The purpose of the non-empty variant of vswitch_skb_checksum_setup is to
synchronise the proto_data_valid and proto_csum_blank fields into the
standard skb csum/ip_summed fields, therefore it is more correct to key
off of HAVE_PROTO_DATA_VALID.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
The Linux 'min' macro checks that its arguments have the same type, and
if not the compiler reports a message about incompatible pointer types.
On pre-2.6.24 kernels skb_headroom() returns int, so this code was
firing a warning:
unsigned headroom = max(min_headroom, skb_headroom(skb));
This commit makes skb_headroom() return an unsigned int regardless of
kernel version.
Commit 5ef800a69 "datapath: Copy Xen's checksumming fields when doing
skb_copy" should copy proto_data_valid between sk_buffs when that field
is present. However the check for CONFIG_XEN plus kernel version 2.6.18
isn't sufficient, because SLES 11 kernels are version 2.6.27 but do have
this field.
This commit adds a configure-time check for the presence of the member
instead of attempting to guess based on the kernel version.
Thanks to Ian Campbell for reporting this problem.
CC: <Ian.Campbell@citrix.com>
If we need to copy an sk_buff in order to make it writable, allow
the minimum headroom to be specified. This ensures that if we
need to add additional data, such as a VLAN tag, we will not have
to make a second copy.
Solves bug #2197 in certain situations.
Two fields that control checksumming were added to sk_buff in
Xen: proto_data_valid and proto_csum_blank. These fields are copied
when doing a skb_clone but not in other functions such as skb_copy,
which can lead to checksum errors in TCP and UDP when offloading is
enabled in the guest. To fix this we manually copy these fields,
though ideally this should be fixed upstream in Xen.
Bug #2299
Recent Debian kernel-header packages divide kernel headers into two
directories: the "common" headers that are not architecture-specific,
which go in a directory named like
/usr/src/kernel-headers-2.6.31-1-common,
and architecture-specific headers in a directory named, e.g.
/usr/src/kernel-headers-2.6.31-1-686.
OVS needs to look at the ones in the "common" directory as part of its
configuration process, but the build directory provided on --with-l26 is
the architecture-specific directory. We also need the
architecture-specific directory, since it is the one that we use as part
of the "make", so we can't simply make the user specify the common
directory on --with-l26. Furthermore, there is no easy-to-see link
between the two directories, except as part of the text in a Makefile,
which is not the easiest language to parse.
This commit attempts to kluge around the problem by using the Debian
directory naming. If the build directory does not contain the headers,
then we replace the last component of its name by "-common" and check
for the headers there. This is not ideal, but it does solve the actual
problem at hand.
Tested with Debian's linux-headers-2.6.31-1-686 and with a few older
sets of headers that do not use this scheme.
Add support to ovs-ofctl for modifying the network source and destination
IP address with the "mod_nw_src" and "mod_nw_dst" actions, respectively.
And support modifying the TCP/UDP source and destination ports with the
"mod_tp_src" and "mod_tp_dst" actions, respectively.
The function that translates OpenFlow actions into datapath actions was
missing definitions for OFPAT_SET_NW_DST and OFPAT_SET_TP_DST. This
meant those actions would not occur in the datapath.
When the set_tp_src or set_tp_dst action is used, the calculation for
where the checksum is located was wrong. This caused the checksum to
not be updated and packet corruption in the bad offset.
The variable "socket_name" contains the name of the unix domain socket
to be used for communicating with the OVS process. If the target does
not begin with a "/", the socket name is determined based on a pidfile.
A shadow copy of "socket_name" was kept in the block that looks at the
pidfile, which would cause the function-level one to not be set. This
removes that shadow copy.
Until this commit, ovsdb-server would send off echo requests when the
connection became idle, but then it would terminate the connection when
the reply arrived, because it didn't recognize that it was a reply to its
own request (!).
Before this commit, "ovsdb-server --detach" would detach after it opened
the database file, which meant that the child process did not hold the
file lock on the database file (because a forked child process does not
inherit its parents' locks). This commit fixes the problem by making
ovsdb-server open the database only after it has detached. This fix, in
turn, required that daemonize() not chdir to /, because this would break
databases whose names are given relative to the current directory, and so
this commit also changes ovsdb-server to do so later.
An upcoming commit will add support for replicating tables across JSON-RPC
connection. As a prerequisite ovsdb itself must support basic replication.
This commit adds that support and then reimplements the ovsdb file storage
in terms of that replication.
JSON-RPC requires that "params" be an array, but we weren't observing this
properly in the ovsdb specifications or code.
Thanks to Jeremy Stribling for pointing out the problem.
Rules keep track of their creation and last used time. When a sub-rule
is updated, it wasn't updating the time of its super-rule. This commit
fixes that behavior.
Thanks to Jesse Gross for the help tracking this down.
By default, ovs-openflowd was not listening for any management
connections. Tools such as ovs-ofctl attempt to use a default location
based on the datapath name. This change creates that default listener.
We were reporting flow expirations for the hidden exact match flows
with the stats set to zero. These are an implementation detail and
can confuse controllers, so don't report them.
CC: David Erickson <derickso@stanford.edu>
When a rule is revalidated and the actions change don't lump all
the stats together. This will clear the stats in the datapath
and send a NetFlow expiration message. This could already happen
before in certain circumstances so this change makes it more
consistent.
As part of the Open Sourcing of xapi (the XenServer toolstack) via the
XenCloud project (announcement in [0]). The upstream versions of
interface-reconfigure and the vif hotplug script have been re-licensed
under an LGPL v2.1 + exception license. The exception applies to other
files in the upstream repository and doesn't particularly make sense for
these scripts but it is included to maintain the uniformity of the
license for the upstream repository.
This patch synchronises the licenses headers on those scripts with the
upstream version. Since those headers refer to a file called LICENSE in
the upstream repository I have included a copy here, slightly modified
to indicate precisely which files it applies to.
Git shows[1] that only myself and Nicira employees have made
modifications to these scripts in the openvswitch repository. The
licensing change has been okayed by Keith Amidon on behalf of Nicira.
Signed-off-by: Ian Campbell <ian.campbell@citrix.com>
[0]
http://lists.xensource.com/archives/html/xen-devel/2009-11/msg00117.html
When a rule displaces another, we are supposed to credit the stats
for packets that have already been processed to the displaced rule
before we eject it from the datapath. However, we were instead
crediting the new rule.
This library implements the reconnection FSM used by the "rconn" library.
Therefore, it makes sense to change rconn to use this, and I have a patch
to do that, but I am not applying it at the moment to avoid changing unrelated
code on the "db" branch.
A function call using in_port was accidentally moved before the check
to see if it is null. in_port can be null if a port was deleted but
an update is still pending. This moves the call after the check.
Bug #2313
Update the learning table to keep it current with flows actually
going through the datapath. This ensures that entries do not age
out when they are actively being used.
Feature #2209
When a wildcarded flow is expired we remove all of the subrules to
collect their stats before sending a flow expiration message. However,
we were only removing exact match flows after the expiration message
is composed. This uninstalls it first.
CC: David Erickson <derickso@stanford.edu>
