HomeFreeBSD
Diffusion FreeBSD src repository - subversion rS368316

Clear TLS offload mode if a TLS socket hangs without receiving data.
rS368316
Actions

Description

Clear TLS offload mode if a TLS socket hangs without receiving data.

By default, if a TOE TLS socket stops receiving data for more than 5
seconds, revert the connection back to plain TOE mode. This provides
a fallback if the userland SSL library does not support KTLS. In
addition, for client TLS 1.3 sockets using connect(), the TOE socket
blocks before the handshake has completed since the socket option is
only invoked for the final handshake.

The timeout defaults to 5 seconds, but can be changed at boot via the
hw.cxgbe.toe.tls_rx_timeout tunable or for an individual interface via
the dev.<nexus>.toe.tls_rx_timeout sysctl.

Reviewed by: np
MFC after: 2 weeks
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D27470

Details

Provenance
jhbAuthored on
Reviewer
np
Differential Revision
D27470: Clear TLS offload mode if a TLS socket hangs without receiving data.
Parents
rS368315: cxgbe(4): Fix vertical alignment in sysctl_cpl_stats.
Branches
Unknown
Tags
Unknown

Changes (7)

PathSize
head/
sys/
dev/
cxgbe/
tom/

rS368316

View Options

head/sys/dev/cxgbe/offload.h

Loading...
View Options

head/sys/dev/cxgbe/t4_main.c

Loading...
View Options

head/sys/dev/cxgbe/tom/t4_connect.c

Loading...
View Options

head/sys/dev/cxgbe/tom/t4_cpl_io.c

Loading...
View Options

head/sys/dev/cxgbe/tom/t4_tls.c

Loading...
View Options

head/sys/dev/cxgbe/tom/t4_tom.c

Loading...
View Options

head/sys/dev/cxgbe/tom/t4_tom.h

Loading...