]> git.proxmox.com Git - mirror_ovs.git/blob - datapath/vport.c
projects / mirror_ovs.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
openvswitch: fix vport packet length check.
[mirror_ovs.git] / datapath / vport.c
1 /*
2 * Copyright (c) 2007-2015 Nicira, Inc.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of version 2 of the GNU General Public
6 * License as published by the Free Software Foundation.
7 *
8 * This program is distributed in the hope that it will be useful, but
9 * WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
11 * General Public License for more details.
12 *
13 * You should have received a copy of the GNU General Public License
14 * along with this program; if not, write to the Free Software
15 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
16 * 02110-1301, USA
17 */
18
19 #include <linux/etherdevice.h>
20 #include <linux/if.h>
21 #include <linux/if_vlan.h>
22 #include <linux/jhash.h>
23 #include <linux/kernel.h>
24 #include <linux/list.h>
25 #include <linux/mutex.h>
26 #include <linux/percpu.h>
27 #include <linux/rcupdate.h>
28 #include <linux/rtnetlink.h>
29 #include <linux/compat.h>
30 #include <linux/module.h>
31 #include <linux/if_link.h>
32 #include <net/net_namespace.h>
33 #include <net/lisp.h>
34 #include <net/gre.h>
35 #include <net/geneve.h>
36 #include <net/stt.h>
37 #include <net/vxlan.h>
38
39 #include "datapath.h"
40 #include "gso.h"
41 #include "vport.h"
42 #include "vport-internal_dev.h"
43
44 static LIST_HEAD(vport_ops_list);
45
46 /* Protected by RCU read lock for reading, ovs_mutex for writing. */
47 static struct hlist_head *dev_table;
48 #define VPORT_HASH_BUCKETS 1024
49
50 /**
51 * ovs_vport_init - initialize vport subsystem
52 *
53 * Called at module load time to initialize the vport subsystem.
54 */
55 int ovs_vport_init(void)
56 {
57 int err;
58
59 dev_table = kzalloc(VPORT_HASH_BUCKETS * sizeof(struct hlist_head),
60 GFP_KERNEL);
61 if (!dev_table)
62 return -ENOMEM;
63
64 err = lisp_init_module();
65 if (err)
66 goto err_lisp;
67 err = ipgre_init();
68 if (err)
69 goto err_gre;
70 err = ip6gre_init();
71 if (err)
72 goto err_ip6gre;
73 err = ip6_tunnel_init();
74 if (err)
75 goto err_ip6_tunnel;
76 err = geneve_init_module();
77 if (err)
78 goto err_geneve;
79
80 err = vxlan_init_module();
81 if (err)
82 goto err_vxlan;
83 err = ovs_stt_init_module();
84 if (err)
85 goto err_stt;
86 return 0;
87
88 err_stt:
89 vxlan_cleanup_module();
90 err_vxlan:
91 geneve_cleanup_module();
92 err_geneve:
93 ip6_tunnel_cleanup();
94 err_ip6_tunnel:
95 ip6gre_fini();
96 err_ip6gre:
97 ipgre_fini();
98 err_gre:
99 lisp_cleanup_module();
100 err_lisp:
101 kfree(dev_table);
102 return err;
103 }
104
105 /**
106 * ovs_vport_exit - shutdown vport subsystem
107 *
108 * Called at module exit time to shutdown the vport subsystem.
109 */
110 void ovs_vport_exit(void)
111 {
112 ovs_stt_cleanup_module();
113 vxlan_cleanup_module();
114 geneve_cleanup_module();
115 ip6_tunnel_cleanup();
116 ip6gre_fini();
117 ipgre_fini();
118 lisp_cleanup_module();
119 kfree(dev_table);
120 }
121
122 static struct hlist_head *hash_bucket(const struct net *net, const char *name)
123 {
124 unsigned int hash = jhash(name, strlen(name), (unsigned long) net);
125 return &dev_table[hash & (VPORT_HASH_BUCKETS - 1)];
126 }
127
128 int __ovs_vport_ops_register(struct vport_ops *ops)
129 {
130 int err = -EEXIST;
131 struct vport_ops *o;
132
133 ovs_lock();
134 list_for_each_entry(o, &vport_ops_list, list)
135 if (ops->type == o->type)
136 goto errout;
137
138 list_add_tail(&ops->list, &vport_ops_list);
139 err = 0;
140 errout:
141 ovs_unlock();
142 return err;
143 }
144 EXPORT_SYMBOL_GPL(__ovs_vport_ops_register);
145
146 void ovs_vport_ops_unregister(struct vport_ops *ops)
147 {
148 ovs_lock();
149 list_del(&ops->list);
150 ovs_unlock();
151 }
152 EXPORT_SYMBOL_GPL(ovs_vport_ops_unregister);
153
154 /**
155 * ovs_vport_locate - find a port that has already been created
156 *
157 * @name: name of port to find
158 *
159 * Must be called with ovs or RCU read lock.
160 */
161 struct vport *ovs_vport_locate(const struct net *net, const char *name)
162 {
163 struct hlist_head *bucket = hash_bucket(net, name);
164 struct vport *vport;
165
166 hlist_for_each_entry_rcu(vport, bucket, hash_node)
167 if (!strcmp(name, ovs_vport_name(vport)) &&
168 net_eq(ovs_dp_get_net(vport->dp), net))
169 return vport;
170
171 return NULL;
172 }
173
174 /**
175 * ovs_vport_alloc - allocate and initialize new vport
176 *
177 * @priv_size: Size of private data area to allocate.
178 * @ops: vport device ops
179 *
180 * Allocate and initialize a new vport defined by @ops. The vport will contain
181 * a private data area of size @priv_size that can be accessed using
182 * vport_priv(). vports that are no longer needed should be released with
183 * vport_free().
184 */
185 struct vport *ovs_vport_alloc(int priv_size, const struct vport_ops *ops,
186 const struct vport_parms *parms)
187 {
188 struct vport *vport;
189 size_t alloc_size;
190
191 alloc_size = sizeof(struct vport);
192 if (priv_size) {
193 alloc_size = ALIGN(alloc_size, VPORT_ALIGN);
194 alloc_size += priv_size;
195 }
196
197 vport = kzalloc(alloc_size, GFP_KERNEL);
198 if (!vport)
199 return ERR_PTR(-ENOMEM);
200
201 vport->dp = parms->dp;
202 vport->port_no = parms->port_no;
203 vport->ops = ops;
204 INIT_HLIST_NODE(&vport->dp_hash_node);
205
206 if (ovs_vport_set_upcall_portids(vport, parms->upcall_portids)) {
207 kfree(vport);
208 return ERR_PTR(-EINVAL);
209 }
210
211 return vport;
212 }
213 EXPORT_SYMBOL_GPL(ovs_vport_alloc);
214
215 /**
216 * ovs_vport_free - uninitialize and free vport
217 *
218 * @vport: vport to free
219 *
220 * Frees a vport allocated with vport_alloc() when it is no longer needed.
221 *
222 * The caller must ensure that an RCU grace period has passed since the last
223 * time @vport was in a datapath.
224 */
225 void ovs_vport_free(struct vport *vport)
226 {
227 /* vport is freed from RCU callback or error path, Therefore
228 * it is safe to use raw dereference.
229 */
230 kfree(rcu_dereference_raw(vport->upcall_portids));
231 kfree(vport);
232 }
233 EXPORT_SYMBOL_GPL(ovs_vport_free);
234
235 static struct vport_ops *ovs_vport_lookup(const struct vport_parms *parms)
236 {
237 struct vport_ops *ops;
238
239 list_for_each_entry(ops, &vport_ops_list, list)
240 if (ops->type == parms->type)
241 return ops;
242
243 return NULL;
244 }
245
246 /**
247 * ovs_vport_add - add vport device (for kernel callers)
248 *
249 * @parms: Information about new vport.
250 *
251 * Creates a new vport with the specified configuration (which is dependent on
252 * device type). ovs_mutex must be held.
253 */
254 struct vport *ovs_vport_add(const struct vport_parms *parms)
255 {
256 struct vport_ops *ops;
257 struct vport *vport;
258
259 ops = ovs_vport_lookup(parms);
260 if (ops) {
261 struct hlist_head *bucket;
262
263 if (!try_module_get(ops->owner))
264 return ERR_PTR(-EAFNOSUPPORT);
265
266 vport = ops->create(parms);
267 if (IS_ERR(vport)) {
268 module_put(ops->owner);
269 return vport;
270 }
271
272 bucket = hash_bucket(ovs_dp_get_net(vport->dp),
273 ovs_vport_name(vport));
274 hlist_add_head_rcu(&vport->hash_node, bucket);
275 return vport;
276 }
277
278 /* Unlock to attempt module load and return -EAGAIN if load
279 * was successful as we need to restart the port addition
280 * workflow.
281 */
282 ovs_unlock();
283 request_module("vport-type-%d", parms->type);
284 ovs_lock();
285
286 if (!ovs_vport_lookup(parms))
287 return ERR_PTR(-EAFNOSUPPORT);
288 else
289 return ERR_PTR(-EAGAIN);
290 }
291
292 /**
293 * ovs_vport_set_options - modify existing vport device (for kernel callers)
294 *
295 * @vport: vport to modify.
296 * @options: New configuration.
297 *
298 * Modifies an existing device with the specified configuration (which is
299 * dependent on device type). ovs_mutex must be held.
300 */
301 int ovs_vport_set_options(struct vport *vport, struct nlattr *options)
302 {
303 if (!vport->ops->set_options)
304 return -EOPNOTSUPP;
305 return vport->ops->set_options(vport, options);
306 }
307
308 /**
309 * ovs_vport_del - delete existing vport device
310 *
311 * @vport: vport to delete.
312 *
313 * Detaches @vport from its datapath and destroys it. ovs_mutex must be
314 * held.
315 */
316 void ovs_vport_del(struct vport *vport)
317 {
318 ASSERT_OVSL();
319
320 hlist_del_rcu(&vport->hash_node);
321 module_put(vport->ops->owner);
322 vport->ops->destroy(vport);
323 }
324
325 /**
326 * ovs_vport_get_stats - retrieve device stats
327 *
328 * @vport: vport from which to retrieve the stats
329 * @stats: location to store stats
330 *
331 * Retrieves transmit, receive, and error stats for the given device.
332 *
333 * Must be called with ovs_mutex or rcu_read_lock.
334 */
335 void ovs_vport_get_stats(struct vport *vport, struct ovs_vport_stats *stats)
336 {
337 const struct rtnl_link_stats64 *dev_stats;
338 struct rtnl_link_stats64 temp;
339
340 dev_stats = dev_get_stats(vport->dev, &temp);
341 stats->rx_errors = dev_stats->rx_errors;
342 stats->tx_errors = dev_stats->tx_errors;
343 stats->tx_dropped = dev_stats->tx_dropped;
344 stats->rx_dropped = dev_stats->rx_dropped;
345
346 stats->rx_bytes = dev_stats->rx_bytes;
347 stats->rx_packets = dev_stats->rx_packets;
348 stats->tx_bytes = dev_stats->tx_bytes;
349 stats->tx_packets = dev_stats->tx_packets;
350 }
351
352 /**
353 * ovs_vport_get_options - retrieve device options
354 *
355 * @vport: vport from which to retrieve the options.
356 * @skb: sk_buff where options should be appended.
357 *
358 * Retrieves the configuration of the given device, appending an
359 * %OVS_VPORT_ATTR_OPTIONS attribute that in turn contains nested
360 * vport-specific attributes to @skb.
361 *
362 * Returns 0 if successful, -EMSGSIZE if @skb has insufficient room, or another
363 * negative error code if a real error occurred. If an error occurs, @skb is
364 * left unmodified.
365 *
366 * Must be called with ovs_mutex or rcu_read_lock.
367 */
368 int ovs_vport_get_options(const struct vport *vport, struct sk_buff *skb)
369 {
370 struct nlattr *nla;
371 int err;
372
373 if (!vport->ops->get_options)
374 return 0;
375
376 nla = nla_nest_start(skb, OVS_VPORT_ATTR_OPTIONS);
377 if (!nla)
378 return -EMSGSIZE;
379
380 err = vport->ops->get_options(vport, skb);
381 if (err) {
382 nla_nest_cancel(skb, nla);
383 return err;
384 }
385
386 nla_nest_end(skb, nla);
387 return 0;
388 }
389
390 /**
391 * ovs_vport_set_upcall_portids - set upcall portids of @vport.
392 *
393 * @vport: vport to modify.
394 * @ids: new configuration, an array of port ids.
395 *
396 * Sets the vport's upcall_portids to @ids.
397 *
398 * Returns 0 if successful, -EINVAL if @ids is zero length or cannot be parsed
399 * as an array of U32.
400 *
401 * Must be called with ovs_mutex.
402 */
403 int ovs_vport_set_upcall_portids(struct vport *vport, const struct nlattr *ids)
404 {
405 struct vport_portids *old, *vport_portids;
406
407 if (!nla_len(ids) || nla_len(ids) % sizeof(u32))
408 return -EINVAL;
409
410 old = ovsl_dereference(vport->upcall_portids);
411
412 vport_portids = kmalloc(sizeof(*vport_portids) + nla_len(ids),
413 GFP_KERNEL);
414 if (!vport_portids)
415 return -ENOMEM;
416
417 vport_portids->n_ids = nla_len(ids) / sizeof(u32);
418 vport_portids->rn_ids = reciprocal_value(vport_portids->n_ids);
419 nla_memcpy(vport_portids->ids, ids, nla_len(ids));
420
421 rcu_assign_pointer(vport->upcall_portids, vport_portids);
422
423 if (old)
424 kfree_rcu(old, rcu);
425 return 0;
426 }
427
428 /**
429 * ovs_vport_get_upcall_portids - get the upcall_portids of @vport.
430 *
431 * @vport: vport from which to retrieve the portids.
432 * @skb: sk_buff where portids should be appended.
433 *
434 * Retrieves the configuration of the given vport, appending the
435 * %OVS_VPORT_ATTR_UPCALL_PID attribute which is the array of upcall
436 * portids to @skb.
437 *
438 * Returns 0 if successful, -EMSGSIZE if @skb has insufficient room.
439 * If an error occurs, @skb is left unmodified. Must be called with
440 * ovs_mutex or rcu_read_lock.
441 */
442 int ovs_vport_get_upcall_portids(const struct vport *vport,
443 struct sk_buff *skb)
444 {
445 struct vport_portids *ids;
446
447 ids = rcu_dereference_ovsl(vport->upcall_portids);
448
449 if (vport->dp->user_features & OVS_DP_F_VPORT_PIDS)
450 return nla_put(skb, OVS_VPORT_ATTR_UPCALL_PID,
451 ids->n_ids * sizeof(u32), (void *)ids->ids);
452 else
453 return nla_put_u32(skb, OVS_VPORT_ATTR_UPCALL_PID, ids->ids[0]);
454 }
455
456 /**
457 * ovs_vport_find_upcall_portid - find the upcall portid to send upcall.
458 *
459 * @vport: vport from which the missed packet is received.
460 * @skb: skb that the missed packet was received.
461 *
462 * Uses the skb_get_hash() to select the upcall portid to send the
463 * upcall.
464 *
465 * Returns the portid of the target socket. Must be called with rcu_read_lock.
466 */
467 u32 ovs_vport_find_upcall_portid(const struct vport *vport, struct sk_buff *skb)
468 {
469 struct vport_portids *ids;
470 u32 ids_index;
471 u32 hash;
472
473 ids = rcu_dereference(vport->upcall_portids);
474
475 if (ids->n_ids == 1 && ids->ids[0] == 0)
476 return 0;
477
478 hash = skb_get_hash(skb);
479 ids_index = hash - ids->n_ids * reciprocal_divide(hash, ids->rn_ids);
480 return ids->ids[ids_index];
481 }
482
483 /**
484 * ovs_vport_receive - pass up received packet to the datapath for processing
485 *
486 * @vport: vport that received the packet
487 * @skb: skb that was received
488 * @tun_key: tunnel (if any) that carried packet
489 *
490 * Must be called with rcu_read_lock. The packet cannot be shared and
491 * skb->data should point to the Ethernet header.
492 */
493 int ovs_vport_receive(struct vport *vport, struct sk_buff *skb,
494 const struct ip_tunnel_info *tun_info)
495 {
496 struct sw_flow_key key;
497 int error;
498
499 OVS_CB(skb)->input_vport = vport;
500 OVS_CB(skb)->mru = 0;
501 OVS_CB(skb)->cutlen = 0;
502 if (unlikely(dev_net(skb->dev) != ovs_dp_get_net(vport->dp))) {
503 u32 mark;
504
505 mark = skb->mark;
506 skb_scrub_packet(skb, true);
507 skb->mark = mark;
508 tun_info = NULL;
509 }
510
511 ovs_skb_init_inner_protocol(skb);
512 skb_clear_ovs_gso_cb(skb);
513 /* Extract flow from 'skb' into 'key'. */
514 error = ovs_flow_key_extract(tun_info, skb, &key);
515 if (unlikely(error)) {
516 kfree_skb(skb);
517 return error;
518 }
519 ovs_dp_process_packet(skb, &key);
520 return 0;
521 }
522
523 static int packet_length(const struct sk_buff *skb,
524 struct net_device *dev)
525 {
526 int length = skb->len - dev->hard_header_len;
527
528 if (!skb_vlan_tag_present(skb) &&
529 eth_type_vlan(skb->protocol))
530 length -= VLAN_HLEN;
531
532 /* Don't subtract for multiple VLAN tags. Most (all?) drivers allow
533 * (ETH_LEN + VLAN_HLEN) in addition to the mtu value, but almost none
534 * account for 802.1ad. e.g. is_skb_forwardable().
535 */
536
537 return length > 0 ? length: 0;
538 }
539
540 void ovs_vport_send(struct vport *vport, struct sk_buff *skb, u8 mac_proto)
541 {
542 int mtu = vport->dev->mtu;
543
544 switch (vport->dev->type) {
545 case ARPHRD_NONE:
546 if (mac_proto == MAC_PROTO_ETHERNET) {
547 skb_reset_network_header(skb);
548 skb_reset_mac_len(skb);
549 skb->protocol = htons(ETH_P_TEB);
550 } else if (mac_proto != MAC_PROTO_NONE) {
551 WARN_ON_ONCE(1);
552 goto drop;
553 }
554 break;
555 case ARPHRD_ETHER:
556 if (mac_proto != MAC_PROTO_ETHERNET)
557 goto drop;
558 break;
559 default:
560 goto drop;
561 }
562
563 if (unlikely(packet_length(skb, vport->dev) > mtu &&
564 !skb_is_gso(skb))) {
565 net_warn_ratelimited("%s: dropped over-mtu packet: %d > %d\n",
566 vport->dev->name,
567 packet_length(skb, vport->dev), mtu);
568 vport->dev->stats.tx_errors++;
569 goto drop;
570 }
571
572 skb->dev = vport->dev;
573 vport->ops->send(skb);
574 return;
575
576 drop:
577 kfree_skb(skb);
578 }
openvswitch mirror