X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=blobdiff_plain;f=lib%2Fofp-util.c;h=11b0f159ec805a053d8208ed79019f0aefa39576;hb=97d6520bea3b779d1acee7b1b2fd8ed60269078f;hp=df3377ae90e9315310d6934f0354a0189e1ed34e;hpb=a368bb53d9769ae42042e122775672ac9546e3f9;p=openvswitch diff --git a/lib/ofp-util.c b/lib/ofp-util.c index df3377ae..11b0f159 100644 --- a/lib/ofp-util.c +++ b/lib/ofp-util.c @@ -18,6 +18,8 @@ #include "ofp-print.h" #include #include +#include +#include #include #include #include "autopath.h" @@ -25,6 +27,7 @@ #include "byte-order.h" #include "classifier.h" #include "dynamic-string.h" +#include "learn.h" #include "multipath.h" #include "nx-match.h" #include "ofp-errors.h" @@ -59,22 +62,12 @@ ofputil_wcbits_to_netmask(int wcbits) } /* Given the IP netmask 'netmask', returns the number of bits of the IP address - * that it wildcards. 'netmask' must be a CIDR netmask (see ip_is_cidr()). */ + * that it wildcards, that is, the number of 0-bits in 'netmask'. 'netmask' + * must be a CIDR netmask (see ip_is_cidr()). */ int ofputil_netmask_to_wcbits(ovs_be32 netmask) { - assert(ip_is_cidr(netmask)); -#if __GNUC__ >= 4 - return netmask == htonl(0) ? 32 : __builtin_ctz(ntohl(netmask)); -#else - int wcbits; - - for (wcbits = 32; netmask; wcbits--) { - netmask &= netmask - 1; - } - - return wcbits; -#endif + return 32 - ip_count_cidr_bits(netmask); } /* A list of the FWW_* and OFPFW_ bits that have the same value, meaning, and @@ -108,16 +101,22 @@ static const flow_wildcards_t WC_INVARIANTS = 0 void ofputil_wildcard_from_openflow(uint32_t ofpfw, struct flow_wildcards *wc) { + BUILD_ASSERT_DECL(FLOW_WC_SEQ == 7); + /* Initialize most of rule->wc. */ flow_wildcards_init_catchall(wc); wc->wildcards = (OVS_FORCE flow_wildcards_t) ofpfw & WC_INVARIANTS; /* Wildcard fields that aren't defined by ofp_match or tun_id. */ - wc->wildcards |= (FWW_ARP_SHA | FWW_ARP_THA | FWW_ND_TARGET); + wc->wildcards |= (FWW_ARP_SHA | FWW_ARP_THA | FWW_NW_ECN | FWW_NW_TTL + | FWW_ND_TARGET | FWW_IPV6_LABEL); if (ofpfw & OFPFW_NW_TOS) { - wc->wildcards |= FWW_NW_TOS; + /* OpenFlow 1.0 defines a TOS wildcard, but it's much later in + * the enum than we can use. */ + wc->wildcards |= FWW_NW_DSCP; } + wc->nw_src_mask = ofputil_wcbits_to_netmask(ofpfw >> OFPFW_NW_SRC_SHIFT); wc->nw_dst_mask = ofputil_wcbits_to_netmask(ofpfw >> OFPFW_NW_DST_SHIFT); @@ -158,7 +157,7 @@ ofputil_cls_rule_from_match(const struct ofp_match *match, rule->flow.tp_dst = match->tp_dst; memcpy(rule->flow.dl_src, match->dl_src, ETH_ADDR_LEN); memcpy(rule->flow.dl_dst, match->dl_dst, ETH_ADDR_LEN); - rule->flow.nw_tos = match->nw_tos; + rule->flow.nw_tos = match->nw_tos & IP_DSCP_MASK; rule->flow.nw_proto = match->nw_proto; /* Translate VLANs. */ @@ -197,7 +196,7 @@ ofputil_cls_rule_to_match(const struct cls_rule *rule, struct ofp_match *match) ofpfw = (OVS_FORCE uint32_t) (wc->wildcards & WC_INVARIANTS); ofpfw |= ofputil_netmask_to_wcbits(wc->nw_src_mask) << OFPFW_NW_SRC_SHIFT; ofpfw |= ofputil_netmask_to_wcbits(wc->nw_dst_mask) << OFPFW_NW_DST_SHIFT; - if (wc->wildcards & FWW_NW_TOS) { + if (wc->wildcards & FWW_NW_DSCP) { ofpfw |= OFPFW_NW_TOS; } @@ -231,7 +230,7 @@ ofputil_cls_rule_to_match(const struct cls_rule *rule, struct ofp_match *match) match->dl_type = ofputil_dl_type_to_openflow(rule->flow.dl_type); match->nw_src = rule->flow.nw_src; match->nw_dst = rule->flow.nw_dst; - match->nw_tos = rule->flow.nw_tos; + match->nw_tos = rule->flow.nw_tos & IP_DSCP_MASK; match->nw_proto = rule->flow.nw_proto; match->tp_src = rule->flow.tp_src; match->tp_dst = rule->flow.tp_dst; @@ -280,6 +279,11 @@ struct ofputil_msg_type { unsigned int extra_multiple; }; +/* Represents a malformed OpenFlow message. */ +static const struct ofputil_msg_type ofputil_invalid_type = { + OFPUTIL_MSG_INVALID, 0, "OFPUTIL_MSG_INVALID", 0, 0 +}; + struct ofputil_msg_category { const char *name; /* e.g. "OpenFlow message" */ const struct ofputil_msg_type *types; @@ -287,56 +291,51 @@ struct ofputil_msg_category { int missing_error; /* ofp_mkerr() value for missing type. */ }; -static bool -ofputil_length_ok(const struct ofputil_msg_category *cat, - const struct ofputil_msg_type *type, - unsigned int size) +static int +ofputil_check_length(const struct ofputil_msg_type *type, unsigned int size) { switch (type->extra_multiple) { case 0: if (size != type->min_size) { - VLOG_WARN_RL(&bad_ofmsg_rl, "received %s %s with incorrect " + VLOG_WARN_RL(&bad_ofmsg_rl, "received %s with incorrect " "length %u (expected length %u)", - cat->name, type->name, size, type->min_size); - return false; + type->name, size, type->min_size); + return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); } - return true; + return 0; case 1: if (size < type->min_size) { - VLOG_WARN_RL(&bad_ofmsg_rl, "received %s %s with incorrect " + VLOG_WARN_RL(&bad_ofmsg_rl, "received %s with incorrect " "length %u (expected length at least %u bytes)", - cat->name, type->name, size, type->min_size); - return false; + type->name, size, type->min_size); + return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); } - return true; + return 0; default: if (size < type->min_size || (size - type->min_size) % type->extra_multiple) { - VLOG_WARN_RL(&bad_ofmsg_rl, "received %s %s with incorrect " + VLOG_WARN_RL(&bad_ofmsg_rl, "received %s with incorrect " "length %u (must be exactly %u bytes or longer " "by an integer multiple of %u bytes)", - cat->name, type->name, size, + type->name, size, type->min_size, type->extra_multiple); - return false; + return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); } - return true; + return 0; } } static int ofputil_lookup_openflow_message(const struct ofputil_msg_category *cat, - uint32_t value, unsigned int size, + uint32_t value, const struct ofputil_msg_type **typep) { const struct ofputil_msg_type *type; for (type = cat->types; type < &cat->types[cat->n_types]; type++) { if (type->value == value) { - if (!ofputil_length_ok(cat, type, size)) { - return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); - } *typep = type; return 0; } @@ -348,12 +347,9 @@ ofputil_lookup_openflow_message(const struct ofputil_msg_category *cat, } static int -ofputil_decode_vendor(const struct ofp_header *oh, +ofputil_decode_vendor(const struct ofp_header *oh, size_t length, const struct ofputil_msg_type **typep) { - BUILD_ASSERT_DECL(sizeof(struct nxt_set_flow_format) - != sizeof(struct nxt_flow_mod_table_id)); - static const struct ofputil_msg_type nxt_messages[] = { { OFPUTIL_NXT_ROLE_REQUEST, NXT_ROLE_REQUEST, "NXT_ROLE_REQUEST", @@ -389,6 +385,13 @@ ofputil_decode_vendor(const struct ofp_header *oh, const struct ofp_vendor_header *ovh; const struct nicira_header *nh; + if (length < sizeof(struct ofp_vendor_header)) { + if (length == ntohs(oh->length)) { + VLOG_WARN_RL(&bad_ofmsg_rl, "truncated vendor message"); + } + return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); + } + ovh = (const struct ofp_vendor_header *) oh; if (ovh->vendor != htonl(NX_VENDOR_ID)) { VLOG_WARN_RL(&bad_ofmsg_rl, "received vendor message for unknown " @@ -396,24 +399,34 @@ ofputil_decode_vendor(const struct ofp_header *oh, return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_VENDOR); } - if (ntohs(ovh->header.length) < sizeof(struct nicira_header)) { - VLOG_WARN_RL(&bad_ofmsg_rl, "received Nicira vendor message of " - "length %u (expected at least %zu)", - ntohs(ovh->header.length), sizeof(struct nicira_header)); + if (length < sizeof(struct nicira_header)) { + if (length == ntohs(oh->length)) { + VLOG_WARN_RL(&bad_ofmsg_rl, "received Nicira vendor message of " + "length %u (expected at least %zu)", + ntohs(ovh->header.length), + sizeof(struct nicira_header)); + } return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); } nh = (const struct nicira_header *) oh; return ofputil_lookup_openflow_message(&nxt_category, ntohl(nh->subtype), - ntohs(oh->length), typep); + typep); } static int -check_nxstats_msg(const struct ofp_header *oh) +check_nxstats_msg(const struct ofp_header *oh, size_t length) { const struct ofp_stats_msg *osm = (const struct ofp_stats_msg *) oh; ovs_be32 vendor; + if (length < sizeof(struct ofp_vendor_stats_msg)) { + if (length == ntohs(oh->length)) { + VLOG_WARN_RL(&bad_ofmsg_rl, "truncated vendor stats message"); + } + return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); + } + memcpy(&vendor, osm + 1, sizeof vendor); if (vendor != htonl(NX_VENDOR_ID)) { VLOG_WARN_RL(&bad_ofmsg_rl, "received vendor stats message for " @@ -421,8 +434,10 @@ check_nxstats_msg(const struct ofp_header *oh) return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_VENDOR); } - if (ntohs(osm->header.length) < sizeof(struct nicira_stats_msg)) { - VLOG_WARN_RL(&bad_ofmsg_rl, "truncated Nicira stats message"); + if (length < sizeof(struct nicira_stats_msg)) { + if (length == ntohs(osm->header.length)) { + VLOG_WARN_RL(&bad_ofmsg_rl, "truncated Nicira stats message"); + } return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); } @@ -430,7 +445,7 @@ check_nxstats_msg(const struct ofp_header *oh) } static int -ofputil_decode_nxst_request(const struct ofp_header *oh, +ofputil_decode_nxst_request(const struct ofp_header *oh, size_t length, const struct ofputil_msg_type **typep) { static const struct ofputil_msg_type nxst_requests[] = { @@ -452,19 +467,18 @@ ofputil_decode_nxst_request(const struct ofp_header *oh, const struct nicira_stats_msg *nsm; int error; - error = check_nxstats_msg(oh); + error = check_nxstats_msg(oh, length); if (error) { return error; } nsm = (struct nicira_stats_msg *) oh; return ofputil_lookup_openflow_message(&nxst_request_category, - ntohl(nsm->subtype), - ntohs(oh->length), typep); + ntohl(nsm->subtype), typep); } static int -ofputil_decode_nxst_reply(const struct ofp_header *oh, +ofputil_decode_nxst_reply(const struct ofp_header *oh, size_t length, const struct ofputil_msg_type **typep) { static const struct ofputil_msg_type nxst_replies[] = { @@ -486,19 +500,31 @@ ofputil_decode_nxst_reply(const struct ofp_header *oh, const struct nicira_stats_msg *nsm; int error; - error = check_nxstats_msg(oh); + error = check_nxstats_msg(oh, length); if (error) { return error; } nsm = (struct nicira_stats_msg *) oh; return ofputil_lookup_openflow_message(&nxst_reply_category, - ntohl(nsm->subtype), - ntohs(oh->length), typep); + ntohl(nsm->subtype), typep); +} + +static int +check_stats_msg(const struct ofp_header *oh, size_t length) +{ + if (length < sizeof(struct ofp_stats_msg)) { + if (length == ntohs(oh->length)) { + VLOG_WARN_RL(&bad_ofmsg_rl, "truncated stats message"); + } + return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN); + } + + return 0; } static int -ofputil_decode_ofpst_request(const struct ofp_header *oh, +ofputil_decode_ofpst_request(const struct ofp_header *oh, size_t length, const struct ofputil_msg_type **typep) { static const struct ofputil_msg_type ofpst_requests[] = { @@ -540,17 +566,21 @@ ofputil_decode_ofpst_request(const struct ofp_header *oh, const struct ofp_stats_msg *request = (const struct ofp_stats_msg *) oh; int error; + error = check_stats_msg(oh, length); + if (error) { + return error; + } + error = ofputil_lookup_openflow_message(&ofpst_request_category, - ntohs(request->type), - ntohs(oh->length), typep); + ntohs(request->type), typep); if (!error && request->type == htons(OFPST_VENDOR)) { - error = ofputil_decode_nxst_request(oh, typep); + error = ofputil_decode_nxst_request(oh, length, typep); } return error; } static int -ofputil_decode_ofpst_reply(const struct ofp_header *oh, +ofputil_decode_ofpst_reply(const struct ofp_header *oh, size_t length, const struct ofputil_msg_type **typep) { static const struct ofputil_msg_type ofpst_replies[] = { @@ -592,28 +622,22 @@ ofputil_decode_ofpst_reply(const struct ofp_header *oh, const struct ofp_stats_msg *reply = (const struct ofp_stats_msg *) oh; int error; + error = check_stats_msg(oh, length); + if (error) { + return error; + } + error = ofputil_lookup_openflow_message(&ofpst_reply_category, - ntohs(reply->type), - ntohs(oh->length), typep); + ntohs(reply->type), typep); if (!error && reply->type == htons(OFPST_VENDOR)) { - error = ofputil_decode_nxst_reply(oh, typep); + error = ofputil_decode_nxst_reply(oh, length, typep); } return error; } -/* Decodes the message type represented by 'oh'. Returns 0 if successful or - * an OpenFlow error code constructed with ofp_mkerr() on failure. Either - * way, stores in '*typep' a type structure that can be inspected with the - * ofputil_msg_type_*() functions. - * - * oh->length must indicate the correct length of the message (and must be at - * least sizeof(struct ofp_header)). - * - * Success indicates that 'oh' is at least as long as the minimum-length - * message of its type. */ -int -ofputil_decode_msg_type(const struct ofp_header *oh, - const struct ofputil_msg_type **typep) +static int +ofputil_decode_msg_type__(const struct ofp_header *oh, size_t length, + const struct ofputil_msg_type **typep) { static const struct ofputil_msg_type ofpt_messages[] = { { OFPUTIL_OFPT_HELLO, @@ -705,32 +729,69 @@ ofputil_decode_msg_type(const struct ofp_header *oh, int error; - error = ofputil_lookup_openflow_message(&ofpt_category, oh->type, - ntohs(oh->length), typep); + error = ofputil_lookup_openflow_message(&ofpt_category, oh->type, typep); if (!error) { switch (oh->type) { case OFPT_VENDOR: - error = ofputil_decode_vendor(oh, typep); + error = ofputil_decode_vendor(oh, length, typep); break; case OFPT_STATS_REQUEST: - error = ofputil_decode_ofpst_request(oh, typep); + error = ofputil_decode_ofpst_request(oh, length, typep); break; case OFPT_STATS_REPLY: - error = ofputil_decode_ofpst_reply(oh, typep); + error = ofputil_decode_ofpst_reply(oh, length, typep); default: break; } } + return error; +} + +/* Decodes the message type represented by 'oh'. Returns 0 if successful or + * an OpenFlow error code constructed with ofp_mkerr() on failure. Either + * way, stores in '*typep' a type structure that can be inspected with the + * ofputil_msg_type_*() functions. + * + * oh->length must indicate the correct length of the message (and must be at + * least sizeof(struct ofp_header)). + * + * Success indicates that 'oh' is at least as long as the minimum-length + * message of its type. */ +int +ofputil_decode_msg_type(const struct ofp_header *oh, + const struct ofputil_msg_type **typep) +{ + size_t length = ntohs(oh->length); + int error; + + error = ofputil_decode_msg_type__(oh, length, typep); + if (!error) { + error = ofputil_check_length(*typep, length); + } if (error) { - static const struct ofputil_msg_type ofputil_invalid_type = { - OFPUTIL_MSG_INVALID, - 0, "OFPUTIL_MSG_INVALID", - 0, 0 - }; + *typep = &ofputil_invalid_type; + } + return error; +} + +/* Decodes the message type represented by 'oh', of which only the first + * 'length' bytes are available. Returns 0 if successful or an OpenFlow error + * code constructed with ofp_mkerr() on failure. Either way, stores in + * '*typep' a type structure that can be inspected with the + * ofputil_msg_type_*() functions. */ +int +ofputil_decode_msg_type_partial(const struct ofp_header *oh, size_t length, + const struct ofputil_msg_type **typep) +{ + int error; + error = (length >= sizeof *oh + ? ofputil_decode_msg_type__(oh, length, typep) + : ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_LEN)); + if (error) { *typep = &ofputil_invalid_type; } return error; @@ -800,6 +861,8 @@ ofputil_min_flow_format(const struct cls_rule *rule) { const struct flow_wildcards *wc = &rule->wc; + BUILD_ASSERT_DECL(FLOW_WC_SEQ == 7); + /* Only NXM supports separately wildcards the Ethernet multicast bit. */ if (!(wc->wildcards & FWW_DL_DST) != !(wc->wildcards & FWW_ETH_MCAST)) { return NXFF_NXM; @@ -826,6 +889,26 @@ ofputil_min_flow_format(const struct cls_rule *rule) return NXFF_NXM; } + /* Only NXM supports matching fragments. */ + if (wc->nw_frag_mask) { + return NXFF_NXM; + } + + /* Only NXM supports matching IPv6 flow label. */ + if (!(wc->wildcards & FWW_IPV6_LABEL)) { + return NXFF_NXM; + } + + /* Only NXM supports matching IP ECN bits. */ + if (!(wc->wildcards & FWW_NW_ECN)) { + return NXFF_NXM; + } + + /* Only NXM supports matching IP TTL/hop limit. */ + if (!(wc->wildcards & FWW_NW_TTL)) { + return NXFF_NXM; + } + /* Other formats can express this rule. */ return NXFF_OPENFLOW10; } @@ -866,8 +949,8 @@ ofputil_make_flow_mod_table_id(bool flow_mod_table_id) * * Does not validate the flow_mod actions. */ int -ofputil_decode_flow_mod(struct flow_mod *fm, const struct ofp_header *oh, - bool flow_mod_table_id) +ofputil_decode_flow_mod(struct ofputil_flow_mod *fm, + const struct ofp_header *oh, bool flow_mod_table_id) { const struct ofputil_msg_type *type; uint16_t command; @@ -956,7 +1039,7 @@ ofputil_decode_flow_mod(struct flow_mod *fm, const struct ofp_header *oh, * 'flow_mod_table_id' should be true if the NXT_FLOW_MOD_TABLE_ID extension is * enabled, false otherwise. */ struct ofpbuf * -ofputil_encode_flow_mod(const struct flow_mod *fm, +ofputil_encode_flow_mod(const struct ofputil_flow_mod *fm, enum nx_flow_format flow_format, bool flow_mod_table_id) { @@ -1010,7 +1093,7 @@ ofputil_encode_flow_mod(const struct flow_mod *fm, } static int -ofputil_decode_ofpst_flow_request(struct flow_stats_request *fsr, +ofputil_decode_ofpst_flow_request(struct ofputil_flow_stats_request *fsr, const struct ofp_header *oh, bool aggregate) { @@ -1026,7 +1109,7 @@ ofputil_decode_ofpst_flow_request(struct flow_stats_request *fsr, } static int -ofputil_decode_nxst_flow_request(struct flow_stats_request *fsr, +ofputil_decode_nxst_flow_request(struct ofputil_flow_stats_request *fsr, const struct ofp_header *oh, bool aggregate) { @@ -1056,7 +1139,7 @@ ofputil_decode_nxst_flow_request(struct flow_stats_request *fsr, * request 'oh', into an abstract flow_stats_request in 'fsr'. Returns 0 if * successful, otherwise an OpenFlow error code. */ int -ofputil_decode_flow_stats_request(struct flow_stats_request *fsr, +ofputil_decode_flow_stats_request(struct ofputil_flow_stats_request *fsr, const struct ofp_header *oh) { const struct ofputil_msg_type *type; @@ -1090,7 +1173,7 @@ ofputil_decode_flow_stats_request(struct flow_stats_request *fsr, * OFPST_AGGREGATE, NXST_FLOW, or NXST_AGGREGATE request 'oh' according to * 'flow_format', and returns the message. */ struct ofpbuf * -ofputil_encode_flow_stats_request(const struct flow_stats_request *fsr, +ofputil_encode_flow_stats_request(const struct ofputil_flow_stats_request *fsr, enum nx_flow_format flow_format) { struct ofpbuf *msg; @@ -1457,7 +1540,7 @@ ofputil_encode_packet_in(const struct ofputil_packet_in *pin, struct ofpbuf *rw_packet) { int total_len = pin->packet->size; - struct ofp_packet_in *opi; + struct ofp_packet_in opi; if (rw_packet) { if (pin->send_len < rw_packet->size) { @@ -1470,13 +1553,14 @@ ofputil_encode_packet_in(const struct ofputil_packet_in *pin, } /* Add OFPT_PACKET_IN. */ - opi = ofpbuf_push_zeros(rw_packet, offsetof(struct ofp_packet_in, data)); - opi->header.version = OFP_VERSION; - opi->header.type = OFPT_PACKET_IN; - opi->total_len = htons(total_len); - opi->in_port = htons(pin->in_port); - opi->reason = pin->reason; - opi->buffer_id = htonl(pin->buffer_id); + memset(&opi, 0, sizeof opi); + opi.header.version = OFP_VERSION; + opi.header.type = OFPT_PACKET_IN; + opi.total_len = htons(total_len); + opi.in_port = htons(pin->in_port); + opi.reason = pin->reason; + opi.buffer_id = htonl(pin->buffer_id); + ofpbuf_push(rw_packet, &opi, offsetof(struct ofp_packet_in, data)); update_openflow_length(rw_packet); return rw_packet; @@ -1831,10 +1915,7 @@ make_add_simple_flow(const struct cls_rule *rule, struct ofpbuf *buffer; buffer = make_add_flow(rule, buffer_id, idle_timeout, sizeof *oao); - oao = ofpbuf_put_zeros(buffer, sizeof *oao); - oao->type = htons(OFPAT_OUTPUT); - oao->len = htons(sizeof *oao); - oao->port = htons(out_port); + ofputil_put_OFPAT_OUTPUT(buffer)->port = htons(out_port); return buffer; } else { return make_add_flow(rule, buffer_id, idle_timeout, 0); @@ -1879,7 +1960,7 @@ make_packet_out(const struct ofpbuf *packet, uint32_t buffer_id, opo->header.length = htons(size); opo->header.xid = htonl(0); opo->buffer_id = htonl(buffer_id); - opo->in_port = htons(in_port == ODPP_LOCAL ? OFPP_LOCAL : in_port); + opo->in_port = htons(in_port); opo->actions_len = htons(actions_len); ofpbuf_put(out, actions, actions_len); if (packet) { @@ -1942,6 +2023,36 @@ make_echo_reply(const struct ofp_header *rq) return out; } +const char * +ofputil_frag_handling_to_string(enum ofp_config_flags flags) +{ + switch (flags & OFPC_FRAG_MASK) { + case OFPC_FRAG_NORMAL: return "normal"; + case OFPC_FRAG_DROP: return "drop"; + case OFPC_FRAG_REASM: return "reassemble"; + case OFPC_FRAG_NX_MATCH: return "nx-match"; + } + + NOT_REACHED(); +} + +bool +ofputil_frag_handling_from_string(const char *s, enum ofp_config_flags *flags) +{ + if (!strcasecmp(s, "normal")) { + *flags = OFPC_FRAG_NORMAL; + } else if (!strcasecmp(s, "drop")) { + *flags = OFPC_FRAG_DROP; + } else if (!strcasecmp(s, "reassemble")) { + *flags = OFPC_FRAG_REASM; + } else if (!strcasecmp(s, "nx-match")) { + *flags = OFPC_FRAG_NX_MATCH; + } else { + return false; + } + return true; +} + /* Checks that 'port' is a valid output port for the OFPAT_OUTPUT action, given * that the switch will never have more than 'max_ports' ports. Returns 0 if * 'port' is valid, otherwise an ofp_mkerr() return code. */ @@ -1966,6 +2077,93 @@ ofputil_check_output_port(uint16_t port, int max_ports) } } +#define OFPUTIL_NAMED_PORTS \ + OFPUTIL_NAMED_PORT(IN_PORT) \ + OFPUTIL_NAMED_PORT(TABLE) \ + OFPUTIL_NAMED_PORT(NORMAL) \ + OFPUTIL_NAMED_PORT(FLOOD) \ + OFPUTIL_NAMED_PORT(ALL) \ + OFPUTIL_NAMED_PORT(CONTROLLER) \ + OFPUTIL_NAMED_PORT(LOCAL) \ + OFPUTIL_NAMED_PORT(NONE) + +/* Checks whether 's' is the string representation of an OpenFlow port number, + * either as an integer or a string name (e.g. "LOCAL"). If it is, stores the + * number in '*port' and returns true. Otherwise, returns false. */ +bool +ofputil_port_from_string(const char *name, uint16_t *port) +{ + struct pair { + const char *name; + uint16_t value; + }; + static const struct pair pairs[] = { +#define OFPUTIL_NAMED_PORT(NAME) {#NAME, OFPP_##NAME}, + OFPUTIL_NAMED_PORTS +#undef OFPUTIL_NAMED_PORT + }; + static const int n_pairs = ARRAY_SIZE(pairs); + int i; + + if (str_to_int(name, 0, &i) && i >= 0 && i < UINT16_MAX) { + *port = i; + return true; + } + + for (i = 0; i < n_pairs; i++) { + if (!strcasecmp(name, pairs[i].name)) { + *port = pairs[i].value; + return true; + } + } + return false; +} + +/* Appends to 's' a string representation of the OpenFlow port number 'port'. + * Most ports' string representation is just the port number, but for special + * ports, e.g. OFPP_LOCAL, it is the name, e.g. "LOCAL". */ +void +ofputil_format_port(uint16_t port, struct ds *s) +{ + const char *name; + + switch (port) { +#define OFPUTIL_NAMED_PORT(NAME) case OFPP_##NAME: name = #NAME; break; + OFPUTIL_NAMED_PORTS +#undef OFPUTIL_NAMED_PORT + + default: + ds_put_format(s, "%"PRIu16, port); + return; + } + ds_put_cstr(s, name); +} + +static int +check_resubmit_table(const struct nx_action_resubmit *nar) +{ + if (nar->pad[0] || nar->pad[1] || nar->pad[2]) { + return ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_BAD_ARGUMENT); + } + return 0; +} + +static int +check_output_reg(const struct nx_action_output_reg *naor, + const struct flow *flow) +{ + size_t i; + + for (i = 0; i < sizeof naor->zero; i++) { + if (naor->zero[i]) { + return ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_BAD_ARGUMENT); + } + } + + return nxm_src_check(naor->src, nxm_decode_ofs(naor->ofs_nbits), + nxm_decode_n_bits(naor->ofs_nbits), flow); +} + int validate_actions(const union ofp_action *actions, size_t n_actions, const struct flow *flow, int max_ports) @@ -2013,7 +2211,8 @@ validate_actions(const union ofp_action *actions, size_t n_actions, case OFPUTIL_OFPAT_ENQUEUE: port = ntohs(((const struct ofp_action_enqueue *) a)->port); - if (port >= max_ports && port != OFPP_IN_PORT) { + if (port >= max_ports && port != OFPP_IN_PORT + && port != OFPP_LOCAL) { error = ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_BAD_OUT_PORT); } break; @@ -2044,6 +2243,20 @@ validate_actions(const union ofp_action *actions, size_t n_actions, max_ports, flow); break; + case OFPUTIL_NXAST_OUTPUT_REG: + error = check_output_reg((const struct nx_action_output_reg *) a, + flow); + break; + + case OFPUTIL_NXAST_RESUBMIT_TABLE: + error = check_resubmit_table( + (const struct nx_action_resubmit *) a); + break; + + case OFPUTIL_NXAST_LEARN: + error = learn_check((const struct nx_action_learn *) a, flow); + break; + case OFPUTIL_OFPAT_STRIP_VLAN: case OFPUTIL_OFPAT_SET_NW_SRC: case OFPUTIL_OFPAT_SET_NW_DST: @@ -2058,6 +2271,7 @@ validate_actions(const union ofp_action *actions, size_t n_actions, case OFPUTIL_NXAST_POP_QUEUE: case OFPUTIL_NXAST_NOTE: case OFPUTIL_NXAST_SET_TUNNEL64: + case OFPUTIL_NXAST_EXIT: break; } @@ -2077,89 +2291,64 @@ validate_actions(const union ofp_action *actions, size_t n_actions, return 0; } -struct ofputil_ofpat_action { - enum ofputil_action_code code; - unsigned int len; -}; - -static const struct ofputil_ofpat_action ofpat_actions[] = { - { OFPUTIL_OFPAT_OUTPUT, 8 }, - { OFPUTIL_OFPAT_SET_VLAN_VID, 8 }, - { OFPUTIL_OFPAT_SET_VLAN_PCP, 8 }, - { OFPUTIL_OFPAT_STRIP_VLAN, 8 }, - { OFPUTIL_OFPAT_SET_DL_SRC, 16 }, - { OFPUTIL_OFPAT_SET_DL_DST, 16 }, - { OFPUTIL_OFPAT_SET_NW_SRC, 8 }, - { OFPUTIL_OFPAT_SET_NW_DST, 8 }, - { OFPUTIL_OFPAT_SET_NW_TOS, 8 }, - { OFPUTIL_OFPAT_SET_TP_SRC, 8 }, - { OFPUTIL_OFPAT_SET_TP_DST, 8 }, - { OFPUTIL_OFPAT_ENQUEUE, 16 }, -}; - -struct ofputil_nxast_action { - enum ofputil_action_code code; +struct ofputil_action { + int code; unsigned int min_len; unsigned int max_len; }; -static const struct ofputil_nxast_action nxast_actions[] = { - { 0, UINT_MAX, UINT_MAX }, /* NXAST_SNAT__OBSOLETE */ - { OFPUTIL_NXAST_RESUBMIT, 16, 16 }, - { OFPUTIL_NXAST_SET_TUNNEL, 16, 16 }, - { 0, UINT_MAX, UINT_MAX }, /* NXAST_DROP_SPOOFED_ARP__OBSOLETE */ - { OFPUTIL_NXAST_SET_QUEUE, 16, 16 }, - { OFPUTIL_NXAST_POP_QUEUE, 16, 16 }, - { OFPUTIL_NXAST_REG_MOVE, 24, 24 }, - { OFPUTIL_NXAST_REG_LOAD, 24, 24 }, - { OFPUTIL_NXAST_NOTE, 16, UINT_MAX }, - { OFPUTIL_NXAST_SET_TUNNEL64, 24, 24 }, - { OFPUTIL_NXAST_MULTIPATH, 32, 32 }, - { OFPUTIL_NXAST_AUTOPATH, 24, 24 }, - { OFPUTIL_NXAST_BUNDLE, 32, UINT_MAX }, - { OFPUTIL_NXAST_BUNDLE_LOAD, 32, UINT_MAX }, -}; +static const struct ofputil_action action_bad_type + = { -OFP_MKERR(OFPET_BAD_ACTION, OFPBAC_BAD_TYPE), 0, UINT_MAX }; +static const struct ofputil_action action_bad_len + = { -OFP_MKERR(OFPET_BAD_ACTION, OFPBAC_BAD_LEN), 0, UINT_MAX }; +static const struct ofputil_action action_bad_vendor + = { -OFP_MKERR(OFPET_BAD_ACTION, OFPBAC_BAD_VENDOR), 0, UINT_MAX }; -static int +static const struct ofputil_action * ofputil_decode_ofpat_action(const union ofp_action *a) { - int type = ntohs(a->type); - - if (type < ARRAY_SIZE(ofpat_actions)) { - const struct ofputil_ofpat_action *ooa = &ofpat_actions[type]; - unsigned int len = ntohs(a->header.len); + enum ofp_action_type type = ntohs(a->type); + + switch (type) { +#define OFPAT_ACTION(ENUM, STRUCT, NAME) \ + case ENUM: { \ + static const struct ofputil_action action = { \ + OFPUTIL_##ENUM, \ + sizeof(struct STRUCT), \ + sizeof(struct STRUCT) \ + }; \ + return &action; \ + } +#include "ofp-util.def" - return (len == ooa->len - ? ooa->code - : -ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_BAD_LEN)); - } else { - return -ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_BAD_TYPE); + case OFPAT_VENDOR: + default: + return &action_bad_type; } } -static int +static const struct ofputil_action * ofputil_decode_nxast_action(const union ofp_action *a) { - unsigned int len = ntohs(a->header.len); - - if (len < sizeof(struct nx_action_header)) { - return -ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_BAD_LEN); - } else { - const struct nx_action_header *nah = (const void *) a; - int subtype = ntohs(nah->subtype); - - if (subtype <= ARRAY_SIZE(nxast_actions)) { - const struct ofputil_nxast_action *ona = &nxast_actions[subtype]; - if (len >= ona->min_len && len <= ona->max_len) { - return ona->code; - } else if (ona->min_len == UINT_MAX) { - return -ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_BAD_TYPE); - } else { - return -ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_BAD_LEN); - } - } else { - return -ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_BAD_TYPE); + const struct nx_action_header *nah = (const struct nx_action_header *) a; + enum nx_action_subtype subtype = ntohs(nah->subtype); + + switch (subtype) { +#define NXAST_ACTION(ENUM, STRUCT, EXTENSIBLE, NAME) \ + case ENUM: { \ + static const struct ofputil_action action = { \ + OFPUTIL_##ENUM, \ + sizeof(struct STRUCT), \ + EXTENSIBLE ? UINT_MAX : sizeof(struct STRUCT) \ + }; \ + return &action; \ } +#include "ofp-util.def" + + case NXAST_SNAT__OBSOLETE: + case NXAST_DROP_SPOOFED_ARP__OBSOLETE: + default: + return &action_bad_type; } } @@ -2176,13 +2365,28 @@ ofputil_decode_nxast_action(const union ofp_action *a) int ofputil_decode_action(const union ofp_action *a) { + const struct ofputil_action *action; + uint16_t len = ntohs(a->header.len); + if (a->type != htons(OFPAT_VENDOR)) { - return ofputil_decode_ofpat_action(a); - } else if (a->vendor.vendor == htonl(NX_VENDOR_ID)) { - return ofputil_decode_nxast_action(a); + action = ofputil_decode_ofpat_action(a); } else { - return -ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_BAD_VENDOR); + switch (ntohl(a->vendor.vendor)) { + case NX_VENDOR_ID: + if (len < sizeof(struct nx_action_header)) { + return -ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_BAD_LEN); + } + action = ofputil_decode_nxast_action(a); + break; + default: + action = &action_bad_vendor; + break; + } } + + return (len >= action->min_len && len <= action->max_len + ? action->code + : -ofp_mkerr(OFPET_BAD_ACTION, OFPBAC_BAD_LEN)); } /* Parses 'a' and returns its type as an OFPUTIL_OFPAT_* or OFPUTIL_NXAST_* @@ -2192,15 +2396,95 @@ ofputil_decode_action(const union ofp_action *a) enum ofputil_action_code ofputil_decode_action_unsafe(const union ofp_action *a) { + const struct ofputil_action *action; + if (a->type != htons(OFPAT_VENDOR)) { - return ofpat_actions[ntohs(a->type)].code; + action = ofputil_decode_ofpat_action(a); } else { - const struct nx_action_header *nah = (const void *) a; + action = ofputil_decode_nxast_action(a); + } + + return action->code; +} + +/* Returns the 'enum ofputil_action_code' corresponding to 'name' (e.g. if + * 'name' is "output" then the return value is OFPUTIL_OFPAT_OUTPUT), or -1 if + * 'name' is not the name of any action. + * + * ofp-util.def lists the mapping from names to action. */ +int +ofputil_action_code_from_name(const char *name) +{ + static const char *names[OFPUTIL_N_ACTIONS] = { +#define OFPAT_ACTION(ENUM, STRUCT, NAME) NAME, +#define NXAST_ACTION(ENUM, STRUCT, EXTENSIBLE, NAME) NAME, +#include "ofp-util.def" + }; + + const char **p; - return nxast_actions[ntohs(nah->subtype)].code; + for (p = names; p < &names[ARRAY_SIZE(names)]; p++) { + if (*p && !strcasecmp(name, *p)) { + return p - names; + } } + return -1; } +/* Appends an action of the type specified by 'code' to 'buf' and returns the + * action. Initializes the parts of 'action' that identify it as having type + * and length 'sizeof *action' and zeros the rest. For actions that + * have variable length, the length used and cleared is that of struct + * . */ +void * +ofputil_put_action(enum ofputil_action_code code, struct ofpbuf *buf) +{ + switch (code) { +#define OFPAT_ACTION(ENUM, STRUCT, NAME) \ + case OFPUTIL_##ENUM: return ofputil_put_##ENUM(buf); +#define NXAST_ACTION(ENUM, STRUCT, EXTENSIBLE, NAME) \ + case OFPUTIL_##ENUM: return ofputil_put_##ENUM(buf); +#include "ofp-util.def" + } + NOT_REACHED(); +} + +#define OFPAT_ACTION(ENUM, STRUCT, NAME) \ + void \ + ofputil_init_##ENUM(struct STRUCT *s) \ + { \ + memset(s, 0, sizeof *s); \ + s->type = htons(ENUM); \ + s->len = htons(sizeof *s); \ + } \ + \ + struct STRUCT * \ + ofputil_put_##ENUM(struct ofpbuf *buf) \ + { \ + struct STRUCT *s = ofpbuf_put_uninit(buf, sizeof *s); \ + ofputil_init_##ENUM(s); \ + return s; \ + } +#define NXAST_ACTION(ENUM, STRUCT, EXTENSIBLE, NAME) \ + void \ + ofputil_init_##ENUM(struct STRUCT *s) \ + { \ + memset(s, 0, sizeof *s); \ + s->type = htons(OFPAT_VENDOR); \ + s->len = htons(sizeof *s); \ + s->vendor = htonl(NX_VENDOR_ID); \ + s->subtype = htons(ENUM); \ + } \ + \ + struct STRUCT * \ + ofputil_put_##ENUM(struct ofpbuf *buf) \ + { \ + struct STRUCT *s = ofpbuf_put_uninit(buf, sizeof *s); \ + ofputil_init_##ENUM(s); \ + return s; \ + } +#include "ofp-util.def" + /* Returns true if 'action' outputs to 'port', false otherwise. */ bool action_outputs_to_port(const union ofp_action *action, ovs_be16 port) @@ -2240,10 +2524,10 @@ ofputil_normalize_rule(struct cls_rule *rule, enum nx_flow_format flow_format) MAY_NW_ADDR = 1 << 0, /* nw_src, nw_dst */ MAY_TP_ADDR = 1 << 1, /* tp_src, tp_dst */ MAY_NW_PROTO = 1 << 2, /* nw_proto */ - MAY_NW_TOS = 1 << 3, /* nw_tos */ + MAY_IPVx = 1 << 3, /* tos, frag, ttl */ MAY_ARP_SHA = 1 << 4, /* arp_sha */ MAY_ARP_THA = 1 << 5, /* arp_tha */ - MAY_IPV6_ADDR = 1 << 6, /* ipv6_src, ipv6_dst */ + MAY_IPV6 = 1 << 6, /* ipv6_src, ipv6_dst, ipv6_label */ MAY_ND_TARGET = 1 << 7 /* nd_target */ } may_match; @@ -2251,7 +2535,7 @@ ofputil_normalize_rule(struct cls_rule *rule, enum nx_flow_format flow_format) /* Figure out what fields may be matched. */ if (rule->flow.dl_type == htons(ETH_TYPE_IP)) { - may_match = MAY_NW_PROTO | MAY_NW_TOS | MAY_NW_ADDR; + may_match = MAY_NW_PROTO | MAY_IPVx | MAY_NW_ADDR; if (rule->flow.nw_proto == IPPROTO_TCP || rule->flow.nw_proto == IPPROTO_UDP || rule->flow.nw_proto == IPPROTO_ICMP) { @@ -2259,7 +2543,7 @@ ofputil_normalize_rule(struct cls_rule *rule, enum nx_flow_format flow_format) } } else if (rule->flow.dl_type == htons(ETH_TYPE_IPV6) && flow_format == NXFF_NXM) { - may_match = MAY_NW_PROTO | MAY_NW_TOS | MAY_IPV6_ADDR; + may_match = MAY_NW_PROTO | MAY_IPVx | MAY_IPV6; if (rule->flow.nw_proto == IPPROTO_TCP || rule->flow.nw_proto == IPPROTO_UDP) { may_match |= MAY_TP_ADDR; @@ -2291,8 +2575,10 @@ ofputil_normalize_rule(struct cls_rule *rule, enum nx_flow_format flow_format) if (!(may_match & MAY_NW_PROTO)) { wc.wildcards |= FWW_NW_PROTO; } - if (!(may_match & MAY_NW_TOS)) { - wc.wildcards |= FWW_NW_TOS; + if (!(may_match & MAY_IPVx)) { + wc.wildcards |= FWW_NW_DSCP; + wc.wildcards |= FWW_NW_ECN; + wc.wildcards |= FWW_NW_TTL; } if (!(may_match & MAY_ARP_SHA)) { wc.wildcards |= FWW_ARP_SHA; @@ -2300,8 +2586,9 @@ ofputil_normalize_rule(struct cls_rule *rule, enum nx_flow_format flow_format) if (!(may_match & MAY_ARP_THA)) { wc.wildcards |= FWW_ARP_THA; } - if (!(may_match & MAY_IPV6_ADDR)) { + if (!(may_match & MAY_IPV6)) { wc.ipv6_src_mask = wc.ipv6_dst_mask = in6addr_any; + wc.wildcards |= FWW_IPV6_LABEL; } if (!(may_match & MAY_ND_TARGET)) { wc.wildcards |= FWW_ND_TARGET; @@ -2577,3 +2864,72 @@ ofputil_actions_clone(const union ofp_action *actions, size_t n) { return n ? xmemdup(actions, n * sizeof *actions) : NULL; } + +/* Parses a key or a key-value pair from '*stringp'. + * + * On success: Stores the key into '*keyp'. Stores the value, if present, into + * '*valuep', otherwise an empty string. Advances '*stringp' past the end of + * the key-value pair, preparing it for another call. '*keyp' and '*valuep' + * are substrings of '*stringp' created by replacing some of its bytes by null + * terminators. Returns true. + * + * If '*stringp' is just white space or commas, sets '*keyp' and '*valuep' to + * NULL and returns false. */ +bool +ofputil_parse_key_value(char **stringp, char **keyp, char **valuep) +{ + char *pos, *key, *value; + size_t key_len; + + pos = *stringp; + pos += strspn(pos, ", \t\r\n"); + if (*pos == '\0') { + *keyp = *valuep = NULL; + return false; + } + + key = pos; + key_len = strcspn(pos, ":=(, \t\r\n"); + if (key[key_len] == ':' || key[key_len] == '=') { + /* The value can be separated by a colon. */ + size_t value_len; + + value = key + key_len + 1; + value_len = strcspn(value, ", \t\r\n"); + pos = value + value_len + (value[value_len] != '\0'); + value[value_len] = '\0'; + } else if (key[key_len] == '(') { + /* The value can be surrounded by balanced parentheses. The outermost + * set of parentheses is removed. */ + int level = 1; + size_t value_len; + + value = key + key_len + 1; + for (value_len = 0; level > 0; value_len++) { + switch (value[value_len]) { + case '\0': + ovs_fatal(0, "unbalanced parentheses in argument to %s", key); + + case '(': + level++; + break; + + case ')': + level--; + break; + } + } + value[value_len - 1] = '\0'; + pos = value + value_len; + } else { + /* There might be no value at all. */ + value = key + key_len; /* Will become the empty string below. */ + pos = key + key_len + (key[key_len] != '\0'); + } + key[key_len] = '\0'; + + *stringp = pos; + *keyp = key; + *valuep = value; + return true; +}