[PATCH v2 13/15] SUNRPC: Add RPC-with-TLS tracepoints

Chuck Lever <chuck.lever@xxxxxxxxxx> · Mon, 06 Jun 2022 10:51:52 -0400

Auditing TLS handshakes is mandatory-to-implement for RPC-with-TLS.

Signed-off-by: Chuck Lever <chuck.lever@xxxxxxxxxx>
---
 include/trace/events/sunrpc.h |   44 +++++++++++++++++++++++++++++++++++++++++
 net/sunrpc/xprtsock.c         |   10 +++++++--
 2 files changed, 52 insertions(+), 2 deletions(-)

diff --git a/include/trace/events/sunrpc.h b/include/trace/events/sunrpc.h
index d7d07f3b850e..594e3188dfcd 100644
--- a/include/trace/events/sunrpc.h
+++ b/include/trace/events/sunrpc.h
@@ -1566,6 +1566,50 @@ TRACE_EVENT(rpcb_unregister,
 	)
 );
 
+/**
+ ** RPC-over-TLS tracepoints
+ **/
+
+DECLARE_EVENT_CLASS(rpc_tls_class,
+	TP_PROTO(
+		const struct rpc_clnt *clnt,
+		const struct rpc_xprt *xprt
+	),
+
+	TP_ARGS(clnt, xprt),
+
+	TP_STRUCT__entry(
+		__field(unsigned long, requested_policy)
+		__field(u32, version)
+		__string(servername, xprt->servername)
+		__string(progname, clnt->cl_program->name)
+	),
+
+	TP_fast_assign(
+		__entry->requested_policy = clnt->cl_xprtsec;
+		__entry->version = clnt->cl_vers;
+		__assign_str(servername, xprt->servername);
+		__assign_str(progname, clnt->cl_program->name)
+	),
+
+	TP_printk("server=%s %sv%u requested_policy=%s",
+		__get_str(servername), __get_str(progname), __entry->version,
+		rpc_show_xprtsec_policy(__entry->requested_policy)
+	)
+);
+
+#define DEFINE_RPC_TLS_EVENT(name) \
+	DEFINE_EVENT(rpc_tls_class, rpc_tls_##name, \
+			TP_PROTO( \
+				const struct rpc_clnt *clnt, \
+				const struct rpc_xprt *xprt \
+			), \
+			TP_ARGS(clnt, xprt))
+
+DEFINE_RPC_TLS_EVENT(unavailable);
+DEFINE_RPC_TLS_EVENT(not_started);
+
+
 /* Record an xdr_buf containing a fully-formed RPC message */
 DECLARE_EVENT_CLASS(svc_xdr_msg_class,
 	TP_PROTO(
diff --git a/net/sunrpc/xprtsock.c b/net/sunrpc/xprtsock.c
index 63fe97ede573..508a7698c2e4 100644
--- a/net/sunrpc/xprtsock.c
+++ b/net/sunrpc/xprtsock.c
@@ -2608,15 +2608,21 @@ static void xs_tls_connect(struct work_struct *work)
 	xs_stream_start_connect(transport);
 
 	clnt = rpc_create(&args);
-	if (IS_ERR(clnt))
+	if (IS_ERR(clnt)) {
+		trace_rpc_tls_unavailable(transport->xprtsec_clnt,
+					  &transport->xprt);
 		goto out_unlock;
+	}
 	rcu_read_lock();
 	xprt = xprt_get(rcu_dereference(clnt->cl_xprt));
 	rcu_read_unlock();
 
 	status = xs_tls_handshake_sync(xprt, transport->xprt.xprtsec);
-	if (status)
+	if (status) {
+		trace_rpc_tls_not_started(transport->xprtsec_clnt,
+					  &transport->xprt);
 		goto out_close;
+	}
 
 	status = xs_tls_finish_connecting(xprt, transport);
 	if (status)








