summaryrefslogtreecommitdiff
path: root/sys/net
diff options
context:
space:
mode:
authorMartin Pieuchot <mpi@cvs.openbsd.org>2018-08-28 15:15:03 +0000
committerMartin Pieuchot <mpi@cvs.openbsd.org>2018-08-28 15:15:03 +0000
commit9a69e5e5080fd0727e7e2c1579a9b61513fc89ce (patch)
tree377f95fb32957c43286f01c4e6b79445531edbc9 /sys/net
parentd217ce25e4d00cfe24084a832ee88ced2533e308 (diff)
Add per-TDB counters and a new SADB extension to export them to
userland. Inputs from markus@, ok sthen@
Diffstat (limited to 'sys/net')
-rw-r--r--sys/net/pfkeyv2.c8
-rw-r--r--sys/net/pfkeyv2.h19
-rw-r--r--sys/net/pfkeyv2_convert.c21
3 files changed, 43 insertions, 5 deletions
diff --git a/sys/net/pfkeyv2.c b/sys/net/pfkeyv2.c
index cba1d67b9fb..10ebbf985a8 100644
--- a/sys/net/pfkeyv2.c
+++ b/sys/net/pfkeyv2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pfkeyv2.c,v 1.189 2018/07/10 20:28:34 claudio Exp $ */
+/* $OpenBSD: pfkeyv2.c,v 1.190 2018/08/28 15:15:02 mpi Exp $ */
/*
* @(#)COPYRIGHT 1.1 (NRL) 17 January 1995
@@ -793,7 +793,8 @@ pfkeyv2_get(struct tdb *sa, void **headers, void **buffer, int *lenp)
void *p;
/* Find how much space we need */
- i = sizeof(struct sadb_sa) + sizeof(struct sadb_lifetime);
+ i = sizeof(struct sadb_sa) + sizeof(struct sadb_lifetime) +
+ sizeof(struct sadb_x_counter);
if (sa->tdb_soft_allocations || sa->tdb_soft_bytes ||
sa->tdb_soft_timeout || sa->tdb_soft_first_use)
@@ -955,6 +956,9 @@ pfkeyv2_get(struct tdb *sa, void **headers, void **buffer, int *lenp)
}
#endif
+ headers[SADB_X_EXT_COUNTER] = p;
+ export_counter(&p, sa);
+
rval = 0;
ret:
diff --git a/sys/net/pfkeyv2.h b/sys/net/pfkeyv2.h
index 5b801950967..7c5d9a62eaf 100644
--- a/sys/net/pfkeyv2.h
+++ b/sys/net/pfkeyv2.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: pfkeyv2.h,v 1.79 2017/11/20 10:56:51 mpi Exp $ */
+/* $OpenBSD: pfkeyv2.h,v 1.80 2018/08/28 15:15:02 mpi Exp $ */
/*
* @(#)COPYRIGHT 1.1 (NRL) January 1998
*
@@ -218,6 +218,19 @@ struct sadb_x_tap {
u_int32_t sadb_x_tap_unit;
};
+struct sadb_x_counter {
+ uint16_t sadb_x_counter_len;
+ uint16_t sadb_x_counter_exttype;
+ uint64_t sadb_x_counter_ipackets; /* Input IPsec packets */
+ uint64_t sadb_x_counter_opackets; /* Output IPsec packets */
+ uint64_t sadb_x_counter_ibytes; /* Input bytes */
+ uint64_t sadb_x_counter_obytes; /* Output bytes */
+ uint64_t sadb_x_counter_idrops; /* Dropped on input */
+ uint64_t sadb_x_counter_odrops; /* Dropped on output */
+ uint64_t sadb_x_counter_idecompbytes; /* Input bytes, decompressed */
+ uint64_t sadb_x_counter_ouncompbytes; /* Output bytes, uncompressed */
+};
+
#ifdef _KERNEL
#define SADB_X_GETSPROTO(x) \
( (x) == SADB_SATYPE_AH ? IPPROTO_AH :\
@@ -262,7 +275,8 @@ struct sadb_x_tap {
#define SADB_X_EXT_TAG 33
#define SADB_X_EXT_TAP 34
#define SADB_X_EXT_SATYPE2 35
-#define SADB_EXT_MAX 35
+#define SADB_X_EXT_COUNTER 36
+#define SADB_EXT_MAX 36
/* Fix pfkeyv2.c struct pfkeyv2_socket if SATYPE_MAX > 31 */
#define SADB_SATYPE_UNSPEC 0
@@ -396,6 +410,7 @@ void export_udpencap(void **, struct tdb *);
void export_tag(void **, struct tdb *);
void export_tap(void **, struct tdb *);
void export_satype(void **, struct tdb *);
+void export_counter(void **, struct tdb *);
void import_address(struct sockaddr *, struct sadb_address *);
void import_identities(struct ipsec_ids **, int, struct sadb_ident *,
diff --git a/sys/net/pfkeyv2_convert.c b/sys/net/pfkeyv2_convert.c
index 3656994ff19..dff1984b60b 100644
--- a/sys/net/pfkeyv2_convert.c
+++ b/sys/net/pfkeyv2_convert.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pfkeyv2_convert.c,v 1.63 2018/01/11 16:02:31 bluhm Exp $ */
+/* $OpenBSD: pfkeyv2_convert.c,v 1.64 2018/08/28 15:15:02 mpi Exp $ */
/*
* The author of this code is Angelos D. Keromytis (angelos@keromytis.org)
*
@@ -898,3 +898,22 @@ export_satype(void **p, struct tdb *tdb)
sab->sadb_protocol_proto = tdb->tdb_satype;
*p += sizeof(struct sadb_protocol);
}
+
+void
+export_counter(void **p, struct tdb *tdb)
+{
+ struct sadb_x_counter *scnt = (struct sadb_x_counter *)*p;
+
+ scnt->sadb_x_counter_len =
+ sizeof(struct sadb_x_counter) / sizeof(uint64_t);
+ scnt->sadb_x_counter_exttype = SADB_X_EXT_COUNTER;
+ scnt->sadb_x_counter_ipackets = tdb->tdb_ipackets;
+ scnt->sadb_x_counter_opackets = tdb->tdb_opackets;
+ scnt->sadb_x_counter_ibytes = tdb->tdb_ibytes;
+ scnt->sadb_x_counter_obytes = tdb->tdb_obytes;
+ scnt->sadb_x_counter_idrops = tdb->tdb_idrops;
+ scnt->sadb_x_counter_odrops = tdb->tdb_odrops;
+ scnt->sadb_x_counter_idecompbytes = tdb->tdb_idecompbytes;
+ scnt->sadb_x_counter_ouncompbytes = tdb->tdb_ouncompbytes;
+ *p += sizeof(struct sadb_x_counter);
+}