Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 23 Nov 2016 11:03:23 +0000 (UTC)
From:      "Andrey V. Elsukov" <ae@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-projects@freebsd.org
Subject:   svn commit: r309052 - projects/ipsec/sys/netipsec
Message-ID:  <201611231103.uANB3NFV085158@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: ae
Date: Wed Nov 23 11:03:23 2016
New Revision: 309052
URL: https://svnweb.freebsd.org/changeset/base/309052

Log:
  Update key_sa_recordxfer() to use PCPU counters.
  
  NOTE: previously CURRENT usetime was updated every time, when
  key_sa_recordxfer() is invoked. RFC 2367 says:
  
  sadb_lifetime_usetime
        For CURRENT, the time, in seconds, when association
        was first used. For HARD and SOFT, the number of
        seconds after the first use of the association until
        it expires.
  
  Rename usetime into firstused and update it only once. Also, now
  it is possible to check SA expiration using difference between
  SOFT/HARD usetime and CURRENT firstused (this is already done in
  key_flush_sad).

Modified:
  projects/ipsec/sys/netipsec/key.c

Modified: projects/ipsec/sys/netipsec/key.c
==============================================================================
--- projects/ipsec/sys/netipsec/key.c	Wed Nov 23 10:52:19 2016	(r309051)
+++ projects/ipsec/sys/netipsec/key.c	Wed Nov 23 11:03:23 2016	(r309052)
@@ -7591,23 +7591,19 @@ key_sa_recordxfer(struct secasvar *sav, 
 {
 	IPSEC_ASSERT(sav != NULL, ("Null secasvar"));
 	IPSEC_ASSERT(m != NULL, ("Null mbuf"));
-	if (!sav->lft_c)
-		return;
 
 	/*
 	 * XXX Currently, there is a difference of bytes size
 	 * between inbound and outbound processing.
 	 */
-	sav->lft_c->bytes += m->m_pkthdr.len;
-	/* to check bytes lifetime is done in key_timehandler(). */
+	counter_u64_add(sav->lft_c_bytes, m->m_pkthdr.len);
 
 	/*
 	 * We use the number of packets as the unit of
 	 * allocations.  We increment the variable
 	 * whenever {esp,ah}_{in,out}put is called.
 	 */
-	sav->lft_c->allocations++;
-	/* XXX check for expires? */
+	counter_u64_add(sav->lft_c_allocations, 1);
 
 	/*
 	 * NOTE: We record CURRENT usetime by using wall clock,
@@ -7620,10 +7616,8 @@ key_sa_recordxfer(struct secasvar *sav, 
 	 *	<--------------> HARD
 	 *	<-----> SOFT
 	 */
-	sav->lft_c->usetime = time_second;
-	/* XXX check for expires? */
-
-	return;
+	if (sav->firstused == 0)
+		sav->firstused = time_second;
 }
 
 static void

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201611231103.uANB3NFV085158>