openvswitch
13 years agocfm: New 'cfm_opstate' setting.
Ethan Jackson [Fri, 7 Oct 2011 05:43:05 +0000 (22:43 -0700)]
cfm: New 'cfm_opstate' setting.

In some cases, a controller may want to take an interface down for
forwarding purposes, but avoid completely deconfiguring CFM and
thus lose all connectivity monitoring.  The new 'cfm_opstate'
setting is a way to achieve this behavior.

13 years agocfm: Show extended mode in cfm/show appctl command.
Ethan Jackson [Sun, 9 Oct 2011 22:03:53 +0000 (15:03 -0700)]
cfm: Show extended mode in cfm/show appctl command.

13 years agovswitch.xml: Annotate 'false' keyword in CFM documentation.
Ethan Jackson [Sun, 9 Oct 2011 21:35:47 +0000 (14:35 -0700)]
vswitch.xml: Annotate 'false' keyword in CFM documentation.

13 years agodpif-netdev: Implement OVS_ACTION_ATTR_SAMPLE action.
Ben Pfaff [Tue, 11 Oct 2011 18:07:14 +0000 (11:07 -0700)]
dpif-netdev: Implement OVS_ACTION_ATTR_SAMPLE action.

OVS_ACTION_ATTR_SAMPLE has never been implemented in dpif-netdev.  This
commit implements it and adds a cast to enum ovs_action_type in the switch
statement that checks the action type, so that GCC complains if we forget
to add a case for a new action type.

I had to assign the return value of nl_attr_type() to a temporary variable,
because "switch ((enum ovs_action_type) nl_attr_type(a))" provoked a GCC
warning that I've never seen before:

../lib/dpif-netdev.c:1260: warning: cast from function call of type 'int'
     to non-matching type 'enum ovs_action_type'

13 years agodpif-netdev: Simplify code by removing dpif_netdev_validate_actions().
Ben Pfaff [Wed, 5 Oct 2011 16:04:50 +0000 (09:04 -0700)]
dpif-netdev: Simplify code by removing dpif_netdev_validate_actions().

dpif_netdev_validate_actions() existed for three reasons.  First, it checked
that the actions were well-formed and valid.  This isn't really necessary,
because the actions are built internally by ofproto-dpif and will always be
well-formed.  (If not, that's a bug in ofproto-dpif.)  Second, it checks
whether the actions will modify (mutate) the data in the packet and reports
that to the caller, which can use it to optimize what it does.  However,
the only caller that used this was dpif_netdev_execute(), which is not a
fast-path (if dpif-netdev can be said to have a fast path at all).

Third, dpif_netdev_validate_actions() rejects certain actions that
dpif-netdev does not implement: OVS_ACTION_ATTR_SET_TUNNEL,
OVS_ACTION_ATTR_SET_PRIORITY, and OVS_ACTION_ATTR_POP_PRIORITY.  However,
this doesn't really seem necessary to me.  First, dpif-netdev can't support
tunnels in any case, so OVS_ACTION_ATTR_SET_TUNNEL shouldn't come up.
Second, the priority actions just aren't important enough to worry about;
they only affect QoS, which isn't really important with dpif-netdev since
it's going to be slow anyway.

So this commit just drops dpif_netdev_validate_actions() entirely.

13 years agonetlink: New macros NL_NESTED_FOR_EACH, NL_NESTED_FOR_EACH_UNSAFE.
Ben Pfaff [Wed, 5 Oct 2011 16:36:11 +0000 (09:36 -0700)]
netlink: New macros NL_NESTED_FOR_EACH, NL_NESTED_FOR_EACH_UNSAFE.

Upcoming commits will introduce more users.

13 years agoopenflow: Delete icmp_type and icmp_code macros.
Ben Pfaff [Wed, 5 Oct 2011 18:06:12 +0000 (11:06 -0700)]
openflow: Delete icmp_type and icmp_code macros.

These macros caused trouble if datapath-protocol.h was included before
openflow.h.  Later references to the icmp_type and icmp_code members of
struct ovs_key_icmp caused compiler errors, because the macros caused them
to try to refer to nonexistent tp_src and tp_dst members in those
structures.

13 years agoovs-bugtool: Add -s to "ovs-dpctl show" command, to show vport statistics.
Ben Pfaff [Mon, 10 Oct 2011 17:29:49 +0000 (10:29 -0700)]
ovs-bugtool: Add -s to "ovs-dpctl show" command, to show vport statistics.

It would be nice to include this in xen-bugtool output too but that would
require Citrix to patch xen-bugtool directly.

Bug #7628.
Reported-by: Ethan Jackson <ethan@nicira.com>
13 years agocfm: Send properly formatted CCMs.
Ben Pfaff [Fri, 7 Oct 2011 22:43:43 +0000 (15:43 -0700)]
cfm: Send properly formatted CCMs.

Wireshark complained that Open vSwitch-generated CFM messages were
malformed.  Upon looking at the standard, I spotted that Open vSwitch
failed to include the final, required "End TLV" byte with value 0.

This commit adds the End TLV byte to generated CCMs but still accepts
the truncated messages for backward compatibility.

13 years agodpif-linux: Don't reset kernel upcall_pids unintentionally.
Ben Pfaff [Fri, 7 Oct 2011 23:41:36 +0000 (16:41 -0700)]
dpif-linux: Don't reset kernel upcall_pids unintentionally.

Commit b063d9f0 "datapath: Use unicast Netlink sockets for upcalls" that
introduced an 'upcall_pid' member into struct dpif_linux_vport, struct
dpif_linux_dp, and struct dpif_linux_flow neglected to do so only if the
member was nonzero.  This caused every datapath, vport, and flow operation
to supply an upcall_pid.  In particular, the netdev_set_config() called at
startup when a vport already existed caused the upcall_pid for that vport
to be reset to 0, which in turn caused all packets received on the vport to
be dropped instead of forwarded to ovs-vswitchd.

Reported-by: Shih-Hao Li <shli@nicira.com>
Bug #7714.

13 years agovswitch.ovsschema: Mark more CFM columns ephemeral.
Ben Pfaff [Thu, 6 Oct 2011 18:36:05 +0000 (11:36 -0700)]
vswitch.ovsschema: Mark more CFM columns ephemeral.

I spotted these being logged to the database.  That doesn't match up with
our usual model, so mark them ephemeral.

13 years agodatapath: Remove RT kernel support.
Pravin B Shelar [Fri, 7 Oct 2011 04:52:39 +0000 (21:52 -0700)]
datapath: Remove RT kernel support.

Following patch removes RT kernel support. This allows us to cleanup
the loop detection.
Along with this BH is now disabled while running execute_actions()
for packet from user-space.
As a result we can simplify the stats code as entire send and receive
path runs in BH context on all supported platforms.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Bug #7621

13 years agodatapath: Fix recv path for CONFIG_PREEMPT_RCU.
Pravin B Shelar [Fri, 7 Oct 2011 02:45:09 +0000 (19:45 -0700)]
datapath: Fix recv path for CONFIG_PREEMPT_RCU.

        In case CONFIG_PREEMPT_RCU, rcu grace period waits only for RCU
read-side critical sections that are delimited by rcu_read_lock() and
rcu_read_unlock(). internal_dev_xmit() is called in
rcu_read_lock_bh context. Therefore we need to explicitly take rcu
lock to prevent race with call_rcu() in PREEMPT_RCU case.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
13 years agoovs-monitor-ipsec: Fix use_ssl_cert option implementation.
Ben Pfaff [Thu, 6 Oct 2011 21:54:30 +0000 (14:54 -0700)]
ovs-monitor-ipsec: Fix use_ssl_cert option implementation.

I skipped writing a unit test for this feature on the first go-around, and
of course that meant it didn't work.

Bug #7693.
Reported-by: Michael Hu <mhu@nicira.com>
13 years agodatapath: Strip down vport interface - ifIndex.
Pravin B Shelar [Thu, 6 Oct 2011 02:06:29 +0000 (19:06 -0700)]
datapath: Strip down vport interface - ifIndex.

        Following patch removes ifIndex attribute of vport which is not
used in userspace.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Bug #7114

13 years agodebian: ovs-monitor-ipsec requires root_prefix option.
Ethan Jackson [Thu, 6 Oct 2011 01:07:04 +0000 (18:07 -0700)]
debian: ovs-monitor-ipsec requires root_prefix option.

Before this patch, if the root_prefix option is left unset
ovs-monitor-ipsec will crash.

13 years agodebian: Make ovs-monitor-ipsec executable.
Ethan Jackson [Wed, 5 Oct 2011 21:33:49 +0000 (14:33 -0700)]
debian: Make ovs-monitor-ipsec executable.

Commit b153e667 "python: Upgrade daemon module to argparse."
removed the execute bit.  This was incorrect.

13 years agodebian: Fully convert ovs-monitor-ipsec to vlog.
Ethan Jackson [Tue, 4 Oct 2011 22:47:07 +0000 (15:47 -0700)]
debian: Fully convert ovs-monitor-ipsec to vlog.

Commit 201bf205 "ovs-monitor-ipsec: Convert to vlog." only
partially updated ovs-monitor-ipsec to the new vlog module.  This
commit completes the process.

13 years agodebian: ovs-monitor-ipsec has a stale init script.
Ethan Jackson [Tue, 4 Oct 2011 21:52:00 +0000 (14:52 -0700)]
debian: ovs-monitor-ipsec has a stale init script.

The ovs-monitor-ipsec init script used the old "pidfile-name"
instead of the new "pidfile" option.  This should cause it to fail
when starting.

This patch also causes ovs-monitor-ipsec to create a log file.

13 years agoxenserver: ovs-xapi-sync should create a log file.
Ethan Jackson [Tue, 4 Oct 2011 21:41:42 +0000 (14:41 -0700)]
xenserver: ovs-xapi-sync should create a log file.

13 years agodebian: Package the installed Python files, not those from the source tree.
Ben Pfaff [Wed, 5 Oct 2011 21:55:02 +0000 (14:55 -0700)]
debian: Package the installed Python files, not those from the source tree.

The only difference between the Python files that are installed and the
Python files found in the source tree is in the ovs.dirs module, but this
is a very important difference: we want the directories used to be the ones
configured in (e.g. /usr/share/openvswitch), not the only used by default
by the source tree's dirs.py (e.g. /usr/local/share/openvswitch).

I verified with "dpkg-deb -x" and "diff -ur" that in fact this is the only
change that this commit makes.

This bug has been in place since at least commit 1d273d6d8 "debian: Rename
openvswitch-python to python-openvswitch" from over a year ago, but until
now the packaged Python files didn't actually use any directories that
differed between the two versions of dirs.py, so only now has the problem
manifested.

This problem prevented ovs-monitor-ipsec from finding the OVSDB schema
file.

Reported-by: Ethan Jackson <ethan@nicira.com>
13 years agodpif: Avoid use of "struct ovs_dp_stats" in platform-independent modules.
Ben Pfaff [Wed, 5 Oct 2011 18:18:13 +0000 (11:18 -0700)]
dpif: Avoid use of  "struct ovs_dp_stats" in platform-independent modules.

Over time we wish to reduce the number of datapath-protocol.h definitions
used directly outside of Linux-specific code.  This commit removes use of
"struct ovs_dp_stats" from platform-independent code.

Bug #7559.

13 years agoodp-util: Use nl_parse_nested() to simplify format_odp_sample_action().
Ben Pfaff [Tue, 4 Oct 2011 19:58:25 +0000 (12:58 -0700)]
odp-util: Use nl_parse_nested() to simplify format_odp_sample_action().

13 years agobridge: Fix comment describing iface_refresh_cfm_stats().
Justin Pettit [Wed, 5 Oct 2011 01:20:34 +0000 (18:20 -0700)]
bridge: Fix comment describing iface_refresh_cfm_stats().

13 years agodatapath: Fix tunnel hashing.
Pravin B Shelar [Wed, 5 Oct 2011 00:48:33 +0000 (17:48 -0700)]
datapath: Fix tunnel hashing.

struct port_lookup_key is getting extra 4 bytes due to alignment on x86_64.
That is messing with hash calculation which uses sizeof operator to
calculate key length. Following patch fixes tunnel hashing by using correct
key length.

This bug was introduced by commit f686a33af8cb41ee228e6a35410c9a488fba3eb1
"datapath: Streamline tunnel port lookup"

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Bug #7622

13 years agonicira-ext: Fix build problems on 64-bit systems.
Justin Pettit [Tue, 4 Oct 2011 18:49:22 +0000 (11:49 -0700)]
nicira-ext: Fix build problems on 64-bit systems.

Commit d2c0fe (nicira-ext: Bump number of registers to five from four.)
broke the build on 64-bit systems.  This commit fixes the problems it
introduced.

13 years agovswitchd: Document map members as separate columns
Ben Pfaff [Wed, 21 Sep 2011 17:07:11 +0000 (10:07 -0700)]
vswitchd: Document map members as separate columns

The OVS configuration database now has numerous columns that contain fixed
key-value pairs.  Currently there's no way to see these at a glance,
because they are not presented in the summary tables just before the
detailed descriptions.

This commit extends the XML format so that keys within a column can be
described individually, and rearranges and rewrites vswitch.xml to take
advantage of this feature.

13 years agonicira-ext: Bump number of registers to five from four.
Justin Pettit [Wed, 28 Sep 2011 20:53:59 +0000 (13:53 -0700)]
nicira-ext: Bump number of registers to five from four.

Feature #7527

13 years agocheck-structs: Add check that OFP_ASSERT is checking the right structures.
Ben Pfaff [Tue, 4 Oct 2011 16:26:14 +0000 (09:26 -0700)]
check-structs: Add check that OFP_ASSERT is checking the right structures.

This avoids a fairly common issue in which a developer cuts and pastes a
structure definition and forgets to update the structure name inside the
OFP_ASSERT, so that the new structure's size doesn't really get checked at
all.

13 years agovconn: Remove unnecessary forward declarations and #includes from header.
Ben Pfaff [Tue, 4 Oct 2011 04:52:39 +0000 (21:52 -0700)]
vconn: Remove unnecessary forward declarations and #includes from header.

This required fix-ups in a few other files that accidentally depended upon
vconn.h including those other headers.

13 years agoofproto-dpif: Fix small typo in comment.
Justin Pettit [Mon, 3 Oct 2011 23:38:07 +0000 (16:38 -0700)]
ofproto-dpif: Fix small typo in comment.

13 years agoofproto-dpif: LACP registration should cause revalidation.
Ethan Jackson [Mon, 3 Oct 2011 19:51:33 +0000 (12:51 -0700)]
ofproto-dpif: LACP registration should cause revalidation.

Whenever a slave is registered to participate in LACP, it needs to
be revalidated so that it can receive LACP PDUs.  This bug can only
surface in an edge case where a pre-existing interface is added to
a pre-existing bond.  It would be unusual for a controller to do
this.

13 years agoofproto-dpif: Revalidate on port additions and deletions.
Ethan Jackson [Mon, 3 Oct 2011 19:51:02 +0000 (12:51 -0700)]
ofproto-dpif: Revalidate on port additions and deletions.

The addition of a new port to an ofproto-dpif may require
revalidations in some cases.  Notably if this new port is
configured to participate in CFM, but a drop flow has already been
installed in the datapath for CFM messages with the same in_port.

Bug #7598.

13 years agometa-flow: Fix icmp_code field's wildcard bit.
Ben Pfaff [Tue, 27 Sep 2011 20:02:30 +0000 (13:02 -0700)]
meta-flow: Fix icmp_code field's wildcard bit.

This bug caused any NXM flow that matched both ICMP code and ICMP type to
be rejected with NXBRC_NXM_DUP_TYPE.

13 years agoofp-parse: Remove write-only variable in parse_ofp_flow_mod_str().
Ben Pfaff [Sun, 2 Oct 2011 21:48:09 +0000 (14:48 -0700)]
ofp-parse: Remove write-only variable in parse_ofp_flow_mod_str().

13 years agotest-classifier: Remove write-only variable.
Ben Pfaff [Fri, 30 Sep 2011 22:22:47 +0000 (15:22 -0700)]
test-classifier: Remove write-only variable.

13 years agodebian: Make python-openvswitch packaging work with squeeze dh_python2.
Ben Pfaff [Mon, 3 Oct 2011 16:19:29 +0000 (09:19 -0700)]
debian: Make python-openvswitch packaging work with squeeze dh_python2.

The dh_python2 helper in Debian squeeze has a limitation that is not
mentioned anywhere, as far as I can tell: Python files must be in
/usr/lib/python#.#/site-packages to be installed.  The version in Debian
wheezy does not have the same limitation.

This meant that building the Debian packages on squeeze silently produced
a broken python-openvswitch package, whereas building the same thing on
wheezy built a working package.

This fixes the problem by putting the .py files where squeeze expects them.
It works on wheezy too.

Bug #7510.
Reported-by: Michael Hu <mhu@nicira.com>
Tested-by: Simon Horman <horms@verge.net.au>
13 years agodatapath: Streamline tunnel port lookup
Pravin Shelar [Fri, 30 Sep 2011 21:32:31 +0000 (14:32 -0700)]
datapath: Streamline tunnel port lookup

This change is meant to cleanup the tunnel lookup code. We are now using
kernel hash table so we can simplify `struct port_lookup_key`.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
13 years agodatapath: Remove unused vlan constants.
Jesse Gross [Thu, 29 Sep 2011 22:18:14 +0000 (15:18 -0700)]
datapath: Remove unused vlan constants.

We define some constants for dealing with vlan PCP bits since at
the time they didn't exist upstream.  They've since been merged
upstream with different names and we don't use them anyways, so
just drop them.

Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
13 years agoflow: Move flow_extract_stats() to dpif.c, as dpif_flow_stats_extract().
Ben Pfaff [Thu, 29 Sep 2011 22:36:14 +0000 (15:36 -0700)]
flow: Move flow_extract_stats() to dpif.c, as dpif_flow_stats_extract().

The "flow" module is concerned only with OpenFlow flows these days.  It
shouldn't have anything to do with ODP or dpifs.  However, it included
dpif.h just to implement flow_extract_stats().  This function is a better
fit for dpif.c, so this commit moves it there and removes the dpif.h
#include from flow.h and flow.c

This commit also removes a few more dpif.h #includes that weren't needed.

13 years agoRemove a pair of unnecessary dependencies on datapath-protocol.h.
Ben Pfaff [Thu, 29 Sep 2011 22:18:58 +0000 (15:18 -0700)]
Remove a pair of unnecessary dependencies on datapath-protocol.h.

These headers don't really need datapath-protocol.h.  connmgr.h indirectly
used "struct nlattr" from that header, so add a forward declaration.  (The
next commit will remove use of struct nlattr entirely from that header,
since it is not really appropriate.)

13 years agocfm: Cleanup output of ovs-appctl "cfm/show" command.
Justin Pettit [Fri, 30 Sep 2011 01:36:09 +0000 (18:36 -0700)]
cfm: Cleanup output of ovs-appctl "cfm/show" command.

When no remote MPIDs were found, the output would print an extra newline.
If multiple remote MPIDs were found, the lines would run together.  This
commit cleans things up a bit by just printing each item on its own line
without any blank lines.

13 years agoovs-vsctl: Remove "cfm_remote_mpid" from man page.
Justin Pettit [Fri, 30 Sep 2011 01:27:28 +0000 (18:27 -0700)]
ovs-vsctl: Remove "cfm_remote_mpid" from man page.

The "cfm_remote_mpid" column is no longer used by the CFM module, so
remove the reference from the ovs-vsctl man page.

13 years agoxenserver: Update README to be current.
Justin Pettit [Thu, 29 Sep 2011 01:37:18 +0000 (18:37 -0700)]
xenserver: Update README to be current.

13 years agoxenserver: Correct location of xen-bugtool plugins.
Justin Pettit [Thu, 29 Sep 2011 01:03:06 +0000 (18:03 -0700)]
xenserver: Correct location of xen-bugtool plugins.

xen-bugtool plugins were stored in "/etc/xensource/bugtool/bugtool-plugins/*",
but xen-bugtool will not traverse deeper than "/etc/xensource/bugtool/*".
This commit corrects the location and makes our plugins run.

signed-off-by: Justin Pettit <jpettit@nicira.com>
acked-by: Ben Pfaff <blp@nicira.com>

13 years agobugtool: Collect "lacp/show" and "cfm/show" information.
Justin Pettit [Mon, 26 Sep 2011 23:49:32 +0000 (16:49 -0700)]
bugtool: Collect "lacp/show" and "cfm/show" information.

Feature #7496

13 years agoovs-vswitchd: Document "coverage/log" in man page.
Justin Pettit [Mon, 26 Sep 2011 22:56:20 +0000 (15:56 -0700)]
ovs-vswitchd: Document "coverage/log" in man page.

13 years agolacp: Make argument to ovs-appctl "lacp/show" command optional.
Justin Pettit [Mon, 26 Sep 2011 22:44:46 +0000 (15:44 -0700)]
lacp: Make argument to ovs-appctl "lacp/show" command optional.

If an argument isn't passed to "lacp/show", it will print information
about all interfaces with LACP enabled.

13 years agocfm: Make argument to ovs-appctl "cfm/show" command optional.
Justin Pettit [Mon, 26 Sep 2011 22:40:53 +0000 (15:40 -0700)]
cfm: Make argument to ovs-appctl "cfm/show" command optional.

If an argument isn't passed to "cfm/show", it will print information
about all interfaces with CFM enabled.

13 years agoovs-appctl: Print command arguments for "help".
Justin Pettit [Mon, 26 Sep 2011 21:59:35 +0000 (14:59 -0700)]
ovs-appctl: Print command arguments for "help".

13 years agodatapath: Avoid skb-clone in upcall
Pravin Shelar [Thu, 29 Sep 2011 23:33:06 +0000 (16:33 -0700)]
datapath: Avoid skb-clone in upcall

There is not need to clone skb while sending packet to user-space.
Since data is only read from packet skb.

Signed-off-by: Pravin Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
13 years agoin-band: Classifier rules should use OpenFlow ports.
Jesse Gross [Thu, 29 Sep 2011 21:02:42 +0000 (14:02 -0700)]
in-band: Classifier rules should use OpenFlow ports.

The in-band rules want to allow traffic to and from the local port
but the rule to be inserted in the classifier table for DHCP traffic
used the datapath constant for local traffic instead of the OpenFlow
one.

13 years agoofp-util: make_packet_out() shouldn't receive OVSP_NONE.
Jesse Gross [Thu, 29 Sep 2011 20:30:07 +0000 (13:30 -0700)]
ofp-util: make_packet_out() shouldn't receive OVSP_NONE.

make_packet_out() operates solely at the OpenFlow layer, so it
should never receive OVSP_LOCAL as an in_port.  This function is
used only by the learning switch, which will never generate
a packet with OVSP_LOCAL so this fixes not a bug but a violation
of semantics.

13 years agoflow: Drop datapath-protocol.h from flow.c.
Jesse Gross [Thu, 29 Sep 2011 20:22:46 +0000 (13:22 -0700)]
flow: Drop datapath-protocol.h from flow.c.

datapath-protocol.h is increasingly a Linux-specific header so its
usage should be restricted from generic code.  Nothing in flow.c
uses it, so drop it to avoid layer violations.

13 years agovlog: Accept any case for ANY and PATTERN when setting levels.
Ben Pfaff [Tue, 27 Sep 2011 19:22:57 +0000 (12:22 -0700)]
vlog: Accept any case for ANY and PATTERN when setting levels.

13 years agodatapath: Avoid use-after-free error in dp_device_event().
Ben Pfaff [Thu, 29 Sep 2011 16:49:37 +0000 (09:49 -0700)]
datapath: Avoid use-after-free error in dp_device_event().

Commit f14d80834 "datapath: genl_notify() on port disappearances" frees the
vport before passing it to ovs_vport_cmd_build_info(), which reads the
freed data.

Without this commit, the following commands consistently trigger a kernel
BUG report on my test VM (which has slab debugging enabled) on 3 attempts:

    tunctl
    ovs-vsctl add-port br0 tap0
    tunctl -d tap0

With this commit, I consistently don't see the BUG, on a few hundred tries
in a tight loop.

The interesting log information is:

    device tap0 entered promiscuous mode
    device tap0 left promiscuous mode
    BUG: unable to handle kernel paging request at 6b6b6ba7
    IP: [<c88269ed>] get_vport_protected+0x8/0x52 [openvswitch_mod]
    *pde = 00000000
    Oops: 0000 [#1] SMP
    last sysfs file: /sys/devices/pci0000:00/0000:00:04.0/net/eth1/carrier
    Modules linked in: brcompat_mod openvswitch_mod

    Pid: 653, comm: tunctl Not tainted 2.6.37+ #25 /Bochs
    EIP: 0060:[<c88269ed>] EFLAGS: 00010246 CPU: 0
    EIP is at get_vport_protected+0x8/0x52 [openvswitch_mod]
    EAX: 6b6b6ba7 EBX: 00000000 ECX: 00000000 EDX: 00000000
    ESI: c6d98400 EDI: c5c32074 EBP: c6ff1de8 ESP: c6ff1de4
     DS: 007b ES: 007b FS: 00d8 GS: 0000 SS: 0068
    Process tunctl (pid: 653, ti=c6ff0000 task=c5c3a820 task.ti=c6ff0000)
    Stack:
     00000000 c6ff1df8 c8826b1d 6b6b6b6b c6d77ab0 c6ff1e14 c8826dc6 c7489160
     00000f40 c6d98400 c6d77ab0 00000000 c6ff1e3c c88286fa 00000000 00000000
     00000002 02ff1e34 00000000 c6d77ab0 c6df98a0 00000006 c6ff1e54 c8828aa2
    Call Trace:
     [<c8826b1d>] ? get_dpifindex+0x1b/0x31 [openvswitch_mod]
     [<c8826dc6>] ? ovs_vport_cmd_fill_info+0x40/0x183 [openvswitch_mod]
     [<c88286fa>] ? ovs_vport_cmd_build_info+0x3f/0x62 [openvswitch_mod]
     [<c8828aa2>] ? dp_device_event+0x56/0xb0 [openvswitch_mod]
     [<c1046c0d>] ? notifier_call_chain+0x6d/0x96
     [<c1046c52>] ? raw_notifier_call_chain+0xc/0xe
     [<c1254c10>] ? call_netdevice_notifiers+0x3c/0x43
     [<c1255029>] ? rollback_registered_many+0xd4/0x18b
     [<c1255146>] ? rollback_registered+0x23/0x28
     [<c1255199>] ? unregister_netdevice_queue+0x4e/0x6b
     [<c1227d2e>] ? tun_chr_close+0x3f/0x76

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
13 years agobridge: Clear out all Interface fields when an interface cannot be created.
Ben Pfaff [Wed, 28 Sep 2011 16:36:13 +0000 (09:36 -0700)]
bridge: Clear out all Interface fields when an interface cannot be created.

When an Interface record is invalid (for example, when the interface that
it specifies does not exist and cannot be created), ovs-vswitchd would
leave any pre-existing data in its columns, except that it would set the
ofport column to -1 to indicate the error.  This was sometimes confusing
because, for example, the lacp_current field could still be set to "true"
if LACP has previously been active and up-to-date.

This commit changes ovs-vswitchd to reset all such data to its default
values when an interface is invalid.

Bug #7450.
Reported-by: Duffie Cooley <dcooley@nicira.com>
Bug #7491.
Reported-by: Ethan Jackson <ethan@nicira.com>
Release Notes #7500.
Reported-by: Keith Amidon <keith@nicira.com>
13 years agoxenserver: Fix typo in comment in XAPI plugin.
Ben Pfaff [Wed, 28 Sep 2011 20:27:59 +0000 (13:27 -0700)]
xenserver: Fix typo in comment in XAPI plugin.

Signed-off-by: Ben Pfaff <blp@nicira.com>
13 years agoovs.daemon: Fix bug introduced by "pychecker" warning fixes.
Ben Pfaff [Thu, 29 Sep 2011 06:09:33 +0000 (23:09 -0700)]
ovs.daemon: Fix bug introduced by "pychecker" warning fixes.

Commit 591c20651f1 "daemon.py: Don't shadow built-in 'file' variable"
changed most instances of "file" to "file_handle" but missed this one.

I'm not certain that this solves a real problem, but it still seems wrong.

Bug #7533.

13 years agoovs.daemon: Fix semantics of --pidfile option.
Ben Pfaff [Thu, 29 Sep 2011 06:07:11 +0000 (23:07 -0700)]
ovs.daemon: Fix semantics of --pidfile option.

The --pidfile option is supposed to work like this:

   * Without --pidfile, you don't get a pidfile.
   * With --pidfile, you get the default pidfile.
   * With --pidfile=FILE, you get FILE as your pidfile.

However, it actually worked like this:

   * Without --pidfile, you got the default pidfile.
   * With --pidfile, you got no pidfile at all.
   * With --pidfile=FILE, you got FILE as your pidfile.

This is because of the semantics of "default" in argparse.  It is
documented as:

    The default keyword argument of add_argument(), whose value defaults to
    None, specifies what value should be used if the command-line argument
    is not present.  For optional arguments, the default value is used when
    the option string was not present at the command line.

We actually want "const", which is documented under the description of
nargs="?" as:

    If no command-line argument is present, the value from default will be
    produced.  Note that for optional arguments, there is an additional
    case - the option string is present but not followed by a command-line
    argument.  In this case the value from const will be produced.

Bug #7533.

13 years agoovs-xapi-sync: Crashes if root-prefix is unspecified.
Ethan Jackson [Wed, 28 Sep 2011 19:12:56 +0000 (12:12 -0700)]
ovs-xapi-sync: Crashes if root-prefix is unspecified.

13 years agoroute-table: Clear route_notifier after free.
Jesse Gross [Wed, 28 Sep 2011 16:52:07 +0000 (09:52 -0700)]
route-table: Clear route_notifier after free.

If the routing table is destroyed and re-created then it will
trigger another assertion because route_notifier is not NULL,
even though it has already been freed.

13 years agosFlow: Genericize/simplify kernel sFlow implementation
Pravin Shelar [Wed, 28 Sep 2011 17:43:07 +0000 (10:43 -0700)]
sFlow: Genericize/simplify kernel sFlow implementation

Following patch adds sampling action which takes probability and set
of actions as arguments. When probability is hit, actions are executed for
given packet.
USERSPACE action's userdata (u64) is used to store struct
user_action_cookie as cookie. CONTROLLER action is fixed accordingly.

Now we can remove sFlow code from kernel and implement sFlow generically
as SAMPLE action. sFlow is defined as SAMPLE Action with probability (sFlow
sampling rate) and USERSPACE action as argument. USERSPACE action's data
is used as cookie. sFlow uses this cookie to store output-port, number of
output ports and vlan-id. sample-pool is calculated by using vport
stats.

Signed-off-by: Pravin Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
13 years agoxenserver: Don't specify python code by hand.
Ethan Jackson [Tue, 27 Sep 2011 23:56:23 +0000 (16:56 -0700)]
xenserver: Don't specify python code by hand.

Before this patch, a list of each python file in the xenserver rpm
was listed by hand.  This was error prone so now the spec file uses
a glob.

Signed-off-by: Ethan Jackson <ethan@nicira.com>
13 years agoxenserver: Add vlog.py to spec file.
Ethan Jackson [Tue, 27 Sep 2011 23:49:17 +0000 (16:49 -0700)]
xenserver: Add vlog.py to spec file.

13 years agoroute-table: Close netlink notifier before closing nln.
Jesse Gross [Tue, 27 Sep 2011 22:27:43 +0000 (15:27 -0700)]
route-table: Close netlink notifier before closing nln.

Commit 2ee6545f2bff7eb27e8c84965e3ff38dfa909bf6 "notifiers: Create
and destroy nln_notifiers." requires callers to explicitly create
and destroy netlink notifiers but route-table only did the creation
part.  This causes an assertion failure any time the netdev for a
vport is destroyed (for example ovs-dpctl show when there is a
tunnel port).

Bug #7464

13 years agotests: Use compat argparse when required.
Ethan Jackson [Tue, 27 Sep 2011 22:31:18 +0000 (15:31 -0700)]
tests: Use compat argparse when required.

Some build environments don't have argparse installed.  In these
cases the test framework will use the compat version.

13 years agoovs-xapi-sync: Convert to vlog.
Ethan Jackson [Sun, 25 Sep 2011 22:40:10 +0000 (15:40 -0700)]
ovs-xapi-sync: Convert to vlog.

13 years agoovs-monitor-ipsec: Convert to vlog.
Ethan Jackson [Sun, 25 Sep 2011 22:18:44 +0000 (15:18 -0700)]
ovs-monitor-ipsec: Convert to vlog.

13 years agopython: Upgrade to vlog.
Ethan Jackson [Sun, 25 Sep 2011 00:53:30 +0000 (17:53 -0700)]
python: Upgrade to vlog.

This patch upgrades the library code in the python/ovs directory to
the new vlog module.

13 years agopython: Upgrade daemon module to argparse.
Ethan Jackson [Mon, 26 Sep 2011 23:02:26 +0000 (16:02 -0700)]
python: Upgrade daemon module to argparse.

This patch also updates it's callers.

13 years agostream.py: Make usage() function return a string.
Ethan Jackson [Mon, 26 Sep 2011 23:02:14 +0000 (16:02 -0700)]
stream.py: Make usage() function return a string.

This will marginally simplify a future patch.

13 years agopython: Create new vlog module.
Ethan Jackson [Wed, 21 Sep 2011 22:43:27 +0000 (15:43 -0700)]
python: Create new vlog module.

Currently, each python daemon has to come up with it's own logging
solution.  These logging strategies are not consistent across the
python code or with the C vlog module.  This patch adds a new
logging module which hopes to solve the problem.  This new module
generates log messages in a manner consistent with the C code.
Furthermore, it can easily be extended to support things like rate
limiters in the future.

This patch does not update any python code to use the new module.

13 years agopython: Backport argparse to older platforms.
Ethan Jackson [Thu, 22 Sep 2011 19:05:18 +0000 (12:05 -0700)]
python: Backport argparse to older platforms.

Argparse has some convenient advantages over optparse including the
ability to handle optional arguments to flags.  It also supports
parsing arguments as well as options.

This patch copies argparse.py from Python 2.7 into a newly created
compat directory.  It made some very minor syntactic updates in the
process.  Platforms which have a Python version too old to include
argparse by default will have this compat version installed as a
workaround.

13 years agotest-jsonrpc: Help option doesn't work.
Ethan Jackson [Mon, 26 Sep 2011 23:12:33 +0000 (16:12 -0700)]
test-jsonrpc: Help option doesn't work.

The test-jsonrpc.py script didn't understand the "-h" option and
threw an exception when "--help" was supplied.

13 years agoImplement "native VLAN" feature.
Ben Pfaff [Sat, 24 Sep 2011 00:03:03 +0000 (17:03 -0700)]
Implement "native VLAN" feature.

Significant updates by Ben Pfaff, including:

* Comment, coding style, indentation updates.
* Documentation improved.
* Added tests.
* Dropped PORT_VLAN_EMPTY.

13 years agobitmap: New function to allocate a bitmap initialized to all-1-bits.
Ben Pfaff [Fri, 26 Aug 2011 19:58:36 +0000 (12:58 -0700)]
bitmap: New function to allocate a bitmap initialized to all-1-bits.

13 years agoofproto-dpif: Add tests for VLAN handling.
Ben Pfaff [Fri, 26 Aug 2011 00:00:45 +0000 (17:00 -0700)]
ofproto-dpif: Add tests for VLAN handling.

These tests would have caught the bug fixed in the previous commit
"ofproto-dpif: Fix behavior when a subset of VLANs is trunked."

13 years agoofproto-dpif: Get rid of OFP_VLAN_NONE pollution.
Ben Pfaff [Mon, 26 Sep 2011 20:15:54 +0000 (13:15 -0700)]
ofproto-dpif: Get rid of OFP_VLAN_NONE pollution.

OFP_VLAN_NONE used to be convenient as a value for struct dst's 'vlan'
member, because it ended up being used in actions anyway, but now it's
much better to just use 0.

13 years agoofproto-dpif: Fix VLAN and other field handling in OFPP_NORMAL.
Ben Pfaff [Sat, 24 Sep 2011 00:11:49 +0000 (17:11 -0700)]
ofproto-dpif: Fix VLAN and other field handling in OFPP_NORMAL.

compose_actions(), which is part of the OFPP_NORMAL implementation, had
multiple flaws that this commit corrects.

First, it did not commit changes made to the flow by actions preceding
the output to OFPP_NORMAL.  This means that, for example, if an OpenFlow
action to modify an L2 or L3 header preceded the output to OFPP_NORMAL,
then OFPP_NORMAL would output its packets without those changes.

Second, it did not update the action_xlate_ctx's notion of the VLAN that
was currently set, in the cases where it modified the current VLAN.  This
means that actions following the output to OFPP_NORMAL could output to
unexpected VLANs.

Third, when it switched to VLAN 0, it unconditionally also stripped the
whole 802.1Q header, so that if the packet originally was priority tagged,
the output packet was not priority tagged.  This is reasonable behavior,
but it is a change in behavior from what previous releases of OVS did, so
this commit reverts it.

Based on a patch from and a conversation with Pravin Shelar
<pshelar@nicira.com>.

13 years agoovs-xapi-sync: Add unit test.
Ben Pfaff [Mon, 26 Sep 2011 20:07:29 +0000 (13:07 -0700)]
ovs-xapi-sync: Add unit test.

13 years agoovs-monitor-ipsec: Add unit test.
Ben Pfaff [Fri, 23 Sep 2011 21:21:19 +0000 (14:21 -0700)]
ovs-monitor-ipsec: Add unit test.

13 years agodatapath: Fix OVS build failure on older kernel
Pravin Shelar [Mon, 26 Sep 2011 19:30:50 +0000 (12:30 -0700)]
datapath: Fix OVS build failure on older kernel

   genlmsg_unicast() API changed for network namespace in 2.6.32.
Following patch handles compatibility for same.

Signed-off-by: Pravin Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
13 years agojson.py: Typo in parsing code.
Ben Pfaff [Mon, 26 Sep 2011 18:43:25 +0000 (11:43 -0700)]
json.py: Typo in parsing code.

13 years agopython: Style cleanup.
Ethan Jackson [Sat, 24 Sep 2011 06:43:12 +0000 (23:43 -0700)]
python: Style cleanup.

This patch does minor style cleanups to the code in the python and
tests directory.  There's other code floating around that could use
similar treatment, but updating it is not convenient at the moment.

13 years agotest-reconnect: Fix use of undefined symbol.
Ethan Jackson [Sat, 24 Sep 2011 23:19:27 +0000 (16:19 -0700)]
test-reconnect: Fix use of undefined symbol.

13 years agotest-ovsdb.py: Remove unused import.
Ethan Jackson [Sat, 24 Sep 2011 23:04:19 +0000 (16:04 -0700)]
test-ovsdb.py: Remove unused import.

13 years agoovsuuid.py: Fix use of undefined symbol.
Ethan Jackson [Sat, 24 Sep 2011 07:09:48 +0000 (00:09 -0700)]
ovsuuid.py: Fix use of undefined symbol.

Found by pychecker.

13 years agoovs-xapi-sync: Style cleanup.
Ethan Jackson [Sat, 24 Sep 2011 00:18:08 +0000 (17:18 -0700)]
ovs-xapi-sync:  Style cleanup.

Pleases pep8.

13 years agoovs-xapi-sync: Remove dead code.
Ethan Jackson [Sat, 24 Sep 2011 00:18:53 +0000 (17:18 -0700)]
ovs-xapi-sync: Remove dead code.

Found by pychecker.

13 years agobond: Remove spurious blank line.
Ben Pfaff [Fri, 23 Sep 2011 22:49:26 +0000 (15:49 -0700)]
bond: Remove spurious blank line.

13 years agoovs-monitor-ipsec: Style cleanup.
Ethan Jackson [Fri, 23 Sep 2011 22:35:04 +0000 (15:35 -0700)]
ovs-monitor-ipsec: Style cleanup.

Pleases pep8.

13 years agoovs-monitor-ipsec: Remove unused root-prefix option.
Ethan Jackson [Fri, 23 Sep 2011 22:36:59 +0000 (15:36 -0700)]
ovs-monitor-ipsec: Remove unused root-prefix option.

13 years agoovs-bugtool: Use RUNDIR macro for ovs-appctl target.
Justin Pettit [Fri, 23 Sep 2011 22:30:55 +0000 (15:30 -0700)]
ovs-bugtool: Use RUNDIR macro for ovs-appctl target.

Correct the target path used by ovs-appctl.  The previous value was
hard-coded to "/var/run", but the common path is actually
"/var/run/openvswitch".  However, it's better to use RUNDIR, since the
default location is build-time configurable.

13 years agodpif-linux: Prevent a single port from monopolizing upcalls.
Jesse Gross [Fri, 16 Sep 2011 22:23:37 +0000 (15:23 -0700)]
dpif-linux: Prevent a single port from monopolizing upcalls.

Currently it is possible for a client on a single port to generate
a huge number of packets that miss in the kernel flow table and
monopolize the userspace/kernel communication path.  This
effectively DoS's the machine because no new flow setups can take
place.  This adds some additional fairness by separating each upcall
type for each object in the datapath onto a separate socket, each
with its own queue.  Userspace then reads round-robin from each
socket so other flow setups can still succeed.

Since the number of objects can potentially be large, we don't always
have a unique socket for each.  Instead, we create 16 sockets and
spread the load around them in a round robin fashion.  It's theoretically
possible to do better than this with some kind of active load balancing
scheme but this seems like a good place to start.

Feature #6485

13 years agonetlink: Expose version of nl_attr_find for key and len.
Jesse Gross [Fri, 23 Sep 2011 18:53:12 +0000 (11:53 -0700)]
netlink: Expose version of nl_attr_find for key and len.

Many of our functions pass around a pointer to Netlink attributes
and a length.  This exposes the version of nl_attr_find that takes
that format so it can be used by callers outside the Netlink library.

13 years agopoll-loop: Enable checking whether a FD caused a wakeup.
Jesse Gross [Sun, 31 Jul 2011 21:47:32 +0000 (14:47 -0700)]
poll-loop: Enable checking whether a FD caused a wakeup.

Each time we run through the poll loop, we check all file descriptors
that we were waiting on to see if there is data available.  However,
this requires a system call and poll already provides information on
which FDs caused the wakeup so it is inefficient as the number of
active FDs grows.  This provides a way to check whether a given FD
has data.

13 years agoofproto-dpif: Flush flows before dpif_recv_set_mask().
Jesse Gross [Fri, 16 Sep 2011 16:50:35 +0000 (09:50 -0700)]
ofproto-dpif: Flush flows before dpif_recv_set_mask().

Now that upcalls from the kernel use unicast sockets, we need to
tell the kernel where to send them explicitly.  This means that
when the switch is restarted it's necessary to take control of any
existing objects, which is done when the dpif listen mask becomes
non-zero.  Since we're going to blow away the flows anyways, we
might as well do it before going through the trouble of updating
all of them.

13 years agodatapath: Use unicast Netlink sockets for upcalls.
Jesse Gross [Wed, 14 Sep 2011 20:05:09 +0000 (13:05 -0700)]
datapath: Use unicast Netlink sockets for upcalls.

Currently we publish several multicast groups for upcalls and let
userspace sockets subscribe to them.  The benefit of this is mostly
that userspace is the one doing the subscription - the actual
multicast capability is not currently used and probably wouldn't be
even if we moved to a multiprocess model.  Despite the convenience,
multicast sockets have a number of disadvantages, primarily that
we only have a limited number of them so there could be collisions.
In addition, unicast sockets give additional flexibility to userspace
by allowing every object to potentially have a different socket
chosen by userspace for upcalls.  Finally, any future optimizations
for upcalls to reduce copying will likely not be compatible with
multicast anyways so disallowing it potentially simplifies things.

We also never unregistered the multicast groups registered for upcalls
and leaked them on module unload.  As a side effect, this solves that
problem.

Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
13 years agonetlink: Expose method to get Netlink pid of a socket.
Jesse Gross [Fri, 16 Sep 2011 16:37:16 +0000 (09:37 -0700)]
netlink: Expose method to get Netlink pid of a socket.

In the future, the kernel will use unicast messages instead of
multicast to send upcalls.  As a result, we need to be able to
tell it where to direct the traffic.  This adds a function to expose
the Netlink pid of a socket so it can be included in messages to the
kernel.