docs: networking: convert xfrm_sync.txt to ReST

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

- add SPDX header;
- add a document title;
- adjust titles and chapters, adding proper markups;
- mark code blocks and literals as such;
- adjust identation, whitespaces and blank lines where needed;
- add to networking/index.rst.

Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Mauro Carvalho Chehab and committed by

David S. Miller 6 years ago a5cfea33 da62baad

+44 -23

2 changed files

expand all

Documentation

networking

index.rst

xfrm_sync.rst

Documentation/networking/index.rst

··· 119 119 x25 120 120 xfrm_device 121 121 xfrm_proc 122 + xfrm_sync 122 123 123 124 .. only:: subproject and html 124 125

+43 -23

Documentation/networking/xfrm_sync.txt Documentation/networking/xfrm_sync.rst

··· 1 + .. SPDX-License-Identifier: GPL-2.0 2 + 3 + ==== 4 + XFRM 5 + ==== 1 6 2 7 The sync patches work is based on initial patches from 3 8 Krisztian <hidden@balabit.hu> and others and additional patches ··· 45 40 XFRM_MSG_NEWAE and XFRM_MSG_GETAE. 46 41 47 42 A XFRM_MSG_GETAE does not have TLVs. 43 + 48 44 A XFRM_MSG_NEWAE will have at least two TLVs (as is 49 45 discussed further below). 50 46 51 - aevent_id structure looks like: 47 + aevent_id structure looks like:: 52 48 53 49 struct xfrm_aevent_id { 54 - struct xfrm_usersa_id sa_id; 55 - xfrm_address_t saddr; 56 - __u32 flags; 57 - __u32 reqid; 50 + struct xfrm_usersa_id sa_id; 51 + xfrm_address_t saddr; 52 + __u32 flags; 53 + __u32 reqid; 58 54 }; 59 55 60 56 The unique SA is identified by the combination of xfrm_usersa_id, 61 57 reqid and saddr. 62 58 63 59 flags are used to indicate different things. The possible 64 - flags are: 65 - XFRM_AE_RTHR=1, /* replay threshold*/ 66 - XFRM_AE_RVAL=2, /* replay value */ 67 - XFRM_AE_LVAL=4, /* lifetime value */ 68 - XFRM_AE_ETHR=8, /* expiry timer threshold */ 69 - XFRM_AE_CR=16, /* Event cause is replay update */ 70 - XFRM_AE_CE=32, /* Event cause is timer expiry */ 71 - XFRM_AE_CU=64, /* Event cause is policy update */ 60 + flags are:: 61 + 62 + XFRM_AE_RTHR=1, /* replay threshold*/ 63 + XFRM_AE_RVAL=2, /* replay value */ 64 + XFRM_AE_LVAL=4, /* lifetime value */ 65 + XFRM_AE_ETHR=8, /* expiry timer threshold */ 66 + XFRM_AE_CR=16, /* Event cause is replay update */ 67 + XFRM_AE_CE=32, /* Event cause is timer expiry */ 68 + XFRM_AE_CU=64, /* Event cause is policy update */ 72 69 73 70 How these flags are used is dependent on the direction of the 74 71 message (kernel<->user) as well the cause (config, query or event). ··· 87 80 ----------------------------------------- 88 81 89 82 a) byte value (XFRMA_LTIME_VAL) 83 + 90 84 This TLV carries the running/current counter for byte lifetime since 91 85 last event. 92 86 93 87 b)replay value (XFRMA_REPLAY_VAL) 88 + 94 89 This TLV carries the running/current counter for replay sequence since 95 90 last event. 96 91 97 92 c)replay threshold (XFRMA_REPLAY_THRESH) 93 + 98 94 This TLV carries the threshold being used by the kernel to trigger events 99 95 when the replay sequence is exceeded. 100 96 101 97 d) expiry timer (XFRMA_ETIMER_THRESH) 98 + 102 99 This is a timer value in milliseconds which is used as the nagle 103 100 value to rate limit the events. 104 101 105 102 3) Default configurations for the parameters: 106 - ---------------------------------------------- 103 + --------------------------------------------- 107 104 108 105 By default these events should be turned off unless there is 109 106 at least one listener registered to listen to the multicast ··· 119 108 in case they are not specified. 120 109 121 110 the two sysctls/proc entries are: 111 + 122 112 a) /proc/sys/net/core/sysctl_xfrm_aevent_etime 123 113 used to provide default values for the XFRMA_ETIMER_THRESH in incremental 124 114 units of time of 100ms. The default is 10 (1 second) ··· 132 120 ---------------- 133 121 134 122 a) XFRM_MSG_GETAE issued by user-->kernel. 135 - XFRM_MSG_GETAE does not carry any TLVs. 123 + XFRM_MSG_GETAE does not carry any TLVs. 124 + 136 125 The response is a XFRM_MSG_NEWAE which is formatted based on what 137 126 XFRM_MSG_GETAE queried for. 127 + 138 128 The response will always have XFRMA_LTIME_VAL and XFRMA_REPLAY_VAL TLVs. 139 - *if XFRM_AE_RTHR flag is set, then XFRMA_REPLAY_THRESH is also retrieved 140 - *if XFRM_AE_ETHR flag is set, then XFRMA_ETIMER_THRESH is also retrieved 129 + * if XFRM_AE_RTHR flag is set, then XFRMA_REPLAY_THRESH is also retrieved 130 + * if XFRM_AE_ETHR flag is set, then XFRMA_ETIMER_THRESH is also retrieved 141 131 142 132 b) XFRM_MSG_NEWAE is issued by either user space to configure 143 - or kernel to announce events or respond to a XFRM_MSG_GETAE. 133 + or kernel to announce events or respond to a XFRM_MSG_GETAE. 144 134 145 135 i) user --> kernel to configure a specific SA. 136 + 146 137 any of the values or threshold parameters can be updated by passing the 147 138 appropriate TLV. 139 + 148 140 A response is issued back to the sender in user space to indicate success 149 141 or failure. 142 + 150 143 In the case of success, additionally an event with 151 144 XFRM_MSG_NEWAE is also issued to any listeners as described in iii). 152 145 153 146 ii) kernel->user direction as a response to XFRM_MSG_GETAE 147 + 154 148 The response will always have XFRMA_LTIME_VAL and XFRMA_REPLAY_VAL TLVs. 149 + 155 150 The threshold TLVs will be included if explicitly requested in 156 151 the XFRM_MSG_GETAE message. 157 152 158 153 iii) kernel->user to report as event if someone sets any values or 159 - thresholds for an SA using XFRM_MSG_NEWAE (as described in #i above). 160 - In such a case XFRM_AE_CU flag is set to inform the user that 161 - the change happened as a result of an update. 162 - The message will always have XFRMA_LTIME_VAL and XFRMA_REPLAY_VAL TLVs. 154 + thresholds for an SA using XFRM_MSG_NEWAE (as described in #i above). 155 + In such a case XFRM_AE_CU flag is set to inform the user that 156 + the change happened as a result of an update. 157 + The message will always have XFRMA_LTIME_VAL and XFRMA_REPLAY_VAL TLVs. 163 158 164 159 iv) kernel->user to report event when replay threshold or a timeout 165 - is exceeded. 160 + is exceeded. 161 + 166 162 In such a case either XFRM_AE_CR (replay exceeded) or XFRM_AE_CE (timeout 167 163 happened) is set to inform the user what happened. 168 164 Note the two flags are mutually exclusive.