 2020-08-17 20:18:01 +00:00
netgraph Increase BER to PER lookup table size in an attempt to mitigate panics 2020-08-18 22:46:46 +00:00
netinet TCP: remove special treatment for hardware (ifnet) TLS 2020-08-19 17:59:06 +00:00
netinet6 Make net.inet6.ip6.deembed_scopeid behaviour default & remove sysctl. 2020-08-15 11:37:44 +00:00
netipsec Simplify IPsec transform-specific teardown. 2020-06-25 23:59:16 +00:00
netpfil ipfw: make the "frag" keyword accept additional options "mf", 2020-08-11 15:46:22 +00:00
netsmb Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many) 2020-02-26 14:26:36 +00:00
nfs Transition from rtrequest1_fib() to rib_action(). 2020-07-21 19:56:13 +00:00
nfsclient
nfsserver
nlm Fix export_args ex_flags field so that is 64bits, the same as mnt_flags. 2020-06-14 00:10:18 +00:00
ofed Infiniband clients must be attached and detached in a specific order in ibcore. 2020-07-06 08:50:11 +00:00
opencrypto Add support for KTLS RX via software decryption. 2020-07-23 23:48:18 +00:00
powerpc Fix clang 11 inline asm constraint error when building powerpc GENERIC64 2020-08-07 19:32:54 +00:00
riscv riscv: Use global mimpid in identify_cpu() 2020-08-18 16:51:04 +00:00
rpc Add an argument to newnfs_connect() that indicates use TLS for the connection. 2020-08-11 00:26:45 +00:00
security vfs: add VOP_STAT 2020-08-07 23:06:40 +00:00
sys Move the mount name to bit mapping into sys/mount.h so it can be shared with the 2020-08-19 17:09:58 +00:00
teken
tests Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (17 of many) 2020-02-26 14:26:36 +00:00
tools makesyscalls.lua: improve syscall ordering validation 2020-08-04 21:49:13 +00:00
ufs vfs: remove the always-curthread td argument from VOP_RECLAIM 2020-08-19 07:28:01 +00:00
vm vfs: drop the error parameter from vn_isdisk, introduce vn_isdisk_error 2020-08-19 02:51:17 +00:00
x86 Export a routine to provide the TSC_AUX MSR value and use this in vmm. 2020-08-18 11:36:38 +00:00
xdr Split XDR into separate kernel module. Make krpc depend on xdr. 2020-04-17 06:04:20 +00:00
xen Mark more nodes as CTLFLAG_MPSAFE or CTLFLAG_NEEDGIANT (16 of many) 2020-02-25 19:04:39 +00:00
Makefile