POSIX defines this but it was missing from the OVS header file definitions
for "sparse".
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
This patch renames the command name related with geneve-map to a more
generic name as following:
add-geneve-map -> add-tlv-map
del-geneve-map -> del-tlv-map
dump-geneve-map -> dump-tlv-map
It also renames the Geneve_table to tlv_table.
By doing this renaming, the NSH variable context header (the same TLV
format as Geneve) or other protocol can reuse the field tun_metadata<N>
in the future.
Signed-off-by: Mengke Liu <mengke.liu@intel.com>
Signed-off-by: Ricky Li <ricky.li@intel.com>
Signed-off-by: Jesse Gross <jesse@kernel.org>
A previous commit fixed this code to match changes to the conntrack
state bit assignments. This patch further updates the code to use
the defined constants to ensure this code adapts automatically to any
possible future changes.
Signed-off-by: Russell Bryant <russell@ovn.org>
Requested-by: Joe Stringer <joe@ovn.org>
Acked-by: Joe Stringer <joe@ovn.org>
Fixes the following sparse warning messages:
lib/ovsdb-idl.c:146:12: error: symbol 'table_updates_names' was not
declared. Should it be static?
lib/ovsdb-idl.c:147:12: error: symbol 'table_update_names' was not
declared. Should it be static?
lib/ovsdb-idl.c:148:12: error: symbol 'row_update_names' was not
declared. Should it be static?
Reported-by: Joe Stringer <joe@ovn.org>
Signed-off-by: Andy Zhou <azhou@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
Acked-by: Joe Stringer <joe@ovn.org>
'struct ovs_list' comprises of two pointers to 'struct ovs_list'.
Use these in the cast rather than void*.
VMware-BZ: #1571356
Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
We needed this ASSERT earlier to catch unexpected cases. This code seems
to be fairly stable, and we can remove the ASSERT.
It is annoying to be hitting this ASSERT while changing the internal
adapter properties.
Signed-off-by: Nithin Raju <nithin@vmware.com>
Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Without "void", this is a pre-ANSI style function definition that has
subtly different semantics.
Found by sparse.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Andy Zhou <azhou@ovn.org>
Carlo was involved in the testing and validation processes of the Rapid
Spanning Tree Implementation.
I also updated the Copyright string in some files.
Signed-off by: Daniele Venturino <daniele.venturino@m3s.it>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Commit 43000bc (openvswitch.m4: Portability improvement), which introduced
a portability improvement, also introduces two bugs. This commit fixes
both bug, by adding the command for $SED 's' and changes to x86 for 32 bit
instead of x64.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Add test to make sure ovs-vswitchd fall back to use the
"monitor" method when connecting to an older ovsdb-server that
does not support "monitor2".
For testing backward compatibility, add an ovs-appctl command:
"ovsdb-server/disable-monitor2". This command will restart
all currently open jsonrpc connections, but without support for
'monitor2' JSON-RPC method for the new connections.
There is no corresponding enable command, since this feature is only
useful for testing. 'monitor2' will be available when ovsdb-server
restarts.
Signed-off-by: Andy Zhou <azhou@nicira.com>
Acked-by: Ben Pfaff <blp@ovn.org>
Add support for monitor2. When idl starts to run, monitor2 will be
attempted first. In case the server is an older version that does
not recognize monitor2. IDL will then fall back to use "monitor"
method.
Signed-off-by: Andy Zhou <azhou@nicira.com>
Acked-by: Ben Pfaff <blp@ovn.org>
Add monitor2 option to ovsdb-client. See ovsdb-client(1) manpage patch
for details.
Signed-off-by: Andy Zhou <azhou@nicira.com>
Acked-by: Ben Pfaff <blp@ovn.org>
ovsdb-server now accepts the new "monitor2" request. The next
patch will switch IDL to use monitor2 by default.
Signed-off-by: Andy Zhou <azhou@nicira.com>
Acked-by: Ben Pfaff <blp@ovn.org>
Add functions that can generate "update2" notification for a
"monitor2" session. "monitor2" and "update2" are RFC 7047 extensions
described by ovsdb-server(1) manpage. See the manpage changes
for more details.
Signed-off-by: Andy Zhou <azhou@nicira.com>
Acked-by: Ben Pfaff <blp@ovn.org>
When an OVSDB column change its value, it is more efficient to only
send what has changed, rather than sending the entire new copy.
This is analogous to software programmer send patches rather than
the entire source file.
For columns store a single element, the "diff" datum is the same
as the "new" datum.
For columns that store set or map, it is only necessary to send the
information about the elements changed (including addition or removal).
The "diff" for those types are all elements that are changed.
Those APIs are mainly used for implementing a new OVSDB server
"update2" JSON-RPC notification, which encodes modifications
of a column with the contents of those "diff"s. Later patch implements
the "update2" notification.
Signed-off-by: Andy Zhou <azhou@nicira.com>
Acked-by: Ben Pfaff <blp@ovn.org>
Added ovsdb_transient_datum_from_json() to avoid size check for
the diff datum that is transient in nature.
Suppose a datum contains set, and the max number of elements is 2.
If we are changing from set that contains [A, B], to a set contains
[C, D], the diff datum will contains 4 elements [A, B, C, D].
Thus diff datum should not be constrained by the size limit. However
the datum after diff is applied should not violate the size limit.
Signed-off-by: Andy Zhou <azhou@nicira.com>
Acked-by: Ben Pfaff <blp@ovn.org>
Since upstream and compat ip_tunnel structures are not same, we can not
use exported upstream functions.
Following patch blocks definitions which used ip_tunnel internal
structure. Function which do not depend on these structures are
allows by explicitly by defining it in the header files. e.g.
iptunnel_handle_offloads(), iptunnel_pull_header(). etc.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@kernel.org>
Same as ip_tunnel_get_iflink(), function ip_tunnel_get_link_net()
also depends on ip_tunnel structure. So this patch defines
compat implementation for same.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@kernel.org>
ip_tunnel_get_iflink() depends on ip_tunnel structure. But OVS
compat layer defines its own ip_tunnel structure which is not
compatible with all upstream kernel versions. Therefore we
can no use such function.
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@kernel.org>
This patch introduces the support for GRE TEB (trasparent ethernet bridging)
for the windows datapath.
The GRE support is based on http://tools.ietf.org/html/rfc2890, without
taking into account the GRE sequence, and it supports only the GRE protocol
type 6558 (trasparent ethernet bridging) like its linux counterpart.
Util.h: define the GRE pool tag
Vport.c/h: sort the includes alphabetically
add the function OvsFindTunnelVportByPortType which searches the
tunnelVportsArray for a given port type
Actions.c : sort the includes alphabetically
call the GRE encapsulation / decapsulation functions when needed
Gre.c/h : add GRE type defines
add initialization/cleanup functions
add encapsulation / decapsulation functions with software offloads
(hardware offloads will be added in a separate patch)
support
Tested using: PSPING
(https://technet.microsoft.com/en-us/sysinternals/psping.aspx)
(ICMP, TCP, UDP) with various packet lengths
IPERF3
(https://iperf.fr/iperf-download.php)
(TCP, UDP) with various options
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Acked-by: Nithin Raju <nithin@vmware.com>
Acked-by: Sorin Vinturis <svinturis@cloudbasesolutions.com>
Signed-off-by: Justin Pettit <jpettit@ovn.org>
The previous code processed the input file line by line, but I think
it looks a little more straight forward to just process the whole file
at once.
This patch also explicitly closes the file after reading its contents.
Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
Don't use "input" as a variable name, as input is a built-in Python
function.
Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
This patch includes a few minor fixes pointed out by the flake8 tool.
It drops an unused variable and the related imports, adds some blank
lines where the PEP8 formatting standard indicates they should be, and
does a comparison with None as "is None" instead of "== None".
Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
It's generally considered bad style to do a wildcard import. It makes
it more difficult to figure out where things come from.
Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
The usage() function was included twice. Drop the one that was out of
date.
Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
The physical input flows for child logical ports (for the
container-in-a-VM use case, for example) did not set a conntrack zone
ID. The previous code only allocated a zone ID for local VIFs and
missed doing it for child ports.
Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
This bug fix is not required for OVS use cases. But is it
nice to keep function consistent with upstream implementation.
Upstream commit:
Earlier patch 6ae459bda tried to detect void ckecksum partial
skb by comparing pull length to checksum offset. But it does
not work for all cases since checksum-offset depends on
updates to skb->data.
Following patch fixes it by validating checksum start offset
after skb-data pointer is updated. Negative value of checksum
offset start means there is no need to checksum.
Fixes: 6ae459bda ("skbuff: Fix skb checksum flag on skb pull")
Reported-by: Andrew Vagin <avagin@odin.com>
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Upstream: 31b33dfb0a1 ("skbuff: Fix skb checksum partial check");
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@kernel.org>
STT reassembly can generate list of packets. But it was
handled as a single skb. Following patch fixes it.
Fixes: e23775f20 ("datapath: Add support for lwtunnel").
Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@kernel.org>
Acked-by: Joe Stringer <joe@ovn.org>
This is an easy way to keep track of the features supported by the
different datapaths.
Nithin helped filling the list for the Hyper-V port.
CC: Nithin Raju <nithin@vmware.com>
Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
Acked-by: Ben Pfaff <blp@ovn.org>
Acked-by: Nithin Raju <nithin@vmware.com>
Acked-by: Justin Pettit <jpettit@ovn.org>
When converting between ODP attributes and struct flow_wildcards, we
check that all the prerequisites are exact matched on the mask.
For ND(ICMPv6) attributes, an exact match on tp_src and tp_dst
(which in this context are the icmp type and code) shold look like
htons(0xff), not htons(0xffff). Fix this in two places.
The consequences were that the ODP mask wouldn't include the ND
attributes and the flow would be deleted by the revalidation.
In the ODP context an empty mask netlink attribute usually means that
the flow should be an exact match.
odp_flow_key_to_mask{,_udpif}() instead return a struct flow_wildcards
with matches only on recirc_id and vlan_tci.
A more appropriate behavior is to handle a missing (zero length) netlink
mask specially (like we do in userspace and Linux datapath) and create
an exact match flow_wildcards from the original flow.
This fixes a bug in revalidate_ukey(): every flow created with
megaflows disabled would be revalidated away, because the mask would
seem too generic. (Another possible fix would be to handle the special
case of a missing mask in revalidate_ukey(), but this seems a more
generic solution).
commit_set_icmp_action() should do its job only if the packet is ICMP,
otherwise there will be two problems:
* A set ICMP action will be inserted in the ODP actions and the flow
will be slow pathed.
* The tp_src and tp_dst field will be unwildcarded.
Normal TCP or UDP packets won't be impacted, because
commit_set_icmp_action() is called after commit_set_port_action() and it
will see the fields as already committed (TCP/UCP transport ports and ICMP
code/type are stored in the same members in struct flow).
MPLS packets though will hit the bug, causing a nonsensical set action
(which will end up zeroing the transport source port) and an invalid
mask to be generated.
The commit also alters an MPLS testcase to trigger the bug.
We should match on the transport ports only if the tunnel has a UDP
header. It doesn't make sense to match on transport port for GRE
tunnels.
Also, to match on fragment bits we should use FLOW_NW_FRAG_MASK instead
of 0xFF. FLOW_NW_FRAG_MASK is what we get if we convert to the ODP
netlink format and back.
Adding the correct masks in the tunnel router classifier helps in making
sure that the translation generates masks that respect prerequisites.
If the mask has some fields that do not respect prerequisites, the flow
will get deleted by revalidation, because translating to ODP format and
back will generate a more generic mask, which will be perceived as too
generic (compared with the one generated by the translation).
If there's no actual packet (e.g. during revalidation),
execute_controller_action() exits right away, without calling
xlate_commit_actions().
xlate_commit_actions() might have an influence on slow_path reason
(which is included in the generated ODP actions), meaning that the
revalidation will not generate the same actions than the original
translation.
Fix the problem by making execute_controller_action() call
xlate_commit_actions() even without a packet.
Previously this was only done when connlabels were enabled in the kernel
config, even if the functions didn't exist. Fix the compile error.
Fixes: d70a6ff5d40d ("datapath: Define nf_connlabels_{put,get}.")
Reported-by: Simon Horman <simon.horman@netronome.com>
Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Pravin B Shelar <pshelar@nicira.com>
If userspace executes ct(zone=1), and the connection tracker determines
that the packet is invalid, then the ct_zone flow key field is populated
with the default zone rather than the zone that was specified. Even
though connection tracking failed, this field should be updated with the
value that userspace specified. Fix the issue.
Fixes: a94ebc3999 ("datapath: Add conntrack action")
Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Pravin B Shelar <pshelar@nicira.com>
Document the use of the Fixes header to refer to a commit that
introduced a bug being fixed.
Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Joe Stringer <joe@ovn.org>
The OVN symbol table contained outdated mappings between connection
states and the corresponding bit in the ct_state field. This patch
updates the symbol table with the proper values as defined in
lib/packets.h.
Signed-off-by: Russell Bryant <russell@ovn.org>
Fixes: 63bc9fb1c6 ("packets: Reorder CS_* flags to remove gap.")
Acked-by: Joe Stringer <joe@ovn.org>
Having a coverage counter tracking the value of the internal seq_next
should help in debugging.
Suggested-by: Justin Pettit <jpettit@ovn.org>
Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
On Hyper-V, we currently don't validate a flow to see if datapath can
indeed execute all the actions specified or not. While support for it
gets implemented, an ASSERT seems too strong. I'm working on the support
for actions validation. Here's a workaround in the meantime to help
debugging.
Signed-off-by: Nithin Raju <nithin@vmware.com>
Acked-by: Sairam Venugopal <vsairam@vmware.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
