pythongh-99813: Start using SSL_sendfile when available (python#99907)

Co-authored-by: Bénédikt Tran <10796600+picnixz@users.noreply.github.com>
Co-authored-by: Peter Bierma <zintensitydev@gmail.com>

Author: 3 people

Doc/library/ssl.rst

@@ -1078,8 +1078,9 @@ SSL Sockets
      (but passing a non-zero ``flags`` argument is not allowed)
    - :meth:`~socket.socket.send`, :meth:`~socket.socket.sendall` (with
      the same limitation)
-   - :meth:`~socket.socket.sendfile` (but :mod:`os.sendfile` will be used
-     for plain-text sockets only, else :meth:`~socket.socket.send` will be used)
+   - :meth:`~socket.socket.sendfile` (it may be high-performant only when
+     the kernel TLS is enabled by setting :data:`~ssl.OP_ENABLE_KTLS` or when a
+     socket is plain-text, else :meth:`~socket.socket.send` will be used)
    - :meth:`~socket.socket.shutdown`
 
    However, since the SSL (and TLS) protocol has its own framing atop
@@ -1113,6 +1114,11 @@ SSL Sockets
       functions support reading and writing of data larger than 2 GB. Writing
       zero-length data no longer fails with a protocol violation error.
 
+   .. versionchanged:: next
+      Python now uses ``SSL_sendfile`` internally when possible. The
+      function sends a file more efficiently because it performs TLS encryption
+      in the kernel to avoid additional context switches.
+
 SSL sockets also have the following additional methods and attributes:
 
 .. method:: SSLSocket.read(len=1024, buffer=None)

Lib/socket.py

@@ -56,6 +56,7 @@
 import os
 import sys
 from enum import IntEnum, IntFlag
+from functools import partial
 
 try:
     import errno
@@ -348,75 +349,83 @@ def makefile(self, mode="r", buffering=None, *,
         text.mode = mode
         return text
 
-    if hasattr(os, 'sendfile'):
+    def _sendfile_zerocopy(self, zerocopy_func, giveup_exc_type, file,
+                           offset=0, count=None):
+        """
+        Send a file using a zero-copy function.
+        """
+        import selectors
 
-        def _sendfile_use_sendfile(self, file, offset=0, count=None):
-            # Lazy import to improve module import time
-            import selectors
+        self._check_sendfile_params(file, offset, count)
+        sockno = self.fileno()
+        try:
+            fileno = file.fileno()
+        except (AttributeError, io.UnsupportedOperation) as err:
+            raise giveup_exc_type(err)  # not a regular file
+        try:
+            fsize = os.fstat(fileno).st_size
+        except OSError as err:
+            raise giveup_exc_type(err)  # not a regular file
+        if not fsize:
+            return 0  # empty file
+        # Truncate to 1GiB to avoid OverflowError, see bpo-38319.
+        blocksize = min(count or fsize, 2 ** 30)
+        timeout = self.gettimeout()
+        if timeout == 0:
+            raise ValueError("non-blocking sockets are not supported")
+        # poll/select have the advantage of not requiring any
+        # extra file descriptor, contrarily to epoll/kqueue
+        # (also, they require a single syscall).
+        if hasattr(selectors, 'PollSelector'):
+            selector = selectors.PollSelector()
+        else:
+            selector = selectors.SelectSelector()
+        selector.register(sockno, selectors.EVENT_WRITE)
 
-            self._check_sendfile_params(file, offset, count)
-            sockno = self.fileno()
-            try:
-                fileno = file.fileno()
-            except (AttributeError, io.UnsupportedOperation) as err:
-                raise _GiveupOnSendfile(err)  # not a regular file
-            try:
-                fsize = os.fstat(fileno).st_size
-            except OSError as err:
-                raise _GiveupOnSendfile(err)  # not a regular file
-            if not fsize:
-                return 0  # empty file
-            # Truncate to 1GiB to avoid OverflowError, see bpo-38319.
-            blocksize = min(count or fsize, 2 ** 30)
-            timeout = self.gettimeout()
-            if timeout == 0:
-                raise ValueError("non-blocking sockets are not supported")
-            # poll/select have the advantage of not requiring any
-            # extra file descriptor, contrarily to epoll/kqueue
-            # (also, they require a single syscall).
-            if hasattr(selectors, 'PollSelector'):
-                selector = selectors.PollSelector()
-            else:
-                selector = selectors.SelectSelector()
-            selector.register(sockno, selectors.EVENT_WRITE)
-
-            total_sent = 0
-            # localize variable access to minimize overhead
-            selector_select = selector.select
-            os_sendfile = os.sendfile
-            try:
-                while True:
-                    if timeout and not selector_select(timeout):
-                        raise TimeoutError('timed out')
-                    if count:
-                        blocksize = min(count - total_sent, blocksize)
-                        if blocksize <= 0:
-                            break
-                    try:
-                        sent = os_sendfile(sockno, fileno, offset, blocksize)
-                    except BlockingIOError:
-                        if not timeout:
-                            # Block until the socket is ready to send some
-                            # data; avoids hogging CPU resources.
-                            selector_select()
-                        continue
-                    except OSError as err:
-                        if total_sent == 0:
-                            # We can get here for different reasons, the main
-                            # one being 'file' is not a regular mmap(2)-like
-                            # file, in which case we'll fall back on using
-                            # plain send().
-                            raise _GiveupOnSendfile(err)
-                        raise err from None
-                    else:
-                        if sent == 0:
-                            break  # EOF
-                        offset += sent
-                        total_sent += sent
-                return total_sent
-            finally:
-                if total_sent > 0 and hasattr(file, 'seek'):
-                    file.seek(offset)
+        total_sent = 0
+        # localize variable access to minimize overhead
+        selector_select = selector.select
+        try:
+            while True:
+                if timeout and not selector_select(timeout):
+                    raise TimeoutError('timed out')
+                if count:
+                    blocksize = min(count - total_sent, blocksize)
+                    if blocksize <= 0:
+                        break
+                try:
+                    sent = zerocopy_func(fileno, offset, blocksize)
+                except BlockingIOError:
+                    if not timeout:
+                        # Block until the socket is ready to send some
+                        # data; avoids hogging CPU resources.
+                        selector_select()
+                    continue
+                except OSError as err:
+                    if total_sent == 0:
+                        # We can get here for different reasons, the main
+                        # one being 'file' is not a regular mmap(2)-like
+                        # file, in which case we'll fall back on using
+                        # plain send().
+                        raise giveup_exc_type(err)
+                    raise err from None
+                else:
+                    if sent == 0:
+                        break  # EOF
+                    offset += sent
+                    total_sent += sent
+            return total_sent
+        finally:
+            if total_sent > 0 and hasattr(file, 'seek'):
+                file.seek(offset)
+
+    if hasattr(os, 'sendfile'):
+        def _sendfile_use_sendfile(self, file, offset=0, count=None):
+            return self._sendfile_zerocopy(
+                partial(os.sendfile, self.fileno()),
+                _GiveupOnSendfile,
+                file, offset, count,
+            )
     else:
         def _sendfile_use_sendfile(self, file, offset=0, count=None):
             raise _GiveupOnSendfile(

Lib/ssl.py

@@ -975,6 +975,10 @@ def _sslcopydoc(func):
     return func
 
 
+class _GiveupOnSSLSendfile(Exception):
+    pass
+
+
 class SSLSocket(socket):
     """This class implements a subtype of socket.socket that wraps
     the underlying OS socket in an SSL context when necessary, and
@@ -1266,15 +1270,26 @@ def sendall(self, data, flags=0):
             return super().sendall(data, flags)
 
     def sendfile(self, file, offset=0, count=None):
-        """Send a file, possibly by using os.sendfile() if this is a
-        clear-text socket.  Return the total number of bytes sent.
+        """Send a file, possibly by using an efficient sendfile() call if
+        the system supports it.  Return the total number of bytes sent.
         """
-        if self._sslobj is not None:
-            return self._sendfile_use_send(file, offset, count)
-        else:
-            # os.sendfile() works with plain sockets only
+        if self._sslobj is None:
             return super().sendfile(file, offset, count)
 
+        if not self._sslobj.uses_ktls_for_send():
+            return self._sendfile_use_send(file, offset, count)
+
+        sendfile = getattr(self._sslobj, "sendfile", None)
+        if sendfile is None:
+            return self._sendfile_use_send(file, offset, count)
+
+        try:
+            return self._sendfile_zerocopy(
+                sendfile, _GiveupOnSSLSendfile, file, offset, count,
+            )
+        except _GiveupOnSSLSendfile:
+            return self._sendfile_use_send(file, offset, count)
+
     def recv(self, buflen=1024, flags=0):
         self._checkClosed()
         if self._sslobj is not None:

Lib/test/test_ssl.py

@@ -4316,19 +4316,30 @@ def test_read_write_after_close_raises_valuerror(self):
             self.assertRaises(ValueError, s.write, b'hello')
 
     def test_sendfile(self):
+        """Try to send a file using kTLS if possible."""
         TEST_DATA = b"x" * 512
         with open(os_helper.TESTFN, 'wb') as f:
             f.write(TEST_DATA)
         self.addCleanup(os_helper.unlink, os_helper.TESTFN)
         client_context, server_context, hostname = testing_context()
+        client_context.options |= getattr(ssl, 'OP_ENABLE_KTLS', 0)
         server = ThreadedEchoServer(context=server_context, chatty=False)
-        with server:
-            with client_context.wrap_socket(socket.socket(),
-                                            server_hostname=hostname) as s:
-                s.connect((HOST, server.port))
+        # kTLS seems to work only with a connection created before
+        # wrapping `sock` by the SSL context in contrast to calling
+        # `sock.connect()` after the wrapping.
+        with server, socket.create_connection((HOST, server.port)) as sock:
+            with client_context.wrap_socket(
+                sock, server_hostname=hostname
+            ) as ssock:
+                if support.verbose:
+                    ktls_used = ssock._sslobj.uses_ktls_for_send()
+                    print(
+                        'kTLS is',
+                        'available' if ktls_used else 'unavailable',
+                    )
                 with open(os_helper.TESTFN, 'rb') as file:
-                    s.sendfile(file)
-                    self.assertEqual(s.recv(1024), TEST_DATA)
+                    ssock.sendfile(file)
+                self.assertEqual(ssock.recv(1024), TEST_DATA)
 
     def test_session(self):
         client_context, server_context, hostname = testing_context()

Misc/NEWS.d/next/Library/2023-03-13-22-51-40.gh-issue-99813.40TV02.rst

@@ -0,0 +1,4 @@
+:mod:`ssl` now uses ``SSL_sendfile`` internally when it is possible (see
+:data:`~ssl.OP_ENABLE_KTLS`). The function sends a file more efficiently
+because it performs TLS encryption in the kernel to avoid additional context
+switches. Patch by Illia Volochii.