[PATCH] Enable TCP offload support on tls connecitons
Maxim Dounin
mdounin at mdounin.ru
Wed Jul 29 14:18:15 UTC 2020
Hello!
On Wed, Jul 29, 2020 at 02:44:06PM +0530, Rohit Maheshwari wrote:
> # HG changeset patch
> # User Rohit Maheshwari <rohitm at chelsio.com>
> # Date 1595354862 -19800
> # Tue Jul 21 23:37:42 2020 +0530
> # Node ID 32c7a0088f6d259163bb2820db0b44d36659b333
> # Parent 32a343635b50662979975e1204417bb1fc7e1b1f
> Enable TCP offload support on tls connecitons
>
> Linux provides feasibility to enable TOE BYPASS iff setsockopt
> of type TCP_ULP is called just after socket creation. After that
> only, driver can register its TCP callbacks and move to TCP
> listen.
For TLS connections, setsockopt(TCP_ULP, "tls") is expected to be
called by the SSL layer. You may want to elaborate more on why
you are trying to call it on all connections instead.
>
> diff -r 32a343635b50 -r 32c7a0088f6d src/core/ngx_connection.c
> --- a/src/core/ngx_connection.c Thu Jul 09 16:21:37 2020 +0300
> +++ b/src/core/ngx_connection.c Tue Jul 21 23:37:42 2020 +0530
> @@ -495,6 +495,10 @@ ngx_open_listening_sockets(ngx_cycle_t *
> return NGX_ERROR;
> }
>
> +#if (NGX_LINUX && NGX_TOE)
> + setsockopt(s, SOL_TCP, TCP_ULP, "tls", sizeof("tls"));
> +#endif
> +
> if (setsockopt(s, SOL_SOCKET, SO_REUSEADDR,
> (const void *) &reuseaddr, sizeof(int))
> == -1)
> diff -r 32a343635b50 -r 32c7a0088f6d src/core/ngx_resolver.c
> --- a/src/core/ngx_resolver.c Thu Jul 09 16:21:37 2020 +0300
> +++ b/src/core/ngx_resolver.c Tue Jul 21 23:37:42 2020 +0530
> @@ -4502,6 +4502,10 @@ ngx_tcp_connect(ngx_resolver_connection_
> return NGX_ERROR;
> }
>
> +#if (NGX_LINUX && NGX_TOE)
> + setsockopt(s, SOL_TCP, TCP_ULP, "tls", sizeof("tls"));
> +#endif
> +
> c = ngx_get_connection(s, &rec->log);
>
> if (c == NULL) {
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel
--
Maxim Dounin
http://mdounin.ru/
More information about the nginx-devel
mailing list