Commit d26b698d authored by Jakub Kicinski's avatar Jakub Kicinski Committed by David S. Miller
Browse files

net/tls: add skeleton of MIB statistics 



Add a skeleton structure for adding TLS statistics.

Signed-off-by: default avatarJakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 9ec1c6ac

Documentation/networking/tls.rst

+6 −0
Original line number Diff line number Diff line
@@ -213,3 +213,9 @@ A patchset to OpenSSL to use ktls as the record layer is 
of calling send directly after a handshake using gnutls.

Since it doesn't implement a full record layer, control

messages are not supported.



Statistics

==========



TLS implementation exposes the following per-namespace statistics

(``/proc/net/tls_stat``):

include/net/netns/mib.h

+3 −0
Original line number Diff line number Diff line
@@ -24,6 +24,9 @@ struct netns_mib { 
#ifdef CONFIG_XFRM_STATISTICS

	DEFINE_SNMP_STAT(struct linux_xfrm_mib, xfrm_statistics);

#endif

#if IS_ENABLED(CONFIG_TLS)

	DEFINE_SNMP_STAT(struct linux_tls_mib, tls_statistics);

#endif

};



#endif

include/net/snmp.h

+6 −0
Original line number Diff line number Diff line
@@ -111,6 +111,12 @@ struct linux_xfrm_mib { 
	unsigned long	mibs[LINUX_MIB_XFRMMAX];

};



/* Linux TLS */

#define LINUX_MIB_TLSMAX	__LINUX_MIB_TLSMAX

struct linux_tls_mib {

	unsigned long	mibs[LINUX_MIB_TLSMAX];

};



#define DEFINE_SNMP_STAT(type, name)	\

	__typeof__(type) __percpu *name

#define DEFINE_SNMP_STAT_ATOMIC(type, name)	\

include/net/tls.h

+13 −0
Original line number Diff line number Diff line
@@ -43,6 +43,7 @@ 
#include <linux/netdevice.h>

#include <linux/rcupdate.h>



#include <net/net_namespace.h>

#include <net/tcp.h>

#include <net/strparser.h>

#include <crypto/aead.h>
@@ -73,6 +74,15 @@ 
 */

#define TLS_AES_CCM_IV_B0_BYTE		2



#define __TLS_INC_STATS(net, field)				\

	__SNMP_INC_STATS((net)->mib.tls_statistics, field)

#define TLS_INC_STATS(net, field)				\

	SNMP_INC_STATS((net)->mib.tls_statistics, field)

#define __TLS_DEC_STATS(net, field)				\

	__SNMP_DEC_STATS((net)->mib.tls_statistics, field)

#define TLS_DEC_STATS(net, field)				\

	SNMP_DEC_STATS((net)->mib.tls_statistics, field)



enum {

	TLS_BASE,

	TLS_SW,
@@ -605,6 +615,9 @@ static inline bool tls_offload_tx_resync_pending(struct sock *sk) 
	return ret;

}



int __net_init tls_proc_init(struct net *net);

void __net_exit tls_proc_fini(struct net *net);



int tls_proccess_cmsg(struct sock *sk, struct msghdr *msg,

		      unsigned char *record_type);

int decrypt_skb(struct sock *sk, struct sk_buff *skb,

include/uapi/linux/snmp.h

+7 −0
Original line number Diff line number Diff line
@@ -323,4 +323,11 @@ enum 
	__LINUX_MIB_XFRMMAX

};



/* linux TLS mib definitions */

enum

{

	LINUX_MIB_TLSNUM = 0,

	__LINUX_MIB_TLSMAX

};



#endif	/* _LINUX_SNMP_H */

CRA Git | Maintained and supported by SUSTech CRA and CCSE