From: Michael Tremer Date: Sun, 1 Jun 2025 14:58:28 +0000 (+0000) Subject: linux: Backport support for BIG TCP GSO on WireGuard X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e38cf1e2cd33d19f34f0856a87e09014a7cd4f45;p=ipfire-2.x.git linux: Backport support for BIG TCP GSO on WireGuard Advertise GSO_MAX_SIZE as TSO max size in order support BIG TCP for wireguard. This helps to improve wireguard performance a bit when enabled as it allows wireguard to aggregate larger skbs in wg_packet_consume_data_done() via napi_gro_receive(), but also allows the stack to build larger skbs on xmit where the driver then segments them before encryption inside wg_xmit(). We've seen a 15% improvement in TCP stream performance. Signed-off-by: Michael Tremer --- diff --git a/lfs/linux b/lfs/linux index f1a436c03..5fd87f5ad 100644 --- a/lfs/linux +++ b/lfs/linux @@ -134,6 +134,10 @@ ifeq "$(BUILD_ARCH)" "aarch64" endif cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux/linux-3.14.79-amba-fix.patch + # Linux 6.13 backported patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-6.12-wireguard-device-omit-unnecessary-memset.patch + cd $(DIR_APP) && patch -Np1 < $(DIR_SRC)/src/patches/linux-6.12-wireguard-big-tcp-gso.patch + # Customise the release cd $(DIR_APP) && echo "$(KVER_SUFFIX)" > localversion.10-$(SNAME) diff --git a/src/patches/linux-6.12-wireguard-big-tcp-gso.patch b/src/patches/linux-6.12-wireguard-big-tcp-gso.patch new file mode 100644 index 000000000..e6dc021d7 --- /dev/null +++ b/src/patches/linux-6.12-wireguard-big-tcp-gso.patch @@ -0,0 +1,36 @@ +From 06a34f7db773e01efa8a90c5b4d912207a80dd60 Mon Sep 17 00:00:00 2001 +From: Daniel Borkmann +Date: Sun, 17 Nov 2024 22:20:30 +0100 +Subject: [PATCH] wireguard: device: support big tcp GSO + +Advertise GSO_MAX_SIZE as TSO max size in order support BIG TCP for wireguard. +This helps to improve wireguard performance a bit when enabled as it allows +wireguard to aggregate larger skbs in wg_packet_consume_data_done() via +napi_gro_receive(), but also allows the stack to build larger skbs on xmit +where the driver then segments them before encryption inside wg_xmit(). +We've seen a 15% improvement in TCP stream performance. + +Signed-off-by: Daniel Borkmann +Signed-off-by: Jason A. Donenfeld +Link: https://patch.msgid.link/20241117212030.629159-5-Jason@zx2c4.com +Signed-off-by: Jakub Kicinski +--- + drivers/net/wireguard/device.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/drivers/net/wireguard/device.c b/drivers/net/wireguard/device.c +index a2ba71fbbed46..6cf173a008e78 100644 +--- a/drivers/net/wireguard/device.c ++++ b/drivers/net/wireguard/device.c +@@ -302,6 +302,8 @@ static void wg_setup(struct net_device *dev) + /* We need to keep the dst around in case of icmp replies. */ + netif_keep_dst(dev); + ++ netif_set_tso_max_size(dev, GSO_MAX_SIZE); ++ + wg->dev = dev; + } + +-- +2.39.5 + diff --git a/src/patches/linux-6.12-wireguard-device-omit-unnecessary-memset.patch b/src/patches/linux-6.12-wireguard-device-omit-unnecessary-memset.patch new file mode 100644 index 000000000..326d91f44 --- /dev/null +++ b/src/patches/linux-6.12-wireguard-device-omit-unnecessary-memset.patch @@ -0,0 +1,34 @@ +From 2c862914fbcf85609147401ea8674ae9a9e3b8cc Mon Sep 17 00:00:00 2001 +From: Tobias Klauser +Date: Sun, 17 Nov 2024 22:20:27 +0100 +Subject: [PATCH] wireguard: device: omit unnecessary memset of netdev private + data + +The memory for netdev_priv is allocated using kvzalloc in +alloc_netdev_mqs before rtnl_link_ops->setup is called so there is no +need to zero it again in wg_setup. + +Signed-off-by: Tobias Klauser +Reviewed-by: Simon Horman +Signed-off-by: Jason A. Donenfeld +Link: https://patch.msgid.link/20241117212030.629159-2-Jason@zx2c4.com +Signed-off-by: Jakub Kicinski +--- + drivers/net/wireguard/device.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/drivers/net/wireguard/device.c b/drivers/net/wireguard/device.c +index 45e9b908dbfb0..a2ba71fbbed46 100644 +--- a/drivers/net/wireguard/device.c ++++ b/drivers/net/wireguard/device.c +@@ -302,7 +302,6 @@ static void wg_setup(struct net_device *dev) + /* We need to keep the dst around in case of icmp replies. */ + netif_keep_dst(dev); + +- memset(wg, 0, sizeof(*wg)); + wg->dev = dev; + } + +-- +2.39.5 +