Page MenuHomeFreeBSD

gallatin (Andrew Gallatin)
User

Projects

User Details

User Since
Jun 22 2015, 5:21 PM (278 w, 6 d)

Recent Activity

Thu, Oct 22

gallatin accepted D26691: Support hardware rate limiting (pacing) with TLS offload..
Thu, Oct 22, 2:39 PM
gallatin accepted D26875: Save the current TCP pacing rate in t_pacing_rate..
Thu, Oct 22, 2:38 PM

Mon, Oct 19

gallatin accepted D26821: Add a kernel crypto driver using assembly routines from OpenSSL..
Mon, Oct 19, 1:25 PM

Mon, Oct 12

gallatin accepted D26729: Permit sending empty fragments for TLS 1.0..
Mon, Oct 12, 8:02 PM

Sat, Oct 10

gallatin accepted D26730: Add support to the KTLS OCF module for AES-CBC MTE ciphersuites..

Awesome. Thank you!

Sat, Oct 10, 12:53 AM

Fri, Oct 9

gallatin added a comment to D26729: Permit sending empty fragments for TLS 1.0..

Can we add some __predict_false() to aid the compiler (and the reader) to know these are rare?

Fri, Oct 9, 11:59 PM
gallatin added a comment to D26691: Support hardware rate limiting (pacing) with TLS offload..

Looks good from mlx5_en_main.c's point of view.
@gallatin: Did you test this with mlx5en?

Fri, Oct 9, 1:26 PM

Thu, Oct 8

gallatin accepted D26691: Support hardware rate limiting (pacing) with TLS offload..
Thu, Oct 8, 3:36 PM

Tue, Oct 6

gallatin accepted D26690: Check if_capenable, not if_capabilities..
Tue, Oct 6, 1:51 PM

Mon, Oct 5

gallatin accepted D26689: Store the send tag type in the common send tag header..
Mon, Oct 5, 9:19 PM

Thu, Oct 1

gallatin accepted D26409: Add IP(V6)_VLAN_PCP to adjust 802.1 priority per-flow..

Thank you for making these changes.

Thu, Oct 1, 4:10 PM

Sep 25 2020

gallatin added a comment to D26409: Add IP(V6)_VLAN_PCP to adjust 802.1 priority per-flow..

So, how about moving the PCP to become part of the inpcb, and use IPPROTO sockopts instead. Sounds like that may be the better approach; doing this in the socket struct was "just" the easiest way to get a proof-of-concept running for various reasons... While the PCP is part of the (extended) Ethernet Header, there are no setsockopt Protos that deal with data on that level...

Sep 25 2020, 9:00 PM
gallatin added inline comments to D26409: Add IP(V6)_VLAN_PCP to adjust 802.1 priority per-flow..
Sep 25 2020, 6:48 PM
gallatin added a reviewer for D26409: Add IP(V6)_VLAN_PCP to adjust 802.1 priority per-flow.: rrs.
Sep 25 2020, 6:42 PM
gallatin added inline comments to D26409: Add IP(V6)_VLAN_PCP to adjust 802.1 priority per-flow..
Sep 25 2020, 4:30 PM

Sep 21 2020

gallatin closed D26103: TCP: remove special treatment for hardware (ifnet) TLS.
Sep 21 2020, 1:05 AM

Sep 11 2020

gallatin added a comment to D26340: run clang-format over vtfontcvt.c.

Is there a file which is already perfectly style(9) compliant? Is it this file?

Sep 11 2020, 5:40 PM

Sep 7 2020

gallatin added a comment to D26340: run clang-format over vtfontcvt.c.

What command line arguments, or other clang format configuration was used here?

Sep 7 2020, 11:16 PM

Sep 4 2020

gallatin accepted D26331: bbr: remove unused static function.
Sep 4 2020, 8:34 PM
gallatin accepted D26330: uipc_ktls: remove unused static function.
Sep 4 2020, 8:31 PM
gallatin committed rS365331: ktls: Check for a NULL send tag in ktls_cleanup().
ktls: Check for a NULL send tag in ktls_cleanup()
Sep 4 2020, 5:36 PM
gallatin added a comment to D26150: make m_getm2() resilient to zone_jumbop exhaustion.

Is there a possible side effect where if we now never do an M_WAITOK
alloc from zone_jumbop then we may not increase the zone size up to the
limit? As in, should there be a condition in here where we only convert
M_WAITOK to M_NOWAIT if we are actually near the limit? For example
should mb_reclaim arm this?

Sep 4 2020, 1:39 PM

Sep 1 2020

gallatin updated subscribers of D26261: Expand support for TLS protocols supported by KTLS..
Sep 1 2020, 12:52 AM

Aug 31 2020

gallatin committed rS364986: make m_getm2() resilient to zone_jumbop exhaustion.
make m_getm2() resilient to zone_jumbop exhaustion
Aug 31 2020, 1:54 PM
gallatin closed D26150: make m_getm2() resilient to zone_jumbop exhaustion.
Aug 31 2020, 1:53 PM

Aug 25 2020

gallatin requested changes to D6656: net/tso: use the most restrictive segment size to perform the calculations.

I mean DMA -> mbuf chain.

Aug 25 2020, 10:55 PM

Aug 24 2020

gallatin updated the diff for D26150: make m_getm2() resilient to zone_jumbop exhaustion.

Address markj's feedback:

Aug 24 2020, 8:53 PM

Aug 21 2020

gallatin requested review of D26150: make m_getm2() resilient to zone_jumbop exhaustion.
Aug 21 2020, 6:49 PM
gallatin committed rS364460: uma: record allocation failures due to zone limits.
uma: record allocation failures due to zone limits
Aug 21 2020, 6:32 PM

Aug 20 2020

gallatin added a comment to D6611: net: translate inbound checksum offloading flags to outbound when forwarding.
In D6611#580267, @jhb wrote:

I think one question is how can you really identify these packets? You can send a packet into a VM (e.g. via an if_tap interface from a localhost connection) but that VM might itself forward the packet internally to another interface that then heads out onto the wire. You can't really know that before you send the packet into the if_tap, and the VM itself doesn't know which interfaces are internal and which are not.

Aug 20 2020, 6:53 PM
gallatin added a comment to D26135: Introduce bus_dma_tag_create_device.

Do you have an update to BUS_DMA(9)? Sorry if I'm missing it just because there are so many files in the review..

Aug 20 2020, 4:06 PM

Aug 19 2020

gallatin committed rS364405: TCP: remove special treatment for hardware (ifnet) TLS.
TCP: remove special treatment for hardware (ifnet) TLS
Aug 19 2020, 5:59 PM

Aug 18 2020

gallatin added reviewers for D6656: net/tso: use the most restrictive segment size to perform the calculations: rrs, hselasky.
Aug 18 2020, 7:36 PM
gallatin added a comment to D6656: net/tso: use the most restrictive segment size to perform the calculations.

I'm confused. t_maxsegsize is basically the connection's MSS, eg, what the NIC is supposed to break the TSO into. However if_hw_tsomaxsegsize is the max size of the TSO to be broken up. Eg, on a NIC without oddball limitations, if_hw_tsomaxsegcount might be 64, if_hw_tsomaxsegsize might be 65535. That means that TSO is supposed to send a max of 64K down to the NIC, in a max of 64 packets. If t_maxseg is less than 1000, then we'd have to limit the TSO to 64 packets.

It seems like by restricting if_hw_tsomaxsegsize to t_maxseg, you're essentially turning off TSO, since you're only allowing one MSS to be sent at a time.

Ugh, I'm wrong. I was confusing t_tsomax with t_tsomaxsegsize. I forgot that some NICs are apparently so broken that they limit TSO seg sizes.

So this is correct? Or am I missing something else?

Aug 18 2020, 7:35 PM
gallatin added a comment to D6611: net: translate inbound checksum offloading flags to outbound when forwarding.

This will break some NICs (see comments on D6656 -- basically, if you're setting CSUM_TCP then you need to replace the TCP checksum with the pseudohdr checksum, and store the offset of the TCP header's checksum in csum_data).

The important question is: If the packet has already had its checksum checked, then the checksum is correct. Why not update the checksum normally and send the packet without checksum offload enabled?

Right, I think this (likely) an optimization only used by para-virtual nics. The problem here is that the guest receives a packet that has originated in the same box from a different guest, using a para-virtualized nic. Most para-virtualized nic implementations have an option to avoid calculating the checksum, since the actual hardware will calculate the checksum when the packet hits a physical wire.

In the case above however the packet never actually hit the wire, and thus there's no checksum calculated at all. Hence it would be helpful to have a way to internally forward such packets that have a correct checksum but that such checksum is not available anywhere. Having to calculate the checksum would unnecessarily slow things down, as we know the data is correct, just there's no checksum anywhere.

Isn't there a way to forward such kind of packets (correct packets that don't have the actual checksum anywhere)?

According to the mbuf(9) man using CSUM_DATA_VALID | CSUM_PSEUDO_HDR is the correct way to signal that a packet has been checksummed but that such value is not available in csum_data and instead contains 0xffff.

Aug 18 2020, 7:31 PM
gallatin requested review of D26103: TCP: remove special treatment for hardware (ifnet) TLS.
Aug 18 2020, 3:20 PM

Aug 16 2020

gallatin added inline comments to D6612: net: allow fast-forwarding TSO packets.
Aug 16 2020, 7:02 PM

Aug 15 2020

gallatin added a comment to D6656: net/tso: use the most restrictive segment size to perform the calculations.

I'm confused. t_maxsegsize is basically the connection's MSS, eg, what the NIC is supposed to break the TSO into. However if_hw_tsomaxsegsize is the max size of the TSO to be broken up. Eg, on a NIC without oddball limitations, if_hw_tsomaxsegcount might be 64, if_hw_tsomaxsegsize might be 65535. That means that TSO is supposed to send a max of 64K down to the NIC, in a max of 64 packets. If t_maxseg is less than 1000, then we'd have to limit the TSO to 64 packets.

It seems like by restricting if_hw_tsomaxsegsize to t_maxseg, you're essentially turning off TSO, since you're only allowing one MSS to be sent at a time.

Aug 15 2020, 7:49 PM
gallatin requested changes to D6611: net: translate inbound checksum offloading flags to outbound when forwarding.

This will break some NICs (see comments on D6656 -- basically, if you're setting CSUM_TCP then you need to replace the TCP checksum with the pseudohdr checksum, and store the offset of the TCP header's checksum in csum_data).

Aug 15 2020, 7:47 PM
gallatin requested changes to D6612: net: allow fast-forwarding TSO packets.

The TSO conventions for checksum offload is that we store the TCP pseudohdr checksum in the th->th_sum. This is done as an artifact of TCP checksum offload, however some NICs require this. This change will break those NICs unless you setup the checksum properly by

Aug 15 2020, 7:42 PM
gallatin added a comment to D6612: net: allow fast-forwarding TSO packets.

What device is setting up the TSO flags on incoming frames? Shouldn't it be setting up the LRO flags, and shouldn't we be checking those and converting them to TSO in the forwarding path?

Aug 15 2020, 7:29 PM

Aug 13 2020

gallatin added a comment to D6656: net/tso: use the most restrictive segment size to perform the calculations.

I'm confused. t_maxsegsize is basically the connection's MSS, eg, what the NIC is supposed to break the TSO into. However if_hw_tsomaxsegsize is the max size of the TSO to be broken up. Eg, on a NIC without oddball limitations, if_hw_tsomaxsegcount might be 64, if_hw_tsomaxsegsize might be 65535. That means that TSO is supposed to send a max of 64K down to the NIC, in a max of 64 packets. If t_maxseg is less than 1000, then we'd have to limit the TSO to 64 packets.

Aug 13 2020, 8:21 PM

Aug 2 2020

gallatin added a comment to D25514: Add a new security/isal-kmod port..
In D25514#574176, @gbe wrote:

Is there a reason to not import this into base? The isa-l library is BSD-licensed and has a very small footprint.

Aug 2 2020, 8:30 PM

Jul 20 2020

gallatin accepted D25698: Update security/ktls-isa-l_crypto-kmod to work with KTLS RX API changes..
Jul 20 2020, 1:34 PM
gallatin accepted D25692: Don't dynamically allocate data structures for KTLS crypto requests..
Jul 20 2020, 1:31 PM

Jul 9 2020

gallatin committed rS363049: MFC r362112.
MFC r362112
Jul 9 2020, 5:10 PM

Jul 6 2020

gallatin accepted D25489: iflib: Fix handling of mbuf cluster allocation failures..
Jul 6 2020, 2:43 PM

Jul 1 2020

gallatin added a comment to D25530: Fix LOR with bpf detach.

Why is it safe to just drop the lock?

Jul 1 2020, 1:59 PM

Jun 30 2020

gallatin accepted D25489: iflib: Fix handling of mbuf cluster allocation failures..

I added Hans, as he's also got an attempt to fix the same problem (https://reviews.freebsd.org/D24236)

Jun 30 2020, 5:01 PM
gallatin added reviewers for D25489: iflib: Fix handling of mbuf cluster allocation failures.: hselasky, gallatin.
Jun 30 2020, 4:58 PM

Jun 29 2020

gallatin committed rS362789: Fix a panic when unloading firmware.
Fix a panic when unloading firmware
Jun 29 2020, 9:36 PM
gallatin accepted D25490: iflib: Fix some nits in the rx refill code..

Great work. There are *so many* of these optimizations hiding in this code. I'm really glad you're looking at it.

Jun 29 2020, 4:59 PM

Jun 26 2020

gallatin updated subscribers of D25454: cxgbe(4): changes in the Tx path to help increase tx coalescing..
Jun 26 2020, 2:59 PM
gallatin added a comment to D21122: Proof-of-concept hack: remove mp_ring from TX path.

Its a very worthwhile change. I personally have not had the time, and I have not heard from shurd lately. If you want to take it on, that would be great!

Jun 26 2020, 2:55 PM

Jun 24 2020

gallatin accepted D25253: iflib: netmap: add per-tx-queue netmap support.

Thank you for making this change!

Jun 24 2020, 10:47 PM

Jun 23 2020

gallatin added inline comments to D25253: iflib: netmap: add per-tx-queue netmap support.
Jun 23 2020, 11:08 PM
gallatin accepted D25254: iflib: netmap: add support for partial ring openings.
Jun 23 2020, 10:57 PM
gallatin added a comment to D25253: iflib: netmap: add per-tx-queue netmap support.

Can you add context please ? I upload patches using git diff -U9999999 to get the full file to show up.

Jun 23 2020, 9:15 PM
gallatin accepted D25252: iflib: netmap: fix rsync index overrun.
Jun 23 2020, 3:00 PM
gallatin added inline comments to D24937: Add tunable net.iflib.tx_update_freq to set transmit descriptor update frequency.
Jun 23 2020, 2:59 PM · network
gallatin requested review of D25018: cpuset: specify that we're printing a list of cpus, not a mask.
Jun 23 2020, 3:20 AM

Jun 19 2020

gallatin accepted D25291: Store the AAD in a separate buffer for KTLS..
Jun 19 2020, 8:41 PM

Jun 12 2020

gallatin committed rS362112: x86: Bump default msi/msix vector limit to 2048.
x86: Bump default msi/msix vector limit to 2048
Jun 12 2020, 6:41 PM

Jun 9 2020

gallatin accepted D25182: Add functions to allocate and copy into anonymous unmapped mbuf lists.
Jun 9 2020, 5:09 PM

Jun 8 2020

gallatin added inline comments to D25182: Add functions to allocate and copy into anonymous unmapped mbuf lists.
Jun 8 2020, 5:33 PM

Jun 7 2020

gallatin accepted D25167: iflib: netmap: honor netmap_irx_irq return values.
Jun 7 2020, 1:55 PM

Jun 3 2020

gallatin accepted D25120: Avoid trying to toggle TSO twice.
Jun 3 2020, 7:54 PM

May 27 2020

gallatin accepted D24674: fix sosend() so that it can handle an mbuf list for KTLS.
May 27 2020, 3:48 AM

May 26 2020

gallatin added a reviewer for D25018: cpuset: specify that we're printing a list of cpus, not a mask: jeff.
May 26 2020, 3:41 PM

May 20 2020

gallatin accepted D24922: bnxt: isc_nrxd_max and isc_ntxd_max must be powers of two.
May 20 2020, 3:23 PM
gallatin accepted D24922: bnxt: isc_nrxd_max and isc_ntxd_max must be powers of two.
May 20 2020, 1:55 PM
gallatin added a reviewer for D24922: bnxt: isc_nrxd_max and isc_ntxd_max must be powers of two: gallatin.
May 20 2020, 1:54 PM

May 12 2020

gallatin closed D24821: IPv6: Fix a panic in the nd6 code with unmapped mbufs..
May 12 2020, 5:18 PM
gallatin committed rS360982: IPv6: Fix a panic in the nd6 code with unmapped mbufs..
IPv6: Fix a panic in the nd6 code with unmapped mbufs.
May 12 2020, 5:18 PM
gallatin closed D24822: IPv6: sync IP_NO_SND_TAG_RL support from IPv4.
May 12 2020, 2:01 PM
gallatin committed rS360961: IPv6: sync IP_NO_SND_TAG_RL support from IPv4.
IPv6: sync IP_NO_SND_TAG_RL support from IPv4
May 12 2020, 2:01 PM
gallatin requested review of D24822: IPv6: sync IP_NO_SND_TAG_RL support from IPv4.
May 12 2020, 1:48 PM
gallatin requested review of D24821: IPv6: Fix a panic in the nd6 code with unmapped mbufs..
May 12 2020, 1:35 PM

May 11 2020

gallatin committed rS360930: Fix the build.
Fix the build
May 11 2020, 9:23 PM
gallatin committed rS360914: Ktls: never skip stamping tags for NIC TLS.
Ktls: never skip stamping tags for NIC TLS
May 11 2020, 7:17 PM

May 7 2020

gallatin accepted D24659: em/ix/ixv/ixl/iavf: Implement ifdi_needs_restart iflib method.
May 7 2020, 3:21 AM

May 6 2020

gallatin accepted D24736: Remove un-needed NF copy args.
May 6 2020, 9:26 PM

May 1 2020

gallatin accepted D24659: em/ix/ixv/ixl/iavf: Implement ifdi_needs_restart iflib method.
May 1 2020, 11:07 PM
gallatin added a comment to D24645: sched_ule: rate limit work stealing.
In D24645#542519, @mav wrote:

I was thinking about something like this many times. It would be nice to skip this often useless work. But each time I am stopped by worry that it may cause CPU under-utilization on a systems with load average about 1 per SMT thread. 10ms interval you mentioned sounds quite large to me, but honestly I can imagine some synchronous irregular load patterns where any chosen interval will cause a pessimization, dramatically increasing execution latency.

May 1 2020, 1:42 PM

Apr 30 2020

gallatin requested review of D24645: sched_ule: rate limit work stealing.
Apr 30 2020, 11:38 PM

Apr 28 2020

gallatin added inline comments to D24598: More re-working of multipage mbufs..
Apr 28 2020, 1:39 PM

Apr 27 2020

gallatin accepted D24598: More re-working of multipage mbufs..
Apr 27 2020, 11:49 PM
gallatin accepted D24568: fix sosend_generic() so that it can handle a list of ext_pgs mbufs post r359919.
Apr 27 2020, 1:57 PM
gallatin accepted D24545: Add support for optional separate output buffers to in-kernel crypto..

Looked mostly at ktls

Apr 27 2020, 1:56 PM
gallatin added a comment to D24453: Add support for KTLS RX over TOE to T6..

I'm going to let Navdeep review this..

Apr 27 2020, 1:18 PM
gallatin accepted D24452: Initial support for kernel offload of TLS receive..
Apr 27 2020, 1:17 PM
gallatin accepted D24451: Add the initial sequence number to the TLS enable socket option..
Apr 27 2020, 1:12 PM

Apr 14 2020

gallatin committed rS359920: Bump FreeBSD version after r359919 (KTLS / unmapped mbuf changes).
Bump FreeBSD version after r359919 (KTLS / unmapped mbuf changes)
Apr 14 2020, 2:48 PM
gallatin closed D24213: Re-work unmapped mbufs to carry ext_pgs in the mbuf itself..
Apr 14 2020, 2:46 PM
gallatin committed rS359919: KTLS: Re-work unmapped mbufs to carry ext_pgs in the mbuf itself..
KTLS: Re-work unmapped mbufs to carry ext_pgs in the mbuf itself.
Apr 14 2020, 2:46 PM

Apr 13 2020

gallatin committed rS359908: lagg: stop double-counting output errors and counting drops as errors.
lagg: stop double-counting output errors and counting drops as errors
Apr 13 2020, 11:07 PM
gallatin closed D24331: lagg: stop double-counting output errors and counting drops as errors.
Apr 13 2020, 11:07 PM
gallatin added a comment to D24213: Re-work unmapped mbufs to carry ext_pgs in the mbuf itself..

Just a heads up that i plan to commit this tomorrow.

Apr 13 2020, 2:22 PM

Apr 9 2020

gallatin updated the diff for D24213: Re-work unmapped mbufs to carry ext_pgs in the mbuf itself..

Fix issues encountered when running mlx5 with hw tls enabled with this patchset:

    • accessing ext_pgs via pointer was missed at compile time, as the driver was using the ext_buf rather than ext_pgs pointer
  • the driver was using ext_pgs at the same time as pkthdr
Apr 9 2020, 5:37 PM
gallatin updated the diff for D24331: lagg: stop double-counting output errors and counting drops as errors.
  • Fix accounting issue that jhb pointed out in lagg_bcast_start()
Apr 9 2020, 1:33 PM