]> git.proxmox.com Git - mirror_ovs.git/blob - lib/ofp-actions.c
projects / mirror_ovs.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
dpctl: add examples to the manpage.
[mirror_ovs.git] / lib / ofp-actions.c
1 /*
2 * Copyright (c) 2008-2017 Nicira, Inc.
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at:
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 #include <config.h>
18 #include <netinet/in.h>
19
20 #include "bundle.h"
21 #include "byte-order.h"
22 #include "colors.h"
23 #include "compiler.h"
24 #include "dummy.h"
25 #include "openvswitch/hmap.h"
26 #include "learn.h"
27 #include "multipath.h"
28 #include "nx-match.h"
29 #include "odp-netlink.h"
30 #include "openvswitch/dynamic-string.h"
31 #include "openvswitch/meta-flow.h"
32 #include "openvswitch/ofp-actions.h"
33 #include "openvswitch/ofp-util.h"
34 #include "openvswitch/ofp-parse.h"
35 #include "openvswitch/ofp-prop.h"
36 #include "openvswitch/ofpbuf.h"
37 #include "openvswitch/vlog.h"
38 #include "unaligned.h"
39 #include "util.h"
40 #include "vl-mff-map.h"
41
42 VLOG_DEFINE_THIS_MODULE(ofp_actions);
43
44 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
45
46 struct ofp_action_header;
47
48 /* Header for Open vSwitch and ONF vendor extension actions.
49 *
50 * This is the entire header for a few Open vSwitch vendor extension actions,
51 * the ones that either have no arguments or for which variable-length
52 * arguments follow the header.
53 *
54 * This cannot be used as an entirely generic vendor extension action header,
55 * because OpenFlow does not specify the location or size of the action
56 * subtype; it just happens that ONF extensions and Nicira extensions share
57 * this format. */
58 struct ext_action_header {
59 ovs_be16 type; /* OFPAT_VENDOR. */
60 ovs_be16 len; /* At least 16. */
61 ovs_be32 vendor; /* NX_VENDOR_ID or ONF_VENDOR_ID. */
62 ovs_be16 subtype; /* See enum ofp_raw_action_type. */
63 uint8_t pad[6];
64 };
65 OFP_ASSERT(sizeof(struct ext_action_header) == 16);
66
67 /* Raw identifiers for OpenFlow actions.
68 *
69 * Decoding and encoding OpenFlow actions across multiple versions is difficult
70 * to do in a clean, consistent way. This enumeration lays out all of the
71 * forms of actions that Open vSwitch supports.
72 *
73 * The comments here must follow a stylized form because the
74 * "extract-ofp-actions" program parses them at build time to generate data
75 * tables.
76 *
77 * - The first part of each comment specifies the vendor, OpenFlow versions,
78 * and type for each protocol that supports the action:
79 *
80 * # The vendor is OF for standard OpenFlow actions, NX for Nicira
81 * extension actions. (Support for other vendors can be added, but
82 * it can't be done just based on a vendor ID definition alone
83 * because OpenFlow doesn't define a standard way to specify a
84 * subtype for vendor actions, so other vendors might do it different
85 * from Nicira.)
86 *
87 * # The version can specify a specific OpenFlow version, a version
88 * range delimited by "-", or an open-ended range with "+".
89 *
90 * # The type, in parentheses, is the action type number (for standard
91 * OpenFlow actions) or subtype (for vendor extension actions).
92 *
93 * # Optionally one may add "is deprecated" followed by a
94 * human-readable reason in parentheses (which will be used in log
95 * messages), if a particular action should no longer be used.
96 *
97 * Multiple such specifications may be separated by commas.
98 *
99 * - The second part describes the action's wire format. It may be:
100 *
101 * # "struct <name>": The struct fully specifies the wire format. The
102 * action is exactly the size of the struct. (Thus, the struct must
103 * be an exact multiple of 8 bytes in size.)
104 *
105 * # "struct <name>, ...": The struct specifies the beginning of the
106 * wire format. An instance of the action is either the struct's
107 * exact size, or a multiple of 8 bytes longer.
108 *
109 * # "uint<N>_t" or "ovs_be<N>": The action consists of a (standard or
110 * vendor extension) header, followed by 0 or more pad bytes to align
111 * to a multiple of <N> bits, followed by an argument of the given
112 * type, followed by 0 or more pad bytes to bring the total action up
113 * to a multiple of 8 bytes.
114 *
115 * # "void": The action is just a (standard or vendor extension)
116 * header.
117 *
118 * # Optionally, one may add "VLMFF" in the end of the second part if
119 * the Openflow action may use a variable length meta-flow field
120 * (i.e. tun_metadata). Adding "VLMFF" will pass the per-switch based
121 * variable length meta-flow field mapping map (struct vl_mff_map) to
122 * the corresponding action decoding function.
123 *
124 * - Optional additional text enclosed in square brackets is commentary for
125 * the human reader.
126 */
127 enum ofp_raw_action_type {
128 /* ## ----------------- ## */
129 /* ## Standard actions. ## */
130 /* ## ----------------- ## */
131
132 /* OF1.0(0): struct ofp10_action_output. */
133 OFPAT_RAW10_OUTPUT,
134 /* OF1.1+(0): struct ofp11_action_output. */
135 OFPAT_RAW11_OUTPUT,
136
137 /* OF1.0(1): uint16_t. */
138 OFPAT_RAW10_SET_VLAN_VID,
139 /* OF1.0(2): uint8_t. */
140 OFPAT_RAW10_SET_VLAN_PCP,
141
142 /* OF1.1(1), OF1.2+(1) is deprecated (use Set-Field): uint16_t.
143 *
144 * [Semantics differ slightly between the 1.0 and 1.1 versions of the VLAN
145 * modification actions: the 1.0 versions push a VLAN header if none is
146 * present, but the 1.1 versions do not. That is the only reason that we
147 * distinguish their raw action types.] */
148 OFPAT_RAW11_SET_VLAN_VID,
149 /* OF1.1(2), OF1.2+(2) is deprecated (use Set-Field): uint8_t. */
150 OFPAT_RAW11_SET_VLAN_PCP,
151
152 /* OF1.1+(17): ovs_be16.
153 *
154 * [The argument is the Ethertype, e.g. ETH_TYPE_VLAN_8021Q, not the VID or
155 * TCI.] */
156 OFPAT_RAW11_PUSH_VLAN,
157
158 /* OF1.0(3): void. */
159 OFPAT_RAW10_STRIP_VLAN,
160 /* OF1.1+(18): void. */
161 OFPAT_RAW11_POP_VLAN,
162
163 /* OF1.0(4), OF1.1(3), OF1.2+(3) is deprecated (use Set-Field): struct
164 * ofp_action_dl_addr. */
165 OFPAT_RAW_SET_DL_SRC,
166
167 /* OF1.0(5), OF1.1(4), OF1.2+(4) is deprecated (use Set-Field): struct
168 * ofp_action_dl_addr. */
169 OFPAT_RAW_SET_DL_DST,
170
171 /* OF1.0(6), OF1.1(5), OF1.2+(5) is deprecated (use Set-Field):
172 * ovs_be32. */
173 OFPAT_RAW_SET_NW_SRC,
174
175 /* OF1.0(7), OF1.1(6), OF1.2+(6) is deprecated (use Set-Field):
176 * ovs_be32. */
177 OFPAT_RAW_SET_NW_DST,
178
179 /* OF1.0(8), OF1.1(7), OF1.2+(7) is deprecated (use Set-Field): uint8_t. */
180 OFPAT_RAW_SET_NW_TOS,
181
182 /* OF1.1(8), OF1.2+(8) is deprecated (use Set-Field): uint8_t. */
183 OFPAT_RAW11_SET_NW_ECN,
184
185 /* OF1.0(9), OF1.1(9), OF1.2+(9) is deprecated (use Set-Field):
186 * ovs_be16. */
187 OFPAT_RAW_SET_TP_SRC,
188
189 /* OF1.0(10), OF1.1(10), OF1.2+(10) is deprecated (use Set-Field):
190 * ovs_be16. */
191 OFPAT_RAW_SET_TP_DST,
192
193 /* OF1.0(11): struct ofp10_action_enqueue. */
194 OFPAT_RAW10_ENQUEUE,
195
196 /* NX1.0(30), OF1.1(13), OF1.2+(13) is deprecated (use Set-Field):
197 * ovs_be32. */
198 OFPAT_RAW_SET_MPLS_LABEL,
199
200 /* NX1.0(31), OF1.1(14), OF1.2+(14) is deprecated (use Set-Field):
201 * uint8_t. */
202 OFPAT_RAW_SET_MPLS_TC,
203
204 /* NX1.0(25), OF1.1(15), OF1.2+(15) is deprecated (use Set-Field):
205 * uint8_t. */
206 OFPAT_RAW_SET_MPLS_TTL,
207
208 /* NX1.0(26), OF1.1+(16): void. */
209 OFPAT_RAW_DEC_MPLS_TTL,
210
211 /* NX1.0(23), OF1.1+(19): ovs_be16.
212 *
213 * [The argument is the Ethertype, e.g. ETH_TYPE_MPLS, not the label.] */
214 OFPAT_RAW_PUSH_MPLS,
215
216 /* NX1.0(24), OF1.1+(20): ovs_be16.
217 *
218 * [The argument is the Ethertype, e.g. ETH_TYPE_IPV4 if at BoS or
219 * ETH_TYPE_MPLS otherwise, not the label.] */
220 OFPAT_RAW_POP_MPLS,
221
222 /* NX1.0(4), OF1.1+(21): uint32_t. */
223 OFPAT_RAW_SET_QUEUE,
224
225 /* NX1.0(40), OF1.1+(22): uint32_t. */
226 OFPAT_RAW_GROUP,
227
228 /* OF1.1+(23): uint8_t. */
229 OFPAT_RAW11_SET_NW_TTL,
230
231 /* NX1.0(18), OF1.1+(24): void. */
232 OFPAT_RAW_DEC_NW_TTL,
233 /* NX1.0+(21): struct nx_action_cnt_ids, ... */
234 NXAST_RAW_DEC_TTL_CNT_IDS,
235
236 /* OF1.2-1.4(25): struct ofp12_action_set_field, ... VLMFF */
237 OFPAT_RAW12_SET_FIELD,
238 /* OF1.5+(25): struct ofp12_action_set_field, ... VLMFF */
239 OFPAT_RAW15_SET_FIELD,
240 /* NX1.0-1.4(7): struct nx_action_reg_load. VLMFF
241 *
242 * [In OpenFlow 1.5, set_field is a superset of reg_load functionality, so
243 * we drop reg_load.] */
244 NXAST_RAW_REG_LOAD,
245 /* NX1.0-1.4(33): struct ext_action_header, ... VLMFF
246 *
247 * [In OpenFlow 1.5, set_field is a superset of reg_load2 functionality, so
248 * we drop reg_load2.] */
249 NXAST_RAW_REG_LOAD2,
250
251 /* OF1.5+(28): struct ofp15_action_copy_field, ... VLMFF */
252 OFPAT_RAW15_COPY_FIELD,
253 /* ONF1.3-1.4(3200): struct onf_action_copy_field, ... VLMFF */
254 ONFACT_RAW13_COPY_FIELD,
255 /* NX1.0-1.4(6): struct nx_action_reg_move, ... VLMFF */
256 NXAST_RAW_REG_MOVE,
257
258 /* ## ------------------------- ## */
259 /* ## Nicira extension actions. ## */
260 /* ## ------------------------- ## */
261
262 /* Actions similar to standard actions are listed with the standard actions. */
263
264 /* NX1.0+(1): uint16_t. */
265 NXAST_RAW_RESUBMIT,
266 /* NX1.0+(14): struct nx_action_resubmit. */
267 NXAST_RAW_RESUBMIT_TABLE,
268 /* NX1.0+(44): struct nx_action_resubmit. */
269 NXAST_RAW_RESUBMIT_TABLE_CT,
270
271 /* NX1.0+(2): uint32_t. */
272 NXAST_RAW_SET_TUNNEL,
273 /* NX1.0+(9): uint64_t. */
274 NXAST_RAW_SET_TUNNEL64,
275
276 /* NX1.0+(5): void. */
277 NXAST_RAW_POP_QUEUE,
278
279 /* NX1.0+(8): struct nx_action_note, ... */
280 NXAST_RAW_NOTE,
281
282 /* NX1.0+(10): struct nx_action_multipath. VLMFF */
283 NXAST_RAW_MULTIPATH,
284
285 /* NX1.0+(12): struct nx_action_bundle, ... */
286 NXAST_RAW_BUNDLE,
287 /* NX1.0+(13): struct nx_action_bundle, ... VLMFF */
288 NXAST_RAW_BUNDLE_LOAD,
289
290 /* NX1.0+(15): struct nx_action_output_reg. VLMFF */
291 NXAST_RAW_OUTPUT_REG,
292 /* NX1.0+(32): struct nx_action_output_reg2. VLMFF */
293 NXAST_RAW_OUTPUT_REG2,
294
295 /* NX1.0+(16): struct nx_action_learn, ... VLMFF */
296 NXAST_RAW_LEARN,
297 /* NX1.0+(45): struct nx_action_learn2, ... VLMFF */
298 NXAST_RAW_LEARN2,
299
300 /* NX1.0+(17): void. */
301 NXAST_RAW_EXIT,
302
303 /* NX1.0+(19): struct nx_action_fin_timeout. */
304 NXAST_RAW_FIN_TIMEOUT,
305
306 /* NX1.0+(20): struct nx_action_controller. */
307 NXAST_RAW_CONTROLLER,
308 /* NX1.0+(37): struct ext_action_header, ... */
309 NXAST_RAW_CONTROLLER2,
310
311 /* NX1.0+(22): struct nx_action_write_metadata. */
312 NXAST_RAW_WRITE_METADATA,
313
314 /* NX1.0+(27): struct nx_action_stack. VLMFF */
315 NXAST_RAW_STACK_PUSH,
316
317 /* NX1.0+(28): struct nx_action_stack. VLMFF */
318 NXAST_RAW_STACK_POP,
319
320 /* NX1.0+(29): struct nx_action_sample. */
321 NXAST_RAW_SAMPLE,
322 /* NX1.0+(38): struct nx_action_sample2. */
323 NXAST_RAW_SAMPLE2,
324 /* NX1.0+(41): struct nx_action_sample2. */
325 NXAST_RAW_SAMPLE3,
326
327 /* NX1.0+(34): struct nx_action_conjunction. */
328 NXAST_RAW_CONJUNCTION,
329
330 /* NX1.0+(35): struct nx_action_conntrack, ... VLMFF */
331 NXAST_RAW_CT,
332
333 /* NX1.0+(36): struct nx_action_nat, ... */
334 NXAST_RAW_NAT,
335
336 /* NX1.0+(39): struct nx_action_output_trunc. */
337 NXAST_RAW_OUTPUT_TRUNC,
338
339 /* NX1.0+(42): struct ext_action_header, ... VLMFF */
340 NXAST_RAW_CLONE,
341
342 /* NX1.0+(43): void. */
343 NXAST_RAW_CT_CLEAR,
344
345 /* ## ------------------ ## */
346 /* ## Debugging actions. ## */
347 /* ## ------------------ ## */
348
349 /* These are intentionally undocumented, subject to change, and ovs-vswitchd */
350 /* accepts them only if started with --enable-dummy. */
351
352 /* NX1.0+(255): void. */
353 NXAST_RAW_DEBUG_RECIRC,
354 };
355
356 /* OpenFlow actions are always a multiple of 8 bytes in length. */
357 #define OFP_ACTION_ALIGN 8
358
359 /* Define a few functions for working with instructions. */
360 #define DEFINE_INST(ENUM, STRUCT, EXTENSIBLE, NAME) \
361 static inline const struct STRUCT * OVS_UNUSED \
362 instruction_get_##ENUM(const struct ofp11_instruction *inst)\
363 { \
364 ovs_assert(inst->type == htons(ENUM)); \
365 return ALIGNED_CAST(struct STRUCT *, inst); \
366 } \
367 \
368 static inline void OVS_UNUSED \
369 instruction_init_##ENUM(struct STRUCT *s) \
370 { \
371 memset(s, 0, sizeof *s); \
372 s->type = htons(ENUM); \
373 s->len = htons(sizeof *s); \
374 } \
375 \
376 static inline struct STRUCT * OVS_UNUSED \
377 instruction_put_##ENUM(struct ofpbuf *buf) \
378 { \
379 struct STRUCT *s = ofpbuf_put_uninit(buf, sizeof *s); \
380 instruction_init_##ENUM(s); \
381 return s; \
382 }
383 OVS_INSTRUCTIONS
384 #undef DEFINE_INST
385
386 static void ofpacts_update_instruction_actions(struct ofpbuf *openflow,
387 size_t ofs);
388 static void pad_ofpat(struct ofpbuf *openflow, size_t start_ofs);
389
390 static enum ofperr ofpacts_verify(const struct ofpact[], size_t ofpacts_len,
391 uint32_t allowed_ovsinsts,
392 enum ofpact_type outer_action);
393
394 static void put_set_field(struct ofpbuf *openflow, enum ofp_version,
395 enum mf_field_id, uint64_t value);
396
397 static void put_reg_load(struct ofpbuf *openflow,
398 const struct mf_subfield *, uint64_t value);
399
400 static enum ofperr ofpact_pull_raw(struct ofpbuf *, enum ofp_version,
401 enum ofp_raw_action_type *, uint64_t *arg);
402 static void *ofpact_put_raw(struct ofpbuf *, enum ofp_version,
403 enum ofp_raw_action_type, uint64_t arg);
404
405 static char *OVS_WARN_UNUSED_RESULT ofpacts_parse(
406 char *str, struct ofpbuf *ofpacts, enum ofputil_protocol *usable_protocols,
407 bool allow_instructions, enum ofpact_type outer_action);
408 static enum ofperr ofpacts_pull_openflow_actions__(
409 struct ofpbuf *openflow, unsigned int actions_len,
410 enum ofp_version version, uint32_t allowed_ovsinsts,
411 struct ofpbuf *ofpacts, enum ofpact_type outer_action,
412 const struct vl_mff_map *vl_mff_map, uint64_t *ofpacts_tlv_bitmap);
413 static char * OVS_WARN_UNUSED_RESULT ofpacts_parse_copy(
414 const char *s_, struct ofpbuf *ofpacts,
415 enum ofputil_protocol *usable_protocols,
416 bool allow_instructions, enum ofpact_type outer_action);
417
418 /* Returns the ofpact following 'ofpact', except that if 'ofpact' contains
419 * nested ofpacts it returns the first one. */
420 struct ofpact *
421 ofpact_next_flattened(const struct ofpact *ofpact)
422 {
423 switch (ofpact->type) {
424 case OFPACT_OUTPUT:
425 case OFPACT_GROUP:
426 case OFPACT_CONTROLLER:
427 case OFPACT_ENQUEUE:
428 case OFPACT_OUTPUT_REG:
429 case OFPACT_OUTPUT_TRUNC:
430 case OFPACT_BUNDLE:
431 case OFPACT_SET_FIELD:
432 case OFPACT_SET_VLAN_VID:
433 case OFPACT_SET_VLAN_PCP:
434 case OFPACT_STRIP_VLAN:
435 case OFPACT_PUSH_VLAN:
436 case OFPACT_SET_ETH_SRC:
437 case OFPACT_SET_ETH_DST:
438 case OFPACT_SET_IPV4_SRC:
439 case OFPACT_SET_IPV4_DST:
440 case OFPACT_SET_IP_DSCP:
441 case OFPACT_SET_IP_ECN:
442 case OFPACT_SET_IP_TTL:
443 case OFPACT_SET_L4_SRC_PORT:
444 case OFPACT_SET_L4_DST_PORT:
445 case OFPACT_REG_MOVE:
446 case OFPACT_STACK_PUSH:
447 case OFPACT_STACK_POP:
448 case OFPACT_DEC_TTL:
449 case OFPACT_SET_MPLS_LABEL:
450 case OFPACT_SET_MPLS_TC:
451 case OFPACT_SET_MPLS_TTL:
452 case OFPACT_DEC_MPLS_TTL:
453 case OFPACT_PUSH_MPLS:
454 case OFPACT_POP_MPLS:
455 case OFPACT_SET_TUNNEL:
456 case OFPACT_SET_QUEUE:
457 case OFPACT_POP_QUEUE:
458 case OFPACT_FIN_TIMEOUT:
459 case OFPACT_RESUBMIT:
460 case OFPACT_LEARN:
461 case OFPACT_CONJUNCTION:
462 case OFPACT_MULTIPATH:
463 case OFPACT_NOTE:
464 case OFPACT_EXIT:
465 case OFPACT_SAMPLE:
466 case OFPACT_UNROLL_XLATE:
467 case OFPACT_CT_CLEAR:
468 case OFPACT_DEBUG_RECIRC:
469 case OFPACT_METER:
470 case OFPACT_CLEAR_ACTIONS:
471 case OFPACT_WRITE_METADATA:
472 case OFPACT_GOTO_TABLE:
473 case OFPACT_NAT:
474 return ofpact_next(ofpact);
475
476 case OFPACT_CLONE:
477 return ofpact_get_CLONE(ofpact)->actions;
478
479 case OFPACT_CT:
480 return ofpact_get_CT(ofpact)->actions;
481
482 case OFPACT_WRITE_ACTIONS:
483 return ofpact_get_WRITE_ACTIONS(ofpact)->actions;
484 }
485
486 OVS_NOT_REACHED();
487 }
488
489 /* Pull off existing actions or instructions. Used by nesting actions to keep
490 * ofpacts_parse() oblivious of actions nesting.
491 *
492 * Push the actions back on after nested parsing, e.g.:
493 *
494 * size_t ofs = ofpacts_pull(ofpacts);
495 * ...nested parsing...
496 * ofpbuf_push_uninit(ofpacts, ofs);
497 */
498 static size_t
499 ofpacts_pull(struct ofpbuf *ofpacts)
500 {
501 size_t ofs;
502
503 ofs = ofpacts->size;
504 ofpbuf_pull(ofpacts, ofs);
505
506 return ofs;
507 }
508
509 #include "ofp-actions.inc1"
510 \f
511 /* Output actions. */
512
513 /* Action structure for OFPAT10_OUTPUT, which sends packets out 'port'.
514 * When the 'port' is the OFPP_CONTROLLER, 'max_len' indicates the max
515 * number of bytes to send. A 'max_len' of zero means no bytes of the
516 * packet should be sent. */
517 struct ofp10_action_output {
518 ovs_be16 type; /* OFPAT10_OUTPUT. */
519 ovs_be16 len; /* Length is 8. */
520 ovs_be16 port; /* Output port. */
521 ovs_be16 max_len; /* Max length to send to controller. */
522 };
523 OFP_ASSERT(sizeof(struct ofp10_action_output) == 8);
524
525 /* Action structure for OFPAT_OUTPUT, which sends packets out 'port'.
526 * When the 'port' is the OFPP_CONTROLLER, 'max_len' indicates the max
527 * number of bytes to send. A 'max_len' of zero means no bytes of the
528 * packet should be sent.*/
529 struct ofp11_action_output {
530 ovs_be16 type; /* OFPAT11_OUTPUT. */
531 ovs_be16 len; /* Length is 16. */
532 ovs_be32 port; /* Output port. */
533 ovs_be16 max_len; /* Max length to send to controller. */
534 uint8_t pad[6]; /* Pad to 64 bits. */
535 };
536 OFP_ASSERT(sizeof(struct ofp11_action_output) == 16);
537
538 static enum ofperr
539 decode_OFPAT_RAW10_OUTPUT(const struct ofp10_action_output *oao,
540 enum ofp_version ofp_version OVS_UNUSED,
541 struct ofpbuf *out)
542 {
543 struct ofpact_output *output;
544
545 output = ofpact_put_OUTPUT(out);
546 output->port = u16_to_ofp(ntohs(oao->port));
547 output->max_len = ntohs(oao->max_len);
548
549 return ofpact_check_output_port(output->port, OFPP_MAX);
550 }
551
552 static enum ofperr
553 decode_OFPAT_RAW11_OUTPUT(const struct ofp11_action_output *oao,
554 enum ofp_version ofp_version OVS_UNUSED,
555 struct ofpbuf *out)
556 {
557 struct ofpact_output *output;
558 enum ofperr error;
559
560 output = ofpact_put_OUTPUT(out);
561 output->max_len = ntohs(oao->max_len);
562
563 error = ofputil_port_from_ofp11(oao->port, &output->port);
564 if (error) {
565 return error;
566 }
567
568 return ofpact_check_output_port(output->port, OFPP_MAX);
569 }
570
571 static void
572 encode_OUTPUT(const struct ofpact_output *output,
573 enum ofp_version ofp_version, struct ofpbuf *out)
574 {
575 if (ofp_version == OFP10_VERSION) {
576 struct ofp10_action_output *oao;
577
578 oao = put_OFPAT10_OUTPUT(out);
579 oao->port = htons(ofp_to_u16(output->port));
580 oao->max_len = htons(output->max_len);
581 } else {
582 struct ofp11_action_output *oao;
583
584 oao = put_OFPAT11_OUTPUT(out);
585 oao->port = ofputil_port_to_ofp11(output->port);
586 oao->max_len = htons(output->max_len);
587 }
588 }
589
590 static char * OVS_WARN_UNUSED_RESULT
591 parse_truncate_subfield(struct ofpact_output_trunc *output_trunc,
592 const char *arg_)
593 {
594 char *key, *value;
595 char *arg = CONST_CAST(char *, arg_);
596
597 while (ofputil_parse_key_value(&arg, &key, &value)) {
598 if (!strcmp(key, "port")) {
599 if (!ofputil_port_from_string(value, &output_trunc->port)) {
600 return xasprintf("output to unknown truncate port: %s",
601 value);
602 }
603 if (ofp_to_u16(output_trunc->port) > ofp_to_u16(OFPP_MAX)) {
604 if (output_trunc->port != OFPP_LOCAL &&
605 output_trunc->port != OFPP_IN_PORT)
606 return xasprintf("output to unsupported truncate port: %s",
607 value);
608 }
609 } else if (!strcmp(key, "max_len")) {
610 char *err;
611
612 err = str_to_u32(value, &output_trunc->max_len);
613 if (err) {
614 return err;
615 }
616 } else {
617 return xasprintf("invalid key '%s' in output_trunc argument",
618 key);
619 }
620 }
621 return NULL;
622 }
623
624 static char * OVS_WARN_UNUSED_RESULT
625 parse_OUTPUT(const char *arg, struct ofpbuf *ofpacts,
626 enum ofputil_protocol *usable_protocols OVS_UNUSED)
627 {
628 if (strstr(arg, "port") && strstr(arg, "max_len")) {
629 struct ofpact_output_trunc *output_trunc;
630
631 output_trunc = ofpact_put_OUTPUT_TRUNC(ofpacts);
632 return parse_truncate_subfield(output_trunc, arg);
633 } else {
634 struct mf_subfield src;
635 char *error = mf_parse_subfield(&src, arg);
636 if (!error) {
637 struct ofpact_output_reg *output_reg;
638
639 output_reg = ofpact_put_OUTPUT_REG(ofpacts);
640 output_reg->max_len = UINT16_MAX;
641 output_reg->src = src;
642 } else {
643 free(error);
644 struct ofpact_output *output;
645
646 output = ofpact_put_OUTPUT(ofpacts);
647 if (!ofputil_port_from_string(arg, &output->port)) {
648 return xasprintf("%s: output to unknown port", arg);
649 }
650 output->max_len = output->port == OFPP_CONTROLLER ? UINT16_MAX : 0;
651 }
652 return NULL;
653 }
654 }
655
656 static void
657 format_OUTPUT(const struct ofpact_output *a, struct ds *s)
658 {
659 if (ofp_to_u16(a->port) < ofp_to_u16(OFPP_MAX)) {
660 ds_put_format(s, "%soutput:%s%"PRIu32,
661 colors.special, colors.end, a->port);
662 } else {
663 ofputil_format_port(a->port, s);
664 if (a->port == OFPP_CONTROLLER) {
665 ds_put_format(s, ":%"PRIu16, a->max_len);
666 }
667 }
668 }
669 \f
670 /* Group actions. */
671
672 static enum ofperr
673 decode_OFPAT_RAW_GROUP(uint32_t group_id,
674 enum ofp_version ofp_version OVS_UNUSED,
675 struct ofpbuf *out)
676 {
677 ofpact_put_GROUP(out)->group_id = group_id;
678 return 0;
679 }
680
681 static void
682 encode_GROUP(const struct ofpact_group *group,
683 enum ofp_version ofp_version, struct ofpbuf *out)
684 {
685 put_OFPAT_GROUP(out, ofp_version, group->group_id);
686 }
687
688 static char * OVS_WARN_UNUSED_RESULT
689 parse_GROUP(char *arg, struct ofpbuf *ofpacts,
690 enum ofputil_protocol *usable_protocols OVS_UNUSED)
691 {
692 return str_to_u32(arg, &ofpact_put_GROUP(ofpacts)->group_id);
693 }
694
695 static void
696 format_GROUP(const struct ofpact_group *a, struct ds *s)
697 {
698 ds_put_format(s, "%sgroup:%s%"PRIu32,
699 colors.special, colors.end, a->group_id);
700 }
701 \f
702 /* Action structure for NXAST_CONTROLLER.
703 *
704 * This generalizes using OFPAT_OUTPUT to send a packet to OFPP_CONTROLLER. In
705 * addition to the 'max_len' that OFPAT_OUTPUT supports, it also allows
706 * specifying:
707 *
708 * - 'reason': The reason code to use in the ofp_packet_in or nx_packet_in.
709 *
710 * - 'controller_id': The ID of the controller connection to which the
711 * ofp_packet_in should be sent. The ofp_packet_in or nx_packet_in is
712 * sent only to controllers that have the specified controller connection
713 * ID. See "struct nx_controller_id" for more information. */
714 struct nx_action_controller {
715 ovs_be16 type; /* OFPAT_VENDOR. */
716 ovs_be16 len; /* Length is 16. */
717 ovs_be32 vendor; /* NX_VENDOR_ID. */
718 ovs_be16 subtype; /* NXAST_CONTROLLER. */
719 ovs_be16 max_len; /* Maximum length to send to controller. */
720 ovs_be16 controller_id; /* Controller ID to send packet-in. */
721 uint8_t reason; /* enum ofp_packet_in_reason (OFPR_*). */
722 uint8_t zero; /* Must be zero. */
723 };
724 OFP_ASSERT(sizeof(struct nx_action_controller) == 16);
725
726 /* Properties for NXAST_CONTROLLER2.
727 *
728 * For more information on the effect of NXAC2PT_PAUSE, see the large comment
729 * on NXT_PACKET_IN2 in nicira-ext.h */
730 enum nx_action_controller2_prop_type {
731 NXAC2PT_MAX_LEN, /* ovs_be16 max bytes to send (default all). */
732 NXAC2PT_CONTROLLER_ID, /* ovs_be16 dest controller ID (default 0). */
733 NXAC2PT_REASON, /* uint8_t reason (OFPR_*), default 0. */
734 NXAC2PT_USERDATA, /* Data to copy into NXPINT_USERDATA. */
735 NXAC2PT_PAUSE, /* Flag to pause pipeline to resume later. */
736 };
737
738 /* The action structure for NXAST_CONTROLLER2 is "struct ext_action_header",
739 * followed by NXAC2PT_* properties. */
740
741 static enum ofperr
742 decode_NXAST_RAW_CONTROLLER(const struct nx_action_controller *nac,
743 enum ofp_version ofp_version OVS_UNUSED,
744 struct ofpbuf *out)
745 {
746 struct ofpact_controller *oc;
747
748 oc = ofpact_put_CONTROLLER(out);
749 oc->ofpact.raw = NXAST_RAW_CONTROLLER;
750 oc->max_len = ntohs(nac->max_len);
751 oc->controller_id = ntohs(nac->controller_id);
752 oc->reason = nac->reason;
753 ofpact_finish_CONTROLLER(out, &oc);
754
755 return 0;
756 }
757
758 static enum ofperr
759 decode_NXAST_RAW_CONTROLLER2(const struct ext_action_header *eah,
760 enum ofp_version ofp_version OVS_UNUSED,
761 struct ofpbuf *out)
762 {
763 if (!is_all_zeros(eah->pad, sizeof eah->pad)) {
764 return OFPERR_NXBRC_MUST_BE_ZERO;
765 }
766
767 size_t start_ofs = out->size;
768 struct ofpact_controller *oc = ofpact_put_CONTROLLER(out);
769 oc->ofpact.raw = NXAST_RAW_CONTROLLER2;
770 oc->max_len = UINT16_MAX;
771 oc->reason = OFPR_ACTION;
772
773 struct ofpbuf properties;
774 ofpbuf_use_const(&properties, eah, ntohs(eah->len));
775 ofpbuf_pull(&properties, sizeof *eah);
776
777 while (properties.size > 0) {
778 struct ofpbuf payload;
779 uint64_t type;
780
781 enum ofperr error = ofpprop_pull(&properties, &payload, &type);
782 if (error) {
783 return error;
784 }
785
786 switch (type) {
787 case NXAC2PT_MAX_LEN:
788 error = ofpprop_parse_u16(&payload, &oc->max_len);
789 break;
790
791 case NXAC2PT_CONTROLLER_ID:
792 error = ofpprop_parse_u16(&payload, &oc->controller_id);
793 break;
794
795 case NXAC2PT_REASON: {
796 uint8_t u8;
797 error = ofpprop_parse_u8(&payload, &u8);
798 oc->reason = u8;
799 break;
800 }
801
802 case NXAC2PT_USERDATA:
803 out->size = start_ofs + OFPACT_CONTROLLER_SIZE;
804 ofpbuf_put(out, payload.msg, ofpbuf_msgsize(&payload));
805 oc = ofpbuf_at_assert(out, start_ofs, sizeof *oc);
806 oc->userdata_len = ofpbuf_msgsize(&payload);
807 break;
808
809 case NXAC2PT_PAUSE:
810 oc->pause = true;
811 break;
812
813 default:
814 error = OFPPROP_UNKNOWN(false, "NXAST_RAW_CONTROLLER2", type);
815 break;
816 }
817 if (error) {
818 return error;
819 }
820 }
821
822 ofpact_finish_CONTROLLER(out, &oc);
823
824 return 0;
825 }
826
827 static void
828 encode_CONTROLLER(const struct ofpact_controller *controller,
829 enum ofp_version ofp_version OVS_UNUSED,
830 struct ofpbuf *out)
831 {
832 if (controller->userdata_len
833 || controller->pause
834 || controller->ofpact.raw == NXAST_RAW_CONTROLLER2) {
835 size_t start_ofs = out->size;
836 put_NXAST_CONTROLLER2(out);
837 if (controller->max_len != UINT16_MAX) {
838 ofpprop_put_u16(out, NXAC2PT_MAX_LEN, controller->max_len);
839 }
840 if (controller->controller_id != 0) {
841 ofpprop_put_u16(out, NXAC2PT_CONTROLLER_ID,
842 controller->controller_id);
843 }
844 if (controller->reason != OFPR_ACTION) {
845 ofpprop_put_u8(out, NXAC2PT_REASON, controller->reason);
846 }
847 if (controller->userdata_len != 0) {
848 ofpprop_put(out, NXAC2PT_USERDATA, controller->userdata,
849 controller->userdata_len);
850 }
851 if (controller->pause) {
852 ofpprop_put_flag(out, NXAC2PT_PAUSE);
853 }
854 pad_ofpat(out, start_ofs);
855 } else {
856 struct nx_action_controller *nac;
857
858 nac = put_NXAST_CONTROLLER(out);
859 nac->max_len = htons(controller->max_len);
860 nac->controller_id = htons(controller->controller_id);
861 nac->reason = controller->reason;
862 }
863 }
864
865 static char * OVS_WARN_UNUSED_RESULT
866 parse_CONTROLLER(char *arg, struct ofpbuf *ofpacts,
867 enum ofputil_protocol *usable_protocols OVS_UNUSED)
868 {
869 enum ofp_packet_in_reason reason = OFPR_ACTION;
870 uint16_t controller_id = 0;
871 uint16_t max_len = UINT16_MAX;
872 const char *userdata = NULL;
873 bool pause = false;
874
875 if (!arg[0]) {
876 /* Use defaults. */
877 } else if (strspn(arg, "0123456789") == strlen(arg)) {
878 char *error = str_to_u16(arg, "max_len", &max_len);
879 if (error) {
880 return error;
881 }
882 } else {
883 char *name, *value;
884
885 while (ofputil_parse_key_value(&arg, &name, &value)) {
886 if (!strcmp(name, "reason")) {
887 if (!ofputil_packet_in_reason_from_string(value, &reason)) {
888 return xasprintf("unknown reason \"%s\"", value);
889 }
890 } else if (!strcmp(name, "max_len")) {
891 char *error = str_to_u16(value, "max_len", &max_len);
892 if (error) {
893 return error;
894 }
895 } else if (!strcmp(name, "id")) {
896 char *error = str_to_u16(value, "id", &controller_id);
897 if (error) {
898 return error;
899 }
900 } else if (!strcmp(name, "userdata")) {
901 userdata = value;
902 } else if (!strcmp(name, "pause")) {
903 pause = true;
904 } else {
905 return xasprintf("unknown key \"%s\" parsing controller "
906 "action", name);
907 }
908 }
909 }
910
911 if (reason == OFPR_ACTION && controller_id == 0 && !userdata && !pause) {
912 struct ofpact_output *output;
913
914 output = ofpact_put_OUTPUT(ofpacts);
915 output->port = OFPP_CONTROLLER;
916 output->max_len = max_len;
917 } else {
918 struct ofpact_controller *controller;
919
920 controller = ofpact_put_CONTROLLER(ofpacts);
921 controller->max_len = max_len;
922 controller->reason = reason;
923 controller->controller_id = controller_id;
924 controller->pause = pause;
925
926 if (userdata) {
927 size_t start_ofs = ofpacts->size;
928 const char *end = ofpbuf_put_hex(ofpacts, userdata, NULL);
929 if (*end) {
930 return xstrdup("bad hex digit in `controller' "
931 "action `userdata'");
932 }
933 size_t userdata_len = ofpacts->size - start_ofs;
934 controller = ofpacts->header;
935 controller->userdata_len = userdata_len;
936 }
937 ofpact_finish_CONTROLLER(ofpacts, &controller);
938 }
939
940 return NULL;
941 }
942
943 static void
944 format_hex_arg(struct ds *s, const uint8_t *data, size_t len)
945 {
946 for (size_t i = 0; i < len; i++) {
947 if (i) {
948 ds_put_char(s, '.');
949 }
950 ds_put_format(s, "%02"PRIx8, data[i]);
951 }
952 }
953
954 static void
955 format_CONTROLLER(const struct ofpact_controller *a, struct ds *s)
956 {
957 if (a->reason == OFPR_ACTION && !a->controller_id && !a->userdata_len
958 && !a->pause) {
959 ds_put_format(s, "%sCONTROLLER:%s%"PRIu16,
960 colors.special, colors.end, a->max_len);
961 } else {
962 enum ofp_packet_in_reason reason = a->reason;
963
964 ds_put_format(s, "%scontroller(%s", colors.paren, colors.end);
965 if (reason != OFPR_ACTION) {
966 char reasonbuf[OFPUTIL_PACKET_IN_REASON_BUFSIZE];
967
968 ds_put_format(s, "%sreason=%s%s,", colors.param, colors.end,
969 ofputil_packet_in_reason_to_string(
970 reason, reasonbuf, sizeof reasonbuf));
971 }
972 if (a->max_len != UINT16_MAX) {
973 ds_put_format(s, "%smax_len=%s%"PRIu16",",
974 colors.param, colors.end, a->max_len);
975 }
976 if (a->controller_id != 0) {
977 ds_put_format(s, "%sid=%s%"PRIu16",",
978 colors.param, colors.end, a->controller_id);
979 }
980 if (a->userdata_len) {
981 ds_put_format(s, "%suserdata=%s", colors.param, colors.end);
982 format_hex_arg(s, a->userdata, a->userdata_len);
983 ds_put_char(s, ',');
984 }
985 if (a->pause) {
986 ds_put_format(s, "%spause%s,", colors.value, colors.end);
987 }
988 ds_chomp(s, ',');
989 ds_put_format(s, "%s)%s", colors.paren, colors.end);
990 }
991 }
992 \f
993 /* Enqueue action. */
994 struct ofp10_action_enqueue {
995 ovs_be16 type; /* OFPAT10_ENQUEUE. */
996 ovs_be16 len; /* Len is 16. */
997 ovs_be16 port; /* Port that queue belongs. Should
998 refer to a valid physical port
999 (i.e. < OFPP_MAX) or OFPP_IN_PORT. */
1000 uint8_t pad[6]; /* Pad for 64-bit alignment. */
1001 ovs_be32 queue_id; /* Where to enqueue the packets. */
1002 };
1003 OFP_ASSERT(sizeof(struct ofp10_action_enqueue) == 16);
1004
1005 static enum ofperr
1006 decode_OFPAT_RAW10_ENQUEUE(const struct ofp10_action_enqueue *oae,
1007 enum ofp_version ofp_version OVS_UNUSED,
1008 struct ofpbuf *out)
1009 {
1010 struct ofpact_enqueue *enqueue;
1011
1012 enqueue = ofpact_put_ENQUEUE(out);
1013 enqueue->port = u16_to_ofp(ntohs(oae->port));
1014 enqueue->queue = ntohl(oae->queue_id);
1015 if (ofp_to_u16(enqueue->port) >= ofp_to_u16(OFPP_MAX)
1016 && enqueue->port != OFPP_IN_PORT
1017 && enqueue->port != OFPP_LOCAL) {
1018 return OFPERR_OFPBAC_BAD_OUT_PORT;
1019 }
1020 return 0;
1021 }
1022
1023 static void
1024 encode_ENQUEUE(const struct ofpact_enqueue *enqueue,
1025 enum ofp_version ofp_version, struct ofpbuf *out)
1026 {
1027 if (ofp_version == OFP10_VERSION) {
1028 struct ofp10_action_enqueue *oae;
1029
1030 oae = put_OFPAT10_ENQUEUE(out);
1031 oae->port = htons(ofp_to_u16(enqueue->port));
1032 oae->queue_id = htonl(enqueue->queue);
1033 } else {
1034 put_OFPAT_SET_QUEUE(out, ofp_version, enqueue->queue);
1035
1036 struct ofp11_action_output *oao = put_OFPAT11_OUTPUT(out);
1037 oao->port = ofputil_port_to_ofp11(enqueue->port);
1038 oao->max_len = OVS_BE16_MAX;
1039
1040 put_NXAST_POP_QUEUE(out);
1041 }
1042 }
1043
1044 static char * OVS_WARN_UNUSED_RESULT
1045 parse_ENQUEUE(char *arg, struct ofpbuf *ofpacts,
1046 enum ofputil_protocol *usable_protocols OVS_UNUSED)
1047 {
1048 char *sp = NULL;
1049 char *port = strtok_r(arg, ":q,", &sp);
1050 char *queue = strtok_r(NULL, "", &sp);
1051 struct ofpact_enqueue *enqueue;
1052
1053 if (port == NULL || queue == NULL) {
1054 return xstrdup("\"enqueue\" syntax is \"enqueue:PORT:QUEUE\" or "
1055 "\"enqueue(PORT,QUEUE)\"");
1056 }
1057
1058 enqueue = ofpact_put_ENQUEUE(ofpacts);
1059 if (!ofputil_port_from_string(port, &enqueue->port)) {
1060 return xasprintf("%s: enqueue to unknown port", port);
1061 }
1062 return str_to_u32(queue, &enqueue->queue);
1063 }
1064
1065 static void
1066 format_ENQUEUE(const struct ofpact_enqueue *a, struct ds *s)
1067 {
1068 ds_put_format(s, "%senqueue:%s", colors.param, colors.end);
1069 ofputil_format_port(a->port, s);
1070 ds_put_format(s, ":%"PRIu32, a->queue);
1071 }
1072 \f
1073 /* Action structure for NXAST_OUTPUT_REG.
1074 *
1075 * Outputs to the OpenFlow port number written to src[ofs:ofs+nbits].
1076 *
1077 * The format and semantics of 'src' and 'ofs_nbits' are similar to those for
1078 * the NXAST_REG_LOAD action.
1079 *
1080 * The acceptable nxm_header values for 'src' are the same as the acceptable
1081 * nxm_header values for the 'src' field of NXAST_REG_MOVE.
1082 *
1083 * The 'max_len' field indicates the number of bytes to send when the chosen
1084 * port is OFPP_CONTROLLER. Its semantics are equivalent to the 'max_len'
1085 * field of OFPAT_OUTPUT.
1086 *
1087 * The 'zero' field is required to be zeroed for forward compatibility. */
1088 struct nx_action_output_reg {
1089 ovs_be16 type; /* OFPAT_VENDOR. */
1090 ovs_be16 len; /* 24. */
1091 ovs_be32 vendor; /* NX_VENDOR_ID. */
1092 ovs_be16 subtype; /* NXAST_OUTPUT_REG. */
1093
1094 ovs_be16 ofs_nbits; /* (ofs << 6) | (n_bits - 1). */
1095 ovs_be32 src; /* Source. */
1096
1097 ovs_be16 max_len; /* Max length to send to controller. */
1098
1099 uint8_t zero[6]; /* Reserved, must be zero. */
1100 };
1101 OFP_ASSERT(sizeof(struct nx_action_output_reg) == 24);
1102
1103 /* Action structure for NXAST_OUTPUT_REG2.
1104 *
1105 * Like the NXAST_OUTPUT_REG but organized so that there is room for a 64-bit
1106 * experimenter OXM as 'src'.
1107 */
1108 struct nx_action_output_reg2 {
1109 ovs_be16 type; /* OFPAT_VENDOR. */
1110 ovs_be16 len; /* 24. */
1111 ovs_be32 vendor; /* NX_VENDOR_ID. */
1112 ovs_be16 subtype; /* NXAST_OUTPUT_REG2. */
1113
1114 ovs_be16 ofs_nbits; /* (ofs << 6) | (n_bits - 1). */
1115 ovs_be16 max_len; /* Max length to send to controller. */
1116
1117 /* Followed by:
1118 * - 'src', as an OXM/NXM header (either 4 or 8 bytes).
1119 * - Enough 0-bytes to pad the action out to 24 bytes. */
1120 uint8_t pad[10];
1121 };
1122 OFP_ASSERT(sizeof(struct nx_action_output_reg2) == 24);
1123
1124 static enum ofperr
1125 decode_NXAST_RAW_OUTPUT_REG(const struct nx_action_output_reg *naor,
1126 enum ofp_version ofp_version OVS_UNUSED,
1127 const struct vl_mff_map *vl_mff_map,
1128 uint64_t *tlv_bitmap, struct ofpbuf *out)
1129 {
1130 struct ofpact_output_reg *output_reg;
1131 enum ofperr error;
1132
1133 if (!is_all_zeros(naor->zero, sizeof naor->zero)) {
1134 return OFPERR_OFPBAC_BAD_ARGUMENT;
1135 }
1136
1137 output_reg = ofpact_put_OUTPUT_REG(out);
1138 output_reg->ofpact.raw = NXAST_RAW_OUTPUT_REG;
1139 output_reg->src.ofs = nxm_decode_ofs(naor->ofs_nbits);
1140 output_reg->src.n_bits = nxm_decode_n_bits(naor->ofs_nbits);
1141 output_reg->max_len = ntohs(naor->max_len);
1142 error = mf_vl_mff_mf_from_nxm_header(ntohl(naor->src), vl_mff_map,
1143 &output_reg->src.field, tlv_bitmap);
1144 if (error) {
1145 return error;
1146 }
1147
1148 return mf_check_src(&output_reg->src, NULL);
1149 }
1150
1151 static enum ofperr
1152 decode_NXAST_RAW_OUTPUT_REG2(const struct nx_action_output_reg2 *naor,
1153 enum ofp_version ofp_version OVS_UNUSED,
1154 const struct vl_mff_map *vl_mff_map,
1155 uint64_t *tlv_bitmap, struct ofpbuf *out)
1156 {
1157 struct ofpact_output_reg *output_reg;
1158 enum ofperr error;
1159
1160 output_reg = ofpact_put_OUTPUT_REG(out);
1161 output_reg->ofpact.raw = NXAST_RAW_OUTPUT_REG2;
1162 output_reg->src.ofs = nxm_decode_ofs(naor->ofs_nbits);
1163 output_reg->src.n_bits = nxm_decode_n_bits(naor->ofs_nbits);
1164 output_reg->max_len = ntohs(naor->max_len);
1165
1166 struct ofpbuf b = ofpbuf_const_initializer(naor, ntohs(naor->len));
1167 ofpbuf_pull(&b, OBJECT_OFFSETOF(naor, pad));
1168
1169 error = mf_vl_mff_nx_pull_header(&b, vl_mff_map, &output_reg->src.field,
1170 NULL, tlv_bitmap);
1171 if (error) {
1172 return error;
1173 }
1174
1175 if (!is_all_zeros(b.data, b.size)) {
1176 return OFPERR_NXBRC_MUST_BE_ZERO;
1177 }
1178
1179 return mf_check_src(&output_reg->src, NULL);
1180 }
1181
1182 static void
1183 encode_OUTPUT_REG(const struct ofpact_output_reg *output_reg,
1184 enum ofp_version ofp_version OVS_UNUSED,
1185 struct ofpbuf *out)
1186 {
1187 /* If 'output_reg' came in as an NXAST_RAW_OUTPUT_REG2 action, or if it
1188 * cannot be encoded in the older form, encode it as
1189 * NXAST_RAW_OUTPUT_REG2. */
1190 if (output_reg->ofpact.raw == NXAST_RAW_OUTPUT_REG2
1191 || !mf_nxm_header(output_reg->src.field->id)) {
1192 struct nx_action_output_reg2 *naor = put_NXAST_OUTPUT_REG2(out);
1193 size_t size = out->size;
1194
1195 naor->ofs_nbits = nxm_encode_ofs_nbits(output_reg->src.ofs,
1196 output_reg->src.n_bits);
1197 naor->max_len = htons(output_reg->max_len);
1198
1199 out->size = size - sizeof naor->pad;
1200 nx_put_mff_header(out, output_reg->src.field, 0, false);
1201 out->size = size;
1202 } else {
1203 struct nx_action_output_reg *naor = put_NXAST_OUTPUT_REG(out);
1204
1205 naor->ofs_nbits = nxm_encode_ofs_nbits(output_reg->src.ofs,
1206 output_reg->src.n_bits);
1207 naor->src = htonl(nxm_header_from_mff(output_reg->src.field));
1208 naor->max_len = htons(output_reg->max_len);
1209 }
1210 }
1211
1212 static char * OVS_WARN_UNUSED_RESULT
1213 parse_OUTPUT_REG(const char *arg, struct ofpbuf *ofpacts,
1214 enum ofputil_protocol *usable_protocols OVS_UNUSED)
1215 {
1216 return parse_OUTPUT(arg, ofpacts, usable_protocols);
1217 }
1218
1219 static void
1220 format_OUTPUT_REG(const struct ofpact_output_reg *a, struct ds *s)
1221 {
1222 ds_put_format(s, "%soutput:%s", colors.special, colors.end);
1223 mf_format_subfield(&a->src, s);
1224 }
1225 \f
1226 /* Action structure for NXAST_BUNDLE and NXAST_BUNDLE_LOAD.
1227 *
1228 * The bundle actions choose a slave from a supplied list of options.
1229 * NXAST_BUNDLE outputs to its selection. NXAST_BUNDLE_LOAD writes its
1230 * selection to a register.
1231 *
1232 * The list of possible slaves follows the nx_action_bundle structure. The size
1233 * of each slave is governed by its type as indicated by the 'slave_type'
1234 * parameter. The list of slaves should be padded at its end with zeros to make
1235 * the total length of the action a multiple of 8.
1236 *
1237 * Switches infer from the 'slave_type' parameter the size of each slave. All
1238 * implementations must support the NXM_OF_IN_PORT 'slave_type' which indicates
1239 * that the slaves are OpenFlow port numbers with NXM_LENGTH(NXM_OF_IN_PORT) ==
1240 * 2 byte width. Switches should reject actions which indicate unknown or
1241 * unsupported slave types.
1242 *
1243 * Switches use a strategy dictated by the 'algorithm' parameter to choose a
1244 * slave. If the switch does not support the specified 'algorithm' parameter,
1245 * it should reject the action.
1246 *
1247 * Several algorithms take into account liveness when selecting slaves. The
1248 * liveness of a slave is implementation defined (with one exception), but will
1249 * generally take into account things like its carrier status and the results
1250 * of any link monitoring protocols which happen to be running on it. In order
1251 * to give controllers a place-holder value, the OFPP_NONE port is always
1252 * considered live, that is, NXAST_BUNDLE_LOAD stores OFPP_NONE in the output
1253 * register if no slave is live.
1254 *
1255 * Some slave selection strategies require the use of a hash function, in which
1256 * case the 'fields' and 'basis' parameters should be populated. The 'fields'
1257 * parameter (one of NX_HASH_FIELDS_*) designates which parts of the flow to
1258 * hash. Refer to the definition of "enum nx_hash_fields" for details. The
1259 * 'basis' parameter is used as a universal hash parameter. Different values
1260 * of 'basis' yield different hash results.
1261 *
1262 * The 'zero' parameter at the end of the action structure is reserved for
1263 * future use. Switches are required to reject actions which have nonzero
1264 * bytes in the 'zero' field.
1265 *
1266 * NXAST_BUNDLE actions should have 'ofs_nbits' and 'dst' zeroed. Switches
1267 * should reject actions which have nonzero bytes in either of these fields.
1268 *
1269 * NXAST_BUNDLE_LOAD stores the OpenFlow port number of the selected slave in
1270 * dst[ofs:ofs+n_bits]. The format and semantics of 'dst' and 'ofs_nbits' are
1271 * similar to those for the NXAST_REG_LOAD action. */
1272 struct nx_action_bundle {
1273 ovs_be16 type; /* OFPAT_VENDOR. */
1274 ovs_be16 len; /* Length including slaves. */
1275 ovs_be32 vendor; /* NX_VENDOR_ID. */
1276 ovs_be16 subtype; /* NXAST_BUNDLE or NXAST_BUNDLE_LOAD. */
1277
1278 /* Slave choice algorithm to apply to hash value. */
1279 ovs_be16 algorithm; /* One of NX_BD_ALG_*. */
1280
1281 /* What fields to hash and how. */
1282 ovs_be16 fields; /* One of NX_HASH_FIELDS_*. */
1283 ovs_be16 basis; /* Universal hash parameter. */
1284
1285 ovs_be32 slave_type; /* NXM_OF_IN_PORT. */
1286 ovs_be16 n_slaves; /* Number of slaves. */
1287
1288 ovs_be16 ofs_nbits; /* (ofs << 6) | (n_bits - 1). */
1289 ovs_be32 dst; /* Destination. */
1290
1291 uint8_t zero[4]; /* Reserved. Must be zero. */
1292 };
1293 OFP_ASSERT(sizeof(struct nx_action_bundle) == 32);
1294
1295 static enum ofperr
1296 decode_bundle(bool load, const struct nx_action_bundle *nab,
1297 const struct vl_mff_map *vl_mff_map, uint64_t *tlv_bitmap,
1298 struct ofpbuf *ofpacts)
1299 {
1300 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
1301 struct ofpact_bundle *bundle;
1302 uint32_t slave_type;
1303 size_t slaves_size, i;
1304 enum ofperr error;
1305
1306 bundle = ofpact_put_BUNDLE(ofpacts);
1307
1308 bundle->n_slaves = ntohs(nab->n_slaves);
1309 bundle->basis = ntohs(nab->basis);
1310 bundle->fields = ntohs(nab->fields);
1311 bundle->algorithm = ntohs(nab->algorithm);
1312 slave_type = ntohl(nab->slave_type);
1313 slaves_size = ntohs(nab->len) - sizeof *nab;
1314
1315 error = OFPERR_OFPBAC_BAD_ARGUMENT;
1316 if (!flow_hash_fields_valid(bundle->fields)) {
1317 VLOG_WARN_RL(&rl, "unsupported fields %d", (int) bundle->fields);
1318 } else if (bundle->n_slaves > BUNDLE_MAX_SLAVES) {
1319 VLOG_WARN_RL(&rl, "too many slaves");
1320 } else if (bundle->algorithm != NX_BD_ALG_HRW
1321 && bundle->algorithm != NX_BD_ALG_ACTIVE_BACKUP) {
1322 VLOG_WARN_RL(&rl, "unsupported algorithm %d", (int) bundle->algorithm);
1323 } else if (slave_type != mf_nxm_header(MFF_IN_PORT)) {
1324 VLOG_WARN_RL(&rl, "unsupported slave type %"PRIu32, slave_type);
1325 } else {
1326 error = 0;
1327 }
1328
1329 if (!is_all_zeros(nab->zero, sizeof nab->zero)) {
1330 VLOG_WARN_RL(&rl, "reserved field is nonzero");
1331 error = OFPERR_OFPBAC_BAD_ARGUMENT;
1332 }
1333
1334 if (load) {
1335 bundle->dst.ofs = nxm_decode_ofs(nab->ofs_nbits);
1336 bundle->dst.n_bits = nxm_decode_n_bits(nab->ofs_nbits);
1337 error = mf_vl_mff_mf_from_nxm_header(ntohl(nab->dst), vl_mff_map,
1338 &bundle->dst.field, tlv_bitmap);
1339 if (error) {
1340 return error;
1341 }
1342
1343 if (bundle->dst.n_bits < 16) {
1344 VLOG_WARN_RL(&rl, "bundle_load action requires at least 16 bit "
1345 "destination.");
1346 error = OFPERR_OFPBAC_BAD_ARGUMENT;
1347 }
1348 } else {
1349 if (nab->ofs_nbits || nab->dst) {
1350 VLOG_WARN_RL(&rl, "bundle action has nonzero reserved fields");
1351 error = OFPERR_OFPBAC_BAD_ARGUMENT;
1352 }
1353 }
1354
1355 if (slaves_size < bundle->n_slaves * sizeof(ovs_be16)) {
1356 VLOG_WARN_RL(&rl, "Nicira action %s only has %"PRIuSIZE" bytes "
1357 "allocated for slaves. %"PRIuSIZE" bytes are required "
1358 "for %u slaves.",
1359 load ? "bundle_load" : "bundle", slaves_size,
1360 bundle->n_slaves * sizeof(ovs_be16), bundle->n_slaves);
1361 error = OFPERR_OFPBAC_BAD_LEN;
1362 }
1363
1364 for (i = 0; i < bundle->n_slaves; i++) {
1365 ofp_port_t ofp_port = u16_to_ofp(ntohs(((ovs_be16 *)(nab + 1))[i]));
1366 ofpbuf_put(ofpacts, &ofp_port, sizeof ofp_port);
1367 bundle = ofpacts->header;
1368 }
1369
1370 ofpact_finish_BUNDLE(ofpacts, &bundle);
1371 if (!error) {
1372 error = bundle_check(bundle, OFPP_MAX, NULL);
1373 }
1374 return error;
1375 }
1376
1377 static enum ofperr
1378 decode_NXAST_RAW_BUNDLE(const struct nx_action_bundle *nab,
1379 enum ofp_version ofp_version OVS_UNUSED,
1380 struct ofpbuf *out)
1381 {
1382 return decode_bundle(false, nab, NULL, NULL, out);
1383 }
1384
1385 static enum ofperr
1386 decode_NXAST_RAW_BUNDLE_LOAD(const struct nx_action_bundle *nab,
1387 enum ofp_version ofp_version OVS_UNUSED,
1388 const struct vl_mff_map *vl_mff_map,
1389 uint64_t *tlv_bitmap, struct ofpbuf *out)
1390 {
1391 return decode_bundle(true, nab, vl_mff_map, tlv_bitmap, out);
1392 }
1393
1394 static void
1395 encode_BUNDLE(const struct ofpact_bundle *bundle,
1396 enum ofp_version ofp_version OVS_UNUSED,
1397 struct ofpbuf *out)
1398 {
1399 int slaves_len = ROUND_UP(2 * bundle->n_slaves, OFP_ACTION_ALIGN);
1400 struct nx_action_bundle *nab;
1401 ovs_be16 *slaves;
1402 size_t i;
1403
1404 nab = (bundle->dst.field
1405 ? put_NXAST_BUNDLE_LOAD(out)
1406 : put_NXAST_BUNDLE(out));
1407 nab->len = htons(ntohs(nab->len) + slaves_len);
1408 nab->algorithm = htons(bundle->algorithm);
1409 nab->fields = htons(bundle->fields);
1410 nab->basis = htons(bundle->basis);
1411 nab->slave_type = htonl(mf_nxm_header(MFF_IN_PORT));
1412 nab->n_slaves = htons(bundle->n_slaves);
1413 if (bundle->dst.field) {
1414 nab->ofs_nbits = nxm_encode_ofs_nbits(bundle->dst.ofs,
1415 bundle->dst.n_bits);
1416 nab->dst = htonl(nxm_header_from_mff(bundle->dst.field));
1417 }
1418
1419 slaves = ofpbuf_put_zeros(out, slaves_len);
1420 for (i = 0; i < bundle->n_slaves; i++) {
1421 slaves[i] = htons(ofp_to_u16(bundle->slaves[i]));
1422 }
1423 }
1424
1425 static char * OVS_WARN_UNUSED_RESULT
1426 parse_BUNDLE(const char *arg, struct ofpbuf *ofpacts,
1427 enum ofputil_protocol *usable_protocols OVS_UNUSED)
1428 {
1429 return bundle_parse(arg, ofpacts);
1430 }
1431
1432 static char * OVS_WARN_UNUSED_RESULT
1433 parse_bundle_load(const char *arg, struct ofpbuf *ofpacts)
1434 {
1435 return bundle_parse_load(arg, ofpacts);
1436 }
1437
1438 static void
1439 format_BUNDLE(const struct ofpact_bundle *a, struct ds *s)
1440 {
1441 bundle_format(a, s);
1442 }
1443 \f
1444 /* Set VLAN actions. */
1445
1446 static enum ofperr
1447 decode_set_vlan_vid(uint16_t vid, bool push_vlan_if_needed, struct ofpbuf *out)
1448 {
1449 if (vid & ~0xfff) {
1450 return OFPERR_OFPBAC_BAD_ARGUMENT;
1451 } else {
1452 struct ofpact_vlan_vid *vlan_vid = ofpact_put_SET_VLAN_VID(out);
1453 vlan_vid->vlan_vid = vid;
1454 vlan_vid->push_vlan_if_needed = push_vlan_if_needed;
1455 return 0;
1456 }
1457 }
1458
1459 static enum ofperr
1460 decode_OFPAT_RAW10_SET_VLAN_VID(uint16_t vid,
1461 enum ofp_version ofp_version OVS_UNUSED,
1462 struct ofpbuf *out)
1463 {
1464 return decode_set_vlan_vid(vid, true, out);
1465 }
1466
1467 static enum ofperr
1468 decode_OFPAT_RAW11_SET_VLAN_VID(uint16_t vid,
1469 enum ofp_version ofp_version OVS_UNUSED,
1470 struct ofpbuf *out)
1471 {
1472 return decode_set_vlan_vid(vid, false, out);
1473 }
1474
1475 static void
1476 encode_SET_VLAN_VID(const struct ofpact_vlan_vid *vlan_vid,
1477 enum ofp_version ofp_version, struct ofpbuf *out)
1478 {
1479 uint16_t vid = vlan_vid->vlan_vid;
1480
1481 /* Push a VLAN tag, if none is present and this form of the action calls
1482 * for such a feature. */
1483 if (ofp_version > OFP10_VERSION
1484 && vlan_vid->push_vlan_if_needed
1485 && !vlan_vid->flow_has_vlan) {
1486 put_OFPAT11_PUSH_VLAN(out, htons(ETH_TYPE_VLAN_8021Q));
1487 }
1488
1489 if (ofp_version == OFP10_VERSION) {
1490 put_OFPAT10_SET_VLAN_VID(out, vid);
1491 } else if (ofp_version == OFP11_VERSION) {
1492 put_OFPAT11_SET_VLAN_VID(out, vid);
1493 } else {
1494 put_set_field(out, ofp_version, MFF_VLAN_VID, vid | OFPVID12_PRESENT);
1495 }
1496 }
1497
1498 static char * OVS_WARN_UNUSED_RESULT
1499 parse_set_vlan_vid(char *arg, struct ofpbuf *ofpacts, bool push_vlan_if_needed)
1500 {
1501 struct ofpact_vlan_vid *vlan_vid;
1502 uint16_t vid;
1503 char *error;
1504
1505 error = str_to_u16(arg, "VLAN VID", &vid);
1506 if (error) {
1507 return error;
1508 }
1509
1510 if (vid & ~VLAN_VID_MASK) {
1511 return xasprintf("%s: not a valid VLAN VID", arg);
1512 }
1513 vlan_vid = ofpact_put_SET_VLAN_VID(ofpacts);
1514 vlan_vid->vlan_vid = vid;
1515 vlan_vid->push_vlan_if_needed = push_vlan_if_needed;
1516 return NULL;
1517 }
1518
1519 static char * OVS_WARN_UNUSED_RESULT
1520 parse_SET_VLAN_VID(char *arg, struct ofpbuf *ofpacts,
1521 enum ofputil_protocol *usable_protocols OVS_UNUSED)
1522 {
1523 return parse_set_vlan_vid(arg, ofpacts, false);
1524 }
1525
1526 static void
1527 format_SET_VLAN_VID(const struct ofpact_vlan_vid *a, struct ds *s)
1528 {
1529 ds_put_format(s, "%s%s:%s%"PRIu16, colors.param,
1530 a->push_vlan_if_needed ? "mod_vlan_vid" : "set_vlan_vid",
1531 colors.end, a->vlan_vid);
1532 }
1533 \f
1534 /* Set PCP actions. */
1535
1536 static enum ofperr
1537 decode_set_vlan_pcp(uint8_t pcp, bool push_vlan_if_needed, struct ofpbuf *out)
1538 {
1539 if (pcp & ~7) {
1540 return OFPERR_OFPBAC_BAD_ARGUMENT;
1541 } else {
1542 struct ofpact_vlan_pcp *vlan_pcp = ofpact_put_SET_VLAN_PCP(out);
1543 vlan_pcp->vlan_pcp = pcp;
1544 vlan_pcp->push_vlan_if_needed = push_vlan_if_needed;
1545 return 0;
1546 }
1547 }
1548
1549 static enum ofperr
1550 decode_OFPAT_RAW10_SET_VLAN_PCP(uint8_t pcp,
1551 enum ofp_version ofp_version OVS_UNUSED,
1552 struct ofpbuf *out)
1553 {
1554 return decode_set_vlan_pcp(pcp, true, out);
1555 }
1556
1557 static enum ofperr
1558 decode_OFPAT_RAW11_SET_VLAN_PCP(uint8_t pcp,
1559 enum ofp_version ofp_version OVS_UNUSED,
1560 struct ofpbuf *out)
1561 {
1562 return decode_set_vlan_pcp(pcp, false, out);
1563 }
1564
1565 static void
1566 encode_SET_VLAN_PCP(const struct ofpact_vlan_pcp *vlan_pcp,
1567 enum ofp_version ofp_version, struct ofpbuf *out)
1568 {
1569 uint8_t pcp = vlan_pcp->vlan_pcp;
1570
1571 /* Push a VLAN tag, if none is present and this form of the action calls
1572 * for such a feature. */
1573 if (ofp_version > OFP10_VERSION
1574 && vlan_pcp->push_vlan_if_needed
1575 && !vlan_pcp->flow_has_vlan) {
1576 put_OFPAT11_PUSH_VLAN(out, htons(ETH_TYPE_VLAN_8021Q));
1577 }
1578
1579 if (ofp_version == OFP10_VERSION) {
1580 put_OFPAT10_SET_VLAN_PCP(out, pcp);
1581 } else if (ofp_version == OFP11_VERSION) {
1582 put_OFPAT11_SET_VLAN_PCP(out, pcp);
1583 } else {
1584 put_set_field(out, ofp_version, MFF_VLAN_PCP, pcp);
1585 }
1586 }
1587
1588 static char * OVS_WARN_UNUSED_RESULT
1589 parse_set_vlan_pcp(char *arg, struct ofpbuf *ofpacts, bool push_vlan_if_needed)
1590 {
1591 struct ofpact_vlan_pcp *vlan_pcp;
1592 uint8_t pcp;
1593 char *error;
1594
1595 error = str_to_u8(arg, "VLAN PCP", &pcp);
1596 if (error) {
1597 return error;
1598 }
1599
1600 if (pcp & ~7) {
1601 return xasprintf("%s: not a valid VLAN PCP", arg);
1602 }
1603 vlan_pcp = ofpact_put_SET_VLAN_PCP(ofpacts);
1604 vlan_pcp->vlan_pcp = pcp;
1605 vlan_pcp->push_vlan_if_needed = push_vlan_if_needed;
1606 return NULL;
1607 }
1608
1609 static char * OVS_WARN_UNUSED_RESULT
1610 parse_SET_VLAN_PCP(char *arg, struct ofpbuf *ofpacts,
1611 enum ofputil_protocol *usable_protocols OVS_UNUSED)
1612 {
1613 return parse_set_vlan_pcp(arg, ofpacts, false);
1614 }
1615
1616 static void
1617 format_SET_VLAN_PCP(const struct ofpact_vlan_pcp *a, struct ds *s)
1618 {
1619 ds_put_format(s, "%s%s:%s%"PRIu8, colors.param,
1620 a->push_vlan_if_needed ? "mod_vlan_pcp" : "set_vlan_pcp",
1621 colors.end, a->vlan_pcp);
1622 }
1623 \f
1624 /* Strip VLAN actions. */
1625
1626 static enum ofperr
1627 decode_OFPAT_RAW10_STRIP_VLAN(struct ofpbuf *out)
1628 {
1629 ofpact_put_STRIP_VLAN(out)->ofpact.raw = OFPAT_RAW10_STRIP_VLAN;
1630 return 0;
1631 }
1632
1633 static enum ofperr
1634 decode_OFPAT_RAW11_POP_VLAN(struct ofpbuf *out)
1635 {
1636 ofpact_put_STRIP_VLAN(out)->ofpact.raw = OFPAT_RAW11_POP_VLAN;
1637 return 0;
1638 }
1639
1640 static void
1641 encode_STRIP_VLAN(const struct ofpact_null *null OVS_UNUSED,
1642 enum ofp_version ofp_version, struct ofpbuf *out)
1643 {
1644 if (ofp_version == OFP10_VERSION) {
1645 put_OFPAT10_STRIP_VLAN(out);
1646 } else {
1647 put_OFPAT11_POP_VLAN(out);
1648 }
1649 }
1650
1651 static char * OVS_WARN_UNUSED_RESULT
1652 parse_STRIP_VLAN(char *arg OVS_UNUSED, struct ofpbuf *ofpacts,
1653 enum ofputil_protocol *usable_protocols OVS_UNUSED)
1654 {
1655 ofpact_put_STRIP_VLAN(ofpacts)->ofpact.raw = OFPAT_RAW10_STRIP_VLAN;
1656 return NULL;
1657 }
1658
1659 static char * OVS_WARN_UNUSED_RESULT
1660 parse_pop_vlan(struct ofpbuf *ofpacts)
1661 {
1662 ofpact_put_STRIP_VLAN(ofpacts)->ofpact.raw = OFPAT_RAW11_POP_VLAN;
1663 return NULL;
1664 }
1665
1666 static void
1667 format_STRIP_VLAN(const struct ofpact_null *a, struct ds *s)
1668 {
1669 ds_put_format(s, (a->ofpact.raw == OFPAT_RAW11_POP_VLAN
1670 ? "%spop_vlan%s"
1671 : "%sstrip_vlan%s"),
1672 colors.value, colors.end);
1673 }
1674 \f
1675 /* Push VLAN action. */
1676
1677 static enum ofperr
1678 decode_OFPAT_RAW11_PUSH_VLAN(ovs_be16 eth_type,
1679 enum ofp_version ofp_version OVS_UNUSED,
1680 struct ofpbuf *out)
1681 {
1682 struct ofpact_push_vlan *push_vlan;
1683 if (!eth_type_vlan(eth_type)) {
1684 return OFPERR_OFPBAC_BAD_ARGUMENT;
1685 }
1686 push_vlan = ofpact_put_PUSH_VLAN(out);
1687 push_vlan->ethertype = eth_type;
1688 return 0;
1689 }
1690
1691 static void
1692 encode_PUSH_VLAN(const struct ofpact_push_vlan *push_vlan,
1693 enum ofp_version ofp_version, struct ofpbuf *out)
1694 {
1695 if (ofp_version == OFP10_VERSION) {
1696 /* PUSH is a side effect of a SET_VLAN_VID/PCP, which should
1697 * follow this action. */
1698 } else {
1699 put_OFPAT11_PUSH_VLAN(out, push_vlan->ethertype);
1700 }
1701 }
1702
1703 static char * OVS_WARN_UNUSED_RESULT
1704 parse_PUSH_VLAN(char *arg, struct ofpbuf *ofpacts,
1705 enum ofputil_protocol *usable_protocols OVS_UNUSED)
1706 {
1707 struct ofpact_push_vlan *push_vlan;
1708 uint16_t ethertype;
1709 char *error;
1710
1711 *usable_protocols &= OFPUTIL_P_OF11_UP;
1712 error = str_to_u16(arg, "ethertype", &ethertype);
1713 if (error) {
1714 return error;
1715 }
1716
1717 if (!eth_type_vlan(htons(ethertype))) {
1718 return xasprintf("%s: not a valid VLAN ethertype", arg);
1719 }
1720 push_vlan = ofpact_put_PUSH_VLAN(ofpacts);
1721 push_vlan->ethertype = htons(ethertype);
1722 return NULL;
1723 }
1724
1725 static void
1726 format_PUSH_VLAN(const struct ofpact_push_vlan *push_vlan, struct ds *s)
1727 {
1728 ds_put_format(s, "%spush_vlan:%s%#"PRIx16,
1729 colors.param, colors.end, ntohs(push_vlan->ethertype));
1730 }
1731 \f
1732 /* Action structure for OFPAT10_SET_DL_SRC/DST and OFPAT11_SET_DL_SRC/DST. */
1733 struct ofp_action_dl_addr {
1734 ovs_be16 type; /* Type. */
1735 ovs_be16 len; /* Length is 16. */
1736 struct eth_addr dl_addr; /* Ethernet address. */
1737 uint8_t pad[6];
1738 };
1739 OFP_ASSERT(sizeof(struct ofp_action_dl_addr) == 16);
1740
1741 static enum ofperr
1742 decode_OFPAT_RAW_SET_DL_SRC(const struct ofp_action_dl_addr *a,
1743 enum ofp_version ofp_version OVS_UNUSED,
1744 struct ofpbuf *out)
1745 {
1746 ofpact_put_SET_ETH_SRC(out)->mac = a->dl_addr;
1747 return 0;
1748 }
1749
1750 static enum ofperr
1751 decode_OFPAT_RAW_SET_DL_DST(const struct ofp_action_dl_addr *a,
1752 enum ofp_version ofp_version OVS_UNUSED,
1753 struct ofpbuf *out)
1754 {
1755 ofpact_put_SET_ETH_DST(out)->mac = a->dl_addr;
1756 return 0;
1757 }
1758
1759 static void
1760 encode_SET_ETH_addr(const struct ofpact_mac *mac, enum ofp_version ofp_version,
1761 enum ofp_raw_action_type raw, enum mf_field_id field,
1762 struct ofpbuf *out)
1763 {
1764 if (ofp_version < OFP12_VERSION) {
1765 struct ofp_action_dl_addr *oada;
1766
1767 oada = ofpact_put_raw(out, ofp_version, raw, 0);
1768 oada->dl_addr = mac->mac;
1769 } else {
1770 put_set_field(out, ofp_version, field, eth_addr_to_uint64(mac->mac));
1771 }
1772 }
1773
1774 static void
1775 encode_SET_ETH_SRC(const struct ofpact_mac *mac, enum ofp_version ofp_version,
1776 struct ofpbuf *out)
1777 {
1778 encode_SET_ETH_addr(mac, ofp_version, OFPAT_RAW_SET_DL_SRC, MFF_ETH_SRC,
1779 out);
1780
1781 }
1782
1783 static void
1784 encode_SET_ETH_DST(const struct ofpact_mac *mac,
1785 enum ofp_version ofp_version,
1786 struct ofpbuf *out)
1787 {
1788 encode_SET_ETH_addr(mac, ofp_version, OFPAT_RAW_SET_DL_DST, MFF_ETH_DST,
1789 out);
1790
1791 }
1792
1793 static char * OVS_WARN_UNUSED_RESULT
1794 parse_SET_ETH_SRC(char *arg, struct ofpbuf *ofpacts,
1795 enum ofputil_protocol *usable_protocols OVS_UNUSED)
1796 {
1797 return str_to_mac(arg, &ofpact_put_SET_ETH_SRC(ofpacts)->mac);
1798 }
1799
1800 static char * OVS_WARN_UNUSED_RESULT
1801 parse_SET_ETH_DST(char *arg, struct ofpbuf *ofpacts,
1802 enum ofputil_protocol *usable_protocols OVS_UNUSED)
1803 {
1804 return str_to_mac(arg, &ofpact_put_SET_ETH_DST(ofpacts)->mac);
1805 }
1806
1807 static void
1808 format_SET_ETH_SRC(const struct ofpact_mac *a, struct ds *s)
1809 {
1810 ds_put_format(s, "%smod_dl_src:%s"ETH_ADDR_FMT,
1811 colors.param, colors.end, ETH_ADDR_ARGS(a->mac));
1812 }
1813
1814 static void
1815 format_SET_ETH_DST(const struct ofpact_mac *a, struct ds *s)
1816 {
1817 ds_put_format(s, "%smod_dl_dst:%s"ETH_ADDR_FMT,
1818 colors.param, colors.end, ETH_ADDR_ARGS(a->mac));
1819 }
1820 \f
1821 /* Set IPv4 address actions. */
1822
1823 static enum ofperr
1824 decode_OFPAT_RAW_SET_NW_SRC(ovs_be32 ipv4,
1825 enum ofp_version ofp_version OVS_UNUSED,
1826 struct ofpbuf *out)
1827 {
1828 ofpact_put_SET_IPV4_SRC(out)->ipv4 = ipv4;
1829 return 0;
1830 }
1831
1832 static enum ofperr
1833 decode_OFPAT_RAW_SET_NW_DST(ovs_be32 ipv4,
1834 enum ofp_version ofp_version OVS_UNUSED,
1835 struct ofpbuf *out)
1836 {
1837 ofpact_put_SET_IPV4_DST(out)->ipv4 = ipv4;
1838 return 0;
1839 }
1840
1841 static void
1842 encode_SET_IPV4_addr(const struct ofpact_ipv4 *ipv4,
1843 enum ofp_version ofp_version,
1844 enum ofp_raw_action_type raw, enum mf_field_id field,
1845 struct ofpbuf *out)
1846 {
1847 ovs_be32 addr = ipv4->ipv4;
1848 if (ofp_version < OFP12_VERSION) {
1849 ofpact_put_raw(out, ofp_version, raw, ntohl(addr));
1850 } else {
1851 put_set_field(out, ofp_version, field, ntohl(addr));
1852 }
1853 }
1854
1855 static void
1856 encode_SET_IPV4_SRC(const struct ofpact_ipv4 *ipv4,
1857 enum ofp_version ofp_version, struct ofpbuf *out)
1858 {
1859 encode_SET_IPV4_addr(ipv4, ofp_version, OFPAT_RAW_SET_NW_SRC, MFF_IPV4_SRC,
1860 out);
1861 }
1862
1863 static void
1864 encode_SET_IPV4_DST(const struct ofpact_ipv4 *ipv4,
1865 enum ofp_version ofp_version, struct ofpbuf *out)
1866 {
1867 encode_SET_IPV4_addr(ipv4, ofp_version, OFPAT_RAW_SET_NW_DST, MFF_IPV4_DST,
1868 out);
1869 }
1870
1871 static char * OVS_WARN_UNUSED_RESULT
1872 parse_SET_IPV4_SRC(char *arg, struct ofpbuf *ofpacts,
1873 enum ofputil_protocol *usable_protocols OVS_UNUSED)
1874 {
1875 return str_to_ip(arg, &ofpact_put_SET_IPV4_SRC(ofpacts)->ipv4);
1876 }
1877
1878 static char * OVS_WARN_UNUSED_RESULT
1879 parse_SET_IPV4_DST(char *arg, struct ofpbuf *ofpacts,
1880 enum ofputil_protocol *usable_protocols OVS_UNUSED)
1881 {
1882 return str_to_ip(arg, &ofpact_put_SET_IPV4_DST(ofpacts)->ipv4);
1883 }
1884
1885 static void
1886 format_SET_IPV4_SRC(const struct ofpact_ipv4 *a, struct ds *s)
1887 {
1888 ds_put_format(s, "%smod_nw_src:%s"IP_FMT,
1889 colors.param, colors.end, IP_ARGS(a->ipv4));
1890 }
1891
1892 static void
1893 format_SET_IPV4_DST(const struct ofpact_ipv4 *a, struct ds *s)
1894 {
1895 ds_put_format(s, "%smod_nw_dst:%s"IP_FMT,
1896 colors.param, colors.end, IP_ARGS(a->ipv4));
1897 }
1898 \f
1899 /* Set IPv4/v6 TOS actions. */
1900
1901 static enum ofperr
1902 decode_OFPAT_RAW_SET_NW_TOS(uint8_t dscp,
1903 enum ofp_version ofp_version OVS_UNUSED,
1904 struct ofpbuf *out)
1905 {
1906 if (dscp & ~IP_DSCP_MASK) {
1907 return OFPERR_OFPBAC_BAD_ARGUMENT;
1908 } else {
1909 ofpact_put_SET_IP_DSCP(out)->dscp = dscp;
1910 return 0;
1911 }
1912 }
1913
1914 static void
1915 encode_SET_IP_DSCP(const struct ofpact_dscp *dscp,
1916 enum ofp_version ofp_version, struct ofpbuf *out)
1917 {
1918 if (ofp_version < OFP12_VERSION) {
1919 put_OFPAT_SET_NW_TOS(out, ofp_version, dscp->dscp);
1920 } else {
1921 put_set_field(out, ofp_version, MFF_IP_DSCP_SHIFTED, dscp->dscp >> 2);
1922 }
1923 }
1924
1925 static char * OVS_WARN_UNUSED_RESULT
1926 parse_SET_IP_DSCP(char *arg, struct ofpbuf *ofpacts,
1927 enum ofputil_protocol *usable_protocols OVS_UNUSED)
1928 {
1929 uint8_t tos;
1930 char *error;
1931
1932 error = str_to_u8(arg, "TOS", &tos);
1933 if (error) {
1934 return error;
1935 }
1936
1937 if (tos & ~IP_DSCP_MASK) {
1938 return xasprintf("%s: not a valid TOS", arg);
1939 }
1940 ofpact_put_SET_IP_DSCP(ofpacts)->dscp = tos;
1941 return NULL;
1942 }
1943
1944 static void
1945 format_SET_IP_DSCP(const struct ofpact_dscp *a, struct ds *s)
1946 {
1947 ds_put_format(s, "%smod_nw_tos:%s%d", colors.param, colors.end, a->dscp);
1948 }
1949 \f
1950 /* Set IPv4/v6 ECN actions. */
1951
1952 static enum ofperr
1953 decode_OFPAT_RAW11_SET_NW_ECN(uint8_t ecn,
1954 enum ofp_version ofp_version OVS_UNUSED,
1955 struct ofpbuf *out)
1956 {
1957 if (ecn & ~IP_ECN_MASK) {
1958 return OFPERR_OFPBAC_BAD_ARGUMENT;
1959 } else {
1960 ofpact_put_SET_IP_ECN(out)->ecn = ecn;
1961 return 0;
1962 }
1963 }
1964
1965 static void
1966 encode_SET_IP_ECN(const struct ofpact_ecn *ip_ecn,
1967 enum ofp_version ofp_version, struct ofpbuf *out)
1968 {
1969 uint8_t ecn = ip_ecn->ecn;
1970 if (ofp_version == OFP10_VERSION) {
1971 struct mf_subfield dst = { .field = mf_from_id(MFF_IP_ECN),
1972 .ofs = 0, .n_bits = 2 };
1973 put_reg_load(out, &dst, ecn);
1974 } else if (ofp_version == OFP11_VERSION) {
1975 put_OFPAT11_SET_NW_ECN(out, ecn);
1976 } else {
1977 put_set_field(out, ofp_version, MFF_IP_ECN, ecn);
1978 }
1979 }
1980
1981 static char * OVS_WARN_UNUSED_RESULT
1982 parse_SET_IP_ECN(char *arg, struct ofpbuf *ofpacts,
1983 enum ofputil_protocol *usable_protocols OVS_UNUSED)
1984 {
1985 uint8_t ecn;
1986 char *error;
1987
1988 error = str_to_u8(arg, "ECN", &ecn);
1989 if (error) {
1990 return error;
1991 }
1992
1993 if (ecn & ~IP_ECN_MASK) {
1994 return xasprintf("%s: not a valid ECN", arg);
1995 }
1996 ofpact_put_SET_IP_ECN(ofpacts)->ecn = ecn;
1997 return NULL;
1998 }
1999
2000 static void
2001 format_SET_IP_ECN(const struct ofpact_ecn *a, struct ds *s)
2002 {
2003 ds_put_format(s, "%smod_nw_ecn:%s%d",
2004 colors.param, colors.end, a->ecn);
2005 }
2006 \f
2007 /* Set IPv4/v6 TTL actions. */
2008
2009 static enum ofperr
2010 decode_OFPAT_RAW11_SET_NW_TTL(uint8_t ttl,
2011 enum ofp_version ofp_version OVS_UNUSED,
2012 struct ofpbuf *out)
2013 {
2014 ofpact_put_SET_IP_TTL(out)->ttl = ttl;
2015 return 0;
2016 }
2017
2018 static void
2019 encode_SET_IP_TTL(const struct ofpact_ip_ttl *ttl,
2020 enum ofp_version ofp_version, struct ofpbuf *out)
2021 {
2022 if (ofp_version >= OFP11_VERSION) {
2023 put_OFPAT11_SET_NW_TTL(out, ttl->ttl);
2024 } else {
2025 struct mf_subfield dst = { .field = mf_from_id(MFF_IP_TTL),
2026 .ofs = 0, .n_bits = 8 };
2027 put_reg_load(out, &dst, ttl->ttl);
2028 }
2029 }
2030
2031 static char * OVS_WARN_UNUSED_RESULT
2032 parse_SET_IP_TTL(char *arg, struct ofpbuf *ofpacts,
2033 enum ofputil_protocol *usable_protocols OVS_UNUSED)
2034 {
2035 uint8_t ttl;
2036 char *error;
2037
2038 error = str_to_u8(arg, "TTL", &ttl);
2039 if (error) {
2040 return error;
2041 }
2042
2043 ofpact_put_SET_IP_TTL(ofpacts)->ttl = ttl;
2044 return NULL;
2045 }
2046
2047 static void
2048 format_SET_IP_TTL(const struct ofpact_ip_ttl *a, struct ds *s)
2049 {
2050 ds_put_format(s, "%smod_nw_ttl:%s%d", colors.param, colors.end, a->ttl);
2051 }
2052 \f
2053 /* Set TCP/UDP/SCTP port actions. */
2054
2055 static enum ofperr
2056 decode_OFPAT_RAW_SET_TP_SRC(ovs_be16 port,
2057 enum ofp_version ofp_version OVS_UNUSED,
2058 struct ofpbuf *out)
2059 {
2060 ofpact_put_SET_L4_SRC_PORT(out)->port = ntohs(port);
2061 return 0;
2062 }
2063
2064 static enum ofperr
2065 decode_OFPAT_RAW_SET_TP_DST(ovs_be16 port,
2066 enum ofp_version ofp_version OVS_UNUSED,
2067 struct ofpbuf *out)
2068 {
2069 ofpact_put_SET_L4_DST_PORT(out)->port = ntohs(port);
2070 return 0;
2071 }
2072
2073 static void
2074 encode_SET_L4_port(const struct ofpact_l4_port *l4_port,
2075 enum ofp_version ofp_version, enum ofp_raw_action_type raw,
2076 enum mf_field_id field, struct ofpbuf *out)
2077 {
2078 uint16_t port = l4_port->port;
2079
2080 if (ofp_version >= OFP12_VERSION && field != MFF_N_IDS) {
2081 put_set_field(out, ofp_version, field, port);
2082 } else {
2083 ofpact_put_raw(out, ofp_version, raw, port);
2084 }
2085 }
2086
2087 static void
2088 encode_SET_L4_SRC_PORT(const struct ofpact_l4_port *l4_port,
2089 enum ofp_version ofp_version, struct ofpbuf *out)
2090 {
2091 uint8_t proto = l4_port->flow_ip_proto;
2092 enum mf_field_id field = (proto == IPPROTO_TCP ? MFF_TCP_SRC
2093 : proto == IPPROTO_UDP ? MFF_UDP_SRC
2094 : proto == IPPROTO_SCTP ? MFF_SCTP_SRC
2095 : MFF_N_IDS);
2096
2097 encode_SET_L4_port(l4_port, ofp_version, OFPAT_RAW_SET_TP_SRC, field, out);
2098 }
2099
2100 static void
2101 encode_SET_L4_DST_PORT(const struct ofpact_l4_port *l4_port,
2102 enum ofp_version ofp_version,
2103 struct ofpbuf *out)
2104 {
2105 uint8_t proto = l4_port->flow_ip_proto;
2106 enum mf_field_id field = (proto == IPPROTO_TCP ? MFF_TCP_DST
2107 : proto == IPPROTO_UDP ? MFF_UDP_DST
2108 : proto == IPPROTO_SCTP ? MFF_SCTP_DST
2109 : MFF_N_IDS);
2110
2111 encode_SET_L4_port(l4_port, ofp_version, OFPAT_RAW_SET_TP_DST, field, out);
2112 }
2113
2114 static char * OVS_WARN_UNUSED_RESULT
2115 parse_SET_L4_SRC_PORT(char *arg, struct ofpbuf *ofpacts,
2116 enum ofputil_protocol *usable_protocols OVS_UNUSED)
2117 {
2118 return str_to_u16(arg, "source port",
2119 &ofpact_put_SET_L4_SRC_PORT(ofpacts)->port);
2120 }
2121
2122 static char * OVS_WARN_UNUSED_RESULT
2123 parse_SET_L4_DST_PORT(char *arg, struct ofpbuf *ofpacts,
2124 enum ofputil_protocol *usable_protocols OVS_UNUSED)
2125 {
2126 return str_to_u16(arg, "destination port",
2127 &ofpact_put_SET_L4_DST_PORT(ofpacts)->port);
2128 }
2129
2130 static void
2131 format_SET_L4_SRC_PORT(const struct ofpact_l4_port *a, struct ds *s)
2132 {
2133 ds_put_format(s, "%smod_tp_src:%s%d", colors.param, colors.end, a->port);
2134 }
2135
2136 static void
2137 format_SET_L4_DST_PORT(const struct ofpact_l4_port *a, struct ds *s)
2138 {
2139 ds_put_format(s, "%smod_tp_dst:%s%d", colors.param, colors.end, a->port);
2140 }
2141 \f
2142 /* Action structure for OFPAT_COPY_FIELD. */
2143 struct ofp15_action_copy_field {
2144 ovs_be16 type; /* OFPAT_COPY_FIELD. */
2145 ovs_be16 len; /* Length is padded to 64 bits. */
2146 ovs_be16 n_bits; /* Number of bits to copy. */
2147 ovs_be16 src_offset; /* Starting bit offset in source. */
2148 ovs_be16 dst_offset; /* Starting bit offset in destination. */
2149 uint8_t pad[2];
2150 /* Followed by:
2151 * - OXM header for source field.
2152 * - OXM header for destination field.
2153 * - Padding with 0-bytes to a multiple of 8 bytes.
2154 * The "pad2" member is the beginning of the above. */
2155 uint8_t pad2[4];
2156 };
2157 OFP_ASSERT(sizeof(struct ofp15_action_copy_field) == 16);
2158
2159 /* Action structure for OpenFlow 1.3 extension copy-field action.. */
2160 struct onf_action_copy_field {
2161 ovs_be16 type; /* OFPAT_EXPERIMENTER. */
2162 ovs_be16 len; /* Length is padded to 64 bits. */
2163 ovs_be32 experimenter; /* ONF_VENDOR_ID. */
2164 ovs_be16 exp_type; /* 3200. */
2165 uint8_t pad[2]; /* Not used. */
2166 ovs_be16 n_bits; /* Number of bits to copy. */
2167 ovs_be16 src_offset; /* Starting bit offset in source. */
2168 ovs_be16 dst_offset; /* Starting bit offset in destination. */
2169 uint8_t pad2[2]; /* Not used. */
2170 /* Followed by:
2171 * - OXM header for source field.
2172 * - OXM header for destination field.
2173 * - Padding with 0-bytes (either 0 or 4 of them) to a multiple of 8 bytes.
2174 * The "pad3" member is the beginning of the above. */
2175 uint8_t pad3[4]; /* Not used. */
2176 };
2177 OFP_ASSERT(sizeof(struct onf_action_copy_field) == 24);
2178
2179 /* Action structure for NXAST_REG_MOVE.
2180 *
2181 * Copies src[src_ofs:src_ofs+n_bits] to dst[dst_ofs:dst_ofs+n_bits], where
2182 * a[b:c] denotes the bits within 'a' numbered 'b' through 'c' (not including
2183 * bit 'c'). Bit numbering starts at 0 for the least-significant bit, 1 for
2184 * the next most significant bit, and so on.
2185 *
2186 * 'src' and 'dst' are nxm_header values with nxm_hasmask=0. (It doesn't make
2187 * sense to use nxm_hasmask=1 because the action does not do any kind of
2188 * matching; it uses the actual value of a field.)
2189 *
2190 * The following nxm_header values are potentially acceptable as 'src':
2191 *
2192 * - NXM_OF_IN_PORT
2193 * - NXM_OF_ETH_DST
2194 * - NXM_OF_ETH_SRC
2195 * - NXM_OF_ETH_TYPE
2196 * - NXM_OF_VLAN_TCI
2197 * - NXM_OF_IP_TOS
2198 * - NXM_OF_IP_PROTO
2199 * - NXM_OF_IP_SRC
2200 * - NXM_OF_IP_DST
2201 * - NXM_OF_TCP_SRC
2202 * - NXM_OF_TCP_DST
2203 * - NXM_OF_UDP_SRC
2204 * - NXM_OF_UDP_DST
2205 * - NXM_OF_ICMP_TYPE
2206 * - NXM_OF_ICMP_CODE
2207 * - NXM_OF_ARP_OP
2208 * - NXM_OF_ARP_SPA
2209 * - NXM_OF_ARP_TPA
2210 * - NXM_NX_TUN_ID
2211 * - NXM_NX_ARP_SHA
2212 * - NXM_NX_ARP_THA
2213 * - NXM_NX_ICMPV6_TYPE
2214 * - NXM_NX_ICMPV6_CODE
2215 * - NXM_NX_ND_SLL
2216 * - NXM_NX_ND_TLL
2217 * - NXM_NX_REG(idx) for idx in the switch's accepted range.
2218 * - NXM_NX_PKT_MARK
2219 * - NXM_NX_TUN_IPV4_SRC
2220 * - NXM_NX_TUN_IPV4_DST
2221 *
2222 * The following nxm_header values are potentially acceptable as 'dst':
2223 *
2224 * - NXM_OF_ETH_DST
2225 * - NXM_OF_ETH_SRC
2226 * - NXM_OF_IP_TOS
2227 * - NXM_OF_IP_SRC
2228 * - NXM_OF_IP_DST
2229 * - NXM_OF_TCP_SRC
2230 * - NXM_OF_TCP_DST
2231 * - NXM_OF_UDP_SRC
2232 * - NXM_OF_UDP_DST
2233 * - NXM_OF_ICMP_TYPE
2234 * - NXM_OF_ICMP_CODE
2235 * - NXM_NX_ICMPV6_TYPE
2236 * - NXM_NX_ICMPV6_CODE
2237 * - NXM_NX_ARP_SHA
2238 * - NXM_NX_ARP_THA
2239 * - NXM_OF_ARP_OP
2240 * - NXM_OF_ARP_SPA
2241 * - NXM_OF_ARP_TPA
2242 * Modifying any of the above fields changes the corresponding packet
2243 * header.
2244 *
2245 * - NXM_OF_IN_PORT
2246 *
2247 * - NXM_NX_REG(idx) for idx in the switch's accepted range.
2248 *
2249 * - NXM_NX_PKT_MARK
2250 *
2251 * - NXM_OF_VLAN_TCI. Modifying this field's value has side effects on the
2252 * packet's 802.1Q header. Setting a value with CFI=0 removes the 802.1Q
2253 * header (if any), ignoring the other bits. Setting a value with CFI=1
2254 * adds or modifies the 802.1Q header appropriately, setting the TCI field
2255 * to the field's new value (with the CFI bit masked out).
2256 *
2257 * - NXM_NX_TUN_ID, NXM_NX_TUN_IPV4_SRC, NXM_NX_TUN_IPV4_DST. Modifying
2258 * any of these values modifies the corresponding tunnel header field used
2259 * for the packet's next tunnel encapsulation, if allowed by the
2260 * configuration of the output tunnel port.
2261 *
2262 * A given nxm_header value may be used as 'src' or 'dst' only on a flow whose
2263 * nx_match satisfies its prerequisites. For example, NXM_OF_IP_TOS may be
2264 * used only if the flow's nx_match includes an nxm_entry that specifies
2265 * nxm_type=NXM_OF_ETH_TYPE, nxm_hasmask=0, and nxm_value=0x0800.
2266 *
2267 * The switch will reject actions for which src_ofs+n_bits is greater than the
2268 * width of 'src' or dst_ofs+n_bits is greater than the width of 'dst' with
2269 * error type OFPET_BAD_ACTION, code OFPBAC_BAD_ARGUMENT.
2270 *
2271 * This action behaves properly when 'src' overlaps with 'dst', that is, it
2272 * behaves as if 'src' were copied out to a temporary buffer, then the
2273 * temporary buffer copied to 'dst'.
2274 */
2275 struct nx_action_reg_move {
2276 ovs_be16 type; /* OFPAT_VENDOR. */
2277 ovs_be16 len; /* Length is 24. */
2278 ovs_be32 vendor; /* NX_VENDOR_ID. */
2279 ovs_be16 subtype; /* NXAST_REG_MOVE. */
2280 ovs_be16 n_bits; /* Number of bits. */
2281 ovs_be16 src_ofs; /* Starting bit offset in source. */
2282 ovs_be16 dst_ofs; /* Starting bit offset in destination. */
2283 /* Followed by:
2284 * - OXM/NXM header for source field (4 or 8 bytes).
2285 * - OXM/NXM header for destination field (4 or 8 bytes).
2286 * - Padding with 0-bytes to a multiple of 8 bytes, if necessary. */
2287 };
2288 OFP_ASSERT(sizeof(struct nx_action_reg_move) == 16);
2289
2290 static enum ofperr
2291 decode_copy_field__(ovs_be16 src_offset, ovs_be16 dst_offset, ovs_be16 n_bits,
2292 const void *action, ovs_be16 action_len, size_t oxm_offset,
2293 const struct vl_mff_map *vl_mff_map,
2294 uint64_t *tlv_bitmap, struct ofpbuf *ofpacts)
2295 {
2296 struct ofpact_reg_move *move = ofpact_put_REG_MOVE(ofpacts);
2297 enum ofperr error;
2298
2299 move->ofpact.raw = ONFACT_RAW13_COPY_FIELD;
2300 move->src.ofs = ntohs(src_offset);
2301 move->src.n_bits = ntohs(n_bits);
2302 move->dst.ofs = ntohs(dst_offset);
2303 move->dst.n_bits = ntohs(n_bits);
2304
2305 struct ofpbuf b = ofpbuf_const_initializer(action, ntohs(action_len));
2306 ofpbuf_pull(&b, oxm_offset);
2307
2308 error = mf_vl_mff_nx_pull_header(&b, vl_mff_map, &move->src.field, NULL,
2309 tlv_bitmap);
2310 if (error) {
2311 return error;
2312 }
2313 error = mf_vl_mff_nx_pull_header(&b, vl_mff_map, &move->dst.field, NULL,
2314 tlv_bitmap);
2315 if (error) {
2316 return error;
2317 }
2318
2319 if (!is_all_zeros(b.data, b.size)) {
2320 return OFPERR_NXBRC_MUST_BE_ZERO;
2321 }
2322
2323 return nxm_reg_move_check(move, NULL);
2324 }
2325
2326 static enum ofperr
2327 decode_OFPAT_RAW15_COPY_FIELD(const struct ofp15_action_copy_field *oacf,
2328 enum ofp_version ofp_version OVS_UNUSED,
2329 const struct vl_mff_map *vl_mff_map,
2330 uint64_t *tlv_bitmap, struct ofpbuf *ofpacts)
2331 {
2332 return decode_copy_field__(oacf->src_offset, oacf->dst_offset,
2333 oacf->n_bits, oacf, oacf->len,
2334 OBJECT_OFFSETOF(oacf, pad2), vl_mff_map,
2335 tlv_bitmap, ofpacts);
2336 }
2337
2338 static enum ofperr
2339 decode_ONFACT_RAW13_COPY_FIELD(const struct onf_action_copy_field *oacf,
2340 enum ofp_version ofp_version OVS_UNUSED,
2341 const struct vl_mff_map *vl_mff_map,
2342 uint64_t *tlv_bitmap, struct ofpbuf *ofpacts)
2343 {
2344 return decode_copy_field__(oacf->src_offset, oacf->dst_offset,
2345 oacf->n_bits, oacf, oacf->len,
2346 OBJECT_OFFSETOF(oacf, pad3), vl_mff_map,
2347 tlv_bitmap, ofpacts);
2348 }
2349
2350 static enum ofperr
2351 decode_NXAST_RAW_REG_MOVE(const struct nx_action_reg_move *narm,
2352 enum ofp_version ofp_version OVS_UNUSED,
2353 const struct vl_mff_map *vl_mff_map,
2354 uint64_t *tlv_bitmap, struct ofpbuf *ofpacts)
2355 {
2356 struct ofpact_reg_move *move = ofpact_put_REG_MOVE(ofpacts);
2357 enum ofperr error;
2358
2359 move->ofpact.raw = NXAST_RAW_REG_MOVE;
2360 move->src.ofs = ntohs(narm->src_ofs);
2361 move->src.n_bits = ntohs(narm->n_bits);
2362 move->dst.ofs = ntohs(narm->dst_ofs);
2363 move->dst.n_bits = ntohs(narm->n_bits);
2364
2365 struct ofpbuf b = ofpbuf_const_initializer(narm, ntohs(narm->len));
2366 ofpbuf_pull(&b, sizeof *narm);
2367
2368 error = mf_vl_mff_nx_pull_header(&b, vl_mff_map, &move->src.field, NULL,
2369 tlv_bitmap);
2370 if (error) {
2371 return error;
2372 }
2373
2374 error = mf_vl_mff_nx_pull_header(&b, vl_mff_map, &move->dst.field, NULL,
2375 tlv_bitmap);
2376 if (error) {
2377 return error;
2378 }
2379
2380 if (!is_all_zeros(b.data, b.size)) {
2381 return OFPERR_NXBRC_MUST_BE_ZERO;
2382 }
2383
2384 return nxm_reg_move_check(move, NULL);
2385 }
2386
2387 static void
2388 encode_REG_MOVE(const struct ofpact_reg_move *move,
2389 enum ofp_version ofp_version, struct ofpbuf *out)
2390 {
2391 /* For OpenFlow 1.3, the choice of ONFACT_RAW13_COPY_FIELD versus
2392 * NXAST_RAW_REG_MOVE is somewhat difficult. Neither one is guaranteed to
2393 * be supported by every OpenFlow 1.3 implementation. It would be ideal to
2394 * probe for support. Until we have that ability, we currently prefer
2395 * NXAST_RAW_REG_MOVE for backward compatibility with older Open vSwitch
2396 * versions. */
2397 size_t start_ofs = out->size;
2398 if (ofp_version >= OFP15_VERSION) {
2399 struct ofp15_action_copy_field *copy = put_OFPAT15_COPY_FIELD(out);
2400 copy->n_bits = htons(move->dst.n_bits);
2401 copy->src_offset = htons(move->src.ofs);
2402 copy->dst_offset = htons(move->dst.ofs);
2403 out->size = out->size - sizeof copy->pad2;
2404 nx_put_mff_header(out, move->src.field, ofp_version, false);
2405 nx_put_mff_header(out, move->dst.field, ofp_version, false);
2406 } else if (ofp_version == OFP13_VERSION
2407 && move->ofpact.raw == ONFACT_RAW13_COPY_FIELD) {
2408 struct onf_action_copy_field *copy = put_ONFACT13_COPY_FIELD(out);
2409 copy->n_bits = htons(move->dst.n_bits);
2410 copy->src_offset = htons(move->src.ofs);
2411 copy->dst_offset = htons(move->dst.ofs);
2412 out->size = out->size - sizeof copy->pad3;
2413 nx_put_mff_header(out, move->src.field, ofp_version, false);
2414 nx_put_mff_header(out, move->dst.field, ofp_version, false);
2415 } else {
2416 struct nx_action_reg_move *narm = put_NXAST_REG_MOVE(out);
2417 narm->n_bits = htons(move->dst.n_bits);
2418 narm->src_ofs = htons(move->src.ofs);
2419 narm->dst_ofs = htons(move->dst.ofs);
2420 nx_put_mff_header(out, move->src.field, 0, false);
2421 nx_put_mff_header(out, move->dst.field, 0, false);
2422 }
2423 pad_ofpat(out, start_ofs);
2424 }
2425
2426 static char * OVS_WARN_UNUSED_RESULT
2427 parse_REG_MOVE(const char *arg, struct ofpbuf *ofpacts,
2428 enum ofputil_protocol *usable_protocols OVS_UNUSED)
2429 {
2430 struct ofpact_reg_move *move = ofpact_put_REG_MOVE(ofpacts);
2431 return nxm_parse_reg_move(move, arg);
2432 }
2433
2434 static void
2435 format_REG_MOVE(const struct ofpact_reg_move *a, struct ds *s)
2436 {
2437 nxm_format_reg_move(a, s);
2438 }
2439 \f
2440 /* Action structure for OFPAT12_SET_FIELD. */
2441 struct ofp12_action_set_field {
2442 ovs_be16 type; /* OFPAT12_SET_FIELD. */
2443 ovs_be16 len; /* Length is padded to 64 bits. */
2444
2445 /* Followed by:
2446 * - An OXM header, value, and (in OpenFlow 1.5+) optionally a mask.
2447 * - Enough 0-bytes to pad out to a multiple of 64 bits.
2448 *
2449 * The "pad" member is the beginning of the above. */
2450 uint8_t pad[4];
2451 };
2452 OFP_ASSERT(sizeof(struct ofp12_action_set_field) == 8);
2453
2454 /* Action structure for NXAST_REG_LOAD.
2455 *
2456 * Copies value[0:n_bits] to dst[ofs:ofs+n_bits], where a[b:c] denotes the bits
2457 * within 'a' numbered 'b' through 'c' (not including bit 'c'). Bit numbering
2458 * starts at 0 for the least-significant bit, 1 for the next most significant
2459 * bit, and so on.
2460 *
2461 * 'dst' is an nxm_header with nxm_hasmask=0. See the documentation for
2462 * NXAST_REG_MOVE, above, for the permitted fields and for the side effects of
2463 * loading them.
2464 *
2465 * The 'ofs' and 'n_bits' fields are combined into a single 'ofs_nbits' field
2466 * to avoid enlarging the structure by another 8 bytes. To allow 'n_bits' to
2467 * take a value between 1 and 64 (inclusive) while taking up only 6 bits, it is
2468 * also stored as one less than its true value:
2469 *
2470 * 15 6 5 0
2471 * +------------------------------+------------------+
2472 * | ofs | n_bits - 1 |
2473 * +------------------------------+------------------+
2474 *
2475 * The switch will reject actions for which ofs+n_bits is greater than the
2476 * width of 'dst', or in which any bits in 'value' with value 2**n_bits or
2477 * greater are set to 1, with error type OFPET_BAD_ACTION, code
2478 * OFPBAC_BAD_ARGUMENT.
2479 */
2480 struct nx_action_reg_load {
2481 ovs_be16 type; /* OFPAT_VENDOR. */
2482 ovs_be16 len; /* Length is 24. */
2483 ovs_be32 vendor; /* NX_VENDOR_ID. */
2484 ovs_be16 subtype; /* NXAST_REG_LOAD. */
2485 ovs_be16 ofs_nbits; /* (ofs << 6) | (n_bits - 1). */
2486 ovs_be32 dst; /* Destination register. */
2487 ovs_be64 value; /* Immediate value. */
2488 };
2489 OFP_ASSERT(sizeof(struct nx_action_reg_load) == 24);
2490
2491 /* The NXAST_REG_LOAD2 action structure is "struct ext_action_header",
2492 * followed by:
2493 *
2494 * - An NXM/OXM header, value, and optionally a mask.
2495 * - Enough 0-bytes to pad out to a multiple of 64 bits.
2496 *
2497 * The "pad" member is the beginning of the above. */
2498
2499 static enum ofperr
2500 decode_ofpat_set_field(const struct ofp12_action_set_field *oasf,
2501 bool may_mask, const struct vl_mff_map *vl_mff_map,
2502 uint64_t *tlv_bitmap, struct ofpbuf *ofpacts)
2503 {
2504 struct ofpbuf b = ofpbuf_const_initializer(oasf, ntohs(oasf->len));
2505 ofpbuf_pull(&b, OBJECT_OFFSETOF(oasf, pad));
2506
2507 union mf_value value, mask;
2508 const struct mf_field *field;
2509 enum ofperr error;
2510 error = mf_vl_mff_nx_pull_entry(&b, vl_mff_map, &field, &value,
2511 may_mask ? &mask : NULL, tlv_bitmap);
2512 if (error) {
2513 return (error == OFPERR_OFPBMC_BAD_MASK
2514 ? OFPERR_OFPBAC_BAD_SET_MASK
2515 : error);
2516 }
2517
2518 if (!may_mask) {
2519 memset(&mask, 0xff, field->n_bytes);
2520 }
2521
2522 if (!is_all_zeros(b.data, b.size)) {
2523 return OFPERR_OFPBAC_BAD_SET_ARGUMENT;
2524 }
2525
2526 /* OpenFlow says specifically that one may not set OXM_OF_IN_PORT via
2527 * Set-Field. */
2528 if (field->id == MFF_IN_PORT_OXM) {
2529 return OFPERR_OFPBAC_BAD_SET_ARGUMENT;
2530 }
2531
2532 /* oxm_length is now validated to be compatible with mf_value. */
2533 if (!field->writable) {
2534 VLOG_WARN_RL(&rl, "destination field %s is not writable",
2535 field->name);
2536 return OFPERR_OFPBAC_BAD_SET_ARGUMENT;
2537 }
2538
2539 /* The value must be valid for match. OpenFlow 1.5 also says,
2540 * "In an OXM_OF_VLAN_VID set-field action, the OFPVID_PRESENT bit must be
2541 * a 1-bit in oxm_value and in oxm_mask." */
2542 if (!mf_is_value_valid(field, &value)
2543 || (field->id == MFF_VLAN_VID
2544 && (!(mask.be16 & htons(OFPVID12_PRESENT))
2545 || !(value.be16 & htons(OFPVID12_PRESENT))))) {
2546 struct ds ds = DS_EMPTY_INITIALIZER;
2547 mf_format(field, &value, NULL, &ds);
2548 VLOG_WARN_RL(&rl, "Invalid value for set field %s: %s",
2549 field->name, ds_cstr(&ds));
2550 ds_destroy(&ds);
2551
2552 return OFPERR_OFPBAC_BAD_SET_ARGUMENT;
2553 }
2554
2555 ofpact_put_set_field(ofpacts, field, &value, &mask);
2556 return 0;
2557 }
2558
2559 static enum ofperr
2560 decode_OFPAT_RAW12_SET_FIELD(const struct ofp12_action_set_field *oasf,
2561 enum ofp_version ofp_version OVS_UNUSED,
2562 const struct vl_mff_map *vl_mff_map,
2563 uint64_t *tlv_bitmap, struct ofpbuf *ofpacts)
2564 {
2565 return decode_ofpat_set_field(oasf, false, vl_mff_map, tlv_bitmap,
2566 ofpacts);
2567 }
2568
2569 static enum ofperr
2570 decode_OFPAT_RAW15_SET_FIELD(const struct ofp12_action_set_field *oasf,
2571 enum ofp_version ofp_version OVS_UNUSED,
2572 const struct vl_mff_map *vl_mff_map,
2573 uint64_t *tlv_bitmap, struct ofpbuf *ofpacts)
2574 {
2575 return decode_ofpat_set_field(oasf, true, vl_mff_map, tlv_bitmap, ofpacts);
2576 }
2577
2578 static enum ofperr
2579 decode_NXAST_RAW_REG_LOAD(const struct nx_action_reg_load *narl,
2580 enum ofp_version ofp_version OVS_UNUSED,
2581 const struct vl_mff_map *vl_mff_map,
2582 uint64_t *tlv_bitmap, struct ofpbuf *out)
2583 {
2584 struct mf_subfield dst;
2585 enum ofperr error;
2586
2587 dst.ofs = nxm_decode_ofs(narl->ofs_nbits);
2588 dst.n_bits = nxm_decode_n_bits(narl->ofs_nbits);
2589 error = mf_vl_mff_mf_from_nxm_header(ntohl(narl->dst), vl_mff_map,
2590 &dst.field, tlv_bitmap);
2591 if (error) {
2592 return error;
2593 }
2594
2595 error = mf_check_dst(&dst, NULL);
2596 if (error) {
2597 return error;
2598 }
2599
2600 /* Reject 'narl' if a bit numbered 'n_bits' or higher is set to 1 in
2601 * narl->value. */
2602 if (dst.n_bits < 64 && ntohll(narl->value) >> dst.n_bits) {
2603 return OFPERR_OFPBAC_BAD_ARGUMENT;
2604 }
2605
2606 struct ofpact_set_field *sf = ofpact_put_reg_load(out, dst.field, NULL,
2607 NULL);
2608 bitwise_put(ntohll(narl->value),
2609 sf->value, dst.field->n_bytes, dst.ofs,
2610 dst.n_bits);
2611 bitwise_put(UINT64_MAX,
2612 ofpact_set_field_mask(sf), dst.field->n_bytes, dst.ofs,
2613 dst.n_bits);
2614 return 0;
2615 }
2616
2617 static enum ofperr
2618 decode_NXAST_RAW_REG_LOAD2(const struct ext_action_header *eah,
2619 enum ofp_version ofp_version OVS_UNUSED,
2620 const struct vl_mff_map *vl_mff_map,
2621 uint64_t *tlv_bitmap, struct ofpbuf *out)
2622 {
2623 struct ofpbuf b = ofpbuf_const_initializer(eah, ntohs(eah->len));
2624 ofpbuf_pull(&b, OBJECT_OFFSETOF(eah, pad));
2625
2626 union mf_value value, mask;
2627 const struct mf_field *field;
2628 enum ofperr error;
2629 error = mf_vl_mff_nx_pull_entry(&b, vl_mff_map, &field, &value, &mask,
2630 tlv_bitmap);
2631 if (error) {
2632 return error;
2633 }
2634
2635 if (!is_all_zeros(b.data, b.size)) {
2636 return OFPERR_OFPBAC_BAD_SET_ARGUMENT;
2637 }
2638
2639 if (!field->writable) {
2640 VLOG_WARN_RL(&rl, "destination field %s is not writable", field->name);
2641 return OFPERR_OFPBAC_BAD_SET_ARGUMENT;
2642 }
2643
2644 /* Put value and mask. */
2645 ofpact_put_reg_load2(out, field, &value, &mask);
2646 return 0;
2647 }
2648
2649 static void
2650 put_set_field(struct ofpbuf *openflow, enum ofp_version ofp_version,
2651 enum mf_field_id field, uint64_t value_)
2652 {
2653 struct ofp12_action_set_field *oasf OVS_UNUSED;
2654 int n_bytes = mf_from_id(field)->n_bytes;
2655 size_t start_ofs = openflow->size;
2656 union mf_value value;
2657
2658 value.be64 = htonll(value_ << (8 * (8 - n_bytes)));
2659
2660 oasf = put_OFPAT12_SET_FIELD(openflow);
2661 openflow->size = openflow->size - sizeof oasf->pad;
2662 nx_put_entry(openflow, mf_from_id(field), ofp_version, &value, NULL);
2663 pad_ofpat(openflow, start_ofs);
2664 }
2665
2666 static void
2667 put_reg_load(struct ofpbuf *openflow,
2668 const struct mf_subfield *dst, uint64_t value)
2669 {
2670 ovs_assert(dst->n_bits <= 64);
2671
2672 struct nx_action_reg_load *narl = put_NXAST_REG_LOAD(openflow);
2673 narl->ofs_nbits = nxm_encode_ofs_nbits(dst->ofs, dst->n_bits);
2674 narl->dst = htonl(nxm_header_from_mff(dst->field));
2675 narl->value = htonll(value);
2676 }
2677
2678 static bool
2679 next_load_segment(const struct ofpact_set_field *sf,
2680 struct mf_subfield *dst, uint64_t *value)
2681 {
2682 int n_bits = sf->field->n_bits;
2683 int n_bytes = sf->field->n_bytes;
2684 int start = dst->ofs + dst->n_bits;
2685
2686 if (start < n_bits) {
2687 dst->field = sf->field;
2688 dst->ofs = bitwise_scan(ofpact_set_field_mask(sf), n_bytes, 1, start,
2689 n_bits);
2690 if (dst->ofs < n_bits) {
2691 dst->n_bits = bitwise_scan(ofpact_set_field_mask(sf), n_bytes, 0,
2692 dst->ofs + 1,
2693 MIN(dst->ofs + 64, n_bits)) - dst->ofs;
2694 *value = bitwise_get(sf->value, n_bytes, dst->ofs, dst->n_bits);
2695 return true;
2696 }
2697 }
2698 return false;
2699 }
2700
2701 /* Convert 'sf' to a series of REG_LOADs. */
2702 static void
2703 set_field_to_nxast(const struct ofpact_set_field *sf, struct ofpbuf *openflow)
2704 {
2705 /* If 'sf' cannot be encoded as NXAST_REG_LOAD because it requires an
2706 * experimenter OXM or is variable length (or if it came in as
2707 * NXAST_REG_LOAD2), encode as NXAST_REG_LOAD2. Otherwise use
2708 * NXAST_REG_LOAD, which is backward compatible. */
2709 if (sf->ofpact.raw == NXAST_RAW_REG_LOAD2
2710 || !mf_nxm_header(sf->field->id) || sf->field->variable_len) {
2711 struct ext_action_header *eah OVS_UNUSED;
2712 size_t start_ofs = openflow->size;
2713
2714 eah = put_NXAST_REG_LOAD2(openflow);
2715 openflow->size = openflow->size - sizeof eah->pad;
2716 nx_put_entry(openflow, sf->field, 0, sf->value,
2717 ofpact_set_field_mask(sf));
2718 pad_ofpat(openflow, start_ofs);
2719 } else {
2720 struct mf_subfield dst;
2721 uint64_t value;
2722
2723 dst.ofs = dst.n_bits = 0;
2724 while (next_load_segment(sf, &dst, &value)) {
2725 put_reg_load(openflow, &dst, value);
2726 }
2727 }
2728 }
2729
2730 /* Convert 'sf', which must set an entire field, to standard OpenFlow 1.0/1.1
2731 * actions, if we can, falling back to Nicira extensions if we must.
2732 *
2733 * We check only meta-flow types that can appear within set field actions and
2734 * that have a mapping to compatible action types. These struct mf_field
2735 * definitions have a defined OXM or NXM header value and specify the field as
2736 * writable. */
2737 static void
2738 set_field_to_legacy_openflow(const struct ofpact_set_field *sf,
2739 enum ofp_version ofp_version,
2740 struct ofpbuf *out)
2741 {
2742 switch ((int) sf->field->id) {
2743 case MFF_VLAN_TCI: {
2744 ovs_be16 tci = sf->value->be16;
2745 bool cfi = (tci & htons(VLAN_CFI)) != 0;
2746 uint16_t vid = vlan_tci_to_vid(tci);
2747 uint8_t pcp = vlan_tci_to_pcp(tci);
2748
2749 if (ofp_version < OFP11_VERSION) {
2750 /* NXM_OF_VLAN_TCI to OpenFlow 1.0 mapping:
2751 *
2752 * If CFI=1, Add or modify VLAN VID & PCP.
2753 * If CFI=0, strip VLAN header, if any.
2754 */
2755 if (cfi) {
2756 put_OFPAT10_SET_VLAN_VID(out, vid);
2757 put_OFPAT10_SET_VLAN_PCP(out, pcp);
2758 } else {
2759 put_OFPAT10_STRIP_VLAN(out);
2760 }
2761 } else {
2762 /* NXM_OF_VLAN_TCI to OpenFlow 1.1 mapping:
2763 *
2764 * If CFI=1, Add or modify VLAN VID & PCP.
2765 * OpenFlow 1.1 set actions only apply if the packet
2766 * already has VLAN tags. To be sure that is the case
2767 * we have to push a VLAN header. As we do not support
2768 * multiple layers of VLANs, this is a no-op, if a VLAN
2769 * header already exists. This may backfire, however,
2770 * when we start supporting multiple layers of VLANs.
2771 * If CFI=0, strip VLAN header, if any.
2772 */
2773 if (cfi) {
2774 /* Push a VLAN tag, if one was not seen at action validation
2775 * time. */
2776 if (!sf->flow_has_vlan) {
2777 put_OFPAT11_PUSH_VLAN(out, htons(ETH_TYPE_VLAN_8021Q));
2778 }
2779 put_OFPAT11_SET_VLAN_VID(out, vid);
2780 put_OFPAT11_SET_VLAN_PCP(out, pcp);
2781 } else {
2782 /* If the flow did not match on vlan, we have no way of
2783 * knowing if the vlan tag exists, so we must POP just to be
2784 * sure. */
2785 put_OFPAT11_POP_VLAN(out);
2786 }
2787 }
2788 break;
2789 }
2790
2791 case MFF_VLAN_VID: {
2792 uint16_t vid = ntohs(sf->value->be16) & VLAN_VID_MASK;
2793 if (ofp_version == OFP10_VERSION) {
2794 put_OFPAT10_SET_VLAN_VID(out, vid);
2795 } else {
2796 put_OFPAT11_SET_VLAN_VID(out, vid);
2797 }
2798 break;
2799 }
2800
2801 case MFF_VLAN_PCP:
2802 if (ofp_version == OFP10_VERSION) {
2803 put_OFPAT10_SET_VLAN_PCP(out, sf->value->u8);
2804 } else {
2805 put_OFPAT11_SET_VLAN_PCP(out, sf->value->u8);
2806 }
2807 break;
2808
2809 case MFF_ETH_SRC:
2810 put_OFPAT_SET_DL_SRC(out, ofp_version)->dl_addr = sf->value->mac;
2811 break;
2812
2813 case MFF_ETH_DST:
2814 put_OFPAT_SET_DL_DST(out, ofp_version)->dl_addr = sf->value->mac;
2815 break;
2816
2817 case MFF_IPV4_SRC:
2818 put_OFPAT_SET_NW_SRC(out, ofp_version, sf->value->be32);
2819 break;
2820
2821 case MFF_IPV4_DST:
2822 put_OFPAT_SET_NW_DST(out, ofp_version, sf->value->be32);
2823 break;
2824
2825 case MFF_IP_DSCP:
2826 put_OFPAT_SET_NW_TOS(out, ofp_version, sf->value->u8);
2827 break;
2828
2829 case MFF_IP_DSCP_SHIFTED:
2830 put_OFPAT_SET_NW_TOS(out, ofp_version, sf->value->u8 << 2);
2831 break;
2832
2833 case MFF_IP_ECN: {
2834 struct ofpact_ecn ip_ecn = { .ecn = sf->value->u8 };
2835 encode_SET_IP_ECN(&ip_ecn, ofp_version, out);
2836 break;
2837 }
2838
2839 case MFF_TCP_SRC:
2840 case MFF_UDP_SRC:
2841 put_OFPAT_SET_TP_SRC(out, sf->value->be16);
2842 break;
2843
2844 case MFF_TCP_DST:
2845 case MFF_UDP_DST:
2846 put_OFPAT_SET_TP_DST(out, sf->value->be16);
2847 break;
2848
2849 default:
2850 set_field_to_nxast(sf, out);
2851 break;
2852 }
2853 }
2854
2855 static void
2856 set_field_to_set_field(const struct ofpact_set_field *sf,
2857 enum ofp_version ofp_version, struct ofpbuf *out)
2858 {
2859 struct ofp12_action_set_field *oasf OVS_UNUSED;
2860 size_t start_ofs = out->size;
2861
2862 oasf = put_OFPAT12_SET_FIELD(out);
2863 out->size = out->size - sizeof oasf->pad;
2864 nx_put_entry(out, sf->field, ofp_version, sf->value,
2865 ofpact_set_field_mask(sf));
2866 pad_ofpat(out, start_ofs);
2867 }
2868
2869 static void
2870 encode_SET_FIELD(const struct ofpact_set_field *sf,
2871 enum ofp_version ofp_version, struct ofpbuf *out)
2872 {
2873 if (ofp_version >= OFP15_VERSION) {
2874 /* OF1.5+ only has Set-Field (reg_load is redundant so we drop it
2875 * entirely). */
2876 set_field_to_set_field(sf, ofp_version, out);
2877 } else if (sf->ofpact.raw == NXAST_RAW_REG_LOAD ||
2878 sf->ofpact.raw == NXAST_RAW_REG_LOAD2) {
2879 /* It came in as reg_load, send it out the same way. */
2880 set_field_to_nxast(sf, out);
2881 } else if (ofp_version < OFP12_VERSION) {
2882 /* OpenFlow 1.0 and 1.1 don't have Set-Field. */
2883 set_field_to_legacy_openflow(sf, ofp_version, out);
2884 } else if (is_all_ones(ofpact_set_field_mask(sf), sf->field->n_bytes)) {
2885 /* We're encoding to OpenFlow 1.2, 1.3, or 1.4. The action sets an
2886 * entire field, so encode it as OFPAT_SET_FIELD. */
2887 set_field_to_set_field(sf, ofp_version, out);
2888 } else {
2889 /* We're encoding to OpenFlow 1.2, 1.3, or 1.4. The action cannot be
2890 * encoded as OFPAT_SET_FIELD because it does not set an entire field,
2891 * so encode it as reg_load. */
2892 set_field_to_nxast(sf, out);
2893 }
2894 }
2895
2896 /* Parses the input argument 'arg' into the key, value, and delimiter
2897 * components that are common across the reg_load and set_field action format.
2898 *
2899 * With an argument like "1->metadata", sets the following pointers to
2900 * point within 'arg':
2901 * key: "metadata"
2902 * value: "1"
2903 * delim: "->"
2904 *
2905 * Returns NULL if successful, otherwise a malloc()'d string describing the
2906 * error. The caller is responsible for freeing the returned string. */
2907 static char * OVS_WARN_UNUSED_RESULT
2908 set_field_split_str(char *arg, char **key, char **value, char **delim)
2909 {
2910 char *value_end;
2911
2912 *value = arg;
2913 value_end = strstr(arg, "->");
2914 *key = value_end + strlen("->");
2915 if (delim) {
2916 *delim = value_end;
2917 }
2918
2919 if (!value_end) {
2920 return xasprintf("%s: missing `->'", arg);
2921 }
2922 if (strlen(value_end) <= strlen("->")) {
2923 return xasprintf("%s: missing field name following `->'", arg);
2924 }
2925
2926 return NULL;
2927 }
2928
2929 /* Parses a "set_field" action with argument 'arg', appending the parsed
2930 * action to 'ofpacts'.
2931 *
2932 * Returns NULL if successful, otherwise a malloc()'d string describing the
2933 * error. The caller is responsible for freeing the returned string. */
2934 static char * OVS_WARN_UNUSED_RESULT
2935 set_field_parse__(char *arg, struct ofpbuf *ofpacts,
2936 enum ofputil_protocol *usable_protocols)
2937 {
2938 char *value;
2939 char *delim;
2940 char *key;
2941 const struct mf_field *mf;
2942 union mf_value sf_value, sf_mask;
2943 char *error;
2944
2945 error = set_field_split_str(arg, &key, &value, &delim);
2946 if (error) {
2947 return error;
2948 }
2949
2950 mf = mf_from_name(key);
2951 if (!mf) {
2952 return xasprintf("%s is not a valid OXM field name", key);
2953 }
2954 if (!mf->writable) {
2955 return xasprintf("%s is read-only", key);
2956 }
2957
2958 delim[0] = '\0';
2959 error = mf_parse(mf, value, &sf_value, &sf_mask);
2960 if (error) {
2961 return error;
2962 }
2963
2964 if (!mf_is_value_valid(mf, &sf_value)) {
2965 return xasprintf("%s is not a valid value for field %s", value, key);
2966 }
2967
2968 *usable_protocols &= mf->usable_protocols_exact;
2969
2970 ofpact_put_set_field(ofpacts, mf, &sf_value, &sf_mask);
2971 return NULL;
2972 }
2973
2974 /* Parses 'arg' as the argument to a "set_field" action, and appends such an
2975 * action to 'ofpacts'.
2976 *
2977 * Returns NULL if successful, otherwise a malloc()'d string describing the
2978 * error. The caller is responsible for freeing the returned string. */
2979 static char * OVS_WARN_UNUSED_RESULT
2980 parse_SET_FIELD(const char *arg, struct ofpbuf *ofpacts,
2981 enum ofputil_protocol *usable_protocols)
2982 {
2983 char *copy = xstrdup(arg);
2984 char *error = set_field_parse__(copy, ofpacts, usable_protocols);
2985 free(copy);
2986 return error;
2987 }
2988
2989 static char * OVS_WARN_UNUSED_RESULT
2990 parse_reg_load(char *arg, struct ofpbuf *ofpacts)
2991 {
2992 struct mf_subfield dst;
2993 char *key, *value_str;
2994 union mf_value value;
2995 char *error;
2996
2997 error = set_field_split_str(arg, &key, &value_str, NULL);
2998 if (error) {
2999 return error;
3000 }
3001
3002 error = mf_parse_subfield(&dst, key);
3003 if (error) {
3004 return error;
3005 }
3006
3007 if (parse_int_string(value_str, (uint8_t *)&value, dst.field->n_bytes,
3008 &key)) {
3009 return xasprintf("%s: cannot parse integer value", arg);
3010 }
3011
3012 if (!bitwise_is_all_zeros(&value, dst.field->n_bytes, dst.n_bits,
3013 dst.field->n_bytes * 8 - dst.n_bits)) {
3014 struct ds ds;
3015
3016 ds_init(&ds);
3017 mf_format(dst.field, &value, NULL, &ds);
3018 error = xasprintf("%s: value %s does not fit into %d bits",
3019 arg, ds_cstr(&ds), dst.n_bits);
3020 ds_destroy(&ds);
3021 return error;
3022 }
3023
3024 struct ofpact_set_field *sf = ofpact_put_reg_load(ofpacts, dst.field, NULL,
3025 NULL);
3026
3027 bitwise_copy(&value, dst.field->n_bytes, 0, sf->value,
3028 dst.field->n_bytes, dst.ofs, dst.n_bits);
3029 bitwise_one(ofpact_set_field_mask(sf), dst.field->n_bytes, dst.ofs,
3030 dst.n_bits);
3031 return NULL;
3032 }
3033
3034 static void
3035 format_SET_FIELD(const struct ofpact_set_field *a, struct ds *s)
3036 {
3037 if (a->ofpact.raw == NXAST_RAW_REG_LOAD) {
3038 struct mf_subfield dst;
3039 uint64_t value;
3040
3041 dst.ofs = dst.n_bits = 0;
3042 while (next_load_segment(a, &dst, &value)) {
3043 ds_put_format(s, "%sload:%s%#"PRIx64"%s->%s",
3044 colors.special, colors.end, value,
3045 colors.special, colors.end);
3046 mf_format_subfield(&dst, s);
3047 ds_put_char(s, ',');
3048 }
3049 ds_chomp(s, ',');
3050 } else {
3051 ds_put_format(s, "%sset_field:%s", colors.special, colors.end);
3052 mf_format(a->field, a->value, ofpact_set_field_mask(a), s);
3053 ds_put_format(s, "%s->%s%s",
3054 colors.special, colors.end, a->field->name);
3055 }
3056 }
3057
3058 /* Appends an OFPACT_SET_FIELD ofpact with enough space for the value and mask
3059 * for the 'field' to 'ofpacts' and returns it. Fills in the value from
3060 * 'value', if non-NULL, and mask from 'mask' if non-NULL. If 'value' is
3061 * non-NULL and 'mask' is NULL, an all-ones mask will be filled in. */
3062 struct ofpact_set_field *
3063 ofpact_put_set_field(struct ofpbuf *ofpacts, const struct mf_field *field,
3064 const void *value, const void *mask)
3065 {
3066 struct ofpact_set_field *sf = ofpact_put_SET_FIELD(ofpacts);
3067 sf->field = field;
3068
3069 /* Fill in the value and mask if given, otherwise put zeroes so that the
3070 * caller may fill in the value and mask itself. */
3071 if (value) {
3072 ofpbuf_put_uninit(ofpacts, 2 * field->n_bytes);
3073 sf = ofpacts->header;
3074 memcpy(sf->value, value, field->n_bytes);
3075 if (mask) {
3076 memcpy(ofpact_set_field_mask(sf), mask, field->n_bytes);
3077 } else {
3078 memset(ofpact_set_field_mask(sf), 0xff, field->n_bytes);
3079 }
3080 } else {
3081 ofpbuf_put_zeros(ofpacts, 2 * field->n_bytes);
3082 sf = ofpacts->header;
3083 }
3084 /* Update length. */
3085 ofpact_finish_SET_FIELD(ofpacts, &sf);
3086
3087 return sf;
3088 }
3089
3090 /* Appends an OFPACT_SET_FIELD ofpact to 'ofpacts' and returns it. The ofpact
3091 * is marked such that, if possible, it will be translated to OpenFlow as
3092 * NXAST_REG_LOAD extension actions rather than OFPAT_SET_FIELD, either because
3093 * that was the way that the action was expressed when it came into OVS or for
3094 * backward compatibility. */
3095 struct ofpact_set_field *
3096 ofpact_put_reg_load(struct ofpbuf *ofpacts, const struct mf_field *field,
3097 const void *value, const void *mask)
3098 {
3099 struct ofpact_set_field *sf = ofpact_put_set_field(ofpacts, field, value,
3100 mask);
3101 sf->ofpact.raw = NXAST_RAW_REG_LOAD;
3102
3103 return sf;
3104 }
3105
3106 struct ofpact_set_field *
3107 ofpact_put_reg_load2(struct ofpbuf *ofpacts, const struct mf_field *field,
3108 const void *value, const void *mask)
3109 {
3110 struct ofpact_set_field *sf = ofpact_put_set_field(ofpacts, field, value,
3111 mask);
3112 sf->ofpact.raw = NXAST_RAW_REG_LOAD2;
3113
3114 return sf;
3115 }
3116
3117 \f
3118 /* Action structure for NXAST_STACK_PUSH and NXAST_STACK_POP.
3119 *
3120 * Pushes (or pops) field[offset: offset + n_bits] to (or from)
3121 * top of the stack.
3122 */
3123 struct nx_action_stack {
3124 ovs_be16 type; /* OFPAT_VENDOR. */
3125 ovs_be16 len; /* Length is 16. */
3126 ovs_be32 vendor; /* NX_VENDOR_ID. */
3127 ovs_be16 subtype; /* NXAST_STACK_PUSH or NXAST_STACK_POP. */
3128 ovs_be16 offset; /* Bit offset into the field. */
3129 /* Followed by:
3130 * - OXM/NXM header for field to push or pop (4 or 8 bytes).
3131 * - ovs_be16 'n_bits', the number of bits to extract from the field.
3132 * - Enough 0-bytes to pad out the action to 24 bytes. */
3133 uint8_t pad[12]; /* See above. */
3134 };
3135 OFP_ASSERT(sizeof(struct nx_action_stack) == 24);
3136
3137 static enum ofperr
3138 decode_stack_action(const struct nx_action_stack *nasp,
3139 const struct vl_mff_map *vl_mff_map, uint64_t *tlv_bitmap,
3140 struct ofpact_stack *stack_action)
3141 {
3142 enum ofperr error;
3143 stack_action->subfield.ofs = ntohs(nasp->offset);
3144
3145 struct ofpbuf b = ofpbuf_const_initializer(nasp, sizeof *nasp);
3146 ofpbuf_pull(&b, OBJECT_OFFSETOF(nasp, pad));
3147 error = mf_vl_mff_nx_pull_header(&b, vl_mff_map,
3148 &stack_action->subfield.field, NULL,
3149 tlv_bitmap);
3150 if (error) {
3151 return error;
3152 }
3153
3154 stack_action->subfield.n_bits = ntohs(*(const ovs_be16 *) b.data);
3155 ofpbuf_pull(&b, 2);
3156 if (!is_all_zeros(b.data, b.size)) {
3157 return OFPERR_NXBRC_MUST_BE_ZERO;
3158 }
3159
3160 return 0;
3161 }
3162
3163 static enum ofperr
3164 decode_NXAST_RAW_STACK_PUSH(const struct nx_action_stack *nasp,
3165 enum ofp_version ofp_version OVS_UNUSED,
3166 const struct vl_mff_map *vl_mff_map,
3167 uint64_t *tlv_bitmap, struct ofpbuf *ofpacts)
3168 {
3169 struct ofpact_stack *push = ofpact_put_STACK_PUSH(ofpacts);
3170 enum ofperr error = decode_stack_action(nasp, vl_mff_map, tlv_bitmap,
3171 push);
3172 return error ? error : nxm_stack_push_check(push, NULL);
3173 }
3174
3175 static enum ofperr
3176 decode_NXAST_RAW_STACK_POP(const struct nx_action_stack *nasp,
3177 enum ofp_version ofp_version OVS_UNUSED,
3178 const struct vl_mff_map *vl_mff_map,
3179 uint64_t *tlv_bitmap, struct ofpbuf *ofpacts)
3180 {
3181 struct ofpact_stack *pop = ofpact_put_STACK_POP(ofpacts);
3182 enum ofperr error = decode_stack_action(nasp, vl_mff_map, tlv_bitmap,
3183 pop);
3184 return error ? error : nxm_stack_pop_check(pop, NULL);
3185 }
3186
3187 static void
3188 encode_STACK_op(const struct ofpact_stack *stack_action,
3189 struct nx_action_stack *nasp)
3190 {
3191 struct ofpbuf b;
3192 ovs_be16 n_bits;
3193
3194 nasp->offset = htons(stack_action->subfield.ofs);
3195
3196 ofpbuf_use_stack(&b, nasp, ntohs(nasp->len));
3197 ofpbuf_put_uninit(&b, OBJECT_OFFSETOF(nasp, pad));
3198 nx_put_mff_header(&b, stack_action->subfield.field, 0, false);
3199 n_bits = htons(stack_action->subfield.n_bits);
3200 ofpbuf_put(&b, &n_bits, sizeof n_bits);
3201 }
3202
3203 static void
3204 encode_STACK_PUSH(const struct ofpact_stack *stack,
3205 enum ofp_version ofp_version OVS_UNUSED, struct ofpbuf *out)
3206 {
3207 encode_STACK_op(stack, put_NXAST_STACK_PUSH(out));
3208 }
3209
3210 static void
3211 encode_STACK_POP(const struct ofpact_stack *stack,
3212 enum ofp_version ofp_version OVS_UNUSED, struct ofpbuf *out)
3213 {
3214 encode_STACK_op(stack, put_NXAST_STACK_POP(out));
3215 }
3216
3217 static char * OVS_WARN_UNUSED_RESULT
3218 parse_STACK_PUSH(char *arg, struct ofpbuf *ofpacts,
3219 enum ofputil_protocol *usable_protocols OVS_UNUSED)
3220 {
3221 return nxm_parse_stack_action(ofpact_put_STACK_PUSH(ofpacts), arg);
3222 }
3223
3224 static char * OVS_WARN_UNUSED_RESULT
3225 parse_STACK_POP(char *arg, struct ofpbuf *ofpacts,
3226 enum ofputil_protocol *usable_protocols OVS_UNUSED)
3227 {
3228 return nxm_parse_stack_action(ofpact_put_STACK_POP(ofpacts), arg);
3229 }
3230
3231 static void
3232 format_STACK_PUSH(const struct ofpact_stack *a, struct ds *s)
3233 {
3234 nxm_format_stack_push(a, s);
3235 }
3236
3237 static void
3238 format_STACK_POP(const struct ofpact_stack *a, struct ds *s)
3239 {
3240 nxm_format_stack_pop(a, s);
3241 }
3242 \f
3243 /* Action structure for NXAST_DEC_TTL_CNT_IDS.
3244 *
3245 * If the packet is not IPv4 or IPv6, does nothing. For IPv4 or IPv6, if the
3246 * TTL or hop limit is at least 2, decrements it by 1. Otherwise, if TTL or
3247 * hop limit is 0 or 1, sends a packet-in to the controllers with each of the
3248 * 'n_controllers' controller IDs specified in 'cnt_ids'.
3249 *
3250 * (This differs from NXAST_DEC_TTL in that for NXAST_DEC_TTL the packet-in is
3251 * sent only to controllers with id 0.)
3252 */
3253 struct nx_action_cnt_ids {
3254 ovs_be16 type; /* OFPAT_VENDOR. */
3255 ovs_be16 len; /* Length including slaves. */
3256 ovs_be32 vendor; /* NX_VENDOR_ID. */
3257 ovs_be16 subtype; /* NXAST_DEC_TTL_CNT_IDS. */
3258
3259 ovs_be16 n_controllers; /* Number of controllers. */
3260 uint8_t zeros[4]; /* Must be zero. */
3261
3262 /* Followed by 1 or more controller ids.
3263 *
3264 * uint16_t cnt_ids[]; // Controller ids.
3265 * uint8_t pad[]; // Must be 0 to 8-byte align cnt_ids[].
3266 */
3267 };
3268 OFP_ASSERT(sizeof(struct nx_action_cnt_ids) == 16);
3269
3270 static enum ofperr
3271 decode_OFPAT_RAW_DEC_NW_TTL(struct ofpbuf *out)
3272 {
3273 uint16_t id = 0;
3274 struct ofpact_cnt_ids *ids;
3275 enum ofperr error = 0;
3276
3277 ids = ofpact_put_DEC_TTL(out);
3278 ids->n_controllers = 1;
3279 ofpbuf_put(out, &id, sizeof id);
3280 ids = out->header;
3281 ofpact_finish_DEC_TTL(out, &ids);
3282 return error;
3283 }
3284
3285 static enum ofperr
3286 decode_NXAST_RAW_DEC_TTL_CNT_IDS(const struct nx_action_cnt_ids *nac_ids,
3287 enum ofp_version ofp_version OVS_UNUSED,
3288 struct ofpbuf *out)
3289 {
3290 struct ofpact_cnt_ids *ids;
3291 size_t ids_size;
3292 int i;
3293
3294 ids = ofpact_put_DEC_TTL(out);
3295 ids->ofpact.raw = NXAST_RAW_DEC_TTL_CNT_IDS;
3296 ids->n_controllers = ntohs(nac_ids->n_controllers);
3297 ids_size = ntohs(nac_ids->len) - sizeof *nac_ids;
3298
3299 if (!is_all_zeros(nac_ids->zeros, sizeof nac_ids->zeros)) {
3300 return OFPERR_NXBRC_MUST_BE_ZERO;
3301 }
3302
3303 if (ids_size < ids->n_controllers * sizeof(ovs_be16)) {
3304 VLOG_WARN_RL(&rl, "Nicira action dec_ttl_cnt_ids only has %"PRIuSIZE" "
3305 "bytes allocated for controller ids. %"PRIuSIZE" bytes "
3306 "are required for %u controllers.",
3307 ids_size, ids->n_controllers * sizeof(ovs_be16),
3308 ids->n_controllers);
3309 return OFPERR_OFPBAC_BAD_LEN;
3310 }
3311
3312 for (i = 0; i < ids->n_controllers; i++) {
3313 uint16_t id = ntohs(((ovs_be16 *)(nac_ids + 1))[i]);
3314 ofpbuf_put(out, &id, sizeof id);
3315 ids = out->header;
3316 }
3317
3318 ofpact_finish_DEC_TTL(out, &ids);
3319
3320 return 0;
3321 }
3322
3323 static void
3324 encode_DEC_TTL(const struct ofpact_cnt_ids *dec_ttl,
3325 enum ofp_version ofp_version, struct ofpbuf *out)
3326 {
3327 if (dec_ttl->ofpact.raw == NXAST_RAW_DEC_TTL_CNT_IDS
3328 || dec_ttl->n_controllers != 1
3329 || dec_ttl->cnt_ids[0] != 0) {
3330 struct nx_action_cnt_ids *nac_ids = put_NXAST_DEC_TTL_CNT_IDS(out);
3331 int ids_len = ROUND_UP(2 * dec_ttl->n_controllers, OFP_ACTION_ALIGN);
3332 ovs_be16 *ids;
3333 size_t i;
3334
3335 nac_ids->len = htons(ntohs(nac_ids->len) + ids_len);
3336 nac_ids->n_controllers = htons(dec_ttl->n_controllers);
3337
3338 ids = ofpbuf_put_zeros(out, ids_len);
3339 for (i = 0; i < dec_ttl->n_controllers; i++) {
3340 ids[i] = htons(dec_ttl->cnt_ids[i]);
3341 }
3342 } else {
3343 put_OFPAT_DEC_NW_TTL(out, ofp_version);
3344 }
3345 }
3346
3347 static void
3348 parse_noargs_dec_ttl(struct ofpbuf *ofpacts)
3349 {
3350 struct ofpact_cnt_ids *ids;
3351 uint16_t id = 0;
3352
3353 ofpact_put_DEC_TTL(ofpacts);
3354 ofpbuf_put(ofpacts, &id, sizeof id);
3355 ids = ofpacts->header;
3356 ids->n_controllers++;
3357 ofpact_finish_DEC_TTL(ofpacts, &ids);
3358 }
3359
3360 static char * OVS_WARN_UNUSED_RESULT
3361 parse_DEC_TTL(char *arg, struct ofpbuf *ofpacts,
3362 enum ofputil_protocol *usable_protocols OVS_UNUSED)
3363 {
3364 if (*arg == '\0') {
3365 parse_noargs_dec_ttl(ofpacts);
3366 } else {
3367 struct ofpact_cnt_ids *ids;
3368 char *cntr;
3369
3370 ids = ofpact_put_DEC_TTL(ofpacts);
3371 ids->ofpact.raw = NXAST_RAW_DEC_TTL_CNT_IDS;
3372 for (cntr = strtok_r(arg, ", ", &arg); cntr != NULL;
3373 cntr = strtok_r(NULL, ", ", &arg)) {
3374 uint16_t id = atoi(cntr);
3375
3376 ofpbuf_put(ofpacts, &id, sizeof id);
3377 ids = ofpacts->header;
3378 ids->n_controllers++;
3379 }
3380 if (!ids->n_controllers) {
3381 return xstrdup("dec_ttl_cnt_ids: expected at least one controller "
3382 "id.");
3383 }
3384 ofpact_finish_DEC_TTL(ofpacts, &ids);
3385 }
3386 return NULL;
3387 }
3388
3389 static void
3390 format_DEC_TTL(const struct ofpact_cnt_ids *a, struct ds *s)
3391 {
3392 size_t i;
3393
3394 ds_put_format(s, "%sdec_ttl%s", colors.paren, colors.end);
3395 if (a->ofpact.raw == NXAST_RAW_DEC_TTL_CNT_IDS) {
3396 ds_put_format(s, "%s(%s", colors.paren, colors.end);
3397 for (i = 0; i < a->n_controllers; i++) {
3398 if (i) {
3399 ds_put_cstr(s, ",");
3400 }
3401 ds_put_format(s, "%"PRIu16, a->cnt_ids[i]);
3402 }
3403 ds_put_format(s, "%s)%s", colors.paren, colors.end);
3404 }
3405 }
3406 \f
3407 /* Set MPLS label actions. */
3408
3409 static enum ofperr
3410 decode_OFPAT_RAW_SET_MPLS_LABEL(ovs_be32 label,
3411 enum ofp_version ofp_version OVS_UNUSED,
3412 struct ofpbuf *out)
3413 {
3414 ofpact_put_SET_MPLS_LABEL(out)->label = label;
3415 return 0;
3416 }
3417
3418 static void
3419 encode_SET_MPLS_LABEL(const struct ofpact_mpls_label *label,
3420 enum ofp_version ofp_version,
3421 struct ofpbuf *out)
3422 {
3423 if (ofp_version < OFP12_VERSION) {
3424 put_OFPAT_SET_MPLS_LABEL(out, ofp_version, label->label);
3425 } else {
3426 put_set_field(out, ofp_version, MFF_MPLS_LABEL, ntohl(label->label));
3427 }
3428 }
3429
3430 static char * OVS_WARN_UNUSED_RESULT
3431 parse_SET_MPLS_LABEL(char *arg, struct ofpbuf *ofpacts,
3432 enum ofputil_protocol *usable_protocols OVS_UNUSED)
3433 {
3434 struct ofpact_mpls_label *mpls_label = ofpact_put_SET_MPLS_LABEL(ofpacts);
3435 if (*arg == '\0') {
3436 return xstrdup("set_mpls_label: expected label.");
3437 }
3438
3439 mpls_label->label = htonl(atoi(arg));
3440 return NULL;
3441 }
3442
3443 static void
3444 format_SET_MPLS_LABEL(const struct ofpact_mpls_label *a, struct ds *s)
3445 {
3446 ds_put_format(s, "%sset_mpls_label(%s%"PRIu32"%s)%s",
3447 colors.paren, colors.end, ntohl(a->label),
3448 colors.paren, colors.end);
3449 }
3450 \f
3451 /* Set MPLS TC actions. */
3452
3453 static enum ofperr
3454 decode_OFPAT_RAW_SET_MPLS_TC(uint8_t tc,
3455 enum ofp_version ofp_version OVS_UNUSED,
3456 struct ofpbuf *out)
3457 {
3458 ofpact_put_SET_MPLS_TC(out)->tc = tc;
3459 return 0;
3460 }
3461
3462 static void
3463 encode_SET_MPLS_TC(const struct ofpact_mpls_tc *tc,
3464 enum ofp_version ofp_version, struct ofpbuf *out)
3465 {
3466 if (ofp_version < OFP12_VERSION) {
3467 put_OFPAT_SET_MPLS_TC(out, ofp_version, tc->tc);
3468 } else {
3469 put_set_field(out, ofp_version, MFF_MPLS_TC, tc->tc);
3470 }
3471 }
3472
3473 static char * OVS_WARN_UNUSED_RESULT
3474 parse_SET_MPLS_TC(char *arg, struct ofpbuf *ofpacts,
3475 enum ofputil_protocol *usable_protocols OVS_UNUSED)
3476 {
3477 struct ofpact_mpls_tc *mpls_tc = ofpact_put_SET_MPLS_TC(ofpacts);
3478
3479 if (*arg == '\0') {
3480 return xstrdup("set_mpls_tc: expected tc.");
3481 }
3482
3483 mpls_tc->tc = atoi(arg);
3484 return NULL;
3485 }
3486
3487 static void
3488 format_SET_MPLS_TC(const struct ofpact_mpls_tc *a, struct ds *s)
3489 {
3490 ds_put_format(s, "%sset_mpls_ttl(%s%"PRIu8"%s)%s",
3491 colors.paren, colors.end, a->tc,
3492 colors.paren, colors.end);
3493 }
3494 \f
3495 /* Set MPLS TTL actions. */
3496
3497 static enum ofperr
3498 decode_OFPAT_RAW_SET_MPLS_TTL(uint8_t ttl,
3499 enum ofp_version ofp_version OVS_UNUSED,
3500 struct ofpbuf *out)
3501 {
3502 ofpact_put_SET_MPLS_TTL(out)->ttl = ttl;
3503 return 0;
3504 }
3505
3506 static void
3507 encode_SET_MPLS_TTL(const struct ofpact_mpls_ttl *ttl,
3508 enum ofp_version ofp_version, struct ofpbuf *out)
3509 {
3510 put_OFPAT_SET_MPLS_TTL(out, ofp_version, ttl->ttl);
3511 }
3512
3513 /* Parses 'arg' as the argument to a "set_mpls_ttl" action, and appends such an
3514 * action to 'ofpacts'.
3515 *
3516 * Returns NULL if successful, otherwise a malloc()'d string describing the
3517 * error. The caller is responsible for freeing the returned string. */
3518 static char * OVS_WARN_UNUSED_RESULT
3519 parse_SET_MPLS_TTL(char *arg, struct ofpbuf *ofpacts,
3520 enum ofputil_protocol *usable_protocols OVS_UNUSED)
3521 {
3522 struct ofpact_mpls_ttl *mpls_ttl = ofpact_put_SET_MPLS_TTL(ofpacts);
3523
3524 if (*arg == '\0') {
3525 return xstrdup("set_mpls_ttl: expected ttl.");
3526 }
3527
3528 mpls_ttl->ttl = atoi(arg);
3529 return NULL;
3530 }
3531
3532 static void
3533 format_SET_MPLS_TTL(const struct ofpact_mpls_ttl *a, struct ds *s)
3534 {
3535 ds_put_format(s, "%sset_mpls_ttl(%s%"PRIu8"%s)%s",
3536 colors.paren, colors.end, a->ttl,
3537 colors.paren, colors.end);
3538 }
3539 \f
3540 /* Decrement MPLS TTL actions. */
3541
3542 static enum ofperr
3543 decode_OFPAT_RAW_DEC_MPLS_TTL(struct ofpbuf *out)
3544 {
3545 ofpact_put_DEC_MPLS_TTL(out);
3546 return 0;
3547 }
3548
3549 static void
3550 encode_DEC_MPLS_TTL(const struct ofpact_null *null OVS_UNUSED,
3551 enum ofp_version ofp_version, struct ofpbuf *out)
3552 {
3553 put_OFPAT_DEC_MPLS_TTL(out, ofp_version);
3554 }
3555
3556 static char * OVS_WARN_UNUSED_RESULT
3557 parse_DEC_MPLS_TTL(char *arg OVS_UNUSED, struct ofpbuf *ofpacts,
3558 enum ofputil_protocol *usable_protocols OVS_UNUSED)
3559 {
3560 ofpact_put_DEC_MPLS_TTL(ofpacts);
3561 return NULL;
3562 }
3563
3564 static void
3565 format_DEC_MPLS_TTL(const struct ofpact_null *a OVS_UNUSED, struct ds *s)
3566 {
3567 ds_put_format(s, "%sdec_mpls_ttl%s", colors.value, colors.end);
3568 }
3569 \f
3570 /* Push MPLS label action. */
3571
3572 static enum ofperr
3573 decode_OFPAT_RAW_PUSH_MPLS(ovs_be16 ethertype,
3574 enum ofp_version ofp_version OVS_UNUSED,
3575 struct ofpbuf *out)
3576 {
3577 struct ofpact_push_mpls *oam;
3578
3579 if (!eth_type_mpls(ethertype)) {
3580 return OFPERR_OFPBAC_BAD_ARGUMENT;
3581 }
3582 oam = ofpact_put_PUSH_MPLS(out);
3583 oam->ethertype = ethertype;
3584
3585 return 0;
3586 }
3587
3588 static void
3589 encode_PUSH_MPLS(const struct ofpact_push_mpls *push_mpls,
3590 enum ofp_version ofp_version, struct ofpbuf *out)
3591 {
3592 put_OFPAT_PUSH_MPLS(out, ofp_version, push_mpls->ethertype);
3593 }
3594
3595 static char * OVS_WARN_UNUSED_RESULT
3596 parse_PUSH_MPLS(char *arg, struct ofpbuf *ofpacts,
3597 enum ofputil_protocol *usable_protocols OVS_UNUSED)
3598 {
3599 uint16_t ethertype;
3600 char *error;
3601
3602 error = str_to_u16(arg, "push_mpls", &ethertype);
3603 if (!error) {
3604 ofpact_put_PUSH_MPLS(ofpacts)->ethertype = htons(ethertype);
3605 }
3606 return error;
3607 }
3608
3609 static void
3610 format_PUSH_MPLS(const struct ofpact_push_mpls *a, struct ds *s)
3611 {
3612 ds_put_format(s, "%spush_mpls:%s0x%04"PRIx16,
3613 colors.param, colors.end, ntohs(a->ethertype));
3614 }
3615 \f
3616 /* Pop MPLS label action. */
3617
3618 static enum ofperr
3619 decode_OFPAT_RAW_POP_MPLS(ovs_be16 ethertype,
3620 enum ofp_version ofp_version OVS_UNUSED,
3621 struct ofpbuf *out)
3622 {
3623 ofpact_put_POP_MPLS(out)->ethertype = ethertype;
3624 return 0;
3625 }
3626
3627 static void
3628 encode_POP_MPLS(const struct ofpact_pop_mpls *pop_mpls,
3629 enum ofp_version ofp_version, struct ofpbuf *out)
3630 {
3631 put_OFPAT_POP_MPLS(out, ofp_version, pop_mpls->ethertype);
3632 }
3633
3634 static char * OVS_WARN_UNUSED_RESULT
3635 parse_POP_MPLS(char *arg, struct ofpbuf *ofpacts,
3636 enum ofputil_protocol *usable_protocols OVS_UNUSED)
3637 {
3638 uint16_t ethertype;
3639 char *error;
3640
3641 error = str_to_u16(arg, "pop_mpls", &ethertype);
3642 if (!error) {
3643 ofpact_put_POP_MPLS(ofpacts)->ethertype = htons(ethertype);
3644 }
3645 return error;
3646 }
3647
3648 static void
3649 format_POP_MPLS(const struct ofpact_pop_mpls *a, struct ds *s)
3650 {
3651 ds_put_format(s, "%spop_mpls:%s0x%04"PRIx16,
3652 colors.param, colors.end, ntohs(a->ethertype));
3653 }
3654 \f
3655 /* Set tunnel ID actions. */
3656
3657 static enum ofperr
3658 decode_NXAST_RAW_SET_TUNNEL(uint32_t tun_id,
3659 enum ofp_version ofp_version OVS_UNUSED,
3660 struct ofpbuf *out)
3661 {
3662 struct ofpact_tunnel *tunnel = ofpact_put_SET_TUNNEL(out);
3663 tunnel->ofpact.raw = NXAST_RAW_SET_TUNNEL;
3664 tunnel->tun_id = tun_id;
3665 return 0;
3666 }
3667
3668 static enum ofperr
3669 decode_NXAST_RAW_SET_TUNNEL64(uint64_t tun_id,
3670 enum ofp_version ofp_version OVS_UNUSED,
3671 struct ofpbuf *out)
3672 {
3673 struct ofpact_tunnel *tunnel = ofpact_put_SET_TUNNEL(out);
3674 tunnel->ofpact.raw = NXAST_RAW_SET_TUNNEL64;
3675 tunnel->tun_id = tun_id;
3676 return 0;
3677 }
3678
3679 static void
3680 encode_SET_TUNNEL(const struct ofpact_tunnel *tunnel,
3681 enum ofp_version ofp_version, struct ofpbuf *out)
3682 {
3683 uint64_t tun_id = tunnel->tun_id;
3684
3685 if (ofp_version < OFP12_VERSION) {
3686 if (tun_id <= UINT32_MAX
3687 && tunnel->ofpact.raw != NXAST_RAW_SET_TUNNEL64) {
3688 put_NXAST_SET_TUNNEL(out, tun_id);
3689 } else {
3690 put_NXAST_SET_TUNNEL64(out, tun_id);
3691 }
3692 } else {
3693 put_set_field(out, ofp_version, MFF_TUN_ID, tun_id);
3694 }
3695 }
3696
3697 static char * OVS_WARN_UNUSED_RESULT
3698 parse_set_tunnel(char *arg, struct ofpbuf *ofpacts,
3699 enum ofp_raw_action_type raw)
3700 {
3701 struct ofpact_tunnel *tunnel;
3702
3703 tunnel = ofpact_put_SET_TUNNEL(ofpacts);
3704 tunnel->ofpact.raw = raw;
3705 return str_to_u64(arg, &tunnel->tun_id);
3706 }
3707
3708 static char * OVS_WARN_UNUSED_RESULT
3709 parse_SET_TUNNEL(char *arg, struct ofpbuf *ofpacts,
3710 enum ofputil_protocol *usable_protocols OVS_UNUSED)
3711 {
3712 return parse_set_tunnel(arg, ofpacts, NXAST_RAW_SET_TUNNEL);
3713 }
3714
3715 static void
3716 format_SET_TUNNEL(const struct ofpact_tunnel *a, struct ds *s)
3717 {
3718 ds_put_format(s, "%sset_tunnel%s:%s%#"PRIx64, colors.param,
3719 (a->tun_id > UINT32_MAX
3720 || a->ofpact.raw == NXAST_RAW_SET_TUNNEL64 ? "64" : ""),
3721 colors.end, a->tun_id);
3722 }
3723 \f
3724 /* Set queue action. */
3725
3726 static enum ofperr
3727 decode_OFPAT_RAW_SET_QUEUE(uint32_t queue_id,
3728 enum ofp_version ofp_version OVS_UNUSED,
3729 struct ofpbuf *out)
3730 {
3731 ofpact_put_SET_QUEUE(out)->queue_id = queue_id;
3732 return 0;
3733 }
3734
3735 static void
3736 encode_SET_QUEUE(const struct ofpact_queue *queue,
3737 enum ofp_version ofp_version, struct ofpbuf *out)
3738 {
3739 put_OFPAT_SET_QUEUE(out, ofp_version, queue->queue_id);
3740 }
3741
3742 static char * OVS_WARN_UNUSED_RESULT
3743 parse_SET_QUEUE(char *arg, struct ofpbuf *ofpacts,
3744 enum ofputil_protocol *usable_protocols OVS_UNUSED)
3745 {
3746 return str_to_u32(arg, &ofpact_put_SET_QUEUE(ofpacts)->queue_id);
3747 }
3748
3749 static void
3750 format_SET_QUEUE(const struct ofpact_queue *a, struct ds *s)
3751 {
3752 ds_put_format(s, "%sset_queue:%s%"PRIu32,
3753 colors.param, colors.end, a->queue_id);
3754 }
3755 \f
3756 /* Pop queue action. */
3757
3758 static enum ofperr
3759 decode_NXAST_RAW_POP_QUEUE(struct ofpbuf *out)
3760 {
3761 ofpact_put_POP_QUEUE(out);
3762 return 0;
3763 }
3764
3765 static void
3766 encode_POP_QUEUE(const struct ofpact_null *null OVS_UNUSED,
3767 enum ofp_version ofp_version OVS_UNUSED, struct ofpbuf *out)
3768 {
3769 put_NXAST_POP_QUEUE(out);
3770 }
3771
3772 static char * OVS_WARN_UNUSED_RESULT
3773 parse_POP_QUEUE(const char *arg OVS_UNUSED, struct ofpbuf *ofpacts,
3774 enum ofputil_protocol *usable_protocols OVS_UNUSED)
3775 {
3776 ofpact_put_POP_QUEUE(ofpacts);
3777 return NULL;
3778 }
3779
3780 static void
3781 format_POP_QUEUE(const struct ofpact_null *a OVS_UNUSED, struct ds *s)
3782 {
3783 ds_put_format(s, "%spop_queue%s", colors.value, colors.end);
3784 }
3785 \f
3786 /* Action structure for NXAST_FIN_TIMEOUT.
3787 *
3788 * This action changes the idle timeout or hard timeout, or both, of this
3789 * OpenFlow rule when the rule matches a TCP packet with the FIN or RST flag.
3790 * When such a packet is observed, the action reduces the rule's idle timeout
3791 * to 'fin_idle_timeout' and its hard timeout to 'fin_hard_timeout'. This
3792 * action has no effect on an existing timeout that is already shorter than the
3793 * one that the action specifies. A 'fin_idle_timeout' or 'fin_hard_timeout'
3794 * of zero has no effect on the respective timeout.
3795 *
3796 * 'fin_idle_timeout' and 'fin_hard_timeout' are measured in seconds.
3797 * 'fin_hard_timeout' specifies time since the flow's creation, not since the
3798 * receipt of the FIN or RST.
3799 *
3800 * This is useful for quickly discarding learned TCP flows that otherwise will
3801 * take a long time to expire.
3802 *
3803 * This action is intended for use with an OpenFlow rule that matches only a
3804 * single TCP flow. If the rule matches multiple TCP flows (e.g. it wildcards
3805 * all TCP traffic, or all TCP traffic to a particular port), then any FIN or
3806 * RST in any of those flows will cause the entire OpenFlow rule to expire
3807 * early, which is not normally desirable.
3808 */
3809 struct nx_action_fin_timeout {
3810 ovs_be16 type; /* OFPAT_VENDOR. */
3811 ovs_be16 len; /* 16. */
3812 ovs_be32 vendor; /* NX_VENDOR_ID. */
3813 ovs_be16 subtype; /* NXAST_FIN_TIMEOUT. */
3814 ovs_be16 fin_idle_timeout; /* New idle timeout, if nonzero. */
3815 ovs_be16 fin_hard_timeout; /* New hard timeout, if nonzero. */
3816 ovs_be16 pad; /* Must be zero. */
3817 };
3818 OFP_ASSERT(sizeof(struct nx_action_fin_timeout) == 16);
3819
3820 static enum ofperr
3821 decode_NXAST_RAW_FIN_TIMEOUT(const struct nx_action_fin_timeout *naft,
3822 enum ofp_version ofp_version OVS_UNUSED,
3823 struct ofpbuf *out)
3824 {
3825 struct ofpact_fin_timeout *oft;
3826
3827 oft = ofpact_put_FIN_TIMEOUT(out);
3828 oft->fin_idle_timeout = ntohs(naft->fin_idle_timeout);
3829 oft->fin_hard_timeout = ntohs(naft->fin_hard_timeout);
3830 return 0;
3831 }
3832
3833 static void
3834 encode_FIN_TIMEOUT(const struct ofpact_fin_timeout *fin_timeout,
3835 enum ofp_version ofp_version OVS_UNUSED,
3836 struct ofpbuf *out)
3837 {
3838 struct nx_action_fin_timeout *naft = put_NXAST_FIN_TIMEOUT(out);
3839 naft->fin_idle_timeout = htons(fin_timeout->fin_idle_timeout);
3840 naft->fin_hard_timeout = htons(fin_timeout->fin_hard_timeout);
3841 }
3842
3843 static char * OVS_WARN_UNUSED_RESULT
3844 parse_FIN_TIMEOUT(char *arg, struct ofpbuf *ofpacts,
3845 enum ofputil_protocol *usable_protocols OVS_UNUSED)
3846 {
3847 struct ofpact_fin_timeout *oft = ofpact_put_FIN_TIMEOUT(ofpacts);
3848 char *key, *value;
3849
3850 while (ofputil_parse_key_value(&arg, &key, &value)) {
3851 char *error;
3852
3853 if (!strcmp(key, "idle_timeout")) {
3854 error = str_to_u16(value, key, &oft->fin_idle_timeout);
3855 } else if (!strcmp(key, "hard_timeout")) {
3856 error = str_to_u16(value, key, &oft->fin_hard_timeout);
3857 } else {
3858 error = xasprintf("invalid key '%s' in 'fin_timeout' argument",
3859 key);
3860 }
3861
3862 if (error) {
3863 return error;
3864 }
3865 }
3866 return NULL;
3867 }
3868
3869 static void
3870 format_FIN_TIMEOUT(const struct ofpact_fin_timeout *a, struct ds *s)
3871 {
3872 ds_put_format(s, "%sfin_timeout(%s", colors.paren, colors.end);
3873 if (a->fin_idle_timeout) {
3874 ds_put_format(s, "%sidle_timeout=%s%"PRIu16",",
3875 colors.param, colors.end, a->fin_idle_timeout);
3876 }
3877 if (a->fin_hard_timeout) {
3878 ds_put_format(s, "%shard_timeout=%s%"PRIu16",",
3879 colors.param, colors.end, a->fin_hard_timeout);
3880 }
3881 ds_chomp(s, ',');
3882 ds_put_format(s, "%s)%s", colors.paren, colors.end);
3883 }
3884 \f
3885 /* Action structures for NXAST_RESUBMIT, NXAST_RESUBMIT_TABLE, and
3886 * NXAST_RESUBMIT_TABLE_CT.
3887 *
3888 * These actions search one of the switch's flow tables:
3889 *
3890 * - For NXAST_RESUBMIT_TABLE and NXAST_RESUBMIT_TABLE_CT, if the
3891 * 'table' member is not 255, then it specifies the table to search.
3892 *
3893 * - Otherwise (for NXAST_RESUBMIT_TABLE or NXAST_RESUBMIT_TABLE_CT with a
3894 * 'table' of 255, or for NXAST_RESUBMIT regardless of 'table'), it
3895 * searches the current flow table, that is, the OpenFlow flow table that
3896 * contains the flow from which this action was obtained. If this action
3897 * did not come from a flow table (e.g. it came from an OFPT_PACKET_OUT
3898 * message), then table 0 is the current table.
3899 *
3900 * The flow table lookup uses a flow that may be slightly modified from the
3901 * original lookup:
3902 *
3903 * - For NXAST_RESUBMIT, the 'in_port' member of struct nx_action_resubmit
3904 * is used as the flow's in_port.
3905 *
3906 * - For NXAST_RESUBMIT_TABLE and NXAST_RESUBMIT_TABLE_CT, if the 'in_port'
3907 * member is not OFPP_IN_PORT, then its value is used as the flow's
3908 * in_port. Otherwise, the original in_port is used.
3909 *
3910 * - For NXAST_RESUBMIT_TABLE_CT the Conntrack 5-tuple fields are used as
3911 * the packets IP header fields during the lookup.
3912 *
3913 * - If actions that modify the flow (e.g. OFPAT_SET_VLAN_VID) precede the
3914 * resubmit action, then the flow is updated with the new values.
3915 *
3916 * Following the lookup, the original in_port is restored.
3917 *
3918 * If the modified flow matched in the flow table, then the corresponding
3919 * actions are executed. Afterward, actions following the resubmit in the
3920 * original set of actions, if any, are executed; any changes made to the
3921 * packet (e.g. changes to VLAN) by secondary actions persist when those
3922 * actions are executed, although the original in_port is restored.
3923 *
3924 * Resubmit actions may be used any number of times within a set of actions.
3925 *
3926 * Resubmit actions may nest. To prevent infinite loops and excessive resource
3927 * use, the implementation may limit nesting depth and the total number of
3928 * resubmits:
3929 *
3930 * - Open vSwitch 1.0.1 and earlier did not support recursion.
3931 *
3932 * - Open vSwitch 1.0.2 and 1.0.3 limited recursion to 8 levels.
3933 *
3934 * - Open vSwitch 1.1 and 1.2 limited recursion to 16 levels.
3935 *
3936 * - Open vSwitch 1.2 through 1.8 limited recursion to 32 levels.
3937 *
3938 * - Open vSwitch 1.9 through 2.0 limited recursion to 64 levels.
3939 *
3940 * - Open vSwitch 2.1 through 2.5 limited recursion to 64 levels and impose
3941 * a total limit of 4,096 resubmits per flow translation (earlier versions
3942 * did not impose any total limit).
3943 *
3944 * NXAST_RESUBMIT ignores 'table' and 'pad'. NXAST_RESUBMIT_TABLE and
3945 * NXAST_RESUBMIT_TABLE_CT require 'pad' to be all-bits-zero.
3946 *
3947 * Open vSwitch 1.0.1 and earlier did not support recursion. Open vSwitch
3948 * before 1.2.90 did not support NXAST_RESUBMIT_TABLE. Open vSwitch before
3949 * 2.8.0 did not support NXAST_RESUBMIT_TABLE_CT.
3950 */
3951 struct nx_action_resubmit {
3952 ovs_be16 type; /* OFPAT_VENDOR. */
3953 ovs_be16 len; /* Length is 16. */
3954 ovs_be32 vendor; /* NX_VENDOR_ID. */
3955 ovs_be16 subtype; /* NXAST_RESUBMIT. */
3956 ovs_be16 in_port; /* New in_port for checking flow table. */
3957 uint8_t table; /* NXAST_RESUBMIT_TABLE: table to use. */
3958 uint8_t pad[3];
3959 };
3960 OFP_ASSERT(sizeof(struct nx_action_resubmit) == 16);
3961
3962 static enum ofperr
3963 decode_NXAST_RAW_RESUBMIT(uint16_t port,
3964 enum ofp_version ofp_version OVS_UNUSED,
3965 struct ofpbuf *out)
3966 {
3967 struct ofpact_resubmit *resubmit;
3968
3969 resubmit = ofpact_put_RESUBMIT(out);
3970 resubmit->ofpact.raw = NXAST_RAW_RESUBMIT;
3971 resubmit->in_port = u16_to_ofp(port);
3972 resubmit->table_id = 0xff;
3973 return 0;
3974 }
3975
3976 static enum ofperr
3977 decode_NXAST_RAW_RESUBMIT_TABLE(const struct nx_action_resubmit *nar,
3978 enum ofp_version ofp_version OVS_UNUSED,
3979 struct ofpbuf *out)
3980 {
3981 struct ofpact_resubmit *resubmit;
3982
3983 if (nar->pad[0] || nar->pad[1] || nar->pad[2]) {
3984 return OFPERR_OFPBAC_BAD_ARGUMENT;
3985 }
3986
3987 resubmit = ofpact_put_RESUBMIT(out);
3988 resubmit->ofpact.raw = NXAST_RAW_RESUBMIT_TABLE;
3989 resubmit->in_port = u16_to_ofp(ntohs(nar->in_port));
3990 resubmit->table_id = nar->table;
3991 return 0;
3992 }
3993
3994 static enum ofperr
3995 decode_NXAST_RAW_RESUBMIT_TABLE_CT(const struct nx_action_resubmit *nar,
3996 enum ofp_version ofp_version OVS_UNUSED,
3997 struct ofpbuf *out)
3998 {
3999 enum ofperr error = decode_NXAST_RAW_RESUBMIT_TABLE(nar, ofp_version, out);
4000 if (error) {
4001 return error;
4002 }
4003 struct ofpact_resubmit *resubmit = out->header;
4004 resubmit->ofpact.raw = NXAST_RAW_RESUBMIT_TABLE_CT;
4005 resubmit->with_ct_orig = true;
4006 return 0;
4007 }
4008
4009 static void
4010 encode_RESUBMIT(const struct ofpact_resubmit *resubmit,
4011 enum ofp_version ofp_version OVS_UNUSED, struct ofpbuf *out)
4012 {
4013 uint16_t in_port = ofp_to_u16(resubmit->in_port);
4014
4015 if (resubmit->table_id == 0xff
4016 && resubmit->ofpact.raw == NXAST_RAW_RESUBMIT) {
4017 put_NXAST_RESUBMIT(out, in_port);
4018 } else {
4019 struct nx_action_resubmit *nar;
4020 nar = resubmit->with_ct_orig
4021 ? put_NXAST_RESUBMIT_TABLE_CT(out) : put_NXAST_RESUBMIT_TABLE(out);
4022 nar->table = resubmit->table_id;
4023 nar->in_port = htons(in_port);
4024 }
4025 }
4026
4027 static char * OVS_WARN_UNUSED_RESULT
4028 parse_RESUBMIT(char *arg, struct ofpbuf *ofpacts,
4029 enum ofputil_protocol *usable_protocols OVS_UNUSED)
4030 {
4031 struct ofpact_resubmit *resubmit;
4032 char *in_port_s, *table_s, *ct_s;
4033
4034 resubmit = ofpact_put_RESUBMIT(ofpacts);
4035
4036 in_port_s = strsep(&arg, ",");
4037 if (in_port_s && in_port_s[0]) {
4038 if (!ofputil_port_from_string(in_port_s, &resubmit->in_port)) {
4039 return xasprintf("%s: resubmit to unknown port", in_port_s);
4040 }
4041 } else {
4042 resubmit->in_port = OFPP_IN_PORT;
4043 }
4044
4045 table_s = strsep(&arg, ",");
4046 if (table_s && table_s[0]) {
4047 uint32_t table_id = 0;
4048 char *error;
4049
4050 error = str_to_u32(table_s, &table_id);
4051 if (error) {
4052 return error;
4053 }
4054 resubmit->table_id = table_id;
4055 } else {
4056 resubmit->table_id = 255;
4057 }
4058
4059 ct_s = strsep(&arg, ",");
4060 if (ct_s && ct_s[0]) {
4061 if (strcmp(ct_s, "ct")) {
4062 return xasprintf("%s: unknown parameter", ct_s);
4063 }
4064 resubmit->with_ct_orig = true;
4065 } else {
4066 resubmit->with_ct_orig = false;
4067 }
4068
4069 if (resubmit->in_port == OFPP_IN_PORT && resubmit->table_id == 255) {
4070 return xstrdup("at least one \"in_port\" or \"table\" must be "
4071 "specified on resubmit");
4072 }
4073 return NULL;
4074 }
4075
4076 static void
4077 format_RESUBMIT(const struct ofpact_resubmit *a, struct ds *s)
4078 {
4079 if (a->in_port != OFPP_IN_PORT && a->table_id == 255) {
4080 ds_put_format(s, "%sresubmit:%s", colors.special, colors.end);
4081 ofputil_format_port(a->in_port, s);
4082 } else {
4083 ds_put_format(s, "%sresubmit(%s", colors.paren, colors.end);
4084 if (a->in_port != OFPP_IN_PORT) {
4085 ofputil_format_port(a->in_port, s);
4086 }
4087 ds_put_char(s, ',');
4088 if (a->table_id != 255) {
4089 ds_put_format(s, "%"PRIu8, a->table_id);
4090 }
4091 if (a->with_ct_orig) {
4092 ds_put_cstr(s, ",ct");
4093 }
4094 ds_put_format(s, "%s)%s", colors.paren, colors.end);
4095 }
4096 }
4097 \f
4098 /* Action structure for NXAST_LEARN and NXAST_LEARN2.
4099 *
4100 * This action adds or modifies a flow in an OpenFlow table, similar to
4101 * OFPT_FLOW_MOD with OFPFC_MODIFY_STRICT as 'command'. The new flow has the
4102 * specified idle timeout, hard timeout, priority, cookie, and flags. The new
4103 * flow's match criteria and actions are built by applying each of the series
4104 * of flow_mod_spec elements included as part of the action.
4105 *
4106 * A flow_mod_spec starts with a 16-bit header. A header that is all-bits-0 is
4107 * a no-op used for padding the action as a whole to a multiple of 8 bytes in
4108 * length. Otherwise, the flow_mod_spec can be thought of as copying 'n_bits'
4109 * bits from a source to a destination. In this case, the header contains
4110 * multiple fields:
4111 *
4112 * 15 14 13 12 11 10 0
4113 * +------+---+------+---------------------------------+
4114 * | 0 |src| dst | n_bits |
4115 * +------+---+------+---------------------------------+
4116 *
4117 * The meaning and format of a flow_mod_spec depends on 'src' and 'dst'. The
4118 * following table summarizes the meaning of each possible combination.
4119 * Details follow the table:
4120 *
4121 * src dst meaning
4122 * --- --- ----------------------------------------------------------
4123 * 0 0 Add match criteria based on value in a field.
4124 * 1 0 Add match criteria based on an immediate value.
4125 * 0 1 Add NXAST_REG_LOAD action to copy field into a different field.
4126 * 1 1 Add NXAST_REG_LOAD action to load immediate value into a field.
4127 * 0 2 Add OFPAT_OUTPUT action to output to port from specified field.
4128 * All other combinations are undefined and not allowed.
4129 *
4130 * The flow_mod_spec header is followed by a source specification and a
4131 * destination specification. The format and meaning of the source
4132 * specification depends on 'src':
4133 *
4134 * - If 'src' is 0, the source bits are taken from a field in the flow to
4135 * which this action is attached. (This should be a wildcarded field. If
4136 * its value is fully specified then the source bits being copied have
4137 * constant values.)
4138 *
4139 * The source specification is an ovs_be32 'field' and an ovs_be16 'ofs'.
4140 * 'field' is an nxm_header with nxm_hasmask=0, and 'ofs' the starting bit
4141 * offset within that field. The source bits are field[ofs:ofs+n_bits-1].
4142 * 'field' and 'ofs' are subject to the same restrictions as the source
4143 * field in NXAST_REG_MOVE.
4144 *
4145 * - If 'src' is 1, the source bits are a constant value. The source
4146 * specification is (n_bits+15)/16*2 bytes long. Taking those bytes as a
4147 * number in network order, the source bits are the 'n_bits'
4148 * least-significant bits. The switch will report an error if other bits
4149 * in the constant are nonzero.
4150 *
4151 * The flow_mod_spec destination specification, for 'dst' of 0 or 1, is an
4152 * ovs_be32 'field' and an ovs_be16 'ofs'. 'field' is an nxm_header with
4153 * nxm_hasmask=0 and 'ofs' is a starting bit offset within that field. The
4154 * meaning of the flow_mod_spec depends on 'dst':
4155 *
4156 * - If 'dst' is 0, the flow_mod_spec specifies match criteria for the new
4157 * flow. The new flow matches only if bits field[ofs:ofs+n_bits-1] in a
4158 * packet equal the source bits. 'field' may be any nxm_header with
4159 * nxm_hasmask=0 that is allowed in NXT_FLOW_MOD.
4160 *
4161 * Order is significant. Earlier flow_mod_specs must satisfy any
4162 * prerequisites for matching fields specified later, by copying constant
4163 * values into prerequisite fields.
4164 *
4165 * The switch will reject flow_mod_specs that do not satisfy NXM masking
4166 * restrictions.
4167 *
4168 * - If 'dst' is 1, the flow_mod_spec specifies an NXAST_REG_LOAD action for
4169 * the new flow. The new flow copies the source bits into
4170 * field[ofs:ofs+n_bits-1]. Actions are executed in the same order as the
4171 * flow_mod_specs.
4172 *
4173 * A single NXAST_REG_LOAD action writes no more than 64 bits, so n_bits
4174 * greater than 64 yields multiple NXAST_REG_LOAD actions.
4175 *
4176 * The flow_mod_spec destination spec for 'dst' of 2 (when 'src' is 0) is
4177 * empty. It has the following meaning:
4178 *
4179 * - The flow_mod_spec specifies an OFPAT_OUTPUT action for the new flow.
4180 * The new flow outputs to the OpenFlow port specified by the source field.
4181 * Of the special output ports with value OFPP_MAX or larger, OFPP_IN_PORT,
4182 * OFPP_FLOOD, OFPP_LOCAL, and OFPP_ALL are supported. Other special ports
4183 * may not be used.
4184 *
4185 * Resource Management
4186 * -------------------
4187 *
4188 * A switch has a finite amount of flow table space available for learning.
4189 * When this space is exhausted, no new learning table entries will be learned
4190 * until some existing flow table entries expire. The controller should be
4191 * prepared to handle this by flooding (which can be implemented as a
4192 * low-priority flow).
4193 *
4194 * If a learned flow matches a single TCP stream with a relatively long
4195 * timeout, one may make the best of resource constraints by setting
4196 * 'fin_idle_timeout' or 'fin_hard_timeout' (both measured in seconds), or
4197 * both, to shorter timeouts. When either of these is specified as a nonzero
4198 * value, OVS adds a NXAST_FIN_TIMEOUT action, with the specified timeouts, to
4199 * the learned flow.
4200 *
4201 * Examples
4202 * --------
4203 *
4204 * The following examples give a prose description of the flow_mod_specs along
4205 * with informal notation for how those would be represented and a hex dump of
4206 * the bytes that would be required.
4207 *
4208 * These examples could work with various nx_action_learn parameters. Typical
4209 * values would be idle_timeout=OFP_FLOW_PERMANENT, hard_timeout=60,
4210 * priority=OFP_DEFAULT_PRIORITY, flags=0, table_id=10.
4211 *
4212 * 1. Learn input port based on the source MAC, with lookup into
4213 * NXM_NX_REG1[16:31] by resubmit to in_port=99:
4214 *
4215 * Match on in_port=99:
4216 * ovs_be16(src=1, dst=0, n_bits=16), 20 10
4217 * ovs_be16(99), 00 63
4218 * ovs_be32(NXM_OF_IN_PORT), ovs_be16(0) 00 00 00 02 00 00
4219 *
4220 * Match Ethernet destination on Ethernet source from packet:
4221 * ovs_be16(src=0, dst=0, n_bits=48), 00 30
4222 * ovs_be32(NXM_OF_ETH_SRC), ovs_be16(0) 00 00 04 06 00 00
4223 * ovs_be32(NXM_OF_ETH_DST), ovs_be16(0) 00 00 02 06 00 00
4224 *
4225 * Set NXM_NX_REG1[16:31] to the packet's input port:
4226 * ovs_be16(src=0, dst=1, n_bits=16), 08 10
4227 * ovs_be32(NXM_OF_IN_PORT), ovs_be16(0) 00 00 00 02 00 00
4228 * ovs_be32(NXM_NX_REG1), ovs_be16(16) 00 01 02 04 00 10
4229 *
4230 * Given a packet that arrived on port A with Ethernet source address B,
4231 * this would set up the flow "in_port=99, dl_dst=B,
4232 * actions=load:A->NXM_NX_REG1[16..31]".
4233 *
4234 * In syntax accepted by ovs-ofctl, this action is: learn(in_port=99,
4235 * NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],
4236 * load:NXM_OF_IN_PORT[]->NXM_NX_REG1[16..31])
4237 *
4238 * 2. Output to input port based on the source MAC and VLAN VID, with lookup
4239 * into NXM_NX_REG1[16:31]:
4240 *
4241 * Match on same VLAN ID as packet:
4242 * ovs_be16(src=0, dst=0, n_bits=12), 00 0c
4243 * ovs_be32(NXM_OF_VLAN_TCI), ovs_be16(0) 00 00 08 02 00 00
4244 * ovs_be32(NXM_OF_VLAN_TCI), ovs_be16(0) 00 00 08 02 00 00
4245 *
4246 * Match Ethernet destination on Ethernet source from packet:
4247 * ovs_be16(src=0, dst=0, n_bits=48), 00 30
4248 * ovs_be32(NXM_OF_ETH_SRC), ovs_be16(0) 00 00 04 06 00 00
4249 * ovs_be32(NXM_OF_ETH_DST), ovs_be16(0) 00 00 02 06 00 00
4250 *
4251 * Output to the packet's input port:
4252 * ovs_be16(src=0, dst=2, n_bits=16), 10 10
4253 * ovs_be32(NXM_OF_IN_PORT), ovs_be16(0) 00 00 00 02 00 00
4254 *
4255 * Given a packet that arrived on port A with Ethernet source address B in
4256 * VLAN C, this would set up the flow "dl_dst=B, vlan_vid=C,
4257 * actions=output:A".
4258 *
4259 * In syntax accepted by ovs-ofctl, this action is:
4260 * learn(NXM_OF_VLAN_TCI[0..11], NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],
4261 * output:NXM_OF_IN_PORT[])
4262 *
4263 * 3. Here's a recipe for a very simple-minded MAC learning switch. It uses a
4264 * 10-second MAC expiration time to make it easier to see what's going on
4265 *
4266 * ovs-vsctl del-controller br0
4267 * ovs-ofctl del-flows br0
4268 * ovs-ofctl add-flow br0 "table=0 actions=learn(table=1, \
4269 hard_timeout=10, NXM_OF_VLAN_TCI[0..11], \
4270 NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[], \
4271 output:NXM_OF_IN_PORT[]), resubmit(,1)"
4272 * ovs-ofctl add-flow br0 "table=1 priority=0 actions=flood"
4273 *
4274 * You can then dump the MAC learning table with:
4275 *
4276 * ovs-ofctl dump-flows br0 table=1
4277 *
4278 * Usage Advice
4279 * ------------
4280 *
4281 * For best performance, segregate learned flows into a table that is not used
4282 * for any other flows except possibly for a lowest-priority "catch-all" flow
4283 * (a flow with no match criteria). If different learning actions specify
4284 * different match criteria, use different tables for the learned flows.
4285 *
4286 * The meaning of 'hard_timeout' and 'idle_timeout' can be counterintuitive.
4287 * These timeouts apply to the flow that is added, which means that a flow with
4288 * an idle timeout will expire when no traffic has been sent *to* the learned
4289 * address. This is not usually the intent in MAC learning; instead, we want
4290 * the MAC learn entry to expire when no traffic has been sent *from* the
4291 * learned address. Use a hard timeout for that.
4292 *
4293 *
4294 * Visibility of Changes
4295 * ---------------------
4296 *
4297 * Prior to Open vSwitch 2.4, any changes made by a "learn" action in a given
4298 * flow translation are visible to flow table lookups made later in the flow
4299 * translation. This means that, in the example above, a MAC learned by the
4300 * learn action in table 0 would be found in table 1 (if the packet being
4301 * processed had the same source and destination MAC address).
4302 *
4303 * In Open vSwitch 2.4 and later, changes to a flow table (whether to add or
4304 * modify a flow) by a "learn" action are visible only for later flow
4305 * translations, not for later lookups within the same flow translation. In
4306 * the MAC learning example, a MAC learned by the learn action in table 0 would
4307 * not be found in table 1 if the flow translation would resubmit to table 1
4308 * after the processing of the learn action, meaning that if this MAC had not
4309 * been learned before then the packet would be flooded. */
4310 struct nx_action_learn {
4311 ovs_be16 type; /* OFPAT_VENDOR. */
4312 ovs_be16 len; /* At least 24. */
4313 ovs_be32 vendor; /* NX_VENDOR_ID. */
4314 ovs_be16 subtype; /* NXAST_LEARN. */
4315 ovs_be16 idle_timeout; /* Idle time before discarding (seconds). */
4316 ovs_be16 hard_timeout; /* Max time before discarding (seconds). */
4317 ovs_be16 priority; /* Priority level of flow entry. */
4318 ovs_be64 cookie; /* Cookie for new flow. */
4319 ovs_be16 flags; /* NX_LEARN_F_*. */
4320 uint8_t table_id; /* Table to insert flow entry. */
4321 uint8_t pad; /* Must be zero. */
4322 ovs_be16 fin_idle_timeout; /* Idle timeout after FIN, if nonzero. */
4323 ovs_be16 fin_hard_timeout; /* Hard timeout after FIN, if nonzero. */
4324 /* Followed by a sequence of flow_mod_spec elements, as described above,
4325 * until the end of the action is reached. */
4326 };
4327 OFP_ASSERT(sizeof(struct nx_action_learn) == 32);
4328
4329 struct nx_action_learn2 {
4330 struct nx_action_learn up; /* The wire format includes nx_action_learn. */
4331 ovs_be32 limit; /* Maximum number of learned flows. */
4332
4333 /* Where to store the result. */
4334 ovs_be16 result_dst_ofs; /* Starting bit offset in destination. */
4335
4336 ovs_be16 pad2; /* Must be zero. */
4337 /* Followed by:
4338 * - OXM/NXM header for destination field (4 or 8 bytes),
4339 * if NX_LEARN_F_WRITE_RESULT is set in 'flags'
4340 * - a sequence of flow_mod_spec elements, as described above,
4341 * until the end of the action is reached. */
4342 };
4343 OFP_ASSERT(sizeof(struct nx_action_learn2) == 40);
4344
4345 static ovs_be16
4346 get_be16(const void **pp)
4347 {
4348 const ovs_be16 *p = *pp;
4349 ovs_be16 value = *p;
4350 *pp = p + 1;
4351 return value;
4352 }
4353
4354 static ovs_be32
4355 get_be32(const void **pp)
4356 {
4357 const ovs_be32 *p = *pp;
4358 ovs_be32 value = get_unaligned_be32(p);
4359 *pp = p + 1;
4360 return value;
4361 }
4362
4363 static enum ofperr
4364 get_subfield(int n_bits, const void **p, struct mf_subfield *sf,
4365 const struct vl_mff_map *vl_mff_map, uint64_t *tlv_bitmap)
4366 {
4367 enum ofperr error;
4368
4369 error = mf_vl_mff_mf_from_nxm_header(ntohl(get_be32(p)), vl_mff_map,
4370 &sf->field, tlv_bitmap);
4371 sf->ofs = ntohs(get_be16(p));
4372 sf->n_bits = n_bits;
4373 return error;
4374 }
4375
4376 static unsigned int
4377 learn_min_len(uint16_t header)
4378 {
4379 int n_bits = header & NX_LEARN_N_BITS_MASK;
4380 int src_type = header & NX_LEARN_SRC_MASK;
4381 int dst_type = header & NX_LEARN_DST_MASK;
4382 unsigned int min_len;
4383
4384 min_len = 0;
4385 if (src_type == NX_LEARN_SRC_FIELD) {
4386 min_len += sizeof(ovs_be32); /* src_field */
4387 min_len += sizeof(ovs_be16); /* src_ofs */
4388 } else {
4389 min_len += DIV_ROUND_UP(n_bits, 16);
4390 }
4391 if (dst_type == NX_LEARN_DST_MATCH ||
4392 dst_type == NX_LEARN_DST_LOAD) {
4393 min_len += sizeof(ovs_be32); /* dst_field */
4394 min_len += sizeof(ovs_be16); /* dst_ofs */
4395 }
4396 return min_len;
4397 }
4398
4399 static enum ofperr
4400 decode_LEARN_common(const struct nx_action_learn *nal,
4401 struct ofpact_learn *learn)
4402 {
4403 if (nal->pad) {
4404 return OFPERR_OFPBAC_BAD_ARGUMENT;
4405 }
4406
4407 learn->idle_timeout = ntohs(nal->idle_timeout);
4408 learn->hard_timeout = ntohs(nal->hard_timeout);
4409 learn->priority = ntohs(nal->priority);
4410 learn->cookie = nal->cookie;
4411 learn->table_id = nal->table_id;
4412 learn->fin_idle_timeout = ntohs(nal->fin_idle_timeout);
4413 learn->fin_hard_timeout = ntohs(nal->fin_hard_timeout);
4414 learn->flags = ntohs(nal->flags);
4415
4416 if (learn->table_id == 0xff) {
4417 return OFPERR_OFPBAC_BAD_ARGUMENT;
4418 }
4419
4420 return 0;
4421 }
4422
4423 static enum ofperr
4424 decode_LEARN_specs(const void *p, const void *end,
4425 const struct vl_mff_map *vl_mff_map, uint64_t *tlv_bitmap,
4426 struct ofpbuf *ofpacts)
4427 {
4428 struct ofpact_learn *learn = ofpacts->header;
4429
4430 while (p != end) {
4431 struct ofpact_learn_spec *spec;
4432 uint16_t header = ntohs(get_be16(&p));
4433
4434 if (!header) {
4435 break;
4436 }
4437
4438 spec = ofpbuf_put_zeros(ofpacts, sizeof *spec);
4439 learn = ofpacts->header;
4440
4441 spec->src_type = header & NX_LEARN_SRC_MASK;
4442 spec->dst_type = header & NX_LEARN_DST_MASK;
4443 spec->n_bits = header & NX_LEARN_N_BITS_MASK;
4444
4445 /* Check for valid src and dst type combination. */
4446 if (spec->dst_type == NX_LEARN_DST_MATCH ||
4447 spec->dst_type == NX_LEARN_DST_LOAD ||
4448 (spec->dst_type == NX_LEARN_DST_OUTPUT &&
4449 spec->src_type == NX_LEARN_SRC_FIELD)) {
4450 /* OK. */
4451 } else {
4452 return OFPERR_OFPBAC_BAD_ARGUMENT;
4453 }
4454
4455 /* Check that the arguments don't overrun the end of the action. */
4456 if ((char *) end - (char *) p < learn_min_len(header)) {
4457 return OFPERR_OFPBAC_BAD_LEN;
4458 }
4459
4460 /* Get the source. */
4461 const uint8_t *imm = NULL;
4462 unsigned int imm_bytes = 0;
4463 enum ofperr error;
4464 if (spec->src_type == NX_LEARN_SRC_FIELD) {
4465 error = get_subfield(spec->n_bits, &p, &spec->src, vl_mff_map,
4466 tlv_bitmap);
4467 if (error) {
4468 return error;
4469 }
4470 } else {
4471 int p_bytes = 2 * DIV_ROUND_UP(spec->n_bits, 16);
4472 p = (const uint8_t *) p + p_bytes;
4473
4474 imm_bytes = DIV_ROUND_UP(spec->n_bits, 8);
4475 imm = (const uint8_t *) p - imm_bytes;
4476 }
4477
4478 /* Get the destination. */
4479 if (spec->dst_type == NX_LEARN_DST_MATCH ||
4480 spec->dst_type == NX_LEARN_DST_LOAD) {
4481 error = get_subfield(spec->n_bits, &p, &spec->dst, vl_mff_map,
4482 tlv_bitmap);
4483 if (error) {
4484 return error;
4485 }
4486 }
4487
4488 if (imm) {
4489 uint8_t *src_imm = ofpbuf_put_zeros(ofpacts,
4490 OFPACT_ALIGN(imm_bytes));
4491 memcpy(src_imm, imm, imm_bytes);
4492
4493 learn = ofpacts->header;
4494 }
4495 }
4496 ofpact_finish_LEARN(ofpacts, &learn);
4497
4498 if (!is_all_zeros(p, (char *) end - (char *) p)) {
4499 return OFPERR_OFPBAC_BAD_ARGUMENT;
4500 }
4501
4502 return 0;
4503 }
4504
4505 /* Converts 'nal' into a "struct ofpact_learn" and appends that struct to
4506 * 'ofpacts'. Returns 0 if successful, otherwise an OFPERR_*. */
4507 static enum ofperr
4508 decode_NXAST_RAW_LEARN(const struct nx_action_learn *nal,
4509 enum ofp_version ofp_version OVS_UNUSED,
4510 const struct vl_mff_map *vl_mff_map,
4511 uint64_t *tlv_bitmap, struct ofpbuf *ofpacts)
4512 {
4513 struct ofpact_learn *learn;
4514 enum ofperr error;
4515
4516 learn = ofpact_put_LEARN(ofpacts);
4517
4518 error = decode_LEARN_common(nal, learn);
4519 if (error) {
4520 return error;
4521 }
4522
4523 if (learn->flags & ~(NX_LEARN_F_SEND_FLOW_REM |
4524 NX_LEARN_F_DELETE_LEARNED)) {
4525 return OFPERR_OFPBAC_BAD_ARGUMENT;
4526 }
4527
4528 return decode_LEARN_specs(nal + 1, (char *) nal + ntohs(nal->len),
4529 vl_mff_map, tlv_bitmap, ofpacts);
4530 }
4531
4532 /* Converts 'nal' into a "struct ofpact_learn" and appends that struct to
4533 * 'ofpacts'. Returns 0 if successful, otherwise an OFPERR_*. */
4534 static enum ofperr
4535 decode_NXAST_RAW_LEARN2(const struct nx_action_learn2 *nal,
4536 enum ofp_version ofp_version OVS_UNUSED,
4537 const struct vl_mff_map *vl_mff_map,
4538 uint64_t *tlv_bitmap, struct ofpbuf *ofpacts)
4539 {
4540 struct ofpbuf b = ofpbuf_const_initializer(nal, ntohs(nal->up.len));
4541 struct ofpact_learn *learn;
4542 enum ofperr error;
4543
4544 if (nal->pad2) {
4545 return OFPERR_NXBAC_MUST_BE_ZERO;
4546 }
4547
4548 learn = ofpact_put_LEARN(ofpacts);
4549 error = decode_LEARN_common(&nal->up, learn);
4550 if (error) {
4551 return error;
4552 }
4553
4554 learn->limit = ntohl(nal->limit);
4555
4556 if (learn->flags & ~(NX_LEARN_F_SEND_FLOW_REM |
4557 NX_LEARN_F_DELETE_LEARNED |
4558 NX_LEARN_F_WRITE_RESULT)) {
4559 return OFPERR_OFPBAC_BAD_ARGUMENT;
4560 }
4561
4562 ofpbuf_pull(&b, sizeof *nal);
4563
4564 if (learn->flags & NX_LEARN_F_WRITE_RESULT) {
4565 error = nx_pull_header(&b, vl_mff_map, &learn->result_dst.field, NULL);
4566 if (error) {
4567 return error;
4568 }
4569 if (!learn->result_dst.field->writable) {
4570 return OFPERR_OFPBAC_BAD_SET_ARGUMENT;
4571 }
4572 learn->result_dst.ofs = ntohs(nal->result_dst_ofs);
4573 learn->result_dst.n_bits = 1;
4574 } else if (nal->result_dst_ofs) {
4575 return OFPERR_OFPBAC_BAD_ARGUMENT;
4576 }
4577
4578 return decode_LEARN_specs(b.data, (char *) nal + ntohs(nal->up.len),
4579 vl_mff_map, tlv_bitmap, ofpacts);
4580 }
4581
4582 static void
4583 put_be16(struct ofpbuf *b, ovs_be16 x)
4584 {
4585 ofpbuf_put(b, &x, sizeof x);
4586 }
4587
4588 static void
4589 put_be32(struct ofpbuf *b, ovs_be32 x)
4590 {
4591 ofpbuf_put(b, &x, sizeof x);
4592 }
4593
4594 static void
4595 put_u16(struct ofpbuf *b, uint16_t x)
4596 {
4597 put_be16(b, htons(x));
4598 }
4599
4600 static void
4601 put_u32(struct ofpbuf *b, uint32_t x)
4602 {
4603 put_be32(b, htonl(x));
4604 }
4605
4606 static void
4607 encode_LEARN(const struct ofpact_learn *learn,
4608 enum ofp_version ofp_version OVS_UNUSED, struct ofpbuf *out)
4609 {
4610 const struct ofpact_learn_spec *spec;
4611 struct nx_action_learn *nal;
4612 size_t start_ofs;
4613
4614 start_ofs = out->size;
4615
4616 if (learn->ofpact.raw == NXAST_RAW_LEARN2
4617 || learn->limit != 0
4618 || learn->flags & NX_LEARN_F_WRITE_RESULT) {
4619 struct nx_action_learn2 *nal2;
4620
4621 nal2 = put_NXAST_LEARN2(out);
4622 nal2->limit = htonl(learn->limit);
4623 nal2->result_dst_ofs = htons(learn->result_dst.ofs);
4624 nal = &nal2->up;
4625 } else {
4626 nal = put_NXAST_LEARN(out);
4627 }
4628 nal->idle_timeout = htons(learn->idle_timeout);
4629 nal->hard_timeout = htons(learn->hard_timeout);
4630 nal->fin_idle_timeout = htons(learn->fin_idle_timeout);
4631 nal->fin_hard_timeout = htons(learn->fin_hard_timeout);
4632 nal->priority = htons(learn->priority);
4633 nal->cookie = learn->cookie;
4634 nal->flags = htons(learn->flags);
4635 nal->table_id = learn->table_id;
4636
4637 if (learn->flags & NX_LEARN_F_WRITE_RESULT) {
4638 nx_put_header(out, learn->result_dst.field->id, 0, false);
4639 }
4640
4641 OFPACT_LEARN_SPEC_FOR_EACH (spec, learn) {
4642 put_u16(out, spec->n_bits | spec->dst_type | spec->src_type);
4643
4644 if (spec->src_type == NX_LEARN_SRC_FIELD) {
4645 put_u32(out, nxm_header_from_mff(spec->src.field));
4646 put_u16(out, spec->src.ofs);
4647 } else {
4648 size_t n_dst_bytes = 2 * DIV_ROUND_UP(spec->n_bits, 16);
4649 uint8_t *bits = ofpbuf_put_zeros(out, n_dst_bytes);
4650 unsigned int n_bytes = DIV_ROUND_UP(spec->n_bits, 8);
4651
4652 memcpy(bits + n_dst_bytes - n_bytes, ofpact_learn_spec_imm(spec),
4653 n_bytes);
4654 }
4655
4656 if (spec->dst_type == NX_LEARN_DST_MATCH ||
4657 spec->dst_type == NX_LEARN_DST_LOAD) {
4658 put_u32(out, nxm_header_from_mff(spec->dst.field));
4659 put_u16(out, spec->dst.ofs);
4660 }
4661 }
4662
4663 pad_ofpat(out, start_ofs);
4664 }
4665
4666 static char * OVS_WARN_UNUSED_RESULT
4667 parse_LEARN(char *arg, struct ofpbuf *ofpacts,
4668 enum ofputil_protocol *usable_protocols OVS_UNUSED)
4669 {
4670 return learn_parse(arg, ofpacts);
4671 }
4672
4673 static void
4674 format_LEARN(const struct ofpact_learn *a, struct ds *s)
4675 {
4676 learn_format(a, s);
4677 }
4678 \f
4679 /* Action structure for NXAST_CONJUNCTION. */
4680 struct nx_action_conjunction {
4681 ovs_be16 type; /* OFPAT_VENDOR. */
4682 ovs_be16 len; /* At least 16. */
4683 ovs_be32 vendor; /* NX_VENDOR_ID. */
4684 ovs_be16 subtype; /* See enum ofp_raw_action_type. */
4685 uint8_t clause;
4686 uint8_t n_clauses;
4687 ovs_be32 id;
4688 };
4689 OFP_ASSERT(sizeof(struct nx_action_conjunction) == 16);
4690
4691 static void
4692 add_conjunction(struct ofpbuf *out,
4693 uint32_t id, uint8_t clause, uint8_t n_clauses)
4694 {
4695 struct ofpact_conjunction *oc;
4696
4697 oc = ofpact_put_CONJUNCTION(out);
4698 oc->id = id;
4699 oc->clause = clause;
4700 oc->n_clauses = n_clauses;
4701 }
4702
4703 static enum ofperr
4704 decode_NXAST_RAW_CONJUNCTION(const struct nx_action_conjunction *nac,
4705 enum ofp_version ofp_version OVS_UNUSED,
4706 struct ofpbuf *out)
4707 {
4708 if (nac->n_clauses < 2 || nac->n_clauses > 64
4709 || nac->clause >= nac->n_clauses) {
4710 return OFPERR_NXBAC_BAD_CONJUNCTION;
4711 } else {
4712 add_conjunction(out, ntohl(nac->id), nac->clause, nac->n_clauses);
4713 return 0;
4714 }
4715 }
4716
4717 static void
4718 encode_CONJUNCTION(const struct ofpact_conjunction *oc,
4719 enum ofp_version ofp_version OVS_UNUSED, struct ofpbuf *out)
4720 {
4721 struct nx_action_conjunction *nac = put_NXAST_CONJUNCTION(out);
4722 nac->clause = oc->clause;
4723 nac->n_clauses = oc->n_clauses;
4724 nac->id = htonl(oc->id);
4725 }
4726
4727 static void
4728 format_CONJUNCTION(const struct ofpact_conjunction *oc, struct ds *s)
4729 {
4730 ds_put_format(s, "%sconjunction(%s%"PRIu32",%d/%"PRIu8"%s)%s",
4731 colors.paren, colors.end,
4732 oc->id, oc->clause + 1, oc->n_clauses,
4733 colors.paren, colors.end);
4734 }
4735
4736 static char * OVS_WARN_UNUSED_RESULT
4737 parse_CONJUNCTION(const char *arg, struct ofpbuf *ofpacts,
4738 enum ofputil_protocol *usable_protocols OVS_UNUSED)
4739 {
4740 uint8_t n_clauses;
4741 uint8_t clause;
4742 uint32_t id;
4743 int n;
4744
4745 if (!ovs_scan(arg, "%"SCNi32" , %"SCNu8" / %"SCNu8" %n",
4746 &id, &clause, &n_clauses, &n) || n != strlen(arg)) {
4747 return xstrdup("\"conjunction\" syntax is \"conjunction(id,i/n)\"");
4748 }
4749
4750 if (n_clauses < 2) {
4751 return xstrdup("conjunction must have at least 2 clauses");
4752 } else if (n_clauses > 64) {
4753 return xstrdup("conjunction must have at most 64 clauses");
4754 } else if (clause < 1) {
4755 return xstrdup("clause index must be positive");
4756 } else if (clause > n_clauses) {
4757 return xstrdup("clause index must be less than or equal to "
4758 "number of clauses");
4759 }
4760
4761 add_conjunction(ofpacts, id, clause - 1, n_clauses);
4762 return NULL;
4763 }
4764 \f
4765 /* Action structure for NXAST_MULTIPATH.
4766 *
4767 * This action performs the following steps in sequence:
4768 *
4769 * 1. Hashes the fields designated by 'fields', one of NX_HASH_FIELDS_*.
4770 * Refer to the definition of "enum nx_mp_fields" for details.
4771 *
4772 * The 'basis' value is used as a universal hash parameter, that is,
4773 * different values of 'basis' yield different hash functions. The
4774 * particular universal hash function used is implementation-defined.
4775 *
4776 * The hashed fields' values are drawn from the current state of the
4777 * flow, including all modifications that have been made by actions up to
4778 * this point.
4779 *
4780 * 2. Applies the multipath link choice algorithm specified by 'algorithm',
4781 * one of NX_MP_ALG_*. Refer to the definition of "enum nx_mp_algorithm"
4782 * for details.
4783 *
4784 * The output of the algorithm is 'link', an unsigned integer less than
4785 * or equal to 'max_link'.
4786 *
4787 * Some algorithms use 'arg' as an additional argument.
4788 *
4789 * 3. Stores 'link' in dst[ofs:ofs+n_bits]. The format and semantics of
4790 * 'dst' and 'ofs_nbits' are similar to those for the NXAST_REG_LOAD
4791 * action.
4792 *
4793 * The switch will reject actions that have an unknown 'fields', or an unknown
4794 * 'algorithm', or in which ofs+n_bits is greater than the width of 'dst', or
4795 * in which 'max_link' is greater than or equal to 2**n_bits, with error type
4796 * OFPET_BAD_ACTION, code OFPBAC_BAD_ARGUMENT.
4797 */
4798 struct nx_action_multipath {
4799 ovs_be16 type; /* OFPAT_VENDOR. */
4800 ovs_be16 len; /* Length is 32. */
4801 ovs_be32 vendor; /* NX_VENDOR_ID. */
4802 ovs_be16 subtype; /* NXAST_MULTIPATH. */
4803
4804 /* What fields to hash and how. */
4805 ovs_be16 fields; /* One of NX_HASH_FIELDS_*. */
4806 ovs_be16 basis; /* Universal hash parameter. */
4807 ovs_be16 pad0;
4808
4809 /* Multipath link choice algorithm to apply to hash value. */
4810 ovs_be16 algorithm; /* One of NX_MP_ALG_*. */
4811 ovs_be16 max_link; /* Number of output links, minus 1. */
4812 ovs_be32 arg; /* Algorithm-specific argument. */
4813 ovs_be16 pad1;
4814
4815 /* Where to store the result. */
4816 ovs_be16 ofs_nbits; /* (ofs << 6) | (n_bits - 1). */
4817 ovs_be32 dst; /* Destination. */
4818 };
4819 OFP_ASSERT(sizeof(struct nx_action_multipath) == 32);
4820
4821 static enum ofperr
4822 decode_NXAST_RAW_MULTIPATH(const struct nx_action_multipath *nam,
4823 enum ofp_version ofp_version OVS_UNUSED,
4824 const struct vl_mff_map *vl_mff_map,
4825 uint64_t *tlv_bitmap, struct ofpbuf *out)
4826 {
4827 uint32_t n_links = ntohs(nam->max_link) + 1;
4828 size_t min_n_bits = log_2_ceil(n_links);
4829 struct ofpact_multipath *mp;
4830 enum ofperr error;
4831
4832 mp = ofpact_put_MULTIPATH(out);
4833 mp->fields = ntohs(nam->fields);
4834 mp->basis = ntohs(nam->basis);
4835 mp->algorithm = ntohs(nam->algorithm);
4836 mp->max_link = ntohs(nam->max_link);
4837 mp->arg = ntohl(nam->arg);
4838 mp->dst.ofs = nxm_decode_ofs(nam->ofs_nbits);
4839 mp->dst.n_bits = nxm_decode_n_bits(nam->ofs_nbits);
4840 error = mf_vl_mff_mf_from_nxm_header(ntohl(nam->dst), vl_mff_map,
4841 &mp->dst.field, tlv_bitmap);
4842 if (error) {
4843 return error;
4844 }
4845
4846 if (!flow_hash_fields_valid(mp->fields)) {
4847 VLOG_WARN_RL(&rl, "unsupported fields %d", (int) mp->fields);
4848 return OFPERR_OFPBAC_BAD_ARGUMENT;
4849 } else if (mp->algorithm != NX_MP_ALG_MODULO_N
4850 && mp->algorithm != NX_MP_ALG_HASH_THRESHOLD
4851 && mp->algorithm != NX_MP_ALG_HRW
4852 && mp->algorithm != NX_MP_ALG_ITER_HASH) {
4853 VLOG_WARN_RL(&rl, "unsupported algorithm %d", (int) mp->algorithm);
4854 return OFPERR_OFPBAC_BAD_ARGUMENT;
4855 } else if (mp->dst.n_bits < min_n_bits) {
4856 VLOG_WARN_RL(&rl, "multipath action requires at least %"PRIuSIZE" bits for "
4857 "%"PRIu32" links", min_n_bits, n_links);
4858 return OFPERR_OFPBAC_BAD_ARGUMENT;
4859 }
4860
4861 return multipath_check(mp, NULL);
4862 }
4863
4864 static void
4865 encode_MULTIPATH(const struct ofpact_multipath *mp,
4866 enum ofp_version ofp_version OVS_UNUSED, struct ofpbuf *out)
4867 {
4868 struct nx_action_multipath *nam = put_NXAST_MULTIPATH(out);
4869
4870 nam->fields = htons(mp->fields);
4871 nam->basis = htons(mp->basis);
4872 nam->algorithm = htons(mp->algorithm);
4873 nam->max_link = htons(mp->max_link);
4874 nam->arg = htonl(mp->arg);
4875 nam->ofs_nbits = nxm_encode_ofs_nbits(mp->dst.ofs, mp->dst.n_bits);
4876 nam->dst = htonl(nxm_header_from_mff(mp->dst.field));
4877 }
4878
4879 static char * OVS_WARN_UNUSED_RESULT
4880 parse_MULTIPATH(const char *arg, struct ofpbuf *ofpacts,
4881 enum ofputil_protocol *usable_protocols OVS_UNUSED)
4882 {
4883 return multipath_parse(ofpact_put_MULTIPATH(ofpacts), arg);
4884 }
4885
4886 static void
4887 format_MULTIPATH(const struct ofpact_multipath *a, struct ds *s)
4888 {
4889 multipath_format(a, s);
4890 }
4891 \f
4892 /* Action structure for NXAST_NOTE.
4893 *
4894 * This action has no effect. It is variable length. The switch does not
4895 * attempt to interpret the user-defined 'note' data in any way. A controller
4896 * can use this action to attach arbitrary metadata to a flow.
4897 *
4898 * This action might go away in the future.
4899 */
4900 struct nx_action_note {
4901 ovs_be16 type; /* OFPAT_VENDOR. */
4902 ovs_be16 len; /* A multiple of 8, but at least 16. */
4903 ovs_be32 vendor; /* NX_VENDOR_ID. */
4904 ovs_be16 subtype; /* NXAST_NOTE. */
4905 uint8_t note[6]; /* Start of user-defined data. */
4906 /* Possibly followed by additional user-defined data. */
4907 };
4908 OFP_ASSERT(sizeof(struct nx_action_note) == 16);
4909
4910 static enum ofperr
4911 decode_NXAST_RAW_NOTE(const struct nx_action_note *nan,
4912 enum ofp_version ofp_version OVS_UNUSED,
4913 struct ofpbuf *out)
4914 {
4915 struct ofpact_note *note;
4916 unsigned int length;
4917
4918 length = ntohs(nan->len) - offsetof(struct nx_action_note, note);
4919 note = ofpact_put_NOTE(out);
4920 note->length = length;
4921 ofpbuf_put(out, nan->note, length);
4922 note = out->header;
4923 ofpact_finish_NOTE(out, &note);
4924
4925 return 0;
4926 }
4927
4928 static void
4929 encode_NOTE(const struct ofpact_note *note,
4930 enum ofp_version ofp_version OVS_UNUSED, struct ofpbuf *out)
4931 {
4932 size_t start_ofs = out->size;
4933 struct nx_action_note *nan;
4934
4935 put_NXAST_NOTE(out);
4936 out->size = out->size - sizeof nan->note;
4937
4938 ofpbuf_put(out, note->data, note->length);
4939 pad_ofpat(out, start_ofs);
4940 }
4941
4942 static char * OVS_WARN_UNUSED_RESULT
4943 parse_NOTE(const char *arg, struct ofpbuf *ofpacts,
4944 enum ofputil_protocol *usable_protocols OVS_UNUSED)
4945 {
4946 size_t start_ofs = ofpacts->size;
4947 ofpact_put_NOTE(ofpacts);
4948 arg = ofpbuf_put_hex(ofpacts, arg, NULL);
4949 if (arg[0]) {
4950 return xstrdup("bad hex digit in `note' argument");
4951 }
4952 struct ofpact_note *note = ofpbuf_at_assert(ofpacts, start_ofs,
4953 sizeof *note);
4954 note->length = ofpacts->size - (start_ofs + sizeof *note);
4955 ofpact_finish_NOTE(ofpacts, &note);
4956 return NULL;
4957 }
4958
4959 static void
4960 format_NOTE(const struct ofpact_note *a, struct ds *s)
4961 {
4962 ds_put_format(s, "%snote:%s", colors.param, colors.end);
4963 format_hex_arg(s, a->data, a->length);
4964 }
4965 \f
4966 /* Exit action. */
4967
4968 static enum ofperr
4969 decode_NXAST_RAW_EXIT(struct ofpbuf *out)
4970 {
4971 ofpact_put_EXIT(out);
4972 return 0;
4973 }
4974
4975 static void
4976 encode_EXIT(const struct ofpact_null *null OVS_UNUSED,
4977 enum ofp_version ofp_version OVS_UNUSED, struct ofpbuf *out)
4978 {
4979 put_NXAST_EXIT(out);
4980 }
4981
4982 static char * OVS_WARN_UNUSED_RESULT
4983 parse_EXIT(char *arg OVS_UNUSED, struct ofpbuf *ofpacts,
4984 enum ofputil_protocol *usable_protocols OVS_UNUSED)
4985 {
4986 ofpact_put_EXIT(ofpacts);
4987 return NULL;
4988 }
4989
4990 static void
4991 format_EXIT(const struct ofpact_null *a OVS_UNUSED, struct ds *s)
4992 {
4993 ds_put_format(s, "%sexit%s", colors.special, colors.end);
4994 }
4995 \f
4996 /* Unroll xlate action. */
4997
4998 static void
4999 encode_UNROLL_XLATE(const struct ofpact_unroll_xlate *unroll OVS_UNUSED,
5000 enum ofp_version ofp_version OVS_UNUSED,
5001 struct ofpbuf *out OVS_UNUSED)
5002 {
5003 OVS_NOT_REACHED();
5004 }
5005
5006 static char * OVS_WARN_UNUSED_RESULT
5007 parse_UNROLL_XLATE(char *arg OVS_UNUSED, struct ofpbuf *ofpacts OVS_UNUSED,
5008 enum ofputil_protocol *usable_protocols OVS_UNUSED)
5009 {
5010 OVS_NOT_REACHED();
5011 return NULL;
5012 }
5013
5014 static void
5015 format_UNROLL_XLATE(const struct ofpact_unroll_xlate *a, struct ds *s)
5016 {
5017 ds_put_format(s, "%sunroll_xlate(%s%stable=%s%"PRIu8
5018 ", %scookie=%s%"PRIu64"%s)%s",
5019 colors.paren, colors.end,
5020 colors.special, colors.end, a->rule_table_id,
5021 colors.param, colors.end, ntohll(a->rule_cookie),
5022 colors.paren, colors.end);
5023 }
5024 \f
5025 /* The NXAST_CLONE action is "struct ext_action_header", followed by zero or
5026 * more embedded OpenFlow actions. */
5027
5028 static enum ofperr
5029 decode_NXAST_RAW_CLONE(const struct ext_action_header *eah,
5030 enum ofp_version ofp_version,
5031 const struct vl_mff_map *vl_mff_map,
5032 uint64_t *tlv_bitmap, struct ofpbuf *out)
5033 {
5034 int error;
5035 struct ofpbuf openflow;
5036 const size_t clone_offset = ofpacts_pull(out);
5037 struct ofpact_nest *clone = ofpact_put_CLONE(out);
5038
5039 /* decode action list */
5040 ofpbuf_pull(out, sizeof(*clone));
5041 openflow = ofpbuf_const_initializer(
5042 eah + 1, ntohs(eah->len) - sizeof *eah);
5043 error = ofpacts_pull_openflow_actions__(&openflow, openflow.size,
5044 ofp_version,
5045 1u << OVSINST_OFPIT11_APPLY_ACTIONS,
5046 out, 0, vl_mff_map, tlv_bitmap);
5047 clone = ofpbuf_push_uninit(out, sizeof *clone);
5048 out->header = &clone->ofpact;
5049 ofpact_finish_CLONE(out, &clone);
5050 ofpbuf_push_uninit(out, clone_offset);
5051 return error;
5052 }
5053
5054 static void
5055 encode_CLONE(const struct ofpact_nest *clone,
5056 enum ofp_version ofp_version, struct ofpbuf *out)
5057 {
5058 size_t len;
5059 const size_t ofs = out->size;
5060 struct ext_action_header *eah;
5061
5062 eah = put_NXAST_CLONE(out);
5063 len = ofpacts_put_openflow_actions(clone->actions,
5064 ofpact_nest_get_action_len(clone),
5065 out, ofp_version);
5066 len += sizeof *eah;
5067 eah = ofpbuf_at(out, ofs, sizeof *eah);
5068 eah->len = htons(len);
5069 }
5070
5071 static char * OVS_WARN_UNUSED_RESULT
5072 parse_CLONE(char *arg, struct ofpbuf *ofpacts,
5073 enum ofputil_protocol *usable_protocols)
5074 {
5075 const size_t clone_offset = ofpacts_pull(ofpacts);
5076 struct ofpact_nest *clone = ofpact_put_CLONE(ofpacts);
5077 char *error;
5078
5079 ofpbuf_pull(ofpacts, sizeof *clone);
5080 error = ofpacts_parse_copy(arg, ofpacts, usable_protocols, false, 0);
5081 /* header points to the action list */
5082 ofpacts->header = ofpbuf_push_uninit(ofpacts, sizeof *clone);
5083 clone = ofpacts->header;
5084
5085 ofpact_finish_CLONE(ofpacts, &clone);
5086 ofpbuf_push_uninit(ofpacts, clone_offset);
5087 return error;
5088 }
5089
5090 static void
5091 format_CLONE(const struct ofpact_nest *a, struct ds *s)
5092 {
5093 ds_put_format(s, "%sclone(%s", colors.paren, colors.end);
5094 ofpacts_format(a->actions, ofpact_nest_get_action_len(a), s);
5095 ds_put_format(s, "%s)%s", colors.paren, colors.end);
5096 }
5097 \f
5098 /* Action structure for NXAST_SAMPLE.
5099 *
5100 * Samples matching packets with the given probability and sends them
5101 * each to the set of collectors identified with the given ID. The
5102 * probability is expressed as a number of packets to be sampled out
5103 * of USHRT_MAX packets, and must be >0.
5104 *
5105 * When sending packet samples to IPFIX collectors, the IPFIX flow
5106 * record sent for each sampled packet is associated with the given
5107 * observation domain ID and observation point ID. Each IPFIX flow
5108 * record contain the sampled packet's headers when executing this
5109 * rule. If a sampled packet's headers are modified by previous
5110 * actions in the flow, those modified headers are sent. */
5111 struct nx_action_sample {
5112 ovs_be16 type; /* OFPAT_VENDOR. */
5113 ovs_be16 len; /* Length is 24. */
5114 ovs_be32 vendor; /* NX_VENDOR_ID. */
5115 ovs_be16 subtype; /* NXAST_SAMPLE. */
5116 ovs_be16 probability; /* Fraction of packets to sample. */
5117 ovs_be32 collector_set_id; /* ID of collector set in OVSDB. */
5118 ovs_be32 obs_domain_id; /* ID of sampling observation domain. */
5119 ovs_be32 obs_point_id; /* ID of sampling observation point. */
5120 };
5121 OFP_ASSERT(sizeof(struct nx_action_sample) == 24);
5122
5123 /* Action structure for NXAST_SAMPLE2 and NXAST_SAMPLE3.
5124 *
5125 * NXAST_SAMPLE2 was added in Open vSwitch 2.5.90. Compared to NXAST_SAMPLE,
5126 * it adds support for exporting egress tunnel information.
5127 *
5128 * NXAST_SAMPLE3 was added in Open vSwitch 2.6.90. Compared to NXAST_SAMPLE2,
5129 * it adds support for the 'direction' field. */
5130 struct nx_action_sample2 {
5131 ovs_be16 type; /* OFPAT_VENDOR. */
5132 ovs_be16 len; /* Length is 32. */
5133 ovs_be32 vendor; /* NX_VENDOR_ID. */
5134 ovs_be16 subtype; /* NXAST_SAMPLE. */
5135 ovs_be16 probability; /* Fraction of packets to sample. */
5136 ovs_be32 collector_set_id; /* ID of collector set in OVSDB. */
5137 ovs_be32 obs_domain_id; /* ID of sampling observation domain. */
5138 ovs_be32 obs_point_id; /* ID of sampling observation point. */
5139 ovs_be16 sampling_port; /* Sampling port. */
5140 uint8_t direction; /* NXAST_SAMPLE3 only. */
5141 uint8_t zeros[5]; /* Pad to a multiple of 8 bytes */
5142 };
5143 OFP_ASSERT(sizeof(struct nx_action_sample2) == 32);
5144
5145 static enum ofperr
5146 decode_NXAST_RAW_SAMPLE(const struct nx_action_sample *nas,
5147 enum ofp_version ofp_version OVS_UNUSED,
5148 struct ofpbuf *out)
5149 {
5150 struct ofpact_sample *sample;
5151
5152 sample = ofpact_put_SAMPLE(out);
5153 sample->ofpact.raw = NXAST_RAW_SAMPLE;
5154 sample->probability = ntohs(nas->probability);
5155 sample->collector_set_id = ntohl(nas->collector_set_id);
5156 sample->obs_domain_id = ntohl(nas->obs_domain_id);
5157 sample->obs_point_id = ntohl(nas->obs_point_id);
5158 sample->sampling_port = OFPP_NONE;
5159 sample->direction = NX_ACTION_SAMPLE_DEFAULT;
5160
5161 if (sample->probability == 0) {
5162 return OFPERR_OFPBAC_BAD_ARGUMENT;
5163 }
5164
5165 return 0;
5166 }
5167
5168 static enum ofperr
5169 decode_SAMPLE2(const struct nx_action_sample2 *nas,
5170 enum ofp_raw_action_type raw,
5171 enum nx_action_sample_direction direction,
5172 struct ofpact_sample *sample)
5173 {
5174 sample->ofpact.raw = raw;
5175 sample->probability = ntohs(nas->probability);
5176 sample->collector_set_id = ntohl(nas->collector_set_id);
5177 sample->obs_domain_id = ntohl(nas->obs_domain_id);
5178 sample->obs_point_id = ntohl(nas->obs_point_id);
5179 sample->sampling_port = u16_to_ofp(ntohs(nas->sampling_port));
5180 sample->direction = direction;
5181
5182 if (sample->probability == 0) {
5183 return OFPERR_OFPBAC_BAD_ARGUMENT;
5184 }
5185
5186 return 0;
5187 }
5188
5189 static enum ofperr
5190 decode_NXAST_RAW_SAMPLE2(const struct nx_action_sample2 *nas,
5191 enum ofp_version ofp_version OVS_UNUSED,
5192 struct ofpbuf *out)
5193 {
5194 return decode_SAMPLE2(nas, NXAST_RAW_SAMPLE2, NX_ACTION_SAMPLE_DEFAULT,
5195 ofpact_put_SAMPLE(out));
5196 }
5197
5198 static enum ofperr
5199 decode_NXAST_RAW_SAMPLE3(const struct nx_action_sample2 *nas,
5200 enum ofp_version ofp_version OVS_UNUSED,
5201 struct ofpbuf *out)
5202 {
5203 struct ofpact_sample *sample = ofpact_put_SAMPLE(out);
5204 if (!is_all_zeros(nas->zeros, sizeof nas->zeros)) {
5205 return OFPERR_NXBRC_MUST_BE_ZERO;
5206 }
5207 if (nas->direction != NX_ACTION_SAMPLE_DEFAULT &&
5208 nas->direction != NX_ACTION_SAMPLE_INGRESS &&
5209 nas->direction != NX_ACTION_SAMPLE_EGRESS) {
5210 VLOG_WARN_RL(&rl, "invalid sample direction %"PRIu8, nas->direction);
5211 return OFPERR_OFPBAC_BAD_ARGUMENT;
5212 }
5213 return decode_SAMPLE2(nas, NXAST_RAW_SAMPLE3, nas->direction, sample);
5214 }
5215
5216 static void
5217 encode_SAMPLE2(const struct ofpact_sample *sample,
5218 struct nx_action_sample2 *nas)
5219 {
5220 nas->probability = htons(sample->probability);
5221 nas->collector_set_id = htonl(sample->collector_set_id);
5222 nas->obs_domain_id = htonl(sample->obs_domain_id);
5223 nas->obs_point_id = htonl(sample->obs_point_id);
5224 nas->sampling_port = htons(ofp_to_u16(sample->sampling_port));
5225 nas->direction = sample->direction;
5226 }
5227
5228 static void
5229 encode_SAMPLE(const struct ofpact_sample *sample,
5230 enum ofp_version ofp_version OVS_UNUSED, struct ofpbuf *out)
5231 {
5232 if (sample->ofpact.raw == NXAST_RAW_SAMPLE3
5233 || sample->direction != NX_ACTION_SAMPLE_DEFAULT) {
5234 encode_SAMPLE2(sample, put_NXAST_SAMPLE3(out));
5235 } else if (sample->ofpact.raw == NXAST_RAW_SAMPLE2
5236 || sample->sampling_port != OFPP_NONE) {
5237 encode_SAMPLE2(sample, put_NXAST_SAMPLE2(out));
5238 } else {
5239 struct nx_action_sample *nas = put_NXAST_SAMPLE(out);
5240 nas->probability = htons(sample->probability);
5241 nas->collector_set_id = htonl(sample->collector_set_id);
5242 nas->obs_domain_id = htonl(sample->obs_domain_id);
5243 nas->obs_point_id = htonl(sample->obs_point_id);
5244 }
5245 }
5246
5247 /* Parses 'arg' as the argument to a "sample" action, and appends such an
5248 * action to 'ofpacts'.
5249 *
5250 * Returns NULL if successful, otherwise a malloc()'d string describing the
5251 * error. The caller is responsible for freeing the returned string. */
5252 static char * OVS_WARN_UNUSED_RESULT
5253 parse_SAMPLE(char *arg, struct ofpbuf *ofpacts,
5254 enum ofputil_protocol *usable_protocols OVS_UNUSED)
5255 {
5256 struct ofpact_sample *os = ofpact_put_SAMPLE(ofpacts);
5257 os->sampling_port = OFPP_NONE;
5258 os->direction = NX_ACTION_SAMPLE_DEFAULT;
5259
5260 char *key, *value;
5261 while (ofputil_parse_key_value(&arg, &key, &value)) {
5262 char *error = NULL;
5263
5264 if (!strcmp(key, "probability")) {
5265 error = str_to_u16(value, "probability", &os->probability);
5266 if (!error && os->probability == 0) {
5267 error = xasprintf("invalid probability value \"%s\"", value);
5268 }
5269 } else if (!strcmp(key, "collector_set_id")) {
5270 error = str_to_u32(value, &os->collector_set_id);
5271 } else if (!strcmp(key, "obs_domain_id")) {
5272 error = str_to_u32(value, &os->obs_domain_id);
5273 } else if (!strcmp(key, "obs_point_id")) {
5274 error = str_to_u32(value, &os->obs_point_id);
5275 } else if (!strcmp(key, "sampling_port")) {
5276 if (!ofputil_port_from_string(value, &os->sampling_port)) {
5277 error = xasprintf("%s: unknown port", value);
5278 }
5279 } else if (!strcmp(key, "ingress")) {
5280 os->direction = NX_ACTION_SAMPLE_INGRESS;
5281 } else if (!strcmp(key, "egress")) {
5282 os->direction = NX_ACTION_SAMPLE_EGRESS;
5283 } else {
5284 error = xasprintf("invalid key \"%s\" in \"sample\" argument",
5285 key);
5286 }
5287 if (error) {
5288 return error;
5289 }
5290 }
5291 if (os->probability == 0) {
5292 return xstrdup("non-zero \"probability\" must be specified on sample");
5293 }
5294
5295 return NULL;
5296 }
5297
5298 static void
5299 format_SAMPLE(const struct ofpact_sample *a, struct ds *s)
5300 {
5301 ds_put_format(s, "%ssample(%s%sprobability=%s%"PRIu16
5302 ",%scollector_set_id=%s%"PRIu32
5303 ",%sobs_domain_id=%s%"PRIu32
5304 ",%sobs_point_id=%s%"PRIu32,
5305 colors.paren, colors.end,
5306 colors.param, colors.end, a->probability,
5307 colors.param, colors.end, a->collector_set_id,
5308 colors.param, colors.end, a->obs_domain_id,
5309 colors.param, colors.end, a->obs_point_id);
5310 if (a->sampling_port != OFPP_NONE) {
5311 ds_put_format(s, ",%ssampling_port=%s%"PRIu32,
5312 colors.param, colors.end, a->sampling_port);
5313 }
5314 if (a->direction == NX_ACTION_SAMPLE_INGRESS) {
5315 ds_put_format(s, ",%singress%s", colors.param, colors.end);
5316 } else if (a->direction == NX_ACTION_SAMPLE_EGRESS) {
5317 ds_put_format(s, ",%segress%s", colors.param, colors.end);
5318 }
5319 ds_put_format(s, "%s)%s", colors.paren, colors.end);
5320 }
5321 \f
5322 /* debug_recirc instruction. */
5323
5324 static bool enable_debug;
5325
5326 void
5327 ofpact_dummy_enable(void)
5328 {
5329 enable_debug = true;
5330 }
5331
5332 static enum ofperr
5333 decode_NXAST_RAW_DEBUG_RECIRC(struct ofpbuf *out)
5334 {
5335 if (!enable_debug) {
5336 return OFPERR_OFPBAC_BAD_VENDOR_TYPE;
5337 }
5338
5339 ofpact_put_DEBUG_RECIRC(out);
5340 return 0;
5341 }
5342
5343 static void
5344 encode_DEBUG_RECIRC(const struct ofpact_null *n OVS_UNUSED,
5345 enum ofp_version ofp_version OVS_UNUSED,
5346 struct ofpbuf *out)
5347 {
5348 put_NXAST_DEBUG_RECIRC(out);
5349 }
5350
5351 static char * OVS_WARN_UNUSED_RESULT
5352 parse_DEBUG_RECIRC(char *arg OVS_UNUSED, struct ofpbuf *ofpacts,
5353 enum ofputil_protocol *usable_protocols OVS_UNUSED)
5354 {
5355 ofpact_put_DEBUG_RECIRC(ofpacts);
5356 return NULL;
5357 }
5358
5359 static void
5360 format_DEBUG_RECIRC(const struct ofpact_null *a OVS_UNUSED, struct ds *s)
5361 {
5362 ds_put_format(s, "%sdebug_recirc%s", colors.value, colors.end);
5363 }
5364
5365 /* Action structure for NXAST_CT.
5366 *
5367 * Pass traffic to the connection tracker.
5368 *
5369 * There are two important concepts to understanding the connection tracking
5370 * interface: Packet state and Connection state. Packets may be "Untracked" or
5371 * "Tracked". Connections may be "Uncommitted" or "Committed".
5372 *
5373 * - Packet State:
5374 *
5375 * Untracked packets have not yet passed through the connection tracker,
5376 * and the connection state for such packets is unknown. In most cases,
5377 * packets entering the OpenFlow pipeline will initially be in the
5378 * untracked state. Untracked packets may become tracked by executing
5379 * NXAST_CT with a "recirc_table" specified. This makes various aspects
5380 * about the connection available, in particular the connection state.
5381 *
5382 * Tracked packets have previously passed through the connection tracker.
5383 * These packets will remain tracked through until the end of the OpenFlow
5384 * pipeline. Tracked packets which have NXAST_CT executed with a
5385 * "recirc_table" specified will return to the tracked state.
5386 *
5387 * The packet state is only significant for the duration of packet
5388 * processing within the OpenFlow pipeline.
5389 *
5390 * - Connection State:
5391 *
5392 * Multiple packets may be associated with a single connection. Initially,
5393 * all connections are uncommitted. The connection state corresponding to
5394 * a packet is available in the NXM_NX_CT_STATE field for tracked packets.
5395 *
5396 * Uncommitted connections have no state stored about them. Uncommitted
5397 * connections may transition into the committed state by executing
5398 * NXAST_CT with the NX_CT_F_COMMIT flag.
5399 *
5400 * Once a connection becomes committed, information may be gathered about
5401 * the connection by passing subsequent packets through the connection
5402 * tracker, and the state of the connection will be stored beyond the
5403 * lifetime of packet processing.
5404 *
5405 * A committed connection always has the directionality of the packet that
5406 * caused the connection to be committed in the first place. This is the
5407 * "original direction" of the connection, and the opposite direction is
5408 * the "reply direction". If a connection is already committed, but it is
5409 * then decided that the original direction should be the opposite of the
5410 * existing connection, NX_CT_F_FORCE flag may be used in addition to
5411 * NX_CT_F_COMMIT flag to in effect terminate the existing connection and
5412 * start a new one in the current direction.
5413 *
5414 * Connections may transition back into the uncommitted state due to
5415 * external timers, or due to the contents of packets that are sent to the
5416 * connection tracker. This behaviour is outside of the scope of the
5417 * OpenFlow interface.
5418 *
5419 * The "zone" specifies a context within which the tracking is done:
5420 *
5421 * The connection tracking zone is a 16-bit number. Each zone is an
5422 * independent connection tracking context. The connection state for each
5423 * connection is completely separate for each zone, so if a connection
5424 * is committed to zone A, then it will remain uncommitted in zone B.
5425 * If NXAST_CT is executed with the same zone multiple times, later
5426 * executions have no effect.
5427 *
5428 * If 'zone_src' is nonzero, this specifies that the zone should be
5429 * sourced from a field zone_src[ofs:ofs+nbits]. The format and semantics
5430 * of 'zone_src' and 'zone_ofs_nbits' are similar to those for the
5431 * NXAST_REG_LOAD action. The acceptable nxm_header values for 'zone_src'
5432 * are the same as the acceptable nxm_header values for the 'src' field of
5433 * NXAST_REG_MOVE.
5434 *
5435 * If 'zone_src' is zero, then the value of 'zone_imm' will be used as the
5436 * connection tracking zone.
5437 *
5438 * The "recirc_table" allows NXM_NX_CT_* fields to become available:
5439 *
5440 * If "recirc_table" has a value other than NX_CT_RECIRC_NONE, then the
5441 * packet will be logically cloned prior to executing this action. One
5442 * copy will be sent to the connection tracker, then will be re-injected
5443 * into the OpenFlow pipeline beginning at the OpenFlow table specified in
5444 * this field. When the packet re-enters the pipeline, the NXM_NX_CT_*
5445 * fields will be populated. The original instance of the packet will
5446 * continue the current actions list. This can be thought of as similar to
5447 * the effect of the "output" action: One copy is sent out (in this case,
5448 * to the connection tracker), but the current copy continues processing.
5449 *
5450 * It is strongly recommended that this table is later than the current
5451 * table, to prevent loops.
5452 *
5453 * The "alg" attaches protocol-specific behaviour to this action:
5454 *
5455 * The ALG is a 16-bit number which specifies that additional
5456 * processing should be applied to this traffic.
5457 *
5458 * Protocol | Value | Meaning
5459 * --------------------------------------------------------------------
5460 * None | 0 | No protocol-specific behaviour.
5461 * FTP | 21 | Parse FTP control connections and observe the
5462 * | | negotiation of related data connections.
5463 * Other | Other | Unsupported protocols.
5464 *
5465 * By way of example, if FTP control connections have this action applied
5466 * with the ALG set to FTP (21), then the connection tracker will observe
5467 * the negotiation of data connections. This allows the connection
5468 * tracker to identify subsequent data connections as "related" to this
5469 * existing connection. The "related" flag will be populated in the
5470 * NXM_NX_CT_STATE field for such connections if the 'recirc_table' is
5471 * specified.
5472 *
5473 * Zero or more actions may immediately follow this action. These actions will
5474 * be executed within the context of the connection tracker, and they require
5475 * NX_CT_F_COMMIT flag be set.
5476 */
5477 struct nx_action_conntrack {
5478 ovs_be16 type; /* OFPAT_VENDOR. */
5479 ovs_be16 len; /* At least 24. */
5480 ovs_be32 vendor; /* NX_VENDOR_ID. */
5481 ovs_be16 subtype; /* NXAST_CT. */
5482 ovs_be16 flags; /* Zero or more NX_CT_F_* flags.
5483 * Unspecified flag bits must be zero. */
5484 ovs_be32 zone_src; /* Connection tracking context. */
5485 union {
5486 ovs_be16 zone_ofs_nbits;/* Range to use from source field. */
5487 ovs_be16 zone_imm; /* Immediate value for zone. */
5488 };
5489 uint8_t recirc_table; /* Recirculate to a specific table, or
5490 NX_CT_RECIRC_NONE for no recirculation. */
5491 uint8_t pad[3]; /* Zeroes */
5492 ovs_be16 alg; /* Well-known port number for the protocol.
5493 * 0 indicates no ALG is required. */
5494 /* Followed by a sequence of zero or more OpenFlow actions. The length of
5495 * these is included in 'len'. */
5496 };
5497 OFP_ASSERT(sizeof(struct nx_action_conntrack) == 24);
5498
5499 static enum ofperr
5500 decode_ct_zone(const struct nx_action_conntrack *nac,
5501 struct ofpact_conntrack *out,
5502 const struct vl_mff_map *vl_mff_map, uint64_t *tlv_bitmap)
5503 {
5504 if (nac->zone_src) {
5505 enum ofperr error;
5506
5507 out->zone_src.ofs = nxm_decode_ofs(nac->zone_ofs_nbits);
5508 out->zone_src.n_bits = nxm_decode_n_bits(nac->zone_ofs_nbits);
5509 error = mf_vl_mff_mf_from_nxm_header(ntohl(nac->zone_src),
5510 vl_mff_map, &out->zone_src.field,
5511 tlv_bitmap);
5512 if (error) {
5513 return error;
5514 }
5515
5516 error = mf_check_src(&out->zone_src, NULL);
5517 if (error) {
5518 return error;
5519 }
5520
5521 if (out->zone_src.n_bits != 16) {
5522 VLOG_WARN_RL(&rl, "zone n_bits %d not within valid range [16..16]",
5523 out->zone_src.n_bits);
5524 return OFPERR_OFPBAC_BAD_SET_LEN;
5525 }
5526 } else {
5527 out->zone_src.field = NULL;
5528 out->zone_imm = ntohs(nac->zone_imm);
5529 }
5530
5531 return 0;
5532 }
5533
5534 static enum ofperr
5535 decode_NXAST_RAW_CT(const struct nx_action_conntrack *nac,
5536 enum ofp_version ofp_version,
5537 const struct vl_mff_map *vl_mff_map, uint64_t *tlv_bitmap,
5538 struct ofpbuf *out)
5539 {
5540 const size_t ct_offset = ofpacts_pull(out);
5541 struct ofpact_conntrack *conntrack = ofpact_put_CT(out);
5542 int error;
5543
5544 conntrack->flags = ntohs(nac->flags);
5545 if (conntrack->flags & NX_CT_F_FORCE &&
5546 !(conntrack->flags & NX_CT_F_COMMIT)) {
5547 error = OFPERR_OFPBAC_BAD_ARGUMENT;
5548 goto out;
5549 }
5550
5551 error = decode_ct_zone(nac, conntrack, vl_mff_map, tlv_bitmap);
5552 if (error) {
5553 goto out;
5554 }
5555 conntrack->recirc_table = nac->recirc_table;
5556 conntrack->alg = ntohs(nac->alg);
5557
5558 ofpbuf_pull(out, sizeof(*conntrack));
5559
5560 struct ofpbuf openflow = ofpbuf_const_initializer(
5561 nac + 1, ntohs(nac->len) - sizeof(*nac));
5562 error = ofpacts_pull_openflow_actions__(&openflow, openflow.size,
5563 ofp_version,
5564 1u << OVSINST_OFPIT11_APPLY_ACTIONS,
5565 out, OFPACT_CT, vl_mff_map,
5566 tlv_bitmap);
5567 if (error) {
5568 goto out;
5569 }
5570
5571 conntrack = ofpbuf_push_uninit(out, sizeof(*conntrack));
5572 out->header = &conntrack->ofpact;
5573 ofpact_finish_CT(out, &conntrack);
5574
5575 if (conntrack->ofpact.len > sizeof(*conntrack)
5576 && !(conntrack->flags & NX_CT_F_COMMIT)) {
5577 const struct ofpact *a;
5578 size_t ofpacts_len = conntrack->ofpact.len - sizeof(*conntrack);
5579
5580 OFPACT_FOR_EACH (a, conntrack->actions, ofpacts_len) {
5581 if (a->type != OFPACT_NAT || ofpact_get_NAT(a)->flags
5582 || ofpact_get_NAT(a)->range_af != AF_UNSPEC) {
5583 VLOG_WARN_RL(&rl, "CT action requires commit flag if actions "
5584 "other than NAT without arguments are specified.");
5585 error = OFPERR_OFPBAC_BAD_ARGUMENT;
5586 goto out;
5587 }
5588 }
5589 }
5590
5591 out:
5592 ofpbuf_push_uninit(out, ct_offset);
5593 return error;
5594 }
5595
5596 static void
5597 encode_CT(const struct ofpact_conntrack *conntrack,
5598 enum ofp_version ofp_version, struct ofpbuf *out)
5599 {
5600 struct nx_action_conntrack *nac;
5601 const size_t ofs = out->size;
5602 size_t len;
5603
5604 nac = put_NXAST_CT(out);
5605 nac->flags = htons(conntrack->flags);
5606 if (conntrack->zone_src.field) {
5607 nac->zone_src = htonl(nxm_header_from_mff(conntrack->zone_src.field));
5608 nac->zone_ofs_nbits = nxm_encode_ofs_nbits(conntrack->zone_src.ofs,
5609 conntrack->zone_src.n_bits);
5610 } else {
5611 nac->zone_src = htonl(0);
5612 nac->zone_imm = htons(conntrack->zone_imm);
5613 }
5614 nac->recirc_table = conntrack->recirc_table;
5615 nac->alg = htons(conntrack->alg);
5616
5617 len = ofpacts_put_openflow_actions(conntrack->actions,
5618 ofpact_ct_get_action_len(conntrack),
5619 out, ofp_version);
5620 len += sizeof(*nac);
5621 nac = ofpbuf_at(out, ofs, sizeof(*nac));
5622 nac->len = htons(len);
5623 }
5624
5625 static char * OVS_WARN_UNUSED_RESULT parse_NAT(char *arg, struct ofpbuf *,
5626 enum ofputil_protocol * OVS_UNUSED);
5627
5628 /* Parses 'arg' as the argument to a "ct" action, and appends such an
5629 * action to 'ofpacts'.
5630 *
5631 * Returns NULL if successful, otherwise a malloc()'d string describing the
5632 * error. The caller is responsible for freeing the returned string. */
5633 static char * OVS_WARN_UNUSED_RESULT
5634 parse_CT(char *arg, struct ofpbuf *ofpacts,
5635 enum ofputil_protocol *usable_protocols)
5636 {
5637 const size_t ct_offset = ofpacts_pull(ofpacts);
5638 struct ofpact_conntrack *oc;
5639 char *error = NULL;
5640 char *key, *value;
5641
5642 oc = ofpact_put_CT(ofpacts);
5643 oc->flags = 0;
5644 oc->recirc_table = NX_CT_RECIRC_NONE;
5645 while (ofputil_parse_key_value(&arg, &key, &value)) {
5646 if (!strcmp(key, "commit")) {
5647 oc->flags |= NX_CT_F_COMMIT;
5648 } else if (!strcmp(key, "force")) {
5649 oc->flags |= NX_CT_F_FORCE;
5650 } else if (!strcmp(key, "table")) {
5651 error = str_to_u8(value, "recirc_table", &oc->recirc_table);
5652 if (!error && oc->recirc_table == NX_CT_RECIRC_NONE) {
5653 error = xasprintf("invalid table %#"PRIx8, oc->recirc_table);
5654 }
5655 } else if (!strcmp(key, "zone")) {
5656 error = str_to_u16(value, "zone", &oc->zone_imm);
5657
5658 if (error) {
5659 free(error);
5660 error = mf_parse_subfield(&oc->zone_src, value);
5661 if (error) {
5662 return error;
5663 }
5664 }
5665 } else if (!strcmp(key, "alg")) {
5666 error = str_to_connhelper(value, &oc->alg);
5667 } else if (!strcmp(key, "nat")) {
5668 const size_t nat_offset = ofpacts_pull(ofpacts);
5669
5670 error = parse_NAT(value, ofpacts, usable_protocols);
5671 /* Update CT action pointer and length. */
5672 ofpacts->header = ofpbuf_push_uninit(ofpacts, nat_offset);
5673 oc = ofpacts->header;
5674 } else if (!strcmp(key, "exec")) {
5675 /* Hide existing actions from ofpacts_parse_copy(), so the
5676 * nesting can be handled transparently. */
5677 enum ofputil_protocol usable_protocols2;
5678 const size_t exec_offset = ofpacts_pull(ofpacts);
5679
5680 /* Initializes 'usable_protocol2', fold it back to
5681 * '*usable_protocols' afterwards, so that we do not lose
5682 * restrictions already in there. */
5683 error = ofpacts_parse_copy(value, ofpacts, &usable_protocols2,
5684 false, OFPACT_CT);
5685 *usable_protocols &= usable_protocols2;
5686 ofpacts->header = ofpbuf_push_uninit(ofpacts, exec_offset);
5687 oc = ofpacts->header;
5688 } else {
5689 error = xasprintf("invalid argument to \"ct\" action: `%s'", key);
5690 }
5691 if (error) {
5692 break;
5693 }
5694 }
5695 if (oc->flags & NX_CT_F_FORCE && !(oc->flags & NX_CT_F_COMMIT)) {
5696 error = xasprintf("\"force\" flag requires \"commit\" flag.");
5697 }
5698 ofpact_finish_CT(ofpacts, &oc);
5699 ofpbuf_push_uninit(ofpacts, ct_offset);
5700 return error;
5701 }
5702
5703 static void
5704 format_alg(int port, struct ds *s)
5705 {
5706 switch(port) {
5707 case IPPORT_FTP:
5708 ds_put_format(s, "%salg=%sftp,", colors.param, colors.end);
5709 break;
5710 case IPPORT_TFTP:
5711 ds_put_format(s, "%salg=%stftp,", colors.param, colors.end);
5712 break;
5713 case 0:
5714 /* Don't print. */
5715 break;
5716 default:
5717 ds_put_format(s, "%salg=%s%d,", colors.param, colors.end, port);
5718 break;
5719 }
5720 }
5721
5722 static void format_NAT(const struct ofpact_nat *a, struct ds *ds);
5723
5724 static void
5725 format_CT(const struct ofpact_conntrack *a, struct ds *s)
5726 {
5727 ds_put_format(s, "%sct(%s", colors.paren, colors.end);
5728 if (a->flags & NX_CT_F_COMMIT) {
5729 ds_put_format(s, "%scommit%s,", colors.value, colors.end);
5730 }
5731 if (a->flags & NX_CT_F_FORCE) {
5732 ds_put_format(s, "%sforce%s,", colors.value, colors.end);
5733 }
5734 if (a->recirc_table != NX_CT_RECIRC_NONE) {
5735 ds_put_format(s, "%stable=%s%"PRIu8",",
5736 colors.special, colors.end, a->recirc_table);
5737 }
5738 if (a->zone_src.field) {
5739 ds_put_format(s, "%szone=%s", colors.param, colors.end);
5740 mf_format_subfield(&a->zone_src, s);
5741 ds_put_char(s, ',');
5742 } else if (a->zone_imm) {
5743 ds_put_format(s, "%szone=%s%"PRIu16",",
5744 colors.param, colors.end, a->zone_imm);
5745 }
5746 /* If the first action is a NAT action, format it outside of the 'exec'
5747 * envelope. */
5748 const struct ofpact *action = a->actions;
5749 size_t actions_len = ofpact_ct_get_action_len(a);
5750 if (actions_len && action->type == OFPACT_NAT) {
5751 format_NAT(ofpact_get_NAT(action), s);
5752 ds_put_char(s, ',');
5753 actions_len -= OFPACT_ALIGN(action->len);
5754 action = ofpact_next(action);
5755 }
5756 if (actions_len) {
5757 ds_put_format(s, "%sexec(%s", colors.paren, colors.end);
5758 ofpacts_format(action, actions_len, s);
5759 ds_put_format(s, "%s),%s", colors.paren, colors.end);
5760 }
5761 format_alg(a->alg, s);
5762 ds_chomp(s, ',');
5763 ds_put_format(s, "%s)%s", colors.paren, colors.end);
5764 }
5765 \f
5766 /* ct_clear action. */
5767
5768 static enum ofperr
5769 decode_NXAST_RAW_CT_CLEAR(struct ofpbuf *out)
5770 {
5771 ofpact_put_CT_CLEAR(out);
5772 return 0;
5773 }
5774
5775 static void
5776 encode_CT_CLEAR(const struct ofpact_null *null OVS_UNUSED,
5777 enum ofp_version ofp_version OVS_UNUSED,
5778 struct ofpbuf *out)
5779 {
5780 put_NXAST_CT_CLEAR(out);
5781 }
5782
5783 static char * OVS_WARN_UNUSED_RESULT
5784 parse_CT_CLEAR(char *arg OVS_UNUSED, struct ofpbuf *ofpacts,
5785 enum ofputil_protocol *usable_protocols OVS_UNUSED)
5786 {
5787 ofpact_put_CT_CLEAR(ofpacts);
5788 return NULL;
5789 }
5790
5791 static void
5792 format_CT_CLEAR(const struct ofpact_null *a OVS_UNUSED, struct ds *s)
5793 {
5794 ds_put_format(s, "%sct_clear%s", colors.value, colors.end);
5795 }\f
5796 /* NAT action. */
5797
5798 /* Which optional fields are present? */
5799 enum nx_nat_range {
5800 NX_NAT_RANGE_IPV4_MIN = 1 << 0, /* ovs_be32 */
5801 NX_NAT_RANGE_IPV4_MAX = 1 << 1, /* ovs_be32 */
5802 NX_NAT_RANGE_IPV6_MIN = 1 << 2, /* struct in6_addr */
5803 NX_NAT_RANGE_IPV6_MAX = 1 << 3, /* struct in6_addr */
5804 NX_NAT_RANGE_PROTO_MIN = 1 << 4, /* ovs_be16 */
5805 NX_NAT_RANGE_PROTO_MAX = 1 << 5, /* ovs_be16 */
5806 };
5807
5808 /* Action structure for NXAST_NAT. */
5809 struct nx_action_nat {
5810 ovs_be16 type; /* OFPAT_VENDOR. */
5811 ovs_be16 len; /* At least 16. */
5812 ovs_be32 vendor; /* NX_VENDOR_ID. */
5813 ovs_be16 subtype; /* NXAST_NAT. */
5814 uint8_t pad[2]; /* Must be zero. */
5815 ovs_be16 flags; /* Zero or more NX_NAT_F_* flags.
5816 * Unspecified flag bits must be zero. */
5817 ovs_be16 range_present; /* NX_NAT_RANGE_* */
5818 /* Followed by optional parameters as specified by 'range_present' */
5819 };
5820 OFP_ASSERT(sizeof(struct nx_action_nat) == 16);
5821
5822 static void
5823 encode_NAT(const struct ofpact_nat *nat,
5824 enum ofp_version ofp_version OVS_UNUSED,
5825 struct ofpbuf *out)
5826 {
5827 struct nx_action_nat *nan;
5828 const size_t ofs = out->size;
5829 uint16_t range_present = 0;
5830
5831 nan = put_NXAST_NAT(out);
5832 nan->flags = htons(nat->flags);
5833 if (nat->range_af == AF_INET) {
5834 if (nat->range.addr.ipv4.min) {
5835 ovs_be32 *min = ofpbuf_put_uninit(out, sizeof *min);
5836 *min = nat->range.addr.ipv4.min;
5837 range_present |= NX_NAT_RANGE_IPV4_MIN;
5838 }
5839 if (nat->range.addr.ipv4.max) {
5840 ovs_be32 *max = ofpbuf_put_uninit(out, sizeof *max);
5841 *max = nat->range.addr.ipv4.max;
5842 range_present |= NX_NAT_RANGE_IPV4_MAX;
5843 }
5844 } else if (nat->range_af == AF_INET6) {
5845 if (!ipv6_mask_is_any(&nat->range.addr.ipv6.min)) {
5846 struct in6_addr *min = ofpbuf_put_uninit(out, sizeof *min);
5847 *min = nat->range.addr.ipv6.min;
5848 range_present |= NX_NAT_RANGE_IPV6_MIN;
5849 }
5850 if (!ipv6_mask_is_any(&nat->range.addr.ipv6.max)) {
5851 struct in6_addr *max = ofpbuf_put_uninit(out, sizeof *max);
5852 *max = nat->range.addr.ipv6.max;
5853 range_present |= NX_NAT_RANGE_IPV6_MAX;
5854 }
5855 }
5856 if (nat->range_af != AF_UNSPEC) {
5857 if (nat->range.proto.min) {
5858 ovs_be16 *min = ofpbuf_put_uninit(out, sizeof *min);
5859 *min = htons(nat->range.proto.min);
5860 range_present |= NX_NAT_RANGE_PROTO_MIN;
5861 }
5862 if (nat->range.proto.max) {
5863 ovs_be16 *max = ofpbuf_put_uninit(out, sizeof *max);
5864 *max = htons(nat->range.proto.max);
5865 range_present |= NX_NAT_RANGE_PROTO_MAX;
5866 }
5867 }
5868 pad_ofpat(out, ofs);
5869 nan = ofpbuf_at(out, ofs, sizeof *nan);
5870 nan->range_present = htons(range_present);
5871 }
5872
5873 static enum ofperr
5874 decode_NXAST_RAW_NAT(const struct nx_action_nat *nan,
5875 enum ofp_version ofp_version OVS_UNUSED,
5876 struct ofpbuf *out)
5877 {
5878 struct ofpact_nat *nat;
5879 uint16_t range_present = ntohs(nan->range_present);
5880 const char *opts = (char *)(nan + 1);
5881 uint16_t len = ntohs(nan->len) - sizeof *nan;
5882
5883 nat = ofpact_put_NAT(out);
5884 nat->flags = ntohs(nan->flags);
5885
5886 /* Check for unknown or mutually exclusive flags. */
5887 if ((nat->flags & ~NX_NAT_F_MASK)
5888 || (nat->flags & NX_NAT_F_SRC && nat->flags & NX_NAT_F_DST)
5889 || (nat->flags & NX_NAT_F_PROTO_HASH
5890 && nat->flags & NX_NAT_F_PROTO_RANDOM)) {
5891 return OFPERR_OFPBAC_BAD_ARGUMENT;
5892 }
5893
5894 #define NX_NAT_GET_OPT(DST, SRC, LEN, TYPE) \
5895 (LEN >= sizeof(TYPE) \
5896 ? (memcpy(DST, SRC, sizeof(TYPE)), LEN -= sizeof(TYPE), \
5897 SRC += sizeof(TYPE)) \
5898 : NULL)
5899
5900 nat->range_af = AF_UNSPEC;
5901 if (range_present & NX_NAT_RANGE_IPV4_MIN) {
5902 if (range_present & (NX_NAT_RANGE_IPV6_MIN | NX_NAT_RANGE_IPV6_MAX)) {
5903 return OFPERR_OFPBAC_BAD_ARGUMENT;
5904 }
5905
5906 if (!NX_NAT_GET_OPT(&nat->range.addr.ipv4.min, opts, len, ovs_be32)
5907 || !nat->range.addr.ipv4.min) {
5908 return OFPERR_OFPBAC_BAD_ARGUMENT;
5909 }
5910
5911 nat->range_af = AF_INET;
5912
5913 if (range_present & NX_NAT_RANGE_IPV4_MAX) {
5914 if (!NX_NAT_GET_OPT(&nat->range.addr.ipv4.max, opts, len,
5915 ovs_be32)) {
5916 return OFPERR_OFPBAC_BAD_ARGUMENT;
5917 }
5918 if (ntohl(nat->range.addr.ipv4.max)
5919 < ntohl(nat->range.addr.ipv4.min)) {
5920 return OFPERR_OFPBAC_BAD_ARGUMENT;
5921 }
5922 }
5923 } else if (range_present & NX_NAT_RANGE_IPV4_MAX) {
5924 return OFPERR_OFPBAC_BAD_ARGUMENT;
5925 } else if (range_present & NX_NAT_RANGE_IPV6_MIN) {
5926 if (!NX_NAT_GET_OPT(&nat->range.addr.ipv6.min, opts, len,
5927 struct in6_addr)
5928 || ipv6_mask_is_any(&nat->range.addr.ipv6.min)) {
5929 return OFPERR_OFPBAC_BAD_ARGUMENT;
5930 }
5931
5932 nat->range_af = AF_INET6;
5933
5934 if (range_present & NX_NAT_RANGE_IPV6_MAX) {
5935 if (!NX_NAT_GET_OPT(&nat->range.addr.ipv6.max, opts, len,
5936 struct in6_addr)) {
5937 return OFPERR_OFPBAC_BAD_ARGUMENT;
5938 }
5939 if (memcmp(&nat->range.addr.ipv6.max, &nat->range.addr.ipv6.min,
5940 sizeof(struct in6_addr)) < 0) {
5941 return OFPERR_OFPBAC_BAD_ARGUMENT;
5942 }
5943 }
5944 } else if (range_present & NX_NAT_RANGE_IPV6_MAX) {
5945 return OFPERR_OFPBAC_BAD_ARGUMENT;
5946 }
5947
5948 if (range_present & NX_NAT_RANGE_PROTO_MIN) {
5949 ovs_be16 proto;
5950
5951 if (nat->range_af == AF_UNSPEC) {
5952 return OFPERR_OFPBAC_BAD_ARGUMENT;
5953 }
5954 if (!NX_NAT_GET_OPT(&proto, opts, len, ovs_be16) || proto == 0) {
5955 return OFPERR_OFPBAC_BAD_ARGUMENT;
5956 }
5957 nat->range.proto.min = ntohs(proto);
5958 if (range_present & NX_NAT_RANGE_PROTO_MAX) {
5959 if (!NX_NAT_GET_OPT(&proto, opts, len, ovs_be16)) {
5960 return OFPERR_OFPBAC_BAD_ARGUMENT;
5961 }
5962 nat->range.proto.max = ntohs(proto);
5963 if (nat->range.proto.max < nat->range.proto.min) {
5964 return OFPERR_OFPBAC_BAD_ARGUMENT;
5965 }
5966 }
5967 } else if (range_present & NX_NAT_RANGE_PROTO_MAX) {
5968 return OFPERR_OFPBAC_BAD_ARGUMENT;
5969 }
5970
5971 return 0;
5972 }
5973
5974 static void
5975 format_NAT(const struct ofpact_nat *a, struct ds *ds)
5976 {
5977 ds_put_format(ds, "%snat%s", colors.paren, colors.end);
5978
5979 if (a->flags & (NX_NAT_F_SRC | NX_NAT_F_DST)) {
5980 ds_put_format(ds, "%s(%s", colors.paren, colors.end);
5981 ds_put_format(ds, a->flags & NX_NAT_F_SRC ? "%ssrc%s" : "%sdst%s",
5982 colors.param, colors.end);
5983
5984 if (a->range_af != AF_UNSPEC) {
5985 ds_put_format(ds, "%s=%s", colors.param, colors.end);
5986
5987 if (a->range_af == AF_INET) {
5988 ds_put_format(ds, IP_FMT, IP_ARGS(a->range.addr.ipv4.min));
5989
5990 if (a->range.addr.ipv4.max
5991 && a->range.addr.ipv4.max != a->range.addr.ipv4.min) {
5992 ds_put_format(ds, "-"IP_FMT,
5993 IP_ARGS(a->range.addr.ipv4.max));
5994 }
5995 } else if (a->range_af == AF_INET6) {
5996 ipv6_format_addr_bracket(&a->range.addr.ipv6.min, ds,
5997 a->range.proto.min);
5998
5999 if (!ipv6_mask_is_any(&a->range.addr.ipv6.max)
6000 && memcmp(&a->range.addr.ipv6.max, &a->range.addr.ipv6.min,
6001 sizeof(struct in6_addr)) != 0) {
6002 ds_put_char(ds, '-');
6003 ipv6_format_addr_bracket(&a->range.addr.ipv6.max, ds,
6004 a->range.proto.min);
6005 }
6006 }
6007 if (a->range.proto.min) {
6008 ds_put_char(ds, ':');
6009 ds_put_format(ds, "%"PRIu16, a->range.proto.min);
6010
6011 if (a->range.proto.max
6012 && a->range.proto.max != a->range.proto.min) {
6013 ds_put_format(ds, "-%"PRIu16, a->range.proto.max);
6014 }
6015 }
6016 ds_put_char(ds, ',');
6017
6018 if (a->flags & NX_NAT_F_PERSISTENT) {
6019 ds_put_format(ds, "%spersistent%s,",
6020 colors.value, colors.end);
6021 }
6022 if (a->flags & NX_NAT_F_PROTO_HASH) {
6023 ds_put_format(ds, "%shash%s,", colors.value, colors.end);
6024 }
6025 if (a->flags & NX_NAT_F_PROTO_RANDOM) {
6026 ds_put_format(ds, "%srandom%s,", colors.value, colors.end);
6027 }
6028 }
6029 ds_chomp(ds, ',');
6030 ds_put_format(ds, "%s)%s", colors.paren, colors.end);
6031 }
6032 }
6033
6034 static char * OVS_WARN_UNUSED_RESULT
6035 str_to_nat_range(const char *s, struct ofpact_nat *on)
6036 {
6037 char ipv6_s[IPV6_SCAN_LEN + 1];
6038 int n = 0;
6039
6040 on->range_af = AF_UNSPEC;
6041 if (ovs_scan_len(s, &n, IP_SCAN_FMT,
6042 IP_SCAN_ARGS(&on->range.addr.ipv4.min))) {
6043 on->range_af = AF_INET;
6044
6045 if (s[n] == '-') {
6046 n++;
6047 if (!ovs_scan_len(s, &n, IP_SCAN_FMT,
6048 IP_SCAN_ARGS(&on->range.addr.ipv4.max))
6049 || (ntohl(on->range.addr.ipv4.max)
6050 < ntohl(on->range.addr.ipv4.min))) {
6051 goto error;
6052 }
6053 }
6054 } else if ((ovs_scan_len(s, &n, IPV6_SCAN_FMT, ipv6_s)
6055 || ovs_scan_len(s, &n, "["IPV6_SCAN_FMT"]", ipv6_s))
6056 && inet_pton(AF_INET6, ipv6_s, &on->range.addr.ipv6.min) == 1) {
6057 on->range_af = AF_INET6;
6058
6059 if (s[n] == '-') {
6060 n++;
6061 if (!(ovs_scan_len(s, &n, IPV6_SCAN_FMT, ipv6_s)
6062 || ovs_scan_len(s, &n, "["IPV6_SCAN_FMT"]", ipv6_s))
6063 || inet_pton(AF_INET6, ipv6_s, &on->range.addr.ipv6.max) != 1
6064 || memcmp(&on->range.addr.ipv6.max, &on->range.addr.ipv6.min,
6065 sizeof on->range.addr.ipv6.max) < 0) {
6066 goto error;
6067 }
6068 }
6069 }
6070 if (on->range_af != AF_UNSPEC && s[n] == ':') {
6071 n++;
6072 if (!ovs_scan_len(s, &n, "%"SCNu16, &on->range.proto.min)) {
6073 goto error;
6074 }
6075 if (s[n] == '-') {
6076 n++;
6077 if (!ovs_scan_len(s, &n, "%"SCNu16, &on->range.proto.max)
6078 || on->range.proto.max < on->range.proto.min) {
6079 goto error;
6080 }
6081 }
6082 }
6083 if (strlen(s) != n) {
6084 return xasprintf("garbage (%s) after nat range \"%s\" (pos: %d)",
6085 &s[n], s, n);
6086 }
6087 return NULL;
6088 error:
6089 return xasprintf("invalid nat range \"%s\"", s);
6090 }
6091
6092
6093 /* Parses 'arg' as the argument to a "nat" action, and appends such an
6094 * action to 'ofpacts'.
6095 *
6096 * Returns NULL if successful, otherwise a malloc()'d string describing the
6097 * error. The caller is responsible for freeing the returned string. */
6098 static char * OVS_WARN_UNUSED_RESULT
6099 parse_NAT(char *arg, struct ofpbuf *ofpacts,
6100 enum ofputil_protocol *usable_protocols OVS_UNUSED)
6101 {
6102 struct ofpact_nat *on = ofpact_put_NAT(ofpacts);
6103 char *key, *value;
6104
6105 on->flags = 0;
6106 on->range_af = AF_UNSPEC;
6107
6108 while (ofputil_parse_key_value(&arg, &key, &value)) {
6109 char *error = NULL;
6110
6111 if (!strcmp(key, "src")) {
6112 on->flags |= NX_NAT_F_SRC;
6113 error = str_to_nat_range(value, on);
6114 } else if (!strcmp(key, "dst")) {
6115 on->flags |= NX_NAT_F_DST;
6116 error = str_to_nat_range(value, on);
6117 } else if (!strcmp(key, "persistent")) {
6118 on->flags |= NX_NAT_F_PERSISTENT;
6119 } else if (!strcmp(key, "hash")) {
6120 on->flags |= NX_NAT_F_PROTO_HASH;
6121 } else if (!strcmp(key, "random")) {
6122 on->flags |= NX_NAT_F_PROTO_RANDOM;
6123 } else {
6124 error = xasprintf("invalid key \"%s\" in \"nat\" argument",
6125 key);
6126 }
6127 if (error) {
6128 return error;
6129 }
6130 }
6131 if (on->flags & NX_NAT_F_SRC && on->flags & NX_NAT_F_DST) {
6132 return xasprintf("May only specify one of \"src\" or \"dst\".");
6133 }
6134 if (!(on->flags & NX_NAT_F_SRC || on->flags & NX_NAT_F_DST)) {
6135 if (on->flags) {
6136 return xasprintf("Flags allowed only with \"src\" or \"dst\".");
6137 }
6138 if (on->range_af != AF_UNSPEC) {
6139 return xasprintf("Range allowed only with \"src\" or \"dst\".");
6140 }
6141 }
6142 if (on->flags & NX_NAT_F_PROTO_HASH && on->flags & NX_NAT_F_PROTO_RANDOM) {
6143 return xasprintf("Both \"hash\" and \"random\" are not allowed.");
6144 }
6145
6146 return NULL;
6147 }
6148
6149 /* Truncate output action. */
6150 struct nx_action_output_trunc {
6151 ovs_be16 type; /* OFPAT_VENDOR. */
6152 ovs_be16 len; /* At least 16. */
6153 ovs_be32 vendor; /* NX_VENDOR_ID. */
6154 ovs_be16 subtype; /* NXAST_OUTPUT_TRUNC. */
6155 ovs_be16 port; /* Output port */
6156 ovs_be32 max_len; /* Truncate packet to size bytes */
6157 };
6158 OFP_ASSERT(sizeof(struct nx_action_output_trunc) == 16);
6159
6160 static enum ofperr
6161 decode_NXAST_RAW_OUTPUT_TRUNC(const struct nx_action_output_trunc *natrc,
6162 enum ofp_version ofp_version OVS_UNUSED,
6163 struct ofpbuf *out)
6164 {
6165 struct ofpact_output_trunc *output_trunc;
6166
6167 output_trunc = ofpact_put_OUTPUT_TRUNC(out);
6168 output_trunc->max_len = ntohl(natrc->max_len);
6169 output_trunc->port = u16_to_ofp(ntohs(natrc->port));
6170
6171 if (output_trunc->max_len < ETH_HEADER_LEN) {
6172 return OFPERR_OFPBAC_BAD_ARGUMENT;
6173 }
6174 return 0;
6175 }
6176
6177 static void
6178 encode_OUTPUT_TRUNC(const struct ofpact_output_trunc *output_trunc,
6179 enum ofp_version ofp_version OVS_UNUSED,
6180 struct ofpbuf *out)
6181 {
6182 struct nx_action_output_trunc *natrc = put_NXAST_OUTPUT_TRUNC(out);
6183
6184 natrc->max_len = htonl(output_trunc->max_len);
6185 natrc->port = htons(ofp_to_u16(output_trunc->port));
6186 }
6187
6188 static char * OVS_WARN_UNUSED_RESULT
6189 parse_OUTPUT_TRUNC(const char *arg, struct ofpbuf *ofpacts OVS_UNUSED,
6190 enum ofputil_protocol *usable_protocols OVS_UNUSED)
6191 {
6192 /* Disable output_trunc parsing. Expose as output(port=N,max_len=M) and
6193 * reuse parse_OUTPUT to parse output_trunc action. */
6194 return xasprintf("unknown action %s", arg);
6195 }
6196
6197 static void
6198 format_OUTPUT_TRUNC(const struct ofpact_output_trunc *a, struct ds *s)
6199 {
6200 ds_put_format(s, "%soutput%s(port=%"PRIu32",max_len=%"PRIu32")",
6201 colors.special, colors.end, a->port, a->max_len);
6202 }
6203
6204 \f
6205 /* Meter instruction. */
6206
6207 static void
6208 encode_METER(const struct ofpact_meter *meter,
6209 enum ofp_version ofp_version, struct ofpbuf *out)
6210 {
6211 if (ofp_version >= OFP13_VERSION) {
6212 instruction_put_OFPIT13_METER(out)->meter_id = htonl(meter->meter_id);
6213 }
6214 }
6215
6216 static char * OVS_WARN_UNUSED_RESULT
6217 parse_METER(char *arg, struct ofpbuf *ofpacts,
6218 enum ofputil_protocol *usable_protocols)
6219 {
6220 *usable_protocols &= OFPUTIL_P_OF13_UP;
6221 return str_to_u32(arg, &ofpact_put_METER(ofpacts)->meter_id);
6222 }
6223
6224 static void
6225 format_METER(const struct ofpact_meter *a, struct ds *s)
6226 {
6227 ds_put_format(s, "%smeter:%s%"PRIu32,
6228 colors.param, colors.end, a->meter_id);
6229 }
6230 \f
6231 /* Clear-Actions instruction. */
6232
6233 static void
6234 encode_CLEAR_ACTIONS(const struct ofpact_null *null OVS_UNUSED,
6235 enum ofp_version ofp_version OVS_UNUSED,
6236 struct ofpbuf *out OVS_UNUSED)
6237 {
6238 if (ofp_version > OFP10_VERSION) {
6239 instruction_put_OFPIT11_CLEAR_ACTIONS(out);
6240 }
6241 }
6242
6243 static char * OVS_WARN_UNUSED_RESULT
6244 parse_CLEAR_ACTIONS(char *arg OVS_UNUSED, struct ofpbuf *ofpacts,
6245 enum ofputil_protocol *usable_protocols OVS_UNUSED)
6246 {
6247 ofpact_put_CLEAR_ACTIONS(ofpacts);
6248 return NULL;
6249 }
6250
6251 static void
6252 format_CLEAR_ACTIONS(const struct ofpact_null *a OVS_UNUSED, struct ds *s)
6253 {
6254 ds_put_format(s, "%sclear_actions%s", colors.value, colors.end);
6255 }
6256 \f
6257 /* Write-Actions instruction. */
6258
6259 static void
6260 encode_WRITE_ACTIONS(const struct ofpact_nest *actions,
6261 enum ofp_version ofp_version, struct ofpbuf *out)
6262 {
6263 if (ofp_version > OFP10_VERSION) {
6264 const size_t ofs = out->size;
6265
6266 instruction_put_OFPIT11_WRITE_ACTIONS(out);
6267 ofpacts_put_openflow_actions(actions->actions,
6268 ofpact_nest_get_action_len(actions),
6269 out, ofp_version);
6270 ofpacts_update_instruction_actions(out, ofs);
6271 }
6272 }
6273
6274 static char * OVS_WARN_UNUSED_RESULT
6275 parse_WRITE_ACTIONS(char *arg, struct ofpbuf *ofpacts,
6276 enum ofputil_protocol *usable_protocols)
6277 {
6278 size_t ofs = ofpacts_pull(ofpacts);
6279 struct ofpact_nest *on;
6280 char *error;
6281
6282 /* Add a Write-Actions instruction and then pull it off. */
6283 ofpact_put(ofpacts, OFPACT_WRITE_ACTIONS, sizeof *on);
6284 ofpbuf_pull(ofpacts, sizeof *on);
6285
6286 /* Parse nested actions.
6287 *
6288 * We pulled off "write-actions" and the previous actions because the
6289 * OFPACT_WRITE_ACTIONS is only partially constructed: its length is such
6290 * that it doesn't actually include the nested actions. That means that
6291 * ofpacts_parse() would reject them as being part of an Apply-Actions that
6292 * follows a Write-Actions, which is an invalid order. */
6293 error = ofpacts_parse(arg, ofpacts, usable_protocols, false,
6294 OFPACT_WRITE_ACTIONS);
6295
6296 /* Put the Write-Actions back on and update its length. */
6297 on = ofpbuf_push_uninit(ofpacts, sizeof *on);
6298 on->ofpact.len = ofpacts->size;
6299
6300 /* Put any previous actions or instructions back on. */
6301 ofpbuf_push_uninit(ofpacts, ofs);
6302
6303 return error;
6304 }
6305
6306 static void
6307 format_WRITE_ACTIONS(const struct ofpact_nest *a, struct ds *s)
6308 {
6309 ds_put_format(s, "%swrite_actions(%s", colors.paren, colors.end);
6310 ofpacts_format(a->actions, ofpact_nest_get_action_len(a), s);
6311 ds_put_format(s, "%s)%s", colors.paren, colors.end);
6312 }
6313 \f
6314 /* Action structure for NXAST_WRITE_METADATA.
6315 *
6316 * Modifies the 'mask' bits of the metadata value. */
6317 struct nx_action_write_metadata {
6318 ovs_be16 type; /* OFPAT_VENDOR. */
6319 ovs_be16 len; /* Length is 32. */
6320 ovs_be32 vendor; /* NX_VENDOR_ID. */
6321 ovs_be16 subtype; /* NXAST_WRITE_METADATA. */
6322 uint8_t zeros[6]; /* Must be zero. */
6323 ovs_be64 metadata; /* Metadata register. */
6324 ovs_be64 mask; /* Metadata mask. */
6325 };
6326 OFP_ASSERT(sizeof(struct nx_action_write_metadata) == 32);
6327
6328 static enum ofperr
6329 decode_NXAST_RAW_WRITE_METADATA(const struct nx_action_write_metadata *nawm,
6330 enum ofp_version ofp_version OVS_UNUSED,
6331 struct ofpbuf *out)
6332 {
6333 struct ofpact_metadata *om;
6334
6335 if (!is_all_zeros(nawm->zeros, sizeof nawm->zeros)) {
6336 return OFPERR_NXBRC_MUST_BE_ZERO;
6337 }
6338
6339 om = ofpact_put_WRITE_METADATA(out);
6340 om->metadata = nawm->metadata;
6341 om->mask = nawm->mask;
6342
6343 return 0;
6344 }
6345
6346 static void
6347 encode_WRITE_METADATA(const struct ofpact_metadata *metadata,
6348 enum ofp_version ofp_version, struct ofpbuf *out)
6349 {
6350 if (ofp_version == OFP10_VERSION) {
6351 struct nx_action_write_metadata *nawm;
6352
6353 nawm = put_NXAST_WRITE_METADATA(out);
6354 nawm->metadata = metadata->metadata;
6355 nawm->mask = metadata->mask;
6356 } else {
6357 struct ofp11_instruction_write_metadata *oiwm;
6358
6359 oiwm = instruction_put_OFPIT11_WRITE_METADATA(out);
6360 oiwm->metadata = metadata->metadata;
6361 oiwm->metadata_mask = metadata->mask;
6362 }
6363 }
6364
6365 static char * OVS_WARN_UNUSED_RESULT
6366 parse_WRITE_METADATA(char *arg, struct ofpbuf *ofpacts,
6367 enum ofputil_protocol *usable_protocols)
6368 {
6369 struct ofpact_metadata *om;
6370 char *mask = strchr(arg, '/');
6371
6372 *usable_protocols &= OFPUTIL_P_NXM_OF11_UP;
6373
6374 om = ofpact_put_WRITE_METADATA(ofpacts);
6375 if (mask) {
6376 char *error;
6377
6378 *mask = '\0';
6379 error = str_to_be64(mask + 1, &om->mask);
6380 if (error) {
6381 return error;
6382 }
6383 } else {
6384 om->mask = OVS_BE64_MAX;
6385 }
6386
6387 return str_to_be64(arg, &om->metadata);
6388 }
6389
6390 static void
6391 format_WRITE_METADATA(const struct ofpact_metadata *a, struct ds *s)
6392 {
6393 ds_put_format(s, "%swrite_metadata:%s%#"PRIx64,
6394 colors.param, colors.end, ntohll(a->metadata));
6395 if (a->mask != OVS_BE64_MAX) {
6396 ds_put_format(s, "/%#"PRIx64, ntohll(a->mask));
6397 }
6398 }
6399 \f
6400 /* Goto-Table instruction. */
6401
6402 static void
6403 encode_GOTO_TABLE(const struct ofpact_goto_table *goto_table,
6404 enum ofp_version ofp_version, struct ofpbuf *out)
6405 {
6406 if (ofp_version == OFP10_VERSION) {
6407 struct nx_action_resubmit *nar;
6408
6409 nar = put_NXAST_RESUBMIT_TABLE(out);
6410 nar->table = goto_table->table_id;
6411 nar->in_port = htons(ofp_to_u16(OFPP_IN_PORT));
6412 } else {
6413 struct ofp11_instruction_goto_table *oigt;
6414
6415 oigt = instruction_put_OFPIT11_GOTO_TABLE(out);
6416 oigt->table_id = goto_table->table_id;
6417 memset(oigt->pad, 0, sizeof oigt->pad);
6418 }
6419 }
6420
6421 static char * OVS_WARN_UNUSED_RESULT
6422 parse_GOTO_TABLE(char *arg, struct ofpbuf *ofpacts,
6423 enum ofputil_protocol *usable_protocols OVS_UNUSED)
6424 {
6425 struct ofpact_goto_table *ogt = ofpact_put_GOTO_TABLE(ofpacts);
6426 char *table_s = strsep(&arg, ",");
6427 if (!table_s || !table_s[0]) {
6428 return xstrdup("instruction goto-table needs table id");
6429 }
6430 return str_to_u8(table_s, "table", &ogt->table_id);
6431 }
6432
6433 static void
6434 format_GOTO_TABLE(const struct ofpact_goto_table *a, struct ds *s)
6435 {
6436 ds_put_format(s, "%sgoto_table:%s%"PRIu8,
6437 colors.param, colors.end, a->table_id);
6438 }
6439 \f
6440 static void
6441 log_bad_action(const struct ofp_action_header *actions, size_t actions_len,
6442 const struct ofp_action_header *bad_action, enum ofperr error)
6443 {
6444 if (!VLOG_DROP_WARN(&rl)) {
6445 struct ds s;
6446
6447 ds_init(&s);
6448 ds_put_hex_dump(&s, actions, actions_len, 0, false);
6449 VLOG_WARN("bad action at offset %#"PRIxPTR" (%s):\n%s",
6450 (char *)bad_action - (char *)actions,
6451 ofperr_get_name(error), ds_cstr(&s));
6452 ds_destroy(&s);
6453 }
6454 }
6455
6456 static enum ofperr
6457 ofpacts_decode(const void *actions, size_t actions_len,
6458 enum ofp_version ofp_version,
6459 const struct vl_mff_map *vl_mff_map,
6460 uint64_t *ofpacts_tlv_bitmap, struct ofpbuf *ofpacts)
6461 {
6462 struct ofpbuf openflow = ofpbuf_const_initializer(actions, actions_len);
6463 while (openflow.size) {
6464 const struct ofp_action_header *action = openflow.data;
6465 enum ofp_raw_action_type raw;
6466 enum ofperr error;
6467 uint64_t arg;
6468
6469 error = ofpact_pull_raw(&openflow, ofp_version, &raw, &arg);
6470 if (!error) {
6471 error = ofpact_decode(action, raw, ofp_version, arg, vl_mff_map,
6472 ofpacts_tlv_bitmap, ofpacts);
6473 }
6474
6475 if (error) {
6476 log_bad_action(actions, actions_len, action, error);
6477 return error;
6478 }
6479 }
6480 return 0;
6481 }
6482
6483 static enum ofperr
6484 ofpacts_pull_openflow_actions__(struct ofpbuf *openflow,
6485 unsigned int actions_len,
6486 enum ofp_version version,
6487 uint32_t allowed_ovsinsts,
6488 struct ofpbuf *ofpacts,
6489 enum ofpact_type outer_action,
6490 const struct vl_mff_map *vl_mff_map,
6491 uint64_t *ofpacts_tlv_bitmap)
6492 {
6493 const struct ofp_action_header *actions;
6494 size_t orig_size = ofpacts->size;
6495 enum ofperr error;
6496
6497 if (actions_len % OFP_ACTION_ALIGN != 0) {
6498 VLOG_WARN_RL(&rl, "OpenFlow message actions length %u is not a "
6499 "multiple of %d", actions_len, OFP_ACTION_ALIGN);
6500 return OFPERR_OFPBRC_BAD_LEN;
6501 }
6502
6503 actions = ofpbuf_try_pull(openflow, actions_len);
6504 if (actions == NULL) {
6505 VLOG_WARN_RL(&rl, "OpenFlow message actions length %u exceeds "
6506 "remaining message length (%"PRIu32")",
6507 actions_len, openflow->size);
6508 return OFPERR_OFPBRC_BAD_LEN;
6509 }
6510
6511 error = ofpacts_decode(actions, actions_len, version, vl_mff_map,
6512 ofpacts_tlv_bitmap, ofpacts);
6513 if (error) {
6514 ofpacts->size = orig_size;
6515 return error;
6516 }
6517
6518 error = ofpacts_verify(ofpacts->data, ofpacts->size, allowed_ovsinsts,
6519 outer_action);
6520 if (error) {
6521 ofpacts->size = orig_size;
6522 }
6523 return error;
6524 }
6525
6526 /* Attempts to convert 'actions_len' bytes of OpenFlow actions from the front
6527 * of 'openflow' into ofpacts. On success, appends the converted actions to
6528 * 'ofpacts'; on failure, 'ofpacts' is unchanged (but might be reallocated) .
6529 * Returns 0 if successful, otherwise an OpenFlow error.
6530 *
6531 * Actions are processed according to their OpenFlow version which
6532 * is provided in the 'version' parameter.
6533 *
6534 * In most places in OpenFlow, actions appear encapsulated in instructions, so
6535 * you should call ofpacts_pull_openflow_instructions() instead of this
6536 * function.
6537 *
6538 * 'vl_mff_map' and 'ofpacts_tlv_bitmap' are optional. If 'vl_mff_map' is
6539 * provided, it is used to get variable length mf_fields with configured
6540 * length in the actions. If an action uses a variable length mf_field,
6541 * 'ofpacts_tlv_bitmap' is updated accordingly for ref counting. If
6542 * 'vl_mff_map' is not provided, the default mf_fields with maximum length
6543 * will be used.
6544 *
6545 * The parsed actions are valid generically, but they may not be valid in a
6546 * specific context. For example, port numbers up to OFPP_MAX are valid
6547 * generically, but specific datapaths may only support port numbers in a
6548 * smaller range. Use ofpacts_check() to additional check whether actions are
6549 * valid in a specific context. */
6550 enum ofperr
6551 ofpacts_pull_openflow_actions(struct ofpbuf *openflow,
6552 unsigned int actions_len,
6553 enum ofp_version version,
6554 const struct vl_mff_map *vl_mff_map,
6555 uint64_t *ofpacts_tlv_bitmap,
6556 struct ofpbuf *ofpacts)
6557 {
6558 return ofpacts_pull_openflow_actions__(openflow, actions_len, version,
6559 1u << OVSINST_OFPIT11_APPLY_ACTIONS,
6560 ofpacts, 0, vl_mff_map,
6561 ofpacts_tlv_bitmap);
6562 }
6563 \f
6564 /* OpenFlow 1.1 actions. */
6565
6566
6567 /* True if an action sets the value of a field
6568 * in a way that is compatibile with the action set.
6569 * The field can be set via either a set or a move action.
6570 * False otherwise. */
6571 static bool
6572 ofpact_is_set_or_move_action(const struct ofpact *a)
6573 {
6574 switch (a->type) {
6575 case OFPACT_SET_FIELD:
6576 case OFPACT_REG_MOVE:
6577 case OFPACT_SET_ETH_DST:
6578 case OFPACT_SET_ETH_SRC:
6579 case OFPACT_SET_IP_DSCP:
6580 case OFPACT_SET_IP_ECN:
6581 case OFPACT_SET_IP_TTL:
6582 case OFPACT_SET_IPV4_DST:
6583 case OFPACT_SET_IPV4_SRC:
6584 case OFPACT_SET_L4_DST_PORT:
6585 case OFPACT_SET_L4_SRC_PORT:
6586 case OFPACT_SET_MPLS_LABEL:
6587 case OFPACT_SET_MPLS_TC:
6588 case OFPACT_SET_MPLS_TTL:
6589 case OFPACT_SET_QUEUE:
6590 case OFPACT_SET_TUNNEL:
6591 case OFPACT_SET_VLAN_PCP:
6592 case OFPACT_SET_VLAN_VID:
6593 return true;
6594 case OFPACT_BUNDLE:
6595 case OFPACT_CLEAR_ACTIONS:
6596 case OFPACT_CT:
6597 case OFPACT_CT_CLEAR:
6598 case OFPACT_CLONE:
6599 case OFPACT_NAT:
6600 case OFPACT_CONTROLLER:
6601 case OFPACT_DEC_MPLS_TTL:
6602 case OFPACT_DEC_TTL:
6603 case OFPACT_ENQUEUE:
6604 case OFPACT_EXIT:
6605 case OFPACT_UNROLL_XLATE:
6606 case OFPACT_FIN_TIMEOUT:
6607 case OFPACT_GOTO_TABLE:
6608 case OFPACT_GROUP:
6609 case OFPACT_LEARN:
6610 case OFPACT_CONJUNCTION:
6611 case OFPACT_METER:
6612 case OFPACT_MULTIPATH:
6613 case OFPACT_NOTE:
6614 case OFPACT_OUTPUT:
6615 case OFPACT_OUTPUT_REG:
6616 case OFPACT_OUTPUT_TRUNC:
6617 case OFPACT_POP_MPLS:
6618 case OFPACT_POP_QUEUE:
6619 case OFPACT_PUSH_MPLS:
6620 case OFPACT_PUSH_VLAN:
6621 case OFPACT_RESUBMIT:
6622 case OFPACT_SAMPLE:
6623 case OFPACT_STACK_POP:
6624 case OFPACT_STACK_PUSH:
6625 case OFPACT_STRIP_VLAN:
6626 case OFPACT_WRITE_ACTIONS:
6627 case OFPACT_WRITE_METADATA:
6628 case OFPACT_DEBUG_RECIRC:
6629 return false;
6630 default:
6631 OVS_NOT_REACHED();
6632 }
6633 }
6634
6635 /* True if an action is allowed in the action set.
6636 * False otherwise. */
6637 static bool
6638 ofpact_is_allowed_in_actions_set(const struct ofpact *a)
6639 {
6640 switch (a->type) {
6641 case OFPACT_DEC_MPLS_TTL:
6642 case OFPACT_DEC_TTL:
6643 case OFPACT_GROUP:
6644 case OFPACT_OUTPUT:
6645 case OFPACT_OUTPUT_TRUNC:
6646 case OFPACT_POP_MPLS:
6647 case OFPACT_PUSH_MPLS:
6648 case OFPACT_PUSH_VLAN:
6649 case OFPACT_REG_MOVE:
6650 case OFPACT_SET_FIELD:
6651 case OFPACT_SET_ETH_DST:
6652 case OFPACT_SET_ETH_SRC:
6653 case OFPACT_SET_IP_DSCP:
6654 case OFPACT_SET_IP_ECN:
6655 case OFPACT_SET_IP_TTL:
6656 case OFPACT_SET_IPV4_DST:
6657 case OFPACT_SET_IPV4_SRC:
6658 case OFPACT_SET_L4_DST_PORT:
6659 case OFPACT_SET_L4_SRC_PORT:
6660 case OFPACT_SET_MPLS_LABEL:
6661 case OFPACT_SET_MPLS_TC:
6662 case OFPACT_SET_MPLS_TTL:
6663 case OFPACT_SET_QUEUE:
6664 case OFPACT_SET_TUNNEL:
6665 case OFPACT_SET_VLAN_PCP:
6666 case OFPACT_SET_VLAN_VID:
6667 case OFPACT_STRIP_VLAN:
6668 return true;
6669
6670 /* In general these actions are excluded because they are not part of
6671 * the OpenFlow specification nor map to actions that are defined in
6672 * the specification. Thus the order in which they should be applied
6673 * in the action set is undefined. */
6674 case OFPACT_BUNDLE:
6675 case OFPACT_CLONE:
6676 case OFPACT_CONTROLLER:
6677 case OFPACT_CT:
6678 case OFPACT_CT_CLEAR:
6679 case OFPACT_NAT:
6680 case OFPACT_ENQUEUE:
6681 case OFPACT_EXIT:
6682 case OFPACT_UNROLL_XLATE:
6683 case OFPACT_FIN_TIMEOUT:
6684 case OFPACT_LEARN:
6685 case OFPACT_CONJUNCTION:
6686 case OFPACT_MULTIPATH:
6687 case OFPACT_NOTE:
6688 case OFPACT_OUTPUT_REG:
6689 case OFPACT_POP_QUEUE:
6690 case OFPACT_RESUBMIT:
6691 case OFPACT_SAMPLE:
6692 case OFPACT_STACK_POP:
6693 case OFPACT_STACK_PUSH:
6694 case OFPACT_DEBUG_RECIRC:
6695
6696 /* The action set may only include actions and thus
6697 * may not include any instructions */
6698 case OFPACT_CLEAR_ACTIONS:
6699 case OFPACT_GOTO_TABLE:
6700 case OFPACT_METER:
6701 case OFPACT_WRITE_ACTIONS:
6702 case OFPACT_WRITE_METADATA:
6703 return false;
6704 default:
6705 OVS_NOT_REACHED();
6706 }
6707 }
6708
6709 /* Append ofpact 'a' onto the tail of 'out' */
6710 static void
6711 ofpact_copy(struct ofpbuf *out, const struct ofpact *a)
6712 {
6713 ofpbuf_put(out, a, OFPACT_ALIGN(a->len));
6714 }
6715
6716 /* Copies the last ofpact whose type is 'filter' from 'in' to 'out'. */
6717 static bool
6718 ofpacts_copy_last(struct ofpbuf *out, const struct ofpbuf *in,
6719 enum ofpact_type filter)
6720 {
6721 const struct ofpact *target;
6722 const struct ofpact *a;
6723
6724 target = NULL;
6725 OFPACT_FOR_EACH (a, in->data, in->size) {
6726 if (a->type == filter) {
6727 target = a;
6728 }
6729 }
6730 if (target) {
6731 ofpact_copy(out, target);
6732 }
6733 return target != NULL;
6734 }
6735
6736 /* Append all ofpacts, for which 'filter' returns true, from 'in' to 'out'.
6737 * The order of appended ofpacts is preserved between 'in' and 'out' */
6738 static void
6739 ofpacts_copy_all(struct ofpbuf *out, const struct ofpbuf *in,
6740 bool (*filter)(const struct ofpact *))
6741 {
6742 const struct ofpact *a;
6743
6744 OFPACT_FOR_EACH (a, in->data, in->size) {
6745 if (filter(a)) {
6746 ofpact_copy(out, a);
6747 }
6748 }
6749 }
6750
6751 /* Reads 'action_set', which contains ofpacts accumulated by
6752 * OFPACT_WRITE_ACTIONS instructions, and writes equivalent actions to be
6753 * executed directly into 'action_list'. (These names correspond to the
6754 * "Action Set" and "Action List" terms used in OpenFlow 1.1+.)
6755 *
6756 * In general this involves appending the last instance of each action that is
6757 * admissible in the action set in the order described in the OpenFlow
6758 * specification.
6759 *
6760 * Exceptions:
6761 * + output action is only appended if no group action was present in 'in'.
6762 * + As a simplification all set actions are copied in the order the are
6763 * provided in 'in' as many set actions applied to a field has the same
6764 * affect as only applying the last action that sets a field and
6765 * duplicates are removed by do_xlate_actions().
6766 * This has an unwanted side-effect of compsoting multiple
6767 * LOAD_REG actions that touch different regions of the same field. */
6768 void
6769 ofpacts_execute_action_set(struct ofpbuf *action_list,
6770 const struct ofpbuf *action_set)
6771 {
6772 /* The OpenFlow spec "Action Set" section specifies this order. */
6773 ofpacts_copy_last(action_list, action_set, OFPACT_STRIP_VLAN);
6774 ofpacts_copy_last(action_list, action_set, OFPACT_POP_MPLS);
6775 ofpacts_copy_last(action_list, action_set, OFPACT_PUSH_MPLS);
6776 ofpacts_copy_last(action_list, action_set, OFPACT_PUSH_VLAN);
6777 ofpacts_copy_last(action_list, action_set, OFPACT_DEC_TTL);
6778 ofpacts_copy_last(action_list, action_set, OFPACT_DEC_MPLS_TTL);
6779 ofpacts_copy_all(action_list, action_set, ofpact_is_set_or_move_action);
6780 ofpacts_copy_last(action_list, action_set, OFPACT_SET_QUEUE);
6781
6782 /* If both OFPACT_GROUP and OFPACT_OUTPUT are present, OpenFlow says that
6783 * we should execute only OFPACT_GROUP.
6784 *
6785 * If neither OFPACT_GROUP nor OFPACT_OUTPUT is present, then we can drop
6786 * all the actions because there's no point in modifying a packet that will
6787 * not be sent anywhere. */
6788 if (!ofpacts_copy_last(action_list, action_set, OFPACT_GROUP) &&
6789 !ofpacts_copy_last(action_list, action_set, OFPACT_OUTPUT) &&
6790 !ofpacts_copy_last(action_list, action_set, OFPACT_RESUBMIT) &&
6791 !ofpacts_copy_last(action_list, action_set, OFPACT_CT)) {
6792 ofpbuf_clear(action_list);
6793 }
6794 }
6795
6796
6797 static enum ofperr
6798 ofpacts_decode_for_action_set(const struct ofp_action_header *in,
6799 size_t n_in, enum ofp_version version,
6800 const struct vl_mff_map *vl_mff_map,
6801 uint64_t *ofpacts_tlv_bitmap,
6802 struct ofpbuf *out)
6803 {
6804 enum ofperr error;
6805 struct ofpact *a;
6806 size_t start = out->size;
6807
6808 error = ofpacts_decode(in, n_in, version, vl_mff_map, ofpacts_tlv_bitmap,
6809 out);
6810
6811 if (error) {
6812 return error;
6813 }
6814
6815 OFPACT_FOR_EACH (a, ofpact_end(out->data, start), out->size - start) {
6816 if (!ofpact_is_allowed_in_actions_set(a)) {
6817 VLOG_WARN_RL(&rl, "disallowed action in action set");
6818 return OFPERR_OFPBAC_BAD_TYPE;
6819 }
6820 }
6821
6822 return 0;
6823 }
6824 \f
6825 /* OpenFlow 1.1 instructions. */
6826
6827 struct instruction_type_info {
6828 enum ovs_instruction_type type;
6829 const char *name;
6830 };
6831
6832 static const struct instruction_type_info inst_info[] = {
6833 #define DEFINE_INST(ENUM, STRUCT, EXTENSIBLE, NAME) {OVSINST_##ENUM, NAME},
6834 OVS_INSTRUCTIONS
6835 #undef DEFINE_INST
6836 };
6837
6838 const char *
6839 ovs_instruction_name_from_type(enum ovs_instruction_type type)
6840 {
6841 return inst_info[type].name;
6842 }
6843
6844 int
6845 ovs_instruction_type_from_name(const char *name)
6846 {
6847 const struct instruction_type_info *p;
6848 for (p = inst_info; p < &inst_info[ARRAY_SIZE(inst_info)]; p++) {
6849 if (!strcasecmp(name, p->name)) {
6850 return p->type;
6851 }
6852 }
6853 return -1;
6854 }
6855
6856 enum ovs_instruction_type
6857 ovs_instruction_type_from_ofpact_type(enum ofpact_type type)
6858 {
6859 switch (type) {
6860 case OFPACT_METER:
6861 return OVSINST_OFPIT13_METER;
6862 case OFPACT_CLEAR_ACTIONS:
6863 return OVSINST_OFPIT11_CLEAR_ACTIONS;
6864 case OFPACT_WRITE_ACTIONS:
6865 return OVSINST_OFPIT11_WRITE_ACTIONS;
6866 case OFPACT_WRITE_METADATA:
6867 return OVSINST_OFPIT11_WRITE_METADATA;
6868 case OFPACT_GOTO_TABLE:
6869 return OVSINST_OFPIT11_GOTO_TABLE;
6870 case OFPACT_OUTPUT:
6871 case OFPACT_GROUP:
6872 case OFPACT_CLONE:
6873 case OFPACT_CONTROLLER:
6874 case OFPACT_ENQUEUE:
6875 case OFPACT_OUTPUT_REG:
6876 case OFPACT_OUTPUT_TRUNC:
6877 case OFPACT_BUNDLE:
6878 case OFPACT_SET_VLAN_VID:
6879 case OFPACT_SET_VLAN_PCP:
6880 case OFPACT_STRIP_VLAN:
6881 case OFPACT_PUSH_VLAN:
6882 case OFPACT_SET_ETH_SRC:
6883 case OFPACT_SET_ETH_DST:
6884 case OFPACT_SET_IPV4_SRC:
6885 case OFPACT_SET_IPV4_DST:
6886 case OFPACT_SET_IP_DSCP:
6887 case OFPACT_SET_IP_ECN:
6888 case OFPACT_SET_IP_TTL:
6889 case OFPACT_SET_L4_SRC_PORT:
6890 case OFPACT_SET_L4_DST_PORT:
6891 case OFPACT_REG_MOVE:
6892 case OFPACT_SET_FIELD:
6893 case OFPACT_STACK_PUSH:
6894 case OFPACT_STACK_POP:
6895 case OFPACT_DEC_TTL:
6896 case OFPACT_SET_MPLS_LABEL:
6897 case OFPACT_SET_MPLS_TC:
6898 case OFPACT_SET_MPLS_TTL:
6899 case OFPACT_DEC_MPLS_TTL:
6900 case OFPACT_PUSH_MPLS:
6901 case OFPACT_POP_MPLS:
6902 case OFPACT_SET_TUNNEL:
6903 case OFPACT_SET_QUEUE:
6904 case OFPACT_POP_QUEUE:
6905 case OFPACT_FIN_TIMEOUT:
6906 case OFPACT_RESUBMIT:
6907 case OFPACT_LEARN:
6908 case OFPACT_CONJUNCTION:
6909 case OFPACT_MULTIPATH:
6910 case OFPACT_NOTE:
6911 case OFPACT_EXIT:
6912 case OFPACT_UNROLL_XLATE:
6913 case OFPACT_SAMPLE:
6914 case OFPACT_DEBUG_RECIRC:
6915 case OFPACT_CT:
6916 case OFPACT_CT_CLEAR:
6917 case OFPACT_NAT:
6918 default:
6919 return OVSINST_OFPIT11_APPLY_ACTIONS;
6920 }
6921 }
6922
6923 enum ofperr
6924 ovs_instruction_type_from_inst_type(enum ovs_instruction_type *instruction_type,
6925 const uint16_t inst_type)
6926 {
6927 switch (inst_type) {
6928
6929 #define DEFINE_INST(ENUM, STRUCT, EXTENSIBLE, NAME) \
6930 case ENUM: \
6931 *instruction_type = OVSINST_##ENUM; \
6932 return 0;
6933 OVS_INSTRUCTIONS
6934 #undef DEFINE_INST
6935
6936 default:
6937 return OFPERR_OFPBIC_UNKNOWN_INST;
6938 }
6939 }
6940
6941 /* Two-way translation between OVS's internal "OVSINST_*" representation of
6942 * instructions and the "OFPIT_*" representation used in OpenFlow. */
6943 struct ovsinst_map {
6944 enum ovs_instruction_type ovsinst; /* Internal name for instruction. */
6945 int ofpit; /* OFPIT_* number from OpenFlow spec. */
6946 };
6947
6948 static const struct ovsinst_map *
6949 get_ovsinst_map(enum ofp_version version)
6950 {
6951 /* OpenFlow 1.1 and 1.2 instructions. */
6952 static const struct ovsinst_map of11[] = {
6953 { OVSINST_OFPIT11_GOTO_TABLE, 1 },
6954 { OVSINST_OFPIT11_WRITE_METADATA, 2 },
6955 { OVSINST_OFPIT11_WRITE_ACTIONS, 3 },
6956 { OVSINST_OFPIT11_APPLY_ACTIONS, 4 },
6957 { OVSINST_OFPIT11_CLEAR_ACTIONS, 5 },
6958 { 0, -1 },
6959 };
6960
6961 /* OpenFlow 1.3+ instructions. */
6962 static const struct ovsinst_map of13[] = {
6963 { OVSINST_OFPIT11_GOTO_TABLE, 1 },
6964 { OVSINST_OFPIT11_WRITE_METADATA, 2 },
6965 { OVSINST_OFPIT11_WRITE_ACTIONS, 3 },
6966 { OVSINST_OFPIT11_APPLY_ACTIONS, 4 },
6967 { OVSINST_OFPIT11_CLEAR_ACTIONS, 5 },
6968 { OVSINST_OFPIT13_METER, 6 },
6969 { 0, -1 },
6970 };
6971
6972 return version < OFP13_VERSION ? of11 : of13;
6973 }
6974
6975 /* Converts 'ovsinst_bitmap', a bitmap whose bits correspond to OVSINST_*
6976 * values, into a bitmap of instructions suitable for OpenFlow 'version'
6977 * (OFP11_VERSION or later), and returns the result. */
6978 ovs_be32
6979 ovsinst_bitmap_to_openflow(uint32_t ovsinst_bitmap, enum ofp_version version)
6980 {
6981 uint32_t ofpit_bitmap = 0;
6982 const struct ovsinst_map *x;
6983
6984 for (x = get_ovsinst_map(version); x->ofpit >= 0; x++) {
6985 if (ovsinst_bitmap & (1u << x->ovsinst)) {
6986 ofpit_bitmap |= 1u << x->ofpit;
6987 }
6988 }
6989 return htonl(ofpit_bitmap);
6990 }
6991
6992 /* Converts 'ofpit_bitmap', a bitmap of instructions from an OpenFlow message
6993 * with the given 'version' (OFP11_VERSION or later) into a bitmap whose bits
6994 * correspond to OVSINST_* values, and returns the result. */
6995 uint32_t
6996 ovsinst_bitmap_from_openflow(ovs_be32 ofpit_bitmap, enum ofp_version version)
6997 {
6998 uint32_t ovsinst_bitmap = 0;
6999 const struct ovsinst_map *x;
7000
7001 for (x = get_ovsinst_map(version); x->ofpit >= 0; x++) {
7002 if (ofpit_bitmap & htonl(1u << x->ofpit)) {
7003 ovsinst_bitmap |= 1u << x->ovsinst;
7004 }
7005 }
7006 return ovsinst_bitmap;
7007 }
7008
7009 static inline struct ofp11_instruction *
7010 instruction_next(const struct ofp11_instruction *inst)
7011 {
7012 return ((struct ofp11_instruction *) (void *)
7013 ((uint8_t *) inst + ntohs(inst->len)));
7014 }
7015
7016 static inline bool
7017 instruction_is_valid(const struct ofp11_instruction *inst,
7018 size_t n_instructions)
7019 {
7020 uint16_t len = ntohs(inst->len);
7021 return (!(len % OFP11_INSTRUCTION_ALIGN)
7022 && len >= sizeof *inst
7023 && len / sizeof *inst <= n_instructions);
7024 }
7025
7026 /* This macro is careful to check for instructions with bad lengths. */
7027 #define INSTRUCTION_FOR_EACH(ITER, LEFT, INSTRUCTIONS, N_INSTRUCTIONS) \
7028 for ((ITER) = (INSTRUCTIONS), (LEFT) = (N_INSTRUCTIONS); \
7029 (LEFT) > 0 && instruction_is_valid(ITER, LEFT); \
7030 ((LEFT) -= (ntohs((ITER)->len) \
7031 / sizeof(struct ofp11_instruction)), \
7032 (ITER) = instruction_next(ITER)))
7033
7034 static enum ofperr
7035 decode_openflow11_instruction(const struct ofp11_instruction *inst,
7036 enum ovs_instruction_type *type)
7037 {
7038 uint16_t len = ntohs(inst->len);
7039
7040 switch (inst->type) {
7041 case CONSTANT_HTONS(OFPIT11_EXPERIMENTER):
7042 return OFPERR_OFPBIC_BAD_EXPERIMENTER;
7043
7044 #define DEFINE_INST(ENUM, STRUCT, EXTENSIBLE, NAME) \
7045 case CONSTANT_HTONS(ENUM): \
7046 if (EXTENSIBLE \
7047 ? len >= sizeof(struct STRUCT) \
7048 : len == sizeof(struct STRUCT)) { \
7049 *type = OVSINST_##ENUM; \
7050 return 0; \
7051 } else { \
7052 return OFPERR_OFPBIC_BAD_LEN; \
7053 }
7054 OVS_INSTRUCTIONS
7055 #undef DEFINE_INST
7056
7057 default:
7058 return OFPERR_OFPBIC_UNKNOWN_INST;
7059 }
7060 }
7061
7062 static enum ofperr
7063 decode_openflow11_instructions(const struct ofp11_instruction insts[],
7064 size_t n_insts,
7065 const struct ofp11_instruction *out[])
7066 {
7067 const struct ofp11_instruction *inst;
7068 size_t left;
7069
7070 memset(out, 0, N_OVS_INSTRUCTIONS * sizeof *out);
7071 INSTRUCTION_FOR_EACH (inst, left, insts, n_insts) {
7072 enum ovs_instruction_type type;
7073 enum ofperr error;
7074
7075 error = decode_openflow11_instruction(inst, &type);
7076 if (error) {
7077 return error;
7078 }
7079
7080 if (out[type]) {
7081 return OFPERR_OFPBIC_DUP_INST;
7082 }
7083 out[type] = inst;
7084 }
7085
7086 if (left) {
7087 VLOG_WARN_RL(&rl, "bad instruction format at offset %"PRIuSIZE,
7088 (n_insts - left) * sizeof *inst);
7089 return OFPERR_OFPBIC_BAD_LEN;
7090 }
7091 return 0;
7092 }
7093
7094 static void
7095 get_actions_from_instruction(const struct ofp11_instruction *inst,
7096 const struct ofp_action_header **actions,
7097 size_t *actions_len)
7098 {
7099 *actions = ALIGNED_CAST(const struct ofp_action_header *, inst + 1);
7100 *actions_len = ntohs(inst->len) - sizeof *inst;
7101 }
7102
7103 enum ofperr
7104 ofpacts_pull_openflow_instructions(struct ofpbuf *openflow,
7105 unsigned int instructions_len,
7106 enum ofp_version version,
7107 const struct vl_mff_map *vl_mff_map,
7108 uint64_t *ofpacts_tlv_bitmap,
7109 struct ofpbuf *ofpacts)
7110 {
7111 const struct ofp11_instruction *instructions;
7112 const struct ofp11_instruction *insts[N_OVS_INSTRUCTIONS];
7113 enum ofperr error;
7114
7115 ofpbuf_clear(ofpacts);
7116 if (version == OFP10_VERSION) {
7117 return ofpacts_pull_openflow_actions__(openflow, instructions_len,
7118 version,
7119 (1u << N_OVS_INSTRUCTIONS) - 1,
7120 ofpacts, 0, vl_mff_map,
7121 ofpacts_tlv_bitmap);
7122 }
7123
7124 if (instructions_len % OFP11_INSTRUCTION_ALIGN != 0) {
7125 VLOG_WARN_RL(&rl, "OpenFlow message instructions length %u is not a "
7126 "multiple of %d",
7127 instructions_len, OFP11_INSTRUCTION_ALIGN);
7128 error = OFPERR_OFPBIC_BAD_LEN;
7129 goto exit;
7130 }
7131
7132 instructions = ofpbuf_try_pull(openflow, instructions_len);
7133 if (instructions == NULL) {
7134 VLOG_WARN_RL(&rl, "OpenFlow message instructions length %u exceeds "
7135 "remaining message length (%"PRIu32")",
7136 instructions_len, openflow->size);
7137 error = OFPERR_OFPBIC_BAD_LEN;
7138 goto exit;
7139 }
7140
7141 error = decode_openflow11_instructions(
7142 instructions, instructions_len / OFP11_INSTRUCTION_ALIGN,
7143 insts);
7144 if (error) {
7145 goto exit;
7146 }
7147
7148 if (insts[OVSINST_OFPIT13_METER]) {
7149 const struct ofp13_instruction_meter *oim;
7150 struct ofpact_meter *om;
7151
7152 oim = ALIGNED_CAST(const struct ofp13_instruction_meter *,
7153 insts[OVSINST_OFPIT13_METER]);
7154
7155 om = ofpact_put_METER(ofpacts);
7156 om->meter_id = ntohl(oim->meter_id);
7157 om->provider_meter_id = UINT32_MAX; /* No provider meter ID. */
7158 }
7159 if (insts[OVSINST_OFPIT11_APPLY_ACTIONS]) {
7160 const struct ofp_action_header *actions;
7161 size_t actions_len;
7162
7163 get_actions_from_instruction(insts[OVSINST_OFPIT11_APPLY_ACTIONS],
7164 &actions, &actions_len);
7165 error = ofpacts_decode(actions, actions_len, version, vl_mff_map,
7166 ofpacts_tlv_bitmap, ofpacts);
7167 if (error) {
7168 goto exit;
7169 }
7170 }
7171 if (insts[OVSINST_OFPIT11_CLEAR_ACTIONS]) {
7172 instruction_get_OFPIT11_CLEAR_ACTIONS(
7173 insts[OVSINST_OFPIT11_CLEAR_ACTIONS]);
7174 ofpact_put_CLEAR_ACTIONS(ofpacts);
7175 }
7176 if (insts[OVSINST_OFPIT11_WRITE_ACTIONS]) {
7177 struct ofpact_nest *on;
7178 const struct ofp_action_header *actions;
7179 size_t actions_len;
7180 size_t start = ofpacts->size;
7181 ofpact_put(ofpacts, OFPACT_WRITE_ACTIONS,
7182 offsetof(struct ofpact_nest, actions));
7183 get_actions_from_instruction(insts[OVSINST_OFPIT11_WRITE_ACTIONS],
7184 &actions, &actions_len);
7185 error = ofpacts_decode_for_action_set(actions, actions_len,
7186 version, vl_mff_map,
7187 ofpacts_tlv_bitmap, ofpacts);
7188 if (error) {
7189 goto exit;
7190 }
7191 on = ofpbuf_at_assert(ofpacts, start, sizeof *on);
7192 on->ofpact.len = ofpacts->size - start;
7193 }
7194 if (insts[OVSINST_OFPIT11_WRITE_METADATA]) {
7195 const struct ofp11_instruction_write_metadata *oiwm;
7196 struct ofpact_metadata *om;
7197
7198 oiwm = ALIGNED_CAST(const struct ofp11_instruction_write_metadata *,
7199 insts[OVSINST_OFPIT11_WRITE_METADATA]);
7200
7201 om = ofpact_put_WRITE_METADATA(ofpacts);
7202 om->metadata = oiwm->metadata;
7203 om->mask = oiwm->metadata_mask;
7204 }
7205 if (insts[OVSINST_OFPIT11_GOTO_TABLE]) {
7206 const struct ofp11_instruction_goto_table *oigt;
7207 struct ofpact_goto_table *ogt;
7208
7209 oigt = instruction_get_OFPIT11_GOTO_TABLE(
7210 insts[OVSINST_OFPIT11_GOTO_TABLE]);
7211 ogt = ofpact_put_GOTO_TABLE(ofpacts);
7212 ogt->table_id = oigt->table_id;
7213 }
7214
7215 error = ofpacts_verify(ofpacts->data, ofpacts->size,
7216 (1u << N_OVS_INSTRUCTIONS) - 1, 0);
7217 exit:
7218 if (error) {
7219 ofpbuf_clear(ofpacts);
7220 }
7221 return error;
7222 }
7223
7224 /* Update the length of the instruction that begins at offset 'ofs' within
7225 * 'openflow' and contains nested actions that extend to the end of 'openflow'.
7226 * If the instruction contains no nested actions, deletes it entirely. */
7227 static void
7228 ofpacts_update_instruction_actions(struct ofpbuf *openflow, size_t ofs)
7229 {
7230 struct ofp11_instruction_actions *oia;
7231
7232 oia = ofpbuf_at_assert(openflow, ofs, sizeof *oia);
7233 if (openflow->size > ofs + sizeof *oia) {
7234 oia->len = htons(openflow->size - ofs);
7235 } else {
7236 openflow->size = ofs;
7237 }
7238 }
7239 \f
7240 /* Checks that 'port' is a valid output port for OFPACT_OUTPUT, given that the
7241 * switch will never have more than 'max_ports' ports. Returns 0 if 'port' is
7242 * valid, otherwise an OpenFlow error code. */
7243 enum ofperr
7244 ofpact_check_output_port(ofp_port_t port, ofp_port_t max_ports)
7245 {
7246 switch (port) {
7247 case OFPP_IN_PORT:
7248 case OFPP_TABLE:
7249 case OFPP_NORMAL:
7250 case OFPP_FLOOD:
7251 case OFPP_ALL:
7252 case OFPP_CONTROLLER:
7253 case OFPP_LOCAL:
7254 return 0;
7255
7256 case OFPP_NONE:
7257 return OFPERR_OFPBAC_BAD_OUT_PORT;
7258
7259 default:
7260 if (ofp_to_u16(port) < ofp_to_u16(max_ports)) {
7261 return 0;
7262 }
7263 return OFPERR_OFPBAC_BAD_OUT_PORT;
7264 }
7265 }
7266
7267 /* Removes the protocols that require consistency between match and actions
7268 * (that's everything but OpenFlow 1.0) from '*usable_protocols'.
7269 *
7270 * (An example of an inconsistency between match and actions is a flow that
7271 * does not match on an MPLS Ethertype but has an action that pops an MPLS
7272 * label.) */
7273 static void
7274 inconsistent_match(enum ofputil_protocol *usable_protocols)
7275 {
7276 *usable_protocols &= OFPUTIL_P_OF10_ANY;
7277 }
7278
7279 /* May modify flow->dl_type, flow->nw_proto and flow->vlan_tci,
7280 * caller must restore them.
7281 *
7282 * Modifies some actions, filling in fields that could not be properly set
7283 * without context. */
7284 static enum ofperr
7285 ofpact_check__(enum ofputil_protocol *usable_protocols, struct ofpact *a,
7286 struct match *match, ofp_port_t max_ports,
7287 uint8_t table_id, uint8_t n_tables)
7288 {
7289 struct flow *flow = &match->flow;
7290 const struct ofpact_enqueue *enqueue;
7291 const struct mf_field *mf;
7292
7293 switch (a->type) {
7294 case OFPACT_OUTPUT:
7295 return ofpact_check_output_port(ofpact_get_OUTPUT(a)->port,
7296 max_ports);
7297
7298 case OFPACT_CONTROLLER:
7299 return 0;
7300
7301 case OFPACT_ENQUEUE:
7302 enqueue = ofpact_get_ENQUEUE(a);
7303 if (ofp_to_u16(enqueue->port) >= ofp_to_u16(max_ports)
7304 && enqueue->port != OFPP_IN_PORT
7305 && enqueue->port != OFPP_LOCAL) {
7306 return OFPERR_OFPBAC_BAD_OUT_PORT;
7307 }
7308 return 0;
7309
7310 case OFPACT_OUTPUT_REG:
7311 return mf_check_src(&ofpact_get_OUTPUT_REG(a)->src, match);
7312
7313 case OFPACT_OUTPUT_TRUNC:
7314 return ofpact_check_output_port(ofpact_get_OUTPUT_TRUNC(a)->port,
7315 max_ports);
7316
7317 case OFPACT_BUNDLE:
7318 return bundle_check(ofpact_get_BUNDLE(a), max_ports, match);
7319
7320 case OFPACT_SET_VLAN_VID:
7321 /* Remember if we saw a vlan tag in the flow to aid translating to
7322 * OpenFlow 1.1+ if need be. */
7323 ofpact_get_SET_VLAN_VID(a)->flow_has_vlan =
7324 (flow->vlans[0].tci & htons(VLAN_CFI)) == htons(VLAN_CFI);
7325 if (!(flow->vlans[0].tci & htons(VLAN_CFI)) &&
7326 !ofpact_get_SET_VLAN_VID(a)->push_vlan_if_needed) {
7327 inconsistent_match(usable_protocols);
7328 }
7329 /* Temporary mark that we have a vlan tag. */
7330 flow->vlans[0].tci |= htons(VLAN_CFI);
7331 return 0;
7332
7333 case OFPACT_SET_VLAN_PCP:
7334 /* Remember if we saw a vlan tag in the flow to aid translating to
7335 * OpenFlow 1.1+ if need be. */
7336 ofpact_get_SET_VLAN_PCP(a)->flow_has_vlan =
7337 (flow->vlans[0].tci & htons(VLAN_CFI)) == htons(VLAN_CFI);
7338 if (!(flow->vlans[0].tci & htons(VLAN_CFI)) &&
7339 !ofpact_get_SET_VLAN_PCP(a)->push_vlan_if_needed) {
7340 inconsistent_match(usable_protocols);
7341 }
7342 /* Temporary mark that we have a vlan tag. */
7343 flow->vlans[0].tci |= htons(VLAN_CFI);
7344 return 0;
7345
7346 case OFPACT_STRIP_VLAN:
7347 if (!(flow->vlans[0].tci & htons(VLAN_CFI))) {
7348 inconsistent_match(usable_protocols);
7349 }
7350 flow_pop_vlan(flow, NULL);
7351 return 0;
7352
7353 case OFPACT_PUSH_VLAN:
7354 if (flow->vlans[FLOW_MAX_VLAN_HEADERS - 1].tci & htons(VLAN_CFI)) {
7355 /* Support maximum (FLOW_MAX_VLAN_HEADERS) VLAN headers. */
7356 return OFPERR_OFPBAC_BAD_TAG;
7357 }
7358 /* Temporary mark that we have a vlan tag. */
7359 flow_push_vlan_uninit(flow, NULL);
7360 flow->vlans[0].tci |= htons(VLAN_CFI);
7361 return 0;
7362
7363 case OFPACT_SET_ETH_SRC:
7364 case OFPACT_SET_ETH_DST:
7365 return 0;
7366
7367 case OFPACT_SET_IPV4_SRC:
7368 case OFPACT_SET_IPV4_DST:
7369 if (flow->dl_type != htons(ETH_TYPE_IP)) {
7370 inconsistent_match(usable_protocols);
7371 }
7372 return 0;
7373
7374 case OFPACT_SET_IP_DSCP:
7375 case OFPACT_SET_IP_ECN:
7376 case OFPACT_SET_IP_TTL:
7377 case OFPACT_DEC_TTL:
7378 if (!is_ip_any(flow)) {
7379 inconsistent_match(usable_protocols);
7380 }
7381 return 0;
7382
7383 case OFPACT_SET_L4_SRC_PORT:
7384 case OFPACT_SET_L4_DST_PORT:
7385 if (!is_ip_any(flow) || (flow->nw_frag & FLOW_NW_FRAG_LATER) ||
7386 (flow->nw_proto != IPPROTO_TCP && flow->nw_proto != IPPROTO_UDP
7387 && flow->nw_proto != IPPROTO_SCTP)) {
7388 inconsistent_match(usable_protocols);
7389 }
7390 /* Note on which transport protocol the port numbers are set.
7391 * This allows this set action to be converted to an OF1.2 set field
7392 * action. */
7393 if (a->type == OFPACT_SET_L4_SRC_PORT) {
7394 ofpact_get_SET_L4_SRC_PORT(a)->flow_ip_proto = flow->nw_proto;
7395 } else {
7396 ofpact_get_SET_L4_DST_PORT(a)->flow_ip_proto = flow->nw_proto;
7397 }
7398 return 0;
7399
7400 case OFPACT_REG_MOVE:
7401 return nxm_reg_move_check(ofpact_get_REG_MOVE(a), match);
7402
7403 case OFPACT_SET_FIELD:
7404 mf = ofpact_get_SET_FIELD(a)->field;
7405 /* Require OXM_OF_VLAN_VID to have an existing VLAN header. */
7406 if (!mf_are_prereqs_ok(mf, flow, NULL) ||
7407 (mf->id == MFF_VLAN_VID &&
7408 !(flow->vlans[0].tci & htons(VLAN_CFI)))) {
7409 VLOG_WARN_RL(&rl, "set_field %s lacks correct prerequisities",
7410 mf->name);
7411 return OFPERR_OFPBAC_MATCH_INCONSISTENT;
7412 }
7413 /* Remember if we saw a vlan tag in the flow to aid translating to
7414 * OpenFlow 1.1 if need be. */
7415 ofpact_get_SET_FIELD(a)->flow_has_vlan =
7416 (flow->vlans[0].tci & htons(VLAN_CFI)) == htons(VLAN_CFI);
7417 if (mf->id == MFF_VLAN_TCI) {
7418 /* The set field may add or remove the vlan tag,
7419 * Mark the status temporarily. */
7420 flow->vlans[0].tci = ofpact_get_SET_FIELD(a)->value->be16;
7421 }
7422 return 0;
7423
7424 case OFPACT_STACK_PUSH:
7425 return nxm_stack_push_check(ofpact_get_STACK_PUSH(a), match);
7426
7427 case OFPACT_STACK_POP:
7428 return nxm_stack_pop_check(ofpact_get_STACK_POP(a), match);
7429
7430 case OFPACT_SET_MPLS_LABEL:
7431 case OFPACT_SET_MPLS_TC:
7432 case OFPACT_SET_MPLS_TTL:
7433 case OFPACT_DEC_MPLS_TTL:
7434 if (!eth_type_mpls(flow->dl_type)) {
7435 inconsistent_match(usable_protocols);
7436 }
7437 return 0;
7438
7439 case OFPACT_SET_TUNNEL:
7440 case OFPACT_SET_QUEUE:
7441 case OFPACT_POP_QUEUE:
7442 return 0;
7443
7444 case OFPACT_RESUBMIT: {
7445 struct ofpact_resubmit *resubmit = ofpact_get_RESUBMIT(a);
7446
7447 if (resubmit->with_ct_orig && !is_ct_valid(flow, &match->wc, NULL)) {
7448 return OFPERR_OFPBAC_MATCH_INCONSISTENT;
7449 }
7450 return 0;
7451 }
7452 case OFPACT_FIN_TIMEOUT:
7453 if (flow->nw_proto != IPPROTO_TCP) {
7454 inconsistent_match(usable_protocols);
7455 }
7456 return 0;
7457
7458 case OFPACT_LEARN:
7459 return learn_check(ofpact_get_LEARN(a), match);
7460
7461 case OFPACT_CONJUNCTION:
7462 return 0;
7463
7464 case OFPACT_MULTIPATH:
7465 return multipath_check(ofpact_get_MULTIPATH(a), match);
7466
7467 case OFPACT_NOTE:
7468 case OFPACT_EXIT:
7469 return 0;
7470
7471 case OFPACT_PUSH_MPLS:
7472 flow->dl_type = ofpact_get_PUSH_MPLS(a)->ethertype;
7473 /* The packet is now MPLS and the MPLS payload is opaque.
7474 * Thus nothing can be assumed about the network protocol.
7475 * Temporarily mark that we have no nw_proto. */
7476 flow->nw_proto = 0;
7477 return 0;
7478
7479 case OFPACT_POP_MPLS:
7480 if (!eth_type_mpls(flow->dl_type)) {
7481 inconsistent_match(usable_protocols);
7482 }
7483 flow->dl_type = ofpact_get_POP_MPLS(a)->ethertype;
7484 return 0;
7485
7486 case OFPACT_SAMPLE:
7487 return 0;
7488
7489 case OFPACT_CLONE: {
7490 struct ofpact_nest *on = ofpact_get_CLONE(a);
7491 return ofpacts_check(on->actions, ofpact_nest_get_action_len(on),
7492 match, max_ports, table_id, n_tables,
7493 usable_protocols);
7494 }
7495
7496 case OFPACT_CT: {
7497 struct ofpact_conntrack *oc = ofpact_get_CT(a);
7498
7499 if (!dl_type_is_ip_any(flow->dl_type)
7500 || (flow->ct_state & CS_INVALID && oc->flags & NX_CT_F_COMMIT)
7501 || (oc->alg == IPPORT_FTP && flow->nw_proto != IPPROTO_TCP)
7502 || (oc->alg == IPPORT_TFTP && flow->nw_proto != IPPROTO_UDP)) {
7503 /* We can't downgrade to OF1.0 and expect inconsistent CT actions
7504 * be silently discarded. Instead, datapath flow install fails, so
7505 * it is better to flag inconsistent CT actions as hard errors. */
7506 return OFPERR_OFPBAC_MATCH_INCONSISTENT;
7507 }
7508
7509 if (oc->zone_src.field) {
7510 return mf_check_src(&oc->zone_src, match);
7511 }
7512
7513 return ofpacts_check(oc->actions, ofpact_ct_get_action_len(oc),
7514 match, max_ports, table_id, n_tables,
7515 usable_protocols);
7516 }
7517
7518 case OFPACT_CT_CLEAR:
7519 return 0;
7520
7521 case OFPACT_NAT: {
7522 struct ofpact_nat *on = ofpact_get_NAT(a);
7523
7524 if (!dl_type_is_ip_any(flow->dl_type) ||
7525 (on->range_af == AF_INET && flow->dl_type != htons(ETH_TYPE_IP)) ||
7526 (on->range_af == AF_INET6
7527 && flow->dl_type != htons(ETH_TYPE_IPV6))) {
7528 return OFPERR_OFPBAC_MATCH_INCONSISTENT;
7529 }
7530 return 0;
7531 }
7532
7533 case OFPACT_CLEAR_ACTIONS:
7534 return 0;
7535
7536 case OFPACT_WRITE_ACTIONS: {
7537 /* Use a temporary copy of 'usable_protocols' because we can't check
7538 * consistency of an action set. */
7539 struct ofpact_nest *on = ofpact_get_WRITE_ACTIONS(a);
7540 enum ofputil_protocol p = *usable_protocols;
7541 return ofpacts_check(on->actions, ofpact_nest_get_action_len(on),
7542 match, max_ports, table_id, n_tables, &p);
7543 }
7544
7545 case OFPACT_WRITE_METADATA:
7546 return 0;
7547
7548 case OFPACT_METER: {
7549 uint32_t mid = ofpact_get_METER(a)->meter_id;
7550 if (mid == 0 || mid > OFPM13_MAX) {
7551 return OFPERR_OFPMMFC_INVALID_METER;
7552 }
7553 return 0;
7554 }
7555
7556 case OFPACT_GOTO_TABLE: {
7557 uint8_t goto_table = ofpact_get_GOTO_TABLE(a)->table_id;
7558 if ((table_id != 255 && goto_table <= table_id)
7559 || (n_tables != 255 && goto_table >= n_tables)) {
7560 return OFPERR_OFPBIC_BAD_TABLE_ID;
7561 }
7562 return 0;
7563 }
7564
7565 case OFPACT_GROUP:
7566 return 0;
7567
7568 case OFPACT_UNROLL_XLATE:
7569 /* UNROLL is an internal action that should never be seen via
7570 * OpenFlow. */
7571 return OFPERR_OFPBAC_BAD_TYPE;
7572
7573 case OFPACT_DEBUG_RECIRC:
7574 return 0;
7575
7576 default:
7577 OVS_NOT_REACHED();
7578 }
7579 }
7580
7581 /* Checks that the 'ofpacts_len' bytes of actions in 'ofpacts' are
7582 * appropriate for a packet with the prerequisites satisfied by 'flow' in a
7583 * switch with no more than 'max_ports' ports.
7584 *
7585 * If 'ofpacts' and 'flow' are inconsistent with one another, un-sets in
7586 * '*usable_protocols' the protocols that forbid the inconsistency. (An
7587 * example of an inconsistency between match and actions is a flow that does
7588 * not match on an MPLS Ethertype but has an action that pops an MPLS label.)
7589 *
7590 * May annotate ofpacts with information gathered from the 'match'.
7591 *
7592 * May temporarily modify 'match', but restores the changes before
7593 * returning. */
7594 enum ofperr
7595 ofpacts_check(struct ofpact ofpacts[], size_t ofpacts_len,
7596 struct match *match, ofp_port_t max_ports,
7597 uint8_t table_id, uint8_t n_tables,
7598 enum ofputil_protocol *usable_protocols)
7599 {
7600 struct ofpact *a;
7601 ovs_be16 dl_type = match->flow.dl_type;
7602 uint8_t nw_proto = match->flow.nw_proto;
7603 enum ofperr error = 0;
7604 union flow_vlan_hdr vlans[FLOW_MAX_VLAN_HEADERS];
7605
7606 memcpy(&vlans, &match->flow.vlans, sizeof(vlans));
7607
7608 OFPACT_FOR_EACH (a, ofpacts, ofpacts_len) {
7609 error = ofpact_check__(usable_protocols, a, match,
7610 max_ports, table_id, n_tables);
7611 if (error) {
7612 break;
7613 }
7614 }
7615 /* Restore fields that may have been modified. */
7616 match->flow.dl_type = dl_type;
7617 memcpy(&match->flow.vlans, &vlans, sizeof(vlans));
7618 match->flow.nw_proto = nw_proto;
7619 return error;
7620 }
7621
7622 /* Like ofpacts_check(), but reports inconsistencies as
7623 * OFPERR_OFPBAC_MATCH_INCONSISTENT rather than clearing bits. */
7624 enum ofperr
7625 ofpacts_check_consistency(struct ofpact ofpacts[], size_t ofpacts_len,
7626 struct match *match, ofp_port_t max_ports,
7627 uint8_t table_id, uint8_t n_tables,
7628 enum ofputil_protocol usable_protocols)
7629 {
7630 enum ofputil_protocol p = usable_protocols;
7631 enum ofperr error;
7632
7633 error = ofpacts_check(ofpacts, ofpacts_len, match, max_ports,
7634 table_id, n_tables, &p);
7635 return (error ? error
7636 : p != usable_protocols ? OFPERR_OFPBAC_MATCH_INCONSISTENT
7637 : 0);
7638 }
7639
7640 /* Returns the destination field that 'ofpact' would write to, or NULL
7641 * if the action would not write to an mf_field. */
7642 const struct mf_field *
7643 ofpact_get_mf_dst(const struct ofpact *ofpact)
7644 {
7645 if (ofpact->type == OFPACT_SET_FIELD) {
7646 const struct ofpact_set_field *orl;
7647
7648 orl = CONTAINER_OF(ofpact, struct ofpact_set_field, ofpact);
7649 return orl->field;
7650 } else if (ofpact->type == OFPACT_REG_MOVE) {
7651 const struct ofpact_reg_move *orm;
7652
7653 orm = CONTAINER_OF(ofpact, struct ofpact_reg_move, ofpact);
7654 return orm->dst.field;
7655 }
7656
7657 return NULL;
7658 }
7659
7660 static enum ofperr
7661 unsupported_nesting(enum ofpact_type action, enum ofpact_type outer_action)
7662 {
7663 VLOG_WARN("%s action doesn't support nested action %s",
7664 ofpact_name(outer_action), ofpact_name(action));
7665 return OFPERR_OFPBAC_BAD_ARGUMENT;
7666 }
7667
7668 static bool
7669 field_requires_ct(enum mf_field_id field)
7670 {
7671 return field == MFF_CT_MARK || field == MFF_CT_LABEL;
7672 }
7673
7674 /* Apply nesting constraints for actions */
7675 static enum ofperr
7676 ofpacts_verify_nested(const struct ofpact *a, enum ofpact_type outer_action)
7677 {
7678 const struct mf_field *field = ofpact_get_mf_dst(a);
7679
7680 if (field && field_requires_ct(field->id) && outer_action != OFPACT_CT) {
7681 VLOG_WARN("cannot set CT fields outside of ct action");
7682 return OFPERR_OFPBAC_BAD_SET_ARGUMENT;
7683 }
7684 if (a->type == OFPACT_NAT) {
7685 if (outer_action != OFPACT_CT) {
7686 VLOG_WARN("Cannot have NAT action outside of \"ct\" action");
7687 return OFPERR_OFPBAC_BAD_SET_ARGUMENT;
7688 }
7689 return 0;
7690 }
7691
7692 if (outer_action) {
7693 ovs_assert(outer_action == OFPACT_WRITE_ACTIONS
7694 || outer_action == OFPACT_CT);
7695
7696 if (outer_action == OFPACT_CT) {
7697 if (!field) {
7698 return unsupported_nesting(a->type, outer_action);
7699 } else if (!field_requires_ct(field->id)) {
7700 VLOG_WARN("%s action doesn't support nested modification "
7701 "of %s", ofpact_name(outer_action), field->name);
7702 return OFPERR_OFPBAC_BAD_ARGUMENT;
7703 }
7704 }
7705 }
7706
7707 return 0;
7708 }
7709
7710 /* Verifies that the 'ofpacts_len' bytes of actions in 'ofpacts' are in the
7711 * appropriate order as defined by the OpenFlow spec and as required by Open
7712 * vSwitch.
7713 *
7714 * 'allowed_ovsinsts' is a bitmap of OVSINST_* values, in which 1-bits indicate
7715 * instructions that are allowed within 'ofpacts[]'.
7716 *
7717 * If 'outer_action' is not zero, it specifies that the actions are nested
7718 * within another action of type 'outer_action'. */
7719 static enum ofperr
7720 ofpacts_verify(const struct ofpact ofpacts[], size_t ofpacts_len,
7721 uint32_t allowed_ovsinsts, enum ofpact_type outer_action)
7722 {
7723 const struct ofpact *a;
7724 enum ovs_instruction_type inst;
7725
7726 inst = OVSINST_OFPIT13_METER;
7727 OFPACT_FOR_EACH (a, ofpacts, ofpacts_len) {
7728 enum ovs_instruction_type next;
7729 enum ofperr error;
7730
7731 if (a->type == OFPACT_CONJUNCTION) {
7732 OFPACT_FOR_EACH (a, ofpacts, ofpacts_len) {
7733 if (a->type != OFPACT_CONJUNCTION && a->type != OFPACT_NOTE) {
7734 VLOG_WARN("\"conjunction\" actions may be used along with "
7735 "\"note\" but not any other kind of action "
7736 "(such as the \"%s\" action used here)",
7737 ofpact_name(a->type));
7738 return OFPERR_NXBAC_BAD_CONJUNCTION;
7739 }
7740 }
7741 return 0;
7742 }
7743
7744 error = ofpacts_verify_nested(a, outer_action);
7745 if (error) {
7746 return error;
7747 }
7748
7749 next = ovs_instruction_type_from_ofpact_type(a->type);
7750 if (a > ofpacts
7751 && (inst == OVSINST_OFPIT11_APPLY_ACTIONS
7752 ? next < inst
7753 : next <= inst)) {
7754 const char *name = ovs_instruction_name_from_type(inst);
7755 const char *next_name = ovs_instruction_name_from_type(next);
7756
7757 if (next == inst) {
7758 VLOG_WARN("duplicate %s instruction not allowed, for OpenFlow "
7759 "1.1+ compatibility", name);
7760 } else {
7761 VLOG_WARN("invalid instruction ordering: %s must appear "
7762 "before %s, for OpenFlow 1.1+ compatibility",
7763 next_name, name);
7764 }
7765 return OFPERR_OFPBAC_UNSUPPORTED_ORDER;
7766 }
7767 if (!((1u << next) & allowed_ovsinsts)) {
7768 const char *name = ovs_instruction_name_from_type(next);
7769
7770 VLOG_WARN("%s instruction not allowed here", name);
7771 return OFPERR_OFPBIC_UNSUP_INST;
7772 }
7773
7774 inst = next;
7775 }
7776
7777 return 0;
7778 }
7779 \f
7780 /* Converting ofpacts to OpenFlow. */
7781
7782 static void
7783 encode_ofpact(const struct ofpact *a, enum ofp_version ofp_version,
7784 struct ofpbuf *out)
7785 {
7786 switch (a->type) {
7787 #define OFPACT(ENUM, STRUCT, MEMBER, NAME) \
7788 case OFPACT_##ENUM: \
7789 encode_##ENUM(ofpact_get_##ENUM(a), ofp_version, out); \
7790 return;
7791 OFPACTS
7792 #undef OFPACT
7793 default:
7794 OVS_NOT_REACHED();
7795 }
7796 }
7797
7798 /* Converts the 'ofpacts_len' bytes of ofpacts in 'ofpacts' into OpenFlow
7799 * actions in 'openflow', appending the actions to any existing data in
7800 * 'openflow'. */
7801 size_t
7802 ofpacts_put_openflow_actions(const struct ofpact ofpacts[], size_t ofpacts_len,
7803 struct ofpbuf *openflow,
7804 enum ofp_version ofp_version)
7805 {
7806 const struct ofpact *a;
7807 size_t start_size = openflow->size;
7808
7809 OFPACT_FOR_EACH (a, ofpacts, ofpacts_len) {
7810 encode_ofpact(a, ofp_version, openflow);
7811 }
7812 return openflow->size - start_size;
7813 }
7814
7815 static enum ovs_instruction_type
7816 ofpact_is_apply_actions(const struct ofpact *a)
7817 {
7818 return (ovs_instruction_type_from_ofpact_type(a->type)
7819 == OVSINST_OFPIT11_APPLY_ACTIONS);
7820 }
7821
7822 void
7823 ofpacts_put_openflow_instructions(const struct ofpact ofpacts[],
7824 size_t ofpacts_len,
7825 struct ofpbuf *openflow,
7826 enum ofp_version ofp_version)
7827 {
7828 const struct ofpact *end = ofpact_end(ofpacts, ofpacts_len);
7829 const struct ofpact *a;
7830
7831 if (ofp_version == OFP10_VERSION) {
7832 ofpacts_put_openflow_actions(ofpacts, ofpacts_len, openflow,
7833 ofp_version);
7834 return;
7835 }
7836
7837 a = ofpacts;
7838 while (a < end) {
7839 if (ofpact_is_apply_actions(a)) {
7840 size_t ofs = openflow->size;
7841
7842 instruction_put_OFPIT11_APPLY_ACTIONS(openflow);
7843 do {
7844 encode_ofpact(a, ofp_version, openflow);
7845 a = ofpact_next(a);
7846 } while (a < end && ofpact_is_apply_actions(a));
7847 ofpacts_update_instruction_actions(openflow, ofs);
7848 } else {
7849 encode_ofpact(a, ofp_version, openflow);
7850 a = ofpact_next(a);
7851 }
7852 }
7853 }
7854 \f
7855 /* Sets of supported actions. */
7856
7857 /* Two-way translation between OVS's internal "OFPACT_*" representation of
7858 * actions and the "OFPAT_*" representation used in some OpenFlow version.
7859 * (OFPAT_* numbering varies from one OpenFlow version to another, so a given
7860 * instance is specific to one OpenFlow version.) */
7861 struct ofpact_map {
7862 enum ofpact_type ofpact; /* Internal name for action type. */
7863 int ofpat; /* OFPAT_* number from OpenFlow spec. */
7864 };
7865
7866 static const struct ofpact_map *
7867 get_ofpact_map(enum ofp_version version)
7868 {
7869 /* OpenFlow 1.0 actions. */
7870 static const struct ofpact_map of10[] = {
7871 { OFPACT_OUTPUT, 0 },
7872 { OFPACT_SET_VLAN_VID, 1 },
7873 { OFPACT_SET_VLAN_PCP, 2 },
7874 { OFPACT_STRIP_VLAN, 3 },
7875 { OFPACT_SET_ETH_SRC, 4 },
7876 { OFPACT_SET_ETH_DST, 5 },
7877 { OFPACT_SET_IPV4_SRC, 6 },
7878 { OFPACT_SET_IPV4_DST, 7 },
7879 { OFPACT_SET_IP_DSCP, 8 },
7880 { OFPACT_SET_L4_SRC_PORT, 9 },
7881 { OFPACT_SET_L4_DST_PORT, 10 },
7882 { OFPACT_ENQUEUE, 11 },
7883 { 0, -1 },
7884 };
7885
7886 /* OpenFlow 1.1 actions. */
7887 static const struct ofpact_map of11[] = {
7888 { OFPACT_OUTPUT, 0 },
7889 { OFPACT_SET_VLAN_VID, 1 },
7890 { OFPACT_SET_VLAN_PCP, 2 },
7891 { OFPACT_SET_ETH_SRC, 3 },
7892 { OFPACT_SET_ETH_DST, 4 },
7893 { OFPACT_SET_IPV4_SRC, 5 },
7894 { OFPACT_SET_IPV4_DST, 6 },
7895 { OFPACT_SET_IP_DSCP, 7 },
7896 { OFPACT_SET_IP_ECN, 8 },
7897 { OFPACT_SET_L4_SRC_PORT, 9 },
7898 { OFPACT_SET_L4_DST_PORT, 10 },
7899 /* OFPAT_COPY_TTL_OUT (11) not supported. */
7900 /* OFPAT_COPY_TTL_IN (12) not supported. */
7901 { OFPACT_SET_MPLS_LABEL, 13 },
7902 { OFPACT_SET_MPLS_TC, 14 },
7903 { OFPACT_SET_MPLS_TTL, 15 },
7904 { OFPACT_DEC_MPLS_TTL, 16 },
7905 { OFPACT_PUSH_VLAN, 17 },
7906 { OFPACT_STRIP_VLAN, 18 },
7907 { OFPACT_PUSH_MPLS, 19 },
7908 { OFPACT_POP_MPLS, 20 },
7909 { OFPACT_SET_QUEUE, 21 },
7910 { OFPACT_GROUP, 22 },
7911 { OFPACT_SET_IP_TTL, 23 },
7912 { OFPACT_DEC_TTL, 24 },
7913 { 0, -1 },
7914 };
7915
7916 /* OpenFlow 1.2, 1.3, and 1.4 actions. */
7917 static const struct ofpact_map of12[] = {
7918 { OFPACT_OUTPUT, 0 },
7919 /* OFPAT_COPY_TTL_OUT (11) not supported. */
7920 /* OFPAT_COPY_TTL_IN (12) not supported. */
7921 { OFPACT_SET_MPLS_TTL, 15 },
7922 { OFPACT_DEC_MPLS_TTL, 16 },
7923 { OFPACT_PUSH_VLAN, 17 },
7924 { OFPACT_STRIP_VLAN, 18 },
7925 { OFPACT_PUSH_MPLS, 19 },
7926 { OFPACT_POP_MPLS, 20 },
7927 { OFPACT_SET_QUEUE, 21 },
7928 { OFPACT_GROUP, 22 },
7929 { OFPACT_SET_IP_TTL, 23 },
7930 { OFPACT_DEC_TTL, 24 },
7931 { OFPACT_SET_FIELD, 25 },
7932 /* OF1.3+ OFPAT_PUSH_PBB (26) not supported. */
7933 /* OF1.3+ OFPAT_POP_PBB (27) not supported. */
7934 { 0, -1 },
7935 };
7936
7937 switch (version) {
7938 case OFP10_VERSION:
7939 return of10;
7940
7941 case OFP11_VERSION:
7942 return of11;
7943
7944 case OFP12_VERSION:
7945 case OFP13_VERSION:
7946 case OFP14_VERSION:
7947 case OFP15_VERSION:
7948 case OFP16_VERSION:
7949 default:
7950 return of12;
7951 }
7952 }
7953
7954 /* Converts 'ofpacts_bitmap', a bitmap whose bits correspond to OFPACT_*
7955 * values, into a bitmap of actions suitable for OpenFlow 'version', and
7956 * returns the result. */
7957 ovs_be32
7958 ofpact_bitmap_to_openflow(uint64_t ofpacts_bitmap, enum ofp_version version)
7959 {
7960 uint32_t openflow_bitmap = 0;
7961 const struct ofpact_map *x;
7962
7963 for (x = get_ofpact_map(version); x->ofpat >= 0; x++) {
7964 if (ofpacts_bitmap & (UINT64_C(1) << x->ofpact)) {
7965 openflow_bitmap |= 1u << x->ofpat;
7966 }
7967 }
7968 return htonl(openflow_bitmap);
7969 }
7970
7971 /* Converts 'ofpat_bitmap', a bitmap of actions from an OpenFlow message with
7972 * the given 'version' into a bitmap whose bits correspond to OFPACT_* values,
7973 * and returns the result. */
7974 uint64_t
7975 ofpact_bitmap_from_openflow(ovs_be32 ofpat_bitmap, enum ofp_version version)
7976 {
7977 uint64_t ofpact_bitmap = 0;
7978 const struct ofpact_map *x;
7979
7980 for (x = get_ofpact_map(version); x->ofpat >= 0; x++) {
7981 if (ofpat_bitmap & htonl(1u << x->ofpat)) {
7982 ofpact_bitmap |= UINT64_C(1) << x->ofpact;
7983 }
7984 }
7985 return ofpact_bitmap;
7986 }
7987
7988 /* Appends to 's' a string representation of the set of OFPACT_* represented
7989 * by 'ofpacts_bitmap'. */
7990 void
7991 ofpact_bitmap_format(uint64_t ofpacts_bitmap, struct ds *s)
7992 {
7993 if (!ofpacts_bitmap) {
7994 ds_put_cstr(s, "<none>");
7995 } else {
7996 while (ofpacts_bitmap) {
7997 ds_put_format(s, "%s ",
7998 ofpact_name(rightmost_1bit_idx(ofpacts_bitmap)));
7999 ofpacts_bitmap = zero_rightmost_1bit(ofpacts_bitmap);
8000 }
8001 ds_chomp(s, ' ');
8002 }
8003 }
8004 \f
8005 /* Returns true if 'action' outputs to 'port', false otherwise. */
8006 static bool
8007 ofpact_outputs_to_port(const struct ofpact *ofpact, ofp_port_t port)
8008 {
8009 switch (ofpact->type) {
8010 case OFPACT_OUTPUT:
8011 return ofpact_get_OUTPUT(ofpact)->port == port;
8012 case OFPACT_ENQUEUE:
8013 return ofpact_get_ENQUEUE(ofpact)->port == port;
8014 case OFPACT_CONTROLLER:
8015 return port == OFPP_CONTROLLER;
8016
8017 case OFPACT_OUTPUT_REG:
8018 case OFPACT_OUTPUT_TRUNC:
8019 case OFPACT_BUNDLE:
8020 case OFPACT_SET_VLAN_VID:
8021 case OFPACT_SET_VLAN_PCP:
8022 case OFPACT_STRIP_VLAN:
8023 case OFPACT_PUSH_VLAN:
8024 case OFPACT_SET_ETH_SRC:
8025 case OFPACT_SET_ETH_DST:
8026 case OFPACT_SET_IPV4_SRC:
8027 case OFPACT_SET_IPV4_DST:
8028 case OFPACT_SET_IP_DSCP:
8029 case OFPACT_SET_IP_ECN:
8030 case OFPACT_SET_IP_TTL:
8031 case OFPACT_SET_L4_SRC_PORT:
8032 case OFPACT_SET_L4_DST_PORT:
8033 case OFPACT_REG_MOVE:
8034 case OFPACT_SET_FIELD:
8035 case OFPACT_STACK_PUSH:
8036 case OFPACT_STACK_POP:
8037 case OFPACT_DEC_TTL:
8038 case OFPACT_SET_MPLS_LABEL:
8039 case OFPACT_SET_MPLS_TC:
8040 case OFPACT_SET_MPLS_TTL:
8041 case OFPACT_DEC_MPLS_TTL:
8042 case OFPACT_SET_TUNNEL:
8043 case OFPACT_WRITE_METADATA:
8044 case OFPACT_SET_QUEUE:
8045 case OFPACT_POP_QUEUE:
8046 case OFPACT_FIN_TIMEOUT:
8047 case OFPACT_RESUBMIT:
8048 case OFPACT_LEARN:
8049 case OFPACT_CONJUNCTION:
8050 case OFPACT_MULTIPATH:
8051 case OFPACT_NOTE:
8052 case OFPACT_EXIT:
8053 case OFPACT_UNROLL_XLATE:
8054 case OFPACT_PUSH_MPLS:
8055 case OFPACT_POP_MPLS:
8056 case OFPACT_SAMPLE:
8057 case OFPACT_CLEAR_ACTIONS:
8058 case OFPACT_CLONE:
8059 case OFPACT_WRITE_ACTIONS:
8060 case OFPACT_GOTO_TABLE:
8061 case OFPACT_METER:
8062 case OFPACT_GROUP:
8063 case OFPACT_DEBUG_RECIRC:
8064 case OFPACT_CT:
8065 case OFPACT_CT_CLEAR:
8066 case OFPACT_NAT:
8067 default:
8068 return false;
8069 }
8070 }
8071
8072 /* Returns true if any action in the 'ofpacts_len' bytes of 'ofpacts' outputs
8073 * to 'port', false otherwise. */
8074 bool
8075 ofpacts_output_to_port(const struct ofpact *ofpacts, size_t ofpacts_len,
8076 ofp_port_t port)
8077 {
8078 const struct ofpact *a;
8079
8080 OFPACT_FOR_EACH_FLATTENED (a, ofpacts, ofpacts_len) {
8081 if (ofpact_outputs_to_port(a, port)) {
8082 return true;
8083 }
8084 }
8085
8086 return false;
8087 }
8088
8089 /* Returns true if any action in the 'ofpacts_len' bytes of 'ofpacts' outputs
8090 * to 'group', false otherwise. */
8091 bool
8092 ofpacts_output_to_group(const struct ofpact *ofpacts, size_t ofpacts_len,
8093 uint32_t group_id)
8094 {
8095 const struct ofpact *a;
8096
8097 OFPACT_FOR_EACH_FLATTENED (a, ofpacts, ofpacts_len) {
8098 if (a->type == OFPACT_GROUP
8099 && ofpact_get_GROUP(a)->group_id == group_id) {
8100 return true;
8101 }
8102 }
8103
8104 return false;
8105 }
8106
8107 bool
8108 ofpacts_equal(const struct ofpact *a, size_t a_len,
8109 const struct ofpact *b, size_t b_len)
8110 {
8111 return a_len == b_len && !memcmp(a, b, a_len);
8112 }
8113
8114 /* Finds the OFPACT_METER action, if any, in the 'ofpacts_len' bytes of
8115 * 'ofpacts'. If found, returns its meter ID; if not, returns 0.
8116 *
8117 * This function relies on the order of 'ofpacts' being correct (as checked by
8118 * ofpacts_verify()). */
8119 uint32_t
8120 ofpacts_get_meter(const struct ofpact ofpacts[], size_t ofpacts_len)
8121 {
8122 const struct ofpact *a;
8123
8124 OFPACT_FOR_EACH (a, ofpacts, ofpacts_len) {
8125 enum ovs_instruction_type inst;
8126
8127 inst = ovs_instruction_type_from_ofpact_type(a->type);
8128 if (a->type == OFPACT_METER) {
8129 return ofpact_get_METER(a)->meter_id;
8130 } else if (inst > OVSINST_OFPIT13_METER) {
8131 break;
8132 }
8133 }
8134
8135 return 0;
8136 }
8137 \f
8138 /* Formatting ofpacts. */
8139
8140 static void
8141 ofpact_format(const struct ofpact *a, struct ds *s)
8142 {
8143 switch (a->type) {
8144 #define OFPACT(ENUM, STRUCT, MEMBER, NAME) \
8145 case OFPACT_##ENUM: \
8146 format_##ENUM(ALIGNED_CAST(const struct STRUCT *, a), s); \
8147 break;
8148 OFPACTS
8149 #undef OFPACT
8150 default:
8151 OVS_NOT_REACHED();
8152 }
8153 }
8154
8155 /* Appends a string representing the 'ofpacts_len' bytes of ofpacts in
8156 * 'ofpacts' to 'string'. */
8157 void
8158 ofpacts_format(const struct ofpact *ofpacts, size_t ofpacts_len,
8159 struct ds *string)
8160 {
8161 if (!ofpacts_len) {
8162 ds_put_format(string, "%sdrop%s", colors.drop, colors.end);
8163 } else {
8164 const struct ofpact *a;
8165
8166 OFPACT_FOR_EACH (a, ofpacts, ofpacts_len) {
8167 if (a != ofpacts) {
8168 ds_put_char(string, ',');
8169 }
8170
8171 ofpact_format(a, string);
8172 }
8173 }
8174 }
8175 \f
8176 /* Internal use by helpers. */
8177
8178 /* Implementation of ofpact_put_<ENUM>(). */
8179 void *
8180 ofpact_put(struct ofpbuf *ofpacts, enum ofpact_type type, size_t len)
8181 {
8182 struct ofpact *ofpact;
8183
8184 ofpacts->header = ofpbuf_put_uninit(ofpacts, len);
8185 ofpact = ofpacts->header;
8186 ofpact_init(ofpact, type, len);
8187 return ofpact;
8188 }
8189
8190 /* Implementation of ofpact_init_<ENUM>(). */
8191 void
8192 ofpact_init(struct ofpact *ofpact, enum ofpact_type type, size_t len)
8193 {
8194 memset(ofpact, 0, len);
8195 ofpact->type = type;
8196 ofpact->raw = -1;
8197 ofpact->len = len;
8198 }
8199
8200 /* Implementation of ofpact_finish_<ENUM>().
8201 *
8202 * Finishes composing a variable-length action (begun using
8203 * ofpact_put_<NAME>()), by padding the action to a multiple of OFPACT_ALIGNTO
8204 * bytes and updating its embedded length field. See the large comment near
8205 * the end of ofp-actions.h for more information.
8206 *
8207 * May reallocate 'ofpacts'. Callers should consider updating their 'ofpact'
8208 * pointer to the return value of this function. */
8209 void *
8210 ofpact_finish(struct ofpbuf *ofpacts, struct ofpact *ofpact)
8211 {
8212 ptrdiff_t len;
8213
8214 ovs_assert(ofpact == ofpacts->header);
8215 len = (char *) ofpbuf_tail(ofpacts) - (char *) ofpact;
8216 ovs_assert(len > 0 && len <= UINT16_MAX);
8217 ofpact->len = len;
8218 ofpbuf_padto(ofpacts, OFPACT_ALIGN(ofpacts->size));
8219
8220 return ofpacts->header;
8221 }
8222 \f
8223 static char * OVS_WARN_UNUSED_RESULT
8224 ofpact_parse(enum ofpact_type type, char *value, struct ofpbuf *ofpacts,
8225 enum ofputil_protocol *usable_protocols)
8226 {
8227 switch (type) {
8228 #define OFPACT(ENUM, STRUCT, MEMBER, NAME) \
8229 case OFPACT_##ENUM: \
8230 return parse_##ENUM(value, ofpacts, usable_protocols);
8231 OFPACTS
8232 #undef OFPACT
8233 default:
8234 OVS_NOT_REACHED();
8235 }
8236 }
8237
8238 static bool
8239 ofpact_type_from_name(const char *name, enum ofpact_type *type)
8240 {
8241 #define OFPACT(ENUM, STRUCT, MEMBER, NAME) \
8242 if (!strcasecmp(name, NAME)) { \
8243 *type = OFPACT_##ENUM; \
8244 return true; \
8245 }
8246 OFPACTS
8247 #undef OFPACT
8248
8249 return false;
8250 }
8251
8252 /* Parses 'str' as a series of instructions, and appends them to 'ofpacts'.
8253 *
8254 * Returns NULL if successful, otherwise a malloc()'d string describing the
8255 * error. The caller is responsible for freeing the returned string.
8256 *
8257 * If 'outer_action' is specified, indicates that the actions being parsed
8258 * are nested within another action of the type specified in 'outer_action'. */
8259 static char * OVS_WARN_UNUSED_RESULT
8260 ofpacts_parse__(char *str, struct ofpbuf *ofpacts,
8261 enum ofputil_protocol *usable_protocols,
8262 bool allow_instructions, enum ofpact_type outer_action)
8263 {
8264 int prev_inst = -1;
8265 enum ofperr retval;
8266 char *key, *value;
8267 bool drop = false;
8268 char *pos;
8269
8270 pos = str;
8271 while (ofputil_parse_key_value(&pos, &key, &value)) {
8272 enum ovs_instruction_type inst = OVSINST_OFPIT11_APPLY_ACTIONS;
8273 enum ofpact_type type;
8274 char *error = NULL;
8275 ofp_port_t port;
8276
8277 if (ofpact_type_from_name(key, &type)) {
8278 error = ofpact_parse(type, value, ofpacts, usable_protocols);
8279 inst = ovs_instruction_type_from_ofpact_type(type);
8280 } else if (!strcasecmp(key, "mod_vlan_vid")) {
8281 error = parse_set_vlan_vid(value, ofpacts, true);
8282 } else if (!strcasecmp(key, "mod_vlan_pcp")) {
8283 error = parse_set_vlan_pcp(value, ofpacts, true);
8284 } else if (!strcasecmp(key, "set_nw_ttl")) {
8285 error = parse_SET_IP_TTL(value, ofpacts, usable_protocols);
8286 } else if (!strcasecmp(key, "pop_vlan")) {
8287 error = parse_pop_vlan(ofpacts);
8288 } else if (!strcasecmp(key, "set_tunnel64")) {
8289 error = parse_set_tunnel(value, ofpacts,
8290 NXAST_RAW_SET_TUNNEL64);
8291 } else if (!strcasecmp(key, "load")) {
8292 error = parse_reg_load(value, ofpacts);
8293 } else if (!strcasecmp(key, "bundle_load")) {
8294 error = parse_bundle_load(value, ofpacts);
8295 } else if (!strcasecmp(key, "drop")) {
8296 drop = true;
8297 } else if (!strcasecmp(key, "apply_actions")) {
8298 return xstrdup("apply_actions is the default instruction");
8299 } else if (ofputil_port_from_string(key, &port)) {
8300 ofpact_put_OUTPUT(ofpacts)->port = port;
8301 } else {
8302 return xasprintf("unknown action %s", key);
8303 }
8304 if (error) {
8305 return error;
8306 }
8307
8308 if (inst != OVSINST_OFPIT11_APPLY_ACTIONS) {
8309 if (!allow_instructions) {
8310 return xasprintf("only actions are allowed here (not "
8311 "instruction %s)",
8312 ovs_instruction_name_from_type(inst));
8313 }
8314 if (inst == prev_inst) {
8315 return xasprintf("instruction %s may be specified only once",
8316 ovs_instruction_name_from_type(inst));
8317 }
8318 }
8319 if (prev_inst != -1 && inst < prev_inst) {
8320 return xasprintf("instruction %s must be specified before %s",
8321 ovs_instruction_name_from_type(inst),
8322 ovs_instruction_name_from_type(prev_inst));
8323 }
8324 prev_inst = inst;
8325 }
8326
8327 if (drop && ofpacts->size) {
8328 return xstrdup("\"drop\" must not be accompanied by any other action "
8329 "or instruction");
8330 }
8331
8332 retval = ofpacts_verify(ofpacts->data, ofpacts->size,
8333 (allow_instructions
8334 ? (1u << N_OVS_INSTRUCTIONS) - 1
8335 : 1u << OVSINST_OFPIT11_APPLY_ACTIONS),
8336 outer_action);
8337 if (retval) {
8338 return xstrdup("Incorrect instruction ordering");
8339 }
8340
8341 return NULL;
8342 }
8343
8344 static char * OVS_WARN_UNUSED_RESULT
8345 ofpacts_parse(char *str, struct ofpbuf *ofpacts,
8346 enum ofputil_protocol *usable_protocols, bool allow_instructions,
8347 enum ofpact_type outer_action)
8348 {
8349 uint32_t orig_size = ofpacts->size;
8350 char *error = ofpacts_parse__(str, ofpacts, usable_protocols,
8351 allow_instructions, outer_action);
8352 if (error) {
8353 ofpacts->size = orig_size;
8354 }
8355 return error;
8356 }
8357
8358 static char * OVS_WARN_UNUSED_RESULT
8359 ofpacts_parse_copy(const char *s_, struct ofpbuf *ofpacts,
8360 enum ofputil_protocol *usable_protocols,
8361 bool allow_instructions, enum ofpact_type outer_action)
8362 {
8363 char *error, *s;
8364
8365 *usable_protocols = OFPUTIL_P_ANY;
8366
8367 s = xstrdup(s_);
8368 error = ofpacts_parse(s, ofpacts, usable_protocols, allow_instructions,
8369 outer_action);
8370 free(s);
8371
8372 return error;
8373 }
8374
8375 /* Parses 's' as a set of OpenFlow actions and appends the actions to
8376 * 'ofpacts'. 'outer_action', if nonzero, specifies that 's' contains actions
8377 * that are nested within the action of type 'outer_action'.
8378 *
8379 * Returns NULL if successful, otherwise a malloc()'d string describing the
8380 * error. The caller is responsible for freeing the returned string. */
8381 char * OVS_WARN_UNUSED_RESULT
8382 ofpacts_parse_actions(const char *s, struct ofpbuf *ofpacts,
8383 enum ofputil_protocol *usable_protocols)
8384 {
8385 return ofpacts_parse_copy(s, ofpacts, usable_protocols, false, 0);
8386 }
8387
8388 /* Parses 's' as a set of OpenFlow instructions and appends the instructions to
8389 * 'ofpacts'.
8390 *
8391 * Returns NULL if successful, otherwise a malloc()'d string describing the
8392 * error. The caller is responsible for freeing the returned string. */
8393 char * OVS_WARN_UNUSED_RESULT
8394 ofpacts_parse_instructions(const char *s, struct ofpbuf *ofpacts,
8395 enum ofputil_protocol *usable_protocols)
8396 {
8397 return ofpacts_parse_copy(s, ofpacts, usable_protocols, true, 0);
8398 }
8399
8400 const char *
8401 ofpact_name(enum ofpact_type type)
8402 {
8403 switch (type) {
8404 #define OFPACT(ENUM, STRUCT, MEMBER, NAME) case OFPACT_##ENUM: return NAME;
8405 OFPACTS
8406 #undef OFPACT
8407 }
8408 return "<unknown>";
8409 }
8410 \f
8411 /* Low-level action decoding and encoding functions. */
8412
8413 /* Everything needed to identify a particular OpenFlow action. */
8414 struct ofpact_hdrs {
8415 uint32_t vendor; /* 0 if standard, otherwise a vendor code. */
8416 uint16_t type; /* Type if standard, otherwise subtype. */
8417 uint8_t ofp_version; /* From ofp_header. */
8418 };
8419
8420 /* Information about a particular OpenFlow action. */
8421 struct ofpact_raw_instance {
8422 /* The action's identity. */
8423 struct ofpact_hdrs hdrs;
8424 enum ofp_raw_action_type raw;
8425
8426 /* Looking up the action. */
8427 struct hmap_node decode_node; /* Based on 'hdrs'. */
8428 struct hmap_node encode_node; /* Based on 'raw' + 'hdrs.ofp_version'. */
8429
8430 /* The action's encoded size.
8431 *
8432 * If this action is fixed-length, 'min_length' == 'max_length'.
8433 * If it is variable length, then 'max_length' is ROUND_DOWN(UINT16_MAX,
8434 * OFP_ACTION_ALIGN) == 65528. */
8435 unsigned short int min_length;
8436 unsigned short int max_length;
8437
8438 /* For actions with a simple integer numeric argument, 'arg_ofs' is the
8439 * offset of that argument from the beginning of the action and 'arg_len'
8440 * its length, both in bytes.
8441 *
8442 * For actions that take other forms, these are both zero. */
8443 unsigned short int arg_ofs;
8444 unsigned short int arg_len;
8445
8446 /* The name of the action, e.g. "OFPAT_OUTPUT" or "NXAST_RESUBMIT". */
8447 const char *name;
8448
8449 /* If this action is deprecated, a human-readable string with a brief
8450 * explanation. */
8451 const char *deprecation;
8452 };
8453
8454 /* Action header. */
8455 struct ofp_action_header {
8456 /* The meaning of other values of 'type' generally depends on the OpenFlow
8457 * version (see enum ofp_raw_action_type).
8458 *
8459 * Across all OpenFlow versions, OFPAT_VENDOR indicates that 'vendor'
8460 * designates an OpenFlow vendor ID and that the remainder of the action
8461 * structure has a vendor-defined meaning.
8462 */
8463 #define OFPAT_VENDOR 0xffff
8464 ovs_be16 type;
8465
8466 /* Always a multiple of 8. */
8467 ovs_be16 len;
8468
8469 /* For type == OFPAT_VENDOR only, this is a vendor ID, e.g. NX_VENDOR_ID or
8470 * ONF_VENDOR_ID. Other 'type's use this space for some other purpose. */
8471 ovs_be32 vendor;
8472 };
8473 OFP_ASSERT(sizeof(struct ofp_action_header) == 8);
8474
8475 static bool
8476 ofpact_hdrs_equal(const struct ofpact_hdrs *a,
8477 const struct ofpact_hdrs *b)
8478 {
8479 return (a->vendor == b->vendor
8480 && a->type == b->type
8481 && a->ofp_version == b->ofp_version);
8482 }
8483
8484 static uint32_t
8485 ofpact_hdrs_hash(const struct ofpact_hdrs *hdrs)
8486 {
8487 return hash_2words(hdrs->vendor, (hdrs->type << 16) | hdrs->ofp_version);
8488 }
8489
8490 #include "ofp-actions.inc2"
8491
8492 static struct hmap *
8493 ofpact_decode_hmap(void)
8494 {
8495 static struct ovsthread_once once = OVSTHREAD_ONCE_INITIALIZER;
8496 static struct hmap hmap;
8497
8498 if (ovsthread_once_start(&once)) {
8499 struct ofpact_raw_instance *inst;
8500
8501 hmap_init(&hmap);
8502 for (inst = all_raw_instances;
8503 inst < &all_raw_instances[ARRAY_SIZE(all_raw_instances)];
8504 inst++) {
8505 hmap_insert(&hmap, &inst->decode_node,
8506 ofpact_hdrs_hash(&inst->hdrs));
8507 }
8508 ovsthread_once_done(&once);
8509 }
8510 return &hmap;
8511 }
8512
8513 static struct hmap *
8514 ofpact_encode_hmap(void)
8515 {
8516 static struct ovsthread_once once = OVSTHREAD_ONCE_INITIALIZER;
8517 static struct hmap hmap;
8518
8519 if (ovsthread_once_start(&once)) {
8520 struct ofpact_raw_instance *inst;
8521
8522 hmap_init(&hmap);
8523 for (inst = all_raw_instances;
8524 inst < &all_raw_instances[ARRAY_SIZE(all_raw_instances)];
8525 inst++) {
8526 hmap_insert(&hmap, &inst->encode_node,
8527 hash_2words(inst->raw, inst->hdrs.ofp_version));
8528 }
8529 ovsthread_once_done(&once);
8530 }
8531 return &hmap;
8532 }
8533
8534 static enum ofperr
8535 ofpact_decode_raw(enum ofp_version ofp_version,
8536 const struct ofp_action_header *oah, size_t length,
8537 const struct ofpact_raw_instance **instp)
8538 {
8539 const struct ofpact_raw_instance *inst;
8540 struct ofpact_hdrs hdrs;
8541
8542 *instp = NULL;
8543 if (length < sizeof *oah) {
8544 return OFPERR_OFPBAC_BAD_LEN;
8545 }
8546
8547 /* Get base action type. */
8548 if (oah->type == htons(OFPAT_VENDOR)) {
8549 /* Get vendor. */
8550 hdrs.vendor = ntohl(oah->vendor);
8551 if (hdrs.vendor == NX_VENDOR_ID || hdrs.vendor == ONF_VENDOR_ID) {
8552 /* Get extension subtype. */
8553 const struct ext_action_header *nah;
8554
8555 nah = ALIGNED_CAST(const struct ext_action_header *, oah);
8556 if (length < sizeof *nah) {
8557 return OFPERR_OFPBAC_BAD_LEN;
8558 }
8559 hdrs.type = ntohs(nah->subtype);
8560 } else {
8561 VLOG_WARN_RL(&rl, "OpenFlow action has unknown vendor %#"PRIx32,
8562 hdrs.vendor);
8563 return OFPERR_OFPBAC_BAD_VENDOR;
8564 }
8565 } else {
8566 hdrs.vendor = 0;
8567 hdrs.type = ntohs(oah->type);
8568 }
8569
8570 hdrs.ofp_version = ofp_version;
8571 HMAP_FOR_EACH_WITH_HASH (inst, decode_node, ofpact_hdrs_hash(&hdrs),
8572 ofpact_decode_hmap()) {
8573 if (ofpact_hdrs_equal(&hdrs, &inst->hdrs)) {
8574 *instp = inst;
8575 return 0;
8576 }
8577 }
8578
8579 return (hdrs.vendor
8580 ? OFPERR_OFPBAC_BAD_VENDOR_TYPE
8581 : OFPERR_OFPBAC_BAD_TYPE);
8582 }
8583
8584 static enum ofperr
8585 ofpact_pull_raw(struct ofpbuf *buf, enum ofp_version ofp_version,
8586 enum ofp_raw_action_type *raw, uint64_t *arg)
8587 {
8588 const struct ofp_action_header *oah = buf->data;
8589 const struct ofpact_raw_instance *action;
8590 unsigned int length;
8591 enum ofperr error;
8592
8593 *raw = *arg = 0;
8594 error = ofpact_decode_raw(ofp_version, oah, buf->size, &action);
8595 if (error) {
8596 return error;
8597 }
8598
8599 if (action->deprecation) {
8600 VLOG_INFO_RL(&rl, "%s is deprecated in %s (%s)",
8601 action->name, ofputil_version_to_string(ofp_version),
8602 action->deprecation);
8603 }
8604
8605 length = ntohs(oah->len);
8606 if (length > buf->size) {
8607 VLOG_WARN_RL(&rl, "OpenFlow action %s length %u exceeds action buffer "
8608 "length %"PRIu32, action->name, length, buf->size);
8609 return OFPERR_OFPBAC_BAD_LEN;
8610 }
8611 if (length < action->min_length || length > action->max_length) {
8612 VLOG_WARN_RL(&rl, "OpenFlow action %s length %u not in valid range "
8613 "[%hu,%hu]", action->name, length,
8614 action->min_length, action->max_length);
8615 return OFPERR_OFPBAC_BAD_LEN;
8616 }
8617 if (length % 8) {
8618 VLOG_WARN_RL(&rl, "OpenFlow action %s length %u is not a multiple "
8619 "of 8", action->name, length);
8620 return OFPERR_OFPBAC_BAD_LEN;
8621 }
8622
8623 *raw = action->raw;
8624 *arg = 0;
8625 if (action->arg_len) {
8626 const uint8_t *p;
8627 int i;
8628
8629 p = ofpbuf_at_assert(buf, action->arg_ofs, action->arg_len);
8630 for (i = 0; i < action->arg_len; i++) {
8631 *arg = (*arg << 8) | p[i];
8632 }
8633 }
8634
8635 ofpbuf_pull(buf, length);
8636
8637 return 0;
8638 }
8639
8640 static const struct ofpact_raw_instance *
8641 ofpact_raw_lookup(enum ofp_version ofp_version, enum ofp_raw_action_type raw)
8642 {
8643 const struct ofpact_raw_instance *inst;
8644
8645 HMAP_FOR_EACH_WITH_HASH (inst, encode_node, hash_2words(raw, ofp_version),
8646 ofpact_encode_hmap()) {
8647 if (inst->raw == raw && inst->hdrs.ofp_version == ofp_version) {
8648 return inst;
8649 }
8650 }
8651 OVS_NOT_REACHED();
8652 }
8653
8654 static void *
8655 ofpact_put_raw(struct ofpbuf *buf, enum ofp_version ofp_version,
8656 enum ofp_raw_action_type raw, uint64_t arg)
8657 {
8658 const struct ofpact_raw_instance *inst;
8659 struct ofp_action_header *oah;
8660 const struct ofpact_hdrs *hdrs;
8661
8662 inst = ofpact_raw_lookup(ofp_version, raw);
8663 hdrs = &inst->hdrs;
8664
8665 oah = ofpbuf_put_zeros(buf, inst->min_length);
8666 oah->type = htons(hdrs->vendor ? OFPAT_VENDOR : hdrs->type);
8667 oah->len = htons(inst->min_length);
8668 oah->vendor = htonl(hdrs->vendor);
8669
8670 switch (hdrs->vendor) {
8671 case 0:
8672 break;
8673
8674 case NX_VENDOR_ID:
8675 case ONF_VENDOR_ID: {
8676 struct ext_action_header *nah = (struct ext_action_header *) oah;
8677 nah->subtype = htons(hdrs->type);
8678 break;
8679 }
8680
8681 default:
8682 OVS_NOT_REACHED();
8683 }
8684
8685 if (inst->arg_len) {
8686 uint8_t *p = (uint8_t *) oah + inst->arg_ofs + inst->arg_len;
8687 int i;
8688
8689 for (i = 0; i < inst->arg_len; i++) {
8690 *--p = arg;
8691 arg >>= 8;
8692 }
8693 } else {
8694 ovs_assert(!arg);
8695 }
8696
8697 return oah;
8698 }
8699
8700 static void
8701 pad_ofpat(struct ofpbuf *openflow, size_t start_ofs)
8702 {
8703 struct ofp_action_header *oah;
8704
8705 ofpbuf_put_zeros(openflow, PAD_SIZE(openflow->size - start_ofs,
8706 OFP_ACTION_ALIGN));
8707
8708 oah = ofpbuf_at_assert(openflow, start_ofs, sizeof *oah);
8709 oah->len = htons(openflow->size - start_ofs);
8710 }
8711
openvswitch mirror