Ben Pfaff [Mon, 8 Apr 2013 17:44:40 +0000 (10:44 -0700)]
python.ovs.db.idl: Fix Row.delete() of a row already committed to the db.
Row.delete() handled the case of deleting a row that was added within the
current transaction, but not yet committed, but it did not correctly handle
the case of deleting a row that belonged to the database before the
transaction started. This fixes the problem.
Ethan Jackson [Sat, 6 Apr 2013 22:22:14 +0000 (15:22 -0700)]
ofproto-dpif: Disable miss handling in rule_get_stats().
rule_get_stats() is often called when iterating over every rule in
the flow table. To ensure up-to-date statistics, rule_get_stats()
calls push_all_stats() which can cause flow misses to be handled.
When using the learn action, this can cause rules to be added (and
potentially removed) from the OpenFlow table. This could corrupt
the caller's data structures, leading to a segmentation fault.
This patch fixes the issue by disabling flow miss handling from
within rule_get_stats().
Bug #15999. Signed-off-by: Ethan Jackson <ethan@nicira.com>
The port specific options are currently unused resulting in an
empty OVS_VPORT_ATTR_OPTIONS nested attribute being inserted
into every OVS_VPORT_CMD_GET message.
Don't insert OVS_VPORT_ATTR_OPTIONS if no options are present.
Signed-off-by: Thomas Graf <tgraf@suug.ch>
[jesse: Options are used by tunnels but the concept still applies.] Signed-off-by: Jesse Gross <jesse@nicira.com>
Ethan Jackson [Tue, 2 Apr 2013 19:32:22 +0000 (12:32 -0700)]
ofproto-dpif: Don't rate limit facet_learn() with fin_timeouts.
In the standard case, rate limiting facet_learn() to once ever
500ms, makes sense. The worst that can happen is a learning entry
is expired half a second to early. However, when using
fin_timeouts, we really need react quickly to delete the newly
stale flow.
Bug #15915. Signed-off-by: Ethan Jackson <ethan@nicira.com>
The flow-eviction-threshold presents a trade off between the
expense of maintaining large numbers of datapath flows, and the
benefit of avoid unnecessary flow misses. In some large Open
vSwitch deployments, we've seen the previous default flow eviction
threshold negatively impact performance with reasonably typical
traffic patterns. This patch increases the default to a level
which should represent a better trade off: still relatively safe,
but much more amenable to large numbers of long lived flows.
Ethan Jackson [Fri, 22 Mar 2013 02:04:52 +0000 (19:04 -0700)]
ofproto-dpif: Push statistics less frequently.
The most natural place to push facet statistics is in
update_stats() where they're pulled from the datapath. However,
under load, update_stats() can be called as many as 10 times per
second causing us to push statistics so frequently it hurts
performance. By pushing statistics much less frequently, this
patch generates a roughly 8% improvement in TCP_CRR performance.
Ethan Jackson [Wed, 27 Mar 2013 18:33:22 +0000 (11:33 -0700)]
ofproto-dpif: Run fast internally.
ofproto-dpif is responsible for quite a few book keeping tasks in
addition to handling flow misses. Many of these tasks (flow
expiration, flow revalidation, etc) can take many hundreds of
milliseconds, during which no misses can be handled. The ideal
long term solution to this problem, is to isolate flow miss
handling into it's own thread. However, for now this patch
provides a 5% increase in TCP_CRR performance, and smooths out
results during revalidations.
Ethan Jackson [Sat, 30 Mar 2013 22:13:00 +0000 (15:13 -0700)]
ofproto-dpif: Systematically push stats upon request.
Commit bf1e8ff (ofproto-dpif: Push statistics in rule_get_stats()),
started down the road towards pushing stats on demand, but it
didn't go quite far enough. First, it neglected to push stats in
port_get_stats() and mirror_get_stats(). Second, it only pushes
stats for a single ofproto, making it incomplete when patch ports
are used.
rhel: Add depmod.d conf file for rhel6 kmod package.
It looks like for Centos6.4, there is an upstream openvswitch
kernel module already installed. When we try to install kmod-openvswitch
package from this tree's pre-1.10 branches, we get the following warning:
"brcompat.ko needs unknown symbol ovs_dp_ioctl_hook".
Also, after installing the kmod-openvswitch package, if we run
"modprobe openvswitch", the upstream kernel module gets loaded.
We should instead load the kernel module compiled from this tree.
Ben Pfaff [Wed, 27 Mar 2013 21:38:11 +0000 (14:38 -0700)]
jsonrpc-server: Disconnect connections that queue too much data.
Consider this situation:
* OVSDB client A executes transactions very quickly for a long time.
* OVSDB client B monitors the tables that A modifies, but (either
because B is connected over a slow network, or because B is slow to
process updates) cannot keep up.
In this situation, the data that ovsdb-server has queued to send B grows
without bound and eventually ovsdb-server runs out of memory. This commit
avoids the problem by noticing that more data is queued to B than necessary
to express the whole contents of the database and dropping the connection
to B. When B reconnects later, it can then fetch the contents of the
database using less data than was previously queued to it.
(This is not entirely hypothetical. We have seen this behavior in
intentional stress tests.)
Bug #15637. Reported-by: Jeff Merrick <jmerrick@vmware.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Thomas Graf [Sat, 30 Mar 2013 01:18:58 +0000 (18:18 -0700)]
datapath: Refine Netlink message size calculation and kill FLOW_BUFSIZE
Kills the FLOW_BUFSIZE constant which needs to be calculated manually
and replaces it with key_attr_size() based on nla_total_size().
Calculates the size of datapath messages instead of relying on
NLMSG_DEFAULT_SIZE and moves the existing message size calculations
into own functions for clarity.
Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Jesse Gross <jesse@nicira.com>
Thomas Graf [Sat, 30 Mar 2013 01:10:31 +0000 (18:10 -0700)]
datapath: Use nla_memcpy() to memcpy() data from attributes
Less error prone as it takes into account the length of both the
destination buffer and the source attribute and documents when
data is copied from an attribute.
Signed-off-by: Thomas Graf <tgraf@suug.ch> Signed-off-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Thu, 28 Mar 2013 18:45:47 +0000 (11:45 -0700)]
lacp: Stop time to avoid dependency on real time in negotiation test.
Commit f3103dfa00d (lacp.at: Change timing of lacp - negotiation test)
fixed test failures for the lacp negotiation test on some systems, but
made it crop up on others where it hadn't appeared before.
My guess is that this commit is the real fix. If it isn't, then we
will probably just have to remove the test or disable it, much as I
hate doing that.
Simon Horman [Thu, 28 Mar 2013 19:01:17 +0000 (12:01 -0700)]
datapath: net: add ETH_P_802_3_MIN
Add a new constant ETH_P_802_3_MIN, the minimum ethernet type for
an 802.3 frame. Frames with a lower value in the ethernet type field
are Ethernet II.
Also update all the users of this value that David Miller and
I could find to use the new constant.
Also correct a bug in util.c. The comparison with ETH_P_802_3_MIN
should be >= not >.
As suggested by Jesse Gross.
Compile tested only.
Cc: David Miller <davem@davemloft.net> Cc: Jesse Gross <jesse@nicira.com> Cc: Karsten Keil <isdn@linux-pingi.de> Cc: John W. Linville <linville@tuxdriver.com> Cc: Johannes Berg <johannes@sipsolutions.net> Cc: Bart De Schuymer <bart.de.schuymer@pandora.be> Cc: Stephen Hemminger <stephen@networkplumber.org> Cc: Patrick McHardy <kaber@trash.net> Cc: Marcel Holtmann <marcel@holtmann.org> Cc: Gustavo Padovan <gustavo@padovan.org> Cc: Johan Hedberg <johan.hedberg@gmail.com> Cc: linux-bluetooth@vger.kernel.org Cc: netfilter-devel@vger.kernel.org Cc: bridge@lists.linux-foundation.org Cc: linux-wireless@vger.kernel.org Cc: linux1394-devel@lists.sourceforge.net Cc: linux-media@vger.kernel.org Cc: netdev@vger.kernel.org Cc: dev@openvswitch.org Acked-by: Mauro Carvalho Chehab <mchehab@redhat.com> Acked-by: Stefan Richter <stefanr@s5r6.in-berlin.de> Signed-off-by: Simon Horman <horms@verge.net.au> Signed-off-by: Jesse Gross <jesse@nicira.com>
Jarno Rajahalme [Thu, 28 Mar 2013 13:47:46 +0000 (15:47 +0200)]
lacp.at: Change timing of lacp - negotiation test
The "lacp - negotiation" test (# 3) used to always fail when running
multiple tests in parallel (-j2). The reduced simulated wait time
(from 4 seconds to 2.5 seconds) seems to still give the expected result,
and works also when running multiple tests in parallel.
Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Currently, when we stop a daemon, we first send it SIGTERM.
If SIGTERM did not work within ~5 seconds, we send a SIGKILL.
After sending SIGKILL, we wait only for 4 seconds, before giving
up.
If the system is extremely busy, there is a chance that a
process is not killed by the kernel within 4 seconds. In such
a case, when we try to start the daemon immediately, we see that
the pid inside the pid-file is valid and assume that the daemon
is still running. This leaves us in a state, where the daemon is
actually not running.
This patch increases the time waiting for the kernel to kill the
process to 60 seconds.
Andy Zhou [Tue, 26 Mar 2013 02:49:13 +0000 (19:49 -0700)]
ofproto-dpif: Keep track of exact-match flow info
This patch adds more flow related stats to the output of
"ovs-appctl dpif/show". Specifically, the follow information
are added per ofproto:
- Max flow table size
- Average flow table size
- Average flow table add rate
- Average flow table delete rate
- Average flow entry life in milliseconds
Feature #15366
Signed-off-by: Andy Zhou <azhou@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Fri, 22 Mar 2013 02:40:49 +0000 (19:40 -0700)]
ofproto-dpif: Rate limit calls to facet_learn().
In the TCP_CRR benchmark, ovs-vswitchd spends so much time in
update_stats() that it has a significant impact on flow setup
performance. Further work is needed in this area, but for now,
simply rate limiting facet_learn() has a roughly 10% improvement
with complex flow tables.
With complex flow tables, facet_check_consistency() can be
expensive enough to show up in flow setup performance benchmarks.
In my testing this patch gives us a roughly 10% improvement in
TCP_CRR and ovs-benchmark.
Jarno Rajahalme [Mon, 25 Mar 2013 19:03:38 +0000 (21:03 +0200)]
datapath: Fix IP ID setting.
Eliminate the extra call to ip_select_ident(), and place the
__ip_select_ident() call where the ip_select_ident() call was.
This fixes two problems: Before, the call to ip_select_ident() did
always zero out the value set earlier by __ip_select_ident(). Also,
when __ip_select_ident() was called before setting the iph->daddr,
ident calculation was possibly based on uninitialized data (but as
the result was masked by the later call to ip_select_ident() it was
not visible).
Jesse Gross [Wed, 20 Mar 2013 23:14:58 +0000 (16:14 -0700)]
datapath: Preallocate reply skb in ovs_vport_cmd_set().
Allocation of the Netlink notification skb can potentially fail
after changing vport configuration. In general, we try to avoid
this by undoing any change we made but that is difficult for existing
objects. This avoids the problem by preallocating the buffer (which
is fixed size).
Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
ovs-bugtool: Add ovs-appctl dpif commands to debug bundle.
With single datapath, 'ovs-dpctl dump-flows ' dumps datapath flows for
all the userspace bridges in a system. It can get a little harder
to figure out the datapath flows belonging to a particular userspace
bridge.
This patch adds the 'ovs-appctl dpif/show' and 'ovs-appctl dpif/dump-flows'
output for each userspace bridge. This gives us a summary of configured
datapaths and all datapath flow entries for each bridge separately.
Ethan Jackson [Sat, 23 Mar 2013 22:11:21 +0000 (15:11 -0700)]
ofproto-dpif: Push statistics in rule_get_stats().
As time goes on, and flow tables become more complicated, the
tradeoff between keeping up to date statistics, and the CPU
resources needed to maintain them, will become more important.
Commit 5c0243a (ofproto-dpif: xlate actions once with subfacets.)
delayed the reporting of some statistics in an effort to achieve
higher flow setup performance. Future commits will continue in the
same direction.
This patch helps to alleviate the issue, by pushing statistics
rule_get_stats(), when users actually want them. Presumably, this
happens rarely, and thus will not have a negative impact on
ovs-vswitchd performance.
extract-ofp-errors doesn't work with python 3 for the
following reasons:
- several "SyntaxError: invalid syntax":
print not a keyword anymore. As a function it requires '()'
- AttributeError: 'dict' object has no attribute 'itervalues'
Use values() instead.
Test done:
Generate using ofp-errors.inc as a reference
Patch for python 3, then regenerate ofp-errors.inc
Diff between the two outputs.
Signed-off-by: Damien Millescamps <damien.millescamps@6wind.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Thu, 21 Mar 2013 18:17:00 +0000 (11:17 -0700)]
ofproto-dpif: xlate actions once with subfacets.
Before this patch, when ofproto-dpif decided that a particular flow
miss needed a facet, it would do action translation multiple times.
Once in subfacet_make_actions(), and once per packet in
subfacet_update_stats(). In the common case (once per miss), this
would double the amount of work required in xlate_actions().
The call to facet_push_stats() in subfacet_update_stats() is
unnecessary. If the packets are simply accounted to the facet,
they will eventually be pushed to the relevant rules in
update_stats() or when the facet is removed. Removing the
unnecessary step gives us a 20% improvement of the netperf TCP_CRR
benchmark with the complex flow tables installed by our controller.
Simon Horman [Wed, 20 Mar 2013 13:18:42 +0000 (22:18 +0900)]
mpls: Allow l3 and l4 actions to prior to a push_mpls action
* Update the order in which actions are committed and thus
appear in the datapath such that MPLS actions appear after
l3 and l4 (nw and port) actions.
In the case where an mpls_push action is present it should ensure
that l3 and l4 actions occur first, which seems logical as
once a mpls_push has occur the frame will be MPLS rather
than IPv4 or IPv6.
In the case where there is an mpls_pop action is present this should
not make any difference as the frame will have been MPLS to start with
and thus not satisfy the pre-requisites for l3 or l4 actions.
* Update commit_set_nw_action() to use the base ethertype when considering
eligibility to commit l3 (nw) actions. This allows l3 actions to be
applied so long as the frame was originally IPv4 or IPv6, even if
an mpls_push action will be applied and thus flow indicates the
frame will be MPLS.
* Make actions that may modify port or network information conditional on
the flow's ethernet type being an IP ethernet type. This is to ensure
that actions that modify network and port information do not occur
on non IP packets, for example if an mpls_push action has changed a
packet from IP to MPLS.
Note that modification of network data is already prevented by
virtue of commit_set_nw_action() only having cases for when the
ethernet type of the flow is IPV4 or IPV6. The conditionality
of network actions on the ethernet type has been added to
do_xlate_actions() to make it explicit.
* Add a check to commit_set_port_action() to ensure that the base
flow is IP. This protects against the case where move_reg is used
to change transport ports after an MPLS header is pushed.
Signed-off-by: Simon Horman <horms@verge.net.au>
[jesse: Add check for an IP protocol when committing L4 actions.] Signed-off-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Tue, 19 Mar 2013 21:02:48 +0000 (14:02 -0700)]
bridge: Rate-limit updates to "instant stats".
Some information in the database must be kept as up-to-date as
possible to allow controllers to respond rapidly to network outages.
We call these statistics "instant" stats.
Until now, the instant stats have been updated on every trip through
the main loop. This work scales with the number of interfaces that
ovs-vswitchd manages. With CFM enabled on 5000 interfaces, even with
a low transmission rate, we see ovs-vswitchd using 100% CPU just to
maintain statistics, even with no actual changes.
This commit rate-limits updates to instant stats to at most 10 times
per second. Earlier tests I did with similar patches showed a major
reduction in CPU usage. I have not rerun those tests with this patch,
but I expect that the CPU usage should similarly decline.
CC: Ram Jothikumar <rjothikumar@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
Jesse Gross [Mon, 18 Mar 2013 21:03:59 +0000 (14:03 -0700)]
datapath: Remove checks for preinitialized flow.
Header caching used to store a precomputed flow along with the skb
but no longer exists. There were a few remaining checks for those
flows, which this removes. It simplifies the code slightly and brings
us closer to upstream.
Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
debian: Re-add --timeout option for ifupdown script.
Commit fba6bd1d3f(ovs-vsctl: Try connecting only once for active connections..)
removed the timeout option from ifupdown.sh. Removing the "--timeout=" option
can cause ifupdown script to hang if ovs-vswitchd is not running and ifupdown
script changes the OVSDB. So, re-add it.
This patch sets the value of STP (if provided) at the same
time of bridge creation. This eliminates an extra ovs-vsctl call
and does not let ovs-vswitchd run briefly with STP not enabled.
When we configure OVS using rhel ifupdown scripts,
we call ifup on a bridge twice. Once while configuring the
bridge and once while configuring the ports of the bridge.
This looks harmless but unnecessary. This patch fixes the
behavior.
Ansis Atteka [Thu, 14 Mar 2013 18:53:00 +0000 (11:53 -0700)]
ipsec: unset IPSEC_MARK flag from skb_mark after tunnel packet is decapsulated
After tunnel packet is unencapsulated we should unset IPsec flag from
skb_mark.
Otherwise, IPsec policies would be applied one more time on internal
interfaces, if there is one. This is especially necessary after we
will introduce global, low-priority IPsec drop policy that will make
sure that we never let through marked but unencrypted packets.
Ben Pfaff [Fri, 15 Mar 2013 23:14:28 +0000 (16:14 -0700)]
ovs-vsctl: Try connecting only once for active connections by default.
Until now, ovs-vsctl has kept trying to the database server until it
succeeded or the timeout expired (if one was specified with --timeout).
This meant that if ovsdb-server wasn't running, then ovs-vsctl would hang.
The result was that almost every ovs-vsctl invocation in scripts specified
a timeout on the off-chance that the database server might not be running.
But it's difficult to choose a good timeout. A timeout that is too short
can cause spurious failures. A timeout that is too long causes long delays
if the server really isn't running.
This commit should alleviate this problem. It changes ovs-vsctl's behavior
so that, if it fails to connect to the server, it exits unsuccessfully.
This makes --timeout obsolete for the purpose of avoiding a hang if the
database server isn't running. (--timeout is still useful to avoid a hang
if ovsdb-server is running but ovs-vswitchd is not, for ovs-vsctl commands
that modify the database. --no-wait also avoids that issue.)
Bug #2393.
Bug #15594. Reported-by: Jeff Merrick <jmerrick@vmware.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Simon Horman [Fri, 15 Mar 2013 14:27:11 +0000 (15:27 +0100)]
Remove encal_dl_type from struct flow
There were plans to use this in conjunction with inner/outer flows,
however that plan has been changed in favour of using recirculation.
This leaves us with the current usage.
encal_dl_type is currently only used to allow decoding of packets used in
the test suite. However, this is a bit of a fudge and the packets may be
provided as hexadecimal instead.
Also remove comments from parse_l2_5_onward() relating to MPLS which are
not in keeping with the commenting throughout the rest of the function.
Signed-off-by: Simon Horman <horms@verge.net.au> Signed-off-by: Jesse Gross <jesse@nicira.com>
Simon Horman [Fri, 15 Mar 2013 14:27:10 +0000 (15:27 +0100)]
Revert "flow: Split flow_extract"
It was planned to use this code to allow further processing of packets, a
second pass done when constructing a flow. Instead it is now planned to
use recirculation to address the problems that secondary processing aimed
to resolve. As a result there are no longer plans to use
flow_extract_l3_onwards() and it seems prudent to remove it.
Signed-off-by: Simon Horman <horms@verge.net.au> Signed-off-by: Jesse Gross <jesse@nicira.com>
Jesse Gross [Fri, 15 Mar 2013 17:46:33 +0000 (10:46 -0700)]
datapath: Remove old patch interface definitions.
Patch ports have been completely moved to userspace at this point
but one part of the interface remained. It's no longer used by
either userspace or kernel so this deletes it.
Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
debian, rhel, xenserver: Ability to collect ovs-ctl logs.
We use ovs-ctl from startup scripts to start, stop, restart,
force-reload-kmod OVS daemons. ovs-ctl gives quite a descriptive
o/p while running the above commands. But the o/p goes to stdout.
Sometimes, this output is quite useful to debug issues.
With this patch, we store the o/p of ovs-ctl when called from
startup scripts in /var/log/openvswitch/ovs-ctl.log
Sasha Levin [Fri, 15 Mar 2013 01:40:32 +0000 (18:40 -0700)]
datapath: hlist: drop the node parameter from iterators
I'm not sure why, but the hlist for each entry iterators were conceived
list_for_each_entry(pos, head, member)
The hlist ones were greedy and wanted an extra parameter:
hlist_for_each_entry(tpos, pos, head, member)
Why did they need an extra pos parameter? I'm not quite sure. Not only
they don't really need it, it also prevents the iterator from looking
exactly like the list iterator, which is unfortunate.
Besides the semantic patch, there was some manual work required:
- Fix up the actual hlist iterators in linux/list.h
- Fix up the declaration of other iterators based on the hlist ones.
- A very small amount of places were using the 'node' parameter, this
was modified to use 'obj->member' instead.
- Coccinelle didn't handle the hlist_for_each_entry_safe iterator
properly, so those had to be fixed up manually.
The semantic patch which is mostly the work of Peter Senna Tschudin is here:
type T;
expression a,c,d,e;
identifier b;
statement S;
@@
-T b;
<+... when != b
(
hlist_for_each_entry(a,
- b,
c, d) S
|
hlist_for_each_entry_continue(a,
- b,
c) S
|
hlist_for_each_entry_from(a,
- b,
c) S
|
hlist_for_each_entry_rcu(a,
- b,
c, d) S
|
hlist_for_each_entry_rcu_bh(a,
- b,
c, d) S
|
hlist_for_each_entry_continue_rcu_bh(a,
- b,
c) S
|
for_each_busy_worker(a, c,
- b,
d) S
|
ax25_uid_for_each(a,
- b,
c) S
|
ax25_for_each(a,
- b,
c) S
|
inet_bind_bucket_for_each(a,
- b,
c) S
|
sctp_for_each_hentry(a,
- b,
c) S
|
sk_for_each(a,
- b,
c) S
|
sk_for_each_rcu(a,
- b,
c) S
|
sk_for_each_from
-(a, b)
+(a)
S
+ sk_for_each_from(a) S
|
sk_for_each_safe(a,
- b,
c, d) S
|
sk_for_each_bound(a,
- b,
c) S
|
hlist_for_each_entry_safe(a,
- b,
c, d, e) S
|
hlist_for_each_entry_continue_rcu(a,
- b,
c) S
|
nr_neigh_for_each(a,
- b,
c) S
|
nr_neigh_for_each_safe(a,
- b,
c, d) S
|
nr_node_for_each(a,
- b,
c) S
|
nr_node_for_each_safe(a,
- b,
c, d) S
|
- for_each_gfn_sp(a, c, d, b) S
+ for_each_gfn_sp(a, c, d) S
|
- for_each_gfn_indirect_valid_sp(a, c, d, b) S
+ for_each_gfn_indirect_valid_sp(a, c, d) S
|
for_each_host(a,
- b,
c) S
|
for_each_host_safe(a,
- b,
c, d) S
|
for_each_mesh_entry(a,
- b,
c, d) S
)
...+>
[akpm@linux-foundation.org: drop bogus change from net/ipv4/raw.c]
[akpm@linux-foundation.org: drop bogus hunk from net/ipv6/raw.c]
[akpm@linux-foundation.org: checkpatch fixes]
[akpm@linux-foundation.org: fix warnings]
[akpm@linux-foudnation.org: redo intrusive kvm changes] Tested-by: Peter Senna Tschudin <peter.senna@gmail.com> Acked-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com> Signed-off-by: Sasha Levin <sasha.levin@oracle.com> Cc: Wu Fengguang <fengguang.wu@intel.com> Cc: Marcelo Tosatti <mtosatti@redhat.com> Cc: Gleb Natapov <gleb@redhat.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by: Jesse Gross <jesse@nicira.com>
Jesse Gross [Fri, 15 Mar 2013 16:18:20 +0000 (09:18 -0700)]
datapath: Backport simplified hlist iterators.
The hlist iterator macros were simplified upstream to remove the
need for a scratch pointer. This backports those versions, which
don't otherwise touch anything else about the data structures.
lib: Rename lib/pcap.h to avoid inclusion conflicts.
lib/pcap.h has a name that conflicts with /usr/include/pcap.h. When one
wants to include pcap.h from libpcap (i.e.: the one from /usr/include), one
may end up with pcap.h from openvswitch.
This change renames this header to pcap-file.h and updates all
references to this file.
This change was tested with `make distcheck`.
Signed-off-by: Stephane A. Sezer <sas@cd80.net> Signed-off-by: Ben Pfaff <blp@nicira.com>
Jiri Pirko [Fri, 15 Mar 2013 00:36:37 +0000 (17:36 -0700)]
datapath: fix drvinfo strings set in drivers
Use strlcpy where possible to ensure the string is \0 terminated.
Use always sizeof(string) instead of 32, ETHTOOL_BUSINFO_LEN
and custom defines.
Use snprintf instead of sprint.
Remove unnecessary inits of ->fw_version
Remove unnecessary inits of drvinfo struct.
Signed-off-by: Jiri Pirko <jiri@resnulli.us> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Jesse Gross <jesse@nicira.com>
When the variable "STP" is not set, the last executed command is False
while running ifup-ovs for OVSBridge. This causes the ifup-ovs
script to return an error resulting in a failure.
Andy Zhou [Tue, 12 Mar 2013 21:19:18 +0000 (14:19 -0700)]
ovs-appctl: dpif/show display per bridge stats
This is to fix the fallout of single datapath change.
ovs-appctl dpif/show displays per bridge miss, hit
and flow counts on the screen, but the backend is
obtaining those information from the datapath.
With a single datapath, all bridges of the same
datapath would all display the same (global)
counters maintained by the datapath, obviously
not correct.
This patch fixes the bug by maintaining per ofproto_dpif
miss and hit counts, which are used for display output.
The number of flows count is obtained by counting the
number facets per ofproto.
ovs-dpctl show still displays the counters maintain by
the datapath, as before.
Bug #15369
Signed-off-by: Andy Zhou <azhou@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Justin Pettit [Tue, 12 Mar 2013 21:47:22 +0000 (14:47 -0700)]
bridge: Store the 'mac_in_use' for interfaces in OVSDB.
It can be useful to remotely determine the MAC addresses of attached
interfaces without going through OpenFlow. This adds the MAC address to
a new 'mac_in_use' column on the Interface table.
Feature #15551
Requested-by: Paul Ingram <paul@nicira.com> Signed-off-by: Justin Pettit <jpettit@nicira.com>
Jesse Gross [Tue, 12 Mar 2013 19:36:03 +0000 (12:36 -0700)]
datapath: Reduce loop limit by one to 4.
We currently allow five trips through the kernel datapath
before dropping the packet to protect the stack. However, there
have been a few reports recently involving tunneling that this is
still too much. Although it's not a complete solution, this reduces
the limit by one to balance safety in common situations with
flexibility.
Bug #15477
Reported-by: Paul Ingram <paul@nicira.com> Reported-by: 謝秉融 <faithfulman@gmail.com> Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
Ben Pfaff [Fri, 1 Mar 2013 19:16:24 +0000 (11:16 -0800)]
ovsdb: Allow recovery from transient write errors in log implementation.
Until now, the OVSDB data journaling implementation has made write errors
"sticky", so that a single write error persists as long as ovsdb-server is
alive. However, some kinds of write errors (such as ENOSPC) can be
transient in practice. I don't know of a good reason to make such errors
sticky, so this commit makes the journaling code retry writes even after
an error occurs, allowing ovsdb-server to recover from transient errors.
Reported-by: likunyun <kunyunli@hotmail.com> Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
ovs-ctl.in: Set hard limit for core files created.
Currently we set a soft limit while defining the maximum size of
core files. If there is already a hard limit set that is lesser
than the soft limit we are setting, it will fail.
Since our startup scripts start with root permissions, it looks
fine to set the hard limit directly instead.
Reported-by: Dan Wendlandt <dan@nicira.com> Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Ben Pfaff [Fri, 8 Mar 2013 18:24:06 +0000 (10:24 -0800)]
nicira-ext: Document that nx_flow_mod_table_id applies to nx_flow_mod too.
It wasn't clear from the comments that nx_flow_mod_table_id applies to
nx_flow_mod as well as ofp10_flow_mod, but it does and always has. This
commit makes it clear.
Reported-by: Justin Pettit <jpettit@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 6 Mar 2013 00:48:21 +0000 (16:48 -0800)]
ofproto-dpif: Fix up user specifying wrong bridge on "ofproto/trace".
If there is more than one bridge, then it's easy to specify the wrong one
on an ofproto/trace command. Previously, this would produce surprising
results. With this commit, "ofproto/trace" should silently fix up the
problem.
It would be nice to not require the user to specify a bridge at all, but
it's theoretically possible to have more than one backer, in which case we
need some way to distinguish, and a bridge name is as good an identifier
as we have. We could ask the user to specify the datapath_type, I guess,
but that's a less familiar name to most users and it would be a somewhat
gratuitous change in synatx for ofproto/trace.
Bug #15419. Reported-by: Paul Ingram <paul@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Jarno Rajahalme [Fri, 8 Mar 2013 13:50:12 +0000 (15:50 +0200)]
ofproto-dpif: GOTO_TABLE recursion removal.
Remove recursion from GOTO_TABLE processing in do_xlate_actions().
This allows packet processing pipelines built with goto table be
longer and not interact with each other via the resubmit recursion limit.
Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Justin Pettit [Thu, 7 Mar 2013 01:11:35 +0000 (17:11 -0800)]
ofproto-dpif: Print slow-path actions instead of "drop" in dump-flows.
The command "ovs-appctl dpif/dump-flows" would print slow-path actions
as "drop", which could be confusing to users. This is different from
"ovs-dpctl dump-flows", which prints a descriptive reason. This commit
replaces "drop" with the reason.