Alex Wang [Fri, 7 Nov 2014 21:27:05 +0000 (13:27 -0800)]
dpif-netdev: Allow direct destroy of 'struct dp_netdev_port'.
Before this commit, when 'struct dp_netdev_port' is deleted from
'dpif-netdev' datapath, if there is pmd thread, the pmd thread
will release the last reference to the port and ovs-rcu postpone
the destroy. However, the delayed close of object like 'struct
netdev' could cause failure in immediate re-add or reconfigure of
the same device.
To fix the above issue, this commit uses condition variable and
makes the main thread wait for pmd thread to release the reference
when deleting port. Then, the main thread can directly destroy the
port.
Reported-by: Cian Ferriter <cian.ferriter@intel.com> Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
Alex Wang [Fri, 7 Nov 2014 21:02:05 +0000 (13:02 -0800)]
ofproto-dpif-xlate: Allow direct destroy of previous config.
Before this commit, the ofproto-dpif-xlate module uses ovs-rcu to
postpone the destroy of previous configuration. However, the delayed
close of object like 'struct netdev' could cause failure in immediate
re-add or reconfigure of the same device.
To fix the above issue, this commit makes the ofproto-dpif-xlate
module call ovsrcu_synchronize(), which waits for all threads
to finish the use of reference to previous config. Then, the
module can just directly destroy the previous config.
Reported-by: Cian Ferriter <cian.ferriter@intel.com> Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Alex Wang [Sat, 8 Nov 2014 01:11:07 +0000 (17:11 -0800)]
dpif-netdev: Move 'struct dp_netdev_port' initialization before use.
There is a portion of the 'struct dp_netdev_port' initialization
that is placed after the reload of pmd threads. This means in
theory, there could be a race where pmd threads access half-
initialized struct. Although such race has not been seen, it
makes sense to fully initialize the struct before use.
Found by code inspection.
Signed-off-by: Alex Wang <alexw@nicira.com> Acked-by: Pravin B Shelar <pshelar@nicira.com>
Pravin B Shelar [Tue, 11 Nov 2014 19:53:47 +0000 (11:53 -0800)]
openvswitch: Userspace tunneling.
Following patch adds support for userspace tunneling. Tunneling
needs three more component first is routing table which is configured by
caching kernel routes and second is ARP cache which build automatically
by snooping arp. And third is tunnel protocol table which list all
listening protocols which is populated by vswitchd as tunnel ports
are added. GRE and VXLAN protocol support is added in this patch.
Tunneling works as follows:
On packet receive vswitchd check if this packet is targeted to tunnel
port. If it is then vswitchd inserts tunnel pop action which pops
header and sends packet to tunnel port.
On packet xmit rather than generating Set tunnel action it generate
tunnel push action which has tunnel header data. datapath can use
tunnel-push action data to generate header for each packet and
forward this packet to output port. Since tunnel-push action
contains most of packet header vswitchd needs to lookup routing
table and arp table to build this action.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Acked-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Thomas Graf <tgraf@noironetworks.com> Acked-by: Ben Pfaff <blp@nicira.com>
Pravin B Shelar [Mon, 10 Nov 2014 20:46:11 +0000 (12:46 -0800)]
util: Introduce ovs_scan_len()
This is similar to ovs_scan but takes int pointer as extra
parameter, this pointer point to starting index of the string.
On successful scan this API stores number of characters
scanned. This API is useful for parsing complex odp actions
e.g. tun_push action.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com> Acked-by: Thomas Graf <tgraf@noironetworks.com> Acked-by: Ben Pfaff <blp@nicira.com>
AT_XFAIL_IF cannot be used here because it lets the tests
run first and then say that the failure is expected. In this
particular test, the utilities simply hang blocking all
other tests. So use AT_SKIP_IF instead.
Eitan Eliahu [Wed, 12 Nov 2014 09:31:27 +0000 (01:31 -0800)]
datapath-windows: Update port property.
Update Hyper-V port properties on NDIS property port set callback.
Driver update the port friendly name in its internal table.
Since the NIC Create callback won't be called after we need to maintain the
NIC and THE OVS states of the Vport.
Setting a new friendly name was tested in the following states:
[1] The port is disconnected
[2] The port is connected but not OVS user mode counter port
[3] The port is connected and an OCS port associated with it
Scott Mann [Sat, 8 Nov 2014 03:02:09 +0000 (19:02 -0800)]
Build: Add support for shared libraries and versioning.
These changes allow for the building of shared libraries by providing
the --enable-shared option to configure. In particular, lib/libopenvwitch.so,
lib/libsflow.so, ofproto/libofproto.so, and ovsdb/libovsdb.so will be built.
Original behavior of building static remains the same.
Additionally, versioning is introduced to each of the libraries objects
paving the way for APIs to be built around them. A detailed comment
outlining the rules for changing a version number is provided in
configure.ac. Note that at this time, the version number is set to
1.0.0, no API is specified yet, and there are no requirements to
maintain any sort of compatibility in any of the libraries.
Signed-off-by: Scott Mann <smann@noironetworks.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Neil McKee [Fri, 27 Jun 2014 18:19:59 +0000 (11:19 -0700)]
sflow: Export LAG, PORTNAME, and OPENFLOWPORT information also.
Export standard sFlow LAG, PORTNAME and OPENFLOWPORT structures with each
counter-sample. Add unit-test for sFlow-LAG. Adjust other unit-tests to
accommodate these new annotations.
The sFlow-LAG structures are important for topology discovery, for
troubleshooting LAG instability, and for correctly combining
sFlow feeds from multiple sources.
The OPENFLOWPORT and PORTNAME structures are important for systems that
aim to combine sFlow monitoring with OpenFlow controls, as they
provide straightforward mapping (1) between sFlow agent IP and OpenFlow
datapath-id, and (2) between interface name,ifIndex and OpenFlow
port number.
Signed-off-by: Neil McKee <neil.mckee@inmon.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Simon Horman [Tue, 11 Nov 2014 03:39:22 +0000 (12:39 +0900)]
ofp-parse: Parse (draft) OpenFlow 1.5 bucket ids.
This is part of support for (draft) OpenFlow 1.5 flow mod messages.
This adds support for specifying the bucket_id of buckets of groups in
ovs-ofctl and documents that accordingly.
ONF-JIRA: EXT-350 Signed-off-by: Simon Horman <simon.horman@netronome.com>
[blp@nicira.com tweaked the documentation] Signed-off-by: Ben Pfaff <blp@nicira.com>
Simon Horman [Tue, 11 Nov 2014 03:39:19 +0000 (12:39 +0900)]
ofp-util: Encoding and decoding of (draft) OpenFlow 1.5 group messages.
This provides the bulk of the ofproto side of support for
OpenFlow 1.5 group messages. It provides for encoding and decoding
of updated group mod and group desc reply messages. This includes
a new bucket format and their properties.
Open Flow 1.5 Groups also have properties but as no non-experimenter
properties are defined this patch does not provide parsing or encoding
of group properties.
ONF-JIRA: EXT-350 Signed-off-by: Simon Horman <simon.horman@netronome.com>
[blp@nicira.com fixed minor bugs and style issues] Signed-off-by: Ben Pfaff <blp@nicira.com>
Jarno Rajahalme [Wed, 5 Nov 2014 18:10:13 +0000 (10:10 -0800)]
Fix setting transport ports with frags.
Packets with 'LATER' fragment do not have a transport header, so it is
not possible to either match on or set transport ports on such
packets. Matching is prevented by augmenting mf_are_prereqs_ok() with
a nw_frag 'LATER' bit check. Setting the transport headers on such
packets is prevented in three ways:
1. Flows with an explicit match on nw_frag, where the LATER bit is 1:
existing calls to the modified mf_are_prereqs_ok() prohibit using
transport header fields (port numbers) in OXM/NXM actions
(set_field, move). SET_TP_* actions need a new check on the LATER
bit.
2. Flows that wildcard the nw_frag LATER bit: At flow translation
time, add calls to mf_are_prereqs_ok() to make sure that we do not
use transport ports in flows that do not have them.
3. At action execution time, do not set transport ports, if the packet
does not have a full transport header. This ensures that we never
call the packet_set functions, that require a valid transport
header, with packets that do not have them. For example, if the
flow was created with a IPv6 first fragment that had the full TCP
header, but the next packet's first fragment is missing them.
3 alone would suffice for correct behavior, but 1 and 2 seem like a
right thing to do, anyway.
Currently, if we are setting port numbers, we will also match them,
due to us tracking the set fields with the same flow_wildcards as the
matched fields. Hence, if the incoming port number was not zero, the
flow would not match any packets with missing or truncated transport
headers. However, relying on no packets having zero port numbers
would not be very robust. Also, we may separate the tracking of set
and matched fields in the future, which would allow some flows that
blindly set port numbers to not match on them at all.
For TCP in case 3 we use ofpbuf_get_tcp_payload() that requires the
whole (potentially variable size) TCP header to be present. However,
when parsing a flow, we only require the fixed size portion of the TCP
header to be present, which would be enough to set the port numbers
and fix the TCP checksum.
Finally, we add tests testing the new behavior.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Jarno Rajahalme [Wed, 5 Nov 2014 18:10:13 +0000 (10:10 -0800)]
miniflow_extract: Properly handle small IP packets.
Ethernet frames may contain padding after the IP payload. When
parsing IP packets, check the IP total size (IPv4) or IP payload size
(IPv6) to detect the size of l2 padding. The l2 padding size is
stored in the ofpbuf to prevent ofpbuf_pull from entering the padding,
as well as to allow ofpbuf_l4_size() to return the size of the IP
payload without the l2 padding.
This helps avoiding parsing truncated transport headers, for example.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Jarno Rajahalme [Mon, 10 Nov 2014 21:14:29 +0000 (13:14 -0800)]
ofproto-dpif: Clean up table lookup code.
Keep knowledge about ofproto-dpif internal rules within ofproto-dpif.
This removes duplication of code (accross multiple files), and allows
making the ofproto-dpif-xlate interface a bit smaller.
'may_packet_in' was previously not honored for the
'LOOKUP_VERDICT_DEFAULT' case. Now it is, but this change did not
break any unit tests.
Also, previously in the 'LOOKUP_VERDICT_CONTROLLER' case packet-in
messages would have been generated when the in_port could not be found
('config' was set to zero in this case, causing 'OFPUTIL_PC_NO_PACKET_IN'
flag to be zero as well). This patch changes this behavior and never
issues packet-in messages when the in_port cannot be found. This did
not break any unit tests either.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Rishi Bamba [Fri, 7 Nov 2014 12:48:48 +0000 (18:18 +0530)]
Add support for OpenFlow 1.4+ "importance" values.
This patch enables a user to set importance for a new rule via add-flow
OF1.4+ in the OVS and display the same via dump-flows command OF1.4+.
The changes are made in accordance with OpenFlow 1.4 specs to implement
eviction on the basis of "importance". This patch also enhances the
diff-flows & replace-flows CLI for addition of importance parameter in
a rule.
This doesn't actually implement eviction on the basis of importance, which
will happen in a later patch.
Signed-off-by: Rishi Bamba <rishi.bamba@tcs.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Simon Horman [Mon, 10 Nov 2014 04:47:49 +0000 (13:47 +0900)]
id-pool: Refactor id_pool_alloc_id to allow any 32 bit value to be an id
id_pool_alloc_id() was created by breaking out the recirculation
allocation code. As it is now a library call it makes sense to remove
the restriction that id 0 is reserved.
Signed-off-by: Simon Horman <simon.horman@netronome.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Simon Horman [Mon, 10 Nov 2014 04:47:48 +0000 (13:47 +0900)]
id-pool: Re-factor recirculation id allocator into standalone id pool.
Refactor the lock-free portion of the recirculation id allocator
into stand-alone id pool. This is in preparation for re-using
that portion to allocate bucket ids which are part of (draft)
OpenFlow 1.5 groups.
ONF-JIRA: EXT-350 Signed-off-by: Simon Horman <simon.horman@netronome.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Pravin B Shelar [Sat, 8 Nov 2014 15:24:42 +0000 (07:24 -0800)]
datapath: fix coding style.
Kernel datapath code has diverged from upstream code. This
makes porting patches between these two code bases harder
than it needs to be. Following patch fixes this by fixing
coding style issues on this branch.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Simon Horman [Sat, 8 Nov 2014 21:53:52 +0000 (13:53 -0800)]
datapath: Rename last_action() as nla_is_last() and move to netlink.h
The original motivation for this change was to allow the helper to be used
in files other than actions.c as part of work on an odp select group
action.
It was as pointed out by Thomas Graf that this helper would be best off
living in netlink.h. Furthermore, I think that the generic nature of this
helper means it is best off in netlink.h regardless of if it is used more
than one .c file or not. Thus, I would like it considered independent of
the work on an odp select group action.
Cc: Thomas Graf <tgraf@suug.ch> Cc: Pravin Shelar <pshelar@nicira.com> Cc: Andy Zhou <azhou@nicira.com> Signed-off-by: Simon Horman <simon.horman@netronome.com> Acked-by: Thomas Graf <tgraf@noironetworks.com> Signed-off-by: David S. Miller <davem@davemloft.net> Acked-by: Pravin B Shelar <pshelar@nicira.com>
Jarno Rajahalme [Mon, 27 Oct 2014 17:57:28 +0000 (10:57 -0700)]
classifier: Constify fields.
Some struct cls_match and cls_subtable fields were already documented
of being const. Make them const and use CONST_CAST where appropriate
to initialize them.
This will help catch future errors modifying those fields after
initialization.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
Jarno Rajahalme [Mon, 3 Nov 2014 17:56:54 +0000 (09:56 -0800)]
classifier: Make classifier_find_rule_exactly() lockless.
struct cls_match 'list' member was recently changed to an rculist.
This allows classifier_find_rule_exactly() to be made lockless.
Since subtable's 'max_priority' member would still require a lock, we
no longer check it before calling find_equal(). This adds a hash
table lookup in cases where the subtable may already be known to not
contain any rule of the target priority.
classifier_find_rule_exactly() is never called on the fastpath, so
this should not be significant.
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com> Acked-by: Ben Pfaff <blp@nicira.com>
The systemd requires some actions when the package is
installed, upgraded or removed. This patch adds the
needed RPM sections with the missing systemd actions.
There is a change in behavior - the service is not enabled
or started by default.
Signed-off-by: Flavio Leitner <fbl@redhat.com> Signed-off-by: Ben Pfaff <blp@nicira.com>
Flavio Leitner [Thu, 6 Nov 2014 18:45:29 +0000 (16:45 -0200)]
fedora-spec: add openvswitch-test package
Put the utilities that are useful to diagnose performance
and connectivity issues in Open vSwitch setup into another
package since they are not needed in most cases.
Signed-off-by: Flavio Leitner <fbl@redhat.com> Signed-off-by: Ben Pfaff <blp@nicira.com>