From: Justin Pettit Date: Wed, 11 Feb 2009 23:23:23 +0000 (-0800) Subject: Check wildcards for in_port != out_port output validation. (udatapath) X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ae8d224210ed2a5f89a9e97e08db81b27ceac855;p=openvswitch Check wildcards for in_port != out_port output validation. (udatapath) OpenFlow requires that traffic that is to be sent out the interface it came in on use the OFPP_IN_PORT virtual port. The action validation code that enforces this ignored the wildcards field, which meant it was using the garbage 'in_port' value for this check. NB: This problem was addressed in the kernel datapath with commit 1b580f69f3dfacee49532f71abd72755a09eabd4. --- diff --git a/udatapath/dp_act.c b/udatapath/dp_act.c index 8579b10a..0baa0aba 100644 --- a/udatapath/dp_act.c +++ b/udatapath/dp_act.c @@ -50,7 +50,9 @@ validate_output(struct datapath *dp UNUSED, const struct sw_flow_key *key, /* To prevent loops, make sure there's no action to send to the * OFP_TABLE virtual port. */ - if (oa->port == htons(OFPP_NONE) || oa->port == key->flow.in_port) { + if (oa->port == htons(OFPP_NONE) || + (!(key->wildcards & OFPFW_IN_PORT) + && oa->port == key->flow.in_port)) { return OFPBAC_BAD_OUT_PORT; } return ACT_VALIDATION_OK;