diff --git a/sys/kern/uipc_ktls.c b/sys/kern/uipc_ktls.c --- a/sys/kern/uipc_ktls.c +++ b/sys/kern/uipc_ktls.c @@ -134,51 +134,51 @@ &ktls_cbc_enable, 1, "Enable Support of AES-CBC crypto for kernel TLS"); -static counter_u64_t ktls_tasks_active; +static COUNTER_U64_DEFINE_EARLY(ktls_tasks_active); SYSCTL_COUNTER_U64(_kern_ipc_tls, OID_AUTO, tasks_active, CTLFLAG_RD, &ktls_tasks_active, "Number of active tasks"); -static counter_u64_t ktls_cnt_tx_queued; +static COUNTER_U64_DEFINE_EARLY(ktls_cnt_tx_queued); SYSCTL_COUNTER_U64(_kern_ipc_tls_stats, OID_AUTO, sw_tx_inqueue, CTLFLAG_RD, &ktls_cnt_tx_queued, "Number of TLS records in queue to tasks for SW encryption"); -static counter_u64_t ktls_cnt_rx_queued; +static COUNTER_U64_DEFINE_EARLY(ktls_cnt_rx_queued); SYSCTL_COUNTER_U64(_kern_ipc_tls_stats, OID_AUTO, sw_rx_inqueue, CTLFLAG_RD, &ktls_cnt_rx_queued, "Number of TLS sockets in queue to tasks for SW decryption"); -static counter_u64_t ktls_offload_total; +static COUNTER_U64_DEFINE_EARLY(ktls_offload_total); SYSCTL_COUNTER_U64(_kern_ipc_tls_stats, OID_AUTO, offload_total, CTLFLAG_RD, &ktls_offload_total, "Total successful TLS setups (parameters set)"); -static counter_u64_t ktls_offload_enable_calls; +static COUNTER_U64_DEFINE_EARLY(ktls_offload_enable_calls); SYSCTL_COUNTER_U64(_kern_ipc_tls_stats, OID_AUTO, enable_calls, CTLFLAG_RD, &ktls_offload_enable_calls, "Total number of TLS enable calls made"); -static counter_u64_t ktls_offload_active; +static COUNTER_U64_DEFINE_EARLY(ktls_offload_active); SYSCTL_COUNTER_U64(_kern_ipc_tls_stats, OID_AUTO, active, CTLFLAG_RD, &ktls_offload_active, "Total Active TLS sessions"); -static counter_u64_t ktls_offload_corrupted_records; +static COUNTER_U64_DEFINE_EARLY(ktls_offload_corrupted_records); SYSCTL_COUNTER_U64(_kern_ipc_tls_stats, OID_AUTO, corrupted_records, CTLFLAG_RD, &ktls_offload_corrupted_records, "Total corrupted TLS records received"); -static counter_u64_t ktls_offload_failed_crypto; +static COUNTER_U64_DEFINE_EARLY(ktls_offload_failed_crypto); SYSCTL_COUNTER_U64(_kern_ipc_tls_stats, OID_AUTO, failed_crypto, CTLFLAG_RD, &ktls_offload_failed_crypto, "Total TLS crypto failures"); -static counter_u64_t ktls_switch_to_ifnet; +static COUNTER_U64_DEFINE_EARLY(ktls_switch_to_ifnet); SYSCTL_COUNTER_U64(_kern_ipc_tls_stats, OID_AUTO, switch_to_ifnet, CTLFLAG_RD, &ktls_switch_to_ifnet, "TLS sessions switched from SW to ifnet"); -static counter_u64_t ktls_switch_to_sw; +static COUNTER_U64_DEFINE_EARLY(ktls_switch_to_sw); SYSCTL_COUNTER_U64(_kern_ipc_tls_stats, OID_AUTO, switch_to_sw, CTLFLAG_RD, &ktls_switch_to_sw, "TLS sessions switched from ifnet to SW"); -static counter_u64_t ktls_switch_failed; +static COUNTER_U64_DEFINE_EARLY(ktls_switch_failed); SYSCTL_COUNTER_U64(_kern_ipc_tls_stats, OID_AUTO, switch_failed, CTLFLAG_RD, &ktls_switch_failed, "TLS sessions unable to switch between SW and ifnet"); @@ -191,34 +191,34 @@ "TOE TLS session stats"); #endif -static counter_u64_t ktls_sw_cbc; +static COUNTER_U64_DEFINE_EARLY(ktls_sw_cbc); SYSCTL_COUNTER_U64(_kern_ipc_tls_sw, OID_AUTO, cbc, CTLFLAG_RD, &ktls_sw_cbc, "Active number of software TLS sessions using AES-CBC"); -static counter_u64_t ktls_sw_gcm; +static COUNTER_U64_DEFINE_EARLY(ktls_sw_gcm); SYSCTL_COUNTER_U64(_kern_ipc_tls_sw, OID_AUTO, gcm, CTLFLAG_RD, &ktls_sw_gcm, "Active number of software TLS sessions using AES-GCM"); -static counter_u64_t ktls_ifnet_cbc; +static COUNTER_U64_DEFINE_EARLY(ktls_ifnet_cbc); SYSCTL_COUNTER_U64(_kern_ipc_tls_ifnet, OID_AUTO, cbc, CTLFLAG_RD, &ktls_ifnet_cbc, "Active number of ifnet TLS sessions using AES-CBC"); -static counter_u64_t ktls_ifnet_gcm; +static COUNTER_U64_DEFINE_EARLY(ktls_ifnet_gcm); SYSCTL_COUNTER_U64(_kern_ipc_tls_ifnet, OID_AUTO, gcm, CTLFLAG_RD, &ktls_ifnet_gcm, "Active number of ifnet TLS sessions using AES-GCM"); -static counter_u64_t ktls_ifnet_reset; +static COUNTER_U64_DEFINE_EARLY(ktls_ifnet_reset); SYSCTL_COUNTER_U64(_kern_ipc_tls_ifnet, OID_AUTO, reset, CTLFLAG_RD, &ktls_ifnet_reset, "TLS sessions updated to a new ifnet send tag"); -static counter_u64_t ktls_ifnet_reset_dropped; +static COUNTER_U64_DEFINE_EARLY(ktls_ifnet_reset_dropped); SYSCTL_COUNTER_U64(_kern_ipc_tls_ifnet, OID_AUTO, reset_dropped, CTLFLAG_RD, &ktls_ifnet_reset_dropped, "TLS sessions dropped after failing to update ifnet send tag"); -static counter_u64_t ktls_ifnet_reset_failed; +static COUNTER_U64_DEFINE_EARLY(ktls_ifnet_reset_failed); SYSCTL_COUNTER_U64(_kern_ipc_tls_ifnet, OID_AUTO, reset_failed, CTLFLAG_RD, &ktls_ifnet_reset_failed, "TLS sessions that failed to allocate a new ifnet send tag"); @@ -229,12 +229,12 @@ "Whether to permit hardware (ifnet) TLS sessions"); #ifdef TCP_OFFLOAD -static counter_u64_t ktls_toe_cbc; +static COUNTER_U64_DEFINE_EARLY(ktls_toe_cbc); SYSCTL_COUNTER_U64(_kern_ipc_tls_toe, OID_AUTO, cbc, CTLFLAG_RD, &ktls_toe_cbc, "Active number of TOE TLS sessions using AES-CBC"); -static counter_u64_t ktls_toe_gcm; +static COUNTER_U64_DEFINE_EARLY(ktls_toe_gcm); SYSCTL_COUNTER_U64(_kern_ipc_tls_toe, OID_AUTO, gcm, CTLFLAG_RD, &ktls_toe_gcm, "Active number of TOE TLS sessions using AES-GCM"); @@ -359,29 +359,6 @@ cpuset_t mask; int count, domain, error, i; - ktls_tasks_active = counter_u64_alloc(M_WAITOK); - ktls_cnt_tx_queued = counter_u64_alloc(M_WAITOK); - ktls_cnt_rx_queued = counter_u64_alloc(M_WAITOK); - ktls_offload_total = counter_u64_alloc(M_WAITOK); - ktls_offload_enable_calls = counter_u64_alloc(M_WAITOK); - ktls_offload_active = counter_u64_alloc(M_WAITOK); - ktls_offload_corrupted_records = counter_u64_alloc(M_WAITOK); - ktls_offload_failed_crypto = counter_u64_alloc(M_WAITOK); - ktls_switch_to_ifnet = counter_u64_alloc(M_WAITOK); - ktls_switch_to_sw = counter_u64_alloc(M_WAITOK); - ktls_switch_failed = counter_u64_alloc(M_WAITOK); - ktls_sw_cbc = counter_u64_alloc(M_WAITOK); - ktls_sw_gcm = counter_u64_alloc(M_WAITOK); - ktls_ifnet_cbc = counter_u64_alloc(M_WAITOK); - ktls_ifnet_gcm = counter_u64_alloc(M_WAITOK); - ktls_ifnet_reset = counter_u64_alloc(M_WAITOK); - ktls_ifnet_reset_dropped = counter_u64_alloc(M_WAITOK); - ktls_ifnet_reset_failed = counter_u64_alloc(M_WAITOK); -#ifdef TCP_OFFLOAD - ktls_toe_cbc = counter_u64_alloc(M_WAITOK); - ktls_toe_gcm = counter_u64_alloc(M_WAITOK); -#endif - rm_init(&ktls_backends_lock, "ktls backends"); LIST_INIT(&ktls_backends); diff --git a/sys/opencrypto/ktls_ocf.c b/sys/opencrypto/ktls_ocf.c --- a/sys/opencrypto/ktls_ocf.c +++ b/sys/opencrypto/ktls_ocf.c @@ -72,37 +72,37 @@ CTLFLAG_RD | CTLFLAG_MPSAFE, 0, "Kernel TLS offload via OCF stats"); -static counter_u64_t ocf_tls10_cbc_crypts; +static COUNTER_U64_DEFINE_EARLY(ocf_tls10_cbc_crypts); SYSCTL_COUNTER_U64(_kern_ipc_tls_stats_ocf, OID_AUTO, tls10_cbc_crypts, CTLFLAG_RD, &ocf_tls10_cbc_crypts, "Total number of OCF TLS 1.0 CBC encryption operations"); -static counter_u64_t ocf_tls11_cbc_crypts; +static COUNTER_U64_DEFINE_EARLY(ocf_tls11_cbc_crypts); SYSCTL_COUNTER_U64(_kern_ipc_tls_stats_ocf, OID_AUTO, tls11_cbc_crypts, CTLFLAG_RD, &ocf_tls11_cbc_crypts, "Total number of OCF TLS 1.1/1.2 CBC encryption operations"); -static counter_u64_t ocf_tls12_gcm_crypts; +static COUNTER_U64_DEFINE_EARLY(ocf_tls12_gcm_crypts); SYSCTL_COUNTER_U64(_kern_ipc_tls_stats_ocf, OID_AUTO, tls12_gcm_crypts, CTLFLAG_RD, &ocf_tls12_gcm_crypts, "Total number of OCF TLS 1.2 GCM encryption operations"); -static counter_u64_t ocf_tls13_gcm_crypts; +static COUNTER_U64_DEFINE_EARLY(ocf_tls13_gcm_crypts); SYSCTL_COUNTER_U64(_kern_ipc_tls_stats_ocf, OID_AUTO, tls13_gcm_crypts, CTLFLAG_RD, &ocf_tls13_gcm_crypts, "Total number of OCF TLS 1.3 GCM encryption operations"); -static counter_u64_t ocf_inplace; +static COUNTER_U64_DEFINE_EARLY(ocf_inplace); SYSCTL_COUNTER_U64(_kern_ipc_tls_stats_ocf, OID_AUTO, inplace, CTLFLAG_RD, &ocf_inplace, "Total number of OCF in-place operations"); -static counter_u64_t ocf_separate_output; +static COUNTER_U64_DEFINE_EARLY(ocf_separate_output); SYSCTL_COUNTER_U64(_kern_ipc_tls_stats_ocf, OID_AUTO, separate_output, CTLFLAG_RD, &ocf_separate_output, "Total number of OCF operations with a separate output buffer"); -static counter_u64_t ocf_retries; +static COUNTER_U64_DEFINE_EARLY(ocf_retries); SYSCTL_COUNTER_U64(_kern_ipc_tls_stats_ocf, OID_AUTO, retries, CTLFLAG_RD, &ocf_retries, "Number of OCF encryption operation retries"); @@ -698,30 +698,11 @@ static int ktls_ocf_modevent(module_t mod, int what, void *arg) { - int error; - switch (what) { case MOD_LOAD: - ocf_tls10_cbc_crypts = counter_u64_alloc(M_WAITOK); - ocf_tls11_cbc_crypts = counter_u64_alloc(M_WAITOK); - ocf_tls12_gcm_crypts = counter_u64_alloc(M_WAITOK); - ocf_tls13_gcm_crypts = counter_u64_alloc(M_WAITOK); - ocf_inplace = counter_u64_alloc(M_WAITOK); - ocf_separate_output = counter_u64_alloc(M_WAITOK); - ocf_retries = counter_u64_alloc(M_WAITOK); return (ktls_crypto_backend_register(&ocf_backend)); case MOD_UNLOAD: - error = ktls_crypto_backend_deregister(&ocf_backend); - if (error) - return (error); - counter_u64_free(ocf_tls10_cbc_crypts); - counter_u64_free(ocf_tls11_cbc_crypts); - counter_u64_free(ocf_tls12_gcm_crypts); - counter_u64_free(ocf_tls13_gcm_crypts); - counter_u64_free(ocf_inplace); - counter_u64_free(ocf_separate_output); - counter_u64_free(ocf_retries); - return (0); + return (ktls_crypto_backend_deregister(&ocf_backend)); default: return (EOPNOTSUPP); }