| Message ID | 20220803164045.3585187-1-adel.abushaev@gmail.com |
|---|---|
| Headers | show |
| Series | net: support QUIC crypto | expand |
Looking at https://github.com/shemminger/iproute2/blob/main/misc/ss.c#L589 the ss.c still uses proc/. Adel. On 8/4/22 8:29 AM, Andrew Lunn wrote: > On Wed, Aug 03, 2022 at 11:51:59AM -0700, Adel Abouchaev wrote: >> Andrew, >> >> Could you add more to your comment? The /proc was used similarly to kTLS. >> Netlink is better, though, unsure how ULP stats would fit in it. > How do tools like ss(1) retrieve the protocol summary statistics? Do > they still use /proc, or netlink? > > Andrew
On Thu, Aug 4, 2022 at 9:58 AM Adel Abouchaev <adel.abushaev@gmail.com> wrote: > > Looking at > https://github.com/shemminger/iproute2/blob/main/misc/ss.c#L589 the ss.c > still uses proc/. > Only for legacy reasons. ss -t for sure will use netlink first, then fallback to /proc New counters should use netlink, please. > Adel. > > On 8/4/22 8:29 AM, Andrew Lunn wrote: > > On Wed, Aug 03, 2022 at 11:51:59AM -0700, Adel Abouchaev wrote: > >> Andrew, > >> > >> Could you add more to your comment? The /proc was used similarly to kTLS. > >> Netlink is better, though, unsure how ULP stats would fit in it. > > How do tools like ss(1) retrieve the protocol summary statistics? Do > > they still use /proc, or netlink? > > > > Andrew
On Thu, 4 Aug 2022 10:00:37 -0700 Eric Dumazet wrote: > On Thu, Aug 4, 2022 at 9:58 AM Adel Abouchaev <adel.abushaev@gmail.com> wrote: > > Looking at > > https://github.com/shemminger/iproute2/blob/main/misc/ss.c#L589 the ss.c > > still uses proc/. > > Only for legacy reasons. That but in all honesty also the fact that a proc file is pretty easy and self-describing while the historic netlink families are undocumented code salads. > ss -t for sure will use netlink first, then fallback to /proc > > New counters should use netlink, please. Just to be sure I'm not missing anything - we're talking about some new netlink, right? Is there an existing place for "overall prot family stats" over netlink today?
On Thu, Aug 4, 2022 at 11:09 AM Jakub Kicinski <kuba@kernel.org> wrote: > > On Thu, 4 Aug 2022 10:00:37 -0700 Eric Dumazet wrote: > > On Thu, Aug 4, 2022 at 9:58 AM Adel Abouchaev <adel.abushaev@gmail.com> wrote: > > > Looking at > > > https://github.com/shemminger/iproute2/blob/main/misc/ss.c#L589 the ss.c > > > still uses proc/. > > > > Only for legacy reasons. > > That but in all honesty also the fact that a proc file is pretty easy > and self-describing while the historic netlink families are undocumented > code salads. > > > ss -t for sure will use netlink first, then fallback to /proc > > > > New counters should use netlink, please. > > Just to be sure I'm not missing anything - we're talking about some > new netlink, right? Is there an existing place for "overall prot family > stats" over netlink today? I thought we were speaking of dumping ULP info on a per UDP socket basis. If this is about new SNMP counters, then sure, /proc is fine I guess.
QUIC requires end to end encryption of the data. The application usually prepares the data in clear text, encrypts and calls send() which implies multiple copies of the data before the packets hit the networking stack. Similar to kTLS, QUIC kernel offload of cryptography reduces the memory pressure by reducing the number of copies. The scope of kernel support is limited to the symmetric cryptography, leaving the handshake to the user space library. For QUIC in particular, the application packets that require symmetric cryptography are the 1RTT packets with short headers. Kernel will encrypt the application packets on transmission and decrypt on receive. This series implements Tx only, because in QUIC server applications Tx outweighs Rx by orders of magnitude. Supporting the combination of QUIC and GSO requires the application to correctly place the data and the kernel to correctly slice it. The encryption process appends an arbitrary number of bytes (tag) to the end of the message to authenticate it. The GSO value should include this overhead, the offload would then subtract the tag size to parse the input on Tx before chunking and encrypting it. With the kernel cryptography, the buffer copy operation is conjoined with the encryption operation. The memory bandwidth is reduced by 5-8%. When devices supporting QUIC encryption in hardware come to the market, we will be able to free further 7% of CPU utilization which is used today for crypto operations. Adel Abouchaev (6): Documentation on QUIC kernel Tx crypto. Define QUIC specific constants, control and data plane structures Add UDP ULP operations, initialization and handling prototype functions. Implement QUIC offload functions Add flow counters and Tx processing error counter Add self tests for ULP operations, flow setup and crypto tests Documentation/networking/quic.rst | 176 +++ include/net/inet_sock.h | 2 + include/net/netns/mib.h | 3 + include/net/quic.h | 59 + include/net/snmp.h | 6 + include/net/udp.h | 33 + include/uapi/linux/quic.h | 61 + include/uapi/linux/snmp.h | 11 + include/uapi/linux/udp.h | 4 + net/Kconfig | 1 + net/Makefile | 1 + net/ipv4/Makefile | 3 +- net/ipv4/udp.c | 14 + net/ipv4/udp_ulp.c | 190 ++++ net/quic/Kconfig | 16 + net/quic/Makefile | 8 + net/quic/quic_main.c | 1446 ++++++++++++++++++++++++ net/quic/quic_proc.c | 45 + tools/testing/selftests/net/.gitignore | 1 + tools/testing/selftests/net/Makefile | 2 +- tools/testing/selftests/net/quic.c | 1024 +++++++++++++++++ tools/testing/selftests/net/quic.sh | 45 + 22 files changed, 3149 insertions(+), 2 deletions(-) create mode 100644 Documentation/networking/quic.rst create mode 100644 include/net/quic.h create mode 100644 include/uapi/linux/quic.h create mode 100644 net/ipv4/udp_ulp.c create mode 100644 net/quic/Kconfig create mode 100644 net/quic/Makefile create mode 100644 net/quic/quic_main.c create mode 100644 net/quic/quic_proc.c create mode 100644 tools/testing/selftests/net/quic.c create mode 100755 tools/testing/selftests/net/quic.sh