mir/ovs
2
0
Fork 0
mirror of https://github.com/openvswitch/ovs synced 2025-08-31 06:15:47 +00:00
Code Issues Releases Wiki Activity

lib/tc: Avoid matching on tunnel ttl or tos if not needed

Browse Source 
The tunnel ttl key is not masked when provided to the tc lib, hence we
wrongly attempted to match on it, when we got non zero ttl key with a zero
mask. Fix it by applying the mask. Use the same practice for the tunnel tos.

Fixes: dd83253e11 ('lib/tc: Support matching on ip tunnel tos and ttl')
Signed-off-by: Or Gerlitz <ogerlitz@mellanox.com>
Reported-by: Eli Britstein <elibr@mellanox.com>
Reviewed-by: Roi Dayan <roid@mellanox.com>
Signed-off-by: Simon Horman <simon.horman@netronome.com>
This commit is contained in:
Or Gerlitz
2018-09-06 13:52:26 +03:00
committed by Simon Horman
parent 105e8179ce
commit 49a7961fca
2 changed files with 19 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
lib/netdev-tc-offloads.c
View File

@@ -511,10 +511,12 @@ parse_tc_flower_to_match(struct tc_flower *flower,
match_set_tun_ipv6_dst(match, &flower->key.tunnel.ipv6.ipv6_dst);
}
if (flower->key.tunnel.tos) {
match_set_tun_tos(match, flower->key.tunnel.tos);
match_set_tun_tos_masked(match, flower->key.tunnel.tos,
flower->mask.tunnel.tos);
}
if (flower->key.tunnel.ttl) {
match_set_tun_ttl(match, flower->key.tunnel.ttl);
match_set_tun_ttl_masked(match, flower->key.tunnel.ttl,
flower->mask.tunnel.ttl);
}
if (flower->key.tunnel.tp_dst) {
match_set_tun_tp_dst(match, flower->key.tunnel.tp_dst);
@@ -939,6 +941,7 @@ netdev_tc_flow_put(struct netdev *netdev, struct match *match,
const struct flow *key = &match->flow;
struct flow *mask = &match->wc.masks;
const struct flow_tnl *tnl = &match->flow.tunnel;
const struct flow_tnl *tnl_mask = &mask->tunnel;
struct tc_action *action;
uint32_t block_id = 0;
struct nlattr *nla;
@@ -973,6 +976,8 @@ netdev_tc_flow_put(struct netdev *netdev, struct match *match,
flower.key.tunnel.ttl = tnl->ip_ttl;
flower.key.tunnel.tp_src = tnl->tp_src;
flower.key.tunnel.tp_dst = tnl->tp_dst;
flower.mask.tunnel.tos = tnl_mask->ip_tos;
flower.mask.tunnel.ttl = tnl_mask->ip_ttl;
flower.tunnel = true;
}
memset(&mask->tunnel, 0, sizeof mask->tunnel);

16
lib/tc.c
View File

@@ -415,13 +415,17 @@ nl_parse_flower_tunnel(struct nlattr **attrs, struct tc_flower *flower)
flower->key.tunnel.tp_dst =
nl_attr_get_be16(attrs[TCA_FLOWER_KEY_ENC_UDP_DST_PORT]);
}
if (attrs[TCA_FLOWER_KEY_ENC_IP_TOS]) {
if (attrs[TCA_FLOWER_KEY_ENC_IP_TOS_MASK]) {
flower->key.tunnel.tos =
nl_attr_get_u8(attrs[TCA_FLOWER_KEY_ENC_IP_TOS]);
flower->mask.tunnel.tos =
nl_attr_get_u8(attrs[TCA_FLOWER_KEY_ENC_IP_TOS_MASK]);
}
if (attrs[TCA_FLOWER_KEY_ENC_IP_TTL]) {
if (attrs[TCA_FLOWER_KEY_ENC_IP_TTL_MASK]) {
flower->key.tunnel.ttl =
nl_attr_get_u8(attrs[TCA_FLOWER_KEY_ENC_IP_TTL]);
flower->mask.tunnel.ttl =
nl_attr_get_u8(attrs[TCA_FLOWER_KEY_ENC_IP_TTL_MASK]);
}
}
@@ -1623,6 +1627,8 @@ nl_msg_put_flower_tunnel(struct ofpbuf *request, struct tc_flower *flower)
ovs_be32 id = be64_to_be32(flower->key.tunnel.id);
uint8_t tos = flower->key.tunnel.tos;
uint8_t ttl = flower->key.tunnel.ttl;
uint8_t tos_mask = flower->mask.tunnel.tos;
uint8_t ttl_mask = flower->mask.tunnel.ttl;
if (ipv4_dst) {
nl_msg_put_be32(request, TCA_FLOWER_KEY_ENC_IPV4_SRC, ipv4_src);
@@ -1631,11 +1637,13 @@ nl_msg_put_flower_tunnel(struct ofpbuf *request, struct tc_flower *flower)
nl_msg_put_in6_addr(request, TCA_FLOWER_KEY_ENC_IPV6_SRC, ipv6_src);
nl_msg_put_in6_addr(request, TCA_FLOWER_KEY_ENC_IPV6_DST, ipv6_dst);
}
if (tos) {
if (tos_mask) {
nl_msg_put_u8(request, TCA_FLOWER_KEY_ENC_IP_TOS, tos);
nl_msg_put_u8(request, TCA_FLOWER_KEY_ENC_IP_TOS_MASK, tos_mask);
}
if (ttl) {
if (ttl_mask) {
nl_msg_put_u8(request, TCA_FLOWER_KEY_ENC_IP_TTL, ttl);
nl_msg_put_u8(request, TCA_FLOWER_KEY_ENC_IP_TTL_MASK, ttl_mask);
}
nl_msg_put_be16(request, TCA_FLOWER_KEY_ENC_UDP_DST_PORT, tp_dst);
nl_msg_put_be32(request, TCA_FLOWER_KEY_ENC_KEY_ID, id);