sock: Add ktls and tls_version to spdk_sock_impl_opts (806744b7) · Commits · Public Repositories / spdk

CHANGELOG.md

+1 −1

Original line number	Diff line number	Diff line
		@@ -23,7 +23,7 @@ Calculate num_md_pages from num_md_pages_per_cluster_ratio, and pass it to spdk_

		### rpc

		New options `ktls` and `tls_version` were added to the `spdk_sock_opts` structure.
		New options `enable_ktls` and `tls_version` were added to the `sock_impl_set_options` structure.

		Added warning message for `bdev_rbd_create`, if it is used without -c.
		`bdev_rbd_create()` API without specifying -c is deprecated and will be removed in future release.

doc/jsonrpc.md

+8 −2

Original line number	Diff line number	Diff line
		@@ -9518,7 +9518,9 @@ Example response:
		"enable_placement_id": 0,
		"enable_zerocopy_send_server": true,
		"enable_zerocopy_send_client": false,
		"zerocopy_threshold": 0
		"zerocopy_threshold": 0,
		"tls_version": 13,
		"enable_ktls": false
		}
		}
		~~~
		@@ -9541,6 +9543,8 @@ enable_zerocopy_send_server \| Optional \| boolean \| Enable or disable zero co
		enable_zerocopy_send_client \| Optional \| boolean \| Enable or disable zero copy on send for client sockets
		zerocopy_threshold \| Optional \| number \| Set zerocopy_threshold in bytes. A consecutive sequence of requests' iovecs
		that fall below this threshold may be sent without zerocopy flag set
		tls_version \| Optional \| number \| TLS protocol version, e.g. 13 for v1.3 (only applies when impl_name == ssl)
		enable_ktls \| Optional \| boolean \| Enable or disable Kernel TLS (only applies when impl_name == ssl)

		#### Response

		@@ -9564,7 +9568,9 @@ Example request:
		"enable_placement_id": 0,
		"enable_zerocopy_send_server": true,
		"enable_zerocopy_send_client": false,
		"zerocopy_threshold": 10240
		"zerocopy_threshold": 10240,
		"tls_version": 13,
		"enable_ktls": false
		}
		}
		~~~

examples/nvme/perf/perf.c

+41 −6

Original line number	Diff line number	Diff line
		@@ -291,7 +291,7 @@ static int g_file_optind; /* Index of first filename in argv */
		static inline void task_complete(struct perf_task *task);

		static void
		perf_set_sock_zcopy(const char *impl_name, bool enable)
		perf_set_sock_opts(const char impl_name, const char field, uint32_t val)
		{
		struct spdk_sock_impl_opts sock_opts = {};
		size_t opts_size = sizeof(sock_opts);
		@@ -314,11 +314,23 @@ perf_set_sock_zcopy(const char *impl_name, bool enable)
		opts_size = sizeof(sock_opts);
		}

		sock_opts.enable_zerocopy_send_client = enable;
		if (!field) {
		fprintf(stderr, "Warning: no socket opts field specified\n");
		return;
		} else if (strcmp(field, "enable_zerocopy_send_client") == 0) {
		sock_opts.enable_zerocopy_send_client = val;
		} else if (strcmp(field, "tls_version") == 0) {
		sock_opts.tls_version = val;
		} else if (strcmp(field, "ktls") == 0) {
		sock_opts.enable_ktls = val;
		} else {
		fprintf(stderr, "Warning: invalid or unprocessed socket opts field: %s\n", field);
		return;
		}

		if (spdk_sock_impl_set_opts(impl_name, &sock_opts, opts_size)) {
		fprintf(stderr, "Failed to %s zcopy send for sock impl %s: error %d (%s)\n",
		enable ? "enable" : "disable", impl_name, errno, strerror(errno));
		fprintf(stderr, "Failed to set %s: %d for sock impl %s : error %d (%s)\n", field, val, impl_name,
		errno, strerror(errno));
		}
		}

		@@ -1775,6 +1787,9 @@ usage(char *program_name)
		printf("\t[--transport-stats dump transport statistics]\n");
		printf("\t[--iova-mode <mode> specify DPDK IOVA mode: va\|pa]\n");
		printf("\t[--io-queue-size <val> size of NVMe IO queue. Default: maximum allowed by controller]\n");
		printf("\t[--disable-ktls disable Kernel TLS. Only valid for ssl impl. Default for ssl impl]\n");
		printf("\t[--enable-ktls enable Kernel TLS. Only valid for ssl impl]\n");
		printf("\t[--tls-version <val> TLS version to use. Only valid for ssl impl. Default: 0 (auto-negotiation)]\n");
		}

		static void
		@@ -2267,6 +2282,12 @@ static const struct option g_perf_cmdline_opts[] = {
		{"iova-mode", required_argument, NULL, PERF_IOVA_MODE},
		#define PERF_IO_QUEUE_SIZE 259
		{"io-queue-size", required_argument, NULL, PERF_IO_QUEUE_SIZE},
		#define PERF_DISABLE_KTLS 260
		{"disable-ktls", no_argument, NULL, PERF_DISABLE_KTLS},
		#define PERF_ENABLE_KTLS 261
		{"enable-ktls", no_argument, NULL, PERF_ENABLE_KTLS},
		#define PERF_TLS_VERSION 262
		{"tls-version", required_argument, NULL, PERF_TLS_VERSION},
		/* Should be the last element */
		{0, 0, 0, 0}
		};
		@@ -2447,11 +2468,25 @@ parse_args(int argc, char *argv, struct spdk_env_opts env_opts)
		case PERF_ENABLE_VMD:
		g_vmd = true;
		break;
		case PERF_DISABLE_KTLS:
		perf_set_sock_opts(optarg, "ktls", 0);
		break;
		case PERF_ENABLE_KTLS:
		perf_set_sock_opts(optarg, "ktls", 1);
		break;
		case PERF_TLS_VERSION:
		val = spdk_strtol(optarg, 10);
		if (val < 0) {
		fprintf(stderr, "Illegal tls version value %s\n", optarg);
		return val;
		}
		perf_set_sock_opts(optarg, "tls_version", val);
		break;
		case PERF_DISABLE_ZCOPY:
		perf_set_sock_zcopy(optarg, false);
		perf_set_sock_opts(optarg, "enable_zerocopy_send_client", 0);
		break;
		case PERF_ENABLE_ZCOPY:
		perf_set_sock_zcopy(optarg, true);
		perf_set_sock_opts(optarg, "enable_zerocopy_send_client", 1);
		break;
		case PERF_DEFAULT_SOCK_IMPL:
		rc = spdk_sock_set_default_impl(optarg);

examples/sock/hello_world/hello_sock.c

+16 −4

Original line number	Diff line number	Diff line
		@@ -218,13 +218,19 @@ hello_sock_connect(struct hello_context_t *ctx)
		int rc;
		char saddr[ADDR_STR_LEN], caddr[ADDR_STR_LEN];
		uint16_t cport, sport;
		struct spdk_sock_impl_opts impl_opts;
		size_t impl_opts_size = sizeof(impl_opts);
		struct spdk_sock_opts opts;

		spdk_sock_impl_get_opts(ctx->sock_impl_name, &impl_opts, &impl_opts_size);
		impl_opts.enable_ktls = ctx->ktls;
		impl_opts.tls_version = ctx->tls_version;

		opts.opts_size = sizeof(opts);
		spdk_sock_get_default_opts(&opts);
		opts.zcopy = ctx->zcopy;
		opts.ktls = ctx->ktls;
		opts.tls_version = ctx->tls_version;
		opts.impl_opts = &impl_opts;
		opts.impl_opts_size = sizeof(impl_opts);

		SPDK_NOTICELOG("Connecting to the server on %s:%d with sock_impl(%s)\n", ctx->host, ctx->port,
		ctx->sock_impl_name);
		@@ -356,13 +362,19 @@ hello_sock_group_poll(void *arg)
		static int
		hello_sock_listen(struct hello_context_t *ctx)
		{
		struct spdk_sock_impl_opts impl_opts;
		size_t impl_opts_size = sizeof(impl_opts);
		struct spdk_sock_opts opts;

		spdk_sock_impl_get_opts(ctx->sock_impl_name, &impl_opts, &impl_opts_size);
		impl_opts.enable_ktls = ctx->ktls;
		impl_opts.tls_version = ctx->tls_version;

		opts.opts_size = sizeof(opts);
		spdk_sock_get_default_opts(&opts);
		opts.zcopy = ctx->zcopy;
		opts.ktls = ctx->ktls;
		opts.tls_version = ctx->tls_version;
		opts.impl_opts = &impl_opts;
		opts.impl_opts_size = sizeof(impl_opts);

		ctx->sock = spdk_sock_listen_ext(ctx->host, ctx->port, ctx->sock_impl_name, &opts);
		if (ctx->sock == NULL) {

include/spdk/sock.h

+10 −10

Original line number	Diff line number	Diff line
		@@ -128,6 +128,16 @@ struct spdk_sock_impl_opts {
		* threshold may be sent without zerocopy flag set.
		*/
		uint32_t zerocopy_threshold;

		/**
		* TLS protocol version. Used by ssl socket module.
		*/
		uint32_t tls_version;

		/**
		* Enable or disable kernel TLS. Used by ssl socket modules.
		*/
		bool enable_ktls;
		};

		/**
		@@ -159,16 +169,6 @@ struct spdk_sock_opts {
		*/
		uint32_t ack_timeout;

		/**
		* TLS protocol version. Used by posix socket module.
		*/
		uint32_t tls_version;

		/**
		* Used to enable or disable KTLS for ssl posix socket module.
		*/
		bool ktls;

		/**
		* Socket implementation options. If non-NULL, these will override those set by
		* spdk_sock_impl_set_opts(). The library copies this structure internally, so the user can