fib: midchain adjacency optimisations

Type: improvement

 - inline some common encap fixup functions into the midchain
   rewrite node so we don't incur the cost of the virtual function call
 - change the copy 'guess' from ethernet_header (which will never happen) to an ip4 header
 - add adj-midchain-tx to multiarch sources
 - don't run adj-midchain-tx as a feature, instead put this node as the
   adj's next and at the end of the feature arc.
 - cache the feature arc config index (to save the cache miss going to fetch it)
 - don't check if features are enabled when taking the arc (since we know they are)

the last two changes will also benefit normal adjacencies taking the arc (i.e. for NAT, ACLs, etc)

for IPSec:
 - don't run esp_encrypt as a feature, instead when required insert this
   node into the adj's next and into the end of the feature arc. this
   implies that encrypt is always 'the last feature' run, which is
   symmetric with decrypt always being the first.
 - esp_encrpyt for tunnels has adj-midchain-tx as next node

Change-Id: Ida0af56a704302cf2d7797ded5f118a781e8acb7
Signed-off-by: Neale Ranns <nranns@cisco.com>
diff --git a/src/vnet/ipsec/ipsec.c b/src/vnet/ipsec/ipsec.c
index 6b31926..95e322e 100644
--- a/src/vnet/ipsec/ipsec.c
+++ b/src/vnet/ipsec/ipsec.c
@@ -124,17 +124,6 @@
   *out_next_index = vlib_node_add_next (vm, prev_node->index, node->index);
 }
 
-void
-ipsec_add_feature (const char *arc_name,
-		   const char *node_name, u32 * out_feature_index)
-{
-  u8 arc;
-
-  arc = vnet_get_feature_arc_index (arc_name);
-  ASSERT (arc != (u8) ~ 0);
-  *out_feature_index = vnet_get_feature_index (arc, node_name);
-}
-
 u32
 ipsec_register_ah_backend (vlib_main_t * vm, ipsec_main_t * im,
 			   const char *name,
@@ -198,14 +187,10 @@
 		  &b->esp6_decrypt_tun_node_index,
 		  &b->esp6_decrypt_tun_next_index);
 
-  ipsec_add_feature ("ip4-output", esp4_encrypt_node_tun_name,
-		     &b->esp44_encrypt_tun_feature_index);
-  ipsec_add_feature ("ip4-output", esp6_encrypt_node_tun_name,
-		     &b->esp46_encrypt_tun_feature_index);
-  ipsec_add_feature ("ip6-output", esp6_encrypt_node_tun_name,
-		     &b->esp66_encrypt_tun_feature_index);
-  ipsec_add_feature ("ip6-output", esp4_encrypt_node_tun_name,
-		     &b->esp64_encrypt_tun_feature_index);
+  b->esp6_encrypt_tun_node_index =
+    vlib_get_node_by_name (vm, (u8 *) esp6_encrypt_node_tun_name)->index;
+  b->esp4_encrypt_tun_node_index =
+    vlib_get_node_by_name (vm, (u8 *) esp4_encrypt_node_tun_name)->index;
 
   b->check_support_cb = esp_check_support_cb;
   b->add_del_sa_sess_cb = esp_add_del_sa_sess_cb;
@@ -284,11 +269,8 @@
   im->esp4_decrypt_tun_next_index = b->esp4_decrypt_tun_next_index;
   im->esp6_decrypt_tun_node_index = b->esp6_decrypt_tun_node_index;
   im->esp6_decrypt_tun_next_index = b->esp6_decrypt_tun_next_index;
-
-  im->esp44_encrypt_tun_feature_index = b->esp44_encrypt_tun_feature_index;
-  im->esp64_encrypt_tun_feature_index = b->esp64_encrypt_tun_feature_index;
-  im->esp46_encrypt_tun_feature_index = b->esp46_encrypt_tun_feature_index;
-  im->esp66_encrypt_tun_feature_index = b->esp66_encrypt_tun_feature_index;
+  im->esp4_encrypt_tun_node_index = b->esp4_encrypt_tun_node_index;
+  im->esp6_encrypt_tun_node_index = b->esp6_encrypt_tun_node_index;
 
   if (b->enable_disable_cb)
     {