diff options
author | ae <ae@FreeBSD.org> | 2013-06-20 11:44:16 +0000 |
---|---|---|
committer | ae <ae@FreeBSD.org> | 2013-06-20 11:44:16 +0000 |
commit | b05df49af65d3ab697c586f71af5d5fe6f368656 (patch) | |
tree | 3928f332f78b418bcf02494aa8434e53a06aa4b4 /sys/netipsec/xform_ah.c | |
parent | 1e4c88cc8b89f670f8e6f11dd0db6d4cc0f53c16 (diff) | |
download | FreeBSD-src-b05df49af65d3ab697c586f71af5d5fe6f368656.zip FreeBSD-src-b05df49af65d3ab697c586f71af5d5fe6f368656.tar.gz |
Use corresponding macros to update statistics for AH, ESP, IPIP, IPCOMP,
PFKEY.
MFC after: 2 weeks
Diffstat (limited to 'sys/netipsec/xform_ah.c')
-rw-r--r-- | sys/netipsec/xform_ah.c | 52 |
1 files changed, 26 insertions, 26 deletions
diff --git a/sys/netipsec/xform_ah.c b/sys/netipsec/xform_ah.c index 722879b..82c9a65a7 100644 --- a/sys/netipsec/xform_ah.c +++ b/sys/netipsec/xform_ah.c @@ -583,14 +583,14 @@ ah_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) IP6_EXTHDR_GET(ah, struct newah *, m, skip, rplen); if (ah == NULL) { DPRINTF(("ah_input: cannot pullup header\n")); - V_ahstat.ahs_hdrops++; /*XXX*/ + AHSTAT_INC(ahs_hdrops); /*XXX*/ m_freem(m); return ENOBUFS; } /* Check replay window, if applicable. */ if (sav->replay && !ipsec_chkreplay(ntohl(ah->ah_seq), sav)) { - V_ahstat.ahs_replay++; + AHSTAT_INC(ahs_replay); DPRINTF(("%s: packet replay failure: %s\n", __func__, ipsec_logsastr(sav))); m_freem(m); @@ -607,17 +607,17 @@ ah_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) hl, (u_long) (authsize + rplen - sizeof (struct ah)), ipsec_address(&sav->sah->saidx.dst), (u_long) ntohl(sav->spi))); - V_ahstat.ahs_badauthl++; + AHSTAT_INC(ahs_badauthl); m_freem(m); return EACCES; } - V_ahstat.ahs_ibytes += m->m_pkthdr.len - skip - hl; + AHSTAT_ADD(ahs_ibytes, m->m_pkthdr.len - skip - hl); /* Get crypto descriptors. */ crp = crypto_getreq(1); if (crp == NULL) { DPRINTF(("%s: failed to acquire crypto descriptor\n",__func__)); - V_ahstat.ahs_crypto++; + AHSTAT_INC(ahs_crypto); m_freem(m); return ENOBUFS; } @@ -657,7 +657,7 @@ ah_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) } if (tc == NULL) { DPRINTF(("%s: failed to allocate tdb_crypto\n", __func__)); - V_ahstat.ahs_crypto++; + AHSTAT_INC(ahs_crypto); crypto_freereq(crp); m_freem(m); return ENOBUFS; @@ -681,7 +681,7 @@ ah_input(struct mbuf *m, struct secasvar *sav, int skip, int protoff) skip, ahx->type, 0); if (error != 0) { /* NB: mbuf is free'd by ah_massage_headers */ - V_ahstat.ahs_hdrops++; + AHSTAT_INC(ahs_hdrops); free(tc, M_XDATA); crypto_freereq(crp); return error; @@ -760,19 +760,19 @@ ah_input_cb(struct cryptop *crp) if (crp->crp_etype == EAGAIN) return (crypto_dispatch(crp)); - V_ahstat.ahs_noxform++; + AHSTAT_INC(ahs_noxform); DPRINTF(("%s: crypto error %d\n", __func__, crp->crp_etype)); error = crp->crp_etype; goto bad; } else { - V_ahstat.ahs_hist[sav->alg_auth]++; + AHSTAT_INC(ahs_hist[sav->alg_auth]); crypto_freereq(crp); /* No longer needed. */ crp = NULL; } /* Shouldn't happen... */ if (m == NULL) { - V_ahstat.ahs_crypto++; + AHSTAT_INC(ahs_crypto); DPRINTF(("%s: bogus returned buffer from crypto\n", __func__)); error = EINVAL; goto bad; @@ -798,7 +798,7 @@ ah_input_cb(struct cryptop *crp) "in SA %s/%08lx\n", __func__, ipsec_address(&saidx->dst), (u_long) ntohl(sav->spi))); - V_ahstat.ahs_badauth++; + AHSTAT_INC(ahs_badauth); error = EACCES; goto bad; } @@ -829,7 +829,7 @@ ah_input_cb(struct cryptop *crp) m_copydata(m, skip + offsetof(struct newah, ah_seq), sizeof (seq), (caddr_t) &seq); if (ipsec_updatereplay(ntohl(seq), sav)) { - V_ahstat.ahs_replay++; + AHSTAT_INC(ahs_replay); error = ENOBUFS; /*XXX as above*/ goto bad; } @@ -843,7 +843,7 @@ ah_input_cb(struct cryptop *crp) DPRINTF(("%s: mangled mbuf chain for SA %s/%08lx\n", __func__, ipsec_address(&saidx->dst), (u_long) ntohl(sav->spi))); - V_ahstat.ahs_hdrops++; + AHSTAT_INC(ahs_hdrops); goto bad; } @@ -904,7 +904,7 @@ ah_output( ahx = sav->tdb_authalgxform; IPSEC_ASSERT(ahx != NULL, ("null authentication xform")); - V_ahstat.ahs_output++; + AHSTAT_INC(ahs_output); /* Figure out header size. */ rplen = HDRSIZE(sav); @@ -927,7 +927,7 @@ ah_output( sav->sah->saidx.dst.sa.sa_family, ipsec_address(&sav->sah->saidx.dst), (u_long) ntohl(sav->spi))); - V_ahstat.ahs_nopf++; + AHSTAT_INC(ahs_nopf); error = EPFNOSUPPORT; goto bad; } @@ -938,20 +938,20 @@ ah_output( ipsec_address(&sav->sah->saidx.dst), (u_long) ntohl(sav->spi), rplen + authsize + m->m_pkthdr.len, maxpacketsize)); - V_ahstat.ahs_toobig++; + AHSTAT_INC(ahs_toobig); error = EMSGSIZE; goto bad; } /* Update the counters. */ - V_ahstat.ahs_obytes += m->m_pkthdr.len - skip; + AHSTAT_ADD(ahs_obytes, m->m_pkthdr.len - skip); m = m_unshare(m, M_NOWAIT); if (m == NULL) { DPRINTF(("%s: cannot clone mbuf chain, SA %s/%08lx\n", __func__, ipsec_address(&sav->sah->saidx.dst), (u_long) ntohl(sav->spi))); - V_ahstat.ahs_hdrops++; + AHSTAT_INC(ahs_hdrops); error = ENOBUFS; goto bad; } @@ -964,7 +964,7 @@ ah_output( rplen + authsize, ipsec_address(&sav->sah->saidx.dst), (u_long) ntohl(sav->spi))); - V_ahstat.ahs_hdrops++; /*XXX differs from openbsd */ + AHSTAT_INC(ahs_hdrops); /*XXX differs from openbsd */ error = ENOBUFS; goto bad; } @@ -992,7 +992,7 @@ ah_output( __func__, ipsec_address(&sav->sah->saidx.dst), (u_long) ntohl(sav->spi))); - V_ahstat.ahs_wrap++; + AHSTAT_INC(ahs_wrap); error = EINVAL; goto bad; } @@ -1009,7 +1009,7 @@ ah_output( if (crp == NULL) { DPRINTF(("%s: failed to acquire crypto descriptors\n", __func__)); - V_ahstat.ahs_crypto++; + AHSTAT_INC(ahs_crypto); error = ENOBUFS; goto bad; } @@ -1031,7 +1031,7 @@ ah_output( if (tc == NULL) { crypto_freereq(crp); DPRINTF(("%s: failed to allocate tdb_crypto\n", __func__)); - V_ahstat.ahs_crypto++; + AHSTAT_INC(ahs_crypto); error = ENOBUFS; goto bad; } @@ -1135,7 +1135,7 @@ ah_output_cb(struct cryptop *crp) sav = tc->tc_sav; /* With the isr lock released SA pointer can be updated. */ if (sav != isr->sav) { - V_ahstat.ahs_notdb++; + AHSTAT_INC(ahs_notdb); DPRINTF(("%s: SA expired while in crypto\n", __func__)); error = ENOBUFS; /*XXX*/ goto bad; @@ -1151,7 +1151,7 @@ ah_output_cb(struct cryptop *crp) return (crypto_dispatch(crp)); } - V_ahstat.ahs_noxform++; + AHSTAT_INC(ahs_noxform); DPRINTF(("%s: crypto error %d\n", __func__, crp->crp_etype)); error = crp->crp_etype; goto bad; @@ -1159,12 +1159,12 @@ ah_output_cb(struct cryptop *crp) /* Shouldn't happen... */ if (m == NULL) { - V_ahstat.ahs_crypto++; + AHSTAT_INC(ahs_crypto); DPRINTF(("%s: bogus returned buffer from crypto\n", __func__)); error = EINVAL; goto bad; } - V_ahstat.ahs_hist[sav->alg_auth]++; + AHSTAT_INC(ahs_hist[sav->alg_auth]); /* * Copy original headers (with the new protocol number) back |