]>
Commit | Line | Data |
---|---|---|
9bfe9334 | 1 | /* Copyright (c) 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016 Nicira, Inc. |
9583bc14 EJ |
2 | * |
3 | * Licensed under the Apache License, Version 2.0 (the "License"); | |
4 | * you may not use this file except in compliance with the License. | |
5 | * You may obtain a copy of the License at: | |
6 | * | |
7 | * http://www.apache.org/licenses/LICENSE-2.0 | |
8 | * | |
9 | * Unless required by applicable law or agreed to in writing, software | |
10 | * distributed under the License is distributed on an "AS IS" BASIS, | |
11 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
12 | * See the License for the specific language governing permissions and | |
13 | * limitations under the License. */ | |
14 | ||
15 | #include <config.h> | |
16 | ||
17 | #include "ofproto/ofproto-dpif-xlate.h" | |
18 | ||
8449c4d6 | 19 | #include <errno.h> |
a36de779 PS |
20 | #include <arpa/inet.h> |
21 | #include <net/if.h> | |
22 | #include <sys/socket.h> | |
23 | #include <netinet/in.h> | |
8449c4d6 | 24 | |
db7d4e46 | 25 | #include "bfd.h" |
9583bc14 EJ |
26 | #include "bitmap.h" |
27 | #include "bond.h" | |
28 | #include "bundle.h" | |
29 | #include "byte-order.h" | |
db7d4e46 | 30 | #include "cfm.h" |
9583bc14 EJ |
31 | #include "connmgr.h" |
32 | #include "coverage.h" | |
46445c63 | 33 | #include "csum.h" |
e14deea0 | 34 | #include "dp-packet.h" |
9583bc14 | 35 | #include "dpif.h" |
f7f1ea29 | 36 | #include "in-band.h" |
db7d4e46 | 37 | #include "lacp.h" |
9583bc14 EJ |
38 | #include "learn.h" |
39 | #include "mac-learning.h" | |
6d95c4e8 | 40 | #include "mcast-snooping.h" |
9583bc14 EJ |
41 | #include "multipath.h" |
42 | #include "netdev-vport.h" | |
43 | #include "netlink.h" | |
44 | #include "nx-match.h" | |
45 | #include "odp-execute.h" | |
9583bc14 | 46 | #include "ofproto/ofproto-dpif-ipfix.h" |
ec7ceaed | 47 | #include "ofproto/ofproto-dpif-mirror.h" |
60d02c72 | 48 | #include "ofproto/ofproto-dpif-monitor.h" |
9583bc14 | 49 | #include "ofproto/ofproto-dpif-sflow.h" |
901a517e | 50 | #include "ofproto/ofproto-dpif-xlate-cache.h" |
9583bc14 | 51 | #include "ofproto/ofproto-dpif.h" |
6f00e29b | 52 | #include "ofproto/ofproto-provider.h" |
b598f214 BW |
53 | #include "openvswitch/dynamic-string.h" |
54 | #include "openvswitch/meta-flow.h" | |
55 | #include "openvswitch/list.h" | |
56 | #include "openvswitch/ofp-actions.h" | |
57 | #include "openvswitch/vlog.h" | |
58 | #include "ovs-lldp.h" | |
a36de779 | 59 | #include "ovs-router.h" |
b598f214 BW |
60 | #include "packets.h" |
61 | #include "tnl-neigh-cache.h" | |
a36de779 | 62 | #include "tnl-ports.h" |
9583bc14 | 63 | #include "tunnel.h" |
ee89ea7b | 64 | #include "util.h" |
9583bc14 | 65 | |
46c88433 | 66 | COVERAGE_DEFINE(xlate_actions); |
0f032e95 | 67 | COVERAGE_DEFINE(xlate_actions_oversize); |
7d031d7e | 68 | COVERAGE_DEFINE(xlate_actions_too_many_output); |
9583bc14 EJ |
69 | |
70 | VLOG_DEFINE_THIS_MODULE(ofproto_dpif_xlate); | |
71 | ||
8a553e9a | 72 | /* Maximum depth of flow table recursion (due to resubmit actions) in a |
790c5d26 BP |
73 | * flow translation. |
74 | * | |
75 | * The goal of limiting the depth of resubmits is to ensure that flow | |
76 | * translation eventually terminates. Only resubmits to the same table or an | |
77 | * earlier table count against the maximum depth. This is because resubmits to | |
78 | * strictly monotonically increasing table IDs will eventually terminate, since | |
79 | * any OpenFlow switch has a finite number of tables. OpenFlow tables are most | |
80 | * commonly traversed in numerically increasing order, so this limit has little | |
81 | * effect on conventionally designed OpenFlow pipelines. | |
82 | * | |
83 | * Outputs to patch ports and to groups also count against the depth limit. */ | |
84 | #define MAX_DEPTH 64 | |
8a553e9a | 85 | |
98b07853 BP |
86 | /* Maximum number of resubmit actions in a flow translation, whether they are |
87 | * recursive or not. */ | |
790c5d26 | 88 | #define MAX_RESUBMITS (MAX_DEPTH * MAX_DEPTH) |
98b07853 | 89 | |
46c88433 EJ |
90 | struct xbridge { |
91 | struct hmap_node hmap_node; /* Node in global 'xbridges' map. */ | |
92 | struct ofproto_dpif *ofproto; /* Key in global 'xbridges' map. */ | |
93 | ||
ca6ba700 | 94 | struct ovs_list xbundles; /* Owned xbundles. */ |
46c88433 EJ |
95 | struct hmap xports; /* Indexed by ofp_port. */ |
96 | ||
97 | char *name; /* Name used in log messages. */ | |
89a8a7f0 | 98 | struct dpif *dpif; /* Datapath interface. */ |
46c88433 | 99 | struct mac_learning *ml; /* Mac learning handle. */ |
6d95c4e8 | 100 | struct mcast_snooping *ms; /* Multicast Snooping handle. */ |
46c88433 EJ |
101 | struct mbridge *mbridge; /* Mirroring. */ |
102 | struct dpif_sflow *sflow; /* SFlow handle, or null. */ | |
103 | struct dpif_ipfix *ipfix; /* Ipfix handle, or null. */ | |
ce3955be | 104 | struct netflow *netflow; /* Netflow handle, or null. */ |
9d189a50 | 105 | struct stp *stp; /* STP or null if disabled. */ |
9efd308e | 106 | struct rstp *rstp; /* RSTP or null if disabled. */ |
46c88433 | 107 | |
46c88433 EJ |
108 | bool has_in_band; /* Bridge has in band control? */ |
109 | bool forward_bpdu; /* Bridge forwards STP BPDUs? */ | |
4b97b70d | 110 | |
b440dd8c JS |
111 | /* Datapath feature support. */ |
112 | struct dpif_backer_support support; | |
46c88433 EJ |
113 | }; |
114 | ||
115 | struct xbundle { | |
116 | struct hmap_node hmap_node; /* In global 'xbundles' map. */ | |
117 | struct ofbundle *ofbundle; /* Key in global 'xbundles' map. */ | |
118 | ||
ca6ba700 | 119 | struct ovs_list list_node; /* In parent 'xbridges' list. */ |
46c88433 EJ |
120 | struct xbridge *xbridge; /* Parent xbridge. */ |
121 | ||
ca6ba700 | 122 | struct ovs_list xports; /* Contains "struct xport"s. */ |
46c88433 EJ |
123 | |
124 | char *name; /* Name used in log messages. */ | |
125 | struct bond *bond; /* Nonnull iff more than one port. */ | |
126 | struct lacp *lacp; /* LACP handle or null. */ | |
127 | ||
128 | enum port_vlan_mode vlan_mode; /* VLAN mode. */ | |
129 | int vlan; /* -1=trunk port, else a 12-bit VLAN ID. */ | |
130 | unsigned long *trunks; /* Bitmap of trunked VLANs, if 'vlan' == -1. | |
131 | * NULL if all VLANs are trunked. */ | |
132 | bool use_priority_tags; /* Use 802.1p tag for frames in VLAN 0? */ | |
133 | bool floodable; /* No port has OFPUTIL_PC_NO_FLOOD set? */ | |
c005f976 | 134 | bool protected; /* Protected port mode */ |
46c88433 EJ |
135 | }; |
136 | ||
137 | struct xport { | |
138 | struct hmap_node hmap_node; /* Node in global 'xports' map. */ | |
139 | struct ofport_dpif *ofport; /* Key in global 'xports map. */ | |
140 | ||
141 | struct hmap_node ofp_node; /* Node in parent xbridge 'xports' map. */ | |
142 | ofp_port_t ofp_port; /* Key in parent xbridge 'xports' map. */ | |
143 | ||
144 | odp_port_t odp_port; /* Datapath port number or ODPP_NONE. */ | |
145 | ||
ca6ba700 | 146 | struct ovs_list bundle_node; /* In parent xbundle (if it exists). */ |
46c88433 EJ |
147 | struct xbundle *xbundle; /* Parent xbundle or null. */ |
148 | ||
149 | struct netdev *netdev; /* 'ofport''s netdev. */ | |
150 | ||
151 | struct xbridge *xbridge; /* Parent bridge. */ | |
152 | struct xport *peer; /* Patch port peer or null. */ | |
153 | ||
154 | enum ofputil_port_config config; /* OpenFlow port configuration. */ | |
dd8cd4b4 | 155 | enum ofputil_port_state state; /* OpenFlow port state. */ |
92cf817b | 156 | int stp_port_no; /* STP port number or -1 if not in use. */ |
f025bcb7 | 157 | struct rstp_port *rstp_port; /* RSTP port or null. */ |
46c88433 | 158 | |
55954f6e EJ |
159 | struct hmap skb_priorities; /* Map of 'skb_priority_to_dscp's. */ |
160 | ||
46c88433 EJ |
161 | bool may_enable; /* May be enabled in bonds. */ |
162 | bool is_tunnel; /* Is a tunnel port. */ | |
163 | ||
164 | struct cfm *cfm; /* CFM handle or null. */ | |
165 | struct bfd *bfd; /* BFD handle or null. */ | |
0477baa9 | 166 | struct lldp *lldp; /* LLDP handle or null. */ |
46c88433 EJ |
167 | }; |
168 | ||
4d0acc70 EJ |
169 | struct xlate_ctx { |
170 | struct xlate_in *xin; | |
171 | struct xlate_out *xout; | |
172 | ||
46c88433 | 173 | const struct xbridge *xbridge; |
4d0acc70 EJ |
174 | |
175 | /* Flow at the last commit. */ | |
176 | struct flow base_flow; | |
177 | ||
178 | /* Tunnel IP destination address as received. This is stored separately | |
179 | * as the base_flow.tunnel is cleared on init to reflect the datapath | |
180 | * behavior. Used to make sure not to send tunneled output to ourselves, | |
181 | * which might lead to an infinite loop. This could happen easily | |
182 | * if a tunnel is marked as 'ip_remote=flow', and the flow does not | |
183 | * actually set the tun_dst field. */ | |
e4d3706c | 184 | struct in6_addr orig_tunnel_ipv6_dst; |
4d0acc70 | 185 | |
84cf3c1f JR |
186 | /* Stack for the push and pop actions. See comment above nx_stack_push() |
187 | * in nx-match.c for info on how the stack is stored. */ | |
4d0acc70 EJ |
188 | struct ofpbuf stack; |
189 | ||
190 | /* The rule that we are currently translating, or NULL. */ | |
191 | struct rule_dpif *rule; | |
192 | ||
49a73e0c BP |
193 | /* Flow translation populates this with wildcards relevant in translation. |
194 | * When 'xin->wc' is nonnull, this is the same pointer. When 'xin->wc' is | |
c0e638aa | 195 | * null, this is a pointer to a temporary buffer. */ |
49a73e0c BP |
196 | struct flow_wildcards *wc; |
197 | ||
1520ef4f BP |
198 | /* Output buffer for datapath actions. When 'xin->odp_actions' is nonnull, |
199 | * this is the same pointer. When 'xin->odp_actions' is null, this points | |
200 | * to a scratch ofpbuf. This allows code to add actions to | |
201 | * 'ctx->odp_actions' without worrying about whether the caller really | |
202 | * wants actions. */ | |
203 | struct ofpbuf *odp_actions; | |
204 | ||
790c5d26 BP |
205 | /* Statistics maintained by xlate_table_action(). |
206 | * | |
207 | * 'indentation' is the nesting level for resubmits. It is used to indent | |
208 | * the output of resubmit_hook (e.g. for the "ofproto/trace" feature). | |
209 | * | |
210 | * The other statistics limit the amount of work that a single flow | |
211 | * translation can perform. The goal of the first of these, 'depth', is | |
212 | * primarily to prevent translation from performing an infinite amount of | |
213 | * work. It counts the current depth of nested "resubmit"s (and a few | |
214 | * other activities); when a resubmit returns, it decreases. Resubmits to | |
215 | * tables in strictly monotonically increasing order don't contribute to | |
216 | * 'depth' because they cannot cause a flow translation to take an infinite | |
217 | * amount of time (because the number of tables is finite). Translation | |
218 | * aborts when 'depth' exceeds MAX_DEPTH. | |
219 | * | |
220 | * 'resubmits', on the other hand, prevents flow translation from | |
221 | * performing an extraordinarily large while still finite amount of work. | |
222 | * It counts the total number of resubmits (and a few other activities) | |
223 | * that have been executed. Returning from a resubmit does not affect this | |
224 | * counter. Thus, this limits the amount of work that a particular | |
225 | * translation can perform. Translation aborts when 'resubmits' exceeds | |
226 | * MAX_RESUBMITS (which is much larger than MAX_DEPTH). | |
227 | */ | |
228 | int indentation; /* Indentation level for resubmit_hook. */ | |
229 | int depth; /* Current resubmit nesting depth. */ | |
98b07853 | 230 | int resubmits; /* Total number of resubmits. */ |
5a070238 | 231 | bool in_group; /* Currently translating ofgroup, if true. */ |
029ca940 | 232 | bool in_action_set; /* Currently translating action_set, if true. */ |
98b07853 | 233 | |
4d0acc70 | 234 | uint8_t table_id; /* OpenFlow table ID where flow was found. */ |
8b1e5560 JR |
235 | ovs_be64 rule_cookie; /* Cookie of the rule being translated. */ |
236 | uint32_t orig_skb_priority; /* Priority when packet arrived. */ | |
4d0acc70 | 237 | uint32_t sflow_n_outputs; /* Number of output ports. */ |
4e022ec0 | 238 | odp_port_t sflow_odp_port; /* Output port for composing sFlow action. */ |
2031ef97 | 239 | ofp_port_t nf_output_iface; /* Output interface index for NetFlow. */ |
4d0acc70 | 240 | bool exit; /* No further actions should be processed. */ |
3d6151f3 | 241 | mirror_mask_t mirrors; /* Bitmap of associated mirrors. */ |
1356dbd1 | 242 | int mirror_snaplen; /* Max size of a mirror packet in byte. */ |
7fdb60a7 | 243 | |
1d361a81 BP |
244 | /* Freezing Translation |
245 | * ==================== | |
e672ff9b | 246 | * |
1d361a81 BP |
247 | * At some point during translation, the code may recognize the need to halt |
248 | * and checkpoint the translation in a way that it can be restarted again | |
249 | * later. We call the checkpointing process "freezing" and the restarting | |
250 | * process "thawing". | |
e672ff9b | 251 | * |
1d361a81 | 252 | * The use cases for freezing are: |
e672ff9b | 253 | * |
1d361a81 BP |
254 | * - "Recirculation", where the translation process discovers that it |
255 | * doesn't have enough information to complete translation without | |
256 | * actually executing the actions that have already been translated, | |
257 | * which provides the additionally needed information. In these | |
258 | * situations, translation freezes translation and assigns the frozen | |
259 | * data a unique "recirculation ID", which it associates with the data | |
260 | * in a table in userspace (see ofproto-dpif-rid.h). It also adds a | |
261 | * OVS_ACTION_ATTR_RECIRC action specifying that ID to the datapath | |
262 | * actions. When a packet hits that action, the datapath looks its | |
263 | * flow up again using the ID. If there's a miss, it comes back to | |
264 | * userspace, which find the recirculation table entry for the ID, | |
265 | * thaws the associated frozen data, and continues translation from | |
266 | * that point given the additional information that is now known. | |
e672ff9b | 267 | * |
1d361a81 BP |
268 | * The archetypal example is MPLS. As MPLS is implemented in |
269 | * OpenFlow, the protocol that follows the last MPLS label becomes | |
270 | * known only when that label is popped by an OpenFlow action. That | |
271 | * means that Open vSwitch can't extract the headers beyond the MPLS | |
272 | * labels until the pop action is executed. Thus, at that point | |
273 | * translation uses the recirculation process to extract the headers | |
274 | * beyond the MPLS labels. | |
e672ff9b | 275 | * |
1d361a81 BP |
276 | * (OVS also uses OVS_ACTION_ATTR_RECIRC to implement hashing for |
277 | * output to bonds. OVS pre-populates all the datapath flows for bond | |
278 | * output in the datapath, though, which means that the elaborate | |
279 | * process of coming back to userspace for a second round of | |
280 | * translation isn't needed, and so bonds don't follow the above | |
281 | * process.) | |
e672ff9b | 282 | * |
77ab5fd2 BP |
283 | * - "Continuation". A continuation is a way for an OpenFlow controller |
284 | * to interpose on a packet's traversal of the OpenFlow tables. When | |
285 | * the translation process encounters a "controller" action with the | |
286 | * "pause" flag, it freezes translation, serializes the frozen data, | |
287 | * and sends it to an OpenFlow controller. The controller then | |
288 | * examines and possibly modifies the frozen data and eventually sends | |
289 | * it back to the switch, which thaws it and continues translation. | |
e672ff9b | 290 | * |
1d361a81 BP |
291 | * The main problem of freezing translation is preserving state, so that |
292 | * when the translation is thawed later it resumes from where it left off, | |
293 | * without disruption. In particular, actions must be preserved as follows: | |
294 | * | |
295 | * - If we're freezing because an action needed more information, the | |
296 | * action that prompted it. | |
297 | * | |
298 | * - Any actions remaining to be translated within the current flow. | |
299 | * | |
300 | * - If translation was frozen within a NXAST_RESUBMIT, then any actions | |
301 | * following the resubmit action. Resubmit actions can be nested, so | |
302 | * this has to go all the way up the control stack. | |
e672ff9b JR |
303 | * |
304 | * - The OpenFlow 1.1+ action set. | |
305 | * | |
306 | * State that actions and flow table lookups can depend on, such as the | |
307 | * following, must also be preserved: | |
308 | * | |
309 | * - Metadata fields (input port, registers, OF1.1+ metadata, ...). | |
310 | * | |
1d361a81 | 311 | * - The stack used by NXAST_STACK_PUSH and NXAST_STACK_POP actions. |
e672ff9b JR |
312 | * |
313 | * - The table ID and cookie of the flow being translated at each level | |
1d361a81 BP |
314 | * of the control stack, because these can become visible through |
315 | * OFPAT_CONTROLLER actions (and other ways). | |
e672ff9b JR |
316 | * |
317 | * Translation allows for the control of this state preservation via these | |
1d361a81 BP |
318 | * members. When a need to freeze translation is identified, the |
319 | * translation process: | |
e672ff9b | 320 | * |
1d361a81 | 321 | * 1. Sets 'freezing' to true. |
e672ff9b JR |
322 | * |
323 | * 2. Sets 'exit' to true to tell later steps that we're exiting from the | |
324 | * translation process. | |
325 | * | |
1d361a81 BP |
326 | * 3. Adds an OFPACT_UNROLL_XLATE action to 'frozen_actions', and points |
327 | * frozen_actions.header to the action to make it easy to find it later. | |
328 | * This action holds the current table ID and cookie so that they can be | |
329 | * restored during a post-recirculation upcall translation. | |
e672ff9b JR |
330 | * |
331 | * 4. Adds the action that prompted recirculation and any actions following | |
1d361a81 | 332 | * it within the same flow to 'frozen_actions', so that they can be |
8a5fb3b4 | 333 | * executed during a post-recirculation upcall translation. |
e672ff9b JR |
334 | * |
335 | * 5. Returns. | |
336 | * | |
337 | * 6. The action that prompted recirculation might be nested in a stack of | |
338 | * nested "resubmit"s that have actions remaining. Each of these notices | |
1d361a81 BP |
339 | * that we're exiting and freezing and responds by adding more |
340 | * OFPACT_UNROLL_XLATE actions to 'frozen_actions', as necessary, | |
341 | * followed by any actions that were yet unprocessed. | |
e672ff9b | 342 | * |
1d361a81 BP |
343 | * If we're freezing because of recirculation, the caller generates a |
344 | * recirculation ID and associates all the state produced by this process | |
345 | * with it. For post-recirculation upcall translation, the caller passes it | |
346 | * back in for the new translation to execute. The process yielded a set of | |
347 | * ofpacts that can be translated directly, so it is not much of a special | |
348 | * case at that point. | |
e672ff9b | 349 | */ |
1d361a81 | 350 | bool freezing; |
53cc166a JR |
351 | bool recirc_update_dp_hash; /* Generated recirculation will be preceded |
352 | * by datapath HASH action to get an updated | |
353 | * dp_hash after recirculation. */ | |
354 | uint32_t dp_hash_alg; | |
355 | uint32_t dp_hash_basis; | |
1d361a81 | 356 | struct ofpbuf frozen_actions; |
77ab5fd2 | 357 | const struct ofpact_controller *pause; |
e672ff9b | 358 | |
e12ec36b SH |
359 | /* True if a packet was but is no longer MPLS (due to an MPLS pop action). |
360 | * This is a trigger for recirculation in cases where translating an action | |
361 | * or looking up a flow requires access to the fields of the packet after | |
362 | * the MPLS label stack that was originally present. */ | |
363 | bool was_mpls; | |
364 | ||
07659514 JS |
365 | /* True if conntrack has been performed on this packet during processing |
366 | * on the current bridge. This is used to determine whether conntrack | |
1d361a81 | 367 | * state from the datapath should be honored after thawing. */ |
07659514 JS |
368 | bool conntracked; |
369 | ||
9ac0aada JR |
370 | /* Pointer to an embedded NAT action in a conntrack action, or NULL. */ |
371 | struct ofpact_nat *ct_nat_action; | |
372 | ||
7fdb60a7 SH |
373 | /* OpenFlow 1.1+ action set. |
374 | * | |
375 | * 'action_set' accumulates "struct ofpact"s added by OFPACT_WRITE_ACTIONS. | |
376 | * When translation is otherwise complete, ofpacts_execute_action_set() | |
377 | * converts it to a set of "struct ofpact"s that can be translated into | |
ed9c9e3e | 378 | * datapath actions. */ |
c61f3870 | 379 | bool action_set_has_group; /* Action set contains OFPACT_GROUP? */ |
7fdb60a7 | 380 | struct ofpbuf action_set; /* Action set. */ |
fff1b9c0 JR |
381 | |
382 | enum xlate_error error; /* Translation failed. */ | |
4d0acc70 EJ |
383 | }; |
384 | ||
fff1b9c0 JR |
385 | const char *xlate_strerror(enum xlate_error error) |
386 | { | |
387 | switch (error) { | |
388 | case XLATE_OK: | |
389 | return "OK"; | |
390 | case XLATE_BRIDGE_NOT_FOUND: | |
391 | return "Bridge not found"; | |
392 | case XLATE_RECURSION_TOO_DEEP: | |
393 | return "Recursion too deep"; | |
394 | case XLATE_TOO_MANY_RESUBMITS: | |
395 | return "Too many resubmits"; | |
396 | case XLATE_STACK_TOO_DEEP: | |
397 | return "Stack too deep"; | |
398 | case XLATE_NO_RECIRCULATION_CONTEXT: | |
399 | return "No recirculation context"; | |
400 | case XLATE_RECIRCULATION_CONFLICT: | |
401 | return "Recirculation conflict"; | |
402 | case XLATE_TOO_MANY_MPLS_LABELS: | |
403 | return "Too many MPLS labels"; | |
8d8ab6c2 JG |
404 | case XLATE_INVALID_TUNNEL_METADATA: |
405 | return "Invalid tunnel metadata"; | |
fff1b9c0 JR |
406 | } |
407 | return "Unknown error"; | |
408 | } | |
409 | ||
ed9c9e3e | 410 | static void xlate_action_set(struct xlate_ctx *ctx); |
704bb0bf | 411 | static void xlate_commit_actions(struct xlate_ctx *ctx); |
ed9c9e3e | 412 | |
1d741d6d | 413 | static void |
1d361a81 | 414 | ctx_trigger_freeze(struct xlate_ctx *ctx) |
1d741d6d JR |
415 | { |
416 | ctx->exit = true; | |
1d361a81 | 417 | ctx->freezing = true; |
1d741d6d JR |
418 | } |
419 | ||
53cc166a JR |
420 | static void |
421 | ctx_trigger_recirculate_with_hash(struct xlate_ctx *ctx, uint32_t type, | |
422 | uint32_t basis) | |
423 | { | |
424 | ctx->exit = true; | |
425 | ctx->freezing = true; | |
426 | ctx->recirc_update_dp_hash = true; | |
427 | ctx->dp_hash_alg = type; | |
428 | ctx->dp_hash_basis = basis; | |
429 | } | |
430 | ||
1d741d6d | 431 | static bool |
1d361a81 | 432 | ctx_first_frozen_action(const struct xlate_ctx *ctx) |
1d741d6d | 433 | { |
1d361a81 | 434 | return !ctx->frozen_actions.size; |
e672ff9b JR |
435 | } |
436 | ||
3293cb85 | 437 | static void |
1d361a81 | 438 | ctx_cancel_freeze(struct xlate_ctx *ctx) |
3293cb85 | 439 | { |
1d361a81 BP |
440 | if (ctx->freezing) { |
441 | ctx->freezing = false; | |
53cc166a | 442 | ctx->recirc_update_dp_hash = false; |
1d361a81 BP |
443 | ofpbuf_clear(&ctx->frozen_actions); |
444 | ctx->frozen_actions.header = NULL; | |
3293cb85 BP |
445 | } |
446 | } | |
447 | ||
77ab5fd2 | 448 | static void finish_freezing(struct xlate_ctx *ctx); |
e672ff9b | 449 | |
9583bc14 EJ |
450 | /* A controller may use OFPP_NONE as the ingress port to indicate that |
451 | * it did not arrive on a "real" port. 'ofpp_none_bundle' exists for | |
452 | * when an input bundle is needed for validation (e.g., mirroring or | |
453 | * OFPP_NORMAL processing). It is not connected to an 'ofproto' or have | |
3548d242 BP |
454 | * any 'port' structs, so care must be taken when dealing with it. */ |
455 | static struct xbundle ofpp_none_bundle = { | |
456 | .name = "OFPP_NONE", | |
457 | .vlan_mode = PORT_VLAN_TRUNK | |
458 | }; | |
9583bc14 | 459 | |
55954f6e EJ |
460 | /* Node in 'xport''s 'skb_priorities' map. Used to maintain a map from |
461 | * 'priority' (the datapath's term for QoS queue) to the dscp bits which all | |
462 | * traffic egressing the 'ofport' with that priority should be marked with. */ | |
463 | struct skb_priority_to_dscp { | |
464 | struct hmap_node hmap_node; /* Node in 'ofport_dpif''s 'skb_priorities'. */ | |
465 | uint32_t skb_priority; /* Priority of this queue (see struct flow). */ | |
466 | ||
467 | uint8_t dscp; /* DSCP bits to mark outgoing traffic with. */ | |
468 | }; | |
469 | ||
84f0f298 RW |
470 | /* Xlate config contains hash maps of all bridges, bundles and ports. |
471 | * Xcfgp contains the pointer to the current xlate configuration. | |
472 | * When the main thread needs to change the configuration, it copies xcfgp to | |
473 | * new_xcfg and edits new_xcfg. This enables the use of RCU locking which | |
474 | * does not block handler and revalidator threads. */ | |
475 | struct xlate_cfg { | |
476 | struct hmap xbridges; | |
477 | struct hmap xbundles; | |
478 | struct hmap xports; | |
479 | }; | |
b1b72f2d | 480 | static OVSRCU_TYPE(struct xlate_cfg *) xcfgp = OVSRCU_INITIALIZER(NULL); |
f439f23b | 481 | static struct xlate_cfg *new_xcfg = NULL; |
46c88433 EJ |
482 | |
483 | static bool may_receive(const struct xport *, struct xlate_ctx *); | |
9583bc14 EJ |
484 | static void do_xlate_actions(const struct ofpact *, size_t ofpacts_len, |
485 | struct xlate_ctx *); | |
adcf00ba | 486 | static void xlate_normal(struct xlate_ctx *); |
c1b3756c BP |
487 | static inline void xlate_report(struct xlate_ctx *, const char *, ...) |
488 | OVS_PRINTF_FORMAT(2, 3); | |
6d328fa2 SH |
489 | static void xlate_table_action(struct xlate_ctx *, ofp_port_t in_port, |
490 | uint8_t table_id, bool may_packet_in, | |
491 | bool honor_table_miss); | |
46c88433 EJ |
492 | static bool input_vid_is_valid(uint16_t vid, struct xbundle *, bool warn); |
493 | static uint16_t input_vid_to_vlan(const struct xbundle *, uint16_t vid); | |
494 | static void output_normal(struct xlate_ctx *, const struct xbundle *, | |
9583bc14 | 495 | uint16_t vlan); |
e93ef1c7 JR |
496 | |
497 | /* Optional bond recirculation parameter to compose_output_action(). */ | |
498 | struct xlate_bond_recirc { | |
499 | uint32_t recirc_id; /* !0 Use recirculation instead of output. */ | |
500 | uint8_t hash_alg; /* !0 Compute hash for recirc before. */ | |
501 | uint32_t hash_basis; /* Compute hash for recirc before. */ | |
502 | }; | |
503 | ||
504 | static void compose_output_action(struct xlate_ctx *, ofp_port_t ofp_port, | |
505 | const struct xlate_bond_recirc *xr); | |
9583bc14 | 506 | |
84f0f298 RW |
507 | static struct xbridge *xbridge_lookup(struct xlate_cfg *, |
508 | const struct ofproto_dpif *); | |
290835f9 BP |
509 | static struct xbridge *xbridge_lookup_by_uuid(struct xlate_cfg *, |
510 | const struct uuid *); | |
84f0f298 RW |
511 | static struct xbundle *xbundle_lookup(struct xlate_cfg *, |
512 | const struct ofbundle *); | |
513 | static struct xport *xport_lookup(struct xlate_cfg *, | |
514 | const struct ofport_dpif *); | |
46c88433 | 515 | static struct xport *get_ofp_port(const struct xbridge *, ofp_port_t ofp_port); |
55954f6e EJ |
516 | static struct skb_priority_to_dscp *get_skb_priority(const struct xport *, |
517 | uint32_t skb_priority); | |
518 | static void clear_skb_priorities(struct xport *); | |
16194afd | 519 | static size_t count_skb_priorities(const struct xport *); |
55954f6e EJ |
520 | static bool dscp_from_skb_priority(const struct xport *, uint32_t skb_priority, |
521 | uint8_t *dscp); | |
46c88433 | 522 | |
84f0f298 RW |
523 | static void xlate_xbridge_init(struct xlate_cfg *, struct xbridge *); |
524 | static void xlate_xbundle_init(struct xlate_cfg *, struct xbundle *); | |
525 | static void xlate_xport_init(struct xlate_cfg *, struct xport *); | |
9efd308e | 526 | static void xlate_xbridge_set(struct xbridge *, struct dpif *, |
9efd308e DV |
527 | const struct mac_learning *, struct stp *, |
528 | struct rstp *, const struct mcast_snooping *, | |
529 | const struct mbridge *, | |
530 | const struct dpif_sflow *, | |
531 | const struct dpif_ipfix *, | |
2f47cdf4 | 532 | const struct netflow *, |
84f0f298 | 533 | bool forward_bpdu, bool has_in_band, |
b440dd8c | 534 | const struct dpif_backer_support *); |
84f0f298 RW |
535 | static void xlate_xbundle_set(struct xbundle *xbundle, |
536 | enum port_vlan_mode vlan_mode, int vlan, | |
537 | unsigned long *trunks, bool use_priority_tags, | |
538 | const struct bond *bond, const struct lacp *lacp, | |
c005f976 | 539 | bool floodable, bool protected); |
84f0f298 RW |
540 | static void xlate_xport_set(struct xport *xport, odp_port_t odp_port, |
541 | const struct netdev *netdev, const struct cfm *cfm, | |
0477baa9 DF |
542 | const struct bfd *bfd, const struct lldp *lldp, |
543 | int stp_port_no, const struct rstp_port *rstp_port, | |
84f0f298 RW |
544 | enum ofputil_port_config config, |
545 | enum ofputil_port_state state, bool is_tunnel, | |
546 | bool may_enable); | |
547 | static void xlate_xbridge_remove(struct xlate_cfg *, struct xbridge *); | |
548 | static void xlate_xbundle_remove(struct xlate_cfg *, struct xbundle *); | |
549 | static void xlate_xport_remove(struct xlate_cfg *, struct xport *); | |
550 | static void xlate_xbridge_copy(struct xbridge *); | |
551 | static void xlate_xbundle_copy(struct xbridge *, struct xbundle *); | |
552 | static void xlate_xport_copy(struct xbridge *, struct xbundle *, | |
553 | struct xport *); | |
554 | static void xlate_xcfg_free(struct xlate_cfg *); | |
b256dc52 | 555 | |
34dd0d78 | 556 | static inline void |
c1b3756c | 557 | xlate_report(struct xlate_ctx *ctx, const char *format, ...) |
34dd0d78 JR |
558 | { |
559 | if (OVS_UNLIKELY(ctx->xin->report_hook)) { | |
c1b3756c BP |
560 | va_list args; |
561 | ||
562 | va_start(args, format); | |
9a9b001a | 563 | ctx->xin->report_hook(ctx->xin, ctx->indentation, format, args); |
c1b3756c | 564 | va_end(args); |
34dd0d78 JR |
565 | } |
566 | } | |
84f0f298 | 567 | |
fff1b9c0 JR |
568 | static struct vlog_rate_limit error_report_rl = VLOG_RATE_LIMIT_INIT(1, 5); |
569 | ||
a716ef9a JS |
570 | #define XLATE_REPORT_ERROR(CTX, ...) \ |
571 | do { \ | |
572 | if (OVS_UNLIKELY((CTX)->xin->report_hook)) { \ | |
573 | xlate_report(CTX, __VA_ARGS__); \ | |
574 | } else { \ | |
575 | struct ds ds = DS_EMPTY_INITIALIZER; \ | |
576 | \ | |
577 | ds_put_format(&ds, __VA_ARGS__); \ | |
578 | ds_put_cstr(&ds, ": "); \ | |
e91e0e58 | 579 | flow_format(&ds, &(CTX)->base_flow); \ |
26f858a9 | 580 | VLOG_ERR_RL(&error_report_rl, "%s", ds_cstr(&ds)); \ |
a716ef9a JS |
581 | ds_destroy(&ds); \ |
582 | } \ | |
fff1b9c0 JR |
583 | } while (0) |
584 | ||
d6bef3cc BP |
585 | static inline void |
586 | xlate_report_actions(struct xlate_ctx *ctx, const char *title, | |
587 | const struct ofpact *ofpacts, size_t ofpacts_len) | |
588 | { | |
589 | if (OVS_UNLIKELY(ctx->xin->report_hook)) { | |
590 | struct ds s = DS_EMPTY_INITIALIZER; | |
591 | ofpacts_format(ofpacts, ofpacts_len, &s); | |
592 | xlate_report(ctx, "%s: %s", title, ds_cstr(&s)); | |
593 | ds_destroy(&s); | |
594 | } | |
595 | } | |
596 | ||
84f0f298 RW |
597 | static void |
598 | xlate_xbridge_init(struct xlate_cfg *xcfg, struct xbridge *xbridge) | |
599 | { | |
417e7e66 | 600 | ovs_list_init(&xbridge->xbundles); |
84f0f298 RW |
601 | hmap_init(&xbridge->xports); |
602 | hmap_insert(&xcfg->xbridges, &xbridge->hmap_node, | |
603 | hash_pointer(xbridge->ofproto, 0)); | |
604 | } | |
605 | ||
606 | static void | |
607 | xlate_xbundle_init(struct xlate_cfg *xcfg, struct xbundle *xbundle) | |
608 | { | |
417e7e66 BW |
609 | ovs_list_init(&xbundle->xports); |
610 | ovs_list_insert(&xbundle->xbridge->xbundles, &xbundle->list_node); | |
84f0f298 RW |
611 | hmap_insert(&xcfg->xbundles, &xbundle->hmap_node, |
612 | hash_pointer(xbundle->ofbundle, 0)); | |
613 | } | |
614 | ||
615 | static void | |
616 | xlate_xport_init(struct xlate_cfg *xcfg, struct xport *xport) | |
617 | { | |
618 | hmap_init(&xport->skb_priorities); | |
619 | hmap_insert(&xcfg->xports, &xport->hmap_node, | |
620 | hash_pointer(xport->ofport, 0)); | |
621 | hmap_insert(&xport->xbridge->xports, &xport->ofp_node, | |
622 | hash_ofp_port(xport->ofp_port)); | |
623 | } | |
624 | ||
625 | static void | |
626 | xlate_xbridge_set(struct xbridge *xbridge, | |
627 | struct dpif *dpif, | |
ec89fc6f | 628 | const struct mac_learning *ml, struct stp *stp, |
9efd308e | 629 | struct rstp *rstp, const struct mcast_snooping *ms, |
ec89fc6f | 630 | const struct mbridge *mbridge, |
46c88433 | 631 | const struct dpif_sflow *sflow, |
ce3955be | 632 | const struct dpif_ipfix *ipfix, |
2f47cdf4 | 633 | const struct netflow *netflow, |
4b97b70d | 634 | bool forward_bpdu, bool has_in_band, |
b440dd8c | 635 | const struct dpif_backer_support *support) |
46c88433 | 636 | { |
46c88433 EJ |
637 | if (xbridge->ml != ml) { |
638 | mac_learning_unref(xbridge->ml); | |
639 | xbridge->ml = mac_learning_ref(ml); | |
640 | } | |
641 | ||
6d95c4e8 FL |
642 | if (xbridge->ms != ms) { |
643 | mcast_snooping_unref(xbridge->ms); | |
644 | xbridge->ms = mcast_snooping_ref(ms); | |
645 | } | |
646 | ||
46c88433 EJ |
647 | if (xbridge->mbridge != mbridge) { |
648 | mbridge_unref(xbridge->mbridge); | |
649 | xbridge->mbridge = mbridge_ref(mbridge); | |
650 | } | |
651 | ||
652 | if (xbridge->sflow != sflow) { | |
653 | dpif_sflow_unref(xbridge->sflow); | |
654 | xbridge->sflow = dpif_sflow_ref(sflow); | |
655 | } | |
656 | ||
657 | if (xbridge->ipfix != ipfix) { | |
658 | dpif_ipfix_unref(xbridge->ipfix); | |
659 | xbridge->ipfix = dpif_ipfix_ref(ipfix); | |
660 | } | |
661 | ||
9d189a50 EJ |
662 | if (xbridge->stp != stp) { |
663 | stp_unref(xbridge->stp); | |
664 | xbridge->stp = stp_ref(stp); | |
665 | } | |
666 | ||
9efd308e DV |
667 | if (xbridge->rstp != rstp) { |
668 | rstp_unref(xbridge->rstp); | |
669 | xbridge->rstp = rstp_ref(rstp); | |
670 | } | |
671 | ||
ce3955be EJ |
672 | if (xbridge->netflow != netflow) { |
673 | netflow_unref(xbridge->netflow); | |
674 | xbridge->netflow = netflow_ref(netflow); | |
675 | } | |
676 | ||
89a8a7f0 | 677 | xbridge->dpif = dpif; |
46c88433 EJ |
678 | xbridge->forward_bpdu = forward_bpdu; |
679 | xbridge->has_in_band = has_in_band; | |
b440dd8c | 680 | xbridge->support = *support; |
46c88433 EJ |
681 | } |
682 | ||
84f0f298 RW |
683 | static void |
684 | xlate_xbundle_set(struct xbundle *xbundle, | |
685 | enum port_vlan_mode vlan_mode, int vlan, | |
686 | unsigned long *trunks, bool use_priority_tags, | |
687 | const struct bond *bond, const struct lacp *lacp, | |
c005f976 | 688 | bool floodable, bool protected) |
84f0f298 RW |
689 | { |
690 | ovs_assert(xbundle->xbridge); | |
691 | ||
692 | xbundle->vlan_mode = vlan_mode; | |
693 | xbundle->vlan = vlan; | |
694 | xbundle->trunks = trunks; | |
695 | xbundle->use_priority_tags = use_priority_tags; | |
696 | xbundle->floodable = floodable; | |
c005f976 | 697 | xbundle->protected = protected; |
84f0f298 RW |
698 | |
699 | if (xbundle->bond != bond) { | |
700 | bond_unref(xbundle->bond); | |
701 | xbundle->bond = bond_ref(bond); | |
702 | } | |
703 | ||
704 | if (xbundle->lacp != lacp) { | |
705 | lacp_unref(xbundle->lacp); | |
706 | xbundle->lacp = lacp_ref(lacp); | |
707 | } | |
708 | } | |
709 | ||
710 | static void | |
711 | xlate_xport_set(struct xport *xport, odp_port_t odp_port, | |
712 | const struct netdev *netdev, const struct cfm *cfm, | |
0477baa9 | 713 | const struct bfd *bfd, const struct lldp *lldp, int stp_port_no, |
f025bcb7 | 714 | const struct rstp_port* rstp_port, |
84f0f298 RW |
715 | enum ofputil_port_config config, enum ofputil_port_state state, |
716 | bool is_tunnel, bool may_enable) | |
717 | { | |
718 | xport->config = config; | |
719 | xport->state = state; | |
720 | xport->stp_port_no = stp_port_no; | |
721 | xport->is_tunnel = is_tunnel; | |
722 | xport->may_enable = may_enable; | |
723 | xport->odp_port = odp_port; | |
724 | ||
f025bcb7 JR |
725 | if (xport->rstp_port != rstp_port) { |
726 | rstp_port_unref(xport->rstp_port); | |
727 | xport->rstp_port = rstp_port_ref(rstp_port); | |
728 | } | |
729 | ||
84f0f298 RW |
730 | if (xport->cfm != cfm) { |
731 | cfm_unref(xport->cfm); | |
732 | xport->cfm = cfm_ref(cfm); | |
733 | } | |
734 | ||
735 | if (xport->bfd != bfd) { | |
736 | bfd_unref(xport->bfd); | |
737 | xport->bfd = bfd_ref(bfd); | |
738 | } | |
739 | ||
0477baa9 DF |
740 | if (xport->lldp != lldp) { |
741 | lldp_unref(xport->lldp); | |
742 | xport->lldp = lldp_ref(lldp); | |
743 | } | |
744 | ||
84f0f298 RW |
745 | if (xport->netdev != netdev) { |
746 | netdev_close(xport->netdev); | |
747 | xport->netdev = netdev_ref(netdev); | |
748 | } | |
749 | } | |
750 | ||
751 | static void | |
752 | xlate_xbridge_copy(struct xbridge *xbridge) | |
753 | { | |
754 | struct xbundle *xbundle; | |
755 | struct xport *xport; | |
756 | struct xbridge *new_xbridge = xzalloc(sizeof *xbridge); | |
757 | new_xbridge->ofproto = xbridge->ofproto; | |
758 | new_xbridge->name = xstrdup(xbridge->name); | |
759 | xlate_xbridge_init(new_xcfg, new_xbridge); | |
760 | ||
761 | xlate_xbridge_set(new_xbridge, | |
34dd0d78 | 762 | xbridge->dpif, xbridge->ml, xbridge->stp, |
9efd308e DV |
763 | xbridge->rstp, xbridge->ms, xbridge->mbridge, |
764 | xbridge->sflow, xbridge->ipfix, xbridge->netflow, | |
b440dd8c JS |
765 | xbridge->forward_bpdu, xbridge->has_in_band, |
766 | &xbridge->support); | |
84f0f298 RW |
767 | LIST_FOR_EACH (xbundle, list_node, &xbridge->xbundles) { |
768 | xlate_xbundle_copy(new_xbridge, xbundle); | |
769 | } | |
770 | ||
771 | /* Copy xports which are not part of a xbundle */ | |
772 | HMAP_FOR_EACH (xport, ofp_node, &xbridge->xports) { | |
773 | if (!xport->xbundle) { | |
774 | xlate_xport_copy(new_xbridge, NULL, xport); | |
775 | } | |
776 | } | |
777 | } | |
778 | ||
779 | static void | |
780 | xlate_xbundle_copy(struct xbridge *xbridge, struct xbundle *xbundle) | |
781 | { | |
782 | struct xport *xport; | |
783 | struct xbundle *new_xbundle = xzalloc(sizeof *xbundle); | |
784 | new_xbundle->ofbundle = xbundle->ofbundle; | |
785 | new_xbundle->xbridge = xbridge; | |
786 | new_xbundle->name = xstrdup(xbundle->name); | |
787 | xlate_xbundle_init(new_xcfg, new_xbundle); | |
788 | ||
789 | xlate_xbundle_set(new_xbundle, xbundle->vlan_mode, | |
790 | xbundle->vlan, xbundle->trunks, | |
791 | xbundle->use_priority_tags, xbundle->bond, xbundle->lacp, | |
c005f976 | 792 | xbundle->floodable, xbundle->protected); |
84f0f298 RW |
793 | LIST_FOR_EACH (xport, bundle_node, &xbundle->xports) { |
794 | xlate_xport_copy(xbridge, new_xbundle, xport); | |
795 | } | |
796 | } | |
797 | ||
798 | static void | |
799 | xlate_xport_copy(struct xbridge *xbridge, struct xbundle *xbundle, | |
800 | struct xport *xport) | |
801 | { | |
802 | struct skb_priority_to_dscp *pdscp, *new_pdscp; | |
803 | struct xport *new_xport = xzalloc(sizeof *xport); | |
804 | new_xport->ofport = xport->ofport; | |
805 | new_xport->ofp_port = xport->ofp_port; | |
806 | new_xport->xbridge = xbridge; | |
807 | xlate_xport_init(new_xcfg, new_xport); | |
808 | ||
809 | xlate_xport_set(new_xport, xport->odp_port, xport->netdev, xport->cfm, | |
0477baa9 DF |
810 | xport->bfd, xport->lldp, xport->stp_port_no, |
811 | xport->rstp_port, xport->config, xport->state, | |
812 | xport->is_tunnel, xport->may_enable); | |
84f0f298 RW |
813 | |
814 | if (xport->peer) { | |
815 | struct xport *peer = xport_lookup(new_xcfg, xport->peer->ofport); | |
816 | if (peer) { | |
817 | new_xport->peer = peer; | |
818 | new_xport->peer->peer = new_xport; | |
819 | } | |
820 | } | |
821 | ||
822 | if (xbundle) { | |
823 | new_xport->xbundle = xbundle; | |
417e7e66 | 824 | ovs_list_insert(&new_xport->xbundle->xports, &new_xport->bundle_node); |
84f0f298 RW |
825 | } |
826 | ||
827 | HMAP_FOR_EACH (pdscp, hmap_node, &xport->skb_priorities) { | |
828 | new_pdscp = xmalloc(sizeof *pdscp); | |
829 | new_pdscp->skb_priority = pdscp->skb_priority; | |
830 | new_pdscp->dscp = pdscp->dscp; | |
831 | hmap_insert(&new_xport->skb_priorities, &new_pdscp->hmap_node, | |
832 | hash_int(new_pdscp->skb_priority, 0)); | |
833 | } | |
834 | } | |
835 | ||
836 | /* Sets the current xlate configuration to new_xcfg and frees the old xlate | |
837 | * configuration in xcfgp. | |
838 | * | |
839 | * This needs to be called after editing the xlate configuration. | |
840 | * | |
841 | * Functions that edit the new xlate configuration are | |
6cd20a22 | 842 | * xlate_<ofproto/bundle/ofport>_set and xlate_<ofproto/bundle/ofport>_remove. |
84f0f298 RW |
843 | * |
844 | * A sample workflow: | |
845 | * | |
846 | * xlate_txn_start(); | |
847 | * ... | |
848 | * edit_xlate_configuration(); | |
849 | * ... | |
850 | * xlate_txn_commit(); */ | |
46c88433 | 851 | void |
84f0f298 RW |
852 | xlate_txn_commit(void) |
853 | { | |
854 | struct xlate_cfg *xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); | |
855 | ||
856 | ovsrcu_set(&xcfgp, new_xcfg); | |
40a9c4c2 AW |
857 | ovsrcu_synchronize(); |
858 | xlate_xcfg_free(xcfg); | |
84f0f298 RW |
859 | new_xcfg = NULL; |
860 | } | |
861 | ||
862 | /* Copies the current xlate configuration in xcfgp to new_xcfg. | |
863 | * | |
864 | * This needs to be called prior to editing the xlate configuration. */ | |
865 | void | |
866 | xlate_txn_start(void) | |
867 | { | |
868 | struct xbridge *xbridge; | |
869 | struct xlate_cfg *xcfg; | |
870 | ||
871 | ovs_assert(!new_xcfg); | |
872 | ||
873 | new_xcfg = xmalloc(sizeof *new_xcfg); | |
874 | hmap_init(&new_xcfg->xbridges); | |
875 | hmap_init(&new_xcfg->xbundles); | |
876 | hmap_init(&new_xcfg->xports); | |
877 | ||
878 | xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); | |
879 | if (!xcfg) { | |
880 | return; | |
881 | } | |
882 | ||
883 | HMAP_FOR_EACH (xbridge, hmap_node, &xcfg->xbridges) { | |
884 | xlate_xbridge_copy(xbridge); | |
885 | } | |
886 | } | |
887 | ||
888 | ||
889 | static void | |
890 | xlate_xcfg_free(struct xlate_cfg *xcfg) | |
891 | { | |
892 | struct xbridge *xbridge, *next_xbridge; | |
893 | ||
894 | if (!xcfg) { | |
895 | return; | |
896 | } | |
897 | ||
898 | HMAP_FOR_EACH_SAFE (xbridge, next_xbridge, hmap_node, &xcfg->xbridges) { | |
899 | xlate_xbridge_remove(xcfg, xbridge); | |
900 | } | |
901 | ||
902 | hmap_destroy(&xcfg->xbridges); | |
903 | hmap_destroy(&xcfg->xbundles); | |
904 | hmap_destroy(&xcfg->xports); | |
905 | free(xcfg); | |
906 | } | |
907 | ||
908 | void | |
909 | xlate_ofproto_set(struct ofproto_dpif *ofproto, const char *name, | |
34dd0d78 | 910 | struct dpif *dpif, |
84f0f298 | 911 | const struct mac_learning *ml, struct stp *stp, |
9efd308e | 912 | struct rstp *rstp, const struct mcast_snooping *ms, |
84f0f298 RW |
913 | const struct mbridge *mbridge, |
914 | const struct dpif_sflow *sflow, | |
915 | const struct dpif_ipfix *ipfix, | |
2f47cdf4 | 916 | const struct netflow *netflow, |
b440dd8c JS |
917 | bool forward_bpdu, bool has_in_band, |
918 | const struct dpif_backer_support *support) | |
84f0f298 RW |
919 | { |
920 | struct xbridge *xbridge; | |
921 | ||
922 | ovs_assert(new_xcfg); | |
923 | ||
924 | xbridge = xbridge_lookup(new_xcfg, ofproto); | |
925 | if (!xbridge) { | |
926 | xbridge = xzalloc(sizeof *xbridge); | |
927 | xbridge->ofproto = ofproto; | |
928 | ||
929 | xlate_xbridge_init(new_xcfg, xbridge); | |
930 | } | |
931 | ||
932 | free(xbridge->name); | |
933 | xbridge->name = xstrdup(name); | |
934 | ||
34dd0d78 | 935 | xlate_xbridge_set(xbridge, dpif, ml, stp, rstp, ms, mbridge, sflow, ipfix, |
b440dd8c | 936 | netflow, forward_bpdu, has_in_band, support); |
84f0f298 RW |
937 | } |
938 | ||
939 | static void | |
940 | xlate_xbridge_remove(struct xlate_cfg *xcfg, struct xbridge *xbridge) | |
46c88433 | 941 | { |
46c88433 EJ |
942 | struct xbundle *xbundle, *next_xbundle; |
943 | struct xport *xport, *next_xport; | |
944 | ||
945 | if (!xbridge) { | |
946 | return; | |
947 | } | |
948 | ||
949 | HMAP_FOR_EACH_SAFE (xport, next_xport, ofp_node, &xbridge->xports) { | |
84f0f298 | 950 | xlate_xport_remove(xcfg, xport); |
46c88433 EJ |
951 | } |
952 | ||
953 | LIST_FOR_EACH_SAFE (xbundle, next_xbundle, list_node, &xbridge->xbundles) { | |
84f0f298 | 954 | xlate_xbundle_remove(xcfg, xbundle); |
46c88433 EJ |
955 | } |
956 | ||
84f0f298 | 957 | hmap_remove(&xcfg->xbridges, &xbridge->hmap_node); |
795cc5c1 | 958 | mac_learning_unref(xbridge->ml); |
6d95c4e8 | 959 | mcast_snooping_unref(xbridge->ms); |
795cc5c1 EJ |
960 | mbridge_unref(xbridge->mbridge); |
961 | dpif_sflow_unref(xbridge->sflow); | |
962 | dpif_ipfix_unref(xbridge->ipfix); | |
963 | stp_unref(xbridge->stp); | |
9efd308e | 964 | rstp_unref(xbridge->rstp); |
795cc5c1 | 965 | hmap_destroy(&xbridge->xports); |
46c88433 EJ |
966 | free(xbridge->name); |
967 | free(xbridge); | |
968 | } | |
969 | ||
84f0f298 RW |
970 | void |
971 | xlate_remove_ofproto(struct ofproto_dpif *ofproto) | |
972 | { | |
973 | struct xbridge *xbridge; | |
974 | ||
975 | ovs_assert(new_xcfg); | |
976 | ||
977 | xbridge = xbridge_lookup(new_xcfg, ofproto); | |
978 | xlate_xbridge_remove(new_xcfg, xbridge); | |
979 | } | |
980 | ||
46c88433 EJ |
981 | void |
982 | xlate_bundle_set(struct ofproto_dpif *ofproto, struct ofbundle *ofbundle, | |
983 | const char *name, enum port_vlan_mode vlan_mode, int vlan, | |
984 | unsigned long *trunks, bool use_priority_tags, | |
985 | const struct bond *bond, const struct lacp *lacp, | |
c005f976 | 986 | bool floodable, bool protected) |
46c88433 | 987 | { |
84f0f298 | 988 | struct xbundle *xbundle; |
46c88433 | 989 | |
84f0f298 RW |
990 | ovs_assert(new_xcfg); |
991 | ||
992 | xbundle = xbundle_lookup(new_xcfg, ofbundle); | |
46c88433 EJ |
993 | if (!xbundle) { |
994 | xbundle = xzalloc(sizeof *xbundle); | |
995 | xbundle->ofbundle = ofbundle; | |
84f0f298 | 996 | xbundle->xbridge = xbridge_lookup(new_xcfg, ofproto); |
46c88433 | 997 | |
84f0f298 | 998 | xlate_xbundle_init(new_xcfg, xbundle); |
46c88433 EJ |
999 | } |
1000 | ||
46c88433 EJ |
1001 | free(xbundle->name); |
1002 | xbundle->name = xstrdup(name); | |
1003 | ||
84f0f298 | 1004 | xlate_xbundle_set(xbundle, vlan_mode, vlan, trunks, |
c005f976 | 1005 | use_priority_tags, bond, lacp, floodable, protected); |
46c88433 EJ |
1006 | } |
1007 | ||
84f0f298 RW |
1008 | static void |
1009 | xlate_xbundle_remove(struct xlate_cfg *xcfg, struct xbundle *xbundle) | |
46c88433 | 1010 | { |
5f03c983 | 1011 | struct xport *xport; |
46c88433 EJ |
1012 | |
1013 | if (!xbundle) { | |
1014 | return; | |
1015 | } | |
1016 | ||
5f03c983 | 1017 | LIST_FOR_EACH_POP (xport, bundle_node, &xbundle->xports) { |
46c88433 EJ |
1018 | xport->xbundle = NULL; |
1019 | } | |
1020 | ||
84f0f298 | 1021 | hmap_remove(&xcfg->xbundles, &xbundle->hmap_node); |
417e7e66 | 1022 | ovs_list_remove(&xbundle->list_node); |
46c88433 EJ |
1023 | bond_unref(xbundle->bond); |
1024 | lacp_unref(xbundle->lacp); | |
1025 | free(xbundle->name); | |
1026 | free(xbundle); | |
1027 | } | |
1028 | ||
84f0f298 RW |
1029 | void |
1030 | xlate_bundle_remove(struct ofbundle *ofbundle) | |
1031 | { | |
1032 | struct xbundle *xbundle; | |
1033 | ||
1034 | ovs_assert(new_xcfg); | |
1035 | ||
1036 | xbundle = xbundle_lookup(new_xcfg, ofbundle); | |
1037 | xlate_xbundle_remove(new_xcfg, xbundle); | |
1038 | } | |
1039 | ||
46c88433 EJ |
1040 | void |
1041 | xlate_ofport_set(struct ofproto_dpif *ofproto, struct ofbundle *ofbundle, | |
1042 | struct ofport_dpif *ofport, ofp_port_t ofp_port, | |
1043 | odp_port_t odp_port, const struct netdev *netdev, | |
1044 | const struct cfm *cfm, const struct bfd *bfd, | |
0477baa9 DF |
1045 | const struct lldp *lldp, struct ofport_dpif *peer, |
1046 | int stp_port_no, const struct rstp_port *rstp_port, | |
55954f6e | 1047 | const struct ofproto_port_queue *qdscp_list, size_t n_qdscp, |
dd8cd4b4 SH |
1048 | enum ofputil_port_config config, |
1049 | enum ofputil_port_state state, bool is_tunnel, | |
9d189a50 | 1050 | bool may_enable) |
46c88433 | 1051 | { |
55954f6e | 1052 | size_t i; |
84f0f298 RW |
1053 | struct xport *xport; |
1054 | ||
1055 | ovs_assert(new_xcfg); | |
46c88433 | 1056 | |
84f0f298 | 1057 | xport = xport_lookup(new_xcfg, ofport); |
46c88433 EJ |
1058 | if (!xport) { |
1059 | xport = xzalloc(sizeof *xport); | |
1060 | xport->ofport = ofport; | |
84f0f298 | 1061 | xport->xbridge = xbridge_lookup(new_xcfg, ofproto); |
46c88433 EJ |
1062 | xport->ofp_port = ofp_port; |
1063 | ||
84f0f298 | 1064 | xlate_xport_init(new_xcfg, xport); |
46c88433 EJ |
1065 | } |
1066 | ||
1067 | ovs_assert(xport->ofp_port == ofp_port); | |
1068 | ||
0477baa9 DF |
1069 | xlate_xport_set(xport, odp_port, netdev, cfm, bfd, lldp, |
1070 | stp_port_no, rstp_port, config, state, is_tunnel, | |
1071 | may_enable); | |
46c88433 EJ |
1072 | |
1073 | if (xport->peer) { | |
1074 | xport->peer->peer = NULL; | |
1075 | } | |
84f0f298 | 1076 | xport->peer = xport_lookup(new_xcfg, peer); |
46c88433 EJ |
1077 | if (xport->peer) { |
1078 | xport->peer->peer = xport; | |
1079 | } | |
1080 | ||
1081 | if (xport->xbundle) { | |
417e7e66 | 1082 | ovs_list_remove(&xport->bundle_node); |
46c88433 | 1083 | } |
84f0f298 | 1084 | xport->xbundle = xbundle_lookup(new_xcfg, ofbundle); |
46c88433 | 1085 | if (xport->xbundle) { |
417e7e66 | 1086 | ovs_list_insert(&xport->xbundle->xports, &xport->bundle_node); |
46c88433 | 1087 | } |
55954f6e EJ |
1088 | |
1089 | clear_skb_priorities(xport); | |
1090 | for (i = 0; i < n_qdscp; i++) { | |
1091 | struct skb_priority_to_dscp *pdscp; | |
1092 | uint32_t skb_priority; | |
1093 | ||
89a8a7f0 EJ |
1094 | if (dpif_queue_to_priority(xport->xbridge->dpif, qdscp_list[i].queue, |
1095 | &skb_priority)) { | |
55954f6e EJ |
1096 | continue; |
1097 | } | |
1098 | ||
1099 | pdscp = xmalloc(sizeof *pdscp); | |
1100 | pdscp->skb_priority = skb_priority; | |
1101 | pdscp->dscp = (qdscp_list[i].dscp << 2) & IP_DSCP_MASK; | |
1102 | hmap_insert(&xport->skb_priorities, &pdscp->hmap_node, | |
1103 | hash_int(pdscp->skb_priority, 0)); | |
1104 | } | |
46c88433 EJ |
1105 | } |
1106 | ||
84f0f298 RW |
1107 | static void |
1108 | xlate_xport_remove(struct xlate_cfg *xcfg, struct xport *xport) | |
46c88433 | 1109 | { |
46c88433 EJ |
1110 | if (!xport) { |
1111 | return; | |
1112 | } | |
1113 | ||
1114 | if (xport->peer) { | |
1115 | xport->peer->peer = NULL; | |
1116 | xport->peer = NULL; | |
1117 | } | |
1118 | ||
e621a12d | 1119 | if (xport->xbundle) { |
417e7e66 | 1120 | ovs_list_remove(&xport->bundle_node); |
e621a12d EJ |
1121 | } |
1122 | ||
55954f6e EJ |
1123 | clear_skb_priorities(xport); |
1124 | hmap_destroy(&xport->skb_priorities); | |
1125 | ||
84f0f298 | 1126 | hmap_remove(&xcfg->xports, &xport->hmap_node); |
46c88433 EJ |
1127 | hmap_remove(&xport->xbridge->xports, &xport->ofp_node); |
1128 | ||
1129 | netdev_close(xport->netdev); | |
f025bcb7 | 1130 | rstp_port_unref(xport->rstp_port); |
46c88433 EJ |
1131 | cfm_unref(xport->cfm); |
1132 | bfd_unref(xport->bfd); | |
0477baa9 | 1133 | lldp_unref(xport->lldp); |
46c88433 EJ |
1134 | free(xport); |
1135 | } | |
1136 | ||
84f0f298 RW |
1137 | void |
1138 | xlate_ofport_remove(struct ofport_dpif *ofport) | |
1139 | { | |
1140 | struct xport *xport; | |
1141 | ||
1142 | ovs_assert(new_xcfg); | |
1143 | ||
1144 | xport = xport_lookup(new_xcfg, ofport); | |
1145 | xlate_xport_remove(new_xcfg, xport); | |
1146 | } | |
1147 | ||
ef377a58 JR |
1148 | static struct ofproto_dpif * |
1149 | xlate_lookup_ofproto_(const struct dpif_backer *backer, const struct flow *flow, | |
1150 | ofp_port_t *ofp_in_port, const struct xport **xportp) | |
1151 | { | |
e672ff9b | 1152 | struct xlate_cfg *xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); |
ef377a58 | 1153 | const struct xport *xport; |
f9038ef6 | 1154 | |
e672ff9b JR |
1155 | xport = xport_lookup(xcfg, tnl_port_should_receive(flow) |
1156 | ? tnl_port_receive(flow) | |
1157 | : odp_port_to_ofport(backer, flow->in_port.odp_port)); | |
1158 | if (OVS_UNLIKELY(!xport)) { | |
1159 | return NULL; | |
ef377a58 | 1160 | } |
e672ff9b | 1161 | *xportp = xport; |
f9038ef6 | 1162 | if (ofp_in_port) { |
e672ff9b | 1163 | *ofp_in_port = xport->ofp_port; |
f9038ef6 | 1164 | } |
e672ff9b | 1165 | return xport->xbridge->ofproto; |
ef377a58 JR |
1166 | } |
1167 | ||
1168 | /* Given a datapath and flow metadata ('backer', and 'flow' respectively) | |
1169 | * returns the corresponding struct ofproto_dpif and OpenFlow port number. */ | |
1170 | struct ofproto_dpif * | |
1171 | xlate_lookup_ofproto(const struct dpif_backer *backer, const struct flow *flow, | |
1172 | ofp_port_t *ofp_in_port) | |
1173 | { | |
1174 | const struct xport *xport; | |
1175 | ||
1176 | return xlate_lookup_ofproto_(backer, flow, ofp_in_port, &xport); | |
1177 | } | |
1178 | ||
cc377352 | 1179 | /* Given a datapath and flow metadata ('backer', and 'flow' respectively), |
ef377a58 | 1180 | * optionally populates 'ofproto' with the ofproto_dpif, 'ofp_in_port' with the |
cc377352 | 1181 | * openflow in_port, and 'ipfix', 'sflow', and 'netflow' with the appropriate |
dcc2c6cd JR |
1182 | * handles for those protocols if they're enabled. Caller may use the returned |
1183 | * pointers until quiescing, for longer term use additional references must | |
1184 | * be taken. | |
8449c4d6 | 1185 | * |
f9038ef6 | 1186 | * Returns 0 if successful, ENODEV if the parsed flow has no associated ofproto. |
ef377a58 | 1187 | */ |
8449c4d6 | 1188 | int |
5c476ea3 JR |
1189 | xlate_lookup(const struct dpif_backer *backer, const struct flow *flow, |
1190 | struct ofproto_dpif **ofprotop, struct dpif_ipfix **ipfix, | |
1191 | struct dpif_sflow **sflow, struct netflow **netflow, | |
1192 | ofp_port_t *ofp_in_port) | |
8449c4d6 | 1193 | { |
ef377a58 | 1194 | struct ofproto_dpif *ofproto; |
84f0f298 | 1195 | const struct xport *xport; |
8449c4d6 | 1196 | |
ef377a58 | 1197 | ofproto = xlate_lookup_ofproto_(backer, flow, ofp_in_port, &xport); |
8449c4d6 | 1198 | |
f9038ef6 | 1199 | if (!ofproto) { |
cc377352 | 1200 | return ENODEV; |
8449c4d6 | 1201 | } |
8449c4d6 | 1202 | |
ef377a58 JR |
1203 | if (ofprotop) { |
1204 | *ofprotop = ofproto; | |
8449c4d6 EJ |
1205 | } |
1206 | ||
1dfdb9b3 | 1207 | if (ipfix) { |
f9038ef6 | 1208 | *ipfix = xport ? xport->xbridge->ipfix : NULL; |
1dfdb9b3 EJ |
1209 | } |
1210 | ||
1211 | if (sflow) { | |
f9038ef6 | 1212 | *sflow = xport ? xport->xbridge->sflow : NULL; |
1dfdb9b3 EJ |
1213 | } |
1214 | ||
1215 | if (netflow) { | |
f9038ef6 | 1216 | *netflow = xport ? xport->xbridge->netflow : NULL; |
1dfdb9b3 | 1217 | } |
f9038ef6 | 1218 | |
cc377352 | 1219 | return 0; |
8449c4d6 EJ |
1220 | } |
1221 | ||
46c88433 | 1222 | static struct xbridge * |
84f0f298 | 1223 | xbridge_lookup(struct xlate_cfg *xcfg, const struct ofproto_dpif *ofproto) |
46c88433 | 1224 | { |
84f0f298 | 1225 | struct hmap *xbridges; |
46c88433 EJ |
1226 | struct xbridge *xbridge; |
1227 | ||
84f0f298 | 1228 | if (!ofproto || !xcfg) { |
5e6af486 EJ |
1229 | return NULL; |
1230 | } | |
1231 | ||
84f0f298 RW |
1232 | xbridges = &xcfg->xbridges; |
1233 | ||
46c88433 | 1234 | HMAP_FOR_EACH_IN_BUCKET (xbridge, hmap_node, hash_pointer(ofproto, 0), |
84f0f298 | 1235 | xbridges) { |
46c88433 EJ |
1236 | if (xbridge->ofproto == ofproto) { |
1237 | return xbridge; | |
1238 | } | |
1239 | } | |
1240 | return NULL; | |
1241 | } | |
1242 | ||
290835f9 BP |
1243 | static struct xbridge * |
1244 | xbridge_lookup_by_uuid(struct xlate_cfg *xcfg, const struct uuid *uuid) | |
1245 | { | |
1246 | struct xbridge *xbridge; | |
1247 | ||
1248 | HMAP_FOR_EACH (xbridge, hmap_node, &xcfg->xbridges) { | |
07a3cd5c | 1249 | if (uuid_equals(&xbridge->ofproto->uuid, uuid)) { |
290835f9 BP |
1250 | return xbridge; |
1251 | } | |
1252 | } | |
1253 | return NULL; | |
1254 | } | |
1255 | ||
46c88433 | 1256 | static struct xbundle * |
84f0f298 | 1257 | xbundle_lookup(struct xlate_cfg *xcfg, const struct ofbundle *ofbundle) |
46c88433 | 1258 | { |
84f0f298 | 1259 | struct hmap *xbundles; |
46c88433 EJ |
1260 | struct xbundle *xbundle; |
1261 | ||
84f0f298 | 1262 | if (!ofbundle || !xcfg) { |
5e6af486 EJ |
1263 | return NULL; |
1264 | } | |
1265 | ||
84f0f298 RW |
1266 | xbundles = &xcfg->xbundles; |
1267 | ||
46c88433 | 1268 | HMAP_FOR_EACH_IN_BUCKET (xbundle, hmap_node, hash_pointer(ofbundle, 0), |
84f0f298 | 1269 | xbundles) { |
46c88433 EJ |
1270 | if (xbundle->ofbundle == ofbundle) { |
1271 | return xbundle; | |
1272 | } | |
1273 | } | |
1274 | return NULL; | |
1275 | } | |
1276 | ||
1277 | static struct xport * | |
84f0f298 | 1278 | xport_lookup(struct xlate_cfg *xcfg, const struct ofport_dpif *ofport) |
46c88433 | 1279 | { |
84f0f298 | 1280 | struct hmap *xports; |
46c88433 EJ |
1281 | struct xport *xport; |
1282 | ||
84f0f298 | 1283 | if (!ofport || !xcfg) { |
5e6af486 EJ |
1284 | return NULL; |
1285 | } | |
1286 | ||
84f0f298 RW |
1287 | xports = &xcfg->xports; |
1288 | ||
46c88433 | 1289 | HMAP_FOR_EACH_IN_BUCKET (xport, hmap_node, hash_pointer(ofport, 0), |
84f0f298 | 1290 | xports) { |
46c88433 EJ |
1291 | if (xport->ofport == ofport) { |
1292 | return xport; | |
1293 | } | |
1294 | } | |
1295 | return NULL; | |
1296 | } | |
1297 | ||
40085e56 EJ |
1298 | static struct stp_port * |
1299 | xport_get_stp_port(const struct xport *xport) | |
1300 | { | |
92cf817b | 1301 | return xport->xbridge->stp && xport->stp_port_no != -1 |
40085e56 EJ |
1302 | ? stp_get_port(xport->xbridge->stp, xport->stp_port_no) |
1303 | : NULL; | |
1304 | } | |
9d189a50 | 1305 | |
0d1cee12 | 1306 | static bool |
9d189a50 EJ |
1307 | xport_stp_learn_state(const struct xport *xport) |
1308 | { | |
40085e56 | 1309 | struct stp_port *sp = xport_get_stp_port(xport); |
4b5f1996 DV |
1310 | return sp |
1311 | ? stp_learn_in_state(stp_port_get_state(sp)) | |
1312 | : true; | |
9d189a50 EJ |
1313 | } |
1314 | ||
1315 | static bool | |
1316 | xport_stp_forward_state(const struct xport *xport) | |
1317 | { | |
40085e56 | 1318 | struct stp_port *sp = xport_get_stp_port(xport); |
4b5f1996 DV |
1319 | return sp |
1320 | ? stp_forward_in_state(stp_port_get_state(sp)) | |
1321 | : true; | |
9d189a50 EJ |
1322 | } |
1323 | ||
0d1cee12 | 1324 | static bool |
bacdb85a | 1325 | xport_stp_should_forward_bpdu(const struct xport *xport) |
0d1cee12 K |
1326 | { |
1327 | struct stp_port *sp = xport_get_stp_port(xport); | |
bacdb85a | 1328 | return stp_should_forward_bpdu(sp ? stp_port_get_state(sp) : STP_DISABLED); |
0d1cee12 K |
1329 | } |
1330 | ||
9d189a50 EJ |
1331 | /* Returns true if STP should process 'flow'. Sets fields in 'wc' that |
1332 | * were used to make the determination.*/ | |
1333 | static bool | |
1334 | stp_should_process_flow(const struct flow *flow, struct flow_wildcards *wc) | |
1335 | { | |
bbbca389 | 1336 | /* is_stp() also checks dl_type, but dl_type is always set in 'wc'. */ |
9d189a50 | 1337 | memset(&wc->masks.dl_dst, 0xff, sizeof wc->masks.dl_dst); |
bbbca389 | 1338 | return is_stp(flow); |
9d189a50 EJ |
1339 | } |
1340 | ||
1341 | static void | |
cf62fa4c | 1342 | stp_process_packet(const struct xport *xport, const struct dp_packet *packet) |
9d189a50 | 1343 | { |
40085e56 | 1344 | struct stp_port *sp = xport_get_stp_port(xport); |
cf62fa4c PS |
1345 | struct dp_packet payload = *packet; |
1346 | struct eth_header *eth = dp_packet_data(&payload); | |
9d189a50 EJ |
1347 | |
1348 | /* Sink packets on ports that have STP disabled when the bridge has | |
1349 | * STP enabled. */ | |
1350 | if (!sp || stp_port_get_state(sp) == STP_DISABLED) { | |
1351 | return; | |
1352 | } | |
1353 | ||
1354 | /* Trim off padding on payload. */ | |
cf62fa4c PS |
1355 | if (dp_packet_size(&payload) > ntohs(eth->eth_type) + ETH_HEADER_LEN) { |
1356 | dp_packet_set_size(&payload, ntohs(eth->eth_type) + ETH_HEADER_LEN); | |
9d189a50 EJ |
1357 | } |
1358 | ||
cf62fa4c PS |
1359 | if (dp_packet_try_pull(&payload, ETH_HEADER_LEN + LLC_HEADER_LEN)) { |
1360 | stp_received_bpdu(sp, dp_packet_data(&payload), dp_packet_size(&payload)); | |
9d189a50 EJ |
1361 | } |
1362 | } | |
1363 | ||
f025bcb7 JR |
1364 | static enum rstp_state |
1365 | xport_get_rstp_port_state(const struct xport *xport) | |
9efd308e | 1366 | { |
f025bcb7 JR |
1367 | return xport->rstp_port |
1368 | ? rstp_port_get_state(xport->rstp_port) | |
1369 | : RSTP_DISABLED; | |
9efd308e DV |
1370 | } |
1371 | ||
1372 | static bool | |
1373 | xport_rstp_learn_state(const struct xport *xport) | |
1374 | { | |
4b5f1996 DV |
1375 | return xport->xbridge->rstp && xport->rstp_port |
1376 | ? rstp_learn_in_state(xport_get_rstp_port_state(xport)) | |
1377 | : true; | |
9efd308e DV |
1378 | } |
1379 | ||
1380 | static bool | |
1381 | xport_rstp_forward_state(const struct xport *xport) | |
1382 | { | |
4b5f1996 DV |
1383 | return xport->xbridge->rstp && xport->rstp_port |
1384 | ? rstp_forward_in_state(xport_get_rstp_port_state(xport)) | |
1385 | : true; | |
9efd308e DV |
1386 | } |
1387 | ||
1388 | static bool | |
1389 | xport_rstp_should_manage_bpdu(const struct xport *xport) | |
1390 | { | |
f025bcb7 | 1391 | return rstp_should_manage_bpdu(xport_get_rstp_port_state(xport)); |
9efd308e DV |
1392 | } |
1393 | ||
1394 | static void | |
cf62fa4c | 1395 | rstp_process_packet(const struct xport *xport, const struct dp_packet *packet) |
9efd308e | 1396 | { |
cf62fa4c PS |
1397 | struct dp_packet payload = *packet; |
1398 | struct eth_header *eth = dp_packet_data(&payload); | |
9efd308e | 1399 | |
f025bcb7 JR |
1400 | /* Sink packets on ports that have no RSTP. */ |
1401 | if (!xport->rstp_port) { | |
9efd308e DV |
1402 | return; |
1403 | } | |
1404 | ||
1405 | /* Trim off padding on payload. */ | |
cf62fa4c PS |
1406 | if (dp_packet_size(&payload) > ntohs(eth->eth_type) + ETH_HEADER_LEN) { |
1407 | dp_packet_set_size(&payload, ntohs(eth->eth_type) + ETH_HEADER_LEN); | |
9efd308e DV |
1408 | } |
1409 | ||
cf62fa4c PS |
1410 | if (dp_packet_try_pull(&payload, ETH_HEADER_LEN + LLC_HEADER_LEN)) { |
1411 | rstp_port_received_bpdu(xport->rstp_port, dp_packet_data(&payload), | |
1412 | dp_packet_size(&payload)); | |
9efd308e DV |
1413 | } |
1414 | } | |
1415 | ||
46c88433 EJ |
1416 | static struct xport * |
1417 | get_ofp_port(const struct xbridge *xbridge, ofp_port_t ofp_port) | |
1418 | { | |
1419 | struct xport *xport; | |
1420 | ||
1421 | HMAP_FOR_EACH_IN_BUCKET (xport, ofp_node, hash_ofp_port(ofp_port), | |
1422 | &xbridge->xports) { | |
1423 | if (xport->ofp_port == ofp_port) { | |
1424 | return xport; | |
1425 | } | |
1426 | } | |
1427 | return NULL; | |
1428 | } | |
1429 | ||
1430 | static odp_port_t | |
1431 | ofp_port_to_odp_port(const struct xbridge *xbridge, ofp_port_t ofp_port) | |
1432 | { | |
1433 | const struct xport *xport = get_ofp_port(xbridge, ofp_port); | |
1434 | return xport ? xport->odp_port : ODPP_NONE; | |
1435 | } | |
1436 | ||
dd8cd4b4 SH |
1437 | static bool |
1438 | odp_port_is_alive(const struct xlate_ctx *ctx, ofp_port_t ofp_port) | |
1439 | { | |
086fa873 BP |
1440 | struct xport *xport = get_ofp_port(ctx->xbridge, ofp_port); |
1441 | return xport && xport->may_enable; | |
dd8cd4b4 SH |
1442 | } |
1443 | ||
1e684d7d | 1444 | static struct ofputil_bucket * |
dd8cd4b4 SH |
1445 | group_first_live_bucket(const struct xlate_ctx *, const struct group_dpif *, |
1446 | int depth); | |
1447 | ||
1448 | static bool | |
1449 | group_is_alive(const struct xlate_ctx *ctx, uint32_t group_id, int depth) | |
1450 | { | |
1451 | struct group_dpif *group; | |
dd8cd4b4 | 1452 | |
5d08a275 | 1453 | group = group_dpif_lookup(ctx->xbridge->ofproto, group_id, |
1f4a8933 | 1454 | ctx->xin->tables_version, false); |
db88b35c | 1455 | if (group) { |
76973237 | 1456 | return group_first_live_bucket(ctx, group, depth) != NULL; |
dc25893e | 1457 | } |
dd8cd4b4 | 1458 | |
dc25893e | 1459 | return false; |
dd8cd4b4 SH |
1460 | } |
1461 | ||
1462 | #define MAX_LIVENESS_RECURSION 128 /* Arbitrary limit */ | |
1463 | ||
1464 | static bool | |
1465 | bucket_is_alive(const struct xlate_ctx *ctx, | |
1e684d7d | 1466 | struct ofputil_bucket *bucket, int depth) |
dd8cd4b4 SH |
1467 | { |
1468 | if (depth >= MAX_LIVENESS_RECURSION) { | |
1469 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1); | |
1470 | ||
1471 | VLOG_WARN_RL(&rl, "bucket chaining exceeded %d links", | |
1472 | MAX_LIVENESS_RECURSION); | |
1473 | return false; | |
1474 | } | |
1475 | ||
fdb1999b AZ |
1476 | return (!ofputil_bucket_has_liveness(bucket) |
1477 | || (bucket->watch_port != OFPP_ANY | |
1478 | && odp_port_is_alive(ctx, bucket->watch_port)) | |
1479 | || (bucket->watch_group != OFPG_ANY | |
1480 | && group_is_alive(ctx, bucket->watch_group, depth + 1))); | |
dd8cd4b4 SH |
1481 | } |
1482 | ||
1e684d7d | 1483 | static struct ofputil_bucket * |
dd8cd4b4 SH |
1484 | group_first_live_bucket(const struct xlate_ctx *ctx, |
1485 | const struct group_dpif *group, int depth) | |
1486 | { | |
1487 | struct ofputil_bucket *bucket; | |
07a3cd5c | 1488 | LIST_FOR_EACH (bucket, list_node, &group->up.buckets) { |
dd8cd4b4 SH |
1489 | if (bucket_is_alive(ctx, bucket, depth)) { |
1490 | return bucket; | |
1491 | } | |
1492 | } | |
1493 | ||
1494 | return NULL; | |
1495 | } | |
1496 | ||
1e684d7d | 1497 | static struct ofputil_bucket * |
fe7e5749 SH |
1498 | group_best_live_bucket(const struct xlate_ctx *ctx, |
1499 | const struct group_dpif *group, | |
1500 | uint32_t basis) | |
1501 | { | |
1e684d7d | 1502 | struct ofputil_bucket *best_bucket = NULL; |
fe7e5749 | 1503 | uint32_t best_score = 0; |
fe7e5749 | 1504 | |
1e684d7d | 1505 | struct ofputil_bucket *bucket; |
07a3cd5c | 1506 | LIST_FOR_EACH (bucket, list_node, &group->up.buckets) { |
fe7e5749 | 1507 | if (bucket_is_alive(ctx, bucket, 0)) { |
c09cb861 LS |
1508 | uint32_t score = |
1509 | (hash_int(bucket->bucket_id, basis) & 0xffff) * bucket->weight; | |
fe7e5749 SH |
1510 | if (score >= best_score) { |
1511 | best_bucket = bucket; | |
1512 | best_score = score; | |
1513 | } | |
1514 | } | |
fe7e5749 SH |
1515 | } |
1516 | ||
1517 | return best_bucket; | |
1518 | } | |
1519 | ||
9583bc14 | 1520 | static bool |
46c88433 | 1521 | xbundle_trunks_vlan(const struct xbundle *bundle, uint16_t vlan) |
9583bc14 EJ |
1522 | { |
1523 | return (bundle->vlan_mode != PORT_VLAN_ACCESS | |
1524 | && (!bundle->trunks || bitmap_is_set(bundle->trunks, vlan))); | |
1525 | } | |
1526 | ||
1527 | static bool | |
46c88433 EJ |
1528 | xbundle_includes_vlan(const struct xbundle *xbundle, uint16_t vlan) |
1529 | { | |
1530 | return vlan == xbundle->vlan || xbundle_trunks_vlan(xbundle, vlan); | |
1531 | } | |
1532 | ||
1533 | static mirror_mask_t | |
1534 | xbundle_mirror_out(const struct xbridge *xbridge, struct xbundle *xbundle) | |
1535 | { | |
1536 | return xbundle != &ofpp_none_bundle | |
1537 | ? mirror_bundle_out(xbridge->mbridge, xbundle->ofbundle) | |
1538 | : 0; | |
1539 | } | |
1540 | ||
1541 | static mirror_mask_t | |
1542 | xbundle_mirror_src(const struct xbridge *xbridge, struct xbundle *xbundle) | |
9583bc14 | 1543 | { |
46c88433 EJ |
1544 | return xbundle != &ofpp_none_bundle |
1545 | ? mirror_bundle_src(xbridge->mbridge, xbundle->ofbundle) | |
1546 | : 0; | |
9583bc14 EJ |
1547 | } |
1548 | ||
46c88433 EJ |
1549 | static mirror_mask_t |
1550 | xbundle_mirror_dst(const struct xbridge *xbridge, struct xbundle *xbundle) | |
9583bc14 | 1551 | { |
46c88433 EJ |
1552 | return xbundle != &ofpp_none_bundle |
1553 | ? mirror_bundle_dst(xbridge->mbridge, xbundle->ofbundle) | |
1554 | : 0; | |
1555 | } | |
1556 | ||
1557 | static struct xbundle * | |
1558 | lookup_input_bundle(const struct xbridge *xbridge, ofp_port_t in_port, | |
1559 | bool warn, struct xport **in_xportp) | |
1560 | { | |
1561 | struct xport *xport; | |
9583bc14 EJ |
1562 | |
1563 | /* Find the port and bundle for the received packet. */ | |
46c88433 EJ |
1564 | xport = get_ofp_port(xbridge, in_port); |
1565 | if (in_xportp) { | |
1566 | *in_xportp = xport; | |
9583bc14 | 1567 | } |
46c88433 EJ |
1568 | if (xport && xport->xbundle) { |
1569 | return xport->xbundle; | |
9583bc14 EJ |
1570 | } |
1571 | ||
6362203b YT |
1572 | /* Special-case OFPP_NONE (OF1.0) and OFPP_CONTROLLER (OF1.1+), |
1573 | * which a controller may use as the ingress port for traffic that | |
1574 | * it is sourcing. */ | |
1575 | if (in_port == OFPP_CONTROLLER || in_port == OFPP_NONE) { | |
9583bc14 EJ |
1576 | return &ofpp_none_bundle; |
1577 | } | |
1578 | ||
1579 | /* Odd. A few possible reasons here: | |
1580 | * | |
1581 | * - We deleted a port but there are still a few packets queued up | |
1582 | * from it. | |
1583 | * | |
1584 | * - Someone externally added a port (e.g. "ovs-dpctl add-if") that | |
1585 | * we don't know about. | |
1586 | * | |
1587 | * - The ofproto client didn't configure the port as part of a bundle. | |
1588 | * This is particularly likely to happen if a packet was received on the | |
1589 | * port after it was created, but before the client had a chance to | |
1590 | * configure its bundle. | |
1591 | */ | |
1592 | if (warn) { | |
1593 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
1594 | ||
1595 | VLOG_WARN_RL(&rl, "bridge %s: received packet on unknown " | |
46c88433 | 1596 | "port %"PRIu16, xbridge->name, in_port); |
9583bc14 EJ |
1597 | } |
1598 | return NULL; | |
1599 | } | |
1600 | ||
faa624b4 BP |
1601 | /* Mirrors the packet represented by 'ctx' to appropriate mirror destinations, |
1602 | * given the packet is ingressing or egressing on 'xbundle', which has ingress | |
1603 | * or egress (as appropriate) mirrors 'mirrors'. */ | |
9583bc14 | 1604 | static void |
7efbc3b7 BP |
1605 | mirror_packet(struct xlate_ctx *ctx, struct xbundle *xbundle, |
1606 | mirror_mask_t mirrors) | |
9583bc14 | 1607 | { |
faa624b4 BP |
1608 | /* Figure out what VLAN the packet is in (because mirrors can select |
1609 | * packets on basis of VLAN). */ | |
7efbc3b7 BP |
1610 | bool warn = ctx->xin->packet != NULL; |
1611 | uint16_t vid = vlan_tci_to_vid(ctx->xin->flow.vlan_tci); | |
1612 | if (!input_vid_is_valid(vid, xbundle, warn)) { | |
9583bc14 EJ |
1613 | return; |
1614 | } | |
7efbc3b7 | 1615 | uint16_t vlan = input_vid_to_vlan(xbundle, vid); |
9583bc14 | 1616 | |
7efbc3b7 | 1617 | const struct xbridge *xbridge = ctx->xbridge; |
9583bc14 | 1618 | |
7efbc3b7 BP |
1619 | /* Don't mirror to destinations that we've already mirrored to. */ |
1620 | mirrors &= ~ctx->mirrors; | |
9583bc14 EJ |
1621 | if (!mirrors) { |
1622 | return; | |
1623 | } | |
1624 | ||
7efbc3b7 BP |
1625 | if (ctx->xin->resubmit_stats) { |
1626 | mirror_update_stats(xbridge->mbridge, mirrors, | |
1627 | ctx->xin->resubmit_stats->n_packets, | |
1628 | ctx->xin->resubmit_stats->n_bytes); | |
1629 | } | |
1630 | if (ctx->xin->xcache) { | |
1631 | struct xc_entry *entry; | |
1632 | ||
1633 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_MIRROR); | |
901a517e JR |
1634 | entry->mirror.mbridge = mbridge_ref(xbridge->mbridge); |
1635 | entry->mirror.mirrors = mirrors; | |
7efbc3b7 | 1636 | } |
9583bc14 | 1637 | |
faa624b4 BP |
1638 | /* 'mirrors' is a bit-mask of candidates for mirroring. Iterate as long as |
1639 | * some candidates remain. */ | |
9583bc14 | 1640 | while (mirrors) { |
7efbc3b7 | 1641 | const unsigned long *vlans; |
ec7ceaed EJ |
1642 | mirror_mask_t dup_mirrors; |
1643 | struct ofbundle *out; | |
ec7ceaed | 1644 | int out_vlan; |
1356dbd1 | 1645 | int snaplen; |
ec7ceaed | 1646 | |
faa624b4 | 1647 | /* Get the details of the mirror represented by the rightmost 1-bit. */ |
7efbc3b7 | 1648 | bool has_mirror = mirror_get(xbridge->mbridge, raw_ctz(mirrors), |
1356dbd1 WT |
1649 | &vlans, &dup_mirrors, |
1650 | &out, &snaplen, &out_vlan); | |
ec7ceaed EJ |
1651 | ovs_assert(has_mirror); |
1652 | ||
1356dbd1 | 1653 | |
faa624b4 BP |
1654 | /* If this mirror selects on the basis of VLAN, and it does not select |
1655 | * 'vlan', then discard this mirror and go on to the next one. */ | |
ec7ceaed | 1656 | if (vlans) { |
49a73e0c | 1657 | ctx->wc->masks.vlan_tci |= htons(VLAN_CFI | VLAN_VID_MASK); |
9583bc14 | 1658 | } |
7efbc3b7 | 1659 | if (vlans && !bitmap_is_set(vlans, vlan)) { |
9583bc14 EJ |
1660 | mirrors = zero_rightmost_1bit(mirrors); |
1661 | continue; | |
1662 | } | |
1663 | ||
faa624b4 BP |
1664 | /* Record the mirror, and the mirrors that output to the same |
1665 | * destination, so that we don't mirror to them again. This must be | |
1666 | * done now to ensure that output_normal(), below, doesn't recursively | |
1667 | * output to the same mirrors. */ | |
3d6151f3 | 1668 | ctx->mirrors |= dup_mirrors; |
1356dbd1 | 1669 | ctx->mirror_snaplen = snaplen; |
faa624b4 BP |
1670 | |
1671 | /* Send the packet to the mirror. */ | |
ec7ceaed | 1672 | if (out) { |
84f0f298 RW |
1673 | struct xlate_cfg *xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); |
1674 | struct xbundle *out_xbundle = xbundle_lookup(xcfg, out); | |
46c88433 EJ |
1675 | if (out_xbundle) { |
1676 | output_normal(ctx, out_xbundle, vlan); | |
1677 | } | |
ec7ceaed | 1678 | } else if (vlan != out_vlan |
7efbc3b7 | 1679 | && !eth_addr_is_reserved(ctx->xin->flow.dl_dst)) { |
46c88433 | 1680 | struct xbundle *xbundle; |
9583bc14 | 1681 | |
46c88433 EJ |
1682 | LIST_FOR_EACH (xbundle, list_node, &xbridge->xbundles) { |
1683 | if (xbundle_includes_vlan(xbundle, out_vlan) | |
1684 | && !xbundle_mirror_out(xbridge, xbundle)) { | |
1685 | output_normal(ctx, xbundle, out_vlan); | |
9583bc14 EJ |
1686 | } |
1687 | } | |
1688 | } | |
faa624b4 BP |
1689 | |
1690 | /* output_normal() could have recursively output (to different | |
1691 | * mirrors), so make sure that we don't send duplicates. */ | |
1692 | mirrors &= ~ctx->mirrors; | |
1356dbd1 | 1693 | ctx->mirror_snaplen = 0; |
9583bc14 EJ |
1694 | } |
1695 | } | |
1696 | ||
7efbc3b7 BP |
1697 | static void |
1698 | mirror_ingress_packet(struct xlate_ctx *ctx) | |
1699 | { | |
1700 | if (mbridge_has_mirrors(ctx->xbridge->mbridge)) { | |
1701 | bool warn = ctx->xin->packet != NULL; | |
1702 | struct xbundle *xbundle = lookup_input_bundle( | |
1703 | ctx->xbridge, ctx->xin->flow.in_port.ofp_port, warn, NULL); | |
1704 | if (xbundle) { | |
1705 | mirror_packet(ctx, xbundle, | |
1706 | xbundle_mirror_src(ctx->xbridge, xbundle)); | |
1707 | } | |
1708 | } | |
1709 | } | |
1710 | ||
9583bc14 | 1711 | /* Given 'vid', the VID obtained from the 802.1Q header that was received as |
46c88433 | 1712 | * part of a packet (specify 0 if there was no 802.1Q header), and 'in_xbundle', |
9583bc14 EJ |
1713 | * the bundle on which the packet was received, returns the VLAN to which the |
1714 | * packet belongs. | |
1715 | * | |
1716 | * Both 'vid' and the return value are in the range 0...4095. */ | |
1717 | static uint16_t | |
46c88433 | 1718 | input_vid_to_vlan(const struct xbundle *in_xbundle, uint16_t vid) |
9583bc14 | 1719 | { |
46c88433 | 1720 | switch (in_xbundle->vlan_mode) { |
9583bc14 | 1721 | case PORT_VLAN_ACCESS: |
46c88433 | 1722 | return in_xbundle->vlan; |
9583bc14 EJ |
1723 | break; |
1724 | ||
1725 | case PORT_VLAN_TRUNK: | |
1726 | return vid; | |
1727 | ||
1728 | case PORT_VLAN_NATIVE_UNTAGGED: | |
1729 | case PORT_VLAN_NATIVE_TAGGED: | |
46c88433 | 1730 | return vid ? vid : in_xbundle->vlan; |
9583bc14 EJ |
1731 | |
1732 | default: | |
428b2edd | 1733 | OVS_NOT_REACHED(); |
9583bc14 EJ |
1734 | } |
1735 | } | |
1736 | ||
46c88433 | 1737 | /* Checks whether a packet with the given 'vid' may ingress on 'in_xbundle'. |
9583bc14 EJ |
1738 | * If so, returns true. Otherwise, returns false and, if 'warn' is true, logs |
1739 | * a warning. | |
1740 | * | |
1741 | * 'vid' should be the VID obtained from the 802.1Q header that was received as | |
1742 | * part of a packet (specify 0 if there was no 802.1Q header), in the range | |
1743 | * 0...4095. */ | |
1744 | static bool | |
46c88433 | 1745 | input_vid_is_valid(uint16_t vid, struct xbundle *in_xbundle, bool warn) |
9583bc14 EJ |
1746 | { |
1747 | /* Allow any VID on the OFPP_NONE port. */ | |
46c88433 | 1748 | if (in_xbundle == &ofpp_none_bundle) { |
9583bc14 EJ |
1749 | return true; |
1750 | } | |
1751 | ||
46c88433 | 1752 | switch (in_xbundle->vlan_mode) { |
9583bc14 EJ |
1753 | case PORT_VLAN_ACCESS: |
1754 | if (vid) { | |
1755 | if (warn) { | |
1756 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
46c88433 | 1757 | VLOG_WARN_RL(&rl, "dropping VLAN %"PRIu16" tagged " |
9583bc14 | 1758 | "packet received on port %s configured as VLAN " |
46c88433 EJ |
1759 | "%"PRIu16" access port", vid, in_xbundle->name, |
1760 | in_xbundle->vlan); | |
9583bc14 EJ |
1761 | } |
1762 | return false; | |
1763 | } | |
1764 | return true; | |
1765 | ||
1766 | case PORT_VLAN_NATIVE_UNTAGGED: | |
1767 | case PORT_VLAN_NATIVE_TAGGED: | |
1768 | if (!vid) { | |
1769 | /* Port must always carry its native VLAN. */ | |
1770 | return true; | |
1771 | } | |
1772 | /* Fall through. */ | |
1773 | case PORT_VLAN_TRUNK: | |
46c88433 | 1774 | if (!xbundle_includes_vlan(in_xbundle, vid)) { |
9583bc14 EJ |
1775 | if (warn) { |
1776 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
46c88433 | 1777 | VLOG_WARN_RL(&rl, "dropping VLAN %"PRIu16" packet " |
9583bc14 | 1778 | "received on port %s not configured for trunking " |
46c88433 | 1779 | "VLAN %"PRIu16, vid, in_xbundle->name, vid); |
9583bc14 EJ |
1780 | } |
1781 | return false; | |
1782 | } | |
1783 | return true; | |
1784 | ||
1785 | default: | |
428b2edd | 1786 | OVS_NOT_REACHED(); |
9583bc14 EJ |
1787 | } |
1788 | ||
1789 | } | |
1790 | ||
1791 | /* Given 'vlan', the VLAN that a packet belongs to, and | |
46c88433 | 1792 | * 'out_xbundle', a bundle on which the packet is to be output, returns the VID |
9583bc14 EJ |
1793 | * that should be included in the 802.1Q header. (If the return value is 0, |
1794 | * then the 802.1Q header should only be included in the packet if there is a | |
1795 | * nonzero PCP.) | |
1796 | * | |
1797 | * Both 'vlan' and the return value are in the range 0...4095. */ | |
1798 | static uint16_t | |
46c88433 | 1799 | output_vlan_to_vid(const struct xbundle *out_xbundle, uint16_t vlan) |
9583bc14 | 1800 | { |
46c88433 | 1801 | switch (out_xbundle->vlan_mode) { |
9583bc14 EJ |
1802 | case PORT_VLAN_ACCESS: |
1803 | return 0; | |
1804 | ||
1805 | case PORT_VLAN_TRUNK: | |
1806 | case PORT_VLAN_NATIVE_TAGGED: | |
1807 | return vlan; | |
1808 | ||
1809 | case PORT_VLAN_NATIVE_UNTAGGED: | |
46c88433 | 1810 | return vlan == out_xbundle->vlan ? 0 : vlan; |
9583bc14 EJ |
1811 | |
1812 | default: | |
428b2edd | 1813 | OVS_NOT_REACHED(); |
9583bc14 EJ |
1814 | } |
1815 | } | |
1816 | ||
1817 | static void | |
46c88433 | 1818 | output_normal(struct xlate_ctx *ctx, const struct xbundle *out_xbundle, |
9583bc14 EJ |
1819 | uint16_t vlan) |
1820 | { | |
33bf9176 | 1821 | ovs_be16 *flow_tci = &ctx->xin->flow.vlan_tci; |
9583bc14 EJ |
1822 | uint16_t vid; |
1823 | ovs_be16 tci, old_tci; | |
46c88433 | 1824 | struct xport *xport; |
e93ef1c7 JR |
1825 | struct xlate_bond_recirc xr; |
1826 | bool use_recirc = false; | |
9583bc14 | 1827 | |
46c88433 | 1828 | vid = output_vlan_to_vid(out_xbundle, vlan); |
417e7e66 | 1829 | if (ovs_list_is_empty(&out_xbundle->xports)) { |
46c88433 EJ |
1830 | /* Partially configured bundle with no slaves. Drop the packet. */ |
1831 | return; | |
1832 | } else if (!out_xbundle->bond) { | |
417e7e66 | 1833 | xport = CONTAINER_OF(ovs_list_front(&out_xbundle->xports), struct xport, |
46c88433 | 1834 | bundle_node); |
9583bc14 | 1835 | } else { |
84f0f298 | 1836 | struct xlate_cfg *xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); |
49a73e0c | 1837 | struct flow_wildcards *wc = ctx->wc; |
84f0f298 | 1838 | struct ofport_dpif *ofport; |
adcf00ba | 1839 | |
2494ccd7 | 1840 | if (ctx->xbridge->support.odp.recirc) { |
e93ef1c7 JR |
1841 | use_recirc = bond_may_recirc( |
1842 | out_xbundle->bond, &xr.recirc_id, &xr.hash_basis); | |
adcf00ba | 1843 | |
e93ef1c7 | 1844 | if (use_recirc) { |
adcf00ba | 1845 | /* Only TCP mode uses recirculation. */ |
e93ef1c7 | 1846 | xr.hash_alg = OVS_HASH_ALG_L4; |
adcf00ba | 1847 | bond_update_post_recirc_rules(out_xbundle->bond, false); |
54ecb5a2 AZ |
1848 | |
1849 | /* Recirculation does not require unmasking hash fields. */ | |
1850 | wc = NULL; | |
adcf00ba AZ |
1851 | } |
1852 | } | |
46c88433 | 1853 | |
54ecb5a2 AZ |
1854 | ofport = bond_choose_output_slave(out_xbundle->bond, |
1855 | &ctx->xin->flow, wc, vid); | |
84f0f298 | 1856 | xport = xport_lookup(xcfg, ofport); |
46c88433 EJ |
1857 | |
1858 | if (!xport) { | |
9583bc14 EJ |
1859 | /* No slaves enabled, so drop packet. */ |
1860 | return; | |
1861 | } | |
d6fc5f57 | 1862 | |
e93ef1c7 | 1863 | /* If use_recirc is set, the main thread will handle stats |
b256dc52 | 1864 | * accounting for this bond. */ |
e93ef1c7 | 1865 | if (!use_recirc) { |
b256dc52 JS |
1866 | if (ctx->xin->resubmit_stats) { |
1867 | bond_account(out_xbundle->bond, &ctx->xin->flow, vid, | |
1868 | ctx->xin->resubmit_stats->n_bytes); | |
1869 | } | |
1870 | if (ctx->xin->xcache) { | |
1871 | struct xc_entry *entry; | |
1872 | struct flow *flow; | |
1873 | ||
1874 | flow = &ctx->xin->flow; | |
1875 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_BOND); | |
901a517e JR |
1876 | entry->bond.bond = bond_ref(out_xbundle->bond); |
1877 | entry->bond.flow = xmemdup(flow, sizeof *flow); | |
1878 | entry->bond.vid = vid; | |
b256dc52 | 1879 | } |
d6fc5f57 | 1880 | } |
9583bc14 EJ |
1881 | } |
1882 | ||
33bf9176 | 1883 | old_tci = *flow_tci; |
9583bc14 | 1884 | tci = htons(vid); |
46c88433 | 1885 | if (tci || out_xbundle->use_priority_tags) { |
33bf9176 | 1886 | tci |= *flow_tci & htons(VLAN_PCP_MASK); |
9583bc14 EJ |
1887 | if (tci) { |
1888 | tci |= htons(VLAN_CFI); | |
1889 | } | |
1890 | } | |
33bf9176 | 1891 | *flow_tci = tci; |
9583bc14 | 1892 | |
e93ef1c7 | 1893 | compose_output_action(ctx, xport->ofp_port, use_recirc ? &xr : NULL); |
33bf9176 | 1894 | *flow_tci = old_tci; |
9583bc14 EJ |
1895 | } |
1896 | ||
1897 | /* A VM broadcasts a gratuitous ARP to indicate that it has resumed after | |
1898 | * migration. Older Citrix-patched Linux DomU used gratuitous ARP replies to | |
1899 | * indicate this; newer upstream kernels use gratuitous ARP requests. */ | |
1900 | static bool | |
1901 | is_gratuitous_arp(const struct flow *flow, struct flow_wildcards *wc) | |
1902 | { | |
1903 | if (flow->dl_type != htons(ETH_TYPE_ARP)) { | |
1904 | return false; | |
1905 | } | |
1906 | ||
1907 | memset(&wc->masks.dl_dst, 0xff, sizeof wc->masks.dl_dst); | |
1908 | if (!eth_addr_is_broadcast(flow->dl_dst)) { | |
1909 | return false; | |
1910 | } | |
1911 | ||
1912 | memset(&wc->masks.nw_proto, 0xff, sizeof wc->masks.nw_proto); | |
1913 | if (flow->nw_proto == ARP_OP_REPLY) { | |
1914 | return true; | |
1915 | } else if (flow->nw_proto == ARP_OP_REQUEST) { | |
1916 | memset(&wc->masks.nw_src, 0xff, sizeof wc->masks.nw_src); | |
1917 | memset(&wc->masks.nw_dst, 0xff, sizeof wc->masks.nw_dst); | |
1918 | ||
1919 | return flow->nw_src == flow->nw_dst; | |
1920 | } else { | |
1921 | return false; | |
1922 | } | |
1923 | } | |
1924 | ||
ff69c24a FL |
1925 | /* Determines whether packets in 'flow' within 'xbridge' should be forwarded or |
1926 | * dropped. Returns true if they may be forwarded, false if they should be | |
1927 | * dropped. | |
1928 | * | |
1929 | * 'in_port' must be the xport that corresponds to flow->in_port. | |
1930 | * 'in_port' must be part of a bundle (e.g. in_port->bundle must be nonnull). | |
1931 | * | |
1932 | * 'vlan' must be the VLAN that corresponds to flow->vlan_tci on 'in_port', as | |
1933 | * returned by input_vid_to_vlan(). It must be a valid VLAN for 'in_port', as | |
1934 | * checked by input_vid_is_valid(). | |
1935 | * | |
1936 | * May also add tags to '*tags', although the current implementation only does | |
1937 | * so in one special case. | |
1938 | */ | |
1939 | static bool | |
1940 | is_admissible(struct xlate_ctx *ctx, struct xport *in_port, | |
1941 | uint16_t vlan) | |
1942 | { | |
1943 | struct xbundle *in_xbundle = in_port->xbundle; | |
1944 | const struct xbridge *xbridge = ctx->xbridge; | |
1945 | struct flow *flow = &ctx->xin->flow; | |
1946 | ||
1947 | /* Drop frames for reserved multicast addresses | |
1948 | * only if forward_bpdu option is absent. */ | |
1949 | if (!xbridge->forward_bpdu && eth_addr_is_reserved(flow->dl_dst)) { | |
1950 | xlate_report(ctx, "packet has reserved destination MAC, dropping"); | |
1951 | return false; | |
1952 | } | |
1953 | ||
1954 | if (in_xbundle->bond) { | |
1955 | struct mac_entry *mac; | |
1956 | ||
1957 | switch (bond_check_admissibility(in_xbundle->bond, in_port->ofport, | |
1958 | flow->dl_dst)) { | |
1959 | case BV_ACCEPT: | |
1960 | break; | |
1961 | ||
1962 | case BV_DROP: | |
1963 | xlate_report(ctx, "bonding refused admissibility, dropping"); | |
1964 | return false; | |
1965 | ||
1966 | case BV_DROP_IF_MOVED: | |
1967 | ovs_rwlock_rdlock(&xbridge->ml->rwlock); | |
1968 | mac = mac_learning_lookup(xbridge->ml, flow->dl_src, vlan); | |
9d078ec2 BP |
1969 | if (mac |
1970 | && mac_entry_get_port(xbridge->ml, mac) != in_xbundle->ofbundle | |
49a73e0c | 1971 | && (!is_gratuitous_arp(flow, ctx->wc) |
9d078ec2 | 1972 | || mac_entry_is_grat_arp_locked(mac))) { |
ff69c24a FL |
1973 | ovs_rwlock_unlock(&xbridge->ml->rwlock); |
1974 | xlate_report(ctx, "SLB bond thinks this packet looped back, " | |
1975 | "dropping"); | |
1976 | return false; | |
1977 | } | |
1978 | ovs_rwlock_unlock(&xbridge->ml->rwlock); | |
1979 | break; | |
1980 | } | |
1981 | } | |
1982 | ||
1983 | return true; | |
1984 | } | |
1985 | ||
ee047520 | 1986 | static void |
064799a1 JR |
1987 | update_learning_table(const struct xbridge *xbridge, |
1988 | struct xbundle *in_xbundle, struct eth_addr dl_src, | |
1989 | int vlan, bool is_grat_arp) | |
ee047520 | 1990 | { |
064799a1 | 1991 | if (in_xbundle == &ofpp_none_bundle) { |
ee047520 | 1992 | return; |
9583bc14 EJ |
1993 | } |
1994 | ||
064799a1 JR |
1995 | if (mac_learning_update(xbridge->ml, dl_src, vlan, is_grat_arp, |
1996 | in_xbundle->bond != NULL, in_xbundle->ofbundle)) { | |
9583bc14 EJ |
1997 | /* The log messages here could actually be useful in debugging, |
1998 | * so keep the rate limit relatively high. */ | |
1999 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(30, 300); | |
ee047520 | 2000 | |
9583bc14 EJ |
2001 | VLOG_DBG_RL(&rl, "bridge %s: learned that "ETH_ADDR_FMT" is " |
2002 | "on port %s in VLAN %d", | |
064799a1 JR |
2003 | xbridge->name, ETH_ADDR_ARGS(dl_src), in_xbundle->name, |
2004 | vlan); | |
ee047520 | 2005 | } |
9583bc14 EJ |
2006 | } |
2007 | ||
86e2dcdd FL |
2008 | /* Updates multicast snooping table 'ms' given that a packet matching 'flow' |
2009 | * was received on 'in_xbundle' in 'vlan' and is either Report or Query. */ | |
2010 | static void | |
06994f87 TLSC |
2011 | update_mcast_snooping_table4__(const struct xbridge *xbridge, |
2012 | const struct flow *flow, | |
2013 | struct mcast_snooping *ms, int vlan, | |
2014 | struct xbundle *in_xbundle, | |
2015 | const struct dp_packet *packet) | |
86e2dcdd FL |
2016 | OVS_REQ_WRLOCK(ms->rwlock) |
2017 | { | |
2018 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(60, 30); | |
46445c63 | 2019 | const struct igmp_header *igmp; |
e3102e42 | 2020 | int count; |
46445c63 | 2021 | size_t offset; |
06994f87 | 2022 | ovs_be32 ip4 = flow->igmp_group_ip4; |
86e2dcdd | 2023 | |
46445c63 EC |
2024 | offset = (char *) dp_packet_l4(packet) - (char *) dp_packet_data(packet); |
2025 | igmp = dp_packet_at(packet, offset, IGMP_HEADER_LEN); | |
2026 | if (!igmp || csum(igmp, dp_packet_l4_size(packet)) != 0) { | |
2027 | VLOG_DBG_RL(&rl, "bridge %s: multicast snooping received bad IGMP " | |
2028 | "checksum on port %s in VLAN %d", | |
2029 | xbridge->name, in_xbundle->name, vlan); | |
2030 | return; | |
2031 | } | |
2032 | ||
86e2dcdd FL |
2033 | switch (ntohs(flow->tp_src)) { |
2034 | case IGMP_HOST_MEMBERSHIP_REPORT: | |
2035 | case IGMPV2_HOST_MEMBERSHIP_REPORT: | |
964a4d5f | 2036 | if (mcast_snooping_add_group4(ms, ip4, vlan, in_xbundle->ofbundle)) { |
86e2dcdd FL |
2037 | VLOG_DBG_RL(&rl, "bridge %s: multicast snooping learned that " |
2038 | IP_FMT" is on port %s in VLAN %d", | |
2039 | xbridge->name, IP_ARGS(ip4), in_xbundle->name, vlan); | |
2040 | } | |
2041 | break; | |
2042 | case IGMP_HOST_LEAVE_MESSAGE: | |
964a4d5f | 2043 | if (mcast_snooping_leave_group4(ms, ip4, vlan, in_xbundle->ofbundle)) { |
86e2dcdd FL |
2044 | VLOG_DBG_RL(&rl, "bridge %s: multicast snooping leaving " |
2045 | IP_FMT" is on port %s in VLAN %d", | |
2046 | xbridge->name, IP_ARGS(ip4), in_xbundle->name, vlan); | |
2047 | } | |
2048 | break; | |
2049 | case IGMP_HOST_MEMBERSHIP_QUERY: | |
2050 | if (flow->nw_src && mcast_snooping_add_mrouter(ms, vlan, | |
2051 | in_xbundle->ofbundle)) { | |
2052 | VLOG_DBG_RL(&rl, "bridge %s: multicast snooping query from " | |
2053 | IP_FMT" is on port %s in VLAN %d", | |
2054 | xbridge->name, IP_ARGS(flow->nw_src), | |
2055 | in_xbundle->name, vlan); | |
2056 | } | |
2057 | break; | |
e3102e42 TLSC |
2058 | case IGMPV3_HOST_MEMBERSHIP_REPORT: |
2059 | if ((count = mcast_snooping_add_report(ms, packet, vlan, | |
2060 | in_xbundle->ofbundle))) { | |
2061 | VLOG_DBG_RL(&rl, "bridge %s: multicast snooping processed %d " | |
2062 | "addresses on port %s in VLAN %d", | |
2063 | xbridge->name, count, in_xbundle->name, vlan); | |
2064 | } | |
2065 | break; | |
86e2dcdd FL |
2066 | } |
2067 | } | |
2068 | ||
06994f87 TLSC |
2069 | static void |
2070 | update_mcast_snooping_table6__(const struct xbridge *xbridge, | |
2071 | const struct flow *flow, | |
2072 | struct mcast_snooping *ms, int vlan, | |
2073 | struct xbundle *in_xbundle, | |
2074 | const struct dp_packet *packet) | |
2075 | OVS_REQ_WRLOCK(ms->rwlock) | |
2076 | { | |
2077 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(60, 30); | |
46445c63 | 2078 | const struct mld_header *mld; |
06994f87 | 2079 | int count; |
46445c63 EC |
2080 | size_t offset; |
2081 | ||
2082 | offset = (char *) dp_packet_l4(packet) - (char *) dp_packet_data(packet); | |
2083 | mld = dp_packet_at(packet, offset, MLD_HEADER_LEN); | |
2084 | ||
2085 | if (!mld || | |
2086 | packet_csum_upperlayer6(dp_packet_l3(packet), | |
2087 | mld, IPPROTO_ICMPV6, | |
2088 | dp_packet_l4_size(packet)) != 0) { | |
2089 | VLOG_DBG_RL(&rl, "bridge %s: multicast snooping received bad MLD " | |
2090 | "checksum on port %s in VLAN %d", | |
2091 | xbridge->name, in_xbundle->name, vlan); | |
2092 | return; | |
2093 | } | |
06994f87 TLSC |
2094 | |
2095 | switch (ntohs(flow->tp_src)) { | |
2096 | case MLD_QUERY: | |
2097 | if (!ipv6_addr_equals(&flow->ipv6_src, &in6addr_any) | |
2098 | && mcast_snooping_add_mrouter(ms, vlan, in_xbundle->ofbundle)) { | |
2099 | VLOG_DBG_RL(&rl, "bridge %s: multicast snooping query on port %s" | |
2100 | "in VLAN %d", | |
2101 | xbridge->name, in_xbundle->name, vlan); | |
2102 | } | |
2103 | break; | |
2104 | case MLD_REPORT: | |
2105 | case MLD_DONE: | |
2106 | case MLD2_REPORT: | |
2107 | count = mcast_snooping_add_mld(ms, packet, vlan, in_xbundle->ofbundle); | |
2108 | if (count) { | |
2109 | VLOG_DBG_RL(&rl, "bridge %s: multicast snooping processed %d " | |
2110 | "addresses on port %s in VLAN %d", | |
2111 | xbridge->name, count, in_xbundle->name, vlan); | |
2112 | } | |
2113 | break; | |
2114 | } | |
2115 | } | |
2116 | ||
86e2dcdd FL |
2117 | /* Updates multicast snooping table 'ms' given that a packet matching 'flow' |
2118 | * was received on 'in_xbundle' in 'vlan'. */ | |
2119 | static void | |
2120 | update_mcast_snooping_table(const struct xbridge *xbridge, | |
2121 | const struct flow *flow, int vlan, | |
e3102e42 TLSC |
2122 | struct xbundle *in_xbundle, |
2123 | const struct dp_packet *packet) | |
86e2dcdd FL |
2124 | { |
2125 | struct mcast_snooping *ms = xbridge->ms; | |
2126 | struct xlate_cfg *xcfg; | |
2127 | struct xbundle *mcast_xbundle; | |
f4ae6e23 | 2128 | struct mcast_port_bundle *fport; |
86e2dcdd FL |
2129 | |
2130 | /* Don't learn the OFPP_NONE port. */ | |
2131 | if (in_xbundle == &ofpp_none_bundle) { | |
2132 | return; | |
2133 | } | |
2134 | ||
2135 | /* Don't learn from flood ports */ | |
2136 | mcast_xbundle = NULL; | |
2137 | ovs_rwlock_wrlock(&ms->rwlock); | |
2138 | xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); | |
f4ae6e23 | 2139 | LIST_FOR_EACH(fport, node, &ms->fport_list) { |
86e2dcdd FL |
2140 | mcast_xbundle = xbundle_lookup(xcfg, fport->port); |
2141 | if (mcast_xbundle == in_xbundle) { | |
2142 | break; | |
2143 | } | |
2144 | } | |
2145 | ||
2146 | if (!mcast_xbundle || mcast_xbundle != in_xbundle) { | |
06994f87 TLSC |
2147 | if (flow->dl_type == htons(ETH_TYPE_IP)) { |
2148 | update_mcast_snooping_table4__(xbridge, flow, ms, vlan, | |
2149 | in_xbundle, packet); | |
2150 | } else { | |
2151 | update_mcast_snooping_table6__(xbridge, flow, ms, vlan, | |
2152 | in_xbundle, packet); | |
2153 | } | |
86e2dcdd FL |
2154 | } |
2155 | ovs_rwlock_unlock(&ms->rwlock); | |
2156 | } | |
2157 | ||
2158 | /* send the packet to ports having the multicast group learned */ | |
2159 | static void | |
2160 | xlate_normal_mcast_send_group(struct xlate_ctx *ctx, | |
2161 | struct mcast_snooping *ms OVS_UNUSED, | |
2162 | struct mcast_group *grp, | |
2163 | struct xbundle *in_xbundle, uint16_t vlan) | |
2164 | OVS_REQ_RDLOCK(ms->rwlock) | |
2165 | { | |
2166 | struct xlate_cfg *xcfg; | |
2167 | struct mcast_group_bundle *b; | |
2168 | struct xbundle *mcast_xbundle; | |
2169 | ||
2170 | xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); | |
2171 | LIST_FOR_EACH(b, bundle_node, &grp->bundle_lru) { | |
2172 | mcast_xbundle = xbundle_lookup(xcfg, b->port); | |
2173 | if (mcast_xbundle && mcast_xbundle != in_xbundle) { | |
2174 | xlate_report(ctx, "forwarding to mcast group port"); | |
2175 | output_normal(ctx, mcast_xbundle, vlan); | |
2176 | } else if (!mcast_xbundle) { | |
2177 | xlate_report(ctx, "mcast group port is unknown, dropping"); | |
2178 | } else { | |
2179 | xlate_report(ctx, "mcast group port is input port, dropping"); | |
2180 | } | |
2181 | } | |
2182 | } | |
2183 | ||
2184 | /* send the packet to ports connected to multicast routers */ | |
2185 | static void | |
2186 | xlate_normal_mcast_send_mrouters(struct xlate_ctx *ctx, | |
2187 | struct mcast_snooping *ms, | |
2188 | struct xbundle *in_xbundle, uint16_t vlan) | |
2189 | OVS_REQ_RDLOCK(ms->rwlock) | |
2190 | { | |
2191 | struct xlate_cfg *xcfg; | |
2192 | struct mcast_mrouter_bundle *mrouter; | |
2193 | struct xbundle *mcast_xbundle; | |
2194 | ||
2195 | xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); | |
2196 | LIST_FOR_EACH(mrouter, mrouter_node, &ms->mrouter_lru) { | |
2197 | mcast_xbundle = xbundle_lookup(xcfg, mrouter->port); | |
94a881c1 RD |
2198 | if (mcast_xbundle && mcast_xbundle != in_xbundle |
2199 | && mrouter->vlan == vlan) { | |
86e2dcdd FL |
2200 | xlate_report(ctx, "forwarding to mcast router port"); |
2201 | output_normal(ctx, mcast_xbundle, vlan); | |
2202 | } else if (!mcast_xbundle) { | |
2203 | xlate_report(ctx, "mcast router port is unknown, dropping"); | |
94a881c1 RD |
2204 | } else if (mrouter->vlan != vlan) { |
2205 | xlate_report(ctx, "mcast router is on another vlan, dropping"); | |
86e2dcdd FL |
2206 | } else { |
2207 | xlate_report(ctx, "mcast router port is input port, dropping"); | |
2208 | } | |
2209 | } | |
2210 | } | |
2211 | ||
2212 | /* send the packet to ports flagged to be flooded */ | |
2213 | static void | |
2214 | xlate_normal_mcast_send_fports(struct xlate_ctx *ctx, | |
2215 | struct mcast_snooping *ms, | |
2216 | struct xbundle *in_xbundle, uint16_t vlan) | |
2217 | OVS_REQ_RDLOCK(ms->rwlock) | |
2218 | { | |
2219 | struct xlate_cfg *xcfg; | |
f4ae6e23 | 2220 | struct mcast_port_bundle *fport; |
86e2dcdd FL |
2221 | struct xbundle *mcast_xbundle; |
2222 | ||
2223 | xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); | |
f4ae6e23 | 2224 | LIST_FOR_EACH(fport, node, &ms->fport_list) { |
86e2dcdd FL |
2225 | mcast_xbundle = xbundle_lookup(xcfg, fport->port); |
2226 | if (mcast_xbundle && mcast_xbundle != in_xbundle) { | |
2227 | xlate_report(ctx, "forwarding to mcast flood port"); | |
2228 | output_normal(ctx, mcast_xbundle, vlan); | |
2229 | } else if (!mcast_xbundle) { | |
2230 | xlate_report(ctx, "mcast flood port is unknown, dropping"); | |
2231 | } else { | |
2232 | xlate_report(ctx, "mcast flood port is input port, dropping"); | |
2233 | } | |
2234 | } | |
2235 | } | |
2236 | ||
8e04a33f FL |
2237 | /* forward the Reports to configured ports */ |
2238 | static void | |
2239 | xlate_normal_mcast_send_rports(struct xlate_ctx *ctx, | |
2240 | struct mcast_snooping *ms, | |
2241 | struct xbundle *in_xbundle, uint16_t vlan) | |
2242 | OVS_REQ_RDLOCK(ms->rwlock) | |
2243 | { | |
2244 | struct xlate_cfg *xcfg; | |
2245 | struct mcast_port_bundle *rport; | |
2246 | struct xbundle *mcast_xbundle; | |
2247 | ||
2248 | xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); | |
2249 | LIST_FOR_EACH(rport, node, &ms->rport_list) { | |
2250 | mcast_xbundle = xbundle_lookup(xcfg, rport->port); | |
2251 | if (mcast_xbundle && mcast_xbundle != in_xbundle) { | |
2252 | xlate_report(ctx, "forwarding Report to mcast flagged port"); | |
2253 | output_normal(ctx, mcast_xbundle, vlan); | |
2254 | } else if (!mcast_xbundle) { | |
2255 | xlate_report(ctx, "mcast port is unknown, dropping the Report"); | |
2256 | } else { | |
2257 | xlate_report(ctx, "mcast port is input port, dropping the Report"); | |
2258 | } | |
2259 | } | |
2260 | } | |
2261 | ||
682800a4 FL |
2262 | static void |
2263 | xlate_normal_flood(struct xlate_ctx *ctx, struct xbundle *in_xbundle, | |
2264 | uint16_t vlan) | |
2265 | { | |
2266 | struct xbundle *xbundle; | |
2267 | ||
2268 | LIST_FOR_EACH (xbundle, list_node, &ctx->xbridge->xbundles) { | |
2269 | if (xbundle != in_xbundle | |
2270 | && xbundle_includes_vlan(xbundle, vlan) | |
2271 | && xbundle->floodable | |
2272 | && !xbundle_mirror_out(ctx->xbridge, xbundle)) { | |
2273 | output_normal(ctx, xbundle, vlan); | |
2274 | } | |
2275 | } | |
2031ef97 | 2276 | ctx->nf_output_iface = NF_OUT_FLOOD; |
682800a4 FL |
2277 | } |
2278 | ||
a75636c8 BP |
2279 | static bool |
2280 | is_ip_local_multicast(const struct flow *flow, struct flow_wildcards *wc) | |
2281 | { | |
2282 | if (flow->dl_type == htons(ETH_TYPE_IP)) { | |
2283 | memset(&wc->masks.nw_dst, 0xff, sizeof wc->masks.nw_dst); | |
2284 | return ip_is_local_multicast(flow->nw_dst); | |
2285 | } else if (flow->dl_type == htons(ETH_TYPE_IPV6)) { | |
2286 | memset(&wc->masks.ipv6_dst, 0xff, sizeof wc->masks.ipv6_dst); | |
2287 | return ipv6_is_all_hosts(&flow->ipv6_dst); | |
2288 | } else { | |
2289 | return false; | |
2290 | } | |
2291 | } | |
2292 | ||
9583bc14 EJ |
2293 | static void |
2294 | xlate_normal(struct xlate_ctx *ctx) | |
2295 | { | |
49a73e0c | 2296 | struct flow_wildcards *wc = ctx->wc; |
33bf9176 | 2297 | struct flow *flow = &ctx->xin->flow; |
46c88433 EJ |
2298 | struct xbundle *in_xbundle; |
2299 | struct xport *in_port; | |
9583bc14 | 2300 | struct mac_entry *mac; |
d6d5bbc9 | 2301 | void *mac_port; |
9583bc14 EJ |
2302 | uint16_t vlan; |
2303 | uint16_t vid; | |
2304 | ||
33bf9176 BP |
2305 | memset(&wc->masks.dl_src, 0xff, sizeof wc->masks.dl_src); |
2306 | memset(&wc->masks.dl_dst, 0xff, sizeof wc->masks.dl_dst); | |
1dd35f8a | 2307 | wc->masks.vlan_tci |= htons(VLAN_VID_MASK | VLAN_CFI); |
9583bc14 | 2308 | |
46c88433 EJ |
2309 | in_xbundle = lookup_input_bundle(ctx->xbridge, flow->in_port.ofp_port, |
2310 | ctx->xin->packet != NULL, &in_port); | |
2311 | if (!in_xbundle) { | |
9583bc14 EJ |
2312 | xlate_report(ctx, "no input bundle, dropping"); |
2313 | return; | |
2314 | } | |
2315 | ||
2316 | /* Drop malformed frames. */ | |
33bf9176 BP |
2317 | if (flow->dl_type == htons(ETH_TYPE_VLAN) && |
2318 | !(flow->vlan_tci & htons(VLAN_CFI))) { | |
9583bc14 EJ |
2319 | if (ctx->xin->packet != NULL) { |
2320 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
2321 | VLOG_WARN_RL(&rl, "bridge %s: dropping packet with partial " | |
2322 | "VLAN tag received on port %s", | |
46c88433 | 2323 | ctx->xbridge->name, in_xbundle->name); |
9583bc14 EJ |
2324 | } |
2325 | xlate_report(ctx, "partial VLAN tag, dropping"); | |
2326 | return; | |
2327 | } | |
2328 | ||
2329 | /* Drop frames on bundles reserved for mirroring. */ | |
46c88433 | 2330 | if (xbundle_mirror_out(ctx->xbridge, in_xbundle)) { |
9583bc14 EJ |
2331 | if (ctx->xin->packet != NULL) { |
2332 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
2333 | VLOG_WARN_RL(&rl, "bridge %s: dropping packet received on port " | |
2334 | "%s, which is reserved exclusively for mirroring", | |
46c88433 | 2335 | ctx->xbridge->name, in_xbundle->name); |
9583bc14 EJ |
2336 | } |
2337 | xlate_report(ctx, "input port is mirror output port, dropping"); | |
2338 | return; | |
2339 | } | |
2340 | ||
2341 | /* Check VLAN. */ | |
33bf9176 | 2342 | vid = vlan_tci_to_vid(flow->vlan_tci); |
46c88433 | 2343 | if (!input_vid_is_valid(vid, in_xbundle, ctx->xin->packet != NULL)) { |
9583bc14 EJ |
2344 | xlate_report(ctx, "disallowed VLAN VID for this input port, dropping"); |
2345 | return; | |
2346 | } | |
46c88433 | 2347 | vlan = input_vid_to_vlan(in_xbundle, vid); |
9583bc14 EJ |
2348 | |
2349 | /* Check other admissibility requirements. */ | |
2350 | if (in_port && !is_admissible(ctx, in_port, vlan)) { | |
2351 | return; | |
2352 | } | |
2353 | ||
2354 | /* Learn source MAC. */ | |
064799a1 | 2355 | bool is_grat_arp = is_gratuitous_arp(flow, wc); |
df70a773 | 2356 | if (ctx->xin->allow_side_effects) { |
064799a1 JR |
2357 | update_learning_table(ctx->xbridge, in_xbundle, flow->dl_src, vlan, |
2358 | is_grat_arp); | |
9583bc14 | 2359 | } |
064799a1 | 2360 | if (ctx->xin->xcache && in_xbundle != &ofpp_none_bundle) { |
b256dc52 JS |
2361 | struct xc_entry *entry; |
2362 | ||
064799a1 | 2363 | /* Save just enough info to update mac learning table later. */ |
b256dc52 | 2364 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_NORMAL); |
901a517e JR |
2365 | entry->normal.ofproto = ctx->xbridge->ofproto; |
2366 | entry->normal.in_port = flow->in_port.ofp_port; | |
2367 | entry->normal.dl_src = flow->dl_src; | |
2368 | entry->normal.vlan = vlan; | |
2369 | entry->normal.is_gratuitous_arp = is_grat_arp; | |
b256dc52 | 2370 | } |
9583bc14 EJ |
2371 | |
2372 | /* Determine output bundle. */ | |
86e2dcdd FL |
2373 | if (mcast_snooping_enabled(ctx->xbridge->ms) |
2374 | && !eth_addr_is_broadcast(flow->dl_dst) | |
2375 | && eth_addr_is_multicast(flow->dl_dst) | |
06994f87 | 2376 | && is_ip_any(flow)) { |
86e2dcdd | 2377 | struct mcast_snooping *ms = ctx->xbridge->ms; |
06994f87 | 2378 | struct mcast_group *grp = NULL; |
86e2dcdd | 2379 | |
a75636c8 BP |
2380 | if (is_igmp(flow, wc)) { |
2381 | memset(&wc->masks.tp_src, 0xff, sizeof wc->masks.tp_src); | |
d29f137b TLSC |
2382 | if (mcast_snooping_is_membership(flow->tp_src) || |
2383 | mcast_snooping_is_query(flow->tp_src)) { | |
df70a773 | 2384 | if (ctx->xin->allow_side_effects && ctx->xin->packet) { |
86e2dcdd | 2385 | update_mcast_snooping_table(ctx->xbridge, flow, vlan, |
e3102e42 | 2386 | in_xbundle, ctx->xin->packet); |
d29f137b TLSC |
2387 | } |
2388 | /* | |
2389 | * IGMP packets need to take the slow path, in order to be | |
2390 | * processed for mdb updates. That will prevent expires | |
2391 | * firing off even after hosts have sent reports. | |
2392 | */ | |
2393 | ctx->xout->slow |= SLOW_ACTION; | |
86e2dcdd | 2394 | } |
d6d5bbc9 | 2395 | |
86e2dcdd FL |
2396 | if (mcast_snooping_is_membership(flow->tp_src)) { |
2397 | ovs_rwlock_rdlock(&ms->rwlock); | |
2398 | xlate_normal_mcast_send_mrouters(ctx, ms, in_xbundle, vlan); | |
8e04a33f FL |
2399 | /* RFC4541: section 2.1.1, item 1: A snooping switch should |
2400 | * forward IGMP Membership Reports only to those ports where | |
2401 | * multicast routers are attached. Alternatively stated: a | |
2402 | * snooping switch should not forward IGMP Membership Reports | |
2403 | * to ports on which only hosts are attached. | |
2404 | * An administrative control may be provided to override this | |
2405 | * restriction, allowing the report messages to be flooded to | |
2406 | * other ports. */ | |
2407 | xlate_normal_mcast_send_rports(ctx, ms, in_xbundle, vlan); | |
86e2dcdd FL |
2408 | ovs_rwlock_unlock(&ms->rwlock); |
2409 | } else { | |
2410 | xlate_report(ctx, "multicast traffic, flooding"); | |
2411 | xlate_normal_flood(ctx, in_xbundle, vlan); | |
2412 | } | |
2413 | return; | |
a75636c8 | 2414 | } else if (is_mld(flow, wc)) { |
06994f87 | 2415 | ctx->xout->slow |= SLOW_ACTION; |
df70a773 | 2416 | if (ctx->xin->allow_side_effects && ctx->xin->packet) { |
06994f87 TLSC |
2417 | update_mcast_snooping_table(ctx->xbridge, flow, vlan, |
2418 | in_xbundle, ctx->xin->packet); | |
2419 | } | |
a75636c8 | 2420 | if (is_mld_report(flow, wc)) { |
06994f87 TLSC |
2421 | ovs_rwlock_rdlock(&ms->rwlock); |
2422 | xlate_normal_mcast_send_mrouters(ctx, ms, in_xbundle, vlan); | |
2423 | xlate_normal_mcast_send_rports(ctx, ms, in_xbundle, vlan); | |
2424 | ovs_rwlock_unlock(&ms->rwlock); | |
2425 | } else { | |
2426 | xlate_report(ctx, "MLD query, flooding"); | |
2427 | xlate_normal_flood(ctx, in_xbundle, vlan); | |
2428 | } | |
86e2dcdd | 2429 | } else { |
a75636c8 | 2430 | if (is_ip_local_multicast(flow, wc)) { |
86e2dcdd FL |
2431 | /* RFC4541: section 2.1.2, item 2: Packets with a dst IP |
2432 | * address in the 224.0.0.x range which are not IGMP must | |
2433 | * be forwarded on all ports */ | |
2434 | xlate_report(ctx, "RFC4541: section 2.1.2, item 2, flooding"); | |
2435 | xlate_normal_flood(ctx, in_xbundle, vlan); | |
2436 | return; | |
2437 | } | |
2438 | } | |
2439 | ||
2440 | /* forwarding to group base ports */ | |
2441 | ovs_rwlock_rdlock(&ms->rwlock); | |
06994f87 TLSC |
2442 | if (flow->dl_type == htons(ETH_TYPE_IP)) { |
2443 | grp = mcast_snooping_lookup4(ms, flow->nw_dst, vlan); | |
2444 | } else if (flow->dl_type == htons(ETH_TYPE_IPV6)) { | |
2445 | grp = mcast_snooping_lookup(ms, &flow->ipv6_dst, vlan); | |
2446 | } | |
86e2dcdd FL |
2447 | if (grp) { |
2448 | xlate_normal_mcast_send_group(ctx, ms, grp, in_xbundle, vlan); | |
2449 | xlate_normal_mcast_send_fports(ctx, ms, in_xbundle, vlan); | |
2450 | xlate_normal_mcast_send_mrouters(ctx, ms, in_xbundle, vlan); | |
9583bc14 | 2451 | } else { |
86e2dcdd FL |
2452 | if (mcast_snooping_flood_unreg(ms)) { |
2453 | xlate_report(ctx, "unregistered multicast, flooding"); | |
2454 | xlate_normal_flood(ctx, in_xbundle, vlan); | |
2455 | } else { | |
2456 | xlate_normal_mcast_send_mrouters(ctx, ms, in_xbundle, vlan); | |
2457 | xlate_normal_mcast_send_fports(ctx, ms, in_xbundle, vlan); | |
2458 | } | |
9583bc14 | 2459 | } |
86e2dcdd | 2460 | ovs_rwlock_unlock(&ms->rwlock); |
9583bc14 | 2461 | } else { |
86e2dcdd FL |
2462 | ovs_rwlock_rdlock(&ctx->xbridge->ml->rwlock); |
2463 | mac = mac_learning_lookup(ctx->xbridge->ml, flow->dl_dst, vlan); | |
9d078ec2 | 2464 | mac_port = mac ? mac_entry_get_port(ctx->xbridge->ml, mac) : NULL; |
86e2dcdd FL |
2465 | ovs_rwlock_unlock(&ctx->xbridge->ml->rwlock); |
2466 | ||
2467 | if (mac_port) { | |
2468 | struct xlate_cfg *xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); | |
2469 | struct xbundle *mac_xbundle = xbundle_lookup(xcfg, mac_port); | |
2470 | if (mac_xbundle && mac_xbundle != in_xbundle) { | |
2471 | xlate_report(ctx, "forwarding to learned port"); | |
2472 | output_normal(ctx, mac_xbundle, vlan); | |
2473 | } else if (!mac_xbundle) { | |
2474 | xlate_report(ctx, "learned port is unknown, dropping"); | |
2475 | } else { | |
2476 | xlate_report(ctx, "learned port is input port, dropping"); | |
2477 | } | |
2478 | } else { | |
2479 | xlate_report(ctx, "no learned MAC for destination, flooding"); | |
2480 | xlate_normal_flood(ctx, in_xbundle, vlan); | |
2481 | } | |
9583bc14 EJ |
2482 | } |
2483 | } | |
2484 | ||
a6092018 BP |
2485 | /* Appends a "sample" action for sFlow or IPFIX to 'ctx->odp_actions'. The |
2486 | * 'probability' is the number of packets out of UINT32_MAX to sample. The | |
2487 | * 'cookie' (of length 'cookie_size' bytes) is passed back in the callback for | |
2488 | * each sampled packet. 'tunnel_out_port', if not ODPP_NONE, is added as the | |
2489 | * OVS_USERSPACE_ATTR_EGRESS_TUN_PORT attribute. If 'include_actions', an | |
f69f713b BY |
2490 | * OVS_USERSPACE_ATTR_ACTIONS attribute is added. If 'emit_set_tunnel', |
2491 | * sample(sampling_port=1) would translate into datapath sample action | |
2492 | * set(tunnel(...)), sample(...) and it is used for sampling egress tunnel | |
2493 | * information. | |
9583bc14 EJ |
2494 | */ |
2495 | static size_t | |
a6092018 | 2496 | compose_sample_action(struct xlate_ctx *ctx, |
9583bc14 EJ |
2497 | const uint32_t probability, |
2498 | const union user_action_cookie *cookie, | |
8b7ea2d4 | 2499 | const size_t cookie_size, |
7321bda3 NM |
2500 | const odp_port_t tunnel_out_port, |
2501 | bool include_actions) | |
9583bc14 | 2502 | { |
b97f2c3a BY |
2503 | if (probability == 0) { |
2504 | /* No need to generate sampling or the inner action. */ | |
2505 | return 0; | |
2506 | } | |
2507 | ||
72471622 BY |
2508 | /* No need to generate sample action for 100% sampling rate. */ |
2509 | bool is_sample = probability < UINT32_MAX; | |
2510 | size_t sample_offset, actions_offset; | |
2511 | if (is_sample) { | |
2512 | sample_offset = nl_msg_start_nested(ctx->odp_actions, | |
2513 | OVS_ACTION_ATTR_SAMPLE); | |
2514 | nl_msg_put_u32(ctx->odp_actions, OVS_SAMPLE_ATTR_PROBABILITY, | |
2515 | probability); | |
2516 | actions_offset = nl_msg_start_nested(ctx->odp_actions, | |
2517 | OVS_SAMPLE_ATTR_ACTIONS); | |
2518 | } | |
9583bc14 | 2519 | |
a6092018 BP |
2520 | odp_port_t odp_port = ofp_port_to_odp_port( |
2521 | ctx->xbridge, ctx->xin->flow.in_port.ofp_port); | |
2522 | uint32_t pid = dpif_port_get_pid(ctx->xbridge->dpif, odp_port, | |
2523 | flow_hash_5tuple(&ctx->xin->flow, 0)); | |
2524 | int cookie_offset = odp_put_userspace_action(pid, cookie, cookie_size, | |
2525 | tunnel_out_port, | |
2526 | include_actions, | |
2527 | ctx->odp_actions); | |
89a8a7f0 | 2528 | |
72471622 BY |
2529 | if (is_sample) { |
2530 | nl_msg_end_nested(ctx->odp_actions, actions_offset); | |
2531 | nl_msg_end_nested(ctx->odp_actions, sample_offset); | |
2532 | } | |
9583bc14 | 2533 | |
9583bc14 EJ |
2534 | return cookie_offset; |
2535 | } | |
2536 | ||
a6092018 BP |
2537 | /* If sFLow is not enabled, returns 0 without doing anything. |
2538 | * | |
2539 | * If sFlow is enabled, appends a template "sample" action to the ODP actions | |
2540 | * in 'ctx'. This action is a template because some of the information needed | |
2541 | * to fill it out is not available until flow translation is complete. In this | |
2542 | * case, this functions returns an offset, which is always nonzero, to pass | |
2543 | * later to fix_sflow_action() to fill in the rest of the template. */ | |
9583bc14 | 2544 | static size_t |
a6092018 | 2545 | compose_sflow_action(struct xlate_ctx *ctx) |
9583bc14 | 2546 | { |
a6092018 BP |
2547 | struct dpif_sflow *sflow = ctx->xbridge->sflow; |
2548 | if (!sflow || ctx->xin->flow.in_port.ofp_port == OFPP_NONE) { | |
9583bc14 EJ |
2549 | return 0; |
2550 | } | |
2551 | ||
a6092018 BP |
2552 | union user_action_cookie cookie = { .type = USER_ACTION_COOKIE_SFLOW }; |
2553 | return compose_sample_action(ctx, dpif_sflow_get_probability(sflow), | |
7321bda3 NM |
2554 | &cookie, sizeof cookie.sflow, ODPP_NONE, |
2555 | true); | |
9583bc14 EJ |
2556 | } |
2557 | ||
f69f713b BY |
2558 | /* If flow IPFIX is enabled, make sure IPFIX flow sample action |
2559 | * at egress point of tunnel port is just in front of corresponding | |
2560 | * output action. If bridge IPFIX is enabled, this appends an IPFIX | |
2561 | * sample action to 'ctx->odp_actions'. */ | |
9583bc14 | 2562 | static void |
a6092018 | 2563 | compose_ipfix_action(struct xlate_ctx *ctx, odp_port_t output_odp_port) |
9583bc14 | 2564 | { |
a6092018 | 2565 | struct dpif_ipfix *ipfix = ctx->xbridge->ipfix; |
8b7ea2d4 | 2566 | odp_port_t tunnel_out_port = ODPP_NONE; |
9583bc14 | 2567 | |
a6092018 | 2568 | if (!ipfix || ctx->xin->flow.in_port.ofp_port == OFPP_NONE) { |
9583bc14 EJ |
2569 | return; |
2570 | } | |
2571 | ||
8b7ea2d4 WZ |
2572 | /* For input case, output_odp_port is ODPP_NONE, which is an invalid port |
2573 | * number. */ | |
2574 | if (output_odp_port == ODPP_NONE && | |
a6092018 | 2575 | !dpif_ipfix_get_bridge_exporter_input_sampling(ipfix)) { |
8b7ea2d4 WZ |
2576 | return; |
2577 | } | |
2578 | ||
f69f713b | 2579 | /* For output case, output_odp_port is valid. */ |
8b7ea2d4 | 2580 | if (output_odp_port != ODPP_NONE) { |
a6092018 | 2581 | if (!dpif_ipfix_get_bridge_exporter_output_sampling(ipfix)) { |
8b7ea2d4 WZ |
2582 | return; |
2583 | } | |
2584 | /* If tunnel sampling is enabled, put an additional option attribute: | |
2585 | * OVS_USERSPACE_ATTR_TUNNEL_OUT_PORT | |
2586 | */ | |
a6092018 BP |
2587 | if (dpif_ipfix_get_bridge_exporter_tunnel_sampling(ipfix) && |
2588 | dpif_ipfix_get_tunnel_port(ipfix, output_odp_port) ) { | |
8b7ea2d4 WZ |
2589 | tunnel_out_port = output_odp_port; |
2590 | } | |
2591 | } | |
2592 | ||
a6092018 BP |
2593 | union user_action_cookie cookie = { |
2594 | .ipfix = { | |
2595 | .type = USER_ACTION_COOKIE_IPFIX, | |
2596 | .output_odp_port = output_odp_port, | |
2597 | } | |
2598 | }; | |
2599 | compose_sample_action(ctx, | |
2600 | dpif_ipfix_get_bridge_exporter_probability(ipfix), | |
7321bda3 NM |
2601 | &cookie, sizeof cookie.ipfix, tunnel_out_port, |
2602 | false); | |
9583bc14 EJ |
2603 | } |
2604 | ||
a6092018 BP |
2605 | /* Fix "sample" action according to data collected while composing ODP actions, |
2606 | * as described in compose_sflow_action(). | |
2607 | * | |
2608 | * 'user_cookie_offset' must be the offset returned by add_sflow_action(). */ | |
9583bc14 | 2609 | static void |
a6092018 | 2610 | fix_sflow_action(struct xlate_ctx *ctx, unsigned int user_cookie_offset) |
9583bc14 EJ |
2611 | { |
2612 | const struct flow *base = &ctx->base_flow; | |
2613 | union user_action_cookie *cookie; | |
2614 | ||
a6092018 | 2615 | cookie = ofpbuf_at(ctx->odp_actions, user_cookie_offset, |
9583bc14 EJ |
2616 | sizeof cookie->sflow); |
2617 | ovs_assert(cookie->type == USER_ACTION_COOKIE_SFLOW); | |
2618 | ||
a6092018 BP |
2619 | cookie->type = USER_ACTION_COOKIE_SFLOW; |
2620 | cookie->sflow.vlan_tci = base->vlan_tci; | |
2621 | ||
2622 | /* See http://www.sflow.org/sflow_version_5.txt (search for "Input/output | |
2623 | * port information") for the interpretation of cookie->output. */ | |
2624 | switch (ctx->sflow_n_outputs) { | |
2625 | case 0: | |
2626 | /* 0x40000000 | 256 means "packet dropped for unknown reason". */ | |
2627 | cookie->sflow.output = 0x40000000 | 256; | |
2628 | break; | |
2629 | ||
2630 | case 1: | |
2631 | cookie->sflow.output = dpif_sflow_odp_port_to_ifindex( | |
2632 | ctx->xbridge->sflow, ctx->sflow_odp_port); | |
2633 | if (cookie->sflow.output) { | |
2634 | break; | |
2635 | } | |
2636 | /* Fall through. */ | |
2637 | default: | |
2638 | /* 0x80000000 means "multiple output ports. */ | |
2639 | cookie->sflow.output = 0x80000000 | ctx->sflow_n_outputs; | |
2640 | break; | |
2641 | } | |
9583bc14 EJ |
2642 | } |
2643 | ||
515793d5 BP |
2644 | static bool |
2645 | process_special(struct xlate_ctx *ctx, const struct xport *xport) | |
db7d4e46 | 2646 | { |
515793d5 | 2647 | const struct flow *flow = &ctx->xin->flow; |
49a73e0c | 2648 | struct flow_wildcards *wc = ctx->wc; |
46c88433 | 2649 | const struct xbridge *xbridge = ctx->xbridge; |
515793d5 BP |
2650 | const struct dp_packet *packet = ctx->xin->packet; |
2651 | enum slow_path_reason slow; | |
642dc74d | 2652 | |
46c88433 | 2653 | if (!xport) { |
515793d5 | 2654 | slow = 0; |
46c88433 | 2655 | } else if (xport->cfm && cfm_should_process_flow(xport->cfm, flow, wc)) { |
db7d4e46 | 2656 | if (packet) { |
46c88433 | 2657 | cfm_process_heartbeat(xport->cfm, packet); |
db7d4e46 | 2658 | } |
515793d5 | 2659 | slow = SLOW_CFM; |
fab52e16 | 2660 | } else if (xport->bfd && bfd_should_process_flow(xport->bfd, flow, wc)) { |
db7d4e46 | 2661 | if (packet) { |
46c88433 | 2662 | bfd_process_packet(xport->bfd, flow, packet); |
60d02c72 AW |
2663 | /* If POLL received, immediately sends FINAL back. */ |
2664 | if (bfd_should_send_packet(xport->bfd)) { | |
6d308b28 | 2665 | ofproto_dpif_monitor_port_send_soon(xport->ofport); |
60d02c72 | 2666 | } |
db7d4e46 | 2667 | } |
515793d5 | 2668 | slow = SLOW_BFD; |
46c88433 | 2669 | } else if (xport->xbundle && xport->xbundle->lacp |
db7d4e46 JP |
2670 | && flow->dl_type == htons(ETH_TYPE_LACP)) { |
2671 | if (packet) { | |
46c88433 | 2672 | lacp_process_packet(xport->xbundle->lacp, xport->ofport, packet); |
db7d4e46 | 2673 | } |
515793d5 | 2674 | slow = SLOW_LACP; |
9efd308e DV |
2675 | } else if ((xbridge->stp || xbridge->rstp) && |
2676 | stp_should_process_flow(flow, wc)) { | |
db7d4e46 | 2677 | if (packet) { |
f025bcb7 JR |
2678 | xbridge->stp |
2679 | ? stp_process_packet(xport, packet) | |
2680 | : rstp_process_packet(xport, packet); | |
db7d4e46 | 2681 | } |
515793d5 | 2682 | slow = SLOW_STP; |
19aef6ef | 2683 | } else if (xport->lldp && lldp_should_process_flow(xport->lldp, flow)) { |
0477baa9 DF |
2684 | if (packet) { |
2685 | lldp_process_packet(xport->lldp, packet); | |
2686 | } | |
515793d5 | 2687 | slow = SLOW_LLDP; |
db7d4e46 | 2688 | } else { |
515793d5 BP |
2689 | slow = 0; |
2690 | } | |
2691 | ||
2692 | if (slow) { | |
2693 | ctx->xout->slow |= slow; | |
2694 | return true; | |
2695 | } else { | |
2696 | return false; | |
db7d4e46 JP |
2697 | } |
2698 | } | |
2699 | ||
a36de779 PS |
2700 | static int |
2701 | tnl_route_lookup_flow(const struct flow *oflow, | |
a8704b50 PS |
2702 | struct in6_addr *ip, struct in6_addr *src, |
2703 | struct xport **out_port) | |
a36de779 PS |
2704 | { |
2705 | char out_dev[IFNAMSIZ]; | |
2706 | struct xbridge *xbridge; | |
2707 | struct xlate_cfg *xcfg; | |
c2b878e0 TLSC |
2708 | struct in6_addr gw; |
2709 | struct in6_addr dst; | |
a36de779 | 2710 | |
c2b878e0 | 2711 | dst = flow_tnl_dst(&oflow->tunnel); |
a8704b50 | 2712 | if (!ovs_router_lookup(&dst, out_dev, src, &gw)) { |
a36de779 PS |
2713 | return -ENOENT; |
2714 | } | |
2715 | ||
c2b878e0 TLSC |
2716 | if (ipv6_addr_is_set(&gw) && |
2717 | (!IN6_IS_ADDR_V4MAPPED(&gw) || in6_addr_get_mapped_ipv4(&gw))) { | |
a36de779 PS |
2718 | *ip = gw; |
2719 | } else { | |
c2b878e0 | 2720 | *ip = dst; |
a36de779 PS |
2721 | } |
2722 | ||
2723 | xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); | |
2724 | ovs_assert(xcfg); | |
2725 | ||
2726 | HMAP_FOR_EACH (xbridge, hmap_node, &xcfg->xbridges) { | |
2727 | if (!strncmp(xbridge->name, out_dev, IFNAMSIZ)) { | |
2728 | struct xport *port; | |
2729 | ||
2730 | HMAP_FOR_EACH (port, ofp_node, &xbridge->xports) { | |
2731 | if (!strncmp(netdev_get_name(port->netdev), out_dev, IFNAMSIZ)) { | |
2732 | *out_port = port; | |
2733 | return 0; | |
2734 | } | |
2735 | } | |
2736 | } | |
2737 | } | |
2738 | return -ENOENT; | |
2739 | } | |
2740 | ||
2741 | static int | |
cdd42eda JG |
2742 | compose_table_xlate(struct xlate_ctx *ctx, const struct xport *out_dev, |
2743 | struct dp_packet *packet) | |
a36de779 | 2744 | { |
cdd42eda | 2745 | struct xbridge *xbridge = out_dev->xbridge; |
a36de779 PS |
2746 | struct ofpact_output output; |
2747 | struct flow flow; | |
2748 | ||
2749 | ofpact_init(&output.ofpact, OFPACT_OUTPUT, sizeof output); | |
cf62fa4c | 2750 | flow_extract(packet, &flow); |
cdd42eda JG |
2751 | flow.in_port.ofp_port = out_dev->ofp_port; |
2752 | output.port = OFPP_TABLE; | |
a36de779 PS |
2753 | output.max_len = 0; |
2754 | ||
1f4a8933 JR |
2755 | return ofproto_dpif_execute_actions__(xbridge->ofproto, |
2756 | ctx->xin->tables_version, &flow, | |
2757 | NULL, &output.ofpact, sizeof output, | |
790c5d26 BP |
2758 | ctx->indentation, ctx->depth, |
2759 | ctx->resubmits, packet); | |
a36de779 PS |
2760 | } |
2761 | ||
c2b878e0 TLSC |
2762 | static void |
2763 | tnl_send_nd_request(struct xlate_ctx *ctx, const struct xport *out_dev, | |
2764 | const struct eth_addr eth_src, | |
2765 | struct in6_addr * ipv6_src, struct in6_addr * ipv6_dst) | |
2766 | { | |
2767 | struct dp_packet packet; | |
2768 | ||
2769 | dp_packet_init(&packet, 0); | |
16187903 | 2770 | compose_nd_ns(&packet, eth_src, ipv6_src, ipv6_dst); |
c2b878e0 TLSC |
2771 | compose_table_xlate(ctx, out_dev, &packet); |
2772 | dp_packet_uninit(&packet); | |
2773 | } | |
2774 | ||
a36de779 | 2775 | static void |
cdd42eda | 2776 | tnl_send_arp_request(struct xlate_ctx *ctx, const struct xport *out_dev, |
74ff3298 | 2777 | const struct eth_addr eth_src, |
a36de779 PS |
2778 | ovs_be32 ip_src, ovs_be32 ip_dst) |
2779 | { | |
cf62fa4c | 2780 | struct dp_packet packet; |
a36de779 | 2781 | |
cf62fa4c | 2782 | dp_packet_init(&packet, 0); |
eb0b295e BP |
2783 | compose_arp(&packet, ARP_OP_REQUEST, |
2784 | eth_src, eth_addr_zero, true, ip_src, ip_dst); | |
a36de779 | 2785 | |
cdd42eda | 2786 | compose_table_xlate(ctx, out_dev, &packet); |
cf62fa4c | 2787 | dp_packet_uninit(&packet); |
a36de779 PS |
2788 | } |
2789 | ||
2790 | static int | |
81de18ec | 2791 | build_tunnel_send(struct xlate_ctx *ctx, const struct xport *xport, |
a36de779 PS |
2792 | const struct flow *flow, odp_port_t tunnel_odp_port) |
2793 | { | |
4975aa3e | 2794 | struct netdev_tnl_build_header_params tnl_params; |
a36de779 PS |
2795 | struct ovs_action_push_tnl tnl_push_data; |
2796 | struct xport *out_dev = NULL; | |
c2b878e0 TLSC |
2797 | ovs_be32 s_ip = 0, d_ip = 0; |
2798 | struct in6_addr s_ip6 = in6addr_any; | |
2799 | struct in6_addr d_ip6 = in6addr_any; | |
74ff3298 JR |
2800 | struct eth_addr smac; |
2801 | struct eth_addr dmac; | |
a36de779 | 2802 | int err; |
c2b878e0 TLSC |
2803 | char buf_sip6[INET6_ADDRSTRLEN]; |
2804 | char buf_dip6[INET6_ADDRSTRLEN]; | |
a36de779 | 2805 | |
a8704b50 | 2806 | err = tnl_route_lookup_flow(flow, &d_ip6, &s_ip6, &out_dev); |
a36de779 | 2807 | if (err) { |
81de18ec | 2808 | xlate_report(ctx, "native tunnel routing failed"); |
a36de779 PS |
2809 | return err; |
2810 | } | |
c2b878e0 TLSC |
2811 | |
2812 | xlate_report(ctx, "tunneling to %s via %s", | |
2813 | ipv6_string_mapped(buf_dip6, &d_ip6), | |
2814 | netdev_get_name(out_dev->netdev)); | |
a36de779 PS |
2815 | |
2816 | /* Use mac addr of bridge port of the peer. */ | |
74ff3298 | 2817 | err = netdev_get_etheraddr(out_dev->netdev, &smac); |
a36de779 | 2818 | if (err) { |
81de18ec | 2819 | xlate_report(ctx, "tunnel output device lacks Ethernet address"); |
a36de779 PS |
2820 | return err; |
2821 | } | |
2822 | ||
c2b878e0 TLSC |
2823 | d_ip = in6_addr_get_mapped_ipv4(&d_ip6); |
2824 | if (d_ip) { | |
a8704b50 | 2825 | s_ip = in6_addr_get_mapped_ipv4(&s_ip6); |
a36de779 PS |
2826 | } |
2827 | ||
c2b878e0 | 2828 | err = tnl_neigh_lookup(out_dev->xbridge->name, &d_ip6, &dmac); |
a36de779 | 2829 | if (err) { |
c2b878e0 TLSC |
2830 | xlate_report(ctx, "neighbor cache miss for %s on bridge %s, " |
2831 | "sending %s request", | |
2832 | buf_dip6, out_dev->xbridge->name, d_ip ? "ARP" : "ND"); | |
2833 | if (d_ip) { | |
2834 | tnl_send_arp_request(ctx, out_dev, smac, s_ip, d_ip); | |
2835 | } else { | |
2836 | tnl_send_nd_request(ctx, out_dev, smac, &s_ip6, &d_ip6); | |
2837 | } | |
a36de779 PS |
2838 | return err; |
2839 | } | |
c2b878e0 | 2840 | |
a36de779 PS |
2841 | if (ctx->xin->xcache) { |
2842 | struct xc_entry *entry; | |
2843 | ||
53902038 | 2844 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_TNL_NEIGH); |
901a517e JR |
2845 | ovs_strlcpy(entry->tnl_neigh_cache.br_name, out_dev->xbridge->name, |
2846 | sizeof entry->tnl_neigh_cache.br_name); | |
2847 | entry->tnl_neigh_cache.d_ipv6 = d_ip6; | |
a36de779 | 2848 | } |
81de18ec | 2849 | |
c2b878e0 TLSC |
2850 | xlate_report(ctx, "tunneling from "ETH_ADDR_FMT" %s" |
2851 | " to "ETH_ADDR_FMT" %s", | |
2852 | ETH_ADDR_ARGS(smac), ipv6_string_mapped(buf_sip6, &s_ip6), | |
2853 | ETH_ADDR_ARGS(dmac), buf_dip6); | |
2854 | ||
4975aa3e PS |
2855 | netdev_init_tnl_build_header_params(&tnl_params, flow, &s_ip6, dmac, smac); |
2856 | err = tnl_port_build_header(xport->ofport, &tnl_push_data, &tnl_params); | |
a36de779 PS |
2857 | if (err) { |
2858 | return err; | |
2859 | } | |
2860 | tnl_push_data.tnl_port = odp_to_u32(tunnel_odp_port); | |
2861 | tnl_push_data.out_port = odp_to_u32(out_dev->odp_port); | |
1520ef4f | 2862 | odp_put_tnl_push_action(ctx->odp_actions, &tnl_push_data); |
a36de779 PS |
2863 | return 0; |
2864 | } | |
2865 | ||
704bb0bf JS |
2866 | static void |
2867 | xlate_commit_actions(struct xlate_ctx *ctx) | |
2868 | { | |
2869 | bool use_masked = ctx->xbridge->support.masked_set_action; | |
2870 | ||
2871 | ctx->xout->slow |= commit_odp_actions(&ctx->xin->flow, &ctx->base_flow, | |
2872 | ctx->odp_actions, ctx->wc, | |
2873 | use_masked); | |
2874 | } | |
2875 | ||
07659514 JS |
2876 | static void |
2877 | clear_conntrack(struct flow *flow) | |
2878 | { | |
2879 | flow->ct_state = 0; | |
2880 | flow->ct_zone = 0; | |
8e53fe8c | 2881 | flow->ct_mark = 0; |
9daf2348 | 2882 | memset(&flow->ct_label, 0, sizeof flow->ct_label); |
07659514 JS |
2883 | } |
2884 | ||
58d636ee BK |
2885 | static bool |
2886 | xlate_flow_is_protected(const struct xlate_ctx *ctx, const struct flow *flow, const struct xport *xport_out) | |
2887 | { | |
2888 | const struct xport *xport_in; | |
2889 | ||
2890 | if (!xport_out) { | |
2891 | return false; | |
2892 | } | |
2893 | ||
2894 | xport_in = get_ofp_port(ctx->xbridge, flow->in_port.ofp_port); | |
2895 | ||
2896 | return (xport_in && xport_in->xbundle && xport_out->xbundle && | |
2897 | xport_in->xbundle->protected && xport_out->xbundle->protected); | |
2898 | } | |
2899 | ||
2900 | ||
9583bc14 | 2901 | static void |
4e022ec0 | 2902 | compose_output_action__(struct xlate_ctx *ctx, ofp_port_t ofp_port, |
e93ef1c7 | 2903 | const struct xlate_bond_recirc *xr, bool check_stp) |
9583bc14 | 2904 | { |
46c88433 | 2905 | const struct xport *xport = get_ofp_port(ctx->xbridge, ofp_port); |
49a73e0c | 2906 | struct flow_wildcards *wc = ctx->wc; |
33bf9176 | 2907 | struct flow *flow = &ctx->xin->flow; |
a36de779 | 2908 | struct flow_tnl flow_tnl; |
9583bc14 | 2909 | ovs_be16 flow_vlan_tci; |
1362e248 | 2910 | uint32_t flow_pkt_mark; |
9583bc14 | 2911 | uint8_t flow_nw_tos; |
4e022ec0 | 2912 | odp_port_t out_port, odp_port; |
a36de779 | 2913 | bool tnl_push_pop_send = false; |
ca077186 | 2914 | uint8_t dscp; |
9583bc14 EJ |
2915 | |
2916 | /* If 'struct flow' gets additional metadata, we'll need to zero it out | |
2917 | * before traversing a patch port. */ | |
847b8b02 | 2918 | BUILD_ASSERT_DECL(FLOW_WC_SEQ == 36); |
a36de779 | 2919 | memset(&flow_tnl, 0, sizeof flow_tnl); |
9583bc14 | 2920 | |
46c88433 | 2921 | if (!xport) { |
9583bc14 EJ |
2922 | xlate_report(ctx, "Nonexistent output port"); |
2923 | return; | |
46c88433 | 2924 | } else if (xport->config & OFPUTIL_PC_NO_FWD) { |
9583bc14 EJ |
2925 | xlate_report(ctx, "OFPPC_NO_FWD set, skipping output"); |
2926 | return; | |
1356dbd1 WT |
2927 | } else if (ctx->mirror_snaplen != 0 && xport->odp_port == ODPP_NONE) { |
2928 | xlate_report(ctx, "Mirror truncate to ODPP_NONE, skipping output"); | |
2929 | return; | |
58d636ee BK |
2930 | } else if (xlate_flow_is_protected(ctx, flow, xport)) { |
2931 | xlate_report(ctx, "Flow is between protected ports, skipping output."); | |
2932 | return; | |
0d1cee12 | 2933 | } else if (check_stp) { |
bbbca389 | 2934 | if (is_stp(&ctx->base_flow)) { |
9efd308e DV |
2935 | if (!xport_stp_should_forward_bpdu(xport) && |
2936 | !xport_rstp_should_manage_bpdu(xport)) { | |
2937 | if (ctx->xbridge->stp != NULL) { | |
2938 | xlate_report(ctx, "STP not in listening state, " | |
2939 | "skipping bpdu output"); | |
2940 | } else if (ctx->xbridge->rstp != NULL) { | |
2941 | xlate_report(ctx, "RSTP not managing BPDU in this state, " | |
2942 | "skipping bpdu output"); | |
2943 | } | |
0d1cee12 K |
2944 | return; |
2945 | } | |
9efd308e DV |
2946 | } else if (!xport_stp_forward_state(xport) || |
2947 | !xport_rstp_forward_state(xport)) { | |
2948 | if (ctx->xbridge->stp != NULL) { | |
2949 | xlate_report(ctx, "STP not in forwarding state, " | |
2950 | "skipping output"); | |
2951 | } else if (ctx->xbridge->rstp != NULL) { | |
2952 | xlate_report(ctx, "RSTP not in forwarding state, " | |
2953 | "skipping output"); | |
2954 | } | |
0d1cee12 K |
2955 | return; |
2956 | } | |
9583bc14 EJ |
2957 | } |
2958 | ||
46c88433 EJ |
2959 | if (xport->peer) { |
2960 | const struct xport *peer = xport->peer; | |
9583bc14 | 2961 | struct flow old_flow = ctx->xin->flow; |
8d8ab6c2 | 2962 | struct flow_tnl old_flow_tnl_wc = ctx->wc->masks.tunnel; |
07659514 | 2963 | bool old_conntrack = ctx->conntracked; |
e12ec36b | 2964 | bool old_was_mpls = ctx->was_mpls; |
1f4a8933 | 2965 | ovs_version_t old_version = ctx->xin->tables_version; |
1774d762 | 2966 | struct ofpbuf old_stack = ctx->stack; |
84cf3c1f | 2967 | uint8_t new_stack[1024]; |
ed9c9e3e JR |
2968 | struct ofpbuf old_action_set = ctx->action_set; |
2969 | uint64_t actset_stub[1024 / 8]; | |
9583bc14 | 2970 | |
1774d762 | 2971 | ofpbuf_use_stub(&ctx->stack, new_stack, sizeof new_stack); |
ed9c9e3e | 2972 | ofpbuf_use_stub(&ctx->action_set, actset_stub, sizeof actset_stub); |
46c88433 | 2973 | flow->in_port.ofp_port = peer->ofp_port; |
33bf9176 BP |
2974 | flow->metadata = htonll(0); |
2975 | memset(&flow->tunnel, 0, sizeof flow->tunnel); | |
07a3cd5c BP |
2976 | flow->tunnel.metadata.tab = ofproto_get_tun_tab( |
2977 | &peer->xbridge->ofproto->up); | |
8d8ab6c2 | 2978 | ctx->wc->masks.tunnel.metadata.tab = flow->tunnel.metadata.tab; |
33bf9176 | 2979 | memset(flow->regs, 0, sizeof flow->regs); |
c61f3870 | 2980 | flow->actset_output = OFPP_UNSET; |
07659514 JS |
2981 | ctx->conntracked = false; |
2982 | clear_conntrack(flow); | |
9583bc14 | 2983 | |
76f3c260 BP |
2984 | /* When the patch port points to a different bridge, then the mirrors |
2985 | * for that bridge clearly apply independently to the packet, so we | |
2986 | * reset the mirror bitmap to zero and then restore it after the packet | |
2987 | * returns. | |
2988 | * | |
2989 | * When the patch port points to the same bridge, this is more of a | |
2990 | * design decision: can mirrors be re-applied to the packet after it | |
2991 | * re-enters the bridge, or should we treat that as doubly mirroring a | |
2992 | * single packet? The former may be cleaner, since it respects the | |
2993 | * model in which a patch port is like a physical cable plugged from | |
2994 | * one switch port to another, but the latter may be less surprising to | |
2995 | * users. We take the latter choice, for now at least. (To use the | |
2996 | * former choice, hard-code 'independent_mirrors' to "true".) */ | |
2997 | mirror_mask_t old_mirrors = ctx->mirrors; | |
2998 | bool independent_mirrors = peer->xbridge != ctx->xbridge; | |
2999 | if (independent_mirrors) { | |
3000 | ctx->mirrors = 0; | |
3001 | } | |
3002 | ctx->xbridge = peer->xbridge; | |
3003 | ||
621b8064 | 3004 | /* The bridge is now known so obtain its table version. */ |
1f4a8933 | 3005 | ctx->xin->tables_version |
621b8064 JR |
3006 | = ofproto_dpif_get_tables_version(ctx->xbridge->ofproto); |
3007 | ||
515793d5 | 3008 | if (!process_special(ctx, peer) && may_receive(peer, ctx)) { |
9efd308e | 3009 | if (xport_stp_forward_state(peer) && xport_rstp_forward_state(peer)) { |
e672ff9b | 3010 | xlate_table_action(ctx, flow->in_port.ofp_port, 0, true, true); |
1d361a81 | 3011 | if (!ctx->freezing) { |
8a5fb3b4 | 3012 | xlate_action_set(ctx); |
e672ff9b | 3013 | } |
1d361a81 | 3014 | if (ctx->freezing) { |
77ab5fd2 | 3015 | finish_freezing(ctx); |
ed9c9e3e | 3016 | } |
9583bc14 | 3017 | } else { |
9efd308e DV |
3018 | /* Forwarding is disabled by STP and RSTP. Let OFPP_NORMAL and |
3019 | * the learning action look at the packet, then drop it. */ | |
9583bc14 | 3020 | struct flow old_base_flow = ctx->base_flow; |
1520ef4f | 3021 | size_t old_size = ctx->odp_actions->size; |
76f3c260 | 3022 | mirror_mask_t old_mirrors2 = ctx->mirrors; |
f3d5b473 | 3023 | |
e672ff9b | 3024 | xlate_table_action(ctx, flow->in_port.ofp_port, 0, true, true); |
76f3c260 | 3025 | ctx->mirrors = old_mirrors2; |
9583bc14 | 3026 | ctx->base_flow = old_base_flow; |
1520ef4f | 3027 | ctx->odp_actions->size = old_size; |
e672ff9b | 3028 | |
1d361a81 BP |
3029 | /* Undo changes that may have been done for freezing. */ |
3030 | ctx_cancel_freeze(ctx); | |
9583bc14 EJ |
3031 | } |
3032 | } | |
3033 | ||
76f3c260 BP |
3034 | if (independent_mirrors) { |
3035 | ctx->mirrors = old_mirrors; | |
3036 | } | |
9583bc14 | 3037 | ctx->xin->flow = old_flow; |
832554e3 | 3038 | ctx->xbridge = xport->xbridge; |
ed9c9e3e JR |
3039 | ofpbuf_uninit(&ctx->action_set); |
3040 | ctx->action_set = old_action_set; | |
1774d762 JR |
3041 | ofpbuf_uninit(&ctx->stack); |
3042 | ctx->stack = old_stack; | |
9583bc14 | 3043 | |
621b8064 | 3044 | /* Restore calling bridge's lookup version. */ |
1f4a8933 | 3045 | ctx->xin->tables_version = old_version; |
621b8064 | 3046 | |
8d8ab6c2 JG |
3047 | /* Since this packet came in on a patch port (from the perspective of |
3048 | * the peer bridge), it cannot have useful tunnel information. As a | |
3049 | * result, any wildcards generated on that tunnel also cannot be valid. | |
3050 | * The tunnel wildcards must be restored to their original version since | |
3051 | * the peer bridge uses a separate tunnel metadata table and therefore | |
3052 | * any generated wildcards will be garbage in the context of our | |
3053 | * metadata table. */ | |
3054 | ctx->wc->masks.tunnel = old_flow_tnl_wc; | |
3055 | ||
e12ec36b SH |
3056 | /* The peer bridge popping MPLS should have no effect on the original |
3057 | * bridge. */ | |
3058 | ctx->was_mpls = old_was_mpls; | |
3059 | ||
07659514 JS |
3060 | /* The peer bridge's conntrack execution should have no effect on the |
3061 | * original bridge. */ | |
3062 | ctx->conntracked = old_conntrack; | |
3063 | ||
f3d5b473 JR |
3064 | /* The fact that the peer bridge exits (for any reason) does not mean |
3065 | * that the original bridge should exit. Specifically, if the peer | |
1d361a81 BP |
3066 | * bridge freezes translation, the original bridge must continue |
3067 | * processing with the original, not the frozen packet! */ | |
f3d5b473 JR |
3068 | ctx->exit = false; |
3069 | ||
fff1b9c0 JR |
3070 | /* Peer bridge errors do not propagate back. */ |
3071 | ctx->error = XLATE_OK; | |
3072 | ||
9583bc14 | 3073 | if (ctx->xin->resubmit_stats) { |
46c88433 EJ |
3074 | netdev_vport_inc_tx(xport->netdev, ctx->xin->resubmit_stats); |
3075 | netdev_vport_inc_rx(peer->netdev, ctx->xin->resubmit_stats); | |
a1aeea86 AW |
3076 | if (peer->bfd) { |
3077 | bfd_account_rx(peer->bfd, ctx->xin->resubmit_stats); | |
3078 | } | |
9583bc14 | 3079 | } |
b256dc52 JS |
3080 | if (ctx->xin->xcache) { |
3081 | struct xc_entry *entry; | |
3082 | ||
3083 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_NETDEV); | |
901a517e JR |
3084 | entry->dev.tx = netdev_ref(xport->netdev); |
3085 | entry->dev.rx = netdev_ref(peer->netdev); | |
3086 | entry->dev.bfd = bfd_ref(peer->bfd); | |
b256dc52 | 3087 | } |
9583bc14 EJ |
3088 | return; |
3089 | } | |
3090 | ||
33bf9176 | 3091 | flow_vlan_tci = flow->vlan_tci; |
1362e248 | 3092 | flow_pkt_mark = flow->pkt_mark; |
33bf9176 | 3093 | flow_nw_tos = flow->nw_tos; |
9583bc14 | 3094 | |
16194afd DDP |
3095 | if (count_skb_priorities(xport)) { |
3096 | memset(&wc->masks.skb_priority, 0xff, sizeof wc->masks.skb_priority); | |
3097 | if (dscp_from_skb_priority(xport, flow->skb_priority, &dscp)) { | |
3098 | wc->masks.nw_tos |= IP_DSCP_MASK; | |
3099 | flow->nw_tos &= ~IP_DSCP_MASK; | |
3100 | flow->nw_tos |= dscp; | |
3101 | } | |
9583bc14 EJ |
3102 | } |
3103 | ||
46c88433 | 3104 | if (xport->is_tunnel) { |
c2b878e0 | 3105 | struct in6_addr dst; |
9583bc14 EJ |
3106 | /* Save tunnel metadata so that changes made due to |
3107 | * the Logical (tunnel) Port are not visible for any further | |
3108 | * matches, while explicit set actions on tunnel metadata are. | |
3109 | */ | |
a36de779 | 3110 | flow_tnl = flow->tunnel; |
49a73e0c | 3111 | odp_port = tnl_port_send(xport->ofport, flow, ctx->wc); |
4e022ec0 | 3112 | if (odp_port == ODPP_NONE) { |
9583bc14 EJ |
3113 | xlate_report(ctx, "Tunneling decided against output"); |
3114 | goto out; /* restore flow_nw_tos */ | |
3115 | } | |
c2b878e0 TLSC |
3116 | dst = flow_tnl_dst(&flow->tunnel); |
3117 | if (ipv6_addr_equals(&dst, &ctx->orig_tunnel_ipv6_dst)) { | |
9583bc14 EJ |
3118 | xlate_report(ctx, "Not tunneling to our own address"); |
3119 | goto out; /* restore flow_nw_tos */ | |
3120 | } | |
3121 | if (ctx->xin->resubmit_stats) { | |
46c88433 | 3122 | netdev_vport_inc_tx(xport->netdev, ctx->xin->resubmit_stats); |
9583bc14 | 3123 | } |
b256dc52 JS |
3124 | if (ctx->xin->xcache) { |
3125 | struct xc_entry *entry; | |
3126 | ||
3127 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_NETDEV); | |
901a517e | 3128 | entry->dev.tx = netdev_ref(xport->netdev); |
b256dc52 | 3129 | } |
9583bc14 | 3130 | out_port = odp_port; |
a36de779 | 3131 | if (ovs_native_tunneling_is_on(ctx->xbridge->ofproto)) { |
81de18ec | 3132 | xlate_report(ctx, "output to native tunnel"); |
a36de779 PS |
3133 | tnl_push_pop_send = true; |
3134 | } else { | |
81de18ec | 3135 | xlate_report(ctx, "output to kernel tunnel"); |
1520ef4f | 3136 | commit_odp_tunnel_action(flow, &ctx->base_flow, ctx->odp_actions); |
a36de779 PS |
3137 | flow->tunnel = flow_tnl; /* Restore tunnel metadata */ |
3138 | } | |
9583bc14 | 3139 | } else { |
46c88433 | 3140 | odp_port = xport->odp_port; |
7614e5d0 | 3141 | out_port = odp_port; |
9583bc14 | 3142 | } |
9583bc14 | 3143 | |
4e022ec0 | 3144 | if (out_port != ODPP_NONE) { |
704bb0bf | 3145 | xlate_commit_actions(ctx); |
adcf00ba | 3146 | |
e93ef1c7 | 3147 | if (xr) { |
347bf289 | 3148 | struct ovs_action_hash *act_hash; |
adcf00ba | 3149 | |
347bf289 | 3150 | /* Hash action. */ |
1520ef4f | 3151 | act_hash = nl_msg_put_unspec_uninit(ctx->odp_actions, |
347bf289 AZ |
3152 | OVS_ACTION_ATTR_HASH, |
3153 | sizeof *act_hash); | |
3154 | act_hash->hash_alg = xr->hash_alg; | |
62ac1f20 | 3155 | act_hash->hash_basis = xr->hash_basis; |
347bf289 AZ |
3156 | |
3157 | /* Recirc action. */ | |
1520ef4f | 3158 | nl_msg_put_u32(ctx->odp_actions, OVS_ACTION_ATTR_RECIRC, |
347bf289 | 3159 | xr->recirc_id); |
adcf00ba | 3160 | } else { |
a36de779 PS |
3161 | |
3162 | if (tnl_push_pop_send) { | |
3163 | build_tunnel_send(ctx, xport, flow, odp_port); | |
3164 | flow->tunnel = flow_tnl; /* Restore tunnel metadata */ | |
3165 | } else { | |
3166 | odp_port_t odp_tnl_port = ODPP_NONE; | |
3167 | ||
3168 | /* XXX: Write better Filter for tunnel port. We can use inport | |
3169 | * int tunnel-port flow to avoid these checks completely. */ | |
3170 | if (ofp_port == OFPP_LOCAL && | |
3171 | ovs_native_tunneling_is_on(ctx->xbridge->ofproto)) { | |
3172 | ||
3173 | odp_tnl_port = tnl_port_map_lookup(flow, wc); | |
3174 | } | |
3175 | ||
3176 | if (odp_tnl_port != ODPP_NONE) { | |
1520ef4f | 3177 | nl_msg_put_odp_port(ctx->odp_actions, |
a36de779 PS |
3178 | OVS_ACTION_ATTR_TUNNEL_POP, |
3179 | odp_tnl_port); | |
3180 | } else { | |
3181 | /* Tunnel push-pop action is not compatible with | |
3182 | * IPFIX action. */ | |
a6092018 | 3183 | compose_ipfix_action(ctx, out_port); |
1356dbd1 WT |
3184 | |
3185 | /* Handle truncation of the mirrored packet. */ | |
3186 | if (ctx->mirror_snaplen > 0 && | |
3187 | ctx->mirror_snaplen < UINT16_MAX) { | |
3188 | struct ovs_action_trunc *trunc; | |
3189 | ||
3190 | trunc = nl_msg_put_unspec_uninit(ctx->odp_actions, | |
3191 | OVS_ACTION_ATTR_TRUNC, | |
3192 | sizeof *trunc); | |
3193 | trunc->max_len = ctx->mirror_snaplen; | |
3194 | if (!ctx->xbridge->support.trunc) { | |
3195 | ctx->xout->slow |= SLOW_ACTION; | |
3196 | } | |
3197 | } | |
3198 | ||
1520ef4f | 3199 | nl_msg_put_odp_port(ctx->odp_actions, |
a36de779 PS |
3200 | OVS_ACTION_ATTR_OUTPUT, |
3201 | out_port); | |
1356dbd1 WT |
3202 | } |
3203 | } | |
adcf00ba | 3204 | } |
9583bc14 | 3205 | |
6cbbf4fa EJ |
3206 | ctx->sflow_odp_port = odp_port; |
3207 | ctx->sflow_n_outputs++; | |
2031ef97 | 3208 | ctx->nf_output_iface = ofp_port; |
6cbbf4fa EJ |
3209 | } |
3210 | ||
7efbc3b7 BP |
3211 | if (mbridge_has_mirrors(ctx->xbridge->mbridge) && xport->xbundle) { |
3212 | mirror_packet(ctx, xport->xbundle, | |
3213 | xbundle_mirror_dst(xport->xbundle->xbridge, | |
3214 | xport->xbundle)); | |
3215 | } | |
3216 | ||
6cbbf4fa | 3217 | out: |
9583bc14 | 3218 | /* Restore flow */ |
33bf9176 | 3219 | flow->vlan_tci = flow_vlan_tci; |
1362e248 | 3220 | flow->pkt_mark = flow_pkt_mark; |
33bf9176 | 3221 | flow->nw_tos = flow_nw_tos; |
9583bc14 EJ |
3222 | } |
3223 | ||
3224 | static void | |
e93ef1c7 JR |
3225 | compose_output_action(struct xlate_ctx *ctx, ofp_port_t ofp_port, |
3226 | const struct xlate_bond_recirc *xr) | |
9583bc14 | 3227 | { |
e93ef1c7 | 3228 | compose_output_action__(ctx, ofp_port, xr, true); |
9583bc14 EJ |
3229 | } |
3230 | ||
bb61b33d | 3231 | static void |
790c5d26 | 3232 | xlate_recursively(struct xlate_ctx *ctx, struct rule_dpif *rule, bool deepens) |
bb61b33d BP |
3233 | { |
3234 | struct rule_dpif *old_rule = ctx->rule; | |
8b1e5560 | 3235 | ovs_be64 old_cookie = ctx->rule_cookie; |
dc723c44 | 3236 | const struct rule_actions *actions; |
bb61b33d BP |
3237 | |
3238 | if (ctx->xin->resubmit_stats) { | |
70742c7f | 3239 | rule_dpif_credit_stats(rule, ctx->xin->resubmit_stats); |
bb61b33d BP |
3240 | } |
3241 | ||
98b07853 | 3242 | ctx->resubmits++; |
790c5d26 | 3243 | |
9a9b001a | 3244 | ctx->indentation++; |
790c5d26 | 3245 | ctx->depth += deepens; |
bb61b33d | 3246 | ctx->rule = rule; |
07a3cd5c BP |
3247 | ctx->rule_cookie = rule->up.flow_cookie; |
3248 | actions = rule_get_actions(&rule->up); | |
6f00e29b | 3249 | do_xlate_actions(actions->ofpacts, actions->ofpacts_len, ctx); |
8b1e5560 | 3250 | ctx->rule_cookie = old_cookie; |
bb61b33d | 3251 | ctx->rule = old_rule; |
790c5d26 | 3252 | ctx->depth -= deepens; |
9a9b001a | 3253 | ctx->indentation--; |
bb61b33d BP |
3254 | } |
3255 | ||
bd3240ba SH |
3256 | static bool |
3257 | xlate_resubmit_resource_check(struct xlate_ctx *ctx) | |
9583bc14 | 3258 | { |
790c5d26 BP |
3259 | if (ctx->depth >= MAX_DEPTH) { |
3260 | XLATE_REPORT_ERROR(ctx, "over max translation depth %d", MAX_DEPTH); | |
fff1b9c0 | 3261 | ctx->error = XLATE_RECURSION_TOO_DEEP; |
790c5d26 | 3262 | } else if (ctx->resubmits >= MAX_RESUBMITS) { |
fff1b9c0 JR |
3263 | XLATE_REPORT_ERROR(ctx, "over %d resubmit actions", MAX_RESUBMITS); |
3264 | ctx->error = XLATE_TOO_MANY_RESUBMITS; | |
1520ef4f | 3265 | } else if (ctx->odp_actions->size > UINT16_MAX) { |
fff1b9c0 JR |
3266 | XLATE_REPORT_ERROR(ctx, "resubmits yielded over 64 kB of actions"); |
3267 | /* NOT an error, as we'll be slow-pathing the flow in this case? */ | |
3268 | ctx->exit = true; /* XXX: translation still terminated! */ | |
6fd6ed71 | 3269 | } else if (ctx->stack.size >= 65536) { |
fff1b9c0 JR |
3270 | XLATE_REPORT_ERROR(ctx, "resubmits yielded over 64 kB of stack"); |
3271 | ctx->error = XLATE_STACK_TOO_DEEP; | |
98b07853 | 3272 | } else { |
bd3240ba SH |
3273 | return true; |
3274 | } | |
3275 | ||
3276 | return false; | |
3277 | } | |
3278 | ||
3279 | static void | |
6d328fa2 SH |
3280 | xlate_table_action(struct xlate_ctx *ctx, ofp_port_t in_port, uint8_t table_id, |
3281 | bool may_packet_in, bool honor_table_miss) | |
bd3240ba | 3282 | { |
e12ec36b SH |
3283 | /* Check if we need to recirculate before matching in a table. */ |
3284 | if (ctx->was_mpls) { | |
3285 | ctx_trigger_freeze(ctx); | |
3286 | return; | |
3287 | } | |
bd3240ba | 3288 | if (xlate_resubmit_resource_check(ctx)) { |
9583bc14 | 3289 | uint8_t old_table_id = ctx->table_id; |
3f207910 | 3290 | struct rule_dpif *rule; |
9583bc14 EJ |
3291 | |
3292 | ctx->table_id = table_id; | |
3293 | ||
34dd0d78 | 3294 | rule = rule_dpif_lookup_from_table(ctx->xbridge->ofproto, |
1f4a8933 | 3295 | ctx->xin->tables_version, |
c0e638aa | 3296 | &ctx->xin->flow, ctx->wc, |
34dd0d78 JR |
3297 | ctx->xin->resubmit_stats, |
3298 | &ctx->table_id, in_port, | |
a027899e JR |
3299 | may_packet_in, honor_table_miss, |
3300 | ctx->xin->xcache); | |
a8c31348 | 3301 | if (OVS_UNLIKELY(ctx->xin->resubmit_hook)) { |
9a9b001a | 3302 | ctx->xin->resubmit_hook(ctx->xin, rule, ctx->indentation + 1); |
ad3efdcb EJ |
3303 | } |
3304 | ||
a2143702 | 3305 | if (rule) { |
83709dfa JR |
3306 | /* Fill in the cache entry here instead of xlate_recursively |
3307 | * to make the reference counting more explicit. We take a | |
3308 | * reference in the lookups above if we are going to cache the | |
3309 | * rule. */ | |
3310 | if (ctx->xin->xcache) { | |
3311 | struct xc_entry *entry; | |
3312 | ||
3313 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_RULE); | |
901a517e | 3314 | entry->rule = rule; |
07a3cd5c | 3315 | ofproto_rule_ref(&rule->up); |
83709dfa | 3316 | } |
790c5d26 | 3317 | xlate_recursively(ctx, rule, table_id <= old_table_id); |
ad3efdcb EJ |
3318 | } |
3319 | ||
9583bc14 | 3320 | ctx->table_id = old_table_id; |
98b07853 | 3321 | return; |
9583bc14 EJ |
3322 | } |
3323 | } | |
3324 | ||
76973237 | 3325 | /* Consumes the group reference, which is only taken if xcache exists. */ |
f4fb341b | 3326 | static void |
1e684d7d RW |
3327 | xlate_group_stats(struct xlate_ctx *ctx, struct group_dpif *group, |
3328 | struct ofputil_bucket *bucket) | |
3329 | { | |
3330 | if (ctx->xin->resubmit_stats) { | |
3331 | group_dpif_credit_stats(group, bucket, ctx->xin->resubmit_stats); | |
3332 | } | |
3333 | if (ctx->xin->xcache) { | |
3334 | struct xc_entry *entry; | |
3335 | ||
3336 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_GROUP); | |
901a517e JR |
3337 | entry->group.group = group; |
3338 | entry->group.bucket = bucket; | |
1e684d7d RW |
3339 | } |
3340 | } | |
3341 | ||
3342 | static void | |
3343 | xlate_group_bucket(struct xlate_ctx *ctx, struct ofputil_bucket *bucket) | |
f4fb341b SH |
3344 | { |
3345 | uint64_t action_list_stub[1024 / 8]; | |
0a2869d5 BP |
3346 | struct ofpbuf action_list = OFPBUF_STUB_INITIALIZER(action_list_stub); |
3347 | struct ofpbuf action_set = ofpbuf_const_initializer(bucket->ofpacts, | |
3348 | bucket->ofpacts_len); | |
5b09e569 | 3349 | struct flow old_flow = ctx->xin->flow; |
e12ec36b | 3350 | bool old_was_mpls = ctx->was_mpls; |
f4fb341b | 3351 | |
f4fb341b | 3352 | ofpacts_execute_action_set(&action_list, &action_set); |
9a9b001a | 3353 | ctx->indentation++; |
790c5d26 | 3354 | ctx->depth++; |
6fd6ed71 | 3355 | do_xlate_actions(action_list.data, action_list.size, ctx); |
790c5d26 | 3356 | ctx->depth--; |
9a9b001a | 3357 | ctx->indentation--; |
f4fb341b | 3358 | |
f4fb341b | 3359 | ofpbuf_uninit(&action_list); |
5b09e569 | 3360 | |
77ab5fd2 | 3361 | /* Check if need to freeze. */ |
1d361a81 | 3362 | if (ctx->freezing) { |
77ab5fd2 | 3363 | finish_freezing(ctx); |
e672ff9b JR |
3364 | } |
3365 | ||
5b09e569 JR |
3366 | /* Roll back flow to previous state. |
3367 | * This is equivalent to cloning the packet for each bucket. | |
3368 | * | |
3369 | * As a side effect any subsequently applied actions will | |
3370 | * also effectively be applied to a clone of the packet taken | |
3371 | * just before applying the all or indirect group. | |
3372 | * | |
3373 | * Note that group buckets are action sets, hence they cannot modify the | |
3374 | * main action set. Also any stack actions are ignored when executing an | |
3375 | * action set, so group buckets cannot change the stack either. | |
3376 | * However, we do allow resubmit actions in group buckets, which could | |
3377 | * break the above assumptions. It is up to the controller to not mess up | |
3378 | * with the action_set and stack in the tables resubmitted to from | |
3379 | * group buckets. */ | |
3380 | ctx->xin->flow = old_flow; | |
3381 | ||
e12ec36b SH |
3382 | /* The group bucket popping MPLS should have no effect after bucket |
3383 | * execution. */ | |
3384 | ctx->was_mpls = old_was_mpls; | |
3385 | ||
5b09e569 JR |
3386 | /* The fact that the group bucket exits (for any reason) does not mean that |
3387 | * the translation after the group action should exit. Specifically, if | |
1d361a81 BP |
3388 | * the group bucket freezes translation, the actions after the group action |
3389 | * must continue processing with the original, not the frozen packet! */ | |
5b09e569 | 3390 | ctx->exit = false; |
f4fb341b SH |
3391 | } |
3392 | ||
3393 | static void | |
3394 | xlate_all_group(struct xlate_ctx *ctx, struct group_dpif *group) | |
3395 | { | |
1e684d7d | 3396 | struct ofputil_bucket *bucket; |
07a3cd5c | 3397 | LIST_FOR_EACH (bucket, list_node, &group->up.buckets) { |
f4fb341b | 3398 | xlate_group_bucket(ctx, bucket); |
f4fb341b | 3399 | } |
1e684d7d | 3400 | xlate_group_stats(ctx, group, NULL); |
f4fb341b SH |
3401 | } |
3402 | ||
dd8cd4b4 SH |
3403 | static void |
3404 | xlate_ff_group(struct xlate_ctx *ctx, struct group_dpif *group) | |
3405 | { | |
1e684d7d | 3406 | struct ofputil_bucket *bucket; |
dd8cd4b4 SH |
3407 | |
3408 | bucket = group_first_live_bucket(ctx, group, 0); | |
3409 | if (bucket) { | |
3410 | xlate_group_bucket(ctx, bucket); | |
1e684d7d | 3411 | xlate_group_stats(ctx, group, bucket); |
76973237 | 3412 | } else if (ctx->xin->xcache) { |
07a3cd5c | 3413 | ofproto_group_unref(&group->up); |
dd8cd4b4 SH |
3414 | } |
3415 | } | |
3416 | ||
fe7e5749 | 3417 | static void |
7565c3e4 | 3418 | xlate_default_select_group(struct xlate_ctx *ctx, struct group_dpif *group) |
fe7e5749 | 3419 | { |
49a73e0c | 3420 | struct flow_wildcards *wc = ctx->wc; |
1e684d7d | 3421 | struct ofputil_bucket *bucket; |
fe7e5749 SH |
3422 | uint32_t basis; |
3423 | ||
1d1aae0b | 3424 | basis = flow_hash_symmetric_l4(&ctx->xin->flow, 0); |
80e3509d | 3425 | flow_mask_hash_fields(&ctx->xin->flow, wc, NX_HASH_FIELDS_SYMMETRIC_L4); |
fe7e5749 SH |
3426 | bucket = group_best_live_bucket(ctx, group, basis); |
3427 | if (bucket) { | |
fe7e5749 | 3428 | xlate_group_bucket(ctx, bucket); |
1e684d7d | 3429 | xlate_group_stats(ctx, group, bucket); |
76973237 | 3430 | } else if (ctx->xin->xcache) { |
07a3cd5c | 3431 | ofproto_group_unref(&group->up); |
fe7e5749 SH |
3432 | } |
3433 | } | |
3434 | ||
0c4b9393 SH |
3435 | static void |
3436 | xlate_hash_fields_select_group(struct xlate_ctx *ctx, struct group_dpif *group) | |
3437 | { | |
07a3cd5c BP |
3438 | const struct field_array *fields = &group->up.props.fields; |
3439 | const uint8_t *mask_values = fields->values; | |
3440 | uint32_t basis = hash_uint64(group->up.props.selection_method_param); | |
0c4b9393 | 3441 | |
07a3cd5c | 3442 | size_t i; |
e8dba719 JR |
3443 | BITMAP_FOR_EACH_1 (i, MFF_N_IDS, fields->used.bm) { |
3444 | const struct mf_field *mf = mf_from_id(i); | |
0c4b9393 | 3445 | |
e8dba719 JR |
3446 | /* Skip fields for which prerequisities are not met. */ |
3447 | if (!mf_are_prereqs_ok(mf, &ctx->xin->flow, ctx->wc)) { | |
3448 | /* Skip the mask bytes for this field. */ | |
3449 | mask_values += mf->n_bytes; | |
3450 | continue; | |
3451 | } | |
0c4b9393 | 3452 | |
e8dba719 JR |
3453 | union mf_value value; |
3454 | union mf_value mask; | |
0c4b9393 | 3455 | |
e8dba719 JR |
3456 | mf_get_value(mf, &ctx->xin->flow, &value); |
3457 | /* Mask the value. */ | |
3458 | for (int j = 0; j < mf->n_bytes; j++) { | |
3459 | mask.b[j] = *mask_values++; | |
3460 | value.b[j] &= mask.b[j]; | |
3461 | } | |
3462 | basis = hash_bytes(&value, mf->n_bytes, basis); | |
1cb20095 | 3463 | |
e8dba719 JR |
3464 | /* For tunnels, hash in whether the field is present. */ |
3465 | if (mf_is_tun_metadata(mf)) { | |
3466 | basis = hash_boolean(mf_is_set(mf, &ctx->xin->flow), basis); | |
0c4b9393 | 3467 | } |
e8dba719 JR |
3468 | |
3469 | mf_mask_field_masked(mf, &mask, ctx->wc); | |
0c4b9393 SH |
3470 | } |
3471 | ||
07a3cd5c | 3472 | struct ofputil_bucket *bucket = group_best_live_bucket(ctx, group, basis); |
0c4b9393 SH |
3473 | if (bucket) { |
3474 | xlate_group_bucket(ctx, bucket); | |
3475 | xlate_group_stats(ctx, group, bucket); | |
76973237 | 3476 | } else if (ctx->xin->xcache) { |
07a3cd5c | 3477 | ofproto_group_unref(&group->up); |
0c4b9393 SH |
3478 | } |
3479 | } | |
3480 | ||
53cc166a JR |
3481 | static void |
3482 | xlate_dp_hash_select_group(struct xlate_ctx *ctx, struct group_dpif *group) | |
3483 | { | |
3484 | struct ofputil_bucket *bucket; | |
3485 | ||
3486 | /* dp_hash value 0 is special since it means that the dp_hash has not been | |
3487 | * computed, as all computed dp_hash values are non-zero. Therefore | |
3488 | * compare to zero can be used to decide if the dp_hash value is valid | |
3489 | * without masking the dp_hash field. */ | |
3490 | if (!ctx->xin->flow.dp_hash) { | |
07a3cd5c | 3491 | uint64_t param = group->up.props.selection_method_param; |
53cc166a JR |
3492 | |
3493 | ctx_trigger_recirculate_with_hash(ctx, param >> 32, (uint32_t)param); | |
3494 | } else { | |
07a3cd5c | 3495 | uint32_t n_buckets = group->up.n_buckets; |
53cc166a JR |
3496 | if (n_buckets) { |
3497 | /* Minimal mask to cover the number of buckets. */ | |
3498 | uint32_t mask = (1 << log_2_ceil(n_buckets)) - 1; | |
3499 | /* Multiplier chosen to make the trivial 1 bit case to | |
3500 | * actually distribute amongst two equal weight buckets. */ | |
3501 | uint32_t basis = 0xc2b73583 * (ctx->xin->flow.dp_hash & mask); | |
3502 | ||
3503 | ctx->wc->masks.dp_hash |= mask; | |
3504 | bucket = group_best_live_bucket(ctx, group, basis); | |
3505 | if (bucket) { | |
3506 | xlate_group_bucket(ctx, bucket); | |
3507 | xlate_group_stats(ctx, group, bucket); | |
3508 | } | |
3509 | } | |
3510 | } | |
3511 | } | |
3512 | ||
7565c3e4 SH |
3513 | static void |
3514 | xlate_select_group(struct xlate_ctx *ctx, struct group_dpif *group) | |
3515 | { | |
07a3cd5c | 3516 | const char *selection_method = group->up.props.selection_method; |
7565c3e4 | 3517 | |
e12ec36b SH |
3518 | /* Select groups may access flow keys beyond L2 in order to |
3519 | * select a bucket. Recirculate as appropriate to make this possible. | |
3520 | */ | |
3521 | if (ctx->was_mpls) { | |
3522 | ctx_trigger_freeze(ctx); | |
3523 | } | |
3524 | ||
7565c3e4 SH |
3525 | if (selection_method[0] == '\0') { |
3526 | xlate_default_select_group(ctx, group); | |
0c4b9393 SH |
3527 | } else if (!strcasecmp("hash", selection_method)) { |
3528 | xlate_hash_fields_select_group(ctx, group); | |
53cc166a JR |
3529 | } else if (!strcasecmp("dp_hash", selection_method)) { |
3530 | xlate_dp_hash_select_group(ctx, group); | |
7565c3e4 SH |
3531 | } else { |
3532 | /* Parsing of groups should ensure this never happens */ | |
3533 | OVS_NOT_REACHED(); | |
3534 | } | |
3535 | } | |
3536 | ||
f4fb341b SH |
3537 | static void |
3538 | xlate_group_action__(struct xlate_ctx *ctx, struct group_dpif *group) | |
3539 | { | |
0eb48fe1 | 3540 | bool was_in_group = ctx->in_group; |
5a070238 BP |
3541 | ctx->in_group = true; |
3542 | ||
07a3cd5c | 3543 | switch (group->up.type) { |
f4fb341b SH |
3544 | case OFPGT11_ALL: |
3545 | case OFPGT11_INDIRECT: | |
3546 | xlate_all_group(ctx, group); | |
3547 | break; | |
3548 | case OFPGT11_SELECT: | |
fe7e5749 | 3549 | xlate_select_group(ctx, group); |
f4fb341b | 3550 | break; |
dd8cd4b4 SH |
3551 | case OFPGT11_FF: |
3552 | xlate_ff_group(ctx, group); | |
3553 | break; | |
f4fb341b | 3554 | default: |
428b2edd | 3555 | OVS_NOT_REACHED(); |
f4fb341b | 3556 | } |
5a070238 | 3557 | |
0eb48fe1 | 3558 | ctx->in_group = was_in_group; |
f4fb341b SH |
3559 | } |
3560 | ||
3561 | static bool | |
3562 | xlate_group_action(struct xlate_ctx *ctx, uint32_t group_id) | |
3563 | { | |
0eb48fe1 | 3564 | if (xlate_resubmit_resource_check(ctx)) { |
f4fb341b | 3565 | struct group_dpif *group; |
f4fb341b | 3566 | |
76973237 JR |
3567 | /* Take ref only if xcache exists. */ |
3568 | group = group_dpif_lookup(ctx->xbridge->ofproto, group_id, | |
1f4a8933 | 3569 | ctx->xin->tables_version, ctx->xin->xcache); |
db88b35c JR |
3570 | if (!group) { |
3571 | /* XXX: Should set ctx->error ? */ | |
f4fb341b SH |
3572 | return true; |
3573 | } | |
db88b35c | 3574 | xlate_group_action__(ctx, group); |
f4fb341b SH |
3575 | } |
3576 | ||
3577 | return false; | |
3578 | } | |
3579 | ||
9583bc14 EJ |
3580 | static void |
3581 | xlate_ofpact_resubmit(struct xlate_ctx *ctx, | |
3582 | const struct ofpact_resubmit *resubmit) | |
3583 | { | |
4e022ec0 | 3584 | ofp_port_t in_port; |
9583bc14 | 3585 | uint8_t table_id; |
adcf00ba AZ |
3586 | bool may_packet_in = false; |
3587 | bool honor_table_miss = false; | |
3588 | ||
3589 | if (ctx->rule && rule_dpif_is_internal(ctx->rule)) { | |
3590 | /* Still allow missed packets to be sent to the controller | |
3591 | * if resubmitting from an internal table. */ | |
3592 | may_packet_in = true; | |
3593 | honor_table_miss = true; | |
3594 | } | |
9583bc14 EJ |
3595 | |
3596 | in_port = resubmit->in_port; | |
3597 | if (in_port == OFPP_IN_PORT) { | |
4e022ec0 | 3598 | in_port = ctx->xin->flow.in_port.ofp_port; |
9583bc14 EJ |
3599 | } |
3600 | ||
3601 | table_id = resubmit->table_id; | |
3602 | if (table_id == 255) { | |
3603 | table_id = ctx->table_id; | |
3604 | } | |
3605 | ||
adcf00ba AZ |
3606 | xlate_table_action(ctx, in_port, table_id, may_packet_in, |
3607 | honor_table_miss); | |
9583bc14 EJ |
3608 | } |
3609 | ||
3610 | static void | |
3611 | flood_packets(struct xlate_ctx *ctx, bool all) | |
3612 | { | |
46c88433 | 3613 | const struct xport *xport; |
9583bc14 | 3614 | |
46c88433 EJ |
3615 | HMAP_FOR_EACH (xport, ofp_node, &ctx->xbridge->xports) { |
3616 | if (xport->ofp_port == ctx->xin->flow.in_port.ofp_port) { | |
9583bc14 EJ |
3617 | continue; |
3618 | } | |
3619 | ||
3620 | if (all) { | |
e93ef1c7 | 3621 | compose_output_action__(ctx, xport->ofp_port, NULL, false); |
46c88433 | 3622 | } else if (!(xport->config & OFPUTIL_PC_NO_FLOOD)) { |
e93ef1c7 | 3623 | compose_output_action(ctx, xport->ofp_port, NULL); |
9583bc14 EJ |
3624 | } |
3625 | } | |
3626 | ||
2031ef97 | 3627 | ctx->nf_output_iface = NF_OUT_FLOOD; |
9583bc14 EJ |
3628 | } |
3629 | ||
3630 | static void | |
3631 | execute_controller_action(struct xlate_ctx *ctx, int len, | |
3632 | enum ofp_packet_in_reason reason, | |
bdcad671 BP |
3633 | uint16_t controller_id, |
3634 | const uint8_t *userdata, size_t userdata_len) | |
9583bc14 | 3635 | { |
1895cc8d | 3636 | struct dp_packet_batch batch; |
e14deea0 | 3637 | struct dp_packet *packet; |
9583bc14 | 3638 | |
04594cd5 | 3639 | ctx->xout->slow |= SLOW_CONTROLLER; |
b476e2f2 | 3640 | xlate_commit_actions(ctx); |
9583bc14 EJ |
3641 | if (!ctx->xin->packet) { |
3642 | return; | |
3643 | } | |
3644 | ||
df70a773 JR |
3645 | if (!ctx->xin->allow_side_effects && !ctx->xin->xcache) { |
3646 | return; | |
3647 | } | |
3648 | ||
cf62fa4c | 3649 | packet = dp_packet_clone(ctx->xin->packet); |
1895cc8d PS |
3650 | packet_batch_init_packet(&batch, packet); |
3651 | odp_execute_actions(NULL, &batch, false, | |
1520ef4f | 3652 | ctx->odp_actions->data, ctx->odp_actions->size, NULL); |
9583bc14 | 3653 | |
9bfe9334 BP |
3654 | /* A packet sent by an action in a table-miss rule is considered an |
3655 | * explicit table miss. OpenFlow before 1.3 doesn't have that concept so | |
3656 | * it will get translated back to OFPR_ACTION for those versions. */ | |
3657 | if (reason == OFPR_ACTION | |
07a3cd5c | 3658 | && ctx->rule && rule_is_table_miss(&ctx->rule->up)) { |
9bfe9334 BP |
3659 | reason = OFPR_EXPLICIT_MISS; |
3660 | } | |
3661 | ||
3662 | size_t packet_len = dp_packet_size(packet); | |
0fb7792a | 3663 | |
a2b53dec BP |
3664 | struct ofproto_async_msg *am = xmalloc(sizeof *am); |
3665 | *am = (struct ofproto_async_msg) { | |
9bfe9334 | 3666 | .controller_id = controller_id, |
a2b53dec BP |
3667 | .oam = OAM_PACKET_IN, |
3668 | .pin = { | |
3669 | .up = { | |
77ab5fd2 BP |
3670 | .public = { |
3671 | .packet = dp_packet_steal_data(packet), | |
3672 | .packet_len = packet_len, | |
3673 | .reason = reason, | |
3674 | .table_id = ctx->table_id, | |
3675 | .cookie = ctx->rule_cookie, | |
3676 | .userdata = (userdata_len | |
3677 | ? xmemdup(userdata, userdata_len) | |
3678 | : NULL), | |
3679 | .userdata_len = userdata_len, | |
3680 | } | |
a2b53dec BP |
3681 | }, |
3682 | .max_len = len, | |
9bfe9334 | 3683 | }, |
9bfe9334 | 3684 | }; |
77ab5fd2 | 3685 | flow_get_metadata(&ctx->xin->flow, &am->pin.up.public.flow_metadata); |
9583bc14 | 3686 | |
df70a773 JR |
3687 | /* Async messages are only sent once, so if we send one now, no |
3688 | * xlate cache entry is created. */ | |
3689 | if (ctx->xin->allow_side_effects) { | |
3690 | ofproto_dpif_send_async_msg(ctx->xbridge->ofproto, am); | |
3691 | } else /* xcache */ { | |
3692 | struct xc_entry *entry; | |
3693 | ||
3694 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_CONTROLLER); | |
3695 | entry->controller.ofproto = ctx->xbridge->ofproto; | |
3696 | entry->controller.am = am; | |
3697 | } | |
3b4fff43 RM |
3698 | |
3699 | dp_packet_delete(packet); | |
9583bc14 EJ |
3700 | } |
3701 | ||
7bbdd84f | 3702 | static void |
77ab5fd2 | 3703 | emit_continuation(struct xlate_ctx *ctx, const struct frozen_state *state) |
7bbdd84f | 3704 | { |
df70a773 JR |
3705 | if (!ctx->xin->allow_side_effects && !ctx->xin->xcache) { |
3706 | return; | |
3707 | } | |
3708 | ||
77ab5fd2 BP |
3709 | struct ofproto_async_msg *am = xmalloc(sizeof *am); |
3710 | *am = (struct ofproto_async_msg) { | |
3711 | .controller_id = ctx->pause->controller_id, | |
3712 | .oam = OAM_PACKET_IN, | |
3713 | .pin = { | |
3714 | .up = { | |
3715 | .public = { | |
3716 | .userdata = xmemdup(ctx->pause->userdata, | |
3717 | ctx->pause->userdata_len), | |
3718 | .userdata_len = ctx->pause->userdata_len, | |
3719 | .packet = xmemdup(dp_packet_data(ctx->xin->packet), | |
3720 | dp_packet_size(ctx->xin->packet)), | |
3721 | .packet_len = dp_packet_size(ctx->xin->packet), | |
0b024e49 | 3722 | .reason = ctx->pause->reason, |
77ab5fd2 | 3723 | }, |
07a3cd5c | 3724 | .bridge = ctx->xbridge->ofproto->uuid, |
84cf3c1f JR |
3725 | .stack = xmemdup(state->stack, state->stack_size), |
3726 | .stack_size = state->stack_size, | |
77ab5fd2 BP |
3727 | .mirrors = state->mirrors, |
3728 | .conntracked = state->conntracked, | |
3729 | .actions = xmemdup(state->ofpacts, state->ofpacts_len), | |
3730 | .actions_len = state->ofpacts_len, | |
3731 | .action_set = xmemdup(state->action_set, | |
3732 | state->action_set_len), | |
3733 | .action_set_len = state->action_set_len, | |
3734 | }, | |
3735 | .max_len = UINT16_MAX, | |
3736 | }, | |
3737 | }; | |
3738 | flow_get_metadata(&ctx->xin->flow, &am->pin.up.public.flow_metadata); | |
df70a773 JR |
3739 | |
3740 | /* Async messages are only sent once, so if we send one now, no | |
3741 | * xlate cache entry is created. */ | |
3742 | if (ctx->xin->allow_side_effects) { | |
3743 | ofproto_dpif_send_async_msg(ctx->xbridge->ofproto, am); | |
3744 | } else /* xcache */ { | |
3745 | struct xc_entry *entry; | |
3746 | ||
3747 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_CONTROLLER); | |
3748 | entry->controller.ofproto = ctx->xbridge->ofproto; | |
3749 | entry->controller.am = am; | |
3750 | } | |
77ab5fd2 | 3751 | } |
7bbdd84f | 3752 | |
77ab5fd2 BP |
3753 | static void |
3754 | finish_freezing__(struct xlate_ctx *ctx, uint8_t table) | |
3755 | { | |
1d361a81 | 3756 | ovs_assert(ctx->freezing); |
7bbdd84f | 3757 | |
1d361a81 | 3758 | struct frozen_state state = { |
07659514 | 3759 | .table_id = table, |
07a3cd5c | 3760 | .ofproto_uuid = ctx->xbridge->ofproto->uuid, |
5c1b2314 | 3761 | .stack = ctx->stack.data, |
84cf3c1f | 3762 | .stack_size = ctx->stack.size, |
29bae541 | 3763 | .mirrors = ctx->mirrors, |
07659514 | 3764 | .conntracked = ctx->conntracked, |
1d361a81 BP |
3765 | .ofpacts = ctx->frozen_actions.data, |
3766 | .ofpacts_len = ctx->frozen_actions.size, | |
417509fa | 3767 | .action_set = ctx->action_set.data, |
8a5fb3b4 | 3768 | .action_set_len = ctx->action_set.size, |
2082425c | 3769 | }; |
77ab5fd2 | 3770 | frozen_metadata_from_flow(&state.metadata, &ctx->xin->flow); |
2082425c | 3771 | |
77ab5fd2 BP |
3772 | if (ctx->pause) { |
3773 | if (ctx->xin->packet) { | |
3774 | emit_continuation(ctx, &state); | |
3775 | } | |
3776 | } else { | |
3777 | /* Allocate a unique recirc id for the given metadata state in the | |
3778 | * flow. An existing id, with a new reference to the corresponding | |
3779 | * recirculation context, will be returned if possible. | |
3780 | * The life-cycle of this recirc id is managed by associating it | |
3781 | * with the udpif key ('ukey') created for each new datapath flow. */ | |
3782 | uint32_t id = recirc_alloc_id_ctx(&state); | |
3783 | if (!id) { | |
3784 | XLATE_REPORT_ERROR(ctx, "Failed to allocate recirculation id"); | |
3785 | ctx->error = XLATE_NO_RECIRCULATION_CONTEXT; | |
3786 | return; | |
3787 | } | |
3788 | recirc_refs_add(&ctx->xout->recircs, id); | |
7bbdd84f | 3789 | |
53cc166a JR |
3790 | if (ctx->recirc_update_dp_hash) { |
3791 | struct ovs_action_hash *act_hash; | |
3792 | ||
3793 | /* Hash action. */ | |
3794 | act_hash = nl_msg_put_unspec_uninit(ctx->odp_actions, | |
3795 | OVS_ACTION_ATTR_HASH, | |
3796 | sizeof *act_hash); | |
3797 | act_hash->hash_alg = OVS_HASH_ALG_L4; /* Make configurable. */ | |
3798 | act_hash->hash_basis = 0; /* Make configurable. */ | |
3799 | } | |
77ab5fd2 BP |
3800 | nl_msg_put_u32(ctx->odp_actions, OVS_ACTION_ATTR_RECIRC, id); |
3801 | } | |
e672ff9b | 3802 | |
1d361a81 BP |
3803 | /* Undo changes done by freezing. */ |
3804 | ctx_cancel_freeze(ctx); | |
7bbdd84f SH |
3805 | } |
3806 | ||
1d361a81 | 3807 | /* Called only when we're freezing. */ |
07659514 | 3808 | static void |
77ab5fd2 | 3809 | finish_freezing(struct xlate_ctx *ctx) |
07659514 JS |
3810 | { |
3811 | xlate_commit_actions(ctx); | |
77ab5fd2 | 3812 | finish_freezing__(ctx, 0); |
07659514 JS |
3813 | } |
3814 | ||
e37b8437 JS |
3815 | /* Fork the pipeline here. The current packet will continue processing the |
3816 | * current action list. A clone of the current packet will recirculate, skip | |
3817 | * the remainder of the current action list and asynchronously resume pipeline | |
3818 | * processing in 'table' with the current metadata and action set. */ | |
3819 | static void | |
3820 | compose_recirculate_and_fork(struct xlate_ctx *ctx, uint8_t table) | |
3821 | { | |
1d361a81 | 3822 | ctx->freezing = true; |
77ab5fd2 | 3823 | finish_freezing__(ctx, table); |
e37b8437 JS |
3824 | } |
3825 | ||
8bfd0fda BP |
3826 | static void |
3827 | compose_mpls_push_action(struct xlate_ctx *ctx, struct ofpact_push_mpls *mpls) | |
9583bc14 | 3828 | { |
33bf9176 | 3829 | struct flow *flow = &ctx->xin->flow; |
8bfd0fda | 3830 | int n; |
33bf9176 | 3831 | |
8bfd0fda | 3832 | ovs_assert(eth_type_mpls(mpls->ethertype)); |
b0a17866 | 3833 | |
49a73e0c | 3834 | n = flow_count_mpls_labels(flow, ctx->wc); |
8bfd0fda | 3835 | if (!n) { |
704bb0bf | 3836 | xlate_commit_actions(ctx); |
8bfd0fda BP |
3837 | } else if (n >= FLOW_MAX_MPLS_LABELS) { |
3838 | if (ctx->xin->packet != NULL) { | |
fff1b9c0 | 3839 | XLATE_REPORT_ERROR(ctx, "bridge %s: dropping packet on which an " |
8bfd0fda BP |
3840 | "MPLS push action can't be performed as it would " |
3841 | "have more MPLS LSEs than the %d supported.", | |
3842 | ctx->xbridge->name, FLOW_MAX_MPLS_LABELS); | |
9583bc14 | 3843 | } |
fff1b9c0 | 3844 | ctx->error = XLATE_TOO_MANY_MPLS_LABELS; |
8bfd0fda | 3845 | return; |
9583bc14 | 3846 | } |
b0a17866 | 3847 | |
742c0ac3 JR |
3848 | /* Update flow's MPLS stack, and clear L3/4 fields to mark them invalid. */ |
3849 | flow_push_mpls(flow, n, mpls->ethertype, ctx->wc, true); | |
9583bc14 EJ |
3850 | } |
3851 | ||
8bfd0fda | 3852 | static void |
9cfef3d0 | 3853 | compose_mpls_pop_action(struct xlate_ctx *ctx, ovs_be16 eth_type) |
9583bc14 | 3854 | { |
8bfd0fda | 3855 | struct flow *flow = &ctx->xin->flow; |
49a73e0c | 3856 | int n = flow_count_mpls_labels(flow, ctx->wc); |
33bf9176 | 3857 | |
49a73e0c | 3858 | if (flow_pop_mpls(flow, n, eth_type, ctx->wc)) { |
8bf009bf | 3859 | if (!eth_type_mpls(eth_type) && ctx->xbridge->support.odp.recirc) { |
e12ec36b | 3860 | ctx->was_mpls = true; |
7bbdd84f SH |
3861 | } |
3862 | } else if (n >= FLOW_MAX_MPLS_LABELS) { | |
8bfd0fda | 3863 | if (ctx->xin->packet != NULL) { |
fff1b9c0 | 3864 | XLATE_REPORT_ERROR(ctx, "bridge %s: dropping packet on which an " |
8bfd0fda BP |
3865 | "MPLS pop action can't be performed as it has " |
3866 | "more MPLS LSEs than the %d supported.", | |
3867 | ctx->xbridge->name, FLOW_MAX_MPLS_LABELS); | |
3868 | } | |
fff1b9c0 | 3869 | ctx->error = XLATE_TOO_MANY_MPLS_LABELS; |
1520ef4f | 3870 | ofpbuf_clear(ctx->odp_actions); |
9583bc14 EJ |
3871 | } |
3872 | } | |
3873 | ||
3874 | static bool | |
3875 | compose_dec_ttl(struct xlate_ctx *ctx, struct ofpact_cnt_ids *ids) | |
3876 | { | |
33bf9176 BP |
3877 | struct flow *flow = &ctx->xin->flow; |
3878 | ||
3879 | if (!is_ip_any(flow)) { | |
9583bc14 EJ |
3880 | return false; |
3881 | } | |
3882 | ||
49a73e0c | 3883 | ctx->wc->masks.nw_ttl = 0xff; |
33bf9176 BP |
3884 | if (flow->nw_ttl > 1) { |
3885 | flow->nw_ttl--; | |
9583bc14 EJ |
3886 | return false; |
3887 | } else { | |
3888 | size_t i; | |
3889 | ||
3890 | for (i = 0; i < ids->n_controllers; i++) { | |
3891 | execute_controller_action(ctx, UINT16_MAX, OFPR_INVALID_TTL, | |
bdcad671 | 3892 | ids->cnt_ids[i], NULL, 0); |
9583bc14 EJ |
3893 | } |
3894 | ||
3895 | /* Stop processing for current table. */ | |
3896 | return true; | |
3897 | } | |
3898 | } | |
3899 | ||
8bfd0fda | 3900 | static void |
097d4939 JR |
3901 | compose_set_mpls_label_action(struct xlate_ctx *ctx, ovs_be32 label) |
3902 | { | |
8bfd0fda | 3903 | if (eth_type_mpls(ctx->xin->flow.dl_type)) { |
49a73e0c | 3904 | ctx->wc->masks.mpls_lse[0] |= htonl(MPLS_LABEL_MASK); |
8bfd0fda | 3905 | set_mpls_lse_label(&ctx->xin->flow.mpls_lse[0], label); |
097d4939 | 3906 | } |
097d4939 JR |
3907 | } |
3908 | ||
8bfd0fda | 3909 | static void |
097d4939 JR |
3910 | compose_set_mpls_tc_action(struct xlate_ctx *ctx, uint8_t tc) |
3911 | { | |
8bfd0fda | 3912 | if (eth_type_mpls(ctx->xin->flow.dl_type)) { |
49a73e0c | 3913 | ctx->wc->masks.mpls_lse[0] |= htonl(MPLS_TC_MASK); |
8bfd0fda | 3914 | set_mpls_lse_tc(&ctx->xin->flow.mpls_lse[0], tc); |
097d4939 | 3915 | } |
097d4939 JR |
3916 | } |
3917 | ||
8bfd0fda | 3918 | static void |
9cfef3d0 | 3919 | compose_set_mpls_ttl_action(struct xlate_ctx *ctx, uint8_t ttl) |
9583bc14 | 3920 | { |
8bfd0fda | 3921 | if (eth_type_mpls(ctx->xin->flow.dl_type)) { |
49a73e0c | 3922 | ctx->wc->masks.mpls_lse[0] |= htonl(MPLS_TTL_MASK); |
8bfd0fda | 3923 | set_mpls_lse_ttl(&ctx->xin->flow.mpls_lse[0], ttl); |
b0a17866 | 3924 | } |
9583bc14 EJ |
3925 | } |
3926 | ||
3927 | static bool | |
9cfef3d0 | 3928 | compose_dec_mpls_ttl_action(struct xlate_ctx *ctx) |
9583bc14 | 3929 | { |
33bf9176 | 3930 | struct flow *flow = &ctx->xin->flow; |
1dd35f8a | 3931 | |
8bfd0fda | 3932 | if (eth_type_mpls(flow->dl_type)) { |
22d38fca JR |
3933 | uint8_t ttl = mpls_lse_to_ttl(flow->mpls_lse[0]); |
3934 | ||
49a73e0c | 3935 | ctx->wc->masks.mpls_lse[0] |= htonl(MPLS_TTL_MASK); |
8bfd0fda BP |
3936 | if (ttl > 1) { |
3937 | ttl--; | |
3938 | set_mpls_lse_ttl(&flow->mpls_lse[0], ttl); | |
3939 | return false; | |
3940 | } else { | |
bdcad671 BP |
3941 | execute_controller_action(ctx, UINT16_MAX, OFPR_INVALID_TTL, 0, |
3942 | NULL, 0); | |
8bfd0fda | 3943 | } |
9583bc14 | 3944 | } |
22d38fca JR |
3945 | |
3946 | /* Stop processing for current table. */ | |
3947 | return true; | |
9583bc14 EJ |
3948 | } |
3949 | ||
3950 | static void | |
3951 | xlate_output_action(struct xlate_ctx *ctx, | |
4e022ec0 | 3952 | ofp_port_t port, uint16_t max_len, bool may_packet_in) |
9583bc14 | 3953 | { |
2031ef97 | 3954 | ofp_port_t prev_nf_output_iface = ctx->nf_output_iface; |
9583bc14 | 3955 | |
2031ef97 | 3956 | ctx->nf_output_iface = NF_OUT_DROP; |
9583bc14 EJ |
3957 | |
3958 | switch (port) { | |
3959 | case OFPP_IN_PORT: | |
e93ef1c7 | 3960 | compose_output_action(ctx, ctx->xin->flow.in_port.ofp_port, NULL); |
9583bc14 EJ |
3961 | break; |
3962 | case OFPP_TABLE: | |
4e022ec0 | 3963 | xlate_table_action(ctx, ctx->xin->flow.in_port.ofp_port, |
6d328fa2 | 3964 | 0, may_packet_in, true); |
9583bc14 EJ |
3965 | break; |
3966 | case OFPP_NORMAL: | |
3967 | xlate_normal(ctx); | |
3968 | break; | |
3969 | case OFPP_FLOOD: | |
3970 | flood_packets(ctx, false); | |
3971 | break; | |
3972 | case OFPP_ALL: | |
3973 | flood_packets(ctx, true); | |
3974 | break; | |
3975 | case OFPP_CONTROLLER: | |
3a11fd5b | 3976 | execute_controller_action(ctx, max_len, |
029ca940 SS |
3977 | (ctx->in_group ? OFPR_GROUP |
3978 | : ctx->in_action_set ? OFPR_ACTION_SET | |
3979 | : OFPR_ACTION), | |
bdcad671 | 3980 | 0, NULL, 0); |
9583bc14 EJ |
3981 | break; |
3982 | case OFPP_NONE: | |
3983 | break; | |
3984 | case OFPP_LOCAL: | |
3985 | default: | |
4e022ec0 | 3986 | if (port != ctx->xin->flow.in_port.ofp_port) { |
e93ef1c7 | 3987 | compose_output_action(ctx, port, NULL); |
9583bc14 EJ |
3988 | } else { |
3989 | xlate_report(ctx, "skipping output to input port"); | |
3990 | } | |
3991 | break; | |
3992 | } | |
3993 | ||
3994 | if (prev_nf_output_iface == NF_OUT_FLOOD) { | |
2031ef97 BP |
3995 | ctx->nf_output_iface = NF_OUT_FLOOD; |
3996 | } else if (ctx->nf_output_iface == NF_OUT_DROP) { | |
3997 | ctx->nf_output_iface = prev_nf_output_iface; | |
9583bc14 | 3998 | } else if (prev_nf_output_iface != NF_OUT_DROP && |
2031ef97 BP |
3999 | ctx->nf_output_iface != NF_OUT_FLOOD) { |
4000 | ctx->nf_output_iface = NF_OUT_MULTI; | |
9583bc14 EJ |
4001 | } |
4002 | } | |
4003 | ||
4004 | static void | |
4005 | xlate_output_reg_action(struct xlate_ctx *ctx, | |
4006 | const struct ofpact_output_reg *or) | |
4007 | { | |
4008 | uint64_t port = mf_get_subfield(&or->src, &ctx->xin->flow); | |
4009 | if (port <= UINT16_MAX) { | |
4010 | union mf_subvalue value; | |
4011 | ||
4012 | memset(&value, 0xff, sizeof value); | |
49a73e0c | 4013 | mf_write_subfield_flow(&or->src, &value, &ctx->wc->masks); |
4e022ec0 AW |
4014 | xlate_output_action(ctx, u16_to_ofp(port), |
4015 | or->max_len, false); | |
9583bc14 EJ |
4016 | } |
4017 | } | |
4018 | ||
aaca4fe0 WT |
4019 | static void |
4020 | xlate_output_trunc_action(struct xlate_ctx *ctx, | |
4021 | ofp_port_t port, uint32_t max_len) | |
4022 | { | |
4023 | bool support_trunc = ctx->xbridge->support.trunc; | |
4024 | struct ovs_action_trunc *trunc; | |
4025 | char name[OFP_MAX_PORT_NAME_LEN]; | |
4026 | ||
4027 | switch (port) { | |
4028 | case OFPP_TABLE: | |
4029 | case OFPP_NORMAL: | |
4030 | case OFPP_FLOOD: | |
4031 | case OFPP_ALL: | |
4032 | case OFPP_CONTROLLER: | |
4033 | case OFPP_NONE: | |
4034 | ofputil_port_to_string(port, name, sizeof name); | |
4035 | xlate_report(ctx, "output_trunc does not support port: %s", name); | |
4036 | break; | |
4037 | case OFPP_LOCAL: | |
4038 | case OFPP_IN_PORT: | |
4039 | default: | |
4040 | if (port != ctx->xin->flow.in_port.ofp_port) { | |
4041 | const struct xport *xport = get_ofp_port(ctx->xbridge, port); | |
4042 | ||
4043 | if (xport == NULL || xport->odp_port == ODPP_NONE) { | |
4044 | /* Since truncate happens at its following output action, if | |
4045 | * the output port is a patch port, the behavior is somehow | |
4046 | * unpredicable. For simpilicity, disallow this case. */ | |
4047 | ofputil_port_to_string(port, name, sizeof name); | |
4048 | XLATE_REPORT_ERROR(ctx, "bridge %s: " | |
4049 | "output_trunc does not support port: %s", | |
4050 | ctx->xbridge->name, name); | |
4051 | break; | |
4052 | } | |
4053 | ||
4054 | trunc = nl_msg_put_unspec_uninit(ctx->odp_actions, | |
4055 | OVS_ACTION_ATTR_TRUNC, | |
4056 | sizeof *trunc); | |
4057 | trunc->max_len = max_len; | |
4058 | xlate_output_action(ctx, port, max_len, false); | |
4059 | if (!support_trunc) { | |
4060 | ctx->xout->slow |= SLOW_ACTION; | |
4061 | } | |
4062 | } else { | |
4063 | xlate_report(ctx, "skipping output to input port"); | |
4064 | } | |
4065 | break; | |
4066 | } | |
4067 | } | |
4068 | ||
9583bc14 EJ |
4069 | static void |
4070 | xlate_enqueue_action(struct xlate_ctx *ctx, | |
4071 | const struct ofpact_enqueue *enqueue) | |
4072 | { | |
4e022ec0 | 4073 | ofp_port_t ofp_port = enqueue->port; |
9583bc14 EJ |
4074 | uint32_t queue_id = enqueue->queue; |
4075 | uint32_t flow_priority, priority; | |
4076 | int error; | |
4077 | ||
4078 | /* Translate queue to priority. */ | |
89a8a7f0 | 4079 | error = dpif_queue_to_priority(ctx->xbridge->dpif, queue_id, &priority); |
9583bc14 EJ |
4080 | if (error) { |
4081 | /* Fall back to ordinary output action. */ | |
4082 | xlate_output_action(ctx, enqueue->port, 0, false); | |
4083 | return; | |
4084 | } | |
4085 | ||
4086 | /* Check output port. */ | |
4087 | if (ofp_port == OFPP_IN_PORT) { | |
4e022ec0 AW |
4088 | ofp_port = ctx->xin->flow.in_port.ofp_port; |
4089 | } else if (ofp_port == ctx->xin->flow.in_port.ofp_port) { | |
9583bc14 EJ |
4090 | return; |
4091 | } | |
4092 | ||
4093 | /* Add datapath actions. */ | |
4094 | flow_priority = ctx->xin->flow.skb_priority; | |
4095 | ctx->xin->flow.skb_priority = priority; | |
e93ef1c7 | 4096 | compose_output_action(ctx, ofp_port, NULL); |
9583bc14 EJ |
4097 | ctx->xin->flow.skb_priority = flow_priority; |
4098 | ||
4099 | /* Update NetFlow output port. */ | |
2031ef97 BP |
4100 | if (ctx->nf_output_iface == NF_OUT_DROP) { |
4101 | ctx->nf_output_iface = ofp_port; | |
4102 | } else if (ctx->nf_output_iface != NF_OUT_FLOOD) { | |
4103 | ctx->nf_output_iface = NF_OUT_MULTI; | |
9583bc14 EJ |
4104 | } |
4105 | } | |
4106 | ||
4107 | static void | |
4108 | xlate_set_queue_action(struct xlate_ctx *ctx, uint32_t queue_id) | |
4109 | { | |
4110 | uint32_t skb_priority; | |
4111 | ||
89a8a7f0 | 4112 | if (!dpif_queue_to_priority(ctx->xbridge->dpif, queue_id, &skb_priority)) { |
9583bc14 EJ |
4113 | ctx->xin->flow.skb_priority = skb_priority; |
4114 | } else { | |
4115 | /* Couldn't translate queue to a priority. Nothing to do. A warning | |
4116 | * has already been logged. */ | |
4117 | } | |
4118 | } | |
4119 | ||
4120 | static bool | |
46c88433 | 4121 | slave_enabled_cb(ofp_port_t ofp_port, void *xbridge_) |
9583bc14 | 4122 | { |
46c88433 EJ |
4123 | const struct xbridge *xbridge = xbridge_; |
4124 | struct xport *port; | |
9583bc14 EJ |
4125 | |
4126 | switch (ofp_port) { | |
4127 | case OFPP_IN_PORT: | |
4128 | case OFPP_TABLE: | |
4129 | case OFPP_NORMAL: | |
4130 | case OFPP_FLOOD: | |
4131 | case OFPP_ALL: | |
4132 | case OFPP_NONE: | |
4133 | return true; | |
4134 | case OFPP_CONTROLLER: /* Not supported by the bundle action. */ | |
4135 | return false; | |
4136 | default: | |
46c88433 | 4137 | port = get_ofp_port(xbridge, ofp_port); |
9583bc14 EJ |
4138 | return port ? port->may_enable : false; |
4139 | } | |
4140 | } | |
4141 | ||
4142 | static void | |
4143 | xlate_bundle_action(struct xlate_ctx *ctx, | |
4144 | const struct ofpact_bundle *bundle) | |
4145 | { | |
4e022ec0 | 4146 | ofp_port_t port; |
9583bc14 | 4147 | |
49a73e0c | 4148 | port = bundle_execute(bundle, &ctx->xin->flow, ctx->wc, slave_enabled_cb, |
46c88433 | 4149 | CONST_CAST(struct xbridge *, ctx->xbridge)); |
9583bc14 | 4150 | if (bundle->dst.field) { |
49a73e0c | 4151 | nxm_reg_load(&bundle->dst, ofp_to_u16(port), &ctx->xin->flow, ctx->wc); |
9583bc14 EJ |
4152 | } else { |
4153 | xlate_output_action(ctx, port, 0, false); | |
4154 | } | |
4155 | } | |
4156 | ||
4165b5e0 JS |
4157 | static void |
4158 | xlate_learn_action(struct xlate_ctx *ctx, const struct ofpact_learn *learn) | |
4159 | { | |
49a73e0c | 4160 | learn_mask(learn, ctx->wc); |
9583bc14 | 4161 | |
df70a773 | 4162 | if (ctx->xin->xcache || ctx->xin->allow_side_effects) { |
4165b5e0 JS |
4163 | uint64_t ofpacts_stub[1024 / 8]; |
4164 | struct ofputil_flow_mod fm; | |
2c7ee524 | 4165 | struct ofproto_flow_mod ofm__, *ofm; |
4165b5e0 | 4166 | struct ofpbuf ofpacts; |
2c7ee524 JR |
4167 | enum ofperr error; |
4168 | ||
4169 | if (ctx->xin->xcache) { | |
4170 | struct xc_entry *entry; | |
4171 | ||
4172 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_LEARN); | |
4173 | entry->learn.ofm = xmalloc(sizeof *entry->learn.ofm); | |
4174 | ofm = entry->learn.ofm; | |
4175 | } else { | |
4176 | ofm = &ofm__; | |
4177 | } | |
4165b5e0 JS |
4178 | |
4179 | ofpbuf_use_stub(&ofpacts, ofpacts_stub, sizeof ofpacts_stub); | |
2c7ee524 JR |
4180 | learn_execute(learn, &ctx->xin->flow, &fm, &ofpacts); |
4181 | error = ofproto_dpif_flow_mod_init_for_learn(ctx->xbridge->ofproto, | |
4182 | &fm, ofm); | |
4165b5e0 | 4183 | ofpbuf_uninit(&ofpacts); |
2c7ee524 | 4184 | |
df70a773 | 4185 | if (!error && ctx->xin->allow_side_effects) { |
2c7ee524 JR |
4186 | error = ofproto_flow_mod_learn(ofm, ctx->xin->xcache != NULL); |
4187 | } | |
4188 | ||
4189 | if (error) { | |
4190 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
4191 | VLOG_WARN_RL(&rl, "%s: LEARN action execution failed (%s).", | |
4192 | ctx->xbridge->name, ofperr_to_string(error)); | |
4193 | } | |
b256dc52 JS |
4194 | } |
4195 | } | |
4196 | ||
4197 | static void | |
4198 | xlate_fin_timeout__(struct rule_dpif *rule, uint16_t tcp_flags, | |
4199 | uint16_t idle_timeout, uint16_t hard_timeout) | |
4200 | { | |
4201 | if (tcp_flags & (TCP_FIN | TCP_RST)) { | |
07a3cd5c | 4202 | ofproto_rule_reduce_timeouts(&rule->up, idle_timeout, hard_timeout); |
b256dc52 | 4203 | } |
9583bc14 EJ |
4204 | } |
4205 | ||
9583bc14 EJ |
4206 | static void |
4207 | xlate_fin_timeout(struct xlate_ctx *ctx, | |
4208 | const struct ofpact_fin_timeout *oft) | |
4209 | { | |
b256dc52 | 4210 | if (ctx->rule) { |
df70a773 JR |
4211 | if (ctx->xin->allow_side_effects) { |
4212 | xlate_fin_timeout__(ctx->rule, ctx->xin->tcp_flags, | |
4213 | oft->fin_idle_timeout, oft->fin_hard_timeout); | |
4214 | } | |
b256dc52 JS |
4215 | if (ctx->xin->xcache) { |
4216 | struct xc_entry *entry; | |
4217 | ||
4218 | entry = xlate_cache_add_entry(ctx->xin->xcache, XC_FIN_TIMEOUT); | |
83709dfa JR |
4219 | /* XC_RULE already holds a reference on the rule, none is taken |
4220 | * here. */ | |
901a517e JR |
4221 | entry->fin.rule = ctx->rule; |
4222 | entry->fin.idle = oft->fin_idle_timeout; | |
4223 | entry->fin.hard = oft->fin_hard_timeout; | |
b256dc52 | 4224 | } |
9583bc14 EJ |
4225 | } |
4226 | } | |
4227 | ||
4228 | static void | |
4229 | xlate_sample_action(struct xlate_ctx *ctx, | |
4230 | const struct ofpact_sample *os) | |
4231 | { | |
f69f713b BY |
4232 | odp_port_t output_odp_port = ODPP_NONE; |
4233 | odp_port_t tunnel_out_port = ODPP_NONE; | |
4234 | struct dpif_ipfix *ipfix = ctx->xbridge->ipfix; | |
4235 | bool emit_set_tunnel = false; | |
4236 | ||
4237 | if (!ipfix || ctx->xin->flow.in_port.ofp_port == OFPP_NONE) { | |
4238 | return; | |
4239 | } | |
4240 | ||
e824d78d JR |
4241 | /* Scale the probability from 16-bit to 32-bit while representing |
4242 | * the same percentage. */ | |
4243 | uint32_t probability = (os->probability << 16) | os->probability; | |
4244 | ||
b440dd8c | 4245 | if (!ctx->xbridge->support.variable_length_userdata) { |
e824d78d JR |
4246 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1); |
4247 | ||
4248 | VLOG_ERR_RL(&rl, "ignoring NXAST_SAMPLE action because datapath " | |
4249 | "lacks support (needs Linux 3.10+ or kernel module from " | |
4250 | "OVS 1.11+)"); | |
4251 | return; | |
4252 | } | |
4253 | ||
f69f713b BY |
4254 | /* If ofp_port in flow sample action is equel to ofp_port, |
4255 | * this sample action is a input port action. */ | |
4256 | if (os->sampling_port != OFPP_NONE && | |
4257 | os->sampling_port != ctx->xin->flow.in_port.ofp_port) { | |
4258 | output_odp_port = ofp_port_to_odp_port(ctx->xbridge, | |
4259 | os->sampling_port); | |
4260 | if (output_odp_port == ODPP_NONE) { | |
4261 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1); | |
4262 | VLOG_WARN_RL(&rl, "can't use unknown port %d in flow sample " | |
4263 | "action", os->sampling_port); | |
4264 | return; | |
4265 | } | |
4266 | ||
4267 | if (dpif_ipfix_get_flow_exporter_tunnel_sampling(ipfix, | |
4268 | os->collector_set_id) | |
4269 | && dpif_ipfix_get_tunnel_port(ipfix, output_odp_port)) { | |
4270 | tunnel_out_port = output_odp_port; | |
4271 | emit_set_tunnel = true; | |
4272 | } | |
4273 | } | |
4274 | ||
4275 | xlate_commit_actions(ctx); | |
4276 | /* If 'emit_set_tunnel', sample(sampling_port=1) would translate | |
4277 | * into datapath sample action set(tunnel(...)), sample(...) and | |
4278 | * it is used for sampling egress tunnel information. */ | |
4279 | if (emit_set_tunnel) { | |
4280 | const struct xport *xport = get_ofp_port(ctx->xbridge, | |
4281 | os->sampling_port); | |
4282 | ||
4283 | if (xport && xport->is_tunnel) { | |
4284 | struct flow *flow = &ctx->xin->flow; | |
4285 | tnl_port_send(xport->ofport, flow, ctx->wc); | |
4286 | if (!ovs_native_tunneling_is_on(ctx->xbridge->ofproto)) { | |
4287 | struct flow_tnl flow_tnl = flow->tunnel; | |
4288 | ||
4289 | commit_odp_tunnel_action(flow, &ctx->base_flow, | |
4290 | ctx->odp_actions); | |
4291 | flow->tunnel = flow_tnl; | |
4292 | } | |
4293 | } else { | |
4294 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1); | |
4295 | VLOG_WARN_RL(&rl, "sampling_port:%d should be a tunnel port.", | |
4296 | os->sampling_port); | |
4297 | } | |
4298 | } | |
e824d78d | 4299 | |
a6092018 BP |
4300 | union user_action_cookie cookie = { |
4301 | .flow_sample = { | |
4302 | .type = USER_ACTION_COOKIE_FLOW_SAMPLE, | |
4303 | .probability = os->probability, | |
4304 | .collector_set_id = os->collector_set_id, | |
4305 | .obs_domain_id = os->obs_domain_id, | |
4306 | .obs_point_id = os->obs_point_id, | |
f69f713b | 4307 | .output_odp_port = output_odp_port, |
4930ea56 | 4308 | .direction = os->direction, |
a6092018 BP |
4309 | } |
4310 | }; | |
4311 | compose_sample_action(ctx, probability, &cookie, sizeof cookie.flow_sample, | |
f69f713b | 4312 | tunnel_out_port, false); |
9583bc14 EJ |
4313 | } |
4314 | ||
7ae62a67 WT |
4315 | static void |
4316 | compose_clone_action(struct xlate_ctx *ctx, const struct ofpact_nest *oc) | |
4317 | { | |
ba653d2a | 4318 | bool old_conntracked = ctx->conntracked; |
7ae62a67 | 4319 | struct flow old_flow = ctx->xin->flow; |
ba653d2a | 4320 | |
7ae62a67 | 4321 | do_xlate_actions(oc->actions, ofpact_nest_get_action_len(oc), ctx); |
ba653d2a | 4322 | |
7ae62a67 | 4323 | ctx->xin->flow = old_flow; |
ba653d2a BP |
4324 | |
4325 | /* The clone's conntrack execution should have no effect on the original | |
4326 | * packet. */ | |
4327 | ctx->conntracked = old_conntracked; | |
7ae62a67 WT |
4328 | } |
4329 | ||
9583bc14 | 4330 | static bool |
46c88433 | 4331 | may_receive(const struct xport *xport, struct xlate_ctx *ctx) |
9583bc14 | 4332 | { |
bbbca389 | 4333 | if (xport->config & (is_stp(&ctx->xin->flow) |
46c88433 EJ |
4334 | ? OFPUTIL_PC_NO_RECV_STP |
4335 | : OFPUTIL_PC_NO_RECV)) { | |
9583bc14 EJ |
4336 | return false; |
4337 | } | |
4338 | ||
4339 | /* Only drop packets here if both forwarding and learning are | |
4340 | * disabled. If just learning is enabled, we need to have | |
4341 | * OFPP_NORMAL and the learning action have a look at the packet | |
4342 | * before we can drop it. */ | |
9efd308e DV |
4343 | if ((!xport_stp_forward_state(xport) && !xport_stp_learn_state(xport)) || |
4344 | (!xport_rstp_forward_state(xport) && !xport_rstp_learn_state(xport))) { | |
9583bc14 EJ |
4345 | return false; |
4346 | } | |
4347 | ||
4348 | return true; | |
4349 | } | |
4350 | ||
7fdb60a7 | 4351 | static void |
7e7e8dbb BP |
4352 | xlate_write_actions__(struct xlate_ctx *ctx, |
4353 | const struct ofpact *ofpacts, size_t ofpacts_len) | |
7fdb60a7 | 4354 | { |
c61f3870 BP |
4355 | /* Maintain actset_output depending on the contents of the action set: |
4356 | * | |
4357 | * - OFPP_UNSET, if there is no "output" action. | |
4358 | * | |
4359 | * - The output port, if there is an "output" action and no "group" | |
4360 | * action. | |
4361 | * | |
4362 | * - OFPP_UNSET, if there is a "group" action. | |
4363 | */ | |
4364 | if (!ctx->action_set_has_group) { | |
7e7e8dbb BP |
4365 | const struct ofpact *a; |
4366 | OFPACT_FOR_EACH (a, ofpacts, ofpacts_len) { | |
4367 | if (a->type == OFPACT_OUTPUT) { | |
4368 | ctx->xin->flow.actset_output = ofpact_get_OUTPUT(a)->port; | |
4369 | } else if (a->type == OFPACT_GROUP) { | |
c61f3870 BP |
4370 | ctx->xin->flow.actset_output = OFPP_UNSET; |
4371 | ctx->action_set_has_group = true; | |
9055ca9a | 4372 | break; |
c61f3870 BP |
4373 | } |
4374 | } | |
4375 | } | |
4376 | ||
7e7e8dbb BP |
4377 | ofpbuf_put(&ctx->action_set, ofpacts, ofpacts_len); |
4378 | } | |
4379 | ||
4380 | static void | |
4381 | xlate_write_actions(struct xlate_ctx *ctx, const struct ofpact_nest *a) | |
4382 | { | |
4383 | xlate_write_actions__(ctx, a->actions, ofpact_nest_get_action_len(a)); | |
7fdb60a7 SH |
4384 | } |
4385 | ||
4386 | static void | |
4387 | xlate_action_set(struct xlate_ctx *ctx) | |
4388 | { | |
4389 | uint64_t action_list_stub[1024 / 64]; | |
4390 | struct ofpbuf action_list; | |
4391 | ||
029ca940 | 4392 | ctx->in_action_set = true; |
7fdb60a7 SH |
4393 | ofpbuf_use_stub(&action_list, action_list_stub, sizeof action_list_stub); |
4394 | ofpacts_execute_action_set(&action_list, &ctx->action_set); | |
ed9c9e3e JR |
4395 | /* Clear the action set, as it is not needed any more. */ |
4396 | ofpbuf_clear(&ctx->action_set); | |
6fd6ed71 | 4397 | do_xlate_actions(action_list.data, action_list.size, ctx); |
029ca940 | 4398 | ctx->in_action_set = false; |
7fdb60a7 SH |
4399 | ofpbuf_uninit(&action_list); |
4400 | } | |
4401 | ||
e672ff9b | 4402 | static void |
1d361a81 | 4403 | freeze_put_unroll_xlate(struct xlate_ctx *ctx) |
e672ff9b | 4404 | { |
1d361a81 | 4405 | struct ofpact_unroll_xlate *unroll = ctx->frozen_actions.header; |
e672ff9b JR |
4406 | |
4407 | /* Restore the table_id and rule cookie for a potential PACKET | |
4408 | * IN if needed. */ | |
4409 | if (!unroll || | |
4410 | (ctx->table_id != unroll->rule_table_id | |
4411 | || ctx->rule_cookie != unroll->rule_cookie)) { | |
1d361a81 | 4412 | unroll = ofpact_put_UNROLL_XLATE(&ctx->frozen_actions); |
e672ff9b JR |
4413 | unroll->rule_table_id = ctx->table_id; |
4414 | unroll->rule_cookie = ctx->rule_cookie; | |
1d361a81 | 4415 | ctx->frozen_actions.header = unroll; |
e672ff9b JR |
4416 | } |
4417 | } | |
4418 | ||
4419 | ||
1d361a81 BP |
4420 | /* Copy actions 'a' through 'end' to ctx->frozen_actions, which will be |
4421 | * executed after thawing. Inserts an UNROLL_XLATE action, if none is already | |
4422 | * present, before any action that may depend on the current table ID or flow | |
4423 | * cookie. */ | |
e672ff9b | 4424 | static void |
1d361a81 | 4425 | freeze_unroll_actions(const struct ofpact *a, const struct ofpact *end, |
e672ff9b JR |
4426 | struct xlate_ctx *ctx) |
4427 | { | |
c2b283b7 | 4428 | for (; a < end; a = ofpact_next(a)) { |
e672ff9b | 4429 | switch (a->type) { |
e672ff9b | 4430 | case OFPACT_OUTPUT_REG: |
aaca4fe0 | 4431 | case OFPACT_OUTPUT_TRUNC: |
e672ff9b JR |
4432 | case OFPACT_GROUP: |
4433 | case OFPACT_OUTPUT: | |
4434 | case OFPACT_CONTROLLER: | |
4435 | case OFPACT_DEC_MPLS_TTL: | |
4436 | case OFPACT_DEC_TTL: | |
83a31283 BP |
4437 | /* These actions may generate asynchronous messages, which include |
4438 | * table ID and flow cookie information. */ | |
1d361a81 | 4439 | freeze_put_unroll_xlate(ctx); |
e672ff9b JR |
4440 | break; |
4441 | ||
83a31283 BP |
4442 | case OFPACT_RESUBMIT: |
4443 | if (ofpact_get_RESUBMIT(a)->table_id == 0xff) { | |
4444 | /* This resubmit action is relative to the current table, so we | |
4445 | * need to track what table that is.*/ | |
1d361a81 | 4446 | freeze_put_unroll_xlate(ctx); |
83a31283 BP |
4447 | } |
4448 | break; | |
4449 | ||
e672ff9b JR |
4450 | case OFPACT_SET_TUNNEL: |
4451 | case OFPACT_REG_MOVE: | |
4452 | case OFPACT_SET_FIELD: | |
4453 | case OFPACT_STACK_PUSH: | |
4454 | case OFPACT_STACK_POP: | |
4455 | case OFPACT_LEARN: | |
4456 | case OFPACT_WRITE_METADATA: | |
83a31283 | 4457 | case OFPACT_GOTO_TABLE: |
e672ff9b JR |
4458 | case OFPACT_ENQUEUE: |
4459 | case OFPACT_SET_VLAN_VID: | |
4460 | case OFPACT_SET_VLAN_PCP: | |
4461 | case OFPACT_STRIP_VLAN: | |
4462 | case OFPACT_PUSH_VLAN: | |
4463 | case OFPACT_SET_ETH_SRC: | |
4464 | case OFPACT_SET_ETH_DST: | |
4465 | case OFPACT_SET_IPV4_SRC: | |
4466 | case OFPACT_SET_IPV4_DST: | |
4467 | case OFPACT_SET_IP_DSCP: | |
4468 | case OFPACT_SET_IP_ECN: | |
4469 | case OFPACT_SET_IP_TTL: | |
4470 | case OFPACT_SET_L4_SRC_PORT: | |
4471 | case OFPACT_SET_L4_DST_PORT: | |
4472 | case OFPACT_SET_QUEUE: | |
4473 | case OFPACT_POP_QUEUE: | |
4474 | case OFPACT_PUSH_MPLS: | |
4475 | case OFPACT_POP_MPLS: | |
4476 | case OFPACT_SET_MPLS_LABEL: | |
4477 | case OFPACT_SET_MPLS_TC: | |
4478 | case OFPACT_SET_MPLS_TTL: | |
4479 | case OFPACT_MULTIPATH: | |
4480 | case OFPACT_BUNDLE: | |
4481 | case OFPACT_EXIT: | |
4482 | case OFPACT_UNROLL_XLATE: | |
4483 | case OFPACT_FIN_TIMEOUT: | |
4484 | case OFPACT_CLEAR_ACTIONS: | |
4485 | case OFPACT_WRITE_ACTIONS: | |
4486 | case OFPACT_METER: | |
4487 | case OFPACT_SAMPLE: | |
7ae62a67 | 4488 | case OFPACT_CLONE: |
d4abaff5 | 4489 | case OFPACT_DEBUG_RECIRC: |
07659514 | 4490 | case OFPACT_CT: |
9ac0aada | 4491 | case OFPACT_NAT: |
83a31283 | 4492 | /* These may not generate PACKET INs. */ |
e672ff9b JR |
4493 | break; |
4494 | ||
e672ff9b JR |
4495 | case OFPACT_NOTE: |
4496 | case OFPACT_CONJUNCTION: | |
83a31283 | 4497 | /* These need not be copied for restoration. */ |
e672ff9b JR |
4498 | continue; |
4499 | } | |
4500 | /* Copy the action over. */ | |
1d361a81 | 4501 | ofpbuf_put(&ctx->frozen_actions, a, OFPACT_ALIGN(a->len)); |
e672ff9b JR |
4502 | } |
4503 | } | |
4504 | ||
8e53fe8c | 4505 | static void |
f2d105b5 JS |
4506 | put_ct_mark(const struct flow *flow, struct ofpbuf *odp_actions, |
4507 | struct flow_wildcards *wc) | |
8e53fe8c | 4508 | { |
2a754f4a JS |
4509 | if (wc->masks.ct_mark) { |
4510 | struct { | |
4511 | uint32_t key; | |
4512 | uint32_t mask; | |
4513 | } *odp_ct_mark; | |
4514 | ||
4515 | odp_ct_mark = nl_msg_put_unspec_uninit(odp_actions, OVS_CT_ATTR_MARK, | |
4516 | sizeof(*odp_ct_mark)); | |
4517 | odp_ct_mark->key = flow->ct_mark & wc->masks.ct_mark; | |
4518 | odp_ct_mark->mask = wc->masks.ct_mark; | |
8e53fe8c JS |
4519 | } |
4520 | } | |
4521 | ||
9daf2348 | 4522 | static void |
f2d105b5 JS |
4523 | put_ct_label(const struct flow *flow, struct ofpbuf *odp_actions, |
4524 | struct flow_wildcards *wc) | |
9daf2348 | 4525 | { |
2ff8484b | 4526 | if (!ovs_u128_is_zero(wc->masks.ct_label)) { |
9daf2348 JS |
4527 | struct { |
4528 | ovs_u128 key; | |
4529 | ovs_u128 mask; | |
4530 | } *odp_ct_label; | |
4531 | ||
4532 | odp_ct_label = nl_msg_put_unspec_uninit(odp_actions, | |
4533 | OVS_CT_ATTR_LABELS, | |
4534 | sizeof(*odp_ct_label)); | |
f2d105b5 | 4535 | odp_ct_label->key = ovs_u128_and(flow->ct_label, wc->masks.ct_label); |
9daf2348 JS |
4536 | odp_ct_label->mask = wc->masks.ct_label; |
4537 | } | |
4538 | } | |
4539 | ||
d787ad39 JS |
4540 | static void |
4541 | put_ct_helper(struct ofpbuf *odp_actions, struct ofpact_conntrack *ofc) | |
4542 | { | |
4543 | if (ofc->alg) { | |
40c7b2fc JS |
4544 | switch(ofc->alg) { |
4545 | case IPPORT_FTP: | |
d787ad39 | 4546 | nl_msg_put_string(odp_actions, OVS_CT_ATTR_HELPER, "ftp"); |
40c7b2fc JS |
4547 | break; |
4548 | case IPPORT_TFTP: | |
4549 | nl_msg_put_string(odp_actions, OVS_CT_ATTR_HELPER, "tftp"); | |
4550 | break; | |
4551 | default: | |
d787ad39 | 4552 | VLOG_WARN("Cannot serialize ct_helper %d\n", ofc->alg); |
40c7b2fc | 4553 | break; |
d787ad39 JS |
4554 | } |
4555 | } | |
4556 | } | |
4557 | ||
9ac0aada JR |
4558 | static void |
4559 | put_ct_nat(struct xlate_ctx *ctx) | |
4560 | { | |
4561 | struct ofpact_nat *ofn = ctx->ct_nat_action; | |
4562 | size_t nat_offset; | |
4563 | ||
4564 | if (!ofn) { | |
4565 | return; | |
4566 | } | |
4567 | ||
4568 | nat_offset = nl_msg_start_nested(ctx->odp_actions, OVS_CT_ATTR_NAT); | |
4569 | if (ofn->flags & NX_NAT_F_SRC || ofn->flags & NX_NAT_F_DST) { | |
4570 | nl_msg_put_flag(ctx->odp_actions, ofn->flags & NX_NAT_F_SRC | |
4571 | ? OVS_NAT_ATTR_SRC : OVS_NAT_ATTR_DST); | |
4572 | if (ofn->flags & NX_NAT_F_PERSISTENT) { | |
4573 | nl_msg_put_flag(ctx->odp_actions, OVS_NAT_ATTR_PERSISTENT); | |
4574 | } | |
4575 | if (ofn->flags & NX_NAT_F_PROTO_HASH) { | |
4576 | nl_msg_put_flag(ctx->odp_actions, OVS_NAT_ATTR_PROTO_HASH); | |
4577 | } else if (ofn->flags & NX_NAT_F_PROTO_RANDOM) { | |
4578 | nl_msg_put_flag(ctx->odp_actions, OVS_NAT_ATTR_PROTO_RANDOM); | |
4579 | } | |
4580 | if (ofn->range_af == AF_INET) { | |
73e8bc23 | 4581 | nl_msg_put_be32(ctx->odp_actions, OVS_NAT_ATTR_IP_MIN, |
9ac0aada JR |
4582 | ofn->range.addr.ipv4.min); |
4583 | if (ofn->range.addr.ipv4.max && | |
73e8bc23 BP |
4584 | (ntohl(ofn->range.addr.ipv4.max) |
4585 | > ntohl(ofn->range.addr.ipv4.min))) { | |
4586 | nl_msg_put_be32(ctx->odp_actions, OVS_NAT_ATTR_IP_MAX, | |
4587 | ofn->range.addr.ipv4.max); | |
9ac0aada JR |
4588 | } |
4589 | } else if (ofn->range_af == AF_INET6) { | |
4590 | nl_msg_put_unspec(ctx->odp_actions, OVS_NAT_ATTR_IP_MIN, | |
4591 | &ofn->range.addr.ipv6.min, | |
4592 | sizeof ofn->range.addr.ipv6.min); | |
4593 | if (!ipv6_mask_is_any(&ofn->range.addr.ipv6.max) && | |
4594 | memcmp(&ofn->range.addr.ipv6.max, &ofn->range.addr.ipv6.min, | |
4595 | sizeof ofn->range.addr.ipv6.max) > 0) { | |
4596 | nl_msg_put_unspec(ctx->odp_actions, OVS_NAT_ATTR_IP_MAX, | |
4597 | &ofn->range.addr.ipv6.max, | |
4598 | sizeof ofn->range.addr.ipv6.max); | |
4599 | } | |
4600 | } | |
4601 | if (ofn->range_af != AF_UNSPEC && ofn->range.proto.min) { | |
4602 | nl_msg_put_u16(ctx->odp_actions, OVS_NAT_ATTR_PROTO_MIN, | |
4603 | ofn->range.proto.min); | |
4604 | if (ofn->range.proto.max && | |
4605 | ofn->range.proto.max > ofn->range.proto.min) { | |
4606 | nl_msg_put_u16(ctx->odp_actions, OVS_NAT_ATTR_PROTO_MAX, | |
4607 | ofn->range.proto.max); | |
4608 | } | |
4609 | } | |
4610 | } | |
4611 | nl_msg_end_nested(ctx->odp_actions, nat_offset); | |
4612 | } | |
4613 | ||
07659514 JS |
4614 | static void |
4615 | compose_conntrack_action(struct xlate_ctx *ctx, struct ofpact_conntrack *ofc) | |
4616 | { | |
9daf2348 | 4617 | ovs_u128 old_ct_label = ctx->base_flow.ct_label; |
f2d105b5 | 4618 | ovs_u128 old_ct_label_mask = ctx->wc->masks.ct_label; |
8e53fe8c | 4619 | uint32_t old_ct_mark = ctx->base_flow.ct_mark; |
f2d105b5 | 4620 | uint32_t old_ct_mark_mask = ctx->wc->masks.ct_mark; |
07659514 JS |
4621 | size_t ct_offset; |
4622 | uint16_t zone; | |
4623 | ||
4624 | /* Ensure that any prior actions are applied before composing the new | |
4625 | * conntrack action. */ | |
4626 | xlate_commit_actions(ctx); | |
4627 | ||
8e53fe8c | 4628 | /* Process nested actions first, to populate the key. */ |
9ac0aada | 4629 | ctx->ct_nat_action = NULL; |
f2d105b5 JS |
4630 | ctx->wc->masks.ct_mark = 0; |
4631 | ctx->wc->masks.ct_label.u64.hi = ctx->wc->masks.ct_label.u64.lo = 0; | |
8e53fe8c JS |
4632 | do_xlate_actions(ofc->actions, ofpact_ct_get_action_len(ofc), ctx); |
4633 | ||
07659514 JS |
4634 | if (ofc->zone_src.field) { |
4635 | zone = mf_get_subfield(&ofc->zone_src, &ctx->xin->flow); | |
4636 | } else { | |
4637 | zone = ofc->zone_imm; | |
4638 | } | |
4639 | ||
4640 | ct_offset = nl_msg_start_nested(ctx->odp_actions, OVS_ACTION_ATTR_CT); | |
4641 | if (ofc->flags & NX_CT_F_COMMIT) { | |
4642 | nl_msg_put_flag(ctx->odp_actions, OVS_CT_ATTR_COMMIT); | |
4643 | } | |
4644 | nl_msg_put_u16(ctx->odp_actions, OVS_CT_ATTR_ZONE, zone); | |
f2d105b5 JS |
4645 | put_ct_mark(&ctx->xin->flow, ctx->odp_actions, ctx->wc); |
4646 | put_ct_label(&ctx->xin->flow, ctx->odp_actions, ctx->wc); | |
d787ad39 | 4647 | put_ct_helper(ctx->odp_actions, ofc); |
9ac0aada JR |
4648 | put_ct_nat(ctx); |
4649 | ctx->ct_nat_action = NULL; | |
07659514 JS |
4650 | nl_msg_end_nested(ctx->odp_actions, ct_offset); |
4651 | ||
8e53fe8c JS |
4652 | /* Restore the original ct fields in the key. These should only be exposed |
4653 | * after recirculation to another table. */ | |
4654 | ctx->base_flow.ct_mark = old_ct_mark; | |
f2d105b5 | 4655 | ctx->wc->masks.ct_mark = old_ct_mark_mask; |
9daf2348 | 4656 | ctx->base_flow.ct_label = old_ct_label; |
f2d105b5 | 4657 | ctx->wc->masks.ct_label = old_ct_label_mask; |
8e53fe8c | 4658 | |
07659514 JS |
4659 | if (ofc->recirc_table == NX_CT_RECIRC_NONE) { |
4660 | /* If we do not recirculate as part of this action, hide the results of | |
4661 | * connection tracking from subsequent recirculations. */ | |
4662 | ctx->conntracked = false; | |
4663 | } else { | |
4664 | /* Use ct_* fields from datapath during recirculation upcall. */ | |
4665 | ctx->conntracked = true; | |
e37b8437 | 4666 | compose_recirculate_and_fork(ctx, ofc->recirc_table); |
07659514 JS |
4667 | } |
4668 | } | |
4669 | ||
e12ec36b SH |
4670 | static void |
4671 | recirc_for_mpls(const struct ofpact *a, struct xlate_ctx *ctx) | |
4672 | { | |
4673 | /* No need to recirculate if already exiting. */ | |
4674 | if (ctx->exit) { | |
4675 | return; | |
4676 | } | |
4677 | ||
4678 | /* Do not consider recirculating unless the packet was previously MPLS. */ | |
4679 | if (!ctx->was_mpls) { | |
4680 | return; | |
4681 | } | |
4682 | ||
4683 | /* Special case these actions, only recirculating if necessary. | |
4684 | * This avoids the overhead of recirculation in common use-cases. | |
4685 | */ | |
4686 | switch (a->type) { | |
4687 | ||
4688 | /* Output actions do not require recirculation. */ | |
4689 | case OFPACT_OUTPUT: | |
aaca4fe0 | 4690 | case OFPACT_OUTPUT_TRUNC: |
e12ec36b SH |
4691 | case OFPACT_ENQUEUE: |
4692 | case OFPACT_OUTPUT_REG: | |
4693 | /* Set actions that don't touch L3+ fields do not require recirculation. */ | |
4694 | case OFPACT_SET_VLAN_VID: | |
4695 | case OFPACT_SET_VLAN_PCP: | |
4696 | case OFPACT_SET_ETH_SRC: | |
4697 | case OFPACT_SET_ETH_DST: | |
4698 | case OFPACT_SET_TUNNEL: | |
4699 | case OFPACT_SET_QUEUE: | |
4700 | /* If actions of a group require recirculation that can be detected | |
4701 | * when translating them. */ | |
4702 | case OFPACT_GROUP: | |
4703 | return; | |
4704 | ||
4705 | /* Set field that don't touch L3+ fields don't require recirculation. */ | |
4706 | case OFPACT_SET_FIELD: | |
4707 | if (mf_is_l3_or_higher(ofpact_get_SET_FIELD(a)->field)) { | |
4708 | break; | |
4709 | } | |
4710 | return; | |
4711 | ||
4712 | /* For simplicity, recirculate in all other cases. */ | |
4713 | case OFPACT_CONTROLLER: | |
4714 | case OFPACT_BUNDLE: | |
4715 | case OFPACT_STRIP_VLAN: | |
4716 | case OFPACT_PUSH_VLAN: | |
4717 | case OFPACT_SET_IPV4_SRC: | |
4718 | case OFPACT_SET_IPV4_DST: | |
4719 | case OFPACT_SET_IP_DSCP: | |
4720 | case OFPACT_SET_IP_ECN: | |
4721 | case OFPACT_SET_IP_TTL: | |
4722 | case OFPACT_SET_L4_SRC_PORT: | |
4723 | case OFPACT_SET_L4_DST_PORT: | |
4724 | case OFPACT_REG_MOVE: | |
4725 | case OFPACT_STACK_PUSH: | |
4726 | case OFPACT_STACK_POP: | |
4727 | case OFPACT_DEC_TTL: | |
4728 | case OFPACT_SET_MPLS_LABEL: | |
4729 | case OFPACT_SET_MPLS_TC: | |
4730 | case OFPACT_SET_MPLS_TTL: | |
4731 | case OFPACT_DEC_MPLS_TTL: | |
4732 | case OFPACT_PUSH_MPLS: | |
4733 | case OFPACT_POP_MPLS: | |
4734 | case OFPACT_POP_QUEUE: | |
4735 | case OFPACT_FIN_TIMEOUT: | |
4736 | case OFPACT_RESUBMIT: | |
4737 | case OFPACT_LEARN: | |
4738 | case OFPACT_CONJUNCTION: | |
4739 | case OFPACT_MULTIPATH: | |
4740 | case OFPACT_NOTE: | |
4741 | case OFPACT_EXIT: | |
4742 | case OFPACT_SAMPLE: | |
7ae62a67 | 4743 | case OFPACT_CLONE: |
e12ec36b SH |
4744 | case OFPACT_UNROLL_XLATE: |
4745 | case OFPACT_CT: | |
4746 | case OFPACT_NAT: | |
4747 | case OFPACT_DEBUG_RECIRC: | |
4748 | case OFPACT_METER: | |
4749 | case OFPACT_CLEAR_ACTIONS: | |
4750 | case OFPACT_WRITE_ACTIONS: | |
4751 | case OFPACT_WRITE_METADATA: | |
4752 | case OFPACT_GOTO_TABLE: | |
4753 | default: | |
4754 | break; | |
4755 | } | |
4756 | ||
4757 | /* Recirculate */ | |
4758 | ctx_trigger_freeze(ctx); | |
4759 | } | |
4760 | ||
9583bc14 EJ |
4761 | static void |
4762 | do_xlate_actions(const struct ofpact *ofpacts, size_t ofpacts_len, | |
4763 | struct xlate_ctx *ctx) | |
4764 | { | |
49a73e0c | 4765 | struct flow_wildcards *wc = ctx->wc; |
33bf9176 | 4766 | struct flow *flow = &ctx->xin->flow; |
9583bc14 EJ |
4767 | const struct ofpact *a; |
4768 | ||
a36de779 | 4769 | if (ovs_native_tunneling_is_on(ctx->xbridge->ofproto)) { |
53902038 | 4770 | tnl_neigh_snoop(flow, wc, ctx->xbridge->name); |
a36de779 | 4771 | } |
f47ea021 JR |
4772 | /* dl_type already in the mask, not set below. */ |
4773 | ||
9583bc14 EJ |
4774 | OFPACT_FOR_EACH (a, ofpacts, ofpacts_len) { |
4775 | struct ofpact_controller *controller; | |
4776 | const struct ofpact_metadata *metadata; | |
b2dd70be JR |
4777 | const struct ofpact_set_field *set_field; |
4778 | const struct mf_field *mf; | |
9583bc14 | 4779 | |
fff1b9c0 JR |
4780 | if (ctx->error) { |
4781 | break; | |
4782 | } | |
4783 | ||
e12ec36b SH |
4784 | recirc_for_mpls(a, ctx); |
4785 | ||
e672ff9b JR |
4786 | if (ctx->exit) { |
4787 | /* Check if need to store the remaining actions for later | |
4788 | * execution. */ | |
1d361a81 BP |
4789 | if (ctx->freezing) { |
4790 | freeze_unroll_actions(a, ofpact_end(ofpacts, ofpacts_len), | |
e672ff9b JR |
4791 | ctx); |
4792 | } | |
4793 | break; | |
7bbdd84f SH |
4794 | } |
4795 | ||
9583bc14 EJ |
4796 | switch (a->type) { |
4797 | case OFPACT_OUTPUT: | |
4798 | xlate_output_action(ctx, ofpact_get_OUTPUT(a)->port, | |
4799 | ofpact_get_OUTPUT(a)->max_len, true); | |
4800 | break; | |
4801 | ||
7395c052 | 4802 | case OFPACT_GROUP: |
f4fb341b | 4803 | if (xlate_group_action(ctx, ofpact_get_GROUP(a)->group_id)) { |
1d741d6d | 4804 | /* Group could not be found. */ |
db88b35c JR |
4805 | |
4806 | /* XXX: Terminates action list translation, but does not | |
4807 | * terminate the pipeline. */ | |
f4fb341b SH |
4808 | return; |
4809 | } | |
7395c052 NZ |
4810 | break; |
4811 | ||
9583bc14 EJ |
4812 | case OFPACT_CONTROLLER: |
4813 | controller = ofpact_get_CONTROLLER(a); | |
77ab5fd2 BP |
4814 | if (controller->pause) { |
4815 | ctx->pause = controller; | |
4816 | ctx->xout->slow |= SLOW_CONTROLLER; | |
4817 | ctx_trigger_freeze(ctx); | |
4818 | a = ofpact_next(a); | |
4819 | } else { | |
4820 | execute_controller_action(ctx, controller->max_len, | |
4821 | controller->reason, | |
4822 | controller->controller_id, | |
4823 | controller->userdata, | |
4824 | controller->userdata_len); | |
4825 | } | |
9583bc14 EJ |
4826 | break; |
4827 | ||
4828 | case OFPACT_ENQUEUE: | |
16194afd DDP |
4829 | memset(&wc->masks.skb_priority, 0xff, |
4830 | sizeof wc->masks.skb_priority); | |
9583bc14 EJ |
4831 | xlate_enqueue_action(ctx, ofpact_get_ENQUEUE(a)); |
4832 | break; | |
4833 | ||
4834 | case OFPACT_SET_VLAN_VID: | |
f74e7df7 | 4835 | wc->masks.vlan_tci |= htons(VLAN_VID_MASK | VLAN_CFI); |
ca287d20 JR |
4836 | if (flow->vlan_tci & htons(VLAN_CFI) || |
4837 | ofpact_get_SET_VLAN_VID(a)->push_vlan_if_needed) { | |
4838 | flow->vlan_tci &= ~htons(VLAN_VID_MASK); | |
4839 | flow->vlan_tci |= (htons(ofpact_get_SET_VLAN_VID(a)->vlan_vid) | |
4840 | | htons(VLAN_CFI)); | |
4841 | } | |
9583bc14 EJ |
4842 | break; |
4843 | ||
4844 | case OFPACT_SET_VLAN_PCP: | |
f74e7df7 | 4845 | wc->masks.vlan_tci |= htons(VLAN_PCP_MASK | VLAN_CFI); |
ca287d20 JR |
4846 | if (flow->vlan_tci & htons(VLAN_CFI) || |
4847 | ofpact_get_SET_VLAN_PCP(a)->push_vlan_if_needed) { | |
4848 | flow->vlan_tci &= ~htons(VLAN_PCP_MASK); | |
4849 | flow->vlan_tci |= htons((ofpact_get_SET_VLAN_PCP(a)->vlan_pcp | |
4850 | << VLAN_PCP_SHIFT) | VLAN_CFI); | |
4851 | } | |
9583bc14 EJ |
4852 | break; |
4853 | ||
4854 | case OFPACT_STRIP_VLAN: | |
f74e7df7 | 4855 | memset(&wc->masks.vlan_tci, 0xff, sizeof wc->masks.vlan_tci); |
33bf9176 | 4856 | flow->vlan_tci = htons(0); |
9583bc14 EJ |
4857 | break; |
4858 | ||
4859 | case OFPACT_PUSH_VLAN: | |
4860 | /* XXX 802.1AD(QinQ) */ | |
f74e7df7 | 4861 | memset(&wc->masks.vlan_tci, 0xff, sizeof wc->masks.vlan_tci); |
33bf9176 | 4862 | flow->vlan_tci = htons(VLAN_CFI); |
9583bc14 EJ |
4863 | break; |
4864 | ||
4865 | case OFPACT_SET_ETH_SRC: | |
74ff3298 JR |
4866 | WC_MASK_FIELD(wc, dl_src); |
4867 | flow->dl_src = ofpact_get_SET_ETH_SRC(a)->mac; | |
9583bc14 EJ |
4868 | break; |
4869 | ||
4870 | case OFPACT_SET_ETH_DST: | |
74ff3298 JR |
4871 | WC_MASK_FIELD(wc, dl_dst); |
4872 | flow->dl_dst = ofpact_get_SET_ETH_DST(a)->mac; | |
9583bc14 EJ |
4873 | break; |
4874 | ||
4875 | case OFPACT_SET_IPV4_SRC: | |
33bf9176 | 4876 | if (flow->dl_type == htons(ETH_TYPE_IP)) { |
f47ea021 | 4877 | memset(&wc->masks.nw_src, 0xff, sizeof wc->masks.nw_src); |
33bf9176 | 4878 | flow->nw_src = ofpact_get_SET_IPV4_SRC(a)->ipv4; |
9583bc14 EJ |
4879 | } |
4880 | break; | |
4881 | ||
4882 | case OFPACT_SET_IPV4_DST: | |
33bf9176 | 4883 | if (flow->dl_type == htons(ETH_TYPE_IP)) { |
f47ea021 | 4884 | memset(&wc->masks.nw_dst, 0xff, sizeof wc->masks.nw_dst); |
33bf9176 | 4885 | flow->nw_dst = ofpact_get_SET_IPV4_DST(a)->ipv4; |
9583bc14 EJ |
4886 | } |
4887 | break; | |
4888 | ||
04f01c24 BP |
4889 | case OFPACT_SET_IP_DSCP: |
4890 | if (is_ip_any(flow)) { | |
f47ea021 | 4891 | wc->masks.nw_tos |= IP_DSCP_MASK; |
33bf9176 | 4892 | flow->nw_tos &= ~IP_DSCP_MASK; |
04f01c24 | 4893 | flow->nw_tos |= ofpact_get_SET_IP_DSCP(a)->dscp; |
9583bc14 EJ |
4894 | } |
4895 | break; | |
4896 | ||
ff14eb7a JR |
4897 | case OFPACT_SET_IP_ECN: |
4898 | if (is_ip_any(flow)) { | |
4899 | wc->masks.nw_tos |= IP_ECN_MASK; | |
4900 | flow->nw_tos &= ~IP_ECN_MASK; | |
4901 | flow->nw_tos |= ofpact_get_SET_IP_ECN(a)->ecn; | |
4902 | } | |
4903 | break; | |
4904 | ||
0c20dbe4 JR |
4905 | case OFPACT_SET_IP_TTL: |
4906 | if (is_ip_any(flow)) { | |
4907 | wc->masks.nw_ttl = 0xff; | |
4908 | flow->nw_ttl = ofpact_get_SET_IP_TTL(a)->ttl; | |
4909 | } | |
4910 | break; | |
4911 | ||
9583bc14 | 4912 | case OFPACT_SET_L4_SRC_PORT: |
b8778a0d | 4913 | if (is_ip_any(flow) && !(flow->nw_frag & FLOW_NW_FRAG_LATER)) { |
f47ea021 JR |
4914 | memset(&wc->masks.nw_proto, 0xff, sizeof wc->masks.nw_proto); |
4915 | memset(&wc->masks.tp_src, 0xff, sizeof wc->masks.tp_src); | |
33bf9176 | 4916 | flow->tp_src = htons(ofpact_get_SET_L4_SRC_PORT(a)->port); |
9583bc14 EJ |
4917 | } |
4918 | break; | |
4919 | ||
4920 | case OFPACT_SET_L4_DST_PORT: | |
b8778a0d | 4921 | if (is_ip_any(flow) && !(flow->nw_frag & FLOW_NW_FRAG_LATER)) { |
f47ea021 JR |
4922 | memset(&wc->masks.nw_proto, 0xff, sizeof wc->masks.nw_proto); |
4923 | memset(&wc->masks.tp_dst, 0xff, sizeof wc->masks.tp_dst); | |
33bf9176 | 4924 | flow->tp_dst = htons(ofpact_get_SET_L4_DST_PORT(a)->port); |
9583bc14 EJ |
4925 | } |
4926 | break; | |
4927 | ||
4928 | case OFPACT_RESUBMIT: | |
8bf009bf JR |
4929 | /* Freezing complicates resubmit. Some action in the flow |
4930 | * entry found by resubmit might trigger freezing. If that | |
4931 | * happens, then we do not want to execute the resubmit again after | |
4932 | * during thawing, so we want to skip back to the head of the loop | |
4933 | * to avoid that, only adding any actions that follow the resubmit | |
4934 | * to the frozen actions. | |
6b1c5734 | 4935 | */ |
9583bc14 | 4936 | xlate_ofpact_resubmit(ctx, ofpact_get_RESUBMIT(a)); |
6b1c5734 | 4937 | continue; |
9583bc14 EJ |
4938 | |
4939 | case OFPACT_SET_TUNNEL: | |
33bf9176 | 4940 | flow->tunnel.tun_id = htonll(ofpact_get_SET_TUNNEL(a)->tun_id); |
9583bc14 EJ |
4941 | break; |
4942 | ||
4943 | case OFPACT_SET_QUEUE: | |
16194afd DDP |
4944 | memset(&wc->masks.skb_priority, 0xff, |
4945 | sizeof wc->masks.skb_priority); | |
9583bc14 EJ |
4946 | xlate_set_queue_action(ctx, ofpact_get_SET_QUEUE(a)->queue_id); |
4947 | break; | |
4948 | ||
4949 | case OFPACT_POP_QUEUE: | |
16194afd DDP |
4950 | memset(&wc->masks.skb_priority, 0xff, |
4951 | sizeof wc->masks.skb_priority); | |
33bf9176 | 4952 | flow->skb_priority = ctx->orig_skb_priority; |
9583bc14 EJ |
4953 | break; |
4954 | ||
4955 | case OFPACT_REG_MOVE: | |
67842eba BP |
4956 | mf_subfield_copy(&ofpact_get_REG_MOVE(a)->src, |
4957 | &ofpact_get_REG_MOVE(a)->dst, flow, wc); | |
9583bc14 EJ |
4958 | break; |
4959 | ||
b2dd70be JR |
4960 | case OFPACT_SET_FIELD: |
4961 | set_field = ofpact_get_SET_FIELD(a); | |
4962 | mf = set_field->field; | |
b2dd70be | 4963 | |
aff49b8c JR |
4964 | /* Set the field only if the packet actually has it. */ |
4965 | if (mf_are_prereqs_ok(mf, flow, wc)) { | |
128684a6 JR |
4966 | mf_mask_field_masked(mf, ofpact_set_field_mask(set_field), wc); |
4967 | mf_set_flow_value_masked(mf, set_field->value, | |
4968 | ofpact_set_field_mask(set_field), | |
4969 | flow); | |
b8778a0d | 4970 | } |
b2dd70be JR |
4971 | break; |
4972 | ||
9583bc14 | 4973 | case OFPACT_STACK_PUSH: |
33bf9176 BP |
4974 | nxm_execute_stack_push(ofpact_get_STACK_PUSH(a), flow, wc, |
4975 | &ctx->stack); | |
9583bc14 EJ |
4976 | break; |
4977 | ||
4978 | case OFPACT_STACK_POP: | |
f74e7df7 JP |
4979 | nxm_execute_stack_pop(ofpact_get_STACK_POP(a), flow, wc, |
4980 | &ctx->stack); | |
9583bc14 EJ |
4981 | break; |
4982 | ||
4983 | case OFPACT_PUSH_MPLS: | |
8bfd0fda | 4984 | compose_mpls_push_action(ctx, ofpact_get_PUSH_MPLS(a)); |
9583bc14 EJ |
4985 | break; |
4986 | ||
4987 | case OFPACT_POP_MPLS: | |
8bfd0fda | 4988 | compose_mpls_pop_action(ctx, ofpact_get_POP_MPLS(a)->ethertype); |
9583bc14 EJ |
4989 | break; |
4990 | ||
097d4939 | 4991 | case OFPACT_SET_MPLS_LABEL: |
8bfd0fda BP |
4992 | compose_set_mpls_label_action( |
4993 | ctx, ofpact_get_SET_MPLS_LABEL(a)->label); | |
1d741d6d | 4994 | break; |
097d4939 JR |
4995 | |
4996 | case OFPACT_SET_MPLS_TC: | |
8bfd0fda | 4997 | compose_set_mpls_tc_action(ctx, ofpact_get_SET_MPLS_TC(a)->tc); |
097d4939 JR |
4998 | break; |
4999 | ||
9583bc14 | 5000 | case OFPACT_SET_MPLS_TTL: |
8bfd0fda | 5001 | compose_set_mpls_ttl_action(ctx, ofpact_get_SET_MPLS_TTL(a)->ttl); |
9583bc14 EJ |
5002 | break; |
5003 | ||
5004 | case OFPACT_DEC_MPLS_TTL: | |
9cfef3d0 | 5005 | if (compose_dec_mpls_ttl_action(ctx)) { |
ad3efdcb | 5006 | return; |
9583bc14 EJ |
5007 | } |
5008 | break; | |
5009 | ||
5010 | case OFPACT_DEC_TTL: | |
f74e7df7 | 5011 | wc->masks.nw_ttl = 0xff; |
9583bc14 | 5012 | if (compose_dec_ttl(ctx, ofpact_get_DEC_TTL(a))) { |
ad3efdcb | 5013 | return; |
9583bc14 EJ |
5014 | } |
5015 | break; | |
5016 | ||
5017 | case OFPACT_NOTE: | |
5018 | /* Nothing to do. */ | |
5019 | break; | |
5020 | ||
5021 | case OFPACT_MULTIPATH: | |
33bf9176 | 5022 | multipath_execute(ofpact_get_MULTIPATH(a), flow, wc); |
9583bc14 EJ |
5023 | break; |
5024 | ||
5025 | case OFPACT_BUNDLE: | |
9583bc14 EJ |
5026 | xlate_bundle_action(ctx, ofpact_get_BUNDLE(a)); |
5027 | break; | |
5028 | ||
5029 | case OFPACT_OUTPUT_REG: | |
5030 | xlate_output_reg_action(ctx, ofpact_get_OUTPUT_REG(a)); | |
5031 | break; | |
5032 | ||
aaca4fe0 WT |
5033 | case OFPACT_OUTPUT_TRUNC: |
5034 | xlate_output_trunc_action(ctx, ofpact_get_OUTPUT_TRUNC(a)->port, | |
5035 | ofpact_get_OUTPUT_TRUNC(a)->max_len); | |
5036 | break; | |
5037 | ||
9583bc14 EJ |
5038 | case OFPACT_LEARN: |
5039 | xlate_learn_action(ctx, ofpact_get_LEARN(a)); | |
5040 | break; | |
5041 | ||
afc3987b BP |
5042 | case OFPACT_CONJUNCTION: { |
5043 | /* A flow with a "conjunction" action represents part of a special | |
5044 | * kind of "set membership match". Such a flow should not actually | |
5045 | * get executed, but it could via, say, a "packet-out", even though | |
5046 | * that wouldn't be useful. Log it to help debugging. */ | |
5047 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1); | |
5048 | VLOG_INFO_RL(&rl, "executing no-op conjunction action"); | |
18080541 | 5049 | break; |
afc3987b | 5050 | } |
18080541 | 5051 | |
9583bc14 EJ |
5052 | case OFPACT_EXIT: |
5053 | ctx->exit = true; | |
5054 | break; | |
5055 | ||
e672ff9b JR |
5056 | case OFPACT_UNROLL_XLATE: { |
5057 | struct ofpact_unroll_xlate *unroll = ofpact_get_UNROLL_XLATE(a); | |
5058 | ||
5059 | /* Restore translation context data that was stored earlier. */ | |
5060 | ctx->table_id = unroll->rule_table_id; | |
5061 | ctx->rule_cookie = unroll->rule_cookie; | |
5062 | break; | |
5063 | } | |
9583bc14 | 5064 | case OFPACT_FIN_TIMEOUT: |
33bf9176 | 5065 | memset(&wc->masks.nw_proto, 0xff, sizeof wc->masks.nw_proto); |
9583bc14 EJ |
5066 | xlate_fin_timeout(ctx, ofpact_get_FIN_TIMEOUT(a)); |
5067 | break; | |
5068 | ||
5069 | case OFPACT_CLEAR_ACTIONS: | |
7fdb60a7 | 5070 | ofpbuf_clear(&ctx->action_set); |
c61f3870 BP |
5071 | ctx->xin->flow.actset_output = OFPP_UNSET; |
5072 | ctx->action_set_has_group = false; | |
7fdb60a7 SH |
5073 | break; |
5074 | ||
5075 | case OFPACT_WRITE_ACTIONS: | |
7e7e8dbb | 5076 | xlate_write_actions(ctx, ofpact_get_WRITE_ACTIONS(a)); |
9583bc14 EJ |
5077 | break; |
5078 | ||
5079 | case OFPACT_WRITE_METADATA: | |
5080 | metadata = ofpact_get_WRITE_METADATA(a); | |
33bf9176 BP |
5081 | flow->metadata &= ~metadata->mask; |
5082 | flow->metadata |= metadata->metadata & metadata->mask; | |
9583bc14 EJ |
5083 | break; |
5084 | ||
638a19b0 JR |
5085 | case OFPACT_METER: |
5086 | /* Not implemented yet. */ | |
5087 | break; | |
5088 | ||
9583bc14 | 5089 | case OFPACT_GOTO_TABLE: { |
9583bc14 | 5090 | struct ofpact_goto_table *ogt = ofpact_get_GOTO_TABLE(a); |
9583bc14 | 5091 | |
9167fc1a JR |
5092 | ovs_assert(ctx->table_id < ogt->table_id); |
5093 | ||
4468099e | 5094 | xlate_table_action(ctx, ctx->xin->flow.in_port.ofp_port, |
6d328fa2 | 5095 | ogt->table_id, true, true); |
9583bc14 EJ |
5096 | break; |
5097 | } | |
5098 | ||
5099 | case OFPACT_SAMPLE: | |
5100 | xlate_sample_action(ctx, ofpact_get_SAMPLE(a)); | |
5101 | break; | |
d4abaff5 | 5102 | |
7ae62a67 WT |
5103 | case OFPACT_CLONE: |
5104 | compose_clone_action(ctx, ofpact_get_CLONE(a)); | |
5105 | break; | |
5106 | ||
07659514 | 5107 | case OFPACT_CT: |
07659514 JS |
5108 | compose_conntrack_action(ctx, ofpact_get_CT(a)); |
5109 | break; | |
5110 | ||
9ac0aada JR |
5111 | case OFPACT_NAT: |
5112 | /* This will be processed by compose_conntrack_action(). */ | |
5113 | ctx->ct_nat_action = ofpact_get_NAT(a); | |
5114 | break; | |
5115 | ||
d4abaff5 | 5116 | case OFPACT_DEBUG_RECIRC: |
1d361a81 | 5117 | ctx_trigger_freeze(ctx); |
d4abaff5 BP |
5118 | a = ofpact_next(a); |
5119 | break; | |
9583bc14 | 5120 | } |
1d741d6d JR |
5121 | |
5122 | /* Check if need to store this and the remaining actions for later | |
5123 | * execution. */ | |
1d361a81 BP |
5124 | if (!ctx->error && ctx->exit && ctx_first_frozen_action(ctx)) { |
5125 | freeze_unroll_actions(a, ofpact_end(ofpacts, ofpacts_len), ctx); | |
1d741d6d JR |
5126 | break; |
5127 | } | |
9583bc14 | 5128 | } |
9583bc14 EJ |
5129 | } |
5130 | ||
5131 | void | |
5132 | xlate_in_init(struct xlate_in *xin, struct ofproto_dpif *ofproto, | |
1f4a8933 JR |
5133 | ovs_version_t version, const struct flow *flow, |
5134 | ofp_port_t in_port, struct rule_dpif *rule, uint16_t tcp_flags, | |
1520ef4f BP |
5135 | const struct dp_packet *packet, struct flow_wildcards *wc, |
5136 | struct ofpbuf *odp_actions) | |
9583bc14 EJ |
5137 | { |
5138 | xin->ofproto = ofproto; | |
1f4a8933 | 5139 | xin->tables_version = version; |
9583bc14 | 5140 | xin->flow = *flow; |
8d8ab6c2 | 5141 | xin->upcall_flow = flow; |
cc377352 | 5142 | xin->flow.in_port.ofp_port = in_port; |
c61f3870 | 5143 | xin->flow.actset_output = OFPP_UNSET; |
9583bc14 | 5144 | xin->packet = packet; |
df70a773 | 5145 | xin->allow_side_effects = packet != NULL; |
9583bc14 | 5146 | xin->rule = rule; |
b256dc52 | 5147 | xin->xcache = NULL; |
9583bc14 EJ |
5148 | xin->ofpacts = NULL; |
5149 | xin->ofpacts_len = 0; | |
5150 | xin->tcp_flags = tcp_flags; | |
5151 | xin->resubmit_hook = NULL; | |
5152 | xin->report_hook = NULL; | |
5153 | xin->resubmit_stats = NULL; | |
9a9b001a | 5154 | xin->indentation = 0; |
790c5d26 | 5155 | xin->depth = 0; |
cdd42eda | 5156 | xin->resubmits = 0; |
49a73e0c | 5157 | xin->wc = wc; |
1520ef4f | 5158 | xin->odp_actions = odp_actions; |
e672ff9b JR |
5159 | |
5160 | /* Do recirc lookup. */ | |
1d361a81 | 5161 | xin->frozen_state = NULL; |
29b1ea3f BP |
5162 | if (flow->recirc_id) { |
5163 | const struct recirc_id_node *node | |
5164 | = recirc_id_node_find(flow->recirc_id); | |
5165 | if (node) { | |
1d361a81 | 5166 | xin->frozen_state = &node->state; |
29b1ea3f BP |
5167 | } |
5168 | } | |
9583bc14 EJ |
5169 | } |
5170 | ||
5171 | void | |
5172 | xlate_out_uninit(struct xlate_out *xout) | |
5173 | { | |
e672ff9b | 5174 | if (xout) { |
fbf5d6ec | 5175 | recirc_refs_unref(&xout->recircs); |
9583bc14 EJ |
5176 | } |
5177 | } | |
9583bc14 | 5178 | \f |
55954f6e EJ |
5179 | static struct skb_priority_to_dscp * |
5180 | get_skb_priority(const struct xport *xport, uint32_t skb_priority) | |
5181 | { | |
5182 | struct skb_priority_to_dscp *pdscp; | |
5183 | uint32_t hash; | |
5184 | ||
5185 | hash = hash_int(skb_priority, 0); | |
5186 | HMAP_FOR_EACH_IN_BUCKET (pdscp, hmap_node, hash, &xport->skb_priorities) { | |
5187 | if (pdscp->skb_priority == skb_priority) { | |
5188 | return pdscp; | |
5189 | } | |
5190 | } | |
5191 | return NULL; | |
5192 | } | |
5193 | ||
5194 | static bool | |
5195 | dscp_from_skb_priority(const struct xport *xport, uint32_t skb_priority, | |
5196 | uint8_t *dscp) | |
5197 | { | |
5198 | struct skb_priority_to_dscp *pdscp = get_skb_priority(xport, skb_priority); | |
5199 | *dscp = pdscp ? pdscp->dscp : 0; | |
5200 | return pdscp != NULL; | |
5201 | } | |
5202 | ||
16194afd DDP |
5203 | static size_t |
5204 | count_skb_priorities(const struct xport *xport) | |
5205 | { | |
5206 | return hmap_count(&xport->skb_priorities); | |
5207 | } | |
5208 | ||
55954f6e EJ |
5209 | static void |
5210 | clear_skb_priorities(struct xport *xport) | |
5211 | { | |
4ec3d7c7 | 5212 | struct skb_priority_to_dscp *pdscp; |
55954f6e | 5213 | |
4ec3d7c7 | 5214 | HMAP_FOR_EACH_POP (pdscp, hmap_node, &xport->skb_priorities) { |
55954f6e EJ |
5215 | free(pdscp); |
5216 | } | |
5217 | } | |
5218 | ||
ce4a6b76 BP |
5219 | static bool |
5220 | actions_output_to_local_port(const struct xlate_ctx *ctx) | |
5221 | { | |
46c88433 | 5222 | odp_port_t local_odp_port = ofp_port_to_odp_port(ctx->xbridge, OFPP_LOCAL); |
ce4a6b76 BP |
5223 | const struct nlattr *a; |
5224 | unsigned int left; | |
5225 | ||
1520ef4f BP |
5226 | NL_ATTR_FOR_EACH_UNSAFE (a, left, ctx->odp_actions->data, |
5227 | ctx->odp_actions->size) { | |
ce4a6b76 BP |
5228 | if (nl_attr_type(a) == OVS_ACTION_ATTR_OUTPUT |
5229 | && nl_attr_get_odp_port(a) == local_odp_port) { | |
5230 | return true; | |
5231 | } | |
5232 | } | |
5233 | return false; | |
5234 | } | |
9583bc14 | 5235 | |
5e2a6702 | 5236 | #if defined(__linux__) |
7d031d7e BP |
5237 | /* Returns the maximum number of packets that the Linux kernel is willing to |
5238 | * queue up internally to certain kinds of software-implemented ports, or the | |
5239 | * default (and rarely modified) value if it cannot be determined. */ | |
5240 | static int | |
5241 | netdev_max_backlog(void) | |
5242 | { | |
5243 | static struct ovsthread_once once = OVSTHREAD_ONCE_INITIALIZER; | |
5244 | static int max_backlog = 1000; /* The normal default value. */ | |
5245 | ||
5246 | if (ovsthread_once_start(&once)) { | |
5247 | static const char filename[] = "/proc/sys/net/core/netdev_max_backlog"; | |
5248 | FILE *stream; | |
5249 | int n; | |
5250 | ||
5251 | stream = fopen(filename, "r"); | |
5252 | if (!stream) { | |
120c348f | 5253 | VLOG_INFO("%s: open failed (%s)", filename, ovs_strerror(errno)); |
7d031d7e BP |
5254 | } else { |
5255 | if (fscanf(stream, "%d", &n) != 1) { | |
5256 | VLOG_WARN("%s: read error", filename); | |
5257 | } else if (n <= 100) { | |
5258 | VLOG_WARN("%s: unexpectedly small value %d", filename, n); | |
5259 | } else { | |
5260 | max_backlog = n; | |
5261 | } | |
5262 | fclose(stream); | |
5263 | } | |
5264 | ovsthread_once_done(&once); | |
5265 | ||
5266 | VLOG_DBG("%s: using %d max_backlog", filename, max_backlog); | |
5267 | } | |
5268 | ||
5269 | return max_backlog; | |
5270 | } | |
5271 | ||
5272 | /* Counts and returns the number of OVS_ACTION_ATTR_OUTPUT actions in | |
5273 | * 'odp_actions'. */ | |
5274 | static int | |
5275 | count_output_actions(const struct ofpbuf *odp_actions) | |
5276 | { | |
5277 | const struct nlattr *a; | |
5278 | size_t left; | |
5279 | int n = 0; | |
5280 | ||
6fd6ed71 | 5281 | NL_ATTR_FOR_EACH_UNSAFE (a, left, odp_actions->data, odp_actions->size) { |
7d031d7e BP |
5282 | if (a->nla_type == OVS_ACTION_ATTR_OUTPUT) { |
5283 | n++; | |
5284 | } | |
5285 | } | |
5286 | return n; | |
5287 | } | |
5e2a6702 | 5288 | #endif /* defined(__linux__) */ |
7d031d7e BP |
5289 | |
5290 | /* Returns true if 'odp_actions' contains more output actions than the datapath | |
5291 | * can reliably handle in one go. On Linux, this is the value of the | |
5292 | * net.core.netdev_max_backlog sysctl, which limits the maximum number of | |
5293 | * packets that the kernel is willing to queue up for processing while the | |
5294 | * datapath is processing a set of actions. */ | |
5295 | static bool | |
5e2a6702 | 5296 | too_many_output_actions(const struct ofpbuf *odp_actions OVS_UNUSED) |
7d031d7e BP |
5297 | { |
5298 | #ifdef __linux__ | |
6fd6ed71 | 5299 | return (odp_actions->size / NL_A_U32_SIZE > netdev_max_backlog() |
7d031d7e BP |
5300 | && count_output_actions(odp_actions) > netdev_max_backlog()); |
5301 | #else | |
5302 | /* OSes other than Linux might have similar limits, but we don't know how | |
5303 | * to determine them.*/ | |
5304 | return false; | |
5305 | #endif | |
5306 | } | |
5307 | ||
234c3da9 BP |
5308 | static void |
5309 | xlate_wc_init(struct xlate_ctx *ctx) | |
5310 | { | |
5311 | flow_wildcards_init_catchall(ctx->wc); | |
5312 | ||
5313 | /* Some fields we consider to always be examined. */ | |
5e2e998a JR |
5314 | WC_MASK_FIELD(ctx->wc, in_port); |
5315 | WC_MASK_FIELD(ctx->wc, dl_type); | |
234c3da9 | 5316 | if (is_ip_any(&ctx->xin->flow)) { |
5e2e998a | 5317 | WC_MASK_FIELD_MASK(ctx->wc, nw_frag, FLOW_NW_FRAG_MASK); |
234c3da9 BP |
5318 | } |
5319 | ||
5320 | if (ctx->xbridge->support.odp.recirc) { | |
5321 | /* Always exactly match recirc_id when datapath supports | |
5322 | * recirculation. */ | |
5e2e998a | 5323 | WC_MASK_FIELD(ctx->wc, recirc_id); |
234c3da9 BP |
5324 | } |
5325 | ||
5326 | if (ctx->xbridge->netflow) { | |
5327 | netflow_mask_wc(&ctx->xin->flow, ctx->wc); | |
5328 | } | |
5329 | ||
5330 | tnl_wc_init(&ctx->xin->flow, ctx->wc); | |
5331 | } | |
5332 | ||
5333 | static void | |
5334 | xlate_wc_finish(struct xlate_ctx *ctx) | |
5335 | { | |
5336 | /* Clear the metadata and register wildcard masks, because we won't | |
5337 | * use non-header fields as part of the cache. */ | |
5338 | flow_wildcards_clear_non_packet_fields(ctx->wc); | |
5339 | ||
5340 | /* ICMPv4 and ICMPv6 have 8-bit "type" and "code" fields. struct flow | |
5341 | * uses the low 8 bits of the 16-bit tp_src and tp_dst members to | |
5342 | * represent these fields. The datapath interface, on the other hand, | |
5343 | * represents them with just 8 bits each. This means that if the high | |
5344 | * 8 bits of the masks for these fields somehow become set, then they | |
5345 | * will get chopped off by a round trip through the datapath, and | |
5346 | * revalidation will spot that as an inconsistency and delete the flow. | |
5347 | * Avoid the problem here by making sure that only the low 8 bits of | |
5348 | * either field can be unwildcarded for ICMP. | |
5349 | */ | |
a75636c8 | 5350 | if (is_icmpv4(&ctx->xin->flow, NULL) || is_icmpv6(&ctx->xin->flow, NULL)) { |
234c3da9 BP |
5351 | ctx->wc->masks.tp_src &= htons(UINT8_MAX); |
5352 | ctx->wc->masks.tp_dst &= htons(UINT8_MAX); | |
5353 | } | |
5354 | /* VLAN_TCI CFI bit must be matched if any of the TCI is matched. */ | |
5355 | if (ctx->wc->masks.vlan_tci) { | |
5356 | ctx->wc->masks.vlan_tci |= htons(VLAN_CFI); | |
5357 | } | |
4a7ab326 DDP |
5358 | |
5359 | /* The classifier might return masks that match on tp_src and tp_dst even | |
5360 | * for later fragments. This happens because there might be flows that | |
5361 | * match on tp_src or tp_dst without matching on the frag bits, because | |
5362 | * it is not a prerequisite for OpenFlow. Since it is a prerequisite for | |
5363 | * datapath flows and since tp_src and tp_dst are always going to be 0, | |
5364 | * wildcard the fields here. */ | |
5365 | if (ctx->xin->flow.nw_frag & FLOW_NW_FRAG_LATER) { | |
5366 | ctx->wc->masks.tp_src = 0; | |
5367 | ctx->wc->masks.tp_dst = 0; | |
5368 | } | |
234c3da9 BP |
5369 | } |
5370 | ||
e672ff9b JR |
5371 | /* Translates the flow, actions, or rule in 'xin' into datapath actions in |
5372 | * 'xout'. | |
56450a41 | 5373 | * The caller must take responsibility for eventually freeing 'xout', with |
fff1b9c0 JR |
5374 | * xlate_out_uninit(). |
5375 | * Returns 'XLATE_OK' if translation was successful. In case of an error an | |
5376 | * empty set of actions will be returned in 'xin->odp_actions' (if non-NULL), | |
5377 | * so that most callers may ignore the return value and transparently install a | |
5378 | * drop flow when the translation fails. */ | |
5379 | enum xlate_error | |
84f0f298 | 5380 | xlate_actions(struct xlate_in *xin, struct xlate_out *xout) |
9583bc14 | 5381 | { |
e467ea42 BP |
5382 | *xout = (struct xlate_out) { |
5383 | .slow = 0, | |
fbf5d6ec | 5384 | .recircs = RECIRC_REFS_EMPTY_INITIALIZER, |
e467ea42 BP |
5385 | }; |
5386 | ||
84f0f298 | 5387 | struct xlate_cfg *xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); |
bb00fdef BP |
5388 | struct xbridge *xbridge = xbridge_lookup(xcfg, xin->ofproto); |
5389 | if (!xbridge) { | |
fff1b9c0 | 5390 | return XLATE_BRIDGE_NOT_FOUND; |
bb00fdef BP |
5391 | } |
5392 | ||
33bf9176 BP |
5393 | struct flow *flow = &xin->flow; |
5394 | ||
84cf3c1f | 5395 | uint8_t stack_stub[1024]; |
bb00fdef | 5396 | uint64_t action_set_stub[1024 / 8]; |
1d361a81 | 5397 | uint64_t frozen_actions_stub[1024 / 8]; |
1520ef4f BP |
5398 | uint64_t actions_stub[256 / 8]; |
5399 | struct ofpbuf scratch_actions = OFPBUF_STUB_INITIALIZER(actions_stub); | |
bb00fdef BP |
5400 | struct xlate_ctx ctx = { |
5401 | .xin = xin, | |
5402 | .xout = xout, | |
5403 | .base_flow = *flow, | |
c2b878e0 | 5404 | .orig_tunnel_ipv6_dst = flow_tnl_dst(&flow->tunnel), |
bb00fdef BP |
5405 | .xbridge = xbridge, |
5406 | .stack = OFPBUF_STUB_INITIALIZER(stack_stub), | |
5407 | .rule = xin->rule, | |
c0e638aa BP |
5408 | .wc = (xin->wc |
5409 | ? xin->wc | |
f36efd90 | 5410 | : &(struct flow_wildcards) { .masks = { .dl_type = 0 } }), |
1520ef4f | 5411 | .odp_actions = xin->odp_actions ? xin->odp_actions : &scratch_actions, |
bb00fdef | 5412 | |
9a9b001a | 5413 | .indentation = xin->indentation, |
790c5d26 | 5414 | .depth = xin->depth, |
cdd42eda | 5415 | .resubmits = xin->resubmits, |
bb00fdef BP |
5416 | .in_group = false, |
5417 | .in_action_set = false, | |
5418 | ||
5419 | .table_id = 0, | |
5420 | .rule_cookie = OVS_BE64_MAX, | |
5421 | .orig_skb_priority = flow->skb_priority, | |
5422 | .sflow_n_outputs = 0, | |
5423 | .sflow_odp_port = 0, | |
2031ef97 | 5424 | .nf_output_iface = NF_OUT_DROP, |
bb00fdef | 5425 | .exit = false, |
fff1b9c0 | 5426 | .error = XLATE_OK, |
3d6151f3 | 5427 | .mirrors = 0, |
bb00fdef | 5428 | |
1d361a81 | 5429 | .freezing = false, |
53cc166a | 5430 | .recirc_update_dp_hash = false, |
1d361a81 | 5431 | .frozen_actions = OFPBUF_STUB_INITIALIZER(frozen_actions_stub), |
77ab5fd2 | 5432 | .pause = NULL, |
bb00fdef | 5433 | |
e12ec36b | 5434 | .was_mpls = false, |
07659514 | 5435 | .conntracked = false, |
bb00fdef | 5436 | |
9ac0aada JR |
5437 | .ct_nat_action = NULL, |
5438 | ||
bb00fdef BP |
5439 | .action_set_has_group = false, |
5440 | .action_set = OFPBUF_STUB_INITIALIZER(action_set_stub), | |
5441 | }; | |
865ca6cf BP |
5442 | |
5443 | /* 'base_flow' reflects the packet as it came in, but we need it to reflect | |
42deb67d PS |
5444 | * the packet as the datapath will treat it for output actions. Our |
5445 | * datapath doesn't retain tunneling information without us re-setting | |
5446 | * it, so clear the tunnel data. | |
865ca6cf | 5447 | */ |
42deb67d | 5448 | |
bb00fdef | 5449 | memset(&ctx.base_flow.tunnel, 0, sizeof ctx.base_flow.tunnel); |
865ca6cf | 5450 | |
1520ef4f | 5451 | ofpbuf_reserve(ctx.odp_actions, NL_A_U32_SIZE); |
c0e638aa | 5452 | xlate_wc_init(&ctx); |
bb00fdef | 5453 | |
46c88433 | 5454 | COVERAGE_INC(xlate_actions); |
9583bc14 | 5455 | |
1d361a81 BP |
5456 | if (xin->frozen_state) { |
5457 | const struct frozen_state *state = xin->frozen_state; | |
e672ff9b | 5458 | |
1d361a81 | 5459 | xlate_report(&ctx, "Thawing frozen state:"); |
d6bef3cc | 5460 | |
e672ff9b JR |
5461 | if (xin->ofpacts_len > 0 || ctx.rule) { |
5462 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1); | |
d6bef3cc | 5463 | const char *conflict = xin->ofpacts_len ? "actions" : "rule"; |
e672ff9b | 5464 | |
d6bef3cc BP |
5465 | VLOG_WARN_RL(&rl, "Recirculation conflict (%s)!", conflict); |
5466 | xlate_report(&ctx, "- Recirculation conflict (%s)!", conflict); | |
fff1b9c0 | 5467 | ctx.error = XLATE_RECIRCULATION_CONFLICT; |
1520ef4f | 5468 | goto exit; |
e672ff9b JR |
5469 | } |
5470 | ||
5471 | /* Set the bridge for post-recirculation processing if needed. */ | |
07a3cd5c | 5472 | if (!uuid_equals(&ctx.xbridge->ofproto->uuid, &state->ofproto_uuid)) { |
e672ff9b | 5473 | struct xlate_cfg *xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); |
2082425c | 5474 | const struct xbridge *new_bridge |
290835f9 | 5475 | = xbridge_lookup_by_uuid(xcfg, &state->ofproto_uuid); |
e672ff9b JR |
5476 | |
5477 | if (OVS_UNLIKELY(!new_bridge)) { | |
5478 | /* Drop the packet if the bridge cannot be found. */ | |
5479 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1); | |
1d361a81 BP |
5480 | VLOG_WARN_RL(&rl, "Frozen bridge no longer exists."); |
5481 | xlate_report(&ctx, "- Frozen bridge no longer exists."); | |
fff1b9c0 | 5482 | ctx.error = XLATE_BRIDGE_NOT_FOUND; |
1520ef4f | 5483 | goto exit; |
e672ff9b JR |
5484 | } |
5485 | ctx.xbridge = new_bridge; | |
1f4a8933 JR |
5486 | /* The bridge is now known so obtain its table version. */ |
5487 | ctx.xin->tables_version | |
5488 | = ofproto_dpif_get_tables_version(ctx.xbridge->ofproto); | |
e672ff9b JR |
5489 | } |
5490 | ||
1d361a81 BP |
5491 | /* Set the thawed table id. Note: A table lookup is done only if there |
5492 | * are no frozen actions. */ | |
2082425c | 5493 | ctx.table_id = state->table_id; |
d6bef3cc | 5494 | xlate_report(&ctx, "- Resuming from table %"PRIu8, ctx.table_id); |
e672ff9b | 5495 | |
07659514 JS |
5496 | if (!state->conntracked) { |
5497 | clear_conntrack(flow); | |
5498 | } | |
5499 | ||
e672ff9b | 5500 | /* Restore pipeline metadata. May change flow's in_port and other |
1d361a81 BP |
5501 | * metadata to the values that existed when freezing was triggered. */ |
5502 | frozen_metadata_to_flow(&state->metadata, flow); | |
e672ff9b JR |
5503 | |
5504 | /* Restore stack, if any. */ | |
2082425c | 5505 | if (state->stack) { |
84cf3c1f | 5506 | ofpbuf_put(&ctx.stack, state->stack, state->stack_size); |
e672ff9b JR |
5507 | } |
5508 | ||
29bae541 BP |
5509 | /* Restore mirror state. */ |
5510 | ctx.mirrors = state->mirrors; | |
5511 | ||
e672ff9b | 5512 | /* Restore action set, if any. */ |
2082425c | 5513 | if (state->action_set_len) { |
d6bef3cc | 5514 | xlate_report_actions(&ctx, "- Restoring action set", |
417509fa | 5515 | state->action_set, state->action_set_len); |
d6bef3cc | 5516 | |
7e7e8dbb BP |
5517 | flow->actset_output = OFPP_UNSET; |
5518 | xlate_write_actions__(&ctx, state->action_set, | |
5519 | state->action_set_len); | |
e672ff9b JR |
5520 | } |
5521 | ||
1d361a81 BP |
5522 | /* Restore frozen actions. If there are no actions, processing will |
5523 | * start with a lookup in the table set above. */ | |
417509fa BP |
5524 | xin->ofpacts = state->ofpacts; |
5525 | xin->ofpacts_len = state->ofpacts_len; | |
5526 | if (state->ofpacts_len) { | |
d6bef3cc BP |
5527 | xlate_report_actions(&ctx, "- Restoring actions", |
5528 | xin->ofpacts, xin->ofpacts_len); | |
e672ff9b JR |
5529 | } |
5530 | } else if (OVS_UNLIKELY(flow->recirc_id)) { | |
5531 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1); | |
5532 | ||
5533 | VLOG_WARN_RL(&rl, "Recirculation context not found for ID %"PRIx32, | |
5534 | flow->recirc_id); | |
fff1b9c0 | 5535 | ctx.error = XLATE_NO_RECIRCULATION_CONTEXT; |
1520ef4f | 5536 | goto exit; |
e672ff9b | 5537 | } |
9583bc14 | 5538 | |
8d8ab6c2 JG |
5539 | /* Tunnel metadata in udpif format must be normalized before translation. */ |
5540 | if (flow->tunnel.flags & FLOW_TNL_F_UDPIF) { | |
5b09d9f7 MS |
5541 | const struct tun_table *tun_tab = ofproto_get_tun_tab( |
5542 | &ctx.xbridge->ofproto->up); | |
8d8ab6c2 JG |
5543 | int err; |
5544 | ||
5545 | err = tun_metadata_from_geneve_udpif(tun_tab, &xin->upcall_flow->tunnel, | |
5546 | &xin->upcall_flow->tunnel, | |
5547 | &flow->tunnel); | |
5548 | if (err) { | |
5549 | XLATE_REPORT_ERROR(&ctx, "Invalid Geneve tunnel metadata"); | |
5550 | ctx.error = XLATE_INVALID_TUNNEL_METADATA; | |
5551 | goto exit; | |
5552 | } | |
5553 | } else if (!flow->tunnel.metadata.tab) { | |
5554 | /* If the original flow did not come in on a tunnel, then it won't have | |
5555 | * FLOW_TNL_F_UDPIF set. However, we still need to have a metadata | |
5556 | * table in case we generate tunnel actions. */ | |
5b09d9f7 MS |
5557 | flow->tunnel.metadata.tab = ofproto_get_tun_tab( |
5558 | &ctx.xbridge->ofproto->up); | |
8d8ab6c2 JG |
5559 | } |
5560 | ctx.wc->masks.tunnel.metadata.tab = flow->tunnel.metadata.tab; | |
5561 | ||
10c44245 | 5562 | if (!xin->ofpacts && !ctx.rule) { |
b2e89cc9 | 5563 | ctx.rule = rule_dpif_lookup_from_table( |
1f4a8933 | 5564 | ctx.xbridge->ofproto, ctx.xin->tables_version, flow, ctx.wc, |
1e1e1d19 | 5565 | ctx.xin->resubmit_stats, &ctx.table_id, |
a027899e | 5566 | flow->in_port.ofp_port, true, true, ctx.xin->xcache); |
10c44245 | 5567 | if (ctx.xin->resubmit_stats) { |
b2e89cc9 | 5568 | rule_dpif_credit_stats(ctx.rule, ctx.xin->resubmit_stats); |
10c44245 | 5569 | } |
b256dc52 JS |
5570 | if (ctx.xin->xcache) { |
5571 | struct xc_entry *entry; | |
5572 | ||
5573 | entry = xlate_cache_add_entry(ctx.xin->xcache, XC_RULE); | |
901a517e | 5574 | entry->rule = ctx.rule; |
07a3cd5c | 5575 | ofproto_rule_ref(&ctx.rule->up); |
b256dc52 | 5576 | } |
a8c31348 BP |
5577 | |
5578 | if (OVS_UNLIKELY(ctx.xin->resubmit_hook)) { | |
b2e89cc9 | 5579 | ctx.xin->resubmit_hook(ctx.xin, ctx.rule, 0); |
a8c31348 | 5580 | } |
10c44245 | 5581 | } |
10c44245 | 5582 | |
1d361a81 | 5583 | /* Get the proximate input port of the packet. (If xin->frozen_state, |
14d2b8b2 BP |
5584 | * flow->in_port is the ultimate input port of the packet.) */ |
5585 | struct xport *in_port = get_ofp_port(xbridge, | |
5586 | ctx.base_flow.in_port.ofp_port); | |
5587 | ||
1d361a81 BP |
5588 | /* Tunnel stats only for not-thawed packets. */ |
5589 | if (!xin->frozen_state && in_port && in_port->is_tunnel) { | |
b256dc52 JS |
5590 | if (ctx.xin->resubmit_stats) { |
5591 | netdev_vport_inc_rx(in_port->netdev, ctx.xin->resubmit_stats); | |
5592 | if (in_port->bfd) { | |
5593 | bfd_account_rx(in_port->bfd, ctx.xin->resubmit_stats); | |
5594 | } | |
5595 | } | |
5596 | if (ctx.xin->xcache) { | |
5597 | struct xc_entry *entry; | |
5598 | ||
5599 | entry = xlate_cache_add_entry(ctx.xin->xcache, XC_NETDEV); | |
901a517e JR |
5600 | entry->dev.rx = netdev_ref(in_port->netdev); |
5601 | entry->dev.bfd = bfd_ref(in_port->bfd); | |
d6fc5f57 EJ |
5602 | } |
5603 | } | |
5604 | ||
1d361a81 | 5605 | if (!xin->frozen_state && process_special(&ctx, in_port)) { |
bef1403e BP |
5606 | /* process_special() did all the processing for this packet. |
5607 | * | |
1d361a81 BP |
5608 | * We do not perform special processing on thawed packets, since that |
5609 | * was done before they were frozen and should not be redone. */ | |
bef1403e BP |
5610 | } else if (in_port && in_port->xbundle |
5611 | && xbundle_mirror_out(xbridge, in_port->xbundle)) { | |
5612 | if (ctx.xin->packet != NULL) { | |
5613 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
5614 | VLOG_WARN_RL(&rl, "bridge %s: dropping packet received on port " | |
5615 | "%s, which is reserved exclusively for mirroring", | |
5616 | ctx.xbridge->name, in_port->xbundle->name); | |
5617 | } | |
5618 | } else { | |
1d361a81 | 5619 | /* Sampling is done on initial reception; don't redo after thawing. */ |
a6092018 | 5620 | unsigned int user_cookie_offset = 0; |
1d361a81 | 5621 | if (!xin->frozen_state) { |
a6092018 BP |
5622 | user_cookie_offset = compose_sflow_action(&ctx); |
5623 | compose_ipfix_action(&ctx, ODPP_NONE); | |
e672ff9b | 5624 | } |
0731abc5 | 5625 | size_t sample_actions_len = ctx.odp_actions->size; |
9583bc14 | 5626 | |
234c3da9 BP |
5627 | if (tnl_process_ecn(flow) |
5628 | && (!in_port || may_receive(in_port, &ctx))) { | |
1806291d BP |
5629 | const struct ofpact *ofpacts; |
5630 | size_t ofpacts_len; | |
5631 | ||
5632 | if (xin->ofpacts) { | |
5633 | ofpacts = xin->ofpacts; | |
5634 | ofpacts_len = xin->ofpacts_len; | |
5635 | } else if (ctx.rule) { | |
5636 | const struct rule_actions *actions | |
07a3cd5c | 5637 | = rule_get_actions(&ctx.rule->up); |
1806291d BP |
5638 | ofpacts = actions->ofpacts; |
5639 | ofpacts_len = actions->ofpacts_len; | |
07a3cd5c | 5640 | ctx.rule_cookie = ctx.rule->up.flow_cookie; |
1806291d BP |
5641 | } else { |
5642 | OVS_NOT_REACHED(); | |
5643 | } | |
5644 | ||
7efbc3b7 | 5645 | mirror_ingress_packet(&ctx); |
9583bc14 | 5646 | do_xlate_actions(ofpacts, ofpacts_len, &ctx); |
fff1b9c0 JR |
5647 | if (ctx.error) { |
5648 | goto exit; | |
5649 | } | |
9583bc14 EJ |
5650 | |
5651 | /* We've let OFPP_NORMAL and the learning action look at the | |
1d361a81 | 5652 | * packet, so cancel all actions and freezing if forwarding is |
8a5fb3b4 | 5653 | * disabled. */ |
9efd308e DV |
5654 | if (in_port && (!xport_stp_forward_state(in_port) || |
5655 | !xport_rstp_forward_state(in_port))) { | |
1520ef4f | 5656 | ctx.odp_actions->size = sample_actions_len; |
1d361a81 | 5657 | ctx_cancel_freeze(&ctx); |
8a5fb3b4 BP |
5658 | ofpbuf_clear(&ctx.action_set); |
5659 | } | |
5660 | ||
1d361a81 | 5661 | if (!ctx.freezing) { |
8a5fb3b4 | 5662 | xlate_action_set(&ctx); |
e672ff9b | 5663 | } |
1d361a81 | 5664 | if (ctx.freezing) { |
77ab5fd2 | 5665 | finish_freezing(&ctx); |
9583bc14 EJ |
5666 | } |
5667 | } | |
5668 | ||
e672ff9b | 5669 | /* Output only fully processed packets. */ |
1d361a81 | 5670 | if (!ctx.freezing |
e672ff9b | 5671 | && xbridge->has_in_band |
ce4a6b76 BP |
5672 | && in_band_must_output_to_local_port(flow) |
5673 | && !actions_output_to_local_port(&ctx)) { | |
e93ef1c7 | 5674 | compose_output_action(&ctx, OFPP_LOCAL, NULL); |
9583bc14 | 5675 | } |
aaa0fbae | 5676 | |
a6092018 BP |
5677 | if (user_cookie_offset) { |
5678 | fix_sflow_action(&ctx, user_cookie_offset); | |
e672ff9b | 5679 | } |
9583bc14 EJ |
5680 | } |
5681 | ||
1520ef4f | 5682 | if (nl_attr_oversized(ctx.odp_actions->size)) { |
542024c4 | 5683 | /* These datapath actions are too big for a Netlink attribute, so we |
0f032e95 BP |
5684 | * can't hand them to the kernel directly. dpif_execute() can execute |
5685 | * them one by one with help, so just mark the result as SLOW_ACTION to | |
5686 | * prevent the flow from being installed. */ | |
5687 | COVERAGE_INC(xlate_actions_oversize); | |
5688 | ctx.xout->slow |= SLOW_ACTION; | |
1520ef4f | 5689 | } else if (too_many_output_actions(ctx.odp_actions)) { |
7d031d7e BP |
5690 | COVERAGE_INC(xlate_actions_too_many_output); |
5691 | ctx.xout->slow |= SLOW_ACTION; | |
542024c4 BP |
5692 | } |
5693 | ||
1d361a81 BP |
5694 | /* Do netflow only for packets on initial reception, that are not sent to |
5695 | * the controller. We consider packets sent to the controller to be part | |
5696 | * of the control plane rather than the data plane. */ | |
5697 | if (!xin->frozen_state | |
5698 | && xbridge->netflow | |
5699 | && !(xout->slow & SLOW_CONTROLLER)) { | |
1806291d BP |
5700 | if (ctx.xin->resubmit_stats) { |
5701 | netflow_flow_update(xbridge->netflow, flow, | |
2031ef97 | 5702 | ctx.nf_output_iface, |
1806291d BP |
5703 | ctx.xin->resubmit_stats); |
5704 | } | |
5705 | if (ctx.xin->xcache) { | |
5706 | struct xc_entry *entry; | |
b256dc52 | 5707 | |
1806291d | 5708 | entry = xlate_cache_add_entry(ctx.xin->xcache, XC_NETFLOW); |
901a517e JR |
5709 | entry->nf.netflow = netflow_ref(xbridge->netflow); |
5710 | entry->nf.flow = xmemdup(flow, sizeof *flow); | |
5711 | entry->nf.iface = ctx.nf_output_iface; | |
d6fc5f57 EJ |
5712 | } |
5713 | } | |
5714 | ||
8d8ab6c2 JG |
5715 | /* Translate tunnel metadata masks to udpif format if necessary. */ |
5716 | if (xin->upcall_flow->tunnel.flags & FLOW_TNL_F_UDPIF) { | |
5717 | if (ctx.wc->masks.tunnel.metadata.present.map) { | |
5718 | const struct flow_tnl *upcall_tnl = &xin->upcall_flow->tunnel; | |
5719 | struct geneve_opt opts[TLV_TOT_OPT_SIZE / | |
5720 | sizeof(struct geneve_opt)]; | |
5721 | ||
5722 | tun_metadata_to_geneve_udpif_mask(&flow->tunnel, | |
5723 | &ctx.wc->masks.tunnel, | |
5724 | upcall_tnl->metadata.opts.gnv, | |
5725 | upcall_tnl->metadata.present.len, | |
5726 | opts); | |
5727 | memset(&ctx.wc->masks.tunnel.metadata, 0, | |
5728 | sizeof ctx.wc->masks.tunnel.metadata); | |
5729 | memcpy(&ctx.wc->masks.tunnel.metadata.opts.gnv, opts, | |
5730 | upcall_tnl->metadata.present.len); | |
5731 | } | |
5732 | ctx.wc->masks.tunnel.metadata.present.len = 0xff; | |
5733 | ctx.wc->masks.tunnel.metadata.tab = NULL; | |
5734 | ctx.wc->masks.tunnel.flags |= FLOW_TNL_F_UDPIF; | |
5735 | } else if (!xin->upcall_flow->tunnel.metadata.tab) { | |
5736 | /* If we didn't have options in UDPIF format and didn't have an existing | |
5737 | * metadata table, then it means that there were no options at all when | |
5738 | * we started processing and any wildcards we picked up were from | |
5739 | * action generation. Without options on the incoming packet, wildcards | |
5740 | * aren't meaningful. To avoid them possibly getting misinterpreted, | |
5741 | * just clear everything. */ | |
5742 | if (ctx.wc->masks.tunnel.metadata.present.map) { | |
5743 | memset(&ctx.wc->masks.tunnel.metadata, 0, | |
5744 | sizeof ctx.wc->masks.tunnel.metadata); | |
5745 | } else { | |
5746 | ctx.wc->masks.tunnel.metadata.tab = NULL; | |
5747 | } | |
5748 | } | |
5749 | ||
c0e638aa | 5750 | xlate_wc_finish(&ctx); |
1520ef4f BP |
5751 | |
5752 | exit: | |
8d8ab6c2 JG |
5753 | /* Reset the table to what it was when we came in. If we only fetched |
5754 | * it locally, then it has no meaning outside of flow translation. */ | |
5755 | flow->tunnel.metadata.tab = xin->upcall_flow->tunnel.metadata.tab; | |
5756 | ||
1520ef4f BP |
5757 | ofpbuf_uninit(&ctx.stack); |
5758 | ofpbuf_uninit(&ctx.action_set); | |
1d361a81 | 5759 | ofpbuf_uninit(&ctx.frozen_actions); |
1520ef4f | 5760 | ofpbuf_uninit(&scratch_actions); |
fff1b9c0 JR |
5761 | |
5762 | /* Make sure we return a "drop flow" in case of an error. */ | |
5763 | if (ctx.error) { | |
5764 | xout->slow = 0; | |
5765 | if (xin->odp_actions) { | |
5766 | ofpbuf_clear(xin->odp_actions); | |
5767 | } | |
5768 | } | |
5769 | return ctx.error; | |
91d6cd12 AW |
5770 | } |
5771 | ||
77ab5fd2 BP |
5772 | enum ofperr |
5773 | xlate_resume(struct ofproto_dpif *ofproto, | |
5774 | const struct ofputil_packet_in_private *pin, | |
5775 | struct ofpbuf *odp_actions, | |
5776 | enum slow_path_reason *slow) | |
5777 | { | |
5778 | struct dp_packet packet; | |
5779 | dp_packet_use_const(&packet, pin->public.packet, | |
5780 | pin->public.packet_len); | |
5781 | ||
5782 | struct flow flow; | |
5783 | flow_extract(&packet, &flow); | |
5784 | ||
5785 | struct xlate_in xin; | |
1f4a8933 JR |
5786 | xlate_in_init(&xin, ofproto, ofproto_dpif_get_tables_version(ofproto), |
5787 | &flow, 0, NULL, ntohs(flow.tcp_flags), | |
77ab5fd2 BP |
5788 | &packet, NULL, odp_actions); |
5789 | ||
5790 | struct ofpact_note noop; | |
5791 | ofpact_init_NOTE(&noop); | |
5792 | noop.length = 0; | |
5793 | ||
5794 | bool any_actions = pin->actions_len > 0; | |
5795 | struct frozen_state state = { | |
5796 | .table_id = 0, /* Not the table where NXAST_PAUSE was executed. */ | |
5797 | .ofproto_uuid = pin->bridge, | |
5798 | .stack = pin->stack, | |
84cf3c1f | 5799 | .stack_size = pin->stack_size, |
77ab5fd2 BP |
5800 | .mirrors = pin->mirrors, |
5801 | .conntracked = pin->conntracked, | |
5802 | ||
5803 | /* When there are no actions, xlate_actions() will search the flow | |
5804 | * table. We don't want it to do that (we want it to resume), so | |
5805 | * supply a no-op action if there aren't any. | |
5806 | * | |
5807 | * (We can't necessarily avoid translating actions entirely if there | |
5808 | * aren't any actions, because there might be some finishing-up to do | |
5809 | * at the end of the pipeline, and we don't check for those | |
5810 | * conditions.) */ | |
5811 | .ofpacts = any_actions ? pin->actions : &noop.ofpact, | |
5812 | .ofpacts_len = any_actions ? pin->actions_len : sizeof noop, | |
5813 | ||
5814 | .action_set = pin->action_set, | |
5815 | .action_set_len = pin->action_set_len, | |
5816 | }; | |
5817 | frozen_metadata_from_flow(&state.metadata, | |
5818 | &pin->public.flow_metadata.flow); | |
5819 | xin.frozen_state = &state; | |
5820 | ||
5821 | struct xlate_out xout; | |
5822 | enum xlate_error error = xlate_actions(&xin, &xout); | |
5823 | *slow = xout.slow; | |
5824 | xlate_out_uninit(&xout); | |
5825 | ||
5826 | /* xlate_actions() can generate a number of errors, but only | |
5827 | * XLATE_BRIDGE_NOT_FOUND really stands out to me as one that we should be | |
5828 | * sure to report over OpenFlow. The others could come up in packet-outs | |
5829 | * or regular flow translation and I don't think that it's going to be too | |
5830 | * useful to report them to the controller. */ | |
5831 | return error == XLATE_BRIDGE_NOT_FOUND ? OFPERR_NXR_STALE : 0; | |
5832 | } | |
5833 | ||
2eb79142 JG |
5834 | /* Sends 'packet' out 'ofport'. If 'port' is a tunnel and that tunnel type |
5835 | * supports a notion of an OAM flag, sets it if 'oam' is true. | |
91d6cd12 AW |
5836 | * May modify 'packet'. |
5837 | * Returns 0 if successful, otherwise a positive errno value. */ | |
5838 | int | |
2eb79142 JG |
5839 | xlate_send_packet(const struct ofport_dpif *ofport, bool oam, |
5840 | struct dp_packet *packet) | |
91d6cd12 | 5841 | { |
84f0f298 | 5842 | struct xlate_cfg *xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); |
91d6cd12 | 5843 | struct xport *xport; |
2eb79142 JG |
5844 | uint64_t ofpacts_stub[1024 / 8]; |
5845 | struct ofpbuf ofpacts; | |
91d6cd12 | 5846 | struct flow flow; |
91d6cd12 | 5847 | |
2eb79142 | 5848 | ofpbuf_use_stack(&ofpacts, ofpacts_stub, sizeof ofpacts_stub); |
91d6cd12 | 5849 | /* Use OFPP_NONE as the in_port to avoid special packet processing. */ |
cf62fa4c | 5850 | flow_extract(packet, &flow); |
b5e7e61a | 5851 | flow.in_port.ofp_port = OFPP_NONE; |
91d6cd12 | 5852 | |
84f0f298 | 5853 | xport = xport_lookup(xcfg, ofport); |
91d6cd12 | 5854 | if (!xport) { |
02ea2703 | 5855 | return EINVAL; |
91d6cd12 | 5856 | } |
2eb79142 JG |
5857 | |
5858 | if (oam) { | |
128684a6 JR |
5859 | const ovs_be16 oam = htons(NX_TUN_FLAG_OAM); |
5860 | ofpact_put_set_field(&ofpacts, mf_from_id(MFF_TUN_FLAGS), &oam, &oam); | |
2eb79142 JG |
5861 | } |
5862 | ||
5863 | ofpact_put_OUTPUT(&ofpacts)->port = xport->ofp_port; | |
e491a67a | 5864 | |
1f4a8933 JR |
5865 | /* Actions here are not referring to anything versionable (flow tables or |
5866 | * groups) so we don't need to worry about the version here. */ | |
5867 | return ofproto_dpif_execute_actions(xport->xbridge->ofproto, | |
5868 | OVS_VERSION_MAX, &flow, NULL, | |
2eb79142 | 5869 | ofpacts.data, ofpacts.size, packet); |
9583bc14 | 5870 | } |
b256dc52 | 5871 | |
901a517e | 5872 | void |
064799a1 JR |
5873 | xlate_mac_learning_update(const struct ofproto_dpif *ofproto, |
5874 | ofp_port_t in_port, struct eth_addr dl_src, | |
5875 | int vlan, bool is_grat_arp) | |
b256dc52 | 5876 | { |
84f0f298 | 5877 | struct xlate_cfg *xcfg = ovsrcu_get(struct xlate_cfg *, &xcfgp); |
b256dc52 JS |
5878 | struct xbridge *xbridge; |
5879 | struct xbundle *xbundle; | |
b256dc52 | 5880 | |
84f0f298 | 5881 | xbridge = xbridge_lookup(xcfg, ofproto); |
b256dc52 JS |
5882 | if (!xbridge) { |
5883 | return; | |
5884 | } | |
5885 | ||
064799a1 | 5886 | xbundle = lookup_input_bundle(xbridge, in_port, false, NULL); |
b256dc52 JS |
5887 | if (!xbundle) { |
5888 | return; | |
5889 | } | |
5890 | ||
064799a1 | 5891 | update_learning_table(xbridge, xbundle, dl_src, vlan, is_grat_arp); |
b256dc52 | 5892 | } |