2
0
mirror of https://github.com/openvswitch/ovs synced 2025-10-25 15:07:05 +00:00
Commit Graph

549 Commits

Author SHA1 Message Date
Jarno Rajahalme
8319a81a0a ofp-util: Do not assert fail if decoding malformed property.
OVS should not crash if the controller sends a malformed OpenFlow
message.  Return the error code instead.

Suggested-by: Ben Pfaff <blp@ovn.org>
Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
2017-01-06 18:14:48 -08:00
Daniele Di Proietto
140f36ba46 ofproto: Fix crash on flow monitor request with tun_metadata.
nx_put_match() needs a non-NULL tunnel metadata table, otherwise it will
crash if a flow matches on tunnel metadata.

This wasn't handled in ofputil_append_flow_update(), causing a crash
when the controller sent a flow monitor request.

To fix the problem, this commit changes ofputil_append_flow_update() to
behave like ofputil_append_flow_stats_reply().
Since ofputil_append_flow_update() now needs to temporarily modify the
match, this commits also embeds 'struct match' into 'struct
ofputil_flow_update', to be safer.  This is more similar to
'struct ofputil_flow_stats'.

A regression test is added and a comment is updated in ovs-ofctl.c

 #0  0x000055699bd82fa0 in memcpy_from_metadata (dst=0x7ffc770930d0, src=0x7ffc77093698, loc=0x18) at ../lib/tun-metadata.c:451
 #1  0x000055699bd83c2e in metadata_loc_from_match_read (map=0x0, match=0x7ffc77093410, idx=0, mask=0x7ffc77093658, is_masked=0x7ffc77093287) at ../lib/tun-metadata.c:848
 #2  0x000055699bd83d9b in tun_metadata_to_nx_match (b=0x55699d3f0300, oxm=0, match=0x7ffc77093410) at ../lib/tun-metadata.c:871
 #3  0x000055699bce523d in nx_put_raw (b=0x55699d3f0300, oxm=0, match=0x7ffc77093410, cookie=0, cookie_mask=0) at ../lib/nx-match.c:1052
 #4  0x000055699bce5580 in nx_put_match (b=0x55699d3f0300, match=0x7ffc77093410, cookie=0, cookie_mask=0) at ../lib/nx-match.c:1116
 #5  0x000055699bd3926f in ofputil_append_flow_update (update=0x7ffc770940b0, replies=0x7ffc77094e00) at ../lib/ofp-util.c:6805
 #6  0x000055699bc4b5a9 in ofproto_compose_flow_refresh_update (rule=0x55699d405b40, flags=(NXFMF_INITIAL | NXFMF_ACTIONS), msgs=0x7ffc77094e00) at ../ofproto/ofproto.c:5915
 #7  0x000055699bc4b5f6 in ofmonitor_compose_refresh_updates (rules=0x7ffc77094e10, msgs=0x7ffc77094e00) at ../ofproto/ofproto.c:5929
 #8  0x000055699bc4bafc in handle_flow_monitor_request (ofconn=0x55699d404090, oh=0x55699d404220) at ../ofproto/ofproto.c:6082
 #9  0x000055699bc4f46d in handle_openflow__ (ofconn=0x55699d404090, msg=0x55699d404910) at ../ofproto/ofproto.c:7912
 #10 0x000055699bc4f5df in handle_openflow (ofconn=0x55699d404090, ofp_msg=0x55699d404910) at ../ofproto/ofproto.c:8002
 #11 0x000055699bc88154 in ofconn_run (ofconn=0x55699d404090, handle_openflow=0x55699bc4f5bc <handle_openflow>) at ../ofproto/connmgr.c:1427
 #12 0x000055699bc85934 in connmgr_run (mgr=0x55699d3adb90, handle_openflow=0x55699bc4f5bc <handle_openflow>) at ../ofproto/connmgr.c:363
 #13 0x000055699bc422c9 in ofproto_run (p=0x55699d3c85e0) at ../ofproto/ofproto.c:1798
 #14 0x000055699bc31ec6 in bridge_run__ () at ../vswitchd/bridge.c:2881
 #15 0x000055699bc320a6 in bridge_run () at ../vswitchd/bridge.c:2938
 #16 0x000055699bc3784e in main (argc=10, argv=0x7ffc770952c8) at ../vswitchd/ovs-vswitchd.c:111

Fixes: 8d8ab6c2d5 ("tun-metadata: Manage tunnel TLV mapping table on a
per-bridge basis.")

Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
Acked-by: Ben Pfaff <blp@ovn.org>
2017-01-04 16:35:18 -08:00
Stephen Finucane
7c9afefd0a doc: Populate 'topics' section
There are many docs that don't need to kept at the top level, along
with many more hidden in random folders. Move them all.

This also allows us to add the '-W' flag to Sphinx, ensuring unindexed
docs result in build failures.

Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-12-12 08:57:06 -08:00
Jarno Rajahalme
50b73fe165 ofproto: Return the OFPC_BUNDLES bit in switch features reply.
Add definitions for the OpenFlow 1.4.1/1.5 specific capabilities bits
OFPC14_BUNDLES and OFPC14_FLOW_MONITORING.  Return the bundles
capability bit in switch features reply.

Reported-by: Andrej Leitner <andrej.leitner@pantheon.tech>
Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
2016-11-14 13:24:55 -08:00
Stephen Finucane
368ed582a0 doc: Convert DESIGN to rST
This is a top-level document, so plain old rST is preferred.

Signed-off-by: Stephen Finucane <stephen@that.guru>
Signed-off-by: Russell Bryant <russell@ovn.org>
2016-11-03 15:28:09 -04:00
Justin Pettit
2a7c4805a7 Add OpenFlow command to flush conntrack table entries.
Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
2016-09-23 12:06:59 -07:00
Jesse Gross
8d8ab6c2d5 tun-metadata: Manage tunnel TLV mapping table on a per-bridge basis.
When using tunnel TLVs (at the moment, this means Geneve options), a
controller must first map the class and type onto an appropriate OXM
field so that it can be used in OVS flow operations. This table is
managed using OpenFlow extensions.

The original code that added support for TLVs made the mapping table
global as a simplification. However, this is not really logically
correct as the OpenFlow management commands are operating on a per-bridge
basis. This removes the original limitation to make the table per-bridge.

One nice result of this change is that it is generally clearer whether
the tunnel metadata is in datapath or OpenFlow format. Rather than
allowing ad-hoc format changes and trying to handle both formats in the
tunnel metadata functions, the format is more clearly separated by function.
Datapaths (both kernel and userspace) use datapath format and it is not
changed during the upcall process. At the beginning of action translation,
tunnel metadata is converted to OpenFlow format and flows and wildcards
are translated back at the end of the process.

As an additional benefit, this change improves performance in some flow
setup situations by keeping the tunnel metadata in the original packet
format in more cases. This helps when copies need to be made as the amount
of data touched is only what is present in the packet rather than the
maximum amount of metadata supported.

Co-authored-by: Madhu Challa <challa@noironetworks.com>
Signed-off-by: Madhu Challa <challa@noironetworks.com>
Signed-off-by: Jesse Gross <jesse@kernel.org>
Acked-by: Ben Pfaff <blp@ovn.org>
2016-09-19 09:52:22 -07:00
Jarno Rajahalme
53cc166ae5 xlate: Use dp_hash for select groups.
Add a new select group selection method "dp_hash", which uses minimal
number of bits from the datapath calculated packet hash to inform the
select group bucket selection.  This makes the datapath flows more
generic resulting in less upcalls to userspace, but adds recirculation
prior to group selection.

Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
2016-09-16 09:39:13 -07:00
Jarno Rajahalme
6dd3c787f5 ofproto: Support packet_outs in bundles.
Add support for OFPT_PACKET_OUT messages in bundles.

While ovs-ofctl already has a packet-out command, we did not have a
string parser for it, as the parsing was done directly from command
line arguments.

This patch adds the string parser for packet-out messages, adds
support for it into the 'ovs-ofctl packet-out' command, and adds a new
ofctl/packet-out ovs-appctl command that can be used when ovs-ofctl is
used as a flow monitor.  The old 'ovs-ofctl packet-out syntax is
deprecated' and will be removed in a later OVS release.

The new packet-out parser is further supported with the ovs-ofctl
bundle command, which allows bundles to mix flow mods, group mods and
packet-out messages.  Also the packet-outs in bundles are only
executed if the whole bundle is successful.  A failing packet-out
translation may also make the whole bundle to fail.

Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
2016-09-14 16:51:27 -07:00
Jarno Rajahalme
c184807ced lib: Retire packet buffering feature.
OVS implementation of buffering packets that are sent to the
controller is not compliant with the OpenFlow specifications after
OpenFlow 1.0, which is possibly true since OpenFlow 1.0 is not really
specifying the packet buffering behavior.

OVS implementation executes the buffered packet against the actions of
the modified or added rule, whereas OpenFlow (since 1.1) specifies
that the packet should be matched against the flow table 0 and
processed accordingly.

Rather than fix this behavior, and potentially break OVS users, the
packet buffering feature is removed altogether.  After all, such
packet buffering is an optional OpenFlow feature, and as such any
possible users should continue to work without this feature.

This patch also makes OVS check the received 'buffer_id' values more
rigorously, and fixes some internal users accordingly.

Found by inspection.

Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
2016-08-30 10:20:51 -07:00
Jarno Rajahalme
5aacc3e2b9 ofp-util: remove flow mod's delete_reason.
We can use the rule's removed_reason instead.

Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
2016-07-29 16:52:04 -07:00
Jarno Rajahalme
25070e045e ofproto: Support group mods in bundles.
Allow adding group mods in OpenFlow bundles.  Group mods are executed
atomically with any flow mods in the same bundle.  Mods are executed
in order, so that groups appearing in flow actions need to be inserted
in to the bundle before the dependent flow mods.

ovs-ofctl is enhanced to allow the '--bundle' option with group mod
commands.  add-groups file format is enhanced to allow each line to be
preceded by one of the keywords "add", "modify", "delete",
"add_or_mod", "insert_bucket", or "remove_bucket".

ovs-ofctl also has a new "bundle" command that reads a file in which
each line contains one flow mod or group mod, and then executes them
all as a single atomic bundle transaction.

Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
2016-07-29 16:52:04 -07:00
Jarno Rajahalme
e8dba71979 meta-flow: Compact struct field_array.
struct field_array is included in each ofgroup, but the current
implementation is very sparse, using more than 20kb of data.

Also loop over 1-bits instead of each and every MF type to make
processing faster.

Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
2016-07-29 16:52:04 -07:00
Jarno Rajahalme
b475c92274 ofp-util: Do not free() field that is not allocated.
Group properties field array is not dynamically allocated, so it
should not be freed.  This has not been a problem, as this function
has not been called by anyone so far, but following patch will.

Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
2016-07-29 16:52:03 -07:00
Jarno Rajahalme
bcf899f712 vconn: Update length of bundled messages.
Variable length messages need their length updated before they can be
added to the bundle.

Message length updating after encoding is sometimes done by the
encoding function, but always latest when the message is sent out.  As
an OpenFlow message is added to a bundle add message, it will not be
sent by itself, and we need to update the length explicitly instead.

Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
2016-07-29 16:52:03 -07:00
Terry Wilson
ee89ea7b47 json: Move from lib to include/openvswitch.
To easily allow both in- and out-of-tree building of the Python
wrapper for the OVS JSON parser (e.g. w/ pip), move json.h to
include/openvswitch. This also requires moving lib/{hmap,shash}.h.

Both hmap.h and shash.h were #include-ing "util.h" even though the
headers themselves did not use anything from there, but rather from
include/openvswitch/util.h. Fixing that required including util.h
in several C files mostly due to OVS_NOT_REACHED and things like
xmalloc.

Signed-off-by: Terry Wilson <twilson@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-07-22 17:09:17 -07:00
Justin Pettit
847b8b027a Increase number of registers to 16.
With eight 32-bit registers, we can only store two IPv6 addresses, which is
pretty tight.

Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
2016-07-12 21:14:02 -07:00
Jan Scheurich
88b87a3612 ofproto: Add relaxed group_mod command ADD_OR_MOD
This patch adds support for a new Group Mod command OFPGC_ADD_OR_MOD to
OVS for all OpenFlow versions that support groups (OF11 and higher).
The new ADD_OR_MOD creates a group that does not yet exist (like ADD)
and modifies an existing group (like MODIFY).

Rational: In OpenFlow 1.x the Group Mod commands OFPGC_ADD and
OFPGC_MODIFY have strict semantics: ADD fails if the group exists,
while MODIFY fails if the group does not exist. This requires a
controller to exactly know the state of the switch when programming a
group in order not run the risk of getting an OFP Error message in
response. This is hard to achieve and maintain at all times in view of
possible switch and controller restarts or other connection losses
between switch and controller.

Due to the un-acknowledged nature of the Group Mod message programming
groups safely and efficiently at the same time is virtually impossible
as the controller has to either query the existence of the group prior
to each Group Mod message or to insert a Barrier Request/Reply after
every group to be sure that no Error can be received at a later stage
and require a complicated roll-back of any dependent actions taken
between the failed Group Mod and the Error.

In the ovs-ofctl command line the ADD_OR_MOD command is made available
through the new option --may-create in the mod-group command:

$ ovs-ofctl -Oopenflow13 del-groups br-int group_id=100

$ ovs-ofctl -Oopenflow13 mod-group br-int
group_id=100,type=indirect,bucket=actions=2 OFPT_ERROR (OF1.3)
(xid=0x2): OFPGMFC_UNKNOWN_GROUP OFPT_GROUP_MOD (OF1.3) (xid=0x2):
 MOD group_id=100,type=indirect,bucket=actions=output:2

$ ovs-ofctl -Oopenflow13 --may-create mod-group br-int
group_id=100,type=indirect,bucket=actions=2

$ ovs-ofctl -Oopenflow13 dump-groups br-int
OFPST_GROUP_DESC reply (OF1.3) (xid=0x2):
 group_id=100,type=indirect,bucket=actions=output:2

$ ovs-ofctl -Oopenflow13 --may-create mod-group br-int
group_id=100,type=indirect,bucket=actions=3

$ ovs-ofctl -Oopenflow13 dump-groups br-int
OFPST_GROUP_DESC reply (OF1.3) (xid=0x2):
 group_id=100,type=indirect,bucket=actions=output:3

Signed-off-by: Jan Scheurich <jan.scheurich at web.de>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-07-02 21:10:32 -07:00
Ben Pfaff
05e81316ca ofp-util: Zero out padding bytes in ofputil_ipfix_stats_to_reply().
Otherwise IPFIX statistics leak memory from ovs-vswitchd.

Reported-by: William Tu <u9012063@gmail.com>
Reported-at: http://openvswitch.org/pipermail/dev/2016-June/073769.html
Acked-by: William Tu <u9012063@gmail.com>
Tested-by: Daniel Ye <daniely@vmware.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-06-26 20:24:55 -07:00
Ben Pfaff
4a48cdfbf1 ofp-util: Fix parsing of parenthesized values within key-value pairs.
Reported-by: james hopper <jameshopper@email.com>
Reported-at: http://openvswitch.org/pipermail/discuss/2016-June/021662.html
Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-06-14 16:22:15 -07:00
Benli Ye
fb8f22c186 ipfix: Add support for exporting ipfix statistics.
It is meaningful for user to check the stats of IPFIX.
Using IPFIX stats, user can know how much flows the system
can support. It is also can be used for performance check
of IPFIX.

IPFIX stats is added for per IPFIX exporter. If bridge IPFIX is
enabled on the bridge, the whole bridge will have one exporter.
For flow IPFIX, the system keeps per id (column in
Flow_Sample_Collector_Set) per exporter.

1) Add 'ovs-ofctl dump-ipfix-bridge SWITCH' to export IPFIX stats of
   the bridge which enable bridge IPFIX. The output format:
   NXST_IPFIX_BRIDGE reply (xid=0x2):
     bridge ipfix: flows=0, current flows=0, sampled pkts=0, \
                   ipv4 ok=0, ipv6 ok=0, tx pkts=0
                   pkts errs=0, ipv4 errs=0, ipv6 errs=0, tx errs=0
2) Add 'ovs-ofctl dump-ipfix-flow SWITCH' to export IPFIX stats of
   the bridge which enable flow IPFIX. The output format:
   NXST_IPFIX_FLOW reply (xid=0x2): 2 ids
     id   1: flows=4, current flows=4, sampled pkts=14, ipv4 ok=13, \
             ipv6 ok=0, tx pkts=0
             pkts errs=0, ipv4 errs=0, ipv6 errs=0, tx errs=0
     id   2: flows=0, current flows=0, sampled pkts=0, ipv4 ok=0, \
             ipv6 ok=0, tx pkts=0
             pkts errs=0, ipv4 errs=0, ipv6 errs=0, tx errs=0

flows: the number of total flow records, including those exported.
current flows: the number of current flow records cached.
sampled pkts: Successfully sampled packet count.
ipv4 ok: successfully sampled IPv4 flow packet count.
ipv6 ok: Successfully sampled IPv6 flow packet count.
tx pkts: the count of IPFIX exported packets sent  to the collector(s).
pkts errs: count of packets failed when sampling, maybe not supported or other error.
ipv4 errs: Count of IPV4 flow packet in the error packets.
ipv6 errs: Count of IPV6 flow packet in the error packets.
tx errs: the count of IPFIX exported packets failed when sending to the collector(s).

Signed-off-by: Benli Ye <daniely@vmware.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-06-14 08:27:22 -07:00
mweglicx
d6e3feb57c Add support for extended netdev statistics based on RFC 2819.
Implementation of new statistics extension for DPDK ports:
- Add new counters definition to netdev struct and open flow,
  based on RFC2819.
- Initialize netdev statistics as "filtered out"
  before passing it to particular netdev implementation
  (because of that change, statistics which are not
  collected are reported as filtered out, and some
  unit tests were modified in this respect).
- New statistics are retrieved using experimenter code and
  are printed as a result to ofctl dump-ports.
- New counters are available for OpenFlow 1.4+.
- Add new vendor id: INTEL_VENDOR_ID.
- New statistics are printed to output via ofctl only if those
  are present in reply message.
- Add new file header: include/openflow/intel-ext.h which
  contains new statistics definition.
- Extended statistics are implemented only for dpdk-physical
  and dpdk-vhost port types.
- Dpdk-physical implementation uses xstats to collect statistics.
- Dpdk-vhost implements only part of statistics (RX packet sized
  based counters).

Signed-off-by: Michal Weglicki <michalx.weglicki@intel.com>
[blp@ovn.org made software devices more consistent]
Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-05-06 15:28:56 -07:00
Ben Pfaff
bc02606a9a ofp-errors: Introduce OF1.6 (proposed) error code for OFPBFC_BAD_VERSION.
ONF-JIRA: EXT-550
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Ryan Moats <rmoats@us.ibm.com>
2016-04-18 08:50:09 -07:00
Ben Pfaff
b79d45a1cf Add skeleton for OF1.6 support.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Ryan Moats <rmoats@us.ibm.com>
2016-04-18 08:49:59 -07:00
Ben Warren
25d436fbd4 Move lib/ofp-print.h to include/openvswitch directory
Signed-off-by: Ben Warren <ben@skyportsystems.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-04-14 16:38:32 -07:00
Ben Warren
66bd43fa50 Move lib/ofp-prop.h to include/openvswitch directory
Signed-off-by: Ben Warren <ben@skyportsystems.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-04-14 16:38:31 -07:00
Ben Warren
b598f21436 Move lib/ofp-actions.h to include/openvswitch directory
Signed-off-by: Ben Warren <ben@skyportsystems.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-04-14 16:38:24 -07:00
Ben Warren
d271907f81 Move lib/ofp-msgs.h to include/openvswitch directory
Signed-off-by: Ben Warren <ben@skyportsystems.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-04-14 13:48:58 -07:00
Ben Warren
f424833659 Move lib/ofp-util.h to include/openvswitch directory
This commit also adds several #include directives in source files in
order to make the 'ofp-util.h' move possible

Signed-off-by: Ben Warren <ben@skyportsystems.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-04-14 13:48:25 -07:00
Ben Warren
ae06a5610a Move lib/type-props.h to include/openvswitch directory
Signed-off-by: Ben Warren <ben@skyportsystems.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-04-14 13:48:05 -07:00
Ben Warren
064d7f8428 Move lib/meta-flow.h to include/openvswitch directory
This commit also moves some bitmap macros into public header files and
adds some #include directives in soure files in order to make the
'meta-flow.h' move possible.

Signed-off-by: Ben Warren <ben@skyportsystems.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-04-14 13:47:18 -07:00
Ben Warren
d5dc60f0d3 Break uuid.h into private and public parts
Public (struct definitions and some prototypes) go in
include/openvswitch

Signed-off-by: Ben Warren <ben@skyportsystems.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-04-14 13:40:32 -07:00
László Sürü
beaa2b8702 ofp-util: Fix indirect group delete message with no buckets.
Using OpenFlow v1.3.5 and onwards OVS 2.5.0 returns OFPGMFC_INVALID_GROUP
error when an INDIRECT type of group deletion requested, although the
delete message is according to OpenFlow v1.3.5 standard.

The reason is the conflicting protocol check in Open  vSwitch's OpenFlow
termination, that is the indirect group delete command is once checked not
to include any bucket - as described in standard, and secondly checked to
include exactly one bucket - as also mandatory for indirect groups.

This error is not seen in the OVS internal make time verification (make check),
as ovs-ofctl CLI tool does not accept group type as command argument.
Therefore indirect group delete works, although internally it is converted into
ALL group type.

The fix is simply to ignore the mandatory single bucket check in case of
indirect group delete.  On the other hand the check is still executed in case
of group addition or modification.

Moreover to this it is planned to extend 'ovs-ofctl del-groups' arguments with
a group 'type' as well to for test purposes.

Signed-off-by: László Sűrű <laszlo.suru@ericsson.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-03-30 16:53:22 -07:00
Ben Warren
64c967795b Move lib/ofpbuf.h to include/openvswitch directory
Signed-off-by: Ben Warren <ben@skyportsystems.com>
Acked-by: Ryan Moats <rmoats@us.ibm.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-03-30 13:10:18 -07:00
Ben Warren
417e7e66e1 list: Rename all functions in list.h with ovs_ prefix.
This attempts to prevent namespace collisions with other list libraries

Signed-off-by: Ben Warren <ben@skyportsystems.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-03-30 13:04:32 -07:00
Ben Warren
3e8a2ad145 Move lib/dynamic-string.h to include/openvswitch directory
Signed-off-by: Ben Warren <ben@skyportsystems.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-03-19 10:02:12 -07:00
Ben Warren
e03c096dd0 Move lib/ofp-errors.h to include/openvswitch directory
Signed-off-by: Ben Warren <ben@skyportsystems.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-03-19 09:43:12 -07:00
William Tu
ef5774e30e ofp-util: Fix use-after-free in group append.
It is possible for ofpbuf_put() to realloc a newly allocated address,
casuing the previously referenced pointer, ogds, points to old/free'd
address. The issue is generated by forcing ofpbuf_put() to use newly
allocated buffer and valgrind reports invalid write. The similiar syndrome
is reported at: https://patchwork.ozlabs.org/patch/591330/

Invalid write of size 2
    ofputil_append_ofp15_group_desc_reply (ofp-util.c:8367)
    ofputil_append_group_desc_reply (ofp-util.c:8392)
    append_group_desc (ofproto.c:6262)
    handle_group_request (ofproto.c:6230)
    handle_group_desc_stats_request (ofproto.c:6269)
    handle_openflow__ (ofproto.c:7337)
    handle_openflow (ofproto.c:7403)
    ofconn_run (connmgr.c:1379)
    connmgr_run (connmgr.c:323)
    ofproto_run (ofproto.c:1762)
    bridge_run__ (bridge.c:2885)
    bridge_run (bridge.c:2940)
    main (ovs-vswitchd.c:120)

Address 0x7cb1020 is 144 bytes inside a block of size 1,144 free'd
    free (vg_replace_malloc.c:530)
    ofpbuf_resize__ (ofpbuf.c:246)
    ofpbuf_put (ofpbuf.c:386)
    nx_put_header__ (nx-match.c:1241)
    nxm_put__ (nx-match.c:697)
    oxm_put_field_array (nx-match.c:1226)
    ofputil_put_group_prop_ntr_selection_method (ofp-util.c:8305)
    ofputil_append_ofp15_group_desc_reply (ofp-util.c:8364)
    ofputil_append_group_desc_reply (ofp-util.c:8392)
    append_group_desc (ofproto.c:6262)

Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Joe Stringer <joe@ovn.org>
2016-03-07 11:08:07 -08:00
Jarno Rajahalme
06d4d4b687 ofp: Add support for bundles extension in OpenFlow 1.3.
ONF Extension 230 adds support for OpenFlow 1.4 bundles to OpenFlow
1.3.  Supporting this allows OpenFlow 1.3 controllers to start using
bundles.  Also the ovs-ofctl '--bundle' option can now be used with
OpenFlow 1.3.

Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
2016-02-29 11:40:45 -08:00
Saloni Jain
6c6eedc5d6 Implement OFPT_TABLE_STATUS Message.
On change in a table state, the controller needs to be informed with
the OFPT_TABLE_STATUS message. The message is sent with reason
OFPTR_VACANCY_DOWN or OFPTR_VACANCY_UP in case of change in remaining
space eventually crossing any one of the threshold.

Signed-off-by: Saloni Jain <saloni.jain@tcs.com>
Co-authored-by: Rishi Bamba <rishi.bamba@tcs.com>
Signed-off-by: Rishi Bamba <rishi.bamba@tcs.com>
[blp@ovn.org added vacancy event initialization and tests
 and updated NEWS]
Signed-off-by: Ben Pfaff <blp@ovn.org>
2016-02-24 10:55:07 -08:00
Ben Pfaff
77ab5fd2a9 Implement serializing the state of packet traversal in "continuations".
One purpose of OpenFlow packet-in messages is to allow a controller to
interpose on the path of a packet through the flow tables.  If, for
example, the controller needs to modify a packet in some way that the
switch doesn't directly support, the controller should be able to
program the switch to send it the packet, then modify the packet and
send it back to the switch to continue through the flow table.

That's the theory.  In practice, this doesn't work with any but the
simplest flow tables.  Packet-in messages simply don't include enough
context to allow the flow table traversal to continue.  For example:

    * Via "resubmit" actions, an Open vSwitch packet can have an
      effective "call stack", but a packet-in can't describe it, and
      so it would be lost.

    * A packet-in can't preserve the stack used by NXAST_PUSH and
      NXAST_POP actions.

    * A packet-in can't preserve the OpenFlow 1.1+ action set.

    * A packet-in can't preserve the state of Open vSwitch mirroring
      or connection tracking.

This commit introduces a solution called "continuations".  A continuation
is the state of a packet's traversal through OpenFlow flow tables.  A
"controller" action with the "pause" flag, which is newly implemented in
this commit, generates a continuation and sends it to the OpenFlow
controller in a packet-in asynchronous message (only NXT_PACKET_IN2
supports continuations, so the controller must configure them with
NXT_SET_PACKET_IN_FORMAT).  The controller processes the packet-in,
possibly modifying some of its data, and sends it back to the switch with
an NXT_RESUME request, which causes flow table traversal to continue.  In
principle, a single packet can be paused and resumed multiple times.

Another way to look at it is:

    - "pause" is an extension of the existing OFPAT_CONTROLLER
      action.  It sends the packet to the controller, with full
      pipeline context (some of which is switch implementation
      dependent, and may thus vary from switch to switch).

    - A continuation is an extension of OFPT_PACKET_IN, allowing for
      implementation dependent metadata.

    - NXT_RESUME is an extension of OFPT_PACKET_OUT, with the
      semantics that the pipeline processing is continued with the
      original translation context from where it was left at the time
      it was paused.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>
2016-02-19 16:15:45 -08:00
Ben Pfaff
bdcad671e0 Support userdata in NXT_PACKET_IN2.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>
2016-02-19 16:15:45 -08:00
Ben Pfaff
4adaf1828a ofp-util: Rename struct ofputil_packet_in member 'len' to 'packet_len'.
An upcoming commit will introduce another member that has a length, and
it seems weird that bare 'len' would be one or the other.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>
2016-02-19 16:15:44 -08:00
Ben Pfaff
6409e0083d Implement new packet-in format NXT_PACKET_IN2.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>
2016-02-19 16:15:44 -08:00
Ben Pfaff
95022b4735 ofp-util: Remove 'const' from struct ofputil_packet_in's 'packet' member.
It's not const in all cases so it doesn't entirely make sense to mark
it const here.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>
2016-02-19 16:15:44 -08:00
Ben Pfaff
0a2869d524 ofpbuf: New function ofpbuf_const_initializer().
A number of times I've looked at code and thought that it would be easier
to understand if I could write an initializer instead of
ofpbuf_use_const().  This commit adds a function for that purpose and
adapts a lot of code to use it, in the places where I thought it made
the code better.

In theory this could improve code generation since the new function can
be inlined whereas ofpbuf_use_const() isn't.  But I guess that's probably
insignificant; the intent of this change is code readability.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>
2016-02-19 16:15:44 -08:00
Ben Pfaff
667bb1fbf9 ofp-util: Make decoding switch features harder to misuse (and fix leak).
Until now, ofputil_decode_switch_features() has put the ports from the
switch features message into a separate ofpbuf supplied as an argument.
The natural desire for a caller is to just reuse an ofpbuf that it already
has, and that's what one of the callers did.  This however has the
nonobvious effect of leaking the memory that the ofpbuf previously owned,
since it gets replaced by an OFPBUF_CONST-type ofpbuf.

This commit avoids the problem by changing the interface to pull the
header from an ofpbuf that the caller already has.

This fixes a leak in testcase 909 "ofproto-dpif - patch ports".

Found by valgrind.

Reported-by: William Tu <u9012063@gmail.com>
Reported-at: http://openvswitch.org/pipermail/dev/2016-January/064771.html
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Andy Zhou <azhou@ovn.org>
2016-01-20 21:53:22 -08:00
Ben Pfaff
9bfe933472 openflow: Better abstract handling of packet-in messages.
Packet-in messages have been a bit of a mess.  First, their abstraction
in the form of struct ofputil_packet_in has some fields that are used
in a clear way for incoming and outgoing packet-ins, and others
(packet_len, total_len, buffer_id) have have confusing meanings or
usage pattern depending on their direction.

Second, it's very confusing how a packet-in has both a reason (OFPR_*)
and a miss type (OFPROTO_PACKET_IN_*) and how those add up to the
actual reason that is used "on the wire" for each OpenFlow version (and
even whether the packet-in is sent at all!).

Finally, there's all kind of low-level detail randomly scattered between
connmgr, ofproto-dpif-xlate, and ofp-util.

This commit attempts to clear up some of the confusion.  It simplifies
the struct ofputil_packet_in abstraction by removing the members that
didn't have a clear and consistent meaning between incoming and outgoing
packet-ins.  It gets rid of OFPROTO_PACKET_IN_*, instead adding a couple
of nonstandard OFPR_* reasons that add up to what OFPROTO_PACKET_IN_*
was meant to say (in what I hope is a clearer way).  And it consolidates
the tricky parts into ofp-util, where I hope it will be easier to
understand all in one place.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>
2016-01-20 09:57:16 -08:00
Ben Pfaff
43948fa5a6 openflow: Get rid of struct ofp13_packet_in.
It's actually harder to parse OF1.2/OF1.3 "packet-in" messages when
ofp13_packet_in is involved than when the code just realizes that
ofp13_packet_in = ofp12_packet_in + cookie.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>
2016-01-20 09:50:20 -08:00
Ben Pfaff
af7bc161f5 ofp-util: Add function to encode OFPT_SET_ASYNC messages.
This isn't used yet but it will be in future commits.

This also looks forward to supporting Open vSwitch extensions to OAM_*,
which will be coming up soon.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>
2016-01-20 09:49:06 -08:00