]>
Commit | Line | Data |
---|---|---|
fa37b408 BP |
1 | /* |
2 | * Copyright (c) 2008, 2009, 2010 Nicira Networks. | |
3 | * | |
4 | * Licensed under the Apache License, Version 2.0 (the "License"); | |
5 | * you may not use this file except in compliance with the License. | |
6 | * You may obtain a copy of the License at: | |
7 | * | |
8 | * http://www.apache.org/licenses/LICENSE-2.0 | |
9 | * | |
10 | * Unless required by applicable law or agreed to in writing, software | |
11 | * distributed under the License is distributed on an "AS IS" BASIS, | |
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
13 | * See the License for the specific language governing permissions and | |
14 | * limitations under the License. | |
15 | */ | |
16 | ||
17 | #include <config.h> | |
18 | #include "ofp-print.h" | |
19 | #include <inttypes.h> | |
20 | #include <stdlib.h> | |
21 | #include "ofp-util.h" | |
22 | #include "ofpbuf.h" | |
23 | #include "packets.h" | |
24 | #include "random.h" | |
5136ce49 | 25 | #include "vlog.h" |
c1c9c9c4 | 26 | #include "xtoxll.h" |
fa37b408 | 27 | |
5136ce49 | 28 | VLOG_DEFINE_THIS_MODULE(ofp_util) |
fa37b408 BP |
29 | |
30 | /* Rate limit for OpenFlow message parse errors. These always indicate a bug | |
31 | * in the peer and so there's not much point in showing a lot of them. */ | |
32 | static struct vlog_rate_limit bad_ofmsg_rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
33 | ||
34 | /* XXX we should really use consecutive xids to avoid probabilistic | |
35 | * failures. */ | |
36 | static inline uint32_t | |
37 | alloc_xid(void) | |
38 | { | |
39 | return random_uint32(); | |
40 | } | |
41 | ||
42 | /* Allocates and stores in '*bufferp' a new ofpbuf with a size of | |
43 | * 'openflow_len', starting with an OpenFlow header with the given 'type' and | |
44 | * an arbitrary transaction id. Allocated bytes beyond the header, if any, are | |
45 | * zeroed. | |
46 | * | |
47 | * The caller is responsible for freeing '*bufferp' when it is no longer | |
48 | * needed. | |
49 | * | |
50 | * The OpenFlow header length is initially set to 'openflow_len'; if the | |
51 | * message is later extended, the length should be updated with | |
52 | * update_openflow_length() before sending. | |
53 | * | |
54 | * Returns the header. */ | |
55 | void * | |
56 | make_openflow(size_t openflow_len, uint8_t type, struct ofpbuf **bufferp) | |
57 | { | |
58 | *bufferp = ofpbuf_new(openflow_len); | |
59 | return put_openflow_xid(openflow_len, type, alloc_xid(), *bufferp); | |
60 | } | |
61 | ||
62 | /* Allocates and stores in '*bufferp' a new ofpbuf with a size of | |
63 | * 'openflow_len', starting with an OpenFlow header with the given 'type' and | |
64 | * transaction id 'xid'. Allocated bytes beyond the header, if any, are | |
65 | * zeroed. | |
66 | * | |
67 | * The caller is responsible for freeing '*bufferp' when it is no longer | |
68 | * needed. | |
69 | * | |
70 | * The OpenFlow header length is initially set to 'openflow_len'; if the | |
71 | * message is later extended, the length should be updated with | |
72 | * update_openflow_length() before sending. | |
73 | * | |
74 | * Returns the header. */ | |
75 | void * | |
76 | make_openflow_xid(size_t openflow_len, uint8_t type, uint32_t xid, | |
77 | struct ofpbuf **bufferp) | |
78 | { | |
79 | *bufferp = ofpbuf_new(openflow_len); | |
80 | return put_openflow_xid(openflow_len, type, xid, *bufferp); | |
81 | } | |
82 | ||
83 | /* Appends 'openflow_len' bytes to 'buffer', starting with an OpenFlow header | |
84 | * with the given 'type' and an arbitrary transaction id. Allocated bytes | |
85 | * beyond the header, if any, are zeroed. | |
86 | * | |
87 | * The OpenFlow header length is initially set to 'openflow_len'; if the | |
88 | * message is later extended, the length should be updated with | |
89 | * update_openflow_length() before sending. | |
90 | * | |
91 | * Returns the header. */ | |
92 | void * | |
93 | put_openflow(size_t openflow_len, uint8_t type, struct ofpbuf *buffer) | |
94 | { | |
95 | return put_openflow_xid(openflow_len, type, alloc_xid(), buffer); | |
96 | } | |
97 | ||
98 | /* Appends 'openflow_len' bytes to 'buffer', starting with an OpenFlow header | |
99 | * with the given 'type' and an transaction id 'xid'. Allocated bytes beyond | |
100 | * the header, if any, are zeroed. | |
101 | * | |
102 | * The OpenFlow header length is initially set to 'openflow_len'; if the | |
103 | * message is later extended, the length should be updated with | |
104 | * update_openflow_length() before sending. | |
105 | * | |
106 | * Returns the header. */ | |
107 | void * | |
108 | put_openflow_xid(size_t openflow_len, uint8_t type, uint32_t xid, | |
109 | struct ofpbuf *buffer) | |
110 | { | |
111 | struct ofp_header *oh; | |
112 | ||
113 | assert(openflow_len >= sizeof *oh); | |
114 | assert(openflow_len <= UINT16_MAX); | |
115 | ||
116 | oh = ofpbuf_put_uninit(buffer, openflow_len); | |
117 | oh->version = OFP_VERSION; | |
118 | oh->type = type; | |
119 | oh->length = htons(openflow_len); | |
120 | oh->xid = xid; | |
121 | memset(oh + 1, 0, openflow_len - sizeof *oh); | |
122 | return oh; | |
123 | } | |
124 | ||
125 | /* Updates the 'length' field of the OpenFlow message in 'buffer' to | |
126 | * 'buffer->size'. */ | |
127 | void | |
128 | update_openflow_length(struct ofpbuf *buffer) | |
129 | { | |
130 | struct ofp_header *oh = ofpbuf_at_assert(buffer, 0, sizeof *oh); | |
131 | oh->length = htons(buffer->size); | |
132 | } | |
133 | ||
134 | struct ofpbuf * | |
135 | make_flow_mod(uint16_t command, const flow_t *flow, size_t actions_len) | |
136 | { | |
137 | struct ofp_flow_mod *ofm; | |
138 | size_t size = sizeof *ofm + actions_len; | |
139 | struct ofpbuf *out = ofpbuf_new(size); | |
140 | ofm = ofpbuf_put_zeros(out, sizeof *ofm); | |
141 | ofm->header.version = OFP_VERSION; | |
142 | ofm->header.type = OFPT_FLOW_MOD; | |
143 | ofm->header.length = htons(size); | |
144 | ofm->cookie = 0; | |
145 | ofm->match.wildcards = htonl(0); | |
146 | ofm->match.in_port = htons(flow->in_port == ODPP_LOCAL ? OFPP_LOCAL | |
147 | : flow->in_port); | |
148 | memcpy(ofm->match.dl_src, flow->dl_src, sizeof ofm->match.dl_src); | |
149 | memcpy(ofm->match.dl_dst, flow->dl_dst, sizeof ofm->match.dl_dst); | |
150 | ofm->match.dl_vlan = flow->dl_vlan; | |
151 | ofm->match.dl_vlan_pcp = flow->dl_vlan_pcp; | |
152 | ofm->match.dl_type = flow->dl_type; | |
153 | ofm->match.nw_src = flow->nw_src; | |
154 | ofm->match.nw_dst = flow->nw_dst; | |
155 | ofm->match.nw_proto = flow->nw_proto; | |
156 | ofm->match.nw_tos = flow->nw_tos; | |
157 | ofm->match.tp_src = flow->tp_src; | |
158 | ofm->match.tp_dst = flow->tp_dst; | |
159 | ofm->command = htons(command); | |
160 | return out; | |
161 | } | |
162 | ||
163 | struct ofpbuf * | |
164 | make_add_flow(const flow_t *flow, uint32_t buffer_id, | |
165 | uint16_t idle_timeout, size_t actions_len) | |
166 | { | |
167 | struct ofpbuf *out = make_flow_mod(OFPFC_ADD, flow, actions_len); | |
168 | struct ofp_flow_mod *ofm = out->data; | |
169 | ofm->idle_timeout = htons(idle_timeout); | |
170 | ofm->hard_timeout = htons(OFP_FLOW_PERMANENT); | |
171 | ofm->buffer_id = htonl(buffer_id); | |
172 | return out; | |
173 | } | |
174 | ||
175 | struct ofpbuf * | |
176 | make_del_flow(const flow_t *flow) | |
177 | { | |
178 | struct ofpbuf *out = make_flow_mod(OFPFC_DELETE_STRICT, flow, 0); | |
179 | struct ofp_flow_mod *ofm = out->data; | |
180 | ofm->out_port = htons(OFPP_NONE); | |
181 | return out; | |
182 | } | |
183 | ||
184 | struct ofpbuf * | |
185 | make_add_simple_flow(const flow_t *flow, | |
186 | uint32_t buffer_id, uint16_t out_port, | |
187 | uint16_t idle_timeout) | |
188 | { | |
81f3cad4 BP |
189 | if (out_port != OFPP_NONE) { |
190 | struct ofp_action_output *oao; | |
191 | struct ofpbuf *buffer; | |
192 | ||
193 | buffer = make_add_flow(flow, buffer_id, idle_timeout, sizeof *oao); | |
194 | oao = ofpbuf_put_zeros(buffer, sizeof *oao); | |
195 | oao->type = htons(OFPAT_OUTPUT); | |
196 | oao->len = htons(sizeof *oao); | |
197 | oao->port = htons(out_port); | |
198 | return buffer; | |
199 | } else { | |
200 | return make_add_flow(flow, buffer_id, idle_timeout, 0); | |
201 | } | |
fa37b408 BP |
202 | } |
203 | ||
204 | struct ofpbuf * | |
205 | make_packet_in(uint32_t buffer_id, uint16_t in_port, uint8_t reason, | |
206 | const struct ofpbuf *payload, int max_send_len) | |
207 | { | |
208 | struct ofp_packet_in *opi; | |
209 | struct ofpbuf *buf; | |
210 | int send_len; | |
211 | ||
212 | send_len = MIN(max_send_len, payload->size); | |
213 | buf = ofpbuf_new(sizeof *opi + send_len); | |
214 | opi = put_openflow_xid(offsetof(struct ofp_packet_in, data), | |
215 | OFPT_PACKET_IN, 0, buf); | |
216 | opi->buffer_id = htonl(buffer_id); | |
217 | opi->total_len = htons(payload->size); | |
218 | opi->in_port = htons(in_port); | |
219 | opi->reason = reason; | |
220 | ofpbuf_put(buf, payload->data, send_len); | |
221 | update_openflow_length(buf); | |
222 | ||
223 | return buf; | |
224 | } | |
225 | ||
226 | struct ofpbuf * | |
227 | make_packet_out(const struct ofpbuf *packet, uint32_t buffer_id, | |
228 | uint16_t in_port, | |
229 | const struct ofp_action_header *actions, size_t n_actions) | |
230 | { | |
231 | size_t actions_len = n_actions * sizeof *actions; | |
232 | struct ofp_packet_out *opo; | |
233 | size_t size = sizeof *opo + actions_len + (packet ? packet->size : 0); | |
234 | struct ofpbuf *out = ofpbuf_new(size); | |
235 | ||
236 | opo = ofpbuf_put_uninit(out, sizeof *opo); | |
237 | opo->header.version = OFP_VERSION; | |
238 | opo->header.type = OFPT_PACKET_OUT; | |
239 | opo->header.length = htons(size); | |
240 | opo->header.xid = htonl(0); | |
241 | opo->buffer_id = htonl(buffer_id); | |
242 | opo->in_port = htons(in_port == ODPP_LOCAL ? OFPP_LOCAL : in_port); | |
243 | opo->actions_len = htons(actions_len); | |
244 | ofpbuf_put(out, actions, actions_len); | |
245 | if (packet) { | |
246 | ofpbuf_put(out, packet->data, packet->size); | |
247 | } | |
248 | return out; | |
249 | } | |
250 | ||
251 | struct ofpbuf * | |
252 | make_unbuffered_packet_out(const struct ofpbuf *packet, | |
253 | uint16_t in_port, uint16_t out_port) | |
254 | { | |
255 | struct ofp_action_output action; | |
256 | action.type = htons(OFPAT_OUTPUT); | |
257 | action.len = htons(sizeof action); | |
258 | action.port = htons(out_port); | |
259 | return make_packet_out(packet, UINT32_MAX, in_port, | |
260 | (struct ofp_action_header *) &action, 1); | |
261 | } | |
262 | ||
263 | struct ofpbuf * | |
264 | make_buffered_packet_out(uint32_t buffer_id, | |
265 | uint16_t in_port, uint16_t out_port) | |
266 | { | |
81f3cad4 BP |
267 | if (out_port != OFPP_NONE) { |
268 | struct ofp_action_output action; | |
269 | action.type = htons(OFPAT_OUTPUT); | |
270 | action.len = htons(sizeof action); | |
271 | action.port = htons(out_port); | |
272 | return make_packet_out(NULL, buffer_id, in_port, | |
273 | (struct ofp_action_header *) &action, 1); | |
274 | } else { | |
275 | return make_packet_out(NULL, buffer_id, in_port, NULL, 0); | |
276 | } | |
fa37b408 BP |
277 | } |
278 | ||
279 | /* Creates and returns an OFPT_ECHO_REQUEST message with an empty payload. */ | |
280 | struct ofpbuf * | |
281 | make_echo_request(void) | |
282 | { | |
283 | struct ofp_header *rq; | |
284 | struct ofpbuf *out = ofpbuf_new(sizeof *rq); | |
285 | rq = ofpbuf_put_uninit(out, sizeof *rq); | |
286 | rq->version = OFP_VERSION; | |
287 | rq->type = OFPT_ECHO_REQUEST; | |
288 | rq->length = htons(sizeof *rq); | |
289 | rq->xid = 0; | |
290 | return out; | |
291 | } | |
292 | ||
293 | /* Creates and returns an OFPT_ECHO_REPLY message matching the | |
294 | * OFPT_ECHO_REQUEST message in 'rq'. */ | |
295 | struct ofpbuf * | |
296 | make_echo_reply(const struct ofp_header *rq) | |
297 | { | |
298 | size_t size = ntohs(rq->length); | |
299 | struct ofpbuf *out = ofpbuf_new(size); | |
300 | struct ofp_header *reply = ofpbuf_put(out, rq, size); | |
301 | reply->type = OFPT_ECHO_REPLY; | |
302 | return out; | |
303 | } | |
304 | ||
305 | static int | |
306 | check_message_type(uint8_t got_type, uint8_t want_type) | |
307 | { | |
308 | if (got_type != want_type) { | |
309 | char *want_type_name = ofp_message_type_to_string(want_type); | |
310 | char *got_type_name = ofp_message_type_to_string(got_type); | |
311 | VLOG_WARN_RL(&bad_ofmsg_rl, | |
312 | "received bad message type %s (expected %s)", | |
313 | got_type_name, want_type_name); | |
314 | free(want_type_name); | |
315 | free(got_type_name); | |
316 | return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_TYPE); | |
317 | } | |
318 | return 0; | |
319 | } | |
320 | ||
321 | /* Checks that 'msg' has type 'type' and that it is exactly 'size' bytes long. | |
322 | * Returns 0 if the checks pass, otherwise an OpenFlow error code (produced | |
323 | * with ofp_mkerr()). */ | |
324 | int | |
325 | check_ofp_message(const struct ofp_header *msg, uint8_t type, size_t size) | |
326 | { | |
327 | size_t got_size; | |
328 | int error; | |
329 | ||
330 | error = check_message_type(msg->type, type); | |
331 | if (error) { | |
332 | return error; | |
333 | } | |
334 | ||
335 | got_size = ntohs(msg->length); | |
336 | if (got_size != size) { | |
337 | char *type_name = ofp_message_type_to_string(type); | |
338 | VLOG_WARN_RL(&bad_ofmsg_rl, | |
339 | "received %s message of length %zu (expected %zu)", | |
340 | type_name, got_size, size); | |
341 | free(type_name); | |
342 | return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); | |
343 | } | |
344 | ||
345 | return 0; | |
346 | } | |
347 | ||
348 | /* Checks that 'msg' has type 'type' and that 'msg' is 'size' plus a | |
349 | * nonnegative integer multiple of 'array_elt_size' bytes long. Returns 0 if | |
350 | * the checks pass, otherwise an OpenFlow error code (produced with | |
351 | * ofp_mkerr()). | |
352 | * | |
353 | * If 'n_array_elts' is nonnull, then '*n_array_elts' is set to the number of | |
354 | * 'array_elt_size' blocks in 'msg' past the first 'min_size' bytes, when | |
355 | * successful. */ | |
356 | int | |
357 | check_ofp_message_array(const struct ofp_header *msg, uint8_t type, | |
358 | size_t min_size, size_t array_elt_size, | |
359 | size_t *n_array_elts) | |
360 | { | |
361 | size_t got_size; | |
362 | int error; | |
363 | ||
364 | assert(array_elt_size); | |
365 | ||
366 | error = check_message_type(msg->type, type); | |
367 | if (error) { | |
368 | return error; | |
369 | } | |
370 | ||
371 | got_size = ntohs(msg->length); | |
372 | if (got_size < min_size) { | |
373 | char *type_name = ofp_message_type_to_string(type); | |
374 | VLOG_WARN_RL(&bad_ofmsg_rl, "received %s message of length %zu " | |
375 | "(expected at least %zu)", | |
376 | type_name, got_size, min_size); | |
377 | free(type_name); | |
378 | return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); | |
379 | } | |
380 | if ((got_size - min_size) % array_elt_size) { | |
381 | char *type_name = ofp_message_type_to_string(type); | |
382 | VLOG_WARN_RL(&bad_ofmsg_rl, | |
383 | "received %s message of bad length %zu: the " | |
384 | "excess over %zu (%zu) is not evenly divisible by %zu " | |
385 | "(remainder is %zu)", | |
386 | type_name, got_size, min_size, got_size - min_size, | |
387 | array_elt_size, (got_size - min_size) % array_elt_size); | |
388 | free(type_name); | |
389 | return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); | |
390 | } | |
391 | if (n_array_elts) { | |
392 | *n_array_elts = (got_size - min_size) / array_elt_size; | |
393 | } | |
394 | return 0; | |
395 | } | |
396 | ||
397 | int | |
398 | check_ofp_packet_out(const struct ofp_header *oh, struct ofpbuf *data, | |
399 | int *n_actionsp, int max_ports) | |
400 | { | |
401 | const struct ofp_packet_out *opo; | |
402 | unsigned int actions_len, n_actions; | |
403 | size_t extra; | |
404 | int error; | |
405 | ||
406 | *n_actionsp = 0; | |
407 | error = check_ofp_message_array(oh, OFPT_PACKET_OUT, | |
408 | sizeof *opo, 1, &extra); | |
409 | if (error) { | |
410 | return error; | |
411 | } | |
412 | opo = (const struct ofp_packet_out *) oh; | |
413 | ||
414 | actions_len = ntohs(opo->actions_len); | |
415 | if (actions_len > extra) { | |
416 | VLOG_WARN_RL(&bad_ofmsg_rl, "packet-out claims %u bytes of actions " | |
417 | "but message has room for only %zu bytes", | |
418 | actions_len, extra); | |
419 | return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); | |
420 | } | |
421 | if (actions_len % sizeof(union ofp_action)) { | |
422 | VLOG_WARN_RL(&bad_ofmsg_rl, "packet-out claims %u bytes of actions, " | |
423 | "which is not a multiple of %zu", | |
424 | actions_len, sizeof(union ofp_action)); | |
425 | return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); | |
426 | } | |
427 | ||
428 | n_actions = actions_len / sizeof(union ofp_action); | |
429 | error = validate_actions((const union ofp_action *) opo->actions, | |
430 | n_actions, max_ports); | |
431 | if (error) { | |
432 | return error; | |
433 | } | |
434 | ||
435 | data->data = (void *) &opo->actions[n_actions]; | |
436 | data->size = extra - actions_len; | |
437 | *n_actionsp = n_actions; | |
438 | return 0; | |
439 | } | |
440 | ||
441 | const struct ofp_flow_stats * | |
442 | flow_stats_first(struct flow_stats_iterator *iter, | |
443 | const struct ofp_stats_reply *osr) | |
444 | { | |
445 | iter->pos = osr->body; | |
446 | iter->end = osr->body + (ntohs(osr->header.length) | |
447 | - offsetof(struct ofp_stats_reply, body)); | |
448 | return flow_stats_next(iter); | |
449 | } | |
450 | ||
451 | const struct ofp_flow_stats * | |
452 | flow_stats_next(struct flow_stats_iterator *iter) | |
453 | { | |
454 | ptrdiff_t bytes_left = iter->end - iter->pos; | |
455 | const struct ofp_flow_stats *fs; | |
456 | size_t length; | |
457 | ||
458 | if (bytes_left < sizeof *fs) { | |
459 | if (bytes_left != 0) { | |
460 | VLOG_WARN_RL(&bad_ofmsg_rl, | |
461 | "%td leftover bytes in flow stats reply", bytes_left); | |
462 | } | |
463 | return NULL; | |
464 | } | |
465 | ||
466 | fs = (const void *) iter->pos; | |
467 | length = ntohs(fs->length); | |
468 | if (length < sizeof *fs) { | |
469 | VLOG_WARN_RL(&bad_ofmsg_rl, "flow stats length %zu is shorter than " | |
470 | "min %zu", length, sizeof *fs); | |
471 | return NULL; | |
472 | } else if (length > bytes_left) { | |
473 | VLOG_WARN_RL(&bad_ofmsg_rl, "flow stats length %zu but only %td " | |
474 | "bytes left", length, bytes_left); | |
475 | return NULL; | |
476 | } else if ((length - sizeof *fs) % sizeof fs->actions[0]) { | |
477 | VLOG_WARN_RL(&bad_ofmsg_rl, "flow stats length %zu has %zu bytes " | |
478 | "left over in final action", length, | |
479 | (length - sizeof *fs) % sizeof fs->actions[0]); | |
480 | return NULL; | |
481 | } | |
482 | iter->pos += length; | |
483 | return fs; | |
484 | } | |
485 | ||
486 | /* Alignment of ofp_actions. */ | |
487 | #define ACTION_ALIGNMENT 8 | |
488 | ||
489 | static int | |
490 | check_action_exact_len(const union ofp_action *a, unsigned int len, | |
491 | unsigned int required_len) | |
492 | { | |
493 | if (len != required_len) { | |
494 | VLOG_DBG_RL(&bad_ofmsg_rl, | |
495 | "action %u has invalid length %"PRIu16" (must be %u)\n", | |
496 | a->type, ntohs(a->header.len), required_len); | |
497 | return ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_BAD_LEN); | |
498 | } | |
499 | return 0; | |
500 | } | |
501 | ||
c1c9c9c4 BP |
502 | /* Checks that 'port' is a valid output port for the OFPAT_OUTPUT action, given |
503 | * that the switch will never have more than 'max_ports' ports. Returns 0 if | |
504 | * 'port' is valid, otherwise an ofp_mkerr() return code. */ | |
fa37b408 | 505 | static int |
c1c9c9c4 | 506 | check_output_port(uint16_t port, int max_ports) |
fa37b408 BP |
507 | { |
508 | switch (port) { | |
509 | case OFPP_IN_PORT: | |
510 | case OFPP_TABLE: | |
511 | case OFPP_NORMAL: | |
512 | case OFPP_FLOOD: | |
513 | case OFPP_ALL: | |
514 | case OFPP_CONTROLLER: | |
515 | case OFPP_LOCAL: | |
516 | return 0; | |
517 | ||
518 | default: | |
c1c9c9c4 | 519 | if (port < max_ports) { |
fa37b408 BP |
520 | return 0; |
521 | } | |
522 | VLOG_WARN_RL(&bad_ofmsg_rl, "unknown output port %x", port); | |
523 | return ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_BAD_OUT_PORT); | |
524 | } | |
525 | } | |
526 | ||
c1c9c9c4 BP |
527 | /* Checks that 'action' is a valid OFPAT_ENQUEUE action, given that the switch |
528 | * will never have more than 'max_ports' ports. Returns 0 if 'port' is valid, | |
529 | * otherwise an ofp_mkerr() return code. */ | |
530 | static int | |
531 | check_enqueue_action(const union ofp_action *a, unsigned int len, | |
532 | int max_ports) | |
533 | { | |
534 | const struct ofp_action_enqueue *oae; | |
535 | uint16_t port; | |
536 | int error; | |
537 | ||
538 | error = check_action_exact_len(a, len, 16); | |
539 | if (error) { | |
540 | return error; | |
541 | } | |
542 | ||
543 | oae = (const struct ofp_action_enqueue *) a; | |
544 | port = ntohs(oae->port); | |
545 | if (port < max_ports || port == OFPP_IN_PORT) { | |
546 | return 0; | |
547 | } | |
548 | VLOG_WARN_RL(&bad_ofmsg_rl, "unknown enqueue port %x", port); | |
549 | return ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_BAD_OUT_PORT); | |
550 | } | |
551 | ||
fa37b408 BP |
552 | static int |
553 | check_nicira_action(const union ofp_action *a, unsigned int len) | |
554 | { | |
555 | const struct nx_action_header *nah; | |
556 | ||
557 | if (len < 16) { | |
558 | VLOG_DBG_RL(&bad_ofmsg_rl, | |
559 | "Nicira vendor action only %u bytes", len); | |
560 | return ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_BAD_LEN); | |
561 | } | |
562 | nah = (const struct nx_action_header *) a; | |
563 | ||
564 | switch (ntohs(nah->subtype)) { | |
565 | case NXAST_RESUBMIT: | |
566 | case NXAST_SET_TUNNEL: | |
567 | return check_action_exact_len(a, len, 16); | |
568 | default: | |
569 | return ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_BAD_VENDOR_TYPE); | |
570 | } | |
571 | } | |
572 | ||
573 | static int | |
574 | check_action(const union ofp_action *a, unsigned int len, int max_ports) | |
575 | { | |
576 | int error; | |
577 | ||
578 | switch (ntohs(a->type)) { | |
579 | case OFPAT_OUTPUT: | |
c1c9c9c4 BP |
580 | error = check_action_exact_len(a, len, 8); |
581 | if (error) { | |
582 | return error; | |
583 | } | |
584 | return check_output_port(ntohs(a->output.port), max_ports); | |
fa37b408 BP |
585 | |
586 | case OFPAT_SET_VLAN_VID: | |
587 | case OFPAT_SET_VLAN_PCP: | |
588 | case OFPAT_STRIP_VLAN: | |
589 | case OFPAT_SET_NW_SRC: | |
590 | case OFPAT_SET_NW_DST: | |
591 | case OFPAT_SET_NW_TOS: | |
592 | case OFPAT_SET_TP_SRC: | |
593 | case OFPAT_SET_TP_DST: | |
594 | return check_action_exact_len(a, len, 8); | |
595 | ||
596 | case OFPAT_SET_DL_SRC: | |
597 | case OFPAT_SET_DL_DST: | |
598 | return check_action_exact_len(a, len, 16); | |
599 | ||
600 | case OFPAT_VENDOR: | |
601 | return (a->vendor.vendor == htonl(NX_VENDOR_ID) | |
602 | ? check_nicira_action(a, len) | |
603 | : ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_BAD_VENDOR)); | |
604 | ||
c1c9c9c4 BP |
605 | case OFPAT_ENQUEUE: |
606 | return check_enqueue_action(a, len, max_ports); | |
607 | ||
fa37b408 BP |
608 | default: |
609 | VLOG_WARN_RL(&bad_ofmsg_rl, "unknown action type %"PRIu16, | |
610 | ntohs(a->type)); | |
611 | return ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_BAD_TYPE); | |
612 | } | |
613 | } | |
614 | ||
615 | int | |
616 | validate_actions(const union ofp_action *actions, size_t n_actions, | |
617 | int max_ports) | |
618 | { | |
619 | const union ofp_action *a; | |
620 | ||
621 | for (a = actions; a < &actions[n_actions]; ) { | |
622 | unsigned int len = ntohs(a->header.len); | |
623 | unsigned int n_slots = len / ACTION_ALIGNMENT; | |
624 | unsigned int slots_left = &actions[n_actions] - a; | |
625 | int error; | |
626 | ||
627 | if (n_slots > slots_left) { | |
628 | VLOG_DBG_RL(&bad_ofmsg_rl, | |
629 | "action requires %u slots but only %u remain", | |
630 | n_slots, slots_left); | |
631 | return ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_BAD_LEN); | |
632 | } else if (!len) { | |
633 | VLOG_DBG_RL(&bad_ofmsg_rl, "action has invalid length 0"); | |
634 | return ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_BAD_LEN); | |
635 | } else if (len % ACTION_ALIGNMENT) { | |
636 | VLOG_DBG_RL(&bad_ofmsg_rl, "action length %u is not a multiple " | |
637 | "of %d", len, ACTION_ALIGNMENT); | |
638 | return ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_BAD_LEN); | |
639 | } | |
640 | ||
641 | error = check_action(a, len, max_ports); | |
642 | if (error) { | |
643 | return error; | |
644 | } | |
645 | a += n_slots; | |
646 | } | |
647 | return 0; | |
648 | } | |
649 | ||
c1c9c9c4 BP |
650 | /* Returns true if 'action' outputs to 'port' (which must be in network byte |
651 | * order), false otherwise. */ | |
652 | bool | |
653 | action_outputs_to_port(const union ofp_action *action, uint16_t port) | |
654 | { | |
655 | switch (ntohs(action->type)) { | |
656 | case OFPAT_OUTPUT: | |
657 | return action->output.port == port; | |
658 | case OFPAT_ENQUEUE: | |
659 | return ((const struct ofp_action_enqueue *) action)->port == port; | |
660 | default: | |
661 | return false; | |
662 | } | |
663 | } | |
664 | ||
fa37b408 BP |
665 | /* The set of actions must either come from a trusted source or have been |
666 | * previously validated with validate_actions(). */ | |
667 | const union ofp_action * | |
668 | actions_first(struct actions_iterator *iter, | |
669 | const union ofp_action *oa, size_t n_actions) | |
670 | { | |
671 | iter->pos = oa; | |
672 | iter->end = oa + n_actions; | |
673 | return actions_next(iter); | |
674 | } | |
675 | ||
676 | const union ofp_action * | |
677 | actions_next(struct actions_iterator *iter) | |
678 | { | |
679 | if (iter->pos < iter->end) { | |
680 | const union ofp_action *a = iter->pos; | |
681 | unsigned int len = ntohs(a->header.len); | |
682 | iter->pos += len / ACTION_ALIGNMENT; | |
683 | return a; | |
684 | } else { | |
685 | return NULL; | |
686 | } | |
687 | } | |
688 | ||
689 | void | |
690 | normalize_match(struct ofp_match *m) | |
691 | { | |
692 | enum { OFPFW_NW = OFPFW_NW_SRC_MASK | OFPFW_NW_DST_MASK | OFPFW_NW_PROTO }; | |
693 | enum { OFPFW_TP = OFPFW_TP_SRC | OFPFW_TP_DST }; | |
694 | uint32_t wc; | |
695 | ||
696 | wc = ntohl(m->wildcards) & OVSFW_ALL; | |
697 | if (wc & OFPFW_DL_TYPE) { | |
698 | m->dl_type = 0; | |
699 | ||
700 | /* Can't sensibly match on network or transport headers if the | |
701 | * data link type is unknown. */ | |
702 | wc |= OFPFW_NW | OFPFW_TP; | |
4d326add | 703 | m->nw_src = m->nw_dst = m->nw_proto = m->nw_tos = 0; |
fa37b408 BP |
704 | m->tp_src = m->tp_dst = 0; |
705 | } else if (m->dl_type == htons(ETH_TYPE_IP)) { | |
706 | if (wc & OFPFW_NW_PROTO) { | |
707 | m->nw_proto = 0; | |
708 | ||
709 | /* Can't sensibly match on transport headers if the network | |
710 | * protocol is unknown. */ | |
711 | wc |= OFPFW_TP; | |
712 | m->tp_src = m->tp_dst = 0; | |
713 | } else if (m->nw_proto == IPPROTO_TCP || | |
714 | m->nw_proto == IPPROTO_UDP || | |
715 | m->nw_proto == IPPROTO_ICMP) { | |
716 | if (wc & OFPFW_TP_SRC) { | |
717 | m->tp_src = 0; | |
718 | } | |
719 | if (wc & OFPFW_TP_DST) { | |
720 | m->tp_dst = 0; | |
721 | } | |
722 | } else { | |
723 | /* Transport layer fields will always be extracted as zeros, so we | |
724 | * can do an exact-match on those values. */ | |
725 | wc &= ~OFPFW_TP; | |
726 | m->tp_src = m->tp_dst = 0; | |
727 | } | |
728 | if (wc & OFPFW_NW_SRC_MASK) { | |
729 | m->nw_src &= flow_nw_bits_to_mask(wc, OFPFW_NW_SRC_SHIFT); | |
730 | } | |
731 | if (wc & OFPFW_NW_DST_MASK) { | |
732 | m->nw_dst &= flow_nw_bits_to_mask(wc, OFPFW_NW_DST_SHIFT); | |
733 | } | |
4d326add BP |
734 | if (wc & OFPFW_NW_TOS) { |
735 | m->nw_tos = 0; | |
736 | } else { | |
737 | m->nw_tos &= IP_DSCP_MASK; | |
738 | } | |
fa37b408 BP |
739 | } else if (m->dl_type == htons(ETH_TYPE_ARP)) { |
740 | if (wc & OFPFW_NW_PROTO) { | |
741 | m->nw_proto = 0; | |
742 | } | |
743 | if (wc & OFPFW_NW_SRC_MASK) { | |
744 | m->nw_src &= flow_nw_bits_to_mask(wc, OFPFW_NW_SRC_SHIFT); | |
745 | } | |
746 | if (wc & OFPFW_NW_DST_MASK) { | |
747 | m->nw_dst &= flow_nw_bits_to_mask(wc, OFPFW_NW_DST_SHIFT); | |
748 | } | |
4d326add | 749 | m->tp_src = m->tp_dst = m->nw_tos = 0; |
fa37b408 BP |
750 | } else { |
751 | /* Network and transport layer fields will always be extracted as | |
752 | * zeros, so we can do an exact-match on those values. */ | |
753 | wc &= ~(OFPFW_NW | OFPFW_TP); | |
4d326add | 754 | m->nw_proto = m->nw_src = m->nw_dst = m->nw_tos = 0; |
fa37b408 BP |
755 | m->tp_src = m->tp_dst = 0; |
756 | } | |
757 | if (wc & OFPFW_DL_SRC) { | |
758 | memset(m->dl_src, 0, sizeof m->dl_src); | |
759 | } | |
760 | if (wc & OFPFW_DL_DST) { | |
761 | memset(m->dl_dst, 0, sizeof m->dl_dst); | |
762 | } | |
763 | m->wildcards = htonl(wc); | |
764 | } | |
765 | ||
3f09c339 BP |
766 | /* Returns a string that describes 'match' in a very literal way, without |
767 | * interpreting its contents except in a very basic fashion. The returned | |
768 | * string is intended to be fixed-length, so that it is easy to see differences | |
769 | * between two such strings if one is put above another. This is useful for | |
770 | * describing changes made by normalize_match(). | |
771 | * | |
772 | * The caller must free the returned string (with free()). */ | |
773 | char * | |
774 | ofp_match_to_literal_string(const struct ofp_match *match) | |
775 | { | |
776 | return xasprintf("wildcards=%#10"PRIx32" " | |
777 | " in_port=%5"PRId16" " | |
778 | " dl_src="ETH_ADDR_FMT" " | |
779 | " dl_dst="ETH_ADDR_FMT" " | |
780 | " dl_vlan=%5"PRId16" " | |
781 | " dl_vlan_pcp=%3"PRId8" " | |
782 | " dl_type=%#6"PRIx16" " | |
783 | " nw_tos=%#4"PRIx8" " | |
784 | " nw_proto=%#4"PRIx16" " | |
785 | " nw_src=%#10"PRIx32" " | |
786 | " nw_dst=%#10"PRIx32" " | |
787 | " tp_src=%5"PRId16" " | |
788 | " tp_dst=%5"PRId16, | |
789 | ntohl(match->wildcards), | |
790 | ntohs(match->in_port), | |
791 | ETH_ADDR_ARGS(match->dl_src), | |
792 | ETH_ADDR_ARGS(match->dl_dst), | |
793 | ntohs(match->dl_vlan), | |
794 | match->dl_vlan_pcp, | |
795 | ntohs(match->dl_type), | |
796 | match->nw_tos, | |
797 | match->nw_proto, | |
798 | ntohl(match->nw_src), | |
799 | ntohl(match->nw_dst), | |
800 | ntohs(match->tp_src), | |
801 | ntohs(match->tp_dst)); | |
802 | } |