On Mon, 2022-04-18 at 12:52 -0400, Chuck Lever wrote: > Introduce a mechanism to cause xprt_transmit() to break out of its > sending loop at a specific rpc_rqst, rather than draining the whole > transmit queue. > > This enables the client to send just an RPC TLS probe and then wait > for the response before proceeding with the rest of the queue. > > Signed-off-by: Chuck Lever <chuck.lever@xxxxxxxxxx> > --- > include/linux/sunrpc/sched.h | 2 ++ > include/trace/events/sunrpc.h | 1 + > net/sunrpc/xprt.c | 2 ++ > 3 files changed, 5 insertions(+) > > diff --git a/include/linux/sunrpc/sched.h > b/include/linux/sunrpc/sched.h > index 599133fb3c63..f8c09638fa69 100644 > --- a/include/linux/sunrpc/sched.h > +++ b/include/linux/sunrpc/sched.h > @@ -125,6 +125,7 @@ struct rpc_task_setup { > #define RPC_TASK_TLSCRED 0x00000008 /* Use > AUTH_TLS credential */ > #define RPC_TASK_NULLCREDS 0x00000010 /* Use > AUTH_NULL credential */ > #define RPC_CALL_MAJORSEEN 0x00000020 /* major > timeout seen */ > +#define RPC_TASK_CORK 0x00000040 /* cork the > xmit queue */ > #define RPC_TASK_DYNAMIC 0x00000080 /* task was > kmalloc'ed */ > #define RPC_TASK_NO_ROUND_ROBIN 0x00000100 /* > send requests on "main" xprt */ > #define RPC_TASK_SOFT 0x00000200 /* Use soft > timeouts */ > @@ -137,6 +138,7 @@ struct rpc_task_setup { > > #define RPC_IS_ASYNC(t) ((t)->tk_flags & > RPC_TASK_ASYNC) > #define RPC_IS_SWAPPER(t) ((t)->tk_flags & RPC_TASK_SWAPPER) > +#define RPC_IS_CORK(t) ((t)->tk_flags & RPC_TASK_CORK) > #define RPC_IS_SOFT(t) ((t)->tk_flags & > (RPC_TASK_SOFT|RPC_TASK_TIMEOUT)) > #define RPC_IS_SOFTCONN(t) ((t)->tk_flags & RPC_TASK_SOFTCONN) > #define RPC_WAS_SENT(t) ((t)->tk_flags & > RPC_TASK_SENT) > diff --git a/include/trace/events/sunrpc.h > b/include/trace/events/sunrpc.h > index 811187c47ebb..e8d6adff1a50 100644 > --- a/include/trace/events/sunrpc.h > +++ b/include/trace/events/sunrpc.h > @@ -312,6 +312,7 @@ TRACE_EVENT(rpc_request, > { RPC_TASK_TLSCRED, "TLSCRED" > }, \ > { RPC_TASK_NULLCREDS, "NULLCREDS" > }, \ > { RPC_CALL_MAJORSEEN, "MAJORSEEN" > }, \ > + { RPC_TASK_CORK, "CORK" > }, \ > { RPC_TASK_DYNAMIC, "DYNAMIC" > }, \ > { RPC_TASK_NO_ROUND_ROBIN, "NO_ROUND_ROBIN" > }, \ > { RPC_TASK_SOFT, "SOFT" > }, \ > diff --git a/net/sunrpc/xprt.c b/net/sunrpc/xprt.c > index 86d62cffba0d..4b303b945b51 100644 > --- a/net/sunrpc/xprt.c > +++ b/net/sunrpc/xprt.c > @@ -1622,6 +1622,8 @@ xprt_transmit(struct rpc_task *task) > if (xprt_request_data_received(task) && > !test_bit(RPC_TASK_NEED_XMIT, &task- > >tk_runstate)) > break; > + if (RPC_IS_CORK(task)) > + break; > cond_resched_lock(&xprt->queue_lock); > } > spin_unlock(&xprt->queue_lock); > > This is entirely the wrong place for this kind of control mechanism. TLS vs not-TLS needs to be decided up front when we initialise the transport (i.e. at mount time or whenever the pNFS channels are set up). Otherwise, we're vulnerable to downgrade attacks. Once we've decided that TLS is the right thing to do, then we shouldn't declare to the RPC layer that the TLS-enabled transport is connected until the underlying transport connection is established, and the TLS handshake is done. -- Trond Myklebust Linux NFS client maintainer, Hammerspace trond.myklebust@xxxxxxxxxxxxxxx