diff options
author | Jakub Kicinski <jakub.kicinski@netronome.com> | 2019-10-05 01:19:26 +0200 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2019-10-06 01:29:00 +0200 |
commit | 5c5ec66858062a857cf51f57cbe52b36330f7ae6 (patch) | |
tree | a7d922225f90535c71f7aafa67cc411b744dea06 /net/tls/tls_sw.c | |
parent | net/tls: add statistics for installed sessions (diff) | |
download | linux-5c5ec66858062a857cf51f57cbe52b36330f7ae6.tar.xz linux-5c5ec66858062a857cf51f57cbe52b36330f7ae6.zip |
net/tls: add TlsDecryptError stat
Add a statistic for TLS record decryption errors.
Since devices are supposed to pass records as-is when they
encounter errors this statistic will count bad records in
both pure software and inline crypto configurations.
Signed-off-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/tls/tls_sw.c')
-rw-r--r-- | net/tls/tls_sw.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/net/tls/tls_sw.c b/net/tls/tls_sw.c index c2b5e0d2ba1a..0b1e86f856eb 100644 --- a/net/tls/tls_sw.c +++ b/net/tls/tls_sw.c @@ -168,6 +168,9 @@ static void tls_decrypt_done(struct crypto_async_request *req, int err) /* Propagate if there was an err */ if (err) { + if (err == -EBADMSG) + TLS_INC_STATS(sock_net(skb->sk), + LINUX_MIB_TLSDECRYPTERROR); ctx->async_wait.err = err; tls_err_abort(skb->sk, err); } else { @@ -253,6 +256,8 @@ static int tls_do_decryption(struct sock *sk, return ret; ret = crypto_wait_req(ret, &ctx->async_wait); + } else if (ret == -EBADMSG) { + TLS_INC_STATS(sock_net(sk), LINUX_MIB_TLSDECRYPTERROR); } if (async) |