Before this fix, in order to build with jemalloc,
I had to hijack DATAPATH_CONFIGURE_OPTS:
debian/rules -e DATAPATH_CONFIGURE_OPTS="LIBS=-ljemalloc"
Now it is possible to:
debian/rules -e EXTRA_CONFIGURE_OPTS="LIBS=-ljemalloc"
Signed-off-by: Shahar Klein <sklein@nvidia.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
The ovs-kmod-manage.sh script will run weak-updates even on newer
release kernels installing a non-compatible or un-runnable kernel
module.
Update the script to never install weak-updates onto kernels with
newer major release versions.
VMware-BZ: #2717283
Signed-off-by: Greg Rose <gvrose8192@gmail.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
The script itself says which versions the script is needed for but
it is run on RHEL 8.x as well where it is not needed. Disable the
warning and change the exit code to zero since it may unnecessarily
alarm users and is really only for debugging anyway.
Signed-off-by: Greg Rose <gvrose8192@gmail.com>
Acked-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
Previously auto load balance did not trigger a reassignment when
there was any cross-numa polling as an rxq could be polled from a
different numa after reassign and it could impact estimates.
In the case where there is only one numa with pmds available, the
same numa will always poll before and after reassignment, so estimates
are valid. Allow PMD auto load balance to trigger a reassignment in
this case.
Acked-by: Eelco Chaudron <echaudro@redhat.com>
Acked-by: David Marchand <david.marchand@redhat.com>
Tested-by: Sunil Pai G <sunil.pai.g@intel.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Signed-off-by: Kevin Traynor <ktraynor@redhat.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
Upstream kernel now rejects unsupported ct_state flags.
Earlier kernels, ignored it but still echoed back the requested ct_state,
if ct_state was supported. ct_state initial support had trk, new, est,
and rel flags.
If kernel echos back ct_state, assume support for trk, new, est, and
rel. If kernel rejects a specific unsupported flag, continue and
use reject mechanisim to probe for flags rep and inv.
Disallow inserting rules with unnsupported ct_state flags.
Signed-off-by: Paul Blakey <paulb@nvidia.com>
Acked-by: Roi Dayan <roid@nvidia.com>
Reviewed-by: Marcelo Ricardo Leitner <marcelo.leitner@gmail.com>
Signed-off-by: Simon Horman <simon.horman@netronome.com>
The Python IDL notification mechanism was sending a notification
for each processed update in a transaction as it was processed.
This causes issues with multi-row changes that contain references
to each other.
For example, if a Logical_Router_Port is created along with a
Gateway_Chassis, and the LRP.gateway_chassis set to that GC, then
when the notify() passes the CREATE event for the LRP, the GC will
not yet have been processed, so __getattr__ when _uuid_to_row fails
to find the GC, will return the default value for LRP.gateway_chassis
which is [].
This patch has the process_update methods return the notifications
that would be produced when a row changes, so they can be queued
and sent after all rows have been processed.
Fixes: d7d417fcddf9 ("Allow subclasses of Idl to define a notification hook")
Signed-off-by: Terry Wilson <twilson@redhat.com>
Acked-by: Brian Haley <haleyb.dev@gmail.com>
Acked-by: Dumitru Ceara <dceara@redhat.com>
Tested-by: Flavio Fernandes <flavio@flaviof.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
Userspace datapath relies on fact that every datapath flow has exact
match on the in_port, but flows without in_port match could be
added directly via dpctl commands. Even though dpctl is a debug
interface, datapath should just reject such flows instead of
crashing on assertion.
Fix the following crash and add a unit test for this issue
to tests/dpif-netdev.at:
$ ovs-appctl dpctl/add-flow "eth(),eth_type(0x0800),ipv4()" "3"
unixctl|WARN|error communicating with unix:ovs-vswitchd.ctl: End of file
ovs-appctl: ovs-vswitchd: transaction error (End of file)
ovs-vswitchd.log record:
util(ovs-vswitchd)|EMER|lib/dpif-netdev.c:3638:
assertion match->wc.masks.in_port.odp_port == ODPP_NONE failed
in dp_netdev_flow_add()
daemon_unix(monitor)|ERR|2 crashes: pid 1995 died, killed (Aborted),
core dumped, restarting
Fix result:
$ ovs-appctl dpctl/add-flow "eth(),eth_type(0x0800),ipv4()" "3"
ovs-vswitchd: updating flow table (Invalid argument)
ovs-appctl: ovs-vswitchd: server returned an error
ovs-vswitchd.log record:
dpif_netdev|ERR|failed to put[create] flow: in_port is not an exact match
dpif|WARN|netdev@ovs-netdev: failed to put[create] (Invalid argument)
ufid:7e...d1 eth(src=00..00,dst=00..00),eth_type(0x0800),
ipv4(src=0.0.0.0/0.0.0.0,dst=0.0.0.0/0.0.0.0,proto=0/0,tos=0/0,ttl=0/0), actions:3
Signed-off-by: Mao YingMing <maoyingming@baidu.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
ovs-ctl determines the system FQDN or hostname and records it in
the `external-ids:hostname` field of the `Open-vSwitch` table on
system startup if it is not already set.
This value may be consumed by downstream software and having it
unset or set to a incorrect value could lead to erratic behavior
of a system.
When a system is configured to use an Open vSwitch controlled
datapath as its only network connection, the current ordering of
events would always record a unreliable hostname.
To tackle this problem this patch adds an optional argument that
allows starting Open vSwitch without recording the hostname in
the database as well as a new ctl command to record the hostname
separately. This command can be called by the system startup
scripts when the system is ready to collect and record this
information.
Reported-At: https://bugs.launchpad.net/bugs/1915829
Signed-off-by: Frode Nordahl <frode.nordahl@canonical.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
Fix the example use case based on the decription.
EIR and CIR are measured in bytes/sec and considered 64-byte
IP packets size withtout 14-byte Ethernet header.
So fix the 1000pps example by: (64 - 14) * 1000 = 50,000
If the frame includes 4-byte FCS header, then it's
(64 - 14 - 4) * 1000 = 46,000
Fixes: e61bdffc2a98 ("netdev-dpdk: Add new DPDK RFC 4115 egress policer")
Signed-off-by: William Tu <u9012063@gmail.com>
Acked-by: Eelco Chaudron <echaudro@redhat.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
This command will stop sending and receiving any RAFT-related
traffic or accepting new connections. Useful to simulate
network problems between cluster members.
There is no unit test that uses it yet, but it's convenient for
manual testing.
Acked-by: Han Zhou <hzhou@ovn.org>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
If election times out for a server in 'candidate' role it sets
'candidate_retrying' flag that notifies that storage is disconnected
and client should re-connect. However, cluster/status command
reports 'Status: cluster member' and that is misleading.
Reporting "disconnected from the cluster (election timeout)" instead.
Reported-by: Carlos Goncalves <cgoncalves@redhat.com>
Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=1929690
Fixes: 1b1d2e6daa56 ("ovsdb: Introduce experimental support for clustered databases.")
Acked-by: Han Zhou <hzhou@ovn.org>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
It's not enough to just have heartbeats.
RAFT heartbeats are unidirectional, i.e. leader sends them to followers
but not the other way around. Missing heartbeats provokes followers to
start election, but if leader will not receive any replies it will not
do anything while there is a quorum, i.e. there are enough other
servers to make decisions.
This leads to situation that while TCP connection is established,
leader will continue to blindly send messages to it. In our case this
leads to growing send backlog. Connection will be terminated
eventually due to excessive send backlog, but this this might take a
lot of time and wasted process memory. At the same time 'candidate'
will continue to send vote requests to the dead connection on its
side.
To fix that we need to reintroduce inactivity probes that will drop
connection if there was no incoming traffic for a long time and remote
server doesn't reply to the "echo" request. Probe interval might be
chosen based on an election timeout to avoid issues described in commit
db5a066c17bd.
Reported-by: Carlos Goncalves <cgoncalves@redhat.com>
Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=1929690
Fixes: db5a066c17bd ("raft: Disable RAFT jsonrpc inactivity probe.")
Acked-by: Han Zhou <hzhou@ovn.org>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
ovsdb_cs_send_transaction() returns the pointer to the same
'request_id' object that is used internally. This leads to
situation where transaction in idl and CS module has the
same 'request_id' object. However, CS module is able to
destroy this transaction id at any time, e.g. if connection
state chnaged, but idl transaction might be still around at
this moment and application might still use it.
Found by running 'make check-ovsdb-cluster' with AddressSanitizer:
==79922==ERROR: AddressSanitizer: heap-use-after-free on address
0x604000167a98 at pc 0x000000626acf bp 0x7ffcdb38a4c0 sp 0x7ffcdb38a4b8
READ of size 8 at 0x604000167a98 thread T0
#0 0x626ace in json_destroy lib/json.c:354:18
#1 0x56d1ab in ovsdb_idl_txn_destroy lib/ovsdb-idl.c:2528:5
#2 0x53a908 in do_vsctl utilities/ovs-vsctl.c:3008:5
#3 0x539251 in main utilities/ovs-vsctl.c:203:17
#4 0x7f7f7e376081 in __libc_start_main (/lib64/libc.so.6+0x27081)
#5 0x461fed in _start (utilities/ovs-vsctl+0x461fed)
0x604000167a98 is located 8 bytes inside of 40-byte
region [0x604000167a90,0x604000167ab8)
freed by thread T0 here:
#0 0x503ac7 in free (utilities/ovs-vsctl+0x503ac7)
#1 0x626aae in json_destroy lib/json.c:378:9
#2 0x6adfa2 in ovsdb_cs_run lib/ovsdb-cs.c:625:13
#3 0x567731 in ovsdb_idl_run lib/ovsdb-idl.c:394:5
#4 0x56fed1 in ovsdb_idl_txn_commit_block lib/ovsdb-idl.c:3187:9
#5 0x53a4df in do_vsctl utilities/ovs-vsctl.c:2898:14
#6 0x539251 in main utilities/ovs-vsctl.c:203:17
#7 0x7f7f7e376081 in __libc_start_main
previously allocated by thread T0 here:
#0 0x503dcf in malloc (utilities/ovs-vsctl+0x503dcf)
#1 0x594656 in xmalloc lib/util.c:138:15
#2 0x626431 in json_create lib/json.c:1451:25
#3 0x626972 in json_integer_create lib/json.c:263:25
#4 0x62da0f in jsonrpc_create_id lib/jsonrpc.c:563:12
#5 0x62d9a8 in jsonrpc_create_request lib/jsonrpc.c:570:23
#6 0x6af3a6 in ovsdb_cs_send_transaction lib/ovsdb-cs.c:1357:35
#7 0x56e3d5 in ovsdb_idl_txn_commit lib/ovsdb-idl.c:3147:27
#8 0x56fea9 in ovsdb_idl_txn_commit_block lib/ovsdb-idl.c:3186:22
#9 0x53a4df in do_vsctl utilities/ovs-vsctl.c:2898:14
#10 0x539251 in main utilities/ovs-vsctl.c:203:17
#11 0x7f7f7e376081 in __libc_start_main
Fixes: 1c337c43ac1c ("ovsdb-idl: Break into two layers.")
Acked-by: Dumitru Ceara <dceara@redhat.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
Previously, only chain 0 is deleted before attach the ingress block.
If there are rules on the chain other than 0, these rules are not flushed.
In this case, the recreation of qdisc also fails. To fix this issue, flush
rules from all chains.
Signed-off-by: Jianbo Liu <jianbol@nvidia.com>
Reviewed-by: Roi Dayan <roid@nvidia.com>
Signed-off-by: Simon Horman <simon.horman@netronome.com>
ovs-vswitchd could crash under these circumstances:
1. When one bridge is being destroyed, ofproto_destroy() is called and
connmgr pointer of its ofproto struct is nullified. This ofproto struct is
deallocated through 'ovsrcu_postpone(ofproto_destroy_defer__, p);'.
2. Before RCU enters quiesce state to actually free this ofproto struct,
revalidator thread calls udpif_revalidator(), which could handle
a learn flow and calls ofproto_flow_mod_learn(), it later calls
ofmonitor_report() and ofproto struct's connmgr pointer is accessed.
The crash stack trace is shown below:
0 ofmonitor_report (mgr=0x0, rule=0x7f..30, event=NXFME_ADDED,
reason=OFPRR_IDLE_TIMEOUT, abbrev_ofconn=0x0, abbrev_xid=0, old_actions=0x0)
at ofproto/connmgr.c:2160
1 add_flow_finish (ofproto=0x55..b0, ofm=<optimized out>, req=0x0)
at ofproto/ofproto.c:5221
2 modify_flows_finish (req=0x0, ofm=0x7f..f0, ofproto=0x55..b0)
at ofproto/ofproto.c:5823
3 ofproto_flow_mod_finish (ofproto=0x55..b0, ofm=0x7f..f0, req=0x0)
at ofproto/ofproto.c:8088
4 ofproto_flow_mod_learn_finish (ofm=0x7f..f0, orig_ofproto=0x0)
at ofproto/ofproto.c:5439
5 ofproto_flow_mod_learn (ofm=0x7f..f0, keep_ref=true, below_limitp=0x0)
at ofproto/ofproto.c:5499
6 xlate_push_stats_entry (entry=0x7f..48, stats=0x7f..10, offloaded=false)
at ofproto/ofproto-dpif-xlate-cache.c:127
7 xlate_push_stats (xcache=<optimized out>, stats=0x7f..10, offloaded=false)
at ofproto/ofproto-dpif-xlate-cache.c:181
8 revalidate_ukey (udpif=0x55..40, ukey=0x7f..60, stats=0x7f..18,
odp_actions=0x7f..50, reval_seq=5655486242,
recircs=0x7f..40, offloaded=false)
at ofproto/ofproto-dpif-upcall.c:2294
9 revalidate at ofproto/ofproto-dpif-upcall.c:2683
10 udpif_revalidator at ofproto/ofproto-dpif-upcall.c:936
11 ovsthread_wrapper at lib/ovs-thread.c:423
12 start_thread () from /usr/lib64/libpthread.so.0
13 clone () from /usr/lib64/libc.so.6
At the time of crash, the involved ofproto was already deallocated:
(gdb) print *ofproto
$1 = ..., name = 0x55d907602820 "nsx-managed", ..., ports = {...,
one = 0x0, mask = 63, n = 0}, ..., connmgr = 0x0, ...
This patch fixes it.
VMware-BZ: #2700626
Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com>
Acked-by: William Tu < u9012063@gmail.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
When you try to specify `SERVER` to the 'ovsdb-client needs-conversion'
command, it interprets the `SERVER` parameter as the path to the schema
and returns an error.
This PR fixes it.
Fixes: 1b1d2e6daa56 ("ovsdb: Introduce experimental support for clustered databases.")
Submitted-at: https://github.com/openvswitch/ovs/pull/347
Signed-off-by: Alexey Roytman <roytman@il.ibm.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
The database is now called "_Server" so look for that instead of
"Open_vSwitch".
Signed-off-by: Alin Gabriel Serdean <aserdean@ovn.org>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
Remove one extra space. No actual code logic changed.
Fixes: 2109841b79845 ("Use batch process recv for tap and raw socket in netdev datapath")
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
Since commit 79eadafeb1b4 udpif_stop_threads() doesn't delete datapath
flows while called from udpif_destroy(). This means that ukeys are
not cleaned up either. So, hash maps in udpif->ukeys[] might still
contain valid pointers to ukeys that should be destroyed before
destroying the hash map itself:
==2783089==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 1560 byte(s) in 1 object(s) allocated from:
# 0 0x7f8a57eae667 in __interceptor_malloc (/lib64/libasan.so.6+0xb0667)
# 1 0x8411f6 in xmalloc lib/util.c:138
# 2 0x4d8a52 in ukey_create__ ofproto/ofproto-dpif-upcall.c:1682
# 3 0x4d99e3 in ukey_create_from_upcall ofproto/ofproto-dpif-upcall.c:1751
# 4 0x4d517d in upcall_xlate ofproto/ofproto-dpif-upcall.c:1242
# 5 0x4d63d2 in process_upcall ofproto/ofproto-dpif-upcall.c:1414
# 6 0x4d29f3 in recv_upcalls ofproto/ofproto-dpif-upcall.c:833
# 7 0x4d1ee1 in udpif_upcall_handler ofproto/ofproto-dpif-upcall.c:750
# 8 0x795aa2 in ovsthread_wrapper lib/ovs-thread.c:383
# 9 0x7f8a57a59431 in start_thread (/lib64/libpthread.so.0+0x9431)
Fixes: 79eadafeb1b4 ("ofproto: Do not delete datapath flows on exit by default.")
Reported-by: Dumitru Ceara <dceara@redhat.com>
Acked-by: William Tu <u9012063@gmail.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
'distcheck' target builds the whole OVS, but for some reason we're
running it in a single-threaded mode. Running in parallel saves
a couple of minutes.
Acked-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
This commit is based on a similar one from OVN by Dumitru Ceara:
a429b24f7bf5 ("ci: Enable AddressSanitizer in Linux clang CI test runs.")
It's useful to run testsuite with address sanitizer enabled to catch
memory leaks and invalid memory accesses. Skipping re-check if
AddressSanitizer reports are present in the test run directory to
not lose them.
Right now OVS has no memory leaks detected on a testsuite run with -O1.
With -O2 there are few false-positive leak reports in test-ovsdb
application, so not using this optimization level for now. For the
same reason not enabling leak detection by default for everyone.
Enabled only in CI.
AddressSanitizer increases execution time for this job from ~12 to ~16
minutes, but it looks like a reasonable sacrifice.
Acked-by: Dumitru Ceara <dceara@redhat.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
While decoding RAW_ENCAP action, decode_ed_prop() might re-allocate
ofpbuf if there is no enough space left. However, function
'decode_NXAST_RAW_ENCAP' continues to use old pointer to 'encap'
structure leading to write-after-free and incorrect decoding.
==3549105==ERROR: AddressSanitizer: heap-use-after-free on address
0x60600000011a at pc 0x0000005f6cc6 bp 0x7ffc3a2d4410 sp 0x7ffc3a2d4408
WRITE of size 2 at 0x60600000011a thread T0
#0 0x5f6cc5 in decode_NXAST_RAW_ENCAP lib/ofp-actions.c:4461:20
#1 0x5f0551 in ofpact_decode ./lib/ofp-actions.inc2:4777:16
#2 0x5ed17c in ofpacts_decode lib/ofp-actions.c:7752:21
#3 0x5eba9a in ofpacts_pull_openflow_actions__ lib/ofp-actions.c:7791:13
#4 0x5eb9fc in ofpacts_pull_openflow_actions lib/ofp-actions.c:7835:12
#5 0x64bb8b in ofputil_decode_packet_out lib/ofp-packet.c:1113:17
#6 0x65b6f4 in ofp_print_packet_out lib/ofp-print.c:148:13
#7 0x659e3f in ofp_to_string__ lib/ofp-print.c:1029:16
#8 0x659b24 in ofp_to_string lib/ofp-print.c:1244:21
#9 0x65a28c in ofp_print lib/ofp-print.c:1288:28
#10 0x540d11 in ofctl_ofp_parse utilities/ovs-ofctl.c:2814:9
#11 0x564228 in ovs_cmdl_run_command__ lib/command-line.c:247:17
#12 0x56408a in ovs_cmdl_run_command lib/command-line.c:278:5
#13 0x5391ae in main utilities/ovs-ofctl.c:179:9
#14 0x7f6911ce9081 in __libc_start_main (/lib64/libc.so.6+0x27081)
#15 0x461fed in _start (utilities/ovs-ofctl+0x461fed)
Fix that by getting a new pointer before using.
Credit to OSS-Fuzz.
Fuzzer regression test will fail only with AddressSanitizer enabled.
Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27851
Fixes: f839892a206a ("OF support and translation of generic encap and decap")
Acked-by: William Tu <u9012063@gmail.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
At present the log displays the auto load balance state
everytime it is changed.
There are some cases where the user will try to enable
auto load balance, but it cannot be enabled because not
enough PMDs or RxQs. As the state does not change, there
is no new log of the state.
While the the last log report of state is still correct,
it is better to log the state again at this point so the
user can explicitly confirm the outcome of their request.
Signed-off-by: Kevin Traynor <ktraynor@redhat.com>
Signed-off-by: Ian Stokes <ian.stokes@intel.com>
Update the docs to remove the previously hardcoded values
and mention the load and improvement thresholds when
describing the operation of auto load balance.
Fixes: 62ab5594c20c ("dpif-netdev: Add parameters to configure PMD auto load balance.")
Signed-off-by: Kevin Traynor <ktraynor@redhat.com>
Acked-by: Ilya Maximets <i.maximets@ovn.org>
Signed-off-by: Ian Stokes <ian.stokes@intel.com>
FreeBSD 12.1 reached EOL and our builds are failing on Cirrus CI.
Updating to 12.2 - current production release.
Acked-by: Flavio Leitner <fbl@sysclose.org>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
Although not required, padding can be optionally added until
the packet length is MTU bytes. A packet with extra padding
currently fails sanity checks.
Vulnerability: CVE-2020-35498
Fixes: fa8d9001a624 ("miniflow_extract: Properly handle small IP packets.")
Reported-by: Joakim Hindersson <joakim.hindersson@elastx.se>
Acked-by: Ilya Maximets <i.maximets@ovn.org>
Signed-off-by: Flavio Leitner <fbl@sysclose.org>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
Now OvS supports building with dpdk 20.11, and uses
the '--with-dpdk=shared' option in fedora.spec. Then
change version of dpdk 17.05.1 to 20.11.
Note that dpdk-devel-20.11.x is not released in fedora
distro, but use '20.11' is fine.
Fixes: 252e1e576443 ("dpdk: Update to use DPDK v20.11.")
Signed-off-by: Tonghao Zhang <xiangxia.m.yue@gmail.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
This patch adds an RPMBUILD_OPT so that user can enable
AF_XDP support in the rpm package by:
$ make rpm-fedora RPMBUILD_OPT="--with afxdp"
Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
Acked-by: William Tu <u9012063@gmail.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
TC flower doesn't support some ct state flags such as
INVALID/SNAT/DNAT/REPLY. So it is better to reject this rule.
Fixes: 576126a931cd ("netdev-offload-tc: Add conntrack support")
Signed-off-by: wenxu <wenxu@ucloud.cn>
Reviewed-by: Marcelo Ricardo Leitner <mleitner@redhat.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
Some manpages are generated from rST, but these are not included
in 'dist-docs' make target.
Fixes: fd0837a76f4c ("doc: Convert ovs-vlan-test to rST")
Acked-by: Ben Pfaff <blp@ovn.org>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
I would have found these useful for the OVN tests. The {in} operator
is the same as {<=}, but it's still useful to have the alternate syntax
because most of the time we think of set inclusion separately from
set subsets. The {not-in} operator is different from any existing
operator though.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Ilya Maximets <i.maximets@ovn.org>
Fix the reported back value of the bos mask used by the revalidator
threads.
Fixes: 34b1695506f8 ("lib/tc: add single mpls match offload support")
Reported-by: Marcelo Leitner <mleitner@redhat.com>
Signed-off-by: Eelco Chaudron <echaudro@redhat.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
The calculation in tcp_reader_run() failed to account for L2 padding.
This fixes the problem, by moving the existing function
tcp_payload_length() from a conntrack private header file into
dp-packet.h and renaming it to suit the dp_packet style.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Ilya Maximets <i.maximets@ovn.org>
With DPDK 20.11, meson and pkgconfig are used instead of the old
Makefile-based system and so --with-dpdk option is changed to only
accept shared or static instead of the directory.
This commit uses --with-dpdk=shared since Fedora and RHEL ship shared
libraries of DPDK.
Fixes: 252e1e576443 ("dpdk: Update to use DPDK v20.11.")
Signed-off-by: Timothy Redaelli <tredaelli@redhat.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
The stop_daemon no longer takes second argument after
commit f3e24610ea18 ("Remove OVN.").
Fixes: f3e24610ea18 ("Remove OVN.")
Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
shinfo is used to store reference counter and free callback
of an external buffer, but it is stored in mbuf if the mbuf
has tailroom for it.
This is wrong because the mbuf (and its data) can be freed
before the external buffer, for example:
pkt2 = rte_pktmbuf_alloc(mp);
rte_pktmbuf_attach(pkt2, pkt);
rte_pktmbuf_free(pkt);
After this, pkt is freed, but it still contains shinfo, which
is referenced by pkt2.
This sequence of operations is possible inside DPDK e.g., while
performing TSO operations for 'net_tap' PMD.
Fix this by always storing shinfo at the tail of external buffer.
Fixes: 29cf9c1b3b9c ("userspace: Add TCP Segmentation Offload support")
Co-authored-by: Olivier Matz <olivier.matz@6wind.com>
Signed-off-by: Olivier Matz <olivier.matz@6wind.com>
Signed-off-by: Yi Yang <yangyi01@inspur.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
