Page MenuHomeFreeBSD
Feed Advanced Search

Thu, Oct 10

gallatin added inline comments to D21959: introduce new 'ice' driver for Intel E800 Ethernet controllers.
Thu, Oct 10, 12:07 PM
gallatin added a comment to D21959: introduce new 'ice' driver for Intel E800 Ethernet controllers.

I just looked for a short time.. more comments later..

Thu, Oct 10, 12:00 AM

Wed, Oct 9

gallatin accepted D21868: e1000: correctly set isc_pause_frames only when XOFF increases.
Wed, Oct 9, 8:47 PM
gallatin accepted D21869: ix: report isc_pause_frames during stat update.
Wed, Oct 9, 8:46 PM
gallatin added inline comments to D21869: ix: report isc_pause_frames during stat update.
Wed, Oct 9, 8:21 PM
gallatin accepted D21870: ixl: report whether device received pause frames.
Wed, Oct 9, 8:13 PM

Tue, Oct 8

gallatin added a comment to D21712: iflib: Prevent watchdog from resetting idle queues.

Yes, I meant adding a KASSERT or at least a comment.

Tue, Oct 8, 10:47 PM
gallatin accepted D21943: Correct and final KPI to traverse through interface address lists for drivers.Removal of not stack allocated epoch_tracker..

I like this a lot. Note that I only looked at mxge and a few iflib drivers.

Tue, Oct 8, 5:59 PM

Mon, Oct 7

gallatin accepted D21891: Add support for KTLS via the TOE on Chelsio's T6 adapters..
Mon, Oct 7, 8:21 PM

Sun, Oct 6

gallatin accepted D21179: Add header definition for RFC4340, Datagram Congestion Control Protocol.
Sun, Oct 6, 6:32 PM

Thu, Oct 3

gallatin added inline comments to D21891: Add support for KTLS via the TOE on Chelsio's T6 adapters..
Thu, Oct 3, 11:15 PM

Tue, Oct 1

gallatin updated the diff for D21857: KTLS intel isa-l : Rework TLS 1.3 support.

Moved PORTREVISION down a line to fix portlint complaint as pointed out by jhb

Tue, Oct 1, 6:09 PM
gallatin created D21857: KTLS intel isa-l : Rework TLS 1.3 support.
Tue, Oct 1, 5:51 PM

Sun, Sep 29

gallatin accepted D21831: Add IFLIB_SINGLE_IRQ_RX_ONLY..
Sun, Sep 29, 1:42 PM

Sat, Sep 28

gallatin added a comment to D21122: Proof-of-concept hack: remove mp_ring from TX path.

Sat, Sep 28, 7:53 PM
gallatin added a comment to D21122: Proof-of-concept hack: remove mp_ring from TX path.

In my tests of UDP transmit using N copies of netperf on a 14c/28t Xeon E5-2697 v3 (haswell) using a 40Gbe ixl, I see nearly a 100% performance improvement (eg, double the packet rate) as compared to using mp_ring. In fact, for a single-threaded test the packet rate is 4x what it is for mp_ring with tx-abdicate enabled.

Sat, Sep 28, 7:50 PM

Fri, Sep 27

gallatin added a comment to D21796: Fix a sw ktls bug where we would never encrypt anonymous data in place.

Applied suggested changes prior to committing.

Fri, Sep 27, 8:11 PM
gallatin committed rS352816: kTLS: Fix a bug where we would not encrypt anon data inplace..
kTLS: Fix a bug where we would not encrypt anon data inplace.
Fri, Sep 27, 8:09 PM
gallatin closed D21796: Fix a sw ktls bug where we would never encrypt anonymous data in place.
Fri, Sep 27, 8:08 PM
gallatin added a comment to D19111: Summary: widen net_epoch coverage up to all packet processing.

@gallatin: Network drivers can also use worker threads instead of IRQ's to process packets. Especially USB network devices.

Fri, Sep 27, 7:46 PM
gallatin added a comment to D21801: kernel support for TLS 1.3.
In D21801#476448, @jhb wrote:

Actually, we need to update the logic that populates the TLS header to stop writing the 8 byte nonce for GCM for 1.3 in ktls_seq? It probably doesn't hurt for it to stay, but it would be cleaner if we removed it. I've actually thought about reworking what we do anyway. The 8 byte nonce doesn't have to be the sequence number, it just has to be unique per record. OpenSSL picks a random 8 byte value and increments it. We could actually do the something similar and generate the TLS header always in ktls_frame(). We would generate an 8 byte random value that is saved in the TLS session when it is created and just increment it for each record that is framed. There's no requirement that the nonce's be monotonically increasing, etc. just unique per record. This would simplify ktls_seq() and would make the 1.3 vs 1.2 handling a bit clearer.

Fri, Sep 27, 7:37 PM
gallatin updated the diff for D21446: New port: security/ktls_isa-l_crypto..

Re-submit diff with -U999999 for full context.

Fri, Sep 27, 7:22 PM
gallatin updated the diff for D21446: New port: security/ktls_isa-l_crypto..

Updated the port to handle TLS 1.3

Fri, Sep 27, 7:20 PM
gallatin committed rS352814: kTLS support for TLS 1.3.
kTLS support for TLS 1.3
Fri, Sep 27, 7:18 PM
gallatin closed D21801: kernel support for TLS 1.3.
Fri, Sep 27, 7:18 PM
gallatin added a comment to D21801: kernel support for TLS 1.3.

Applied suggested changes in what I'm about to commit.

Fri, Sep 27, 7:14 PM
gallatin added reviewers for D21797: Add IFCAP_NOMAP to iflib: erj, marius.
Fri, Sep 27, 4:51 PM

Thu, Sep 26

gallatin accepted D19111: Summary: widen net_epoch coverage up to all packet processing.
Thu, Sep 26, 11:26 PM
gallatin updated the diff for D21446: New port: security/ktls_isa-l_crypto..
  • I've taken linimon's changes from bugzilla
  • I've hooked the port to the Makefile in the parent
Thu, Sep 26, 7:07 PM
gallatin commandeered D21446: New port: security/ktls_isa-l_crypto..
Thu, Sep 26, 7:05 PM
gallatin updated the diff for D21801: kernel support for TLS 1.3.

Updated to address feedback from Hans:

  • add comment that record_type must be first in the union
  • added a constant for the 1.3 GCM iv len and checked it where we check it for 1.2
Thu, Sep 26, 2:38 PM
gallatin accepted D21616: Replace MD5 by SipHash as TCP keyed hash function.

I tested this, and it performed well and worked fine.

Thu, Sep 26, 2:13 PM
gallatin created D21801: kernel support for TLS 1.3.
Thu, Sep 26, 1:57 PM
gallatin created D21797: Add IFCAP_NOMAP to iflib.
Thu, Sep 26, 12:47 AM

Wed, Sep 25

gallatin created D21796: Fix a sw ktls bug where we would never encrypt anonymous data in place.
Wed, Sep 25, 10:36 PM

Fri, Sep 20

gallatin added a comment to D21712: iflib: Prevent watchdog from resetting idle queues.

Would it make sense then to assert that the link is down?

Fri, Sep 20, 2:55 PM
gallatin committed rS352552: remove redundant "ktls" in KTLS thr name.
remove redundant "ktls" in KTLS thr name
Fri, Sep 20, 9:36 AM
gallatin added a comment to D21712: iflib: Prevent watchdog from resetting idle queues.

I'm not sure, but I think the only way this can happen is when the link is down. Is that the caee here?

Fri, Sep 20, 8:27 AM
gallatin accepted D21711: iflib: Remove redundant VLAN events deregistration.
Fri, Sep 20, 8:15 AM

Sep 17 2019

gallatin added a comment to D21122: Proof-of-concept hack: remove mp_ring from TX path.

Uncrappy is nice. But if we've got lock contention, it would be nice to know why.

Sep 17 2019, 7:17 PM
gallatin added a comment to D21122: Proof-of-concept hack: remove mp_ring from TX path.
Sep 17 2019, 12:39 PM

Sep 16 2019

gallatin accepted D21644: During SYN floods, fallback exclusively to SYN cookies for a small period.
Sep 16 2019, 12:18 PM

Sep 14 2019

gallatin added a comment to D21636: Filter TCP connections to SO_REUSEPORT_LB listen sockets by NUMA domain.

This isn't worth much consternation but I do wonder if we can try to limit the proliferation of these sockopts. For instance, if you generalize the existing _LB to take a generic integer arg, would that and cpuset achieve the same effect (and generalize to however people want to use those numbered groups?)

Sep 14 2019, 9:56 PM

Sep 13 2019

gallatin added inline comments to D21644: During SYN floods, fallback exclusively to SYN cookies for a small period.
Sep 13 2019, 10:21 PM
gallatin created D21648: ktls: NUMA awareness.
Sep 13 2019, 8:07 PM
gallatin added inline comments to D21636: Filter TCP connections to SO_REUSEPORT_LB listen sockets by NUMA domain.
Sep 13 2019, 6:53 PM
gallatin updated the diff for D21636: Filter TCP connections to SO_REUSEPORT_LB listen sockets by NUMA domain.
  • Fixed line wrap issues pointed out by igor
Sep 13 2019, 6:53 PM
gallatin added inline comments to D21636: Filter TCP connections to SO_REUSEPORT_LB listen sockets by NUMA domain.
Sep 13 2019, 6:01 PM
gallatin updated the diff for D21636: Filter TCP connections to SO_REUSEPORT_LB listen sockets by NUMA domain.

Address bz's concerns:

  • Shorten lines in man page
  • Make numa_domain consistently uint8_t
  • simplify logic in places
  • fix some style errors
Sep 13 2019, 6:00 PM
gallatin created D21636: Filter TCP connections to SO_REUSEPORT_LB listen sockets by NUMA domain.
Sep 13 2019, 2:24 PM

Sep 11 2019

gallatin committed rS352228: Avoid unneeded call to arc4random() in syncache_add().
Avoid unneeded call to arc4random() in syncache_add()
Sep 11 2019, 6:48 PM
gallatin closed D21591: avoid unneeded call to arc4random() in syncache_add().
Sep 11 2019, 6:48 PM

Sep 10 2019

gallatin created D21591: avoid unneeded call to arc4random() in syncache_add().
Sep 10 2019, 7:47 PM

Aug 30 2019

D21446: New port: security/ktls_isa-l_crypto. is now accepted and ready to land.
Aug 30 2019, 1:46 PM

Aug 27 2019

gallatin added a comment to D21122: Proof-of-concept hack: remove mp_ring from TX path.
Aug 27 2019, 12:27 AM

Aug 23 2019

gallatin accepted D21277: Add kernel-side support for in-kernel TLS..
Aug 23 2019, 11:39 PM

Aug 21 2019

D21127: Final prep patch for BBR is now accepted and ready to land.
Aug 21 2019, 12:42 PM

Aug 18 2019

D21242: Reallocate pcpu area on the correct domain. now requires changes to proceed.
Aug 18 2019, 7:52 PM

Aug 16 2019

gallatin added inline comments to D21277: Add kernel-side support for in-kernel TLS..
Aug 16 2019, 6:59 PM
gallatin added a comment to D21122: Proof-of-concept hack: remove mp_ring from TX path.

On another hardware (Atom 4cores):

x inet4 forwarding of small packet size, bypass_mpring=0 in packets-per-second
+ inet4 forwarding of small packet size, bypass_mpring=1 in packets-per-second
+--------------------------------------------------------------------------+
|+                              +  ++  +                x           x x x  |
|                                                          |______A__M____||
|            |_______________A_____M________|                              |
+--------------------------------------------------------------------------+
    N           Min           Max        Median           Avg        Stddev
x   4      927858.5        983285        971934     963752.88      24606.11
+   5        749042        872241        859294      839484.8     51106.313
Difference at 95.0% confidence
        -124268 +/- 66405
        -12.8942% +/- 6.76603%
        (Student's t, pooled s = 41856.6)

Bigger impact her: -12%

Aug 16 2019, 12:44 PM

Aug 15 2019

D21251: Add phys_avail allocation routines. is now accepted and ready to land.
Aug 15 2019, 12:14 AM

Aug 2 2019

gallatin committed rS350527: MFC r350245.
MFC r350245
Aug 2 2019, 12:13 AM

Jul 24 2019

D21041: net: Update SFF-8024 definitions and strings with values from rev 4.6 is now accepted and ready to land.
Jul 24 2019, 8:51 PM ยท network
D21003: iflib: fix dangling device softc pointer is now accepted and ready to land.
Jul 24 2019, 8:48 PM

Jul 23 2019

gallatin added a comment to D18028: Add support for Intel Speed Shift.

Oh, and in the documentation, it would be handy to note that BIOSes will sometimes disable this functionality and you may need to enable or disable certain common settings in the BIOS.

Jul 23 2019, 8:13 PM
gallatin added a comment to D18028: Add support for Intel Speed Shift.

I just cherry picked this into my tree to try on some servers. As a *USER*, I have the following comments:

Jul 23 2019, 8:11 PM
gallatin committed rS350245: pciconf: report PCI Gen4 speeds.
pciconf: report PCI Gen4 speeds
Jul 23 2019, 4:28 PM

Jul 12 2019

D20929: Add a UMA option to support cross domain frees while preserving locality for first-touch zones. is now accepted and ready to land.
Jul 12 2019, 12:28 PM

Jul 3 2019

D20839: Use unmapped (M_NOMAP) mbufs for zero-copy AIO writes via TOE. is now accepted and ready to land.
Jul 3 2019, 1:26 PM

Jun 28 2019

gallatin added inline comments to D20616: Add a new external mbuf type that holds multiple unmapped pages..
Jun 28 2019, 1:26 PM
gallatin accepted D20616: Add a new external mbuf type that holds multiple unmapped pages..
Jun 28 2019, 12:39 PM

Jun 24 2019

gallatin added reviewers for D20616: Add a new external mbuf type that holds multiple unmapped pages.: hselasky, slavash.
Jun 24 2019, 3:28 PM

Jun 22 2019

gallatin added inline comments to D20616: Add a new external mbuf type that holds multiple unmapped pages..
Jun 22 2019, 6:10 PM

Jun 12 2019

gallatin accepted D20617: Reject attempts to register a TCP stack being unloaded..
Jun 12 2019, 1:48 PM

Jun 5 2019

gallatin added a comment to D20525: Support MSI-X for passthrough devices with a separate PBA BAR..

Just wanted to chime in and say that this, in combination with https://reviews.freebsd.org/D20523, allows me to pass an add-in USB XHCI controller to a guest. Before this patch, bhyve would abort when passing through the problematic controller.

Jun 5 2019, 5:33 PM
gallatin added a comment to D20523: Don't simulate PBA access if the PBA is in a separate BAR..

Just wanted to chime in that this, in combination with https://reviews.freebsd.org/D20525, allows me to pass through an add-in USB XHCI controller to a guest OS. Before this patch, bhyve would segv.

Jun 5 2019, 5:32 PM

May 24 2019

gallatin accepted D20396: Missing "else" in cascaded condition (if).

I tend to think that neither of these is actually a problem, since in both cases, if the "if" is taken, we return or jump. But the fix seems harmless.

May 24 2019, 1:13 PM

May 22 2019

gallatin committed rS348109: x86 MCA: introduce MCA hooks for different vendor implementations.
x86 MCA: introduce MCA hooks for different vendor implementations
May 22 2019, 1:44 PM
gallatin accepted D20117: Restructure mbuf send tags to provide stronger guarantees..
May 22 2019, 12:13 AM

May 11 2019

gallatin accepted D20117: Restructure mbuf send tags to provide stronger guarantees..
May 11 2019, 12:52 PM

May 10 2019

gallatin committed rS347430: Bind TCP HPTS (pacer) threads to NUMA domains.
Bind TCP HPTS (pacer) threads to NUMA domains
May 10 2019, 1:41 PM
gallatin closed D20134: Bind TCP HPTS (pacer) threads to NUMA domains.
May 10 2019, 1:41 PM
gallatin accepted D20221: iflib: provide probe wrapper for vendor drivers.
May 10 2019, 12:20 PM

May 9 2019

gallatin committed rS347410: Remove IPSEC from GENERIC due to performance issues.
Remove IPSEC from GENERIC due to performance issues
May 9 2019, 10:38 PM
gallatin closed D20163: Remove IPSEC from GENERIC due to performance issues.
May 9 2019, 10:38 PM
gallatin added a reviewer for D20163: Remove IPSEC from GENERIC due to performance issues: cy.
May 9 2019, 12:33 PM

May 8 2019

gallatin added a member for iflib: gallatin.
May 8 2019, 6:19 PM
gallatin added a comment to D20163: Remove IPSEC from GENERIC due to performance issues.
In D20163#434567, @jhb wrote:

FWIW, my limited testing of IPsec doesn't use if_ipsec, but instead I used setkey. I think having the rc.d scripts for 'ipsec_enable' autoloading ipsec.ko is reasonable. Maybe if there are ports scripts for IKE daemons (raccoon, strongswan?) those rc.d scripts should also try to load modules they need.

May 8 2019, 5:54 PM

May 6 2019

gallatin accepted D20169: Make if_enc and if_ipsec kernel modules loadable by ifconfig(8).

Thank you!

May 6 2019, 1:17 PM
gallatin added a comment to D20163: Remove IPSEC from GENERIC due to performance issues.
In D20163#434345, @cem wrote:

No objection to moving IPSEC out of GENERIC (but continuing to build it as a module). Check with gnn@, as he originally added it.
I agree that teaching ifconfig about ipsec (option 1) seems the most straightforward way to provide compatibility through that interface.

May 6 2019, 1:17 PM
gallatin added a reviewer for D20163: Remove IPSEC from GENERIC due to performance issues: gnn.
May 6 2019, 1:16 PM

May 5 2019

gallatin added a comment to D20163: Remove IPSEC from GENERIC due to performance issues.

To make this change less painful for users, it seems like we should enable ifconfig to auto-load ipsec when ifconfig is invoked with ipsecX. ifconfig will currently try to load if_ipsec, and this does not work because the kernel module is ipsec.ko. So it seems like there are 3 obvious workarounds:

May 5 2019, 6:52 PM
gallatin created D20163: Remove IPSEC from GENERIC due to performance issues.
May 5 2019, 6:48 PM

May 3 2019

gallatin committed rS347055: Select lacp egress ports based on NUMA domain.
Select lacp egress ports based on NUMA domain
May 3 2019, 2:43 PM
gallatin closed D20060: Select lacp egress ports based on NUMA domain.
May 3 2019, 2:43 PM

May 2 2019

gallatin added inline comments to D20060: Select lacp egress ports based on NUMA domain.
May 2 2019, 11:40 PM
gallatin updated the diff for D20060: Select lacp egress ports based on NUMA domain.
  • Restored the fixes to the manpage formatting and xref's requested by markj (as noticed by bz)
  • Updated the date on the manpage as requested by bz (speculative date for now)
  • Changed ifdef / { matching as requested by bz
  • Changed net.link.lagg.default_use_numa init as requested by bz (i think)
  • Fixed printing of USE_NUMA flag in ifconfig, as noticed by me.
May 2 2019, 11:38 PM
gallatin added inline comments to D20060: Select lacp egress ports based on NUMA domain.
May 2 2019, 6:19 PM

May 1 2019

gallatin created D20134: Bind TCP HPTS (pacer) threads to NUMA domains.
May 1 2019, 11:09 PM
gallatin accepted D20117: Restructure mbuf send tags to provide stronger guarantees..
May 1 2019, 10:48 PM