]>
Commit | Line | Data |
---|---|---|
9583bc14 EJ |
1 | /* Copyright (c) 2009, 2010, 2011, 2012, 2013 Nicira, Inc. |
2 | * | |
3 | * Licensed under the Apache License, Version 2.0 (the "License"); | |
4 | * you may not use this file except in compliance with the License. | |
5 | * You may obtain a copy of the License at: | |
6 | * | |
7 | * http://www.apache.org/licenses/LICENSE-2.0 | |
8 | * | |
9 | * Unless required by applicable law or agreed to in writing, software | |
10 | * distributed under the License is distributed on an "AS IS" BASIS, | |
11 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
12 | * See the License for the specific language governing permissions and | |
13 | * limitations under the License. */ | |
14 | ||
15 | #include <config.h> | |
16 | ||
17 | #include "ofproto/ofproto-dpif-xlate.h" | |
18 | ||
8449c4d6 EJ |
19 | #include <errno.h> |
20 | ||
db7d4e46 | 21 | #include "bfd.h" |
9583bc14 EJ |
22 | #include "bitmap.h" |
23 | #include "bond.h" | |
24 | #include "bundle.h" | |
25 | #include "byte-order.h" | |
db7d4e46 | 26 | #include "cfm.h" |
9583bc14 EJ |
27 | #include "connmgr.h" |
28 | #include "coverage.h" | |
29 | #include "dpif.h" | |
30 | #include "dynamic-string.h" | |
f7f1ea29 | 31 | #include "in-band.h" |
db7d4e46 | 32 | #include "lacp.h" |
9583bc14 | 33 | #include "learn.h" |
46c88433 | 34 | #include "list.h" |
9583bc14 EJ |
35 | #include "mac-learning.h" |
36 | #include "meta-flow.h" | |
37 | #include "multipath.h" | |
38 | #include "netdev-vport.h" | |
39 | #include "netlink.h" | |
40 | #include "nx-match.h" | |
41 | #include "odp-execute.h" | |
42 | #include "ofp-actions.h" | |
43 | #include "ofproto/ofproto-dpif-ipfix.h" | |
ec7ceaed | 44 | #include "ofproto/ofproto-dpif-mirror.h" |
9583bc14 EJ |
45 | #include "ofproto/ofproto-dpif-sflow.h" |
46 | #include "ofproto/ofproto-dpif.h" | |
47 | #include "tunnel.h" | |
48 | #include "vlog.h" | |
49 | ||
46c88433 | 50 | COVERAGE_DEFINE(xlate_actions); |
9583bc14 EJ |
51 | |
52 | VLOG_DEFINE_THIS_MODULE(ofproto_dpif_xlate); | |
53 | ||
8a553e9a EJ |
54 | /* Maximum depth of flow table recursion (due to resubmit actions) in a |
55 | * flow translation. */ | |
56 | #define MAX_RESUBMIT_RECURSION 64 | |
57 | ||
46c88433 EJ |
58 | struct xbridge { |
59 | struct hmap_node hmap_node; /* Node in global 'xbridges' map. */ | |
60 | struct ofproto_dpif *ofproto; /* Key in global 'xbridges' map. */ | |
61 | ||
62 | struct list xbundles; /* Owned xbundles. */ | |
63 | struct hmap xports; /* Indexed by ofp_port. */ | |
64 | ||
65 | char *name; /* Name used in log messages. */ | |
89a8a7f0 | 66 | struct dpif *dpif; /* Datapath interface. */ |
46c88433 EJ |
67 | struct mac_learning *ml; /* Mac learning handle. */ |
68 | struct mbridge *mbridge; /* Mirroring. */ | |
69 | struct dpif_sflow *sflow; /* SFlow handle, or null. */ | |
70 | struct dpif_ipfix *ipfix; /* Ipfix handle, or null. */ | |
9d189a50 | 71 | struct stp *stp; /* STP or null if disabled. */ |
46c88433 EJ |
72 | |
73 | enum ofp_config_flags frag; /* Fragmentation handling. */ | |
46c88433 EJ |
74 | bool has_netflow; /* Bridge runs netflow? */ |
75 | bool has_in_band; /* Bridge has in band control? */ | |
76 | bool forward_bpdu; /* Bridge forwards STP BPDUs? */ | |
77 | }; | |
78 | ||
79 | struct xbundle { | |
80 | struct hmap_node hmap_node; /* In global 'xbundles' map. */ | |
81 | struct ofbundle *ofbundle; /* Key in global 'xbundles' map. */ | |
82 | ||
83 | struct list list_node; /* In parent 'xbridges' list. */ | |
84 | struct xbridge *xbridge; /* Parent xbridge. */ | |
85 | ||
86 | struct list xports; /* Contains "struct xport"s. */ | |
87 | ||
88 | char *name; /* Name used in log messages. */ | |
89 | struct bond *bond; /* Nonnull iff more than one port. */ | |
90 | struct lacp *lacp; /* LACP handle or null. */ | |
91 | ||
92 | enum port_vlan_mode vlan_mode; /* VLAN mode. */ | |
93 | int vlan; /* -1=trunk port, else a 12-bit VLAN ID. */ | |
94 | unsigned long *trunks; /* Bitmap of trunked VLANs, if 'vlan' == -1. | |
95 | * NULL if all VLANs are trunked. */ | |
96 | bool use_priority_tags; /* Use 802.1p tag for frames in VLAN 0? */ | |
97 | bool floodable; /* No port has OFPUTIL_PC_NO_FLOOD set? */ | |
98 | }; | |
99 | ||
100 | struct xport { | |
101 | struct hmap_node hmap_node; /* Node in global 'xports' map. */ | |
102 | struct ofport_dpif *ofport; /* Key in global 'xports map. */ | |
103 | ||
104 | struct hmap_node ofp_node; /* Node in parent xbridge 'xports' map. */ | |
105 | ofp_port_t ofp_port; /* Key in parent xbridge 'xports' map. */ | |
106 | ||
107 | odp_port_t odp_port; /* Datapath port number or ODPP_NONE. */ | |
108 | ||
109 | struct list bundle_node; /* In parent xbundle (if it exists). */ | |
110 | struct xbundle *xbundle; /* Parent xbundle or null. */ | |
111 | ||
112 | struct netdev *netdev; /* 'ofport''s netdev. */ | |
113 | ||
114 | struct xbridge *xbridge; /* Parent bridge. */ | |
115 | struct xport *peer; /* Patch port peer or null. */ | |
116 | ||
117 | enum ofputil_port_config config; /* OpenFlow port configuration. */ | |
9d189a50 | 118 | int stp_port_no; /* STP port number or 0 if not in use. */ |
46c88433 | 119 | |
55954f6e EJ |
120 | struct hmap skb_priorities; /* Map of 'skb_priority_to_dscp's. */ |
121 | ||
46c88433 EJ |
122 | bool may_enable; /* May be enabled in bonds. */ |
123 | bool is_tunnel; /* Is a tunnel port. */ | |
124 | ||
125 | struct cfm *cfm; /* CFM handle or null. */ | |
126 | struct bfd *bfd; /* BFD handle or null. */ | |
127 | }; | |
128 | ||
4d0acc70 EJ |
129 | struct xlate_ctx { |
130 | struct xlate_in *xin; | |
131 | struct xlate_out *xout; | |
132 | ||
46c88433 | 133 | const struct xbridge *xbridge; |
4d0acc70 EJ |
134 | |
135 | /* Flow at the last commit. */ | |
136 | struct flow base_flow; | |
137 | ||
138 | /* Tunnel IP destination address as received. This is stored separately | |
139 | * as the base_flow.tunnel is cleared on init to reflect the datapath | |
140 | * behavior. Used to make sure not to send tunneled output to ourselves, | |
141 | * which might lead to an infinite loop. This could happen easily | |
142 | * if a tunnel is marked as 'ip_remote=flow', and the flow does not | |
143 | * actually set the tun_dst field. */ | |
144 | ovs_be32 orig_tunnel_ip_dst; | |
145 | ||
146 | /* Stack for the push and pop actions. Each stack element is of type | |
147 | * "union mf_subvalue". */ | |
148 | union mf_subvalue init_stack[1024 / sizeof(union mf_subvalue)]; | |
149 | struct ofpbuf stack; | |
150 | ||
151 | /* The rule that we are currently translating, or NULL. */ | |
152 | struct rule_dpif *rule; | |
153 | ||
154 | int recurse; /* Recursion level, via xlate_table_action. */ | |
4d0acc70 EJ |
155 | uint32_t orig_skb_priority; /* Priority when packet arrived. */ |
156 | uint8_t table_id; /* OpenFlow table ID where flow was found. */ | |
157 | uint32_t sflow_n_outputs; /* Number of output ports. */ | |
4e022ec0 | 158 | odp_port_t sflow_odp_port; /* Output port for composing sFlow action. */ |
4d0acc70 EJ |
159 | uint16_t user_cookie_offset;/* Used for user_action_cookie fixup. */ |
160 | bool exit; /* No further actions should be processed. */ | |
161 | }; | |
162 | ||
9583bc14 EJ |
163 | /* A controller may use OFPP_NONE as the ingress port to indicate that |
164 | * it did not arrive on a "real" port. 'ofpp_none_bundle' exists for | |
165 | * when an input bundle is needed for validation (e.g., mirroring or | |
166 | * OFPP_NORMAL processing). It is not connected to an 'ofproto' or have | |
3815d6c2 LS |
167 | * any 'port' structs, so care must be taken when dealing with it. |
168 | * The bundle's name and vlan mode are initialized in lookup_input_bundle() */ | |
169 | static struct xbundle ofpp_none_bundle; | |
9583bc14 | 170 | |
55954f6e EJ |
171 | /* Node in 'xport''s 'skb_priorities' map. Used to maintain a map from |
172 | * 'priority' (the datapath's term for QoS queue) to the dscp bits which all | |
173 | * traffic egressing the 'ofport' with that priority should be marked with. */ | |
174 | struct skb_priority_to_dscp { | |
175 | struct hmap_node hmap_node; /* Node in 'ofport_dpif''s 'skb_priorities'. */ | |
176 | uint32_t skb_priority; /* Priority of this queue (see struct flow). */ | |
177 | ||
178 | uint8_t dscp; /* DSCP bits to mark outgoing traffic with. */ | |
179 | }; | |
180 | ||
46c88433 EJ |
181 | static struct hmap xbridges = HMAP_INITIALIZER(&xbridges); |
182 | static struct hmap xbundles = HMAP_INITIALIZER(&xbundles); | |
183 | static struct hmap xports = HMAP_INITIALIZER(&xports); | |
184 | ||
185 | static bool may_receive(const struct xport *, struct xlate_ctx *); | |
9583bc14 EJ |
186 | static void do_xlate_actions(const struct ofpact *, size_t ofpacts_len, |
187 | struct xlate_ctx *); | |
188 | static void xlate_normal(struct xlate_ctx *); | |
189 | static void xlate_report(struct xlate_ctx *, const char *); | |
4e022ec0 | 190 | static void xlate_table_action(struct xlate_ctx *, ofp_port_t in_port, |
9583bc14 | 191 | uint8_t table_id, bool may_packet_in); |
46c88433 EJ |
192 | static bool input_vid_is_valid(uint16_t vid, struct xbundle *, bool warn); |
193 | static uint16_t input_vid_to_vlan(const struct xbundle *, uint16_t vid); | |
194 | static void output_normal(struct xlate_ctx *, const struct xbundle *, | |
9583bc14 | 195 | uint16_t vlan); |
4e022ec0 | 196 | static void compose_output_action(struct xlate_ctx *, ofp_port_t ofp_port); |
9583bc14 EJ |
197 | |
198 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
199 | ||
46c88433 EJ |
200 | static struct xbridge *xbridge_lookup(const struct ofproto_dpif *); |
201 | static struct xbundle *xbundle_lookup(const struct ofbundle *); | |
5e6af486 | 202 | static struct xport *xport_lookup(const struct ofport_dpif *); |
46c88433 | 203 | static struct xport *get_ofp_port(const struct xbridge *, ofp_port_t ofp_port); |
55954f6e EJ |
204 | static struct skb_priority_to_dscp *get_skb_priority(const struct xport *, |
205 | uint32_t skb_priority); | |
206 | static void clear_skb_priorities(struct xport *); | |
207 | static bool dscp_from_skb_priority(const struct xport *, uint32_t skb_priority, | |
208 | uint8_t *dscp); | |
46c88433 EJ |
209 | |
210 | void | |
211 | xlate_ofproto_set(struct ofproto_dpif *ofproto, const char *name, | |
89a8a7f0 EJ |
212 | struct dpif *dpif, const struct mac_learning *ml, |
213 | struct stp *stp, const struct mbridge *mbridge, | |
46c88433 EJ |
214 | const struct dpif_sflow *sflow, |
215 | const struct dpif_ipfix *ipfix, enum ofp_config_flags frag, | |
9d189a50 | 216 | bool forward_bpdu, bool has_in_band, bool has_netflow) |
46c88433 EJ |
217 | { |
218 | struct xbridge *xbridge = xbridge_lookup(ofproto); | |
219 | ||
220 | if (!xbridge) { | |
221 | xbridge = xzalloc(sizeof *xbridge); | |
222 | xbridge->ofproto = ofproto; | |
223 | ||
224 | hmap_insert(&xbridges, &xbridge->hmap_node, hash_pointer(ofproto, 0)); | |
225 | hmap_init(&xbridge->xports); | |
226 | list_init(&xbridge->xbundles); | |
227 | } | |
228 | ||
229 | if (xbridge->ml != ml) { | |
230 | mac_learning_unref(xbridge->ml); | |
231 | xbridge->ml = mac_learning_ref(ml); | |
232 | } | |
233 | ||
234 | if (xbridge->mbridge != mbridge) { | |
235 | mbridge_unref(xbridge->mbridge); | |
236 | xbridge->mbridge = mbridge_ref(mbridge); | |
237 | } | |
238 | ||
239 | if (xbridge->sflow != sflow) { | |
240 | dpif_sflow_unref(xbridge->sflow); | |
241 | xbridge->sflow = dpif_sflow_ref(sflow); | |
242 | } | |
243 | ||
244 | if (xbridge->ipfix != ipfix) { | |
245 | dpif_ipfix_unref(xbridge->ipfix); | |
246 | xbridge->ipfix = dpif_ipfix_ref(ipfix); | |
247 | } | |
248 | ||
9d189a50 EJ |
249 | if (xbridge->stp != stp) { |
250 | stp_unref(xbridge->stp); | |
251 | xbridge->stp = stp_ref(stp); | |
252 | } | |
253 | ||
46c88433 EJ |
254 | free(xbridge->name); |
255 | xbridge->name = xstrdup(name); | |
256 | ||
89a8a7f0 | 257 | xbridge->dpif = dpif; |
46c88433 EJ |
258 | xbridge->forward_bpdu = forward_bpdu; |
259 | xbridge->has_in_band = has_in_band; | |
260 | xbridge->has_netflow = has_netflow; | |
46c88433 EJ |
261 | xbridge->frag = frag; |
262 | } | |
263 | ||
264 | void | |
265 | xlate_remove_ofproto(struct ofproto_dpif *ofproto) | |
266 | { | |
267 | struct xbridge *xbridge = xbridge_lookup(ofproto); | |
268 | struct xbundle *xbundle, *next_xbundle; | |
269 | struct xport *xport, *next_xport; | |
270 | ||
271 | if (!xbridge) { | |
272 | return; | |
273 | } | |
274 | ||
275 | HMAP_FOR_EACH_SAFE (xport, next_xport, ofp_node, &xbridge->xports) { | |
276 | xlate_ofport_remove(xport->ofport); | |
277 | } | |
278 | ||
279 | LIST_FOR_EACH_SAFE (xbundle, next_xbundle, list_node, &xbridge->xbundles) { | |
280 | xlate_bundle_remove(xbundle->ofbundle); | |
281 | } | |
282 | ||
283 | hmap_remove(&xbridges, &xbridge->hmap_node); | |
284 | free(xbridge->name); | |
285 | free(xbridge); | |
286 | } | |
287 | ||
288 | void | |
289 | xlate_bundle_set(struct ofproto_dpif *ofproto, struct ofbundle *ofbundle, | |
290 | const char *name, enum port_vlan_mode vlan_mode, int vlan, | |
291 | unsigned long *trunks, bool use_priority_tags, | |
292 | const struct bond *bond, const struct lacp *lacp, | |
293 | bool floodable) | |
294 | { | |
295 | struct xbundle *xbundle = xbundle_lookup(ofbundle); | |
296 | ||
297 | if (!xbundle) { | |
298 | xbundle = xzalloc(sizeof *xbundle); | |
299 | xbundle->ofbundle = ofbundle; | |
300 | xbundle->xbridge = xbridge_lookup(ofproto); | |
301 | ||
302 | hmap_insert(&xbundles, &xbundle->hmap_node, hash_pointer(ofbundle, 0)); | |
303 | list_insert(&xbundle->xbridge->xbundles, &xbundle->list_node); | |
304 | list_init(&xbundle->xports); | |
305 | } | |
306 | ||
307 | ovs_assert(xbundle->xbridge); | |
308 | ||
309 | free(xbundle->name); | |
310 | xbundle->name = xstrdup(name); | |
311 | ||
312 | xbundle->vlan_mode = vlan_mode; | |
313 | xbundle->vlan = vlan; | |
314 | xbundle->trunks = trunks; | |
315 | xbundle->use_priority_tags = use_priority_tags; | |
316 | xbundle->floodable = floodable; | |
317 | ||
318 | if (xbundle->bond != bond) { | |
319 | bond_unref(xbundle->bond); | |
320 | xbundle->bond = bond_ref(bond); | |
321 | } | |
322 | ||
323 | if (xbundle->lacp != lacp) { | |
324 | lacp_unref(xbundle->lacp); | |
325 | xbundle->lacp = lacp_ref(lacp); | |
326 | } | |
327 | } | |
328 | ||
329 | void | |
330 | xlate_bundle_remove(struct ofbundle *ofbundle) | |
331 | { | |
332 | struct xbundle *xbundle = xbundle_lookup(ofbundle); | |
333 | struct xport *xport, *next; | |
334 | ||
335 | if (!xbundle) { | |
336 | return; | |
337 | } | |
338 | ||
339 | LIST_FOR_EACH_SAFE (xport, next, bundle_node, &xbundle->xports) { | |
340 | list_remove(&xport->bundle_node); | |
341 | xport->xbundle = NULL; | |
342 | } | |
343 | ||
344 | hmap_remove(&xbundles, &xbundle->hmap_node); | |
345 | list_remove(&xbundle->list_node); | |
346 | bond_unref(xbundle->bond); | |
347 | lacp_unref(xbundle->lacp); | |
348 | free(xbundle->name); | |
349 | free(xbundle); | |
350 | } | |
351 | ||
352 | void | |
353 | xlate_ofport_set(struct ofproto_dpif *ofproto, struct ofbundle *ofbundle, | |
354 | struct ofport_dpif *ofport, ofp_port_t ofp_port, | |
355 | odp_port_t odp_port, const struct netdev *netdev, | |
356 | const struct cfm *cfm, const struct bfd *bfd, | |
9d189a50 | 357 | struct ofport_dpif *peer, int stp_port_no, |
55954f6e | 358 | const struct ofproto_port_queue *qdscp_list, size_t n_qdscp, |
9d189a50 EJ |
359 | enum ofputil_port_config config, bool is_tunnel, |
360 | bool may_enable) | |
46c88433 EJ |
361 | { |
362 | struct xport *xport = xport_lookup(ofport); | |
55954f6e | 363 | size_t i; |
46c88433 EJ |
364 | |
365 | if (!xport) { | |
366 | xport = xzalloc(sizeof *xport); | |
367 | xport->ofport = ofport; | |
368 | xport->xbridge = xbridge_lookup(ofproto); | |
369 | xport->ofp_port = ofp_port; | |
370 | ||
55954f6e | 371 | hmap_init(&xport->skb_priorities); |
46c88433 EJ |
372 | hmap_insert(&xports, &xport->hmap_node, hash_pointer(ofport, 0)); |
373 | hmap_insert(&xport->xbridge->xports, &xport->ofp_node, | |
374 | hash_ofp_port(xport->ofp_port)); | |
375 | } | |
376 | ||
377 | ovs_assert(xport->ofp_port == ofp_port); | |
378 | ||
379 | xport->config = config; | |
9d189a50 | 380 | xport->stp_port_no = stp_port_no; |
46c88433 EJ |
381 | xport->is_tunnel = is_tunnel; |
382 | xport->may_enable = may_enable; | |
383 | xport->odp_port = odp_port; | |
384 | ||
385 | if (xport->netdev != netdev) { | |
386 | netdev_close(xport->netdev); | |
387 | xport->netdev = netdev_ref(netdev); | |
388 | } | |
389 | ||
390 | if (xport->cfm != cfm) { | |
391 | cfm_unref(xport->cfm); | |
392 | xport->cfm = cfm_ref(cfm); | |
393 | } | |
394 | ||
395 | if (xport->bfd != bfd) { | |
396 | bfd_unref(xport->bfd); | |
397 | xport->bfd = bfd_ref(bfd); | |
398 | } | |
399 | ||
400 | if (xport->peer) { | |
401 | xport->peer->peer = NULL; | |
402 | } | |
5e6af486 | 403 | xport->peer = xport_lookup(peer); |
46c88433 EJ |
404 | if (xport->peer) { |
405 | xport->peer->peer = xport; | |
406 | } | |
407 | ||
408 | if (xport->xbundle) { | |
409 | list_remove(&xport->bundle_node); | |
410 | } | |
5e6af486 | 411 | xport->xbundle = xbundle_lookup(ofbundle); |
46c88433 EJ |
412 | if (xport->xbundle) { |
413 | list_insert(&xport->xbundle->xports, &xport->bundle_node); | |
414 | } | |
55954f6e EJ |
415 | |
416 | clear_skb_priorities(xport); | |
417 | for (i = 0; i < n_qdscp; i++) { | |
418 | struct skb_priority_to_dscp *pdscp; | |
419 | uint32_t skb_priority; | |
420 | ||
89a8a7f0 EJ |
421 | if (dpif_queue_to_priority(xport->xbridge->dpif, qdscp_list[i].queue, |
422 | &skb_priority)) { | |
55954f6e EJ |
423 | continue; |
424 | } | |
425 | ||
426 | pdscp = xmalloc(sizeof *pdscp); | |
427 | pdscp->skb_priority = skb_priority; | |
428 | pdscp->dscp = (qdscp_list[i].dscp << 2) & IP_DSCP_MASK; | |
429 | hmap_insert(&xport->skb_priorities, &pdscp->hmap_node, | |
430 | hash_int(pdscp->skb_priority, 0)); | |
431 | } | |
46c88433 EJ |
432 | } |
433 | ||
434 | void | |
435 | xlate_ofport_remove(struct ofport_dpif *ofport) | |
436 | { | |
437 | struct xport *xport = xport_lookup(ofport); | |
438 | ||
439 | if (!xport) { | |
440 | return; | |
441 | } | |
442 | ||
443 | if (xport->peer) { | |
444 | xport->peer->peer = NULL; | |
445 | xport->peer = NULL; | |
446 | } | |
447 | ||
e621a12d EJ |
448 | if (xport->xbundle) { |
449 | list_remove(&xport->bundle_node); | |
450 | } | |
451 | ||
55954f6e EJ |
452 | clear_skb_priorities(xport); |
453 | hmap_destroy(&xport->skb_priorities); | |
454 | ||
46c88433 EJ |
455 | hmap_remove(&xports, &xport->hmap_node); |
456 | hmap_remove(&xport->xbridge->xports, &xport->ofp_node); | |
457 | ||
458 | netdev_close(xport->netdev); | |
459 | cfm_unref(xport->cfm); | |
460 | bfd_unref(xport->bfd); | |
461 | free(xport); | |
462 | } | |
463 | ||
8449c4d6 EJ |
464 | /* Given a datpath, packet, and flow metadata ('backer', 'packet', and 'key' |
465 | * respectively), populates 'flow' with the result of odp_flow_key_to_flow(). | |
466 | * Optionally, if nonnull, populates 'fitnessp' with the fitness of 'flow' as | |
467 | * returned by odp_flow_key_to_flow(). Also, optionally populates 'ofproto' | |
468 | * with the ofproto_dpif, and 'odp_in_port' with the datapath in_port, that | |
469 | * 'packet' ingressed. | |
470 | * | |
471 | * If 'ofproto' is nonnull, requires 'flow''s in_port to exist. Otherwise sets | |
472 | * 'flow''s in_port to OFPP_NONE. | |
473 | * | |
474 | * This function does post-processing on data returned from | |
475 | * odp_flow_key_to_flow() to help make VLAN splinters transparent to the rest | |
476 | * of the upcall processing logic. In particular, if the extracted in_port is | |
477 | * a VLAN splinter port, it replaces flow->in_port by the "real" port, sets | |
478 | * flow->vlan_tci correctly for the VLAN of the VLAN splinter port, and pushes | |
479 | * a VLAN header onto 'packet' (if it is nonnull). | |
480 | * | |
481 | * Similarly, this function also includes some logic to help with tunnels. It | |
482 | * may modify 'flow' as necessary to make the tunneling implementation | |
483 | * transparent to the upcall processing logic. | |
484 | * | |
485 | * Returns 0 if successful, ENODEV if the parsed flow has no associated ofport, | |
486 | * or some other positive errno if there are other problems. */ | |
487 | int | |
488 | xlate_receive(const struct dpif_backer *backer, struct ofpbuf *packet, | |
489 | const struct nlattr *key, size_t key_len, | |
490 | struct flow *flow, enum odp_key_fitness *fitnessp, | |
491 | struct ofproto_dpif **ofproto, odp_port_t *odp_in_port) | |
492 | { | |
493 | enum odp_key_fitness fitness; | |
494 | const struct xport *xport; | |
495 | int error = ENODEV; | |
496 | ||
497 | fitness = odp_flow_key_to_flow(key, key_len, flow); | |
498 | if (fitness == ODP_FIT_ERROR) { | |
499 | error = EINVAL; | |
500 | goto exit; | |
501 | } | |
502 | ||
503 | if (odp_in_port) { | |
504 | *odp_in_port = flow->in_port.odp_port; | |
505 | } | |
506 | ||
507 | xport = xport_lookup(tnl_port_should_receive(flow) | |
508 | ? tnl_port_receive(flow) | |
509 | : odp_port_to_ofport(backer, flow->in_port.odp_port)); | |
510 | ||
511 | flow->in_port.ofp_port = xport ? xport->ofp_port : OFPP_NONE; | |
512 | if (!xport) { | |
513 | goto exit; | |
514 | } | |
515 | ||
516 | if (vsp_adjust_flow(xport->xbridge->ofproto, flow)) { | |
517 | if (packet) { | |
518 | /* Make the packet resemble the flow, so that it gets sent to | |
519 | * an OpenFlow controller properly, so that it looks correct | |
520 | * for sFlow, and so that flow_extract() will get the correct | |
521 | * vlan_tci if it is called on 'packet'. | |
522 | * | |
523 | * The allocated space inside 'packet' probably also contains | |
524 | * 'key', that is, both 'packet' and 'key' are probably part of | |
525 | * a struct dpif_upcall (see the large comment on that | |
526 | * structure definition), so pushing data on 'packet' is in | |
527 | * general not a good idea since it could overwrite 'key' or | |
528 | * free it as a side effect. However, it's OK in this special | |
529 | * case because we know that 'packet' is inside a Netlink | |
530 | * attribute: pushing 4 bytes will just overwrite the 4-byte | |
531 | * "struct nlattr", which is fine since we don't need that | |
532 | * header anymore. */ | |
533 | eth_push_vlan(packet, flow->vlan_tci); | |
534 | } | |
535 | /* We can't reproduce 'key' from 'flow'. */ | |
536 | fitness = fitness == ODP_FIT_PERFECT ? ODP_FIT_TOO_MUCH : fitness; | |
537 | } | |
538 | error = 0; | |
539 | ||
540 | if (ofproto) { | |
541 | *ofproto = xport->xbridge->ofproto; | |
542 | } | |
543 | ||
544 | exit: | |
545 | if (fitnessp) { | |
546 | *fitnessp = fitness; | |
547 | } | |
548 | return error; | |
549 | } | |
550 | ||
46c88433 EJ |
551 | static struct xbridge * |
552 | xbridge_lookup(const struct ofproto_dpif *ofproto) | |
553 | { | |
554 | struct xbridge *xbridge; | |
555 | ||
5e6af486 EJ |
556 | if (!ofproto) { |
557 | return NULL; | |
558 | } | |
559 | ||
46c88433 EJ |
560 | HMAP_FOR_EACH_IN_BUCKET (xbridge, hmap_node, hash_pointer(ofproto, 0), |
561 | &xbridges) { | |
562 | if (xbridge->ofproto == ofproto) { | |
563 | return xbridge; | |
564 | } | |
565 | } | |
566 | return NULL; | |
567 | } | |
568 | ||
569 | static struct xbundle * | |
570 | xbundle_lookup(const struct ofbundle *ofbundle) | |
571 | { | |
572 | struct xbundle *xbundle; | |
573 | ||
5e6af486 EJ |
574 | if (!ofbundle) { |
575 | return NULL; | |
576 | } | |
577 | ||
46c88433 EJ |
578 | HMAP_FOR_EACH_IN_BUCKET (xbundle, hmap_node, hash_pointer(ofbundle, 0), |
579 | &xbundles) { | |
580 | if (xbundle->ofbundle == ofbundle) { | |
581 | return xbundle; | |
582 | } | |
583 | } | |
584 | return NULL; | |
585 | } | |
586 | ||
587 | static struct xport * | |
5e6af486 | 588 | xport_lookup(const struct ofport_dpif *ofport) |
46c88433 EJ |
589 | { |
590 | struct xport *xport; | |
591 | ||
5e6af486 EJ |
592 | if (!ofport) { |
593 | return NULL; | |
594 | } | |
595 | ||
46c88433 EJ |
596 | HMAP_FOR_EACH_IN_BUCKET (xport, hmap_node, hash_pointer(ofport, 0), |
597 | &xports) { | |
598 | if (xport->ofport == ofport) { | |
599 | return xport; | |
600 | } | |
601 | } | |
602 | return NULL; | |
603 | } | |
604 | ||
40085e56 EJ |
605 | static struct stp_port * |
606 | xport_get_stp_port(const struct xport *xport) | |
607 | { | |
608 | return xport->xbridge->stp && xport->stp_port_no | |
609 | ? stp_get_port(xport->xbridge->stp, xport->stp_port_no) | |
610 | : NULL; | |
611 | } | |
9d189a50 EJ |
612 | |
613 | static enum stp_state | |
614 | xport_stp_learn_state(const struct xport *xport) | |
615 | { | |
40085e56 EJ |
616 | struct stp_port *sp = xport_get_stp_port(xport); |
617 | return stp_learn_in_state(sp ? stp_port_get_state(sp) : STP_DISABLED); | |
9d189a50 EJ |
618 | } |
619 | ||
620 | static bool | |
621 | xport_stp_forward_state(const struct xport *xport) | |
622 | { | |
40085e56 EJ |
623 | struct stp_port *sp = xport_get_stp_port(xport); |
624 | return stp_forward_in_state(sp ? stp_port_get_state(sp) : STP_DISABLED); | |
9d189a50 EJ |
625 | } |
626 | ||
627 | /* Returns true if STP should process 'flow'. Sets fields in 'wc' that | |
628 | * were used to make the determination.*/ | |
629 | static bool | |
630 | stp_should_process_flow(const struct flow *flow, struct flow_wildcards *wc) | |
631 | { | |
632 | memset(&wc->masks.dl_dst, 0xff, sizeof wc->masks.dl_dst); | |
633 | return eth_addr_equals(flow->dl_dst, eth_addr_stp); | |
634 | } | |
635 | ||
636 | static void | |
637 | stp_process_packet(const struct xport *xport, const struct ofpbuf *packet) | |
638 | { | |
40085e56 | 639 | struct stp_port *sp = xport_get_stp_port(xport); |
9d189a50 EJ |
640 | struct ofpbuf payload = *packet; |
641 | struct eth_header *eth = payload.data; | |
9d189a50 EJ |
642 | |
643 | /* Sink packets on ports that have STP disabled when the bridge has | |
644 | * STP enabled. */ | |
645 | if (!sp || stp_port_get_state(sp) == STP_DISABLED) { | |
646 | return; | |
647 | } | |
648 | ||
649 | /* Trim off padding on payload. */ | |
650 | if (payload.size > ntohs(eth->eth_type) + ETH_HEADER_LEN) { | |
651 | payload.size = ntohs(eth->eth_type) + ETH_HEADER_LEN; | |
652 | } | |
653 | ||
654 | if (ofpbuf_try_pull(&payload, ETH_HEADER_LEN + LLC_HEADER_LEN)) { | |
655 | stp_received_bpdu(sp, payload.data, payload.size); | |
656 | } | |
657 | } | |
658 | ||
46c88433 EJ |
659 | static struct xport * |
660 | get_ofp_port(const struct xbridge *xbridge, ofp_port_t ofp_port) | |
661 | { | |
662 | struct xport *xport; | |
663 | ||
664 | HMAP_FOR_EACH_IN_BUCKET (xport, ofp_node, hash_ofp_port(ofp_port), | |
665 | &xbridge->xports) { | |
666 | if (xport->ofp_port == ofp_port) { | |
667 | return xport; | |
668 | } | |
669 | } | |
670 | return NULL; | |
671 | } | |
672 | ||
673 | static odp_port_t | |
674 | ofp_port_to_odp_port(const struct xbridge *xbridge, ofp_port_t ofp_port) | |
675 | { | |
676 | const struct xport *xport = get_ofp_port(xbridge, ofp_port); | |
677 | return xport ? xport->odp_port : ODPP_NONE; | |
678 | } | |
679 | ||
9583bc14 | 680 | static bool |
46c88433 | 681 | xbundle_trunks_vlan(const struct xbundle *bundle, uint16_t vlan) |
9583bc14 EJ |
682 | { |
683 | return (bundle->vlan_mode != PORT_VLAN_ACCESS | |
684 | && (!bundle->trunks || bitmap_is_set(bundle->trunks, vlan))); | |
685 | } | |
686 | ||
687 | static bool | |
46c88433 EJ |
688 | xbundle_includes_vlan(const struct xbundle *xbundle, uint16_t vlan) |
689 | { | |
690 | return vlan == xbundle->vlan || xbundle_trunks_vlan(xbundle, vlan); | |
691 | } | |
692 | ||
693 | static mirror_mask_t | |
694 | xbundle_mirror_out(const struct xbridge *xbridge, struct xbundle *xbundle) | |
695 | { | |
696 | return xbundle != &ofpp_none_bundle | |
697 | ? mirror_bundle_out(xbridge->mbridge, xbundle->ofbundle) | |
698 | : 0; | |
699 | } | |
700 | ||
701 | static mirror_mask_t | |
702 | xbundle_mirror_src(const struct xbridge *xbridge, struct xbundle *xbundle) | |
9583bc14 | 703 | { |
46c88433 EJ |
704 | return xbundle != &ofpp_none_bundle |
705 | ? mirror_bundle_src(xbridge->mbridge, xbundle->ofbundle) | |
706 | : 0; | |
9583bc14 EJ |
707 | } |
708 | ||
46c88433 EJ |
709 | static mirror_mask_t |
710 | xbundle_mirror_dst(const struct xbridge *xbridge, struct xbundle *xbundle) | |
9583bc14 | 711 | { |
46c88433 EJ |
712 | return xbundle != &ofpp_none_bundle |
713 | ? mirror_bundle_dst(xbridge->mbridge, xbundle->ofbundle) | |
714 | : 0; | |
715 | } | |
716 | ||
717 | static struct xbundle * | |
718 | lookup_input_bundle(const struct xbridge *xbridge, ofp_port_t in_port, | |
719 | bool warn, struct xport **in_xportp) | |
720 | { | |
721 | struct xport *xport; | |
9583bc14 EJ |
722 | |
723 | /* Find the port and bundle for the received packet. */ | |
46c88433 EJ |
724 | xport = get_ofp_port(xbridge, in_port); |
725 | if (in_xportp) { | |
726 | *in_xportp = xport; | |
9583bc14 | 727 | } |
46c88433 EJ |
728 | if (xport && xport->xbundle) { |
729 | return xport->xbundle; | |
9583bc14 EJ |
730 | } |
731 | ||
732 | /* Special-case OFPP_NONE, which a controller may use as the ingress | |
733 | * port for traffic that it is sourcing. */ | |
734 | if (in_port == OFPP_NONE) { | |
3815d6c2 LS |
735 | ofpp_none_bundle.name = "OFPP_NONE"; |
736 | ofpp_none_bundle.vlan_mode = PORT_VLAN_TRUNK; | |
9583bc14 EJ |
737 | return &ofpp_none_bundle; |
738 | } | |
739 | ||
740 | /* Odd. A few possible reasons here: | |
741 | * | |
742 | * - We deleted a port but there are still a few packets queued up | |
743 | * from it. | |
744 | * | |
745 | * - Someone externally added a port (e.g. "ovs-dpctl add-if") that | |
746 | * we don't know about. | |
747 | * | |
748 | * - The ofproto client didn't configure the port as part of a bundle. | |
749 | * This is particularly likely to happen if a packet was received on the | |
750 | * port after it was created, but before the client had a chance to | |
751 | * configure its bundle. | |
752 | */ | |
753 | if (warn) { | |
754 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
755 | ||
756 | VLOG_WARN_RL(&rl, "bridge %s: received packet on unknown " | |
46c88433 | 757 | "port %"PRIu16, xbridge->name, in_port); |
9583bc14 EJ |
758 | } |
759 | return NULL; | |
760 | } | |
761 | ||
762 | static void | |
763 | add_mirror_actions(struct xlate_ctx *ctx, const struct flow *orig_flow) | |
764 | { | |
46c88433 | 765 | const struct xbridge *xbridge = ctx->xbridge; |
9583bc14 | 766 | mirror_mask_t mirrors; |
46c88433 | 767 | struct xbundle *in_xbundle; |
9583bc14 EJ |
768 | uint16_t vlan; |
769 | uint16_t vid; | |
cdf5d3a5 EJ |
770 | |
771 | mirrors = ctx->xout->mirrors; | |
772 | ctx->xout->mirrors = 0; | |
9583bc14 | 773 | |
46c88433 EJ |
774 | in_xbundle = lookup_input_bundle(xbridge, orig_flow->in_port.ofp_port, |
775 | ctx->xin->packet != NULL, NULL); | |
776 | if (!in_xbundle) { | |
9583bc14 EJ |
777 | return; |
778 | } | |
46c88433 | 779 | mirrors |= xbundle_mirror_src(xbridge, in_xbundle); |
9583bc14 EJ |
780 | |
781 | /* Drop frames on bundles reserved for mirroring. */ | |
46c88433 | 782 | if (xbundle_mirror_out(xbridge, in_xbundle)) { |
9583bc14 EJ |
783 | if (ctx->xin->packet != NULL) { |
784 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
785 | VLOG_WARN_RL(&rl, "bridge %s: dropping packet received on port " | |
786 | "%s, which is reserved exclusively for mirroring", | |
46c88433 | 787 | ctx->xbridge->name, in_xbundle->name); |
9583bc14 | 788 | } |
aaa0fbae | 789 | ofpbuf_clear(&ctx->xout->odp_actions); |
9583bc14 EJ |
790 | return; |
791 | } | |
792 | ||
793 | /* Check VLAN. */ | |
794 | vid = vlan_tci_to_vid(orig_flow->vlan_tci); | |
46c88433 | 795 | if (!input_vid_is_valid(vid, in_xbundle, ctx->xin->packet != NULL)) { |
9583bc14 EJ |
796 | return; |
797 | } | |
46c88433 | 798 | vlan = input_vid_to_vlan(in_xbundle, vid); |
9583bc14 | 799 | |
9583bc14 EJ |
800 | if (!mirrors) { |
801 | return; | |
802 | } | |
803 | ||
804 | /* Restore the original packet before adding the mirror actions. */ | |
805 | ctx->xin->flow = *orig_flow; | |
806 | ||
807 | while (mirrors) { | |
ec7ceaed EJ |
808 | mirror_mask_t dup_mirrors; |
809 | struct ofbundle *out; | |
810 | unsigned long *vlans; | |
811 | bool vlan_mirrored; | |
812 | bool has_mirror; | |
813 | int out_vlan; | |
814 | ||
46c88433 | 815 | has_mirror = mirror_get(xbridge->mbridge, mirror_mask_ffs(mirrors) - 1, |
ec7ceaed EJ |
816 | &vlans, &dup_mirrors, &out, &out_vlan); |
817 | ovs_assert(has_mirror); | |
818 | ||
819 | if (vlans) { | |
9583bc14 EJ |
820 | ctx->xout->wc.masks.vlan_tci |= htons(VLAN_CFI | VLAN_VID_MASK); |
821 | } | |
ec7ceaed EJ |
822 | vlan_mirrored = !vlans || bitmap_is_set(vlans, vlan); |
823 | free(vlans); | |
9583bc14 | 824 | |
ec7ceaed | 825 | if (!vlan_mirrored) { |
9583bc14 EJ |
826 | mirrors = zero_rightmost_1bit(mirrors); |
827 | continue; | |
828 | } | |
829 | ||
ec7ceaed EJ |
830 | mirrors &= ~dup_mirrors; |
831 | ctx->xout->mirrors |= dup_mirrors; | |
832 | if (out) { | |
46c88433 EJ |
833 | struct xbundle *out_xbundle = xbundle_lookup(out); |
834 | if (out_xbundle) { | |
835 | output_normal(ctx, out_xbundle, vlan); | |
836 | } | |
ec7ceaed | 837 | } else if (vlan != out_vlan |
9583bc14 | 838 | && !eth_addr_is_reserved(orig_flow->dl_dst)) { |
46c88433 | 839 | struct xbundle *xbundle; |
9583bc14 | 840 | |
46c88433 EJ |
841 | LIST_FOR_EACH (xbundle, list_node, &xbridge->xbundles) { |
842 | if (xbundle_includes_vlan(xbundle, out_vlan) | |
843 | && !xbundle_mirror_out(xbridge, xbundle)) { | |
844 | output_normal(ctx, xbundle, out_vlan); | |
9583bc14 EJ |
845 | } |
846 | } | |
847 | } | |
848 | } | |
849 | } | |
850 | ||
851 | /* Given 'vid', the VID obtained from the 802.1Q header that was received as | |
46c88433 | 852 | * part of a packet (specify 0 if there was no 802.1Q header), and 'in_xbundle', |
9583bc14 EJ |
853 | * the bundle on which the packet was received, returns the VLAN to which the |
854 | * packet belongs. | |
855 | * | |
856 | * Both 'vid' and the return value are in the range 0...4095. */ | |
857 | static uint16_t | |
46c88433 | 858 | input_vid_to_vlan(const struct xbundle *in_xbundle, uint16_t vid) |
9583bc14 | 859 | { |
46c88433 | 860 | switch (in_xbundle->vlan_mode) { |
9583bc14 | 861 | case PORT_VLAN_ACCESS: |
46c88433 | 862 | return in_xbundle->vlan; |
9583bc14 EJ |
863 | break; |
864 | ||
865 | case PORT_VLAN_TRUNK: | |
866 | return vid; | |
867 | ||
868 | case PORT_VLAN_NATIVE_UNTAGGED: | |
869 | case PORT_VLAN_NATIVE_TAGGED: | |
46c88433 | 870 | return vid ? vid : in_xbundle->vlan; |
9583bc14 EJ |
871 | |
872 | default: | |
873 | NOT_REACHED(); | |
874 | } | |
875 | } | |
876 | ||
46c88433 | 877 | /* Checks whether a packet with the given 'vid' may ingress on 'in_xbundle'. |
9583bc14 EJ |
878 | * If so, returns true. Otherwise, returns false and, if 'warn' is true, logs |
879 | * a warning. | |
880 | * | |
881 | * 'vid' should be the VID obtained from the 802.1Q header that was received as | |
882 | * part of a packet (specify 0 if there was no 802.1Q header), in the range | |
883 | * 0...4095. */ | |
884 | static bool | |
46c88433 | 885 | input_vid_is_valid(uint16_t vid, struct xbundle *in_xbundle, bool warn) |
9583bc14 EJ |
886 | { |
887 | /* Allow any VID on the OFPP_NONE port. */ | |
46c88433 | 888 | if (in_xbundle == &ofpp_none_bundle) { |
9583bc14 EJ |
889 | return true; |
890 | } | |
891 | ||
46c88433 | 892 | switch (in_xbundle->vlan_mode) { |
9583bc14 EJ |
893 | case PORT_VLAN_ACCESS: |
894 | if (vid) { | |
895 | if (warn) { | |
896 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
46c88433 | 897 | VLOG_WARN_RL(&rl, "dropping VLAN %"PRIu16" tagged " |
9583bc14 | 898 | "packet received on port %s configured as VLAN " |
46c88433 EJ |
899 | "%"PRIu16" access port", vid, in_xbundle->name, |
900 | in_xbundle->vlan); | |
9583bc14 EJ |
901 | } |
902 | return false; | |
903 | } | |
904 | return true; | |
905 | ||
906 | case PORT_VLAN_NATIVE_UNTAGGED: | |
907 | case PORT_VLAN_NATIVE_TAGGED: | |
908 | if (!vid) { | |
909 | /* Port must always carry its native VLAN. */ | |
910 | return true; | |
911 | } | |
912 | /* Fall through. */ | |
913 | case PORT_VLAN_TRUNK: | |
46c88433 | 914 | if (!xbundle_includes_vlan(in_xbundle, vid)) { |
9583bc14 EJ |
915 | if (warn) { |
916 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
46c88433 | 917 | VLOG_WARN_RL(&rl, "dropping VLAN %"PRIu16" packet " |
9583bc14 | 918 | "received on port %s not configured for trunking " |
46c88433 | 919 | "VLAN %"PRIu16, vid, in_xbundle->name, vid); |
9583bc14 EJ |
920 | } |
921 | return false; | |
922 | } | |
923 | return true; | |
924 | ||
925 | default: | |
926 | NOT_REACHED(); | |
927 | } | |
928 | ||
929 | } | |
930 | ||
931 | /* Given 'vlan', the VLAN that a packet belongs to, and | |
46c88433 | 932 | * 'out_xbundle', a bundle on which the packet is to be output, returns the VID |
9583bc14 EJ |
933 | * that should be included in the 802.1Q header. (If the return value is 0, |
934 | * then the 802.1Q header should only be included in the packet if there is a | |
935 | * nonzero PCP.) | |
936 | * | |
937 | * Both 'vlan' and the return value are in the range 0...4095. */ | |
938 | static uint16_t | |
46c88433 | 939 | output_vlan_to_vid(const struct xbundle *out_xbundle, uint16_t vlan) |
9583bc14 | 940 | { |
46c88433 | 941 | switch (out_xbundle->vlan_mode) { |
9583bc14 EJ |
942 | case PORT_VLAN_ACCESS: |
943 | return 0; | |
944 | ||
945 | case PORT_VLAN_TRUNK: | |
946 | case PORT_VLAN_NATIVE_TAGGED: | |
947 | return vlan; | |
948 | ||
949 | case PORT_VLAN_NATIVE_UNTAGGED: | |
46c88433 | 950 | return vlan == out_xbundle->vlan ? 0 : vlan; |
9583bc14 EJ |
951 | |
952 | default: | |
953 | NOT_REACHED(); | |
954 | } | |
955 | } | |
956 | ||
957 | static void | |
46c88433 | 958 | output_normal(struct xlate_ctx *ctx, const struct xbundle *out_xbundle, |
9583bc14 EJ |
959 | uint16_t vlan) |
960 | { | |
33bf9176 | 961 | ovs_be16 *flow_tci = &ctx->xin->flow.vlan_tci; |
9583bc14 EJ |
962 | uint16_t vid; |
963 | ovs_be16 tci, old_tci; | |
46c88433 | 964 | struct xport *xport; |
9583bc14 | 965 | |
46c88433 EJ |
966 | vid = output_vlan_to_vid(out_xbundle, vlan); |
967 | if (list_is_empty(&out_xbundle->xports)) { | |
968 | /* Partially configured bundle with no slaves. Drop the packet. */ | |
969 | return; | |
970 | } else if (!out_xbundle->bond) { | |
971 | xport = CONTAINER_OF(list_front(&out_xbundle->xports), struct xport, | |
972 | bundle_node); | |
9583bc14 | 973 | } else { |
46c88433 EJ |
974 | struct ofport_dpif *ofport; |
975 | ||
976 | ofport = bond_choose_output_slave(out_xbundle->bond, &ctx->xin->flow, | |
4a1b8f30 | 977 | &ctx->xout->wc, vid); |
5e6af486 | 978 | xport = xport_lookup(ofport); |
46c88433 EJ |
979 | |
980 | if (!xport) { | |
9583bc14 EJ |
981 | /* No slaves enabled, so drop packet. */ |
982 | return; | |
983 | } | |
984 | } | |
985 | ||
33bf9176 | 986 | old_tci = *flow_tci; |
9583bc14 | 987 | tci = htons(vid); |
46c88433 | 988 | if (tci || out_xbundle->use_priority_tags) { |
33bf9176 | 989 | tci |= *flow_tci & htons(VLAN_PCP_MASK); |
9583bc14 EJ |
990 | if (tci) { |
991 | tci |= htons(VLAN_CFI); | |
992 | } | |
993 | } | |
33bf9176 | 994 | *flow_tci = tci; |
9583bc14 | 995 | |
46c88433 | 996 | compose_output_action(ctx, xport->ofp_port); |
33bf9176 | 997 | *flow_tci = old_tci; |
9583bc14 EJ |
998 | } |
999 | ||
1000 | /* A VM broadcasts a gratuitous ARP to indicate that it has resumed after | |
1001 | * migration. Older Citrix-patched Linux DomU used gratuitous ARP replies to | |
1002 | * indicate this; newer upstream kernels use gratuitous ARP requests. */ | |
1003 | static bool | |
1004 | is_gratuitous_arp(const struct flow *flow, struct flow_wildcards *wc) | |
1005 | { | |
1006 | if (flow->dl_type != htons(ETH_TYPE_ARP)) { | |
1007 | return false; | |
1008 | } | |
1009 | ||
1010 | memset(&wc->masks.dl_dst, 0xff, sizeof wc->masks.dl_dst); | |
1011 | if (!eth_addr_is_broadcast(flow->dl_dst)) { | |
1012 | return false; | |
1013 | } | |
1014 | ||
1015 | memset(&wc->masks.nw_proto, 0xff, sizeof wc->masks.nw_proto); | |
1016 | if (flow->nw_proto == ARP_OP_REPLY) { | |
1017 | return true; | |
1018 | } else if (flow->nw_proto == ARP_OP_REQUEST) { | |
1019 | memset(&wc->masks.nw_src, 0xff, sizeof wc->masks.nw_src); | |
1020 | memset(&wc->masks.nw_dst, 0xff, sizeof wc->masks.nw_dst); | |
1021 | ||
1022 | return flow->nw_src == flow->nw_dst; | |
1023 | } else { | |
1024 | return false; | |
1025 | } | |
1026 | } | |
1027 | ||
1028 | static void | |
46c88433 | 1029 | update_learning_table(const struct xbridge *xbridge, |
9583bc14 | 1030 | const struct flow *flow, struct flow_wildcards *wc, |
46c88433 | 1031 | int vlan, struct xbundle *in_xbundle) |
9583bc14 EJ |
1032 | { |
1033 | struct mac_entry *mac; | |
1034 | ||
1035 | /* Don't learn the OFPP_NONE port. */ | |
46c88433 | 1036 | if (in_xbundle == &ofpp_none_bundle) { |
9583bc14 EJ |
1037 | return; |
1038 | } | |
1039 | ||
509c0149 | 1040 | ovs_rwlock_wrlock(&xbridge->ml->rwlock); |
46c88433 | 1041 | if (!mac_learning_may_learn(xbridge->ml, flow->dl_src, vlan)) { |
509c0149 | 1042 | goto out; |
9583bc14 EJ |
1043 | } |
1044 | ||
46c88433 | 1045 | mac = mac_learning_insert(xbridge->ml, flow->dl_src, vlan); |
9583bc14 EJ |
1046 | if (is_gratuitous_arp(flow, wc)) { |
1047 | /* We don't want to learn from gratuitous ARP packets that are | |
1048 | * reflected back over bond slaves so we lock the learning table. */ | |
46c88433 | 1049 | if (!in_xbundle->bond) { |
9583bc14 EJ |
1050 | mac_entry_set_grat_arp_lock(mac); |
1051 | } else if (mac_entry_is_grat_arp_locked(mac)) { | |
509c0149 | 1052 | goto out; |
9583bc14 EJ |
1053 | } |
1054 | } | |
1055 | ||
30618594 | 1056 | if (mac->port.p != in_xbundle->ofbundle) { |
9583bc14 EJ |
1057 | /* The log messages here could actually be useful in debugging, |
1058 | * so keep the rate limit relatively high. */ | |
1059 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(30, 300); | |
1060 | VLOG_DBG_RL(&rl, "bridge %s: learned that "ETH_ADDR_FMT" is " | |
1061 | "on port %s in VLAN %d", | |
46c88433 EJ |
1062 | xbridge->name, ETH_ADDR_ARGS(flow->dl_src), |
1063 | in_xbundle->name, vlan); | |
9583bc14 | 1064 | |
46c88433 | 1065 | mac->port.p = in_xbundle->ofbundle; |
30618594 | 1066 | mac_learning_changed(xbridge->ml); |
9583bc14 | 1067 | } |
509c0149 EJ |
1068 | out: |
1069 | ovs_rwlock_unlock(&xbridge->ml->rwlock); | |
9583bc14 EJ |
1070 | } |
1071 | ||
46c88433 | 1072 | /* Determines whether packets in 'flow' within 'xbridge' should be forwarded or |
9583bc14 EJ |
1073 | * dropped. Returns true if they may be forwarded, false if they should be |
1074 | * dropped. | |
1075 | * | |
46c88433 | 1076 | * 'in_port' must be the xport that corresponds to flow->in_port. |
9583bc14 EJ |
1077 | * 'in_port' must be part of a bundle (e.g. in_port->bundle must be nonnull). |
1078 | * | |
1079 | * 'vlan' must be the VLAN that corresponds to flow->vlan_tci on 'in_port', as | |
1080 | * returned by input_vid_to_vlan(). It must be a valid VLAN for 'in_port', as | |
1081 | * checked by input_vid_is_valid(). | |
1082 | * | |
1083 | * May also add tags to '*tags', although the current implementation only does | |
1084 | * so in one special case. | |
1085 | */ | |
1086 | static bool | |
46c88433 | 1087 | is_admissible(struct xlate_ctx *ctx, struct xport *in_port, |
9583bc14 EJ |
1088 | uint16_t vlan) |
1089 | { | |
46c88433 EJ |
1090 | struct xbundle *in_xbundle = in_port->xbundle; |
1091 | const struct xbridge *xbridge = ctx->xbridge; | |
9583bc14 | 1092 | struct flow *flow = &ctx->xin->flow; |
9583bc14 EJ |
1093 | |
1094 | /* Drop frames for reserved multicast addresses | |
1095 | * only if forward_bpdu option is absent. */ | |
46c88433 | 1096 | if (!xbridge->forward_bpdu && eth_addr_is_reserved(flow->dl_dst)) { |
9583bc14 EJ |
1097 | xlate_report(ctx, "packet has reserved destination MAC, dropping"); |
1098 | return false; | |
1099 | } | |
1100 | ||
46c88433 | 1101 | if (in_xbundle->bond) { |
9583bc14 EJ |
1102 | struct mac_entry *mac; |
1103 | ||
46c88433 | 1104 | switch (bond_check_admissibility(in_xbundle->bond, in_port->ofport, |
4a1b8f30 | 1105 | flow->dl_dst)) { |
9583bc14 EJ |
1106 | case BV_ACCEPT: |
1107 | break; | |
1108 | ||
1109 | case BV_DROP: | |
1110 | xlate_report(ctx, "bonding refused admissibility, dropping"); | |
1111 | return false; | |
1112 | ||
1113 | case BV_DROP_IF_MOVED: | |
509c0149 | 1114 | ovs_rwlock_rdlock(&xbridge->ml->rwlock); |
30618594 | 1115 | mac = mac_learning_lookup(xbridge->ml, flow->dl_src, vlan); |
46c88433 | 1116 | if (mac && mac->port.p != in_xbundle->ofbundle && |
9583bc14 EJ |
1117 | (!is_gratuitous_arp(flow, &ctx->xout->wc) |
1118 | || mac_entry_is_grat_arp_locked(mac))) { | |
509c0149 | 1119 | ovs_rwlock_unlock(&xbridge->ml->rwlock); |
9583bc14 EJ |
1120 | xlate_report(ctx, "SLB bond thinks this packet looped back, " |
1121 | "dropping"); | |
1122 | return false; | |
1123 | } | |
509c0149 | 1124 | ovs_rwlock_unlock(&xbridge->ml->rwlock); |
9583bc14 EJ |
1125 | break; |
1126 | } | |
1127 | } | |
1128 | ||
1129 | return true; | |
1130 | } | |
1131 | ||
1132 | static void | |
1133 | xlate_normal(struct xlate_ctx *ctx) | |
1134 | { | |
33bf9176 BP |
1135 | struct flow_wildcards *wc = &ctx->xout->wc; |
1136 | struct flow *flow = &ctx->xin->flow; | |
46c88433 EJ |
1137 | struct xbundle *in_xbundle; |
1138 | struct xport *in_port; | |
9583bc14 EJ |
1139 | struct mac_entry *mac; |
1140 | uint16_t vlan; | |
1141 | uint16_t vid; | |
1142 | ||
1143 | ctx->xout->has_normal = true; | |
1144 | ||
33bf9176 BP |
1145 | memset(&wc->masks.dl_src, 0xff, sizeof wc->masks.dl_src); |
1146 | memset(&wc->masks.dl_dst, 0xff, sizeof wc->masks.dl_dst); | |
1dd35f8a | 1147 | wc->masks.vlan_tci |= htons(VLAN_VID_MASK | VLAN_CFI); |
9583bc14 | 1148 | |
46c88433 EJ |
1149 | in_xbundle = lookup_input_bundle(ctx->xbridge, flow->in_port.ofp_port, |
1150 | ctx->xin->packet != NULL, &in_port); | |
1151 | if (!in_xbundle) { | |
9583bc14 EJ |
1152 | xlate_report(ctx, "no input bundle, dropping"); |
1153 | return; | |
1154 | } | |
1155 | ||
1156 | /* Drop malformed frames. */ | |
33bf9176 BP |
1157 | if (flow->dl_type == htons(ETH_TYPE_VLAN) && |
1158 | !(flow->vlan_tci & htons(VLAN_CFI))) { | |
9583bc14 EJ |
1159 | if (ctx->xin->packet != NULL) { |
1160 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
1161 | VLOG_WARN_RL(&rl, "bridge %s: dropping packet with partial " | |
1162 | "VLAN tag received on port %s", | |
46c88433 | 1163 | ctx->xbridge->name, in_xbundle->name); |
9583bc14 EJ |
1164 | } |
1165 | xlate_report(ctx, "partial VLAN tag, dropping"); | |
1166 | return; | |
1167 | } | |
1168 | ||
1169 | /* Drop frames on bundles reserved for mirroring. */ | |
46c88433 | 1170 | if (xbundle_mirror_out(ctx->xbridge, in_xbundle)) { |
9583bc14 EJ |
1171 | if (ctx->xin->packet != NULL) { |
1172 | static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); | |
1173 | VLOG_WARN_RL(&rl, "bridge %s: dropping packet received on port " | |
1174 | "%s, which is reserved exclusively for mirroring", | |
46c88433 | 1175 | ctx->xbridge->name, in_xbundle->name); |
9583bc14 EJ |
1176 | } |
1177 | xlate_report(ctx, "input port is mirror output port, dropping"); | |
1178 | return; | |
1179 | } | |
1180 | ||
1181 | /* Check VLAN. */ | |
33bf9176 | 1182 | vid = vlan_tci_to_vid(flow->vlan_tci); |
46c88433 | 1183 | if (!input_vid_is_valid(vid, in_xbundle, ctx->xin->packet != NULL)) { |
9583bc14 EJ |
1184 | xlate_report(ctx, "disallowed VLAN VID for this input port, dropping"); |
1185 | return; | |
1186 | } | |
46c88433 | 1187 | vlan = input_vid_to_vlan(in_xbundle, vid); |
9583bc14 EJ |
1188 | |
1189 | /* Check other admissibility requirements. */ | |
1190 | if (in_port && !is_admissible(ctx, in_port, vlan)) { | |
1191 | return; | |
1192 | } | |
1193 | ||
1194 | /* Learn source MAC. */ | |
1195 | if (ctx->xin->may_learn) { | |
46c88433 | 1196 | update_learning_table(ctx->xbridge, flow, wc, vlan, in_xbundle); |
9583bc14 EJ |
1197 | } |
1198 | ||
1199 | /* Determine output bundle. */ | |
509c0149 | 1200 | ovs_rwlock_rdlock(&ctx->xbridge->ml->rwlock); |
30618594 | 1201 | mac = mac_learning_lookup(ctx->xbridge->ml, flow->dl_dst, vlan); |
9583bc14 | 1202 | if (mac) { |
46c88433 EJ |
1203 | struct xbundle *mac_xbundle = xbundle_lookup(mac->port.p); |
1204 | if (mac_xbundle && mac_xbundle != in_xbundle) { | |
9583bc14 | 1205 | xlate_report(ctx, "forwarding to learned port"); |
46c88433 EJ |
1206 | output_normal(ctx, mac_xbundle, vlan); |
1207 | } else if (!mac_xbundle) { | |
1208 | xlate_report(ctx, "learned port is unknown, dropping"); | |
9583bc14 EJ |
1209 | } else { |
1210 | xlate_report(ctx, "learned port is input port, dropping"); | |
1211 | } | |
1212 | } else { | |
46c88433 | 1213 | struct xbundle *xbundle; |
9583bc14 EJ |
1214 | |
1215 | xlate_report(ctx, "no learned MAC for destination, flooding"); | |
46c88433 EJ |
1216 | LIST_FOR_EACH (xbundle, list_node, &ctx->xbridge->xbundles) { |
1217 | if (xbundle != in_xbundle | |
1218 | && xbundle_includes_vlan(xbundle, vlan) | |
1219 | && xbundle->floodable | |
1220 | && !xbundle_mirror_out(ctx->xbridge, xbundle)) { | |
1221 | output_normal(ctx, xbundle, vlan); | |
9583bc14 EJ |
1222 | } |
1223 | } | |
1224 | ctx->xout->nf_output_iface = NF_OUT_FLOOD; | |
1225 | } | |
509c0149 | 1226 | ovs_rwlock_unlock(&ctx->xbridge->ml->rwlock); |
9583bc14 EJ |
1227 | } |
1228 | ||
1229 | /* Compose SAMPLE action for sFlow or IPFIX. The given probability is | |
1230 | * the number of packets out of UINT32_MAX to sample. The given | |
1231 | * cookie is passed back in the callback for each sampled packet. | |
1232 | */ | |
1233 | static size_t | |
46c88433 | 1234 | compose_sample_action(const struct xbridge *xbridge, |
9583bc14 EJ |
1235 | struct ofpbuf *odp_actions, |
1236 | const struct flow *flow, | |
1237 | const uint32_t probability, | |
1238 | const union user_action_cookie *cookie, | |
1239 | const size_t cookie_size) | |
1240 | { | |
1241 | size_t sample_offset, actions_offset; | |
89a8a7f0 | 1242 | odp_port_t odp_port; |
9583bc14 | 1243 | int cookie_offset; |
89a8a7f0 | 1244 | uint32_t pid; |
9583bc14 EJ |
1245 | |
1246 | sample_offset = nl_msg_start_nested(odp_actions, OVS_ACTION_ATTR_SAMPLE); | |
1247 | ||
1248 | nl_msg_put_u32(odp_actions, OVS_SAMPLE_ATTR_PROBABILITY, probability); | |
1249 | ||
1250 | actions_offset = nl_msg_start_nested(odp_actions, OVS_SAMPLE_ATTR_ACTIONS); | |
89a8a7f0 EJ |
1251 | |
1252 | odp_port = ofp_port_to_odp_port(xbridge, flow->in_port.ofp_port); | |
1253 | pid = dpif_port_get_pid(xbridge->dpif, odp_port); | |
1254 | cookie_offset = odp_put_userspace_action(pid, cookie, cookie_size, odp_actions); | |
9583bc14 EJ |
1255 | |
1256 | nl_msg_end_nested(odp_actions, actions_offset); | |
1257 | nl_msg_end_nested(odp_actions, sample_offset); | |
1258 | return cookie_offset; | |
1259 | } | |
1260 | ||
1261 | static void | |
46c88433 EJ |
1262 | compose_sflow_cookie(const struct xbridge *xbridge, ovs_be16 vlan_tci, |
1263 | odp_port_t odp_port, unsigned int n_outputs, | |
1264 | union user_action_cookie *cookie) | |
9583bc14 EJ |
1265 | { |
1266 | int ifindex; | |
1267 | ||
1268 | cookie->type = USER_ACTION_COOKIE_SFLOW; | |
1269 | cookie->sflow.vlan_tci = vlan_tci; | |
1270 | ||
1271 | /* See http://www.sflow.org/sflow_version_5.txt (search for "Input/output | |
1272 | * port information") for the interpretation of cookie->output. */ | |
1273 | switch (n_outputs) { | |
1274 | case 0: | |
1275 | /* 0x40000000 | 256 means "packet dropped for unknown reason". */ | |
1276 | cookie->sflow.output = 0x40000000 | 256; | |
1277 | break; | |
1278 | ||
1279 | case 1: | |
46c88433 | 1280 | ifindex = dpif_sflow_odp_port_to_ifindex(xbridge->sflow, odp_port); |
9583bc14 EJ |
1281 | if (ifindex) { |
1282 | cookie->sflow.output = ifindex; | |
1283 | break; | |
1284 | } | |
1285 | /* Fall through. */ | |
1286 | default: | |
1287 | /* 0x80000000 means "multiple output ports. */ | |
1288 | cookie->sflow.output = 0x80000000 | n_outputs; | |
1289 | break; | |
1290 | } | |
1291 | } | |
1292 | ||
1293 | /* Compose SAMPLE action for sFlow bridge sampling. */ | |
1294 | static size_t | |
46c88433 | 1295 | compose_sflow_action(const struct xbridge *xbridge, |
9583bc14 EJ |
1296 | struct ofpbuf *odp_actions, |
1297 | const struct flow *flow, | |
4e022ec0 | 1298 | odp_port_t odp_port) |
9583bc14 EJ |
1299 | { |
1300 | uint32_t probability; | |
1301 | union user_action_cookie cookie; | |
1302 | ||
46c88433 | 1303 | if (!xbridge->sflow || flow->in_port.ofp_port == OFPP_NONE) { |
9583bc14 EJ |
1304 | return 0; |
1305 | } | |
1306 | ||
46c88433 EJ |
1307 | probability = dpif_sflow_get_probability(xbridge->sflow); |
1308 | compose_sflow_cookie(xbridge, htons(0), odp_port, | |
4e022ec0 | 1309 | odp_port == ODPP_NONE ? 0 : 1, &cookie); |
9583bc14 | 1310 | |
46c88433 | 1311 | return compose_sample_action(xbridge, odp_actions, flow, probability, |
9583bc14 EJ |
1312 | &cookie, sizeof cookie.sflow); |
1313 | } | |
1314 | ||
1315 | static void | |
1316 | compose_flow_sample_cookie(uint16_t probability, uint32_t collector_set_id, | |
1317 | uint32_t obs_domain_id, uint32_t obs_point_id, | |
1318 | union user_action_cookie *cookie) | |
1319 | { | |
1320 | cookie->type = USER_ACTION_COOKIE_FLOW_SAMPLE; | |
1321 | cookie->flow_sample.probability = probability; | |
1322 | cookie->flow_sample.collector_set_id = collector_set_id; | |
1323 | cookie->flow_sample.obs_domain_id = obs_domain_id; | |
1324 | cookie->flow_sample.obs_point_id = obs_point_id; | |
1325 | } | |
1326 | ||
1327 | static void | |
1328 | compose_ipfix_cookie(union user_action_cookie *cookie) | |
1329 | { | |
1330 | cookie->type = USER_ACTION_COOKIE_IPFIX; | |
1331 | } | |
1332 | ||
1333 | /* Compose SAMPLE action for IPFIX bridge sampling. */ | |
1334 | static void | |
46c88433 | 1335 | compose_ipfix_action(const struct xbridge *xbridge, |
9583bc14 EJ |
1336 | struct ofpbuf *odp_actions, |
1337 | const struct flow *flow) | |
1338 | { | |
1339 | uint32_t probability; | |
1340 | union user_action_cookie cookie; | |
1341 | ||
46c88433 | 1342 | if (!xbridge->ipfix || flow->in_port.ofp_port == OFPP_NONE) { |
9583bc14 EJ |
1343 | return; |
1344 | } | |
1345 | ||
46c88433 | 1346 | probability = dpif_ipfix_get_bridge_exporter_probability(xbridge->ipfix); |
9583bc14 EJ |
1347 | compose_ipfix_cookie(&cookie); |
1348 | ||
46c88433 | 1349 | compose_sample_action(xbridge, odp_actions, flow, probability, |
9583bc14 EJ |
1350 | &cookie, sizeof cookie.ipfix); |
1351 | } | |
1352 | ||
1353 | /* SAMPLE action for sFlow must be first action in any given list of | |
1354 | * actions. At this point we do not have all information required to | |
1355 | * build it. So try to build sample action as complete as possible. */ | |
1356 | static void | |
1357 | add_sflow_action(struct xlate_ctx *ctx) | |
1358 | { | |
46c88433 | 1359 | ctx->user_cookie_offset = compose_sflow_action(ctx->xbridge, |
9583bc14 | 1360 | &ctx->xout->odp_actions, |
4e022ec0 | 1361 | &ctx->xin->flow, ODPP_NONE); |
9583bc14 EJ |
1362 | ctx->sflow_odp_port = 0; |
1363 | ctx->sflow_n_outputs = 0; | |
1364 | } | |
1365 | ||
1366 | /* SAMPLE action for IPFIX must be 1st or 2nd action in any given list | |
1367 | * of actions, eventually after the SAMPLE action for sFlow. */ | |
1368 | static void | |
1369 | add_ipfix_action(struct xlate_ctx *ctx) | |
1370 | { | |
46c88433 | 1371 | compose_ipfix_action(ctx->xbridge, &ctx->xout->odp_actions, |
9583bc14 EJ |
1372 | &ctx->xin->flow); |
1373 | } | |
1374 | ||
1375 | /* Fix SAMPLE action according to data collected while composing ODP actions. | |
1376 | * We need to fix SAMPLE actions OVS_SAMPLE_ATTR_ACTIONS attribute, i.e. nested | |
1377 | * USERSPACE action's user-cookie which is required for sflow. */ | |
1378 | static void | |
1379 | fix_sflow_action(struct xlate_ctx *ctx) | |
1380 | { | |
1381 | const struct flow *base = &ctx->base_flow; | |
1382 | union user_action_cookie *cookie; | |
1383 | ||
1384 | if (!ctx->user_cookie_offset) { | |
1385 | return; | |
1386 | } | |
1387 | ||
1388 | cookie = ofpbuf_at(&ctx->xout->odp_actions, ctx->user_cookie_offset, | |
1389 | sizeof cookie->sflow); | |
1390 | ovs_assert(cookie->type == USER_ACTION_COOKIE_SFLOW); | |
1391 | ||
46c88433 | 1392 | compose_sflow_cookie(ctx->xbridge, base->vlan_tci, |
9583bc14 EJ |
1393 | ctx->sflow_odp_port, ctx->sflow_n_outputs, cookie); |
1394 | } | |
1395 | ||
db7d4e46 | 1396 | static enum slow_path_reason |
642dc74d | 1397 | process_special(struct xlate_ctx *ctx, const struct flow *flow, |
46c88433 | 1398 | const struct xport *xport, const struct ofpbuf *packet) |
db7d4e46 | 1399 | { |
642dc74d | 1400 | struct flow_wildcards *wc = &ctx->xout->wc; |
46c88433 | 1401 | const struct xbridge *xbridge = ctx->xbridge; |
642dc74d | 1402 | |
46c88433 | 1403 | if (!xport) { |
db7d4e46 | 1404 | return 0; |
46c88433 | 1405 | } else if (xport->cfm && cfm_should_process_flow(xport->cfm, flow, wc)) { |
db7d4e46 | 1406 | if (packet) { |
46c88433 | 1407 | cfm_process_heartbeat(xport->cfm, packet); |
db7d4e46 JP |
1408 | } |
1409 | return SLOW_CFM; | |
fab52e16 | 1410 | } else if (xport->bfd && bfd_should_process_flow(xport->bfd, flow, wc)) { |
db7d4e46 | 1411 | if (packet) { |
46c88433 | 1412 | bfd_process_packet(xport->bfd, flow, packet); |
db7d4e46 JP |
1413 | } |
1414 | return SLOW_BFD; | |
46c88433 | 1415 | } else if (xport->xbundle && xport->xbundle->lacp |
db7d4e46 JP |
1416 | && flow->dl_type == htons(ETH_TYPE_LACP)) { |
1417 | if (packet) { | |
46c88433 | 1418 | lacp_process_packet(xport->xbundle->lacp, xport->ofport, packet); |
db7d4e46 JP |
1419 | } |
1420 | return SLOW_LACP; | |
9d189a50 | 1421 | } else if (xbridge->stp && stp_should_process_flow(flow, wc)) { |
db7d4e46 | 1422 | if (packet) { |
9d189a50 | 1423 | stp_process_packet(xport, packet); |
db7d4e46 JP |
1424 | } |
1425 | return SLOW_STP; | |
1426 | } else { | |
1427 | return 0; | |
1428 | } | |
1429 | } | |
1430 | ||
9583bc14 | 1431 | static void |
4e022ec0 | 1432 | compose_output_action__(struct xlate_ctx *ctx, ofp_port_t ofp_port, |
9583bc14 EJ |
1433 | bool check_stp) |
1434 | { | |
46c88433 | 1435 | const struct xport *xport = get_ofp_port(ctx->xbridge, ofp_port); |
1dd35f8a | 1436 | struct flow_wildcards *wc = &ctx->xout->wc; |
33bf9176 | 1437 | struct flow *flow = &ctx->xin->flow; |
9583bc14 EJ |
1438 | ovs_be16 flow_vlan_tci; |
1439 | uint32_t flow_skb_mark; | |
1440 | uint8_t flow_nw_tos; | |
4e022ec0 | 1441 | odp_port_t out_port, odp_port; |
ca077186 | 1442 | uint8_t dscp; |
9583bc14 EJ |
1443 | |
1444 | /* If 'struct flow' gets additional metadata, we'll need to zero it out | |
1445 | * before traversing a patch port. */ | |
1446 | BUILD_ASSERT_DECL(FLOW_WC_SEQ == 20); | |
1447 | ||
46c88433 | 1448 | if (!xport) { |
9583bc14 EJ |
1449 | xlate_report(ctx, "Nonexistent output port"); |
1450 | return; | |
46c88433 | 1451 | } else if (xport->config & OFPUTIL_PC_NO_FWD) { |
9583bc14 EJ |
1452 | xlate_report(ctx, "OFPPC_NO_FWD set, skipping output"); |
1453 | return; | |
9d189a50 | 1454 | } else if (check_stp && !xport_stp_forward_state(xport)) { |
9583bc14 EJ |
1455 | xlate_report(ctx, "STP not in forwarding state, skipping output"); |
1456 | return; | |
1457 | } | |
1458 | ||
46c88433 EJ |
1459 | if (mbridge_has_mirrors(ctx->xbridge->mbridge) && xport->xbundle) { |
1460 | ctx->xout->mirrors |= xbundle_mirror_dst(xport->xbundle->xbridge, | |
1461 | xport->xbundle); | |
cdf5d3a5 EJ |
1462 | } |
1463 | ||
46c88433 EJ |
1464 | if (xport->peer) { |
1465 | const struct xport *peer = xport->peer; | |
9583bc14 | 1466 | struct flow old_flow = ctx->xin->flow; |
9583bc14 | 1467 | enum slow_path_reason special; |
9583bc14 | 1468 | |
46c88433 EJ |
1469 | ctx->xbridge = peer->xbridge; |
1470 | flow->in_port.ofp_port = peer->ofp_port; | |
33bf9176 BP |
1471 | flow->metadata = htonll(0); |
1472 | memset(&flow->tunnel, 0, sizeof flow->tunnel); | |
1473 | memset(flow->regs, 0, sizeof flow->regs); | |
9583bc14 | 1474 | |
642dc74d | 1475 | special = process_special(ctx, &ctx->xin->flow, peer, |
9583bc14 EJ |
1476 | ctx->xin->packet); |
1477 | if (special) { | |
1478 | ctx->xout->slow = special; | |
ddd3c975 | 1479 | } else if (may_receive(peer, ctx)) { |
9d189a50 | 1480 | if (xport_stp_forward_state(peer)) { |
4e022ec0 | 1481 | xlate_table_action(ctx, flow->in_port.ofp_port, 0, true); |
9583bc14 EJ |
1482 | } else { |
1483 | /* Forwarding is disabled by STP. Let OFPP_NORMAL and the | |
1484 | * learning action look at the packet, then drop it. */ | |
1485 | struct flow old_base_flow = ctx->base_flow; | |
1486 | size_t old_size = ctx->xout->odp_actions.size; | |
cdf5d3a5 | 1487 | mirror_mask_t old_mirrors = ctx->xout->mirrors; |
4e022ec0 | 1488 | xlate_table_action(ctx, flow->in_port.ofp_port, 0, true); |
cdf5d3a5 | 1489 | ctx->xout->mirrors = old_mirrors; |
9583bc14 EJ |
1490 | ctx->base_flow = old_base_flow; |
1491 | ctx->xout->odp_actions.size = old_size; | |
1492 | } | |
1493 | } | |
1494 | ||
1495 | ctx->xin->flow = old_flow; | |
832554e3 | 1496 | ctx->xbridge = xport->xbridge; |
9583bc14 EJ |
1497 | |
1498 | if (ctx->xin->resubmit_stats) { | |
46c88433 EJ |
1499 | netdev_vport_inc_tx(xport->netdev, ctx->xin->resubmit_stats); |
1500 | netdev_vport_inc_rx(peer->netdev, ctx->xin->resubmit_stats); | |
9583bc14 EJ |
1501 | } |
1502 | ||
1503 | return; | |
1504 | } | |
1505 | ||
33bf9176 BP |
1506 | flow_vlan_tci = flow->vlan_tci; |
1507 | flow_skb_mark = flow->skb_mark; | |
1508 | flow_nw_tos = flow->nw_tos; | |
9583bc14 | 1509 | |
55954f6e | 1510 | if (dscp_from_skb_priority(xport, flow->skb_priority, &dscp)) { |
1dd35f8a | 1511 | wc->masks.nw_tos |= IP_ECN_MASK; |
33bf9176 | 1512 | flow->nw_tos &= ~IP_DSCP_MASK; |
ca077186 | 1513 | flow->nw_tos |= dscp; |
9583bc14 EJ |
1514 | } |
1515 | ||
46c88433 | 1516 | if (xport->is_tunnel) { |
9583bc14 EJ |
1517 | /* Save tunnel metadata so that changes made due to |
1518 | * the Logical (tunnel) Port are not visible for any further | |
1519 | * matches, while explicit set actions on tunnel metadata are. | |
1520 | */ | |
33bf9176 | 1521 | struct flow_tnl flow_tnl = flow->tunnel; |
46c88433 | 1522 | odp_port = tnl_port_send(xport->ofport, flow, &ctx->xout->wc); |
4e022ec0 | 1523 | if (odp_port == ODPP_NONE) { |
9583bc14 EJ |
1524 | xlate_report(ctx, "Tunneling decided against output"); |
1525 | goto out; /* restore flow_nw_tos */ | |
1526 | } | |
33bf9176 | 1527 | if (flow->tunnel.ip_dst == ctx->orig_tunnel_ip_dst) { |
9583bc14 EJ |
1528 | xlate_report(ctx, "Not tunneling to our own address"); |
1529 | goto out; /* restore flow_nw_tos */ | |
1530 | } | |
1531 | if (ctx->xin->resubmit_stats) { | |
46c88433 | 1532 | netdev_vport_inc_tx(xport->netdev, ctx->xin->resubmit_stats); |
9583bc14 EJ |
1533 | } |
1534 | out_port = odp_port; | |
33bf9176 | 1535 | commit_odp_tunnel_action(flow, &ctx->base_flow, |
9583bc14 | 1536 | &ctx->xout->odp_actions); |
33bf9176 | 1537 | flow->tunnel = flow_tnl; /* Restore tunnel metadata */ |
9583bc14 | 1538 | } else { |
4e022ec0 | 1539 | ofp_port_t vlandev_port; |
1dd35f8a | 1540 | |
46c88433 EJ |
1541 | odp_port = xport->odp_port; |
1542 | if (ofproto_has_vlan_splinters(ctx->xbridge->ofproto)) { | |
1dd35f8a JP |
1543 | wc->masks.vlan_tci |= htons(VLAN_VID_MASK | VLAN_CFI); |
1544 | } | |
46c88433 | 1545 | vlandev_port = vsp_realdev_to_vlandev(ctx->xbridge->ofproto, ofp_port, |
33bf9176 | 1546 | flow->vlan_tci); |
9583bc14 EJ |
1547 | if (vlandev_port == ofp_port) { |
1548 | out_port = odp_port; | |
1549 | } else { | |
46c88433 | 1550 | out_port = ofp_port_to_odp_port(ctx->xbridge, vlandev_port); |
33bf9176 | 1551 | flow->vlan_tci = htons(0); |
9583bc14 | 1552 | } |
33bf9176 | 1553 | flow->skb_mark &= ~IPSEC_MARK; |
9583bc14 | 1554 | } |
9583bc14 | 1555 | |
4e022ec0 | 1556 | if (out_port != ODPP_NONE) { |
1dd35f8a JP |
1557 | commit_odp_actions(flow, &ctx->base_flow, |
1558 | &ctx->xout->odp_actions, &ctx->xout->wc); | |
4e022ec0 AW |
1559 | nl_msg_put_odp_port(&ctx->xout->odp_actions, OVS_ACTION_ATTR_OUTPUT, |
1560 | out_port); | |
9583bc14 | 1561 | |
6cbbf4fa EJ |
1562 | ctx->sflow_odp_port = odp_port; |
1563 | ctx->sflow_n_outputs++; | |
1564 | ctx->xout->nf_output_iface = ofp_port; | |
1565 | } | |
1566 | ||
1567 | out: | |
9583bc14 | 1568 | /* Restore flow */ |
33bf9176 BP |
1569 | flow->vlan_tci = flow_vlan_tci; |
1570 | flow->skb_mark = flow_skb_mark; | |
33bf9176 | 1571 | flow->nw_tos = flow_nw_tos; |
9583bc14 EJ |
1572 | } |
1573 | ||
1574 | static void | |
4e022ec0 | 1575 | compose_output_action(struct xlate_ctx *ctx, ofp_port_t ofp_port) |
9583bc14 EJ |
1576 | { |
1577 | compose_output_action__(ctx, ofp_port, true); | |
1578 | } | |
1579 | ||
9583bc14 EJ |
1580 | /* Common rule processing in one place to avoid duplicating code. */ |
1581 | static struct rule_dpif * | |
1582 | ctx_rule_hooks(struct xlate_ctx *ctx, struct rule_dpif *rule, | |
1583 | bool may_packet_in) | |
1584 | { | |
1585 | if (ctx->xin->resubmit_hook) { | |
4d0acc70 | 1586 | ctx->xin->resubmit_hook(ctx->xin, rule, ctx->recurse); |
9583bc14 EJ |
1587 | } |
1588 | if (rule == NULL && may_packet_in) { | |
1589 | /* XXX | |
1590 | * check if table configuration flags | |
1591 | * OFPTC_TABLE_MISS_CONTROLLER, default. | |
1592 | * OFPTC_TABLE_MISS_CONTINUE, | |
1593 | * OFPTC_TABLE_MISS_DROP | |
1594 | * When OF1.0, OFPTC_TABLE_MISS_CONTINUE is used. What to do? | |
1595 | */ | |
46c88433 | 1596 | rule = rule_dpif_miss_rule(ctx->xbridge->ofproto, &ctx->xin->flow); |
9583bc14 EJ |
1597 | } |
1598 | if (rule && ctx->xin->resubmit_stats) { | |
1599 | rule_credit_stats(rule, ctx->xin->resubmit_stats); | |
1600 | } | |
1601 | return rule; | |
1602 | } | |
1603 | ||
1604 | static void | |
1605 | xlate_table_action(struct xlate_ctx *ctx, | |
4e022ec0 | 1606 | ofp_port_t in_port, uint8_t table_id, bool may_packet_in) |
9583bc14 EJ |
1607 | { |
1608 | if (ctx->recurse < MAX_RESUBMIT_RECURSION) { | |
1609 | struct rule_dpif *rule; | |
4e022ec0 | 1610 | ofp_port_t old_in_port = ctx->xin->flow.in_port.ofp_port; |
9583bc14 EJ |
1611 | uint8_t old_table_id = ctx->table_id; |
1612 | ||
1613 | ctx->table_id = table_id; | |
1614 | ||
1615 | /* Look up a flow with 'in_port' as the input port. */ | |
4e022ec0 | 1616 | ctx->xin->flow.in_port.ofp_port = in_port; |
46c88433 EJ |
1617 | rule = rule_dpif_lookup_in_table(ctx->xbridge->ofproto, |
1618 | &ctx->xin->flow, &ctx->xout->wc, | |
1619 | table_id); | |
9583bc14 | 1620 | |
9583bc14 EJ |
1621 | /* Restore the original input port. Otherwise OFPP_NORMAL and |
1622 | * OFPP_IN_PORT will have surprising behavior. */ | |
4e022ec0 | 1623 | ctx->xin->flow.in_port.ofp_port = old_in_port; |
9583bc14 EJ |
1624 | |
1625 | rule = ctx_rule_hooks(ctx, rule, may_packet_in); | |
1626 | ||
1627 | if (rule) { | |
1628 | struct rule_dpif *old_rule = ctx->rule; | |
1629 | ||
1630 | ctx->recurse++; | |
1631 | ctx->rule = rule; | |
1632 | do_xlate_actions(rule->up.ofpacts, rule->up.ofpacts_len, ctx); | |
1633 | ctx->rule = old_rule; | |
1634 | ctx->recurse--; | |
1635 | } | |
1636 | ||
1637 | ctx->table_id = old_table_id; | |
1638 | } else { | |
1639 | static struct vlog_rate_limit recurse_rl = VLOG_RATE_LIMIT_INIT(1, 1); | |
1640 | ||
1641 | VLOG_ERR_RL(&recurse_rl, "resubmit actions recursed over %d times", | |
1642 | MAX_RESUBMIT_RECURSION); | |
9583bc14 EJ |
1643 | } |
1644 | } | |
1645 | ||
1646 | static void | |
1647 | xlate_ofpact_resubmit(struct xlate_ctx *ctx, | |
1648 | const struct ofpact_resubmit *resubmit) | |
1649 | { | |
4e022ec0 | 1650 | ofp_port_t in_port; |
9583bc14 EJ |
1651 | uint8_t table_id; |
1652 | ||
1653 | in_port = resubmit->in_port; | |
1654 | if (in_port == OFPP_IN_PORT) { | |
4e022ec0 | 1655 | in_port = ctx->xin->flow.in_port.ofp_port; |
9583bc14 EJ |
1656 | } |
1657 | ||
1658 | table_id = resubmit->table_id; | |
1659 | if (table_id == 255) { | |
1660 | table_id = ctx->table_id; | |
1661 | } | |
1662 | ||
1663 | xlate_table_action(ctx, in_port, table_id, false); | |
1664 | } | |
1665 | ||
1666 | static void | |
1667 | flood_packets(struct xlate_ctx *ctx, bool all) | |
1668 | { | |
46c88433 | 1669 | const struct xport *xport; |
9583bc14 | 1670 | |
46c88433 EJ |
1671 | HMAP_FOR_EACH (xport, ofp_node, &ctx->xbridge->xports) { |
1672 | if (xport->ofp_port == ctx->xin->flow.in_port.ofp_port) { | |
9583bc14 EJ |
1673 | continue; |
1674 | } | |
1675 | ||
1676 | if (all) { | |
46c88433 EJ |
1677 | compose_output_action__(ctx, xport->ofp_port, false); |
1678 | } else if (!(xport->config & OFPUTIL_PC_NO_FLOOD)) { | |
1679 | compose_output_action(ctx, xport->ofp_port); | |
9583bc14 EJ |
1680 | } |
1681 | } | |
1682 | ||
1683 | ctx->xout->nf_output_iface = NF_OUT_FLOOD; | |
1684 | } | |
1685 | ||
1686 | static void | |
1687 | execute_controller_action(struct xlate_ctx *ctx, int len, | |
1688 | enum ofp_packet_in_reason reason, | |
1689 | uint16_t controller_id) | |
1690 | { | |
ada3a58d | 1691 | struct ofputil_packet_in *pin; |
9583bc14 EJ |
1692 | struct ofpbuf *packet; |
1693 | struct flow key; | |
1694 | ||
1695 | ovs_assert(!ctx->xout->slow || ctx->xout->slow == SLOW_CONTROLLER); | |
1696 | ctx->xout->slow = SLOW_CONTROLLER; | |
1697 | if (!ctx->xin->packet) { | |
1698 | return; | |
1699 | } | |
1700 | ||
1701 | packet = ofpbuf_clone(ctx->xin->packet); | |
1702 | ||
1703 | key.skb_priority = 0; | |
1704 | key.skb_mark = 0; | |
1705 | memset(&key.tunnel, 0, sizeof key.tunnel); | |
1706 | ||
1707 | commit_odp_actions(&ctx->xin->flow, &ctx->base_flow, | |
1dd35f8a | 1708 | &ctx->xout->odp_actions, &ctx->xout->wc); |
9583bc14 EJ |
1709 | |
1710 | odp_execute_actions(NULL, packet, &key, ctx->xout->odp_actions.data, | |
1711 | ctx->xout->odp_actions.size, NULL, NULL); | |
1712 | ||
ada3a58d EJ |
1713 | pin = xmalloc(sizeof *pin); |
1714 | pin->packet_len = packet->size; | |
1715 | pin->packet = ofpbuf_steal_data(packet); | |
1716 | pin->reason = reason; | |
1717 | pin->controller_id = controller_id; | |
1718 | pin->table_id = ctx->table_id; | |
1719 | pin->cookie = ctx->rule ? ctx->rule->up.flow_cookie : 0; | |
9583bc14 | 1720 | |
ada3a58d EJ |
1721 | pin->send_len = len; |
1722 | flow_get_metadata(&ctx->xin->flow, &pin->fmd); | |
9583bc14 | 1723 | |
ada3a58d | 1724 | ofproto_dpif_send_packet_in(ctx->xbridge->ofproto, pin); |
9583bc14 EJ |
1725 | ofpbuf_delete(packet); |
1726 | } | |
1727 | ||
1728 | static void | |
9cfef3d0 | 1729 | compose_mpls_push_action(struct xlate_ctx *ctx, ovs_be16 eth_type) |
9583bc14 | 1730 | { |
33bf9176 BP |
1731 | struct flow_wildcards *wc = &ctx->xout->wc; |
1732 | struct flow *flow = &ctx->xin->flow; | |
1733 | ||
9583bc14 EJ |
1734 | ovs_assert(eth_type_mpls(eth_type)); |
1735 | ||
33bf9176 BP |
1736 | memset(&wc->masks.mpls_lse, 0xff, sizeof wc->masks.mpls_lse); |
1737 | memset(&wc->masks.mpls_depth, 0xff, sizeof wc->masks.mpls_depth); | |
9583bc14 | 1738 | |
33bf9176 BP |
1739 | if (flow->mpls_depth) { |
1740 | flow->mpls_lse &= ~htonl(MPLS_BOS_MASK); | |
1741 | flow->mpls_depth++; | |
9583bc14 EJ |
1742 | } else { |
1743 | ovs_be32 label; | |
1744 | uint8_t tc, ttl; | |
1745 | ||
33bf9176 | 1746 | if (flow->dl_type == htons(ETH_TYPE_IPV6)) { |
9583bc14 EJ |
1747 | label = htonl(0x2); /* IPV6 Explicit Null. */ |
1748 | } else { | |
1749 | label = htonl(0x0); /* IPV4 Explicit Null. */ | |
1750 | } | |
1dd35f8a JP |
1751 | wc->masks.nw_tos |= IP_DSCP_MASK; |
1752 | wc->masks.nw_ttl = 0xff; | |
33bf9176 BP |
1753 | tc = (flow->nw_tos & IP_DSCP_MASK) >> 2; |
1754 | ttl = flow->nw_ttl ? flow->nw_ttl : 0x40; | |
1755 | flow->mpls_lse = set_mpls_lse_values(ttl, tc, 1, label); | |
1756 | flow->mpls_depth = 1; | |
9583bc14 | 1757 | } |
33bf9176 | 1758 | flow->dl_type = eth_type; |
9583bc14 EJ |
1759 | } |
1760 | ||
1761 | static void | |
9cfef3d0 | 1762 | compose_mpls_pop_action(struct xlate_ctx *ctx, ovs_be16 eth_type) |
9583bc14 | 1763 | { |
33bf9176 BP |
1764 | struct flow_wildcards *wc = &ctx->xout->wc; |
1765 | struct flow *flow = &ctx->xin->flow; | |
1766 | ||
9583bc14 EJ |
1767 | ovs_assert(eth_type_mpls(ctx->xin->flow.dl_type)); |
1768 | ovs_assert(!eth_type_mpls(eth_type)); | |
1769 | ||
33bf9176 BP |
1770 | memset(&wc->masks.mpls_lse, 0xff, sizeof wc->masks.mpls_lse); |
1771 | memset(&wc->masks.mpls_depth, 0xff, sizeof wc->masks.mpls_depth); | |
1772 | ||
1773 | if (flow->mpls_depth) { | |
1774 | flow->mpls_depth--; | |
1775 | flow->mpls_lse = htonl(0); | |
1776 | if (!flow->mpls_depth) { | |
1777 | flow->dl_type = eth_type; | |
9583bc14 EJ |
1778 | } |
1779 | } | |
1780 | } | |
1781 | ||
1782 | static bool | |
1783 | compose_dec_ttl(struct xlate_ctx *ctx, struct ofpact_cnt_ids *ids) | |
1784 | { | |
33bf9176 BP |
1785 | struct flow *flow = &ctx->xin->flow; |
1786 | ||
1787 | if (!is_ip_any(flow)) { | |
9583bc14 EJ |
1788 | return false; |
1789 | } | |
1790 | ||
1dd35f8a | 1791 | ctx->xout->wc.masks.nw_ttl = 0xff; |
33bf9176 BP |
1792 | if (flow->nw_ttl > 1) { |
1793 | flow->nw_ttl--; | |
9583bc14 EJ |
1794 | return false; |
1795 | } else { | |
1796 | size_t i; | |
1797 | ||
1798 | for (i = 0; i < ids->n_controllers; i++) { | |
1799 | execute_controller_action(ctx, UINT16_MAX, OFPR_INVALID_TTL, | |
1800 | ids->cnt_ids[i]); | |
1801 | } | |
1802 | ||
1803 | /* Stop processing for current table. */ | |
1804 | return true; | |
1805 | } | |
1806 | } | |
1807 | ||
1808 | static bool | |
9cfef3d0 | 1809 | compose_set_mpls_ttl_action(struct xlate_ctx *ctx, uint8_t ttl) |
9583bc14 EJ |
1810 | { |
1811 | if (!eth_type_mpls(ctx->xin->flow.dl_type)) { | |
1812 | return true; | |
1813 | } | |
1814 | ||
f74e7df7 | 1815 | ctx->xout->wc.masks.mpls_lse |= htonl(MPLS_TTL_MASK); |
9583bc14 EJ |
1816 | set_mpls_lse_ttl(&ctx->xin->flow.mpls_lse, ttl); |
1817 | return false; | |
1818 | } | |
1819 | ||
1820 | static bool | |
9cfef3d0 | 1821 | compose_dec_mpls_ttl_action(struct xlate_ctx *ctx) |
9583bc14 | 1822 | { |
33bf9176 BP |
1823 | struct flow *flow = &ctx->xin->flow; |
1824 | uint8_t ttl = mpls_lse_to_ttl(flow->mpls_lse); | |
1dd35f8a JP |
1825 | struct flow_wildcards *wc = &ctx->xout->wc; |
1826 | ||
1dd35f8a | 1827 | memset(&wc->masks.mpls_lse, 0xff, sizeof wc->masks.mpls_lse); |
9583bc14 | 1828 | |
33bf9176 | 1829 | if (!eth_type_mpls(flow->dl_type)) { |
9583bc14 EJ |
1830 | return false; |
1831 | } | |
1832 | ||
1833 | if (ttl > 1) { | |
1834 | ttl--; | |
33bf9176 | 1835 | set_mpls_lse_ttl(&flow->mpls_lse, ttl); |
9583bc14 EJ |
1836 | return false; |
1837 | } else { | |
1838 | execute_controller_action(ctx, UINT16_MAX, OFPR_INVALID_TTL, 0); | |
1839 | ||
1840 | /* Stop processing for current table. */ | |
1841 | return true; | |
1842 | } | |
1843 | } | |
1844 | ||
1845 | static void | |
1846 | xlate_output_action(struct xlate_ctx *ctx, | |
4e022ec0 | 1847 | ofp_port_t port, uint16_t max_len, bool may_packet_in) |
9583bc14 | 1848 | { |
4e022ec0 | 1849 | ofp_port_t prev_nf_output_iface = ctx->xout->nf_output_iface; |
9583bc14 EJ |
1850 | |
1851 | ctx->xout->nf_output_iface = NF_OUT_DROP; | |
1852 | ||
1853 | switch (port) { | |
1854 | case OFPP_IN_PORT: | |
4e022ec0 | 1855 | compose_output_action(ctx, ctx->xin->flow.in_port.ofp_port); |
9583bc14 EJ |
1856 | break; |
1857 | case OFPP_TABLE: | |
4e022ec0 AW |
1858 | xlate_table_action(ctx, ctx->xin->flow.in_port.ofp_port, |
1859 | 0, may_packet_in); | |
9583bc14 EJ |
1860 | break; |
1861 | case OFPP_NORMAL: | |
1862 | xlate_normal(ctx); | |
1863 | break; | |
1864 | case OFPP_FLOOD: | |
1865 | flood_packets(ctx, false); | |
1866 | break; | |
1867 | case OFPP_ALL: | |
1868 | flood_packets(ctx, true); | |
1869 | break; | |
1870 | case OFPP_CONTROLLER: | |
1871 | execute_controller_action(ctx, max_len, OFPR_ACTION, 0); | |
1872 | break; | |
1873 | case OFPP_NONE: | |
1874 | break; | |
1875 | case OFPP_LOCAL: | |
1876 | default: | |
4e022ec0 | 1877 | if (port != ctx->xin->flow.in_port.ofp_port) { |
9583bc14 EJ |
1878 | compose_output_action(ctx, port); |
1879 | } else { | |
1880 | xlate_report(ctx, "skipping output to input port"); | |
1881 | } | |
1882 | break; | |
1883 | } | |
1884 | ||
1885 | if (prev_nf_output_iface == NF_OUT_FLOOD) { | |
1886 | ctx->xout->nf_output_iface = NF_OUT_FLOOD; | |
1887 | } else if (ctx->xout->nf_output_iface == NF_OUT_DROP) { | |
1888 | ctx->xout->nf_output_iface = prev_nf_output_iface; | |
1889 | } else if (prev_nf_output_iface != NF_OUT_DROP && | |
1890 | ctx->xout->nf_output_iface != NF_OUT_FLOOD) { | |
1891 | ctx->xout->nf_output_iface = NF_OUT_MULTI; | |
1892 | } | |
1893 | } | |
1894 | ||
1895 | static void | |
1896 | xlate_output_reg_action(struct xlate_ctx *ctx, | |
1897 | const struct ofpact_output_reg *or) | |
1898 | { | |
1899 | uint64_t port = mf_get_subfield(&or->src, &ctx->xin->flow); | |
1900 | if (port <= UINT16_MAX) { | |
1901 | union mf_subvalue value; | |
1902 | ||
1903 | memset(&value, 0xff, sizeof value); | |
1904 | mf_write_subfield_flow(&or->src, &value, &ctx->xout->wc.masks); | |
4e022ec0 AW |
1905 | xlate_output_action(ctx, u16_to_ofp(port), |
1906 | or->max_len, false); | |
9583bc14 EJ |
1907 | } |
1908 | } | |
1909 | ||
1910 | static void | |
1911 | xlate_enqueue_action(struct xlate_ctx *ctx, | |
1912 | const struct ofpact_enqueue *enqueue) | |
1913 | { | |
4e022ec0 | 1914 | ofp_port_t ofp_port = enqueue->port; |
9583bc14 EJ |
1915 | uint32_t queue_id = enqueue->queue; |
1916 | uint32_t flow_priority, priority; | |
1917 | int error; | |
1918 | ||
1919 | /* Translate queue to priority. */ | |
89a8a7f0 | 1920 | error = dpif_queue_to_priority(ctx->xbridge->dpif, queue_id, &priority); |
9583bc14 EJ |
1921 | if (error) { |
1922 | /* Fall back to ordinary output action. */ | |
1923 | xlate_output_action(ctx, enqueue->port, 0, false); | |
1924 | return; | |
1925 | } | |
1926 | ||
1927 | /* Check output port. */ | |
1928 | if (ofp_port == OFPP_IN_PORT) { | |
4e022ec0 AW |
1929 | ofp_port = ctx->xin->flow.in_port.ofp_port; |
1930 | } else if (ofp_port == ctx->xin->flow.in_port.ofp_port) { | |
9583bc14 EJ |
1931 | return; |
1932 | } | |
1933 | ||
1934 | /* Add datapath actions. */ | |
1935 | flow_priority = ctx->xin->flow.skb_priority; | |
1936 | ctx->xin->flow.skb_priority = priority; | |
1937 | compose_output_action(ctx, ofp_port); | |
1938 | ctx->xin->flow.skb_priority = flow_priority; | |
1939 | ||
1940 | /* Update NetFlow output port. */ | |
1941 | if (ctx->xout->nf_output_iface == NF_OUT_DROP) { | |
1942 | ctx->xout->nf_output_iface = ofp_port; | |
1943 | } else if (ctx->xout->nf_output_iface != NF_OUT_FLOOD) { | |
1944 | ctx->xout->nf_output_iface = NF_OUT_MULTI; | |
1945 | } | |
1946 | } | |
1947 | ||
1948 | static void | |
1949 | xlate_set_queue_action(struct xlate_ctx *ctx, uint32_t queue_id) | |
1950 | { | |
1951 | uint32_t skb_priority; | |
1952 | ||
89a8a7f0 | 1953 | if (!dpif_queue_to_priority(ctx->xbridge->dpif, queue_id, &skb_priority)) { |
9583bc14 EJ |
1954 | ctx->xin->flow.skb_priority = skb_priority; |
1955 | } else { | |
1956 | /* Couldn't translate queue to a priority. Nothing to do. A warning | |
1957 | * has already been logged. */ | |
1958 | } | |
1959 | } | |
1960 | ||
1961 | static bool | |
46c88433 | 1962 | slave_enabled_cb(ofp_port_t ofp_port, void *xbridge_) |
9583bc14 | 1963 | { |
46c88433 EJ |
1964 | const struct xbridge *xbridge = xbridge_; |
1965 | struct xport *port; | |
9583bc14 EJ |
1966 | |
1967 | switch (ofp_port) { | |
1968 | case OFPP_IN_PORT: | |
1969 | case OFPP_TABLE: | |
1970 | case OFPP_NORMAL: | |
1971 | case OFPP_FLOOD: | |
1972 | case OFPP_ALL: | |
1973 | case OFPP_NONE: | |
1974 | return true; | |
1975 | case OFPP_CONTROLLER: /* Not supported by the bundle action. */ | |
1976 | return false; | |
1977 | default: | |
46c88433 | 1978 | port = get_ofp_port(xbridge, ofp_port); |
9583bc14 EJ |
1979 | return port ? port->may_enable : false; |
1980 | } | |
1981 | } | |
1982 | ||
1983 | static void | |
1984 | xlate_bundle_action(struct xlate_ctx *ctx, | |
1985 | const struct ofpact_bundle *bundle) | |
1986 | { | |
4e022ec0 | 1987 | ofp_port_t port; |
9583bc14 EJ |
1988 | |
1989 | port = bundle_execute(bundle, &ctx->xin->flow, &ctx->xout->wc, | |
46c88433 EJ |
1990 | slave_enabled_cb, |
1991 | CONST_CAST(struct xbridge *, ctx->xbridge)); | |
9583bc14 | 1992 | if (bundle->dst.field) { |
f74e7df7 JP |
1993 | nxm_reg_load(&bundle->dst, ofp_to_u16(port), &ctx->xin->flow, |
1994 | &ctx->xout->wc); | |
9583bc14 EJ |
1995 | } else { |
1996 | xlate_output_action(ctx, port, 0, false); | |
1997 | } | |
1998 | } | |
1999 | ||
2000 | static void | |
2001 | xlate_learn_action(struct xlate_ctx *ctx, | |
2002 | const struct ofpact_learn *learn) | |
2003 | { | |
3d9c5e58 | 2004 | struct ofputil_flow_mod *fm; |
9583bc14 | 2005 | struct ofpbuf ofpacts; |
9583bc14 EJ |
2006 | |
2007 | ctx->xout->has_learn = true; | |
2008 | ||
2009 | learn_mask(learn, &ctx->xout->wc); | |
2010 | ||
2011 | if (!ctx->xin->may_learn) { | |
2012 | return; | |
2013 | } | |
2014 | ||
3d9c5e58 EJ |
2015 | fm = xmalloc(sizeof *fm); |
2016 | ofpbuf_init(&ofpacts, 0); | |
2017 | learn_execute(learn, &ctx->xin->flow, fm, &ofpacts); | |
9583bc14 | 2018 | |
3d9c5e58 | 2019 | ofproto_dpif_flow_mod(ctx->xbridge->ofproto, fm); |
9583bc14 EJ |
2020 | } |
2021 | ||
2022 | /* Reduces '*timeout' to no more than 'max'. A value of zero in either case | |
2023 | * means "infinite". */ | |
2024 | static void | |
2025 | reduce_timeout(uint16_t max, uint16_t *timeout) | |
2026 | { | |
2027 | if (max && (!*timeout || *timeout > max)) { | |
2028 | *timeout = max; | |
2029 | } | |
2030 | } | |
2031 | ||
2032 | static void | |
2033 | xlate_fin_timeout(struct xlate_ctx *ctx, | |
2034 | const struct ofpact_fin_timeout *oft) | |
2035 | { | |
2036 | if (ctx->xin->tcp_flags & (TCP_FIN | TCP_RST) && ctx->rule) { | |
2037 | struct rule_dpif *rule = ctx->rule; | |
2038 | ||
2a5183ac JP |
2039 | if (list_is_empty(&rule->up.expirable)) { |
2040 | list_insert(&rule->up.ofproto->expirable, &rule->up.expirable); | |
2041 | } | |
2042 | ||
a3779dbc EJ |
2043 | ovs_mutex_lock(&rule->up.timeout_mutex); |
2044 | reduce_timeout(oft->fin_idle_timeout, &rule->up.idle_timeout); | |
2045 | reduce_timeout(oft->fin_hard_timeout, &rule->up.hard_timeout); | |
2046 | ovs_mutex_unlock(&rule->up.timeout_mutex); | |
9583bc14 EJ |
2047 | } |
2048 | } | |
2049 | ||
2050 | static void | |
2051 | xlate_sample_action(struct xlate_ctx *ctx, | |
2052 | const struct ofpact_sample *os) | |
2053 | { | |
2054 | union user_action_cookie cookie; | |
2055 | /* Scale the probability from 16-bit to 32-bit while representing | |
2056 | * the same percentage. */ | |
2057 | uint32_t probability = (os->probability << 16) | os->probability; | |
2058 | ||
2059 | commit_odp_actions(&ctx->xin->flow, &ctx->base_flow, | |
1dd35f8a | 2060 | &ctx->xout->odp_actions, &ctx->xout->wc); |
9583bc14 EJ |
2061 | |
2062 | compose_flow_sample_cookie(os->probability, os->collector_set_id, | |
2063 | os->obs_domain_id, os->obs_point_id, &cookie); | |
46c88433 | 2064 | compose_sample_action(ctx->xbridge, &ctx->xout->odp_actions, &ctx->xin->flow, |
9583bc14 EJ |
2065 | probability, &cookie, sizeof cookie.flow_sample); |
2066 | } | |
2067 | ||
2068 | static bool | |
46c88433 | 2069 | may_receive(const struct xport *xport, struct xlate_ctx *ctx) |
9583bc14 | 2070 | { |
46c88433 EJ |
2071 | if (xport->config & (eth_addr_equals(ctx->xin->flow.dl_dst, eth_addr_stp) |
2072 | ? OFPUTIL_PC_NO_RECV_STP | |
2073 | : OFPUTIL_PC_NO_RECV)) { | |
9583bc14 EJ |
2074 | return false; |
2075 | } | |
2076 | ||
2077 | /* Only drop packets here if both forwarding and learning are | |
2078 | * disabled. If just learning is enabled, we need to have | |
2079 | * OFPP_NORMAL and the learning action have a look at the packet | |
2080 | * before we can drop it. */ | |
9d189a50 | 2081 | if (!xport_stp_forward_state(xport) && !xport_stp_learn_state(xport)) { |
9583bc14 EJ |
2082 | return false; |
2083 | } | |
2084 | ||
2085 | return true; | |
2086 | } | |
2087 | ||
2088 | static bool | |
2089 | tunnel_ecn_ok(struct xlate_ctx *ctx) | |
2090 | { | |
2091 | if (is_ip_any(&ctx->base_flow) | |
2092 | && (ctx->xin->flow.tunnel.ip_tos & IP_ECN_MASK) == IP_ECN_CE) { | |
2093 | if ((ctx->base_flow.nw_tos & IP_ECN_MASK) == IP_ECN_NOT_ECT) { | |
2094 | VLOG_WARN_RL(&rl, "dropping tunnel packet marked ECN CE" | |
2095 | " but is not ECN capable"); | |
2096 | return false; | |
2097 | } else { | |
2098 | /* Set the ECN CE value in the tunneled packet. */ | |
2099 | ctx->xin->flow.nw_tos |= IP_ECN_CE; | |
2100 | } | |
2101 | } | |
2102 | ||
2103 | return true; | |
2104 | } | |
2105 | ||
2106 | static void | |
2107 | do_xlate_actions(const struct ofpact *ofpacts, size_t ofpacts_len, | |
2108 | struct xlate_ctx *ctx) | |
2109 | { | |
33bf9176 BP |
2110 | struct flow_wildcards *wc = &ctx->xout->wc; |
2111 | struct flow *flow = &ctx->xin->flow; | |
9583bc14 EJ |
2112 | bool was_evictable = true; |
2113 | const struct ofpact *a; | |
2114 | ||
2115 | if (ctx->rule) { | |
2116 | /* Don't let the rule we're working on get evicted underneath us. */ | |
2117 | was_evictable = ctx->rule->up.evictable; | |
2118 | ctx->rule->up.evictable = false; | |
2119 | } | |
2120 | ||
9583bc14 EJ |
2121 | OFPACT_FOR_EACH (a, ofpacts, ofpacts_len) { |
2122 | struct ofpact_controller *controller; | |
2123 | const struct ofpact_metadata *metadata; | |
2124 | ||
2125 | if (ctx->exit) { | |
2126 | break; | |
2127 | } | |
2128 | ||
2129 | switch (a->type) { | |
2130 | case OFPACT_OUTPUT: | |
2131 | xlate_output_action(ctx, ofpact_get_OUTPUT(a)->port, | |
2132 | ofpact_get_OUTPUT(a)->max_len, true); | |
2133 | break; | |
2134 | ||
2135 | case OFPACT_CONTROLLER: | |
2136 | controller = ofpact_get_CONTROLLER(a); | |
2137 | execute_controller_action(ctx, controller->max_len, | |
2138 | controller->reason, | |
2139 | controller->controller_id); | |
2140 | break; | |
2141 | ||
2142 | case OFPACT_ENQUEUE: | |
2143 | xlate_enqueue_action(ctx, ofpact_get_ENQUEUE(a)); | |
2144 | break; | |
2145 | ||
2146 | case OFPACT_SET_VLAN_VID: | |
f74e7df7 | 2147 | wc->masks.vlan_tci |= htons(VLAN_VID_MASK | VLAN_CFI); |
33bf9176 BP |
2148 | flow->vlan_tci &= ~htons(VLAN_VID_MASK); |
2149 | flow->vlan_tci |= (htons(ofpact_get_SET_VLAN_VID(a)->vlan_vid) | |
2150 | | htons(VLAN_CFI)); | |
9583bc14 EJ |
2151 | break; |
2152 | ||
2153 | case OFPACT_SET_VLAN_PCP: | |
f74e7df7 | 2154 | wc->masks.vlan_tci |= htons(VLAN_PCP_MASK | VLAN_CFI); |
33bf9176 BP |
2155 | flow->vlan_tci &= ~htons(VLAN_PCP_MASK); |
2156 | flow->vlan_tci |= | |
9583bc14 EJ |
2157 | htons((ofpact_get_SET_VLAN_PCP(a)->vlan_pcp << VLAN_PCP_SHIFT) |
2158 | | VLAN_CFI); | |
2159 | break; | |
2160 | ||
2161 | case OFPACT_STRIP_VLAN: | |
f74e7df7 | 2162 | memset(&wc->masks.vlan_tci, 0xff, sizeof wc->masks.vlan_tci); |
33bf9176 | 2163 | flow->vlan_tci = htons(0); |
9583bc14 EJ |
2164 | break; |
2165 | ||
2166 | case OFPACT_PUSH_VLAN: | |
2167 | /* XXX 802.1AD(QinQ) */ | |
f74e7df7 | 2168 | memset(&wc->masks.vlan_tci, 0xff, sizeof wc->masks.vlan_tci); |
33bf9176 | 2169 | flow->vlan_tci = htons(VLAN_CFI); |
9583bc14 EJ |
2170 | break; |
2171 | ||
2172 | case OFPACT_SET_ETH_SRC: | |
f74e7df7 | 2173 | memset(&wc->masks.dl_src, 0xff, sizeof wc->masks.dl_src); |
33bf9176 | 2174 | memcpy(flow->dl_src, ofpact_get_SET_ETH_SRC(a)->mac, ETH_ADDR_LEN); |
9583bc14 EJ |
2175 | break; |
2176 | ||
2177 | case OFPACT_SET_ETH_DST: | |
f74e7df7 | 2178 | memset(&wc->masks.dl_dst, 0xff, sizeof wc->masks.dl_dst); |
33bf9176 | 2179 | memcpy(flow->dl_dst, ofpact_get_SET_ETH_DST(a)->mac, ETH_ADDR_LEN); |
9583bc14 EJ |
2180 | break; |
2181 | ||
2182 | case OFPACT_SET_IPV4_SRC: | |
f74e7df7 | 2183 | memset(&wc->masks.nw_src, 0xff, sizeof wc->masks.nw_src); |
33bf9176 BP |
2184 | if (flow->dl_type == htons(ETH_TYPE_IP)) { |
2185 | flow->nw_src = ofpact_get_SET_IPV4_SRC(a)->ipv4; | |
9583bc14 EJ |
2186 | } |
2187 | break; | |
2188 | ||
2189 | case OFPACT_SET_IPV4_DST: | |
f74e7df7 | 2190 | memset(&wc->masks.nw_dst, 0xff, sizeof wc->masks.nw_dst); |
33bf9176 BP |
2191 | if (flow->dl_type == htons(ETH_TYPE_IP)) { |
2192 | flow->nw_dst = ofpact_get_SET_IPV4_DST(a)->ipv4; | |
9583bc14 EJ |
2193 | } |
2194 | break; | |
2195 | ||
2196 | case OFPACT_SET_IPV4_DSCP: | |
f74e7df7 | 2197 | wc->masks.nw_tos |= IP_DSCP_MASK; |
9583bc14 | 2198 | /* OpenFlow 1.0 only supports IPv4. */ |
33bf9176 BP |
2199 | if (flow->dl_type == htons(ETH_TYPE_IP)) { |
2200 | flow->nw_tos &= ~IP_DSCP_MASK; | |
2201 | flow->nw_tos |= ofpact_get_SET_IPV4_DSCP(a)->dscp; | |
9583bc14 EJ |
2202 | } |
2203 | break; | |
2204 | ||
2205 | case OFPACT_SET_L4_SRC_PORT: | |
33bf9176 | 2206 | memset(&wc->masks.nw_proto, 0xff, sizeof wc->masks.nw_proto); |
f74e7df7 | 2207 | memset(&wc->masks.tp_src, 0xff, sizeof wc->masks.tp_src); |
33bf9176 BP |
2208 | if (is_ip_any(flow)) { |
2209 | flow->tp_src = htons(ofpact_get_SET_L4_SRC_PORT(a)->port); | |
9583bc14 EJ |
2210 | } |
2211 | break; | |
2212 | ||
2213 | case OFPACT_SET_L4_DST_PORT: | |
33bf9176 | 2214 | memset(&wc->masks.nw_proto, 0xff, sizeof wc->masks.nw_proto); |
f74e7df7 | 2215 | memset(&wc->masks.tp_dst, 0xff, sizeof wc->masks.tp_dst); |
33bf9176 BP |
2216 | if (is_ip_any(flow)) { |
2217 | flow->tp_dst = htons(ofpact_get_SET_L4_DST_PORT(a)->port); | |
9583bc14 EJ |
2218 | } |
2219 | break; | |
2220 | ||
2221 | case OFPACT_RESUBMIT: | |
2222 | xlate_ofpact_resubmit(ctx, ofpact_get_RESUBMIT(a)); | |
2223 | break; | |
2224 | ||
2225 | case OFPACT_SET_TUNNEL: | |
33bf9176 | 2226 | flow->tunnel.tun_id = htonll(ofpact_get_SET_TUNNEL(a)->tun_id); |
9583bc14 EJ |
2227 | break; |
2228 | ||
2229 | case OFPACT_SET_QUEUE: | |
2230 | xlate_set_queue_action(ctx, ofpact_get_SET_QUEUE(a)->queue_id); | |
2231 | break; | |
2232 | ||
2233 | case OFPACT_POP_QUEUE: | |
33bf9176 | 2234 | flow->skb_priority = ctx->orig_skb_priority; |
9583bc14 EJ |
2235 | break; |
2236 | ||
2237 | case OFPACT_REG_MOVE: | |
33bf9176 | 2238 | nxm_execute_reg_move(ofpact_get_REG_MOVE(a), flow, wc); |
9583bc14 EJ |
2239 | break; |
2240 | ||
2241 | case OFPACT_REG_LOAD: | |
33bf9176 | 2242 | nxm_execute_reg_load(ofpact_get_REG_LOAD(a), flow); |
9583bc14 EJ |
2243 | break; |
2244 | ||
2245 | case OFPACT_STACK_PUSH: | |
33bf9176 BP |
2246 | nxm_execute_stack_push(ofpact_get_STACK_PUSH(a), flow, wc, |
2247 | &ctx->stack); | |
9583bc14 EJ |
2248 | break; |
2249 | ||
2250 | case OFPACT_STACK_POP: | |
f74e7df7 JP |
2251 | nxm_execute_stack_pop(ofpact_get_STACK_POP(a), flow, wc, |
2252 | &ctx->stack); | |
9583bc14 EJ |
2253 | break; |
2254 | ||
2255 | case OFPACT_PUSH_MPLS: | |
9cfef3d0 | 2256 | compose_mpls_push_action(ctx, ofpact_get_PUSH_MPLS(a)->ethertype); |
9583bc14 EJ |
2257 | break; |
2258 | ||
2259 | case OFPACT_POP_MPLS: | |
9cfef3d0 | 2260 | compose_mpls_pop_action(ctx, ofpact_get_POP_MPLS(a)->ethertype); |
9583bc14 EJ |
2261 | break; |
2262 | ||
2263 | case OFPACT_SET_MPLS_TTL: | |
9cfef3d0 | 2264 | if (compose_set_mpls_ttl_action(ctx, |
9583bc14 EJ |
2265 | ofpact_get_SET_MPLS_TTL(a)->ttl)) { |
2266 | goto out; | |
2267 | } | |
2268 | break; | |
2269 | ||
2270 | case OFPACT_DEC_MPLS_TTL: | |
9cfef3d0 | 2271 | if (compose_dec_mpls_ttl_action(ctx)) { |
9583bc14 EJ |
2272 | goto out; |
2273 | } | |
2274 | break; | |
2275 | ||
2276 | case OFPACT_DEC_TTL: | |
f74e7df7 | 2277 | wc->masks.nw_ttl = 0xff; |
9583bc14 EJ |
2278 | if (compose_dec_ttl(ctx, ofpact_get_DEC_TTL(a))) { |
2279 | goto out; | |
2280 | } | |
2281 | break; | |
2282 | ||
2283 | case OFPACT_NOTE: | |
2284 | /* Nothing to do. */ | |
2285 | break; | |
2286 | ||
2287 | case OFPACT_MULTIPATH: | |
33bf9176 | 2288 | multipath_execute(ofpact_get_MULTIPATH(a), flow, wc); |
9583bc14 EJ |
2289 | break; |
2290 | ||
2291 | case OFPACT_BUNDLE: | |
9583bc14 EJ |
2292 | xlate_bundle_action(ctx, ofpact_get_BUNDLE(a)); |
2293 | break; | |
2294 | ||
2295 | case OFPACT_OUTPUT_REG: | |
2296 | xlate_output_reg_action(ctx, ofpact_get_OUTPUT_REG(a)); | |
2297 | break; | |
2298 | ||
2299 | case OFPACT_LEARN: | |
2300 | xlate_learn_action(ctx, ofpact_get_LEARN(a)); | |
2301 | break; | |
2302 | ||
2303 | case OFPACT_EXIT: | |
2304 | ctx->exit = true; | |
2305 | break; | |
2306 | ||
2307 | case OFPACT_FIN_TIMEOUT: | |
33bf9176 | 2308 | memset(&wc->masks.nw_proto, 0xff, sizeof wc->masks.nw_proto); |
9583bc14 EJ |
2309 | ctx->xout->has_fin_timeout = true; |
2310 | xlate_fin_timeout(ctx, ofpact_get_FIN_TIMEOUT(a)); | |
2311 | break; | |
2312 | ||
2313 | case OFPACT_CLEAR_ACTIONS: | |
2314 | /* XXX | |
2315 | * Nothing to do because writa-actions is not supported for now. | |
2316 | * When writa-actions is supported, clear-actions also must | |
2317 | * be supported at the same time. | |
2318 | */ | |
2319 | break; | |
2320 | ||
2321 | case OFPACT_WRITE_METADATA: | |
2322 | metadata = ofpact_get_WRITE_METADATA(a); | |
33bf9176 BP |
2323 | flow->metadata &= ~metadata->mask; |
2324 | flow->metadata |= metadata->metadata & metadata->mask; | |
9583bc14 EJ |
2325 | break; |
2326 | ||
638a19b0 JR |
2327 | case OFPACT_METER: |
2328 | /* Not implemented yet. */ | |
2329 | break; | |
2330 | ||
9583bc14 EJ |
2331 | case OFPACT_GOTO_TABLE: { |
2332 | /* It is assumed that goto-table is the last action. */ | |
2333 | struct ofpact_goto_table *ogt = ofpact_get_GOTO_TABLE(a); | |
9583bc14 EJ |
2334 | |
2335 | ovs_assert(ctx->table_id < ogt->table_id); | |
4468099e EJ |
2336 | xlate_table_action(ctx, ctx->xin->flow.in_port.ofp_port, |
2337 | ogt->table_id, true); | |
9583bc14 EJ |
2338 | break; |
2339 | } | |
2340 | ||
2341 | case OFPACT_SAMPLE: | |
2342 | xlate_sample_action(ctx, ofpact_get_SAMPLE(a)); | |
2343 | break; | |
2344 | } | |
2345 | } | |
2346 | ||
2347 | out: | |
2348 | if (ctx->rule) { | |
2349 | ctx->rule->up.evictable = was_evictable; | |
2350 | } | |
2351 | } | |
2352 | ||
2353 | void | |
2354 | xlate_in_init(struct xlate_in *xin, struct ofproto_dpif *ofproto, | |
2355 | const struct flow *flow, struct rule_dpif *rule, | |
2356 | uint8_t tcp_flags, const struct ofpbuf *packet) | |
2357 | { | |
2358 | xin->ofproto = ofproto; | |
2359 | xin->flow = *flow; | |
2360 | xin->packet = packet; | |
2361 | xin->may_learn = packet != NULL; | |
2362 | xin->rule = rule; | |
2363 | xin->ofpacts = NULL; | |
2364 | xin->ofpacts_len = 0; | |
2365 | xin->tcp_flags = tcp_flags; | |
2366 | xin->resubmit_hook = NULL; | |
2367 | xin->report_hook = NULL; | |
2368 | xin->resubmit_stats = NULL; | |
2369 | } | |
2370 | ||
2371 | void | |
2372 | xlate_out_uninit(struct xlate_out *xout) | |
2373 | { | |
2374 | if (xout) { | |
2375 | ofpbuf_uninit(&xout->odp_actions); | |
2376 | } | |
2377 | } | |
2378 | ||
2379 | /* Translates the 'ofpacts_len' bytes of "struct ofpact"s starting at 'ofpacts' | |
2380 | * into datapath actions, using 'ctx', and discards the datapath actions. */ | |
2381 | void | |
2382 | xlate_actions_for_side_effects(struct xlate_in *xin) | |
2383 | { | |
2384 | struct xlate_out xout; | |
2385 | ||
2386 | xlate_actions(xin, &xout); | |
2387 | xlate_out_uninit(&xout); | |
2388 | } | |
2389 | ||
2390 | static void | |
2391 | xlate_report(struct xlate_ctx *ctx, const char *s) | |
2392 | { | |
2393 | if (ctx->xin->report_hook) { | |
4d0acc70 | 2394 | ctx->xin->report_hook(ctx->xin, s, ctx->recurse); |
9583bc14 EJ |
2395 | } |
2396 | } | |
2397 | ||
2398 | void | |
2399 | xlate_out_copy(struct xlate_out *dst, const struct xlate_out *src) | |
2400 | { | |
2401 | dst->wc = src->wc; | |
9583bc14 EJ |
2402 | dst->slow = src->slow; |
2403 | dst->has_learn = src->has_learn; | |
2404 | dst->has_normal = src->has_normal; | |
2405 | dst->has_fin_timeout = src->has_fin_timeout; | |
2406 | dst->nf_output_iface = src->nf_output_iface; | |
2407 | dst->mirrors = src->mirrors; | |
2408 | ||
2409 | ofpbuf_use_stub(&dst->odp_actions, dst->odp_actions_stub, | |
2410 | sizeof dst->odp_actions_stub); | |
2411 | ofpbuf_put(&dst->odp_actions, src->odp_actions.data, | |
2412 | src->odp_actions.size); | |
2413 | } | |
2414 | \f | |
55954f6e EJ |
2415 | static struct skb_priority_to_dscp * |
2416 | get_skb_priority(const struct xport *xport, uint32_t skb_priority) | |
2417 | { | |
2418 | struct skb_priority_to_dscp *pdscp; | |
2419 | uint32_t hash; | |
2420 | ||
2421 | hash = hash_int(skb_priority, 0); | |
2422 | HMAP_FOR_EACH_IN_BUCKET (pdscp, hmap_node, hash, &xport->skb_priorities) { | |
2423 | if (pdscp->skb_priority == skb_priority) { | |
2424 | return pdscp; | |
2425 | } | |
2426 | } | |
2427 | return NULL; | |
2428 | } | |
2429 | ||
2430 | static bool | |
2431 | dscp_from_skb_priority(const struct xport *xport, uint32_t skb_priority, | |
2432 | uint8_t *dscp) | |
2433 | { | |
2434 | struct skb_priority_to_dscp *pdscp = get_skb_priority(xport, skb_priority); | |
2435 | *dscp = pdscp ? pdscp->dscp : 0; | |
2436 | return pdscp != NULL; | |
2437 | } | |
2438 | ||
2439 | static void | |
2440 | clear_skb_priorities(struct xport *xport) | |
2441 | { | |
2442 | struct skb_priority_to_dscp *pdscp, *next; | |
2443 | ||
2444 | HMAP_FOR_EACH_SAFE (pdscp, next, hmap_node, &xport->skb_priorities) { | |
2445 | hmap_remove(&xport->skb_priorities, &pdscp->hmap_node); | |
2446 | free(pdscp); | |
2447 | } | |
2448 | } | |
2449 | ||
ce4a6b76 BP |
2450 | static bool |
2451 | actions_output_to_local_port(const struct xlate_ctx *ctx) | |
2452 | { | |
46c88433 | 2453 | odp_port_t local_odp_port = ofp_port_to_odp_port(ctx->xbridge, OFPP_LOCAL); |
ce4a6b76 BP |
2454 | const struct nlattr *a; |
2455 | unsigned int left; | |
2456 | ||
2457 | NL_ATTR_FOR_EACH_UNSAFE (a, left, ctx->xout->odp_actions.data, | |
2458 | ctx->xout->odp_actions.size) { | |
2459 | if (nl_attr_type(a) == OVS_ACTION_ATTR_OUTPUT | |
2460 | && nl_attr_get_odp_port(a) == local_odp_port) { | |
2461 | return true; | |
2462 | } | |
2463 | } | |
2464 | return false; | |
2465 | } | |
9583bc14 EJ |
2466 | |
2467 | /* Translates the 'ofpacts_len' bytes of "struct ofpacts" starting at 'ofpacts' | |
2468 | * into datapath actions in 'odp_actions', using 'ctx'. */ | |
2469 | void | |
2470 | xlate_actions(struct xlate_in *xin, struct xlate_out *xout) | |
2471 | { | |
33bf9176 BP |
2472 | struct flow_wildcards *wc = &xout->wc; |
2473 | struct flow *flow = &xin->flow; | |
2474 | ||
9583bc14 EJ |
2475 | enum slow_path_reason special; |
2476 | const struct ofpact *ofpacts; | |
46c88433 | 2477 | struct xport *in_port; |
9583bc14 EJ |
2478 | struct flow orig_flow; |
2479 | struct xlate_ctx ctx; | |
2480 | size_t ofpacts_len; | |
2481 | ||
46c88433 | 2482 | COVERAGE_INC(xlate_actions); |
9583bc14 EJ |
2483 | |
2484 | /* Flow initialization rules: | |
2485 | * - 'base_flow' must match the kernel's view of the packet at the | |
2486 | * time that action processing starts. 'flow' represents any | |
2487 | * transformations we wish to make through actions. | |
2488 | * - By default 'base_flow' and 'flow' are the same since the input | |
2489 | * packet matches the output before any actions are applied. | |
2490 | * - When using VLAN splinters, 'base_flow''s VLAN is set to the value | |
2491 | * of the received packet as seen by the kernel. If we later output | |
2492 | * to another device without any modifications this will cause us to | |
2493 | * insert a new tag since the original one was stripped off by the | |
2494 | * VLAN device. | |
2495 | * - Tunnel metadata as received is retained in 'flow'. This allows | |
2496 | * tunnel metadata matching also in later tables. | |
2497 | * Since a kernel action for setting the tunnel metadata will only be | |
2498 | * generated with actual tunnel output, changing the tunnel metadata | |
2499 | * values in 'flow' (such as tun_id) will only have effect with a later | |
2500 | * tunnel output action. | |
2501 | * - Tunnel 'base_flow' is completely cleared since that is what the | |
2502 | * kernel does. If we wish to maintain the original values an action | |
2503 | * needs to be generated. */ | |
2504 | ||
2505 | ctx.xin = xin; | |
2506 | ctx.xout = xout; | |
46c88433 EJ |
2507 | ctx.xout->slow = 0; |
2508 | ctx.xout->has_learn = false; | |
2509 | ctx.xout->has_normal = false; | |
2510 | ctx.xout->has_fin_timeout = false; | |
2511 | ctx.xout->nf_output_iface = NF_OUT_DROP; | |
2512 | ctx.xout->mirrors = 0; | |
2513 | ofpbuf_use_stub(&ctx.xout->odp_actions, ctx.xout->odp_actions_stub, | |
2514 | sizeof ctx.xout->odp_actions_stub); | |
2515 | ofpbuf_reserve(&ctx.xout->odp_actions, NL_A_U32_SIZE); | |
2516 | ||
2517 | ctx.xbridge = xbridge_lookup(xin->ofproto); | |
2518 | if (!ctx.xbridge) { | |
2519 | return; | |
2520 | } | |
9583bc14 | 2521 | |
9583bc14 EJ |
2522 | ctx.rule = xin->rule; |
2523 | ||
33bf9176 | 2524 | ctx.base_flow = *flow; |
9583bc14 | 2525 | memset(&ctx.base_flow.tunnel, 0, sizeof ctx.base_flow.tunnel); |
33bf9176 | 2526 | ctx.orig_tunnel_ip_dst = flow->tunnel.ip_dst; |
9583bc14 | 2527 | |
33bf9176 BP |
2528 | flow_wildcards_init_catchall(wc); |
2529 | memset(&wc->masks.in_port, 0xff, sizeof wc->masks.in_port); | |
1dd35f8a | 2530 | memset(&wc->masks.skb_priority, 0xff, sizeof wc->masks.skb_priority); |
7431e171 | 2531 | memset(&wc->masks.dl_type, 0xff, sizeof wc->masks.dl_type); |
1dd35f8a | 2532 | wc->masks.nw_frag |= FLOW_NW_FRAG_MASK; |
9583bc14 EJ |
2533 | |
2534 | if (tnl_port_should_receive(&ctx.xin->flow)) { | |
33bf9176 | 2535 | memset(&wc->masks.tunnel, 0xff, sizeof wc->masks.tunnel); |
8ba2ee85 JG |
2536 | /* skb_mark is currently used only by tunnels but that will likely |
2537 | * change in the future. */ | |
2538 | memset(&wc->masks.skb_mark, 0xff, sizeof wc->masks.skb_mark); | |
9583bc14 | 2539 | } |
46c88433 | 2540 | if (ctx.xbridge->has_netflow) { |
9b658910 | 2541 | netflow_mask_wc(flow, wc); |
9583bc14 EJ |
2542 | } |
2543 | ||
9583bc14 | 2544 | ctx.recurse = 0; |
33bf9176 | 2545 | ctx.orig_skb_priority = flow->skb_priority; |
9583bc14 EJ |
2546 | ctx.table_id = 0; |
2547 | ctx.exit = false; | |
2548 | ||
2549 | if (xin->ofpacts) { | |
2550 | ofpacts = xin->ofpacts; | |
2551 | ofpacts_len = xin->ofpacts_len; | |
2552 | } else if (xin->rule) { | |
2553 | ofpacts = xin->rule->up.ofpacts; | |
2554 | ofpacts_len = xin->rule->up.ofpacts_len; | |
2555 | } else { | |
2556 | NOT_REACHED(); | |
2557 | } | |
2558 | ||
2559 | ofpbuf_use_stub(&ctx.stack, ctx.init_stack, sizeof ctx.init_stack); | |
2560 | ||
ade6ad9c | 2561 | if (mbridge_has_mirrors(ctx.xbridge->mbridge)) { |
9583bc14 EJ |
2562 | /* Do this conditionally because the copy is expensive enough that it |
2563 | * shows up in profiles. */ | |
33bf9176 | 2564 | orig_flow = *flow; |
9583bc14 EJ |
2565 | } |
2566 | ||
33bf9176 | 2567 | if (flow->nw_frag & FLOW_NW_FRAG_ANY) { |
46c88433 | 2568 | switch (ctx.xbridge->frag) { |
9583bc14 EJ |
2569 | case OFPC_FRAG_NORMAL: |
2570 | /* We must pretend that transport ports are unavailable. */ | |
33bf9176 BP |
2571 | flow->tp_src = ctx.base_flow.tp_src = htons(0); |
2572 | flow->tp_dst = ctx.base_flow.tp_dst = htons(0); | |
9583bc14 EJ |
2573 | break; |
2574 | ||
2575 | case OFPC_FRAG_DROP: | |
2576 | return; | |
2577 | ||
2578 | case OFPC_FRAG_REASM: | |
2579 | NOT_REACHED(); | |
2580 | ||
2581 | case OFPC_FRAG_NX_MATCH: | |
2582 | /* Nothing to do. */ | |
2583 | break; | |
2584 | ||
2585 | case OFPC_INVALID_TTL_TO_CONTROLLER: | |
2586 | NOT_REACHED(); | |
2587 | } | |
2588 | } | |
2589 | ||
46c88433 | 2590 | in_port = get_ofp_port(ctx.xbridge, flow->in_port.ofp_port); |
642dc74d | 2591 | special = process_special(&ctx, flow, in_port, ctx.xin->packet); |
9583bc14 EJ |
2592 | if (special) { |
2593 | ctx.xout->slow = special; | |
2594 | } else { | |
9583bc14 | 2595 | size_t sample_actions_len; |
9583bc14 | 2596 | |
4e022ec0 | 2597 | if (flow->in_port.ofp_port |
46c88433 EJ |
2598 | != vsp_realdev_to_vlandev(ctx.xbridge->ofproto, |
2599 | flow->in_port.ofp_port, | |
33bf9176 | 2600 | flow->vlan_tci)) { |
9583bc14 EJ |
2601 | ctx.base_flow.vlan_tci = 0; |
2602 | } | |
2603 | ||
2604 | add_sflow_action(&ctx); | |
2605 | add_ipfix_action(&ctx); | |
2606 | sample_actions_len = ctx.xout->odp_actions.size; | |
2607 | ||
2608 | if (tunnel_ecn_ok(&ctx) && (!in_port || may_receive(in_port, &ctx))) { | |
2609 | do_xlate_actions(ofpacts, ofpacts_len, &ctx); | |
2610 | ||
2611 | /* We've let OFPP_NORMAL and the learning action look at the | |
2612 | * packet, so drop it now if forwarding is disabled. */ | |
9d189a50 | 2613 | if (in_port && !xport_stp_forward_state(in_port)) { |
9583bc14 EJ |
2614 | ctx.xout->odp_actions.size = sample_actions_len; |
2615 | } | |
2616 | } | |
2617 | ||
46c88433 | 2618 | if (ctx.xbridge->has_in_band |
ce4a6b76 BP |
2619 | && in_band_must_output_to_local_port(flow) |
2620 | && !actions_output_to_local_port(&ctx)) { | |
9583bc14 EJ |
2621 | compose_output_action(&ctx, OFPP_LOCAL); |
2622 | } | |
aaa0fbae EJ |
2623 | |
2624 | fix_sflow_action(&ctx); | |
2625 | ||
46c88433 | 2626 | if (mbridge_has_mirrors(ctx.xbridge->mbridge)) { |
9583bc14 EJ |
2627 | add_mirror_actions(&ctx, &orig_flow); |
2628 | } | |
9583bc14 EJ |
2629 | } |
2630 | ||
2631 | ofpbuf_uninit(&ctx.stack); | |
2632 | ||
2633 | /* Clear the metadata and register wildcard masks, because we won't | |
2634 | * use non-header fields as part of the cache. */ | |
33bf9176 BP |
2635 | memset(&wc->masks.metadata, 0, sizeof wc->masks.metadata); |
2636 | memset(&wc->masks.regs, 0, sizeof wc->masks.regs); | |
9583bc14 | 2637 | } |