]>
Commit | Line | Data |
---|---|---|
9bfe9334 | 1 | /* Copyright (c) 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016 Nicira, Inc. |
9583bc14 EJ |
2 | * |
3 | * Licensed under the Apache License, Version 2.0 (the "License"); | |
4 | * you may not use this file except in compliance with the License. | |
5 | * You may obtain a copy of the License at: | |
6 | * | |
7 | * http://www.apache.org/licenses/LICENSE-2.0 | |
8 | * | |
9 | * Unless required by applicable law or agreed to in writing, software | |
10 | * distributed under the License is distributed on an "AS IS" BASIS, | |
11 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
12 | * See the License for the specific language governing permissions and | |
13 | * limitations under the License. */ | |
14 | ||
15 | #include <config.h> | |
16 | ||
17 | #include "ofproto/ofproto-dpif-xlate.h" | |
18 | ||
8449c4d6 | 19 | #include <errno.h> |
a36de779 PS |
20 | #include <arpa/inet.h> |
21 | #include <net/if.h> | |
22 | #include <sys/socket.h> | |
23 | #include <netinet/in.h> | |
8449c4d6 | 24 | |
db7d4e46 | 25 | #include "bfd.h" |
9583bc14 EJ |
26 | #include "bitmap.h" |
27 | #include "bond.h" | |
28 | #include "bundle.h" | |
29 | #include "byte-order.h" | |
db7d4e46 | 30 | #include "cfm.h" |
9583bc14 EJ |
31 | #include "connmgr.h" |
32 | #include "coverage.h" | |
e14deea0 | 33 | #include "dp-packet.h" |
9583bc14 | 34 | #include "dpif.h" |
f7f1ea29 | 35 | #include "in-band.h" |
db7d4e46 | 36 | #include "lacp.h" |
9583bc14 EJ |
37 | #include "learn.h" |
38 | #include "mac-learning.h" | |
6d95c4e8 | 39 | #include "mcast-snooping.h" |
9583bc14 EJ |
40 | #include "multipath.h" |
41 | #include "netdev-vport.h" | |
42 | #include "netlink.h" | |
43 | #include "nx-match.h" | |
44 | #include "odp-execute.h" | |
9583bc14 | 45 | #include "ofproto/ofproto-dpif-ipfix.h" |
ec7ceaed | 46 | #include "ofproto/ofproto-dpif-mirror.h" |
60d02c72 | 47 | #include "ofproto/ofproto-dpif-monitor.h" |
9583bc14 | 48 | #include "ofproto/ofproto-dpif-sflow.h" |
901a517e | 49 | #include "ofproto/ofproto-dpif-xlate-cache.h" |
9583bc14 | 50 | #include "ofproto/ofproto-dpif.h" |
6f00e29b | 51 | #include "ofproto/ofproto-provider.h" |
b598f214 BW |
52 | #include "openvswitch/dynamic-string.h" |
53 | #include "openvswitch/meta-flow.h" | |
54 | #include "openvswitch/list.h" | |
55 | #include "openvswitch/ofp-actions.h" | |
56 | #include "openvswitch/vlog.h" | |
57 | #include "ovs-lldp.h" | |
a36de779 | 58 | #include "ovs-router.h" |
b598f214 BW |
59 | #include "packets.h" |
60 | #include "tnl-neigh-cache.h" | |
a36de779 | 61 | #include "tnl-ports.h" |
9583bc14 | 62 | #include "tunnel.h" |
ee89ea7b | 63 | #include "util.h" |
9583bc14 | 64 | |
46c88433 | 65 | COVERAGE_DEFINE(xlate_actions); |
0f032e95 | 66 | COVERAGE_DEFINE(xlate_actions_oversize); |
7d031d7e | 67 | COVERAGE_DEFINE(xlate_actions_too_many_output); |
9583bc14 EJ |
68 | |
69 | VLOG_DEFINE_THIS_MODULE(ofproto_dpif_xlate); | |
70 | ||
8a553e9a | 71 | /* Maximum depth of flow table recursion (due to resubmit actions) in a |
790c5d26 BP |
72 | * flow translation. |
73 | * | |
74 | * The goal of limiting the depth of resubmits is to ensure that flow | |
75 | * translation eventually terminates. Only resubmits to the same table or an | |
76 | * earlier table count against the maximum depth. This is because resubmits to | |
77 | * strictly monotonically increasing table IDs will eventually terminate, since | |
78 | * any OpenFlow switch has a finite number of tables. OpenFlow tables are most | |
79 | * commonly traversed in numerically increasing order, so this limit has little | |
80 | * effect on conventionally designed OpenFlow pipelines. | |
81 | * | |
82 | * Outputs to patch ports and to groups also count against the depth limit. */ | |
83 | #define MAX_DEPTH 64 | |
8a553e9a | 84 | |
98b07853 BP |
85 | /* Maximum number of resubmit actions in a flow translation, whether they are |
86 | * recursive or not. */ | |
790c5d26 | 87 | #define MAX_RESUBMITS (MAX_DEPTH * MAX_DEPTH) |
98b07853 | 88 | |
46c88433 EJ |
89 | struct xbridge { |
90 | struct hmap_node hmap_node; /* Node in global 'xbridges' map. */ | |
91 | struct ofproto_dpif *ofproto; /* Key in global 'xbridges' map. */ | |
92 | ||
ca6ba700 | 93 | struct ovs_list xbundles; /* Owned xbundles. */ |
46c88433 EJ |
94 | struct hmap xports; /* Indexed by ofp_port. */ |
95 | ||
96 | char *name; /* Name used in log messages. */ | |
89a8a7f0 | 97 | struct dpif *dpif; /* Datapath interface. */ |
46c88433 | 98 | struct mac_learning *ml; /* Mac learning handle. */ |
6d95c4e8 | 99 | struct mcast_snooping *ms; /* Multicast Snooping handle. */ |
46c88433 EJ |
100 | struct mbridge *mbridge; /* Mirroring. */ |
101 | struct dpif_sflow *sflow; /* SFlow handle, or null. */ | |
102 | struct dpif_ipfix *ipfix; /* Ipfix handle, or null. */ | |
ce3955be | 103 | struct netflow *netflow; /* Netflow handle, or null. */ |
9d189a50 | 104 | struct stp *stp; /* STP or null if disabled. */ |
9efd308e | 105 | struct rstp *rstp; /* RSTP or null if disabled. */ |
46c88433 | 106 | |
46c88433 EJ |
107 | bool has_in_band; /* Bridge has in band control? */ |
108 | bool forward_bpdu; /* Bridge forwards STP BPDUs? */ | |
4b97b70d | 109 | |
b440dd8c JS |
110 | /* Datapath feature support. */ |
111 | struct dpif_backer_support support; | |
46c88433 EJ |
112 | }; |
113 | ||
114 | struct xbundle { | |
115 | struct hmap_node hmap_node; /* In global 'xbundles' map. */ | |
116 | struct ofbundle *ofbundle; /* Key in global 'xbundles' map. */ | |
117 | ||
ca6ba700 | 118 | struct ovs_list list_node; /* In parent 'xbridges' list. */ |
46c88433 EJ |
119 | struct xbridge *xbridge; /* Parent xbridge. */ |
120 | ||
ca6ba700 | 121 | struct ovs_list xports; /* Contains "struct xport"s. */ |
46c88433 EJ |
122 | |
123 | char *name; /* Name used in log messages. */ | |
124 | struct bond *bond; /* Nonnull iff more than one port. */ | |
125 | struct lacp *lacp; /* LACP handle or null. */ | |
126 | ||
127 | enum port_vlan_mode vlan_mode; /* VLAN mode. */ | |
128 | int vlan; /* -1=trunk port, else a 12-bit VLAN ID. */ | |
129 | unsigned long *trunks; /* Bitmap of trunked VLANs, if 'vlan' == -1. | |
130 | * NULL if all VLANs are trunked. */ | |
131 | bool use_priority_tags; /* Use 802.1p tag for frames in VLAN 0? */ | |
132 | bool floodable; /* No port has OFPUTIL_PC_NO_FLOOD set? */ | |
133 | }; | |
134 | ||
135 | struct xport { | |
136 | struct hmap_node hmap_node; /* Node in global 'xports' map. */ | |
137 | struct ofport_dpif *ofport; /* Key in global 'xports map. */ | |
138 | ||
139 | struct hmap_node ofp_node; /* Node in parent xbridge 'xports' map. */ | |
140 | ofp_port_t ofp_port; /* Key in parent xbridge 'xports' map. */ | |
141 | ||
142 | odp_port_t odp_port; /* Datapath port number or ODPP_NONE. */ | |
143 | ||
ca6ba700 | 144 | struct ovs_list bundle_node; /* In parent xbundle (if it exists). */ |
46c88433 EJ |
145 | struct xbundle *xbundle; /* Parent xbundle or null. */ |
146 | ||
147 | struct netdev *netdev; /* 'ofport''s netdev. */ | |
148 | ||
149 | struct xbridge *xbridge; /* Parent bridge. */ | |
150 | struct xport *peer; /* Patch port peer or null. */ | |
151 | ||
152 | enum ofputil_port_config config; /* OpenFlow port configuration. */ | |
dd8cd4b4 | 153 | enum ofputil_port_state state; /* OpenFlow port state. */ |
92cf817b | 154 | int stp_port_no; /* STP port number or -1 if not in use. */ |
f025bcb7 | 155 | struct rstp_port *rstp_port; /* RSTP port or null. */ |
46c88433 | 156 | |
55954f6e EJ |
157 | struct hmap skb_priorities; /* Map of 'skb_priority_to_dscp's. */ |
158 | ||
46c88433 EJ |
159 | bool may_enable; /* May be enabled in bonds. */ |
160 | bool is_tunnel; /* Is a tunnel port. */ | |
161 | ||
162 | struct cfm *cfm; /* CFM handle or null. */ | |
163 | struct bfd *bfd; /* BFD handle or null. */ | |
0477baa9 | 164 | struct lldp *lldp; /* LLDP handle or null. */ |
46c88433 EJ |
165 | }; |
166 | ||
4d0acc70 EJ |
167 | struct xlate_ctx { |
168 | struct xlate_in *xin; | |
169 | struct xlate_out *xout; | |
170 | ||
46c88433 | 171 | const struct xbridge *xbridge; |
4d0acc70 EJ |
172 | |
173 | /* Flow at the last commit. */ | |
174 | struct flow base_flow; | |
175 | ||
176 | /* Tunnel IP destination address as received. This is stored separately | |
177 | * as the base_flow.tunnel is cleared on init to reflect the datapath | |
178 | * behavior. Used to make sure not to send tunneled output to ourselves, | |
179 | * which might lead to an infinite loop. This could happen easily | |
180 | * if a tunnel is marked as 'ip_remote=flow', and the flow does not | |
181 | * actually set the tun_dst field. */ | |
e4d3706c | 182 | struct in6_addr orig_tunnel_ipv6_dst; |
4d0acc70 EJ |
183 | |
184 | /* Stack for the push and pop actions. Each stack element is of type | |
185 | * "union mf_subvalue". */ | |
4d0acc70 EJ |
186 | struct ofpbuf stack; |
187 | ||
188 | /* The rule that we are currently translating, or NULL. */ | |
189 | struct rule_dpif *rule; | |
190 | ||
49a73e0c BP |
191 | /* Flow translation populates this with wildcards relevant in translation. |
192 | * When 'xin->wc' is nonnull, this is the same pointer. When 'xin->wc' is | |
c0e638aa | 193 | * null, this is a pointer to a temporary buffer. */ |
49a73e0c BP |
194 | struct flow_wildcards *wc; |
195 | ||
1520ef4f BP |
196 | /* Output buffer for datapath actions. When 'xin->odp_actions' is nonnull, |
197 | * this is the same pointer. When 'xin->odp_actions' is null, this points | |
198 | * to a scratch ofpbuf. This allows code to add actions to | |
199 | * 'ctx->odp_actions' without worrying about whether the caller really | |
200 | * wants actions. */ | |
201 | struct ofpbuf *odp_actions; | |
202 | ||
790c5d26 BP |
203 | /* Statistics maintained by xlate_table_action(). |
204 | * | |
205 | * 'indentation' is the nesting level for resubmits. It is used to indent | |
206 | * the output of resubmit_hook (e.g. for the "ofproto/trace" feature). | |
207 | * | |
208 | * The other statistics limit the amount of work that a single flow | |
209 | * translation can perform. The goal of the first of these, 'depth', is | |
210 | * primarily to prevent translation from performing an infinite amount of | |
211 | * work. It counts the current depth of nested "resubmit"s (and a few | |
212 | * other activities); when a resubmit returns, it decreases. Resubmits to | |
213 | * tables in strictly monotonically increasing order don't contribute to | |
214 | * 'depth' because they cannot cause a flow translation to take an infinite | |
215 | * amount of time (because the number of tables is finite). Translation | |
216 | * aborts when 'depth' exceeds MAX_DEPTH. | |
217 | * | |
218 | * 'resubmits', on the other hand, prevents flow translation from | |
219 | * performing an extraordinarily large while still finite amount of work. | |
220 | * It counts the total number of resubmits (and a few other activities) | |
221 | * that have been executed. Returning from a resubmit does not affect this | |
222 | * counter. Thus, this limits the amount of work that a particular | |
223 | * translation can perform. Translation aborts when 'resubmits' exceeds | |
224 | * MAX_RESUBMITS (which is much larger than MAX_DEPTH). | |
225 | */ | |
226 | int indentation; /* Indentation level for resubmit_hook. */ | |
227 | int depth; /* Current resubmit nesting depth. */ | |
98b07853 | 228 | int resubmits; /* Total number of resubmits. */ |
5a070238 | 229 | bool in_group; /* Currently translating ofgroup, if true. */ |
029ca940 | 230 | bool in_action_set; /* Currently translating action_set, if true. */ |
98b07853 | 231 | |
4d0acc70 | 232 | uint8_t table_id; /* OpenFlow table ID where flow was found. */ |
8b1e5560 JR |
233 | ovs_be64 rule_cookie; /* Cookie of the rule being translated. */ |
234 | uint32_t orig_skb_priority; /* Priority when packet arrived. */ | |
4d0acc70 | 235 | uint32_t sflow_n_outputs; /* Number of output ports. */ |
4e022ec0 | 236 | odp_port_t sflow_odp_port; /* Output port for composing sFlow action. */ |
2031ef97 | 237 | ofp_port_t nf_output_iface; /* Output interface index for NetFlow. */ |
4d0acc70 | 238 | bool exit; /* No further actions should be processed. */ |
3d6151f3 | 239 | mirror_mask_t mirrors; /* Bitmap of associated mirrors. */ |
1356dbd1 | 240 | int mirror_snaplen; /* Max size of a mirror packet in byte. */ |
7fdb60a7 | 241 | |
1d361a81 BP |
242 | /* Freezing Translation |
243 | * ==================== | |
e672ff9b | 244 | * |
1d361a81 BP |
245 | * At some point during translation, the code may recognize the need to halt |
246 | * and checkpoint the translation in a way that it can be restarted again | |
247 | * later. We call the checkpointing process "freezing" and the restarting | |
248 | * process "thawing". | |
e672ff9b | 249 | * |
1d361a81 | 250 | * The use cases for freezing are: |
e672ff9b | 251 | * |
1d361a81 BP |
252 | * - "Recirculation", where the translation process discovers that it |
253 | * doesn't have enough information to complete translation without | |
254 | * actually executing the actions that have already been translated, | |
255 | * which provides the additionally needed information. In these | |
256 | * situations, translation freezes translation and assigns the frozen | |
257 | * data a unique "recirculation ID", which it associates with the data | |
258 | * in a table in userspace (see ofproto-dpif-rid.h). It also adds a | |
259 | * OVS_ACTION_ATTR_RECIRC action specifying that ID to the datapath | |
260 | * actions. When a packet hits that action, the datapath looks its | |
261 | * flow up again using the ID. If there's a miss, it comes back to | |
262 | * userspace, which find the recirculation table entry for the ID, | |
263 | * thaws the associated frozen data, and continues translation from | |
264 | * that point given the additional information that is now known. | |
e672ff9b | 265 | * |
1d361a81 BP |
266 | * The archetypal example is MPLS. As MPLS is implemented in |
267 | * OpenFlow, the protocol that follows the last MPLS label becomes | |
268 | * known only when that label is popped by an OpenFlow action. That | |
269 | * means that Open vSwitch can't extract the headers beyond the MPLS | |
270 | * labels until the pop action is executed. Thus, at that point | |
271 | * translation uses the recirculation process to extract the headers | |
272 | * beyond the MPLS labels. | |
e672ff9b | 273 | * |
1d361a81 BP |
274 | * (OVS also uses OVS_ACTION_ATTR_RECIRC to implement hashing for |
275 | * output to bonds. OVS pre-populates all the datapath flows for bond | |
276 | * output in the datapath, though, which means that the elaborate | |
277 | * process of coming back to userspace for a second round of | |
278 | * translation isn't needed, and so bonds don't follow the above | |
279 | * process.) | |
e672ff9b | 280 | * |
77ab5fd2 BP |
281 | * - "Continuation". A continuation is a way for an OpenFlow controller |
282 | * to interpose on a packet's traversal of the OpenFlow tables. When | |
283 | * the translation process encounters a "controller" action with the | |
284 | * "pause" flag, it freezes translation, serializes the frozen data, | |
285 | * and sends it to an OpenFlow controller. The controller then | |
286 | * examines and possibly modifies the frozen data and eventually sends | |
287 | * it back to the switch, which thaws it and continues translation. | |
e672ff9b | 288 | * |
1d361a81 BP |
289 | * The main problem of freezing translation is preserving state, so that |
290 | * when the translation is thawed later it resumes from where it left off, | |
291 | * without disruption. In particular, actions must be preserved as follows: | |
292 | * | |
293 | * - If we're freezing because an action needed more information, the | |
294 | * action that prompted it. | |
295 | * | |
296 | * - Any actions remaining to be translated within the current flow. | |
297 | * | |
298 | * - If translation was frozen within a NXAST_RESUBMIT, then any actions | |
299 | * following the resubmit action. Resubmit actions can be nested, so | |
300 | * this has to go all the way up the control stack. | |
e672ff9b JR |
301 | * |
302 | * - The OpenFlow 1.1+ action set. | |
303 | * | |
304 | * State that actions and flow table lookups can depend on, such as the | |
305 | * following, must also be preserved: | |
306 | * | |
307 | * - Metadata fields (input port, registers, OF1.1+ metadata, ...). | |
308 | * | |
1d361a81 | 309 | * - The stack used by NXAST_STACK_PUSH and NXAST_STACK_POP actions. |
e672ff9b JR |
310 | * |
311 | * - The table ID and cookie of the flow being translated at each level | |
1d361a81 BP |
312 | * of the control stack, because these can become visible through |
313 | * OFPAT_CONTROLLER actions (and other ways). | |
e672ff9b JR |
314 | * |
315 | * Translation allows for the control of this state preservation via these | |
1d361a81 BP |
316 | * members. When a need to freeze translation is identified, the |
317 | * translation process: | |
e672ff9b | 318 | * |
1d361a81 | 319 | * 1. Sets 'freezing' to true. |
e672ff9b JR |
320 | * |
321 | * 2. Sets 'exit' to true to tell later steps that we're exiting from the | |
322 | * translation process. | |
323 | * | |
1d361a81 BP |
324 | * 3. Adds an OFPACT_UNROLL_XLATE action to 'frozen_actions', and points |
325 | * frozen_actions.header to the action to make it easy to find it later. | |
326 | * This action holds the current table ID and cookie so that they can be | |
327 | * restored during a post-recirculation upcall translation. | |
e672ff9b JR |
328 | * |
329 | * 4. Adds the action that prompted recirculation and any actions following | |
1d361a81 | 330 | * it within the same flow to 'frozen_actions', so that they can be |
8a5fb3b4 | 331 | * executed during a post-recirculation upcall translation. |
e672ff9b JR |
332 | * |
333 | * 5. Returns. | |
334 | * | |
335 | * 6. The action that prompted recirculation might be nested in a stack of | |
336 | * nested "resubmit"s that have actions remaining. Each of these notices | |
1d361a81 BP |
337 | * that we're exiting and freezing and responds by adding more |
338 | * OFPACT_UNROLL_XLATE actions to 'frozen_actions', as necessary, | |
339 | * followed by any actions that were yet unprocessed. | |
e672ff9b | 340 | * |
1d361a81 BP |
341 | * If we're freezing because of recirculation, the caller generates a |
342 | * recirculation ID and associates all the state produced by this process | |
343 | * with it. For post-recirculation upcall translation, the caller passes it | |
344 | * back in for the new translation to execute. The process yielded a set of | |
345 | * ofpacts that can be translated directly, so it is not much of a special | |
346 | * case at that point. | |
e672ff9b | 347 | */ |
1d361a81 | 348 | bool freezing; |
53cc166a JR |
349 | bool recirc_update_dp_hash; /* Generated recirculation will be preceded |
350 | * by datapath HASH action to get an updated | |
351 | * dp_hash after recirculation. */ | |
352 | uint32_t dp_hash_alg; | |
353 | uint32_t dp_hash_basis; | |
1d361a81 | 354 | struct ofpbuf frozen_actions; |
77ab5fd2 | 355 | const struct ofpact_controller *pause; |
e672ff9b | 356 | |
e12ec36b SH |
357 | /* True if a packet was but is no longer MPLS (due to an MPLS pop action). |
358 | * This is a trigger for recirculation in cases where translating an action | |
359 | * or looking up a flow requires access to the fields of the packet after | |
360 | * the MPLS label stack that was originally present. */ | |
361 | bool was_mpls; | |
362 | ||
07659514 JS |
363 | /* True if conntrack has been performed on this packet during processing |
364 | * on the current bridge. This is used to determine whether conntrack | |
1d361a81 | 365 | * state from the datapath should be honored after thawing. */ |
07659514 JS |
366 | bool conntracked; |
367 | ||
9ac0aada JR |
368 | /* Pointer to an embedded NAT action in a conntrack action, or NULL. */ |
369 | struct ofpact_nat *ct_nat_action; | |
370 | ||
7fdb60a7 SH |
371 | /* OpenFlow 1.1+ action set. |
372 | * | |
373 | * 'action_set' accumulates "struct ofpact"s added by OFPACT_WRITE_ACTIONS. | |
374 | * When translation is otherwise complete, ofpacts_execute_action_set() | |
375 | * converts it to a set of "struct ofpact"s that can be translated into | |
ed9c9e3e | 376 | * datapath actions. */ |
c61f3870 | 377 | bool action_set_has_group; /* Action set contains OFPACT_GROUP? */ |
7fdb60a7 | 378 | struct ofpbuf action_set; /* Action set. */ |
fff1b9c0 JR |
379 | |
380 | enum xlate_error error; /* Translation failed. */ | |
4d0acc70 EJ |
381 | }; |
382 | ||
fff1b9c0 JR |
383 | const char *xlate_strerror(enum xlate_error error) |
384 | { | |
385 | switch (error) { | |
386 | case XLATE_OK: | |
387 | return "OK"; | |
388 | case XLATE_BRIDGE_NOT_FOUND: | |
389 | return "Bridge not found"; | |
390 | case XLATE_RECURSION_TOO_DEEP: | |
391 | return "Recursion too deep"; | |
392 | case XLATE_TOO_MANY_RESUBMITS: | |
393 | return "Too many resubmits"; | |
394 | case XLATE_STACK_TOO_DEEP: | |
395 | return "Stack too deep"; | |
396 | case XLATE_NO_RECIRCULATION_CONTEXT: | |
397 | return "No recirculation context"; | |
398 | case XLATE_RECIRCULATION_CONFLICT: | |
399 | return "Recirculation conflict"; | |
400 | case XLATE_TOO_MANY_MPLS_LABELS: | |
401 | return "Too many MPLS labels"; | |
8d8ab6c2 JG |
402 | case XLATE_INVALID_TUNNEL_METADATA: |
403 | return "Invalid tunnel metadata"; | |
fff1b9c0 JR |
404 | } |
405 | return "Unknown error"; | |
406 | } | |
407 | ||
ed9c9e3e | 408 | static void xlate_action_set(struct xlate_ctx *ctx); |
704bb0bf | 409 | static void xlate_commit_actions(struct xlate_ctx *ctx); |
ed9c9e3e | 410 | |
1d741d6d | 411 | static void |
1d361a81 | 412 | ctx_trigger_freeze(struct xlate_ctx *ctx) |
1d741d6d JR |
413 | { |
414 | ctx->exit = true; | |
1d361a81 | 415 | ctx->freezing = true; |
1d741d6d JR |
416 | } |
417 | ||
53cc166a JR |
418 | static void |
419 | ctx_trigger_recirculate_with_hash(struct xlate_ctx *ctx, uint32_t type, | |
420 | uint32_t basis) | |
421 | { | |
422 | ctx->exit = true; | |
423 | ctx->freezing = true; | |
424 | ctx->recirc_update_dp_hash = true; | |
425 | ctx->dp_hash_alg = type; | |
426 | ctx->dp_hash_basis = basis; | |
427 | } | |
428 | ||
1d741d6d | 429 | static bool |
1d361a81 | 430 | ctx_first_frozen_action(const struct xlate_ctx *ctx) |
1d741d6d | 431 | { |
1d361a81 | 432 | return !ctx->frozen_actions.size; |
e672ff9b JR |
433 | } |
434 | ||
3293cb85 | 435 | static void |
1d361a81 | 436 | ctx_cancel_freeze(struct xlate_ctx *ctx) |
3293cb85 | 437 | { |
1d361a81 BP |
438 | if (ctx->freezing) { |
439 | ctx->freezing = false; | |
53cc166a | 440 | ctx->recirc_update_dp_hash = false; |
1d361a81 BP |
441 | ofpbuf_clear(&ctx->frozen_actions); |
442 | ctx->frozen_actions.header = NULL; | |
3293cb85 BP |
443 | } |
444 | } | |
445 | ||
77ab5fd2 | 446 | static void finish_freezing(struct xlate_ctx *ctx); |
e672ff9b | 447 | |
9583bc14 EJ |
448 | /* A controller may use OFPP_NONE as the ingress port to indicate that |
449 | * it did not arrive on a "real" port. 'ofpp_none_bundle' exists for | |
450 | * when an input bundle is needed for validation (e.g., mirroring or | |
451 | * OFPP_NORMAL processing). It is not connected to an 'ofproto' or have | |
3548d242 BP |
452 | * any 'port' structs, so care must be taken when dealing with it. */ |
453 | static struct xbundle ofpp_none_bundle = { | |
454 | .name = "OFPP_NONE", | |
455 | .vlan_mode = PORT_VLAN_TRUNK | |
456 | }; | |
9583bc14 | 457 | |
55954f6e EJ |
458 | /* Node in 'xport''s 'skb_priorities' map. Used to maintain a map from |
459 | * 'priority' (the datapath's term for QoS queue) to the dscp bits which all | |
460 | * traffic egressing the 'ofport' with that priority should be marked with. */ | |
461 | struct skb_priority_to_dscp { | |
462 | struct hmap_node hmap_node; /* Node in 'ofport_dpif''s 'skb_priorities'. */ | |
463 | uint32_t skb_priority; /* Priority of this queue (see struct flow). */ | |
464 | ||
465 | uint8_t dscp; /* DSCP bits to mark outgoing traffic with. */ | |
466 | }; | |
467 | ||
84f0f298 RW |
468 | /* Xlate config contains hash maps of all bridges, bundles and ports. |
469 | * Xcfgp contains the pointer to the current xlate configuration. | |
470 | * When the main thread needs to change the configuration, it copies xcfgp to | |
471 | * new_xcfg and edits new_xcfg. This enables the use of RCU locking which | |
472 | * does not block handler and revalidator threads. */ | |
473 | struct xlate_cfg { | |
474 | struct hmap xbridges; | |
475 | struct hmap xbundles; | |
476 | struct hmap xports; | |
477 | }; | |
b1b72f2d | 478 | static OVSRCU_TYPE(struct xlate_cfg *) xcfgp = OVSRCU_INITIALIZER(NULL); |
f439f23b | 479 | static struct xlate_cfg *new_xcfg = NULL; |
46c88433 EJ |
480 | |
481 | static bool may_receive(const struct xport *, struct xlate_ctx *); | |
9583bc14 EJ |
482 | static void do_xlate_actions(const struct ofpact *, size_t ofpacts_len, |
483 | struct xlate_ctx *); | |
adcf00ba | 484 | static void xlate_normal(struct xlate_ctx *); |
c1b3756c BP |
485 | static inline void xlate_report(struct xlate_ctx *, const char *, ...) |
486 | OVS_PRINTF_FORMAT(2, 3); | |
6d328fa2 SH |
487 | static void xlate_table_action(struct xlate_ctx *, ofp_port_t in_port, |
488 | uint8_t table_id, bool may_packet_in, | |
489 | bool honor_table_miss); | |
46c88433 EJ |
490 | static bool input_vid_is_valid(uint16_t vid, struct xbundle *, bool warn); |
491 | static uint16_t input_vid_to_vlan(const struct xbundle *, uint16_t vid); | |
492 | static void output_normal(struct xlate_ctx *, const struct xbundle *, | |
9583bc14 | 493 | uint16_t vlan); |
e93ef1c7 JR |
494 | |
495 | /* Optional bond recirculation parameter to compose_output_action(). */ | |
496 | struct xlate_bond_recirc { | |
497 | uint32_t recirc_id; /* !0 Use recirculation instead of output. */ | |
498 | uint8_t hash_alg; /* !0 Compute hash for recirc before. */ | |
499 | uint32_t hash_basis; /* Compute hash for recirc before. */ | |
500 | }; | |
501 | ||
502 | static void compose_output_action(struct xlate_ctx *, ofp_port_t ofp_port, | |
503 | const struct xlate_bond_recirc *xr); | |
9583bc14 | 504 | |
84f0f298 RW |
505 | static struct xbridge *xbridge_lookup(struct xlate_cfg *, |
506 | const struct ofproto_dpif *); | |
290835f9 BP |
507 | static struct xbridge *xbridge_lookup_by_uuid(struct xlate_cfg *, |
508 | const struct uuid *); | |
84f0f298 RW |
509 | static struct xbundle *xbundle_lookup(struct xlate_cfg *, |
510 | const struct ofbundle *); | |
511 | static struct xport *xport_lookup(struct xlate_cfg *, | |
512 | const struct ofport_dpif *); | |
46c88433 | 513 | static struct xport *get_ofp_port(const struct xbridge *, ofp_port_t ofp_port); |
55954f6e EJ |
514 | static struct skb_priority_to_dscp *get_skb_priority(const struct xport *, |
515 | uint32_t skb_priority); | |
516 | static void clear_skb_priorities(struct xport *); | |
16194afd | 517 | static size_t count_skb_priorities(const struct xport *); |
55954f6e EJ |
518 | static bool dscp_from_skb_priority(const struct xport *, uint32_t skb_priority, |
519 | uint8_t *dscp); | |
46c88433 | 520 | |
84f0f298 RW |
521 | static void xlate_xbridge_init(struct xlate_cfg *, struct xbridge *); |
522 | static void xlate_xbundle_init(struct xlate_cfg *, struct xbundle *); | |
523 | static void xlate_xport_init(struct xlate_cfg *, struct xport *); | |
9efd308e | 524 | static void xlate_xbridge_set(struct xbridge *, struct dpif *, |
9efd308e DV |
525 | const struct mac_learning *, struct stp *, |
526 | struct rstp *, const struct mcast_snooping *, | |
527 | const struct mbridge *, | |
528 | const struct dpif_sflow *, | |
529 | const struct dpif_ipfix *, | |
2f47cdf4 | 530 | const struct netflow *, |
84f0f298 | 531 | bool forward_bpdu, bool has_in_band, |
b440dd8c | 532 | const struct dpif_backer_support *); |
84f0f298 RW |
533 | static void xlate_xbundle_set(struct xbundle *xbundle, |
534 | enum port_vlan_mode vlan_mode, int vlan, | |
535 | unsigned long *trunks, bool use_priority_tags, | |
536 | const struct bond *bond, const struct lacp *lacp, | |
537 | bool floodable); | |
538 | static void xlate_xport_set(struct xport *xport, odp_port_t odp_port, | |
539 | const struct netdev *netdev, const struct cfm *cfm, | |
0477baa9 DF |
540 | const struct bfd *bfd, const struct lldp *lldp, |
541 | int stp_port_no, const struct rstp_port *rstp_port, | |
84f0f298 RW |
542 | enum ofputil_port_config config, |
543 | enum ofputil_port_state state, bool is_tunnel, | |
544 | bool may_enable); | |
545 | static void xlate_xbridge_remove(struct xlate_cfg *, struct xbridge *); | |
546 | static void xlate_xbundle_remove(struct xlate_cfg *, struct xbundle *); | |
547 | static void xlate_xport_remove(struct xlate_cfg *, struct xport *); | |
548 | static void xlate_xbridge_copy(struct xbridge *); | |
549 | static void xlate_xbundle_copy(struct xbridge *, struct xbundle *); | |
550 | static void xlate_xport_copy(struct xbridge *, struct xbundle *, | |
551 | struct xport *); | |
552 | static void xlate_xcfg_free(struct xlate_cfg *); | |
b256dc52 | 553 | |
34dd0d78 | 554 | static inline void |
c1b3756c | 555 | xlate_report(struct xlate_ctx *ctx, const char *format, ...) |
34dd0d78 JR |
556 | { |
557 | if (OVS_UNLIKELY(ctx->xin->report_hook)) { | |
c1b3756c BP |
558 | va_list args; |
559 | ||
560 | va_start(args, format); | |
9a9b001a | 561 | ctx->xin->report_hook(ctx->xin, ctx->indentation, format, args); |
c1b3756c | 562 | va_end(args); |
34dd0d78 JR |
563 | } |
564 | } | |
84f0f298 | 565 | |
fff1b9c0 JR |
566 | static struct vlog_rate_limit error_report_rl = VLOG_RATE_LIMIT_INIT(1, 5); |
567 | ||
a716ef9a JS |
568 | #define XLATE_REPORT_ERROR(CTX, ...) \ |
569 | do { \ | |
570 | if (OVS_UNLIKELY((CTX)->xin->report_hook)) { \ | |
571 | xlate_report(CTX, __VA_ARGS__); \ | |
572 | } else { \ | |
573 | struct ds ds = DS_EMPTY_INITIALIZER; \ | |
574 | \ | |
575 | ds_put_format(&ds, __VA_ARGS__); \ | |
576 | ds_put_cstr(&ds, ": "); \ | |
e91e0e58 | 577 | flow_format(&ds, &(CTX)->base_flow); \ |
26f858a9 | 578 | VLOG_ERR_RL(&error_report_rl, "%s", ds_cstr(&ds)); \ |
a716ef9a JS |
579 | ds_destroy(&ds); \ |
580 | } \ | |
fff1b9c0 JR |
581 | } while (0) |
582 | ||
d6bef3cc BP |
583 | static inline void |
584 | xlate_report_actions(struct xlate_ctx *ctx, const char *title, | |
585 | const struct ofpact *ofpacts, size_t ofpacts_len) | |
586 | { | |
587 | if (OVS_UNLIKELY(ctx->xin->report_hook)) { | |
588 | struct ds s = DS_EMPTY_INITIALIZER; | |
589 | ofpacts_format(ofpacts, ofpacts_len, &s); | |
590 | xlate_report(ctx, "%s: %s", title, ds_cstr(&s)); | |
591 | ds_destroy(&s); | |
592 | } | |
593 | } | |
594 | ||
84f0f298 RW |
595 | static void |
596 | xlate_xbridge_init(struct xlate_cfg *xcfg, struct xbridge *xbridge) | |
597 | { | |
417e7e66 | 598 | ovs_list_init(&xbridge->xbundles); |
84f0f298 RW |
599 | hmap_init(&xbridge->xports); |
600 | hmap_insert(&xcfg->xbridges, &xbridge->hmap_node, | |
601 | hash_pointer(xbridge->ofproto, 0)); | |
602 | } | |
603 | ||
604 | static void | |
605 | xlate_xbundle_init(struct xlate_cfg *xcfg, struct xbundle *xbundle) | |
606 | { | |
417e7e66 BW |
607 | ovs_list_init(&xbundle->xports); |
608 | ovs_list_insert(&xbundle->xbridge->xbundles, &xbundle->list_node); | |
84f0f298 RW |
609 | hmap_insert(&xcfg->xbundles, &xbundle->hmap_node, |
610 | hash_pointer(xbundle->ofbundle, 0)); | |
611 | } | |
612 | ||
613 | static void | |
614 | xlate_xport_init(struct xlate_cfg *xcfg, struct xport *xport) | |
615 | { | |
616 | hmap_init(&xport->skb_priorities); | |
617 | hmap_insert(&xcfg->xports, &xport->hmap_node, | |
618 | hash_pointer(xport->ofport, 0)); | |
619 | hmap_insert(&xport->xbridge->xports, &xport->ofp_node, | |
620 | hash_ofp_port(xport->ofp_port)); | |
621 | } | |
622 | ||
623 | static void | |
624 | xlate_xbridge_set(struct xbridge *xbridge, | |
625 | struct dpif *dpif, | |
ec89fc6f | 626 | const struct mac_learning *ml, struct stp *stp, |
9efd308e | 627 | struct rstp *rstp, const struct mcast_snooping *ms, |
ec89fc6f | 628 | const struct mbridge *mbridge, |
46c88433 | 629 | const struct dpif_sflow *sflow, |
ce3955be | 630 | const struct dpif_ipfix *ipfix, |
2f47cdf4 | 631 | const struct netflow *netflow, |
4b97b70d | 632 | bool forward_bpdu, bool has_in_band, |
b440dd8c | 633 | const struct dpif_backer_support *support) |
46c88433 | 634 | { |
46c88433 EJ |
635 | if (xbridge->ml != ml) { |
636 | mac_learning_unref(xbridge->ml); | |
637 | xbridge->ml = mac_learning_ref(ml); | |
638 | } | |
639 | ||
6d95c4e8 FL |
640 | if (xbridge->ms != ms) { |
641 | mcast_snooping_unref(xbridge->ms); | |
642 | xbridge->ms = mcast_snooping_ref(ms); | |
643 | } | |
644 | ||
46c88433 EJ |
645 | if (xbridge->mbridge != mbridge) { |
646 | mbridge_unref(xbridge->mbridge); | |
647 | xbridge->mbridge = mbridge_ref(mbridge); | |
648 | } | |
649 | ||
650 | if (xbridge->sflow != sflow) { | |
651 | dpif_sflow_unref(xbridge->sflow); | |
652 | xbridge->sflow = dpif_sflow_ref(sflow); | |
653 | } | |
654 | ||
655 | if (xbridge->ipfix != ipfix) { | |
656 | dpif_ipfix_unref(xbridge->ipfix); | |
657 | xbridge->ipfix = dpif_ipfix_ref(ipfix); | |
658 | } | |
659 | ||
9d189a50 EJ |
660 | if (xbridge->stp != stp) { |
661 | stp_unref(xbridge->stp); | |
662 | xbridge->stp = stp_ref(stp); | |
663 | } | |
664 | ||
9efd308e DV |
665 | if (xbridge->rstp != rstp) { |
666 | rstp_unref(xbridge->rstp); | |
667 | xbridge->rstp = rstp_ref(rstp); | |
668 | } | |
669 | ||
ce3955be EJ |
670 | if (xbridge->netflow != netflow) { |
671 | netflow_unref(xbridge->netflow); | |
672 | xbridge->netflow = netflow_ref(netflow); | |
673 | } | |
674 | ||
89a8a7f0 | 675 | xbridge->dpif = dpif; |
46c88433 EJ |
676 | xbridge->forward_bpdu = forward_bpdu; |
677 | xbridge->has_in_band = has_in_band; | |
b440dd8c | 678 | xbridge->support = *support; |
46c88433 EJ |
679 | } |
680 | ||
84f0f298 RW |
681 | static void |
682 | xlate_xbundle_set(struct xbundle *xbundle, | |
683 | enum port_vlan_mode vlan_mode, int vlan, | |
684 | unsigned long *trunks, bool use_priority_tags, | |
685 | const struct bond *bond, const struct lacp *lacp, | |
686 | bool floodable) | |
687 | { | |
688 | ovs_assert(xbundle->xbridge); | |
689 | ||
690 | xbundle->vlan_mode = vlan_mode; | |
691 | xbundle->vlan = vlan; | |
692 | xbundle->trunks = trunks; | |
693 | xbundle->use_priority_tags = use_priority_tags; | |
694 | xbundle->floodable = floodable; | |
695 | ||
696 | if (xbundle->bond != bond) { | |
697 | bond_unref(xbundle->bond); | |
698 | xbundle->bond = bond_ref(bond); | |
699 | } | |
700 | ||
701 | if (xbundle->lacp != lacp) { | |
702 | lacp_unref(xbundle->lacp); | |
703 | xbundle->lacp = lacp_ref(lacp); | |
704 | } | |
705 | } | |
706 | ||
707 | static void | |
708 | xlate_xport_set(struct xport *xport, odp_port_t odp_port, | |
709 | const struct netdev *netdev, const struct cfm *cfm, | |
0477baa9 | 710 | const struct bfd *bfd, const struct lldp *lldp, int stp_port_no, |
f025bcb7 | 711 | const struct rstp_port* rstp_port, |
84f0f298 RW |
712 | enum ofputil_port_config config, enum ofputil_port_state state, |
713 | bool is_tunnel, bool may_enable) | |
714 | { | |
715 | xport->config = config; | |
716 | xport->state = state; | |
717 | xport->stp_port_no = stp_port_no; | |
718 | xport->is_tunnel = is_tunnel; | |
719 | xport->may_enable = may_enable; | |
720 | xport->odp_port = odp_port; | |
721 | ||
f025bcb7 JR |
722 | if (xport->rstp_port != rstp_port) { |
723 | rstp_port_unref(xport->rstp_port); | |
724 | xport->rstp_port = rstp_port_ref(rstp_port); | |
725 | } | |
726 | ||
84f0f298 RW |
727 | if (xport->cfm != cfm) { |
728 | cfm_unref(xport->cfm); | |
729 | xport->cfm = cfm_ref(cfm); | |
730 | } | |
731 | ||
732 | if (xport->bfd != bfd) { | |
733 | bfd_unref(xport->bfd); | |
734 | xport->bfd = bfd_ref(bfd); | |
735 | } | |
736 | ||
0477baa9 DF |
737 | if (xport->lldp != lldp) { |
738 | lldp_unref(xport->lldp); | |
739 | xport->lldp = lldp_ref(lldp); | |
740 | } | |
741 | ||
84f0f298 RW |
742 | if (xport->netdev != netdev) { |
743 | netdev_close(xport->netdev); | |
744 | xport->netdev = netdev_ref(netdev); | |
745 | } | |
746 | } | |
747 | ||
748 | static void | |
749 | xlate_xbridge_copy(struct xbridge *xbridge) | |
750 | { | |
751 | struct xbundle *xbundle; | |
752 | struct xport *xport; | |
753 | struct xbridge *new_xbridge = xzalloc(sizeof *xbridge); | |
754 | new_xbridge->ofproto = xbridge->ofproto; | |
755 | new_xbridge->name = xstrdup(xbridge->name); | |
756 | xlate_xbridge_init(new_xcfg, new_xbridge); | |
757 | ||
758 | xlate_xbridge_set(new_xbridge, | |
34dd0d78 | 759 | xbridge->dpif, xbridge->ml, xbridge->stp, |
9efd308e DV |
760 | xbridge->rstp, xbridge->ms, xbridge->mbridge, |
761 | xbridge->sflow, xbridge->ipfix, xbridge->netflow, | |
b440dd8c JS |
762 | xbridge->forward_bpdu, xbridge->has_in_band, |
763 | &xbridge->support); | |
84f0f298 RW |
764 | LIST_FOR_EACH (xbundle, list_node, &xbridge->xbundles) { |
765 | xlate_xbundle_copy(new_xbridge, xbundle); | |
766 | } | |
767 | ||
768 | /* Copy xports which are not part of a xbundle */ | |
769 | HMAP_FOR_EACH (xport, ofp_node, &xbridge->xports) { | |
770 | if (!xport->xbundle) { | |
771 | xlate_xport_copy(new_xbridge, NULL, xport); | |
772 | } | |
773 | } | |
774 | } | |
775 | ||
776 | static void | |
777 | xlate_xbundle_copy(struct xbridge *xbridge, struct xbundle *xbundle) | |
778 | { | |
779 | struct xport *xport; | |
780 | struct xbundle *new_xbundle = xzalloc(sizeof *xbundle); | |
781 | new_xbundle->ofbundle = xbundle->ofbundle; | |
782 | new_xbundle->xbridge = xbridge; | |
783 | new_xbundle->name = xstrdup(xbundle->name); | |
784 | xlate_xbundle_init(new_xcfg, new_xbundle); | |
785 | ||
786 | xlate_xbundle_set(new_xbundle, xbundle->vlan_mode, | |
787 | xbundle->vlan, xbundle->trunks, | |
788 | xbundle->use_priority_tags, xbundle->bond, xbundle->lacp, | |
789 | xbundle->floodable); | |
790 | LIST_FOR_EACH (xport, bundle_node, &xbundle->xports) { | |
791 | xlate_xport_copy(xbridge, new_xbundle, xport); | |
792 | } | |
793 | } | |
794 | ||
795 | static void | |
796 | xlate_xport_copy(struct xbridge *xbridge, struct xbundle *xbundle, | |
797 | struct xport *xport) | |
798 | { | |
799 | struct skb_priority_to_dscp *pdscp, *new_pdscp; | |
800 | struct xport *new_xport = xzalloc(sizeof *xport); | |
801 | new_xport->ofport = xport->ofport; | |
802 | new_xport->ofp_port = xport->ofp_port; | |
803 | new_xport->xbridge = xbridge; | |
804 | xlate_xport_init(new_xcfg, new_xport); | |
805 | ||
806 | xlate_xport_set(new_xport, xport->odp_port, xport->netdev, xport->cfm, | |
0477baa9 DF |
807 | xport->bfd, xport->lldp, xport->stp_port_no, |
808 | xport->rstp_port, xport->config, xport->state, | |
809 | xport->is_tunnel, xport->may_enable); | |
84f0f298 RW |
810 | |
811 | if (xport->peer) { | |
812 | struct xport *peer = xport_lookup(new_xcfg, xport->peer->ofport); | |
813 | if (peer) { | |
814 | new_xport->peer = peer; | |
815 | new_xport->peer->peer = new_xport; | |
816 | } | |
817 | } | |
818 | ||
819 | if (xbundle) { | |
820 | new_xport->xbundle = xbundle; | |
417e7e66 | 821 | ovs_list_insert(&new_xport->xbundle->xports, &new_xport->bundle_node); |
84f0f298 RW |
822 | } |
823 | ||
824 | HMAP_FOR_EACH (pdscp, hmap_node, &xport->skb_priorities) { | |
825 | new_pdscp = xmalloc(sizeof *pdscp); | |
826 | new_pdscp->skb_priority = pdscp->skb_priority; | |
827 | new_pdscp->dscp = pdscp->dscp; | |
828 | hmap_insert(&new_xport->skb_priorities, &new_pdscp->hmap_node, | |
829 | hash_int(new_pdscp->skb_priority, 0)); | |
830 | } | |
831 | } | |
832 | ||
833 | /* Sets the current xlate configuration to new_xcfg and frees the old xlate | |
834 | * configuration in xcfgp. | |
835 | * | |
836 | * This needs to be called after editing the xlate configuration. | |
837 | * | |
838 | * Functions that edit the new xlate configuration are | |
6cd20a22 | 839 | * xlate_<ofproto/bundle/ofport>_set and xlate_<ofproto/bundle/ofport>_remove. |
84f0f298 RW |
840 | * |
841 | * A sample workflow: | |
842 | * | |
843 | * xlate_txn_start(); | |
844 | * ... | |
845 | * edit_xlate_configuration(); | |
846 | * ... | |
847 | * xlate_txn_commit(); */ | |
46c88433 | 848 | void |
84f0f298 RW |
849 | xlate_txn_commit(void) |
850 | { | |
851 | struct xlate_cfg *xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); | |
852 | ||
853 | ovsrcu_set(&xcfgp, new_xcfg); | |
40a9c4c2 AW |
854 | ovsrcu_synchronize(); |
855 | xlate_xcfg_free(xcfg); | |
84f0f298 RW |
856 | new_xcfg = NULL; |
857 | } | |
858 | ||
859 | /* Copies the current xlate configuration in xcfgp to new_xcfg. | |
860 | * | |
861 | * This needs to be called prior to editing the xlate configuration. */ | |
862 | void | |
863 | xlate_txn_start(void) | |
864 | { | |
865 | struct xbridge *xbridge; | |
866 | struct xlate_cfg *xcfg; | |
867 | ||
868 | ovs_assert(!new_xcfg); | |
869 | ||
870 | new_xcfg = xmalloc(sizeof *new_xcfg); | |
871 | hmap_init(&new_xcfg->xbridges); | |
872 | hmap_init(&new_xcfg->xbundles); | |
873 | hmap_init(&new_xcfg->xports); | |
874 | ||
875 | xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); | |
876 | if (!xcfg) { | |
877 | return; | |
878 | } | |
879 | ||
880 | HMAP_FOR_EACH (xbridge, hmap_node, &xcfg->xbridges) { | |
881 | xlate_xbridge_copy(xbridge); | |
882 | } | |
883 | } | |
884 | ||
885 | ||
886 | static void | |
887 | xlate_xcfg_free(struct xlate_cfg *xcfg) | |
888 | { | |
889 | struct xbridge *xbridge, *next_xbridge; | |
890 | ||
891 | if (!xcfg) { | |
892 | return; | |
893 | } | |
894 | ||
895 | HMAP_FOR_EACH_SAFE (xbridge, next_xbridge, hmap_node, &xcfg->xbridges) { | |
896 | xlate_xbridge_remove(xcfg, xbridge); | |
897 | } | |
898 | ||
899 | hmap_destroy(&xcfg->xbridges); | |
900 | hmap_destroy(&xcfg->xbundles); | |
901 | hmap_destroy(&xcfg->xports); | |
902 | free(xcfg); | |
903 | } | |
904 | ||
905 | void | |
906 | xlate_ofproto_set(struct ofproto_dpif *ofproto, const char *name, | |
34dd0d78 | 907 | struct dpif *dpif, |
84f0f298 | 908 | const struct mac_learning *ml, struct stp *stp, |
9efd308e | 909 | struct rstp *rstp, const struct mcast_snooping *ms, |
84f0f298 RW |
910 | const struct mbridge *mbridge, |
911 | const struct dpif_sflow *sflow, | |
912 | const struct dpif_ipfix *ipfix, | |
2f47cdf4 | 913 | const struct netflow *netflow, |
b440dd8c JS |
914 | bool forward_bpdu, bool has_in_band, |
915 | const struct dpif_backer_support *support) | |
84f0f298 RW |
916 | { |
917 | struct xbridge *xbridge; | |
918 | ||
919 | ovs_assert(new_xcfg); | |
920 | ||
921 | xbridge = xbridge_lookup(new_xcfg, ofproto); | |
922 | if (!xbridge) { | |
923 | xbridge = xzalloc(sizeof *xbridge); | |
924 | xbridge->ofproto = ofproto; | |
925 | ||
926 | xlate_xbridge_init(new_xcfg, xbridge); | |
927 | } | |
928 | ||
929 | free(xbridge->name); | |
930 | xbridge->name = xstrdup(name); | |
931 | ||
34dd0d78 | 932 | xlate_xbridge_set(xbridge, dpif, ml, stp, rstp, ms, mbridge, sflow, ipfix, |
b440dd8c | 933 | netflow, forward_bpdu, has_in_band, support); |
84f0f298 RW |
934 | } |
935 | ||
936 | static void | |
937 | xlate_xbridge_remove(struct xlate_cfg *xcfg, struct xbridge *xbridge) | |
46c88433 | 938 | { |
46c88433 EJ |
939 | struct xbundle *xbundle, *next_xbundle; |
940 | struct xport *xport, *next_xport; | |
941 | ||
942 | if (!xbridge) { | |
943 | return; | |
944 | } | |
945 | ||
946 | HMAP_FOR_EACH_SAFE (xport, next_xport, ofp_node, &xbridge->xports) { | |
84f0f298 | 947 | xlate_xport_remove(xcfg, xport); |
46c88433 EJ |
948 | } |
949 | ||
950 | LIST_FOR_EACH_SAFE (xbundle, next_xbundle, list_node, &xbridge->xbundles) { | |
84f0f298 | 951 | xlate_xbundle_remove(xcfg, xbundle); |
46c88433 EJ |
952 | } |
953 | ||
84f0f298 | 954 | hmap_remove(&xcfg->xbridges, &xbridge->hmap_node); |
795cc5c1 | 955 | mac_learning_unref(xbridge->ml); |
6d95c4e8 | 956 | mcast_snooping_unref(xbridge->ms); |
795cc5c1 EJ |
957 | mbridge_unref(xbridge->mbridge); |
958 | dpif_sflow_unref(xbridge->sflow); | |
959 | dpif_ipfix_unref(xbridge->ipfix); | |
960 | stp_unref(xbridge->stp); | |
9efd308e | 961 | rstp_unref(xbridge->rstp); |
795cc5c1 | 962 | hmap_destroy(&xbridge->xports); |
46c88433 EJ |
963 | free(xbridge->name); |
964 | free(xbridge); | |
965 | } | |
966 | ||
84f0f298 RW |
967 | void |
968 | xlate_remove_ofproto(struct ofproto_dpif *ofproto) | |
969 | { | |
970 | struct xbridge *xbridge; | |
971 | ||
972 | ovs_assert(new_xcfg); | |
973 | ||
974 | xbridge = xbridge_lookup(new_xcfg, ofproto); | |
975 | xlate_xbridge_remove(new_xcfg, xbridge); | |
976 | } | |
977 | ||
46c88433 EJ |
978 | void |
979 | xlate_bundle_set(struct ofproto_dpif *ofproto, struct ofbundle *ofbundle, | |
980 | const char *name, enum port_vlan_mode vlan_mode, int vlan, | |
981 | unsigned long *trunks, bool use_priority_tags, | |
982 | const struct bond *bond, const struct lacp *lacp, | |
983 | bool floodable) | |
984 | { | |
84f0f298 | 985 | struct xbundle *xbundle; |
46c88433 | 986 | |
84f0f298 RW |
987 | ovs_assert(new_xcfg); |
988 | ||
989 | xbundle = xbundle_lookup(new_xcfg, ofbundle); | |
46c88433 EJ |
990 | if (!xbundle) { |
991 | xbundle = xzalloc(sizeof *xbundle); | |
992 | xbundle->ofbundle = ofbundle; | |
84f0f298 | 993 | xbundle->xbridge = xbridge_lookup(new_xcfg, ofproto); |
46c88433 | 994 | |
84f0f298 | 995 | xlate_xbundle_init(new_xcfg, xbundle); |
46c88433 EJ |
996 | } |
997 | ||
46c88433 EJ |
998 | free(xbundle->name); |
999 | xbundle->name = xstrdup(name); | |
1000 | ||
84f0f298 RW |
1001 | xlate_xbundle_set(xbundle, vlan_mode, vlan, trunks, |
1002 | use_priority_tags, bond, lacp, floodable); | |
46c88433 EJ |
1003 | } |
1004 | ||
84f0f298 RW |
1005 | static void |
1006 | xlate_xbundle_remove(struct xlate_cfg *xcfg, struct xbundle *xbundle) | |
46c88433 | 1007 | { |
5f03c983 | 1008 | struct xport *xport; |
46c88433 EJ |
1009 | |
1010 | if (!xbundle) { | |
1011 | return; | |
1012 | } | |
1013 | ||
5f03c983 | 1014 | LIST_FOR_EACH_POP (xport, bundle_node, &xbundle->xports) { |
46c88433 EJ |
1015 | xport->xbundle = NULL; |
1016 | } | |
1017 | ||
84f0f298 | 1018 | hmap_remove(&xcfg->xbundles, &xbundle->hmap_node); |
417e7e66 | 1019 | ovs_list_remove(&xbundle->list_node); |
46c88433 EJ |
1020 | bond_unref(xbundle->bond); |
1021 | lacp_unref(xbundle->lacp); | |
1022 | free(xbundle->name); | |
1023 | free(xbundle); | |
1024 | } | |
1025 | ||
84f0f298 RW |
1026 | void |
1027 | xlate_bundle_remove(struct ofbundle *ofbundle) | |
1028 | { | |
1029 | struct xbundle *xbundle; | |
1030 | ||
1031 | ovs_assert(new_xcfg); | |
1032 | ||
1033 | xbundle = xbundle_lookup(new_xcfg, ofbundle); | |
1034 | xlate_xbundle_remove(new_xcfg, xbundle); | |
1035 | } | |
1036 | ||
46c88433 EJ |
1037 | void |
1038 | xlate_ofport_set(struct ofproto_dpif *ofproto, struct ofbundle *ofbundle, | |
1039 | struct ofport_dpif *ofport, ofp_port_t ofp_port, | |
1040 | odp_port_t odp_port, const struct netdev *netdev, | |
1041 | const struct cfm *cfm, const struct bfd *bfd, | |
0477baa9 DF |
1042 | const struct lldp *lldp, struct ofport_dpif *peer, |
1043 | int stp_port_no, const struct rstp_port *rstp_port, | |
55954f6e | 1044 | const struct ofproto_port_queue *qdscp_list, size_t n_qdscp, |
dd8cd4b4 SH |
1045 | enum ofputil_port_config config, |
1046 | enum ofputil_port_state state, bool is_tunnel, | |
9d189a50 | 1047 | bool may_enable) |
46c88433 | 1048 | { |
55954f6e | 1049 | size_t i; |
84f0f298 RW |
1050 | struct xport *xport; |
1051 | ||
1052 | ovs_assert(new_xcfg); | |
46c88433 | 1053 | |
84f0f298 | 1054 | xport = xport_lookup(new_xcfg, ofport); |
46c88433 EJ |
1055 | if (!xport) { |
1056 | xport = xzalloc(sizeof *xport); | |
1057 | xport->ofport = ofport; | |
84f0f298 | 1058 | xport->xbridge = xbridge_lookup(new_xcfg, ofproto); |
46c88433 EJ |
1059 | xport->ofp_port = ofp_port; |
1060 | ||
84f0f298 | 1061 | xlate_xport_init(new_xcfg, xport); |
46c88433 EJ |
1062 | } |
1063 | ||
1064 | ovs_assert(xport->ofp_port == ofp_port); | |
1065 | ||
0477baa9 DF |
1066 | xlate_xport_set(xport, odp_port, netdev, cfm, bfd, lldp, |
1067 | stp_port_no, rstp_port, config, state, is_tunnel, | |
1068 | may_enable); | |
46c88433 EJ |
1069 | |
1070 | if (xport->peer) { | |
1071 | xport->peer->peer = NULL; | |
1072 | } | |
84f0f298 | 1073 | xport->peer = xport_lookup(new_xcfg, peer); |
46c88433 EJ |
1074 | if (xport->peer) { |
1075 | xport->peer->peer = xport; | |
1076 | } | |
1077 | ||
1078 | if (xport->xbundle) { | |
417e7e66 | 1079 | ovs_list_remove(&xport->bundle_node); |
46c88433 | 1080 | } |
84f0f298 | 1081 | xport->xbundle = xbundle_lookup(new_xcfg, ofbundle); |
46c88433 | 1082 | if (xport->xbundle) { |
417e7e66 | 1083 | ovs_list_insert(&xport->xbundle->xports, &xport->bundle_node); |
46c88433 | 1084 | } |
55954f6e EJ |
1085 | |
1086 | clear_skb_priorities(xport); | |
1087 | for (i = 0; i < n_qdscp; i++) { | |
1088 | struct skb_priority_to_dscp *pdscp; | |
1089 | uint32_t skb_priority; | |
1090 | ||
89a8a7f0 EJ |
1091 | if (dpif_queue_to_priority(xport->xbridge->dpif, qdscp_list[i].queue, |
1092 | &skb_priority)) { | |
55954f6e EJ |
1093 | continue; |
1094 | } | |
1095 | ||
1096 | pdscp = xmalloc(sizeof *pdscp); | |
1097 | pdscp->skb_priority = skb_priority; | |
1098 | pdscp->dscp = (qdscp_list[i].dscp << 2) & IP_DSCP_MASK; | |
1099 | hmap_insert(&xport->skb_priorities, &pdscp->hmap_node, | |
1100 | hash_int(pdscp->skb_priority, 0)); | |
1101 | } | |
46c88433 EJ |
1102 | } |
1103 | ||
84f0f298 RW |
1104 | static void |
1105 | xlate_xport_remove(struct xlate_cfg *xcfg, struct xport *xport) | |
46c88433 | 1106 | { |
46c88433 EJ |
1107 | if (!xport) { |
1108 | return; | |
1109 | } | |
1110 | ||
1111 | if (xport->peer) { | |
1112 | xport->peer->peer = NULL; | |
1113 | xport->peer = NULL; | |
1114 | } | |
1115 | ||
e621a12d | 1116 | if (xport->xbundle) { |
417e7e66 | 1117 | ovs_list_remove(&xport->bundle_node); |
e621a12d EJ |
1118 | } |
1119 | ||
55954f6e EJ |
1120 | clear_skb_priorities(xport); |
1121 | hmap_destroy(&xport->skb_priorities); | |
1122 | ||
84f0f298 | 1123 | hmap_remove(&xcfg->xports, &xport->hmap_node); |
46c88433 EJ |
1124 | hmap_remove(&xport->xbridge->xports, &xport->ofp_node); |
1125 | ||
1126 | netdev_close(xport->netdev); | |
f025bcb7 | 1127 | rstp_port_unref(xport->rstp_port); |
46c88433 EJ |
1128 | cfm_unref(xport->cfm); |
1129 | bfd_unref(xport->bfd); | |
0477baa9 | 1130 | lldp_unref(xport->lldp); |
46c88433 EJ |
1131 | free(xport); |
1132 | } | |
1133 | ||
84f0f298 RW |
1134 | void |
1135 | xlate_ofport_remove(struct ofport_dpif *ofport) | |
1136 | { | |
1137 | struct xport *xport; | |
1138 | ||
1139 | ovs_assert(new_xcfg); | |
1140 | ||
1141 | xport = xport_lookup(new_xcfg, ofport); | |
1142 | xlate_xport_remove(new_xcfg, xport); | |
1143 | } | |
1144 | ||
ef377a58 JR |
1145 | static struct ofproto_dpif * |
1146 | xlate_lookup_ofproto_(const struct dpif_backer *backer, const struct flow *flow, | |
1147 | ofp_port_t *ofp_in_port, const struct xport **xportp) | |
1148 | { | |
e672ff9b | 1149 | struct xlate_cfg *xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); |
ef377a58 | 1150 | const struct xport *xport; |
f9038ef6 | 1151 | |
e672ff9b JR |
1152 | xport = xport_lookup(xcfg, tnl_port_should_receive(flow) |
1153 | ? tnl_port_receive(flow) | |
1154 | : odp_port_to_ofport(backer, flow->in_port.odp_port)); | |
1155 | if (OVS_UNLIKELY(!xport)) { | |
1156 | return NULL; | |
ef377a58 | 1157 | } |
e672ff9b | 1158 | *xportp = xport; |
f9038ef6 | 1159 | if (ofp_in_port) { |
e672ff9b | 1160 | *ofp_in_port = xport->ofp_port; |
f9038ef6 | 1161 | } |
e672ff9b | 1162 | return xport->xbridge->ofproto; |
ef377a58 JR |
1163 | } |
1164 | ||
1165 | /* Given a datapath and flow metadata ('backer', and 'flow' respectively) | |
1166 | * returns the corresponding struct ofproto_dpif and OpenFlow port number. */ | |
1167 | struct ofproto_dpif * | |
1168 | xlate_lookup_ofproto(const struct dpif_backer *backer, const struct flow *flow, | |
1169 | ofp_port_t *ofp_in_port) | |
1170 | { | |
1171 | const struct xport *xport; | |
1172 | ||
1173 | return xlate_lookup_ofproto_(backer, flow, ofp_in_port, &xport); | |
1174 | } | |
1175 | ||
cc377352 | 1176 | /* Given a datapath and flow metadata ('backer', and 'flow' respectively), |
ef377a58 | 1177 | * optionally populates 'ofproto' with the ofproto_dpif, 'ofp_in_port' with the |
cc377352 | 1178 | * openflow in_port, and 'ipfix', 'sflow', and 'netflow' with the appropriate |
dcc2c6cd JR |
1179 | * handles for those protocols if they're enabled. Caller may use the returned |
1180 | * pointers until quiescing, for longer term use additional references must | |
1181 | * be taken. | |
8449c4d6 | 1182 | * |
f9038ef6 | 1183 | * Returns 0 if successful, ENODEV if the parsed flow has no associated ofproto. |
ef377a58 | 1184 | */ |
8449c4d6 | 1185 | int |
5c476ea3 JR |
1186 | xlate_lookup(const struct dpif_backer *backer, const struct flow *flow, |
1187 | struct ofproto_dpif **ofprotop, struct dpif_ipfix **ipfix, | |
1188 | struct dpif_sflow **sflow, struct netflow **netflow, | |
1189 | ofp_port_t *ofp_in_port) | |
8449c4d6 | 1190 | { |
ef377a58 | 1191 | struct ofproto_dpif *ofproto; |
84f0f298 | 1192 | const struct xport *xport; |
8449c4d6 | 1193 | |
ef377a58 | 1194 | ofproto = xlate_lookup_ofproto_(backer, flow, ofp_in_port, &xport); |
8449c4d6 | 1195 | |
f9038ef6 | 1196 | if (!ofproto) { |
cc377352 | 1197 | return ENODEV; |
8449c4d6 | 1198 | } |
8449c4d6 | 1199 | |
ef377a58 JR |
1200 | if (ofprotop) { |
1201 | *ofprotop = ofproto; | |
8449c4d6 EJ |
1202 | } |
1203 | ||
1dfdb9b3 | 1204 | if (ipfix) { |
f9038ef6 | 1205 | *ipfix = xport ? xport->xbridge->ipfix : NULL; |
1dfdb9b3 EJ |
1206 | } |
1207 | ||
1208 | if (sflow) { | |
f9038ef6 | 1209 | *sflow = xport ? xport->xbridge->sflow : NULL; |
1dfdb9b3 EJ |
1210 | } |
1211 | ||
1212 | if (netflow) { | |
f9038ef6 | 1213 | *netflow = xport ? xport->xbridge->netflow : NULL; |
1dfdb9b3 | 1214 | } |
f9038ef6 | 1215 | |
cc377352 | 1216 | return 0; |
8449c4d6 EJ |
1217 | } |
1218 | ||
46c88433 | 1219 | static struct xbridge * |
84f0f298 | 1220 | xbridge_lookup(struct xlate_cfg *xcfg, const struct ofproto_dpif *ofproto) |
46c88433 | 1221 | { |
84f0f298 | 1222 | struct hmap *xbridges; |
46c88433 EJ |
1223 | struct xbridge *xbridge; |
1224 | ||
84f0f298 | 1225 | if (!ofproto || !xcfg) { |
5e6af486 EJ |
1226 | return NULL; |
1227 | } | |
1228 | ||
84f0f298 RW |
1229 | xbridges = &xcfg->xbridges; |
1230 | ||
46c88433 | 1231 | HMAP_FOR_EACH_IN_BUCKET (xbridge, hmap_node, hash_pointer(ofproto, 0), |
84f0f298 | 1232 | xbridges) { |
46c88433 EJ |
1233 | if (xbridge->ofproto == ofproto) { |
1234 | return xbridge; | |
1235 | } | |
1236 | } | |
1237 | return NULL; | |
1238 | } | |
1239 | ||
290835f9 BP |
1240 | static struct xbridge * |
1241 | xbridge_lookup_by_uuid(struct xlate_cfg *xcfg, const struct uuid *uuid) | |
1242 | { | |
1243 | struct xbridge *xbridge; | |
1244 | ||
1245 | HMAP_FOR_EACH (xbridge, hmap_node, &xcfg->xbridges) { | |
1246 | if (uuid_equals(ofproto_dpif_get_uuid(xbridge->ofproto), uuid)) { | |
1247 | return xbridge; | |
1248 | } | |
1249 | } | |
1250 | return NULL; | |
1251 | } | |
1252 | ||
46c88433 | 1253 | static struct xbundle * |
84f0f298 | 1254 | xbundle_lookup(struct xlate_cfg *xcfg, const struct ofbundle *ofbundle) |
46c88433 | 1255 | { |
84f0f298 | 1256 | struct hmap *xbundles; |
46c88433 EJ |
1257 | struct xbundle *xbundle; |
1258 | ||
84f0f298 | 1259 | if (!ofbundle || !xcfg) { |
5e6af486 EJ |
1260 | return NULL; |
1261 | } | |
1262 | ||
84f0f298 RW |
1263 | xbundles = &xcfg->xbundles; |
1264 | ||
46c88433 | 1265 | HMAP_FOR_EACH_IN_BUCKET (xbundle, hmap_node, hash_pointer(ofbundle, 0), |
84f0f298 | 1266 | xbundles) { |
46c88433 EJ |
1267 | if (xbundle->ofbundle == ofbundle) { |
1268 | return xbundle; | |
1269 | } | |
1270 | } | |
1271 | return NULL; | |
1272 | } | |
1273 | ||
1274 | static struct xport * | |
84f0f298 | 1275 | xport_lookup(struct xlate_cfg *xcfg, const struct ofport_dpif *ofport) |
46c88433 | 1276 | { |
84f0f298 | 1277 | struct hmap *xports; |
46c88433 EJ |
1278 | struct xport *xport; |
1279 | ||
84f0f298 | 1280 | if (!ofport || !xcfg) { |
5e6af486 EJ |
1281 | return NULL; |
1282 | } | |
1283 | ||
84f0f298 RW |
1284 | xports = &xcfg->xports; |
1285 | ||
46c88433 | 1286 | HMAP_FOR_EACH_IN_BUCKET (xport, hmap_node, hash_pointer(ofport, 0), |
84f0f298 | 1287 | xports) { |
46c88433 EJ |
1288 | if (xport->ofport == ofport) { |
1289 | return xport; | |
1290 | } | |
1291 | } | |
1292 | return NULL; | |
1293 | } | |
1294 | ||
40085e56 EJ |
1295 | static struct stp_port * |
1296 | xport_get_stp_port(const struct xport *xport) | |
1297 | { | |
92cf817b | 1298 | return xport->xbridge->stp && xport->stp_port_no != -1 |
40085e56 EJ |
1299 | ? stp_get_port(xport->xbridge->stp, xport->stp_port_no) |
1300 | : NULL; | |
1301 | } | |
9d189a50 | 1302 | |
0d1cee12 | 1303 | static bool |
9d189a50 EJ |
1304 | xport_stp_learn_state(const struct xport *xport) |
1305 | { | |
40085e56 | 1306 | struct stp_port *sp = xport_get_stp_port(xport); |
4b5f1996 DV |
1307 | return sp |
1308 | ? stp_learn_in_state(stp_port_get_state(sp)) | |
1309 | : true; | |
9d189a50 EJ |
1310 | } |
1311 | ||
1312 | static bool | |
1313 | xport_stp_forward_state(const struct xport *xport) | |
1314 | { | |
40085e56 | 1315 | struct stp_port *sp = xport_get_stp_port(xport); |
4b5f1996 DV |
1316 | return sp |
1317 | ? stp_forward_in_state(stp_port_get_state(sp)) | |
1318 | : true; | |
9d189a50 EJ |
1319 | } |
1320 | ||
0d1cee12 | 1321 | static bool |
bacdb85a | 1322 | xport_stp_should_forward_bpdu(const struct xport *xport) |
0d1cee12 K |
1323 | { |
1324 | struct stp_port *sp = xport_get_stp_port(xport); | |
bacdb85a | 1325 | return stp_should_forward_bpdu(sp ? stp_port_get_state(sp) : STP_DISABLED); |
0d1cee12 K |
1326 | } |
1327 | ||
9d189a50 EJ |
1328 | /* Returns true if STP should process 'flow'. Sets fields in 'wc' that |
1329 | * were used to make the determination.*/ | |
1330 | static bool | |
1331 | stp_should_process_flow(const struct flow *flow, struct flow_wildcards *wc) | |
1332 | { | |
bbbca389 | 1333 | /* is_stp() also checks dl_type, but dl_type is always set in 'wc'. */ |
9d189a50 | 1334 | memset(&wc->masks.dl_dst, 0xff, sizeof wc->masks.dl_dst); |
bbbca389 | 1335 | return is_stp(flow); |
9d189a50 EJ |
1336 | } |
1337 | ||
1338 | static void | |
cf62fa4c | 1339 | stp_process_packet(const struct xport *xport, const struct dp_packet *packet) |
9d189a50 | 1340 | { |
40085e56 | 1341 | struct stp_port *sp = xport_get_stp_port(xport); |
cf62fa4c PS |
1342 | struct dp_packet payload = *packet; |
1343 | struct eth_header *eth = dp_packet_data(&payload); | |
9d189a50 EJ |
1344 | |
1345 | /* Sink packets on ports that have STP disabled when the bridge has | |
1346 | * STP enabled. */ | |
1347 | if (!sp || stp_port_get_state(sp) == STP_DISABLED) { | |
1348 | return; | |
1349 | } | |
1350 | ||
1351 | /* Trim off padding on payload. */ | |
cf62fa4c PS |
1352 | if (dp_packet_size(&payload) > ntohs(eth->eth_type) + ETH_HEADER_LEN) { |
1353 | dp_packet_set_size(&payload, ntohs(eth->eth_type) + ETH_HEADER_LEN); | |
9d189a50 EJ |
1354 | } |
1355 | ||
cf62fa4c PS |
1356 | if (dp_packet_try_pull(&payload, ETH_HEADER_LEN + LLC_HEADER_LEN)) { |
1357 | stp_received_bpdu(sp, dp_packet_data(&payload), dp_packet_size(&payload)); | |
9d189a50 EJ |
1358 | } |
1359 | } | |
1360 | ||
f025bcb7 JR |
1361 | static enum rstp_state |
1362 | xport_get_rstp_port_state(const struct xport *xport) | |
9efd308e | 1363 | { |
f025bcb7 JR |
1364 | return xport->rstp_port |
1365 | ? rstp_port_get_state(xport->rstp_port) | |
1366 | : RSTP_DISABLED; | |
9efd308e DV |
1367 | } |
1368 | ||
1369 | static bool | |
1370 | xport_rstp_learn_state(const struct xport *xport) | |
1371 | { | |
4b5f1996 DV |
1372 | return xport->xbridge->rstp && xport->rstp_port |
1373 | ? rstp_learn_in_state(xport_get_rstp_port_state(xport)) | |
1374 | : true; | |
9efd308e DV |
1375 | } |
1376 | ||
1377 | static bool | |
1378 | xport_rstp_forward_state(const struct xport *xport) | |
1379 | { | |
4b5f1996 DV |
1380 | return xport->xbridge->rstp && xport->rstp_port |
1381 | ? rstp_forward_in_state(xport_get_rstp_port_state(xport)) | |
1382 | : true; | |
9efd308e DV |
1383 | } |
1384 | ||
1385 | static bool | |
1386 | xport_rstp_should_manage_bpdu(const struct xport *xport) | |
1387 | { | |
f025bcb7 | 1388 | return rstp_should_manage_bpdu(xport_get_rstp_port_state(xport)); |
9efd308e DV |
1389 | } |
1390 | ||
1391 | static void | |
cf62fa4c | 1392 | rstp_process_packet(const struct xport *xport, const struct dp_packet *packet) |
9efd308e | 1393 | { |
cf62fa4c PS |
1394 | struct dp_packet payload = *packet; |
1395 | struct eth_header *eth = dp_packet_data(&payload); | |
9efd308e | 1396 | |
f025bcb7 JR |
1397 | /* Sink packets on ports that have no RSTP. */ |
1398 | if (!xport->rstp_port) { | |
9efd308e DV |
1399 | return; |
1400 | } | |
1401 | ||
1402 | /* Trim off padding on payload. */ | |
cf62fa4c PS |
1403 | if (dp_packet_size(&payload) > ntohs(eth->eth_type) + ETH_HEADER_LEN) { |
1404 | dp_packet_set_size(&payload, ntohs(eth->eth_type) + ETH_HEADER_LEN); | |
9efd308e DV |
1405 | } |
1406 | ||
cf62fa4c PS |
1407 | if (dp_packet_try_pull(&payload, ETH_HEADER_LEN + LLC_HEADER_LEN)) { |
1408 | rstp_port_received_bpdu(xport->rstp_port, dp_packet_data(&payload), | |
1409 | dp_packet_size(&payload)); | |
9efd308e DV |
1410 | } |
1411 | } | |
1412 | ||
46c88433 EJ |
1413 | static struct xport * |
1414 | get_ofp_port(const struct xbridge *xbridge, ofp_port_t ofp_port) | |
1415 | { | |
1416 | struct xport *xport; | |
1417 | ||
1418 | HMAP_FOR_EACH_IN_BUCKET (xport, ofp_node, hash_ofp_port(ofp_port), | |
1419 | &xbridge->xports) { | |
1420 | if (xport->ofp_port == ofp_port) { | |
1421 | return xport; | |
1422 | } | |
1423 | } | |
1424 | return NULL; | |
1425 | } | |
1426 | ||
1427 | static odp_port_t | |
1428 | ofp_port_to_odp_port(const struct xbridge *xbridge, ofp_port_t ofp_port) | |
1429 | { | |
1430 | const struct xport *xport = get_ofp_port(xbridge, ofp_port); | |
1431 | return xport ? xport->odp_port : ODPP_NONE; | |
1432 | } | |
1433 | ||
dd8cd4b4 SH |
1434 | static bool |
1435 | odp_port_is_alive(const struct xlate_ctx *ctx, ofp_port_t ofp_port) | |
1436 | { | |
086fa873 BP |
1437 | struct xport *xport = get_ofp_port(ctx->xbridge, ofp_port); |
1438 | return xport && xport->may_enable; | |
dd8cd4b4 SH |
1439 | } |
1440 | ||
1e684d7d | 1441 | static struct ofputil_bucket * |
dd8cd4b4 SH |
1442 | group_first_live_bucket(const struct xlate_ctx *, const struct group_dpif *, |
1443 | int depth); | |
1444 | ||
1445 | static bool | |
1446 | group_is_alive(const struct xlate_ctx *ctx, uint32_t group_id, int depth) | |
1447 | { | |
1448 | struct group_dpif *group; | |
dd8cd4b4 | 1449 | |
5d08a275 | 1450 | group = group_dpif_lookup(ctx->xbridge->ofproto, group_id, |
1f4a8933 | 1451 | ctx->xin->tables_version, false); |
db88b35c | 1452 | if (group) { |
76973237 | 1453 | return group_first_live_bucket(ctx, group, depth) != NULL; |
dc25893e | 1454 | } |
dd8cd4b4 | 1455 | |
dc25893e | 1456 | return false; |
dd8cd4b4 SH |
1457 | } |
1458 | ||
1459 | #define MAX_LIVENESS_RECURSION 128 /* Arbitrary limit */ | |
1460 | ||
1461 | static bool | |
1462 | bucket_is_alive(const struct xlate_ctx *ctx, | |
1e684d7d | 1463 | struct ofputil_bucket *bucket, int depth) |
dd8cd4b4 SH |
1464 | { |
1465 | if (depth >= MAX_LIVENESS_RECURSION) { | |
1466 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1); | |
1467 | ||
1468 | VLOG_WARN_RL(&rl, "bucket chaining exceeded %d links", | |
1469 | MAX_LIVENESS_RECURSION); | |
1470 | return false; | |
1471 | } | |
1472 | ||
fdb1999b AZ |
1473 | return (!ofputil_bucket_has_liveness(bucket) |
1474 | || (bucket->watch_port != OFPP_ANY | |
1475 | && odp_port_is_alive(ctx, bucket->watch_port)) | |
1476 | || (bucket->watch_group != OFPG_ANY | |
1477 | && group_is_alive(ctx, bucket->watch_group, depth + 1))); | |
dd8cd4b4 SH |
1478 | } |
1479 | ||
1e684d7d | 1480 | static struct ofputil_bucket * |
dd8cd4b4 SH |
1481 | group_first_live_bucket(const struct xlate_ctx *ctx, |
1482 | const struct group_dpif *group, int depth) | |
1483 | { | |
1484 | struct ofputil_bucket *bucket; | |
ca6ba700 | 1485 | const struct ovs_list *buckets; |
dd8cd4b4 | 1486 | |
53cc166a | 1487 | buckets = group_dpif_get_buckets(group, NULL); |
dd8cd4b4 SH |
1488 | LIST_FOR_EACH (bucket, list_node, buckets) { |
1489 | if (bucket_is_alive(ctx, bucket, depth)) { | |
1490 | return bucket; | |
1491 | } | |
1492 | } | |
1493 | ||
1494 | return NULL; | |
1495 | } | |
1496 | ||
1e684d7d | 1497 | static struct ofputil_bucket * |
fe7e5749 SH |
1498 | group_best_live_bucket(const struct xlate_ctx *ctx, |
1499 | const struct group_dpif *group, | |
1500 | uint32_t basis) | |
1501 | { | |
1e684d7d | 1502 | struct ofputil_bucket *best_bucket = NULL; |
fe7e5749 | 1503 | uint32_t best_score = 0; |
fe7e5749 | 1504 | |
1e684d7d | 1505 | struct ofputil_bucket *bucket; |
ca6ba700 | 1506 | const struct ovs_list *buckets; |
fe7e5749 | 1507 | |
53cc166a | 1508 | buckets = group_dpif_get_buckets(group, NULL); |
fe7e5749 SH |
1509 | LIST_FOR_EACH (bucket, list_node, buckets) { |
1510 | if (bucket_is_alive(ctx, bucket, 0)) { | |
c09cb861 LS |
1511 | uint32_t score = |
1512 | (hash_int(bucket->bucket_id, basis) & 0xffff) * bucket->weight; | |
fe7e5749 SH |
1513 | if (score >= best_score) { |
1514 | best_bucket = bucket; | |
1515 | best_score = score; | |
1516 | } | |
1517 | } | |
fe7e5749 SH |
1518 | } |
1519 | ||
1520 | return best_bucket; | |
1521 | } | |
1522 | ||
9583bc14 | 1523 | static bool |
46c88433 | 1524 | xbundle_trunks_vlan(const struct xbundle *bundle, uint16_t vlan) |
9583bc14 EJ |
1525 | { |
1526 | return (bundle->vlan_mode != PORT_VLAN_ACCESS | |
1527 | && (!bundle->trunks || bitmap_is_set(bundle->trunks, vlan))); | |
1528 | } | |
1529 | ||
1530 | static bool | |
46c88433 EJ |
1531 | xbundle_includes_vlan(const struct xbundle *xbundle, uint16_t vlan) |
1532 | { | |
1533 | return vlan == xbundle->vlan || xbundle_trunks_vlan(xbundle, vlan); | |
1534 | } | |
1535 | ||
1536 | static mirror_mask_t | |
1537 | xbundle_mirror_out(const struct xbridge *xbridge, struct xbundle *xbundle) | |
1538 | { | |
1539 | return xbundle != &ofpp_none_bundle | |
1540 | ? mirror_bundle_out(xbridge->mbridge, xbundle->ofbundle) | |
1541 | : 0; | |
1542 | } | |
1543 | ||
1544 | static mirror_mask_t | |
1545 | xbundle_mirror_src(const struct xbridge *xbridge, struct xbundle *xbundle) | |
9583bc14 | 1546 | { |
46c88433 EJ |
1547 | return xbundle != &ofpp_none_bundle |
1548 | ? mirror_bundle_src(xbridge->mbridge, xbundle->ofbundle) | |
1549 | : 0; | |
9583bc14 EJ |
1550 | } |
1551 | ||
46c88433 EJ |
1552 | static mirror_mask_t |
1553 | xbundle_mirror_dst(const struct xbridge *xbridge, struct xbundle *xbundle) | |
9583bc14 | 1554 | { |
46c88433 EJ |
1555 | return xbundle != &ofpp_none_bundle |
1556 | ? mirror_bundle_dst(xbridge->mbridge, xbundle->ofbundle) | |
1557 | : 0; | |
1558 | } | |
1559 | ||
1560 | static struct xbundle * | |
1561 | lookup_input_bundle(const struct xbridge *xbridge, ofp_port_t in_port, | |
1562 | bool warn, struct xport **in_xportp) | |
1563 | { | |
1564 | struct xport *xport; | |
9583bc14 EJ |
1565 | |
1566 | /* Find the port and bundle for the received packet. */ | |
46c88433 EJ |
1567 | xport = get_ofp_port(xbridge, in_port); |
1568 | if (in_xportp) { | |
1569 | *in_xportp = xport; | |
9583bc14 | 1570 | } |
46c88433 EJ |
1571 | if (xport && xport->xbundle) { |
1572 | return xport->xbundle; | |
9583bc14 EJ |
1573 | } |
1574 | ||
6362203b YT |
1575 | /* Special-case OFPP_NONE (OF1.0) and OFPP_CONTROLLER (OF1.1+), |
1576 | * which a controller may use as the ingress port for traffic that | |
1577 | * it is sourcing. */ | |
1578 | if (in_port == OFPP_CONTROLLER || in_port == OFPP_NONE) { | |
9583bc14 EJ |
1579 | return &ofpp_none_bundle; |
1580 | } | |
1581 | ||
1582 | /* Odd. A few possible reasons here: | |
1583 | * | |
1584 | * - We deleted a port but there are still a few packets queued up | |
1585 | * from it. | |
1586 | * | |
1587 | * - Someone externally added a port (e.g. "ovs-dpctl add-if") that | |
1588 | * we don't know about. | |
1589 | * | |
1590 | * - The ofproto client didn't configure the port as part of a bundle. | |
1591 | * This is particularly likely to happen if a packet was received on the | |
1592 | * port after it was created, but before the client had a chance to | |
1593 | * configure its bundle. | |
1594 | */ | |
1595 | if (warn) { | |
1596 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
1597 | ||
1598 | VLOG_WARN_RL(&rl, "bridge %s: received packet on unknown " | |
46c88433 | 1599 | "port %"PRIu16, xbridge->name, in_port); |
9583bc14 EJ |
1600 | } |
1601 | return NULL; | |
1602 | } | |
1603 | ||
faa624b4 BP |
1604 | /* Mirrors the packet represented by 'ctx' to appropriate mirror destinations, |
1605 | * given the packet is ingressing or egressing on 'xbundle', which has ingress | |
1606 | * or egress (as appropriate) mirrors 'mirrors'. */ | |
9583bc14 | 1607 | static void |
7efbc3b7 BP |
1608 | mirror_packet(struct xlate_ctx *ctx, struct xbundle *xbundle, |
1609 | mirror_mask_t mirrors) | |
9583bc14 | 1610 | { |
faa624b4 BP |
1611 | /* Figure out what VLAN the packet is in (because mirrors can select |
1612 | * packets on basis of VLAN). */ | |
7efbc3b7 BP |
1613 | bool warn = ctx->xin->packet != NULL; |
1614 | uint16_t vid = vlan_tci_to_vid(ctx->xin->flow.vlan_tci); | |
1615 | if (!input_vid_is_valid(vid, xbundle, warn)) { | |
9583bc14 EJ |
1616 | return; |
1617 | } | |
7efbc3b7 | 1618 | uint16_t vlan = input_vid_to_vlan(xbundle, vid); |
9583bc14 | 1619 | |
7efbc3b7 | 1620 | const struct xbridge *xbridge = ctx->xbridge; |
9583bc14 | 1621 | |
7efbc3b7 BP |
1622 | /* Don't mirror to destinations that we've already mirrored to. */ |
1623 | mirrors &= ~ctx->mirrors; | |
9583bc14 EJ |
1624 | if (!mirrors) { |
1625 | return; | |
1626 | } | |
1627 | ||
7efbc3b7 BP |
1628 | if (ctx->xin->resubmit_stats) { |
1629 | mirror_update_stats(xbridge->mbridge, mirrors, | |
1630 | ctx->xin->resubmit_stats->n_packets, | |
1631 | ctx->xin->resubmit_stats->n_bytes); | |
1632 | } | |
1633 | if (ctx->xin->xcache) { | |
1634 | struct xc_entry *entry; | |
1635 | ||
1636 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_MIRROR); | |
901a517e JR |
1637 | entry->mirror.mbridge = mbridge_ref(xbridge->mbridge); |
1638 | entry->mirror.mirrors = mirrors; | |
7efbc3b7 | 1639 | } |
9583bc14 | 1640 | |
faa624b4 BP |
1641 | /* 'mirrors' is a bit-mask of candidates for mirroring. Iterate as long as |
1642 | * some candidates remain. */ | |
9583bc14 | 1643 | while (mirrors) { |
7efbc3b7 | 1644 | const unsigned long *vlans; |
ec7ceaed EJ |
1645 | mirror_mask_t dup_mirrors; |
1646 | struct ofbundle *out; | |
ec7ceaed | 1647 | int out_vlan; |
1356dbd1 | 1648 | int snaplen; |
ec7ceaed | 1649 | |
faa624b4 | 1650 | /* Get the details of the mirror represented by the rightmost 1-bit. */ |
7efbc3b7 | 1651 | bool has_mirror = mirror_get(xbridge->mbridge, raw_ctz(mirrors), |
1356dbd1 WT |
1652 | &vlans, &dup_mirrors, |
1653 | &out, &snaplen, &out_vlan); | |
ec7ceaed EJ |
1654 | ovs_assert(has_mirror); |
1655 | ||
1356dbd1 | 1656 | |
faa624b4 BP |
1657 | /* If this mirror selects on the basis of VLAN, and it does not select |
1658 | * 'vlan', then discard this mirror and go on to the next one. */ | |
ec7ceaed | 1659 | if (vlans) { |
49a73e0c | 1660 | ctx->wc->masks.vlan_tci |= htons(VLAN_CFI | VLAN_VID_MASK); |
9583bc14 | 1661 | } |
7efbc3b7 | 1662 | if (vlans && !bitmap_is_set(vlans, vlan)) { |
9583bc14 EJ |
1663 | mirrors = zero_rightmost_1bit(mirrors); |
1664 | continue; | |
1665 | } | |
1666 | ||
faa624b4 BP |
1667 | /* Record the mirror, and the mirrors that output to the same |
1668 | * destination, so that we don't mirror to them again. This must be | |
1669 | * done now to ensure that output_normal(), below, doesn't recursively | |
1670 | * output to the same mirrors. */ | |
3d6151f3 | 1671 | ctx->mirrors |= dup_mirrors; |
1356dbd1 | 1672 | ctx->mirror_snaplen = snaplen; |
faa624b4 BP |
1673 | |
1674 | /* Send the packet to the mirror. */ | |
ec7ceaed | 1675 | if (out) { |
84f0f298 RW |
1676 | struct xlate_cfg *xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); |
1677 | struct xbundle *out_xbundle = xbundle_lookup(xcfg, out); | |
46c88433 EJ |
1678 | if (out_xbundle) { |
1679 | output_normal(ctx, out_xbundle, vlan); | |
1680 | } | |
ec7ceaed | 1681 | } else if (vlan != out_vlan |
7efbc3b7 | 1682 | && !eth_addr_is_reserved(ctx->xin->flow.dl_dst)) { |
46c88433 | 1683 | struct xbundle *xbundle; |
9583bc14 | 1684 | |
46c88433 EJ |
1685 | LIST_FOR_EACH (xbundle, list_node, &xbridge->xbundles) { |
1686 | if (xbundle_includes_vlan(xbundle, out_vlan) | |
1687 | && !xbundle_mirror_out(xbridge, xbundle)) { | |
1688 | output_normal(ctx, xbundle, out_vlan); | |
9583bc14 EJ |
1689 | } |
1690 | } | |
1691 | } | |
faa624b4 BP |
1692 | |
1693 | /* output_normal() could have recursively output (to different | |
1694 | * mirrors), so make sure that we don't send duplicates. */ | |
1695 | mirrors &= ~ctx->mirrors; | |
1356dbd1 | 1696 | ctx->mirror_snaplen = 0; |
9583bc14 EJ |
1697 | } |
1698 | } | |
1699 | ||
7efbc3b7 BP |
1700 | static void |
1701 | mirror_ingress_packet(struct xlate_ctx *ctx) | |
1702 | { | |
1703 | if (mbridge_has_mirrors(ctx->xbridge->mbridge)) { | |
1704 | bool warn = ctx->xin->packet != NULL; | |
1705 | struct xbundle *xbundle = lookup_input_bundle( | |
1706 | ctx->xbridge, ctx->xin->flow.in_port.ofp_port, warn, NULL); | |
1707 | if (xbundle) { | |
1708 | mirror_packet(ctx, xbundle, | |
1709 | xbundle_mirror_src(ctx->xbridge, xbundle)); | |
1710 | } | |
1711 | } | |
1712 | } | |
1713 | ||
9583bc14 | 1714 | /* Given 'vid', the VID obtained from the 802.1Q header that was received as |
46c88433 | 1715 | * part of a packet (specify 0 if there was no 802.1Q header), and 'in_xbundle', |
9583bc14 EJ |
1716 | * the bundle on which the packet was received, returns the VLAN to which the |
1717 | * packet belongs. | |
1718 | * | |
1719 | * Both 'vid' and the return value are in the range 0...4095. */ | |
1720 | static uint16_t | |
46c88433 | 1721 | input_vid_to_vlan(const struct xbundle *in_xbundle, uint16_t vid) |
9583bc14 | 1722 | { |
46c88433 | 1723 | switch (in_xbundle->vlan_mode) { |
9583bc14 | 1724 | case PORT_VLAN_ACCESS: |
46c88433 | 1725 | return in_xbundle->vlan; |
9583bc14 EJ |
1726 | break; |
1727 | ||
1728 | case PORT_VLAN_TRUNK: | |
1729 | return vid; | |
1730 | ||
1731 | case PORT_VLAN_NATIVE_UNTAGGED: | |
1732 | case PORT_VLAN_NATIVE_TAGGED: | |
46c88433 | 1733 | return vid ? vid : in_xbundle->vlan; |
9583bc14 EJ |
1734 | |
1735 | default: | |
428b2edd | 1736 | OVS_NOT_REACHED(); |
9583bc14 EJ |
1737 | } |
1738 | } | |
1739 | ||
46c88433 | 1740 | /* Checks whether a packet with the given 'vid' may ingress on 'in_xbundle'. |
9583bc14 EJ |
1741 | * If so, returns true. Otherwise, returns false and, if 'warn' is true, logs |
1742 | * a warning. | |
1743 | * | |
1744 | * 'vid' should be the VID obtained from the 802.1Q header that was received as | |
1745 | * part of a packet (specify 0 if there was no 802.1Q header), in the range | |
1746 | * 0...4095. */ | |
1747 | static bool | |
46c88433 | 1748 | input_vid_is_valid(uint16_t vid, struct xbundle *in_xbundle, bool warn) |
9583bc14 EJ |
1749 | { |
1750 | /* Allow any VID on the OFPP_NONE port. */ | |
46c88433 | 1751 | if (in_xbundle == &ofpp_none_bundle) { |
9583bc14 EJ |
1752 | return true; |
1753 | } | |
1754 | ||
46c88433 | 1755 | switch (in_xbundle->vlan_mode) { |
9583bc14 EJ |
1756 | case PORT_VLAN_ACCESS: |
1757 | if (vid) { | |
1758 | if (warn) { | |
1759 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
46c88433 | 1760 | VLOG_WARN_RL(&rl, "dropping VLAN %"PRIu16" tagged " |
9583bc14 | 1761 | "packet received on port %s configured as VLAN " |
46c88433 EJ |
1762 | "%"PRIu16" access port", vid, in_xbundle->name, |
1763 | in_xbundle->vlan); | |
9583bc14 EJ |
1764 | } |
1765 | return false; | |
1766 | } | |
1767 | return true; | |
1768 | ||
1769 | case PORT_VLAN_NATIVE_UNTAGGED: | |
1770 | case PORT_VLAN_NATIVE_TAGGED: | |
1771 | if (!vid) { | |
1772 | /* Port must always carry its native VLAN. */ | |
1773 | return true; | |
1774 | } | |
1775 | /* Fall through. */ | |
1776 | case PORT_VLAN_TRUNK: | |
46c88433 | 1777 | if (!xbundle_includes_vlan(in_xbundle, vid)) { |
9583bc14 EJ |
1778 | if (warn) { |
1779 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
46c88433 | 1780 | VLOG_WARN_RL(&rl, "dropping VLAN %"PRIu16" packet " |
9583bc14 | 1781 | "received on port %s not configured for trunking " |
46c88433 | 1782 | "VLAN %"PRIu16, vid, in_xbundle->name, vid); |
9583bc14 EJ |
1783 | } |
1784 | return false; | |
1785 | } | |
1786 | return true; | |
1787 | ||
1788 | default: | |
428b2edd | 1789 | OVS_NOT_REACHED(); |
9583bc14 EJ |
1790 | } |
1791 | ||
1792 | } | |
1793 | ||
1794 | /* Given 'vlan', the VLAN that a packet belongs to, and | |
46c88433 | 1795 | * 'out_xbundle', a bundle on which the packet is to be output, returns the VID |
9583bc14 EJ |
1796 | * that should be included in the 802.1Q header. (If the return value is 0, |
1797 | * then the 802.1Q header should only be included in the packet if there is a | |
1798 | * nonzero PCP.) | |
1799 | * | |
1800 | * Both 'vlan' and the return value are in the range 0...4095. */ | |
1801 | static uint16_t | |
46c88433 | 1802 | output_vlan_to_vid(const struct xbundle *out_xbundle, uint16_t vlan) |
9583bc14 | 1803 | { |
46c88433 | 1804 | switch (out_xbundle->vlan_mode) { |
9583bc14 EJ |
1805 | case PORT_VLAN_ACCESS: |
1806 | return 0; | |
1807 | ||
1808 | case PORT_VLAN_TRUNK: | |
1809 | case PORT_VLAN_NATIVE_TAGGED: | |
1810 | return vlan; | |
1811 | ||
1812 | case PORT_VLAN_NATIVE_UNTAGGED: | |
46c88433 | 1813 | return vlan == out_xbundle->vlan ? 0 : vlan; |
9583bc14 EJ |
1814 | |
1815 | default: | |
428b2edd | 1816 | OVS_NOT_REACHED(); |
9583bc14 EJ |
1817 | } |
1818 | } | |
1819 | ||
1820 | static void | |
46c88433 | 1821 | output_normal(struct xlate_ctx *ctx, const struct xbundle *out_xbundle, |
9583bc14 EJ |
1822 | uint16_t vlan) |
1823 | { | |
33bf9176 | 1824 | ovs_be16 *flow_tci = &ctx->xin->flow.vlan_tci; |
9583bc14 EJ |
1825 | uint16_t vid; |
1826 | ovs_be16 tci, old_tci; | |
46c88433 | 1827 | struct xport *xport; |
e93ef1c7 JR |
1828 | struct xlate_bond_recirc xr; |
1829 | bool use_recirc = false; | |
9583bc14 | 1830 | |
46c88433 | 1831 | vid = output_vlan_to_vid(out_xbundle, vlan); |
417e7e66 | 1832 | if (ovs_list_is_empty(&out_xbundle->xports)) { |
46c88433 EJ |
1833 | /* Partially configured bundle with no slaves. Drop the packet. */ |
1834 | return; | |
1835 | } else if (!out_xbundle->bond) { | |
417e7e66 | 1836 | xport = CONTAINER_OF(ovs_list_front(&out_xbundle->xports), struct xport, |
46c88433 | 1837 | bundle_node); |
9583bc14 | 1838 | } else { |
84f0f298 | 1839 | struct xlate_cfg *xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); |
49a73e0c | 1840 | struct flow_wildcards *wc = ctx->wc; |
84f0f298 | 1841 | struct ofport_dpif *ofport; |
adcf00ba | 1842 | |
2494ccd7 | 1843 | if (ctx->xbridge->support.odp.recirc) { |
e93ef1c7 JR |
1844 | use_recirc = bond_may_recirc( |
1845 | out_xbundle->bond, &xr.recirc_id, &xr.hash_basis); | |
adcf00ba | 1846 | |
e93ef1c7 | 1847 | if (use_recirc) { |
adcf00ba | 1848 | /* Only TCP mode uses recirculation. */ |
e93ef1c7 | 1849 | xr.hash_alg = OVS_HASH_ALG_L4; |
adcf00ba | 1850 | bond_update_post_recirc_rules(out_xbundle->bond, false); |
54ecb5a2 AZ |
1851 | |
1852 | /* Recirculation does not require unmasking hash fields. */ | |
1853 | wc = NULL; | |
adcf00ba AZ |
1854 | } |
1855 | } | |
46c88433 | 1856 | |
54ecb5a2 AZ |
1857 | ofport = bond_choose_output_slave(out_xbundle->bond, |
1858 | &ctx->xin->flow, wc, vid); | |
84f0f298 | 1859 | xport = xport_lookup(xcfg, ofport); |
46c88433 EJ |
1860 | |
1861 | if (!xport) { | |
9583bc14 EJ |
1862 | /* No slaves enabled, so drop packet. */ |
1863 | return; | |
1864 | } | |
d6fc5f57 | 1865 | |
e93ef1c7 | 1866 | /* If use_recirc is set, the main thread will handle stats |
b256dc52 | 1867 | * accounting for this bond. */ |
e93ef1c7 | 1868 | if (!use_recirc) { |
b256dc52 JS |
1869 | if (ctx->xin->resubmit_stats) { |
1870 | bond_account(out_xbundle->bond, &ctx->xin->flow, vid, | |
1871 | ctx->xin->resubmit_stats->n_bytes); | |
1872 | } | |
1873 | if (ctx->xin->xcache) { | |
1874 | struct xc_entry *entry; | |
1875 | struct flow *flow; | |
1876 | ||
1877 | flow = &ctx->xin->flow; | |
1878 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_BOND); | |
901a517e JR |
1879 | entry->bond.bond = bond_ref(out_xbundle->bond); |
1880 | entry->bond.flow = xmemdup(flow, sizeof *flow); | |
1881 | entry->bond.vid = vid; | |
b256dc52 | 1882 | } |
d6fc5f57 | 1883 | } |
9583bc14 EJ |
1884 | } |
1885 | ||
33bf9176 | 1886 | old_tci = *flow_tci; |
9583bc14 | 1887 | tci = htons(vid); |
46c88433 | 1888 | if (tci || out_xbundle->use_priority_tags) { |
33bf9176 | 1889 | tci |= *flow_tci & htons(VLAN_PCP_MASK); |
9583bc14 EJ |
1890 | if (tci) { |
1891 | tci |= htons(VLAN_CFI); | |
1892 | } | |
1893 | } | |
33bf9176 | 1894 | *flow_tci = tci; |
9583bc14 | 1895 | |
e93ef1c7 | 1896 | compose_output_action(ctx, xport->ofp_port, use_recirc ? &xr : NULL); |
33bf9176 | 1897 | *flow_tci = old_tci; |
9583bc14 EJ |
1898 | } |
1899 | ||
1900 | /* A VM broadcasts a gratuitous ARP to indicate that it has resumed after | |
1901 | * migration. Older Citrix-patched Linux DomU used gratuitous ARP replies to | |
1902 | * indicate this; newer upstream kernels use gratuitous ARP requests. */ | |
1903 | static bool | |
1904 | is_gratuitous_arp(const struct flow *flow, struct flow_wildcards *wc) | |
1905 | { | |
1906 | if (flow->dl_type != htons(ETH_TYPE_ARP)) { | |
1907 | return false; | |
1908 | } | |
1909 | ||
1910 | memset(&wc->masks.dl_dst, 0xff, sizeof wc->masks.dl_dst); | |
1911 | if (!eth_addr_is_broadcast(flow->dl_dst)) { | |
1912 | return false; | |
1913 | } | |
1914 | ||
1915 | memset(&wc->masks.nw_proto, 0xff, sizeof wc->masks.nw_proto); | |
1916 | if (flow->nw_proto == ARP_OP_REPLY) { | |
1917 | return true; | |
1918 | } else if (flow->nw_proto == ARP_OP_REQUEST) { | |
1919 | memset(&wc->masks.nw_src, 0xff, sizeof wc->masks.nw_src); | |
1920 | memset(&wc->masks.nw_dst, 0xff, sizeof wc->masks.nw_dst); | |
1921 | ||
1922 | return flow->nw_src == flow->nw_dst; | |
1923 | } else { | |
1924 | return false; | |
1925 | } | |
1926 | } | |
1927 | ||
ff69c24a FL |
1928 | /* Determines whether packets in 'flow' within 'xbridge' should be forwarded or |
1929 | * dropped. Returns true if they may be forwarded, false if they should be | |
1930 | * dropped. | |
1931 | * | |
1932 | * 'in_port' must be the xport that corresponds to flow->in_port. | |
1933 | * 'in_port' must be part of a bundle (e.g. in_port->bundle must be nonnull). | |
1934 | * | |
1935 | * 'vlan' must be the VLAN that corresponds to flow->vlan_tci on 'in_port', as | |
1936 | * returned by input_vid_to_vlan(). It must be a valid VLAN for 'in_port', as | |
1937 | * checked by input_vid_is_valid(). | |
1938 | * | |
1939 | * May also add tags to '*tags', although the current implementation only does | |
1940 | * so in one special case. | |
1941 | */ | |
1942 | static bool | |
1943 | is_admissible(struct xlate_ctx *ctx, struct xport *in_port, | |
1944 | uint16_t vlan) | |
1945 | { | |
1946 | struct xbundle *in_xbundle = in_port->xbundle; | |
1947 | const struct xbridge *xbridge = ctx->xbridge; | |
1948 | struct flow *flow = &ctx->xin->flow; | |
1949 | ||
1950 | /* Drop frames for reserved multicast addresses | |
1951 | * only if forward_bpdu option is absent. */ | |
1952 | if (!xbridge->forward_bpdu && eth_addr_is_reserved(flow->dl_dst)) { | |
1953 | xlate_report(ctx, "packet has reserved destination MAC, dropping"); | |
1954 | return false; | |
1955 | } | |
1956 | ||
1957 | if (in_xbundle->bond) { | |
1958 | struct mac_entry *mac; | |
1959 | ||
1960 | switch (bond_check_admissibility(in_xbundle->bond, in_port->ofport, | |
1961 | flow->dl_dst)) { | |
1962 | case BV_ACCEPT: | |
1963 | break; | |
1964 | ||
1965 | case BV_DROP: | |
1966 | xlate_report(ctx, "bonding refused admissibility, dropping"); | |
1967 | return false; | |
1968 | ||
1969 | case BV_DROP_IF_MOVED: | |
1970 | ovs_rwlock_rdlock(&xbridge->ml->rwlock); | |
1971 | mac = mac_learning_lookup(xbridge->ml, flow->dl_src, vlan); | |
9d078ec2 BP |
1972 | if (mac |
1973 | && mac_entry_get_port(xbridge->ml, mac) != in_xbundle->ofbundle | |
49a73e0c | 1974 | && (!is_gratuitous_arp(flow, ctx->wc) |
9d078ec2 | 1975 | || mac_entry_is_grat_arp_locked(mac))) { |
ff69c24a FL |
1976 | ovs_rwlock_unlock(&xbridge->ml->rwlock); |
1977 | xlate_report(ctx, "SLB bond thinks this packet looped back, " | |
1978 | "dropping"); | |
1979 | return false; | |
1980 | } | |
1981 | ovs_rwlock_unlock(&xbridge->ml->rwlock); | |
1982 | break; | |
1983 | } | |
1984 | } | |
1985 | ||
1986 | return true; | |
1987 | } | |
1988 | ||
ee047520 | 1989 | static void |
064799a1 JR |
1990 | update_learning_table(const struct xbridge *xbridge, |
1991 | struct xbundle *in_xbundle, struct eth_addr dl_src, | |
1992 | int vlan, bool is_grat_arp) | |
ee047520 | 1993 | { |
064799a1 | 1994 | if (in_xbundle == &ofpp_none_bundle) { |
ee047520 | 1995 | return; |
9583bc14 EJ |
1996 | } |
1997 | ||
064799a1 JR |
1998 | if (mac_learning_update(xbridge->ml, dl_src, vlan, is_grat_arp, |
1999 | in_xbundle->bond != NULL, in_xbundle->ofbundle)) { | |
9583bc14 EJ |
2000 | /* The log messages here could actually be useful in debugging, |
2001 | * so keep the rate limit relatively high. */ | |
2002 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(30, 300); | |
ee047520 | 2003 | |
9583bc14 EJ |
2004 | VLOG_DBG_RL(&rl, "bridge %s: learned that "ETH_ADDR_FMT" is " |
2005 | "on port %s in VLAN %d", | |
064799a1 JR |
2006 | xbridge->name, ETH_ADDR_ARGS(dl_src), in_xbundle->name, |
2007 | vlan); | |
ee047520 | 2008 | } |
9583bc14 EJ |
2009 | } |
2010 | ||
86e2dcdd FL |
2011 | /* Updates multicast snooping table 'ms' given that a packet matching 'flow' |
2012 | * was received on 'in_xbundle' in 'vlan' and is either Report or Query. */ | |
2013 | static void | |
06994f87 TLSC |
2014 | update_mcast_snooping_table4__(const struct xbridge *xbridge, |
2015 | const struct flow *flow, | |
2016 | struct mcast_snooping *ms, int vlan, | |
2017 | struct xbundle *in_xbundle, | |
2018 | const struct dp_packet *packet) | |
86e2dcdd FL |
2019 | OVS_REQ_WRLOCK(ms->rwlock) |
2020 | { | |
2021 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(60, 30); | |
e3102e42 | 2022 | int count; |
06994f87 | 2023 | ovs_be32 ip4 = flow->igmp_group_ip4; |
86e2dcdd FL |
2024 | |
2025 | switch (ntohs(flow->tp_src)) { | |
2026 | case IGMP_HOST_MEMBERSHIP_REPORT: | |
2027 | case IGMPV2_HOST_MEMBERSHIP_REPORT: | |
964a4d5f | 2028 | if (mcast_snooping_add_group4(ms, ip4, vlan, in_xbundle->ofbundle)) { |
86e2dcdd FL |
2029 | VLOG_DBG_RL(&rl, "bridge %s: multicast snooping learned that " |
2030 | IP_FMT" is on port %s in VLAN %d", | |
2031 | xbridge->name, IP_ARGS(ip4), in_xbundle->name, vlan); | |
2032 | } | |
2033 | break; | |
2034 | case IGMP_HOST_LEAVE_MESSAGE: | |
964a4d5f | 2035 | if (mcast_snooping_leave_group4(ms, ip4, vlan, in_xbundle->ofbundle)) { |
86e2dcdd FL |
2036 | VLOG_DBG_RL(&rl, "bridge %s: multicast snooping leaving " |
2037 | IP_FMT" is on port %s in VLAN %d", | |
2038 | xbridge->name, IP_ARGS(ip4), in_xbundle->name, vlan); | |
2039 | } | |
2040 | break; | |
2041 | case IGMP_HOST_MEMBERSHIP_QUERY: | |
2042 | if (flow->nw_src && mcast_snooping_add_mrouter(ms, vlan, | |
2043 | in_xbundle->ofbundle)) { | |
2044 | VLOG_DBG_RL(&rl, "bridge %s: multicast snooping query from " | |
2045 | IP_FMT" is on port %s in VLAN %d", | |
2046 | xbridge->name, IP_ARGS(flow->nw_src), | |
2047 | in_xbundle->name, vlan); | |
2048 | } | |
2049 | break; | |
e3102e42 TLSC |
2050 | case IGMPV3_HOST_MEMBERSHIP_REPORT: |
2051 | if ((count = mcast_snooping_add_report(ms, packet, vlan, | |
2052 | in_xbundle->ofbundle))) { | |
2053 | VLOG_DBG_RL(&rl, "bridge %s: multicast snooping processed %d " | |
2054 | "addresses on port %s in VLAN %d", | |
2055 | xbridge->name, count, in_xbundle->name, vlan); | |
2056 | } | |
2057 | break; | |
86e2dcdd FL |
2058 | } |
2059 | } | |
2060 | ||
06994f87 TLSC |
2061 | static void |
2062 | update_mcast_snooping_table6__(const struct xbridge *xbridge, | |
2063 | const struct flow *flow, | |
2064 | struct mcast_snooping *ms, int vlan, | |
2065 | struct xbundle *in_xbundle, | |
2066 | const struct dp_packet *packet) | |
2067 | OVS_REQ_WRLOCK(ms->rwlock) | |
2068 | { | |
2069 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(60, 30); | |
2070 | int count; | |
2071 | ||
2072 | switch (ntohs(flow->tp_src)) { | |
2073 | case MLD_QUERY: | |
2074 | if (!ipv6_addr_equals(&flow->ipv6_src, &in6addr_any) | |
2075 | && mcast_snooping_add_mrouter(ms, vlan, in_xbundle->ofbundle)) { | |
2076 | VLOG_DBG_RL(&rl, "bridge %s: multicast snooping query on port %s" | |
2077 | "in VLAN %d", | |
2078 | xbridge->name, in_xbundle->name, vlan); | |
2079 | } | |
2080 | break; | |
2081 | case MLD_REPORT: | |
2082 | case MLD_DONE: | |
2083 | case MLD2_REPORT: | |
2084 | count = mcast_snooping_add_mld(ms, packet, vlan, in_xbundle->ofbundle); | |
2085 | if (count) { | |
2086 | VLOG_DBG_RL(&rl, "bridge %s: multicast snooping processed %d " | |
2087 | "addresses on port %s in VLAN %d", | |
2088 | xbridge->name, count, in_xbundle->name, vlan); | |
2089 | } | |
2090 | break; | |
2091 | } | |
2092 | } | |
2093 | ||
86e2dcdd FL |
2094 | /* Updates multicast snooping table 'ms' given that a packet matching 'flow' |
2095 | * was received on 'in_xbundle' in 'vlan'. */ | |
2096 | static void | |
2097 | update_mcast_snooping_table(const struct xbridge *xbridge, | |
2098 | const struct flow *flow, int vlan, | |
e3102e42 TLSC |
2099 | struct xbundle *in_xbundle, |
2100 | const struct dp_packet *packet) | |
86e2dcdd FL |
2101 | { |
2102 | struct mcast_snooping *ms = xbridge->ms; | |
2103 | struct xlate_cfg *xcfg; | |
2104 | struct xbundle *mcast_xbundle; | |
f4ae6e23 | 2105 | struct mcast_port_bundle *fport; |
86e2dcdd FL |
2106 | |
2107 | /* Don't learn the OFPP_NONE port. */ | |
2108 | if (in_xbundle == &ofpp_none_bundle) { | |
2109 | return; | |
2110 | } | |
2111 | ||
2112 | /* Don't learn from flood ports */ | |
2113 | mcast_xbundle = NULL; | |
2114 | ovs_rwlock_wrlock(&ms->rwlock); | |
2115 | xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); | |
f4ae6e23 | 2116 | LIST_FOR_EACH(fport, node, &ms->fport_list) { |
86e2dcdd FL |
2117 | mcast_xbundle = xbundle_lookup(xcfg, fport->port); |
2118 | if (mcast_xbundle == in_xbundle) { | |
2119 | break; | |
2120 | } | |
2121 | } | |
2122 | ||
2123 | if (!mcast_xbundle || mcast_xbundle != in_xbundle) { | |
06994f87 TLSC |
2124 | if (flow->dl_type == htons(ETH_TYPE_IP)) { |
2125 | update_mcast_snooping_table4__(xbridge, flow, ms, vlan, | |
2126 | in_xbundle, packet); | |
2127 | } else { | |
2128 | update_mcast_snooping_table6__(xbridge, flow, ms, vlan, | |
2129 | in_xbundle, packet); | |
2130 | } | |
86e2dcdd FL |
2131 | } |
2132 | ovs_rwlock_unlock(&ms->rwlock); | |
2133 | } | |
2134 | ||
2135 | /* send the packet to ports having the multicast group learned */ | |
2136 | static void | |
2137 | xlate_normal_mcast_send_group(struct xlate_ctx *ctx, | |
2138 | struct mcast_snooping *ms OVS_UNUSED, | |
2139 | struct mcast_group *grp, | |
2140 | struct xbundle *in_xbundle, uint16_t vlan) | |
2141 | OVS_REQ_RDLOCK(ms->rwlock) | |
2142 | { | |
2143 | struct xlate_cfg *xcfg; | |
2144 | struct mcast_group_bundle *b; | |
2145 | struct xbundle *mcast_xbundle; | |
2146 | ||
2147 | xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); | |
2148 | LIST_FOR_EACH(b, bundle_node, &grp->bundle_lru) { | |
2149 | mcast_xbundle = xbundle_lookup(xcfg, b->port); | |
2150 | if (mcast_xbundle && mcast_xbundle != in_xbundle) { | |
2151 | xlate_report(ctx, "forwarding to mcast group port"); | |
2152 | output_normal(ctx, mcast_xbundle, vlan); | |
2153 | } else if (!mcast_xbundle) { | |
2154 | xlate_report(ctx, "mcast group port is unknown, dropping"); | |
2155 | } else { | |
2156 | xlate_report(ctx, "mcast group port is input port, dropping"); | |
2157 | } | |
2158 | } | |
2159 | } | |
2160 | ||
2161 | /* send the packet to ports connected to multicast routers */ | |
2162 | static void | |
2163 | xlate_normal_mcast_send_mrouters(struct xlate_ctx *ctx, | |
2164 | struct mcast_snooping *ms, | |
2165 | struct xbundle *in_xbundle, uint16_t vlan) | |
2166 | OVS_REQ_RDLOCK(ms->rwlock) | |
2167 | { | |
2168 | struct xlate_cfg *xcfg; | |
2169 | struct mcast_mrouter_bundle *mrouter; | |
2170 | struct xbundle *mcast_xbundle; | |
2171 | ||
2172 | xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); | |
2173 | LIST_FOR_EACH(mrouter, mrouter_node, &ms->mrouter_lru) { | |
2174 | mcast_xbundle = xbundle_lookup(xcfg, mrouter->port); | |
2175 | if (mcast_xbundle && mcast_xbundle != in_xbundle) { | |
2176 | xlate_report(ctx, "forwarding to mcast router port"); | |
2177 | output_normal(ctx, mcast_xbundle, vlan); | |
2178 | } else if (!mcast_xbundle) { | |
2179 | xlate_report(ctx, "mcast router port is unknown, dropping"); | |
2180 | } else { | |
2181 | xlate_report(ctx, "mcast router port is input port, dropping"); | |
2182 | } | |
2183 | } | |
2184 | } | |
2185 | ||
2186 | /* send the packet to ports flagged to be flooded */ | |
2187 | static void | |
2188 | xlate_normal_mcast_send_fports(struct xlate_ctx *ctx, | |
2189 | struct mcast_snooping *ms, | |
2190 | struct xbundle *in_xbundle, uint16_t vlan) | |
2191 | OVS_REQ_RDLOCK(ms->rwlock) | |
2192 | { | |
2193 | struct xlate_cfg *xcfg; | |
f4ae6e23 | 2194 | struct mcast_port_bundle *fport; |
86e2dcdd FL |
2195 | struct xbundle *mcast_xbundle; |
2196 | ||
2197 | xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); | |
f4ae6e23 | 2198 | LIST_FOR_EACH(fport, node, &ms->fport_list) { |
86e2dcdd FL |
2199 | mcast_xbundle = xbundle_lookup(xcfg, fport->port); |
2200 | if (mcast_xbundle && mcast_xbundle != in_xbundle) { | |
2201 | xlate_report(ctx, "forwarding to mcast flood port"); | |
2202 | output_normal(ctx, mcast_xbundle, vlan); | |
2203 | } else if (!mcast_xbundle) { | |
2204 | xlate_report(ctx, "mcast flood port is unknown, dropping"); | |
2205 | } else { | |
2206 | xlate_report(ctx, "mcast flood port is input port, dropping"); | |
2207 | } | |
2208 | } | |
2209 | } | |
2210 | ||
8e04a33f FL |
2211 | /* forward the Reports to configured ports */ |
2212 | static void | |
2213 | xlate_normal_mcast_send_rports(struct xlate_ctx *ctx, | |
2214 | struct mcast_snooping *ms, | |
2215 | struct xbundle *in_xbundle, uint16_t vlan) | |
2216 | OVS_REQ_RDLOCK(ms->rwlock) | |
2217 | { | |
2218 | struct xlate_cfg *xcfg; | |
2219 | struct mcast_port_bundle *rport; | |
2220 | struct xbundle *mcast_xbundle; | |
2221 | ||
2222 | xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); | |
2223 | LIST_FOR_EACH(rport, node, &ms->rport_list) { | |
2224 | mcast_xbundle = xbundle_lookup(xcfg, rport->port); | |
2225 | if (mcast_xbundle && mcast_xbundle != in_xbundle) { | |
2226 | xlate_report(ctx, "forwarding Report to mcast flagged port"); | |
2227 | output_normal(ctx, mcast_xbundle, vlan); | |
2228 | } else if (!mcast_xbundle) { | |
2229 | xlate_report(ctx, "mcast port is unknown, dropping the Report"); | |
2230 | } else { | |
2231 | xlate_report(ctx, "mcast port is input port, dropping the Report"); | |
2232 | } | |
2233 | } | |
2234 | } | |
2235 | ||
682800a4 FL |
2236 | static void |
2237 | xlate_normal_flood(struct xlate_ctx *ctx, struct xbundle *in_xbundle, | |
2238 | uint16_t vlan) | |
2239 | { | |
2240 | struct xbundle *xbundle; | |
2241 | ||
2242 | LIST_FOR_EACH (xbundle, list_node, &ctx->xbridge->xbundles) { | |
2243 | if (xbundle != in_xbundle | |
2244 | && xbundle_includes_vlan(xbundle, vlan) | |
2245 | && xbundle->floodable | |
2246 | && !xbundle_mirror_out(ctx->xbridge, xbundle)) { | |
2247 | output_normal(ctx, xbundle, vlan); | |
2248 | } | |
2249 | } | |
2031ef97 | 2250 | ctx->nf_output_iface = NF_OUT_FLOOD; |
682800a4 FL |
2251 | } |
2252 | ||
a75636c8 BP |
2253 | static bool |
2254 | is_ip_local_multicast(const struct flow *flow, struct flow_wildcards *wc) | |
2255 | { | |
2256 | if (flow->dl_type == htons(ETH_TYPE_IP)) { | |
2257 | memset(&wc->masks.nw_dst, 0xff, sizeof wc->masks.nw_dst); | |
2258 | return ip_is_local_multicast(flow->nw_dst); | |
2259 | } else if (flow->dl_type == htons(ETH_TYPE_IPV6)) { | |
2260 | memset(&wc->masks.ipv6_dst, 0xff, sizeof wc->masks.ipv6_dst); | |
2261 | return ipv6_is_all_hosts(&flow->ipv6_dst); | |
2262 | } else { | |
2263 | return false; | |
2264 | } | |
2265 | } | |
2266 | ||
9583bc14 EJ |
2267 | static void |
2268 | xlate_normal(struct xlate_ctx *ctx) | |
2269 | { | |
49a73e0c | 2270 | struct flow_wildcards *wc = ctx->wc; |
33bf9176 | 2271 | struct flow *flow = &ctx->xin->flow; |
46c88433 EJ |
2272 | struct xbundle *in_xbundle; |
2273 | struct xport *in_port; | |
9583bc14 | 2274 | struct mac_entry *mac; |
d6d5bbc9 | 2275 | void *mac_port; |
9583bc14 EJ |
2276 | uint16_t vlan; |
2277 | uint16_t vid; | |
2278 | ||
33bf9176 BP |
2279 | memset(&wc->masks.dl_src, 0xff, sizeof wc->masks.dl_src); |
2280 | memset(&wc->masks.dl_dst, 0xff, sizeof wc->masks.dl_dst); | |
1dd35f8a | 2281 | wc->masks.vlan_tci |= htons(VLAN_VID_MASK | VLAN_CFI); |
9583bc14 | 2282 | |
46c88433 EJ |
2283 | in_xbundle = lookup_input_bundle(ctx->xbridge, flow->in_port.ofp_port, |
2284 | ctx->xin->packet != NULL, &in_port); | |
2285 | if (!in_xbundle) { | |
9583bc14 EJ |
2286 | xlate_report(ctx, "no input bundle, dropping"); |
2287 | return; | |
2288 | } | |
2289 | ||
2290 | /* Drop malformed frames. */ | |
33bf9176 BP |
2291 | if (flow->dl_type == htons(ETH_TYPE_VLAN) && |
2292 | !(flow->vlan_tci & htons(VLAN_CFI))) { | |
9583bc14 EJ |
2293 | if (ctx->xin->packet != NULL) { |
2294 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
2295 | VLOG_WARN_RL(&rl, "bridge %s: dropping packet with partial " | |
2296 | "VLAN tag received on port %s", | |
46c88433 | 2297 | ctx->xbridge->name, in_xbundle->name); |
9583bc14 EJ |
2298 | } |
2299 | xlate_report(ctx, "partial VLAN tag, dropping"); | |
2300 | return; | |
2301 | } | |
2302 | ||
2303 | /* Drop frames on bundles reserved for mirroring. */ | |
46c88433 | 2304 | if (xbundle_mirror_out(ctx->xbridge, in_xbundle)) { |
9583bc14 EJ |
2305 | if (ctx->xin->packet != NULL) { |
2306 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
2307 | VLOG_WARN_RL(&rl, "bridge %s: dropping packet received on port " | |
2308 | "%s, which is reserved exclusively for mirroring", | |
46c88433 | 2309 | ctx->xbridge->name, in_xbundle->name); |
9583bc14 EJ |
2310 | } |
2311 | xlate_report(ctx, "input port is mirror output port, dropping"); | |
2312 | return; | |
2313 | } | |
2314 | ||
2315 | /* Check VLAN. */ | |
33bf9176 | 2316 | vid = vlan_tci_to_vid(flow->vlan_tci); |
46c88433 | 2317 | if (!input_vid_is_valid(vid, in_xbundle, ctx->xin->packet != NULL)) { |
9583bc14 EJ |
2318 | xlate_report(ctx, "disallowed VLAN VID for this input port, dropping"); |
2319 | return; | |
2320 | } | |
46c88433 | 2321 | vlan = input_vid_to_vlan(in_xbundle, vid); |
9583bc14 EJ |
2322 | |
2323 | /* Check other admissibility requirements. */ | |
2324 | if (in_port && !is_admissible(ctx, in_port, vlan)) { | |
2325 | return; | |
2326 | } | |
2327 | ||
2328 | /* Learn source MAC. */ | |
064799a1 | 2329 | bool is_grat_arp = is_gratuitous_arp(flow, wc); |
df70a773 | 2330 | if (ctx->xin->allow_side_effects) { |
064799a1 JR |
2331 | update_learning_table(ctx->xbridge, in_xbundle, flow->dl_src, vlan, |
2332 | is_grat_arp); | |
9583bc14 | 2333 | } |
064799a1 | 2334 | if (ctx->xin->xcache && in_xbundle != &ofpp_none_bundle) { |
b256dc52 JS |
2335 | struct xc_entry *entry; |
2336 | ||
064799a1 | 2337 | /* Save just enough info to update mac learning table later. */ |
b256dc52 | 2338 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_NORMAL); |
901a517e JR |
2339 | entry->normal.ofproto = ctx->xbridge->ofproto; |
2340 | entry->normal.in_port = flow->in_port.ofp_port; | |
2341 | entry->normal.dl_src = flow->dl_src; | |
2342 | entry->normal.vlan = vlan; | |
2343 | entry->normal.is_gratuitous_arp = is_grat_arp; | |
b256dc52 | 2344 | } |
9583bc14 EJ |
2345 | |
2346 | /* Determine output bundle. */ | |
86e2dcdd FL |
2347 | if (mcast_snooping_enabled(ctx->xbridge->ms) |
2348 | && !eth_addr_is_broadcast(flow->dl_dst) | |
2349 | && eth_addr_is_multicast(flow->dl_dst) | |
06994f87 | 2350 | && is_ip_any(flow)) { |
86e2dcdd | 2351 | struct mcast_snooping *ms = ctx->xbridge->ms; |
06994f87 | 2352 | struct mcast_group *grp = NULL; |
86e2dcdd | 2353 | |
a75636c8 BP |
2354 | if (is_igmp(flow, wc)) { |
2355 | memset(&wc->masks.tp_src, 0xff, sizeof wc->masks.tp_src); | |
d29f137b TLSC |
2356 | if (mcast_snooping_is_membership(flow->tp_src) || |
2357 | mcast_snooping_is_query(flow->tp_src)) { | |
df70a773 | 2358 | if (ctx->xin->allow_side_effects && ctx->xin->packet) { |
86e2dcdd | 2359 | update_mcast_snooping_table(ctx->xbridge, flow, vlan, |
e3102e42 | 2360 | in_xbundle, ctx->xin->packet); |
d29f137b TLSC |
2361 | } |
2362 | /* | |
2363 | * IGMP packets need to take the slow path, in order to be | |
2364 | * processed for mdb updates. That will prevent expires | |
2365 | * firing off even after hosts have sent reports. | |
2366 | */ | |
2367 | ctx->xout->slow |= SLOW_ACTION; | |
86e2dcdd | 2368 | } |
d6d5bbc9 | 2369 | |
86e2dcdd FL |
2370 | if (mcast_snooping_is_membership(flow->tp_src)) { |
2371 | ovs_rwlock_rdlock(&ms->rwlock); | |
2372 | xlate_normal_mcast_send_mrouters(ctx, ms, in_xbundle, vlan); | |
8e04a33f FL |
2373 | /* RFC4541: section 2.1.1, item 1: A snooping switch should |
2374 | * forward IGMP Membership Reports only to those ports where | |
2375 | * multicast routers are attached. Alternatively stated: a | |
2376 | * snooping switch should not forward IGMP Membership Reports | |
2377 | * to ports on which only hosts are attached. | |
2378 | * An administrative control may be provided to override this | |
2379 | * restriction, allowing the report messages to be flooded to | |
2380 | * other ports. */ | |
2381 | xlate_normal_mcast_send_rports(ctx, ms, in_xbundle, vlan); | |
86e2dcdd FL |
2382 | ovs_rwlock_unlock(&ms->rwlock); |
2383 | } else { | |
2384 | xlate_report(ctx, "multicast traffic, flooding"); | |
2385 | xlate_normal_flood(ctx, in_xbundle, vlan); | |
2386 | } | |
2387 | return; | |
a75636c8 | 2388 | } else if (is_mld(flow, wc)) { |
06994f87 | 2389 | ctx->xout->slow |= SLOW_ACTION; |
df70a773 | 2390 | if (ctx->xin->allow_side_effects && ctx->xin->packet) { |
06994f87 TLSC |
2391 | update_mcast_snooping_table(ctx->xbridge, flow, vlan, |
2392 | in_xbundle, ctx->xin->packet); | |
2393 | } | |
a75636c8 | 2394 | if (is_mld_report(flow, wc)) { |
06994f87 TLSC |
2395 | ovs_rwlock_rdlock(&ms->rwlock); |
2396 | xlate_normal_mcast_send_mrouters(ctx, ms, in_xbundle, vlan); | |
2397 | xlate_normal_mcast_send_rports(ctx, ms, in_xbundle, vlan); | |
2398 | ovs_rwlock_unlock(&ms->rwlock); | |
2399 | } else { | |
2400 | xlate_report(ctx, "MLD query, flooding"); | |
2401 | xlate_normal_flood(ctx, in_xbundle, vlan); | |
2402 | } | |
86e2dcdd | 2403 | } else { |
a75636c8 | 2404 | if (is_ip_local_multicast(flow, wc)) { |
86e2dcdd FL |
2405 | /* RFC4541: section 2.1.2, item 2: Packets with a dst IP |
2406 | * address in the 224.0.0.x range which are not IGMP must | |
2407 | * be forwarded on all ports */ | |
2408 | xlate_report(ctx, "RFC4541: section 2.1.2, item 2, flooding"); | |
2409 | xlate_normal_flood(ctx, in_xbundle, vlan); | |
2410 | return; | |
2411 | } | |
2412 | } | |
2413 | ||
2414 | /* forwarding to group base ports */ | |
2415 | ovs_rwlock_rdlock(&ms->rwlock); | |
06994f87 TLSC |
2416 | if (flow->dl_type == htons(ETH_TYPE_IP)) { |
2417 | grp = mcast_snooping_lookup4(ms, flow->nw_dst, vlan); | |
2418 | } else if (flow->dl_type == htons(ETH_TYPE_IPV6)) { | |
2419 | grp = mcast_snooping_lookup(ms, &flow->ipv6_dst, vlan); | |
2420 | } | |
86e2dcdd FL |
2421 | if (grp) { |
2422 | xlate_normal_mcast_send_group(ctx, ms, grp, in_xbundle, vlan); | |
2423 | xlate_normal_mcast_send_fports(ctx, ms, in_xbundle, vlan); | |
2424 | xlate_normal_mcast_send_mrouters(ctx, ms, in_xbundle, vlan); | |
9583bc14 | 2425 | } else { |
86e2dcdd FL |
2426 | if (mcast_snooping_flood_unreg(ms)) { |
2427 | xlate_report(ctx, "unregistered multicast, flooding"); | |
2428 | xlate_normal_flood(ctx, in_xbundle, vlan); | |
2429 | } else { | |
2430 | xlate_normal_mcast_send_mrouters(ctx, ms, in_xbundle, vlan); | |
2431 | xlate_normal_mcast_send_fports(ctx, ms, in_xbundle, vlan); | |
2432 | } | |
9583bc14 | 2433 | } |
86e2dcdd | 2434 | ovs_rwlock_unlock(&ms->rwlock); |
9583bc14 | 2435 | } else { |
86e2dcdd FL |
2436 | ovs_rwlock_rdlock(&ctx->xbridge->ml->rwlock); |
2437 | mac = mac_learning_lookup(ctx->xbridge->ml, flow->dl_dst, vlan); | |
9d078ec2 | 2438 | mac_port = mac ? mac_entry_get_port(ctx->xbridge->ml, mac) : NULL; |
86e2dcdd FL |
2439 | ovs_rwlock_unlock(&ctx->xbridge->ml->rwlock); |
2440 | ||
2441 | if (mac_port) { | |
2442 | struct xlate_cfg *xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); | |
2443 | struct xbundle *mac_xbundle = xbundle_lookup(xcfg, mac_port); | |
2444 | if (mac_xbundle && mac_xbundle != in_xbundle) { | |
2445 | xlate_report(ctx, "forwarding to learned port"); | |
2446 | output_normal(ctx, mac_xbundle, vlan); | |
2447 | } else if (!mac_xbundle) { | |
2448 | xlate_report(ctx, "learned port is unknown, dropping"); | |
2449 | } else { | |
2450 | xlate_report(ctx, "learned port is input port, dropping"); | |
2451 | } | |
2452 | } else { | |
2453 | xlate_report(ctx, "no learned MAC for destination, flooding"); | |
2454 | xlate_normal_flood(ctx, in_xbundle, vlan); | |
2455 | } | |
9583bc14 EJ |
2456 | } |
2457 | } | |
2458 | ||
a6092018 BP |
2459 | /* Appends a "sample" action for sFlow or IPFIX to 'ctx->odp_actions'. The |
2460 | * 'probability' is the number of packets out of UINT32_MAX to sample. The | |
2461 | * 'cookie' (of length 'cookie_size' bytes) is passed back in the callback for | |
2462 | * each sampled packet. 'tunnel_out_port', if not ODPP_NONE, is added as the | |
2463 | * OVS_USERSPACE_ATTR_EGRESS_TUN_PORT attribute. If 'include_actions', an | |
f69f713b BY |
2464 | * OVS_USERSPACE_ATTR_ACTIONS attribute is added. If 'emit_set_tunnel', |
2465 | * sample(sampling_port=1) would translate into datapath sample action | |
2466 | * set(tunnel(...)), sample(...) and it is used for sampling egress tunnel | |
2467 | * information. | |
9583bc14 EJ |
2468 | */ |
2469 | static size_t | |
a6092018 | 2470 | compose_sample_action(struct xlate_ctx *ctx, |
9583bc14 EJ |
2471 | const uint32_t probability, |
2472 | const union user_action_cookie *cookie, | |
8b7ea2d4 | 2473 | const size_t cookie_size, |
7321bda3 NM |
2474 | const odp_port_t tunnel_out_port, |
2475 | bool include_actions) | |
9583bc14 | 2476 | { |
a6092018 BP |
2477 | size_t sample_offset = nl_msg_start_nested(ctx->odp_actions, |
2478 | OVS_ACTION_ATTR_SAMPLE); | |
9583bc14 | 2479 | |
a6092018 | 2480 | nl_msg_put_u32(ctx->odp_actions, OVS_SAMPLE_ATTR_PROBABILITY, probability); |
9583bc14 | 2481 | |
a6092018 BP |
2482 | size_t actions_offset = nl_msg_start_nested(ctx->odp_actions, |
2483 | OVS_SAMPLE_ATTR_ACTIONS); | |
9583bc14 | 2484 | |
a6092018 BP |
2485 | odp_port_t odp_port = ofp_port_to_odp_port( |
2486 | ctx->xbridge, ctx->xin->flow.in_port.ofp_port); | |
2487 | uint32_t pid = dpif_port_get_pid(ctx->xbridge->dpif, odp_port, | |
2488 | flow_hash_5tuple(&ctx->xin->flow, 0)); | |
2489 | int cookie_offset = odp_put_userspace_action(pid, cookie, cookie_size, | |
2490 | tunnel_out_port, | |
2491 | include_actions, | |
2492 | ctx->odp_actions); | |
89a8a7f0 | 2493 | |
a6092018 BP |
2494 | nl_msg_end_nested(ctx->odp_actions, actions_offset); |
2495 | nl_msg_end_nested(ctx->odp_actions, sample_offset); | |
9583bc14 | 2496 | |
9583bc14 EJ |
2497 | return cookie_offset; |
2498 | } | |
2499 | ||
a6092018 BP |
2500 | /* If sFLow is not enabled, returns 0 without doing anything. |
2501 | * | |
2502 | * If sFlow is enabled, appends a template "sample" action to the ODP actions | |
2503 | * in 'ctx'. This action is a template because some of the information needed | |
2504 | * to fill it out is not available until flow translation is complete. In this | |
2505 | * case, this functions returns an offset, which is always nonzero, to pass | |
2506 | * later to fix_sflow_action() to fill in the rest of the template. */ | |
9583bc14 | 2507 | static size_t |
a6092018 | 2508 | compose_sflow_action(struct xlate_ctx *ctx) |
9583bc14 | 2509 | { |
a6092018 BP |
2510 | struct dpif_sflow *sflow = ctx->xbridge->sflow; |
2511 | if (!sflow || ctx->xin->flow.in_port.ofp_port == OFPP_NONE) { | |
9583bc14 EJ |
2512 | return 0; |
2513 | } | |
2514 | ||
a6092018 BP |
2515 | union user_action_cookie cookie = { .type = USER_ACTION_COOKIE_SFLOW }; |
2516 | return compose_sample_action(ctx, dpif_sflow_get_probability(sflow), | |
7321bda3 NM |
2517 | &cookie, sizeof cookie.sflow, ODPP_NONE, |
2518 | true); | |
9583bc14 EJ |
2519 | } |
2520 | ||
f69f713b BY |
2521 | /* If flow IPFIX is enabled, make sure IPFIX flow sample action |
2522 | * at egress point of tunnel port is just in front of corresponding | |
2523 | * output action. If bridge IPFIX is enabled, this appends an IPFIX | |
2524 | * sample action to 'ctx->odp_actions'. */ | |
9583bc14 | 2525 | static void |
a6092018 | 2526 | compose_ipfix_action(struct xlate_ctx *ctx, odp_port_t output_odp_port) |
9583bc14 | 2527 | { |
a6092018 | 2528 | struct dpif_ipfix *ipfix = ctx->xbridge->ipfix; |
8b7ea2d4 | 2529 | odp_port_t tunnel_out_port = ODPP_NONE; |
9583bc14 | 2530 | |
a6092018 | 2531 | if (!ipfix || ctx->xin->flow.in_port.ofp_port == OFPP_NONE) { |
9583bc14 EJ |
2532 | return; |
2533 | } | |
2534 | ||
8b7ea2d4 WZ |
2535 | /* For input case, output_odp_port is ODPP_NONE, which is an invalid port |
2536 | * number. */ | |
2537 | if (output_odp_port == ODPP_NONE && | |
a6092018 | 2538 | !dpif_ipfix_get_bridge_exporter_input_sampling(ipfix)) { |
8b7ea2d4 WZ |
2539 | return; |
2540 | } | |
2541 | ||
f69f713b | 2542 | /* For output case, output_odp_port is valid. */ |
8b7ea2d4 | 2543 | if (output_odp_port != ODPP_NONE) { |
a6092018 | 2544 | if (!dpif_ipfix_get_bridge_exporter_output_sampling(ipfix)) { |
8b7ea2d4 WZ |
2545 | return; |
2546 | } | |
2547 | /* If tunnel sampling is enabled, put an additional option attribute: | |
2548 | * OVS_USERSPACE_ATTR_TUNNEL_OUT_PORT | |
2549 | */ | |
a6092018 BP |
2550 | if (dpif_ipfix_get_bridge_exporter_tunnel_sampling(ipfix) && |
2551 | dpif_ipfix_get_tunnel_port(ipfix, output_odp_port) ) { | |
8b7ea2d4 WZ |
2552 | tunnel_out_port = output_odp_port; |
2553 | } | |
2554 | } | |
2555 | ||
a6092018 BP |
2556 | union user_action_cookie cookie = { |
2557 | .ipfix = { | |
2558 | .type = USER_ACTION_COOKIE_IPFIX, | |
2559 | .output_odp_port = output_odp_port, | |
2560 | } | |
2561 | }; | |
2562 | compose_sample_action(ctx, | |
2563 | dpif_ipfix_get_bridge_exporter_probability(ipfix), | |
7321bda3 NM |
2564 | &cookie, sizeof cookie.ipfix, tunnel_out_port, |
2565 | false); | |
9583bc14 EJ |
2566 | } |
2567 | ||
a6092018 BP |
2568 | /* Fix "sample" action according to data collected while composing ODP actions, |
2569 | * as described in compose_sflow_action(). | |
2570 | * | |
2571 | * 'user_cookie_offset' must be the offset returned by add_sflow_action(). */ | |
9583bc14 | 2572 | static void |
a6092018 | 2573 | fix_sflow_action(struct xlate_ctx *ctx, unsigned int user_cookie_offset) |
9583bc14 EJ |
2574 | { |
2575 | const struct flow *base = &ctx->base_flow; | |
2576 | union user_action_cookie *cookie; | |
2577 | ||
a6092018 | 2578 | cookie = ofpbuf_at(ctx->odp_actions, user_cookie_offset, |
9583bc14 EJ |
2579 | sizeof cookie->sflow); |
2580 | ovs_assert(cookie->type == USER_ACTION_COOKIE_SFLOW); | |
2581 | ||
a6092018 BP |
2582 | cookie->type = USER_ACTION_COOKIE_SFLOW; |
2583 | cookie->sflow.vlan_tci = base->vlan_tci; | |
2584 | ||
2585 | /* See http://www.sflow.org/sflow_version_5.txt (search for "Input/output | |
2586 | * port information") for the interpretation of cookie->output. */ | |
2587 | switch (ctx->sflow_n_outputs) { | |
2588 | case 0: | |
2589 | /* 0x40000000 | 256 means "packet dropped for unknown reason". */ | |
2590 | cookie->sflow.output = 0x40000000 | 256; | |
2591 | break; | |
2592 | ||
2593 | case 1: | |
2594 | cookie->sflow.output = dpif_sflow_odp_port_to_ifindex( | |
2595 | ctx->xbridge->sflow, ctx->sflow_odp_port); | |
2596 | if (cookie->sflow.output) { | |
2597 | break; | |
2598 | } | |
2599 | /* Fall through. */ | |
2600 | default: | |
2601 | /* 0x80000000 means "multiple output ports. */ | |
2602 | cookie->sflow.output = 0x80000000 | ctx->sflow_n_outputs; | |
2603 | break; | |
2604 | } | |
9583bc14 EJ |
2605 | } |
2606 | ||
515793d5 BP |
2607 | static bool |
2608 | process_special(struct xlate_ctx *ctx, const struct xport *xport) | |
db7d4e46 | 2609 | { |
515793d5 | 2610 | const struct flow *flow = &ctx->xin->flow; |
49a73e0c | 2611 | struct flow_wildcards *wc = ctx->wc; |
46c88433 | 2612 | const struct xbridge *xbridge = ctx->xbridge; |
515793d5 BP |
2613 | const struct dp_packet *packet = ctx->xin->packet; |
2614 | enum slow_path_reason slow; | |
642dc74d | 2615 | |
46c88433 | 2616 | if (!xport) { |
515793d5 | 2617 | slow = 0; |
46c88433 | 2618 | } else if (xport->cfm && cfm_should_process_flow(xport->cfm, flow, wc)) { |
db7d4e46 | 2619 | if (packet) { |
46c88433 | 2620 | cfm_process_heartbeat(xport->cfm, packet); |
db7d4e46 | 2621 | } |
515793d5 | 2622 | slow = SLOW_CFM; |
fab52e16 | 2623 | } else if (xport->bfd && bfd_should_process_flow(xport->bfd, flow, wc)) { |
db7d4e46 | 2624 | if (packet) { |
46c88433 | 2625 | bfd_process_packet(xport->bfd, flow, packet); |
60d02c72 AW |
2626 | /* If POLL received, immediately sends FINAL back. */ |
2627 | if (bfd_should_send_packet(xport->bfd)) { | |
6d308b28 | 2628 | ofproto_dpif_monitor_port_send_soon(xport->ofport); |
60d02c72 | 2629 | } |
db7d4e46 | 2630 | } |
515793d5 | 2631 | slow = SLOW_BFD; |
46c88433 | 2632 | } else if (xport->xbundle && xport->xbundle->lacp |
db7d4e46 JP |
2633 | && flow->dl_type == htons(ETH_TYPE_LACP)) { |
2634 | if (packet) { | |
46c88433 | 2635 | lacp_process_packet(xport->xbundle->lacp, xport->ofport, packet); |
db7d4e46 | 2636 | } |
515793d5 | 2637 | slow = SLOW_LACP; |
9efd308e DV |
2638 | } else if ((xbridge->stp || xbridge->rstp) && |
2639 | stp_should_process_flow(flow, wc)) { | |
db7d4e46 | 2640 | if (packet) { |
f025bcb7 JR |
2641 | xbridge->stp |
2642 | ? stp_process_packet(xport, packet) | |
2643 | : rstp_process_packet(xport, packet); | |
db7d4e46 | 2644 | } |
515793d5 | 2645 | slow = SLOW_STP; |
19aef6ef | 2646 | } else if (xport->lldp && lldp_should_process_flow(xport->lldp, flow)) { |
0477baa9 DF |
2647 | if (packet) { |
2648 | lldp_process_packet(xport->lldp, packet); | |
2649 | } | |
515793d5 | 2650 | slow = SLOW_LLDP; |
db7d4e46 | 2651 | } else { |
515793d5 BP |
2652 | slow = 0; |
2653 | } | |
2654 | ||
2655 | if (slow) { | |
2656 | ctx->xout->slow |= slow; | |
2657 | return true; | |
2658 | } else { | |
2659 | return false; | |
db7d4e46 JP |
2660 | } |
2661 | } | |
2662 | ||
a36de779 PS |
2663 | static int |
2664 | tnl_route_lookup_flow(const struct flow *oflow, | |
a8704b50 PS |
2665 | struct in6_addr *ip, struct in6_addr *src, |
2666 | struct xport **out_port) | |
a36de779 PS |
2667 | { |
2668 | char out_dev[IFNAMSIZ]; | |
2669 | struct xbridge *xbridge; | |
2670 | struct xlate_cfg *xcfg; | |
c2b878e0 TLSC |
2671 | struct in6_addr gw; |
2672 | struct in6_addr dst; | |
a36de779 | 2673 | |
c2b878e0 | 2674 | dst = flow_tnl_dst(&oflow->tunnel); |
a8704b50 | 2675 | if (!ovs_router_lookup(&dst, out_dev, src, &gw)) { |
a36de779 PS |
2676 | return -ENOENT; |
2677 | } | |
2678 | ||
c2b878e0 TLSC |
2679 | if (ipv6_addr_is_set(&gw) && |
2680 | (!IN6_IS_ADDR_V4MAPPED(&gw) || in6_addr_get_mapped_ipv4(&gw))) { | |
a36de779 PS |
2681 | *ip = gw; |
2682 | } else { | |
c2b878e0 | 2683 | *ip = dst; |
a36de779 PS |
2684 | } |
2685 | ||
2686 | xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); | |
2687 | ovs_assert(xcfg); | |
2688 | ||
2689 | HMAP_FOR_EACH (xbridge, hmap_node, &xcfg->xbridges) { | |
2690 | if (!strncmp(xbridge->name, out_dev, IFNAMSIZ)) { | |
2691 | struct xport *port; | |
2692 | ||
2693 | HMAP_FOR_EACH (port, ofp_node, &xbridge->xports) { | |
2694 | if (!strncmp(netdev_get_name(port->netdev), out_dev, IFNAMSIZ)) { | |
2695 | *out_port = port; | |
2696 | return 0; | |
2697 | } | |
2698 | } | |
2699 | } | |
2700 | } | |
2701 | return -ENOENT; | |
2702 | } | |
2703 | ||
2704 | static int | |
cdd42eda JG |
2705 | compose_table_xlate(struct xlate_ctx *ctx, const struct xport *out_dev, |
2706 | struct dp_packet *packet) | |
a36de779 | 2707 | { |
cdd42eda | 2708 | struct xbridge *xbridge = out_dev->xbridge; |
a36de779 PS |
2709 | struct ofpact_output output; |
2710 | struct flow flow; | |
2711 | ||
2712 | ofpact_init(&output.ofpact, OFPACT_OUTPUT, sizeof output); | |
cf62fa4c | 2713 | flow_extract(packet, &flow); |
cdd42eda JG |
2714 | flow.in_port.ofp_port = out_dev->ofp_port; |
2715 | output.port = OFPP_TABLE; | |
a36de779 PS |
2716 | output.max_len = 0; |
2717 | ||
1f4a8933 JR |
2718 | return ofproto_dpif_execute_actions__(xbridge->ofproto, |
2719 | ctx->xin->tables_version, &flow, | |
2720 | NULL, &output.ofpact, sizeof output, | |
790c5d26 BP |
2721 | ctx->indentation, ctx->depth, |
2722 | ctx->resubmits, packet); | |
a36de779 PS |
2723 | } |
2724 | ||
c2b878e0 TLSC |
2725 | static void |
2726 | tnl_send_nd_request(struct xlate_ctx *ctx, const struct xport *out_dev, | |
2727 | const struct eth_addr eth_src, | |
2728 | struct in6_addr * ipv6_src, struct in6_addr * ipv6_dst) | |
2729 | { | |
2730 | struct dp_packet packet; | |
2731 | ||
2732 | dp_packet_init(&packet, 0); | |
16187903 | 2733 | compose_nd_ns(&packet, eth_src, ipv6_src, ipv6_dst); |
c2b878e0 TLSC |
2734 | compose_table_xlate(ctx, out_dev, &packet); |
2735 | dp_packet_uninit(&packet); | |
2736 | } | |
2737 | ||
a36de779 | 2738 | static void |
cdd42eda | 2739 | tnl_send_arp_request(struct xlate_ctx *ctx, const struct xport *out_dev, |
74ff3298 | 2740 | const struct eth_addr eth_src, |
a36de779 PS |
2741 | ovs_be32 ip_src, ovs_be32 ip_dst) |
2742 | { | |
cf62fa4c | 2743 | struct dp_packet packet; |
a36de779 | 2744 | |
cf62fa4c | 2745 | dp_packet_init(&packet, 0); |
eb0b295e BP |
2746 | compose_arp(&packet, ARP_OP_REQUEST, |
2747 | eth_src, eth_addr_zero, true, ip_src, ip_dst); | |
a36de779 | 2748 | |
cdd42eda | 2749 | compose_table_xlate(ctx, out_dev, &packet); |
cf62fa4c | 2750 | dp_packet_uninit(&packet); |
a36de779 PS |
2751 | } |
2752 | ||
2753 | static int | |
81de18ec | 2754 | build_tunnel_send(struct xlate_ctx *ctx, const struct xport *xport, |
a36de779 PS |
2755 | const struct flow *flow, odp_port_t tunnel_odp_port) |
2756 | { | |
4975aa3e | 2757 | struct netdev_tnl_build_header_params tnl_params; |
a36de779 PS |
2758 | struct ovs_action_push_tnl tnl_push_data; |
2759 | struct xport *out_dev = NULL; | |
c2b878e0 TLSC |
2760 | ovs_be32 s_ip = 0, d_ip = 0; |
2761 | struct in6_addr s_ip6 = in6addr_any; | |
2762 | struct in6_addr d_ip6 = in6addr_any; | |
74ff3298 JR |
2763 | struct eth_addr smac; |
2764 | struct eth_addr dmac; | |
a36de779 | 2765 | int err; |
c2b878e0 TLSC |
2766 | char buf_sip6[INET6_ADDRSTRLEN]; |
2767 | char buf_dip6[INET6_ADDRSTRLEN]; | |
a36de779 | 2768 | |
a8704b50 | 2769 | err = tnl_route_lookup_flow(flow, &d_ip6, &s_ip6, &out_dev); |
a36de779 | 2770 | if (err) { |
81de18ec | 2771 | xlate_report(ctx, "native tunnel routing failed"); |
a36de779 PS |
2772 | return err; |
2773 | } | |
c2b878e0 TLSC |
2774 | |
2775 | xlate_report(ctx, "tunneling to %s via %s", | |
2776 | ipv6_string_mapped(buf_dip6, &d_ip6), | |
2777 | netdev_get_name(out_dev->netdev)); | |
a36de779 PS |
2778 | |
2779 | /* Use mac addr of bridge port of the peer. */ | |
74ff3298 | 2780 | err = netdev_get_etheraddr(out_dev->netdev, &smac); |
a36de779 | 2781 | if (err) { |
81de18ec | 2782 | xlate_report(ctx, "tunnel output device lacks Ethernet address"); |
a36de779 PS |
2783 | return err; |
2784 | } | |
2785 | ||
c2b878e0 TLSC |
2786 | d_ip = in6_addr_get_mapped_ipv4(&d_ip6); |
2787 | if (d_ip) { | |
a8704b50 | 2788 | s_ip = in6_addr_get_mapped_ipv4(&s_ip6); |
a36de779 PS |
2789 | } |
2790 | ||
c2b878e0 | 2791 | err = tnl_neigh_lookup(out_dev->xbridge->name, &d_ip6, &dmac); |
a36de779 | 2792 | if (err) { |
c2b878e0 TLSC |
2793 | xlate_report(ctx, "neighbor cache miss for %s on bridge %s, " |
2794 | "sending %s request", | |
2795 | buf_dip6, out_dev->xbridge->name, d_ip ? "ARP" : "ND"); | |
2796 | if (d_ip) { | |
2797 | tnl_send_arp_request(ctx, out_dev, smac, s_ip, d_ip); | |
2798 | } else { | |
2799 | tnl_send_nd_request(ctx, out_dev, smac, &s_ip6, &d_ip6); | |
2800 | } | |
a36de779 PS |
2801 | return err; |
2802 | } | |
c2b878e0 | 2803 | |
a36de779 PS |
2804 | if (ctx->xin->xcache) { |
2805 | struct xc_entry *entry; | |
2806 | ||
53902038 | 2807 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_TNL_NEIGH); |
901a517e JR |
2808 | ovs_strlcpy(entry->tnl_neigh_cache.br_name, out_dev->xbridge->name, |
2809 | sizeof entry->tnl_neigh_cache.br_name); | |
2810 | entry->tnl_neigh_cache.d_ipv6 = d_ip6; | |
a36de779 | 2811 | } |
81de18ec | 2812 | |
c2b878e0 TLSC |
2813 | xlate_report(ctx, "tunneling from "ETH_ADDR_FMT" %s" |
2814 | " to "ETH_ADDR_FMT" %s", | |
2815 | ETH_ADDR_ARGS(smac), ipv6_string_mapped(buf_sip6, &s_ip6), | |
2816 | ETH_ADDR_ARGS(dmac), buf_dip6); | |
2817 | ||
4975aa3e PS |
2818 | netdev_init_tnl_build_header_params(&tnl_params, flow, &s_ip6, dmac, smac); |
2819 | err = tnl_port_build_header(xport->ofport, &tnl_push_data, &tnl_params); | |
a36de779 PS |
2820 | if (err) { |
2821 | return err; | |
2822 | } | |
2823 | tnl_push_data.tnl_port = odp_to_u32(tunnel_odp_port); | |
2824 | tnl_push_data.out_port = odp_to_u32(out_dev->odp_port); | |
1520ef4f | 2825 | odp_put_tnl_push_action(ctx->odp_actions, &tnl_push_data); |
a36de779 PS |
2826 | return 0; |
2827 | } | |
2828 | ||
704bb0bf JS |
2829 | static void |
2830 | xlate_commit_actions(struct xlate_ctx *ctx) | |
2831 | { | |
2832 | bool use_masked = ctx->xbridge->support.masked_set_action; | |
2833 | ||
2834 | ctx->xout->slow |= commit_odp_actions(&ctx->xin->flow, &ctx->base_flow, | |
2835 | ctx->odp_actions, ctx->wc, | |
2836 | use_masked); | |
2837 | } | |
2838 | ||
07659514 JS |
2839 | static void |
2840 | clear_conntrack(struct flow *flow) | |
2841 | { | |
2842 | flow->ct_state = 0; | |
2843 | flow->ct_zone = 0; | |
8e53fe8c | 2844 | flow->ct_mark = 0; |
9daf2348 | 2845 | memset(&flow->ct_label, 0, sizeof flow->ct_label); |
07659514 JS |
2846 | } |
2847 | ||
9583bc14 | 2848 | static void |
4e022ec0 | 2849 | compose_output_action__(struct xlate_ctx *ctx, ofp_port_t ofp_port, |
e93ef1c7 | 2850 | const struct xlate_bond_recirc *xr, bool check_stp) |
9583bc14 | 2851 | { |
46c88433 | 2852 | const struct xport *xport = get_ofp_port(ctx->xbridge, ofp_port); |
49a73e0c | 2853 | struct flow_wildcards *wc = ctx->wc; |
33bf9176 | 2854 | struct flow *flow = &ctx->xin->flow; |
a36de779 | 2855 | struct flow_tnl flow_tnl; |
9583bc14 | 2856 | ovs_be16 flow_vlan_tci; |
1362e248 | 2857 | uint32_t flow_pkt_mark; |
9583bc14 | 2858 | uint8_t flow_nw_tos; |
4e022ec0 | 2859 | odp_port_t out_port, odp_port; |
a36de779 | 2860 | bool tnl_push_pop_send = false; |
ca077186 | 2861 | uint8_t dscp; |
9583bc14 EJ |
2862 | |
2863 | /* If 'struct flow' gets additional metadata, we'll need to zero it out | |
2864 | * before traversing a patch port. */ | |
847b8b02 | 2865 | BUILD_ASSERT_DECL(FLOW_WC_SEQ == 36); |
a36de779 | 2866 | memset(&flow_tnl, 0, sizeof flow_tnl); |
9583bc14 | 2867 | |
46c88433 | 2868 | if (!xport) { |
9583bc14 EJ |
2869 | xlate_report(ctx, "Nonexistent output port"); |
2870 | return; | |
46c88433 | 2871 | } else if (xport->config & OFPUTIL_PC_NO_FWD) { |
9583bc14 EJ |
2872 | xlate_report(ctx, "OFPPC_NO_FWD set, skipping output"); |
2873 | return; | |
1356dbd1 WT |
2874 | } else if (ctx->mirror_snaplen != 0 && xport->odp_port == ODPP_NONE) { |
2875 | xlate_report(ctx, "Mirror truncate to ODPP_NONE, skipping output"); | |
2876 | return; | |
0d1cee12 | 2877 | } else if (check_stp) { |
bbbca389 | 2878 | if (is_stp(&ctx->base_flow)) { |
9efd308e DV |
2879 | if (!xport_stp_should_forward_bpdu(xport) && |
2880 | !xport_rstp_should_manage_bpdu(xport)) { | |
2881 | if (ctx->xbridge->stp != NULL) { | |
2882 | xlate_report(ctx, "STP not in listening state, " | |
2883 | "skipping bpdu output"); | |
2884 | } else if (ctx->xbridge->rstp != NULL) { | |
2885 | xlate_report(ctx, "RSTP not managing BPDU in this state, " | |
2886 | "skipping bpdu output"); | |
2887 | } | |
0d1cee12 K |
2888 | return; |
2889 | } | |
9efd308e DV |
2890 | } else if (!xport_stp_forward_state(xport) || |
2891 | !xport_rstp_forward_state(xport)) { | |
2892 | if (ctx->xbridge->stp != NULL) { | |
2893 | xlate_report(ctx, "STP not in forwarding state, " | |
2894 | "skipping output"); | |
2895 | } else if (ctx->xbridge->rstp != NULL) { | |
2896 | xlate_report(ctx, "RSTP not in forwarding state, " | |
2897 | "skipping output"); | |
2898 | } | |
0d1cee12 K |
2899 | return; |
2900 | } | |
9583bc14 EJ |
2901 | } |
2902 | ||
46c88433 EJ |
2903 | if (xport->peer) { |
2904 | const struct xport *peer = xport->peer; | |
9583bc14 | 2905 | struct flow old_flow = ctx->xin->flow; |
8d8ab6c2 | 2906 | struct flow_tnl old_flow_tnl_wc = ctx->wc->masks.tunnel; |
07659514 | 2907 | bool old_conntrack = ctx->conntracked; |
e12ec36b | 2908 | bool old_was_mpls = ctx->was_mpls; |
1f4a8933 | 2909 | ovs_version_t old_version = ctx->xin->tables_version; |
1774d762 JR |
2910 | struct ofpbuf old_stack = ctx->stack; |
2911 | union mf_subvalue new_stack[1024 / sizeof(union mf_subvalue)]; | |
ed9c9e3e JR |
2912 | struct ofpbuf old_action_set = ctx->action_set; |
2913 | uint64_t actset_stub[1024 / 8]; | |
9583bc14 | 2914 | |
1774d762 | 2915 | ofpbuf_use_stub(&ctx->stack, new_stack, sizeof new_stack); |
ed9c9e3e | 2916 | ofpbuf_use_stub(&ctx->action_set, actset_stub, sizeof actset_stub); |
46c88433 | 2917 | flow->in_port.ofp_port = peer->ofp_port; |
33bf9176 BP |
2918 | flow->metadata = htonll(0); |
2919 | memset(&flow->tunnel, 0, sizeof flow->tunnel); | |
8d8ab6c2 JG |
2920 | flow->tunnel.metadata.tab = ofproto_dpif_get_tun_tab(peer->xbridge->ofproto); |
2921 | ctx->wc->masks.tunnel.metadata.tab = flow->tunnel.metadata.tab; | |
33bf9176 | 2922 | memset(flow->regs, 0, sizeof flow->regs); |
c61f3870 | 2923 | flow->actset_output = OFPP_UNSET; |
07659514 JS |
2924 | ctx->conntracked = false; |
2925 | clear_conntrack(flow); | |
9583bc14 | 2926 | |
76f3c260 BP |
2927 | /* When the patch port points to a different bridge, then the mirrors |
2928 | * for that bridge clearly apply independently to the packet, so we | |
2929 | * reset the mirror bitmap to zero and then restore it after the packet | |
2930 | * returns. | |
2931 | * | |
2932 | * When the patch port points to the same bridge, this is more of a | |
2933 | * design decision: can mirrors be re-applied to the packet after it | |
2934 | * re-enters the bridge, or should we treat that as doubly mirroring a | |
2935 | * single packet? The former may be cleaner, since it respects the | |
2936 | * model in which a patch port is like a physical cable plugged from | |
2937 | * one switch port to another, but the latter may be less surprising to | |
2938 | * users. We take the latter choice, for now at least. (To use the | |
2939 | * former choice, hard-code 'independent_mirrors' to "true".) */ | |
2940 | mirror_mask_t old_mirrors = ctx->mirrors; | |
2941 | bool independent_mirrors = peer->xbridge != ctx->xbridge; | |
2942 | if (independent_mirrors) { | |
2943 | ctx->mirrors = 0; | |
2944 | } | |
2945 | ctx->xbridge = peer->xbridge; | |
2946 | ||
621b8064 | 2947 | /* The bridge is now known so obtain its table version. */ |
1f4a8933 | 2948 | ctx->xin->tables_version |
621b8064 JR |
2949 | = ofproto_dpif_get_tables_version(ctx->xbridge->ofproto); |
2950 | ||
515793d5 | 2951 | if (!process_special(ctx, peer) && may_receive(peer, ctx)) { |
9efd308e | 2952 | if (xport_stp_forward_state(peer) && xport_rstp_forward_state(peer)) { |
e672ff9b | 2953 | xlate_table_action(ctx, flow->in_port.ofp_port, 0, true, true); |
1d361a81 | 2954 | if (!ctx->freezing) { |
8a5fb3b4 | 2955 | xlate_action_set(ctx); |
e672ff9b | 2956 | } |
1d361a81 | 2957 | if (ctx->freezing) { |
77ab5fd2 | 2958 | finish_freezing(ctx); |
ed9c9e3e | 2959 | } |
9583bc14 | 2960 | } else { |
9efd308e DV |
2961 | /* Forwarding is disabled by STP and RSTP. Let OFPP_NORMAL and |
2962 | * the learning action look at the packet, then drop it. */ | |
9583bc14 | 2963 | struct flow old_base_flow = ctx->base_flow; |
1520ef4f | 2964 | size_t old_size = ctx->odp_actions->size; |
76f3c260 | 2965 | mirror_mask_t old_mirrors2 = ctx->mirrors; |
f3d5b473 | 2966 | |
e672ff9b | 2967 | xlate_table_action(ctx, flow->in_port.ofp_port, 0, true, true); |
76f3c260 | 2968 | ctx->mirrors = old_mirrors2; |
9583bc14 | 2969 | ctx->base_flow = old_base_flow; |
1520ef4f | 2970 | ctx->odp_actions->size = old_size; |
e672ff9b | 2971 | |
1d361a81 BP |
2972 | /* Undo changes that may have been done for freezing. */ |
2973 | ctx_cancel_freeze(ctx); | |
9583bc14 EJ |
2974 | } |
2975 | } | |
2976 | ||
76f3c260 BP |
2977 | if (independent_mirrors) { |
2978 | ctx->mirrors = old_mirrors; | |
2979 | } | |
9583bc14 | 2980 | ctx->xin->flow = old_flow; |
832554e3 | 2981 | ctx->xbridge = xport->xbridge; |
ed9c9e3e JR |
2982 | ofpbuf_uninit(&ctx->action_set); |
2983 | ctx->action_set = old_action_set; | |
1774d762 JR |
2984 | ofpbuf_uninit(&ctx->stack); |
2985 | ctx->stack = old_stack; | |
9583bc14 | 2986 | |
621b8064 | 2987 | /* Restore calling bridge's lookup version. */ |
1f4a8933 | 2988 | ctx->xin->tables_version = old_version; |
621b8064 | 2989 | |
8d8ab6c2 JG |
2990 | /* Since this packet came in on a patch port (from the perspective of |
2991 | * the peer bridge), it cannot have useful tunnel information. As a | |
2992 | * result, any wildcards generated on that tunnel also cannot be valid. | |
2993 | * The tunnel wildcards must be restored to their original version since | |
2994 | * the peer bridge uses a separate tunnel metadata table and therefore | |
2995 | * any generated wildcards will be garbage in the context of our | |
2996 | * metadata table. */ | |
2997 | ctx->wc->masks.tunnel = old_flow_tnl_wc; | |
2998 | ||
e12ec36b SH |
2999 | /* The peer bridge popping MPLS should have no effect on the original |
3000 | * bridge. */ | |
3001 | ctx->was_mpls = old_was_mpls; | |
3002 | ||
07659514 JS |
3003 | /* The peer bridge's conntrack execution should have no effect on the |
3004 | * original bridge. */ | |
3005 | ctx->conntracked = old_conntrack; | |
3006 | ||
f3d5b473 JR |
3007 | /* The fact that the peer bridge exits (for any reason) does not mean |
3008 | * that the original bridge should exit. Specifically, if the peer | |
1d361a81 BP |
3009 | * bridge freezes translation, the original bridge must continue |
3010 | * processing with the original, not the frozen packet! */ | |
f3d5b473 JR |
3011 | ctx->exit = false; |
3012 | ||
fff1b9c0 JR |
3013 | /* Peer bridge errors do not propagate back. */ |
3014 | ctx->error = XLATE_OK; | |
3015 | ||
9583bc14 | 3016 | if (ctx->xin->resubmit_stats) { |
46c88433 EJ |
3017 | netdev_vport_inc_tx(xport->netdev, ctx->xin->resubmit_stats); |
3018 | netdev_vport_inc_rx(peer->netdev, ctx->xin->resubmit_stats); | |
a1aeea86 AW |
3019 | if (peer->bfd) { |
3020 | bfd_account_rx(peer->bfd, ctx->xin->resubmit_stats); | |
3021 | } | |
9583bc14 | 3022 | } |
b256dc52 JS |
3023 | if (ctx->xin->xcache) { |
3024 | struct xc_entry *entry; | |
3025 | ||
3026 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_NETDEV); | |
901a517e JR |
3027 | entry->dev.tx = netdev_ref(xport->netdev); |
3028 | entry->dev.rx = netdev_ref(peer->netdev); | |
3029 | entry->dev.bfd = bfd_ref(peer->bfd); | |
b256dc52 | 3030 | } |
9583bc14 EJ |
3031 | return; |
3032 | } | |
3033 | ||
33bf9176 | 3034 | flow_vlan_tci = flow->vlan_tci; |
1362e248 | 3035 | flow_pkt_mark = flow->pkt_mark; |
33bf9176 | 3036 | flow_nw_tos = flow->nw_tos; |
9583bc14 | 3037 | |
16194afd DDP |
3038 | if (count_skb_priorities(xport)) { |
3039 | memset(&wc->masks.skb_priority, 0xff, sizeof wc->masks.skb_priority); | |
3040 | if (dscp_from_skb_priority(xport, flow->skb_priority, &dscp)) { | |
3041 | wc->masks.nw_tos |= IP_DSCP_MASK; | |
3042 | flow->nw_tos &= ~IP_DSCP_MASK; | |
3043 | flow->nw_tos |= dscp; | |
3044 | } | |
9583bc14 EJ |
3045 | } |
3046 | ||
46c88433 | 3047 | if (xport->is_tunnel) { |
c2b878e0 | 3048 | struct in6_addr dst; |
9583bc14 EJ |
3049 | /* Save tunnel metadata so that changes made due to |
3050 | * the Logical (tunnel) Port are not visible for any further | |
3051 | * matches, while explicit set actions on tunnel metadata are. | |
3052 | */ | |
a36de779 | 3053 | flow_tnl = flow->tunnel; |
49a73e0c | 3054 | odp_port = tnl_port_send(xport->ofport, flow, ctx->wc); |
4e022ec0 | 3055 | if (odp_port == ODPP_NONE) { |
9583bc14 EJ |
3056 | xlate_report(ctx, "Tunneling decided against output"); |
3057 | goto out; /* restore flow_nw_tos */ | |
3058 | } | |
c2b878e0 TLSC |
3059 | dst = flow_tnl_dst(&flow->tunnel); |
3060 | if (ipv6_addr_equals(&dst, &ctx->orig_tunnel_ipv6_dst)) { | |
9583bc14 EJ |
3061 | xlate_report(ctx, "Not tunneling to our own address"); |
3062 | goto out; /* restore flow_nw_tos */ | |
3063 | } | |
3064 | if (ctx->xin->resubmit_stats) { | |
46c88433 | 3065 | netdev_vport_inc_tx(xport->netdev, ctx->xin->resubmit_stats); |
9583bc14 | 3066 | } |
b256dc52 JS |
3067 | if (ctx->xin->xcache) { |
3068 | struct xc_entry *entry; | |
3069 | ||
3070 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_NETDEV); | |
901a517e | 3071 | entry->dev.tx = netdev_ref(xport->netdev); |
b256dc52 | 3072 | } |
9583bc14 | 3073 | out_port = odp_port; |
a36de779 | 3074 | if (ovs_native_tunneling_is_on(ctx->xbridge->ofproto)) { |
81de18ec | 3075 | xlate_report(ctx, "output to native tunnel"); |
a36de779 PS |
3076 | tnl_push_pop_send = true; |
3077 | } else { | |
81de18ec | 3078 | xlate_report(ctx, "output to kernel tunnel"); |
1520ef4f | 3079 | commit_odp_tunnel_action(flow, &ctx->base_flow, ctx->odp_actions); |
a36de779 PS |
3080 | flow->tunnel = flow_tnl; /* Restore tunnel metadata */ |
3081 | } | |
9583bc14 | 3082 | } else { |
46c88433 | 3083 | odp_port = xport->odp_port; |
7614e5d0 | 3084 | out_port = odp_port; |
9583bc14 | 3085 | } |
9583bc14 | 3086 | |
4e022ec0 | 3087 | if (out_port != ODPP_NONE) { |
704bb0bf | 3088 | xlate_commit_actions(ctx); |
adcf00ba | 3089 | |
e93ef1c7 | 3090 | if (xr) { |
347bf289 | 3091 | struct ovs_action_hash *act_hash; |
adcf00ba | 3092 | |
347bf289 | 3093 | /* Hash action. */ |
1520ef4f | 3094 | act_hash = nl_msg_put_unspec_uninit(ctx->odp_actions, |
347bf289 AZ |
3095 | OVS_ACTION_ATTR_HASH, |
3096 | sizeof *act_hash); | |
3097 | act_hash->hash_alg = xr->hash_alg; | |
62ac1f20 | 3098 | act_hash->hash_basis = xr->hash_basis; |
347bf289 AZ |
3099 | |
3100 | /* Recirc action. */ | |
1520ef4f | 3101 | nl_msg_put_u32(ctx->odp_actions, OVS_ACTION_ATTR_RECIRC, |
347bf289 | 3102 | xr->recirc_id); |
adcf00ba | 3103 | } else { |
a36de779 PS |
3104 | |
3105 | if (tnl_push_pop_send) { | |
3106 | build_tunnel_send(ctx, xport, flow, odp_port); | |
3107 | flow->tunnel = flow_tnl; /* Restore tunnel metadata */ | |
3108 | } else { | |
3109 | odp_port_t odp_tnl_port = ODPP_NONE; | |
3110 | ||
3111 | /* XXX: Write better Filter for tunnel port. We can use inport | |
3112 | * int tunnel-port flow to avoid these checks completely. */ | |
3113 | if (ofp_port == OFPP_LOCAL && | |
3114 | ovs_native_tunneling_is_on(ctx->xbridge->ofproto)) { | |
3115 | ||
3116 | odp_tnl_port = tnl_port_map_lookup(flow, wc); | |
3117 | } | |
3118 | ||
3119 | if (odp_tnl_port != ODPP_NONE) { | |
1520ef4f | 3120 | nl_msg_put_odp_port(ctx->odp_actions, |
a36de779 PS |
3121 | OVS_ACTION_ATTR_TUNNEL_POP, |
3122 | odp_tnl_port); | |
3123 | } else { | |
3124 | /* Tunnel push-pop action is not compatible with | |
3125 | * IPFIX action. */ | |
a6092018 | 3126 | compose_ipfix_action(ctx, out_port); |
1356dbd1 WT |
3127 | |
3128 | /* Handle truncation of the mirrored packet. */ | |
3129 | if (ctx->mirror_snaplen > 0 && | |
3130 | ctx->mirror_snaplen < UINT16_MAX) { | |
3131 | struct ovs_action_trunc *trunc; | |
3132 | ||
3133 | trunc = nl_msg_put_unspec_uninit(ctx->odp_actions, | |
3134 | OVS_ACTION_ATTR_TRUNC, | |
3135 | sizeof *trunc); | |
3136 | trunc->max_len = ctx->mirror_snaplen; | |
3137 | if (!ctx->xbridge->support.trunc) { | |
3138 | ctx->xout->slow |= SLOW_ACTION; | |
3139 | } | |
3140 | } | |
3141 | ||
1520ef4f | 3142 | nl_msg_put_odp_port(ctx->odp_actions, |
a36de779 PS |
3143 | OVS_ACTION_ATTR_OUTPUT, |
3144 | out_port); | |
1356dbd1 WT |
3145 | } |
3146 | } | |
adcf00ba | 3147 | } |
9583bc14 | 3148 | |
6cbbf4fa EJ |
3149 | ctx->sflow_odp_port = odp_port; |
3150 | ctx->sflow_n_outputs++; | |
2031ef97 | 3151 | ctx->nf_output_iface = ofp_port; |
6cbbf4fa EJ |
3152 | } |
3153 | ||
7efbc3b7 BP |
3154 | if (mbridge_has_mirrors(ctx->xbridge->mbridge) && xport->xbundle) { |
3155 | mirror_packet(ctx, xport->xbundle, | |
3156 | xbundle_mirror_dst(xport->xbundle->xbridge, | |
3157 | xport->xbundle)); | |
3158 | } | |
3159 | ||
6cbbf4fa | 3160 | out: |
9583bc14 | 3161 | /* Restore flow */ |
33bf9176 | 3162 | flow->vlan_tci = flow_vlan_tci; |
1362e248 | 3163 | flow->pkt_mark = flow_pkt_mark; |
33bf9176 | 3164 | flow->nw_tos = flow_nw_tos; |
9583bc14 EJ |
3165 | } |
3166 | ||
3167 | static void | |
e93ef1c7 JR |
3168 | compose_output_action(struct xlate_ctx *ctx, ofp_port_t ofp_port, |
3169 | const struct xlate_bond_recirc *xr) | |
9583bc14 | 3170 | { |
e93ef1c7 | 3171 | compose_output_action__(ctx, ofp_port, xr, true); |
9583bc14 EJ |
3172 | } |
3173 | ||
bb61b33d | 3174 | static void |
790c5d26 | 3175 | xlate_recursively(struct xlate_ctx *ctx, struct rule_dpif *rule, bool deepens) |
bb61b33d BP |
3176 | { |
3177 | struct rule_dpif *old_rule = ctx->rule; | |
8b1e5560 | 3178 | ovs_be64 old_cookie = ctx->rule_cookie; |
dc723c44 | 3179 | const struct rule_actions *actions; |
bb61b33d BP |
3180 | |
3181 | if (ctx->xin->resubmit_stats) { | |
70742c7f | 3182 | rule_dpif_credit_stats(rule, ctx->xin->resubmit_stats); |
bb61b33d BP |
3183 | } |
3184 | ||
98b07853 | 3185 | ctx->resubmits++; |
790c5d26 | 3186 | |
9a9b001a | 3187 | ctx->indentation++; |
790c5d26 | 3188 | ctx->depth += deepens; |
bb61b33d | 3189 | ctx->rule = rule; |
8b1e5560 | 3190 | ctx->rule_cookie = rule_dpif_get_flow_cookie(rule); |
6f00e29b BP |
3191 | actions = rule_dpif_get_actions(rule); |
3192 | do_xlate_actions(actions->ofpacts, actions->ofpacts_len, ctx); | |
8b1e5560 | 3193 | ctx->rule_cookie = old_cookie; |
bb61b33d | 3194 | ctx->rule = old_rule; |
790c5d26 | 3195 | ctx->depth -= deepens; |
9a9b001a | 3196 | ctx->indentation--; |
bb61b33d BP |
3197 | } |
3198 | ||
bd3240ba SH |
3199 | static bool |
3200 | xlate_resubmit_resource_check(struct xlate_ctx *ctx) | |
9583bc14 | 3201 | { |
790c5d26 BP |
3202 | if (ctx->depth >= MAX_DEPTH) { |
3203 | XLATE_REPORT_ERROR(ctx, "over max translation depth %d", MAX_DEPTH); | |
fff1b9c0 | 3204 | ctx->error = XLATE_RECURSION_TOO_DEEP; |
790c5d26 | 3205 | } else if (ctx->resubmits >= MAX_RESUBMITS) { |
fff1b9c0 JR |
3206 | XLATE_REPORT_ERROR(ctx, "over %d resubmit actions", MAX_RESUBMITS); |
3207 | ctx->error = XLATE_TOO_MANY_RESUBMITS; | |
1520ef4f | 3208 | } else if (ctx->odp_actions->size > UINT16_MAX) { |
fff1b9c0 JR |
3209 | XLATE_REPORT_ERROR(ctx, "resubmits yielded over 64 kB of actions"); |
3210 | /* NOT an error, as we'll be slow-pathing the flow in this case? */ | |
3211 | ctx->exit = true; /* XXX: translation still terminated! */ | |
6fd6ed71 | 3212 | } else if (ctx->stack.size >= 65536) { |
fff1b9c0 JR |
3213 | XLATE_REPORT_ERROR(ctx, "resubmits yielded over 64 kB of stack"); |
3214 | ctx->error = XLATE_STACK_TOO_DEEP; | |
98b07853 | 3215 | } else { |
bd3240ba SH |
3216 | return true; |
3217 | } | |
3218 | ||
3219 | return false; | |
3220 | } | |
3221 | ||
3222 | static void | |
6d328fa2 SH |
3223 | xlate_table_action(struct xlate_ctx *ctx, ofp_port_t in_port, uint8_t table_id, |
3224 | bool may_packet_in, bool honor_table_miss) | |
bd3240ba | 3225 | { |
e12ec36b SH |
3226 | /* Check if we need to recirculate before matching in a table. */ |
3227 | if (ctx->was_mpls) { | |
3228 | ctx_trigger_freeze(ctx); | |
3229 | return; | |
3230 | } | |
bd3240ba | 3231 | if (xlate_resubmit_resource_check(ctx)) { |
9583bc14 | 3232 | uint8_t old_table_id = ctx->table_id; |
3f207910 | 3233 | struct rule_dpif *rule; |
9583bc14 EJ |
3234 | |
3235 | ctx->table_id = table_id; | |
3236 | ||
34dd0d78 | 3237 | rule = rule_dpif_lookup_from_table(ctx->xbridge->ofproto, |
1f4a8933 | 3238 | ctx->xin->tables_version, |
c0e638aa | 3239 | &ctx->xin->flow, ctx->wc, |
34dd0d78 JR |
3240 | ctx->xin->resubmit_stats, |
3241 | &ctx->table_id, in_port, | |
a027899e JR |
3242 | may_packet_in, honor_table_miss, |
3243 | ctx->xin->xcache); | |
a8c31348 | 3244 | if (OVS_UNLIKELY(ctx->xin->resubmit_hook)) { |
9a9b001a | 3245 | ctx->xin->resubmit_hook(ctx->xin, rule, ctx->indentation + 1); |
ad3efdcb EJ |
3246 | } |
3247 | ||
a2143702 | 3248 | if (rule) { |
83709dfa JR |
3249 | /* Fill in the cache entry here instead of xlate_recursively |
3250 | * to make the reference counting more explicit. We take a | |
3251 | * reference in the lookups above if we are going to cache the | |
3252 | * rule. */ | |
3253 | if (ctx->xin->xcache) { | |
3254 | struct xc_entry *entry; | |
3255 | ||
3256 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_RULE); | |
901a517e | 3257 | entry->rule = rule; |
1e1e1d19 | 3258 | rule_dpif_ref(rule); |
83709dfa | 3259 | } |
790c5d26 | 3260 | xlate_recursively(ctx, rule, table_id <= old_table_id); |
ad3efdcb EJ |
3261 | } |
3262 | ||
9583bc14 | 3263 | ctx->table_id = old_table_id; |
98b07853 | 3264 | return; |
9583bc14 EJ |
3265 | } |
3266 | } | |
3267 | ||
76973237 | 3268 | /* Consumes the group reference, which is only taken if xcache exists. */ |
f4fb341b | 3269 | static void |
1e684d7d RW |
3270 | xlate_group_stats(struct xlate_ctx *ctx, struct group_dpif *group, |
3271 | struct ofputil_bucket *bucket) | |
3272 | { | |
3273 | if (ctx->xin->resubmit_stats) { | |
3274 | group_dpif_credit_stats(group, bucket, ctx->xin->resubmit_stats); | |
3275 | } | |
3276 | if (ctx->xin->xcache) { | |
3277 | struct xc_entry *entry; | |
3278 | ||
3279 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_GROUP); | |
901a517e JR |
3280 | entry->group.group = group; |
3281 | entry->group.bucket = bucket; | |
1e684d7d RW |
3282 | } |
3283 | } | |
3284 | ||
3285 | static void | |
3286 | xlate_group_bucket(struct xlate_ctx *ctx, struct ofputil_bucket *bucket) | |
f4fb341b SH |
3287 | { |
3288 | uint64_t action_list_stub[1024 / 8]; | |
0a2869d5 BP |
3289 | struct ofpbuf action_list = OFPBUF_STUB_INITIALIZER(action_list_stub); |
3290 | struct ofpbuf action_set = ofpbuf_const_initializer(bucket->ofpacts, | |
3291 | bucket->ofpacts_len); | |
5b09e569 | 3292 | struct flow old_flow = ctx->xin->flow; |
e12ec36b | 3293 | bool old_was_mpls = ctx->was_mpls; |
f4fb341b | 3294 | |
f4fb341b | 3295 | ofpacts_execute_action_set(&action_list, &action_set); |
9a9b001a | 3296 | ctx->indentation++; |
790c5d26 | 3297 | ctx->depth++; |
6fd6ed71 | 3298 | do_xlate_actions(action_list.data, action_list.size, ctx); |
790c5d26 | 3299 | ctx->depth--; |
9a9b001a | 3300 | ctx->indentation--; |
f4fb341b | 3301 | |
f4fb341b | 3302 | ofpbuf_uninit(&action_list); |
5b09e569 | 3303 | |
77ab5fd2 | 3304 | /* Check if need to freeze. */ |
1d361a81 | 3305 | if (ctx->freezing) { |
77ab5fd2 | 3306 | finish_freezing(ctx); |
e672ff9b JR |
3307 | } |
3308 | ||
5b09e569 JR |
3309 | /* Roll back flow to previous state. |
3310 | * This is equivalent to cloning the packet for each bucket. | |
3311 | * | |
3312 | * As a side effect any subsequently applied actions will | |
3313 | * also effectively be applied to a clone of the packet taken | |
3314 | * just before applying the all or indirect group. | |
3315 | * | |
3316 | * Note that group buckets are action sets, hence they cannot modify the | |
3317 | * main action set. Also any stack actions are ignored when executing an | |
3318 | * action set, so group buckets cannot change the stack either. | |
3319 | * However, we do allow resubmit actions in group buckets, which could | |
3320 | * break the above assumptions. It is up to the controller to not mess up | |
3321 | * with the action_set and stack in the tables resubmitted to from | |
3322 | * group buckets. */ | |
3323 | ctx->xin->flow = old_flow; | |
3324 | ||
e12ec36b SH |
3325 | /* The group bucket popping MPLS should have no effect after bucket |
3326 | * execution. */ | |
3327 | ctx->was_mpls = old_was_mpls; | |
3328 | ||
5b09e569 JR |
3329 | /* The fact that the group bucket exits (for any reason) does not mean that |
3330 | * the translation after the group action should exit. Specifically, if | |
1d361a81 BP |
3331 | * the group bucket freezes translation, the actions after the group action |
3332 | * must continue processing with the original, not the frozen packet! */ | |
5b09e569 | 3333 | ctx->exit = false; |
f4fb341b SH |
3334 | } |
3335 | ||
3336 | static void | |
3337 | xlate_all_group(struct xlate_ctx *ctx, struct group_dpif *group) | |
3338 | { | |
1e684d7d | 3339 | struct ofputil_bucket *bucket; |
ca6ba700 | 3340 | const struct ovs_list *buckets; |
f4fb341b | 3341 | |
53cc166a | 3342 | buckets = group_dpif_get_buckets(group, NULL); |
f4fb341b SH |
3343 | LIST_FOR_EACH (bucket, list_node, buckets) { |
3344 | xlate_group_bucket(ctx, bucket); | |
f4fb341b | 3345 | } |
1e684d7d | 3346 | xlate_group_stats(ctx, group, NULL); |
f4fb341b SH |
3347 | } |
3348 | ||
dd8cd4b4 SH |
3349 | static void |
3350 | xlate_ff_group(struct xlate_ctx *ctx, struct group_dpif *group) | |
3351 | { | |
1e684d7d | 3352 | struct ofputil_bucket *bucket; |
dd8cd4b4 SH |
3353 | |
3354 | bucket = group_first_live_bucket(ctx, group, 0); | |
3355 | if (bucket) { | |
3356 | xlate_group_bucket(ctx, bucket); | |
1e684d7d | 3357 | xlate_group_stats(ctx, group, bucket); |
76973237 JR |
3358 | } else if (ctx->xin->xcache) { |
3359 | group_dpif_unref(group); | |
dd8cd4b4 SH |
3360 | } |
3361 | } | |
3362 | ||
fe7e5749 | 3363 | static void |
7565c3e4 | 3364 | xlate_default_select_group(struct xlate_ctx *ctx, struct group_dpif *group) |
fe7e5749 | 3365 | { |
49a73e0c | 3366 | struct flow_wildcards *wc = ctx->wc; |
1e684d7d | 3367 | struct ofputil_bucket *bucket; |
fe7e5749 SH |
3368 | uint32_t basis; |
3369 | ||
1d1aae0b | 3370 | basis = flow_hash_symmetric_l4(&ctx->xin->flow, 0); |
80e3509d | 3371 | flow_mask_hash_fields(&ctx->xin->flow, wc, NX_HASH_FIELDS_SYMMETRIC_L4); |
fe7e5749 SH |
3372 | bucket = group_best_live_bucket(ctx, group, basis); |
3373 | if (bucket) { | |
fe7e5749 | 3374 | xlate_group_bucket(ctx, bucket); |
1e684d7d | 3375 | xlate_group_stats(ctx, group, bucket); |
76973237 JR |
3376 | } else if (ctx->xin->xcache) { |
3377 | group_dpif_unref(group); | |
fe7e5749 SH |
3378 | } |
3379 | } | |
3380 | ||
0c4b9393 SH |
3381 | static void |
3382 | xlate_hash_fields_select_group(struct xlate_ctx *ctx, struct group_dpif *group) | |
3383 | { | |
0c4b9393 SH |
3384 | const struct field_array *fields; |
3385 | struct ofputil_bucket *bucket; | |
e8dba719 | 3386 | const uint8_t *mask_values; |
0c4b9393 | 3387 | uint32_t basis; |
e8dba719 | 3388 | size_t i; |
0c4b9393 SH |
3389 | |
3390 | fields = group_dpif_get_fields(group); | |
e8dba719 | 3391 | mask_values = fields->values; |
0c4b9393 SH |
3392 | basis = hash_uint64(group_dpif_get_selection_method_param(group)); |
3393 | ||
e8dba719 JR |
3394 | BITMAP_FOR_EACH_1 (i, MFF_N_IDS, fields->used.bm) { |
3395 | const struct mf_field *mf = mf_from_id(i); | |
0c4b9393 | 3396 | |
e8dba719 JR |
3397 | /* Skip fields for which prerequisities are not met. */ |
3398 | if (!mf_are_prereqs_ok(mf, &ctx->xin->flow, ctx->wc)) { | |
3399 | /* Skip the mask bytes for this field. */ | |
3400 | mask_values += mf->n_bytes; | |
3401 | continue; | |
3402 | } | |
0c4b9393 | 3403 | |
e8dba719 JR |
3404 | union mf_value value; |
3405 | union mf_value mask; | |
0c4b9393 | 3406 | |
e8dba719 JR |
3407 | mf_get_value(mf, &ctx->xin->flow, &value); |
3408 | /* Mask the value. */ | |
3409 | for (int j = 0; j < mf->n_bytes; j++) { | |
3410 | mask.b[j] = *mask_values++; | |
3411 | value.b[j] &= mask.b[j]; | |
3412 | } | |
3413 | basis = hash_bytes(&value, mf->n_bytes, basis); | |
1cb20095 | 3414 | |
e8dba719 JR |
3415 | /* For tunnels, hash in whether the field is present. */ |
3416 | if (mf_is_tun_metadata(mf)) { | |
3417 | basis = hash_boolean(mf_is_set(mf, &ctx->xin->flow), basis); | |
0c4b9393 | 3418 | } |
e8dba719 JR |
3419 | |
3420 | mf_mask_field_masked(mf, &mask, ctx->wc); | |
0c4b9393 SH |
3421 | } |
3422 | ||
3423 | bucket = group_best_live_bucket(ctx, group, basis); | |
3424 | if (bucket) { | |
3425 | xlate_group_bucket(ctx, bucket); | |
3426 | xlate_group_stats(ctx, group, bucket); | |
76973237 JR |
3427 | } else if (ctx->xin->xcache) { |
3428 | group_dpif_unref(group); | |
0c4b9393 SH |
3429 | } |
3430 | } | |
3431 | ||
53cc166a JR |
3432 | static void |
3433 | xlate_dp_hash_select_group(struct xlate_ctx *ctx, struct group_dpif *group) | |
3434 | { | |
3435 | struct ofputil_bucket *bucket; | |
3436 | ||
3437 | /* dp_hash value 0 is special since it means that the dp_hash has not been | |
3438 | * computed, as all computed dp_hash values are non-zero. Therefore | |
3439 | * compare to zero can be used to decide if the dp_hash value is valid | |
3440 | * without masking the dp_hash field. */ | |
3441 | if (!ctx->xin->flow.dp_hash) { | |
3442 | uint64_t param = group_dpif_get_selection_method_param(group); | |
3443 | ||
3444 | ctx_trigger_recirculate_with_hash(ctx, param >> 32, (uint32_t)param); | |
3445 | } else { | |
3446 | uint32_t n_buckets; | |
3447 | ||
3448 | group_dpif_get_buckets(group, &n_buckets); | |
3449 | if (n_buckets) { | |
3450 | /* Minimal mask to cover the number of buckets. */ | |
3451 | uint32_t mask = (1 << log_2_ceil(n_buckets)) - 1; | |
3452 | /* Multiplier chosen to make the trivial 1 bit case to | |
3453 | * actually distribute amongst two equal weight buckets. */ | |
3454 | uint32_t basis = 0xc2b73583 * (ctx->xin->flow.dp_hash & mask); | |
3455 | ||
3456 | ctx->wc->masks.dp_hash |= mask; | |
3457 | bucket = group_best_live_bucket(ctx, group, basis); | |
3458 | if (bucket) { | |
3459 | xlate_group_bucket(ctx, bucket); | |
3460 | xlate_group_stats(ctx, group, bucket); | |
3461 | } | |
3462 | } | |
3463 | } | |
3464 | } | |
3465 | ||
7565c3e4 SH |
3466 | static void |
3467 | xlate_select_group(struct xlate_ctx *ctx, struct group_dpif *group) | |
3468 | { | |
3469 | const char *selection_method = group_dpif_get_selection_method(group); | |
3470 | ||
e12ec36b SH |
3471 | /* Select groups may access flow keys beyond L2 in order to |
3472 | * select a bucket. Recirculate as appropriate to make this possible. | |
3473 | */ | |
3474 | if (ctx->was_mpls) { | |
3475 | ctx_trigger_freeze(ctx); | |
3476 | } | |
3477 | ||
7565c3e4 SH |
3478 | if (selection_method[0] == '\0') { |
3479 | xlate_default_select_group(ctx, group); | |
0c4b9393 SH |
3480 | } else if (!strcasecmp("hash", selection_method)) { |
3481 | xlate_hash_fields_select_group(ctx, group); | |
53cc166a JR |
3482 | } else if (!strcasecmp("dp_hash", selection_method)) { |
3483 | xlate_dp_hash_select_group(ctx, group); | |
7565c3e4 SH |
3484 | } else { |
3485 | /* Parsing of groups should ensure this never happens */ | |
3486 | OVS_NOT_REACHED(); | |
3487 | } | |
3488 | } | |
3489 | ||
f4fb341b SH |
3490 | static void |
3491 | xlate_group_action__(struct xlate_ctx *ctx, struct group_dpif *group) | |
3492 | { | |
0eb48fe1 | 3493 | bool was_in_group = ctx->in_group; |
5a070238 BP |
3494 | ctx->in_group = true; |
3495 | ||
f4fb341b SH |
3496 | switch (group_dpif_get_type(group)) { |
3497 | case OFPGT11_ALL: | |
3498 | case OFPGT11_INDIRECT: | |
3499 | xlate_all_group(ctx, group); | |
3500 | break; | |
3501 | case OFPGT11_SELECT: | |
fe7e5749 | 3502 | xlate_select_group(ctx, group); |
f4fb341b | 3503 | break; |
dd8cd4b4 SH |
3504 | case OFPGT11_FF: |
3505 | xlate_ff_group(ctx, group); | |
3506 | break; | |
f4fb341b | 3507 | default: |
428b2edd | 3508 | OVS_NOT_REACHED(); |
f4fb341b | 3509 | } |
5a070238 | 3510 | |
0eb48fe1 | 3511 | ctx->in_group = was_in_group; |
f4fb341b SH |
3512 | } |
3513 | ||
3514 | static bool | |
3515 | xlate_group_action(struct xlate_ctx *ctx, uint32_t group_id) | |
3516 | { | |
0eb48fe1 | 3517 | if (xlate_resubmit_resource_check(ctx)) { |
f4fb341b | 3518 | struct group_dpif *group; |
f4fb341b | 3519 | |
76973237 JR |
3520 | /* Take ref only if xcache exists. */ |
3521 | group = group_dpif_lookup(ctx->xbridge->ofproto, group_id, | |
1f4a8933 | 3522 | ctx->xin->tables_version, ctx->xin->xcache); |
db88b35c JR |
3523 | if (!group) { |
3524 | /* XXX: Should set ctx->error ? */ | |
f4fb341b SH |
3525 | return true; |
3526 | } | |
db88b35c | 3527 | xlate_group_action__(ctx, group); |
f4fb341b SH |
3528 | } |
3529 | ||
3530 | return false; | |
3531 | } | |
3532 | ||
9583bc14 EJ |
3533 | static void |
3534 | xlate_ofpact_resubmit(struct xlate_ctx *ctx, | |
3535 | const struct ofpact_resubmit *resubmit) | |
3536 | { | |
4e022ec0 | 3537 | ofp_port_t in_port; |
9583bc14 | 3538 | uint8_t table_id; |
adcf00ba AZ |
3539 | bool may_packet_in = false; |
3540 | bool honor_table_miss = false; | |
3541 | ||
3542 | if (ctx->rule && rule_dpif_is_internal(ctx->rule)) { | |
3543 | /* Still allow missed packets to be sent to the controller | |
3544 | * if resubmitting from an internal table. */ | |
3545 | may_packet_in = true; | |
3546 | honor_table_miss = true; | |
3547 | } | |
9583bc14 EJ |
3548 | |
3549 | in_port = resubmit->in_port; | |
3550 | if (in_port == OFPP_IN_PORT) { | |
4e022ec0 | 3551 | in_port = ctx->xin->flow.in_port.ofp_port; |
9583bc14 EJ |
3552 | } |
3553 | ||
3554 | table_id = resubmit->table_id; | |
3555 | if (table_id == 255) { | |
3556 | table_id = ctx->table_id; | |
3557 | } | |
3558 | ||
adcf00ba AZ |
3559 | xlate_table_action(ctx, in_port, table_id, may_packet_in, |
3560 | honor_table_miss); | |
9583bc14 EJ |
3561 | } |
3562 | ||
3563 | static void | |
3564 | flood_packets(struct xlate_ctx *ctx, bool all) | |
3565 | { | |
46c88433 | 3566 | const struct xport *xport; |
9583bc14 | 3567 | |
46c88433 EJ |
3568 | HMAP_FOR_EACH (xport, ofp_node, &ctx->xbridge->xports) { |
3569 | if (xport->ofp_port == ctx->xin->flow.in_port.ofp_port) { | |
9583bc14 EJ |
3570 | continue; |
3571 | } | |
3572 | ||
3573 | if (all) { | |
e93ef1c7 | 3574 | compose_output_action__(ctx, xport->ofp_port, NULL, false); |
46c88433 | 3575 | } else if (!(xport->config & OFPUTIL_PC_NO_FLOOD)) { |
e93ef1c7 | 3576 | compose_output_action(ctx, xport->ofp_port, NULL); |
9583bc14 EJ |
3577 | } |
3578 | } | |
3579 | ||
2031ef97 | 3580 | ctx->nf_output_iface = NF_OUT_FLOOD; |
9583bc14 EJ |
3581 | } |
3582 | ||
3583 | static void | |
3584 | execute_controller_action(struct xlate_ctx *ctx, int len, | |
3585 | enum ofp_packet_in_reason reason, | |
bdcad671 BP |
3586 | uint16_t controller_id, |
3587 | const uint8_t *userdata, size_t userdata_len) | |
9583bc14 | 3588 | { |
1895cc8d | 3589 | struct dp_packet_batch batch; |
e14deea0 | 3590 | struct dp_packet *packet; |
9583bc14 | 3591 | |
04594cd5 | 3592 | ctx->xout->slow |= SLOW_CONTROLLER; |
b476e2f2 | 3593 | xlate_commit_actions(ctx); |
9583bc14 EJ |
3594 | if (!ctx->xin->packet) { |
3595 | return; | |
3596 | } | |
3597 | ||
df70a773 JR |
3598 | if (!ctx->xin->allow_side_effects && !ctx->xin->xcache) { |
3599 | return; | |
3600 | } | |
3601 | ||
cf62fa4c | 3602 | packet = dp_packet_clone(ctx->xin->packet); |
1895cc8d PS |
3603 | packet_batch_init_packet(&batch, packet); |
3604 | odp_execute_actions(NULL, &batch, false, | |
1520ef4f | 3605 | ctx->odp_actions->data, ctx->odp_actions->size, NULL); |
9583bc14 | 3606 | |
9bfe9334 BP |
3607 | /* A packet sent by an action in a table-miss rule is considered an |
3608 | * explicit table miss. OpenFlow before 1.3 doesn't have that concept so | |
3609 | * it will get translated back to OFPR_ACTION for those versions. */ | |
3610 | if (reason == OFPR_ACTION | |
3611 | && ctx->rule && rule_dpif_is_table_miss(ctx->rule)) { | |
3612 | reason = OFPR_EXPLICIT_MISS; | |
3613 | } | |
3614 | ||
3615 | size_t packet_len = dp_packet_size(packet); | |
0fb7792a | 3616 | |
a2b53dec BP |
3617 | struct ofproto_async_msg *am = xmalloc(sizeof *am); |
3618 | *am = (struct ofproto_async_msg) { | |
9bfe9334 | 3619 | .controller_id = controller_id, |
a2b53dec BP |
3620 | .oam = OAM_PACKET_IN, |
3621 | .pin = { | |
3622 | .up = { | |
77ab5fd2 BP |
3623 | .public = { |
3624 | .packet = dp_packet_steal_data(packet), | |
3625 | .packet_len = packet_len, | |
3626 | .reason = reason, | |
3627 | .table_id = ctx->table_id, | |
3628 | .cookie = ctx->rule_cookie, | |
3629 | .userdata = (userdata_len | |
3630 | ? xmemdup(userdata, userdata_len) | |
3631 | : NULL), | |
3632 | .userdata_len = userdata_len, | |
3633 | } | |
a2b53dec BP |
3634 | }, |
3635 | .max_len = len, | |
9bfe9334 | 3636 | }, |
9bfe9334 | 3637 | }; |
77ab5fd2 | 3638 | flow_get_metadata(&ctx->xin->flow, &am->pin.up.public.flow_metadata); |
9583bc14 | 3639 | |
df70a773 JR |
3640 | /* Async messages are only sent once, so if we send one now, no |
3641 | * xlate cache entry is created. */ | |
3642 | if (ctx->xin->allow_side_effects) { | |
3643 | ofproto_dpif_send_async_msg(ctx->xbridge->ofproto, am); | |
3644 | } else /* xcache */ { | |
3645 | struct xc_entry *entry; | |
3646 | ||
3647 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_CONTROLLER); | |
3648 | entry->controller.ofproto = ctx->xbridge->ofproto; | |
3649 | entry->controller.am = am; | |
3650 | } | |
9583bc14 EJ |
3651 | } |
3652 | ||
7bbdd84f | 3653 | static void |
77ab5fd2 | 3654 | emit_continuation(struct xlate_ctx *ctx, const struct frozen_state *state) |
7bbdd84f | 3655 | { |
df70a773 JR |
3656 | if (!ctx->xin->allow_side_effects && !ctx->xin->xcache) { |
3657 | return; | |
3658 | } | |
3659 | ||
77ab5fd2 BP |
3660 | struct ofproto_async_msg *am = xmalloc(sizeof *am); |
3661 | *am = (struct ofproto_async_msg) { | |
3662 | .controller_id = ctx->pause->controller_id, | |
3663 | .oam = OAM_PACKET_IN, | |
3664 | .pin = { | |
3665 | .up = { | |
3666 | .public = { | |
3667 | .userdata = xmemdup(ctx->pause->userdata, | |
3668 | ctx->pause->userdata_len), | |
3669 | .userdata_len = ctx->pause->userdata_len, | |
3670 | .packet = xmemdup(dp_packet_data(ctx->xin->packet), | |
3671 | dp_packet_size(ctx->xin->packet)), | |
3672 | .packet_len = dp_packet_size(ctx->xin->packet), | |
0b024e49 | 3673 | .reason = ctx->pause->reason, |
77ab5fd2 BP |
3674 | }, |
3675 | .bridge = *ofproto_dpif_get_uuid(ctx->xbridge->ofproto), | |
3676 | .stack = xmemdup(state->stack, | |
3677 | state->n_stack * sizeof *state->stack), | |
3678 | .n_stack = state->n_stack, | |
3679 | .mirrors = state->mirrors, | |
3680 | .conntracked = state->conntracked, | |
3681 | .actions = xmemdup(state->ofpacts, state->ofpacts_len), | |
3682 | .actions_len = state->ofpacts_len, | |
3683 | .action_set = xmemdup(state->action_set, | |
3684 | state->action_set_len), | |
3685 | .action_set_len = state->action_set_len, | |
3686 | }, | |
3687 | .max_len = UINT16_MAX, | |
3688 | }, | |
3689 | }; | |
3690 | flow_get_metadata(&ctx->xin->flow, &am->pin.up.public.flow_metadata); | |
df70a773 JR |
3691 | |
3692 | /* Async messages are only sent once, so if we send one now, no | |
3693 | * xlate cache entry is created. */ | |
3694 | if (ctx->xin->allow_side_effects) { | |
3695 | ofproto_dpif_send_async_msg(ctx->xbridge->ofproto, am); | |
3696 | } else /* xcache */ { | |
3697 | struct xc_entry *entry; | |
3698 | ||
3699 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_CONTROLLER); | |
3700 | entry->controller.ofproto = ctx->xbridge->ofproto; | |
3701 | entry->controller.am = am; | |
3702 | } | |
77ab5fd2 | 3703 | } |
7bbdd84f | 3704 | |
77ab5fd2 BP |
3705 | static void |
3706 | finish_freezing__(struct xlate_ctx *ctx, uint8_t table) | |
3707 | { | |
1d361a81 | 3708 | ovs_assert(ctx->freezing); |
7bbdd84f | 3709 | |
1d361a81 | 3710 | struct frozen_state state = { |
07659514 | 3711 | .table_id = table, |
290835f9 | 3712 | .ofproto_uuid = *ofproto_dpif_get_uuid(ctx->xbridge->ofproto), |
5c1b2314 BP |
3713 | .stack = ctx->stack.data, |
3714 | .n_stack = ctx->stack.size / sizeof(union mf_subvalue), | |
29bae541 | 3715 | .mirrors = ctx->mirrors, |
07659514 | 3716 | .conntracked = ctx->conntracked, |
1d361a81 BP |
3717 | .ofpacts = ctx->frozen_actions.data, |
3718 | .ofpacts_len = ctx->frozen_actions.size, | |
417509fa | 3719 | .action_set = ctx->action_set.data, |
8a5fb3b4 | 3720 | .action_set_len = ctx->action_set.size, |
2082425c | 3721 | }; |
77ab5fd2 | 3722 | frozen_metadata_from_flow(&state.metadata, &ctx->xin->flow); |
2082425c | 3723 | |
77ab5fd2 BP |
3724 | if (ctx->pause) { |
3725 | if (ctx->xin->packet) { | |
3726 | emit_continuation(ctx, &state); | |
3727 | } | |
3728 | } else { | |
3729 | /* Allocate a unique recirc id for the given metadata state in the | |
3730 | * flow. An existing id, with a new reference to the corresponding | |
3731 | * recirculation context, will be returned if possible. | |
3732 | * The life-cycle of this recirc id is managed by associating it | |
3733 | * with the udpif key ('ukey') created for each new datapath flow. */ | |
3734 | uint32_t id = recirc_alloc_id_ctx(&state); | |
3735 | if (!id) { | |
3736 | XLATE_REPORT_ERROR(ctx, "Failed to allocate recirculation id"); | |
3737 | ctx->error = XLATE_NO_RECIRCULATION_CONTEXT; | |
3738 | return; | |
3739 | } | |
3740 | recirc_refs_add(&ctx->xout->recircs, id); | |
7bbdd84f | 3741 | |
53cc166a JR |
3742 | if (ctx->recirc_update_dp_hash) { |
3743 | struct ovs_action_hash *act_hash; | |
3744 | ||
3745 | /* Hash action. */ | |
3746 | act_hash = nl_msg_put_unspec_uninit(ctx->odp_actions, | |
3747 | OVS_ACTION_ATTR_HASH, | |
3748 | sizeof *act_hash); | |
3749 | act_hash->hash_alg = OVS_HASH_ALG_L4; /* Make configurable. */ | |
3750 | act_hash->hash_basis = 0; /* Make configurable. */ | |
3751 | } | |
77ab5fd2 BP |
3752 | nl_msg_put_u32(ctx->odp_actions, OVS_ACTION_ATTR_RECIRC, id); |
3753 | } | |
e672ff9b | 3754 | |
1d361a81 BP |
3755 | /* Undo changes done by freezing. */ |
3756 | ctx_cancel_freeze(ctx); | |
7bbdd84f SH |
3757 | } |
3758 | ||
1d361a81 | 3759 | /* Called only when we're freezing. */ |
07659514 | 3760 | static void |
77ab5fd2 | 3761 | finish_freezing(struct xlate_ctx *ctx) |
07659514 JS |
3762 | { |
3763 | xlate_commit_actions(ctx); | |
77ab5fd2 | 3764 | finish_freezing__(ctx, 0); |
07659514 JS |
3765 | } |
3766 | ||
e37b8437 JS |
3767 | /* Fork the pipeline here. The current packet will continue processing the |
3768 | * current action list. A clone of the current packet will recirculate, skip | |
3769 | * the remainder of the current action list and asynchronously resume pipeline | |
3770 | * processing in 'table' with the current metadata and action set. */ | |
3771 | static void | |
3772 | compose_recirculate_and_fork(struct xlate_ctx *ctx, uint8_t table) | |
3773 | { | |
1d361a81 | 3774 | ctx->freezing = true; |
77ab5fd2 | 3775 | finish_freezing__(ctx, table); |
e37b8437 JS |
3776 | } |
3777 | ||
8bfd0fda BP |
3778 | static void |
3779 | compose_mpls_push_action(struct xlate_ctx *ctx, struct ofpact_push_mpls *mpls) | |
9583bc14 | 3780 | { |
33bf9176 | 3781 | struct flow *flow = &ctx->xin->flow; |
8bfd0fda | 3782 | int n; |
33bf9176 | 3783 | |
8bfd0fda | 3784 | ovs_assert(eth_type_mpls(mpls->ethertype)); |
b0a17866 | 3785 | |
49a73e0c | 3786 | n = flow_count_mpls_labels(flow, ctx->wc); |
8bfd0fda | 3787 | if (!n) { |
704bb0bf | 3788 | xlate_commit_actions(ctx); |
8bfd0fda BP |
3789 | } else if (n >= FLOW_MAX_MPLS_LABELS) { |
3790 | if (ctx->xin->packet != NULL) { | |
fff1b9c0 | 3791 | XLATE_REPORT_ERROR(ctx, "bridge %s: dropping packet on which an " |
8bfd0fda BP |
3792 | "MPLS push action can't be performed as it would " |
3793 | "have more MPLS LSEs than the %d supported.", | |
3794 | ctx->xbridge->name, FLOW_MAX_MPLS_LABELS); | |
9583bc14 | 3795 | } |
fff1b9c0 | 3796 | ctx->error = XLATE_TOO_MANY_MPLS_LABELS; |
8bfd0fda | 3797 | return; |
9583bc14 | 3798 | } |
b0a17866 | 3799 | |
49a73e0c | 3800 | flow_push_mpls(flow, n, mpls->ethertype, ctx->wc); |
9583bc14 EJ |
3801 | } |
3802 | ||
8bfd0fda | 3803 | static void |
9cfef3d0 | 3804 | compose_mpls_pop_action(struct xlate_ctx *ctx, ovs_be16 eth_type) |
9583bc14 | 3805 | { |
8bfd0fda | 3806 | struct flow *flow = &ctx->xin->flow; |
49a73e0c | 3807 | int n = flow_count_mpls_labels(flow, ctx->wc); |
33bf9176 | 3808 | |
49a73e0c | 3809 | if (flow_pop_mpls(flow, n, eth_type, ctx->wc)) { |
8bf009bf | 3810 | if (!eth_type_mpls(eth_type) && ctx->xbridge->support.odp.recirc) { |
e12ec36b | 3811 | ctx->was_mpls = true; |
7bbdd84f SH |
3812 | } |
3813 | } else if (n >= FLOW_MAX_MPLS_LABELS) { | |
8bfd0fda | 3814 | if (ctx->xin->packet != NULL) { |
fff1b9c0 | 3815 | XLATE_REPORT_ERROR(ctx, "bridge %s: dropping packet on which an " |
8bfd0fda BP |
3816 | "MPLS pop action can't be performed as it has " |
3817 | "more MPLS LSEs than the %d supported.", | |
3818 | ctx->xbridge->name, FLOW_MAX_MPLS_LABELS); | |
3819 | } | |
fff1b9c0 | 3820 | ctx->error = XLATE_TOO_MANY_MPLS_LABELS; |
1520ef4f | 3821 | ofpbuf_clear(ctx->odp_actions); |
9583bc14 EJ |
3822 | } |
3823 | } | |
3824 | ||
3825 | static bool | |
3826 | compose_dec_ttl(struct xlate_ctx *ctx, struct ofpact_cnt_ids *ids) | |
3827 | { | |
33bf9176 BP |
3828 | struct flow *flow = &ctx->xin->flow; |
3829 | ||
3830 | if (!is_ip_any(flow)) { | |
9583bc14 EJ |
3831 | return false; |
3832 | } | |
3833 | ||
49a73e0c | 3834 | ctx->wc->masks.nw_ttl = 0xff; |
33bf9176 BP |
3835 | if (flow->nw_ttl > 1) { |
3836 | flow->nw_ttl--; | |
9583bc14 EJ |
3837 | return false; |
3838 | } else { | |
3839 | size_t i; | |
3840 | ||
3841 | for (i = 0; i < ids->n_controllers; i++) { | |
3842 | execute_controller_action(ctx, UINT16_MAX, OFPR_INVALID_TTL, | |
bdcad671 | 3843 | ids->cnt_ids[i], NULL, 0); |
9583bc14 EJ |
3844 | } |
3845 | ||
3846 | /* Stop processing for current table. */ | |
3847 | return true; | |
3848 | } | |
3849 | } | |
3850 | ||
8bfd0fda | 3851 | static void |
097d4939 JR |
3852 | compose_set_mpls_label_action(struct xlate_ctx *ctx, ovs_be32 label) |
3853 | { | |
8bfd0fda | 3854 | if (eth_type_mpls(ctx->xin->flow.dl_type)) { |
49a73e0c | 3855 | ctx->wc->masks.mpls_lse[0] |= htonl(MPLS_LABEL_MASK); |
8bfd0fda | 3856 | set_mpls_lse_label(&ctx->xin->flow.mpls_lse[0], label); |
097d4939 | 3857 | } |
097d4939 JR |
3858 | } |
3859 | ||
8bfd0fda | 3860 | static void |
097d4939 JR |
3861 | compose_set_mpls_tc_action(struct xlate_ctx *ctx, uint8_t tc) |
3862 | { | |
8bfd0fda | 3863 | if (eth_type_mpls(ctx->xin->flow.dl_type)) { |
49a73e0c | 3864 | ctx->wc->masks.mpls_lse[0] |= htonl(MPLS_TC_MASK); |
8bfd0fda | 3865 | set_mpls_lse_tc(&ctx->xin->flow.mpls_lse[0], tc); |
097d4939 | 3866 | } |
097d4939 JR |
3867 | } |
3868 | ||
8bfd0fda | 3869 | static void |
9cfef3d0 | 3870 | compose_set_mpls_ttl_action(struct xlate_ctx *ctx, uint8_t ttl) |
9583bc14 | 3871 | { |
8bfd0fda | 3872 | if (eth_type_mpls(ctx->xin->flow.dl_type)) { |
49a73e0c | 3873 | ctx->wc->masks.mpls_lse[0] |= htonl(MPLS_TTL_MASK); |
8bfd0fda | 3874 | set_mpls_lse_ttl(&ctx->xin->flow.mpls_lse[0], ttl); |
b0a17866 | 3875 | } |
9583bc14 EJ |
3876 | } |
3877 | ||
3878 | static bool | |
9cfef3d0 | 3879 | compose_dec_mpls_ttl_action(struct xlate_ctx *ctx) |
9583bc14 | 3880 | { |
33bf9176 | 3881 | struct flow *flow = &ctx->xin->flow; |
1dd35f8a | 3882 | |
8bfd0fda | 3883 | if (eth_type_mpls(flow->dl_type)) { |
22d38fca JR |
3884 | uint8_t ttl = mpls_lse_to_ttl(flow->mpls_lse[0]); |
3885 | ||
49a73e0c | 3886 | ctx->wc->masks.mpls_lse[0] |= htonl(MPLS_TTL_MASK); |
8bfd0fda BP |
3887 | if (ttl > 1) { |
3888 | ttl--; | |
3889 | set_mpls_lse_ttl(&flow->mpls_lse[0], ttl); | |
3890 | return false; | |
3891 | } else { | |
bdcad671 BP |
3892 | execute_controller_action(ctx, UINT16_MAX, OFPR_INVALID_TTL, 0, |
3893 | NULL, 0); | |
8bfd0fda | 3894 | } |
9583bc14 | 3895 | } |
22d38fca JR |
3896 | |
3897 | /* Stop processing for current table. */ | |
3898 | return true; | |
9583bc14 EJ |
3899 | } |
3900 | ||
3901 | static void | |
3902 | xlate_output_action(struct xlate_ctx *ctx, | |
4e022ec0 | 3903 | ofp_port_t port, uint16_t max_len, bool may_packet_in) |
9583bc14 | 3904 | { |
2031ef97 | 3905 | ofp_port_t prev_nf_output_iface = ctx->nf_output_iface; |
9583bc14 | 3906 | |
2031ef97 | 3907 | ctx->nf_output_iface = NF_OUT_DROP; |
9583bc14 EJ |
3908 | |
3909 | switch (port) { | |
3910 | case OFPP_IN_PORT: | |
e93ef1c7 | 3911 | compose_output_action(ctx, ctx->xin->flow.in_port.ofp_port, NULL); |
9583bc14 EJ |
3912 | break; |
3913 | case OFPP_TABLE: | |
4e022ec0 | 3914 | xlate_table_action(ctx, ctx->xin->flow.in_port.ofp_port, |
6d328fa2 | 3915 | 0, may_packet_in, true); |
9583bc14 EJ |
3916 | break; |
3917 | case OFPP_NORMAL: | |
3918 | xlate_normal(ctx); | |
3919 | break; | |
3920 | case OFPP_FLOOD: | |
3921 | flood_packets(ctx, false); | |
3922 | break; | |
3923 | case OFPP_ALL: | |
3924 | flood_packets(ctx, true); | |
3925 | break; | |
3926 | case OFPP_CONTROLLER: | |
3a11fd5b | 3927 | execute_controller_action(ctx, max_len, |
029ca940 SS |
3928 | (ctx->in_group ? OFPR_GROUP |
3929 | : ctx->in_action_set ? OFPR_ACTION_SET | |
3930 | : OFPR_ACTION), | |
bdcad671 | 3931 | 0, NULL, 0); |
9583bc14 EJ |
3932 | break; |
3933 | case OFPP_NONE: | |
3934 | break; | |
3935 | case OFPP_LOCAL: | |
3936 | default: | |
4e022ec0 | 3937 | if (port != ctx->xin->flow.in_port.ofp_port) { |
e93ef1c7 | 3938 | compose_output_action(ctx, port, NULL); |
9583bc14 EJ |
3939 | } else { |
3940 | xlate_report(ctx, "skipping output to input port"); | |
3941 | } | |
3942 | break; | |
3943 | } | |
3944 | ||
3945 | if (prev_nf_output_iface == NF_OUT_FLOOD) { | |
2031ef97 BP |
3946 | ctx->nf_output_iface = NF_OUT_FLOOD; |
3947 | } else if (ctx->nf_output_iface == NF_OUT_DROP) { | |
3948 | ctx->nf_output_iface = prev_nf_output_iface; | |
9583bc14 | 3949 | } else if (prev_nf_output_iface != NF_OUT_DROP && |
2031ef97 BP |
3950 | ctx->nf_output_iface != NF_OUT_FLOOD) { |
3951 | ctx->nf_output_iface = NF_OUT_MULTI; | |
9583bc14 EJ |
3952 | } |
3953 | } | |
3954 | ||
3955 | static void | |
3956 | xlate_output_reg_action(struct xlate_ctx *ctx, | |
3957 | const struct ofpact_output_reg *or) | |
3958 | { | |
3959 | uint64_t port = mf_get_subfield(&or->src, &ctx->xin->flow); | |
3960 | if (port <= UINT16_MAX) { | |
3961 | union mf_subvalue value; | |
3962 | ||
3963 | memset(&value, 0xff, sizeof value); | |
49a73e0c | 3964 | mf_write_subfield_flow(&or->src, &value, &ctx->wc->masks); |
4e022ec0 AW |
3965 | xlate_output_action(ctx, u16_to_ofp(port), |
3966 | or->max_len, false); | |
9583bc14 EJ |
3967 | } |
3968 | } | |
3969 | ||
aaca4fe0 WT |
3970 | static void |
3971 | xlate_output_trunc_action(struct xlate_ctx *ctx, | |
3972 | ofp_port_t port, uint32_t max_len) | |
3973 | { | |
3974 | bool support_trunc = ctx->xbridge->support.trunc; | |
3975 | struct ovs_action_trunc *trunc; | |
3976 | char name[OFP_MAX_PORT_NAME_LEN]; | |
3977 | ||
3978 | switch (port) { | |
3979 | case OFPP_TABLE: | |
3980 | case OFPP_NORMAL: | |
3981 | case OFPP_FLOOD: | |
3982 | case OFPP_ALL: | |
3983 | case OFPP_CONTROLLER: | |
3984 | case OFPP_NONE: | |
3985 | ofputil_port_to_string(port, name, sizeof name); | |
3986 | xlate_report(ctx, "output_trunc does not support port: %s", name); | |
3987 | break; | |
3988 | case OFPP_LOCAL: | |
3989 | case OFPP_IN_PORT: | |
3990 | default: | |
3991 | if (port != ctx->xin->flow.in_port.ofp_port) { | |
3992 | const struct xport *xport = get_ofp_port(ctx->xbridge, port); | |
3993 | ||
3994 | if (xport == NULL || xport->odp_port == ODPP_NONE) { | |
3995 | /* Since truncate happens at its following output action, if | |
3996 | * the output port is a patch port, the behavior is somehow | |
3997 | * unpredicable. For simpilicity, disallow this case. */ | |
3998 | ofputil_port_to_string(port, name, sizeof name); | |
3999 | XLATE_REPORT_ERROR(ctx, "bridge %s: " | |
4000 | "output_trunc does not support port: %s", | |
4001 | ctx->xbridge->name, name); | |
4002 | break; | |
4003 | } | |
4004 | ||
4005 | trunc = nl_msg_put_unspec_uninit(ctx->odp_actions, | |
4006 | OVS_ACTION_ATTR_TRUNC, | |
4007 | sizeof *trunc); | |
4008 | trunc->max_len = max_len; | |
4009 | xlate_output_action(ctx, port, max_len, false); | |
4010 | if (!support_trunc) { | |
4011 | ctx->xout->slow |= SLOW_ACTION; | |
4012 | } | |
4013 | } else { | |
4014 | xlate_report(ctx, "skipping output to input port"); | |
4015 | } | |
4016 | break; | |
4017 | } | |
4018 | } | |
4019 | ||
9583bc14 EJ |
4020 | static void |
4021 | xlate_enqueue_action(struct xlate_ctx *ctx, | |
4022 | const struct ofpact_enqueue *enqueue) | |
4023 | { | |
4e022ec0 | 4024 | ofp_port_t ofp_port = enqueue->port; |
9583bc14 EJ |
4025 | uint32_t queue_id = enqueue->queue; |
4026 | uint32_t flow_priority, priority; | |
4027 | int error; | |
4028 | ||
4029 | /* Translate queue to priority. */ | |
89a8a7f0 | 4030 | error = dpif_queue_to_priority(ctx->xbridge->dpif, queue_id, &priority); |
9583bc14 EJ |
4031 | if (error) { |
4032 | /* Fall back to ordinary output action. */ | |
4033 | xlate_output_action(ctx, enqueue->port, 0, false); | |
4034 | return; | |
4035 | } | |
4036 | ||
4037 | /* Check output port. */ | |
4038 | if (ofp_port == OFPP_IN_PORT) { | |
4e022ec0 AW |
4039 | ofp_port = ctx->xin->flow.in_port.ofp_port; |
4040 | } else if (ofp_port == ctx->xin->flow.in_port.ofp_port) { | |
9583bc14 EJ |
4041 | return; |
4042 | } | |
4043 | ||
4044 | /* Add datapath actions. */ | |
4045 | flow_priority = ctx->xin->flow.skb_priority; | |
4046 | ctx->xin->flow.skb_priority = priority; | |
e93ef1c7 | 4047 | compose_output_action(ctx, ofp_port, NULL); |
9583bc14 EJ |
4048 | ctx->xin->flow.skb_priority = flow_priority; |
4049 | ||
4050 | /* Update NetFlow output port. */ | |
2031ef97 BP |
4051 | if (ctx->nf_output_iface == NF_OUT_DROP) { |
4052 | ctx->nf_output_iface = ofp_port; | |
4053 | } else if (ctx->nf_output_iface != NF_OUT_FLOOD) { | |
4054 | ctx->nf_output_iface = NF_OUT_MULTI; | |
9583bc14 EJ |
4055 | } |
4056 | } | |
4057 | ||
4058 | static void | |
4059 | xlate_set_queue_action(struct xlate_ctx *ctx, uint32_t queue_id) | |
4060 | { | |
4061 | uint32_t skb_priority; | |
4062 | ||
89a8a7f0 | 4063 | if (!dpif_queue_to_priority(ctx->xbridge->dpif, queue_id, &skb_priority)) { |
9583bc14 EJ |
4064 | ctx->xin->flow.skb_priority = skb_priority; |
4065 | } else { | |
4066 | /* Couldn't translate queue to a priority. Nothing to do. A warning | |
4067 | * has already been logged. */ | |
4068 | } | |
4069 | } | |
4070 | ||
4071 | static bool | |
46c88433 | 4072 | slave_enabled_cb(ofp_port_t ofp_port, void *xbridge_) |
9583bc14 | 4073 | { |
46c88433 EJ |
4074 | const struct xbridge *xbridge = xbridge_; |
4075 | struct xport *port; | |
9583bc14 EJ |
4076 | |
4077 | switch (ofp_port) { | |
4078 | case OFPP_IN_PORT: | |
4079 | case OFPP_TABLE: | |
4080 | case OFPP_NORMAL: | |
4081 | case OFPP_FLOOD: | |
4082 | case OFPP_ALL: | |
4083 | case OFPP_NONE: | |
4084 | return true; | |
4085 | case OFPP_CONTROLLER: /* Not supported by the bundle action. */ | |
4086 | return false; | |
4087 | default: | |
46c88433 | 4088 | port = get_ofp_port(xbridge, ofp_port); |
9583bc14 EJ |
4089 | return port ? port->may_enable : false; |
4090 | } | |
4091 | } | |
4092 | ||
4093 | static void | |
4094 | xlate_bundle_action(struct xlate_ctx *ctx, | |
4095 | const struct ofpact_bundle *bundle) | |
4096 | { | |
4e022ec0 | 4097 | ofp_port_t port; |
9583bc14 | 4098 | |
49a73e0c | 4099 | port = bundle_execute(bundle, &ctx->xin->flow, ctx->wc, slave_enabled_cb, |
46c88433 | 4100 | CONST_CAST(struct xbridge *, ctx->xbridge)); |
9583bc14 | 4101 | if (bundle->dst.field) { |
49a73e0c | 4102 | nxm_reg_load(&bundle->dst, ofp_to_u16(port), &ctx->xin->flow, ctx->wc); |
9583bc14 EJ |
4103 | } else { |
4104 | xlate_output_action(ctx, port, 0, false); | |
4105 | } | |
4106 | } | |
4107 | ||
4165b5e0 JS |
4108 | static void |
4109 | xlate_learn_action(struct xlate_ctx *ctx, const struct ofpact_learn *learn) | |
4110 | { | |
49a73e0c | 4111 | learn_mask(learn, ctx->wc); |
9583bc14 | 4112 | |
df70a773 | 4113 | if (ctx->xin->xcache || ctx->xin->allow_side_effects) { |
4165b5e0 JS |
4114 | uint64_t ofpacts_stub[1024 / 8]; |
4115 | struct ofputil_flow_mod fm; | |
2c7ee524 | 4116 | struct ofproto_flow_mod ofm__, *ofm; |
4165b5e0 | 4117 | struct ofpbuf ofpacts; |
2c7ee524 JR |
4118 | enum ofperr error; |
4119 | ||
4120 | if (ctx->xin->xcache) { | |
4121 | struct xc_entry *entry; | |
4122 | ||
4123 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_LEARN); | |
4124 | entry->learn.ofm = xmalloc(sizeof *entry->learn.ofm); | |
4125 | ofm = entry->learn.ofm; | |
4126 | } else { | |
4127 | ofm = &ofm__; | |
4128 | } | |
4165b5e0 JS |
4129 | |
4130 | ofpbuf_use_stub(&ofpacts, ofpacts_stub, sizeof ofpacts_stub); | |
2c7ee524 JR |
4131 | learn_execute(learn, &ctx->xin->flow, &fm, &ofpacts); |
4132 | error = ofproto_dpif_flow_mod_init_for_learn(ctx->xbridge->ofproto, | |
4133 | &fm, ofm); | |
4165b5e0 | 4134 | ofpbuf_uninit(&ofpacts); |
2c7ee524 | 4135 | |
df70a773 | 4136 | if (!error && ctx->xin->allow_side_effects) { |
2c7ee524 JR |
4137 | error = ofproto_flow_mod_learn(ofm, ctx->xin->xcache != NULL); |
4138 | } | |
4139 | ||
4140 | if (error) { | |
4141 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
4142 | VLOG_WARN_RL(&rl, "%s: LEARN action execution failed (%s).", | |
4143 | ctx->xbridge->name, ofperr_to_string(error)); | |
4144 | } | |
b256dc52 JS |
4145 | } |
4146 | } | |
4147 | ||
4148 | static void | |
4149 | xlate_fin_timeout__(struct rule_dpif *rule, uint16_t tcp_flags, | |
4150 | uint16_t idle_timeout, uint16_t hard_timeout) | |
4151 | { | |
4152 | if (tcp_flags & (TCP_FIN | TCP_RST)) { | |
4153 | rule_dpif_reduce_timeouts(rule, idle_timeout, hard_timeout); | |
4154 | } | |
9583bc14 EJ |
4155 | } |
4156 | ||
9583bc14 EJ |
4157 | static void |
4158 | xlate_fin_timeout(struct xlate_ctx *ctx, | |
4159 | const struct ofpact_fin_timeout *oft) | |
4160 | { | |
b256dc52 | 4161 | if (ctx->rule) { |
df70a773 JR |
4162 | if (ctx->xin->allow_side_effects) { |
4163 | xlate_fin_timeout__(ctx->rule, ctx->xin->tcp_flags, | |
4164 | oft->fin_idle_timeout, oft->fin_hard_timeout); | |
4165 | } | |
b256dc52 JS |
4166 | if (ctx->xin->xcache) { |
4167 | struct xc_entry *entry; | |
4168 | ||
4169 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_FIN_TIMEOUT); | |
83709dfa JR |
4170 | /* XC_RULE already holds a reference on the rule, none is taken |
4171 | * here. */ | |
901a517e JR |
4172 | entry->fin.rule = ctx->rule; |
4173 | entry->fin.idle = oft->fin_idle_timeout; | |
4174 | entry->fin.hard = oft->fin_hard_timeout; | |
b256dc52 | 4175 | } |
9583bc14 EJ |
4176 | } |
4177 | } | |
4178 | ||
4179 | static void | |
4180 | xlate_sample_action(struct xlate_ctx *ctx, | |
4181 | const struct ofpact_sample *os) | |
4182 | { | |
f69f713b BY |
4183 | odp_port_t output_odp_port = ODPP_NONE; |
4184 | odp_port_t tunnel_out_port = ODPP_NONE; | |
4185 | struct dpif_ipfix *ipfix = ctx->xbridge->ipfix; | |
4186 | bool emit_set_tunnel = false; | |
4187 | ||
4188 | if (!ipfix || ctx->xin->flow.in_port.ofp_port == OFPP_NONE) { | |
4189 | return; | |
4190 | } | |
4191 | ||
e824d78d JR |
4192 | /* Scale the probability from 16-bit to 32-bit while representing |
4193 | * the same percentage. */ | |
4194 | uint32_t probability = (os->probability << 16) | os->probability; | |
4195 | ||
b440dd8c | 4196 | if (!ctx->xbridge->support.variable_length_userdata) { |
e824d78d JR |
4197 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1); |
4198 | ||
4199 | VLOG_ERR_RL(&rl, "ignoring NXAST_SAMPLE action because datapath " | |
4200 | "lacks support (needs Linux 3.10+ or kernel module from " | |
4201 | "OVS 1.11+)"); | |
4202 | return; | |
4203 | } | |
4204 | ||
f69f713b BY |
4205 | /* If ofp_port in flow sample action is equel to ofp_port, |
4206 | * this sample action is a input port action. */ | |
4207 | if (os->sampling_port != OFPP_NONE && | |
4208 | os->sampling_port != ctx->xin->flow.in_port.ofp_port) { | |
4209 | output_odp_port = ofp_port_to_odp_port(ctx->xbridge, | |
4210 | os->sampling_port); | |
4211 | if (output_odp_port == ODPP_NONE) { | |
4212 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1); | |
4213 | VLOG_WARN_RL(&rl, "can't use unknown port %d in flow sample " | |
4214 | "action", os->sampling_port); | |
4215 | return; | |
4216 | } | |
4217 | ||
4218 | if (dpif_ipfix_get_flow_exporter_tunnel_sampling(ipfix, | |
4219 | os->collector_set_id) | |
4220 | && dpif_ipfix_get_tunnel_port(ipfix, output_odp_port)) { | |
4221 | tunnel_out_port = output_odp_port; | |
4222 | emit_set_tunnel = true; | |
4223 | } | |
4224 | } | |
4225 | ||
4226 | xlate_commit_actions(ctx); | |
4227 | /* If 'emit_set_tunnel', sample(sampling_port=1) would translate | |
4228 | * into datapath sample action set(tunnel(...)), sample(...) and | |
4229 | * it is used for sampling egress tunnel information. */ | |
4230 | if (emit_set_tunnel) { | |
4231 | const struct xport *xport = get_ofp_port(ctx->xbridge, | |
4232 | os->sampling_port); | |
4233 | ||
4234 | if (xport && xport->is_tunnel) { | |
4235 | struct flow *flow = &ctx->xin->flow; | |
4236 | tnl_port_send(xport->ofport, flow, ctx->wc); | |
4237 | if (!ovs_native_tunneling_is_on(ctx->xbridge->ofproto)) { | |
4238 | struct flow_tnl flow_tnl = flow->tunnel; | |
4239 | ||
4240 | commit_odp_tunnel_action(flow, &ctx->base_flow, | |
4241 | ctx->odp_actions); | |
4242 | flow->tunnel = flow_tnl; | |
4243 | } | |
4244 | } else { | |
4245 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1); | |
4246 | VLOG_WARN_RL(&rl, "sampling_port:%d should be a tunnel port.", | |
4247 | os->sampling_port); | |
4248 | } | |
4249 | } | |
e824d78d | 4250 | |
a6092018 BP |
4251 | union user_action_cookie cookie = { |
4252 | .flow_sample = { | |
4253 | .type = USER_ACTION_COOKIE_FLOW_SAMPLE, | |
4254 | .probability = os->probability, | |
4255 | .collector_set_id = os->collector_set_id, | |
4256 | .obs_domain_id = os->obs_domain_id, | |
4257 | .obs_point_id = os->obs_point_id, | |
f69f713b | 4258 | .output_odp_port = output_odp_port, |
a6092018 BP |
4259 | } |
4260 | }; | |
4261 | compose_sample_action(ctx, probability, &cookie, sizeof cookie.flow_sample, | |
f69f713b | 4262 | tunnel_out_port, false); |
9583bc14 EJ |
4263 | } |
4264 | ||
4265 | static bool | |
46c88433 | 4266 | may_receive(const struct xport *xport, struct xlate_ctx *ctx) |
9583bc14 | 4267 | { |
bbbca389 | 4268 | if (xport->config & (is_stp(&ctx->xin->flow) |
46c88433 EJ |
4269 | ? OFPUTIL_PC_NO_RECV_STP |
4270 | : OFPUTIL_PC_NO_RECV)) { | |
9583bc14 EJ |
4271 | return false; |
4272 | } | |
4273 | ||
4274 | /* Only drop packets here if both forwarding and learning are | |
4275 | * disabled. If just learning is enabled, we need to have | |
4276 | * OFPP_NORMAL and the learning action have a look at the packet | |
4277 | * before we can drop it. */ | |
9efd308e DV |
4278 | if ((!xport_stp_forward_state(xport) && !xport_stp_learn_state(xport)) || |
4279 | (!xport_rstp_forward_state(xport) && !xport_rstp_learn_state(xport))) { | |
9583bc14 EJ |
4280 | return false; |
4281 | } | |
4282 | ||
4283 | return true; | |
4284 | } | |
4285 | ||
7fdb60a7 | 4286 | static void |
7e7e8dbb BP |
4287 | xlate_write_actions__(struct xlate_ctx *ctx, |
4288 | const struct ofpact *ofpacts, size_t ofpacts_len) | |
7fdb60a7 | 4289 | { |
c61f3870 BP |
4290 | /* Maintain actset_output depending on the contents of the action set: |
4291 | * | |
4292 | * - OFPP_UNSET, if there is no "output" action. | |
4293 | * | |
4294 | * - The output port, if there is an "output" action and no "group" | |
4295 | * action. | |
4296 | * | |
4297 | * - OFPP_UNSET, if there is a "group" action. | |
4298 | */ | |
4299 | if (!ctx->action_set_has_group) { | |
7e7e8dbb BP |
4300 | const struct ofpact *a; |
4301 | OFPACT_FOR_EACH (a, ofpacts, ofpacts_len) { | |
4302 | if (a->type == OFPACT_OUTPUT) { | |
4303 | ctx->xin->flow.actset_output = ofpact_get_OUTPUT(a)->port; | |
4304 | } else if (a->type == OFPACT_GROUP) { | |
c61f3870 BP |
4305 | ctx->xin->flow.actset_output = OFPP_UNSET; |
4306 | ctx->action_set_has_group = true; | |
9055ca9a | 4307 | break; |
c61f3870 BP |
4308 | } |
4309 | } | |
4310 | } | |
4311 | ||
7e7e8dbb BP |
4312 | ofpbuf_put(&ctx->action_set, ofpacts, ofpacts_len); |
4313 | } | |
4314 | ||
4315 | static void | |
4316 | xlate_write_actions(struct xlate_ctx *ctx, const struct ofpact_nest *a) | |
4317 | { | |
4318 | xlate_write_actions__(ctx, a->actions, ofpact_nest_get_action_len(a)); | |
7fdb60a7 SH |
4319 | } |
4320 | ||
4321 | static void | |
4322 | xlate_action_set(struct xlate_ctx *ctx) | |
4323 | { | |
4324 | uint64_t action_list_stub[1024 / 64]; | |
4325 | struct ofpbuf action_list; | |
4326 | ||
029ca940 | 4327 | ctx->in_action_set = true; |
7fdb60a7 SH |
4328 | ofpbuf_use_stub(&action_list, action_list_stub, sizeof action_list_stub); |
4329 | ofpacts_execute_action_set(&action_list, &ctx->action_set); | |
ed9c9e3e JR |
4330 | /* Clear the action set, as it is not needed any more. */ |
4331 | ofpbuf_clear(&ctx->action_set); | |
6fd6ed71 | 4332 | do_xlate_actions(action_list.data, action_list.size, ctx); |
029ca940 | 4333 | ctx->in_action_set = false; |
7fdb60a7 SH |
4334 | ofpbuf_uninit(&action_list); |
4335 | } | |
4336 | ||
e672ff9b | 4337 | static void |
1d361a81 | 4338 | freeze_put_unroll_xlate(struct xlate_ctx *ctx) |
e672ff9b | 4339 | { |
1d361a81 | 4340 | struct ofpact_unroll_xlate *unroll = ctx->frozen_actions.header; |
e672ff9b JR |
4341 | |
4342 | /* Restore the table_id and rule cookie for a potential PACKET | |
4343 | * IN if needed. */ | |
4344 | if (!unroll || | |
4345 | (ctx->table_id != unroll->rule_table_id | |
4346 | || ctx->rule_cookie != unroll->rule_cookie)) { | |
1d361a81 | 4347 | unroll = ofpact_put_UNROLL_XLATE(&ctx->frozen_actions); |
e672ff9b JR |
4348 | unroll->rule_table_id = ctx->table_id; |
4349 | unroll->rule_cookie = ctx->rule_cookie; | |
1d361a81 | 4350 | ctx->frozen_actions.header = unroll; |
e672ff9b JR |
4351 | } |
4352 | } | |
4353 | ||
4354 | ||
1d361a81 BP |
4355 | /* Copy actions 'a' through 'end' to ctx->frozen_actions, which will be |
4356 | * executed after thawing. Inserts an UNROLL_XLATE action, if none is already | |
4357 | * present, before any action that may depend on the current table ID or flow | |
4358 | * cookie. */ | |
e672ff9b | 4359 | static void |
1d361a81 | 4360 | freeze_unroll_actions(const struct ofpact *a, const struct ofpact *end, |
e672ff9b JR |
4361 | struct xlate_ctx *ctx) |
4362 | { | |
c2b283b7 | 4363 | for (; a < end; a = ofpact_next(a)) { |
e672ff9b | 4364 | switch (a->type) { |
e672ff9b | 4365 | case OFPACT_OUTPUT_REG: |
aaca4fe0 | 4366 | case OFPACT_OUTPUT_TRUNC: |
e672ff9b JR |
4367 | case OFPACT_GROUP: |
4368 | case OFPACT_OUTPUT: | |
4369 | case OFPACT_CONTROLLER: | |
4370 | case OFPACT_DEC_MPLS_TTL: | |
4371 | case OFPACT_DEC_TTL: | |
83a31283 BP |
4372 | /* These actions may generate asynchronous messages, which include |
4373 | * table ID and flow cookie information. */ | |
1d361a81 | 4374 | freeze_put_unroll_xlate(ctx); |
e672ff9b JR |
4375 | break; |
4376 | ||
83a31283 BP |
4377 | case OFPACT_RESUBMIT: |
4378 | if (ofpact_get_RESUBMIT(a)->table_id == 0xff) { | |
4379 | /* This resubmit action is relative to the current table, so we | |
4380 | * need to track what table that is.*/ | |
1d361a81 | 4381 | freeze_put_unroll_xlate(ctx); |
83a31283 BP |
4382 | } |
4383 | break; | |
4384 | ||
e672ff9b JR |
4385 | case OFPACT_SET_TUNNEL: |
4386 | case OFPACT_REG_MOVE: | |
4387 | case OFPACT_SET_FIELD: | |
4388 | case OFPACT_STACK_PUSH: | |
4389 | case OFPACT_STACK_POP: | |
4390 | case OFPACT_LEARN: | |
4391 | case OFPACT_WRITE_METADATA: | |
83a31283 | 4392 | case OFPACT_GOTO_TABLE: |
e672ff9b JR |
4393 | case OFPACT_ENQUEUE: |
4394 | case OFPACT_SET_VLAN_VID: | |
4395 | case OFPACT_SET_VLAN_PCP: | |
4396 | case OFPACT_STRIP_VLAN: | |
4397 | case OFPACT_PUSH_VLAN: | |
4398 | case OFPACT_SET_ETH_SRC: | |
4399 | case OFPACT_SET_ETH_DST: | |
4400 | case OFPACT_SET_IPV4_SRC: | |
4401 | case OFPACT_SET_IPV4_DST: | |
4402 | case OFPACT_SET_IP_DSCP: | |
4403 | case OFPACT_SET_IP_ECN: | |
4404 | case OFPACT_SET_IP_TTL: | |
4405 | case OFPACT_SET_L4_SRC_PORT: | |
4406 | case OFPACT_SET_L4_DST_PORT: | |
4407 | case OFPACT_SET_QUEUE: | |
4408 | case OFPACT_POP_QUEUE: | |
4409 | case OFPACT_PUSH_MPLS: | |
4410 | case OFPACT_POP_MPLS: | |
4411 | case OFPACT_SET_MPLS_LABEL: | |
4412 | case OFPACT_SET_MPLS_TC: | |
4413 | case OFPACT_SET_MPLS_TTL: | |
4414 | case OFPACT_MULTIPATH: | |
4415 | case OFPACT_BUNDLE: | |
4416 | case OFPACT_EXIT: | |
4417 | case OFPACT_UNROLL_XLATE: | |
4418 | case OFPACT_FIN_TIMEOUT: | |
4419 | case OFPACT_CLEAR_ACTIONS: | |
4420 | case OFPACT_WRITE_ACTIONS: | |
4421 | case OFPACT_METER: | |
4422 | case OFPACT_SAMPLE: | |
d4abaff5 | 4423 | case OFPACT_DEBUG_RECIRC: |
07659514 | 4424 | case OFPACT_CT: |
9ac0aada | 4425 | case OFPACT_NAT: |
83a31283 | 4426 | /* These may not generate PACKET INs. */ |
e672ff9b JR |
4427 | break; |
4428 | ||
e672ff9b JR |
4429 | case OFPACT_NOTE: |
4430 | case OFPACT_CONJUNCTION: | |
83a31283 | 4431 | /* These need not be copied for restoration. */ |
e672ff9b JR |
4432 | continue; |
4433 | } | |
4434 | /* Copy the action over. */ | |
1d361a81 | 4435 | ofpbuf_put(&ctx->frozen_actions, a, OFPACT_ALIGN(a->len)); |
e672ff9b JR |
4436 | } |
4437 | } | |
4438 | ||
8e53fe8c | 4439 | static void |
f2d105b5 JS |
4440 | put_ct_mark(const struct flow *flow, struct ofpbuf *odp_actions, |
4441 | struct flow_wildcards *wc) | |
8e53fe8c | 4442 | { |
2a754f4a JS |
4443 | if (wc->masks.ct_mark) { |
4444 | struct { | |
4445 | uint32_t key; | |
4446 | uint32_t mask; | |
4447 | } *odp_ct_mark; | |
4448 | ||
4449 | odp_ct_mark = nl_msg_put_unspec_uninit(odp_actions, OVS_CT_ATTR_MARK, | |
4450 | sizeof(*odp_ct_mark)); | |
4451 | odp_ct_mark->key = flow->ct_mark & wc->masks.ct_mark; | |
4452 | odp_ct_mark->mask = wc->masks.ct_mark; | |
8e53fe8c JS |
4453 | } |
4454 | } | |
4455 | ||
9daf2348 | 4456 | static void |
f2d105b5 JS |
4457 | put_ct_label(const struct flow *flow, struct ofpbuf *odp_actions, |
4458 | struct flow_wildcards *wc) | |
9daf2348 | 4459 | { |
2ff8484b | 4460 | if (!ovs_u128_is_zero(wc->masks.ct_label)) { |
9daf2348 JS |
4461 | struct { |
4462 | ovs_u128 key; | |
4463 | ovs_u128 mask; | |
4464 | } *odp_ct_label; | |
4465 | ||
4466 | odp_ct_label = nl_msg_put_unspec_uninit(odp_actions, | |
4467 | OVS_CT_ATTR_LABELS, | |
4468 | sizeof(*odp_ct_label)); | |
f2d105b5 | 4469 | odp_ct_label->key = ovs_u128_and(flow->ct_label, wc->masks.ct_label); |
9daf2348 JS |
4470 | odp_ct_label->mask = wc->masks.ct_label; |
4471 | } | |
4472 | } | |
4473 | ||
d787ad39 JS |
4474 | static void |
4475 | put_ct_helper(struct ofpbuf *odp_actions, struct ofpact_conntrack *ofc) | |
4476 | { | |
4477 | if (ofc->alg) { | |
4478 | if (ofc->alg == IPPORT_FTP) { | |
4479 | nl_msg_put_string(odp_actions, OVS_CT_ATTR_HELPER, "ftp"); | |
4480 | } else { | |
4481 | VLOG_WARN("Cannot serialize ct_helper %d\n", ofc->alg); | |
4482 | } | |
4483 | } | |
4484 | } | |
4485 | ||
9ac0aada JR |
4486 | static void |
4487 | put_ct_nat(struct xlate_ctx *ctx) | |
4488 | { | |
4489 | struct ofpact_nat *ofn = ctx->ct_nat_action; | |
4490 | size_t nat_offset; | |
4491 | ||
4492 | if (!ofn) { | |
4493 | return; | |
4494 | } | |
4495 | ||
4496 | nat_offset = nl_msg_start_nested(ctx->odp_actions, OVS_CT_ATTR_NAT); | |
4497 | if (ofn->flags & NX_NAT_F_SRC || ofn->flags & NX_NAT_F_DST) { | |
4498 | nl_msg_put_flag(ctx->odp_actions, ofn->flags & NX_NAT_F_SRC | |
4499 | ? OVS_NAT_ATTR_SRC : OVS_NAT_ATTR_DST); | |
4500 | if (ofn->flags & NX_NAT_F_PERSISTENT) { | |
4501 | nl_msg_put_flag(ctx->odp_actions, OVS_NAT_ATTR_PERSISTENT); | |
4502 | } | |
4503 | if (ofn->flags & NX_NAT_F_PROTO_HASH) { | |
4504 | nl_msg_put_flag(ctx->odp_actions, OVS_NAT_ATTR_PROTO_HASH); | |
4505 | } else if (ofn->flags & NX_NAT_F_PROTO_RANDOM) { | |
4506 | nl_msg_put_flag(ctx->odp_actions, OVS_NAT_ATTR_PROTO_RANDOM); | |
4507 | } | |
4508 | if (ofn->range_af == AF_INET) { | |
73e8bc23 | 4509 | nl_msg_put_be32(ctx->odp_actions, OVS_NAT_ATTR_IP_MIN, |
9ac0aada JR |
4510 | ofn->range.addr.ipv4.min); |
4511 | if (ofn->range.addr.ipv4.max && | |
73e8bc23 BP |
4512 | (ntohl(ofn->range.addr.ipv4.max) |
4513 | > ntohl(ofn->range.addr.ipv4.min))) { | |
4514 | nl_msg_put_be32(ctx->odp_actions, OVS_NAT_ATTR_IP_MAX, | |
4515 | ofn->range.addr.ipv4.max); | |
9ac0aada JR |
4516 | } |
4517 | } else if (ofn->range_af == AF_INET6) { | |
4518 | nl_msg_put_unspec(ctx->odp_actions, OVS_NAT_ATTR_IP_MIN, | |
4519 | &ofn->range.addr.ipv6.min, | |
4520 | sizeof ofn->range.addr.ipv6.min); | |
4521 | if (!ipv6_mask_is_any(&ofn->range.addr.ipv6.max) && | |
4522 | memcmp(&ofn->range.addr.ipv6.max, &ofn->range.addr.ipv6.min, | |
4523 | sizeof ofn->range.addr.ipv6.max) > 0) { | |
4524 | nl_msg_put_unspec(ctx->odp_actions, OVS_NAT_ATTR_IP_MAX, | |
4525 | &ofn->range.addr.ipv6.max, | |
4526 | sizeof ofn->range.addr.ipv6.max); | |
4527 | } | |
4528 | } | |
4529 | if (ofn->range_af != AF_UNSPEC && ofn->range.proto.min) { | |
4530 | nl_msg_put_u16(ctx->odp_actions, OVS_NAT_ATTR_PROTO_MIN, | |
4531 | ofn->range.proto.min); | |
4532 | if (ofn->range.proto.max && | |
4533 | ofn->range.proto.max > ofn->range.proto.min) { | |
4534 | nl_msg_put_u16(ctx->odp_actions, OVS_NAT_ATTR_PROTO_MAX, | |
4535 | ofn->range.proto.max); | |
4536 | } | |
4537 | } | |
4538 | } | |
4539 | nl_msg_end_nested(ctx->odp_actions, nat_offset); | |
4540 | } | |
4541 | ||
07659514 JS |
4542 | static void |
4543 | compose_conntrack_action(struct xlate_ctx *ctx, struct ofpact_conntrack *ofc) | |
4544 | { | |
9daf2348 | 4545 | ovs_u128 old_ct_label = ctx->base_flow.ct_label; |
f2d105b5 | 4546 | ovs_u128 old_ct_label_mask = ctx->wc->masks.ct_label; |
8e53fe8c | 4547 | uint32_t old_ct_mark = ctx->base_flow.ct_mark; |
f2d105b5 | 4548 | uint32_t old_ct_mark_mask = ctx->wc->masks.ct_mark; |
07659514 JS |
4549 | size_t ct_offset; |
4550 | uint16_t zone; | |
4551 | ||
4552 | /* Ensure that any prior actions are applied before composing the new | |
4553 | * conntrack action. */ | |
4554 | xlate_commit_actions(ctx); | |
4555 | ||
8e53fe8c | 4556 | /* Process nested actions first, to populate the key. */ |
9ac0aada | 4557 | ctx->ct_nat_action = NULL; |
f2d105b5 JS |
4558 | ctx->wc->masks.ct_mark = 0; |
4559 | ctx->wc->masks.ct_label.u64.hi = ctx->wc->masks.ct_label.u64.lo = 0; | |
8e53fe8c JS |
4560 | do_xlate_actions(ofc->actions, ofpact_ct_get_action_len(ofc), ctx); |
4561 | ||
07659514 JS |
4562 | if (ofc->zone_src.field) { |
4563 | zone = mf_get_subfield(&ofc->zone_src, &ctx->xin->flow); | |
4564 | } else { | |
4565 | zone = ofc->zone_imm; | |
4566 | } | |
4567 | ||
4568 | ct_offset = nl_msg_start_nested(ctx->odp_actions, OVS_ACTION_ATTR_CT); | |
4569 | if (ofc->flags & NX_CT_F_COMMIT) { | |
4570 | nl_msg_put_flag(ctx->odp_actions, OVS_CT_ATTR_COMMIT); | |
4571 | } | |
4572 | nl_msg_put_u16(ctx->odp_actions, OVS_CT_ATTR_ZONE, zone); | |
f2d105b5 JS |
4573 | put_ct_mark(&ctx->xin->flow, ctx->odp_actions, ctx->wc); |
4574 | put_ct_label(&ctx->xin->flow, ctx->odp_actions, ctx->wc); | |
d787ad39 | 4575 | put_ct_helper(ctx->odp_actions, ofc); |
9ac0aada JR |
4576 | put_ct_nat(ctx); |
4577 | ctx->ct_nat_action = NULL; | |
07659514 JS |
4578 | nl_msg_end_nested(ctx->odp_actions, ct_offset); |
4579 | ||
8e53fe8c JS |
4580 | /* Restore the original ct fields in the key. These should only be exposed |
4581 | * after recirculation to another table. */ | |
4582 | ctx->base_flow.ct_mark = old_ct_mark; | |
f2d105b5 | 4583 | ctx->wc->masks.ct_mark = old_ct_mark_mask; |
9daf2348 | 4584 | ctx->base_flow.ct_label = old_ct_label; |
f2d105b5 | 4585 | ctx->wc->masks.ct_label = old_ct_label_mask; |
8e53fe8c | 4586 | |
07659514 JS |
4587 | if (ofc->recirc_table == NX_CT_RECIRC_NONE) { |
4588 | /* If we do not recirculate as part of this action, hide the results of | |
4589 | * connection tracking from subsequent recirculations. */ | |
4590 | ctx->conntracked = false; | |
4591 | } else { | |
4592 | /* Use ct_* fields from datapath during recirculation upcall. */ | |
4593 | ctx->conntracked = true; | |
e37b8437 | 4594 | compose_recirculate_and_fork(ctx, ofc->recirc_table); |
07659514 JS |
4595 | } |
4596 | } | |
4597 | ||
e12ec36b SH |
4598 | static void |
4599 | recirc_for_mpls(const struct ofpact *a, struct xlate_ctx *ctx) | |
4600 | { | |
4601 | /* No need to recirculate if already exiting. */ | |
4602 | if (ctx->exit) { | |
4603 | return; | |
4604 | } | |
4605 | ||
4606 | /* Do not consider recirculating unless the packet was previously MPLS. */ | |
4607 | if (!ctx->was_mpls) { | |
4608 | return; | |
4609 | } | |
4610 | ||
4611 | /* Special case these actions, only recirculating if necessary. | |
4612 | * This avoids the overhead of recirculation in common use-cases. | |
4613 | */ | |
4614 | switch (a->type) { | |
4615 | ||
4616 | /* Output actions do not require recirculation. */ | |
4617 | case OFPACT_OUTPUT: | |
aaca4fe0 | 4618 | case OFPACT_OUTPUT_TRUNC: |
e12ec36b SH |
4619 | case OFPACT_ENQUEUE: |
4620 | case OFPACT_OUTPUT_REG: | |
4621 | /* Set actions that don't touch L3+ fields do not require recirculation. */ | |
4622 | case OFPACT_SET_VLAN_VID: | |
4623 | case OFPACT_SET_VLAN_PCP: | |
4624 | case OFPACT_SET_ETH_SRC: | |
4625 | case OFPACT_SET_ETH_DST: | |
4626 | case OFPACT_SET_TUNNEL: | |
4627 | case OFPACT_SET_QUEUE: | |
4628 | /* If actions of a group require recirculation that can be detected | |
4629 | * when translating them. */ | |
4630 | case OFPACT_GROUP: | |
4631 | return; | |
4632 | ||
4633 | /* Set field that don't touch L3+ fields don't require recirculation. */ | |
4634 | case OFPACT_SET_FIELD: | |
4635 | if (mf_is_l3_or_higher(ofpact_get_SET_FIELD(a)->field)) { | |
4636 | break; | |
4637 | } | |
4638 | return; | |
4639 | ||
4640 | /* For simplicity, recirculate in all other cases. */ | |
4641 | case OFPACT_CONTROLLER: | |
4642 | case OFPACT_BUNDLE: | |
4643 | case OFPACT_STRIP_VLAN: | |
4644 | case OFPACT_PUSH_VLAN: | |
4645 | case OFPACT_SET_IPV4_SRC: | |
4646 | case OFPACT_SET_IPV4_DST: | |
4647 | case OFPACT_SET_IP_DSCP: | |
4648 | case OFPACT_SET_IP_ECN: | |
4649 | case OFPACT_SET_IP_TTL: | |
4650 | case OFPACT_SET_L4_SRC_PORT: | |
4651 | case OFPACT_SET_L4_DST_PORT: | |
4652 | case OFPACT_REG_MOVE: | |
4653 | case OFPACT_STACK_PUSH: | |
4654 | case OFPACT_STACK_POP: | |
4655 | case OFPACT_DEC_TTL: | |
4656 | case OFPACT_SET_MPLS_LABEL: | |
4657 | case OFPACT_SET_MPLS_TC: | |
4658 | case OFPACT_SET_MPLS_TTL: | |
4659 | case OFPACT_DEC_MPLS_TTL: | |
4660 | case OFPACT_PUSH_MPLS: | |
4661 | case OFPACT_POP_MPLS: | |
4662 | case OFPACT_POP_QUEUE: | |
4663 | case OFPACT_FIN_TIMEOUT: | |
4664 | case OFPACT_RESUBMIT: | |
4665 | case OFPACT_LEARN: | |
4666 | case OFPACT_CONJUNCTION: | |
4667 | case OFPACT_MULTIPATH: | |
4668 | case OFPACT_NOTE: | |
4669 | case OFPACT_EXIT: | |
4670 | case OFPACT_SAMPLE: | |
4671 | case OFPACT_UNROLL_XLATE: | |
4672 | case OFPACT_CT: | |
4673 | case OFPACT_NAT: | |
4674 | case OFPACT_DEBUG_RECIRC: | |
4675 | case OFPACT_METER: | |
4676 | case OFPACT_CLEAR_ACTIONS: | |
4677 | case OFPACT_WRITE_ACTIONS: | |
4678 | case OFPACT_WRITE_METADATA: | |
4679 | case OFPACT_GOTO_TABLE: | |
4680 | default: | |
4681 | break; | |
4682 | } | |
4683 | ||
4684 | /* Recirculate */ | |
4685 | ctx_trigger_freeze(ctx); | |
4686 | } | |
4687 | ||
9583bc14 EJ |
4688 | static void |
4689 | do_xlate_actions(const struct ofpact *ofpacts, size_t ofpacts_len, | |
4690 | struct xlate_ctx *ctx) | |
4691 | { | |
49a73e0c | 4692 | struct flow_wildcards *wc = ctx->wc; |
33bf9176 | 4693 | struct flow *flow = &ctx->xin->flow; |
9583bc14 EJ |
4694 | const struct ofpact *a; |
4695 | ||
a36de779 | 4696 | if (ovs_native_tunneling_is_on(ctx->xbridge->ofproto)) { |
53902038 | 4697 | tnl_neigh_snoop(flow, wc, ctx->xbridge->name); |
a36de779 | 4698 | } |
f47ea021 JR |
4699 | /* dl_type already in the mask, not set below. */ |
4700 | ||
9583bc14 EJ |
4701 | OFPACT_FOR_EACH (a, ofpacts, ofpacts_len) { |
4702 | struct ofpact_controller *controller; | |
4703 | const struct ofpact_metadata *metadata; | |
b2dd70be JR |
4704 | const struct ofpact_set_field *set_field; |
4705 | const struct mf_field *mf; | |
9583bc14 | 4706 | |
fff1b9c0 JR |
4707 | if (ctx->error) { |
4708 | break; | |
4709 | } | |
4710 | ||
e12ec36b SH |
4711 | recirc_for_mpls(a, ctx); |
4712 | ||
e672ff9b JR |
4713 | if (ctx->exit) { |
4714 | /* Check if need to store the remaining actions for later | |
4715 | * execution. */ | |
1d361a81 BP |
4716 | if (ctx->freezing) { |
4717 | freeze_unroll_actions(a, ofpact_end(ofpacts, ofpacts_len), | |
e672ff9b JR |
4718 | ctx); |
4719 | } | |
4720 | break; | |
7bbdd84f SH |
4721 | } |
4722 | ||
9583bc14 EJ |
4723 | switch (a->type) { |
4724 | case OFPACT_OUTPUT: | |
4725 | xlate_output_action(ctx, ofpact_get_OUTPUT(a)->port, | |
4726 | ofpact_get_OUTPUT(a)->max_len, true); | |
4727 | break; | |
4728 | ||
7395c052 | 4729 | case OFPACT_GROUP: |
f4fb341b | 4730 | if (xlate_group_action(ctx, ofpact_get_GROUP(a)->group_id)) { |
1d741d6d | 4731 | /* Group could not be found. */ |
db88b35c JR |
4732 | |
4733 | /* XXX: Terminates action list translation, but does not | |
4734 | * terminate the pipeline. */ | |
f4fb341b SH |
4735 | return; |
4736 | } | |
7395c052 NZ |
4737 | break; |
4738 | ||
9583bc14 EJ |
4739 | case OFPACT_CONTROLLER: |
4740 | controller = ofpact_get_CONTROLLER(a); | |
77ab5fd2 BP |
4741 | if (controller->pause) { |
4742 | ctx->pause = controller; | |
4743 | ctx->xout->slow |= SLOW_CONTROLLER; | |
4744 | ctx_trigger_freeze(ctx); | |
4745 | a = ofpact_next(a); | |
4746 | } else { | |
4747 | execute_controller_action(ctx, controller->max_len, | |
4748 | controller->reason, | |
4749 | controller->controller_id, | |
4750 | controller->userdata, | |
4751 | controller->userdata_len); | |
4752 | } | |
9583bc14 EJ |
4753 | break; |
4754 | ||
4755 | case OFPACT_ENQUEUE: | |
16194afd DDP |
4756 | memset(&wc->masks.skb_priority, 0xff, |
4757 | sizeof wc->masks.skb_priority); | |
9583bc14 EJ |
4758 | xlate_enqueue_action(ctx, ofpact_get_ENQUEUE(a)); |
4759 | break; | |
4760 | ||
4761 | case OFPACT_SET_VLAN_VID: | |
f74e7df7 | 4762 | wc->masks.vlan_tci |= htons(VLAN_VID_MASK | VLAN_CFI); |
ca287d20 JR |
4763 | if (flow->vlan_tci & htons(VLAN_CFI) || |
4764 | ofpact_get_SET_VLAN_VID(a)->push_vlan_if_needed) { | |
4765 | flow->vlan_tci &= ~htons(VLAN_VID_MASK); | |
4766 | flow->vlan_tci |= (htons(ofpact_get_SET_VLAN_VID(a)->vlan_vid) | |
4767 | | htons(VLAN_CFI)); | |
4768 | } | |
9583bc14 EJ |
4769 | break; |
4770 | ||
4771 | case OFPACT_SET_VLAN_PCP: | |
f74e7df7 | 4772 | wc->masks.vlan_tci |= htons(VLAN_PCP_MASK | VLAN_CFI); |
ca287d20 JR |
4773 | if (flow->vlan_tci & htons(VLAN_CFI) || |
4774 | ofpact_get_SET_VLAN_PCP(a)->push_vlan_if_needed) { | |
4775 | flow->vlan_tci &= ~htons(VLAN_PCP_MASK); | |
4776 | flow->vlan_tci |= htons((ofpact_get_SET_VLAN_PCP(a)->vlan_pcp | |
4777 | << VLAN_PCP_SHIFT) | VLAN_CFI); | |
4778 | } | |
9583bc14 EJ |
4779 | break; |
4780 | ||
4781 | case OFPACT_STRIP_VLAN: | |
f74e7df7 | 4782 | memset(&wc->masks.vlan_tci, 0xff, sizeof wc->masks.vlan_tci); |
33bf9176 | 4783 | flow->vlan_tci = htons(0); |
9583bc14 EJ |
4784 | break; |
4785 | ||
4786 | case OFPACT_PUSH_VLAN: | |
4787 | /* XXX 802.1AD(QinQ) */ | |
f74e7df7 | 4788 | memset(&wc->masks.vlan_tci, 0xff, sizeof wc->masks.vlan_tci); |
33bf9176 | 4789 | flow->vlan_tci = htons(VLAN_CFI); |
9583bc14 EJ |
4790 | break; |
4791 | ||
4792 | case OFPACT_SET_ETH_SRC: | |
74ff3298 JR |
4793 | WC_MASK_FIELD(wc, dl_src); |
4794 | flow->dl_src = ofpact_get_SET_ETH_SRC(a)->mac; | |
9583bc14 EJ |
4795 | break; |
4796 | ||
4797 | case OFPACT_SET_ETH_DST: | |
74ff3298 JR |
4798 | WC_MASK_FIELD(wc, dl_dst); |
4799 | flow->dl_dst = ofpact_get_SET_ETH_DST(a)->mac; | |
9583bc14 EJ |
4800 | break; |
4801 | ||
4802 | case OFPACT_SET_IPV4_SRC: | |
33bf9176 | 4803 | if (flow->dl_type == htons(ETH_TYPE_IP)) { |
f47ea021 | 4804 | memset(&wc->masks.nw_src, 0xff, sizeof wc->masks.nw_src); |
33bf9176 | 4805 | flow->nw_src = ofpact_get_SET_IPV4_SRC(a)->ipv4; |
9583bc14 EJ |
4806 | } |
4807 | break; | |
4808 | ||
4809 | case OFPACT_SET_IPV4_DST: | |
33bf9176 | 4810 | if (flow->dl_type == htons(ETH_TYPE_IP)) { |
f47ea021 | 4811 | memset(&wc->masks.nw_dst, 0xff, sizeof wc->masks.nw_dst); |
33bf9176 | 4812 | flow->nw_dst = ofpact_get_SET_IPV4_DST(a)->ipv4; |
9583bc14 EJ |
4813 | } |
4814 | break; | |
4815 | ||
04f01c24 BP |
4816 | case OFPACT_SET_IP_DSCP: |
4817 | if (is_ip_any(flow)) { | |
f47ea021 | 4818 | wc->masks.nw_tos |= IP_DSCP_MASK; |
33bf9176 | 4819 | flow->nw_tos &= ~IP_DSCP_MASK; |
04f01c24 | 4820 | flow->nw_tos |= ofpact_get_SET_IP_DSCP(a)->dscp; |
9583bc14 EJ |
4821 | } |
4822 | break; | |
4823 | ||
ff14eb7a JR |
4824 | case OFPACT_SET_IP_ECN: |
4825 | if (is_ip_any(flow)) { | |
4826 | wc->masks.nw_tos |= IP_ECN_MASK; | |
4827 | flow->nw_tos &= ~IP_ECN_MASK; | |
4828 | flow->nw_tos |= ofpact_get_SET_IP_ECN(a)->ecn; | |
4829 | } | |
4830 | break; | |
4831 | ||
0c20dbe4 JR |
4832 | case OFPACT_SET_IP_TTL: |
4833 | if (is_ip_any(flow)) { | |
4834 | wc->masks.nw_ttl = 0xff; | |
4835 | flow->nw_ttl = ofpact_get_SET_IP_TTL(a)->ttl; | |
4836 | } | |
4837 | break; | |
4838 | ||
9583bc14 | 4839 | case OFPACT_SET_L4_SRC_PORT: |
b8778a0d | 4840 | if (is_ip_any(flow) && !(flow->nw_frag & FLOW_NW_FRAG_LATER)) { |
f47ea021 JR |
4841 | memset(&wc->masks.nw_proto, 0xff, sizeof wc->masks.nw_proto); |
4842 | memset(&wc->masks.tp_src, 0xff, sizeof wc->masks.tp_src); | |
33bf9176 | 4843 | flow->tp_src = htons(ofpact_get_SET_L4_SRC_PORT(a)->port); |
9583bc14 EJ |
4844 | } |
4845 | break; | |
4846 | ||
4847 | case OFPACT_SET_L4_DST_PORT: | |
b8778a0d | 4848 | if (is_ip_any(flow) && !(flow->nw_frag & FLOW_NW_FRAG_LATER)) { |
f47ea021 JR |
4849 | memset(&wc->masks.nw_proto, 0xff, sizeof wc->masks.nw_proto); |
4850 | memset(&wc->masks.tp_dst, 0xff, sizeof wc->masks.tp_dst); | |
33bf9176 | 4851 | flow->tp_dst = htons(ofpact_get_SET_L4_DST_PORT(a)->port); |
9583bc14 EJ |
4852 | } |
4853 | break; | |
4854 | ||
4855 | case OFPACT_RESUBMIT: | |
8bf009bf JR |
4856 | /* Freezing complicates resubmit. Some action in the flow |
4857 | * entry found by resubmit might trigger freezing. If that | |
4858 | * happens, then we do not want to execute the resubmit again after | |
4859 | * during thawing, so we want to skip back to the head of the loop | |
4860 | * to avoid that, only adding any actions that follow the resubmit | |
4861 | * to the frozen actions. | |
6b1c5734 | 4862 | */ |
9583bc14 | 4863 | xlate_ofpact_resubmit(ctx, ofpact_get_RESUBMIT(a)); |
6b1c5734 | 4864 | continue; |
9583bc14 EJ |
4865 | |
4866 | case OFPACT_SET_TUNNEL: | |
33bf9176 | 4867 | flow->tunnel.tun_id = htonll(ofpact_get_SET_TUNNEL(a)->tun_id); |
9583bc14 EJ |
4868 | break; |
4869 | ||
4870 | case OFPACT_SET_QUEUE: | |
16194afd DDP |
4871 | memset(&wc->masks.skb_priority, 0xff, |
4872 | sizeof wc->masks.skb_priority); | |
9583bc14 EJ |
4873 | xlate_set_queue_action(ctx, ofpact_get_SET_QUEUE(a)->queue_id); |
4874 | break; | |
4875 | ||
4876 | case OFPACT_POP_QUEUE: | |
16194afd DDP |
4877 | memset(&wc->masks.skb_priority, 0xff, |
4878 | sizeof wc->masks.skb_priority); | |
33bf9176 | 4879 | flow->skb_priority = ctx->orig_skb_priority; |
9583bc14 EJ |
4880 | break; |
4881 | ||
4882 | case OFPACT_REG_MOVE: | |
67842eba BP |
4883 | mf_subfield_copy(&ofpact_get_REG_MOVE(a)->src, |
4884 | &ofpact_get_REG_MOVE(a)->dst, flow, wc); | |
9583bc14 EJ |
4885 | break; |
4886 | ||
b2dd70be JR |
4887 | case OFPACT_SET_FIELD: |
4888 | set_field = ofpact_get_SET_FIELD(a); | |
4889 | mf = set_field->field; | |
b2dd70be | 4890 | |
aff49b8c JR |
4891 | /* Set the field only if the packet actually has it. */ |
4892 | if (mf_are_prereqs_ok(mf, flow, wc)) { | |
128684a6 JR |
4893 | mf_mask_field_masked(mf, ofpact_set_field_mask(set_field), wc); |
4894 | mf_set_flow_value_masked(mf, set_field->value, | |
4895 | ofpact_set_field_mask(set_field), | |
4896 | flow); | |
b8778a0d | 4897 | } |
b2dd70be JR |
4898 | break; |
4899 | ||
9583bc14 | 4900 | case OFPACT_STACK_PUSH: |
33bf9176 BP |
4901 | nxm_execute_stack_push(ofpact_get_STACK_PUSH(a), flow, wc, |
4902 | &ctx->stack); | |
9583bc14 EJ |
4903 | break; |
4904 | ||
4905 | case OFPACT_STACK_POP: | |
f74e7df7 JP |
4906 | nxm_execute_stack_pop(ofpact_get_STACK_POP(a), flow, wc, |
4907 | &ctx->stack); | |
9583bc14 EJ |
4908 | break; |
4909 | ||
4910 | case OFPACT_PUSH_MPLS: | |
8bfd0fda | 4911 | compose_mpls_push_action(ctx, ofpact_get_PUSH_MPLS(a)); |
9583bc14 EJ |
4912 | break; |
4913 | ||
4914 | case OFPACT_POP_MPLS: | |
8bfd0fda | 4915 | compose_mpls_pop_action(ctx, ofpact_get_POP_MPLS(a)->ethertype); |
9583bc14 EJ |
4916 | break; |
4917 | ||
097d4939 | 4918 | case OFPACT_SET_MPLS_LABEL: |
8bfd0fda BP |
4919 | compose_set_mpls_label_action( |
4920 | ctx, ofpact_get_SET_MPLS_LABEL(a)->label); | |
1d741d6d | 4921 | break; |
097d4939 JR |
4922 | |
4923 | case OFPACT_SET_MPLS_TC: | |
8bfd0fda | 4924 | compose_set_mpls_tc_action(ctx, ofpact_get_SET_MPLS_TC(a)->tc); |
097d4939 JR |
4925 | break; |
4926 | ||
9583bc14 | 4927 | case OFPACT_SET_MPLS_TTL: |
8bfd0fda | 4928 | compose_set_mpls_ttl_action(ctx, ofpact_get_SET_MPLS_TTL(a)->ttl); |
9583bc14 EJ |
4929 | break; |
4930 | ||
4931 | case OFPACT_DEC_MPLS_TTL: | |
9cfef3d0 | 4932 | if (compose_dec_mpls_ttl_action(ctx)) { |
ad3efdcb | 4933 | return; |
9583bc14 EJ |
4934 | } |
4935 | break; | |
4936 | ||
4937 | case OFPACT_DEC_TTL: | |
f74e7df7 | 4938 | wc->masks.nw_ttl = 0xff; |
9583bc14 | 4939 | if (compose_dec_ttl(ctx, ofpact_get_DEC_TTL(a))) { |
ad3efdcb | 4940 | return; |
9583bc14 EJ |
4941 | } |
4942 | break; | |
4943 | ||
4944 | case OFPACT_NOTE: | |
4945 | /* Nothing to do. */ | |
4946 | break; | |
4947 | ||
4948 | case OFPACT_MULTIPATH: | |
33bf9176 | 4949 | multipath_execute(ofpact_get_MULTIPATH(a), flow, wc); |
9583bc14 EJ |
4950 | break; |
4951 | ||
4952 | case OFPACT_BUNDLE: | |
9583bc14 EJ |
4953 | xlate_bundle_action(ctx, ofpact_get_BUNDLE(a)); |
4954 | break; | |
4955 | ||
4956 | case OFPACT_OUTPUT_REG: | |
4957 | xlate_output_reg_action(ctx, ofpact_get_OUTPUT_REG(a)); | |
4958 | break; | |
4959 | ||
aaca4fe0 WT |
4960 | case OFPACT_OUTPUT_TRUNC: |
4961 | xlate_output_trunc_action(ctx, ofpact_get_OUTPUT_TRUNC(a)->port, | |
4962 | ofpact_get_OUTPUT_TRUNC(a)->max_len); | |
4963 | break; | |
4964 | ||
9583bc14 EJ |
4965 | case OFPACT_LEARN: |
4966 | xlate_learn_action(ctx, ofpact_get_LEARN(a)); | |
4967 | break; | |
4968 | ||
afc3987b BP |
4969 | case OFPACT_CONJUNCTION: { |
4970 | /* A flow with a "conjunction" action represents part of a special | |
4971 | * kind of "set membership match". Such a flow should not actually | |
4972 | * get executed, but it could via, say, a "packet-out", even though | |
4973 | * that wouldn't be useful. Log it to help debugging. */ | |
4974 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1); | |
4975 | VLOG_INFO_RL(&rl, "executing no-op conjunction action"); | |
18080541 | 4976 | break; |
afc3987b | 4977 | } |
18080541 | 4978 | |
9583bc14 EJ |
4979 | case OFPACT_EXIT: |
4980 | ctx->exit = true; | |
4981 | break; | |
4982 | ||
e672ff9b JR |
4983 | case OFPACT_UNROLL_XLATE: { |
4984 | struct ofpact_unroll_xlate *unroll = ofpact_get_UNROLL_XLATE(a); | |
4985 | ||
4986 | /* Restore translation context data that was stored earlier. */ | |
4987 | ctx->table_id = unroll->rule_table_id; | |
4988 | ctx->rule_cookie = unroll->rule_cookie; | |
4989 | break; | |
4990 | } | |
9583bc14 | 4991 | case OFPACT_FIN_TIMEOUT: |
33bf9176 | 4992 | memset(&wc->masks.nw_proto, 0xff, sizeof wc->masks.nw_proto); |
9583bc14 EJ |
4993 | xlate_fin_timeout(ctx, ofpact_get_FIN_TIMEOUT(a)); |
4994 | break; | |
4995 | ||
4996 | case OFPACT_CLEAR_ACTIONS: | |
7fdb60a7 | 4997 | ofpbuf_clear(&ctx->action_set); |
c61f3870 BP |
4998 | ctx->xin->flow.actset_output = OFPP_UNSET; |
4999 | ctx->action_set_has_group = false; | |
7fdb60a7 SH |
5000 | break; |
5001 | ||
5002 | case OFPACT_WRITE_ACTIONS: | |
7e7e8dbb | 5003 | xlate_write_actions(ctx, ofpact_get_WRITE_ACTIONS(a)); |
9583bc14 EJ |
5004 | break; |
5005 | ||
5006 | case OFPACT_WRITE_METADATA: | |
5007 | metadata = ofpact_get_WRITE_METADATA(a); | |
33bf9176 BP |
5008 | flow->metadata &= ~metadata->mask; |
5009 | flow->metadata |= metadata->metadata & metadata->mask; | |
9583bc14 EJ |
5010 | break; |
5011 | ||
638a19b0 JR |
5012 | case OFPACT_METER: |
5013 | /* Not implemented yet. */ | |
5014 | break; | |
5015 | ||
9583bc14 | 5016 | case OFPACT_GOTO_TABLE: { |
9583bc14 | 5017 | struct ofpact_goto_table *ogt = ofpact_get_GOTO_TABLE(a); |
9583bc14 | 5018 | |
9167fc1a JR |
5019 | ovs_assert(ctx->table_id < ogt->table_id); |
5020 | ||
4468099e | 5021 | xlate_table_action(ctx, ctx->xin->flow.in_port.ofp_port, |
6d328fa2 | 5022 | ogt->table_id, true, true); |
9583bc14 EJ |
5023 | break; |
5024 | } | |
5025 | ||
5026 | case OFPACT_SAMPLE: | |
5027 | xlate_sample_action(ctx, ofpact_get_SAMPLE(a)); | |
5028 | break; | |
d4abaff5 | 5029 | |
07659514 | 5030 | case OFPACT_CT: |
07659514 JS |
5031 | compose_conntrack_action(ctx, ofpact_get_CT(a)); |
5032 | break; | |
5033 | ||
9ac0aada JR |
5034 | case OFPACT_NAT: |
5035 | /* This will be processed by compose_conntrack_action(). */ | |
5036 | ctx->ct_nat_action = ofpact_get_NAT(a); | |
5037 | break; | |
5038 | ||
d4abaff5 | 5039 | case OFPACT_DEBUG_RECIRC: |
1d361a81 | 5040 | ctx_trigger_freeze(ctx); |
d4abaff5 BP |
5041 | a = ofpact_next(a); |
5042 | break; | |
9583bc14 | 5043 | } |
1d741d6d JR |
5044 | |
5045 | /* Check if need to store this and the remaining actions for later | |
5046 | * execution. */ | |
1d361a81 BP |
5047 | if (!ctx->error && ctx->exit && ctx_first_frozen_action(ctx)) { |
5048 | freeze_unroll_actions(a, ofpact_end(ofpacts, ofpacts_len), ctx); | |
1d741d6d JR |
5049 | break; |
5050 | } | |
9583bc14 | 5051 | } |
9583bc14 EJ |
5052 | } |
5053 | ||
5054 | void | |
5055 | xlate_in_init(struct xlate_in *xin, struct ofproto_dpif *ofproto, | |
1f4a8933 JR |
5056 | ovs_version_t version, const struct flow *flow, |
5057 | ofp_port_t in_port, struct rule_dpif *rule, uint16_t tcp_flags, | |
1520ef4f BP |
5058 | const struct dp_packet *packet, struct flow_wildcards *wc, |
5059 | struct ofpbuf *odp_actions) | |
9583bc14 EJ |
5060 | { |
5061 | xin->ofproto = ofproto; | |
1f4a8933 | 5062 | xin->tables_version = version; |
9583bc14 | 5063 | xin->flow = *flow; |
8d8ab6c2 | 5064 | xin->upcall_flow = flow; |
cc377352 | 5065 | xin->flow.in_port.ofp_port = in_port; |
c61f3870 | 5066 | xin->flow.actset_output = OFPP_UNSET; |
9583bc14 | 5067 | xin->packet = packet; |
df70a773 | 5068 | xin->allow_side_effects = packet != NULL; |
9583bc14 | 5069 | xin->rule = rule; |
b256dc52 | 5070 | xin->xcache = NULL; |
9583bc14 EJ |
5071 | xin->ofpacts = NULL; |
5072 | xin->ofpacts_len = 0; | |
5073 | xin->tcp_flags = tcp_flags; | |
5074 | xin->resubmit_hook = NULL; | |
5075 | xin->report_hook = NULL; | |
5076 | xin->resubmit_stats = NULL; | |
9a9b001a | 5077 | xin->indentation = 0; |
790c5d26 | 5078 | xin->depth = 0; |
cdd42eda | 5079 | xin->resubmits = 0; |
49a73e0c | 5080 | xin->wc = wc; |
1520ef4f | 5081 | xin->odp_actions = odp_actions; |
e672ff9b JR |
5082 | |
5083 | /* Do recirc lookup. */ | |
1d361a81 | 5084 | xin->frozen_state = NULL; |
29b1ea3f BP |
5085 | if (flow->recirc_id) { |
5086 | const struct recirc_id_node *node | |
5087 | = recirc_id_node_find(flow->recirc_id); | |
5088 | if (node) { | |
1d361a81 | 5089 | xin->frozen_state = &node->state; |
29b1ea3f BP |
5090 | } |
5091 | } | |
9583bc14 EJ |
5092 | } |
5093 | ||
5094 | void | |
5095 | xlate_out_uninit(struct xlate_out *xout) | |
5096 | { | |
e672ff9b | 5097 | if (xout) { |
fbf5d6ec | 5098 | recirc_refs_unref(&xout->recircs); |
9583bc14 EJ |
5099 | } |
5100 | } | |
5101 | ||
5102 | /* Translates the 'ofpacts_len' bytes of "struct ofpact"s starting at 'ofpacts' | |
5103 | * into datapath actions, using 'ctx', and discards the datapath actions. */ | |
5104 | void | |
5105 | xlate_actions_for_side_effects(struct xlate_in *xin) | |
5106 | { | |
5107 | struct xlate_out xout; | |
fff1b9c0 JR |
5108 | enum xlate_error error; |
5109 | ||
5110 | error = xlate_actions(xin, &xout); | |
5111 | if (error) { | |
5112 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
5113 | ||
5114 | VLOG_WARN_RL(&rl, "xlate_actions failed (%s)!", xlate_strerror(error)); | |
5115 | } | |
9583bc14 | 5116 | |
9583bc14 EJ |
5117 | xlate_out_uninit(&xout); |
5118 | } | |
9583bc14 | 5119 | \f |
55954f6e EJ |
5120 | static struct skb_priority_to_dscp * |
5121 | get_skb_priority(const struct xport *xport, uint32_t skb_priority) | |
5122 | { | |
5123 | struct skb_priority_to_dscp *pdscp; | |
5124 | uint32_t hash; | |
5125 | ||
5126 | hash = hash_int(skb_priority, 0); | |
5127 | HMAP_FOR_EACH_IN_BUCKET (pdscp, hmap_node, hash, &xport->skb_priorities) { | |
5128 | if (pdscp->skb_priority == skb_priority) { | |
5129 | return pdscp; | |
5130 | } | |
5131 | } | |
5132 | return NULL; | |
5133 | } | |
5134 | ||
5135 | static bool | |
5136 | dscp_from_skb_priority(const struct xport *xport, uint32_t skb_priority, | |
5137 | uint8_t *dscp) | |
5138 | { | |
5139 | struct skb_priority_to_dscp *pdscp = get_skb_priority(xport, skb_priority); | |
5140 | *dscp = pdscp ? pdscp->dscp : 0; | |
5141 | return pdscp != NULL; | |
5142 | } | |
5143 | ||
16194afd DDP |
5144 | static size_t |
5145 | count_skb_priorities(const struct xport *xport) | |
5146 | { | |
5147 | return hmap_count(&xport->skb_priorities); | |
5148 | } | |
5149 | ||
55954f6e EJ |
5150 | static void |
5151 | clear_skb_priorities(struct xport *xport) | |
5152 | { | |
4ec3d7c7 | 5153 | struct skb_priority_to_dscp *pdscp; |
55954f6e | 5154 | |
4ec3d7c7 | 5155 | HMAP_FOR_EACH_POP (pdscp, hmap_node, &xport->skb_priorities) { |
55954f6e EJ |
5156 | free(pdscp); |
5157 | } | |
5158 | } | |
5159 | ||
ce4a6b76 BP |
5160 | static bool |
5161 | actions_output_to_local_port(const struct xlate_ctx *ctx) | |
5162 | { | |
46c88433 | 5163 | odp_port_t local_odp_port = ofp_port_to_odp_port(ctx->xbridge, OFPP_LOCAL); |
ce4a6b76 BP |
5164 | const struct nlattr *a; |
5165 | unsigned int left; | |
5166 | ||
1520ef4f BP |
5167 | NL_ATTR_FOR_EACH_UNSAFE (a, left, ctx->odp_actions->data, |
5168 | ctx->odp_actions->size) { | |
ce4a6b76 BP |
5169 | if (nl_attr_type(a) == OVS_ACTION_ATTR_OUTPUT |
5170 | && nl_attr_get_odp_port(a) == local_odp_port) { | |
5171 | return true; | |
5172 | } | |
5173 | } | |
5174 | return false; | |
5175 | } | |
9583bc14 | 5176 | |
5e2a6702 | 5177 | #if defined(__linux__) |
7d031d7e BP |
5178 | /* Returns the maximum number of packets that the Linux kernel is willing to |
5179 | * queue up internally to certain kinds of software-implemented ports, or the | |
5180 | * default (and rarely modified) value if it cannot be determined. */ | |
5181 | static int | |
5182 | netdev_max_backlog(void) | |
5183 | { | |
5184 | static struct ovsthread_once once = OVSTHREAD_ONCE_INITIALIZER; | |
5185 | static int max_backlog = 1000; /* The normal default value. */ | |
5186 | ||
5187 | if (ovsthread_once_start(&once)) { | |
5188 | static const char filename[] = "/proc/sys/net/core/netdev_max_backlog"; | |
5189 | FILE *stream; | |
5190 | int n; | |
5191 | ||
5192 | stream = fopen(filename, "r"); | |
5193 | if (!stream) { | |
120c348f | 5194 | VLOG_INFO("%s: open failed (%s)", filename, ovs_strerror(errno)); |
7d031d7e BP |
5195 | } else { |
5196 | if (fscanf(stream, "%d", &n) != 1) { | |
5197 | VLOG_WARN("%s: read error", filename); | |
5198 | } else if (n <= 100) { | |
5199 | VLOG_WARN("%s: unexpectedly small value %d", filename, n); | |
5200 | } else { | |
5201 | max_backlog = n; | |
5202 | } | |
5203 | fclose(stream); | |
5204 | } | |
5205 | ovsthread_once_done(&once); | |
5206 | ||
5207 | VLOG_DBG("%s: using %d max_backlog", filename, max_backlog); | |
5208 | } | |
5209 | ||
5210 | return max_backlog; | |
5211 | } | |
5212 | ||
5213 | /* Counts and returns the number of OVS_ACTION_ATTR_OUTPUT actions in | |
5214 | * 'odp_actions'. */ | |
5215 | static int | |
5216 | count_output_actions(const struct ofpbuf *odp_actions) | |
5217 | { | |
5218 | const struct nlattr *a; | |
5219 | size_t left; | |
5220 | int n = 0; | |
5221 | ||
6fd6ed71 | 5222 | NL_ATTR_FOR_EACH_UNSAFE (a, left, odp_actions->data, odp_actions->size) { |
7d031d7e BP |
5223 | if (a->nla_type == OVS_ACTION_ATTR_OUTPUT) { |
5224 | n++; | |
5225 | } | |
5226 | } | |
5227 | return n; | |
5228 | } | |
5e2a6702 | 5229 | #endif /* defined(__linux__) */ |
7d031d7e BP |
5230 | |
5231 | /* Returns true if 'odp_actions' contains more output actions than the datapath | |
5232 | * can reliably handle in one go. On Linux, this is the value of the | |
5233 | * net.core.netdev_max_backlog sysctl, which limits the maximum number of | |
5234 | * packets that the kernel is willing to queue up for processing while the | |
5235 | * datapath is processing a set of actions. */ | |
5236 | static bool | |
5e2a6702 | 5237 | too_many_output_actions(const struct ofpbuf *odp_actions OVS_UNUSED) |
7d031d7e BP |
5238 | { |
5239 | #ifdef __linux__ | |
6fd6ed71 | 5240 | return (odp_actions->size / NL_A_U32_SIZE > netdev_max_backlog() |
7d031d7e BP |
5241 | && count_output_actions(odp_actions) > netdev_max_backlog()); |
5242 | #else | |
5243 | /* OSes other than Linux might have similar limits, but we don't know how | |
5244 | * to determine them.*/ | |
5245 | return false; | |
5246 | #endif | |
5247 | } | |
5248 | ||
234c3da9 BP |
5249 | static void |
5250 | xlate_wc_init(struct xlate_ctx *ctx) | |
5251 | { | |
5252 | flow_wildcards_init_catchall(ctx->wc); | |
5253 | ||
5254 | /* Some fields we consider to always be examined. */ | |
5e2e998a JR |
5255 | WC_MASK_FIELD(ctx->wc, in_port); |
5256 | WC_MASK_FIELD(ctx->wc, dl_type); | |
234c3da9 | 5257 | if (is_ip_any(&ctx->xin->flow)) { |
5e2e998a | 5258 | WC_MASK_FIELD_MASK(ctx->wc, nw_frag, FLOW_NW_FRAG_MASK); |
234c3da9 BP |
5259 | } |
5260 | ||
5261 | if (ctx->xbridge->support.odp.recirc) { | |
5262 | /* Always exactly match recirc_id when datapath supports | |
5263 | * recirculation. */ | |
5e2e998a | 5264 | WC_MASK_FIELD(ctx->wc, recirc_id); |
234c3da9 BP |
5265 | } |
5266 | ||
5267 | if (ctx->xbridge->netflow) { | |
5268 | netflow_mask_wc(&ctx->xin->flow, ctx->wc); | |
5269 | } | |
5270 | ||
5271 | tnl_wc_init(&ctx->xin->flow, ctx->wc); | |
5272 | } | |
5273 | ||
5274 | static void | |
5275 | xlate_wc_finish(struct xlate_ctx *ctx) | |
5276 | { | |
5277 | /* Clear the metadata and register wildcard masks, because we won't | |
5278 | * use non-header fields as part of the cache. */ | |
5279 | flow_wildcards_clear_non_packet_fields(ctx->wc); | |
5280 | ||
5281 | /* ICMPv4 and ICMPv6 have 8-bit "type" and "code" fields. struct flow | |
5282 | * uses the low 8 bits of the 16-bit tp_src and tp_dst members to | |
5283 | * represent these fields. The datapath interface, on the other hand, | |
5284 | * represents them with just 8 bits each. This means that if the high | |
5285 | * 8 bits of the masks for these fields somehow become set, then they | |
5286 | * will get chopped off by a round trip through the datapath, and | |
5287 | * revalidation will spot that as an inconsistency and delete the flow. | |
5288 | * Avoid the problem here by making sure that only the low 8 bits of | |
5289 | * either field can be unwildcarded for ICMP. | |
5290 | */ | |
a75636c8 | 5291 | if (is_icmpv4(&ctx->xin->flow, NULL) || is_icmpv6(&ctx->xin->flow, NULL)) { |
234c3da9 BP |
5292 | ctx->wc->masks.tp_src &= htons(UINT8_MAX); |
5293 | ctx->wc->masks.tp_dst &= htons(UINT8_MAX); | |
5294 | } | |
5295 | /* VLAN_TCI CFI bit must be matched if any of the TCI is matched. */ | |
5296 | if (ctx->wc->masks.vlan_tci) { | |
5297 | ctx->wc->masks.vlan_tci |= htons(VLAN_CFI); | |
5298 | } | |
5299 | } | |
5300 | ||
e672ff9b JR |
5301 | /* Translates the flow, actions, or rule in 'xin' into datapath actions in |
5302 | * 'xout'. | |
56450a41 | 5303 | * The caller must take responsibility for eventually freeing 'xout', with |
fff1b9c0 JR |
5304 | * xlate_out_uninit(). |
5305 | * Returns 'XLATE_OK' if translation was successful. In case of an error an | |
5306 | * empty set of actions will be returned in 'xin->odp_actions' (if non-NULL), | |
5307 | * so that most callers may ignore the return value and transparently install a | |
5308 | * drop flow when the translation fails. */ | |
5309 | enum xlate_error | |
84f0f298 | 5310 | xlate_actions(struct xlate_in *xin, struct xlate_out *xout) |
9583bc14 | 5311 | { |
e467ea42 BP |
5312 | *xout = (struct xlate_out) { |
5313 | .slow = 0, | |
fbf5d6ec | 5314 | .recircs = RECIRC_REFS_EMPTY_INITIALIZER, |
e467ea42 BP |
5315 | }; |
5316 | ||
84f0f298 | 5317 | struct xlate_cfg *xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); |
bb00fdef BP |
5318 | struct xbridge *xbridge = xbridge_lookup(xcfg, xin->ofproto); |
5319 | if (!xbridge) { | |
fff1b9c0 | 5320 | return XLATE_BRIDGE_NOT_FOUND; |
bb00fdef BP |
5321 | } |
5322 | ||
33bf9176 BP |
5323 | struct flow *flow = &xin->flow; |
5324 | ||
bb00fdef BP |
5325 | union mf_subvalue stack_stub[1024 / sizeof(union mf_subvalue)]; |
5326 | uint64_t action_set_stub[1024 / 8]; | |
1d361a81 | 5327 | uint64_t frozen_actions_stub[1024 / 8]; |
1520ef4f BP |
5328 | uint64_t actions_stub[256 / 8]; |
5329 | struct ofpbuf scratch_actions = OFPBUF_STUB_INITIALIZER(actions_stub); | |
bb00fdef BP |
5330 | struct xlate_ctx ctx = { |
5331 | .xin = xin, | |
5332 | .xout = xout, | |
5333 | .base_flow = *flow, | |
c2b878e0 | 5334 | .orig_tunnel_ipv6_dst = flow_tnl_dst(&flow->tunnel), |
bb00fdef BP |
5335 | .xbridge = xbridge, |
5336 | .stack = OFPBUF_STUB_INITIALIZER(stack_stub), | |
5337 | .rule = xin->rule, | |
c0e638aa BP |
5338 | .wc = (xin->wc |
5339 | ? xin->wc | |
f36efd90 | 5340 | : &(struct flow_wildcards) { .masks = { .dl_type = 0 } }), |
1520ef4f | 5341 | .odp_actions = xin->odp_actions ? xin->odp_actions : &scratch_actions, |
bb00fdef | 5342 | |
9a9b001a | 5343 | .indentation = xin->indentation, |
790c5d26 | 5344 | .depth = xin->depth, |
cdd42eda | 5345 | .resubmits = xin->resubmits, |
bb00fdef BP |
5346 | .in_group = false, |
5347 | .in_action_set = false, | |
5348 | ||
5349 | .table_id = 0, | |
5350 | .rule_cookie = OVS_BE64_MAX, | |
5351 | .orig_skb_priority = flow->skb_priority, | |
5352 | .sflow_n_outputs = 0, | |
5353 | .sflow_odp_port = 0, | |
2031ef97 | 5354 | .nf_output_iface = NF_OUT_DROP, |
bb00fdef | 5355 | .exit = false, |
fff1b9c0 | 5356 | .error = XLATE_OK, |
3d6151f3 | 5357 | .mirrors = 0, |
bb00fdef | 5358 | |
1d361a81 | 5359 | .freezing = false, |
53cc166a | 5360 | .recirc_update_dp_hash = false, |
1d361a81 | 5361 | .frozen_actions = OFPBUF_STUB_INITIALIZER(frozen_actions_stub), |
77ab5fd2 | 5362 | .pause = NULL, |
bb00fdef | 5363 | |
e12ec36b | 5364 | .was_mpls = false, |
07659514 | 5365 | .conntracked = false, |
bb00fdef | 5366 | |
9ac0aada JR |
5367 | .ct_nat_action = NULL, |
5368 | ||
bb00fdef BP |
5369 | .action_set_has_group = false, |
5370 | .action_set = OFPBUF_STUB_INITIALIZER(action_set_stub), | |
5371 | }; | |
865ca6cf BP |
5372 | |
5373 | /* 'base_flow' reflects the packet as it came in, but we need it to reflect | |
42deb67d PS |
5374 | * the packet as the datapath will treat it for output actions. Our |
5375 | * datapath doesn't retain tunneling information without us re-setting | |
5376 | * it, so clear the tunnel data. | |
865ca6cf | 5377 | */ |
42deb67d | 5378 | |
bb00fdef | 5379 | memset(&ctx.base_flow.tunnel, 0, sizeof ctx.base_flow.tunnel); |
865ca6cf | 5380 | |
1520ef4f | 5381 | ofpbuf_reserve(ctx.odp_actions, NL_A_U32_SIZE); |
c0e638aa | 5382 | xlate_wc_init(&ctx); |
bb00fdef | 5383 | |
46c88433 | 5384 | COVERAGE_INC(xlate_actions); |
9583bc14 | 5385 | |
1d361a81 BP |
5386 | if (xin->frozen_state) { |
5387 | const struct frozen_state *state = xin->frozen_state; | |
e672ff9b | 5388 | |
1d361a81 | 5389 | xlate_report(&ctx, "Thawing frozen state:"); |
d6bef3cc | 5390 | |
e672ff9b JR |
5391 | if (xin->ofpacts_len > 0 || ctx.rule) { |
5392 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1); | |
d6bef3cc | 5393 | const char *conflict = xin->ofpacts_len ? "actions" : "rule"; |
e672ff9b | 5394 | |
d6bef3cc BP |
5395 | VLOG_WARN_RL(&rl, "Recirculation conflict (%s)!", conflict); |
5396 | xlate_report(&ctx, "- Recirculation conflict (%s)!", conflict); | |
fff1b9c0 | 5397 | ctx.error = XLATE_RECIRCULATION_CONFLICT; |
1520ef4f | 5398 | goto exit; |
e672ff9b JR |
5399 | } |
5400 | ||
5401 | /* Set the bridge for post-recirculation processing if needed. */ | |
290835f9 BP |
5402 | if (!uuid_equals(ofproto_dpif_get_uuid(ctx.xbridge->ofproto), |
5403 | &state->ofproto_uuid)) { | |
e672ff9b | 5404 | struct xlate_cfg *xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); |
2082425c | 5405 | const struct xbridge *new_bridge |
290835f9 | 5406 | = xbridge_lookup_by_uuid(xcfg, &state->ofproto_uuid); |
e672ff9b JR |
5407 | |
5408 | if (OVS_UNLIKELY(!new_bridge)) { | |
5409 | /* Drop the packet if the bridge cannot be found. */ | |
5410 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1); | |
1d361a81 BP |
5411 | VLOG_WARN_RL(&rl, "Frozen bridge no longer exists."); |
5412 | xlate_report(&ctx, "- Frozen bridge no longer exists."); | |
fff1b9c0 | 5413 | ctx.error = XLATE_BRIDGE_NOT_FOUND; |
1520ef4f | 5414 | goto exit; |
e672ff9b JR |
5415 | } |
5416 | ctx.xbridge = new_bridge; | |
1f4a8933 JR |
5417 | /* The bridge is now known so obtain its table version. */ |
5418 | ctx.xin->tables_version | |
5419 | = ofproto_dpif_get_tables_version(ctx.xbridge->ofproto); | |
e672ff9b JR |
5420 | } |
5421 | ||
1d361a81 BP |
5422 | /* Set the thawed table id. Note: A table lookup is done only if there |
5423 | * are no frozen actions. */ | |
2082425c | 5424 | ctx.table_id = state->table_id; |
d6bef3cc | 5425 | xlate_report(&ctx, "- Resuming from table %"PRIu8, ctx.table_id); |
e672ff9b | 5426 | |
07659514 JS |
5427 | if (!state->conntracked) { |
5428 | clear_conntrack(flow); | |
5429 | } | |
5430 | ||
e672ff9b | 5431 | /* Restore pipeline metadata. May change flow's in_port and other |
1d361a81 BP |
5432 | * metadata to the values that existed when freezing was triggered. */ |
5433 | frozen_metadata_to_flow(&state->metadata, flow); | |
e672ff9b JR |
5434 | |
5435 | /* Restore stack, if any. */ | |
2082425c | 5436 | if (state->stack) { |
5c1b2314 BP |
5437 | ofpbuf_put(&ctx.stack, state->stack, |
5438 | state->n_stack * sizeof *state->stack); | |
e672ff9b JR |
5439 | } |
5440 | ||
29bae541 BP |
5441 | /* Restore mirror state. */ |
5442 | ctx.mirrors = state->mirrors; | |
5443 | ||
e672ff9b | 5444 | /* Restore action set, if any. */ |
2082425c | 5445 | if (state->action_set_len) { |
d6bef3cc | 5446 | xlate_report_actions(&ctx, "- Restoring action set", |
417509fa | 5447 | state->action_set, state->action_set_len); |
d6bef3cc | 5448 | |
7e7e8dbb BP |
5449 | flow->actset_output = OFPP_UNSET; |
5450 | xlate_write_actions__(&ctx, state->action_set, | |
5451 | state->action_set_len); | |
e672ff9b JR |
5452 | } |
5453 | ||
1d361a81 BP |
5454 | /* Restore frozen actions. If there are no actions, processing will |
5455 | * start with a lookup in the table set above. */ | |
417509fa BP |
5456 | xin->ofpacts = state->ofpacts; |
5457 | xin->ofpacts_len = state->ofpacts_len; | |
5458 | if (state->ofpacts_len) { | |
d6bef3cc BP |
5459 | xlate_report_actions(&ctx, "- Restoring actions", |
5460 | xin->ofpacts, xin->ofpacts_len); | |
e672ff9b JR |
5461 | } |
5462 | } else if (OVS_UNLIKELY(flow->recirc_id)) { | |
5463 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1); | |
5464 | ||
5465 | VLOG_WARN_RL(&rl, "Recirculation context not found for ID %"PRIx32, | |
5466 | flow->recirc_id); | |
fff1b9c0 | 5467 | ctx.error = XLATE_NO_RECIRCULATION_CONTEXT; |
1520ef4f | 5468 | goto exit; |
e672ff9b | 5469 | } |
9583bc14 | 5470 | |
8d8ab6c2 JG |
5471 | /* Tunnel metadata in udpif format must be normalized before translation. */ |
5472 | if (flow->tunnel.flags & FLOW_TNL_F_UDPIF) { | |
5473 | const struct tun_table *tun_tab = ofproto_dpif_get_tun_tab(xin->ofproto); | |
5474 | int err; | |
5475 | ||
5476 | err = tun_metadata_from_geneve_udpif(tun_tab, &xin->upcall_flow->tunnel, | |
5477 | &xin->upcall_flow->tunnel, | |
5478 | &flow->tunnel); | |
5479 | if (err) { | |
5480 | XLATE_REPORT_ERROR(&ctx, "Invalid Geneve tunnel metadata"); | |
5481 | ctx.error = XLATE_INVALID_TUNNEL_METADATA; | |
5482 | goto exit; | |
5483 | } | |
5484 | } else if (!flow->tunnel.metadata.tab) { | |
5485 | /* If the original flow did not come in on a tunnel, then it won't have | |
5486 | * FLOW_TNL_F_UDPIF set. However, we still need to have a metadata | |
5487 | * table in case we generate tunnel actions. */ | |
5488 | flow->tunnel.metadata.tab = ofproto_dpif_get_tun_tab(xin->ofproto); | |
5489 | } | |
5490 | ctx.wc->masks.tunnel.metadata.tab = flow->tunnel.metadata.tab; | |
5491 | ||
10c44245 | 5492 | if (!xin->ofpacts && !ctx.rule) { |
b2e89cc9 | 5493 | ctx.rule = rule_dpif_lookup_from_table( |
1f4a8933 | 5494 | ctx.xbridge->ofproto, ctx.xin->tables_version, flow, ctx.wc, |
1e1e1d19 | 5495 | ctx.xin->resubmit_stats, &ctx.table_id, |
a027899e | 5496 | flow->in_port.ofp_port, true, true, ctx.xin->xcache); |
10c44245 | 5497 | if (ctx.xin->resubmit_stats) { |
b2e89cc9 | 5498 | rule_dpif_credit_stats(ctx.rule, ctx.xin->resubmit_stats); |
10c44245 | 5499 | } |
b256dc52 JS |
5500 | if (ctx.xin->xcache) { |
5501 | struct xc_entry *entry; | |
5502 | ||
5503 | entry = xlate_cache_add_entry(ctx.xin->xcache, XC_RULE); | |
901a517e | 5504 | entry->rule = ctx.rule; |
1e1e1d19 | 5505 | rule_dpif_ref(ctx.rule); |
b256dc52 | 5506 | } |
a8c31348 BP |
5507 | |
5508 | if (OVS_UNLIKELY(ctx.xin->resubmit_hook)) { | |
b2e89cc9 | 5509 | ctx.xin->resubmit_hook(ctx.xin, ctx.rule, 0); |
a8c31348 | 5510 | } |
10c44245 | 5511 | } |
10c44245 | 5512 | |
1d361a81 | 5513 | /* Get the proximate input port of the packet. (If xin->frozen_state, |
14d2b8b2 BP |
5514 | * flow->in_port is the ultimate input port of the packet.) */ |
5515 | struct xport *in_port = get_ofp_port(xbridge, | |
5516 | ctx.base_flow.in_port.ofp_port); | |
5517 | ||
1d361a81 BP |
5518 | /* Tunnel stats only for not-thawed packets. */ |
5519 | if (!xin->frozen_state && in_port && in_port->is_tunnel) { | |
b256dc52 JS |
5520 | if (ctx.xin->resubmit_stats) { |
5521 | netdev_vport_inc_rx(in_port->netdev, ctx.xin->resubmit_stats); | |
5522 | if (in_port->bfd) { | |
5523 | bfd_account_rx(in_port->bfd, ctx.xin->resubmit_stats); | |
5524 | } | |
5525 | } | |
5526 | if (ctx.xin->xcache) { | |
5527 | struct xc_entry *entry; | |
5528 | ||
5529 | entry = xlate_cache_add_entry(ctx.xin->xcache, XC_NETDEV); | |
901a517e JR |
5530 | entry->dev.rx = netdev_ref(in_port->netdev); |
5531 | entry->dev.bfd = bfd_ref(in_port->bfd); | |
d6fc5f57 EJ |
5532 | } |
5533 | } | |
5534 | ||
1d361a81 | 5535 | if (!xin->frozen_state && process_special(&ctx, in_port)) { |
bef1403e BP |
5536 | /* process_special() did all the processing for this packet. |
5537 | * | |
1d361a81 BP |
5538 | * We do not perform special processing on thawed packets, since that |
5539 | * was done before they were frozen and should not be redone. */ | |
bef1403e BP |
5540 | } else if (in_port && in_port->xbundle |
5541 | && xbundle_mirror_out(xbridge, in_port->xbundle)) { | |
5542 | if (ctx.xin->packet != NULL) { | |
5543 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
5544 | VLOG_WARN_RL(&rl, "bridge %s: dropping packet received on port " | |
5545 | "%s, which is reserved exclusively for mirroring", | |
5546 | ctx.xbridge->name, in_port->xbundle->name); | |
5547 | } | |
5548 | } else { | |
1d361a81 | 5549 | /* Sampling is done on initial reception; don't redo after thawing. */ |
a6092018 | 5550 | unsigned int user_cookie_offset = 0; |
1d361a81 | 5551 | if (!xin->frozen_state) { |
a6092018 BP |
5552 | user_cookie_offset = compose_sflow_action(&ctx); |
5553 | compose_ipfix_action(&ctx, ODPP_NONE); | |
e672ff9b | 5554 | } |
0731abc5 | 5555 | size_t sample_actions_len = ctx.odp_actions->size; |
9583bc14 | 5556 | |
234c3da9 BP |
5557 | if (tnl_process_ecn(flow) |
5558 | && (!in_port || may_receive(in_port, &ctx))) { | |
1806291d BP |
5559 | const struct ofpact *ofpacts; |
5560 | size_t ofpacts_len; | |
5561 | ||
5562 | if (xin->ofpacts) { | |
5563 | ofpacts = xin->ofpacts; | |
5564 | ofpacts_len = xin->ofpacts_len; | |
5565 | } else if (ctx.rule) { | |
5566 | const struct rule_actions *actions | |
5567 | = rule_dpif_get_actions(ctx.rule); | |
5568 | ofpacts = actions->ofpacts; | |
5569 | ofpacts_len = actions->ofpacts_len; | |
5570 | ctx.rule_cookie = rule_dpif_get_flow_cookie(ctx.rule); | |
5571 | } else { | |
5572 | OVS_NOT_REACHED(); | |
5573 | } | |
5574 | ||
7efbc3b7 | 5575 | mirror_ingress_packet(&ctx); |
9583bc14 | 5576 | do_xlate_actions(ofpacts, ofpacts_len, &ctx); |
fff1b9c0 JR |
5577 | if (ctx.error) { |
5578 | goto exit; | |
5579 | } | |
9583bc14 EJ |
5580 | |
5581 | /* We've let OFPP_NORMAL and the learning action look at the | |
1d361a81 | 5582 | * packet, so cancel all actions and freezing if forwarding is |
8a5fb3b4 | 5583 | * disabled. */ |
9efd308e DV |
5584 | if (in_port && (!xport_stp_forward_state(in_port) || |
5585 | !xport_rstp_forward_state(in_port))) { | |
1520ef4f | 5586 | ctx.odp_actions->size = sample_actions_len; |
1d361a81 | 5587 | ctx_cancel_freeze(&ctx); |
8a5fb3b4 BP |
5588 | ofpbuf_clear(&ctx.action_set); |
5589 | } | |
5590 | ||
1d361a81 | 5591 | if (!ctx.freezing) { |
8a5fb3b4 | 5592 | xlate_action_set(&ctx); |
e672ff9b | 5593 | } |
1d361a81 | 5594 | if (ctx.freezing) { |
77ab5fd2 | 5595 | finish_freezing(&ctx); |
9583bc14 EJ |
5596 | } |
5597 | } | |
5598 | ||
e672ff9b | 5599 | /* Output only fully processed packets. */ |
1d361a81 | 5600 | if (!ctx.freezing |
e672ff9b | 5601 | && xbridge->has_in_band |
ce4a6b76 BP |
5602 | && in_band_must_output_to_local_port(flow) |
5603 | && !actions_output_to_local_port(&ctx)) { | |
e93ef1c7 | 5604 | compose_output_action(&ctx, OFPP_LOCAL, NULL); |
9583bc14 | 5605 | } |
aaa0fbae | 5606 | |
a6092018 BP |
5607 | if (user_cookie_offset) { |
5608 | fix_sflow_action(&ctx, user_cookie_offset); | |
e672ff9b | 5609 | } |
9583bc14 EJ |
5610 | } |
5611 | ||
1520ef4f | 5612 | if (nl_attr_oversized(ctx.odp_actions->size)) { |
542024c4 | 5613 | /* These datapath actions are too big for a Netlink attribute, so we |
0f032e95 BP |
5614 | * can't hand them to the kernel directly. dpif_execute() can execute |
5615 | * them one by one with help, so just mark the result as SLOW_ACTION to | |
5616 | * prevent the flow from being installed. */ | |
5617 | COVERAGE_INC(xlate_actions_oversize); | |
5618 | ctx.xout->slow |= SLOW_ACTION; | |
1520ef4f | 5619 | } else if (too_many_output_actions(ctx.odp_actions)) { |
7d031d7e BP |
5620 | COVERAGE_INC(xlate_actions_too_many_output); |
5621 | ctx.xout->slow |= SLOW_ACTION; | |
542024c4 BP |
5622 | } |
5623 | ||
1d361a81 BP |
5624 | /* Do netflow only for packets on initial reception, that are not sent to |
5625 | * the controller. We consider packets sent to the controller to be part | |
5626 | * of the control plane rather than the data plane. */ | |
5627 | if (!xin->frozen_state | |
5628 | && xbridge->netflow | |
5629 | && !(xout->slow & SLOW_CONTROLLER)) { | |
1806291d BP |
5630 | if (ctx.xin->resubmit_stats) { |
5631 | netflow_flow_update(xbridge->netflow, flow, | |
2031ef97 | 5632 | ctx.nf_output_iface, |
1806291d BP |
5633 | ctx.xin->resubmit_stats); |
5634 | } | |
5635 | if (ctx.xin->xcache) { | |
5636 | struct xc_entry *entry; | |
b256dc52 | 5637 | |
1806291d | 5638 | entry = xlate_cache_add_entry(ctx.xin->xcache, XC_NETFLOW); |
901a517e JR |
5639 | entry->nf.netflow = netflow_ref(xbridge->netflow); |
5640 | entry->nf.flow = xmemdup(flow, sizeof *flow); | |
5641 | entry->nf.iface = ctx.nf_output_iface; | |
d6fc5f57 EJ |
5642 | } |
5643 | } | |
5644 | ||
8d8ab6c2 JG |
5645 | /* Translate tunnel metadata masks to udpif format if necessary. */ |
5646 | if (xin->upcall_flow->tunnel.flags & FLOW_TNL_F_UDPIF) { | |
5647 | if (ctx.wc->masks.tunnel.metadata.present.map) { | |
5648 | const struct flow_tnl *upcall_tnl = &xin->upcall_flow->tunnel; | |
5649 | struct geneve_opt opts[TLV_TOT_OPT_SIZE / | |
5650 | sizeof(struct geneve_opt)]; | |
5651 | ||
5652 | tun_metadata_to_geneve_udpif_mask(&flow->tunnel, | |
5653 | &ctx.wc->masks.tunnel, | |
5654 | upcall_tnl->metadata.opts.gnv, | |
5655 | upcall_tnl->metadata.present.len, | |
5656 | opts); | |
5657 | memset(&ctx.wc->masks.tunnel.metadata, 0, | |
5658 | sizeof ctx.wc->masks.tunnel.metadata); | |
5659 | memcpy(&ctx.wc->masks.tunnel.metadata.opts.gnv, opts, | |
5660 | upcall_tnl->metadata.present.len); | |
5661 | } | |
5662 | ctx.wc->masks.tunnel.metadata.present.len = 0xff; | |
5663 | ctx.wc->masks.tunnel.metadata.tab = NULL; | |
5664 | ctx.wc->masks.tunnel.flags |= FLOW_TNL_F_UDPIF; | |
5665 | } else if (!xin->upcall_flow->tunnel.metadata.tab) { | |
5666 | /* If we didn't have options in UDPIF format and didn't have an existing | |
5667 | * metadata table, then it means that there were no options at all when | |
5668 | * we started processing and any wildcards we picked up were from | |
5669 | * action generation. Without options on the incoming packet, wildcards | |
5670 | * aren't meaningful. To avoid them possibly getting misinterpreted, | |
5671 | * just clear everything. */ | |
5672 | if (ctx.wc->masks.tunnel.metadata.present.map) { | |
5673 | memset(&ctx.wc->masks.tunnel.metadata, 0, | |
5674 | sizeof ctx.wc->masks.tunnel.metadata); | |
5675 | } else { | |
5676 | ctx.wc->masks.tunnel.metadata.tab = NULL; | |
5677 | } | |
5678 | } | |
5679 | ||
c0e638aa | 5680 | xlate_wc_finish(&ctx); |
1520ef4f BP |
5681 | |
5682 | exit: | |
8d8ab6c2 JG |
5683 | /* Reset the table to what it was when we came in. If we only fetched |
5684 | * it locally, then it has no meaning outside of flow translation. */ | |
5685 | flow->tunnel.metadata.tab = xin->upcall_flow->tunnel.metadata.tab; | |
5686 | ||
1520ef4f BP |
5687 | ofpbuf_uninit(&ctx.stack); |
5688 | ofpbuf_uninit(&ctx.action_set); | |
1d361a81 | 5689 | ofpbuf_uninit(&ctx.frozen_actions); |
1520ef4f | 5690 | ofpbuf_uninit(&scratch_actions); |
fff1b9c0 JR |
5691 | |
5692 | /* Make sure we return a "drop flow" in case of an error. */ | |
5693 | if (ctx.error) { | |
5694 | xout->slow = 0; | |
5695 | if (xin->odp_actions) { | |
5696 | ofpbuf_clear(xin->odp_actions); | |
5697 | } | |
5698 | } | |
5699 | return ctx.error; | |
91d6cd12 AW |
5700 | } |
5701 | ||
77ab5fd2 BP |
5702 | enum ofperr |
5703 | xlate_resume(struct ofproto_dpif *ofproto, | |
5704 | const struct ofputil_packet_in_private *pin, | |
5705 | struct ofpbuf *odp_actions, | |
5706 | enum slow_path_reason *slow) | |
5707 | { | |
5708 | struct dp_packet packet; | |
5709 | dp_packet_use_const(&packet, pin->public.packet, | |
5710 | pin->public.packet_len); | |
5711 | ||
5712 | struct flow flow; | |
5713 | flow_extract(&packet, &flow); | |
5714 | ||
5715 | struct xlate_in xin; | |
1f4a8933 JR |
5716 | xlate_in_init(&xin, ofproto, ofproto_dpif_get_tables_version(ofproto), |
5717 | &flow, 0, NULL, ntohs(flow.tcp_flags), | |
77ab5fd2 BP |
5718 | &packet, NULL, odp_actions); |
5719 | ||
5720 | struct ofpact_note noop; | |
5721 | ofpact_init_NOTE(&noop); | |
5722 | noop.length = 0; | |
5723 | ||
5724 | bool any_actions = pin->actions_len > 0; | |
5725 | struct frozen_state state = { | |
5726 | .table_id = 0, /* Not the table where NXAST_PAUSE was executed. */ | |
5727 | .ofproto_uuid = pin->bridge, | |
5728 | .stack = pin->stack, | |
5729 | .n_stack = pin->n_stack, | |
5730 | .mirrors = pin->mirrors, | |
5731 | .conntracked = pin->conntracked, | |
5732 | ||
5733 | /* When there are no actions, xlate_actions() will search the flow | |
5734 | * table. We don't want it to do that (we want it to resume), so | |
5735 | * supply a no-op action if there aren't any. | |
5736 | * | |
5737 | * (We can't necessarily avoid translating actions entirely if there | |
5738 | * aren't any actions, because there might be some finishing-up to do | |
5739 | * at the end of the pipeline, and we don't check for those | |
5740 | * conditions.) */ | |
5741 | .ofpacts = any_actions ? pin->actions : &noop.ofpact, | |
5742 | .ofpacts_len = any_actions ? pin->actions_len : sizeof noop, | |
5743 | ||
5744 | .action_set = pin->action_set, | |
5745 | .action_set_len = pin->action_set_len, | |
5746 | }; | |
5747 | frozen_metadata_from_flow(&state.metadata, | |
5748 | &pin->public.flow_metadata.flow); | |
5749 | xin.frozen_state = &state; | |
5750 | ||
5751 | struct xlate_out xout; | |
5752 | enum xlate_error error = xlate_actions(&xin, &xout); | |
5753 | *slow = xout.slow; | |
5754 | xlate_out_uninit(&xout); | |
5755 | ||
5756 | /* xlate_actions() can generate a number of errors, but only | |
5757 | * XLATE_BRIDGE_NOT_FOUND really stands out to me as one that we should be | |
5758 | * sure to report over OpenFlow. The others could come up in packet-outs | |
5759 | * or regular flow translation and I don't think that it's going to be too | |
5760 | * useful to report them to the controller. */ | |
5761 | return error == XLATE_BRIDGE_NOT_FOUND ? OFPERR_NXR_STALE : 0; | |
5762 | } | |
5763 | ||
2eb79142 JG |
5764 | /* Sends 'packet' out 'ofport'. If 'port' is a tunnel and that tunnel type |
5765 | * supports a notion of an OAM flag, sets it if 'oam' is true. | |
91d6cd12 AW |
5766 | * May modify 'packet'. |
5767 | * Returns 0 if successful, otherwise a positive errno value. */ | |
5768 | int | |
2eb79142 JG |
5769 | xlate_send_packet(const struct ofport_dpif *ofport, bool oam, |
5770 | struct dp_packet *packet) | |
91d6cd12 | 5771 | { |
84f0f298 | 5772 | struct xlate_cfg *xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); |
91d6cd12 | 5773 | struct xport *xport; |
2eb79142 JG |
5774 | uint64_t ofpacts_stub[1024 / 8]; |
5775 | struct ofpbuf ofpacts; | |
91d6cd12 | 5776 | struct flow flow; |
91d6cd12 | 5777 | |
2eb79142 | 5778 | ofpbuf_use_stack(&ofpacts, ofpacts_stub, sizeof ofpacts_stub); |
91d6cd12 | 5779 | /* Use OFPP_NONE as the in_port to avoid special packet processing. */ |
cf62fa4c | 5780 | flow_extract(packet, &flow); |
b5e7e61a | 5781 | flow.in_port.ofp_port = OFPP_NONE; |
91d6cd12 | 5782 | |
84f0f298 | 5783 | xport = xport_lookup(xcfg, ofport); |
91d6cd12 | 5784 | if (!xport) { |
02ea2703 | 5785 | return EINVAL; |
91d6cd12 | 5786 | } |
2eb79142 JG |
5787 | |
5788 | if (oam) { | |
128684a6 JR |
5789 | const ovs_be16 oam = htons(NX_TUN_FLAG_OAM); |
5790 | ofpact_put_set_field(&ofpacts, mf_from_id(MFF_TUN_FLAGS), &oam, &oam); | |
2eb79142 JG |
5791 | } |
5792 | ||
5793 | ofpact_put_OUTPUT(&ofpacts)->port = xport->ofp_port; | |
e491a67a | 5794 | |
1f4a8933 JR |
5795 | /* Actions here are not referring to anything versionable (flow tables or |
5796 | * groups) so we don't need to worry about the version here. */ | |
5797 | return ofproto_dpif_execute_actions(xport->xbridge->ofproto, | |
5798 | OVS_VERSION_MAX, &flow, NULL, | |
2eb79142 | 5799 | ofpacts.data, ofpacts.size, packet); |
9583bc14 | 5800 | } |
b256dc52 | 5801 | |
901a517e | 5802 | void |
064799a1 JR |
5803 | xlate_mac_learning_update(const struct ofproto_dpif *ofproto, |
5804 | ofp_port_t in_port, struct eth_addr dl_src, | |
5805 | int vlan, bool is_grat_arp) | |
b256dc52 | 5806 | { |
84f0f298 | 5807 | struct xlate_cfg *xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); |
b256dc52 JS |
5808 | struct xbridge *xbridge; |
5809 | struct xbundle *xbundle; | |
b256dc52 | 5810 | |
84f0f298 | 5811 | xbridge = xbridge_lookup(xcfg, ofproto); |
b256dc52 JS |
5812 | if (!xbridge) { |
5813 | return; | |
5814 | } | |
5815 | ||
064799a1 | 5816 | xbundle = lookup_input_bundle(xbridge, in_port, false, NULL); |
b256dc52 JS |
5817 | if (!xbundle) { |
5818 | return; | |
5819 | } | |
5820 | ||
064799a1 | 5821 | update_learning_table(xbridge, xbundle, dl_src, vlan, is_grat_arp); |
b256dc52 | 5822 | } |