dpdk: del warnings that duplicate counters in esp

[vpp.git] / src / plugins / dpdk / ipsec / esp_decrypt.c

diff --git a/src/plugins/dpdk/ipsec/esp_decrypt.c b/src/plugins/dpdk/ipsec/esp_decrypt.c
index 112b96a..dffcc83 100644 (file)
--- a/src/plugins/dpdk/ipsec/esp_decrypt.c
+++ b/src/plugins/dpdk/ipsec/esp_decrypt.c
@@ -194,8 +194,6 @@ dpdk_esp_decrypt_inline (vlib_main_t * vm,
 
              if (PREDICT_FALSE (res_idx == (u16) ~ 0))
                {
-                 clib_warning ("unsupported SA by thread index %u",
-                               thread_idx);
                  if (is_ip6)
                    vlib_node_increment_counter (vm,
                                                 dpdk_esp6_decrypt_node.index,
@@ -214,7 +212,6 @@ dpdk_esp_decrypt_inline (vlib_main_t * vm,
              error = crypto_get_session (&session, sa_index0, res, cwm, 0);
              if (PREDICT_FALSE (error || !session))
                {
-                 clib_warning ("failed to get crypto session");
                  if (is_ip6)
                    vlib_node_increment_counter (vm,
                                                 dpdk_esp6_decrypt_node.index,
@@ -238,7 +235,6 @@ dpdk_esp_decrypt_inline (vlib_main_t * vm,
          if (ipsec_sa_anti_replay_check
              (sa0, clib_host_to_net_u32 (esp0->seq)))
            {
-             clib_warning ("failed anti-replay check");
              if (is_ip6)
                vlib_node_increment_counter (vm,
                                             dpdk_esp6_decrypt_node.index,
@@ -256,7 +252,10 @@ dpdk_esp_decrypt_inline (vlib_main_t * vm,
          if (is_ip6)
            priv->next = DPDK_CRYPTO_INPUT_NEXT_DECRYPT6_POST;
          else
-           priv->next = DPDK_CRYPTO_INPUT_NEXT_DECRYPT4_POST;
+           {
+             priv->next = DPDK_CRYPTO_INPUT_NEXT_DECRYPT4_POST;
+             b0->flags |= VNET_BUFFER_F_IS_IP4;
+           }
 
          /* FIXME multi-seg */
          vlib_increment_combined_counter
@@ -283,8 +282,6 @@ dpdk_esp_decrypt_inline (vlib_main_t * vm,
 
          if (payload_len & (cipher_alg->boundary - 1))
            {
-             clib_warning ("payload %u not multiple of %d\n",
-                           payload_len, cipher_alg->boundary);
              if (is_ip6)
                vlib_node_increment_counter (vm, dpdk_esp6_decrypt_node.index,
                                             ESP_DECRYPT_ERROR_BAD_LEN, 1);
@@ -613,16 +610,14 @@ dpdk_esp_decrypt_post_inline (vlib_main_t * vm,
              if ((ih4->ip_version_and_header_length & 0xF0) == 0x40)
                {
                  u16 ih4_len = ip4_header_bytes (ih4);
-                 vlib_buffer_advance (b0, -ih4_len - udp_encap_adv);
+                 vlib_buffer_advance (b0, -ih4_len);
                  next0 = ESP_DECRYPT_NEXT_IP4_INPUT;
-                 if (!ipsec_sa_is_set_UDP_ENCAP (sa0))
-                   {
-                     oh4 = vlib_buffer_get_current (b0);
-                     memmove (oh4, ih4, ih4_len);
-                     oh4->protocol = f0->next_header;
-                     oh4->length = clib_host_to_net_u16 (b0->current_length);
-                     oh4->checksum = ip4_header_checksum (oh4);
-                   }
+
+                 oh4 = vlib_buffer_get_current (b0);
+                 memmove (oh4, ih4, ih4_len);
+                 oh4->protocol = f0->next_header;
+                 oh4->length = clib_host_to_net_u16 (b0->current_length);
+                 oh4->checksum = ip4_header_checksum (oh4);
                }
              else if ((ih4->ip_version_and_header_length & 0xF0) == 0x60)
                {