]> git.proxmox.com Git - ovs.git/blob - ofproto/ofproto.c
projects / ovs.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
ofproto: Print "drop" action when dumping hidden flows
[ovs.git] / ofproto / ofproto.c
1 /*
2 * Copyright (c) 2009, 2010 Nicira Networks.
3 * Copyright (c) 2010 Jean Tourrilhes - HP-Labs.
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 */
17
18 #include <config.h>
19 #include "ofproto.h"
20 #include <errno.h>
21 #include <inttypes.h>
22 #include <sys/socket.h>
23 #include <net/if.h>
24 #include <netinet/in.h>
25 #include <stdbool.h>
26 #include <stdlib.h>
27 #include "classifier.h"
28 #include "coverage.h"
29 #include "discovery.h"
30 #include "dpif.h"
31 #include "dynamic-string.h"
32 #include "fail-open.h"
33 #include "hash.h"
34 #include "hmap.h"
35 #include "in-band.h"
36 #include "mac-learning.h"
37 #include "netdev.h"
38 #include "netflow.h"
39 #include "odp-util.h"
40 #include "ofp-print.h"
41 #include "ofp-util.h"
42 #include "ofproto-sflow.h"
43 #include "ofpbuf.h"
44 #include "openflow/nicira-ext.h"
45 #include "openflow/openflow.h"
46 #include "openvswitch/datapath-protocol.h"
47 #include "packets.h"
48 #include "pinsched.h"
49 #include "pktbuf.h"
50 #include "poll-loop.h"
51 #include "rconn.h"
52 #include "shash.h"
53 #include "status.h"
54 #include "stream-ssl.h"
55 #include "svec.h"
56 #include "tag.h"
57 #include "timeval.h"
58 #include "unixctl.h"
59 #include "vconn.h"
60 #include "vlog.h"
61 #include "xtoxll.h"
62
63 VLOG_DEFINE_THIS_MODULE(ofproto)
64
65 #include "sflow_api.h"
66
67 enum {
68 TABLEID_HASH = 0,
69 TABLEID_CLASSIFIER = 1
70 };
71
72
73 struct ofport {
74 struct hmap_node hmap_node; /* In struct ofproto's "ports" hmap. */
75 struct netdev *netdev;
76 struct ofp_phy_port opp; /* In host byte order. */
77 uint16_t odp_port;
78 };
79
80 static void ofport_free(struct ofport *);
81 static void hton_ofp_phy_port(struct ofp_phy_port *);
82
83 static int xlate_actions(const union ofp_action *in, size_t n_in,
84 const struct flow *, struct ofproto *,
85 const struct ofpbuf *packet,
86 struct odp_actions *out, tag_type *tags,
87 bool *may_set_up_flow, uint16_t *nf_output_iface);
88
89 struct rule {
90 struct cls_rule cr;
91
92 uint64_t flow_cookie; /* Controller-issued identifier.
93 (Kept in network-byte order.) */
94 uint16_t idle_timeout; /* In seconds from time of last use. */
95 uint16_t hard_timeout; /* In seconds from time of creation. */
96 bool send_flow_removed; /* Send a flow removed message? */
97 long long int used; /* Last-used time (0 if never used). */
98 long long int created; /* Creation time. */
99 uint64_t packet_count; /* Number of packets received. */
100 uint64_t byte_count; /* Number of bytes received. */
101 uint64_t accounted_bytes; /* Number of bytes passed to account_cb. */
102 tag_type tags; /* Tags (set only by hooks). */
103 struct netflow_flow nf_flow; /* Per-flow NetFlow tracking data. */
104
105 /* If 'super' is non-NULL, this rule is a subrule, that is, it is an
106 * exact-match rule (having cr.wc.wildcards of 0) generated from the
107 * wildcard rule 'super'. In this case, 'list' is an element of the
108 * super-rule's list.
109 *
110 * If 'super' is NULL, this rule is a super-rule, and 'list' is the head of
111 * a list of subrules. A super-rule with no wildcards (where
112 * cr.wc.wildcards is 0) will never have any subrules. */
113 struct rule *super;
114 struct list list;
115
116 /* OpenFlow actions.
117 *
118 * 'n_actions' is the number of elements in the 'actions' array. A single
119 * action may take up more more than one element's worth of space.
120 *
121 * A subrule has no actions (it uses the super-rule's actions). */
122 int n_actions;
123 union ofp_action *actions;
124
125 /* Datapath actions.
126 *
127 * A super-rule with wildcard fields never has ODP actions (since the
128 * datapath only supports exact-match flows). */
129 bool installed; /* Installed in datapath? */
130 bool may_install; /* True ordinarily; false if actions must
131 * be reassessed for every packet. */
132 int n_odp_actions;
133 union odp_action *odp_actions;
134 };
135
136 static inline bool
137 rule_is_hidden(const struct rule *rule)
138 {
139 /* Subrules are merely an implementation detail, so hide them from the
140 * controller. */
141 if (rule->super != NULL) {
142 return true;
143 }
144
145 /* Rules with priority higher than UINT16_MAX are set up by ofproto itself
146 * (e.g. by in-band control) and are intentionally hidden from the
147 * controller. */
148 if (rule->cr.priority > UINT16_MAX) {
149 return true;
150 }
151
152 return false;
153 }
154
155 static struct rule *rule_create(struct ofproto *, struct rule *super,
156 const union ofp_action *, size_t n_actions,
157 uint16_t idle_timeout, uint16_t hard_timeout,
158 uint64_t flow_cookie, bool send_flow_removed);
159 static void rule_free(struct rule *);
160 static void rule_destroy(struct ofproto *, struct rule *);
161 static struct rule *rule_from_cls_rule(const struct cls_rule *);
162 static void rule_insert(struct ofproto *, struct rule *,
163 struct ofpbuf *packet, uint16_t in_port);
164 static void rule_remove(struct ofproto *, struct rule *);
165 static bool rule_make_actions(struct ofproto *, struct rule *,
166 const struct ofpbuf *packet);
167 static void rule_install(struct ofproto *, struct rule *,
168 struct rule *displaced_rule);
169 static void rule_uninstall(struct ofproto *, struct rule *);
170 static void rule_post_uninstall(struct ofproto *, struct rule *);
171 static void send_flow_removed(struct ofproto *p, struct rule *rule,
172 long long int now, uint8_t reason);
173
174 /* ofproto supports two kinds of OpenFlow connections:
175 *
176 * - "Primary" connections to ordinary OpenFlow controllers. ofproto
177 * maintains persistent connections to these controllers and by default
178 * sends them asynchronous messages such as packet-ins.
179 *
180 * - "Service" connections, e.g. from ovs-ofctl. When these connections
181 * drop, it is the other side's responsibility to reconnect them if
182 * necessary. ofproto does not send them asynchronous messages by default.
183 *
184 * Currently, active (tcp, ssl, unix) connections are always "primary"
185 * connections and passive (ptcp, pssl, punix) connections are always "service"
186 * connections. There is no inherent reason for this, but it reflects the
187 * common case.
188 */
189 enum ofconn_type {
190 OFCONN_PRIMARY, /* An ordinary OpenFlow controller. */
191 OFCONN_SERVICE /* A service connection, e.g. "ovs-ofctl". */
192 };
193
194 /* A listener for incoming OpenFlow "service" connections. */
195 struct ofservice {
196 struct hmap_node node; /* In struct ofproto's "services" hmap. */
197 struct pvconn *pvconn; /* OpenFlow connection listener. */
198
199 /* These are not used by ofservice directly. They are settings for
200 * accepted "struct ofconn"s from the pvconn. */
201 int probe_interval; /* Max idle time before probing, in seconds. */
202 int rate_limit; /* Max packet-in rate in packets per second. */
203 int burst_limit; /* Limit on accumulating packet credits. */
204 };
205
206 static struct ofservice *ofservice_lookup(struct ofproto *,
207 const char *target);
208 static int ofservice_create(struct ofproto *,
209 const struct ofproto_controller *);
210 static void ofservice_reconfigure(struct ofservice *,
211 const struct ofproto_controller *);
212 static void ofservice_destroy(struct ofproto *, struct ofservice *);
213
214 /* An OpenFlow connection. */
215 struct ofconn {
216 struct ofproto *ofproto; /* The ofproto that owns this connection. */
217 struct list node; /* In struct ofproto's "all_conns" list. */
218 struct rconn *rconn; /* OpenFlow connection. */
219 enum ofconn_type type; /* Type. */
220
221 /* OFPT_PACKET_IN related data. */
222 struct rconn_packet_counter *packet_in_counter; /* # queued on 'rconn'. */
223 struct pinsched *schedulers[2]; /* Indexed by reason code; see below. */
224 struct pktbuf *pktbuf; /* OpenFlow packet buffers. */
225 int miss_send_len; /* Bytes to send of buffered packets. */
226
227 /* Number of OpenFlow messages queued on 'rconn' as replies to OpenFlow
228 * requests, and the maximum number before we stop reading OpenFlow
229 * requests. */
230 #define OFCONN_REPLY_MAX 100
231 struct rconn_packet_counter *reply_counter;
232
233 /* type == OFCONN_PRIMARY only. */
234 enum nx_role role; /* Role. */
235 struct hmap_node hmap_node; /* In struct ofproto's "controllers" map. */
236 struct discovery *discovery; /* Controller discovery object, if enabled. */
237 struct status_category *ss; /* Switch status category. */
238 enum ofproto_band band; /* In-band or out-of-band? */
239 };
240
241 /* We use OFPR_NO_MATCH and OFPR_ACTION as indexes into struct ofconn's
242 * "schedulers" array. Their values are 0 and 1, and their meanings and values
243 * coincide with _ODPL_MISS_NR and _ODPL_ACTION_NR, so this is convenient. In
244 * case anything ever changes, check their values here. */
245 #define N_SCHEDULERS 2
246 BUILD_ASSERT_DECL(OFPR_NO_MATCH == 0);
247 BUILD_ASSERT_DECL(OFPR_NO_MATCH == _ODPL_MISS_NR);
248 BUILD_ASSERT_DECL(OFPR_ACTION == 1);
249 BUILD_ASSERT_DECL(OFPR_ACTION == _ODPL_ACTION_NR);
250
251 static struct ofconn *ofconn_create(struct ofproto *, struct rconn *,
252 enum ofconn_type);
253 static void ofconn_destroy(struct ofconn *);
254 static void ofconn_run(struct ofconn *, struct ofproto *);
255 static void ofconn_wait(struct ofconn *);
256 static bool ofconn_receives_async_msgs(const struct ofconn *);
257 static char *ofconn_make_name(const struct ofproto *, const char *target);
258 static void ofconn_set_rate_limit(struct ofconn *, int rate, int burst);
259
260 static void queue_tx(struct ofpbuf *msg, const struct ofconn *ofconn,
261 struct rconn_packet_counter *counter);
262
263 static void send_packet_in(struct ofproto *, struct ofpbuf *odp_msg);
264 static void do_send_packet_in(struct ofpbuf *odp_msg, void *ofconn);
265
266 struct ofproto {
267 /* Settings. */
268 uint64_t datapath_id; /* Datapath ID. */
269 uint64_t fallback_dpid; /* Datapath ID if no better choice found. */
270 char *mfr_desc; /* Manufacturer. */
271 char *hw_desc; /* Hardware. */
272 char *sw_desc; /* Software version. */
273 char *serial_desc; /* Serial number. */
274 char *dp_desc; /* Datapath description. */
275
276 /* Datapath. */
277 struct dpif *dpif;
278 struct netdev_monitor *netdev_monitor;
279 struct hmap ports; /* Contains "struct ofport"s. */
280 struct shash port_by_name;
281 uint32_t max_ports;
282
283 /* Configuration. */
284 struct switch_status *switch_status;
285 struct fail_open *fail_open;
286 struct netflow *netflow;
287 struct ofproto_sflow *sflow;
288
289 /* In-band control. */
290 struct in_band *in_band;
291 long long int next_in_band_update;
292 struct sockaddr_in *extra_in_band_remotes;
293 size_t n_extra_remotes;
294
295 /* Flow table. */
296 struct classifier cls;
297 bool need_revalidate;
298 long long int next_expiration;
299 struct tag_set revalidate_set;
300 bool tun_id_from_cookie;
301
302 /* OpenFlow connections. */
303 struct hmap controllers; /* Controller "struct ofconn"s. */
304 struct list all_conns; /* Contains "struct ofconn"s. */
305 enum ofproto_fail_mode fail_mode;
306
307 /* OpenFlow listeners. */
308 struct hmap services; /* Contains "struct ofservice"s. */
309 struct pvconn **snoops;
310 size_t n_snoops;
311
312 /* Hooks for ovs-vswitchd. */
313 const struct ofhooks *ofhooks;
314 void *aux;
315
316 /* Used by default ofhooks. */
317 struct mac_learning *ml;
318 };
319
320 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
321
322 static const struct ofhooks default_ofhooks;
323
324 static uint64_t pick_datapath_id(const struct ofproto *);
325 static uint64_t pick_fallback_dpid(void);
326
327 static int ofproto_expire(struct ofproto *);
328
329 static void update_stats(struct ofproto *, struct rule *,
330 const struct odp_flow_stats *);
331 static bool revalidate_rule(struct ofproto *p, struct rule *rule);
332 static void revalidate_cb(struct cls_rule *rule_, void *p_);
333
334 static void handle_odp_msg(struct ofproto *, struct ofpbuf *);
335
336 static void handle_openflow(struct ofconn *, struct ofproto *,
337 struct ofpbuf *);
338
339 static struct ofport *get_port(const struct ofproto *, uint16_t odp_port);
340 static void update_port(struct ofproto *, const char *devname);
341 static int init_ports(struct ofproto *);
342 static void reinit_ports(struct ofproto *);
343
344 int
345 ofproto_create(const char *datapath, const char *datapath_type,
346 const struct ofhooks *ofhooks, void *aux,
347 struct ofproto **ofprotop)
348 {
349 struct odp_stats stats;
350 struct ofproto *p;
351 struct dpif *dpif;
352 int error;
353
354 *ofprotop = NULL;
355
356 /* Connect to datapath and start listening for messages. */
357 error = dpif_open(datapath, datapath_type, &dpif);
358 if (error) {
359 VLOG_ERR("failed to open datapath %s: %s", datapath, strerror(error));
360 return error;
361 }
362 error = dpif_get_dp_stats(dpif, &stats);
363 if (error) {
364 VLOG_ERR("failed to obtain stats for datapath %s: %s",
365 datapath, strerror(error));
366 dpif_close(dpif);
367 return error;
368 }
369 error = dpif_recv_set_mask(dpif, ODPL_MISS | ODPL_ACTION | ODPL_SFLOW);
370 if (error) {
371 VLOG_ERR("failed to listen on datapath %s: %s",
372 datapath, strerror(error));
373 dpif_close(dpif);
374 return error;
375 }
376 dpif_flow_flush(dpif);
377 dpif_recv_purge(dpif);
378
379 /* Initialize settings. */
380 p = xzalloc(sizeof *p);
381 p->fallback_dpid = pick_fallback_dpid();
382 p->datapath_id = p->fallback_dpid;
383 p->mfr_desc = xstrdup(DEFAULT_MFR_DESC);
384 p->hw_desc = xstrdup(DEFAULT_HW_DESC);
385 p->sw_desc = xstrdup(DEFAULT_SW_DESC);
386 p->serial_desc = xstrdup(DEFAULT_SERIAL_DESC);
387 p->dp_desc = xstrdup(DEFAULT_DP_DESC);
388
389 /* Initialize datapath. */
390 p->dpif = dpif;
391 p->netdev_monitor = netdev_monitor_create();
392 hmap_init(&p->ports);
393 shash_init(&p->port_by_name);
394 p->max_ports = stats.max_ports;
395
396 /* Initialize submodules. */
397 p->switch_status = switch_status_create(p);
398 p->in_band = NULL;
399 p->fail_open = NULL;
400 p->netflow = NULL;
401 p->sflow = NULL;
402
403 /* Initialize flow table. */
404 classifier_init(&p->cls);
405 p->need_revalidate = false;
406 p->next_expiration = time_msec() + 1000;
407 tag_set_init(&p->revalidate_set);
408
409 /* Initialize OpenFlow connections. */
410 list_init(&p->all_conns);
411 hmap_init(&p->controllers);
412 hmap_init(&p->services);
413 p->snoops = NULL;
414 p->n_snoops = 0;
415
416 /* Initialize hooks. */
417 if (ofhooks) {
418 p->ofhooks = ofhooks;
419 p->aux = aux;
420 p->ml = NULL;
421 } else {
422 p->ofhooks = &default_ofhooks;
423 p->aux = p;
424 p->ml = mac_learning_create();
425 }
426
427 /* Pick final datapath ID. */
428 p->datapath_id = pick_datapath_id(p);
429 VLOG_INFO("using datapath ID %016"PRIx64, p->datapath_id);
430
431 *ofprotop = p;
432 return 0;
433 }
434
435 void
436 ofproto_set_datapath_id(struct ofproto *p, uint64_t datapath_id)
437 {
438 uint64_t old_dpid = p->datapath_id;
439 p->datapath_id = datapath_id ? datapath_id : pick_datapath_id(p);
440 if (p->datapath_id != old_dpid) {
441 VLOG_INFO("datapath ID changed to %016"PRIx64, p->datapath_id);
442
443 /* Force all active connections to reconnect, since there is no way to
444 * notify a controller that the datapath ID has changed. */
445 ofproto_reconnect_controllers(p);
446 }
447 }
448
449 static bool
450 is_discovery_controller(const struct ofproto_controller *c)
451 {
452 return !strcmp(c->target, "discover");
453 }
454
455 static bool
456 is_in_band_controller(const struct ofproto_controller *c)
457 {
458 return is_discovery_controller(c) || c->band == OFPROTO_IN_BAND;
459 }
460
461 /* Creates a new controller in 'ofproto'. Some of the settings are initially
462 * drawn from 'c', but update_controller() needs to be called later to finish
463 * the new ofconn's configuration. */
464 static void
465 add_controller(struct ofproto *ofproto, const struct ofproto_controller *c)
466 {
467 struct discovery *discovery;
468 struct ofconn *ofconn;
469
470 if (is_discovery_controller(c)) {
471 int error = discovery_create(c->accept_re, c->update_resolv_conf,
472 ofproto->dpif, ofproto->switch_status,
473 &discovery);
474 if (error) {
475 return;
476 }
477 } else {
478 discovery = NULL;
479 }
480
481 ofconn = ofconn_create(ofproto, rconn_create(5, 8), OFCONN_PRIMARY);
482 ofconn->pktbuf = pktbuf_create();
483 ofconn->miss_send_len = OFP_DEFAULT_MISS_SEND_LEN;
484 if (discovery) {
485 ofconn->discovery = discovery;
486 } else {
487 char *name = ofconn_make_name(ofproto, c->target);
488 rconn_connect(ofconn->rconn, c->target, name);
489 free(name);
490 }
491 hmap_insert(&ofproto->controllers, &ofconn->hmap_node,
492 hash_string(c->target, 0));
493 }
494
495 /* Reconfigures 'ofconn' to match 'c'. This function cannot update an ofconn's
496 * target or turn discovery on or off (these are done by creating new ofconns
497 * and deleting old ones), but it can update the rest of an ofconn's
498 * settings. */
499 static void
500 update_controller(struct ofconn *ofconn, const struct ofproto_controller *c)
501 {
502 int probe_interval;
503
504 ofconn->band = (is_in_band_controller(c)
505 ? OFPROTO_IN_BAND : OFPROTO_OUT_OF_BAND);
506
507 rconn_set_max_backoff(ofconn->rconn, c->max_backoff);
508
509 probe_interval = c->probe_interval ? MAX(c->probe_interval, 5) : 0;
510 rconn_set_probe_interval(ofconn->rconn, probe_interval);
511
512 if (ofconn->discovery) {
513 discovery_set_update_resolv_conf(ofconn->discovery,
514 c->update_resolv_conf);
515 discovery_set_accept_controller_re(ofconn->discovery, c->accept_re);
516 }
517
518 ofconn_set_rate_limit(ofconn, c->rate_limit, c->burst_limit);
519 }
520
521 static const char *
522 ofconn_get_target(const struct ofconn *ofconn)
523 {
524 return ofconn->discovery ? "discover" : rconn_get_target(ofconn->rconn);
525 }
526
527 static struct ofconn *
528 find_controller_by_target(struct ofproto *ofproto, const char *target)
529 {
530 struct ofconn *ofconn;
531
532 HMAP_FOR_EACH_WITH_HASH (ofconn, hmap_node,
533 hash_string(target, 0), &ofproto->controllers) {
534 if (!strcmp(ofconn_get_target(ofconn), target)) {
535 return ofconn;
536 }
537 }
538 return NULL;
539 }
540
541 static void
542 update_in_band_remotes(struct ofproto *ofproto)
543 {
544 const struct ofconn *ofconn;
545 struct sockaddr_in *addrs;
546 size_t max_addrs, n_addrs;
547 bool discovery;
548 size_t i;
549
550 /* Allocate enough memory for as many remotes as we could possibly have. */
551 max_addrs = ofproto->n_extra_remotes + hmap_count(&ofproto->controllers);
552 addrs = xmalloc(max_addrs * sizeof *addrs);
553 n_addrs = 0;
554
555 /* Add all the remotes. */
556 discovery = false;
557 HMAP_FOR_EACH (ofconn, hmap_node, &ofproto->controllers) {
558 struct sockaddr_in *sin = &addrs[n_addrs];
559
560 if (ofconn->band == OFPROTO_OUT_OF_BAND) {
561 continue;
562 }
563
564 sin->sin_addr.s_addr = rconn_get_remote_ip(ofconn->rconn);
565 if (sin->sin_addr.s_addr) {
566 sin->sin_port = rconn_get_remote_port(ofconn->rconn);
567 n_addrs++;
568 }
569 if (ofconn->discovery) {
570 discovery = true;
571 }
572 }
573 for (i = 0; i < ofproto->n_extra_remotes; i++) {
574 addrs[n_addrs++] = ofproto->extra_in_band_remotes[i];
575 }
576
577 /* Create or update or destroy in-band.
578 *
579 * Ordinarily we only enable in-band if there's at least one remote
580 * address, but discovery needs the in-band rules for DHCP to be installed
581 * even before we know any remote addresses. */
582 if (n_addrs || discovery) {
583 if (!ofproto->in_band) {
584 in_band_create(ofproto, ofproto->dpif, ofproto->switch_status,
585 &ofproto->in_band);
586 }
587 if (ofproto->in_band) {
588 in_band_set_remotes(ofproto->in_band, addrs, n_addrs);
589 }
590 ofproto->next_in_band_update = time_msec() + 1000;
591 } else {
592 in_band_destroy(ofproto->in_band);
593 ofproto->in_band = NULL;
594 }
595
596 /* Clean up. */
597 free(addrs);
598 }
599
600 static void
601 update_fail_open(struct ofproto *p)
602 {
603 struct ofconn *ofconn;
604
605 if (!hmap_is_empty(&p->controllers)
606 && p->fail_mode == OFPROTO_FAIL_STANDALONE) {
607 struct rconn **rconns;
608 size_t n;
609
610 if (!p->fail_open) {
611 p->fail_open = fail_open_create(p, p->switch_status);
612 }
613
614 n = 0;
615 rconns = xmalloc(hmap_count(&p->controllers) * sizeof *rconns);
616 HMAP_FOR_EACH (ofconn, hmap_node, &p->controllers) {
617 rconns[n++] = ofconn->rconn;
618 }
619
620 fail_open_set_controllers(p->fail_open, rconns, n);
621 /* p->fail_open takes ownership of 'rconns'. */
622 } else {
623 fail_open_destroy(p->fail_open);
624 p->fail_open = NULL;
625 }
626 }
627
628 void
629 ofproto_set_controllers(struct ofproto *p,
630 const struct ofproto_controller *controllers,
631 size_t n_controllers)
632 {
633 struct shash new_controllers;
634 struct ofconn *ofconn, *next_ofconn;
635 struct ofservice *ofservice, *next_ofservice;
636 bool ss_exists;
637 size_t i;
638
639 /* Create newly configured controllers and services.
640 * Create a name to ofproto_controller mapping in 'new_controllers'. */
641 shash_init(&new_controllers);
642 for (i = 0; i < n_controllers; i++) {
643 const struct ofproto_controller *c = &controllers[i];
644
645 if (!vconn_verify_name(c->target) || !strcmp(c->target, "discover")) {
646 if (!find_controller_by_target(p, c->target)) {
647 add_controller(p, c);
648 }
649 } else if (!pvconn_verify_name(c->target)) {
650 if (!ofservice_lookup(p, c->target) && ofservice_create(p, c)) {
651 continue;
652 }
653 } else {
654 VLOG_WARN_RL(&rl, "%s: unsupported controller \"%s\"",
655 dpif_name(p->dpif), c->target);
656 continue;
657 }
658
659 shash_add_once(&new_controllers, c->target, &controllers[i]);
660 }
661
662 /* Delete controllers that are no longer configured.
663 * Update configuration of all now-existing controllers. */
664 ss_exists = false;
665 HMAP_FOR_EACH_SAFE (ofconn, next_ofconn, hmap_node, &p->controllers) {
666 struct ofproto_controller *c;
667
668 c = shash_find_data(&new_controllers, ofconn_get_target(ofconn));
669 if (!c) {
670 ofconn_destroy(ofconn);
671 } else {
672 update_controller(ofconn, c);
673 if (ofconn->ss) {
674 ss_exists = true;
675 }
676 }
677 }
678
679 /* Delete services that are no longer configured.
680 * Update configuration of all now-existing services. */
681 HMAP_FOR_EACH_SAFE (ofservice, next_ofservice, node, &p->services) {
682 struct ofproto_controller *c;
683
684 c = shash_find_data(&new_controllers,
685 pvconn_get_name(ofservice->pvconn));
686 if (!c) {
687 ofservice_destroy(p, ofservice);
688 } else {
689 ofservice_reconfigure(ofservice, c);
690 }
691 }
692
693 shash_destroy(&new_controllers);
694
695 update_in_band_remotes(p);
696 update_fail_open(p);
697
698 if (!hmap_is_empty(&p->controllers) && !ss_exists) {
699 ofconn = CONTAINER_OF(hmap_first(&p->controllers),
700 struct ofconn, hmap_node);
701 ofconn->ss = switch_status_register(p->switch_status, "remote",
702 rconn_status_cb, ofconn->rconn);
703 }
704 }
705
706 void
707 ofproto_set_fail_mode(struct ofproto *p, enum ofproto_fail_mode fail_mode)
708 {
709 p->fail_mode = fail_mode;
710 update_fail_open(p);
711 }
712
713 /* Drops the connections between 'ofproto' and all of its controllers, forcing
714 * them to reconnect. */
715 void
716 ofproto_reconnect_controllers(struct ofproto *ofproto)
717 {
718 struct ofconn *ofconn;
719
720 LIST_FOR_EACH (ofconn, node, &ofproto->all_conns) {
721 rconn_reconnect(ofconn->rconn);
722 }
723 }
724
725 static bool
726 any_extras_changed(const struct ofproto *ofproto,
727 const struct sockaddr_in *extras, size_t n)
728 {
729 size_t i;
730
731 if (n != ofproto->n_extra_remotes) {
732 return true;
733 }
734
735 for (i = 0; i < n; i++) {
736 const struct sockaddr_in *old = &ofproto->extra_in_band_remotes[i];
737 const struct sockaddr_in *new = &extras[i];
738
739 if (old->sin_addr.s_addr != new->sin_addr.s_addr ||
740 old->sin_port != new->sin_port) {
741 return true;
742 }
743 }
744
745 return false;
746 }
747
748 /* Sets the 'n' TCP port addresses in 'extras' as ones to which 'ofproto''s
749 * in-band control should guarantee access, in the same way that in-band
750 * control guarantees access to OpenFlow controllers. */
751 void
752 ofproto_set_extra_in_band_remotes(struct ofproto *ofproto,
753 const struct sockaddr_in *extras, size_t n)
754 {
755 if (!any_extras_changed(ofproto, extras, n)) {
756 return;
757 }
758
759 free(ofproto->extra_in_band_remotes);
760 ofproto->n_extra_remotes = n;
761 ofproto->extra_in_band_remotes = xmemdup(extras, n * sizeof *extras);
762
763 update_in_band_remotes(ofproto);
764 }
765
766 void
767 ofproto_set_desc(struct ofproto *p,
768 const char *mfr_desc, const char *hw_desc,
769 const char *sw_desc, const char *serial_desc,
770 const char *dp_desc)
771 {
772 struct ofp_desc_stats *ods;
773
774 if (mfr_desc) {
775 if (strlen(mfr_desc) >= sizeof ods->mfr_desc) {
776 VLOG_WARN("truncating mfr_desc, must be less than %zu characters",
777 sizeof ods->mfr_desc);
778 }
779 free(p->mfr_desc);
780 p->mfr_desc = xstrdup(mfr_desc);
781 }
782 if (hw_desc) {
783 if (strlen(hw_desc) >= sizeof ods->hw_desc) {
784 VLOG_WARN("truncating hw_desc, must be less than %zu characters",
785 sizeof ods->hw_desc);
786 }
787 free(p->hw_desc);
788 p->hw_desc = xstrdup(hw_desc);
789 }
790 if (sw_desc) {
791 if (strlen(sw_desc) >= sizeof ods->sw_desc) {
792 VLOG_WARN("truncating sw_desc, must be less than %zu characters",
793 sizeof ods->sw_desc);
794 }
795 free(p->sw_desc);
796 p->sw_desc = xstrdup(sw_desc);
797 }
798 if (serial_desc) {
799 if (strlen(serial_desc) >= sizeof ods->serial_num) {
800 VLOG_WARN("truncating serial_desc, must be less than %zu "
801 "characters",
802 sizeof ods->serial_num);
803 }
804 free(p->serial_desc);
805 p->serial_desc = xstrdup(serial_desc);
806 }
807 if (dp_desc) {
808 if (strlen(dp_desc) >= sizeof ods->dp_desc) {
809 VLOG_WARN("truncating dp_desc, must be less than %zu characters",
810 sizeof ods->dp_desc);
811 }
812 free(p->dp_desc);
813 p->dp_desc = xstrdup(dp_desc);
814 }
815 }
816
817 static int
818 set_pvconns(struct pvconn ***pvconnsp, size_t *n_pvconnsp,
819 const struct svec *svec)
820 {
821 struct pvconn **pvconns = *pvconnsp;
822 size_t n_pvconns = *n_pvconnsp;
823 int retval = 0;
824 size_t i;
825
826 for (i = 0; i < n_pvconns; i++) {
827 pvconn_close(pvconns[i]);
828 }
829 free(pvconns);
830
831 pvconns = xmalloc(svec->n * sizeof *pvconns);
832 n_pvconns = 0;
833 for (i = 0; i < svec->n; i++) {
834 const char *name = svec->names[i];
835 struct pvconn *pvconn;
836 int error;
837
838 error = pvconn_open(name, &pvconn);
839 if (!error) {
840 pvconns[n_pvconns++] = pvconn;
841 } else {
842 VLOG_ERR("failed to listen on %s: %s", name, strerror(error));
843 if (!retval) {
844 retval = error;
845 }
846 }
847 }
848
849 *pvconnsp = pvconns;
850 *n_pvconnsp = n_pvconns;
851
852 return retval;
853 }
854
855 int
856 ofproto_set_snoops(struct ofproto *ofproto, const struct svec *snoops)
857 {
858 return set_pvconns(&ofproto->snoops, &ofproto->n_snoops, snoops);
859 }
860
861 int
862 ofproto_set_netflow(struct ofproto *ofproto,
863 const struct netflow_options *nf_options)
864 {
865 if (nf_options && nf_options->collectors.n) {
866 if (!ofproto->netflow) {
867 ofproto->netflow = netflow_create();
868 }
869 return netflow_set_options(ofproto->netflow, nf_options);
870 } else {
871 netflow_destroy(ofproto->netflow);
872 ofproto->netflow = NULL;
873 return 0;
874 }
875 }
876
877 void
878 ofproto_set_sflow(struct ofproto *ofproto,
879 const struct ofproto_sflow_options *oso)
880 {
881 struct ofproto_sflow *os = ofproto->sflow;
882 if (oso) {
883 if (!os) {
884 struct ofport *ofport;
885
886 os = ofproto->sflow = ofproto_sflow_create(ofproto->dpif);
887 HMAP_FOR_EACH (ofport, hmap_node, &ofproto->ports) {
888 ofproto_sflow_add_port(os, ofport->odp_port,
889 netdev_get_name(ofport->netdev));
890 }
891 }
892 ofproto_sflow_set_options(os, oso);
893 } else {
894 ofproto_sflow_destroy(os);
895 ofproto->sflow = NULL;
896 }
897 }
898
899 uint64_t
900 ofproto_get_datapath_id(const struct ofproto *ofproto)
901 {
902 return ofproto->datapath_id;
903 }
904
905 bool
906 ofproto_has_primary_controller(const struct ofproto *ofproto)
907 {
908 return !hmap_is_empty(&ofproto->controllers);
909 }
910
911 enum ofproto_fail_mode
912 ofproto_get_fail_mode(const struct ofproto *p)
913 {
914 return p->fail_mode;
915 }
916
917 void
918 ofproto_get_snoops(const struct ofproto *ofproto, struct svec *snoops)
919 {
920 size_t i;
921
922 for (i = 0; i < ofproto->n_snoops; i++) {
923 svec_add(snoops, pvconn_get_name(ofproto->snoops[i]));
924 }
925 }
926
927 void
928 ofproto_destroy(struct ofproto *p)
929 {
930 struct ofservice *ofservice, *next_ofservice;
931 struct ofconn *ofconn, *next_ofconn;
932 struct ofport *ofport, *next_ofport;
933 size_t i;
934
935 if (!p) {
936 return;
937 }
938
939 /* Destroy fail-open and in-band early, since they touch the classifier. */
940 fail_open_destroy(p->fail_open);
941 p->fail_open = NULL;
942
943 in_band_destroy(p->in_band);
944 p->in_band = NULL;
945 free(p->extra_in_band_remotes);
946
947 ofproto_flush_flows(p);
948 classifier_destroy(&p->cls);
949
950 LIST_FOR_EACH_SAFE (ofconn, next_ofconn, node, &p->all_conns) {
951 ofconn_destroy(ofconn);
952 }
953 hmap_destroy(&p->controllers);
954
955 dpif_close(p->dpif);
956 netdev_monitor_destroy(p->netdev_monitor);
957 HMAP_FOR_EACH_SAFE (ofport, next_ofport, hmap_node, &p->ports) {
958 hmap_remove(&p->ports, &ofport->hmap_node);
959 ofport_free(ofport);
960 }
961 shash_destroy(&p->port_by_name);
962
963 switch_status_destroy(p->switch_status);
964 netflow_destroy(p->netflow);
965 ofproto_sflow_destroy(p->sflow);
966
967 HMAP_FOR_EACH_SAFE (ofservice, next_ofservice, node, &p->services) {
968 ofservice_destroy(p, ofservice);
969 }
970 hmap_destroy(&p->services);
971
972 for (i = 0; i < p->n_snoops; i++) {
973 pvconn_close(p->snoops[i]);
974 }
975 free(p->snoops);
976
977 mac_learning_destroy(p->ml);
978
979 free(p->mfr_desc);
980 free(p->hw_desc);
981 free(p->sw_desc);
982 free(p->serial_desc);
983 free(p->dp_desc);
984
985 hmap_destroy(&p->ports);
986
987 free(p);
988 }
989
990 int
991 ofproto_run(struct ofproto *p)
992 {
993 int error = ofproto_run1(p);
994 if (!error) {
995 error = ofproto_run2(p, false);
996 }
997 return error;
998 }
999
1000 static void
1001 process_port_change(struct ofproto *ofproto, int error, char *devname)
1002 {
1003 if (error == ENOBUFS) {
1004 reinit_ports(ofproto);
1005 } else if (!error) {
1006 update_port(ofproto, devname);
1007 free(devname);
1008 }
1009 }
1010
1011 /* Returns a "preference level" for snooping 'ofconn'. A higher return value
1012 * means that 'ofconn' is more interesting for monitoring than a lower return
1013 * value. */
1014 static int
1015 snoop_preference(const struct ofconn *ofconn)
1016 {
1017 switch (ofconn->role) {
1018 case NX_ROLE_MASTER:
1019 return 3;
1020 case NX_ROLE_OTHER:
1021 return 2;
1022 case NX_ROLE_SLAVE:
1023 return 1;
1024 default:
1025 /* Shouldn't happen. */
1026 return 0;
1027 }
1028 }
1029
1030 /* One of ofproto's "snoop" pvconns has accepted a new connection on 'vconn'.
1031 * Connects this vconn to a controller. */
1032 static void
1033 add_snooper(struct ofproto *ofproto, struct vconn *vconn)
1034 {
1035 struct ofconn *ofconn, *best;
1036
1037 /* Pick a controller for monitoring. */
1038 best = NULL;
1039 LIST_FOR_EACH (ofconn, node, &ofproto->all_conns) {
1040 if (ofconn->type == OFCONN_PRIMARY
1041 && (!best || snoop_preference(ofconn) > snoop_preference(best))) {
1042 best = ofconn;
1043 }
1044 }
1045
1046 if (best) {
1047 rconn_add_monitor(best->rconn, vconn);
1048 } else {
1049 VLOG_INFO_RL(&rl, "no controller connection to snoop");
1050 vconn_close(vconn);
1051 }
1052 }
1053
1054 int
1055 ofproto_run1(struct ofproto *p)
1056 {
1057 struct ofconn *ofconn, *next_ofconn;
1058 struct ofservice *ofservice;
1059 char *devname;
1060 int error;
1061 int i;
1062
1063 if (shash_is_empty(&p->port_by_name)) {
1064 init_ports(p);
1065 }
1066
1067 for (i = 0; i < 50; i++) {
1068 struct ofpbuf *buf;
1069
1070 error = dpif_recv(p->dpif, &buf);
1071 if (error) {
1072 if (error == ENODEV) {
1073 /* Someone destroyed the datapath behind our back. The caller
1074 * better destroy us and give up, because we're just going to
1075 * spin from here on out. */
1076 static struct vlog_rate_limit rl2 = VLOG_RATE_LIMIT_INIT(1, 5);
1077 VLOG_ERR_RL(&rl2, "%s: datapath was destroyed externally",
1078 dpif_name(p->dpif));
1079 return ENODEV;
1080 }
1081 break;
1082 }
1083
1084 handle_odp_msg(p, buf);
1085 }
1086
1087 while ((error = dpif_port_poll(p->dpif, &devname)) != EAGAIN) {
1088 process_port_change(p, error, devname);
1089 }
1090 while ((error = netdev_monitor_poll(p->netdev_monitor,
1091 &devname)) != EAGAIN) {
1092 process_port_change(p, error, devname);
1093 }
1094
1095 if (p->in_band) {
1096 if (time_msec() >= p->next_in_band_update) {
1097 update_in_band_remotes(p);
1098 }
1099 in_band_run(p->in_band);
1100 }
1101
1102 LIST_FOR_EACH_SAFE (ofconn, next_ofconn, node, &p->all_conns) {
1103 ofconn_run(ofconn, p);
1104 }
1105
1106 /* Fail-open maintenance. Do this after processing the ofconns since
1107 * fail-open checks the status of the controller rconn. */
1108 if (p->fail_open) {
1109 fail_open_run(p->fail_open);
1110 }
1111
1112 HMAP_FOR_EACH (ofservice, node, &p->services) {
1113 struct vconn *vconn;
1114 int retval;
1115
1116 retval = pvconn_accept(ofservice->pvconn, OFP_VERSION, &vconn);
1117 if (!retval) {
1118 struct rconn *rconn;
1119 char *name;
1120
1121 rconn = rconn_create(ofservice->probe_interval, 0);
1122 name = ofconn_make_name(p, vconn_get_name(vconn));
1123 rconn_connect_unreliably(rconn, vconn, name);
1124 free(name);
1125
1126 ofconn = ofconn_create(p, rconn, OFCONN_SERVICE);
1127 ofconn_set_rate_limit(ofconn, ofservice->rate_limit,
1128 ofservice->burst_limit);
1129 } else if (retval != EAGAIN) {
1130 VLOG_WARN_RL(&rl, "accept failed (%s)", strerror(retval));
1131 }
1132 }
1133
1134 for (i = 0; i < p->n_snoops; i++) {
1135 struct vconn *vconn;
1136 int retval;
1137
1138 retval = pvconn_accept(p->snoops[i], OFP_VERSION, &vconn);
1139 if (!retval) {
1140 add_snooper(p, vconn);
1141 } else if (retval != EAGAIN) {
1142 VLOG_WARN_RL(&rl, "accept failed (%s)", strerror(retval));
1143 }
1144 }
1145
1146 if (time_msec() >= p->next_expiration) {
1147 int delay = ofproto_expire(p);
1148 p->next_expiration = time_msec() + delay;
1149 COVERAGE_INC(ofproto_expiration);
1150 }
1151
1152 if (p->netflow) {
1153 netflow_run(p->netflow);
1154 }
1155 if (p->sflow) {
1156 ofproto_sflow_run(p->sflow);
1157 }
1158
1159 return 0;
1160 }
1161
1162 struct revalidate_cbdata {
1163 struct ofproto *ofproto;
1164 bool revalidate_all; /* Revalidate all exact-match rules? */
1165 bool revalidate_subrules; /* Revalidate all exact-match subrules? */
1166 struct tag_set revalidate_set; /* Set of tags to revalidate. */
1167 };
1168
1169 int
1170 ofproto_run2(struct ofproto *p, bool revalidate_all)
1171 {
1172 if (p->need_revalidate || revalidate_all
1173 || !tag_set_is_empty(&p->revalidate_set)) {
1174 struct revalidate_cbdata cbdata;
1175 cbdata.ofproto = p;
1176 cbdata.revalidate_all = revalidate_all;
1177 cbdata.revalidate_subrules = p->need_revalidate;
1178 cbdata.revalidate_set = p->revalidate_set;
1179 tag_set_init(&p->revalidate_set);
1180 COVERAGE_INC(ofproto_revalidate);
1181 classifier_for_each(&p->cls, CLS_INC_EXACT, revalidate_cb, &cbdata);
1182 p->need_revalidate = false;
1183 }
1184
1185 return 0;
1186 }
1187
1188 void
1189 ofproto_wait(struct ofproto *p)
1190 {
1191 struct ofservice *ofservice;
1192 struct ofconn *ofconn;
1193 size_t i;
1194
1195 dpif_recv_wait(p->dpif);
1196 dpif_port_poll_wait(p->dpif);
1197 netdev_monitor_poll_wait(p->netdev_monitor);
1198 LIST_FOR_EACH (ofconn, node, &p->all_conns) {
1199 ofconn_wait(ofconn);
1200 }
1201 if (p->in_band) {
1202 poll_timer_wait_until(p->next_in_band_update);
1203 in_band_wait(p->in_band);
1204 }
1205 if (p->fail_open) {
1206 fail_open_wait(p->fail_open);
1207 }
1208 if (p->sflow) {
1209 ofproto_sflow_wait(p->sflow);
1210 }
1211 if (!tag_set_is_empty(&p->revalidate_set)) {
1212 poll_immediate_wake();
1213 }
1214 if (p->need_revalidate) {
1215 /* Shouldn't happen, but if it does just go around again. */
1216 VLOG_DBG_RL(&rl, "need revalidate in ofproto_wait_cb()");
1217 poll_immediate_wake();
1218 } else if (p->next_expiration != LLONG_MAX) {
1219 poll_timer_wait_until(p->next_expiration);
1220 }
1221 HMAP_FOR_EACH (ofservice, node, &p->services) {
1222 pvconn_wait(ofservice->pvconn);
1223 }
1224 for (i = 0; i < p->n_snoops; i++) {
1225 pvconn_wait(p->snoops[i]);
1226 }
1227 }
1228
1229 void
1230 ofproto_revalidate(struct ofproto *ofproto, tag_type tag)
1231 {
1232 tag_set_add(&ofproto->revalidate_set, tag);
1233 }
1234
1235 struct tag_set *
1236 ofproto_get_revalidate_set(struct ofproto *ofproto)
1237 {
1238 return &ofproto->revalidate_set;
1239 }
1240
1241 bool
1242 ofproto_is_alive(const struct ofproto *p)
1243 {
1244 return !hmap_is_empty(&p->controllers);
1245 }
1246
1247 /* Deletes port number 'odp_port' from the datapath for 'ofproto'.
1248 *
1249 * This is almost the same as calling dpif_port_del() directly on the
1250 * datapath, but it also makes 'ofproto' close its open netdev for the port
1251 * (if any). This makes it possible to create a new netdev of a different
1252 * type under the same name, which otherwise the netdev library would refuse
1253 * to do because of the conflict. (The netdev would eventually get closed on
1254 * the next trip through ofproto_run(), but this interface is more direct.)
1255 *
1256 * Returns 0 if successful, otherwise a positive errno. */
1257 int
1258 ofproto_port_del(struct ofproto *ofproto, uint16_t odp_port)
1259 {
1260 struct ofport *ofport = get_port(ofproto, odp_port);
1261 const char *name = ofport ? (char *) ofport->opp.name : "<unknown>";
1262 int error;
1263
1264 error = dpif_port_del(ofproto->dpif, odp_port);
1265 if (error) {
1266 VLOG_ERR("%s: failed to remove port %"PRIu16" (%s) interface (%s)",
1267 dpif_name(ofproto->dpif), odp_port, name, strerror(error));
1268 } else if (ofport) {
1269 /* 'name' is ofport->opp.name and update_port() is going to destroy
1270 * 'ofport'. Just in case update_port() refers to 'name' after it
1271 * destroys 'ofport', make a copy of it around the update_port()
1272 * call. */
1273 char *devname = xstrdup(name);
1274 update_port(ofproto, devname);
1275 free(devname);
1276 }
1277 return error;
1278 }
1279
1280 /* Checks if 'ofproto' thinks 'odp_port' should be included in floods. Returns
1281 * true if 'odp_port' exists and should be included, false otherwise. */
1282 bool
1283 ofproto_port_is_floodable(struct ofproto *ofproto, uint16_t odp_port)
1284 {
1285 struct ofport *ofport = get_port(ofproto, odp_port);
1286 return ofport && !(ofport->opp.config & OFPPC_NO_FLOOD);
1287 }
1288
1289 int
1290 ofproto_send_packet(struct ofproto *p, const struct flow *flow,
1291 const union ofp_action *actions, size_t n_actions,
1292 const struct ofpbuf *packet)
1293 {
1294 struct odp_actions odp_actions;
1295 int error;
1296
1297 error = xlate_actions(actions, n_actions, flow, p, packet, &odp_actions,
1298 NULL, NULL, NULL);
1299 if (error) {
1300 return error;
1301 }
1302
1303 /* XXX Should we translate the dpif_execute() errno value into an OpenFlow
1304 * error code? */
1305 dpif_execute(p->dpif, odp_actions.actions, odp_actions.n_actions, packet);
1306 return 0;
1307 }
1308
1309 void
1310 ofproto_add_flow(struct ofproto *p, const struct flow *flow,
1311 uint32_t wildcards, unsigned int priority,
1312 const union ofp_action *actions, size_t n_actions,
1313 int idle_timeout)
1314 {
1315 struct rule *rule;
1316 rule = rule_create(p, NULL, actions, n_actions,
1317 idle_timeout >= 0 ? idle_timeout : 5 /* XXX */,
1318 0, 0, false);
1319 cls_rule_from_flow(flow, wildcards, priority, &rule->cr);
1320 rule_insert(p, rule, NULL, 0);
1321 }
1322
1323 void
1324 ofproto_delete_flow(struct ofproto *ofproto, const struct flow *flow,
1325 uint32_t wildcards, unsigned int priority)
1326 {
1327 struct rule *rule;
1328
1329 rule = rule_from_cls_rule(classifier_find_rule_exactly(&ofproto->cls,
1330 flow, wildcards,
1331 priority));
1332 if (rule) {
1333 rule_remove(ofproto, rule);
1334 }
1335 }
1336
1337 static void
1338 destroy_rule(struct cls_rule *rule_, void *ofproto_)
1339 {
1340 struct rule *rule = rule_from_cls_rule(rule_);
1341 struct ofproto *ofproto = ofproto_;
1342
1343 /* Mark the flow as not installed, even though it might really be
1344 * installed, so that rule_remove() doesn't bother trying to uninstall it.
1345 * There is no point in uninstalling it individually since we are about to
1346 * blow away all the flows with dpif_flow_flush(). */
1347 rule->installed = false;
1348
1349 rule_remove(ofproto, rule);
1350 }
1351
1352 void
1353 ofproto_flush_flows(struct ofproto *ofproto)
1354 {
1355 COVERAGE_INC(ofproto_flush);
1356 classifier_for_each(&ofproto->cls, CLS_INC_ALL, destroy_rule, ofproto);
1357 dpif_flow_flush(ofproto->dpif);
1358 if (ofproto->in_band) {
1359 in_band_flushed(ofproto->in_band);
1360 }
1361 if (ofproto->fail_open) {
1362 fail_open_flushed(ofproto->fail_open);
1363 }
1364 }
1365 \f
1366 static void
1367 reinit_ports(struct ofproto *p)
1368 {
1369 struct svec devnames;
1370 struct ofport *ofport;
1371 struct odp_port *odp_ports;
1372 size_t n_odp_ports;
1373 size_t i;
1374
1375 svec_init(&devnames);
1376 HMAP_FOR_EACH (ofport, hmap_node, &p->ports) {
1377 svec_add (&devnames, (char *) ofport->opp.name);
1378 }
1379 dpif_port_list(p->dpif, &odp_ports, &n_odp_ports);
1380 for (i = 0; i < n_odp_ports; i++) {
1381 svec_add (&devnames, odp_ports[i].devname);
1382 }
1383 free(odp_ports);
1384
1385 svec_sort_unique(&devnames);
1386 for (i = 0; i < devnames.n; i++) {
1387 update_port(p, devnames.names[i]);
1388 }
1389 svec_destroy(&devnames);
1390 }
1391
1392 static struct ofport *
1393 make_ofport(const struct odp_port *odp_port)
1394 {
1395 struct netdev_options netdev_options;
1396 enum netdev_flags flags;
1397 struct ofport *ofport;
1398 struct netdev *netdev;
1399 bool carrier;
1400 int error;
1401
1402 memset(&netdev_options, 0, sizeof netdev_options);
1403 netdev_options.name = odp_port->devname;
1404 netdev_options.ethertype = NETDEV_ETH_TYPE_NONE;
1405
1406 error = netdev_open(&netdev_options, &netdev);
1407 if (error) {
1408 VLOG_WARN_RL(&rl, "ignoring port %s (%"PRIu16") because netdev %s "
1409 "cannot be opened (%s)",
1410 odp_port->devname, odp_port->port,
1411 odp_port->devname, strerror(error));
1412 return NULL;
1413 }
1414
1415 ofport = xmalloc(sizeof *ofport);
1416 ofport->netdev = netdev;
1417 ofport->odp_port = odp_port->port;
1418 ofport->opp.port_no = odp_port_to_ofp_port(odp_port->port);
1419 netdev_get_etheraddr(netdev, ofport->opp.hw_addr);
1420 memcpy(ofport->opp.name, odp_port->devname,
1421 MIN(sizeof ofport->opp.name, sizeof odp_port->devname));
1422 ofport->opp.name[sizeof ofport->opp.name - 1] = '\0';
1423
1424 netdev_get_flags(netdev, &flags);
1425 ofport->opp.config = flags & NETDEV_UP ? 0 : OFPPC_PORT_DOWN;
1426
1427 netdev_get_carrier(netdev, &carrier);
1428 ofport->opp.state = carrier ? 0 : OFPPS_LINK_DOWN;
1429
1430 netdev_get_features(netdev,
1431 &ofport->opp.curr, &ofport->opp.advertised,
1432 &ofport->opp.supported, &ofport->opp.peer);
1433 return ofport;
1434 }
1435
1436 static bool
1437 ofport_conflicts(const struct ofproto *p, const struct odp_port *odp_port)
1438 {
1439 if (get_port(p, odp_port->port)) {
1440 VLOG_WARN_RL(&rl, "ignoring duplicate port %"PRIu16" in datapath",
1441 odp_port->port);
1442 return true;
1443 } else if (shash_find(&p->port_by_name, odp_port->devname)) {
1444 VLOG_WARN_RL(&rl, "ignoring duplicate device %s in datapath",
1445 odp_port->devname);
1446 return true;
1447 } else {
1448 return false;
1449 }
1450 }
1451
1452 static int
1453 ofport_equal(const struct ofport *a_, const struct ofport *b_)
1454 {
1455 const struct ofp_phy_port *a = &a_->opp;
1456 const struct ofp_phy_port *b = &b_->opp;
1457
1458 BUILD_ASSERT_DECL(sizeof *a == 48); /* Detect ofp_phy_port changes. */
1459 return (a->port_no == b->port_no
1460 && !memcmp(a->hw_addr, b->hw_addr, sizeof a->hw_addr)
1461 && !strcmp((char *) a->name, (char *) b->name)
1462 && a->state == b->state
1463 && a->config == b->config
1464 && a->curr == b->curr
1465 && a->advertised == b->advertised
1466 && a->supported == b->supported
1467 && a->peer == b->peer);
1468 }
1469
1470 static void
1471 send_port_status(struct ofproto *p, const struct ofport *ofport,
1472 uint8_t reason)
1473 {
1474 /* XXX Should limit the number of queued port status change messages. */
1475 struct ofconn *ofconn;
1476 LIST_FOR_EACH (ofconn, node, &p->all_conns) {
1477 struct ofp_port_status *ops;
1478 struct ofpbuf *b;
1479
1480 if (!ofconn_receives_async_msgs(ofconn)) {
1481 continue;
1482 }
1483
1484 ops = make_openflow_xid(sizeof *ops, OFPT_PORT_STATUS, 0, &b);
1485 ops->reason = reason;
1486 ops->desc = ofport->opp;
1487 hton_ofp_phy_port(&ops->desc);
1488 queue_tx(b, ofconn, NULL);
1489 }
1490 }
1491
1492 static void
1493 ofport_install(struct ofproto *p, struct ofport *ofport)
1494 {
1495 const char *netdev_name = (const char *) ofport->opp.name;
1496
1497 netdev_monitor_add(p->netdev_monitor, ofport->netdev);
1498 hmap_insert(&p->ports, &ofport->hmap_node, hash_int(ofport->odp_port, 0));
1499 shash_add(&p->port_by_name, netdev_name, ofport);
1500 if (p->sflow) {
1501 ofproto_sflow_add_port(p->sflow, ofport->odp_port, netdev_name);
1502 }
1503 }
1504
1505 static void
1506 ofport_remove(struct ofproto *p, struct ofport *ofport)
1507 {
1508 netdev_monitor_remove(p->netdev_monitor, ofport->netdev);
1509 hmap_remove(&p->ports, &ofport->hmap_node);
1510 shash_delete(&p->port_by_name,
1511 shash_find(&p->port_by_name, (char *) ofport->opp.name));
1512 if (p->sflow) {
1513 ofproto_sflow_del_port(p->sflow, ofport->odp_port);
1514 }
1515 }
1516
1517 static void
1518 ofport_free(struct ofport *ofport)
1519 {
1520 if (ofport) {
1521 netdev_close(ofport->netdev);
1522 free(ofport);
1523 }
1524 }
1525
1526 static struct ofport *
1527 get_port(const struct ofproto *ofproto, uint16_t odp_port)
1528 {
1529 struct ofport *port;
1530
1531 HMAP_FOR_EACH_IN_BUCKET (port, hmap_node,
1532 hash_int(odp_port, 0), &ofproto->ports) {
1533 if (port->odp_port == odp_port) {
1534 return port;
1535 }
1536 }
1537 return NULL;
1538 }
1539
1540 static void
1541 update_port(struct ofproto *p, const char *devname)
1542 {
1543 struct odp_port odp_port;
1544 struct ofport *old_ofport;
1545 struct ofport *new_ofport;
1546 int error;
1547
1548 COVERAGE_INC(ofproto_update_port);
1549
1550 /* Query the datapath for port information. */
1551 error = dpif_port_query_by_name(p->dpif, devname, &odp_port);
1552
1553 /* Find the old ofport. */
1554 old_ofport = shash_find_data(&p->port_by_name, devname);
1555 if (!error) {
1556 if (!old_ofport) {
1557 /* There's no port named 'devname' but there might be a port with
1558 * the same port number. This could happen if a port is deleted
1559 * and then a new one added in its place very quickly, or if a port
1560 * is renamed. In the former case we want to send an OFPPR_DELETE
1561 * and an OFPPR_ADD, and in the latter case we want to send a
1562 * single OFPPR_MODIFY. We can distinguish the cases by comparing
1563 * the old port's ifindex against the new port, or perhaps less
1564 * reliably but more portably by comparing the old port's MAC
1565 * against the new port's MAC. However, this code isn't that smart
1566 * and always sends an OFPPR_MODIFY (XXX). */
1567 old_ofport = get_port(p, odp_port.port);
1568 }
1569 } else if (error != ENOENT && error != ENODEV) {
1570 VLOG_WARN_RL(&rl, "dpif_port_query_by_name returned unexpected error "
1571 "%s", strerror(error));
1572 return;
1573 }
1574
1575 /* Create a new ofport. */
1576 new_ofport = !error ? make_ofport(&odp_port) : NULL;
1577
1578 /* Eliminate a few pathological cases. */
1579 if (!old_ofport && !new_ofport) {
1580 return;
1581 } else if (old_ofport && new_ofport) {
1582 /* Most of the 'config' bits are OpenFlow soft state, but
1583 * OFPPC_PORT_DOWN is maintained the kernel. So transfer the OpenFlow
1584 * bits from old_ofport. (make_ofport() only sets OFPPC_PORT_DOWN and
1585 * leaves the other bits 0.) */
1586 new_ofport->opp.config |= old_ofport->opp.config & ~OFPPC_PORT_DOWN;
1587
1588 if (ofport_equal(old_ofport, new_ofport)) {
1589 /* False alarm--no change. */
1590 ofport_free(new_ofport);
1591 return;
1592 }
1593 }
1594
1595 /* Now deal with the normal cases. */
1596 if (old_ofport) {
1597 ofport_remove(p, old_ofport);
1598 }
1599 if (new_ofport) {
1600 ofport_install(p, new_ofport);
1601 }
1602 send_port_status(p, new_ofport ? new_ofport : old_ofport,
1603 (!old_ofport ? OFPPR_ADD
1604 : !new_ofport ? OFPPR_DELETE
1605 : OFPPR_MODIFY));
1606 ofport_free(old_ofport);
1607 }
1608
1609 static int
1610 init_ports(struct ofproto *p)
1611 {
1612 struct odp_port *ports;
1613 size_t n_ports;
1614 size_t i;
1615 int error;
1616
1617 error = dpif_port_list(p->dpif, &ports, &n_ports);
1618 if (error) {
1619 return error;
1620 }
1621
1622 for (i = 0; i < n_ports; i++) {
1623 const struct odp_port *odp_port = &ports[i];
1624 if (!ofport_conflicts(p, odp_port)) {
1625 struct ofport *ofport = make_ofport(odp_port);
1626 if (ofport) {
1627 ofport_install(p, ofport);
1628 }
1629 }
1630 }
1631 free(ports);
1632 return 0;
1633 }
1634 \f
1635 static struct ofconn *
1636 ofconn_create(struct ofproto *p, struct rconn *rconn, enum ofconn_type type)
1637 {
1638 struct ofconn *ofconn = xzalloc(sizeof *ofconn);
1639 ofconn->ofproto = p;
1640 list_push_back(&p->all_conns, &ofconn->node);
1641 ofconn->rconn = rconn;
1642 ofconn->type = type;
1643 ofconn->role = NX_ROLE_OTHER;
1644 ofconn->packet_in_counter = rconn_packet_counter_create ();
1645 ofconn->pktbuf = NULL;
1646 ofconn->miss_send_len = 0;
1647 ofconn->reply_counter = rconn_packet_counter_create ();
1648 return ofconn;
1649 }
1650
1651 static void
1652 ofconn_destroy(struct ofconn *ofconn)
1653 {
1654 if (ofconn->type == OFCONN_PRIMARY) {
1655 hmap_remove(&ofconn->ofproto->controllers, &ofconn->hmap_node);
1656 }
1657 discovery_destroy(ofconn->discovery);
1658
1659 list_remove(&ofconn->node);
1660 switch_status_unregister(ofconn->ss);
1661 rconn_destroy(ofconn->rconn);
1662 rconn_packet_counter_destroy(ofconn->packet_in_counter);
1663 rconn_packet_counter_destroy(ofconn->reply_counter);
1664 pktbuf_destroy(ofconn->pktbuf);
1665 free(ofconn);
1666 }
1667
1668 static void
1669 ofconn_run(struct ofconn *ofconn, struct ofproto *p)
1670 {
1671 int iteration;
1672 size_t i;
1673
1674 if (ofconn->discovery) {
1675 char *controller_name;
1676 if (rconn_is_connectivity_questionable(ofconn->rconn)) {
1677 discovery_question_connectivity(ofconn->discovery);
1678 }
1679 if (discovery_run(ofconn->discovery, &controller_name)) {
1680 if (controller_name) {
1681 char *ofconn_name = ofconn_make_name(p, controller_name);
1682 rconn_connect(ofconn->rconn, controller_name, ofconn_name);
1683 free(ofconn_name);
1684 } else {
1685 rconn_disconnect(ofconn->rconn);
1686 }
1687 }
1688 }
1689
1690 for (i = 0; i < N_SCHEDULERS; i++) {
1691 pinsched_run(ofconn->schedulers[i], do_send_packet_in, ofconn);
1692 }
1693
1694 rconn_run(ofconn->rconn);
1695
1696 if (rconn_packet_counter_read (ofconn->reply_counter) < OFCONN_REPLY_MAX) {
1697 /* Limit the number of iterations to prevent other tasks from
1698 * starving. */
1699 for (iteration = 0; iteration < 50; iteration++) {
1700 struct ofpbuf *of_msg = rconn_recv(ofconn->rconn);
1701 if (!of_msg) {
1702 break;
1703 }
1704 if (p->fail_open) {
1705 fail_open_maybe_recover(p->fail_open);
1706 }
1707 handle_openflow(ofconn, p, of_msg);
1708 ofpbuf_delete(of_msg);
1709 }
1710 }
1711
1712 if (!ofconn->discovery && !rconn_is_alive(ofconn->rconn)) {
1713 ofconn_destroy(ofconn);
1714 }
1715 }
1716
1717 static void
1718 ofconn_wait(struct ofconn *ofconn)
1719 {
1720 int i;
1721
1722 if (ofconn->discovery) {
1723 discovery_wait(ofconn->discovery);
1724 }
1725 for (i = 0; i < N_SCHEDULERS; i++) {
1726 pinsched_wait(ofconn->schedulers[i]);
1727 }
1728 rconn_run_wait(ofconn->rconn);
1729 if (rconn_packet_counter_read (ofconn->reply_counter) < OFCONN_REPLY_MAX) {
1730 rconn_recv_wait(ofconn->rconn);
1731 } else {
1732 COVERAGE_INC(ofproto_ofconn_stuck);
1733 }
1734 }
1735
1736 /* Returns true if 'ofconn' should receive asynchronous messages. */
1737 static bool
1738 ofconn_receives_async_msgs(const struct ofconn *ofconn)
1739 {
1740 if (ofconn->type == OFCONN_PRIMARY) {
1741 /* Primary controllers always get asynchronous messages unless they
1742 * have configured themselves as "slaves". */
1743 return ofconn->role != NX_ROLE_SLAVE;
1744 } else {
1745 /* Service connections don't get asynchronous messages unless they have
1746 * explicitly asked for them by setting a nonzero miss send length. */
1747 return ofconn->miss_send_len > 0;
1748 }
1749 }
1750
1751 /* Returns a human-readable name for an OpenFlow connection between 'ofproto'
1752 * and 'target', suitable for use in log messages for identifying the
1753 * connection.
1754 *
1755 * The name is dynamically allocated. The caller should free it (with free())
1756 * when it is no longer needed. */
1757 static char *
1758 ofconn_make_name(const struct ofproto *ofproto, const char *target)
1759 {
1760 return xasprintf("%s<->%s", dpif_base_name(ofproto->dpif), target);
1761 }
1762
1763 static void
1764 ofconn_set_rate_limit(struct ofconn *ofconn, int rate, int burst)
1765 {
1766 int i;
1767
1768 for (i = 0; i < N_SCHEDULERS; i++) {
1769 struct pinsched **s = &ofconn->schedulers[i];
1770
1771 if (rate > 0) {
1772 if (!*s) {
1773 *s = pinsched_create(rate, burst,
1774 ofconn->ofproto->switch_status);
1775 } else {
1776 pinsched_set_limits(*s, rate, burst);
1777 }
1778 } else {
1779 pinsched_destroy(*s);
1780 *s = NULL;
1781 }
1782 }
1783 }
1784 \f
1785 static void
1786 ofservice_reconfigure(struct ofservice *ofservice,
1787 const struct ofproto_controller *c)
1788 {
1789 ofservice->probe_interval = c->probe_interval;
1790 ofservice->rate_limit = c->rate_limit;
1791 ofservice->burst_limit = c->burst_limit;
1792 }
1793
1794 /* Creates a new ofservice in 'ofproto'. Returns 0 if successful, otherwise a
1795 * positive errno value. */
1796 static int
1797 ofservice_create(struct ofproto *ofproto, const struct ofproto_controller *c)
1798 {
1799 struct ofservice *ofservice;
1800 struct pvconn *pvconn;
1801 int error;
1802
1803 error = pvconn_open(c->target, &pvconn);
1804 if (error) {
1805 return error;
1806 }
1807
1808 ofservice = xzalloc(sizeof *ofservice);
1809 hmap_insert(&ofproto->services, &ofservice->node,
1810 hash_string(c->target, 0));
1811 ofservice->pvconn = pvconn;
1812
1813 ofservice_reconfigure(ofservice, c);
1814
1815 return 0;
1816 }
1817
1818 static void
1819 ofservice_destroy(struct ofproto *ofproto, struct ofservice *ofservice)
1820 {
1821 hmap_remove(&ofproto->services, &ofservice->node);
1822 pvconn_close(ofservice->pvconn);
1823 free(ofservice);
1824 }
1825
1826 /* Finds and returns the ofservice within 'ofproto' that has the given
1827 * 'target', or a null pointer if none exists. */
1828 static struct ofservice *
1829 ofservice_lookup(struct ofproto *ofproto, const char *target)
1830 {
1831 struct ofservice *ofservice;
1832
1833 HMAP_FOR_EACH_WITH_HASH (ofservice, node, hash_string(target, 0),
1834 &ofproto->services) {
1835 if (!strcmp(pvconn_get_name(ofservice->pvconn), target)) {
1836 return ofservice;
1837 }
1838 }
1839 return NULL;
1840 }
1841 \f
1842 /* Caller is responsible for initializing the 'cr' member of the returned
1843 * rule. */
1844 static struct rule *
1845 rule_create(struct ofproto *ofproto, struct rule *super,
1846 const union ofp_action *actions, size_t n_actions,
1847 uint16_t idle_timeout, uint16_t hard_timeout,
1848 uint64_t flow_cookie, bool send_flow_removed)
1849 {
1850 struct rule *rule = xzalloc(sizeof *rule);
1851 rule->idle_timeout = idle_timeout;
1852 rule->hard_timeout = hard_timeout;
1853 rule->flow_cookie = flow_cookie;
1854 rule->used = rule->created = time_msec();
1855 rule->send_flow_removed = send_flow_removed;
1856 rule->super = super;
1857 if (super) {
1858 list_push_back(&super->list, &rule->list);
1859 } else {
1860 list_init(&rule->list);
1861 }
1862 if (n_actions > 0) {
1863 rule->n_actions = n_actions;
1864 rule->actions = xmemdup(actions, n_actions * sizeof *actions);
1865 }
1866 netflow_flow_clear(&rule->nf_flow);
1867 netflow_flow_update_time(ofproto->netflow, &rule->nf_flow, rule->created);
1868
1869 return rule;
1870 }
1871
1872 static struct rule *
1873 rule_from_cls_rule(const struct cls_rule *cls_rule)
1874 {
1875 return cls_rule ? CONTAINER_OF(cls_rule, struct rule, cr) : NULL;
1876 }
1877
1878 static void
1879 rule_free(struct rule *rule)
1880 {
1881 free(rule->actions);
1882 free(rule->odp_actions);
1883 free(rule);
1884 }
1885
1886 /* Destroys 'rule'. If 'rule' is a subrule, also removes it from its
1887 * super-rule's list of subrules. If 'rule' is a super-rule, also iterates
1888 * through all of its subrules and revalidates them, destroying any that no
1889 * longer has a super-rule (which is probably all of them).
1890 *
1891 * Before calling this function, the caller must make have removed 'rule' from
1892 * the classifier. If 'rule' is an exact-match rule, the caller is also
1893 * responsible for ensuring that it has been uninstalled from the datapath. */
1894 static void
1895 rule_destroy(struct ofproto *ofproto, struct rule *rule)
1896 {
1897 if (!rule->super) {
1898 struct rule *subrule, *next;
1899 LIST_FOR_EACH_SAFE (subrule, next, list, &rule->list) {
1900 revalidate_rule(ofproto, subrule);
1901 }
1902 } else {
1903 list_remove(&rule->list);
1904 }
1905 rule_free(rule);
1906 }
1907
1908 static bool
1909 rule_has_out_port(const struct rule *rule, uint16_t out_port)
1910 {
1911 const union ofp_action *oa;
1912 struct actions_iterator i;
1913
1914 if (out_port == htons(OFPP_NONE)) {
1915 return true;
1916 }
1917 for (oa = actions_first(&i, rule->actions, rule->n_actions); oa;
1918 oa = actions_next(&i)) {
1919 if (action_outputs_to_port(oa, out_port)) {
1920 return true;
1921 }
1922 }
1923 return false;
1924 }
1925
1926 /* Executes, within 'ofproto', the 'n_actions' actions in 'actions' on
1927 * 'packet', which arrived on 'in_port'.
1928 *
1929 * Takes ownership of 'packet'. */
1930 static bool
1931 execute_odp_actions(struct ofproto *ofproto, uint16_t in_port,
1932 const union odp_action *actions, size_t n_actions,
1933 struct ofpbuf *packet)
1934 {
1935 if (n_actions == 1 && actions[0].type == ODPAT_CONTROLLER) {
1936 /* As an optimization, avoid a round-trip from userspace to kernel to
1937 * userspace. This also avoids possibly filling up kernel packet
1938 * buffers along the way. */
1939 struct odp_msg *msg;
1940
1941 msg = ofpbuf_push_uninit(packet, sizeof *msg);
1942 msg->type = _ODPL_ACTION_NR;
1943 msg->length = sizeof(struct odp_msg) + packet->size;
1944 msg->port = in_port;
1945 msg->reserved = 0;
1946 msg->arg = actions[0].controller.arg;
1947
1948 send_packet_in(ofproto, packet);
1949
1950 return true;
1951 } else {
1952 int error;
1953
1954 error = dpif_execute(ofproto->dpif, actions, n_actions, packet);
1955 ofpbuf_delete(packet);
1956 return !error;
1957 }
1958 }
1959
1960 /* Executes the actions indicated by 'rule' on 'packet', which is in flow
1961 * 'flow' and is considered to have arrived on ODP port 'in_port'. 'packet'
1962 * must have at least sizeof(struct ofp_packet_in) bytes of headroom.
1963 *
1964 * The flow that 'packet' actually contains does not need to actually match
1965 * 'rule'; the actions in 'rule' will be applied to it either way. Likewise,
1966 * the packet and byte counters for 'rule' will be credited for the packet sent
1967 * out whether or not the packet actually matches 'rule'.
1968 *
1969 * If 'rule' is an exact-match rule and 'flow' actually equals the rule's flow,
1970 * the caller must already have accurately composed ODP actions for it given
1971 * 'packet' using rule_make_actions(). If 'rule' is a wildcard rule, or if
1972 * 'rule' is an exact-match rule but 'flow' is not the rule's flow, then this
1973 * function will compose a set of ODP actions based on 'rule''s OpenFlow
1974 * actions and apply them to 'packet'.
1975 *
1976 * Takes ownership of 'packet'. */
1977 static void
1978 rule_execute(struct ofproto *ofproto, struct rule *rule,
1979 struct ofpbuf *packet, const struct flow *flow)
1980 {
1981 const union odp_action *actions;
1982 struct odp_flow_stats stats;
1983 size_t n_actions;
1984 struct odp_actions a;
1985
1986 assert(ofpbuf_headroom(packet) >= sizeof(struct ofp_packet_in));
1987
1988 /* Grab or compose the ODP actions.
1989 *
1990 * The special case for an exact-match 'rule' where 'flow' is not the
1991 * rule's flow is important to avoid, e.g., sending a packet out its input
1992 * port simply because the ODP actions were composed for the wrong
1993 * scenario. */
1994 if (rule->cr.wc.wildcards || !flow_equal(flow, &rule->cr.flow)) {
1995 struct rule *super = rule->super ? rule->super : rule;
1996 if (xlate_actions(super->actions, super->n_actions, flow, ofproto,
1997 packet, &a, NULL, 0, NULL)) {
1998 ofpbuf_delete(packet);
1999 return;
2000 }
2001 actions = a.actions;
2002 n_actions = a.n_actions;
2003 } else {
2004 actions = rule->odp_actions;
2005 n_actions = rule->n_odp_actions;
2006 }
2007
2008 /* Execute the ODP actions. */
2009 flow_extract_stats(flow, packet, &stats);
2010 if (execute_odp_actions(ofproto, flow->in_port,
2011 actions, n_actions, packet)) {
2012 update_stats(ofproto, rule, &stats);
2013 rule->used = time_msec();
2014 netflow_flow_update_time(ofproto->netflow, &rule->nf_flow, rule->used);
2015 }
2016 }
2017
2018 /* Inserts 'rule' into 'p''s flow table.
2019 *
2020 * If 'packet' is nonnull, takes ownership of 'packet', executes 'rule''s
2021 * actions on it and credits the statistics for sending the packet to 'rule'.
2022 * 'packet' must have at least sizeof(struct ofp_packet_in) bytes of
2023 * headroom. */
2024 static void
2025 rule_insert(struct ofproto *p, struct rule *rule, struct ofpbuf *packet,
2026 uint16_t in_port)
2027 {
2028 struct rule *displaced_rule;
2029
2030 /* Insert the rule in the classifier. */
2031 displaced_rule = rule_from_cls_rule(classifier_insert(&p->cls, &rule->cr));
2032 if (!rule->cr.wc.wildcards) {
2033 rule_make_actions(p, rule, packet);
2034 }
2035
2036 /* Send the packet and credit it to the rule. */
2037 if (packet) {
2038 struct flow flow;
2039 flow_extract(packet, 0, in_port, &flow);
2040 rule_execute(p, rule, packet, &flow);
2041 }
2042
2043 /* Install the rule in the datapath only after sending the packet, to
2044 * avoid packet reordering. */
2045 if (rule->cr.wc.wildcards) {
2046 COVERAGE_INC(ofproto_add_wc_flow);
2047 p->need_revalidate = true;
2048 } else {
2049 rule_install(p, rule, displaced_rule);
2050 }
2051
2052 /* Free the rule that was displaced, if any. */
2053 if (displaced_rule) {
2054 rule_destroy(p, displaced_rule);
2055 }
2056 }
2057
2058 static struct rule *
2059 rule_create_subrule(struct ofproto *ofproto, struct rule *rule,
2060 const struct flow *flow)
2061 {
2062 struct rule *subrule = rule_create(ofproto, rule, NULL, 0,
2063 rule->idle_timeout, rule->hard_timeout,
2064 0, false);
2065 COVERAGE_INC(ofproto_subrule_create);
2066 cls_rule_from_flow(flow, 0, (rule->cr.priority <= UINT16_MAX ? UINT16_MAX
2067 : rule->cr.priority), &subrule->cr);
2068 classifier_insert_exact(&ofproto->cls, &subrule->cr);
2069
2070 return subrule;
2071 }
2072
2073 /* Remove 'rule' from 'ofproto' and free up the associated memory:
2074 *
2075 * - If 'rule' was installed in the datapath, uninstalls it and updates
2076 * 'rule''s statistics (or its super-rule's statistics, if it is a
2077 * subrule), via rule_uninstall().
2078 *
2079 * - Removes 'rule' from the classifier.
2080 *
2081 * - If 'rule' is a super-rule that has subrules, revalidates (and possibly
2082 * uninstalls and destroys) its subrules, via rule_destroy().
2083 */
2084 static void
2085 rule_remove(struct ofproto *ofproto, struct rule *rule)
2086 {
2087 if (rule->cr.wc.wildcards) {
2088 COVERAGE_INC(ofproto_del_wc_flow);
2089 ofproto->need_revalidate = true;
2090 } else {
2091 rule_uninstall(ofproto, rule);
2092 }
2093 classifier_remove(&ofproto->cls, &rule->cr);
2094 rule_destroy(ofproto, rule);
2095 }
2096
2097 /* Returns true if the actions changed, false otherwise. */
2098 static bool
2099 rule_make_actions(struct ofproto *p, struct rule *rule,
2100 const struct ofpbuf *packet)
2101 {
2102 const struct rule *super;
2103 struct odp_actions a;
2104 size_t actions_len;
2105
2106 assert(!rule->cr.wc.wildcards);
2107
2108 super = rule->super ? rule->super : rule;
2109 rule->tags = 0;
2110 xlate_actions(super->actions, super->n_actions, &rule->cr.flow, p,
2111 packet, &a, &rule->tags, &rule->may_install,
2112 &rule->nf_flow.output_iface);
2113
2114 actions_len = a.n_actions * sizeof *a.actions;
2115 if (rule->n_odp_actions != a.n_actions
2116 || memcmp(rule->odp_actions, a.actions, actions_len)) {
2117 COVERAGE_INC(ofproto_odp_unchanged);
2118 free(rule->odp_actions);
2119 rule->n_odp_actions = a.n_actions;
2120 rule->odp_actions = xmemdup(a.actions, actions_len);
2121 return true;
2122 } else {
2123 return false;
2124 }
2125 }
2126
2127 static int
2128 do_put_flow(struct ofproto *ofproto, struct rule *rule, int flags,
2129 struct odp_flow_put *put)
2130 {
2131 memset(&put->flow.stats, 0, sizeof put->flow.stats);
2132 odp_flow_key_from_flow(&put->flow.key, &rule->cr.flow);
2133 put->flow.actions = rule->odp_actions;
2134 put->flow.n_actions = rule->n_odp_actions;
2135 put->flow.flags = 0;
2136 put->flags = flags;
2137 return dpif_flow_put(ofproto->dpif, put);
2138 }
2139
2140 static void
2141 rule_install(struct ofproto *p, struct rule *rule, struct rule *displaced_rule)
2142 {
2143 assert(!rule->cr.wc.wildcards);
2144
2145 if (rule->may_install) {
2146 struct odp_flow_put put;
2147 if (!do_put_flow(p, rule,
2148 ODPPF_CREATE | ODPPF_MODIFY | ODPPF_ZERO_STATS,
2149 &put)) {
2150 rule->installed = true;
2151 if (displaced_rule) {
2152 update_stats(p, displaced_rule, &put.flow.stats);
2153 rule_post_uninstall(p, displaced_rule);
2154 }
2155 }
2156 } else if (displaced_rule) {
2157 rule_uninstall(p, displaced_rule);
2158 }
2159 }
2160
2161 static void
2162 rule_reinstall(struct ofproto *ofproto, struct rule *rule)
2163 {
2164 if (rule->installed) {
2165 struct odp_flow_put put;
2166 COVERAGE_INC(ofproto_dp_missed);
2167 do_put_flow(ofproto, rule, ODPPF_CREATE | ODPPF_MODIFY, &put);
2168 } else {
2169 rule_install(ofproto, rule, NULL);
2170 }
2171 }
2172
2173 static void
2174 rule_update_actions(struct ofproto *ofproto, struct rule *rule)
2175 {
2176 bool actions_changed;
2177 uint16_t new_out_iface, old_out_iface;
2178
2179 old_out_iface = rule->nf_flow.output_iface;
2180 actions_changed = rule_make_actions(ofproto, rule, NULL);
2181
2182 if (rule->may_install) {
2183 if (rule->installed) {
2184 if (actions_changed) {
2185 struct odp_flow_put put;
2186 do_put_flow(ofproto, rule, ODPPF_CREATE | ODPPF_MODIFY
2187 | ODPPF_ZERO_STATS, &put);
2188 update_stats(ofproto, rule, &put.flow.stats);
2189
2190 /* Temporarily set the old output iface so that NetFlow
2191 * messages have the correct output interface for the old
2192 * stats. */
2193 new_out_iface = rule->nf_flow.output_iface;
2194 rule->nf_flow.output_iface = old_out_iface;
2195 rule_post_uninstall(ofproto, rule);
2196 rule->nf_flow.output_iface = new_out_iface;
2197 }
2198 } else {
2199 rule_install(ofproto, rule, NULL);
2200 }
2201 } else {
2202 rule_uninstall(ofproto, rule);
2203 }
2204 }
2205
2206 static void
2207 rule_account(struct ofproto *ofproto, struct rule *rule, uint64_t extra_bytes)
2208 {
2209 uint64_t total_bytes = rule->byte_count + extra_bytes;
2210
2211 if (ofproto->ofhooks->account_flow_cb
2212 && total_bytes > rule->accounted_bytes)
2213 {
2214 ofproto->ofhooks->account_flow_cb(
2215 &rule->cr.flow, rule->tags, rule->odp_actions, rule->n_odp_actions,
2216 total_bytes - rule->accounted_bytes, ofproto->aux);
2217 rule->accounted_bytes = total_bytes;
2218 }
2219 }
2220
2221 /* 'rule' must be an exact-match rule in 'p'.
2222 *
2223 * If 'rule' is installed in the datapath, uninstalls it and updates's
2224 * statistics. If 'rule' is a subrule, the statistics that are updated are
2225 * actually its super-rule's statistics; otherwise 'rule''s own statistics are
2226 * updated.
2227 *
2228 * If 'rule' is not installed, this function has no effect. */
2229 static void
2230 rule_uninstall(struct ofproto *p, struct rule *rule)
2231 {
2232 assert(!rule->cr.wc.wildcards);
2233 if (rule->installed) {
2234 struct odp_flow odp_flow;
2235
2236 odp_flow_key_from_flow(&odp_flow.key, &rule->cr.flow);
2237 odp_flow.actions = NULL;
2238 odp_flow.n_actions = 0;
2239 odp_flow.flags = 0;
2240 if (!dpif_flow_del(p->dpif, &odp_flow)) {
2241 update_stats(p, rule, &odp_flow.stats);
2242 }
2243 rule->installed = false;
2244
2245 rule_post_uninstall(p, rule);
2246 }
2247 }
2248
2249 static bool
2250 is_controller_rule(struct rule *rule)
2251 {
2252 /* If the only action is send to the controller then don't report
2253 * NetFlow expiration messages since it is just part of the control
2254 * logic for the network and not real traffic. */
2255
2256 return (rule
2257 && rule->super
2258 && rule->super->n_actions == 1
2259 && action_outputs_to_port(&rule->super->actions[0],
2260 htons(OFPP_CONTROLLER)));
2261 }
2262
2263 static void
2264 rule_post_uninstall(struct ofproto *ofproto, struct rule *rule)
2265 {
2266 struct rule *super = rule->super;
2267
2268 rule_account(ofproto, rule, 0);
2269
2270 if (ofproto->netflow && !is_controller_rule(rule)) {
2271 struct ofexpired expired;
2272 expired.flow = rule->cr.flow;
2273 expired.packet_count = rule->packet_count;
2274 expired.byte_count = rule->byte_count;
2275 expired.used = rule->used;
2276 netflow_expire(ofproto->netflow, &rule->nf_flow, &expired);
2277 }
2278 if (super) {
2279 super->packet_count += rule->packet_count;
2280 super->byte_count += rule->byte_count;
2281
2282 /* Reset counters to prevent double counting if the rule ever gets
2283 * reinstalled. */
2284 rule->packet_count = 0;
2285 rule->byte_count = 0;
2286 rule->accounted_bytes = 0;
2287
2288 netflow_flow_clear(&rule->nf_flow);
2289 }
2290 }
2291 \f
2292 static void
2293 queue_tx(struct ofpbuf *msg, const struct ofconn *ofconn,
2294 struct rconn_packet_counter *counter)
2295 {
2296 update_openflow_length(msg);
2297 if (rconn_send(ofconn->rconn, msg, counter)) {
2298 ofpbuf_delete(msg);
2299 }
2300 }
2301
2302 static void
2303 send_error(const struct ofconn *ofconn, const struct ofp_header *oh,
2304 int error, const void *data, size_t len)
2305 {
2306 struct ofpbuf *buf;
2307 struct ofp_error_msg *oem;
2308
2309 if (!(error >> 16)) {
2310 VLOG_WARN_RL(&rl, "not sending bad error code %d to controller",
2311 error);
2312 return;
2313 }
2314
2315 COVERAGE_INC(ofproto_error);
2316 oem = make_openflow_xid(len + sizeof *oem, OFPT_ERROR,
2317 oh ? oh->xid : 0, &buf);
2318 oem->type = htons((unsigned int) error >> 16);
2319 oem->code = htons(error & 0xffff);
2320 memcpy(oem->data, data, len);
2321 queue_tx(buf, ofconn, ofconn->reply_counter);
2322 }
2323
2324 static void
2325 send_error_oh(const struct ofconn *ofconn, const struct ofp_header *oh,
2326 int error)
2327 {
2328 size_t oh_length = ntohs(oh->length);
2329 send_error(ofconn, oh, error, oh, MIN(oh_length, 64));
2330 }
2331
2332 static void
2333 hton_ofp_phy_port(struct ofp_phy_port *opp)
2334 {
2335 opp->port_no = htons(opp->port_no);
2336 opp->config = htonl(opp->config);
2337 opp->state = htonl(opp->state);
2338 opp->curr = htonl(opp->curr);
2339 opp->advertised = htonl(opp->advertised);
2340 opp->supported = htonl(opp->supported);
2341 opp->peer = htonl(opp->peer);
2342 }
2343
2344 static int
2345 handle_echo_request(struct ofconn *ofconn, struct ofp_header *oh)
2346 {
2347 struct ofp_header *rq = oh;
2348 queue_tx(make_echo_reply(rq), ofconn, ofconn->reply_counter);
2349 return 0;
2350 }
2351
2352 static int
2353 handle_features_request(struct ofproto *p, struct ofconn *ofconn,
2354 struct ofp_header *oh)
2355 {
2356 struct ofp_switch_features *osf;
2357 struct ofpbuf *buf;
2358 struct ofport *port;
2359
2360 osf = make_openflow_xid(sizeof *osf, OFPT_FEATURES_REPLY, oh->xid, &buf);
2361 osf->datapath_id = htonll(p->datapath_id);
2362 osf->n_buffers = htonl(pktbuf_capacity());
2363 osf->n_tables = 2;
2364 osf->capabilities = htonl(OFPC_FLOW_STATS | OFPC_TABLE_STATS |
2365 OFPC_PORT_STATS | OFPC_ARP_MATCH_IP);
2366 osf->actions = htonl((1u << OFPAT_OUTPUT) |
2367 (1u << OFPAT_SET_VLAN_VID) |
2368 (1u << OFPAT_SET_VLAN_PCP) |
2369 (1u << OFPAT_STRIP_VLAN) |
2370 (1u << OFPAT_SET_DL_SRC) |
2371 (1u << OFPAT_SET_DL_DST) |
2372 (1u << OFPAT_SET_NW_SRC) |
2373 (1u << OFPAT_SET_NW_DST) |
2374 (1u << OFPAT_SET_NW_TOS) |
2375 (1u << OFPAT_SET_TP_SRC) |
2376 (1u << OFPAT_SET_TP_DST) |
2377 (1u << OFPAT_ENQUEUE));
2378
2379 HMAP_FOR_EACH (port, hmap_node, &p->ports) {
2380 hton_ofp_phy_port(ofpbuf_put(buf, &port->opp, sizeof port->opp));
2381 }
2382
2383 queue_tx(buf, ofconn, ofconn->reply_counter);
2384 return 0;
2385 }
2386
2387 static int
2388 handle_get_config_request(struct ofproto *p, struct ofconn *ofconn,
2389 struct ofp_header *oh)
2390 {
2391 struct ofpbuf *buf;
2392 struct ofp_switch_config *osc;
2393 uint16_t flags;
2394 bool drop_frags;
2395
2396 /* Figure out flags. */
2397 dpif_get_drop_frags(p->dpif, &drop_frags);
2398 flags = drop_frags ? OFPC_FRAG_DROP : OFPC_FRAG_NORMAL;
2399
2400 /* Send reply. */
2401 osc = make_openflow_xid(sizeof *osc, OFPT_GET_CONFIG_REPLY, oh->xid, &buf);
2402 osc->flags = htons(flags);
2403 osc->miss_send_len = htons(ofconn->miss_send_len);
2404 queue_tx(buf, ofconn, ofconn->reply_counter);
2405
2406 return 0;
2407 }
2408
2409 static int
2410 handle_set_config(struct ofproto *p, struct ofconn *ofconn,
2411 struct ofp_switch_config *osc)
2412 {
2413 uint16_t flags;
2414 int error;
2415
2416 error = check_ofp_message(&osc->header, OFPT_SET_CONFIG, sizeof *osc);
2417 if (error) {
2418 return error;
2419 }
2420 flags = ntohs(osc->flags);
2421
2422 if (ofconn->type == OFCONN_PRIMARY && ofconn->role != NX_ROLE_SLAVE) {
2423 switch (flags & OFPC_FRAG_MASK) {
2424 case OFPC_FRAG_NORMAL:
2425 dpif_set_drop_frags(p->dpif, false);
2426 break;
2427 case OFPC_FRAG_DROP:
2428 dpif_set_drop_frags(p->dpif, true);
2429 break;
2430 default:
2431 VLOG_WARN_RL(&rl, "requested bad fragment mode (flags=%"PRIx16")",
2432 osc->flags);
2433 break;
2434 }
2435 }
2436
2437 ofconn->miss_send_len = ntohs(osc->miss_send_len);
2438
2439 return 0;
2440 }
2441
2442 static void
2443 add_controller_action(struct odp_actions *actions, uint16_t max_len)
2444 {
2445 union odp_action *a = odp_actions_add(actions, ODPAT_CONTROLLER);
2446 a->controller.arg = max_len;
2447 }
2448
2449 struct action_xlate_ctx {
2450 /* Input. */
2451 struct flow flow; /* Flow to which these actions correspond. */
2452 int recurse; /* Recursion level, via xlate_table_action. */
2453 struct ofproto *ofproto;
2454 const struct ofpbuf *packet; /* The packet corresponding to 'flow', or a
2455 * null pointer if we are revalidating
2456 * without a packet to refer to. */
2457
2458 /* Output. */
2459 struct odp_actions *out; /* Datapath actions. */
2460 tag_type *tags; /* Tags associated with OFPP_NORMAL actions. */
2461 bool may_set_up_flow; /* True ordinarily; false if the actions must
2462 * be reassessed for every packet. */
2463 uint16_t nf_output_iface; /* Output interface index for NetFlow. */
2464 };
2465
2466 /* Maximum depth of flow table recursion (due to NXAST_RESUBMIT actions) in a
2467 * flow translation. */
2468 #define MAX_RESUBMIT_RECURSION 8
2469
2470 static void do_xlate_actions(const union ofp_action *in, size_t n_in,
2471 struct action_xlate_ctx *ctx);
2472
2473 static void
2474 add_output_action(struct action_xlate_ctx *ctx, uint16_t port)
2475 {
2476 const struct ofport *ofport = get_port(ctx->ofproto, port);
2477
2478 if (ofport) {
2479 if (ofport->opp.config & OFPPC_NO_FWD) {
2480 /* Forwarding disabled on port. */
2481 return;
2482 }
2483 } else {
2484 /*
2485 * We don't have an ofport record for this port, but it doesn't hurt to
2486 * allow forwarding to it anyhow. Maybe such a port will appear later
2487 * and we're pre-populating the flow table.
2488 */
2489 }
2490
2491 odp_actions_add(ctx->out, ODPAT_OUTPUT)->output.port = port;
2492 ctx->nf_output_iface = port;
2493 }
2494
2495 static struct rule *
2496 lookup_valid_rule(struct ofproto *ofproto, const struct flow *flow)
2497 {
2498 struct rule *rule;
2499 rule = rule_from_cls_rule(classifier_lookup(&ofproto->cls, flow));
2500
2501 /* The rule we found might not be valid, since we could be in need of
2502 * revalidation. If it is not valid, don't return it. */
2503 if (rule
2504 && rule->super
2505 && ofproto->need_revalidate
2506 && !revalidate_rule(ofproto, rule)) {
2507 COVERAGE_INC(ofproto_invalidated);
2508 return NULL;
2509 }
2510
2511 return rule;
2512 }
2513
2514 static void
2515 xlate_table_action(struct action_xlate_ctx *ctx, uint16_t in_port)
2516 {
2517 if (ctx->recurse < MAX_RESUBMIT_RECURSION) {
2518 uint16_t old_in_port;
2519 struct rule *rule;
2520
2521 /* Look up a flow with 'in_port' as the input port. Then restore the
2522 * original input port (otherwise OFPP_NORMAL and OFPP_IN_PORT will
2523 * have surprising behavior). */
2524 old_in_port = ctx->flow.in_port;
2525 ctx->flow.in_port = in_port;
2526 rule = lookup_valid_rule(ctx->ofproto, &ctx->flow);
2527 ctx->flow.in_port = old_in_port;
2528
2529 if (rule) {
2530 if (rule->super) {
2531 rule = rule->super;
2532 }
2533
2534 ctx->recurse++;
2535 do_xlate_actions(rule->actions, rule->n_actions, ctx);
2536 ctx->recurse--;
2537 }
2538 } else {
2539 struct vlog_rate_limit recurse_rl = VLOG_RATE_LIMIT_INIT(1, 1);
2540
2541 VLOG_ERR_RL(&recurse_rl, "NXAST_RESUBMIT recursed over %d times",
2542 MAX_RESUBMIT_RECURSION);
2543 }
2544 }
2545
2546 static void
2547 flood_packets(struct ofproto *ofproto, uint16_t odp_in_port, uint32_t mask,
2548 uint16_t *nf_output_iface, struct odp_actions *actions)
2549 {
2550 struct ofport *ofport;
2551
2552 HMAP_FOR_EACH (ofport, hmap_node, &ofproto->ports) {
2553 uint16_t odp_port = ofport->odp_port;
2554 if (odp_port != odp_in_port && !(ofport->opp.config & mask)) {
2555 odp_actions_add(actions, ODPAT_OUTPUT)->output.port = odp_port;
2556 }
2557 }
2558 *nf_output_iface = NF_OUT_FLOOD;
2559 }
2560
2561 static void
2562 xlate_output_action__(struct action_xlate_ctx *ctx,
2563 uint16_t port, uint16_t max_len)
2564 {
2565 uint16_t odp_port;
2566 uint16_t prev_nf_output_iface = ctx->nf_output_iface;
2567
2568 ctx->nf_output_iface = NF_OUT_DROP;
2569
2570 switch (port) {
2571 case OFPP_IN_PORT:
2572 add_output_action(ctx, ctx->flow.in_port);
2573 break;
2574 case OFPP_TABLE:
2575 xlate_table_action(ctx, ctx->flow.in_port);
2576 break;
2577 case OFPP_NORMAL:
2578 if (!ctx->ofproto->ofhooks->normal_cb(&ctx->flow, ctx->packet,
2579 ctx->out, ctx->tags,
2580 &ctx->nf_output_iface,
2581 ctx->ofproto->aux)) {
2582 COVERAGE_INC(ofproto_uninstallable);
2583 ctx->may_set_up_flow = false;
2584 }
2585 break;
2586 case OFPP_FLOOD:
2587 flood_packets(ctx->ofproto, ctx->flow.in_port, OFPPC_NO_FLOOD,
2588 &ctx->nf_output_iface, ctx->out);
2589 break;
2590 case OFPP_ALL:
2591 flood_packets(ctx->ofproto, ctx->flow.in_port, 0,
2592 &ctx->nf_output_iface, ctx->out);
2593 break;
2594 case OFPP_CONTROLLER:
2595 add_controller_action(ctx->out, max_len);
2596 break;
2597 case OFPP_LOCAL:
2598 add_output_action(ctx, ODPP_LOCAL);
2599 break;
2600 default:
2601 odp_port = ofp_port_to_odp_port(port);
2602 if (odp_port != ctx->flow.in_port) {
2603 add_output_action(ctx, odp_port);
2604 }
2605 break;
2606 }
2607
2608 if (prev_nf_output_iface == NF_OUT_FLOOD) {
2609 ctx->nf_output_iface = NF_OUT_FLOOD;
2610 } else if (ctx->nf_output_iface == NF_OUT_DROP) {
2611 ctx->nf_output_iface = prev_nf_output_iface;
2612 } else if (prev_nf_output_iface != NF_OUT_DROP &&
2613 ctx->nf_output_iface != NF_OUT_FLOOD) {
2614 ctx->nf_output_iface = NF_OUT_MULTI;
2615 }
2616 }
2617
2618 static void
2619 xlate_output_action(struct action_xlate_ctx *ctx,
2620 const struct ofp_action_output *oao)
2621 {
2622 xlate_output_action__(ctx, ntohs(oao->port), ntohs(oao->max_len));
2623 }
2624
2625 /* If the final ODP action in 'ctx' is "pop priority", drop it, as an
2626 * optimization, because we're going to add another action that sets the
2627 * priority immediately after, or because there are no actions following the
2628 * pop. */
2629 static void
2630 remove_pop_action(struct action_xlate_ctx *ctx)
2631 {
2632 size_t n = ctx->out->n_actions;
2633 if (n > 0 && ctx->out->actions[n - 1].type == ODPAT_POP_PRIORITY) {
2634 ctx->out->n_actions--;
2635 }
2636 }
2637
2638 static void
2639 xlate_enqueue_action(struct action_xlate_ctx *ctx,
2640 const struct ofp_action_enqueue *oae)
2641 {
2642 uint16_t ofp_port, odp_port;
2643 uint32_t priority;
2644 int error;
2645
2646 error = dpif_queue_to_priority(ctx->ofproto->dpif, ntohl(oae->queue_id),
2647 &priority);
2648 if (error) {
2649 /* Fall back to ordinary output action. */
2650 xlate_output_action__(ctx, ntohs(oae->port), 0);
2651 return;
2652 }
2653
2654 /* Figure out ODP output port. */
2655 ofp_port = ntohs(oae->port);
2656 if (ofp_port != OFPP_IN_PORT) {
2657 odp_port = ofp_port_to_odp_port(ofp_port);
2658 } else {
2659 odp_port = ctx->flow.in_port;
2660 }
2661
2662 /* Add ODP actions. */
2663 remove_pop_action(ctx);
2664 odp_actions_add(ctx->out, ODPAT_SET_PRIORITY)->priority.priority
2665 = priority;
2666 add_output_action(ctx, odp_port);
2667 odp_actions_add(ctx->out, ODPAT_POP_PRIORITY);
2668
2669 /* Update NetFlow output port. */
2670 if (ctx->nf_output_iface == NF_OUT_DROP) {
2671 ctx->nf_output_iface = odp_port;
2672 } else if (ctx->nf_output_iface != NF_OUT_FLOOD) {
2673 ctx->nf_output_iface = NF_OUT_MULTI;
2674 }
2675 }
2676
2677 static void
2678 xlate_set_queue_action(struct action_xlate_ctx *ctx,
2679 const struct nx_action_set_queue *nasq)
2680 {
2681 uint32_t priority;
2682 int error;
2683
2684 error = dpif_queue_to_priority(ctx->ofproto->dpif, ntohl(nasq->queue_id),
2685 &priority);
2686 if (error) {
2687 /* Couldn't translate queue to a priority, so ignore. A warning
2688 * has already been logged. */
2689 return;
2690 }
2691
2692 remove_pop_action(ctx);
2693 odp_actions_add(ctx->out, ODPAT_SET_PRIORITY)->priority.priority
2694 = priority;
2695 }
2696
2697 static void
2698 xlate_nicira_action(struct action_xlate_ctx *ctx,
2699 const struct nx_action_header *nah)
2700 {
2701 const struct nx_action_resubmit *nar;
2702 const struct nx_action_set_tunnel *nast;
2703 const struct nx_action_set_queue *nasq;
2704 union odp_action *oa;
2705 int subtype = ntohs(nah->subtype);
2706
2707 assert(nah->vendor == htonl(NX_VENDOR_ID));
2708 switch (subtype) {
2709 case NXAST_RESUBMIT:
2710 nar = (const struct nx_action_resubmit *) nah;
2711 xlate_table_action(ctx, ofp_port_to_odp_port(ntohs(nar->in_port)));
2712 break;
2713
2714 case NXAST_SET_TUNNEL:
2715 nast = (const struct nx_action_set_tunnel *) nah;
2716 oa = odp_actions_add(ctx->out, ODPAT_SET_TUNNEL);
2717 ctx->flow.tun_id = oa->tunnel.tun_id = nast->tun_id;
2718 break;
2719
2720 case NXAST_DROP_SPOOFED_ARP:
2721 if (ctx->flow.dl_type == htons(ETH_TYPE_ARP)) {
2722 odp_actions_add(ctx->out, ODPAT_DROP_SPOOFED_ARP);
2723 }
2724 break;
2725
2726 case NXAST_SET_QUEUE:
2727 nasq = (const struct nx_action_set_queue *) nah;
2728 xlate_set_queue_action(ctx, nasq);
2729 break;
2730
2731 case NXAST_POP_QUEUE:
2732 odp_actions_add(ctx->out, ODPAT_POP_PRIORITY);
2733 break;
2734
2735 /* If you add a new action here that modifies flow data, don't forget to
2736 * update the flow key in ctx->flow at the same time. */
2737
2738 default:
2739 VLOG_DBG_RL(&rl, "unknown Nicira action type %"PRIu16, subtype);
2740 break;
2741 }
2742 }
2743
2744 static void
2745 do_xlate_actions(const union ofp_action *in, size_t n_in,
2746 struct action_xlate_ctx *ctx)
2747 {
2748 struct actions_iterator iter;
2749 const union ofp_action *ia;
2750 const struct ofport *port;
2751
2752 port = get_port(ctx->ofproto, ctx->flow.in_port);
2753 if (port && port->opp.config & (OFPPC_NO_RECV | OFPPC_NO_RECV_STP) &&
2754 port->opp.config & (eth_addr_equals(ctx->flow.dl_dst, eth_addr_stp)
2755 ? OFPPC_NO_RECV_STP : OFPPC_NO_RECV)) {
2756 /* Drop this flow. */
2757 return;
2758 }
2759
2760 for (ia = actions_first(&iter, in, n_in); ia; ia = actions_next(&iter)) {
2761 uint16_t type = ntohs(ia->type);
2762 union odp_action *oa;
2763
2764 switch (type) {
2765 case OFPAT_OUTPUT:
2766 xlate_output_action(ctx, &ia->output);
2767 break;
2768
2769 case OFPAT_SET_VLAN_VID:
2770 oa = odp_actions_add(ctx->out, ODPAT_SET_DL_TCI);
2771 oa->dl_tci.tci = ia->vlan_vid.vlan_vid;
2772 oa->dl_tci.tci |= htons(ctx->flow.dl_vlan_pcp << VLAN_PCP_SHIFT);
2773 ctx->flow.dl_vlan = ia->vlan_vid.vlan_vid;
2774 break;
2775
2776 case OFPAT_SET_VLAN_PCP:
2777 oa = odp_actions_add(ctx->out, ODPAT_SET_DL_TCI);
2778 oa->dl_tci.tci = htons(ia->vlan_pcp.vlan_pcp << VLAN_PCP_SHIFT);
2779 oa->dl_tci.tci |= ctx->flow.dl_vlan;
2780 ctx->flow.dl_vlan_pcp = ia->vlan_pcp.vlan_pcp;
2781 break;
2782
2783 case OFPAT_STRIP_VLAN:
2784 odp_actions_add(ctx->out, ODPAT_STRIP_VLAN);
2785 ctx->flow.dl_vlan = htons(OFP_VLAN_NONE);
2786 ctx->flow.dl_vlan_pcp = 0;
2787 break;
2788
2789 case OFPAT_SET_DL_SRC:
2790 oa = odp_actions_add(ctx->out, ODPAT_SET_DL_SRC);
2791 memcpy(oa->dl_addr.dl_addr,
2792 ((struct ofp_action_dl_addr *) ia)->dl_addr, ETH_ADDR_LEN);
2793 memcpy(ctx->flow.dl_src,
2794 ((struct ofp_action_dl_addr *) ia)->dl_addr, ETH_ADDR_LEN);
2795 break;
2796
2797 case OFPAT_SET_DL_DST:
2798 oa = odp_actions_add(ctx->out, ODPAT_SET_DL_DST);
2799 memcpy(oa->dl_addr.dl_addr,
2800 ((struct ofp_action_dl_addr *) ia)->dl_addr, ETH_ADDR_LEN);
2801 memcpy(ctx->flow.dl_dst,
2802 ((struct ofp_action_dl_addr *) ia)->dl_addr, ETH_ADDR_LEN);
2803 break;
2804
2805 case OFPAT_SET_NW_SRC:
2806 oa = odp_actions_add(ctx->out, ODPAT_SET_NW_SRC);
2807 ctx->flow.nw_src = oa->nw_addr.nw_addr = ia->nw_addr.nw_addr;
2808 break;
2809
2810 case OFPAT_SET_NW_DST:
2811 oa = odp_actions_add(ctx->out, ODPAT_SET_NW_DST);
2812 ctx->flow.nw_dst = oa->nw_addr.nw_addr = ia->nw_addr.nw_addr;
2813 break;
2814
2815 case OFPAT_SET_NW_TOS:
2816 oa = odp_actions_add(ctx->out, ODPAT_SET_NW_TOS);
2817 ctx->flow.nw_tos = oa->nw_tos.nw_tos = ia->nw_tos.nw_tos;
2818 break;
2819
2820 case OFPAT_SET_TP_SRC:
2821 oa = odp_actions_add(ctx->out, ODPAT_SET_TP_SRC);
2822 ctx->flow.tp_src = oa->tp_port.tp_port = ia->tp_port.tp_port;
2823 break;
2824
2825 case OFPAT_SET_TP_DST:
2826 oa = odp_actions_add(ctx->out, ODPAT_SET_TP_DST);
2827 ctx->flow.tp_dst = oa->tp_port.tp_port = ia->tp_port.tp_port;
2828 break;
2829
2830 case OFPAT_VENDOR:
2831 xlate_nicira_action(ctx, (const struct nx_action_header *) ia);
2832 break;
2833
2834 case OFPAT_ENQUEUE:
2835 xlate_enqueue_action(ctx, (const struct ofp_action_enqueue *) ia);
2836 break;
2837
2838 default:
2839 VLOG_DBG_RL(&rl, "unknown action type %"PRIu16, type);
2840 break;
2841 }
2842 }
2843 }
2844
2845 static int
2846 xlate_actions(const union ofp_action *in, size_t n_in,
2847 const struct flow *flow, struct ofproto *ofproto,
2848 const struct ofpbuf *packet,
2849 struct odp_actions *out, tag_type *tags, bool *may_set_up_flow,
2850 uint16_t *nf_output_iface)
2851 {
2852 tag_type no_tags = 0;
2853 struct action_xlate_ctx ctx;
2854 COVERAGE_INC(ofproto_ofp2odp);
2855 odp_actions_init(out);
2856 ctx.flow = *flow;
2857 ctx.recurse = 0;
2858 ctx.ofproto = ofproto;
2859 ctx.packet = packet;
2860 ctx.out = out;
2861 ctx.tags = tags ? tags : &no_tags;
2862 ctx.may_set_up_flow = true;
2863 ctx.nf_output_iface = NF_OUT_DROP;
2864 do_xlate_actions(in, n_in, &ctx);
2865 remove_pop_action(&ctx);
2866
2867 /* Check with in-band control to see if we're allowed to set up this
2868 * flow. */
2869 if (!in_band_rule_check(ofproto->in_band, flow, out)) {
2870 ctx.may_set_up_flow = false;
2871 }
2872
2873 if (may_set_up_flow) {
2874 *may_set_up_flow = ctx.may_set_up_flow;
2875 }
2876 if (nf_output_iface) {
2877 *nf_output_iface = ctx.nf_output_iface;
2878 }
2879 if (odp_actions_overflow(out)) {
2880 COVERAGE_INC(odp_overflow);
2881 odp_actions_init(out);
2882 return ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_TOO_MANY);
2883 }
2884 return 0;
2885 }
2886
2887 /* Checks whether 'ofconn' is a slave controller. If so, returns an OpenFlow
2888 * error message code (composed with ofp_mkerr()) for the caller to propagate
2889 * upward. Otherwise, returns 0.
2890 *
2891 * 'oh' is used to make log messages more informative. */
2892 static int
2893 reject_slave_controller(struct ofconn *ofconn, const struct ofp_header *oh)
2894 {
2895 if (ofconn->type == OFCONN_PRIMARY && ofconn->role == NX_ROLE_SLAVE) {
2896 static struct vlog_rate_limit perm_rl = VLOG_RATE_LIMIT_INIT(1, 5);
2897 char *type_name;
2898
2899 type_name = ofp_message_type_to_string(oh->type);
2900 VLOG_WARN_RL(&perm_rl, "rejecting %s message from slave controller",
2901 type_name);
2902 free(type_name);
2903
2904 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_EPERM);
2905 } else {
2906 return 0;
2907 }
2908 }
2909
2910 static int
2911 handle_packet_out(struct ofproto *p, struct ofconn *ofconn,
2912 struct ofp_header *oh)
2913 {
2914 struct ofp_packet_out *opo;
2915 struct ofpbuf payload, *buffer;
2916 struct odp_actions actions;
2917 struct flow flow;
2918 int n_actions;
2919 uint16_t in_port;
2920 int error;
2921
2922 error = reject_slave_controller(ofconn, oh);
2923 if (error) {
2924 return error;
2925 }
2926
2927 error = check_ofp_packet_out(oh, &payload, &n_actions, p->max_ports);
2928 if (error) {
2929 return error;
2930 }
2931 opo = (struct ofp_packet_out *) oh;
2932
2933 COVERAGE_INC(ofproto_packet_out);
2934 if (opo->buffer_id != htonl(UINT32_MAX)) {
2935 error = pktbuf_retrieve(ofconn->pktbuf, ntohl(opo->buffer_id),
2936 &buffer, &in_port);
2937 if (error || !buffer) {
2938 return error;
2939 }
2940 payload = *buffer;
2941 } else {
2942 buffer = NULL;
2943 }
2944
2945 flow_extract(&payload, 0, ofp_port_to_odp_port(ntohs(opo->in_port)), &flow);
2946 error = xlate_actions((const union ofp_action *) opo->actions, n_actions,
2947 &flow, p, &payload, &actions, NULL, NULL, NULL);
2948 if (error) {
2949 return error;
2950 }
2951
2952 dpif_execute(p->dpif, actions.actions, actions.n_actions, &payload);
2953 ofpbuf_delete(buffer);
2954
2955 return 0;
2956 }
2957
2958 static void
2959 update_port_config(struct ofproto *p, struct ofport *port,
2960 uint32_t config, uint32_t mask)
2961 {
2962 mask &= config ^ port->opp.config;
2963 if (mask & OFPPC_PORT_DOWN) {
2964 if (config & OFPPC_PORT_DOWN) {
2965 netdev_turn_flags_off(port->netdev, NETDEV_UP, true);
2966 } else {
2967 netdev_turn_flags_on(port->netdev, NETDEV_UP, true);
2968 }
2969 }
2970 #define REVALIDATE_BITS (OFPPC_NO_RECV | OFPPC_NO_RECV_STP | \
2971 OFPPC_NO_FWD | OFPPC_NO_FLOOD)
2972 if (mask & REVALIDATE_BITS) {
2973 COVERAGE_INC(ofproto_costly_flags);
2974 port->opp.config ^= mask & REVALIDATE_BITS;
2975 p->need_revalidate = true;
2976 }
2977 #undef REVALIDATE_BITS
2978 if (mask & OFPPC_NO_PACKET_IN) {
2979 port->opp.config ^= OFPPC_NO_PACKET_IN;
2980 }
2981 }
2982
2983 static int
2984 handle_port_mod(struct ofproto *p, struct ofconn *ofconn,
2985 struct ofp_header *oh)
2986 {
2987 const struct ofp_port_mod *opm;
2988 struct ofport *port;
2989 int error;
2990
2991 error = reject_slave_controller(ofconn, oh);
2992 if (error) {
2993 return error;
2994 }
2995 error = check_ofp_message(oh, OFPT_PORT_MOD, sizeof *opm);
2996 if (error) {
2997 return error;
2998 }
2999 opm = (struct ofp_port_mod *) oh;
3000
3001 port = get_port(p, ofp_port_to_odp_port(ntohs(opm->port_no)));
3002 if (!port) {
3003 return ofp_mkerr(OFPET_PORT_MOD_FAILED, OFPPMFC_BAD_PORT);
3004 } else if (memcmp(port->opp.hw_addr, opm->hw_addr, OFP_ETH_ALEN)) {
3005 return ofp_mkerr(OFPET_PORT_MOD_FAILED, OFPPMFC_BAD_HW_ADDR);
3006 } else {
3007 update_port_config(p, port, ntohl(opm->config), ntohl(opm->mask));
3008 if (opm->advertise) {
3009 netdev_set_advertisements(port->netdev, ntohl(opm->advertise));
3010 }
3011 }
3012 return 0;
3013 }
3014
3015 static struct ofpbuf *
3016 make_stats_reply(uint32_t xid, uint16_t type, size_t body_len)
3017 {
3018 struct ofp_stats_reply *osr;
3019 struct ofpbuf *msg;
3020
3021 msg = ofpbuf_new(MIN(sizeof *osr + body_len, UINT16_MAX));
3022 osr = put_openflow_xid(sizeof *osr, OFPT_STATS_REPLY, xid, msg);
3023 osr->type = type;
3024 osr->flags = htons(0);
3025 return msg;
3026 }
3027
3028 static struct ofpbuf *
3029 start_stats_reply(const struct ofp_stats_request *request, size_t body_len)
3030 {
3031 return make_stats_reply(request->header.xid, request->type, body_len);
3032 }
3033
3034 static void *
3035 append_stats_reply(size_t nbytes, struct ofconn *ofconn, struct ofpbuf **msgp)
3036 {
3037 struct ofpbuf *msg = *msgp;
3038 assert(nbytes <= UINT16_MAX - sizeof(struct ofp_stats_reply));
3039 if (nbytes + msg->size > UINT16_MAX) {
3040 struct ofp_stats_reply *reply = msg->data;
3041 reply->flags = htons(OFPSF_REPLY_MORE);
3042 *msgp = make_stats_reply(reply->header.xid, reply->type, nbytes);
3043 queue_tx(msg, ofconn, ofconn->reply_counter);
3044 }
3045 return ofpbuf_put_uninit(*msgp, nbytes);
3046 }
3047
3048 static int
3049 handle_desc_stats_request(struct ofproto *p, struct ofconn *ofconn,
3050 struct ofp_stats_request *request)
3051 {
3052 struct ofp_desc_stats *ods;
3053 struct ofpbuf *msg;
3054
3055 msg = start_stats_reply(request, sizeof *ods);
3056 ods = append_stats_reply(sizeof *ods, ofconn, &msg);
3057 memset(ods, 0, sizeof *ods);
3058 ovs_strlcpy(ods->mfr_desc, p->mfr_desc, sizeof ods->mfr_desc);
3059 ovs_strlcpy(ods->hw_desc, p->hw_desc, sizeof ods->hw_desc);
3060 ovs_strlcpy(ods->sw_desc, p->sw_desc, sizeof ods->sw_desc);
3061 ovs_strlcpy(ods->serial_num, p->serial_desc, sizeof ods->serial_num);
3062 ovs_strlcpy(ods->dp_desc, p->dp_desc, sizeof ods->dp_desc);
3063 queue_tx(msg, ofconn, ofconn->reply_counter);
3064
3065 return 0;
3066 }
3067
3068 static int
3069 handle_table_stats_request(struct ofproto *p, struct ofconn *ofconn,
3070 struct ofp_stats_request *request)
3071 {
3072 struct ofp_table_stats *ots;
3073 struct ofpbuf *msg;
3074 struct odp_stats dpstats;
3075 int n_exact, n_subrules, n_wild;
3076 struct rule *rule;
3077
3078 msg = start_stats_reply(request, sizeof *ots * 2);
3079
3080 /* Count rules of various kinds. */
3081 n_subrules = 0;
3082 CLASSIFIER_FOR_EACH_EXACT_RULE (rule, cr, &p->cls) {
3083 if (rule->super) {
3084 n_subrules++;
3085 }
3086 }
3087 n_exact = classifier_count_exact(&p->cls) - n_subrules;
3088 n_wild = classifier_count(&p->cls) - classifier_count_exact(&p->cls);
3089
3090 /* Hash table. */
3091 dpif_get_dp_stats(p->dpif, &dpstats);
3092 ots = append_stats_reply(sizeof *ots, ofconn, &msg);
3093 memset(ots, 0, sizeof *ots);
3094 ots->table_id = TABLEID_HASH;
3095 strcpy(ots->name, "hash");
3096 ots->wildcards = htonl(0);
3097 ots->max_entries = htonl(dpstats.max_capacity);
3098 ots->active_count = htonl(n_exact);
3099 ots->lookup_count = htonll(dpstats.n_frags + dpstats.n_hit +
3100 dpstats.n_missed);
3101 ots->matched_count = htonll(dpstats.n_hit); /* XXX */
3102
3103 /* Classifier table. */
3104 ots = append_stats_reply(sizeof *ots, ofconn, &msg);
3105 memset(ots, 0, sizeof *ots);
3106 ots->table_id = TABLEID_CLASSIFIER;
3107 strcpy(ots->name, "classifier");
3108 ots->wildcards = p->tun_id_from_cookie ? htonl(OVSFW_ALL)
3109 : htonl(OFPFW_ALL);
3110 ots->max_entries = htonl(65536);
3111 ots->active_count = htonl(n_wild);
3112 ots->lookup_count = htonll(0); /* XXX */
3113 ots->matched_count = htonll(0); /* XXX */
3114
3115 queue_tx(msg, ofconn, ofconn->reply_counter);
3116 return 0;
3117 }
3118
3119 static void
3120 append_port_stat(struct ofport *port, struct ofconn *ofconn,
3121 struct ofpbuf **msgp)
3122 {
3123 struct netdev_stats stats;
3124 struct ofp_port_stats *ops;
3125
3126 /* Intentionally ignore return value, since errors will set
3127 * 'stats' to all-1s, which is correct for OpenFlow, and
3128 * netdev_get_stats() will log errors. */
3129 netdev_get_stats(port->netdev, &stats);
3130
3131 ops = append_stats_reply(sizeof *ops, ofconn, msgp);
3132 ops->port_no = htons(port->opp.port_no);
3133 memset(ops->pad, 0, sizeof ops->pad);
3134 ops->rx_packets = htonll(stats.rx_packets);
3135 ops->tx_packets = htonll(stats.tx_packets);
3136 ops->rx_bytes = htonll(stats.rx_bytes);
3137 ops->tx_bytes = htonll(stats.tx_bytes);
3138 ops->rx_dropped = htonll(stats.rx_dropped);
3139 ops->tx_dropped = htonll(stats.tx_dropped);
3140 ops->rx_errors = htonll(stats.rx_errors);
3141 ops->tx_errors = htonll(stats.tx_errors);
3142 ops->rx_frame_err = htonll(stats.rx_frame_errors);
3143 ops->rx_over_err = htonll(stats.rx_over_errors);
3144 ops->rx_crc_err = htonll(stats.rx_crc_errors);
3145 ops->collisions = htonll(stats.collisions);
3146 }
3147
3148 static int
3149 handle_port_stats_request(struct ofproto *p, struct ofconn *ofconn,
3150 struct ofp_stats_request *osr,
3151 size_t arg_size)
3152 {
3153 struct ofp_port_stats_request *psr;
3154 struct ofp_port_stats *ops;
3155 struct ofpbuf *msg;
3156 struct ofport *port;
3157
3158 if (arg_size != sizeof *psr) {
3159 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
3160 }
3161 psr = (struct ofp_port_stats_request *) osr->body;
3162
3163 msg = start_stats_reply(osr, sizeof *ops * 16);
3164 if (psr->port_no != htons(OFPP_NONE)) {
3165 port = get_port(p, ofp_port_to_odp_port(ntohs(psr->port_no)));
3166 if (port) {
3167 append_port_stat(port, ofconn, &msg);
3168 }
3169 } else {
3170 HMAP_FOR_EACH (port, hmap_node, &p->ports) {
3171 append_port_stat(port, ofconn, &msg);
3172 }
3173 }
3174
3175 queue_tx(msg, ofconn, ofconn->reply_counter);
3176 return 0;
3177 }
3178
3179 struct flow_stats_cbdata {
3180 struct ofproto *ofproto;
3181 struct ofconn *ofconn;
3182 uint16_t out_port;
3183 struct ofpbuf *msg;
3184 };
3185
3186 /* Obtains statistic counters for 'rule' within 'p' and stores them into
3187 * '*packet_countp' and '*byte_countp'. If 'rule' is a wildcarded rule, the
3188 * returned statistic include statistics for all of 'rule''s subrules. */
3189 static void
3190 query_stats(struct ofproto *p, struct rule *rule,
3191 uint64_t *packet_countp, uint64_t *byte_countp)
3192 {
3193 uint64_t packet_count, byte_count;
3194 struct rule *subrule;
3195 struct odp_flow *odp_flows;
3196 size_t n_odp_flows;
3197
3198 /* Start from historical data for 'rule' itself that are no longer tracked
3199 * by the datapath. This counts, for example, subrules that have
3200 * expired. */
3201 packet_count = rule->packet_count;
3202 byte_count = rule->byte_count;
3203
3204 /* Prepare to ask the datapath for statistics on 'rule', or if it is
3205 * wildcarded then on all of its subrules.
3206 *
3207 * Also, add any statistics that are not tracked by the datapath for each
3208 * subrule. This includes, for example, statistics for packets that were
3209 * executed "by hand" by ofproto via dpif_execute() but must be accounted
3210 * to a flow. */
3211 n_odp_flows = rule->cr.wc.wildcards ? list_size(&rule->list) : 1;
3212 odp_flows = xzalloc(n_odp_flows * sizeof *odp_flows);
3213 if (rule->cr.wc.wildcards) {
3214 size_t i = 0;
3215 LIST_FOR_EACH (subrule, list, &rule->list) {
3216 odp_flow_key_from_flow(&odp_flows[i++].key, &subrule->cr.flow);
3217 packet_count += subrule->packet_count;
3218 byte_count += subrule->byte_count;
3219 }
3220 } else {
3221 odp_flow_key_from_flow(&odp_flows[0].key, &rule->cr.flow);
3222 }
3223
3224 /* Fetch up-to-date statistics from the datapath and add them in. */
3225 if (!dpif_flow_get_multiple(p->dpif, odp_flows, n_odp_flows)) {
3226 size_t i;
3227 for (i = 0; i < n_odp_flows; i++) {
3228 struct odp_flow *odp_flow = &odp_flows[i];
3229 packet_count += odp_flow->stats.n_packets;
3230 byte_count += odp_flow->stats.n_bytes;
3231 }
3232 }
3233 free(odp_flows);
3234
3235 /* Return the stats to the caller. */
3236 *packet_countp = packet_count;
3237 *byte_countp = byte_count;
3238 }
3239
3240 static void
3241 flow_stats_cb(struct cls_rule *rule_, void *cbdata_)
3242 {
3243 struct rule *rule = rule_from_cls_rule(rule_);
3244 struct flow_stats_cbdata *cbdata = cbdata_;
3245 struct ofp_flow_stats *ofs;
3246 uint64_t packet_count, byte_count;
3247 size_t act_len, len;
3248 long long int tdiff = time_msec() - rule->created;
3249 uint32_t sec = tdiff / 1000;
3250 uint32_t msec = tdiff - (sec * 1000);
3251
3252 if (rule_is_hidden(rule) || !rule_has_out_port(rule, cbdata->out_port)) {
3253 return;
3254 }
3255
3256 act_len = sizeof *rule->actions * rule->n_actions;
3257 len = offsetof(struct ofp_flow_stats, actions) + act_len;
3258
3259 query_stats(cbdata->ofproto, rule, &packet_count, &byte_count);
3260
3261 ofs = append_stats_reply(len, cbdata->ofconn, &cbdata->msg);
3262 ofs->length = htons(len);
3263 ofs->table_id = rule->cr.wc.wildcards ? TABLEID_CLASSIFIER : TABLEID_HASH;
3264 ofs->pad = 0;
3265 flow_to_match(&rule->cr.flow, rule->cr.wc.wildcards,
3266 cbdata->ofproto->tun_id_from_cookie, &ofs->match);
3267 ofs->duration_sec = htonl(sec);
3268 ofs->duration_nsec = htonl(msec * 1000000);
3269 ofs->cookie = rule->flow_cookie;
3270 ofs->priority = htons(rule->cr.priority);
3271 ofs->idle_timeout = htons(rule->idle_timeout);
3272 ofs->hard_timeout = htons(rule->hard_timeout);
3273 memset(ofs->pad2, 0, sizeof ofs->pad2);
3274 ofs->packet_count = htonll(packet_count);
3275 ofs->byte_count = htonll(byte_count);
3276 if (rule->n_actions > 0) {
3277 memcpy(ofs->actions, rule->actions, act_len);
3278 }
3279 }
3280
3281 static int
3282 table_id_to_include(uint8_t table_id)
3283 {
3284 return (table_id == TABLEID_HASH ? CLS_INC_EXACT
3285 : table_id == TABLEID_CLASSIFIER ? CLS_INC_WILD
3286 : table_id == 0xff ? CLS_INC_ALL
3287 : 0);
3288 }
3289
3290 static int
3291 handle_flow_stats_request(struct ofproto *p, struct ofconn *ofconn,
3292 const struct ofp_stats_request *osr,
3293 size_t arg_size)
3294 {
3295 struct ofp_flow_stats_request *fsr;
3296 struct flow_stats_cbdata cbdata;
3297 struct cls_rule target;
3298
3299 if (arg_size != sizeof *fsr) {
3300 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
3301 }
3302 fsr = (struct ofp_flow_stats_request *) osr->body;
3303
3304 COVERAGE_INC(ofproto_flows_req);
3305 cbdata.ofproto = p;
3306 cbdata.ofconn = ofconn;
3307 cbdata.out_port = fsr->out_port;
3308 cbdata.msg = start_stats_reply(osr, 1024);
3309 cls_rule_from_match(&fsr->match, 0, false, 0, &target);
3310 classifier_for_each_match(&p->cls, &target,
3311 table_id_to_include(fsr->table_id),
3312 flow_stats_cb, &cbdata);
3313 queue_tx(cbdata.msg, ofconn, ofconn->reply_counter);
3314 return 0;
3315 }
3316
3317 struct flow_stats_ds_cbdata {
3318 struct ofproto *ofproto;
3319 struct ds *results;
3320 };
3321
3322 static void
3323 flow_stats_ds_cb(struct cls_rule *rule_, void *cbdata_)
3324 {
3325 struct rule *rule = rule_from_cls_rule(rule_);
3326 struct flow_stats_ds_cbdata *cbdata = cbdata_;
3327 struct ds *results = cbdata->results;
3328 struct ofp_match match;
3329 uint64_t packet_count, byte_count;
3330 size_t act_len = sizeof *rule->actions * rule->n_actions;
3331
3332 /* Don't report on subrules. */
3333 if (rule->super != NULL) {
3334 return;
3335 }
3336
3337 query_stats(cbdata->ofproto, rule, &packet_count, &byte_count);
3338 flow_to_match(&rule->cr.flow, rule->cr.wc.wildcards,
3339 cbdata->ofproto->tun_id_from_cookie, &match);
3340
3341 ds_put_format(results, "duration=%llds, ",
3342 (time_msec() - rule->created) / 1000);
3343 ds_put_format(results, "priority=%u, ", rule->cr.priority);
3344 ds_put_format(results, "n_packets=%"PRIu64", ", packet_count);
3345 ds_put_format(results, "n_bytes=%"PRIu64", ", byte_count);
3346 ofp_print_match(results, &match, true);
3347 if (act_len > 0) {
3348 ofp_print_actions(results, &rule->actions->header, act_len);
3349 } else {
3350 ds_put_cstr(results, "drop");
3351 }
3352 ds_put_cstr(results, "\n");
3353 }
3354
3355 /* Adds a pretty-printed description of all flows to 'results', including
3356 * those marked hidden by secchan (e.g., by in-band control). */
3357 void
3358 ofproto_get_all_flows(struct ofproto *p, struct ds *results)
3359 {
3360 struct ofp_match match;
3361 struct cls_rule target;
3362 struct flow_stats_ds_cbdata cbdata;
3363
3364 memset(&match, 0, sizeof match);
3365 match.wildcards = htonl(OVSFW_ALL);
3366
3367 cbdata.ofproto = p;
3368 cbdata.results = results;
3369
3370 cls_rule_from_match(&match, 0, false, 0, &target);
3371 classifier_for_each_match(&p->cls, &target, CLS_INC_ALL,
3372 flow_stats_ds_cb, &cbdata);
3373 }
3374
3375 struct aggregate_stats_cbdata {
3376 struct ofproto *ofproto;
3377 uint16_t out_port;
3378 uint64_t packet_count;
3379 uint64_t byte_count;
3380 uint32_t n_flows;
3381 };
3382
3383 static void
3384 aggregate_stats_cb(struct cls_rule *rule_, void *cbdata_)
3385 {
3386 struct rule *rule = rule_from_cls_rule(rule_);
3387 struct aggregate_stats_cbdata *cbdata = cbdata_;
3388 uint64_t packet_count, byte_count;
3389
3390 if (rule_is_hidden(rule) || !rule_has_out_port(rule, cbdata->out_port)) {
3391 return;
3392 }
3393
3394 query_stats(cbdata->ofproto, rule, &packet_count, &byte_count);
3395
3396 cbdata->packet_count += packet_count;
3397 cbdata->byte_count += byte_count;
3398 cbdata->n_flows++;
3399 }
3400
3401 static int
3402 handle_aggregate_stats_request(struct ofproto *p, struct ofconn *ofconn,
3403 const struct ofp_stats_request *osr,
3404 size_t arg_size)
3405 {
3406 struct ofp_aggregate_stats_request *asr;
3407 struct ofp_aggregate_stats_reply *reply;
3408 struct aggregate_stats_cbdata cbdata;
3409 struct cls_rule target;
3410 struct ofpbuf *msg;
3411
3412 if (arg_size != sizeof *asr) {
3413 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
3414 }
3415 asr = (struct ofp_aggregate_stats_request *) osr->body;
3416
3417 COVERAGE_INC(ofproto_agg_request);
3418 cbdata.ofproto = p;
3419 cbdata.out_port = asr->out_port;
3420 cbdata.packet_count = 0;
3421 cbdata.byte_count = 0;
3422 cbdata.n_flows = 0;
3423 cls_rule_from_match(&asr->match, 0, false, 0, &target);
3424 classifier_for_each_match(&p->cls, &target,
3425 table_id_to_include(asr->table_id),
3426 aggregate_stats_cb, &cbdata);
3427
3428 msg = start_stats_reply(osr, sizeof *reply);
3429 reply = append_stats_reply(sizeof *reply, ofconn, &msg);
3430 reply->flow_count = htonl(cbdata.n_flows);
3431 reply->packet_count = htonll(cbdata.packet_count);
3432 reply->byte_count = htonll(cbdata.byte_count);
3433 queue_tx(msg, ofconn, ofconn->reply_counter);
3434 return 0;
3435 }
3436
3437 struct queue_stats_cbdata {
3438 struct ofconn *ofconn;
3439 struct ofport *ofport;
3440 struct ofpbuf *msg;
3441 };
3442
3443 static void
3444 put_queue_stats(struct queue_stats_cbdata *cbdata, uint32_t queue_id,
3445 const struct netdev_queue_stats *stats)
3446 {
3447 struct ofp_queue_stats *reply;
3448
3449 reply = append_stats_reply(sizeof *reply, cbdata->ofconn, &cbdata->msg);
3450 reply->port_no = htons(cbdata->ofport->opp.port_no);
3451 memset(reply->pad, 0, sizeof reply->pad);
3452 reply->queue_id = htonl(queue_id);
3453 reply->tx_bytes = htonll(stats->tx_bytes);
3454 reply->tx_packets = htonll(stats->tx_packets);
3455 reply->tx_errors = htonll(stats->tx_errors);
3456 }
3457
3458 static void
3459 handle_queue_stats_dump_cb(uint32_t queue_id,
3460 struct netdev_queue_stats *stats,
3461 void *cbdata_)
3462 {
3463 struct queue_stats_cbdata *cbdata = cbdata_;
3464
3465 put_queue_stats(cbdata, queue_id, stats);
3466 }
3467
3468 static void
3469 handle_queue_stats_for_port(struct ofport *port, uint32_t queue_id,
3470 struct queue_stats_cbdata *cbdata)
3471 {
3472 cbdata->ofport = port;
3473 if (queue_id == OFPQ_ALL) {
3474 netdev_dump_queue_stats(port->netdev,
3475 handle_queue_stats_dump_cb, cbdata);
3476 } else {
3477 struct netdev_queue_stats stats;
3478
3479 if (!netdev_get_queue_stats(port->netdev, queue_id, &stats)) {
3480 put_queue_stats(cbdata, queue_id, &stats);
3481 }
3482 }
3483 }
3484
3485 static int
3486 handle_queue_stats_request(struct ofproto *ofproto, struct ofconn *ofconn,
3487 const struct ofp_stats_request *osr,
3488 size_t arg_size)
3489 {
3490 struct ofp_queue_stats_request *qsr;
3491 struct queue_stats_cbdata cbdata;
3492 struct ofport *port;
3493 unsigned int port_no;
3494 uint32_t queue_id;
3495
3496 if (arg_size != sizeof *qsr) {
3497 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
3498 }
3499 qsr = (struct ofp_queue_stats_request *) osr->body;
3500
3501 COVERAGE_INC(ofproto_queue_req);
3502
3503 cbdata.ofconn = ofconn;
3504 cbdata.msg = start_stats_reply(osr, 128);
3505
3506 port_no = ntohs(qsr->port_no);
3507 queue_id = ntohl(qsr->queue_id);
3508 if (port_no == OFPP_ALL) {
3509 HMAP_FOR_EACH (port, hmap_node, &ofproto->ports) {
3510 handle_queue_stats_for_port(port, queue_id, &cbdata);
3511 }
3512 } else if (port_no < ofproto->max_ports) {
3513 port = get_port(ofproto, ofp_port_to_odp_port(port_no));
3514 if (port) {
3515 handle_queue_stats_for_port(port, queue_id, &cbdata);
3516 }
3517 } else {
3518 ofpbuf_delete(cbdata.msg);
3519 return ofp_mkerr(OFPET_QUEUE_OP_FAILED, OFPQOFC_BAD_PORT);
3520 }
3521 queue_tx(cbdata.msg, ofconn, ofconn->reply_counter);
3522
3523 return 0;
3524 }
3525
3526 static int
3527 handle_stats_request(struct ofproto *p, struct ofconn *ofconn,
3528 struct ofp_header *oh)
3529 {
3530 struct ofp_stats_request *osr;
3531 size_t arg_size;
3532 int error;
3533
3534 error = check_ofp_message_array(oh, OFPT_STATS_REQUEST, sizeof *osr,
3535 1, &arg_size);
3536 if (error) {
3537 return error;
3538 }
3539 osr = (struct ofp_stats_request *) oh;
3540
3541 switch (ntohs(osr->type)) {
3542 case OFPST_DESC:
3543 return handle_desc_stats_request(p, ofconn, osr);
3544
3545 case OFPST_FLOW:
3546 return handle_flow_stats_request(p, ofconn, osr, arg_size);
3547
3548 case OFPST_AGGREGATE:
3549 return handle_aggregate_stats_request(p, ofconn, osr, arg_size);
3550
3551 case OFPST_TABLE:
3552 return handle_table_stats_request(p, ofconn, osr);
3553
3554 case OFPST_PORT:
3555 return handle_port_stats_request(p, ofconn, osr, arg_size);
3556
3557 case OFPST_QUEUE:
3558 return handle_queue_stats_request(p, ofconn, osr, arg_size);
3559
3560 case OFPST_VENDOR:
3561 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_VENDOR);
3562
3563 default:
3564 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_STAT);
3565 }
3566 }
3567
3568 static long long int
3569 msec_from_nsec(uint64_t sec, uint32_t nsec)
3570 {
3571 return !sec ? 0 : sec * 1000 + nsec / 1000000;
3572 }
3573
3574 static void
3575 update_time(struct ofproto *ofproto, struct rule *rule,
3576 const struct odp_flow_stats *stats)
3577 {
3578 long long int used = msec_from_nsec(stats->used_sec, stats->used_nsec);
3579 if (used > rule->used) {
3580 rule->used = used;
3581 if (rule->super && used > rule->super->used) {
3582 rule->super->used = used;
3583 }
3584 netflow_flow_update_time(ofproto->netflow, &rule->nf_flow, used);
3585 }
3586 }
3587
3588 static void
3589 update_stats(struct ofproto *ofproto, struct rule *rule,
3590 const struct odp_flow_stats *stats)
3591 {
3592 if (stats->n_packets) {
3593 update_time(ofproto, rule, stats);
3594 rule->packet_count += stats->n_packets;
3595 rule->byte_count += stats->n_bytes;
3596 netflow_flow_update_flags(&rule->nf_flow, stats->tcp_flags);
3597 }
3598 }
3599
3600 /* Implements OFPFC_ADD and the cases for OFPFC_MODIFY and OFPFC_MODIFY_STRICT
3601 * in which no matching flow already exists in the flow table.
3602 *
3603 * Adds the flow specified by 'ofm', which is followed by 'n_actions'
3604 * ofp_actions, to 'p''s flow table. Returns 0 on success or an OpenFlow error
3605 * code as encoded by ofp_mkerr() on failure.
3606 *
3607 * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id,
3608 * if any. */
3609 static int
3610 add_flow(struct ofproto *p, struct ofconn *ofconn,
3611 const struct ofp_flow_mod *ofm, size_t n_actions)
3612 {
3613 struct ofpbuf *packet;
3614 struct rule *rule;
3615 uint16_t in_port;
3616 int error;
3617
3618 if (ofm->flags & htons(OFPFF_CHECK_OVERLAP)) {
3619 struct flow flow;
3620 uint32_t wildcards;
3621
3622 flow_from_match(&ofm->match, p->tun_id_from_cookie, ofm->cookie,
3623 &flow, &wildcards);
3624 if (classifier_rule_overlaps(&p->cls, &flow, wildcards,
3625 ntohs(ofm->priority))) {
3626 return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_OVERLAP);
3627 }
3628 }
3629
3630 rule = rule_create(p, NULL, (const union ofp_action *) ofm->actions,
3631 n_actions, ntohs(ofm->idle_timeout),
3632 ntohs(ofm->hard_timeout), ofm->cookie,
3633 ofm->flags & htons(OFPFF_SEND_FLOW_REM));
3634 cls_rule_from_match(&ofm->match, ntohs(ofm->priority),
3635 p->tun_id_from_cookie, ofm->cookie, &rule->cr);
3636
3637 error = 0;
3638 if (ofm->buffer_id != htonl(UINT32_MAX)) {
3639 error = pktbuf_retrieve(ofconn->pktbuf, ntohl(ofm->buffer_id),
3640 &packet, &in_port);
3641 } else {
3642 packet = NULL;
3643 in_port = UINT16_MAX;
3644 }
3645
3646 rule_insert(p, rule, packet, in_port);
3647 return error;
3648 }
3649
3650 static struct rule *
3651 find_flow_strict(struct ofproto *p, const struct ofp_flow_mod *ofm)
3652 {
3653 uint32_t wildcards;
3654 struct flow flow;
3655
3656 flow_from_match(&ofm->match, p->tun_id_from_cookie, ofm->cookie,
3657 &flow, &wildcards);
3658 return rule_from_cls_rule(classifier_find_rule_exactly(
3659 &p->cls, &flow, wildcards,
3660 ntohs(ofm->priority)));
3661 }
3662
3663 static int
3664 send_buffered_packet(struct ofproto *ofproto, struct ofconn *ofconn,
3665 struct rule *rule, const struct ofp_flow_mod *ofm)
3666 {
3667 struct ofpbuf *packet;
3668 uint16_t in_port;
3669 struct flow flow;
3670 int error;
3671
3672 if (ofm->buffer_id == htonl(UINT32_MAX)) {
3673 return 0;
3674 }
3675
3676 error = pktbuf_retrieve(ofconn->pktbuf, ntohl(ofm->buffer_id),
3677 &packet, &in_port);
3678 if (error) {
3679 return error;
3680 }
3681
3682 flow_extract(packet, 0, in_port, &flow);
3683 rule_execute(ofproto, rule, packet, &flow);
3684
3685 return 0;
3686 }
3687 \f
3688 /* OFPFC_MODIFY and OFPFC_MODIFY_STRICT. */
3689
3690 struct modify_flows_cbdata {
3691 struct ofproto *ofproto;
3692 const struct ofp_flow_mod *ofm;
3693 size_t n_actions;
3694 struct rule *match;
3695 };
3696
3697 static int modify_flow(struct ofproto *, const struct ofp_flow_mod *,
3698 size_t n_actions, struct rule *);
3699 static void modify_flows_cb(struct cls_rule *, void *cbdata_);
3700
3701 /* Implements OFPFC_MODIFY. Returns 0 on success or an OpenFlow error code as
3702 * encoded by ofp_mkerr() on failure.
3703 *
3704 * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id,
3705 * if any. */
3706 static int
3707 modify_flows_loose(struct ofproto *p, struct ofconn *ofconn,
3708 const struct ofp_flow_mod *ofm, size_t n_actions)
3709 {
3710 struct modify_flows_cbdata cbdata;
3711 struct cls_rule target;
3712
3713 cbdata.ofproto = p;
3714 cbdata.ofm = ofm;
3715 cbdata.n_actions = n_actions;
3716 cbdata.match = NULL;
3717
3718 cls_rule_from_match(&ofm->match, 0, p->tun_id_from_cookie, ofm->cookie,
3719 &target);
3720
3721 classifier_for_each_match(&p->cls, &target, CLS_INC_ALL,
3722 modify_flows_cb, &cbdata);
3723 if (cbdata.match) {
3724 /* This credits the packet to whichever flow happened to happened to
3725 * match last. That's weird. Maybe we should do a lookup for the
3726 * flow that actually matches the packet? Who knows. */
3727 send_buffered_packet(p, ofconn, cbdata.match, ofm);
3728 return 0;
3729 } else {
3730 return add_flow(p, ofconn, ofm, n_actions);
3731 }
3732 }
3733
3734 /* Implements OFPFC_MODIFY_STRICT. Returns 0 on success or an OpenFlow error
3735 * code as encoded by ofp_mkerr() on failure.
3736 *
3737 * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id,
3738 * if any. */
3739 static int
3740 modify_flow_strict(struct ofproto *p, struct ofconn *ofconn,
3741 struct ofp_flow_mod *ofm, size_t n_actions)
3742 {
3743 struct rule *rule = find_flow_strict(p, ofm);
3744 if (rule && !rule_is_hidden(rule)) {
3745 modify_flow(p, ofm, n_actions, rule);
3746 return send_buffered_packet(p, ofconn, rule, ofm);
3747 } else {
3748 return add_flow(p, ofconn, ofm, n_actions);
3749 }
3750 }
3751
3752 /* Callback for modify_flows_loose(). */
3753 static void
3754 modify_flows_cb(struct cls_rule *rule_, void *cbdata_)
3755 {
3756 struct rule *rule = rule_from_cls_rule(rule_);
3757 struct modify_flows_cbdata *cbdata = cbdata_;
3758
3759 if (!rule_is_hidden(rule)) {
3760 cbdata->match = rule;
3761 modify_flow(cbdata->ofproto, cbdata->ofm, cbdata->n_actions, rule);
3762 }
3763 }
3764
3765 /* Implements core of OFPFC_MODIFY and OFPFC_MODIFY_STRICT where 'rule' has
3766 * been identified as a flow in 'p''s flow table to be modified, by changing
3767 * the rule's actions to match those in 'ofm' (which is followed by 'n_actions'
3768 * ofp_action[] structures). */
3769 static int
3770 modify_flow(struct ofproto *p, const struct ofp_flow_mod *ofm,
3771 size_t n_actions, struct rule *rule)
3772 {
3773 size_t actions_len = n_actions * sizeof *rule->actions;
3774
3775 rule->flow_cookie = ofm->cookie;
3776
3777 /* If the actions are the same, do nothing. */
3778 if (n_actions == rule->n_actions
3779 && (!n_actions || !memcmp(ofm->actions, rule->actions, actions_len)))
3780 {
3781 return 0;
3782 }
3783
3784 /* Replace actions. */
3785 free(rule->actions);
3786 rule->actions = n_actions ? xmemdup(ofm->actions, actions_len) : NULL;
3787 rule->n_actions = n_actions;
3788
3789 /* Make sure that the datapath gets updated properly. */
3790 if (rule->cr.wc.wildcards) {
3791 COVERAGE_INC(ofproto_mod_wc_flow);
3792 p->need_revalidate = true;
3793 } else {
3794 rule_update_actions(p, rule);
3795 }
3796
3797 return 0;
3798 }
3799 \f
3800 /* OFPFC_DELETE implementation. */
3801
3802 struct delete_flows_cbdata {
3803 struct ofproto *ofproto;
3804 uint16_t out_port;
3805 };
3806
3807 static void delete_flows_cb(struct cls_rule *, void *cbdata_);
3808 static void delete_flow(struct ofproto *, struct rule *, uint16_t out_port);
3809
3810 /* Implements OFPFC_DELETE. */
3811 static void
3812 delete_flows_loose(struct ofproto *p, const struct ofp_flow_mod *ofm)
3813 {
3814 struct delete_flows_cbdata cbdata;
3815 struct cls_rule target;
3816
3817 cbdata.ofproto = p;
3818 cbdata.out_port = ofm->out_port;
3819
3820 cls_rule_from_match(&ofm->match, 0, p->tun_id_from_cookie, ofm->cookie,
3821 &target);
3822
3823 classifier_for_each_match(&p->cls, &target, CLS_INC_ALL,
3824 delete_flows_cb, &cbdata);
3825 }
3826
3827 /* Implements OFPFC_DELETE_STRICT. */
3828 static void
3829 delete_flow_strict(struct ofproto *p, struct ofp_flow_mod *ofm)
3830 {
3831 struct rule *rule = find_flow_strict(p, ofm);
3832 if (rule) {
3833 delete_flow(p, rule, ofm->out_port);
3834 }
3835 }
3836
3837 /* Callback for delete_flows_loose(). */
3838 static void
3839 delete_flows_cb(struct cls_rule *rule_, void *cbdata_)
3840 {
3841 struct rule *rule = rule_from_cls_rule(rule_);
3842 struct delete_flows_cbdata *cbdata = cbdata_;
3843
3844 delete_flow(cbdata->ofproto, rule, cbdata->out_port);
3845 }
3846
3847 /* Implements core of OFPFC_DELETE and OFPFC_DELETE_STRICT where 'rule' has
3848 * been identified as a flow to delete from 'p''s flow table, by deleting the
3849 * flow and sending out a OFPT_FLOW_REMOVED message to any interested
3850 * controller.
3851 *
3852 * Will not delete 'rule' if it is hidden. Will delete 'rule' only if
3853 * 'out_port' is htons(OFPP_NONE) or if 'rule' actually outputs to the
3854 * specified 'out_port'. */
3855 static void
3856 delete_flow(struct ofproto *p, struct rule *rule, uint16_t out_port)
3857 {
3858 if (rule_is_hidden(rule)) {
3859 return;
3860 }
3861
3862 if (out_port != htons(OFPP_NONE) && !rule_has_out_port(rule, out_port)) {
3863 return;
3864 }
3865
3866 send_flow_removed(p, rule, time_msec(), OFPRR_DELETE);
3867 rule_remove(p, rule);
3868 }
3869 \f
3870 static int
3871 handle_flow_mod(struct ofproto *p, struct ofconn *ofconn,
3872 struct ofp_flow_mod *ofm)
3873 {
3874 struct ofp_match orig_match;
3875 size_t n_actions;
3876 int error;
3877
3878 error = reject_slave_controller(ofconn, &ofm->header);
3879 if (error) {
3880 return error;
3881 }
3882 error = check_ofp_message_array(&ofm->header, OFPT_FLOW_MOD, sizeof *ofm,
3883 sizeof *ofm->actions, &n_actions);
3884 if (error) {
3885 return error;
3886 }
3887
3888 /* We do not support the emergency flow cache. It will hopefully
3889 * get dropped from OpenFlow in the near future. */
3890 if (ofm->flags & htons(OFPFF_EMERG)) {
3891 /* There isn't a good fit for an error code, so just state that the
3892 * flow table is full. */
3893 return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_ALL_TABLES_FULL);
3894 }
3895
3896 /* Normalize ofp->match. If normalization actually changes anything, then
3897 * log the differences. */
3898 ofm->match.pad1[0] = ofm->match.pad2[0] = 0;
3899 orig_match = ofm->match;
3900 normalize_match(&ofm->match);
3901 if (memcmp(&ofm->match, &orig_match, sizeof orig_match)) {
3902 static struct vlog_rate_limit normal_rl = VLOG_RATE_LIMIT_INIT(1, 1);
3903 if (!VLOG_DROP_INFO(&normal_rl)) {
3904 char *old = ofp_match_to_literal_string(&orig_match);
3905 char *new = ofp_match_to_literal_string(&ofm->match);
3906 VLOG_INFO("%s: normalization changed ofp_match, details:",
3907 rconn_get_name(ofconn->rconn));
3908 VLOG_INFO(" pre: %s", old);
3909 VLOG_INFO("post: %s", new);
3910 free(old);
3911 free(new);
3912 }
3913 }
3914
3915 if (!ofm->match.wildcards) {
3916 ofm->priority = htons(UINT16_MAX);
3917 }
3918
3919 error = validate_actions((const union ofp_action *) ofm->actions,
3920 n_actions, p->max_ports);
3921 if (error) {
3922 return error;
3923 }
3924
3925 switch (ntohs(ofm->command)) {
3926 case OFPFC_ADD:
3927 return add_flow(p, ofconn, ofm, n_actions);
3928
3929 case OFPFC_MODIFY:
3930 return modify_flows_loose(p, ofconn, ofm, n_actions);
3931
3932 case OFPFC_MODIFY_STRICT:
3933 return modify_flow_strict(p, ofconn, ofm, n_actions);
3934
3935 case OFPFC_DELETE:
3936 delete_flows_loose(p, ofm);
3937 return 0;
3938
3939 case OFPFC_DELETE_STRICT:
3940 delete_flow_strict(p, ofm);
3941 return 0;
3942
3943 default:
3944 return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_BAD_COMMAND);
3945 }
3946 }
3947
3948 static int
3949 handle_tun_id_from_cookie(struct ofproto *p, struct nxt_tun_id_cookie *msg)
3950 {
3951 int error;
3952
3953 error = check_ofp_message(&msg->header, OFPT_VENDOR, sizeof *msg);
3954 if (error) {
3955 return error;
3956 }
3957
3958 p->tun_id_from_cookie = !!msg->set;
3959 return 0;
3960 }
3961
3962 static int
3963 handle_role_request(struct ofproto *ofproto,
3964 struct ofconn *ofconn, struct nicira_header *msg)
3965 {
3966 struct nx_role_request *nrr;
3967 struct nx_role_request *reply;
3968 struct ofpbuf *buf;
3969 uint32_t role;
3970
3971 if (ntohs(msg->header.length) != sizeof *nrr) {
3972 VLOG_WARN_RL(&rl, "received role request of length %u (expected %zu)",
3973 ntohs(msg->header.length), sizeof *nrr);
3974 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
3975 }
3976 nrr = (struct nx_role_request *) msg;
3977
3978 if (ofconn->type != OFCONN_PRIMARY) {
3979 VLOG_WARN_RL(&rl, "ignoring role request on non-controller "
3980 "connection");
3981 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_EPERM);
3982 }
3983
3984 role = ntohl(nrr->role);
3985 if (role != NX_ROLE_OTHER && role != NX_ROLE_MASTER
3986 && role != NX_ROLE_SLAVE) {
3987 VLOG_WARN_RL(&rl, "received request for unknown role %"PRIu32, role);
3988
3989 /* There's no good error code for this. */
3990 return ofp_mkerr(OFPET_BAD_REQUEST, -1);
3991 }
3992
3993 if (role == NX_ROLE_MASTER) {
3994 struct ofconn *other;
3995
3996 HMAP_FOR_EACH (other, hmap_node, &ofproto->controllers) {
3997 if (other->role == NX_ROLE_MASTER) {
3998 other->role = NX_ROLE_SLAVE;
3999 }
4000 }
4001 }
4002 ofconn->role = role;
4003
4004 reply = make_openflow_xid(sizeof *reply, OFPT_VENDOR, msg->header.xid,
4005 &buf);
4006 reply->nxh.vendor = htonl(NX_VENDOR_ID);
4007 reply->nxh.subtype = htonl(NXT_ROLE_REPLY);
4008 reply->role = htonl(role);
4009 queue_tx(buf, ofconn, ofconn->reply_counter);
4010
4011 return 0;
4012 }
4013
4014 static int
4015 handle_vendor(struct ofproto *p, struct ofconn *ofconn, void *msg)
4016 {
4017 struct ofp_vendor_header *ovh = msg;
4018 struct nicira_header *nh;
4019
4020 if (ntohs(ovh->header.length) < sizeof(struct ofp_vendor_header)) {
4021 VLOG_WARN_RL(&rl, "received vendor message of length %u "
4022 "(expected at least %zu)",
4023 ntohs(ovh->header.length), sizeof(struct ofp_vendor_header));
4024 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
4025 }
4026 if (ovh->vendor != htonl(NX_VENDOR_ID)) {
4027 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_VENDOR);
4028 }
4029 if (ntohs(ovh->header.length) < sizeof(struct nicira_header)) {
4030 VLOG_WARN_RL(&rl, "received Nicira vendor message of length %u "
4031 "(expected at least %zu)",
4032 ntohs(ovh->header.length), sizeof(struct nicira_header));
4033 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN);
4034 }
4035
4036 nh = msg;
4037 switch (ntohl(nh->subtype)) {
4038 case NXT_STATUS_REQUEST:
4039 return switch_status_handle_request(p->switch_status, ofconn->rconn,
4040 msg);
4041
4042 case NXT_TUN_ID_FROM_COOKIE:
4043 return handle_tun_id_from_cookie(p, msg);
4044
4045 case NXT_ROLE_REQUEST:
4046 return handle_role_request(p, ofconn, msg);
4047 }
4048
4049 return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_SUBTYPE);
4050 }
4051
4052 static int
4053 handle_barrier_request(struct ofconn *ofconn, struct ofp_header *oh)
4054 {
4055 struct ofp_header *ob;
4056 struct ofpbuf *buf;
4057
4058 /* Currently, everything executes synchronously, so we can just
4059 * immediately send the barrier reply. */
4060 ob = make_openflow_xid(sizeof *ob, OFPT_BARRIER_REPLY, oh->xid, &buf);
4061 queue_tx(buf, ofconn, ofconn->reply_counter);
4062 return 0;
4063 }
4064
4065 static void
4066 handle_openflow(struct ofconn *ofconn, struct ofproto *p,
4067 struct ofpbuf *ofp_msg)
4068 {
4069 struct ofp_header *oh = ofp_msg->data;
4070 int error;
4071
4072 COVERAGE_INC(ofproto_recv_openflow);
4073 switch (oh->type) {
4074 case OFPT_ECHO_REQUEST:
4075 error = handle_echo_request(ofconn, oh);
4076 break;
4077
4078 case OFPT_ECHO_REPLY:
4079 error = 0;
4080 break;
4081
4082 case OFPT_FEATURES_REQUEST:
4083 error = handle_features_request(p, ofconn, oh);
4084 break;
4085
4086 case OFPT_GET_CONFIG_REQUEST:
4087 error = handle_get_config_request(p, ofconn, oh);
4088 break;
4089
4090 case OFPT_SET_CONFIG:
4091 error = handle_set_config(p, ofconn, ofp_msg->data);
4092 break;
4093
4094 case OFPT_PACKET_OUT:
4095 error = handle_packet_out(p, ofconn, ofp_msg->data);
4096 break;
4097
4098 case OFPT_PORT_MOD:
4099 error = handle_port_mod(p, ofconn, oh);
4100 break;
4101
4102 case OFPT_FLOW_MOD:
4103 error = handle_flow_mod(p, ofconn, ofp_msg->data);
4104 break;
4105
4106 case OFPT_STATS_REQUEST:
4107 error = handle_stats_request(p, ofconn, oh);
4108 break;
4109
4110 case OFPT_VENDOR:
4111 error = handle_vendor(p, ofconn, ofp_msg->data);
4112 break;
4113
4114 case OFPT_BARRIER_REQUEST:
4115 error = handle_barrier_request(ofconn, oh);
4116 break;
4117
4118 default:
4119 if (VLOG_IS_WARN_ENABLED()) {
4120 char *s = ofp_to_string(oh, ntohs(oh->length), 2);
4121 VLOG_DBG_RL(&rl, "OpenFlow message ignored: %s", s);
4122 free(s);
4123 }
4124 error = ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_TYPE);
4125 break;
4126 }
4127
4128 if (error) {
4129 send_error_oh(ofconn, ofp_msg->data, error);
4130 }
4131 }
4132 \f
4133 static void
4134 handle_odp_miss_msg(struct ofproto *p, struct ofpbuf *packet)
4135 {
4136 struct odp_msg *msg = packet->data;
4137 struct rule *rule;
4138 struct ofpbuf payload;
4139 struct flow flow;
4140
4141 payload.data = msg + 1;
4142 payload.size = msg->length - sizeof *msg;
4143 flow_extract(&payload, msg->arg, msg->port, &flow);
4144
4145 /* Check with in-band control to see if this packet should be sent
4146 * to the local port regardless of the flow table. */
4147 if (in_band_msg_in_hook(p->in_band, &flow, &payload)) {
4148 union odp_action action;
4149
4150 memset(&action, 0, sizeof(action));
4151 action.output.type = ODPAT_OUTPUT;
4152 action.output.port = ODPP_LOCAL;
4153 dpif_execute(p->dpif, &action, 1, &payload);
4154 }
4155
4156 rule = lookup_valid_rule(p, &flow);
4157 if (!rule) {
4158 /* Don't send a packet-in if OFPPC_NO_PACKET_IN asserted. */
4159 struct ofport *port = get_port(p, msg->port);
4160 if (port) {
4161 if (port->opp.config & OFPPC_NO_PACKET_IN) {
4162 COVERAGE_INC(ofproto_no_packet_in);
4163 /* XXX install 'drop' flow entry */
4164 ofpbuf_delete(packet);
4165 return;
4166 }
4167 } else {
4168 VLOG_WARN_RL(&rl, "packet-in on unknown port %"PRIu16, msg->port);
4169 }
4170
4171 COVERAGE_INC(ofproto_packet_in);
4172 send_packet_in(p, packet);
4173 return;
4174 }
4175
4176 if (rule->cr.wc.wildcards) {
4177 rule = rule_create_subrule(p, rule, &flow);
4178 rule_make_actions(p, rule, packet);
4179 } else {
4180 if (!rule->may_install) {
4181 /* The rule is not installable, that is, we need to process every
4182 * packet, so process the current packet and set its actions into
4183 * 'subrule'. */
4184 rule_make_actions(p, rule, packet);
4185 } else {
4186 /* XXX revalidate rule if it needs it */
4187 }
4188 }
4189
4190 if (rule->super && rule->super->cr.priority == FAIL_OPEN_PRIORITY) {
4191 /*
4192 * Extra-special case for fail-open mode.
4193 *
4194 * We are in fail-open mode and the packet matched the fail-open rule,
4195 * but we are connected to a controller too. We should send the packet
4196 * up to the controller in the hope that it will try to set up a flow
4197 * and thereby allow us to exit fail-open.
4198 *
4199 * See the top-level comment in fail-open.c for more information.
4200 */
4201 send_packet_in(p, ofpbuf_clone_with_headroom(packet,
4202 DPIF_RECV_MSG_PADDING));
4203 }
4204
4205 ofpbuf_pull(packet, sizeof *msg);
4206 rule_execute(p, rule, packet, &flow);
4207 rule_reinstall(p, rule);
4208 }
4209
4210 static void
4211 handle_odp_msg(struct ofproto *p, struct ofpbuf *packet)
4212 {
4213 struct odp_msg *msg = packet->data;
4214
4215 switch (msg->type) {
4216 case _ODPL_ACTION_NR:
4217 COVERAGE_INC(ofproto_ctlr_action);
4218 send_packet_in(p, packet);
4219 break;
4220
4221 case _ODPL_SFLOW_NR:
4222 if (p->sflow) {
4223 ofproto_sflow_received(p->sflow, msg);
4224 }
4225 ofpbuf_delete(packet);
4226 break;
4227
4228 case _ODPL_MISS_NR:
4229 handle_odp_miss_msg(p, packet);
4230 break;
4231
4232 default:
4233 VLOG_WARN_RL(&rl, "received ODP message of unexpected type %"PRIu32,
4234 msg->type);
4235 break;
4236 }
4237 }
4238 \f
4239 /* Flow expiration. */
4240
4241 struct expire_cbdata {
4242 struct ofproto *ofproto;
4243 int dp_max_idle;
4244 };
4245
4246 static int ofproto_dp_max_idle(const struct ofproto *);
4247 static void ofproto_update_used(struct ofproto *);
4248 static void rule_expire(struct cls_rule *, void *cbdata);
4249
4250 /* This function is called periodically by ofproto_run(). Its job is to
4251 * collect updates for the flows that have been installed into the datapath,
4252 * most importantly when they last were used, and then use that information to
4253 * expire flows that have not been used recently.
4254 *
4255 * Returns the number of milliseconds after which it should be called again. */
4256 static int
4257 ofproto_expire(struct ofproto *ofproto)
4258 {
4259 struct expire_cbdata cbdata;
4260
4261 /* Update 'used' for each flow in the datapath. */
4262 ofproto_update_used(ofproto);
4263
4264 /* Expire idle flows.
4265 *
4266 * A wildcarded flow is idle only when all of its subrules have expired due
4267 * to becoming idle, so iterate through the exact-match flows first. */
4268 cbdata.ofproto = ofproto;
4269 cbdata.dp_max_idle = ofproto_dp_max_idle(ofproto);
4270 classifier_for_each(&ofproto->cls, CLS_INC_EXACT, rule_expire, &cbdata);
4271 classifier_for_each(&ofproto->cls, CLS_INC_WILD, rule_expire, &cbdata);
4272
4273 /* Let the hook know that we're at a stable point: all outstanding data
4274 * in existing flows has been accounted to the account_cb. Thus, the
4275 * hook can now reasonably do operations that depend on having accurate
4276 * flow volume accounting (currently, that's just bond rebalancing). */
4277 if (ofproto->ofhooks->account_checkpoint_cb) {
4278 ofproto->ofhooks->account_checkpoint_cb(ofproto->aux);
4279 }
4280
4281 return MIN(cbdata.dp_max_idle, 1000);
4282 }
4283
4284 /* Update 'used' member of each flow currently installed into the datapath. */
4285 static void
4286 ofproto_update_used(struct ofproto *p)
4287 {
4288 struct odp_flow *flows;
4289 size_t n_flows;
4290 size_t i;
4291 int error;
4292
4293 error = dpif_flow_list_all(p->dpif, &flows, &n_flows);
4294 if (error) {
4295 return;
4296 }
4297
4298 for (i = 0; i < n_flows; i++) {
4299 struct odp_flow *f = &flows[i];
4300 struct rule *rule;
4301 struct flow flow;
4302
4303 odp_flow_key_to_flow(&f->key, &flow);
4304
4305 rule = rule_from_cls_rule(
4306 classifier_find_rule_exactly(&p->cls, &flow, 0, UINT16_MAX));
4307
4308 if (rule && rule->installed) {
4309 update_time(p, rule, &f->stats);
4310 rule_account(p, rule, f->stats.n_bytes);
4311 } else {
4312 /* There's a flow in the datapath that we know nothing about.
4313 * Delete it. */
4314 COVERAGE_INC(ofproto_unexpected_rule);
4315 dpif_flow_del(p->dpif, f);
4316 }
4317
4318 }
4319 free(flows);
4320 }
4321
4322 /* Calculates and returns the number of milliseconds of idle time after which
4323 * flows should expire from the datapath and we should fold their statistics
4324 * into their parent rules in userspace. */
4325 static int
4326 ofproto_dp_max_idle(const struct ofproto *ofproto)
4327 {
4328 /*
4329 * Idle time histogram.
4330 *
4331 * Most of the time a switch has a relatively small number of flows. When
4332 * this is the case we might as well keep statistics for all of them in
4333 * userspace and to cache them in the kernel datapath for performance as
4334 * well.
4335 *
4336 * As the number of flows increases, the memory required to maintain
4337 * statistics about them in userspace and in the kernel becomes
4338 * significant. However, with a large number of flows it is likely that
4339 * only a few of them are "heavy hitters" that consume a large amount of
4340 * bandwidth. At this point, only heavy hitters are worth caching in the
4341 * kernel and maintaining in userspaces; other flows we can discard.
4342 *
4343 * The technique used to compute the idle time is to build a histogram with
4344 * N_BUCKETS bucket whose width is BUCKET_WIDTH msecs each. Each flow that
4345 * is installed in the kernel gets dropped in the appropriate bucket.
4346 * After the histogram has been built, we compute the cutoff so that only
4347 * the most-recently-used 1% of flows (but at least 1000 flows) are kept
4348 * cached. At least the most-recently-used bucket of flows is kept, so
4349 * actually an arbitrary number of flows can be kept in any given
4350 * expiration run (though the next run will delete most of those unless
4351 * they receive additional data).
4352 *
4353 * This requires a second pass through the exact-match flows, in addition
4354 * to the pass made by ofproto_update_used(), because the former function
4355 * never looks at uninstallable flows.
4356 */
4357 enum { BUCKET_WIDTH = ROUND_UP(100, TIME_UPDATE_INTERVAL) };
4358 enum { N_BUCKETS = 5000 / BUCKET_WIDTH };
4359 int buckets[N_BUCKETS] = { 0 };
4360 int total, bucket;
4361 struct rule *rule;
4362 long long int now;
4363 int i;
4364
4365 total = classifier_count_exact(&ofproto->cls);
4366 if (total <= 1000) {
4367 return N_BUCKETS * BUCKET_WIDTH;
4368 }
4369
4370 /* Build histogram. */
4371 now = time_msec();
4372 CLASSIFIER_FOR_EACH_EXACT_RULE (rule, cr, &ofproto->cls) {
4373 long long int idle = now - rule->used;
4374 int bucket = (idle <= 0 ? 0
4375 : idle >= BUCKET_WIDTH * N_BUCKETS ? N_BUCKETS - 1
4376 : (unsigned int) idle / BUCKET_WIDTH);
4377 buckets[bucket]++;
4378 }
4379
4380 /* Find the first bucket whose flows should be expired. */
4381 for (bucket = 0; bucket < N_BUCKETS; bucket++) {
4382 if (buckets[bucket]) {
4383 int subtotal = 0;
4384 do {
4385 subtotal += buckets[bucket++];
4386 } while (bucket < N_BUCKETS && subtotal < MAX(1000, total / 100));
4387 break;
4388 }
4389 }
4390
4391 if (VLOG_IS_DBG_ENABLED()) {
4392 struct ds s;
4393
4394 ds_init(&s);
4395 ds_put_cstr(&s, "keep");
4396 for (i = 0; i < N_BUCKETS; i++) {
4397 if (i == bucket) {
4398 ds_put_cstr(&s, ", drop");
4399 }
4400 if (buckets[i]) {
4401 ds_put_format(&s, " %d:%d", i * BUCKET_WIDTH, buckets[i]);
4402 }
4403 }
4404 VLOG_INFO("%s: %s (msec:count)",
4405 dpif_name(ofproto->dpif), ds_cstr(&s));
4406 ds_destroy(&s);
4407 }
4408
4409 return bucket * BUCKET_WIDTH;
4410 }
4411
4412 static void
4413 rule_active_timeout(struct ofproto *ofproto, struct rule *rule)
4414 {
4415 if (ofproto->netflow && !is_controller_rule(rule) &&
4416 netflow_active_timeout_expired(ofproto->netflow, &rule->nf_flow)) {
4417 struct ofexpired expired;
4418 struct odp_flow odp_flow;
4419
4420 /* Get updated flow stats.
4421 *
4422 * XXX We could avoid this call entirely if (1) ofproto_update_used()
4423 * updated TCP flags and (2) the dpif_flow_list_all() in
4424 * ofproto_update_used() zeroed TCP flags. */
4425 memset(&odp_flow, 0, sizeof odp_flow);
4426 if (rule->installed) {
4427 odp_flow_key_from_flow(&odp_flow.key, &rule->cr.flow);
4428 odp_flow.flags = ODPFF_ZERO_TCP_FLAGS;
4429 dpif_flow_get(ofproto->dpif, &odp_flow);
4430
4431 if (odp_flow.stats.n_packets) {
4432 update_time(ofproto, rule, &odp_flow.stats);
4433 netflow_flow_update_flags(&rule->nf_flow,
4434 odp_flow.stats.tcp_flags);
4435 }
4436 }
4437
4438 expired.flow = rule->cr.flow;
4439 expired.packet_count = rule->packet_count +
4440 odp_flow.stats.n_packets;
4441 expired.byte_count = rule->byte_count + odp_flow.stats.n_bytes;
4442 expired.used = rule->used;
4443
4444 netflow_expire(ofproto->netflow, &rule->nf_flow, &expired);
4445 }
4446 }
4447
4448 /* If 'cls_rule' is an OpenFlow rule, that has expired according to OpenFlow
4449 * rules, then delete it entirely.
4450 *
4451 * If 'cls_rule' is a subrule, that has not been used recently, remove it from
4452 * the datapath and fold its statistics back into its super-rule.
4453 *
4454 * (This is a callback function for classifier_for_each().) */
4455 static void
4456 rule_expire(struct cls_rule *cls_rule, void *cbdata_)
4457 {
4458 struct expire_cbdata *cbdata = cbdata_;
4459 struct ofproto *ofproto = cbdata->ofproto;
4460 struct rule *rule = rule_from_cls_rule(cls_rule);
4461 long long int hard_expire, idle_expire, expire, now;
4462
4463 /* Calculate OpenFlow expiration times for 'rule'. */
4464 hard_expire = (rule->hard_timeout
4465 ? rule->created + rule->hard_timeout * 1000
4466 : LLONG_MAX);
4467 idle_expire = (rule->idle_timeout
4468 && (rule->super || list_is_empty(&rule->list))
4469 ? rule->used + rule->idle_timeout * 1000
4470 : LLONG_MAX);
4471 expire = MIN(hard_expire, idle_expire);
4472
4473 now = time_msec();
4474 if (now < expire) {
4475 /* 'rule' has not expired according to OpenFlow rules. */
4476 if (!rule->cr.wc.wildcards) {
4477 if (now >= rule->used + cbdata->dp_max_idle) {
4478 /* This rule is idle, so drop it to free up resources. */
4479 if (rule->super) {
4480 /* It's not part of the OpenFlow flow table, so we can
4481 * delete it entirely and fold its statistics into its
4482 * super-rule. */
4483 rule_remove(ofproto, rule);
4484 } else {
4485 /* It is part of the OpenFlow flow table, so we have to
4486 * keep the rule but we can at least uninstall it from the
4487 * datapath. */
4488 rule_uninstall(ofproto, rule);
4489 }
4490 } else {
4491 /* Send NetFlow active timeout if appropriate. */
4492 rule_active_timeout(cbdata->ofproto, rule);
4493 }
4494 }
4495 } else {
4496 /* 'rule' has expired according to OpenFlow rules. */
4497 COVERAGE_INC(ofproto_expired);
4498
4499 /* Update stats. (This is a no-op if the rule expired due to an idle
4500 * timeout, because that only happens when the rule has no subrules
4501 * left.) */
4502 if (rule->cr.wc.wildcards) {
4503 struct rule *subrule, *next;
4504 LIST_FOR_EACH_SAFE (subrule, next, list, &rule->list) {
4505 rule_remove(cbdata->ofproto, subrule);
4506 }
4507 } else {
4508 rule_uninstall(cbdata->ofproto, rule);
4509 }
4510
4511 /* Get rid of the rule. */
4512 if (!rule_is_hidden(rule)) {
4513 send_flow_removed(cbdata->ofproto, rule, now,
4514 (now >= hard_expire
4515 ? OFPRR_HARD_TIMEOUT : OFPRR_IDLE_TIMEOUT));
4516 }
4517 rule_remove(cbdata->ofproto, rule);
4518 }
4519 }
4520 \f
4521 static void
4522 revalidate_cb(struct cls_rule *sub_, void *cbdata_)
4523 {
4524 struct rule *sub = rule_from_cls_rule(sub_);
4525 struct revalidate_cbdata *cbdata = cbdata_;
4526
4527 if (cbdata->revalidate_all
4528 || (cbdata->revalidate_subrules && sub->super)
4529 || (tag_set_intersects(&cbdata->revalidate_set, sub->tags))) {
4530 revalidate_rule(cbdata->ofproto, sub);
4531 }
4532 }
4533
4534 static bool
4535 revalidate_rule(struct ofproto *p, struct rule *rule)
4536 {
4537 const struct flow *flow = &rule->cr.flow;
4538
4539 COVERAGE_INC(ofproto_revalidate_rule);
4540 if (rule->super) {
4541 struct rule *super;
4542 super = rule_from_cls_rule(classifier_lookup_wild(&p->cls, flow));
4543 if (!super) {
4544 rule_remove(p, rule);
4545 return false;
4546 } else if (super != rule->super) {
4547 COVERAGE_INC(ofproto_revalidate_moved);
4548 list_remove(&rule->list);
4549 list_push_back(&super->list, &rule->list);
4550 rule->super = super;
4551 rule->hard_timeout = super->hard_timeout;
4552 rule->idle_timeout = super->idle_timeout;
4553 rule->created = super->created;
4554 rule->used = 0;
4555 }
4556 }
4557
4558 rule_update_actions(p, rule);
4559 return true;
4560 }
4561
4562 static struct ofpbuf *
4563 compose_flow_removed(struct ofproto *p, const struct rule *rule,
4564 long long int now, uint8_t reason)
4565 {
4566 struct ofp_flow_removed *ofr;
4567 struct ofpbuf *buf;
4568 long long int tdiff = now - rule->created;
4569 uint32_t sec = tdiff / 1000;
4570 uint32_t msec = tdiff - (sec * 1000);
4571
4572 ofr = make_openflow(sizeof *ofr, OFPT_FLOW_REMOVED, &buf);
4573 flow_to_match(&rule->cr.flow, rule->cr.wc.wildcards, p->tun_id_from_cookie,
4574 &ofr->match);
4575 ofr->cookie = rule->flow_cookie;
4576 ofr->priority = htons(rule->cr.priority);
4577 ofr->reason = reason;
4578 ofr->duration_sec = htonl(sec);
4579 ofr->duration_nsec = htonl(msec * 1000000);
4580 ofr->idle_timeout = htons(rule->idle_timeout);
4581 ofr->packet_count = htonll(rule->packet_count);
4582 ofr->byte_count = htonll(rule->byte_count);
4583
4584 return buf;
4585 }
4586
4587 static void
4588 send_flow_removed(struct ofproto *p, struct rule *rule,
4589 long long int now, uint8_t reason)
4590 {
4591 struct ofconn *ofconn;
4592 struct ofconn *prev;
4593 struct ofpbuf *buf = NULL;
4594
4595 if (!rule->send_flow_removed) {
4596 return;
4597 }
4598
4599 /* We limit the maximum number of queued flow expirations it by accounting
4600 * them under the counter for replies. That works because preventing
4601 * OpenFlow requests from being processed also prevents new flows from
4602 * being added (and expiring). (It also prevents processing OpenFlow
4603 * requests that would not add new flows, so it is imperfect.) */
4604
4605 prev = NULL;
4606 LIST_FOR_EACH (ofconn, node, &p->all_conns) {
4607 if (rconn_is_connected(ofconn->rconn)
4608 && ofconn_receives_async_msgs(ofconn)) {
4609 if (prev) {
4610 queue_tx(ofpbuf_clone(buf), prev, prev->reply_counter);
4611 } else {
4612 buf = compose_flow_removed(p, rule, now, reason);
4613 }
4614 prev = ofconn;
4615 }
4616 }
4617 if (prev) {
4618 queue_tx(buf, prev, prev->reply_counter);
4619 }
4620 }
4621
4622 /* pinsched callback for sending 'packet' on 'ofconn'. */
4623 static void
4624 do_send_packet_in(struct ofpbuf *packet, void *ofconn_)
4625 {
4626 struct ofconn *ofconn = ofconn_;
4627
4628 rconn_send_with_limit(ofconn->rconn, packet,
4629 ofconn->packet_in_counter, 100);
4630 }
4631
4632 /* Takes 'packet', which has been converted with do_convert_to_packet_in(), and
4633 * finalizes its content for sending on 'ofconn', and passes it to 'ofconn''s
4634 * packet scheduler for sending.
4635 *
4636 * 'max_len' specifies the maximum number of bytes of the packet to send on
4637 * 'ofconn' (INT_MAX specifies no limit).
4638 *
4639 * If 'clone' is true, the caller retains ownership of 'packet'. Otherwise,
4640 * ownership is transferred to this function. */
4641 static void
4642 schedule_packet_in(struct ofconn *ofconn, struct ofpbuf *packet, int max_len,
4643 bool clone)
4644 {
4645 struct ofproto *ofproto = ofconn->ofproto;
4646 struct ofp_packet_in *opi = packet->data;
4647 uint16_t in_port = ofp_port_to_odp_port(ntohs(opi->in_port));
4648 int send_len, trim_size;
4649 uint32_t buffer_id;
4650
4651 /* Get buffer. */
4652 if (opi->reason == OFPR_ACTION) {
4653 buffer_id = UINT32_MAX;
4654 } else if (ofproto->fail_open && fail_open_is_active(ofproto->fail_open)) {
4655 buffer_id = pktbuf_get_null();
4656 } else if (!ofconn->pktbuf) {
4657 buffer_id = UINT32_MAX;
4658 } else {
4659 struct ofpbuf payload;
4660 payload.data = opi->data;
4661 payload.size = packet->size - offsetof(struct ofp_packet_in, data);
4662 buffer_id = pktbuf_save(ofconn->pktbuf, &payload, in_port);
4663 }
4664
4665 /* Figure out how much of the packet to send. */
4666 send_len = ntohs(opi->total_len);
4667 if (buffer_id != UINT32_MAX) {
4668 send_len = MIN(send_len, ofconn->miss_send_len);
4669 }
4670 send_len = MIN(send_len, max_len);
4671
4672 /* Adjust packet length and clone if necessary. */
4673 trim_size = offsetof(struct ofp_packet_in, data) + send_len;
4674 if (clone) {
4675 packet = ofpbuf_clone_data(packet->data, trim_size);
4676 opi = packet->data;
4677 } else {
4678 packet->size = trim_size;
4679 }
4680
4681 /* Update packet headers. */
4682 opi->buffer_id = htonl(buffer_id);
4683 update_openflow_length(packet);
4684
4685 /* Hand over to packet scheduler. It might immediately call into
4686 * do_send_packet_in() or it might buffer it for a while (until a later
4687 * call to pinsched_run()). */
4688 pinsched_send(ofconn->schedulers[opi->reason], in_port,
4689 packet, do_send_packet_in, ofconn);
4690 }
4691
4692 /* Replace struct odp_msg header in 'packet' by equivalent struct
4693 * ofp_packet_in. The odp_msg must have sufficient headroom to do so (e.g. as
4694 * returned by dpif_recv()).
4695 *
4696 * The conversion is not complete: the caller still needs to trim any unneeded
4697 * payload off the end of the buffer, set the length in the OpenFlow header,
4698 * and set buffer_id. Those require us to know the controller settings and so
4699 * must be done on a per-controller basis.
4700 *
4701 * Returns the maximum number of bytes of the packet that should be sent to
4702 * the controller (INT_MAX if no limit). */
4703 static int
4704 do_convert_to_packet_in(struct ofpbuf *packet)
4705 {
4706 struct odp_msg *msg = packet->data;
4707 struct ofp_packet_in *opi;
4708 uint8_t reason;
4709 uint16_t total_len;
4710 uint16_t in_port;
4711 int max_len;
4712
4713 /* Extract relevant header fields */
4714 if (msg->type == _ODPL_ACTION_NR) {
4715 reason = OFPR_ACTION;
4716 max_len = msg->arg;
4717 } else {
4718 reason = OFPR_NO_MATCH;
4719 max_len = INT_MAX;
4720 }
4721 total_len = msg->length - sizeof *msg;
4722 in_port = odp_port_to_ofp_port(msg->port);
4723
4724 /* Repurpose packet buffer by overwriting header. */
4725 ofpbuf_pull(packet, sizeof(struct odp_msg));
4726 opi = ofpbuf_push_zeros(packet, offsetof(struct ofp_packet_in, data));
4727 opi->header.version = OFP_VERSION;
4728 opi->header.type = OFPT_PACKET_IN;
4729 opi->total_len = htons(total_len);
4730 opi->in_port = htons(in_port);
4731 opi->reason = reason;
4732
4733 return max_len;
4734 }
4735
4736 /* Given 'packet' containing an odp_msg of type _ODPL_ACTION_NR or
4737 * _ODPL_MISS_NR, sends an OFPT_PACKET_IN message to each OpenFlow controller
4738 * as necessary according to their individual configurations.
4739 *
4740 * 'packet' must have sufficient headroom to convert it into a struct
4741 * ofp_packet_in (e.g. as returned by dpif_recv()).
4742 *
4743 * Takes ownership of 'packet'. */
4744 static void
4745 send_packet_in(struct ofproto *ofproto, struct ofpbuf *packet)
4746 {
4747 struct ofconn *ofconn, *prev;
4748 int max_len;
4749
4750 max_len = do_convert_to_packet_in(packet);
4751
4752 prev = NULL;
4753 LIST_FOR_EACH (ofconn, node, &ofproto->all_conns) {
4754 if (ofconn_receives_async_msgs(ofconn)) {
4755 if (prev) {
4756 schedule_packet_in(prev, packet, max_len, true);
4757 }
4758 prev = ofconn;
4759 }
4760 }
4761 if (prev) {
4762 schedule_packet_in(prev, packet, max_len, false);
4763 } else {
4764 ofpbuf_delete(packet);
4765 }
4766 }
4767
4768 static uint64_t
4769 pick_datapath_id(const struct ofproto *ofproto)
4770 {
4771 const struct ofport *port;
4772
4773 port = get_port(ofproto, ODPP_LOCAL);
4774 if (port) {
4775 uint8_t ea[ETH_ADDR_LEN];
4776 int error;
4777
4778 error = netdev_get_etheraddr(port->netdev, ea);
4779 if (!error) {
4780 return eth_addr_to_uint64(ea);
4781 }
4782 VLOG_WARN("could not get MAC address for %s (%s)",
4783 netdev_get_name(port->netdev), strerror(error));
4784 }
4785 return ofproto->fallback_dpid;
4786 }
4787
4788 static uint64_t
4789 pick_fallback_dpid(void)
4790 {
4791 uint8_t ea[ETH_ADDR_LEN];
4792 eth_addr_nicira_random(ea);
4793 return eth_addr_to_uint64(ea);
4794 }
4795 \f
4796 static bool
4797 default_normal_ofhook_cb(const struct flow *flow, const struct ofpbuf *packet,
4798 struct odp_actions *actions, tag_type *tags,
4799 uint16_t *nf_output_iface, void *ofproto_)
4800 {
4801 struct ofproto *ofproto = ofproto_;
4802 int out_port;
4803
4804 /* Drop frames for reserved multicast addresses. */
4805 if (eth_addr_is_reserved(flow->dl_dst)) {
4806 return true;
4807 }
4808
4809 /* Learn source MAC (but don't try to learn from revalidation). */
4810 if (packet != NULL) {
4811 tag_type rev_tag = mac_learning_learn(ofproto->ml, flow->dl_src,
4812 0, flow->in_port,
4813 GRAT_ARP_LOCK_NONE);
4814 if (rev_tag) {
4815 /* The log messages here could actually be useful in debugging,
4816 * so keep the rate limit relatively high. */
4817 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(30, 300);
4818 VLOG_DBG_RL(&rl, "learned that "ETH_ADDR_FMT" is on port %"PRIu16,
4819 ETH_ADDR_ARGS(flow->dl_src), flow->in_port);
4820 ofproto_revalidate(ofproto, rev_tag);
4821 }
4822 }
4823
4824 /* Determine output port. */
4825 out_port = mac_learning_lookup_tag(ofproto->ml, flow->dl_dst, 0, tags,
4826 NULL);
4827 if (out_port < 0) {
4828 flood_packets(ofproto, flow->in_port, OFPPC_NO_FLOOD,
4829 nf_output_iface, actions);
4830 } else if (out_port != flow->in_port) {
4831 odp_actions_add(actions, ODPAT_OUTPUT)->output.port = out_port;
4832 *nf_output_iface = out_port;
4833 } else {
4834 /* Drop. */
4835 }
4836
4837 return true;
4838 }
4839
4840 static const struct ofhooks default_ofhooks = {
4841 default_normal_ofhook_cb,
4842 NULL,
4843 NULL
4844 };
openvswitch packages for PVE