kernel/linux.git/net/tls/tls_proc.c, branch linux-7.1.y

tls: snmp: do not use SNMP_MIB_SENTINEL anymore

2025-09-09T01:06:21+00:00

Use ARRAY_SIZE(), so that we know the limit at compile time. Signed-off-by: Eric Dumazet Cc: John Fastabend Reviewed-by: Sabrina Dubroca Link: https://patch.msgid.link/20250905165813.1470708-8-edumazet@google.com Signed-off-by: Jakub Kicinski

tls: add counters for rekey

2024-12-16T12:47:30+00:00

This introduces 5 counters to keep track of key updates: Tls{Rx,Tx}Rekey{Ok,Error} and TlsRxRekeyReceived. Suggested-by: Jakub Kicinski Signed-off-by: Sabrina Dubroca Signed-off-by: David S. Miller

tls: rx: add counter for NoPad violations

2022-07-12T02:48:33+00:00

As discussed with Maxim add a counter for true NoPad violations. This should help deployments catch unexpected padded records vs just control records which always need re-encryption. https: //lore.kernel.org/all/b111828e6ac34baad9f4e783127eba8344ac252d.camel@nvidia.com/ Signed-off-by: Jakub Kicinski

tls: fix spelling of MIB

2022-07-12T02:48:32+00:00

MIN -> MIB Fixes: 88527790c079 ("tls: rx: add sockopt for enabling optimistic decrypt with TLS 1.3") Signed-off-by: Jakub Kicinski

tls: create an internal header

2022-07-09T01:38:45+00:00

include/net/tls.h is getting a little long, and is probably hard for driver authors to navigate. Split out the internals into a header which will live under net/tls/. While at it move some static inlines with a single user into the source files, add a few tls_ prefixes and fix spelling of 'proccess'. Signed-off-by: Jakub Kicinski

tls: rx: add sockopt for enabling optimistic decrypt with TLS 1.3

2022-07-06T11:56:35+00:00

Since optimisitic decrypt may add extra load in case of retries require socket owner to explicitly opt-in. Signed-off-by: Jakub Kicinski Signed-off-by: David S. Miller

net: fix proc_fs init handling in af_packet and tls

2020-12-15T03:39:30+00:00

proc_fs was used, in af_packet, without a surrounding #ifdef, although there is no hard dependency on proc_fs. That caused the initialization of the af_packet module to fail when CONFIG_PROC_FS=n. Specifically, proc_create_net() was used in af_packet.c, and when it fails, packet_net_init() returns -ENOMEM. It will always fail when the kernel is compiled without proc_fs, because, proc_create_net() for example always returns NULL. The calling order that starts in af_packet.c is as follows: packet_init() register_pernet_subsys() register_pernet_operations() __register_pernet_operations() ops_init() ops->init() (packet_net_ops.init=packet_net_init()) proc_create_net() It worked in the past because register_pernet_subsys()'s return value wasn't checked before this Commit 36096f2f4fa0 ("packet: Fix error path in packet_init."). It always returned an error, but was not checked before, so everything was working even when CONFIG_PROC_FS=n. The fix here is simply to add the necessary #ifdef. This also fixes a similar error in tls_proc.c, that was found by Jakub Kicinski. Fixes: d26b698dd3cd ("net/tls: add skeleton of MIB statistics") Fixes: 36096f2f4fa0 ("packet: Fix error path in packet_init") Signed-off-by: Yonatan Linik Signed-off-by: Jakub Kicinski

net/tls: Fix unused function warning

2019-11-15T20:12:28+00:00

If PROC_FS is not set, gcc warning this: net/tls/tls_proc.c:23:12: warning: 'tls_statistics_seq_show' defined but not used [-Wunused-function] Use #ifdef to guard this. Reported-by: Hulk Robot Signed-off-by: YueHaibing Acked-by: Jakub Kicinski Signed-off-by: David S. Miller

net/tls: add TlsDeviceRxResync statistic

2019-10-05T23:29:00+00:00

Add a statistic for number of RX resyncs sent down to the NIC. Signed-off-by: Jakub Kicinski Signed-off-by: David S. Miller

net/tls: add TlsDecryptError stat

2019-10-05T23:29:00+00:00

Add a statistic for TLS record decryption errors. Since devices are supposed to pass records as-is when they encounter errors this statistic will count bad records in both pure software and inline crypto configurations. Signed-off-by: Jakub Kicinski Signed-off-by: David S. Miller