odp-util: Always encode mask of 0xffff for dl_type < ETH_TYPE_MIN.
For non-Ethernet II packets, we don't set an EtherType netlink attribute
and set the Ethertype mask attribute to 0xffff. The code was encoding
whatever mask was passed in, which could lead to bugs if the caller
didn't know the userspace-kernel interface.
Found by inspection.
Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Andy Zhou <azhou@nicira.com>
Andy Zhou [Tue, 2 Jul 2013 22:58:19 +0000 (15:58 -0700)]
datapath: Fix tunnel source port selection for mega flow
Tunnel source port selection was based on hash value cached in the
flow. This no longer works with mega flow, since all flows matching
a mega flow will be transmitted with the same tunnel source port.
This patch computes the tunnel source port at run time based on each
incoming packet. Packets belong to the same micro flow would still get
the same source port, but multiple micro flows hitting the same mega flow
can get different source ports.
Packets injected from the usespace will be assigned to the same
source port as if they are forwarded in the kernel.
Bug #18216
Signed-off-by: Andy Zhou <azhou@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
> commit 10a89ef04df5669c5cdd02f786150a7ab8454e01
> Author: Ben Pfaff <blp@nicira.com>
> Date: Mon Jun 24 10:54:49 2013 -0700
>
> Replace all uses of strerror() by ovs_strerror(), for thread safety.
>
> Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Sat, 29 Jun 2013 15:18:54 +0000 (08:18 -0700)]
test-atomic: Drop atomic read-modify-write tests for the moment.
XenServer builds are failing because of link errors reporting that
__sync_fetch_and_<op>_<size> were not found, for <op> in add/sub/and/xor/or
and <size> in 1/2/4/8. We're not actually using these RMW operations yet,
so as a stopgap measure just drop the tests.
The correct long-term fix is probably to do Autoconf linkage tests for
these operations instead of just testing the GCC version (if we really need
the operations at all).
Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
Justin Pettit [Sat, 29 Jun 2013 00:13:50 +0000 (17:13 -0700)]
ofproto-dpif: Add ability to disable megaflows.
Add new "dpif/disable-megaflows" and "dpif/enable-megaflows" commands to
ovs-appctl to disable and enable megaflows, respectively. By default,
megaflows are enabled, and these commands should only be used for
debugging.
Ben Pfaff [Tue, 25 Jun 2013 16:22:11 +0000 (09:22 -0700)]
Use random_*() instead of rand(), for thread safety.
None of these test programs are threaded, but has little cost and means
that "grep" doesn't turn up any instances of these thread-unsafe functions
in our tree.
Ben Pfaff [Wed, 19 Jun 2013 18:21:47 +0000 (11:21 -0700)]
ovs-thread: Add support for convenient once-only initializers.
pthread_once() is portable but it does not allow passing any parameters to
the initialization function, which is often inconvenient, because it means
that the function can only access data declared at file scope. This commit
introduces an alternative with a more convenient interface.
Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
Ethan Jackson [Tue, 18 Jun 2013 22:24:33 +0000 (15:24 -0700)]
tunnel: Hide 'struct tnl_port' internally.
This simplifies the tunnel module's interface and prevents us from
having to sync 'struct tnl_port' once ofproto-dpif and
ofproto-dpif-xlate are disentangled.
Signed-off-by: Ethan Jackson <ethan@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Tue, 25 Jun 2013 19:27:13 +0000 (12:27 -0700)]
datapath: Resolve external module dependencies.
The Open vSwitch kernel module now has dependencies on symbols
exported by other kernel modules (currently just for GRE). In
order for it to load, the dependencies must be correctly resolved
ahead of time. This runs depmod as part of the module installation
process and updates the installation instructions.
Jarno Rajahalme [Fri, 28 Jun 2013 16:44:03 +0000 (19:44 +0300)]
Fix table checking for goto table instruction.
Usually the table id in flow mods is 255, which means that goto table
instruction cannot be checked before the table is picked (for flow add),
or the rules to be modified are found (flow mod).
Move goto table checking from decode (ofp-util) to actions checking
(ofp-actions), and postpone the action checking until the table in
which the actions are added is known.
This fixes OFPBRC_BAD_TABLE_ID errors for flow adds that specify the table
id as 255, and have a goto table instruction.
Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Fri, 28 Jun 2013 17:06:58 +0000 (10:06 -0700)]
ofp-util: OpenFlow 1.0 can match IPv6 Ethertype even though not L3 or L4.
OpenFlow 1.0 can match on flows that have the IPv6 Ethertype, but
ofputil_usable_protocols() incorrectly reported that such a match required
NXM or OXM. This commit fixes the problem.
Also, add some related tests.
Reported-by: Nagi Reddy Jonnala <njonnala@Brocade.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Andy Zhou [Fri, 28 Jun 2013 05:02:58 +0000 (22:02 -0700)]
ovs-dpctl: Fix mega flow output
ovs-dpctl sometimes displays wildcarded fields as exact match. This
patch fixes those cases.
This patch implements the following logic. When OVS_FLOW_ATTR_MASK is
missing, the entire key attributes will be displayed as exact match fields.
When OVS_FLOW_ATTR_MASK is present, but some individual key attributes do
not have matching attributes in the mask, those key attributes will be
displayed as wildcarded fields.
Signed-off-by: Andy Zhou <azhou@nicira.com> Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Justin Pettit [Wed, 26 Jun 2013 23:37:16 +0000 (16:37 -0700)]
flow: Only un-wildcard relevant IP headers.
When determining the fields to un-wildcard, we need to be careful
about only un-wildcarding fields that are relevant. Also, we
didn't properly handle IPv6 addresses.
Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
Justin Pettit [Fri, 28 Jun 2013 00:57:57 +0000 (17:57 -0700)]
odp-util: Fix converting masked VLAN from flow.
When converting the VLAN from a flow to an ODP key, the processing logic
would always store the VLAN ethertype. However, when handling a mask,
it should be a mask, not an ethertype. And since we don't support
bit-wise masking of the ethertype, just make it an exact-match mask.
Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
Ethan Jackson [Wed, 19 Jun 2013 21:34:35 +0000 (14:34 -0700)]
bond: Handle unknown slaves in bond_check_admissibility().
In future patches, ofproto-dpif-xlate may be temporarily out of
sync with ofproto-dpif and pass a non-bonded ofport into
bond_check_admissibility(). This patch handles that edge case
gracefully.
Signed-off-by: Ethan Jackson <ethan@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 26 Jun 2013 21:44:39 +0000 (14:44 -0700)]
ofproto-dpif: Refactor checking for in-band special case.
The comments on in_band_rule_check() were more or less wrong (the return
value was no longer used to determine whether a flow could be set up).
This commit fixes the comments and refactors the interface to make better
sense in the current context.
Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
Ethan Jackson [Sat, 22 Jun 2013 17:48:42 +0000 (10:48 -0700)]
connmgr: Remove connmgr_must_output_local().
connmgr_must_output_local() requires a 'struct connmgr' handle,
when in principle, it should simply be enough to know whether or
not in_band is enabled. Breaking this up will allow
ofproto-dpif-xlate to disentangle itself from ofproto-dpif in future
patches.
Signed-off-by: Ethan Jackson <ethan@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Ethan Jackson [Sat, 22 Jun 2013 20:21:39 +0000 (13:21 -0700)]
ofproto-dpif: Remove 'has_bundle_action'.
It requires ofproto-dpif-xlate to poke into 'struct ofproto-dpif'
which won't be allowed in future patches. It's also a case of
premature optimization.
Signed-off-by: Ethan Jackson <ethan@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Mon, 24 Jun 2013 22:02:18 +0000 (15:02 -0700)]
datapath: Make GRE support conditional on CONFIG_NET_IPGRE_DEMUX.
Now that GRE support has been upstreamed into Linux, OVS is
using the components in the native kernel when available. However,
this means that it is now dependent on the appropriate kernel
config, which is CONFIG_NET_IPGRE_DEMUX on 2.6.37 and later.
Reported-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
Justin Pettit [Thu, 27 Jun 2013 20:42:14 +0000 (13:42 -0700)]
datapath: Convert IPv6 TCP and UDP port netlink attributes properly.
The code that converts netlink attributes to a flow match always
stored TCP and UDP ports in the IPv4 structure. This commit
properly puts TCP and UDP traffic into appropriate IPv4 and IPv6
structures.
Swap places of OFPRR_METER_DELETE and OFPRR_EVICTION in enumeration to be
compatible with OpenFlow 1.4.
Prior to OpenFlow 1.4 OFPRR_EVICTION was a Nicira specific flow removal reason
code. OpenFlow 1.3 added support for meters, which require dependent flow
removal when meters are deleted. The reason code for this is also added in
OpenFlow 1.4, but OFPRR_METER_DELETE now has the value OVS previously had for
OFPRR_EVICTION.
Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
ovsdb-server: Make database name mandatory when specifying db paths.
Currently, if we have just one database, we can optionally skip the
database name when providing the DB path for certain options (ex:
--remote=db:[db,]table,column). But in case we have multiple databases,
it is mandatory.
With this commit, we make the database name mandatory. This provides
increased flexibility for an upcoming commit that provides the ability
to add and remove databases during run time.
Feature #14595. Acked-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
ovsdb-server: Store databases in shash instead of array.
An upcoming commit provides the ability to add and remove databases.
Having the databases in a shash instead of an array makes it easier
to add and remove databases.
Feature #14595. Acked-by: Ben Pfaff <blp@nicira.com> Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
This adds support for specifying flow miss handling behaviour at
runtime, through a new "other-config" option in the Open_vSwitch table.
This takes precedence over flow-eviction-threshold.
By default, the behaviour is the same as before. If force-miss-model is
set to 'with-facets', then flow miss handling will always result in the
creation of new facets and flow-eviction-threshold will be ignored. If
force-miss-model is set to 'without-facets', then flow miss handling will never
result in the creation of new facets (effectively the same as setting the
flow-eviction-threshold to 0, which is not currently configurable).
We intend to use this configuration option in the testsuite to force
particular code paths to be used, allowing us to improve test coverage.
Signed-off-by: Joe Stringer <joe@wand.net.nz> Signed-off-by: Ben Pfaff <blp@nicira.com>
Justin Pettit [Tue, 25 Jun 2013 23:40:50 +0000 (16:40 -0700)]
tunnel: Only un-wildcard the ECN bits for IP traffic.
With tunnels carrying IP packets, ECN bits are always inherited by
the encapsulating tunnel. However, it doesn't make sense to
unwildcard the inner packet's TOS fields if the packet is not IP.
Ben Pfaff [Tue, 25 Jun 2013 20:50:26 +0000 (13:50 -0700)]
ovs-thread: Add per-thread data support.
POSIX defines a portable pthread_key_t API for per-thread data. GCC and
C11 have two different forms of per-thread data that are generally faster
than the POSIX API, where they are available. This commit adds a
macro-based wrapper, DEFINE_PER_THREAD_DATA, that takes advantage of these
features where they are available and falls back to the POSIX API
otherwise.
The Clang compiler implements C11 thread_local in its <threads.h>.
This commit also adds a convenience wrapper for the POSIX API, via the
DEFINE_PER_THREAD_MALLOCED_DATA macro.
Signed-off-by: Ben Pfaff <blp@nicira.com> Acked-by: Ethan Jackson <ethan@nicira.com>
Andy Zhou [Tue, 25 Jun 2013 16:21:16 +0000 (09:21 -0700)]
datapath: Make OVS_ACTION_ATTR_USERSPACE action to send packet key
OVS_ACTION_ATTR_USERSPACE action was sending the key from the matching
flow. This works for exact match flows because flow keys are the
same as packet keys. However, it does not work with wildcarded flows as
the packet keys may be different than the flow keys. This patch uses
the packet keys carried in OVS_CB(skb) when calling output_userspace().
Bug #18163
Signed-off-by: Andy Zhou <azhou@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Tue, 21 May 2013 00:14:27 +0000 (17:14 -0700)]
ofproto-dpif: Make "fdb/show" report OpenFlow port numbers.
Users are more likely to be able to reasonably interpret OpenFlow port
numbers than datapath port numbers.
This issue has existed since at least 2011 but only recently has it been
possible for OpenFlow and datapath port numbers to differ (except for the
"local" port).
Reported-by: Christopher Paggen <cpaggen@cisco.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 24 Jun 2013 20:18:46 +0000 (13:18 -0700)]
ofp-util: New function ofputil_port_to_string().
This function is more convenient than ofputil_format_port() when a "struct
ds" is not already in use. This commit converts one caller for which this
was already true, and the following commit will add another.
Jesse Gross [Mon, 24 Jun 2013 19:21:29 +0000 (12:21 -0700)]
datapath: Do not clear key in ovs_match_init()
When executing packets sent from userspace, the majority of the
flow information is extracted from the packet itself and a small
amount of metadata supplied by userspace is added. However, when
adding this metadata, the extracted flow information is currently
being cleared.
This manifests in a problem when executing actions as elements of key are
used when verifying some actions. For example a dec_ttl action verifies the
proto of the flow. An example of a flow that fails as a result of this
problem is:
Ben Pfaff [Mon, 24 Jun 2013 19:25:48 +0000 (12:25 -0700)]
acinclude: Improve detection of not-understood compiler options with clang.
By default, clang warns about but does not fail on unknown -W options.
This made configure add the option to WARNING_FLAGS, which caused the
warning about not-understood warnings to be emitted for every file
compiled.
In combination with -Werror, clang does fail on unknown -W options. This
commit adds -Werror during configure's warning tests, which should cause
the not-understood warnings to be detected that way.
Reported-by: Ed Maste <emaste@freebsd.org> Tested-by: Ed Maste <emaste@freebsd.org> Signed-off-by: Ben Pfaff <blp@nicira.com>
Andy Zhou [Fri, 21 Jun 2013 23:07:08 +0000 (16:07 -0700)]
datapath: Fix a kernel crash caused by corrupted mask list.
When flow table is copied, the mask list from the old table
is not properly copied into the new table. The corrupted mask
list in the new table will lead to kernel crash. This patch
fixes this bug.
Pravin B Shelar [Fri, 21 Jun 2013 00:11:43 +0000 (17:11 -0700)]
gre: Restructure tunneling.
Following patch restructures ovs tunneling and gre vport
implementation to make ovs tunneling more in sync with
upstream kernel tunneling. Doing this tunneling code is
simplified as most of protocol processing on send and
recv is pushed to kernel tunneling. For external ovs
module the code is moved to kernel compatibility code.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Acked-by: Jesse Gross <jesse@nicira.com>
Jesse Gross [Fri, 21 Jun 2013 00:08:09 +0000 (17:08 -0700)]
datapath: Use a single attribute array for parsing values and masks.
When parsing flow Netlink messages we currently have arrays to hold the
attribute pointers for both values and masks. This results in a large
stack, which some compilers warn about. It's not actually necessary
to have both arrays at the same time, so we can collapse this to a
single array.
Reported-by: Pravin B Shelar <pshelar@nicira.com> Signed-off-by: Jesse Gross <jesse@nicira.com>
Justin Pettit [Tue, 11 Jun 2013 01:09:53 +0000 (18:09 -0700)]
ofproto-dpif: Handle failed flow 'put's.
If a flow cannot be installed in the datapath, we should notice
this and not treat it as installed. This becomes an issue with
megaflows, since a batch of unique flows may come in that generate
a single new datapath megaflow that covers them. Since userspace
doesn't know whether the datapath supports megaflows, each unique
flow will get a separate flow entry (which overlap when masks are
applied) and all except the first will get rejected by a megaflow-
supporting datapath as duplicates.
Signed-off-by: Justin Pettit <jpettit@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
James Page [Thu, 20 Jun 2013 21:31:52 +0000 (22:31 +0100)]
tests: Tolerate init process pid != 1.
On Ubuntu Saucy based desktops, upstart runs with user sessions
enabled which means that the init process under which a daemon
might run is not always pid = 1.
Instead of checking for pid = 1, check to ensure that the parent
pid of the monitor is not the pid of the shell that started it.
Signed-off-by: James Page <james.page@ubuntu.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Alex Wang [Wed, 19 Jun 2013 23:58:44 +0000 (16:58 -0700)]
Create specific types for ofp and odp port
Until now, datapath ports and openflow ports were both represented by
unsigned integers of various sizes. With implicit conversions, etc., it is
easy to mix them up and use one where the other is expected. This commit
creates two typedefs, ofp_port_t and odp_port_t. Both of these two types
are marked by "__attribute__((bitwise))" so that sparse can be used to
detect any misuse.
Signed-off-by: Alex Wang <alexw@nicira.com> Signed-off-by: Ben Pfaff <blp@nicira.com>