Skip to content

linux: enable kTLS#146983

Merged
alyssais merged 1 commit intoNixOS:masterfrom
Izorkin:update-kernel-tls
Nov 22, 2021
Merged

linux: enable kTLS#146983
alyssais merged 1 commit intoNixOS:masterfrom
Izorkin:update-kernel-tls

Conversation

@Izorkin
Copy link
Copy Markdown
Contributor

@Izorkin Izorkin commented Nov 22, 2021

Motivation for this change

Enable Kernel TLS Support.
https://www.kernel.org/doc/html/latest/networking/tls.html#kernel-tls
https://docs.mellanox.com/display/MLNXOFEDv531001/Kernel+Transport+Layer+Security+(kTLS)+Offloads

Things done
  • Built on platform(s)
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • For non-Linux: Is sandbox = true set in nix.conf? (See Nix manual)
  • Tested, as applicable:
  • Tested compilation of all packages that depend on this change using nix-shell -p nixpkgs-review --run "nixpkgs-review rev HEAD". Note: all changes have to be committed, also see nixpkgs-review usage
  • Tested basic functionality of all binary files (usually in ./result/bin/)
  • 21.11 Release Notes (or backporting 21.05 Release notes)
    • (Package updates) Added a release notes entry if the change is major or breaking
    • (Module updates) Added a release notes entry if the change is significant
    • (Module addition) Added a release notes entry if adding a new NixOS module
    • (Release notes changes) Ran nixos/doc/manual/md-to-db.sh to update generated release notes
  • Fits CONTRIBUTING.md.

@github-actions github-actions bot added the 6.topic: kernel The Linux kernel label Nov 22, 2021
@dasJ dasJ requested a review from ajs124 November 22, 2021 12:28
@ajs124 ajs124 requested review from Ma27 and alyssais November 22, 2021 13:59
ajs124
ajs124 reviewed Nov 22, 2021
View reviewed changes
@Izorkin
Copy link
Copy Markdown
Contributor Author

Izorkin commented Nov 22, 2021

Checking nginxMainline with enable-ktls:

sudo grep BIO /var/log/nginx/error.log
2021/11/22 17:47:44 [debug] 9357#9357: *2 BIO_get_ktls_send(): 1
2021/11/22 17:48:44 [debug] 9357#9357: *16 BIO_get_ktls_send(): 1

Now need to somehow build openssl 3.0.0 with kTLS support :)

@ofborg ofborg bot added 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 2501-5000 This PR causes many rebuilds on Linux and should target the staging branches. labels Nov 22, 2021
@Izorkin Izorkin mentioned this pull request Nov 22, 2021
Merged
13 tasks
ajs124
ajs124 reviewed Nov 22, 2021
View reviewed changes
@Izorkin
Copy link
Copy Markdown
Contributor Author

Izorkin commented Nov 22, 2021

Updated PR.

@alyssais alyssais merged commit 8bcc413 into NixOS:master Nov 22, 2021
@Izorkin Izorkin deleted the update-kernel-tls branch November 22, 2021 21:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ajs124 ajs124 ajs124 left review comments

@Ma27 Ma27 Awaiting requested review from Ma27

@alyssais alyssais Awaiting requested review from alyssais

Assignees

No one assigned

Labels

6.topic: kernel The Linux kernel 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 501+ This PR causes many rebuilds on Linux and should normally target the staging branches. 10.rebuild-linux: 2501-5000 This PR causes many rebuilds on Linux and should target the staging branches.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Izorkin @ajs124 @alyssais