From nobody Fri Apr 12 21:31:30 2024
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VGVBB4M6lz5G9PB;
	Fri, 12 Apr 2024 21:31:30 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4VGVBB2blkz4jkX;
	Fri, 12 Apr 2024 21:31:30 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1712957490;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=p37EE+Zb98vUxQxmZDxcPyPiKwo1Buw4bLqWIlPimkc=;
	b=q49FkNySL/URGnGqk8JlX/HzOElkDXxfy+MGFC+w+fZO1tnyLP5OcPO1hPMSBsbsu6Srqf
	WsWeX+3hhh9oE6ljkkRdjeXuSF5KqwBQPWs8JOfJfANnDDjTEi8RTbCk0KqZPW2rbDDUG8
	GeE7ExDaxpJgVAaBN12FgZaf/v2yVA2UtyUlCN/lAmtprSVMrX1h2Ai3/3roYMM33Davdp
	nmlBo4Eko7yfXJGI96LM+4/LtFlYjxIWUjIG40ckw7FqN5Fq/hnf6/MxkI3/vH42KcQca2
	m4VEaICIfeN+zeTV8sS8Ia+3VPQHzfl1s2dI07QoqjAnvtJEPmGp6h63xzqlSQ==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1712957490; a=rsa-sha256; cv=none;
	b=oV82pxOHv+/VpPDdIdKlej+IBaGcKpdnMpkXAqq63utYj/BdHQuy/lOpswyGwMgiYjQW9Q
	U71HBEJdLqpLYN2W+wugzVnZstrMnljkr2X5vGydL6jb1uVqBEQB8JXsb7zH0xfpEDjnIY
	EcMJ1a037XsXfWW3fLyTaNKYoyaQ6gl00+KVLxE7FkhSSl26zAcTTxdJ3iMveGTqFuUHr5
	gCAKfclq39ncs9061Nwd0LhDzb2yXREuRJU6+m0oNAIRjoOVBpKWskTCNXJW22JcRYgm+H
	D2QmyxHX2aqnjahJUfWIreZer3LvF9lJQkJd7Td8r3yE2Juyzza//5lz8sny9Q==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1712957490;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=p37EE+Zb98vUxQxmZDxcPyPiKwo1Buw4bLqWIlPimkc=;
	b=pzYMlGxOkj47AmT3kzvSRP/fVGA4fUgR/fSU5WfaazziEy5scC2mSG2yLxx+2/xb14aD9w
	UwRzeoJdHK28JeNnyRZ2ZomGeCnlQFppsNzIRoUuEtk6JHKTQBC08BS3/TaMZrrk8YTpFf
	79FEV/mYaT7sr7kY+bLJgiRHUU/StQvkPnPXZtXGAXTR5ANxb6IBmmic9SBbXhcTMu6cZi
	n2RzntK02GrxDzKJim7CLPtOnO0mNK/Tl5aS7WmJdiQe9lY4sBOxxHzFXF2eBtxUITtm7S
	8TeIlm8wz2t3KOQxtnzMo0r1tHEFiwMQk6c3IEO6ecVpYO8U/qPaVHphYAXJOA==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4VGVBB2CgRz15Qn;
	Fri, 12 Apr 2024 21:31:30 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 43CLVU9f011834;
	Fri, 12 Apr 2024 21:31:30 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 43CLVU3E011831;
	Fri, 12 Apr 2024 21:31:30 GMT
	(envelope-from git)
Date: Fri, 12 Apr 2024 21:31:30 GMT
Message-Id: <202404122131.43CLVU3E011831@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: John Baldwin <jhb@FreeBSD.org>
Subject: git: 260d7b58547e - stable/14 - NFS: Request use of
  TCP_USE_DDP for in-kernel TCP sockets
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-all@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: jhb
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/14
X-Git-Reftype: branch
X-Git-Commit: 260d7b58547e150e3751bb786e97b15ff049f2e8
Auto-Submitted: auto-generated

The branch stable/14 has been updated by jhb:

URL: https://cgit.FreeBSD.org/src/commit/?id=260d7b58547e150e3751bb786e97b15ff049f2e8

commit 260d7b58547e150e3751bb786e97b15ff049f2e8
Author:     John Baldwin <jhb@FreeBSD.org>
AuthorDate: 2024-03-20 22:29:51 +0000
Commit:     John Baldwin <jhb@FreeBSD.org>
CommitDate: 2024-04-12 19:25:27 +0000

    NFS: Request use of TCP_USE_DDP for in-kernel TCP sockets
    
    Since this is an optimization, ignore failures to enable the option.
    
    For the server side, defer enabling DDP until the first non-NULLPROC
    RPC is received.  This allows TLS handling (which uses NULLPROC RPCs)
    to enable TLS offload first.
    
    Reviewed by:    rmacklem
    Sponsored by:   Chelsio Communications
    Differential Revision:  https://reviews.freebsd.org/D44002
    
    (cherry picked from commit a16ff32f04b5b891a2d9b0427a2fd9c48e866da3)
---
 sys/rpc/clnt_rc.c |  8 ++++++++
 sys/rpc/svc.c     | 20 ++++++++++++++++++++
 sys/rpc/svc.h     |  1 +
 3 files changed, 29 insertions(+)

diff --git a/sys/rpc/clnt_rc.c b/sys/rpc/clnt_rc.c
index fbd471ea6f5e..73a9e2631b7b 100644
--- a/sys/rpc/clnt_rc.c
+++ b/sys/rpc/clnt_rc.c
@@ -43,6 +43,8 @@
 #include <sys/time.h>
 #include <sys/uio.h>
 
+#include <netinet/tcp.h>
+
 #include <rpc/rpc.h>
 #include <rpc/rpc_com.h>
 #include <rpc/krpc.h>
@@ -213,6 +215,12 @@ clnt_reconnect_connect(CLIENT *cl)
 				goto out;
 			}
 		}
+		if (newclient != NULL) {
+			int optval = 1;
+
+			(void)so_setsockopt(so, IPPROTO_TCP, TCP_USE_DDP,
+			    &optval, sizeof(optval));
+		}
 		if (newclient != NULL && rc->rc_reconcall != NULL)
 			(*rc->rc_reconcall)(newclient, rc->rc_reconarg,
 			    rc->rc_ucred);
diff --git a/sys/rpc/svc.c b/sys/rpc/svc.c
index 848e719a7cca..6d19a0b1ea7d 100644
--- a/sys/rpc/svc.c
+++ b/sys/rpc/svc.c
@@ -54,6 +54,7 @@ static char *sccsid = "@(#)svc.c	2.4 88/08/11 4.0 RPCSRC";
 #include <sys/mbuf.h>
 #include <sys/mutex.h>
 #include <sys/proc.h>
+#include <sys/protosw.h>
 #include <sys/queue.h>
 #include <sys/socketvar.h>
 #include <sys/systm.h>
@@ -61,6 +62,8 @@ static char *sccsid = "@(#)svc.c	2.4 88/08/11 4.0 RPCSRC";
 #include <sys/sx.h>
 #include <sys/ucred.h>
 
+#include <netinet/tcp.h>
+
 #include <rpc/rpc.h>
 #include <rpc/rpcb_clnt.h>
 #include <rpc/replay.h>
@@ -991,6 +994,23 @@ svc_getreq(SVCXPRT *xprt, struct svc_req **rqstp_ret)
 			goto call_done;
 		}
 
+		/*
+		 * Defer enabling DDP until the first non-NULLPROC RPC
+		 * is received to allow STARTTLS authentication to
+		 * enable TLS offload first.
+		 */
+		if (xprt->xp_doneddp == 0 && r->rq_proc != NULLPROC &&
+		    atomic_cmpset_int(&xprt->xp_doneddp, 0, 1)) {
+			if (xprt->xp_socket->so_proto->pr_protocol ==
+			    IPPROTO_TCP) {
+				int optval = 1;
+
+				(void)so_setsockopt(xprt->xp_socket,
+				    IPPROTO_TCP, TCP_USE_DDP, &optval,
+				    sizeof(optval));
+			}
+		}
+
 		/*
 		 * Everything checks out, return request to caller.
 		 */
diff --git a/sys/rpc/svc.h b/sys/rpc/svc.h
index 9eaf972c097b..b240e75afdb0 100644
--- a/sys/rpc/svc.h
+++ b/sys/rpc/svc.h
@@ -188,6 +188,7 @@ typedef struct __rpc_svcxprt {
 	int		xp_ngrps;	/* Cred. from TLS cert. */
 	uid_t		xp_uid;
 	gid_t		*xp_gidp;
+	int		xp_doneddp;
 #else
 	int		xp_fd;
 	u_short		xp_port;	 /* associated port number */