1 files changed, 47 insertions, 45 deletions

diff --git a/sys/netipsec/ipsec.h b/sys/netipsec/ipsec.h
index ad22250..d5bd4cd 100644
--- a/sys/netipsec/ipsec.h
+++ b/sys/netipsec/ipsec.h
@@ -217,54 +217,54 @@ struct secspacq {
 
 /* statistics for ipsec processing */
 struct ipsecstat {
-	u_quad_t in_success;  /* succeeded inbound process */
-	u_quad_t in_polvio;
+	uint64_t in_success;  /* succeeded inbound process */
+	uint64_t in_polvio;
 			/* security policy violation for inbound process */
-	u_quad_t in_nosa;     /* inbound SA is unavailable */
-	u_quad_t in_inval;    /* inbound processing failed due to EINVAL */
-	u_quad_t in_nomem;    /* inbound processing failed due to ENOBUFS */
-	u_quad_t in_badspi;   /* failed getting a SPI */
-	u_quad_t in_ahreplay; /* AH replay check failed */
-	u_quad_t in_espreplay; /* ESP replay check failed */
-	u_quad_t in_ahauthsucc; /* AH authentication success */
-	u_quad_t in_ahauthfail; /* AH authentication failure */
-	u_quad_t in_espauthsucc; /* ESP authentication success */
-	u_quad_t in_espauthfail; /* ESP authentication failure */
-	u_quad_t in_esphist[256];
-	u_quad_t in_ahhist[256];
-	u_quad_t in_comphist[256];
-	u_quad_t out_success; /* succeeded outbound process */
-	u_quad_t out_polvio;
+	uint64_t in_nosa;     /* inbound SA is unavailable */
+	uint64_t in_inval;    /* inbound processing failed due to EINVAL */
+	uint64_t in_nomem;    /* inbound processing failed due to ENOBUFS */
+	uint64_t in_badspi;   /* failed getting a SPI */
+	uint64_t in_ahreplay; /* AH replay check failed */
+	uint64_t in_espreplay; /* ESP replay check failed */
+	uint64_t in_ahauthsucc; /* AH authentication success */
+	uint64_t in_ahauthfail; /* AH authentication failure */
+	uint64_t in_espauthsucc; /* ESP authentication success */
+	uint64_t in_espauthfail; /* ESP authentication failure */
+	uint64_t in_esphist[256];
+	uint64_t in_ahhist[256];
+	uint64_t in_comphist[256];
+	uint64_t out_success; /* succeeded outbound process */
+	uint64_t out_polvio;
 			/* security policy violation for outbound process */
-	u_quad_t out_nosa;    /* outbound SA is unavailable */
-	u_quad_t out_inval;   /* outbound process failed due to EINVAL */
-	u_quad_t out_nomem;    /* inbound processing failed due to ENOBUFS */
-	u_quad_t out_noroute; /* there is no route */
-	u_quad_t out_esphist[256];
-	u_quad_t out_ahhist[256];
-	u_quad_t out_comphist[256];
-
-	u_quad_t spdcachelookup;
-	u_quad_t spdcachemiss;
-
-	u_int32_t ips_in_polvio;	/* input: sec policy violation */
-	u_int32_t ips_out_polvio;	/* output: sec policy violation */
-	u_int32_t ips_out_nosa;		/* output: SA unavailable  */
-	u_int32_t ips_out_nomem;	/* output: no memory available */
-	u_int32_t ips_out_noroute;	/* output: no route available */
-	u_int32_t ips_out_inval;	/* output: generic error */
-	u_int32_t ips_out_bundlesa;	/* output: bundled SA processed */
-	u_int32_t ips_mbcoalesced;	/* mbufs coalesced during clone */
-	u_int32_t ips_clcoalesced;	/* clusters coalesced during clone */
-	u_int32_t ips_clcopied;		/* clusters copied during clone */
-	u_int32_t ips_mbinserted;	/* mbufs inserted during makespace */
+	uint64_t out_nosa;    /* outbound SA is unavailable */
+	uint64_t out_inval;   /* outbound process failed due to EINVAL */
+	uint64_t out_nomem;    /* inbound processing failed due to ENOBUFS */
+	uint64_t out_noroute; /* there is no route */
+	uint64_t out_esphist[256];
+	uint64_t out_ahhist[256];
+	uint64_t out_comphist[256];
+
+	uint64_t spdcachelookup;
+	uint64_t spdcachemiss;
+
+	uint64_t ips_in_polvio;		/* input: sec policy violation */
+	uint64_t ips_out_polvio;	/* output: sec policy violation */
+	uint64_t ips_out_nosa;		/* output: SA unavailable  */
+	uint64_t ips_out_nomem;		/* output: no memory available */
+	uint64_t ips_out_noroute;	/* output: no route available */
+	uint64_t ips_out_inval;		/* output: generic error */
+	uint64_t ips_out_bundlesa;	/* output: bundled SA processed */
+	uint64_t ips_mbcoalesced;	/* mbufs coalesced during clone */
+	uint64_t ips_clcoalesced;	/* clusters coalesced during clone */
+	uint64_t ips_clcopied;		/* clusters copied during clone */
+	uint64_t ips_mbinserted;	/* mbufs inserted during makespace */
 	/* 
 	 * Temporary statistics for performance analysis.
 	 */
 	/* See where ESP/AH/IPCOMP header land in mbuf on input */
-	u_int32_t ips_input_front;
-	u_int32_t ips_input_middle;
-	u_int32_t ips_input_end;
+	uint64_t ips_input_front;
+	uint64_t ips_input_middle;
+	uint64_t ips_input_end;
 };
 
 /*
@@ -325,6 +325,8 @@ struct ipsecstat {
 }
 
 #ifdef _KERNEL
+#include <sys/counter.h>
+
 struct ipsec_output_state {
 	struct mbuf *m;
 	struct route *ro;
@@ -347,7 +349,7 @@ VNET_DECLARE(int, ipsec_integrity);
 #define	V_ipsec_integrity	VNET(ipsec_integrity)
 #endif
 
-VNET_DECLARE(struct ipsecstat, ipsec4stat);
+VNET_PCPUSTAT_DECLARE(struct ipsecstat, ipsec4stat);
 VNET_DECLARE(struct secpolicy, ip4_def_policy);
 VNET_DECLARE(int, ip4_esp_trans_deflev);
 VNET_DECLARE(int, ip4_esp_net_deflev);
@@ -359,8 +361,8 @@ VNET_DECLARE(int, ip4_ipsec_ecn);
 VNET_DECLARE(int, ip4_esp_randpad);
 VNET_DECLARE(int, crypto_support);
 
-#define	IPSECSTAT_INC(name)	V_ipsec4stat.name += 1
-#define	V_ipsec4stat		VNET(ipsec4stat)
+#define	IPSECSTAT_INC(name)	\
+    VNET_PCPUSTAT_ADD(struct ipsecstat, ipsec4stat, name, 1)
 #define	V_ip4_def_policy	VNET(ip4_def_policy)
 #define	V_ip4_esp_trans_deflev	VNET(ip4_esp_trans_deflev)
 #define	V_ip4_esp_net_deflev	VNET(ip4_esp_net_deflev)