lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20191005120947.j3ths7o3fvqo435n@netronome.com>
Date:   Sat, 5 Oct 2019 14:09:48 +0200
From:   Simon Horman <simon.horman@...ronome.com>
To:     Jakub Kicinski <jakub.kicinski@...ronome.com>
Cc:     davem@...emloft.net, netdev@...r.kernel.org, davejwatson@...com,
        borisp@...lanox.com, aviadye@...lanox.com,
        john.fastabend@...il.com, daniel@...earbox.net
Subject: Re: [PATCH net-next 0/6] net/tls: add ctrl path tracing and
 statistics

On Fri, Oct 04, 2019 at 04:19:21PM -0700, Jakub Kicinski wrote:
> Hi!
> 
> This set adds trace events related to TLS offload and basic MIB stats
> for TLS.
> 
> First patch contains the TLS offload related trace points. Those are
> helpful in troubleshooting offload issues, especially around the
> resync paths.
> 
> Second patch adds a tracepoint to the fastpath of device offload,
> it's separated out in case there will be objections to adding
> fast path tracepoints. Again, it's quite useful for debugging
> offload issues.
> 
> Next four patches add MIB statistics. The statistics are implemented
> as per-cpu per-netns counters. Since there are currently no fast path
> statistics we could move to atomic variables. Per-CPU seem more common.
> 
> Most basic statistics are number of created and live sessions, broken
> out to offloaded and non-offloaded. Users seem to like those a lot.
> 
> Next there is a statistic for decryption errors. These are primarily
> useful for device offload debug, in normal deployments decryption
> errors should not be common.
> 
> Last but not least a counter for device RX resync.

FWIIW,

Reviewed-by: Simon Horman <simon.horman@...ronome.com>

> 
> Jakub Kicinski (6):
>   net/tls: add tracing for device/offload events
>   net/tls: add device decrypted trace point
>   net/tls: add skeleton of MIB statistics
>   net/tls: add statistics for installed sessions
>   net/tls: add TlsDecryptError stat
>   net/tls: add TlsDeviceRxResync statistic
> 
>  Documentation/networking/tls.rst              |  30 +++
>  .../ethernet/netronome/nfp/nfp_net_common.c   |   3 +-
>  include/net/netns/mib.h                       |   3 +
>  include/net/snmp.h                            |   6 +
>  include/net/tls.h                             |  21 +-
>  include/uapi/linux/snmp.h                     |  17 ++
>  net/tls/Makefile                              |   4 +-
>  net/tls/tls_device.c                          |  36 +++-
>  net/tls/tls_main.c                            |  60 +++++-
>  net/tls/tls_proc.c                            |  47 ++++
>  net/tls/tls_sw.c                              |   5 +
>  net/tls/trace.c                               |  10 +
>  net/tls/trace.h                               | 202 ++++++++++++++++++
>  13 files changed, 429 insertions(+), 15 deletions(-)
>  create mode 100644 net/tls/tls_proc.c
>  create mode 100644 net/tls/trace.c
>  create mode 100644 net/tls/trace.h
> 
> -- 
> 2.21.0
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ