NFS: Request use of TCP_USE_DDP for in-kernel TCP sockets

Since this is an optimization, ignore failures to enable the option. For the server side, defer enabling DDP until the first non-NULLPROC RPC is received. This allows TLS handling (which uses NULLPROC RPCs) to enable TLS offload first. Reviewed by: rmacklem Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D44002 (cherry picked from commit a16ff32f04b5b891a2d9b0427a2fd9c48e866da3)
2026-05-28 04:12:45 -04:00 · 2024-03-20 15:29:51 -07:00 · 2024-03-20 15:29:51 -07:00 · 260d7b5854
commit 260d7b5854
parent bf5956c185
3 changed files with 29 additions and 0 deletions
--- a/sys/rpc/clnt_rc.c
+++ b/sys/rpc/clnt_rc.c
@ -43,6 +43,8 @@
 #include <sys/time.h>
 #include <sys/uio.h>

+#include <netinet/tcp.h>
+
 #include <rpc/rpc.h>
 #include <rpc/rpc_com.h>
 #include <rpc/krpc.h>
@ -213,6 +215,12 @@ clnt_reconnect_connect(CLIENT *cl)
 				goto out;
 			}
 		}
+		if (newclient != NULL) {
+			int optval = 1;
+
+			(void)so_setsockopt(so, IPPROTO_TCP, TCP_USE_DDP,
+			    &optval, sizeof(optval));
+		}
 		if (newclient != NULL && rc->rc_reconcall != NULL)
 			(*rc->rc_reconcall)(newclient, rc->rc_reconarg,
 			    rc->rc_ucred);
--- a/sys/rpc/svc.c
+++ b/sys/rpc/svc.c
@ -54,6 +54,7 @@ static char *sccsid = "@(#)svc.c	2.4 88/08/11 4.0 RPCSRC";
 #include <sys/mbuf.h>
 #include <sys/mutex.h>
 #include <sys/proc.h>
+#include <sys/protosw.h>
 #include <sys/queue.h>
 #include <sys/socketvar.h>
 #include <sys/systm.h>
@ -61,6 +62,8 @@ static char *sccsid = "@(#)svc.c	2.4 88/08/11 4.0 RPCSRC";
 #include <sys/sx.h>
 #include <sys/ucred.h>

+#include <netinet/tcp.h>
+
 #include <rpc/rpc.h>
 #include <rpc/rpcb_clnt.h>
 #include <rpc/replay.h>
@ -991,6 +994,23 @@ svc_getreq(SVCXPRT *xprt, struct svc_req **rqstp_ret)
 			goto call_done;
 		}

+		/*
+		 * Defer enabling DDP until the first non-NULLPROC RPC
+		 * is received to allow STARTTLS authentication to
+		 * enable TLS offload first.
+		 */
+		if (xprt->xp_doneddp == 0 && r->rq_proc != NULLPROC &&
+		    atomic_cmpset_int(&xprt->xp_doneddp, 0, 1)) {
+			if (xprt->xp_socket->so_proto->pr_protocol ==
+			    IPPROTO_TCP) {
+				int optval = 1;
+
+				(void)so_setsockopt(xprt->xp_socket,
+				    IPPROTO_TCP, TCP_USE_DDP, &optval,
+				    sizeof(optval));
+			}
+		}
+
 		/*
 		 * Everything checks out, return request to caller.
 		 */
--- a/sys/rpc/svc.h
+++ b/sys/rpc/svc.h
@ -188,6 +188,7 @@ typedef struct __rpc_svcxprt {
 	int		xp_ngrps;	/* Cred. from TLS cert. */
 	uid_t		xp_uid;
 	gid_t		*xp_gidp;
+	int		xp_doneddp;
 #else
 	int		xp_fd;
 	u_short		xp_port;	 /* associated port number */