- 21 Jul, 2015 2 commits
-
-
Thomas Graf authored
This is the first step in representing all OVS vports as regular struct net_devices. Move the net_device pointer into the vport structure itself to get rid of struct vport_netdev. Signed-off-by:
Thomas Graf <tgraf@suug.ch> Signed-off-by:
Pravin B Shelar <pshelar@nicira.com> Signed-off-by:
David S. Miller <davem@davemloft.net>
-
Thomas Graf authored
Utilize the new metadata dst to attach encapsulation instructions to the skb. The existing egress_tun_info via the OVS_CB() is left in place until all tunnel vports have been converted to the new method. Signed-off-by:
-
- 01 Jun, 2015 1 commit
-
-
Neil McKee authored
If new optional attribute OVS_USERSPACE_ATTR_ACTIONS is added to an OVS_ACTION_ATTR_USERSPACE action, then include the datapath actions in the upcall. This Directly associates the sampled packet with the path it takes through the virtual switch. Path information currently includes mangling, encapsulation and decapsulation actions for tunneling protocols GRE, VXLAN, Geneve, MPLS and QinQ, but this extension requires no further changes to accommodate datapath actions that may be added in the future. Adding path information enhances visibility into complex virtual networks. Signed-off-by:
Neil McKee <neil.mckee@inmon.com> Signed-off-by:
-
- 05 May, 2015 1 commit
-
-
Alexander Duyck authored
Replace "ntohs(proto) >= ETH_P_802_3_MIN" w/ eth_proto_is_802_3(proto). Signed-off-by:
Alexander Duyck <alexander.h.duyck@redhat.com> Signed-off-by:
-
- 12 Mar, 2015 1 commit
-
-
Eric W. Biederman authored
hold_net and release_net were an idea that turned out to be useless. The code has been disabled since 2008. Kill the code it is long past due. Signed-off-by:
"Eric W. Biederman" <ebiederm@xmission.com> Acked-by:
Eric Dumazet <edumazet@google.com> Signed-off-by:
-
- 20 Feb, 2015 1 commit
-
-
Pravin B Shelar authored
Open vSwitch allows moving internal vport to different namespace while still connected to the bridge. But when namespace deleted OVS does not detach these vports, that results in dangling pointer to netdevice which causes kernel panic as follows. This issue is fixed by detaching all ovs ports from the deleted namespace at net-exit. BUG: unable to handle kernel NULL pointer dereference at 0000000000000028 IP: [<ffffffffa0aadaa5>] ovs_vport_locate+0x35/0x80 [openvswitch] Oops: 0000 [#1] SMP Call Trace: [<ffffffffa0aa6391>] lookup_vport+0x21/0xd0 [openvswitch] [<ffffffffa0aa65f9>] ovs_vport_cmd_get+0x59/0xf0 [openvswitch] [<ffffffff8167e07c>] genl_family_rcv_msg+0x1bc/0x3e0 [<ffffffff8167e319>] genl_rcv_msg+0x79/0xc0 [<ffffffff8167d919>] netlink_rcv_skb+0xb9/0xe0 [<ffffffff8167deac>] genl_rcv+0x2c/0x40 [<ffffffff8167cffd>] netlink_unicast+0x12d/0x1c0 [<ffffffff8167d3da>] netlink_sendmsg+0x34a/0x6b0 [<ffffffff8162e140>] sock_sendmsg+0xa0/0xe0 [<ffffffff8162e5e8>] ___sys_sendmsg+0x408/0x420 [<ffffffff8162f541>] __sys_sendmsg+0x51/0x90 [<ffffffff8162f592>] SyS_sendmsg+0x12/0x20 [<ffffffff81764ee9>] system_call_fastpath+0x12/0x17 Reported-by:
Assaf Muller <amuller@redhat.com> Fixes: 46df7b81("openvswitch: Add support for network namespaces.") Signed-off-by:
Thomas Graf <tgraf@noironetworks.com> Signed-off-by:
-
- 26 Jan, 2015 2 commits
-
-
Joe Stringer authored
Previously, flows were manipulated by userspace specifying a full, unmasked flow key. This adds significant burden onto flow serialization/deserialization, particularly when dumping flows. This patch adds an alternative way to refer to flows using a variable-length "unique flow identifier" (UFID). At flow setup time, userspace may specify a UFID for a flow, which is stored with the flow and inserted into a separate table for lookup, in addition to the standard flow table. Flows created using a UFID must be fetched or deleted using the UFID. All flow dump operations may now be made more terse with OVS_UFID_F_* flags. For example, the OVS_UFID_F_OMIT_KEY flag allows responses to omit the flow key from a datapath operation if the flow has a corresponding UFID. This significantly reduces the time spent assembling and transacting netlink messages. With all OVS_UFID_F_OMIT_* flags enabled, the datapath only returns the UFID and statistics for each flow during flow dump, increasing ovs-vswitchd revalidator performance by 40% or more. Signed-off-by:
Joe Stringer <joestringer@nicira.com> Acked-by:
-
Joe Stringer authored
Refactor the ovs_nla_fill_match() function into separate netlink serialization functions ovs_nla_put_{unmasked_key,mask}(). Modify ovs_nla_put_flow() to handle attribute nesting and expose the 'is_mask' parameter - all callers need to nest the flow, and callers have better knowledge about whether it is serializing a mask or not. Signed-off-by:
-
- 17 Jan, 2015 1 commit
-
-
Johannes Berg authored
Contrary to common expectations for an "int" return, these functions return only a positive value -- if used correctly they cannot even return 0 because the message header will necessarily be in the skb. This makes the very common pattern of if (genlmsg_end(...) < 0) { ... } be a whole bunch of dead code. Many places also simply do return nlmsg_end(...); and the caller is expected to deal with it. This also commonly (at least for me) causes errors, because it is very common to write if (my_function(...)) /* error condition */ and if my_function() does "return nlmsg_end()" this is of course wrong. Additionally, there's not a single place in the kernel that actually needs the message length returned, and if anyone needs it later then it'll be very easy to just use skb->len there. Remove this, and make the functions void. This removes a bunch of dead code as described above. The patch adds lines because I did - return nlmsg_end(...); + nlmsg_end(...); + return 0; I could have preserved all the function's return values by returning skb->len, but instead I've audited all the places calling the affected functions and found that none cared. A few places actually compared the return value with <= 0 in dump functionality, but that could just be changed to < 0 with no change in behaviour, so I opted for the more efficient version. One instance of the error I've made numerous times now is also present in net/phonet/pn_netlink.c in the route_dumpit() function - it didn't check for <0 or <=0 and thus broke out of the loop every single time. I've preserved this since it will (I think) have caused the messages to userspace to be formatted differently with just a single message for every SKB returned to userspace. It's possible that this isn't needed for the tools that actually use this, but I don't even know what they are so couldn't test that changing this behaviour would be acceptable. Signed-off-by:Johannes Berg <johannes.berg@intel.com> Signed-off-by:
-
- 14 Jan, 2015 1 commit
-
-
Thomas Graf authored
User space is currently sending a OVS_FLOW_ATTR_PROBE for both flow and packet messages. This leads to an out-of-bounds access in ovs_packet_cmd_execute() because OVS_FLOW_ATTR_PROBE > OVS_PACKET_ATTR_MAX. Introduce a new OVS_PACKET_ATTR_PROBE with the same numeric value as OVS_FLOW_ATTR_PROBE to grow the range of accepted packet attributes while maintaining to be binary compatible with existing OVS binaries. Fixes: 05da5898 ("openvswitch: Add support for OVS_FLOW_ATTR_PROBE.") Reported-by:
Sander Eikelenboom <linux@eikelenboom.it> Tracked-down-by:
Florian Westphal <fw@strlen.de> Signed-off-by:
Jesse Gross <jesse@nicira.com> Acked-by:
-
- 13 Jan, 2015 1 commit
-
-
Jiri Pirko authored
The same macros are used for rx as well. So rename it. Signed-off-by:
Jiri Pirko <jiri@resnulli.us> Signed-off-by:
-
- 27 Dec, 2014 1 commit
-
-
Johannes Berg authored
There's no point to force the caller to know about the internal genl_sock to use inside struct net, just have them pass the network namespace. This doesn't really change code generation since it's an inline, but makes the caller less magic - there's never any reason to pass another socket. Signed-off-by:
-
- 21 Nov, 2014 2 commits
-
-
Jiri Pirko authored
Use them to push skb->vlan_tci into the payload and avoid code duplication. Signed-off-by:
-
Jiri Pirko authored
Name fits better. Plus there's going to be introduced __vlan_insert_tag later on. Signed-off-by:
-
- 14 Nov, 2014 1 commit
-
-
Pravin B Shelar authored
dp read operations depends on ovs_dp_cmd_fill_info(). This API needs to looup vport to find dp name, but vport lookup can fail. Therefore to keep vport reference alive we need to take ovs lock. Introduced by commit 6093ae9a ("openvswitch: Minimize dp and vport critical sections"). Signed-off-by:
Andy Zhou <azhou@nicira.com>
-
- 09 Nov, 2014 5 commits
-
-
Jarno Rajahalme authored
This new flag is useful for suppressing error logging while probing for datapath features using flow commands. For backwards compatibility reasons the commands are executed normally, but error logging is suppressed. Signed-off-by:
Jarno Rajahalme <jrajahalme@nicira.com> Signed-off-by:
-
Thomas Graf authored
Help produce better optimized code. Signed-off-by:
-
Pravin B Shelar authored
struct dp_upcall_info has pointer to pkt_key which is already available in OVS_CB. This also simplifies upcall handling for gso packet. Signed-off-by:
-
Wenyu Zhang authored
OVS vswitch has extended IPFIX exporter to export tunnel headers to improve network visibility. To export this information userspace needs to know egress tunnel for given packet. By extending packet attributes datapath can export egress tunnel info for given packet. So that userspace can ask for egress tunnel info in userspace action. This information is used to build IPFIX data for given flow. Signed-off-by:
Wenyu Zhang <wenyuz@vmware.com> Acked-by:
Romain Lenglet <rlenglet@vmware.com> Acked-by:
Ben Pfaff <blp@nicira.com> Signed-off-by:
-
Pravin B Shelar authored
vport can be compiled as modules, therefore openvswitch needs to export few symbols. Export them as GPL symbols. CC: Thomas Graf <tgraf@noironetworks.com> Signed-off-by:
-
- 06 Nov, 2014 8 commits
-
-
Pravin B Shelar authored
There are two separate API to allocate and copy actions list. Anytime OVS needs to copy action list, it needs to call both functions. Following patch moves action allocation to copy function to avoid code duplication. Signed-off-by:
-
Joe Stringer authored
flow-netlink has netlink related code. Signed-off-by:
-
Lorand Jakab authored
The 'flow' memeber was chosen for removal because it's only used in ovs_execute_actions() we can pass it as argument to this function. Signed-off-by:
Lorand Jakab <lojakab@cisco.com> Signed-off-by:
-
Andy Zhou authored
Avoid recursive read_rcu_lock() by using the lighter weight get_dp_rcu() API. Add proper locking assertions to get_dp(). Signed-off-by:
-
Joe Stringer authored
Split up ovs_flow_cmd_fill_info() to make it easier to cache parts of a dump reply. This will be used to streamline flow_dump in a future patch. Signed-off-by:
-
Jesse Gross authored
There are many possible ways that a flow can be invalid so we've added logging for most of them. This adds logs for the remaining possible cases so there isn't any ambiguity while debugging. CC: Federico Iezzi <fiezzi@enter.it> Signed-off-by:
-
Pravin B Shelar authored
Ths simplifies flow-table-destroy API. No need to pass explicit parameter about context. Signed-off-by:
Thomas Graf <tgraf@redhat.com>
-
Simon Horman authored
Allow datapath to recognize and extract MPLS labels into flow keys and execute actions which push, pop, and set labels on packets. Based heavily on work by Leo Alterman, Ravi K, Isaku Yamahata and Joe Stringer. Cc: Ravi K <rkerur@gmail.com> Cc: Leo Alterman <lalterman@nicira.com> Cc: Isaku Yamahata <yamahata@valinux.co.jp> Cc: Joe Stringer <joe@wand.net.nz> Signed-off-by:
Simon Horman <horms@verge.net.au> Signed-off-by:
-
- 28 Oct, 2014 2 commits
-
-
David S. Miller authored
ERROR: "lockdep_ovsl_is_held" [net/openvswitch/vport-gre.ko] undefined! Reported-by:
Alexei Starovoitov <alexei.starovoitov@gmail.com> Signed-off-by:
-
Thomas Graf authored
The internal and netdev vport remain part of openvswitch.ko. Encap vports including vxlan, gre, and geneve can be built as separate modules and are loaded on demand. Modules can be unloaded after use. Datapath ports keep a reference to the vport module during their lifetime. Allows to remove the error prone maintenance of the global list vport_ops_list. Signed-off-by:
-
- 20 Oct, 2014 1 commit
-
-
Florian Westphal authored
skb_gso_segment has three possible return values: 1. a pointer to the first segmented skb 2. an errno value (IS_ERR()) 3. NULL. This can happen when GSO is used for header verification. However, several callers currently test IS_ERR instead of IS_ERR_OR_NULL and would oops when NULL is returned. Note that these call sites should never actually see such a NULL return value; all callers mask out the GSO bits in the feature argument. However, there have been issues with some protocol handlers erronously not respecting the specified feature mask in some cases. It is preferable to get 'have to turn off hw offloading, else slow' reports rather than 'kernel crashes'. Signed-off-by:
-
- 05 Oct, 2014 3 commits
-
-
Jesse Gross authored
The Openvswitch implementation is completely agnostic to the options that are in use and can handle newly defined options without further work. It does this by simply matching on a byte array of options and allowing userspace to setup flows on this array. Signed-off-by:
Ansis Atteka <aatteka@nicira.com> Signed-off-by:
-
Jesse Gross authored
As the size of the flow key grows, it can put some pressure on the stack. This is particularly true in ovs_flow_cmd_set(), which needs several copies of the key on the stack. One of those uses is logically separate, so this factors it out to reduce stack pressure and improve readibility. Signed-off-by:
-
Jesse Gross authored
Some tunnel formats have mechanisms for indicating that packets are OAM frames that should be handled specially (either as high priority or not forwarded beyond an endpoint). This provides support for allowing those types of packets to be matched. Signed-off-by:
-
- 19 Sep, 2014 1 commit
-
-
Samuel Gauthier authored
Since commit fb5d1e9e ("openvswitch: Build flow cmd netlink reply only if needed."), the new flows are not notified to the listeners of OVS_FLOW_MCGROUP. This commit fixes the problem by using the genl function, ie genl_has_listerners() instead of netlink_has_listeners(). Signed-off-by:
Samuel Gauthier <samuel.gauthier@6wind.com> Signed-off-by:
Nicolas Dichtel <nicolas.dichtel@6wind.com> Acked-by:
-
- 16 Sep, 2014 4 commits
-
-
Andy Zhou authored
Recirc action allows a packet to reenter openvswitch processing. currently openvswitch lookup flow for packet received and execute set of actions on that packet, with help of recirc action we can process/modify the packet and recirculate it back in openvswitch for another pass. OVS hash action calculates 5-tupple hash and set hash in flow-key hash. This can be used along with recirculation for distributing packets among different ports for bond devices. For example: OVS bonding can use following actions: Match on: bond flow; Action: hash, recirc(id) Match on: recirc-id == id and hash lower bits == a; Action: output port_bond_a Signed-off-by: -
Pravin B Shelar authored
Currently tun_key is used for passing tunnel information on ingress and egress path, this cause confusion. Following patch removes its use on ingress path make it egress only parameter. Signed-off-by:
-
Pravin B Shelar authored
OVS flow extract is called on packet receive or packet execute code path. Following patch defines separate API for extracting flow-key in packet execute code path. Signed-off-by:
-
Pravin B Shelar authored
OVS keeps pointer to packet key in skb->cb, but the packet key is store on stack. This could make code bit tricky. So it is better to get rid of the pointer. Signed-off-by:
-
- 03 Sep, 2014 1 commit
-
-
Li RongQing authored
distinguish between the dropped and consumed skb, not assume the skb is consumed always Cc: Thomas Graf <tgraf@noironetworks.com> Cc: Pravin Shelar <pshelar@nicira.com> Signed-off-by:
Li RongQing <roy.qing.li@gmail.com> Acked-by:
-
