Thomas Graf [Mon, 15 Dec 2014 13:10:38 +0000 (14:10 +0100)]
lib: Move compiler.h to <openvswitch/compiler.h>
The following macros are renamed to avoid conflicts with other headers:
* WARN_UNUSED_RESULT to OVS_WARN_UNUSED_RESULT
* PRINTF_FORMAT to OVS_PRINTF_FORMAT
* NO_RETURN to OVS_NO_RETURN
Signed-off-by: Thomas Graf <tgraf@noironetworks.com> Acked-by: Ben Pfaff <blp@nicira.com>
Alex Wang [Sat, 13 Dec 2014 04:51:58 +0000 (20:51 -0800)]
recirculation: Do not drop packet when there is no match from
internal table.
In current recirculation implementation, the flow misses (with
'recirc_id' set) are always looked up on the receiving bridge's
internal flow table. However, the bond port may actually reside
on another bridge which gets connected to the receiving bridge
via patch port. Since the recirculation rules are pushed to the
other bridge's internal table, the flow lookup on the receiving
bridge will match nothing but the drop rule, causing unexpected
packet drops.
This commit fixes the above bug via keeping lookup the misses
(with 'recirc_id' set) in default table (table 0) and processing
it until reaching the bridge that owns the bond port. Then,
the misses can hit the post recirculation flows as expected.
Shu Shen [Wed, 26 Nov 2014 00:32:15 +0000 (16:32 -0800)]
ofproto: add support of OFPR_GROUP as packet-in reason for OF1.4+
When the Packet-In message is triggered by a group action, OFPR_GROUP is
passed internally as the reason. The wire_reason() function converts the
reason to OFPR_ACTION if the wire protocol is earlier than OF1.4.
The wire_reason() function also converts other unsupported reasons
(i.e., OFPR_ACTION_SET and OFPR_PACKET_OUT) to OFPR_ACTION if it detects
a wire protocol earlier than OF1.4.
By default reason code OFPR_GROUP for Packet-In will be enabled for
async messages as in ofconn_flush(). Upon a connection being established
with a controller, the protocol version is checked and OFPR_GROUP will
be disabled in async config if the protocol is lower than OF1.4. Any
controller running OF1.4+ is still be able to enable OFPR_GROUP at its
will without being affected by this check.
The patch also includes tests cases for both OF1.3 and OF1.4 to ensure
proper reason code is given for packet-in message triggered by group
action.
Signed-off-by: Shu Shen <shu.shen@radisys.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Nithin Raju [Mon, 8 Dec 2014 17:43:13 +0000 (09:43 -0800)]
datapath-windows: return bool from NlFillOvs[Msg/Hdr]
Per review comment, in this patch, we update the return values of
NlFillOvsMsg() and NlFillOvsHdr() from NTSTATUS to BOOLEAN to make them
consistent with the Nl* functions.
Joe Stringer [Wed, 29 Oct 2014 18:27:09 +0000 (11:27 -0700)]
dpif: Use DPIF_FP_MODIFY for feature probes.
If ovs-vswitchd is killed at the right time, then a probe flow may be
left in the datapath. This commit adds the DPIF_FP_MODIFY flag to
feature probes so that re-creating the same probe flow will not cause an
error.
These flow_put flags were previously changed in commit a7d1bbdcfe49e8
("ofproto-dpif: Use DPIF_FP_CREATE but not DPIF_FP_MODIFY."), despite
the commit message addressing a different case.
Suggested-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Joe Stringer [Wed, 3 Dec 2014 20:57:02 +0000 (12:57 -0800)]
dpif: Don't initialize output UFID in dpif_flow_get().
The UFID parameter to dpif_flow_get() is optional, but the current
implementation dereferences it to initialize part of the output flow.
This field is filled in by the dpif implementation, so don't initialize
it here.
This does not fix any existing bug because every caller currently passes
in a UFID. The next patch will introduce the first call to
dpif_flow_get() that doesn't provide a UFID, which would break without
this change.
Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
YAMAMOTO Takashi [Mon, 17 Nov 2014 05:40:22 +0000 (14:40 +0900)]
ovs-router: non-Linux support
Refactor ovs-router so that it can work with non-Linux platforms
at least in some extent, using the existing route-table code as
a fallback. Known restriction: for such platforms, "ovs/router/show"
command does not show "Cached" kernel routes.
Signed-off-by: YAMAMOTO Takashi <yamamoto@valinux.co.jp> Acked-by: Pravin B Shelar <pshelar@nicira.com>
The cache here doesn't work anymore as the recent
commit b772066ffd066d59d9ebce092f6665150723d2ad
("route-table: Remove Unregister.")
made this function called before daemonizing,
thus with a different pid.
Signed-off-by: YAMAMOTO Takashi <yamamoto@valinux.co.jp> Acked-by: Ben Pfaff <blp@nicira.com>
Thomas Graf [Wed, 3 Dec 2014 12:02:31 +0000 (13:02 +0100)]
datapath: Check if nla_is_last() is available in <net/netlink.h>
nla_is_last() is not available in 3.18, it's only in net-next.
Convert to grep based to check to account for distribution backports.
Fixes: 684b5f ("datapath: Rename last_action() as nla_is_last() and move to netlink.h") Signed-off-by: Thomas Graf <tgraf@noironetworks.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
Joe Stringer [Tue, 9 Dec 2014 01:14:39 +0000 (17:14 -0800)]
revalidator: Fix access of uninitialized memory.
Commit 64bb477 "dpif: Minimize memory copy for revalidation." introduced
a bug where the corner case of ukey creation (in revalidator threads)
could result in access to uninitialized memory when deleting flows from
the datapath. This could result in OVS aborting or deadlock. Fix it.
Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Alex Wang [Fri, 5 Dec 2014 22:02:53 +0000 (14:02 -0800)]
tunnel: Recreate tunnel port only when the netdev status change.
On current master, the 'struct tnl_port' in tunnel module will be
recreated whenever the global connectivity sequence number changes
(e.g. when adding unrelated flow). This is unnecessary and could
cause drop of tunnel packet if a lookup happens between the removal
and recreate.
This commit fixes the above issue by only checking the netdev's own
sequence number.
Found by code inspection.
Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Joe Stringer <joestringer@nicira.com>
Joe Stringer [Fri, 31 Oct 2014 22:18:21 +0000 (15:18 -0700)]
ovs-bugtool: Log more detail for dumped flows.
The standard mode for printing flows doesn't always provide the full
range of information that is available, particularly with the UFID
changes. Turn on more detail.
Thomas Graf [Fri, 28 Nov 2014 12:48:49 +0000 (13:48 +0100)]
travis: Extended kernel build matrix
When doing test builds, build against the following kernels:
- KERNEL=3.17.4
- KERNEL=3.16.7
- KERNEL=3.14.25
- KERNEL=3.12.33
- KERNEL=3.10.61
- KERNEL=3.4.104
- KERNEL=2.6.32.64
When doing pure kernel test builds, skip compilation of user space bits.
Signed-off-by: Thomas Graf <tgraf@noironetworks.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 4 Dec 2014 22:31:56 +0000 (14:31 -0800)]
ofp-actions: Only set defined bits when encoding "load" actions.
Commit 7eb4b1f1d70345f ("ofp-actions: Support OF1.5 (draft) masked
Set-Field, merge with reg_load.") introduced a bug in that a set_field
action that set an entire field would be translated incorrectly to
reg_load, if the field being set only occupied a portion of the bytes that
it contains. For example, an MPLS label is 20 bits but has a 4-byte field,
which meant that a set_field would get translated into a reg_load that
wrote all 32 bits; in turn, the receiver of that reg_load would reject it
because it was attempting to set invalid bits (the top 12 bits).
This commit fixes the problem by omitting invalid bits when encoding a
reg_load action.
Joe Stringer [Fri, 5 Dec 2014 00:05:33 +0000 (16:05 -0800)]
util: Fix include for htonl().
Commit 526a7c85d11dc "util: Add be32_prefix_mask()." added an include for
byte-order.h into util.h, which could cause link failures if users of
libopenvswitch defined their own version of htonll(). Change the
include, as only htonl() is needed and arpa/inet.h provides this.
Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>
Joe Stringer [Thu, 4 Dec 2014 00:34:08 +0000 (16:34 -0800)]
cccl: Respect silent flags.
Automake sets $V to tell the compiler whether to print verbose messages
as it compiles or not. Add support for this variable in cccl, allowing
more quiet build output on windows if the build is configured with
--silent or the developer runs make V=0.
Signed-off-by: Joe Stringer <joestringer@nicira.com>
Joe Stringer [Wed, 3 Dec 2014 18:57:37 +0000 (10:57 -0800)]
tests: Fix race in async config test.
Occasionally, the testsuite would send the OFPT_SET_ASYNC before
ovs-vswitchd got a chance to send its OFPT_ROLE_REPLY message, causing a
reordering of the testsuite output and a false positive. Give the test
script something extra to do so this is less likely to happen.
Signed-off-by: Joe Stringer <joestringer@nicira.com>
Joe Stringer [Wed, 3 Dec 2014 18:38:18 +0000 (10:38 -0800)]
tests: Make ofproto-dpif tests more resilient.
We have previously used a combination of time/warp and revalidator/wait
to try to synchronize the datapath flow statistics and status up to the
ofproto layer, so that tests may confirm their expected behaviours using
OpenFlow or other protocols operating at that layer of vswitchd (eg LACP).
This patch switches these tests over to using revalidator/purge, which
tells the ofproto-dpif to flush the datapath, causing these statistics
to be updated. In local testing this appears to improve the success rate
of these tests considerably.
Signed-off-by: Joe Stringer <joestringer@nicira.com>
Joe Stringer [Sun, 5 Oct 2014 22:14:08 +0000 (11:14 +1300)]
dpif: Minimize memory copy for revalidation.
One of the limiting factors on the number of flows that can be supported
in the datapath is the overhead of assembling flow dump messages in the
datapath. This patch modifies the dpif to allow revalidators to skip
dumping the key, mask and actions from the datapath, by making use of
the unique flow identifiers introduced in earlier patches.
For each flow dump, the dpif user specifies whether to skip these
attributes, allowing the common case to only dump a pair of 128-bit ID
and flow stats. With datapath support, this increases the number of
flows that a revalidator can handle per second by 50% or more. Support
in dpif-netdev and dpif-netlink is added in this patch; kernel support
is left for future patches.
Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Joe Stringer [Wed, 24 Sep 2014 04:26:35 +0000 (16:26 +1200)]
dpif: Index flows using unique identifiers.
This patch modifies the dpif interface to allow flows to be manipulated
using a 128-bit identifier. This allows revalidator threads to perform
datapath operations faster, as they do not need to serialise the entire
flow key for operations like flow_get and flow_delete. In conjunction
with a future patch to simplify the dump interface, this provides a
significant performance benefit for revalidation.
When handlers assemble flow_put operations, they specify a unique
identifier (UFID) for each flow as it is passed down to the datapath to
be stored with the flow. The UFID is currently provided to handlers
by the dpif during upcall processing.
When revalidators assemble flow_get or flow_del operations, they may
specify the UFID for the flow along with the key. The dpif will decide
whether to send only the UFID to the datapath, or both the UFID and flow
key. The former is preferred for newer datapaths that support UFID,
while the latter is used for backwards compatibility.
Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Joe Stringer [Sat, 22 Nov 2014 00:49:40 +0000 (16:49 -0800)]
datapath: Add UFID interface to openvswitch.h.
An upcoming set of patches will implement support for indexing flows by
Unique Flow IDentifiers (UFID) rather than the traditional unmasked key.
This patch implements the interface changes required. The implementation
will follow.
Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
Ben Pfaff [Tue, 2 Dec 2014 18:50:38 +0000 (10:50 -0800)]
dpif: Don't clear argument in dp_enumerate_types().
All but one of the callers of dp_enumerate_types() hands it an sset that is
known to be empty. The one exception is the implementation of the
ofproto-provider 'enumerate_types' function in ofproto-dpif. That function
isn't supposed to clear the existing contents of the sset passed in.
Therefore, this commit changes dp_enumerate_types() to not clear the sset
before it adds new members.
The ofproto-provider comment wasn't clear about the desired behavior so
this commit also clarifies that.
Reported-by: Zoltán Balogh <zoltan.balogh@ericsson.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 2 Dec 2014 19:04:16 +0000 (11:04 -0800)]
dist-docs: New utility to generate a documentation bundle for the website.
This utility isn't going to be as portable as most of the Open vSwitch
utilities, unfortunately. I'm happy to take improvements to make it
able to work with, e.g., the "man" program from BSD. (I haven't tested
with that program, but I suspect that it is somewhat different from the
GNU version.)
The output of this program can already be viewed at:
http://openvswitch.org/support/dist-docs/
Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Thomas Graf <tgraf@noironetworks.com>
Pravin B Shelar [Wed, 26 Nov 2014 19:27:05 +0000 (11:27 -0800)]
route-table: Remove Unregister.
Since dpif registering for routing table at initialization
there is no need to unregister it. Following patch removes
support for turning routing table notifications on and off.
Due to this change OVS always listens for these
notifications.
Thomas Graf [Wed, 26 Nov 2014 14:52:31 +0000 (15:52 +0100)]
datapath: Use ccflags-y instead of deprecated EXTRA_CFLAGS
This allows users to pass in additional compiler flags through the
environment variable EXTRA_CFLAGS, e.g.
make EXTRA_CFLAGS=-Wno-error=foo V=1
Reported-by: Alexandru Ardelean <ardeleanalex@gmail.com> Signed-off-by: Thomas Graf <tgraf@noironetworks.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
Alex Wang [Tue, 25 Nov 2014 23:51:12 +0000 (15:51 -0800)]
dpif-netdev: Fix a race.
On current master, the 'struct dp_netdev_port' is destroyed
immediately when the ref count reaches 0. However, non-pmd
threads calling the dpif_netdev_execute() for sending packets
could hold pointer to 'port' that is not ref-counted. Thusly
those threads could possibly access freed memory when the port
is deleted.
To fix this bug, this commit makes non-pmd threads acquiring
the 'port_mutex' before doing the actual execution in
dpif_netdev_execute().
Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
Joe Stringer [Wed, 24 Sep 2014 03:24:39 +0000 (15:24 +1200)]
dpif: Generate flow_hash for revalidators in dpif.
This patch shifts the responsibility for determining the hash for a flow
from the revalidation logic down to the dpif layer. This assists in
handling backward-compatibility for revalidation with the upcoming
unique flow identifier "UFID" patches.
A 128-bit UFID was selected to minimize the likelihood of hash conflicts.
Handler threads will not install a flow that has an identical UFID as
another flow, to prevent misattribution of stats and to ensure that the
correct flow key cache is used for revalidation.
For datapaths that do not support UFID, which is currently all
datapaths, the dpif will generate the UFID and pass it up during upcall
and flow_dump. This is generated based on the datapath flow key.
Later patches will add support for datapaths to store and interpret this
UFID, in which case the dpif has a responsibility to pass it through
transparently.
Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Joe Stringer [Wed, 6 Aug 2014 04:40:37 +0000 (16:40 +1200)]
upcall: Revalidate using cache of mask, actions.
This allows us to ignore most fields of a flow_dump, requiring only the
flow key for looking up the ukey. Fetching flows can also be avoided in
the corner case where a flow is missed from a dump but revalidation is
required.
A future patch will modify the datapath interface to allow datapaths to
skip dumping these fields, so this cache will be used instead.
Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Joe Stringer [Fri, 25 Jul 2014 01:54:24 +0000 (13:54 +1200)]
upcall: Create ukeys in handler threads.
Currently, when a revalidator thread first dumps a flow, it creates a
'udpif_key' object and caches a copy of a kernel flow key. This allows
us to perform lookups in the classifier to attribute stats and validate
the correctness of the datapath flow.
This patch sets up this cache from the handler threads, during flow
setup. While this patch alone causes a decrease in revalidation
performance, it allows future patches increase performance by reducing
the cost of flow dumping.
Revalidators will continue to create ukeys if a flow is dumped that has
no corresponding ukey. This may happen in corner cases such as when
ovs-vswitchd is restarted (and flows remain in the datapath) or a user
installs a flow using ovs-dpctl.
Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Joe Stringer [Thu, 5 Jun 2014 05:28:46 +0000 (17:28 +1200)]
udpif: Separate udpif_key maps from revalidators.
An upcoming patch will change the access patterns for ukey maps to
increase the number of writers, and shift write-access from revalidator
threads to upcall handler threads. As such, it no longer makes sense to
tie these maps to revalidators in a 1:1 relationship.
This patch separates the ukey maps from the revalidators, and increases
the number of maps used to store ukeys, to reduce contention.
Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Joe Stringer [Mon, 5 May 2014 03:44:04 +0000 (15:44 +1200)]
revalidator: Protect ukeys with a mutex.
Currently, udpif_keys are protected during revalidator_sweep__() as only
one thread accesses the ukey at a time. This is ensured using barriers:
all revalidators will be in the GC phase, so they will only access their
own ukey collection.
A future patch will change the access patterns to allow these ukey
collections to be read or modified while a revalidator is garbage
collecting it. To protect the ukeys, this patch adds locking on the ukey
collection.
Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Joe Stringer [Tue, 25 Nov 2014 21:02:42 +0000 (13:02 -0800)]
datapath: Don't validate IPv6 label masks.
When userspace doesn't provide a mask, OVS datapath generates a fully
unwildcarded mask for the flow by copying the flow and setting all bits
in all fields. For IPv6 label, this creates a mask that matches on the
upper 12 bits, causing the following error:
openvswitch: netlink: Invalid IPv6 flow label value (value=ffffffff, max=fffff)
This patch ignores the label validation check for masks, avoiding this
error.
Signed-off-by: Joe Stringer <joestringer@nicira.com> Acked-by: Pravin B Shelar <pshelar@nicira.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Stephen Finucane [Wed, 19 Nov 2014 12:03:22 +0000 (12:03 +0000)]
tests/ovs_client: Remove broken debug code
There is some debug "logging" code included in the 'ovs_client'
application. This code appears to be broken as it spams stdout with
duplicated "log" messages. Remove this code.
This patch also renames ovs_client to ring_client.
In addition, add the 'test-dpdkr' executable to the 'tests/.gitignore'
file.
Signed-off-by: Stephen Finucane <stephen.finucane@intel.com> Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Nithin Raju [Tue, 25 Nov 2014 17:06:43 +0000 (09:06 -0800)]
datapath-windows: Update DESIGN document.
In this patch, we update the design document to reflect the netlink
based kernel-userspace interface implementation and a few other changes.
I have covered at a high level.
Please feel free to extend the document with more details that you think
got missed out.
ovs-vsctl has the concept of a VLAN (or "fake") bridge, which is a
sort of a sub-bridge that receives only packets on a particular VLAN.
There is no way to distinguish two VLAN bridges with the same parent on the
same VLAN, but until now ovs-vsctl did not prevent creating duplicates or
report them. This commit fixes the problem.
Reported-by: rwxybh
Reported-at: https://github.com/openvswitch/ovs/issues/21 Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Thomas Graf <tgraf@noironetworks.com>
Sorin Vinturis [Mon, 24 Nov 2014 16:17:34 +0000 (16:17 +0000)]
datapath-windows: Update OVSEXT VS project to support 6.40
Added support for creating OVS extension driver NDIS 6.40 compliant.
Currently the OVSEXT Visual Studio project has four build configurations,
'Win8 Release', 'Win8 Debug', 'Win8.1 Release' and 'Win8.1 Debug'. All of
them are creating a binary that is NDIS 6.30 compliant. I have changed the
Win8.1 build configurations in order to create a binary that is NDIS 6.40
compliant.
In this way, the OVSEXT project is able to create a release/debug binary
that is NDIS 6.30 compliant, using the 'Win8 Release' and 'Win8 Debug'
build configurations, as well as a release/debug binary that is NDIS 6.40
compliant, using the 'Win8.1 Release' and 'Win8.1 Debug' build
configurations.
Ben Pfaff [Tue, 25 Nov 2014 16:37:24 +0000 (08:37 -0800)]
tests: Fix test broken by introduction of ONFOXM_ET_TCP_FLAGS.
Commit 847ddeab372220 (meta-flow: Add support for ONF OpenFlow 1.3
extension ONFOXM_ET_TCP_FLAGS.) failed to update a test to match the new
OXM extension. This fixes the problem.
Shu Shen [Fri, 21 Nov 2014 19:44:23 +0000 (11:44 -0800)]
ofproto-dpif: Add test case for OF1.4 packet-in.
The test case current fails and shows a bug when OF1.4 is used between
the controller and the switch, the packet-in message still uses OF1.3
wire protocol version.
Signed-off-by: Shu Shen <shu.shen@radisys.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Simon Horman [Fri, 21 Nov 2014 01:16:23 +0000 (10:16 +0900)]
openflow: Use *_array_len names in struct ofp15_bucket and ofp15_group_mod
The spec has been clarified to use _list_len in palce of _list_len
terminology to make it clearer that the data is not an ordered list
(it is a set). The code present in Open vSwitch already avoided
the _list_len terminology. This change brings the code into
line with the updated spec.
ONF-JIRA: EXT-350 Signed-off-by: Simon Horman <simon.horman@netronome.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Sorin Vinturis [Mon, 24 Nov 2014 22:32:06 +0000 (22:32 +0000)]
datapath-windows: Support for hybrid forwarding
In a hybrid forwarding environment, there are two types of packets that
enter and leave the Hyper-V extensible switch: NVGRE packets and non-NVGRE
packets. Hybrid forwarding involves filtering the incoming traffic based
on packet type.
Thus, we must split the incoming traffic into NVGRE and non-NVGRE packets.
All non-NVGRE traffic is forwarded by the OVS extension and processed as
usual, and the NVGRE traffic is passed to NDIS to be handled by the HNV
module.
Necessary VS project changes regarding the compiler settings will be made
in a different patch.
More details about hybrid forwarding and the necessary NDIS 6.40 support
is provided in issue #52.