ipsec: simplify bumping counters - cosmetic change

Change-Id: Ibb55427ed49d0277854a352922c6c4bb007bf072 Signed-off-by: Klement Sekera <ksekera@cisco.com>
author: Klement Sekera <ksekera@cisco.com> 2018-11-30 14:37:03 +0100
committer: Dave Barach <openvpp@barachs.net> 2018-12-04 21:46:13 +0000
commit: 2e02ba0ddaa8fecbd4b6397787658bd29fcca749 (patch)
tree: 6b99899860249d2add26424274db3bd7b56099f2 /src/vnet
parent: 01f3f894fc180060ef8ee1c8b4acb4421d12ebe3 (diff)
4 files changed, 35 insertions, 116 deletions
diff --git a/src/vnet/ipsec/ah_decrypt.c b/src/vnet/ipsec/ah_decrypt.c
index a2fc07faebf..c8c89028f9d 100644
--- a/src/vnet/ipsec/ah_decrypt.c
+++ b/src/vnet/ipsec/ah_decrypt.c
@@ -158,14 +158,8 @@ ah_decrypt_inline (vlib_main_t * vm,
 
 	      if (PREDICT_FALSE (rv))
 		{
-		  if (is_ip6)
-		    vlib_node_increment_counter (vm,
-						 ah6_decrypt_node.index,
-						 AH_DECRYPT_ERROR_REPLAY, 1);
-		  else
-		    vlib_node_increment_counter (vm,
-						 ah4_decrypt_node.index,
-						 AH_DECRYPT_ERROR_REPLAY, 1);
+		  vlib_node_increment_counter (vm, node->node_index,
+					       AH_DECRYPT_ERROR_REPLAY, 1);
 		  goto trace;
 		}
 	    }
@@ -212,16 +206,9 @@ ah_decrypt_inline (vlib_main_t * vm,
 
 	      if (PREDICT_FALSE (memcmp (digest, sig, icv_size)))
 		{
-		  if (is_ip6)
-		    vlib_node_increment_counter (vm,
-						 ah6_decrypt_node.index,
-						 AH_DECRYPT_ERROR_INTEG_ERROR,
-						 1);
-		  else
-		    vlib_node_increment_counter (vm,
-						 ah4_decrypt_node.index,
-						 AH_DECRYPT_ERROR_INTEG_ERROR,
-						 1);
+		  vlib_node_increment_counter (vm, node->node_index,
+					       AH_DECRYPT_ERROR_INTEG_ERROR,
+					       1);
 		  goto trace;
 		}
 
@@ -248,16 +235,9 @@ ah_decrypt_inline (vlib_main_t * vm,
 		next0 = AH_DECRYPT_NEXT_IP6_INPUT;
 	      else
 		{
-		  if (is_ip6)
-		    vlib_node_increment_counter (vm,
-						 ah6_decrypt_node.index,
-						 AH_DECRYPT_ERROR_DECRYPTION_FAILED,
-						 1);
-		  else
-		    vlib_node_increment_counter (vm,
-						 ah4_decrypt_node.index,
-						 AH_DECRYPT_ERROR_DECRYPTION_FAILED,
-						 1);
+		  vlib_node_increment_counter (vm, node->node_index,
+					       AH_DECRYPT_ERROR_DECRYPTION_FAILED,
+					       1);
 		  goto trace;
 		}
 	    }
@@ -320,14 +300,8 @@ ah_decrypt_inline (vlib_main_t * vm,
 	}
       vlib_put_next_frame (vm, node, next_index, n_left_to_next);
     }
-  if (is_ip6)
-    vlib_node_increment_counter (vm, ah6_decrypt_node.index,
-				 AH_DECRYPT_ERROR_RX_PKTS,
-				 from_frame->n_vectors);
-  else
-    vlib_node_increment_counter (vm, ah4_decrypt_node.index,
-				 AH_DECRYPT_ERROR_RX_PKTS,
-				 from_frame->n_vectors);
+  vlib_node_increment_counter (vm, node->node_index, AH_DECRYPT_ERROR_RX_PKTS,
+			       from_frame->n_vectors);
 
   return from_frame->n_vectors;
 }
diff --git a/src/vnet/ipsec/ah_encrypt.c b/src/vnet/ipsec/ah_encrypt.c
index 6529828f0e9..0dc1612db5e 100644
--- a/src/vnet/ipsec/ah_encrypt.c
+++ b/src/vnet/ipsec/ah_encrypt.c
@@ -127,12 +127,8 @@ ah_encrypt_inline (vlib_main_t * vm,
 	    {
 	      clib_warning ("sequence number counter has cycled SPI %u",
 			    sa0->spi);
-	      if (is_ip6)
-		vlib_node_increment_counter (vm, ah6_encrypt_node.index,
-					     AH_ENCRYPT_ERROR_SEQ_CYCLED, 1);
-	      else
-		vlib_node_increment_counter (vm, ah4_encrypt_node.index,
-					     AH_ENCRYPT_ERROR_SEQ_CYCLED, 1);
+	      vlib_node_increment_counter (vm, node->node_index,
+					   AH_ENCRYPT_ERROR_SEQ_CYCLED, 1);
 	      //TODO need to confirm if below is needed
 	      to_next[0] = i_bi0;
 	      to_next += 1;
@@ -314,14 +310,9 @@ ah_encrypt_inline (vlib_main_t * vm,
 	}
       vlib_put_next_frame (vm, node, next_index, n_left_to_next);
     }
-  if (is_ip6)
-    vlib_node_increment_counter (vm, ah6_encrypt_node.index,
-				 AH_ENCRYPT_ERROR_RX_PKTS,
-				 from_frame->n_vectors);
-  else
-    vlib_node_increment_counter (vm, ah4_encrypt_node.index,
-				 AH_ENCRYPT_ERROR_RX_PKTS,
-				 from_frame->n_vectors);
+  vlib_node_increment_counter (vm, node->node_index,
+			       AH_ENCRYPT_ERROR_RX_PKTS,
+			       from_frame->n_vectors);
 
   return from_frame->n_vectors;
 }
diff --git a/src/vnet/ipsec/esp_decrypt.c b/src/vnet/ipsec/esp_decrypt.c
index 8ef160a4b32..68cb825f23b 100644
--- a/src/vnet/ipsec/esp_decrypt.c
+++ b/src/vnet/ipsec/esp_decrypt.c
@@ -131,14 +131,8 @@ esp_decrypt_inline (vlib_main_t * vm,
 
   if (PREDICT_FALSE (vec_len (empty_buffers) < n_left_from))
     {
-      if (is_ip6)
-	vlib_node_increment_counter (vm, esp6_decrypt_node.index,
-				     ESP_DECRYPT_ERROR_NO_BUFFER,
-				     n_left_from);
-      else
-	vlib_node_increment_counter (vm, esp4_decrypt_node.index,
-				     ESP_DECRYPT_ERROR_NO_BUFFER,
-				     n_left_from);
+      vlib_node_increment_counter (vm, node->node_index,
+				   ESP_DECRYPT_ERROR_NO_BUFFER, n_left_from);
       goto free_buffers_and_exit;
     }
 
@@ -190,14 +184,8 @@ esp_decrypt_inline (vlib_main_t * vm,
 
 	      if (PREDICT_FALSE (rv))
 		{
-		  if (is_ip6)
-		    vlib_node_increment_counter (vm,
-						 esp6_decrypt_node.index,
-						 ESP_DECRYPT_ERROR_REPLAY, 1);
-		  else
-		    vlib_node_increment_counter (vm,
-						 esp4_decrypt_node.index,
-						 ESP_DECRYPT_ERROR_REPLAY, 1);
+		  vlib_node_increment_counter (vm, node->node_index,
+					       ESP_DECRYPT_ERROR_REPLAY, 1);
 		  o_bi0 = i_bi0;
 		  to_next[0] = o_bi0;
 		  to_next += 1;
@@ -224,16 +212,9 @@ esp_decrypt_inline (vlib_main_t * vm,
 
 	      if (PREDICT_FALSE (memcmp (icv, sig, icv_size)))
 		{
-		  if (is_ip6)
-		    vlib_node_increment_counter (vm,
-						 esp6_decrypt_node.index,
-						 ESP_DECRYPT_ERROR_INTEG_ERROR,
-						 1);
-		  else
-		    vlib_node_increment_counter (vm,
-						 esp4_decrypt_node.index,
-						 ESP_DECRYPT_ERROR_INTEG_ERROR,
-						 1);
+		  vlib_node_increment_counter (vm, node->node_index,
+					       ESP_DECRYPT_ERROR_INTEG_ERROR,
+					       1);
 		  o_bi0 = i_bi0;
 		  to_next[0] = o_bi0;
 		  to_next += 1;
@@ -329,16 +310,9 @@ esp_decrypt_inline (vlib_main_t * vm,
 		    next0 = ESP_DECRYPT_NEXT_IP6_INPUT;
 		  else
 		    {
-		      if (is_ip6)
-			vlib_node_increment_counter (vm,
-						     esp6_decrypt_node.index,
-						     ESP_DECRYPT_ERROR_DECRYPTION_FAILED,
-						     1);
-		      else
-			vlib_node_increment_counter (vm,
-						     esp4_decrypt_node.index,
-						     ESP_DECRYPT_ERROR_DECRYPTION_FAILED,
-						     1);
+		      vlib_node_increment_counter (vm, node->node_index,
+						   ESP_DECRYPT_ERROR_DECRYPTION_FAILED,
+						   1);
 		      o_b0 = 0;
 		      goto trace;
 		    }
@@ -410,14 +384,9 @@ esp_decrypt_inline (vlib_main_t * vm,
 	}
       vlib_put_next_frame (vm, node, next_index, n_left_to_next);
     }
-  if (is_ip6)
-    vlib_node_increment_counter (vm, esp6_decrypt_node.index,
-				 ESP_DECRYPT_ERROR_RX_PKTS,
-				 from_frame->n_vectors);
-  else
-    vlib_node_increment_counter (vm, esp4_decrypt_node.index,
-				 ESP_DECRYPT_ERROR_RX_PKTS,
-				 from_frame->n_vectors);
+  vlib_node_increment_counter (vm, node->node_index,
+			       ESP_DECRYPT_ERROR_RX_PKTS,
+			       from_frame->n_vectors);
 
 
 free_buffers_and_exit:
diff --git a/src/vnet/ipsec/esp_encrypt.c b/src/vnet/ipsec/esp_encrypt.c
index 101c5efbfc8..4f2d7707395 100644
--- a/src/vnet/ipsec/esp_encrypt.c
+++ b/src/vnet/ipsec/esp_encrypt.c
@@ -137,14 +137,8 @@ esp_encrypt_inline (vlib_main_t * vm,
 
   if (PREDICT_FALSE (vec_len (empty_buffers) < n_left_from))
     {
-      if (is_ip6)
-	vlib_node_increment_counter (vm, esp6_encrypt_node.index,
-				     ESP_ENCRYPT_ERROR_NO_BUFFER,
-				     n_left_from);
-      else
-	vlib_node_increment_counter (vm, esp4_encrypt_node.index,
-				     ESP_ENCRYPT_ERROR_NO_BUFFER,
-				     n_left_from);
+      vlib_node_increment_counter (vm, node->node_index,
+				   ESP_ENCRYPT_ERROR_NO_BUFFER, n_left_from);
       clib_warning ("not enough empty buffers. discarding frame");
       goto free_buffers_and_exit;
     }
@@ -189,12 +183,8 @@ esp_encrypt_inline (vlib_main_t * vm,
 	    {
 	      clib_warning ("sequence number counter has cycled SPI %u",
 			    sa0->spi);
-	      if (is_ip6)
-		vlib_node_increment_counter (vm, esp6_encrypt_node.index,
-					     ESP_ENCRYPT_ERROR_SEQ_CYCLED, 1);
-	      else
-		vlib_node_increment_counter (vm, esp4_encrypt_node.index,
-					     ESP_ENCRYPT_ERROR_SEQ_CYCLED, 1);
+	      vlib_node_increment_counter (vm, node->node_index,
+					   ESP_ENCRYPT_ERROR_SEQ_CYCLED, 1);
 	      //TODO: rekey SA
 	      o_bi0 = i_bi0;
 	      to_next[0] = o_bi0;
@@ -428,14 +418,9 @@ esp_encrypt_inline (vlib_main_t * vm,
 	}
       vlib_put_next_frame (vm, node, next_index, n_left_to_next);
     }
-  if (is_ip6)
-    vlib_node_increment_counter (vm, esp6_encrypt_node.index,
-				 ESP_ENCRYPT_ERROR_RX_PKTS,
-				 from_frame->n_vectors);
-  else
-    vlib_node_increment_counter (vm, esp4_encrypt_node.index,
-				 ESP_ENCRYPT_ERROR_RX_PKTS,
-				 from_frame->n_vectors);
+  vlib_node_increment_counter (vm, node->node_index,
+			       ESP_ENCRYPT_ERROR_RX_PKTS,
+			       from_frame->n_vectors);
 
 free_buffers_and_exit:
   if (recycle)
author	Klement Sekera <ksekera@cisco.com>	2018-11-30 14:37:03 +0100
committer	Dave Barach <openvpp@barachs.net>	2018-12-04 21:46:13 +0000
commit	2e02ba0ddaa8fecbd4b6397787658bd29fcca749 (patch)
tree	6b99899860249d2add26424274db3bd7b56099f2 /src/vnet
parent	01f3f894fc180060ef8ee1c8b4acb4421d12ebe3 (diff)