Jesse Gross [Wed, 5 Jan 2011 15:25:41 +0000 (07:25 -0800)]
datapath: Fix double counting of packet stats for Linux devices.
The kernel augments stats for Linux devices that only provide 32-bit stats
with its own internal 64-bit counters. When doing this it takes the error
stats from the device but uses the packet and byte values from its local
counters. However, we were also taking the packet and byte counts from
the device, leading to double counting.
Problem introduced by commit
ec61a01cd8ed73b13ffe042ddff4baf41f6b63e7
'datapath: Use "struct rtnl_link_stats64" instead of "struct odp_vport_stats".'.
Bug #4327
Reported-by: Krishna Miriyala <krishna@nicira.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Wed, 5 Jan 2011 20:39:57 +0000 (12:39 -0800)]
datapath: Use call_rcu() when deleting a datapath.
When deleting a datapath, we remove all of the vports and then immediately
free the datapath data structures. Since the vports are allowed to use
call_rcu() to free their data, it's possible for them to return immediately
while packet processing is still taking place. This breaks apart the dropping
of references and the freeing of the data using call_rcu() for protection.
This race cannot actually occur in practice since the last port to be
deleted is an internal device, which uses synchronize_rcu() itself
(implicitly through unregister_netdevice()). However, there is no
requirement that it must do this nor should there be.
Reported-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 4 Jan 2011 18:19:59 +0000 (10:19 -0800)]
debian: Remove openvswitch-pki-server package.
The functionality provided by this package was used only by
openvswitch-switch-config, which was removed some time ago. If I had been
more careful at the time, I would have removed this package at the same
time.
Ethan Jackson [Wed, 22 Dec 2010 00:26:21 +0000 (16:26 -0800)]
lib: Show tunnel egress interface in ovsdb
This commit parses rtnetlink address notifications from the
kernel in order to display the egress interface of tunnels in the
database.
Bug #4103.
Ethan Jackson [Tue, 21 Dec 2010 21:44:37 +0000 (13:44 -0800)]
rtnetlink: Remove LINK specific messages from rtnetlink
Abstracted rtnetlink so that it may be used for messages other than
RTM LINK messages. Created a new rtnetlink-link module which
specifically deals with these kinds of messages and follows the old
rtnetlink API.
Ethan Jackson [Mon, 3 Jan 2011 20:27:50 +0000 (12:27 -0800)]
python: properly initialize string length on 64bit systems.
types.py was initializing max string length to 2^64 - 1 instead of
UINT_MAX on 64 bit systems. This commit fixes that problem.
Ethan Jackson [Sun, 2 Jan 2011 21:28:58 +0000 (13:28 -0800)]
stream-ssl: Fix compiler warning.
This commit fixes the following compiler warnings:
"format '%d' expects type 'int', but argument 4 has type 'size_t'"
Ethan Jackson [Sun, 2 Jan 2011 21:24:27 +0000 (13:24 -0800)]
multipath: Fix compiler warning.
This commit fixes the following compiler warning:
"cast from function call of type 'uint16_t' to non-matching type
'enum nx_mp_fields'"
Simon Horman [Fri, 31 Dec 2010 04:27:35 +0000 (13:27 +0900)]
debian: Remove ${shlibs:Depends} dependency pki packages
Remove ${shlibs:Depends} dependency from openvswitch-pki
and openvswitch-pki-server as neither package includes binaries
Ethan Jackson [Sun, 2 Jan 2011 20:52:11 +0000 (12:52 -0800)]
ofp-parse: ofp-parse fails to properly validate DROP.
The str_to_action function of ofp-parse was not properly
incrementing it's actions counter. Thus it did not enforce the
requirement that DROP actions not be preceded by other actions.
Jesse Gross [Wed, 29 Dec 2010 19:42:13 +0000 (11:42 -0800)]
datapath: Drop constness of datapath pointers.
A few places marked struct datapath pointers as const since they
didn't expect to make modifications. However, when compiled with
lockdep the datapath mutex pointer is passed to lockdep_is_held(),
which has a non-const argument. That provoked warnings about
casting away the const, so this drops the const from the original
pointers.
Reported-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Wed, 29 Dec 2010 18:59:01 +0000 (10:59 -0800)]
datapath: Report ifindex of 0 if vport doesn't have one.
If a vport is a virtual device then it doesn't have a system ifindex.
We currently return the ifindex of the bridge device in this situation
but that's somewhat misleading, so this replaces it with 0. Nothing
actually reads the ifindex for devices other than the bridge device,
so this doesn't have a functional change.
Suggested-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Wed, 29 Dec 2010 23:05:02 +0000 (15:05 -0800)]
datapath: Don't check for RCU in free_buckets in table.
free_buckets() is only called in places where the lifetime of its
container has ended: on allocation failure and on deletion after
a grace period. If the container can no longer be referenced then
neither can the buckets, so it is safe to directly free them.
sparse complains if the pointer is directly dereferenced and lockdep
complains if the RCU functions are used without some type of lock,
both of which are fine in this case. This adds an explicit cast to
avoid the complaints.
Found with lockdep.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Wed, 29 Dec 2010 22:48:38 +0000 (14:48 -0800)]
datapath: Hold dp->mutex when calling new_vport().
On datapath creation we hold dp_mutex but not dp->mutex when
creating the vport for the datapath device. However, there are
lockdep checks that validate that we hold dp->mutex during the call
to new_vport(). The lock isn't actually necessary in this case
because no one else can access the datapath but it's good to have
the lock assertions, so this holds dp->mutex while initializing
the datapath.
Found with lockdep.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Wed, 29 Dec 2010 22:10:50 +0000 (14:10 -0800)]
datapath: Add owner to file_operations declaration.
It's currently possible for operations on our character device to
be still running when we unload the module. This will result in
an oops when the executing code is suddenly freed. The chrdev
code has a way to avoid this by taking a reference on the module
every time the device is opened, which means that we can't be
unloaded as long as there is an open file descriptor and therefore
the possibility of an operation. However, our file_operations
structure doesn't include an owner member, which prevents this
mechanism from working. This adds one.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Wed, 29 Dec 2010 21:09:56 +0000 (13:09 -0800)]
datapath: Acquire dp->mutex when deleting a datapath.
It's possible that someone is using the datapath data structures
when we attempt to delete the datapath. The first writer will
only hold dp->mutex, which we don't currently acquire when deleting.
This adds that lock to prevent a potential race (this can't currently
happen because userspace is single threaded, as long as "ovs-dpctl
del-dp" is not used at the same time).
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Wed, 29 Dec 2010 21:08:15 +0000 (13:08 -0800)]
datapath: Merge do_destroy_dp into destroy_dp.
Both do_destroy_dp() and destroy_dp() are small functions and
only have a single caller. There's no good reason for them to
be separate so this merges them together. It also makes things
more logically consistent and easier to read in the next commit,
which adds additional locking as everything is in one place.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 30 Dec 2010 16:57:01 +0000 (08:57 -0800)]
ofproto: Increase max recursion level from 8 to 16.
Requested-by: Pankaj Thakkar <thakkar@nicira.com>
Ben Pfaff [Wed, 29 Dec 2010 18:09:51 +0000 (10:09 -0800)]
INSTALL.XenServer: Fix directory where RPMs end up.
We can be specific about i386 here since that's the only architecture that
XenServer supports.
Reported-by: Bryan Osoro <bosoro@nicira.com>
Jesse Gross [Fri, 24 Dec 2010 05:50:49 +0000 (21:50 -0800)]
datapath: Use local variable for freeing on flow put error.
If inserting a flow failed and we need to free the actions, we
currently directly free them from the flow struct. This is fine
but it makes sparse complain about directly accessing an RCU
protected field. We could insert some casts to avoid this but
it's cleaner to just free the data from the local variable
instead.
Found with sparse.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Fri, 24 Dec 2010 00:36:26 +0000 (16:36 -0800)]
datapath: Allocate vports in more RCU friendly manner.
In a few places, when creating a new vport we also need to allocate
some memory for configuration that can change. This data is protected
by RCU but we directly access the memory when initializing it. This
is fine, since the vport has not yet been published and we use the
apropriate memory barriers when doing so. However, it makes tools
like sparse unhappy and is also asymmetric since we use RCU to
dereference the pointers but not to assign them. This cleans that
up somewhat by initializing the memory first and then using RCU
to assign it, which makes everyone happy.
Found with sparse.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Fri, 24 Dec 2010 00:47:45 +0000 (16:47 -0800)]
datapath: Use RCU dereference in vport_get_ifindex().
If we don't have an ifindex for a device (because it is a virtual
port), we fall back to using the ifindex of the local port.
However, we weren't properly dereferencing the vport from the ports
array, so this adds that. This isn't a real problem though, because
the local port always exists and never changes as long as the
datapath exists.
Found with sparse.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Fri, 24 Dec 2010 00:44:22 +0000 (16:44 -0800)]
datapath: Add casts for direct freeing of RCU data.
There are a few places where we have two levels of RCU protected
data to allow the second level to change independently of the
first. Although the two pieces are independent, they have the
same users and lifetime of the first level always exceeds that
of the second level. This means that we can directly free the
second level when it is safe to free the first. This implies
that we directly access RCU-protected data, which is generally
not allowed. There are no locks to check, so none of the normal
RCU functions apply. Instead, this adds an explicit cast.
Found with sparse.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Sat, 25 Dec 2010 03:16:20 +0000 (19:16 -0800)]
tunnel: Drop spinlock around cache free.
We hold a spinlock when freeing the cache, since you're generally
supposed to do that when writing to RCU protected data. However,
there's really no point in doing that here because the port has
already been removed from both the transmit and receive side
data structures and we've waited for an RCU grace period. In
addition, we're about to free the port itself, which contains the
spinlock and will be in trouble if anyone else is trying to
access it. For clarity, drop the spinlock.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Fri, 24 Dec 2010 04:31:39 +0000 (20:31 -0800)]
datapath: Fix table sparse annotations.
Several of the pointers in table.c were missing the correct
__rcu annotation and the pointer type in the actual declaration
of struct tbl was incorrect, so this fixes that. It also adds
usage of rcu_dereference() to access an RCU protected pointer,
which is not strictly correct since an update side lock should
be held. However, since the table is used in different pieces
of code and therefore different locks are used it is difficult
to know which lock to check without threading the information
though, which is ugly. Since other places in table.c have this
same problem and this code should go away in the future it is
left as is.
Found with sparse.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Fri, 24 Dec 2010 01:56:29 +0000 (17:56 -0800)]
datapath: Don't directly access port array in query_port().
query_port() directly accesses the datapath port array, without
using any kind of RCU dereference. It's OK, since it is holding
DP mutex but this adds an explicit check to make sparse happy.
It also simplifies the code path somewhat.
Found with sparse.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Sat, 25 Dec 2010 03:53:26 +0000 (19:53 -0800)]
datapath: Add get_vport_protected().
In some places we access the array of datapath ports without
RCU protection. This introduces a new function to check that in
these case the dp mutex is held for protection.
Found with sparse.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Sat, 25 Dec 2010 03:44:34 +0000 (19:44 -0800)]
datapath: Use get_table_protected() in additional places.
There are several places where the flow table is accessed
without any kind of RCU protection. This is fine because dp
mutex is held so this adds checks for that condition.
Found with sparse.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Fri, 24 Dec 2010 00:28:23 +0000 (16:28 -0800)]
datapath: Add missing rtnl_dereference() calls.
There are a few additional places where RCU protected pointers
are directly dereferenced because they assume RTNL lock. These
were previously not reported due to some other sparse errors in
the Linux headers files. This adds the necessary rtnl_dereference()
calls to make sparse happy and allow lockdep to validate.
Found with sparse.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Wed, 29 Dec 2010 06:40:52 +0000 (22:40 -0800)]
dpif-netdev: Add missing 'const' qualifiers to function parameters.
These functions don't modify their flow key arguments but the prototypes
implied that they did.
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Tue, 28 Dec 2010 20:23:16 +0000 (12:23 -0800)]
datapath: Remove ODPP_NORMAL macro.
This macro hasn't ever been used.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Tue, 28 Dec 2010 21:28:31 +0000 (13:28 -0800)]
datapath: Fix 32-bit truncation of argument to ODPAT_OUTPUT_CONTROL.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Mon, 27 Dec 2010 20:46:48 +0000 (12:46 -0800)]
ovs-dpctl: Reimplement get_port_number() using dpif_port_query_by_name().
Presumably this function was written to iterate all of the ports because
at some point we didn't have a direct way to do this, but now
dpif_port_query_by_name() is the obvious way to do it.
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Mon, 27 Dec 2010 19:32:08 +0000 (11:32 -0800)]
ofproto: Use shash instead of svec for uniquifying, in reinit_ports().
No point in using an O(n log n) algorithm when an O(n) algorithm is
readily available.
(I'm sure that the actual performance difference, if any, does not matter
in practice.)
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Wed, 29 Dec 2010 06:23:43 +0000 (22:23 -0800)]
multipath: Zero padding bytes in fields before hashing.
Otherwise the hash includes 3 bytes of trailing indeterminate data.
Reported-by: Pankaj Thakkar <thakkar@nicira.com>
Justin Pettit [Tue, 28 Dec 2010 01:44:33 +0000 (17:44 -0800)]
vswitch: Provide option to pull cert from SSL table
Introduce "use_ssl_cert" option to "ipsec_gre" interface types, which
will pull certificate and private key options from the SSL table. In
the future, multiple SSL entries will be supported through the
configuration database, so use of this option is strongly discouraged as
this "feature" will be retired.
Justin Pettit [Wed, 22 Dec 2010 20:55:30 +0000 (12:55 -0800)]
debian: Require ipsec-tools version 0.8~alpha20101208.
There have been a number of important bug fixes since 0.8~alpha20090903,
so require at least the newer package.
Justin Pettit [Thu, 16 Dec 2010 07:44:41 +0000 (23:44 -0800)]
vswitch: Add support for IPsec certificate authentication.
Previously, it was possible to fake configuring the use of certificate
authentication for IPsec, but it really just used a static pre-shared key
behind the scenes. This commit publicly mentions certificate
authentication and finally does the real work behind the scenes.
Justin Pettit [Thu, 2 Dec 2010 02:03:44 +0000 (18:03 -0800)]
vswitch: Remove unnecessary iface_get_options function
Since GRE-over-IPsec is a proper tunnel type and no longer configured
through "other_config", we can remove this function that folded an
interface's "other_confg" into "options".
Justin Pettit [Thu, 2 Dec 2010 01:23:33 +0000 (17:23 -0800)]
vswitch: Use "ipsec_gre" vport instead of "gre" with "other_config"
Previously, a GRE-over-IPsec tunnel was created as an interface with a
"type" of "gre" and the "other_config" column with "ipsec_cert" or
"ipsec_psk" set. This could lead to a potential security problem if a user
intended to create a GRE-over-IPsec tunnel, but misconfigured the
"ipsec_*" config and created an unencrypted GRE tunnel.
This commit defines an "ipsec_gre" tunnel type, which should prevent
users from inadvertently establishing insecure tunnels.
Justin Pettit [Tue, 30 Nov 2010 02:55:54 +0000 (18:55 -0800)]
debian: Don't require ipsec_local_ip to configure IPsec
Commit
e97a103 (Open vSwitch: ovs-monitor-ipsec: Add ability to traverse
NATs) removed the requirement that the "ipsec_local_ip" key must be set
to use IPsec, but other code and documentation was not updated to
reflect this. This commit does that.
Justin Pettit [Sat, 18 Dec 2010 09:07:06 +0000 (01:07 -0800)]
ovs-dpctl: Print extended information about vports.
When "ovs-dpctl show" is run, return additional information about the
port. For example, tunnel ports will print the remote_ip, local_ip, and
in_key when defined.
Justin Pettit [Sat, 18 Dec 2010 09:04:37 +0000 (01:04 -0800)]
datapath: Return vport configuration when queried.
Additional configuration is passed down to the kernel in the "config"
array of an odp_port when a vport is created. This information is not
returned when a vport is queried, though. This information is useful
for debugging, since it may be used to distinguish ports based on
additional data, such as the peer in tunnels. In a forthcoming patch, it
will be essential to distinguish between plain GRE and GRE over IPsec.
Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Tue, 28 Dec 2010 18:03:44 +0000 (10:03 -0800)]
debian: Fix filename for ovs-vlan-test manpage.
This fixes the Debian package build.
Jesse Gross [Tue, 28 Dec 2010 05:19:35 +0000 (21:19 -0800)]
tunneling: Don't shadow vport when generating cache.
When generating the tunnel header cache we have two vports that we
are working with: the sender and destination. Unfortunately, both of
these use the name 'vport'. This renames the destination to avoid
shadowing the sender. This doesn't actually fix a bug because the
compiler correctly uses the right one, even when shadowed.
Found with sparse.
Reported-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Thu, 23 Dec 2010 22:21:01 +0000 (14:21 -0800)]
odp-util: Improve formatting of bad ODP actions.
nla_len is the size of a Netlink attribute including its header, but we
only want to print the attribute payload, so use nl_attr_get_size()
instead.
Also, make it clear that what follows the "bad action" information is a
dump of the action itself.
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Tue, 28 Dec 2010 00:20:11 +0000 (16:20 -0800)]
datapath: Clean up use of TBL_* constants.
A lot of the TBL_* constants were being used in conceptually wrong ways,
even though the code was correct because the actual values were correct.
(This is because TBL_L1_BITS, TBL_L2_BITS, and TBL_L1_SHIFT are all 10
and TBL_L1_SIZE and TBL_L2_SIZE are both 1024.)
Signed-off-by: Ben Pfaff <blp@nicira.com>
Reported-by: Jesse Gross <jesse@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Tue, 28 Dec 2010 00:06:08 +0000 (16:06 -0800)]
datapath: Clarify meaning of n_buckets argument to tbl_create().
The n_buckets argument to tbl_create() can be zero, but the comment didn't
mention that. However, there's no reason that the caller can't just pass
in a correct size, so this commit changes them to do that.
Also, TBL_L1_SIZE was conceptually wrong as the minimum size: the minimum
size is one L2 page, e.g. TBL_L2_SIZE. But TBL_MIN_BUCKETS seems like a
better all-around way to indicate the minimum size, so this commit also
introduces that macro and uses it.
Jesse Gross pointed out inconsistencies in this area.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Mon, 27 Dec 2010 23:28:58 +0000 (15:28 -0800)]
datapath: Do not shadow 'err' variable name in tnl_send().
The sparse checker reported that 'err' was used for two different variables
in tnl_send(). The two variables have different types, so this patch
renames the inner one.
Jesse confirmed that the original code was correct as written. This patch
does not change its behavior.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Mon, 27 Dec 2010 23:23:54 +0000 (15:23 -0800)]
datapath: Suppress sparse complaints about address spaces.
The sparse checker was complaining about incorrect address spaces (e.g.
__user versus non-__user pointers). I looked at each of them, checked
that the code looked correct to me, and added the appropriate __force
annotations to casts.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Mon, 27 Dec 2010 23:21:29 +0000 (15:21 -0800)]
datapath: Fix type of actions_len_left in modify_vlan_tci().
The sparse checker reported that the type of the pointer passed to
nla_next(), as &actions_len_left, was incorrect: whereas the parameter
has type "int *", &actions_len_left is an "unsigned int *". This fixes
the problem. It is not a bug fix since the code is equally correct (or
incorrect) either way, but it gets the types right anyhow.
I don't know why GCC was not reporting this as an error.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Mon, 27 Dec 2010 23:18:37 +0000 (15:18 -0800)]
datapath: Remove shadowed 'err' variable.
sparse reported that 'err' was declared in two different places in this
function. This patch removes the inner one. I verified that this didn't
affect correctness either way, so this is not a bug fix.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Mon, 27 Dec 2010 22:26:47 +0000 (14:26 -0800)]
Implement database schema versioning.
As the database schema evolves, it might be useful to have an identifier
for the particular version in use. This commit adds that feature.
Ben Pfaff [Mon, 27 Dec 2010 18:18:14 +0000 (10:18 -0800)]
vswitchd: Add OVS version to database, give system info its own columns.
Until now, nothing in the database has reported the Open vSwitch version
number. This commit adds that.
In addition, this commits moves the system type and version from
external-ids to individual columns, because we decided that these were
important enough not to relegate them to a grab-bag field.
Ben Pfaff [Thu, 23 Dec 2010 18:41:17 +0000 (10:41 -0800)]
ofp-util: Improve log messages for bad Nicira extension actions.
check_action_exact_len() will always report that a Nicira extension action
has type 65535 (OFPAT_VENDOR), which isn't very helpful for debugging.
This introduces a new function that reports the subtype.
Also, log the subtype of unknown Nicira vendor actions.
Ben Pfaff [Thu, 23 Dec 2010 18:36:55 +0000 (10:36 -0800)]
ofp-util: Upgrade log messages for controller bugs to warning level.
All of these messages indicate that there is a bug in the controller. We
want to know about that, so increase the log level from debug to warning.
Ben Pfaff [Thu, 23 Dec 2010 18:36:02 +0000 (10:36 -0800)]
ofp-util: Improve log message for bad OpenFlow action length.
First, this is an important message since it indicates a bug in the
controller, so log it at warning level instead of debug level--we want to
know about it.
Second, properly byteswap the action type.
Third, use the correct PRIu16 format specified for a uint16_t.
Ethan Jackson [Wed, 8 Dec 2010 02:49:28 +0000 (18:49 -0800)]
utilities: Implement ovs-vlan-test script
This patch implements a script which may be used to check for
connectivity issues caused by bugs in Linux drivers relating to
VLAN traffic.
Ben Pfaff [Thu, 23 Dec 2010 17:35:15 +0000 (09:35 -0800)]
datapath: Don't recursively sample packets or reset their "tun_id"s.
execute_actions() is called recursively when ODPAT_SET_DL_TCI adds a VLAN
header to a GSO packet, but we don't want to re-sample the sub-packet or
re-reset its tun_id, so break those two actions into a wrapper function.
This commit mostly moves code around without modifying it.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Thu, 16 Dec 2010 19:04:14 +0000 (11:04 -0800)]
backtrace: Only use __builtin_frame_address if GNU C is in use.
This eliminates one small GNU C dependency.
Ben Pfaff [Thu, 23 Dec 2010 17:36:19 +0000 (09:36 -0800)]
datapath: Correct argument size for ODP_FLOW_GET.
ODP_FLOW_GET takes an odp_flowvec, not an odp_flow.
(This would merely introduce a gratuitous ABI incompatibility for the sake
of pedantic correctness, except that we're breaking the ABI regularly
anyhow.)
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Wed, 22 Dec 2010 18:02:32 +0000 (10:02 -0800)]
INSTALL.Linux: Make pkg-config a requirement to build.
pkg-config is needed to detect the presence of libssl, so it is needed even
if the build system doesn't need to be rebuilt.
In theory we'd only need pkg-config if OpenSSL is to be used, but I don't
see much point in being that explicit.
Reported-by: Bryan Osoro <bosoro@nicira.com>
Ben Pfaff [Fri, 17 Dec 2010 22:58:52 +0000 (14:58 -0800)]
datapath: Avoid calling flow_hash() twice for the same key.
This is a small optimization for the case where a new flow is being added
to the flow table.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Ben Pfaff [Fri, 17 Dec 2010 00:00:02 +0000 (16:00 -0800)]
flow: Increase number of registers to 4.
Requested-by: Teemu Koponen <koponen@nicira.com>
Ben Pfaff [Fri, 17 Dec 2010 22:38:50 +0000 (14:38 -0800)]
Implement a new Nicira extension action for multipath link selection.
Ben Pfaff [Thu, 16 Dec 2010 21:57:21 +0000 (13:57 -0800)]
nx-match: Rename and export functions for parsing and formatting subfields.
These will be used from other source files in upcoming commits.
Ben Pfaff [Thu, 16 Dec 2010 19:12:03 +0000 (11:12 -0800)]
nx-match: Use [] in format_nxm_field_bits where possible.
This just makes formatting a bit more readable.
Ben Pfaff [Thu, 16 Dec 2010 21:57:08 +0000 (13:57 -0800)]
nx-match: Make nxm_field_bytes(), nxm_field_bits() public.
Ben Pfaff [Thu, 16 Dec 2010 21:56:47 +0000 (13:56 -0800)]
nx-match: New helper functions for working with ofs_nbits in NXM actions.
Ben Pfaff [Wed, 15 Dec 2010 20:11:26 +0000 (12:11 -0800)]
nicira-ext: Convert all "uintNN_t"s to "ovs_beNN"s.
Ben Pfaff [Thu, 16 Dec 2010 21:53:29 +0000 (13:53 -0800)]
hash: Make functions for hashing a few words easier to use.
It's easier for the client to pass in data directly than it is for the
client to stuff it into an array.
These functions will have new users in upcoming commits.
Jesse Gross [Thu, 16 Dec 2010 22:27:47 +0000 (14:27 -0800)]
odp-util: Correct length check in format_odp_action().
When printing the action list we first check that the size of the
action matches the expected length for that type. However, when
doing the lookup we were passing in the length of the action, not
the type, leading to bogus values.
Jesse Gross [Thu, 16 Dec 2010 00:50:40 +0000 (16:50 -0800)]
datapath: Harmonize [get|set]_skb_csum_pointers().
The functions to get and set the checksum pointers consistently across
different kernel versions had different interpretations of what the
csum_offset pointer was relative to, which is confusing, to say the least.
This makes the meaning be the same as skb->csum_offset in modern kernels
and updates the caller. For a given function the results were consistent
across kernel versions and the callers knew what the meaning should be, so
this doesn't actually fix any bugs.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Wed, 15 Dec 2010 23:38:06 +0000 (15:38 -0800)]
tunneling: Refresh IP header pointer after update_header().
We were assuming that the call to update_header() to finalize tunnel
headers wouldn't cause the skb linear data area to be reallocated.
So far this hasn't been a problem but it's not, generally speaking,
a good assumption to make. Therefore, refetch the pointer to the IP
header instead of carrying it across the call.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Tue, 14 Dec 2010 00:27:20 +0000 (16:27 -0800)]
ofp-print: Improve formatting for bad OpenFlow messages.
Ben Pfaff [Tue, 14 Dec 2010 19:36:04 +0000 (11:36 -0800)]
ofp-print: Always print priority exactly once.
Reported-by: Paul Ingram <paul@nicira.com>
Ben Pfaff [Tue, 14 Dec 2010 00:18:58 +0000 (16:18 -0800)]
classifier: Insert commas after fields that lacked them in cls_rule_format().
Ben Pfaff [Fri, 10 Dec 2010 17:20:49 +0000 (09:20 -0800)]
classifier: Use OFP_DEFAULT_PRIORITY instead of literal 32768.
Ben Pfaff [Tue, 14 Dec 2010 00:20:24 +0000 (16:20 -0800)]
ofp-util: Improve error log messages.
Ben Pfaff [Tue, 14 Dec 2010 00:20:06 +0000 (16:20 -0800)]
ofp-util: Use proper format specifier for uint32_t in ofputil_lookup_openflow_message().
Ben Pfaff [Tue, 14 Dec 2010 00:25:53 +0000 (16:25 -0800)]
ofproto: Always use xid 0 for *_FLOW_REMOVED messages.
Asynchronous messages are never part of a request/reply pair so it doesn't
make sense to allocate a xid, which could confuse the controller anyhow.
Ben Pfaff [Tue, 14 Dec 2010 00:21:43 +0000 (16:21 -0800)]
ofproto: Fix encoding of NXST_* replies.
This only matter for NXST_AGGREGATE currently since NXST_FLOW has value 0.
Ben Pfaff [Tue, 14 Dec 2010 00:20:54 +0000 (16:20 -0800)]
ofp-util: Fix encoding of NXST_AGGREGATE requests.
They were being sent out as NXST_FLOW requests.
Ben Pfaff [Wed, 15 Dec 2010 17:48:16 +0000 (09:48 -0800)]
ofproto: Fix write-after-free error in compose_nx_flow_removed().
Jesse Gross [Mon, 13 Dec 2010 23:21:28 +0000 (15:21 -0800)]
datapath: Correctly return error if percpu allocation fails.
If the allocation of percpu stats fails when creating a new
datapath, we currently don't return the correct error code. Since
we don't explicitly set it when the allocation fails it will keep
the value from the previous call. This means we will return success
when the creation actually failed.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Ben Pfaff [Mon, 13 Dec 2010 22:32:55 +0000 (14:32 -0800)]
Makefile: Check for undistributed files on every make, not just "make dist".
It's really easy to add files to the Git repository but forget to add them
to the distributions created by "make dist". I do this regularly, for
example. For some time, we've had a check that runs on "make dist" to
make sure that the distribution is complete, but I still screw up because
I don't run "make dist" all that often.
This commit improves the situation, by doing the check on every "make",
instead of just on "make dist".
Ben Pfaff [Mon, 13 Dec 2010 21:08:31 +0000 (13:08 -0800)]
ovs-vswitchd: Release most memory on normal exit.
This makes "valgrind --leak-check=full --show-reachable=yes" output much
easier to read.
Ben Pfaff [Mon, 13 Dec 2010 21:07:48 +0000 (13:07 -0800)]
netdev-linux: Fix pairing of rtnetlink register and unregister calls.
netdev_linux_create() called rtnetlink_notifier_register() for both system
and internal devices, but netdev_linux_destroy() only did the reverse
accounting for system devices. This fixes the pairing.
This isn't really much of a bug, since it would only cause the notifier to
be active unnecessarily (not to be removed even though it was needed). At
most it was a missed opportunity for optimization, but I don't think that
optimization would ever happen anyway.
Found with valgrind --leak-check=full --show-reachable=yes.
Ben Pfaff [Mon, 13 Dec 2010 20:20:12 +0000 (12:20 -0800)]
vswitchd: Delete DP_MAX_PORTS.
This is no longer used.
Ben Pfaff [Mon, 13 Dec 2010 22:28:53 +0000 (14:28 -0800)]
vswitchd: Fix dependency on DP_MAX_PORTS for allocating "struct dst"s.
Until now, compose_actions() has allocated enough "struct dst"s on the
stack for a worst-case flow, one that floods packets with the maximum
number of ports and mirrors. When the code was written this was correct.
However, now the number of ports is no longer known at compile time. The
maximum number, 65535, would require (65536 * (32 + 1) * 4) == 8 MB of
stack space, which is a lot. So this commit fixes the problem a different
way, by allocating the "struct dst"s dynamically when necessary.
This is a bug fix, but not a very serious one, because it could only
become a buffer overflow with a large number of mirrors.
Ben Pfaff [Mon, 13 Dec 2010 19:12:37 +0000 (11:12 -0800)]
bridge: Eliminate bond_rebalance_port() dependency on DP_MAX_PORTS.
There's no reason to allocate the bals[] array on the stack here, since
this is not on any fast-path.
As an alternative, we could limit the number of interfaces on a single
bond to some reasonable maximum, such as 8 or 32, but this commit's change
is simpler.
Ben Pfaff [Mon, 13 Dec 2010 20:25:01 +0000 (12:25 -0800)]
ofproto: Fix use-after-free error in facet_revalidate().
Found by valgrind.
Jesse Gross [Wed, 8 Dec 2010 19:36:57 +0000 (11:36 -0800)]
datapath: Validate lock when handling flow actions.
When reading actions without rcu_read_lock we need to hold the
datapath lock. This checks that using lockdep.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Wed, 8 Dec 2010 19:32:05 +0000 (11:32 -0800)]
datapath: Check locks on access to flow table.
When accessing the flow table without holding rcu_read_lcok
we need to hold the lock on the datapath. This enables lockdep
to validate that that is the case.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Wed, 8 Dec 2010 19:07:56 +0000 (11:07 -0800)]
datapath: Validate access to DP array.
When access the array of DPs, we need to hold either rcu_read_lock
or dp_mutex. This enables lockdep to validate those conditions.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Sun, 5 Dec 2010 20:36:36 +0000 (12:36 -0800)]
tunneling: Add checks for header cache lock.
When updating the tunnel header cache, we need to hold a lock to
protect against concurrent access. This adds annotations to
make sparse happy when we access the data without rcu_read_lock
and enables lockdep to verify that we have the correct lock.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Mon, 6 Dec 2010 23:15:47 +0000 (15:15 -0800)]
datapath: Convert rcu_dereference() to correct variant.
Using rcu_dereference() makes lockdep complain if rcu_read_lock
is not held. This is OK if the update side lock is held. This
adds checks to see if RTNL lock is held, if that is also a
correct form of protection. Alternately, it enforces that RTNL
must be held.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Sun, 5 Dec 2010 19:22:04 +0000 (11:22 -0800)]
datapath: Don't directly access RCU protected pointers.
If RTNL lock is used to protected updates to RCU data structures
then it isn't necessary to use rcu_dereference() to access them if
RTNL is held. This adds rtnl_dereference() to access these pointers
which has several benefits: documents the locking expectations;
checks that RTNL actually is held when run with lockdep; makes
sparse not complain about directly accessing RCU pointers.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Sat, 4 Dec 2010 20:04:39 +0000 (12:04 -0800)]
datapath: Correct byte order annotations.
We have generally been using the byte order specific data types
(i.e. __be32 instead of u32) in most places. This corrects a
declaration and adds a few needed casts.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Jesse Gross [Sat, 4 Dec 2010 19:50:53 +0000 (11:50 -0800)]
datapath: Add usage of __rcu annotation.
Sparse can warn about incorrect usage of RCU via direct access to
points when used in conjuction with __rcu and CONFIG_SPARSE_RCU.
This adds the necessary annotations.
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>