D29515.id87058.diff
No OneTemporary
Actions

Size

4 KB

Referenced Files

None

Subscribers

None

D29515.id87058.diff
View Options

	diff --git a/share/man/man4/tcp.4 b/share/man/man4/tcp.4
	--- a/share/man/man4/tcp.4
	+++ b/share/man/man4/tcp.4
	@@ -34,7 +34,7 @@
	.\" From: @(#)tcp.4 8.1 (Berkeley) 6/5/93
	.\" $FreeBSD$
	.\"
	-.Dd February 13, 2021
	+.Dd April 8, 2021
	.Dt TCP 4
	.Os
	.Sh NAME
	@@ -628,7 +628,6 @@
	Enable support for TCP Explicit Congestion Notification (ECN).
	ECN allows a TCP sender to reduce the transmission rate in order to
	avoid packet drops.
	-Settings:
	.Bl -tag -compact
	.It 0
	Disable ECN.
	@@ -638,6 +637,7 @@
	.It 2
	Allow incoming connections to request ECN.
	Outgoing connections will not request ECN.
	+(default)
	.El
	.It Va ecn.maxretries
	Number of retries (SYN or SYN/ACK retransmits) before disabling ECN on a
	@@ -674,6 +674,54 @@
	MSS to try for IPv4 if PMTU blackhole detection is turned on.
	.It Va v6pmtud_blackhole_mss
	MSS to try for IPv6 if PMTU blackhole detection is turned on.
	+.It Va hostcache.enable
	+The TCP host cache is used to cache connection details and metrics to
	+improve future performance of connections between the same hosts.
	+At the completion of a TCP connection, a host will cache information
	+for the connection for some defined period of time.
	+.Bl -tag -compact
	+.It 0
	+Disable the host cache.
	+.It 1
	+Enable the host cache. (default)
	+.It Va hostcache.purgenow
	+Immediately purge all entries once set to any value.
	+Setting this to 2 will also reseed the hash salt.
	+.It Va hostcache.purge
	+Expire all entires on next pruning of host cache entries.
	+Any non-zero setting will be reset to zero, once the pruge
	+is running.
	+.Bl -tag -compact
	+.It 0
	+Do not purge all entries when pruning the host cache. (default)
	+.It 1
	+Purge all entries when doing the next pruning.
	+.It 2
	+Purge all entries, and also reseed the hash salt.
	+.It Va hostcache.prune
	+Time in seconds between pruning expired host cache entries.
	+Defaults to 300 (5 minutes).
	+.It Va hostcache.expire
	+Time in seconds, how long a entry should be kept in the
	+host cache since last accessed.
	+Defaults to 3600 (1 hour).
	+.It Va hostcache.count
	+The current number of entries in the host cache.
	+.It Va hostcache.bucketlimit
	+The maximum number of entries for the same hash.
	+Defaults to 30.
	+.It Va hostcache.hashsize
	+Size of TCP hostcache hashtable.
	+This number has to be a power of two, or will be rejected.
	+Defaults to 512.
	+.It Va hostcache.cachelimit
	+Overall entry limit for hostcache.
	+Defaults to hashsize * bucketlimit.
	+.It Va hostcache.histo
	+Provide a Histogram of the hostcache hash utilization.
	+.It Va hostcache.list
	+Provide a complete list of all current entries in the host
	+cache.
	.It Va functions_available
	List of available TCP function blocks (TCP stacks).
	.It Va functions_default
	diff --git a/sys/netinet/tcp_hostcache.c b/sys/netinet/tcp_hostcache.c
	--- a/sys/netinet/tcp_hostcache.c
	+++ b/sys/netinet/tcp_hostcache.c
	@@ -71,6 +71,7 @@

	#include <sys/param.h>
	#include <sys/systm.h>
	+#include <sys/hash.h>
	#include <sys/jail.h>
	#include <sys/kernel.h>
	#include <sys/lock.h>
	@@ -127,6 +128,7 @@
	uma_zone_t zone;
	u_int hashsize;
	u_int hashmask;
	+ u_int hashsalt;
	u_int bucket_limit;
	u_int cache_count;
	u_int cache_limit;
	@@ -210,16 +212,14 @@

	static MALLOC_DEFINE(M_HOSTCACHE, "hostcache", "TCP hostcache");

	+/* Use jenkins_hash32(), as in other parts of the tcp stack */
	#define HOSTCACHE_HASH(ip) \
	- (((ip)->s_addr ^ ((ip)->s_addr >> 7) ^ ((ip)->s_addr >> 17)) & \
	- V_tcp_hostcache.hashmask)
	+ (jenkins_hash32((uint32_t *)(ip), 1, V_tcp_hostcache.hashsalt) & \
	+ V_tcp_hostcache.hashmask)

	-/* XXX: What is the recommended hash to get good entropy for IPv6 addresses? */
	#define HOSTCACHE_HASH6(ip6) \
	- (((ip6)->s6_addr32[0] ^ \
	- (ip6)->s6_addr32[1] ^ \
	- (ip6)->s6_addr32[2] ^ \
	- (ip6)->s6_addr32[3]) & \
	+ (jenkins_hash32((uint32_t *)&((ip6)->s6_addr32[0]), 4, \
	+ V_tcp_hostcache.hashsalt) & \
	V_tcp_hostcache.hashmask)

	#define THC_LOCK(lp) mtx_lock(lp)
	@@ -239,6 +239,7 @@
	V_tcp_hostcache.bucket_limit = TCP_HOSTCACHE_BUCKETLIMIT;
	V_tcp_hostcache.expire = TCP_HOSTCACHE_EXPIRE;
	V_tcp_hostcache.prune = TCP_HOSTCACHE_PRUNE;
	+ V_tcp_hostcache.hashsalt = arc4random();

	TUNABLE_INT_FETCH("net.inet.tcp.hostcache.hashsize",
	&V_tcp_hostcache.hashsize);
	@@ -836,6 +837,8 @@
	int all = 0;

	if (V_tcp_hostcache.purgeall) {
	+ if (V_tcp_hostcache.purgeall == 2)
	+ V_tcp_hostcache.hashsalt = arc4random();
	all = 1;
	V_tcp_hostcache.purgeall = 0;
	}
	@@ -860,6 +863,8 @@
	if (error \|\| !req->newptr)
	return (error);

	+ if (val == 2)
	+ V_tcp_hostcache.hashsalt = arc4random();
	tcp_hc_purge_internal(1);

	callout_reset(&V_tcp_hc_callout, V_tcp_hostcache.prune * hz,

File Metadata

Mime Type: text/plain
Expires: Fri, Nov 22, 7:11 PM (7 h, 29 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 14782181
Default Alt Text: D29515.id87058.diff (4 KB)

D29515.id87058.diffNo OneTemporaryActions

D29515.id87058.diffView Options

File Metadata

Event Timeline

D29515.id87058.diff
No OneTemporary
Actions

D29515.id87058.diff
View Options