openvswitch
13 years agovswitchd: New column "link_resets".
Ethan Jackson [Fri, 14 Oct 2011 19:49:57 +0000 (12:49 -0700)]
vswitchd: New column "link_resets".

An interface's 'link_resets' column represents the number of times
Open vSwitch has observed its link_state change.

13 years agonetdev-linux: Maintain carrier flag constantly.
Ethan Jackson [Sat, 15 Oct 2011 01:13:04 +0000 (18:13 -0700)]
netdev-linux: Maintain carrier flag constantly.

Before this patch, the carrier of a linux device was only updated
if requested by a caller.  This patch updates it whenever it
changes.

13 years agovswitchd: Update link_state instantly.
Ethan Jackson [Sat, 15 Oct 2011 00:29:35 +0000 (17:29 -0700)]
vswitchd: Update link_state instantly.

With this patch, instead of updating an interface's link_state once
every 5 seconds, it's updated immediately when changed.  To avoid
stressing the database, these updates are rate limited to once per
second.

13 years agovswitchd: Cleanup rate limited DB writes.
Ethan Jackson [Sat, 15 Oct 2011 00:20:25 +0000 (17:20 -0700)]
vswitchd: Cleanup rate limited DB writes.

The code to write the 'lacp_current' flag to the database was
unnecessarily complicated.  Future patches will directly benefit
from this refactoring.

13 years agovswitchd: Remove iface_get_carrier().
Ethan Jackson [Fri, 14 Oct 2011 22:17:19 +0000 (15:17 -0700)]
vswitchd: Remove iface_get_carrier().

It has only one caller, and doesn't improve the code's readability.

13 years agortnetlink-link: Expose carrier changes.
Ethan Jackson [Fri, 14 Oct 2011 22:39:49 +0000 (15:39 -0700)]
rtnetlink-link: Expose carrier changes.

This will be used in a future commit.

13 years agobond: Demote active-backup WARN to DBG.
Ben Pfaff [Mon, 17 Oct 2011 19:22:34 +0000 (12:22 -0700)]
bond: Demote active-backup WARN to DBG.

This log message comes up for packets that are flooded through the network.
If the upstream switch doesn't realize that an active-backup bond is in
use, and there is significant packet flooding in the network, then we will
get a lot of these messages.

(This message doesn't get logged for multicast or broadcast packets since
they get dropped earlier in the function.)

Reported-by: Eivind Bulie Haanaes
Bug-report: http://forums.citrix.com/thread.jspa?messageID=1589125
CC: Paul Fazzone <pfazzone@nicira.com>
13 years agobridge: Forbid '/' in bridge names to prevent arbitrary directory access.
Ben Pfaff [Fri, 14 Oct 2011 17:17:41 +0000 (10:17 -0700)]
bridge: Forbid '/' in bridge names to prevent arbitrary directory access.

13 years agodatapath: Simplify tnl_find_port().
Ben Pfaff [Fri, 14 Oct 2011 22:33:49 +0000 (15:33 -0700)]
datapath: Simplify tnl_find_port().

It's only called when we want a best-match now, so there's no need to pass
in any flags that indicate the desired type of match.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
13 years agodatapath: Avoid confusing tunnels that have different types.
Ben Pfaff [Fri, 14 Oct 2011 21:33:11 +0000 (14:33 -0700)]
datapath: Avoid confusing tunnels that have different types.

Without this change, the following commands succeed:
    # ovs-dpctl add-if br1 gre1,type=gre,remote_ip=1.2.3.4,local_ip=2.3.4.5
    # ovs-dpctl add-if br1 gre0,type=gre,remote_ip=1.2.3.4
but if they are run in the opposite order, they fail with:
    ovs-dpctl: adding gre1 to br1 failed (File exists)

This fixes the problem.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
13 years agodatapath: Factor out repeated tnl_vport_to_vport() calls.
Ben Pfaff [Fri, 14 Oct 2011 21:28:49 +0000 (14:28 -0700)]
datapath: Factor out repeated tnl_vport_to_vport() calls.

This is a code cleanup only.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
13 years agoofproto-dpif: Batch interacting with the dpif on flow miss operations.
Ben Pfaff [Fri, 14 Oct 2011 20:55:32 +0000 (13:55 -0700)]
ofproto-dpif: Batch interacting with the dpif on flow miss operations.

This improves "ovs-benchmark rate" performance in my testing by about 24%.

A quick experiment shows that there may still be some headroom for batching
flow deletions on facet expiration, up to perhaps 10% additional
improvement.

13 years agoofproto-dpif: Separate facet creation and action translation.
Ben Pfaff [Tue, 27 Sep 2011 22:58:53 +0000 (15:58 -0700)]
ofproto-dpif: Separate facet creation and action translation.

This will allow for some optimization in an upcoming commit.

13 years agoofproto-dpif: Factor controller optimization out of execute_odp_actions().
Ben Pfaff [Tue, 27 Sep 2011 22:34:39 +0000 (15:34 -0700)]
ofproto-dpif: Factor controller optimization out of execute_odp_actions().

An upcoming commit will use this code separately from
execute_odp_actions(), so this prepares for that.

13 years agoofproto-dpif: Break send_packet_in() into two separate functions.
Ben Pfaff [Tue, 27 Sep 2011 22:22:22 +0000 (15:22 -0700)]
ofproto-dpif: Break send_packet_in() into two separate functions.

It's been more or less convenient to pass a dpif_upcall to send_packet_in()
in the past, because most callers had one handy.  But an upcoming commit
won't have such easy access, so this commit breaks send_packet_in() into
two functions for the different types of packets to send to the controller,
each of which takes appropriate parameters instead of dpif_upcall.

13 years agodpif: New function dpif_operate() and dpif-linux implementation.
Ben Pfaff [Tue, 27 Sep 2011 22:08:50 +0000 (15:08 -0700)]
dpif: New function dpif_operate() and dpif-linux implementation.

This will be used in an upcoming commit.

13 years agonetlink-socket: New function nl_sock_transact_multiple().
Ben Pfaff [Fri, 14 Oct 2011 20:55:00 +0000 (13:55 -0700)]
netlink-socket: New function nl_sock_transact_multiple().

This will be used in an upcoming commit.

13 years agosocket-util: New function get_socket_rcvbuf().
Ben Pfaff [Fri, 14 Oct 2011 20:30:29 +0000 (13:30 -0700)]
socket-util: New function get_socket_rcvbuf().

This will be used in an upcoming commit.

13 years agodpif-linux: Only ask datapath to echo back results when they will be used.
Ben Pfaff [Tue, 27 Sep 2011 23:07:23 +0000 (16:07 -0700)]
dpif-linux: Only ask datapath to echo back results when they will be used.

A fair number of datapath flow operations optionally report back results
to the requester based on whether NLM_F_ECHO is set in the request.  When
userspace isn't going to use those results anyway, it wastes memory to
store them and a system call to retrieve them.

This commit omits the NLM_F_ECHO bit in cases where the caller isn't going
to use the results.

(NLM_F_ECHO has no effect on operations whose entire purpose is to retrieve
data, e.g. "get" and "dump" operations, so we need not bother to set it
for those.)

This improves "ovs-benchmark rate" results in my testing by about 4%.

13 years agoofproto-dpif: Move DHCP in-band control special case into xlate_actions().
Ben Pfaff [Tue, 27 Sep 2011 22:19:30 +0000 (15:19 -0700)]
ofproto-dpif: Move DHCP in-band control special case into xlate_actions().

This eliminates an extra round trip to the kernel for this special case
and keeps all the flow translation logic in one place.

13 years agonetlink: New macros for the sizes of Netlink attributes.
Ben Pfaff [Mon, 26 Sep 2011 19:59:23 +0000 (12:59 -0700)]
netlink: New macros for the sizes of Netlink attributes.

I was feeling tempted in some code to just guess "hey, 32 bytes ought to
be big enough" and so on, but really it seems better to just have a
convenient way to measure.

13 years agonetlink: New functions for putting attributes at the beginning of a buffer.
Ben Pfaff [Mon, 26 Sep 2011 19:57:41 +0000 (12:57 -0700)]
netlink: New functions for putting attributes at the beginning of a buffer.

These are really just copies of the corresponding "put" functions.  An
upcoming commit will introduce a user of nl_msg_push_u32().  I thought I
might as well create all of these while I was at it.

13 years agoofproto-dpif: Revalidate tagged packets, too, in facet_lookup_valid().
Ben Pfaff [Tue, 27 Sep 2011 22:32:18 +0000 (15:32 -0700)]
ofproto-dpif: Revalidate tagged packets, too, in facet_lookup_valid().

I don't see a reason that we should only revalidate facets if we're
revalidating every facet.

13 years agoofproto-dpif: Properly re-translate uninstallable facets in rule_execute().
Ben Pfaff [Tue, 27 Sep 2011 23:24:15 +0000 (16:24 -0700)]
ofproto-dpif: Properly re-translate uninstallable facets in rule_execute().

If the facet is not installable then every packet requires separate
translation, but the existing code didn't do that.

13 years agodpif-linux: Fix build with certain 64-bit kernel/userspace combinations.
Ben Pfaff [Fri, 14 Oct 2011 16:39:48 +0000 (09:39 -0700)]
dpif-linux: Fix build with certain 64-bit kernel/userspace combinations.

Unix 64-bit ABIs have two 64-bit types: "long" and "long long".  Either of
these is a reasonable choice for uint64_t (the userspace type) and for
__u64 (the kernel type).  Unfortunately, kernel and userspace don't
necessarily agree on the choice, and in fact the choice varies across
kernel versions and architectures.

Now that OVS is actually using kernel types in its kernel header, this
can make a difference: when __u64 and uint64_t differ, passing a pointer
to __u64 to OVS function get_unaligned_u64() yields a compiler warning
or error.

This commit fixes up the problems of this type found in OVS, by making
get_unaligned_u64() accept all 64-bit unsigned integer types, not just
whichever one happens to be uint64_t.  I didn't do the same thing for
put_unaligned_u64() because it is less likely to be a problem in
practice: usually, when userspace writes to kernel data structures it
does so with copies that it knows to be aligned, so that it's not
necessary to use put_unaligned_u64().

This problem won't occur for uint8_t, uint16_t, or uint32_t, since there is
only one reasonable choice of type for each.  It won't occur for ovs_be<N>
because OVS always defines those as aliases for the kernel's __be<N> types
when those are available.

This compiled cleanly for me in Scientific Linux 6.0 x86-64.

Reported-by: Pravin Shelar <pshelar@nicira.com>
13 years agoFix broken build in XenServer DDK 5.6.100-39265p.
Ben Pfaff [Thu, 13 Oct 2011 21:38:13 +0000 (14:38 -0700)]
Fix broken build in XenServer DDK 5.6.100-39265p.

Avoids errors like the following:

In file included from ./include/openvswitch/types.h:21,
                 from ./lib/vconn.h:21,
                 from tests/test-vconn.c:18:
/usr/include/sys/types.h:52: error: conflicting types for 'ino_t'
/usr/include/linux/types.h:14: error: previous declaration of 'ino_t' was here
/usr/include/sys/types.h:62: error: conflicting types for 'dev_t'
/usr/include/linux/types.h:13: error: previous declaration of 'dev_t' was here
/usr/include/sys/types.h:67: error: conflicting types for 'gid_t'
/usr/include/linux/types.h:27: error: previous declaration of 'gid_t' was here
/usr/include/sys/types.h:72: error: conflicting types for 'mode_t'
/usr/include/linux/types.h:15: error: previous declaration of 'mode_t' was here
/usr/include/sys/types.h:77: error: conflicting types for 'nlink_t'
/usr/include/linux/types.h:16: error: previous declaration of 'nlink_t' was here
/usr/include/sys/types.h:82: error: conflicting types for 'uid_t'
/usr/include/linux/types.h:26: error: previous declaration of 'uid_t' was here
/usr/include/sys/types.h:90: error: conflicting types for 'off_t'
/usr/include/linux/types.h:17: error: previous declaration of 'off_t' was here

13 years agoofproto-dpif: Avoid bad pointer dereference in execute_odp_actions().
Ben Pfaff [Thu, 13 Oct 2011 17:16:59 +0000 (10:16 -0700)]
ofproto-dpif: Avoid bad pointer dereference in execute_odp_actions().

execute_odp_actions() can be passed a zero-length set of actions, in which
case it may not dereference its 'odp_actions' parameter at all, but in fact
it did do so.  In at least one corner case, odp_actions can be NULL, so
that this caused a segfault.

Introduced in commit 98403001ec "datapath: Move Netlink PID for userspace
actions from flows to actions."

Reported-by: Pravin Shelar <pshelar@nicira.com>
13 years agodatapath-protocol: Rename to <linux/openvswitch.h>.
Ben Pfaff [Wed, 5 Oct 2011 17:50:58 +0000 (10:50 -0700)]
datapath-protocol: Rename to <linux/openvswitch.h>.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Bug #7559.

13 years agodatapath-protocol: Use Linux kernel types directly.
Ben Pfaff [Wed, 5 Oct 2011 17:42:34 +0000 (10:42 -0700)]
datapath-protocol: Use Linux kernel types directly.

We want datapath-protocol.h to be acceptable as a Linux kernel header, so
it must use Linux kernel types and must not have references to Open vSwitch
symbols or header files.  This commit primarily makes that change to
datapath-protocol.h.

At the same time, at least for now we also want datapath-protocol.h to be
usable on non-Linux platforms, so we need some kind of compatiblity.  Thus,
this commit also introduces a <linux/types.h> header file that defines the
necessary Linux kernel types on non-Linux platforms.

In turn, this requires openvswitch/types.h to use the Linux types directly
for ovs_be<N>; otherwise, sparse complains because now __be<N> and
ovs_be<N> are incompatible from its perspective, so this commit makes that
change too.

I don't have a non-Linux kernel platform readily available, so I only
tested the non-Linux part of the linux/types.h substitute by forcing that
case to be triggered with #if 0.  It worked, except for errors in actual
Linux kernel headers included explicitly from OVS source files, so I think
it's likely to work in practice.

Bug #7559.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
13 years agodatapath-protocol: Rename enums for consistency.
Ben Pfaff [Wed, 5 Oct 2011 16:59:51 +0000 (09:59 -0700)]
datapath-protocol: Rename enums for consistency.

Most of the enum tags in this file are lowercased versions of the uppercase
enum prefixes (or slightly less abbreviated versions, e.g. "dp" becomes
"datapath").  This commit fixes up the others for consistency.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
13 years agodatapath-protocol: Remove socket header #include.
Ben Pfaff [Wed, 5 Oct 2011 15:34:17 +0000 (08:34 -0700)]
datapath-protocol: Remove socket header #include.

It's not needed.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Bug #7559.

13 years agodatapath-protocol: Remove #include <linux/netlink.h>.
Ben Pfaff [Tue, 4 Oct 2011 22:30:40 +0000 (15:30 -0700)]
datapath-protocol: Remove #include <linux/netlink.h>.

Bug #7559.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
13 years agodatapath: Require explicit upcall_pid for new datapaths and vports.
Ben Pfaff [Wed, 12 Oct 2011 18:04:10 +0000 (11:04 -0700)]
datapath: Require explicit upcall_pid for new datapaths and vports.

This increases consistency with the OVS_ACTION_ATTR_USERSPACE action, which
also requires an explicit pid.

Suggested-by: Jesse Gross <jesse@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
13 years agodatapath: Move Netlink PID for userspace actions from flows to actions.
Ben Pfaff [Wed, 12 Oct 2011 23:24:54 +0000 (16:24 -0700)]
datapath: Move Netlink PID for userspace actions from flows to actions.

Commit b063d9f06 "datapath: Use unicast Netlink sockets for upcalls" that
switched from multicast to unicast Netlink for sending upcalls added a
Netlink PID to each kernel flow, used by OVS_ACTION_ATTR_USERSPACE actions
within the flow as target.

This commit drops this per-flow PID in favor of a per-action PID, because
that is more flexible.  It does not yet make use of this additional
flexibility, so behavior should not change.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Bug #7559.

13 years agodpif-linux: Avoid unaligned accesses to vport stats sent by the datapath.
Ben Pfaff [Tue, 11 Oct 2011 19:24:41 +0000 (12:24 -0700)]
dpif-linux: Avoid unaligned accesses to vport stats sent by the datapath.

Reported-by: Jesse Gross <jesse@nicira.com>
13 years agodpif-linux: Use get_32aligned_u64() in an appropriate place.
Ben Pfaff [Tue, 4 Oct 2011 22:25:14 +0000 (15:25 -0700)]
dpif-linux: Use get_32aligned_u64() in an appropriate place.

13 years agovswitch.xml: Correct CAPWAP minimum Linux kernel version.
Ben Pfaff [Wed, 12 Oct 2011 20:20:31 +0000 (13:20 -0700)]
vswitch.xml: Correct CAPWAP minimum Linux kernel version.

13 years agoovs-vsctl: Update man page description of controller support.
Justin Pettit [Wed, 12 Oct 2011 18:09:47 +0000 (11:09 -0700)]
ovs-vsctl: Update man page description of controller support.

ovs-vswitchd supports passive OpenFlow connections, but that was not
indicated in the documentation.  Add that information as well as a
description of Primary (active) and Service (passive) control
connections.

13 years agoovs-vsctl: Print warning for invalid controller and manager targets.
Justin Pettit [Wed, 12 Oct 2011 07:03:10 +0000 (00:03 -0700)]
ovs-vsctl: Print warning for invalid controller and manager targets.

13 years agoovs.db.types: Consistently use commas in formatting large numbers.
Ben Pfaff [Wed, 12 Oct 2011 17:20:37 +0000 (10:20 -0700)]
ovs.db.types: Consistently use commas in formatting large numbers.

Suggested-by: Justin Pettit <jpettit@nicira.com>
13 years agovswitchd: Document constraints on keys.
Ben Pfaff [Tue, 4 Oct 2011 17:31:59 +0000 (10:31 -0700)]
vswitchd: Document constraints on keys.

Suggested-by: Justin Pettit <jpettit@nicira.com>
13 years agometa-flow: Fix mf_get_value() retrieval of register values.
Ben Pfaff [Tue, 11 Oct 2011 13:58:49 +0000 (06:58 -0700)]
meta-flow: Fix mf_get_value() retrieval of register values.

13 years agocfm: New 'cfm_opstate' setting.
Ethan Jackson [Fri, 7 Oct 2011 05:43:05 +0000 (22:43 -0700)]
cfm: New 'cfm_opstate' setting.

In some cases, a controller may want to take an interface down for
forwarding purposes, but avoid completely deconfiguring CFM and
thus lose all connectivity monitoring.  The new 'cfm_opstate'
setting is a way to achieve this behavior.

13 years agocfm: Show extended mode in cfm/show appctl command.
Ethan Jackson [Sun, 9 Oct 2011 22:03:53 +0000 (15:03 -0700)]
cfm: Show extended mode in cfm/show appctl command.

13 years agovswitch.xml: Annotate 'false' keyword in CFM documentation.
Ethan Jackson [Sun, 9 Oct 2011 21:35:47 +0000 (14:35 -0700)]
vswitch.xml: Annotate 'false' keyword in CFM documentation.

13 years agodpif-netdev: Implement OVS_ACTION_ATTR_SAMPLE action.
Ben Pfaff [Tue, 11 Oct 2011 18:07:14 +0000 (11:07 -0700)]
dpif-netdev: Implement OVS_ACTION_ATTR_SAMPLE action.

OVS_ACTION_ATTR_SAMPLE has never been implemented in dpif-netdev.  This
commit implements it and adds a cast to enum ovs_action_type in the switch
statement that checks the action type, so that GCC complains if we forget
to add a case for a new action type.

I had to assign the return value of nl_attr_type() to a temporary variable,
because "switch ((enum ovs_action_type) nl_attr_type(a))" provoked a GCC
warning that I've never seen before:

../lib/dpif-netdev.c:1260: warning: cast from function call of type 'int'
     to non-matching type 'enum ovs_action_type'

13 years agodpif-netdev: Simplify code by removing dpif_netdev_validate_actions().
Ben Pfaff [Wed, 5 Oct 2011 16:04:50 +0000 (09:04 -0700)]
dpif-netdev: Simplify code by removing dpif_netdev_validate_actions().

dpif_netdev_validate_actions() existed for three reasons.  First, it checked
that the actions were well-formed and valid.  This isn't really necessary,
because the actions are built internally by ofproto-dpif and will always be
well-formed.  (If not, that's a bug in ofproto-dpif.)  Second, it checks
whether the actions will modify (mutate) the data in the packet and reports
that to the caller, which can use it to optimize what it does.  However,
the only caller that used this was dpif_netdev_execute(), which is not a
fast-path (if dpif-netdev can be said to have a fast path at all).

Third, dpif_netdev_validate_actions() rejects certain actions that
dpif-netdev does not implement: OVS_ACTION_ATTR_SET_TUNNEL,
OVS_ACTION_ATTR_SET_PRIORITY, and OVS_ACTION_ATTR_POP_PRIORITY.  However,
this doesn't really seem necessary to me.  First, dpif-netdev can't support
tunnels in any case, so OVS_ACTION_ATTR_SET_TUNNEL shouldn't come up.
Second, the priority actions just aren't important enough to worry about;
they only affect QoS, which isn't really important with dpif-netdev since
it's going to be slow anyway.

So this commit just drops dpif_netdev_validate_actions() entirely.

13 years agonetlink: New macros NL_NESTED_FOR_EACH, NL_NESTED_FOR_EACH_UNSAFE.
Ben Pfaff [Wed, 5 Oct 2011 16:36:11 +0000 (09:36 -0700)]
netlink: New macros NL_NESTED_FOR_EACH, NL_NESTED_FOR_EACH_UNSAFE.

Upcoming commits will introduce more users.

13 years agoopenflow: Delete icmp_type and icmp_code macros.
Ben Pfaff [Wed, 5 Oct 2011 18:06:12 +0000 (11:06 -0700)]
openflow: Delete icmp_type and icmp_code macros.

These macros caused trouble if datapath-protocol.h was included before
openflow.h.  Later references to the icmp_type and icmp_code members of
struct ovs_key_icmp caused compiler errors, because the macros caused them
to try to refer to nonexistent tp_src and tp_dst members in those
structures.

13 years agoovs-bugtool: Add -s to "ovs-dpctl show" command, to show vport statistics.
Ben Pfaff [Mon, 10 Oct 2011 17:29:49 +0000 (10:29 -0700)]
ovs-bugtool: Add -s to "ovs-dpctl show" command, to show vport statistics.

It would be nice to include this in xen-bugtool output too but that would
require Citrix to patch xen-bugtool directly.

Bug #7628.
Reported-by: Ethan Jackson <ethan@nicira.com>
13 years agocfm: Send properly formatted CCMs.
Ben Pfaff [Fri, 7 Oct 2011 22:43:43 +0000 (15:43 -0700)]
cfm: Send properly formatted CCMs.

Wireshark complained that Open vSwitch-generated CFM messages were
malformed.  Upon looking at the standard, I spotted that Open vSwitch
failed to include the final, required "End TLV" byte with value 0.

This commit adds the End TLV byte to generated CCMs but still accepts
the truncated messages for backward compatibility.

13 years agodpif-linux: Don't reset kernel upcall_pids unintentionally.
Ben Pfaff [Fri, 7 Oct 2011 23:41:36 +0000 (16:41 -0700)]
dpif-linux: Don't reset kernel upcall_pids unintentionally.

Commit b063d9f0 "datapath: Use unicast Netlink sockets for upcalls" that
introduced an 'upcall_pid' member into struct dpif_linux_vport, struct
dpif_linux_dp, and struct dpif_linux_flow neglected to do so only if the
member was nonzero.  This caused every datapath, vport, and flow operation
to supply an upcall_pid.  In particular, the netdev_set_config() called at
startup when a vport already existed caused the upcall_pid for that vport
to be reset to 0, which in turn caused all packets received on the vport to
be dropped instead of forwarded to ovs-vswitchd.

Reported-by: Shih-Hao Li <shli@nicira.com>
Bug #7714.

13 years agovswitch.ovsschema: Mark more CFM columns ephemeral.
Ben Pfaff [Thu, 6 Oct 2011 18:36:05 +0000 (11:36 -0700)]
vswitch.ovsschema: Mark more CFM columns ephemeral.

I spotted these being logged to the database.  That doesn't match up with
our usual model, so mark them ephemeral.

13 years agodatapath: Remove RT kernel support.
Pravin B Shelar [Fri, 7 Oct 2011 04:52:39 +0000 (21:52 -0700)]
datapath: Remove RT kernel support.

Following patch removes RT kernel support. This allows us to cleanup
the loop detection.
Along with this BH is now disabled while running execute_actions()
for packet from user-space.
As a result we can simplify the stats code as entire send and receive
path runs in BH context on all supported platforms.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Bug #7621

13 years agodatapath: Fix recv path for CONFIG_PREEMPT_RCU.
Pravin B Shelar [Fri, 7 Oct 2011 02:45:09 +0000 (19:45 -0700)]
datapath: Fix recv path for CONFIG_PREEMPT_RCU.

        In case CONFIG_PREEMPT_RCU, rcu grace period waits only for RCU
read-side critical sections that are delimited by rcu_read_lock() and
rcu_read_unlock(). internal_dev_xmit() is called in
rcu_read_lock_bh context. Therefore we need to explicitly take rcu
lock to prevent race with call_rcu() in PREEMPT_RCU case.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
13 years agoovs-monitor-ipsec: Fix use_ssl_cert option implementation.
Ben Pfaff [Thu, 6 Oct 2011 21:54:30 +0000 (14:54 -0700)]
ovs-monitor-ipsec: Fix use_ssl_cert option implementation.

I skipped writing a unit test for this feature on the first go-around, and
of course that meant it didn't work.

Bug #7693.
Reported-by: Michael Hu <mhu@nicira.com>
13 years agodatapath: Strip down vport interface - ifIndex.
Pravin B Shelar [Thu, 6 Oct 2011 02:06:29 +0000 (19:06 -0700)]
datapath: Strip down vport interface - ifIndex.

        Following patch removes ifIndex attribute of vport which is not
used in userspace.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Bug #7114

13 years agodebian: ovs-monitor-ipsec requires root_prefix option.
Ethan Jackson [Thu, 6 Oct 2011 01:07:04 +0000 (18:07 -0700)]
debian: ovs-monitor-ipsec requires root_prefix option.

Before this patch, if the root_prefix option is left unset
ovs-monitor-ipsec will crash.

13 years agodebian: Make ovs-monitor-ipsec executable.
Ethan Jackson [Wed, 5 Oct 2011 21:33:49 +0000 (14:33 -0700)]
debian: Make ovs-monitor-ipsec executable.

Commit b153e667 "python: Upgrade daemon module to argparse."
removed the execute bit.  This was incorrect.

13 years agodebian: Fully convert ovs-monitor-ipsec to vlog.
Ethan Jackson [Tue, 4 Oct 2011 22:47:07 +0000 (15:47 -0700)]
debian: Fully convert ovs-monitor-ipsec to vlog.

Commit 201bf205 "ovs-monitor-ipsec: Convert to vlog." only
partially updated ovs-monitor-ipsec to the new vlog module.  This
commit completes the process.

13 years agodebian: ovs-monitor-ipsec has a stale init script.
Ethan Jackson [Tue, 4 Oct 2011 21:52:00 +0000 (14:52 -0700)]
debian: ovs-monitor-ipsec has a stale init script.

The ovs-monitor-ipsec init script used the old "pidfile-name"
instead of the new "pidfile" option.  This should cause it to fail
when starting.

This patch also causes ovs-monitor-ipsec to create a log file.

13 years agoxenserver: ovs-xapi-sync should create a log file.
Ethan Jackson [Tue, 4 Oct 2011 21:41:42 +0000 (14:41 -0700)]
xenserver: ovs-xapi-sync should create a log file.

13 years agodebian: Package the installed Python files, not those from the source tree.
Ben Pfaff [Wed, 5 Oct 2011 21:55:02 +0000 (14:55 -0700)]
debian: Package the installed Python files, not those from the source tree.

The only difference between the Python files that are installed and the
Python files found in the source tree is in the ovs.dirs module, but this
is a very important difference: we want the directories used to be the ones
configured in (e.g. /usr/share/openvswitch), not the only used by default
by the source tree's dirs.py (e.g. /usr/local/share/openvswitch).

I verified with "dpkg-deb -x" and "diff -ur" that in fact this is the only
change that this commit makes.

This bug has been in place since at least commit 1d273d6d8 "debian: Rename
openvswitch-python to python-openvswitch" from over a year ago, but until
now the packaged Python files didn't actually use any directories that
differed between the two versions of dirs.py, so only now has the problem
manifested.

This problem prevented ovs-monitor-ipsec from finding the OVSDB schema
file.

Reported-by: Ethan Jackson <ethan@nicira.com>
13 years agodpif: Avoid use of "struct ovs_dp_stats" in platform-independent modules.
Ben Pfaff [Wed, 5 Oct 2011 18:18:13 +0000 (11:18 -0700)]
dpif: Avoid use of  "struct ovs_dp_stats" in platform-independent modules.

Over time we wish to reduce the number of datapath-protocol.h definitions
used directly outside of Linux-specific code.  This commit removes use of
"struct ovs_dp_stats" from platform-independent code.

Bug #7559.

13 years agoodp-util: Use nl_parse_nested() to simplify format_odp_sample_action().
Ben Pfaff [Tue, 4 Oct 2011 19:58:25 +0000 (12:58 -0700)]
odp-util: Use nl_parse_nested() to simplify format_odp_sample_action().

13 years agobridge: Fix comment describing iface_refresh_cfm_stats().
Justin Pettit [Wed, 5 Oct 2011 01:20:34 +0000 (18:20 -0700)]
bridge: Fix comment describing iface_refresh_cfm_stats().

13 years agodatapath: Fix tunnel hashing.
Pravin B Shelar [Wed, 5 Oct 2011 00:48:33 +0000 (17:48 -0700)]
datapath: Fix tunnel hashing.

struct port_lookup_key is getting extra 4 bytes due to alignment on x86_64.
That is messing with hash calculation which uses sizeof operator to
calculate key length. Following patch fixes tunnel hashing by using correct
key length.

This bug was introduced by commit f686a33af8cb41ee228e6a35410c9a488fba3eb1
"datapath: Streamline tunnel port lookup"

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Bug #7622

13 years agonicira-ext: Fix build problems on 64-bit systems.
Justin Pettit [Tue, 4 Oct 2011 18:49:22 +0000 (11:49 -0700)]
nicira-ext: Fix build problems on 64-bit systems.

Commit d2c0fe (nicira-ext: Bump number of registers to five from four.)
broke the build on 64-bit systems.  This commit fixes the problems it
introduced.

13 years agovswitchd: Document map members as separate columns
Ben Pfaff [Wed, 21 Sep 2011 17:07:11 +0000 (10:07 -0700)]
vswitchd: Document map members as separate columns

The OVS configuration database now has numerous columns that contain fixed
key-value pairs.  Currently there's no way to see these at a glance,
because they are not presented in the summary tables just before the
detailed descriptions.

This commit extends the XML format so that keys within a column can be
described individually, and rearranges and rewrites vswitch.xml to take
advantage of this feature.

13 years agonicira-ext: Bump number of registers to five from four.
Justin Pettit [Wed, 28 Sep 2011 20:53:59 +0000 (13:53 -0700)]
nicira-ext: Bump number of registers to five from four.

Feature #7527

13 years agocheck-structs: Add check that OFP_ASSERT is checking the right structures.
Ben Pfaff [Tue, 4 Oct 2011 16:26:14 +0000 (09:26 -0700)]
check-structs: Add check that OFP_ASSERT is checking the right structures.

This avoids a fairly common issue in which a developer cuts and pastes a
structure definition and forgets to update the structure name inside the
OFP_ASSERT, so that the new structure's size doesn't really get checked at
all.

13 years agovconn: Remove unnecessary forward declarations and #includes from header.
Ben Pfaff [Tue, 4 Oct 2011 04:52:39 +0000 (21:52 -0700)]
vconn: Remove unnecessary forward declarations and #includes from header.

This required fix-ups in a few other files that accidentally depended upon
vconn.h including those other headers.

13 years agoofproto-dpif: Fix small typo in comment.
Justin Pettit [Mon, 3 Oct 2011 23:38:07 +0000 (16:38 -0700)]
ofproto-dpif: Fix small typo in comment.

13 years agoofproto-dpif: LACP registration should cause revalidation.
Ethan Jackson [Mon, 3 Oct 2011 19:51:33 +0000 (12:51 -0700)]
ofproto-dpif: LACP registration should cause revalidation.

Whenever a slave is registered to participate in LACP, it needs to
be revalidated so that it can receive LACP PDUs.  This bug can only
surface in an edge case where a pre-existing interface is added to
a pre-existing bond.  It would be unusual for a controller to do
this.

13 years agoofproto-dpif: Revalidate on port additions and deletions.
Ethan Jackson [Mon, 3 Oct 2011 19:51:02 +0000 (12:51 -0700)]
ofproto-dpif: Revalidate on port additions and deletions.

The addition of a new port to an ofproto-dpif may require
revalidations in some cases.  Notably if this new port is
configured to participate in CFM, but a drop flow has already been
installed in the datapath for CFM messages with the same in_port.

Bug #7598.

13 years agometa-flow: Fix icmp_code field's wildcard bit.
Ben Pfaff [Tue, 27 Sep 2011 20:02:30 +0000 (13:02 -0700)]
meta-flow: Fix icmp_code field's wildcard bit.

This bug caused any NXM flow that matched both ICMP code and ICMP type to
be rejected with NXBRC_NXM_DUP_TYPE.

13 years agoofp-parse: Remove write-only variable in parse_ofp_flow_mod_str().
Ben Pfaff [Sun, 2 Oct 2011 21:48:09 +0000 (14:48 -0700)]
ofp-parse: Remove write-only variable in parse_ofp_flow_mod_str().

13 years agotest-classifier: Remove write-only variable.
Ben Pfaff [Fri, 30 Sep 2011 22:22:47 +0000 (15:22 -0700)]
test-classifier: Remove write-only variable.

13 years agodebian: Make python-openvswitch packaging work with squeeze dh_python2.
Ben Pfaff [Mon, 3 Oct 2011 16:19:29 +0000 (09:19 -0700)]
debian: Make python-openvswitch packaging work with squeeze dh_python2.

The dh_python2 helper in Debian squeeze has a limitation that is not
mentioned anywhere, as far as I can tell: Python files must be in
/usr/lib/python#.#/site-packages to be installed.  The version in Debian
wheezy does not have the same limitation.

This meant that building the Debian packages on squeeze silently produced
a broken python-openvswitch package, whereas building the same thing on
wheezy built a working package.

This fixes the problem by putting the .py files where squeeze expects them.
It works on wheezy too.

Bug #7510.
Reported-by: Michael Hu <mhu@nicira.com>
Tested-by: Simon Horman <horms@verge.net.au>
13 years agodatapath: Streamline tunnel port lookup
Pravin Shelar [Fri, 30 Sep 2011 21:32:31 +0000 (14:32 -0700)]
datapath: Streamline tunnel port lookup

This change is meant to cleanup the tunnel lookup code. We are now using
kernel hash table so we can simplify `struct port_lookup_key`.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
13 years agodatapath: Remove unused vlan constants.
Jesse Gross [Thu, 29 Sep 2011 22:18:14 +0000 (15:18 -0700)]
datapath: Remove unused vlan constants.

We define some constants for dealing with vlan PCP bits since at
the time they didn't exist upstream.  They've since been merged
upstream with different names and we don't use them anyways, so
just drop them.

Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
13 years agoflow: Move flow_extract_stats() to dpif.c, as dpif_flow_stats_extract().
Ben Pfaff [Thu, 29 Sep 2011 22:36:14 +0000 (15:36 -0700)]
flow: Move flow_extract_stats() to dpif.c, as dpif_flow_stats_extract().

The "flow" module is concerned only with OpenFlow flows these days.  It
shouldn't have anything to do with ODP or dpifs.  However, it included
dpif.h just to implement flow_extract_stats().  This function is a better
fit for dpif.c, so this commit moves it there and removes the dpif.h
#include from flow.h and flow.c

This commit also removes a few more dpif.h #includes that weren't needed.

13 years agoRemove a pair of unnecessary dependencies on datapath-protocol.h.
Ben Pfaff [Thu, 29 Sep 2011 22:18:58 +0000 (15:18 -0700)]
Remove a pair of unnecessary dependencies on datapath-protocol.h.

These headers don't really need datapath-protocol.h.  connmgr.h indirectly
used "struct nlattr" from that header, so add a forward declaration.  (The
next commit will remove use of struct nlattr entirely from that header,
since it is not really appropriate.)

13 years agocfm: Cleanup output of ovs-appctl "cfm/show" command.
Justin Pettit [Fri, 30 Sep 2011 01:36:09 +0000 (18:36 -0700)]
cfm: Cleanup output of ovs-appctl "cfm/show" command.

When no remote MPIDs were found, the output would print an extra newline.
If multiple remote MPIDs were found, the lines would run together.  This
commit cleans things up a bit by just printing each item on its own line
without any blank lines.

13 years agoovs-vsctl: Remove "cfm_remote_mpid" from man page.
Justin Pettit [Fri, 30 Sep 2011 01:27:28 +0000 (18:27 -0700)]
ovs-vsctl: Remove "cfm_remote_mpid" from man page.

The "cfm_remote_mpid" column is no longer used by the CFM module, so
remove the reference from the ovs-vsctl man page.

13 years agoxenserver: Update README to be current.
Justin Pettit [Thu, 29 Sep 2011 01:37:18 +0000 (18:37 -0700)]
xenserver: Update README to be current.

13 years agoxenserver: Correct location of xen-bugtool plugins.
Justin Pettit [Thu, 29 Sep 2011 01:03:06 +0000 (18:03 -0700)]
xenserver: Correct location of xen-bugtool plugins.

xen-bugtool plugins were stored in "/etc/xensource/bugtool/bugtool-plugins/*",
but xen-bugtool will not traverse deeper than "/etc/xensource/bugtool/*".
This commit corrects the location and makes our plugins run.

signed-off-by: Justin Pettit <jpettit@nicira.com>
acked-by: Ben Pfaff <blp@nicira.com>

13 years agobugtool: Collect "lacp/show" and "cfm/show" information.
Justin Pettit [Mon, 26 Sep 2011 23:49:32 +0000 (16:49 -0700)]
bugtool: Collect "lacp/show" and "cfm/show" information.

Feature #7496

13 years agoovs-vswitchd: Document "coverage/log" in man page.
Justin Pettit [Mon, 26 Sep 2011 22:56:20 +0000 (15:56 -0700)]
ovs-vswitchd: Document "coverage/log" in man page.

13 years agolacp: Make argument to ovs-appctl "lacp/show" command optional.
Justin Pettit [Mon, 26 Sep 2011 22:44:46 +0000 (15:44 -0700)]
lacp: Make argument to ovs-appctl "lacp/show" command optional.

If an argument isn't passed to "lacp/show", it will print information
about all interfaces with LACP enabled.

13 years agocfm: Make argument to ovs-appctl "cfm/show" command optional.
Justin Pettit [Mon, 26 Sep 2011 22:40:53 +0000 (15:40 -0700)]
cfm: Make argument to ovs-appctl "cfm/show" command optional.

If an argument isn't passed to "cfm/show", it will print information
about all interfaces with CFM enabled.

13 years agoovs-appctl: Print command arguments for "help".
Justin Pettit [Mon, 26 Sep 2011 21:59:35 +0000 (14:59 -0700)]
ovs-appctl: Print command arguments for "help".

13 years agodatapath: Avoid skb-clone in upcall
Pravin Shelar [Thu, 29 Sep 2011 23:33:06 +0000 (16:33 -0700)]
datapath: Avoid skb-clone in upcall

There is not need to clone skb while sending packet to user-space.
Since data is only read from packet skb.

Signed-off-by: Pravin Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
13 years agoin-band: Classifier rules should use OpenFlow ports.
Jesse Gross [Thu, 29 Sep 2011 21:02:42 +0000 (14:02 -0700)]
in-band: Classifier rules should use OpenFlow ports.

The in-band rules want to allow traffic to and from the local port
but the rule to be inserted in the classifier table for DHCP traffic
used the datapath constant for local traffic instead of the OpenFlow
one.

13 years agoofp-util: make_packet_out() shouldn't receive OVSP_NONE.
Jesse Gross [Thu, 29 Sep 2011 20:30:07 +0000 (13:30 -0700)]
ofp-util: make_packet_out() shouldn't receive OVSP_NONE.

make_packet_out() operates solely at the OpenFlow layer, so it
should never receive OVSP_LOCAL as an in_port.  This function is
used only by the learning switch, which will never generate
a packet with OVSP_LOCAL so this fixes not a bug but a violation
of semantics.

13 years agoflow: Drop datapath-protocol.h from flow.c.
Jesse Gross [Thu, 29 Sep 2011 20:22:46 +0000 (13:22 -0700)]
flow: Drop datapath-protocol.h from flow.c.

datapath-protocol.h is increasingly a Linux-specific header so its
usage should be restricted from generic code.  Nothing in flow.c
uses it, so drop it to avoid layer violations.

13 years agovlog: Accept any case for ANY and PATTERN when setting levels.
Ben Pfaff [Tue, 27 Sep 2011 19:22:57 +0000 (12:22 -0700)]
vlog: Accept any case for ANY and PATTERN when setting levels.

13 years agodatapath: Avoid use-after-free error in dp_device_event().
Ben Pfaff [Thu, 29 Sep 2011 16:49:37 +0000 (09:49 -0700)]
datapath: Avoid use-after-free error in dp_device_event().

Commit f14d80834 "datapath: genl_notify() on port disappearances" frees the
vport before passing it to ovs_vport_cmd_build_info(), which reads the
freed data.

Without this commit, the following commands consistently trigger a kernel
BUG report on my test VM (which has slab debugging enabled) on 3 attempts:

    tunctl
    ovs-vsctl add-port br0 tap0
    tunctl -d tap0

With this commit, I consistently don't see the BUG, on a few hundred tries
in a tight loop.

The interesting log information is:

    device tap0 entered promiscuous mode
    device tap0 left promiscuous mode
    BUG: unable to handle kernel paging request at 6b6b6ba7
    IP: [<c88269ed>] get_vport_protected+0x8/0x52 [openvswitch_mod]
    *pde = 00000000
    Oops: 0000 [#1] SMP
    last sysfs file: /sys/devices/pci0000:00/0000:00:04.0/net/eth1/carrier
    Modules linked in: brcompat_mod openvswitch_mod

    Pid: 653, comm: tunctl Not tainted 2.6.37+ #25 /Bochs
    EIP: 0060:[<c88269ed>] EFLAGS: 00010246 CPU: 0
    EIP is at get_vport_protected+0x8/0x52 [openvswitch_mod]
    EAX: 6b6b6ba7 EBX: 00000000 ECX: 00000000 EDX: 00000000
    ESI: c6d98400 EDI: c5c32074 EBP: c6ff1de8 ESP: c6ff1de4
     DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068
    Process tunctl (pid: 653, ti=c6ff0000 task=c5c3a820 task.ti=c6ff0000)
    Stack:
     00000000 c6ff1df8 c8826b1d 6b6b6b6b c6d77ab0 c6ff1e14 c8826dc6 c7489160
     00000f40 c6d98400 c6d77ab0 00000000 c6ff1e3c c88286fa 00000000 00000000
     00000002 02ff1e34 00000000 c6d77ab0 c6df98a0 00000006 c6ff1e54 c8828aa2
    Call Trace:
     [<c8826b1d>] ? get_dpifindex+0x1b/0x31 [openvswitch_mod]
     [<c8826dc6>] ? ovs_vport_cmd_fill_info+0x40/0x183 [openvswitch_mod]
     [<c88286fa>] ? ovs_vport_cmd_build_info+0x3f/0x62 [openvswitch_mod]
     [<c8828aa2>] ? dp_device_event+0x56/0xb0 [openvswitch_mod]
     [<c1046c0d>] ? notifier_call_chain+0x6d/0x96
     [<c1046c52>] ? raw_notifier_call_chain+0xc/0xe
     [<c1254c10>] ? call_netdevice_notifiers+0x3c/0x43
     [<c1255029>] ? rollback_registered_many+0xd4/0x18b
     [<c1255146>] ? rollback_registered+0x23/0x28
     [<c1255199>] ? unregister_netdevice_queue+0x4e/0x6b
     [<c1227d2e>] ? tun_chr_close+0x3f/0x76

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
13 years agobridge: Clear out all Interface fields when an interface cannot be created.
Ben Pfaff [Wed, 28 Sep 2011 16:36:13 +0000 (09:36 -0700)]
bridge: Clear out all Interface fields when an interface cannot be created.

When an Interface record is invalid (for example, when the interface that
it specifies does not exist and cannot be created), ovs-vswitchd would
leave any pre-existing data in its columns, except that it would set the
ofport column to -1 to indicate the error.  This was sometimes confusing
because, for example, the lacp_current field could still be set to "true"
if LACP has previously been active and up-to-date.

This commit changes ovs-vswitchd to reset all such data to its default
values when an interface is invalid.

Bug #7450.
Reported-by: Duffie Cooley <dcooley@nicira.com>
Bug #7491.
Reported-by: Ethan Jackson <ethan@nicira.com>
Release Notes #7500.
Reported-by: Keith Amidon <keith@nicira.com>
13 years agoxenserver: Fix typo in comment in XAPI plugin.
Ben Pfaff [Wed, 28 Sep 2011 20:27:59 +0000 (13:27 -0700)]
xenserver: Fix typo in comment in XAPI plugin.

Signed-off-by: Ben Pfaff <blp@nicira.com>