From 5c7f58830a25520f7e18225b79de2774b9e9e012 Mon Sep 17 00:00:00 2001 From: Jesse Gross Date: Mon, 5 Nov 2012 15:47:41 -0800 Subject: [PATCH] datapath: Don't allow flows installed with only TUN_ID. Tunnel ports now always include full outer IP information, even if userspace can't understand it. Since our flows our exact match this information must also be provided when setting up flows. Since flows with only OVS_KEY_ATTR_TUN_ID keys don't contain all of this information they can never be hit and we should just reject them at setup time. Signed-off-by: Jesse Gross Acked-by: Kyle Mestery --- datapath/flow.c | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/datapath/flow.c b/datapath/flow.c index 2acdd059..f33760af 100644 --- a/datapath/flow.c +++ b/datapath/flow.c @@ -1041,14 +1041,11 @@ int ovs_flow_from_nlattrs(struct sw_flow_key *swkey, int *key_lenp, if (tun_id != tun_key->tun_id) return -EINVAL; - memcpy(&swkey->phy.tun.tun_key, tun_key, sizeof(swkey->phy.tun.tun_key)); - attrs &= ~(1ULL << OVS_KEY_ATTR_TUN_ID); - attrs &= ~(1ULL << OVS_KEY_ATTR_IPV4_TUNNEL); - } else if (attrs & (1ULL << OVS_KEY_ATTR_TUN_ID)) { - swkey->phy.tun.tun_key.tun_id = nla_get_be64(a[OVS_KEY_ATTR_TUN_ID]); - swkey->phy.tun.tun_key.tun_flags |= OVS_FLOW_TNL_F_KEY; + memcpy(&swkey->phy.tun.tun_key, tun_key, + sizeof(swkey->phy.tun.tun_key)); attrs &= ~(1ULL << OVS_KEY_ATTR_TUN_ID); + attrs &= ~(1ULL << OVS_KEY_ATTR_IPV4_TUNNEL); } else if (attrs & (1ULL << OVS_KEY_ATTR_IPV4_TUNNEL)) { struct ovs_key_ipv4_tunnel *tun_key; tun_key = nla_data(a[OVS_KEY_ATTR_IPV4_TUNNEL]); @@ -1056,7 +1053,9 @@ int ovs_flow_from_nlattrs(struct sw_flow_key *swkey, int *key_lenp, if (!tun_key->ipv4_dst) return -EINVAL; - memcpy(&swkey->phy.tun.tun_key, tun_key, sizeof(swkey->phy.tun.tun_key)); + memcpy(&swkey->phy.tun.tun_key, tun_key, + sizeof(swkey->phy.tun.tun_key)); + attrs &= ~(1ULL << OVS_KEY_ATTR_IPV4_TUNNEL); } -- 2.30.2