On Windows the file which is used for the named pipe connection (`punix:file`)
is not deleted when the process is closed.
Try to delete the `controller` file and fail if we can't (on Windows you can't
delete a file if there still an opened handle to it).
Also add a check to see if the `ovs-testcontroller` was successfully started.
Signed-off-by: Alin Gabriel Serdean <aserdean@ovn.org>
Acked-by: Sairam Venugopal <vsairam@vmware.com>
This patch puts a limit on the nested depth in flow key string to avoid
stackoverflow. An example to show this issue is a key string contains
thousands of nested encaps. In addition, a new test is added for this fix.
Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11149
Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Configure L2 dynamic address according to used IPv4 address.
This patch allows to define a deterministic relationship between
L2 and L3 addresses when dynamic IPAM is used.
This patch allows to fix a possible L2/L3 address mismatch than can
occur when pods are created and destroyed at high rate [1] since if
there is no relation between MAC and IP addresses ARP cache can be
poisoned with a wrong correspondence
[1] https://bugzilla.redhat.com/show_bug.cgi?id=1626217
Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Add the possibility to specify a given mac address prefix for
dynamically generated mac address. Mac address prefix can be
specified in nbdb NB_Global table, options:mac_prefix=<mac_prefix>
This patch fix a possible issue of L2 address duplication if
multiple OVN deployments share a single broadcast domain
Acked-by: Mark Michelson <mmichels@redhat.com>
Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Somehow some such patches snuck through. checkpatch caught them (and the
committer missed that) but this makes it even more explicit.
Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Left shift int (1 here) can result in a negative value. This is an undefined
behavior according to ISO C99 (6.5.7).
The error message reported by oss-fuzz is:
runtime error: left shift of 1 by 31 places cannot be represented in type 'int'
This patch fixes it by changing signed int to unsigned int.
Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11166
Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
OpenFlow table feature replies contain a per-table bitmap that indicates
which tables a flow can point to in goto_table actions. OpenFlow requires
that a table only be able to go to higher-numbered tables. This means that
a switch that is general as possible will always have different features
for every table, since each one will have a different bitmap. This makes
the output of "ovs-ofctl dump-table-features" pretty long and ugly because
it has about 250 entries like this:
table %d:
metadata: match=0xffffffffffffffff write=0xffffffffffffffff
max_entries=%d
instructions (table miss and others):
next tables: %d-253
(same instructions)
(same actions)
(same matching)
This commit changes the logic that prints table features messages so that
it considers two sequentially numbered tables to be the same if only the
bit that necessarily must be tunred off changes. This reduces the hundreds
of entries above to just:
tables 1...253: ditto
which is so much more readable.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
Before this patch, most dump-table-stats outputs would contain about
250 lines of the form:
table #: ditto
With this patch, they have one line like this:
tables 2...254: ditto
which is much easier to read.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
Backported OFPT14_REQUESTFORWARD to OF1.0-1.3.
OF 1.0-1.2 use an NXT Nicira extension while OF 1.3
uses an ONF extension (ONF version is specified in a
previously published ONF spec sheet).
Includes ofp-print tests for multiple inner message
types, and multiple OF versions including the NXT and ONF.
Also includes more end-to-end ofproto tests for both
NXT OF1.0 and also ONF OF1.3.
VMware-BZ: 2136594
Signed-off-by: Zak Whittington <zwhitt.vmware@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
When parse_ofp_flow_mod_str returns error, `fm` is incomplete and pointers
in it may be null, e.g. fm.match.flow. In this case, passing it to
ofctl_parse_flows__ may cause pointer errors because ofctl_parse_flows__
expects a valid input of type struct ofputil_flow_mod.
Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11110
Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
This patch adds a new target called ofctl_parse_target to
ossfuzz. The main idea is to begin to fuzz APIs from the ofctl utility
program. At a later point, these may be added. For the moment, this patch
only fuzzes APIs that parse flow mod commands.
This target is demonstrably capable of finding memory corruption defects
in the parsing path. To aid the fuzzing process, a dictionary file
containing tokens specific to this parsing path have been added.
Signed-off-by: Bhargava Shastry <bshastry@sect.tu-berlin.de>
Signed-off-by: Ben Pfaff <blp@ovn.org>
We see the below trace when a port is added to a bridge and the configured
controller is down
0x00007fb002f8b207 in raise () from /lib64/libc.so.6
0x00007fb002f8c8f8 in abort () from /lib64/libc.so.6
0x00007fb004953026 in ofputil_protocol_to_ofp_version () from /lib64/libopenvswitch-2.10.so.0
0x00007fb00494e38e in ofputil_encode_port_status () from /lib64/libopenvswitch-2.10.so.0
0x00007fb004ef1c5b in connmgr_send_port_status () from /lib64/libofproto-2.10.so.0
0x00007fb004efa9f4 in ofport_install () from /lib64/libofproto-2.10.so.0
0x00007fb004efbfb2 in update_port () from /lib64/libofproto-2.10.so.0
0x00007fb004efc7f9 in ofproto_port_add () from /lib64/libofproto-2.10.so.0
0x0000556d540a3f95 in bridge_add_ports__ ()
0x0000556d540a5a47 in bridge_reconfigure ()
0x0000556d540a9199 in bridge_run ()
0x0000556d540a02a5 in main ()
The abort is because of ofputil_protocol_to_ofp_version() is called with invalid
protocol - OFPUTIL_P_NONE. Please see [1] for more details. Similar aborts are
seen as reported in [2].
The commit [3] changed the behavior of the function rconn_get_version().
Before the commit [3], the function ofconn_receives_async_msg() would always
return false if the connection to the controller was down, since
rconn_get_version() used to return -1. This patch now checks the rconn
connection status in ofconn_receives_async_msg() and returns false if not
connected. This would avoid the aborts seen in the above stack trace.
The issue can be reproduced by running the test added in this patch
without the fix.
[1] - https://bugzilla.redhat.com/show_bug.cgi?id=1640045
[2] - https://bugzilla.redhat.com/show_bug.cgi?id=1637926
[3] - 476d2551ab ("rconn: Introduce new invariant to fix assertion failure in corner case.")
Signed-off-by: Numan Siddique <nusiddiq@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Eelco Chaudron <echaudro@redhat.com>
Lines splitted without '\' and the second line is never executed.
Fixes: b10d46a600 ("tests: Check dpif-netdev odp_actions consistency.")
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Signed-off-by: Ian Stokes <ian.stokes@intel.com>
Add buffering support for IPv4/IPv6 packets that will be processed
by arp{}/nd_ns{} action when L2 address is not discovered yet since
otherwise the packet will be substituted with an ARP/Neighbor
Solicitation frame and this will result in the lost of the first
packet of the connection.
Moreover fix following automatic tests broken by ip-buffering support
since now original ip packets are transmitted by OVN logical
router:
- ovn -- 3 HVs, 3 LS, 3 lports/LS, 1 LR
- ovn -- /32 router IP address
Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Dummy ports started out down and hardly any of the tests ever brought them
up. This led to some odd test results and caused problems for testing with
controllers that didn't bother with ports that were down, like recent
versions of Faucet. There doesn't seem to be a big reason for them to be
down by default, so this commit changes them to be up by default. It also
updates the tests to match the new behavior.
Reported-by: Brad Cowie <brad@cowie.nz>
Reported-at: https://mail.openvswitch.org/pipermail/ovs-discuss/2018-August/047234.html
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Numan Siddique <nusididq@redhat.com>
When the status of a port changes, ofproto calls into connmgr to notify
controllers. Sometimes, particular changes are only visible to controllers
running specific versions of OpenFlow. Until now, OVS would send those
controllers duplicate port status notifications. This is unnecessary and
somewhat confusing. This commit eliminates it.
This commit updates one of the tests not to expect duplicate notifications.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Numan Siddique <nusididq@redhat.com>
This reverts commit 2e5cdb4b13. With the
commit applied, testing with only a single CPU core, e.g. by running "make
check" under "taskset -c 2", test '2649: ovn -- 3 HVs, 3 LS, 3 lports/LS, 1
LR' fails, apparently reliably.
The commit should be re-applied once the issue with the test is worked out.
Reported-by: Ilya Maximets <i.maximets@samsung.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
This reverts commit a7be68a4d7
and a subsequent commit 4617d1f6bd.
There are too many issues with these patches. It's better to revert
them for now and make a separate fixed versions later if needed.
List of issues (maybe not full):
1. 'make clean' removes entire 'python' directory.
2. Fully broken Travis-CI testsuite build:
building 'ovs._json' extension
creating build/temp.linux-x86_64-2.7
error: could not create 'build/temp.linux-x86_64-2.7': \
Permission denied
https://travis-ci.org/openvswitch/ovs/jobs/440693765
3. Broken local testsuite build on Ubuntu 18.04:
running build_ext
building 'ovs._json' extension
creating build/temp.linux-x86_64-3.6
creating build/temp.linux-x86_64-3.6/ovs
<...>
/usr/bin/ld: .libs/libopenvswitch.a(util.o): \
relocation R_X86_64_TPOFF32 against `var.7749' can not be \
used when making a shared object; recompile with -fPIC
<...>
collect2: error: ld returned 1 exit status
4. Fedora build failure because of 'setuptools' ('distutils')
hard dependency on 'redhat-rpm-config' package:
building 'ovs._json' extension
<...>
gcc: error: <...>/redhat-hardened-cc1: No such file or directory
5. Looks like 'setuptools' also could download and install
unwanted python modules during package build.
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
This adds a few unit tests to the 'check-dpdk' subsystem that will
exercise allocations of two network namespaces, PMDs, and the
vhost-user and vhost-user-client code path(separate tests).
As part of the tests, userspace bridge is added and attached to OVS.
Also, the tap devices created are added to the network namespaces.
The ultimatum is to connect the two network namespaces by pinging them.
Signed-off-by: Bala Sankaran <bsankara@redhat.com>
Co-authored-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Aaron Conole <aconole@redhat.com>
Acked-by: Tiago Lam <tiago.lam@intel.com>
Signed-off-by: Ian Stokes <ian.stokes@intel.com>
When multiple users run the DPDK testsuite their dependence on /tmp
will cause conflicts. Use the RUNDIR as a dynamic path to overcome
this.
NOTE: This still doesn't solve the dependency on /var/run that
DPDK requires.
Signed-off-by: Bala Sankaran <bsankara@redhat.com>
Co-authored-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Ian Stokes <ian.stokes@intel.com>
The default marker for sed commands according to the manual is /, but this
is inconvenient when working with paths. The solution is either to escape
all instances of / or use sed's \cREGEXc feature.
Signed-off-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Ian Stokes <ian.stokes@intel.com>
Some VM configurations result in CPU flags that cause warnings to be issued by
the DPDK libraries. When these warnings are issued, the tests will fail.
This commit adds the unreliable tsc warning to the list of ignored warnings.
Signed-off-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Ian Stokes <ian.stokes@intel.com>
A failure is quite harsh in this scenario. It's better to
simply skip all the tests and let the user look at the logs
to understand the missing hugepages.
Signed-off-by: Bala Sankaran <bsankara@redhat.com>
Co-authored-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Ian Stokes <ian.stokes@intel.com>
This allows a system that doesn't have a dedicated DPDK nic to
execute some DPDK tests. In this fashion, tests that operate on
virtual ports (such as dpdkvhostuserclient) can be executed in
a wider set of environments.
Signed-off-by: Aaron Conole <aconole@redhat.com>
Co-authored-by: Bala Sankaran <bsankara@redhat.com>
Signed-off-by: Bala Sankaran <bsankara@redhat.com>
Signed-off-by: Ian Stokes <ian.stokes@intel.com>
The C JSON parser was added quite a while ago, but unless you
configure with --enable-shared and have the Python 2/3 development
libraries installed, and the resulting python-ovs module installed,
'make check' won't actually test it.
This patch changes Python-based tests to run from the
$builddir/python directory and makes the tests configurable to use
both JSON backends. There are some unicode failures in the C JSON
extension that I left unfixed in this patch to make it easy to
show run the new tests on broken code. The next patch in this set
works around the issue.
Signed-off-by: Terry Wilson <twilson@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Lucas Alvares Gomes <lucasagomes@gmail.com>
This adds the following commands:
pg-add: Add a new port group, optionally adding switch ports at
creation.
pg-set-ports: Sets the logical switch ports on a port group
pg-del: Remove a port group.
The main motivation for these commands is that it allows for adding
logical switch ports by name rather than UUID.
Signed-off-by: Mark Michelson <mmichels@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
With this commit the users can override the default values of
the BFD params - min_rx, min_tx, decay_min_rx and mult if desired.
This can be useful to debug any issues related to BFD (like
frequent BFD state changes).
A new column 'options' is added in NB_Global and SB_Global tables
of OVN_Northbound and OVN_Southbound schemas respectively. CMS
can define the options 'bfd-min-rx', 'bfd-min-tx',
'bfd-decay-min-rx' and 'bfd-mult' in the options column of
NB_Global table row. ovn-northd copies these options from
NB_Global to SB_Global. ovn-controller configures these
options to the tunnel interfaces when enabling BFD.
When BFD is disabled, this patch now clears the 'bfd' column
of the interface row, instead of setting 'enable=false'.
Signed-off-by: Numan Siddique <nusiddiq@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
OVN expression syntax does not allow a literal empty value set, like {}.
Rather, any literal value set has to have at least one value. However,
value sets that originate from address sets or from port groups can be
empty. In such a case, == and != comparisons are allowed but < <= >= >
should be errors. The actual implementation failed to properly disallow
the latter and instead tried to access the first element of the value set,
a bad read. This fixes the problem.
Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10731
Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10767
Signed-off-by: Ben Pfaff <blp@ovn.org>
Reviewed-by: Yifeng Sun <pkusunyifeng@gmail.com>
When 'dhcpv6_stateless' is configured on the logical router ports,
the client will send DHCPv6 information request message type (using
dhclient -6 -S) to get additional options like dns-server. This
patch supports this option. Ideally we should have supported this
option when the DHCPv6 support was added.
Signed-off-by: Numan Siddique <nusiddiq@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
This patch checks the depth of nested parentheses to prevent
stack overflow. Since is_chassis_resident doesn't allow
nested parentheses, its following parentheses are not taken
into acount in the parentheses-depth context.
Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10714
Signed-off-by: Yifeng Sun <pkusunyifeng@gmail.com>
Suggested-by: Ben Pfaff <blp@ovn.org>
Signed-off-by: Ben Pfaff <blp@ovn.org>
When a container port is created inside a VM, the below kernel message
is seen and IPv6 doesn't work on that interface.
[ 138.000753] IPv6: vlan4: IPv6 duplicate address <IPv6 LLA> detected!
When a container port sends a ethernet broadcast packet, OVN delivers the same
packet back to the child port (and hence the DAD check fails).
This is because
- 'MLF_ALLOW_LOOPBACK_BIT' is set in REG10 in table 0 for the packets received
from any child port.
- for ethernet broadcast packets, Table 33 (OFTABLE_LOCAL_OUTPUT) clones the
packet for every local port 'P' which belongs to the same datapath i.e
'P'->REG15, resubmit(,34)
- If REG14 and REG15 are same, Table 34 (OFTABLE_CHECK_LOOPBACK) drops the packet
if 'MLF_ALLOW_LOOPBACK_BIT' is not set.
- But in the case of container ports, this bit will be set and hence doesn't gets
dropped and eventually gets delivered to the source container port.
- The VM's kernel thinks its a DAD packet. The latest kernels (4.19) implements
the RFC -7527 (enhanced DAD), but it is still a problem for older kernels.
This patch fixes the issue by using a new register bit (MLF_NESTED_CONTAINER_BIT)
instead of 'MLF_ALLOW_LOOPBACK_BIT' and sets it in REG10 for the packets received
from child ports so that Table 34 drops the packet for the source port.
Signed-off-by: Numan Siddique <nusiddiq@redhat.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
The biggest motivation is a massive (7-10x) increase in fuzzing
speed. Prior to the refactoring, we were doing roughly 900 executions
per second on flow_extract_target. Now, we are doing roughly 6000
executions per second on the flow_extract_target and roughly 9000
executions per second on the new miniflow_target.
Moving forward, creating micro fuzz targets that are really fast is a
better strategy. Since all these micro targets can be scheduled in
parallel by oss-fuzz, the test throughput increases by a non-trivial
amount.
Signed-off-by: Bhargava Shastry <bshastry@sect.tu-berlin.de>
Signed-off-by: Ben Pfaff <blp@ovn.org>
This patch fixes a bug in the following test harnesses
- odp_target.c
- expr_parse_target.c
The bug is as follows:
We expect the fuzzed input to be a C string that does not contain a new
line character. This is because, the test code in OvS is built on
expecting string to not have a newline character (see for instance,
calls to ds_get_line() in test-odp.c etc.).
The way we ensure fuzzed data is such a C string is as follows:
- Check size > 1 AND
- Check data[size - 1] is '\0' (NUL termination) AND
- Check that there is no '\n' in the C string that starts at data
The third check is implemented using strchr. Our earlier logic was that,
were the C string to contain '\n', strchr would have a non-zero return
that can then be used to bail out early.
The problem with this logic is that it does not consider the corner case
when data actually points to two or more C strings, like so:
\x01\x00\x0a\0x00
For this data sequence, strchr correctly returns "there is no newline
character" (in the first C string that is part of the sequence).
But the data that is eventually passed to the fuzzed API
is the entire sequence of strings that may contain a new line in
between.
This patch fixes the bug by adding an additional check:
- Check length of C string pointed to by data is actually equal to one
less than (due to NUL termination) size.
This ensures that we are passing one and only one C string not
containing new line character to the fuzzed APIs.
Signed-off-by: Bhargava Shastry <bshastry@sect.tu-berlin.de>
Signed-off-by: Ben Pfaff <blp@ovn.org>
When ovn-nbctl is running in daemon mode, nbctl_client attempts to parse
table formatting options. The problem is that this then removes the table
formatting options from the array of options passed to the server loop. The
server loop resets the table formatting options to the defaults and then
attempts again to parse table formatting options. Unfortunately, they aren't
present any longer. The result is that tables are always formatted with
the default style.
This patch solves the issue by not parsing the table formatting options
in nbctl_client. Instead, the table formatting options are passed to the
server loop and parsed there instead.
Signed-off-by: Mark Michelson <mmichels@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Table formatting has a local static integer that is intended to insert
line breaks between tables. This works exactly as intended, as long as
each call to table_format() is done as a single unit within the run of a
process.
When ovn-nbctl is run in daemon mode, it is a long-running process that
makes multiple calls to table_format() throughout its lifetime. After
the first call, this results in an unexpected newline prepended to table
output on each subsequent ovn-nbctl invocation.
The solution is to introduce a function to reset table formatting. This
way, the first time after resetting table formatting, no newline is
prepended.
Signed-off-by: Mark Michelson <mmichels@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
The patch address vswitchd crash when it receives NXT_RESUME with geneve
tunnel metadata. The crash is due to segmentation fault with the
following stack trace, and it is observed only in kernel datapath.
A test is added to prevent regression.
Thread 1 "ovs-vswitchd" received signal SIGSEGV, Segmentation fault.
0 0x00007fcffd0c5412 in tun_metadata_to_geneve__ (flow=flow@entry=0x7ffcb7106680, b=b@entry=0x7ffcb70eb5a8, crit_opt=crit_opt@entry=0x7ffcb70eb287)
at lib/tun-metadata.c:676
1 0x00007fcffd0c6858 in tun_metadata_to_geneve_nlattr_flow (b=0x7ffcb70eb5a8, flow=0x7ffcb7106638) at lib/tun-metadata.c:706
2 tun_metadata_to_geneve_nlattr (tun=tun@entry=0x7ffcb7106638, flow=flow@entry=0x7ffcb7106638, key=key@entry=0x0, b=b@entry=0x7ffcb70eb5a8)
at lib/tun-metadata.c:810
3 0x00007fcffd048464 in tun_key_to_attr (a=a@entry=0x7ffcb70eb5a8, tun_key=tun_key@entry=0x7ffcb7106638, tun_flow_key=tun_flow_key@entry=0x7ffcb7106638,
key_buf=key_buf@entry=0x0, tnl_type=<optimized out>, tnl_type@entry=0x0) at lib/odp-util.c:2886
4 0x00007fcffd0551cf in odp_key_from_dp_packet (buf=buf@entry=0x7ffcb70eb5a8, packet=0x7ffcb7106590) at lib/odp-util.c:5909
5 0x00007fcffd0d7870 in dpif_netlink_encode_execute (buf=0x7ffcb70eb5a8, d_exec=0x7ffcb7106428, dp_ifindex=<optimized out>) at lib/dpif-netlink.c:1873
6 dpif_netlink_operate__ (dpif=dpif@entry=0xe65e00, ops=ops@entry=0x7ffcb7106418, n_ops=n_ops@entry=1) at lib/dpif-netlink.c:1959
7 0x00007fcffd0d842e in dpif_netlink_operate_chunks (n_ops=1, ops=0x7ffcb7106418, dpif=<optimized out>) at lib/dpif-netlink.c:2258
8 dpif_netlink_operate (dpif_=0xe65e00, ops=<optimized out>, n_ops=<optimized out>) at lib/dpif-netlink.c:2294
9 0x00007fcffd014680 in dpif_operate (dpif=<optimized out>, ops=<optimized out>, ops@entry=0x7ffcb7106418, n_ops=n_ops@entry=1) at lib/dpif.c:1359
10 0x00007fcffd014c58 in dpif_execute (dpif=<optimized out>, execute=execute@entry=0x7ffcb71064e0) at lib/dpif.c:1324
11 0x00007fcffd40d3e6 in nxt_resume (ofproto_=0xe6af50, pin=0x7ffcb7107150) at ofproto/ofproto-dpif.c:4885
12 0x00007fcffd3f88c3 in handle_nxt_resume (ofconn=ofconn@entry=0xf8c8f0, oh=oh@entry=0xf7ebd0) at ofproto/ofproto.c:3612
13 0x00007fcffd404a3b in handle_openflow__ (msg=0xeac460, ofconn=0xf8c8f0) at ofproto/ofproto.c:8137
14 handle_openflow (ofconn=0xf8c8f0, ofp_msg=0xeac460) at ofproto/ofproto.c:8258
15 0x00007fcffd3f4653 in ofconn_run (handle_openflow=0x7fcffd4046f0 <handle_openflow>, ofconn=0xf8c8f0) at ofproto/connmgr.c:1432
16 connmgr_run (mgr=0xe422f0, handle_openflow=handle_openflow@entry=0x7fcffd4046f0 <handle_openflow>) at ofproto/connmgr.c:363
17 0x00007fcffd3fdc76 in ofproto_run (p=0xe6af50) at ofproto/ofproto.c:1821
18 0x000000000040ca94 in bridge_run__ () at vswitchd/bridge.c:2939
19 0x0000000000411d44 in bridge_run () at vswitchd/bridge.c:2997
20 0x00000000004094fd in main (argc=12, argv=0x7ffcb71085b8) at vswitchd/ovs-vswitchd.c:119
VMWare-BZ: #2210216
Signed-off-by: Yi-Hung Wei <yihung.wei@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Add buffering support for IPv4/IPv6 packets that will be processed
by arp{}/nd_ns{} action when L2 address is not discovered yet since
otherwise the packet will be substituted with an ARP/Neighbor
Solicitation frame and this will result in the lost of the first
packet of the connection.
Moreover fix following automatic tests broken by ip-buffering support
since now original ip packets are transmitted by OVN logical
router:
- ovn -- 3 HVs, 3 LS, 3 lports/LS, 1 LR
- ovn -- /32 router IP address
Signed-off-by: Lorenzo Bianconi <lorenzo.bianconi@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
PCAP header magic numbers are different for microsecond and nanosecond
resolution timestamps. This patch adds support for understanding the
difference and reporting the time correctly with ovs_pcap_read().
When writing pcap files, OVS will always use microsecond resolution, so
no new calculations were added to those functions.
Signed-off-by: Mark Michelson <mmichels@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
"must have exactly one member" is much better than "must have 1 to 1
members".
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
When relational comparisons against optional scalars were introduced, it
was meant to work only when the right-hand side of the comparison was a
scalar, not the empty set. The implementation wasn't that picky. This
commit fixes the problem.
CC: Terry Wilson <twilson@redhat.com>
Fixes: 09e256031a ("ovsdb: Allow comparison on optional scalar types")
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
Open vSwitch 2.4 introduced an OVSDB extension in which a column with
type optional integer or real could be compared with the operators <,
<=, >, and >=. At the same time, it broke the implementation of the
operators ==, !=, includes, and excludes on columns with the same types.
This fixes the problem.
Reported-by: Hans Ole Rafaelsen <hrafaelsen@gmail.com>
Reported-at: https://mail.openvswitch.org/pipermail/ovs-discuss/2018-September/047356.html
CC: Terry Wilson <twilson@redhat.com>
Fixes: 09e256031a ("ovsdb: Allow comparison on optional scalar types")
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
This patch adds a new oss-fuzz target for the ODP
parser. The target harness has been adapted from test-odp.c. Prominently, it
leaves out "parse_filter" due to an unresolvable bug in that code at the
time of writing.
It also includes the following:
- a fuzzing dictionary
- fuzzing config
- some automake additions for the new target
Signed-off-by: Bhargava Shastry <bshastry@sect.tu-berlin.de>
Signed-off-by: Ben Pfaff <blp@ovn.org>
The max_len field, which stipulates the maximum length of
fuzzed input to feed a fuzzer target, was set to 100 for
the ovn expr_parse_target.
In discussions with Ben, this was deemed too restrictive.
Google folks also suggested the removal of this option
since it cannot be uniformly passed on to all fuzzer
engines behind oss-fuzz.
For the future, the suggested way to limit the length of
fuzzed input is in the C code of the test harness itself.
Signed-off-by: Bhargava Shastry <bshastry@sect.tu-berlin.de>
Signed-off-by: Ben Pfaff <blp@ovn.org>
oss-fuzz options file must begin with a [libfuzzer] header.
This was missing in the expr_parse_target.options file which this
patch fixes.
Signed-off-by: Bhargava Shastry <bshastry@sect.tu-berlin.de>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Add a symmetric_l3 hash method that uses both network destination
address and network source address.
VMware-BZ: #2112940
Signed-off-by: Martin Xu <martinxu9.ovs@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
The fuzzer target, expr_parse_target.c, comprises test cases adapted
from test-ovn.c.
In addition, this patch contains configuration files for oss-fuzz,
including a dictionary, expr.dict, to aid quick path discovery and a
fuzzer configuration file that customises fuzzing for this target.
Prominently, the patch sets the maximum length of fuzzed input
(the string accepted by lexer/expression parser) to be up to 100
characters long not containing a newline character.
Signed-off-by: Bhargava Shastry <bshastry at sect.tu-berlin.de>
Signed-off-by: Ben Pfaff <blp@ovn.org>
