2 * Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013, 2014 Nicira, Inc.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at:
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 #include "dpif-provider.h"
27 #include "dynamic-string.h"
31 #include "odp-execute.h"
33 #include "ofp-errors.h"
34 #include "ofp-print.h"
38 #include "poll-loop.h"
46 VLOG_DEFINE_THIS_MODULE(dpif);
48 COVERAGE_DEFINE(dpif_destroy);
49 COVERAGE_DEFINE(dpif_port_add);
50 COVERAGE_DEFINE(dpif_port_del);
51 COVERAGE_DEFINE(dpif_flow_flush);
52 COVERAGE_DEFINE(dpif_flow_get);
53 COVERAGE_DEFINE(dpif_flow_put);
54 COVERAGE_DEFINE(dpif_flow_del);
55 COVERAGE_DEFINE(dpif_execute);
56 COVERAGE_DEFINE(dpif_purge);
57 COVERAGE_DEFINE(dpif_execute_with_help);
59 static const struct dpif_class *base_dpif_classes[] = {
66 struct registered_dpif_class {
67 const struct dpif_class *dpif_class;
70 static struct shash dpif_classes = SHASH_INITIALIZER(&dpif_classes);
71 static struct sset dpif_blacklist = SSET_INITIALIZER(&dpif_blacklist);
73 /* Protects 'dpif_classes', including the refcount, and 'dpif_blacklist'. */
74 static struct ovs_mutex dpif_mutex = OVS_MUTEX_INITIALIZER;
76 /* Rate limit for individual messages going to or from the datapath, output at
77 * DBG level. This is very high because, if these are enabled, it is because
78 * we really need to see them. */
79 static struct vlog_rate_limit dpmsg_rl = VLOG_RATE_LIMIT_INIT(600, 600);
81 /* Not really much point in logging many dpif errors. */
82 static struct vlog_rate_limit error_rl = VLOG_RATE_LIMIT_INIT(60, 5);
84 static void log_flow_message(const struct dpif *dpif, int error,
85 const char *operation,
86 const struct nlattr *key, size_t key_len,
87 const struct nlattr *mask, size_t mask_len,
88 const struct dpif_flow_stats *stats,
89 const struct nlattr *actions, size_t actions_len);
90 static void log_operation(const struct dpif *, const char *operation,
92 static bool should_log_flow_message(int error);
93 static void log_flow_put_message(struct dpif *, const struct dpif_flow_put *,
95 static void log_flow_del_message(struct dpif *, const struct dpif_flow_del *,
97 static void log_execute_message(struct dpif *, const struct dpif_execute *,
103 static struct ovsthread_once once = OVSTHREAD_ONCE_INITIALIZER;
105 if (ovsthread_once_start(&once)) {
108 for (i = 0; i < ARRAY_SIZE(base_dpif_classes); i++) {
109 dp_register_provider(base_dpif_classes[i]);
111 ovsthread_once_done(&once);
116 dp_register_provider__(const struct dpif_class *new_class)
118 struct registered_dpif_class *registered_class;
120 if (sset_contains(&dpif_blacklist, new_class->type)) {
121 VLOG_DBG("attempted to register blacklisted provider: %s",
126 if (shash_find(&dpif_classes, new_class->type)) {
127 VLOG_WARN("attempted to register duplicate datapath provider: %s",
132 registered_class = xmalloc(sizeof *registered_class);
133 registered_class->dpif_class = new_class;
134 registered_class->refcount = 0;
136 shash_add(&dpif_classes, new_class->type, registered_class);
141 /* Registers a new datapath provider. After successful registration, new
142 * datapaths of that type can be opened using dpif_open(). */
144 dp_register_provider(const struct dpif_class *new_class)
148 ovs_mutex_lock(&dpif_mutex);
149 error = dp_register_provider__(new_class);
150 ovs_mutex_unlock(&dpif_mutex);
155 /* Unregisters a datapath provider. 'type' must have been previously
156 * registered and not currently be in use by any dpifs. After unregistration
157 * new datapaths of that type cannot be opened using dpif_open(). */
159 dp_unregister_provider__(const char *type)
161 struct shash_node *node;
162 struct registered_dpif_class *registered_class;
164 node = shash_find(&dpif_classes, type);
166 VLOG_WARN("attempted to unregister a datapath provider that is not "
167 "registered: %s", type);
171 registered_class = node->data;
172 if (registered_class->refcount) {
173 VLOG_WARN("attempted to unregister in use datapath provider: %s", type);
177 shash_delete(&dpif_classes, node);
178 free(registered_class);
183 /* Unregisters a datapath provider. 'type' must have been previously
184 * registered and not currently be in use by any dpifs. After unregistration
185 * new datapaths of that type cannot be opened using dpif_open(). */
187 dp_unregister_provider(const char *type)
193 ovs_mutex_lock(&dpif_mutex);
194 error = dp_unregister_provider__(type);
195 ovs_mutex_unlock(&dpif_mutex);
200 /* Blacklists a provider. Causes future calls of dp_register_provider() with
201 * a dpif_class which implements 'type' to fail. */
203 dp_blacklist_provider(const char *type)
205 ovs_mutex_lock(&dpif_mutex);
206 sset_add(&dpif_blacklist, type);
207 ovs_mutex_unlock(&dpif_mutex);
210 /* Clears 'types' and enumerates the types of all currently registered datapath
211 * providers into it. The caller must first initialize the sset. */
213 dp_enumerate_types(struct sset *types)
215 struct shash_node *node;
220 ovs_mutex_lock(&dpif_mutex);
221 SHASH_FOR_EACH(node, &dpif_classes) {
222 const struct registered_dpif_class *registered_class = node->data;
223 sset_add(types, registered_class->dpif_class->type);
225 ovs_mutex_unlock(&dpif_mutex);
229 dp_class_unref(struct registered_dpif_class *rc)
231 ovs_mutex_lock(&dpif_mutex);
232 ovs_assert(rc->refcount);
234 ovs_mutex_unlock(&dpif_mutex);
237 static struct registered_dpif_class *
238 dp_class_lookup(const char *type)
240 struct registered_dpif_class *rc;
242 ovs_mutex_lock(&dpif_mutex);
243 rc = shash_find_data(&dpif_classes, type);
247 ovs_mutex_unlock(&dpif_mutex);
252 /* Clears 'names' and enumerates the names of all known created datapaths with
253 * the given 'type'. The caller must first initialize the sset. Returns 0 if
254 * successful, otherwise a positive errno value.
256 * Some kinds of datapaths might not be practically enumerable. This is not
257 * considered an error. */
259 dp_enumerate_names(const char *type, struct sset *names)
261 struct registered_dpif_class *registered_class;
262 const struct dpif_class *dpif_class;
268 registered_class = dp_class_lookup(type);
269 if (!registered_class) {
270 VLOG_WARN("could not enumerate unknown type: %s", type);
274 dpif_class = registered_class->dpif_class;
275 error = dpif_class->enumerate ? dpif_class->enumerate(names) : 0;
277 VLOG_WARN("failed to enumerate %s datapaths: %s", dpif_class->type,
278 ovs_strerror(error));
280 dp_class_unref(registered_class);
285 /* Parses 'datapath_name_', which is of the form [type@]name into its
286 * component pieces. 'name' and 'type' must be freed by the caller.
288 * The returned 'type' is normalized, as if by dpif_normalize_type(). */
290 dp_parse_name(const char *datapath_name_, char **name, char **type)
292 char *datapath_name = xstrdup(datapath_name_);
295 separator = strchr(datapath_name, '@');
298 *type = datapath_name;
299 *name = xstrdup(dpif_normalize_type(separator + 1));
301 *name = datapath_name;
302 *type = xstrdup(dpif_normalize_type(NULL));
307 do_open(const char *name, const char *type, bool create, struct dpif **dpifp)
309 struct dpif *dpif = NULL;
311 struct registered_dpif_class *registered_class;
315 type = dpif_normalize_type(type);
316 registered_class = dp_class_lookup(type);
317 if (!registered_class) {
318 VLOG_WARN("could not create datapath %s of unknown type %s", name,
320 error = EAFNOSUPPORT;
324 error = registered_class->dpif_class->open(registered_class->dpif_class,
325 name, create, &dpif);
327 ovs_assert(dpif->dpif_class == registered_class->dpif_class);
329 dp_class_unref(registered_class);
333 *dpifp = error ? NULL : dpif;
337 /* Tries to open an existing datapath named 'name' and type 'type'. Will fail
338 * if no datapath with 'name' and 'type' exists. 'type' may be either NULL or
339 * the empty string to specify the default system type. Returns 0 if
340 * successful, otherwise a positive errno value. On success stores a pointer
341 * to the datapath in '*dpifp', otherwise a null pointer. */
343 dpif_open(const char *name, const char *type, struct dpif **dpifp)
345 return do_open(name, type, false, dpifp);
348 /* Tries to create and open a new datapath with the given 'name' and 'type'.
349 * 'type' may be either NULL or the empty string to specify the default system
350 * type. Will fail if a datapath with 'name' and 'type' already exists.
351 * Returns 0 if successful, otherwise a positive errno value. On success
352 * stores a pointer to the datapath in '*dpifp', otherwise a null pointer. */
354 dpif_create(const char *name, const char *type, struct dpif **dpifp)
356 return do_open(name, type, true, dpifp);
359 /* Tries to open a datapath with the given 'name' and 'type', creating it if it
360 * does not exist. 'type' may be either NULL or the empty string to specify
361 * the default system type. Returns 0 if successful, otherwise a positive
362 * errno value. On success stores a pointer to the datapath in '*dpifp',
363 * otherwise a null pointer. */
365 dpif_create_and_open(const char *name, const char *type, struct dpif **dpifp)
369 error = dpif_create(name, type, dpifp);
370 if (error == EEXIST || error == EBUSY) {
371 error = dpif_open(name, type, dpifp);
373 VLOG_WARN("datapath %s already exists but cannot be opened: %s",
374 name, ovs_strerror(error));
377 VLOG_WARN("failed to create datapath %s: %s",
378 name, ovs_strerror(error));
383 /* Closes and frees the connection to 'dpif'. Does not destroy the datapath
384 * itself; call dpif_delete() first, instead, if that is desirable. */
386 dpif_close(struct dpif *dpif)
389 struct registered_dpif_class *rc;
391 rc = shash_find_data(&dpif_classes, dpif->dpif_class->type);
392 dpif_uninit(dpif, true);
397 /* Performs periodic work needed by 'dpif'. */
399 dpif_run(struct dpif *dpif)
401 if (dpif->dpif_class->run) {
402 dpif->dpif_class->run(dpif);
406 /* Arranges for poll_block() to wake up when dp_run() needs to be called for
409 dpif_wait(struct dpif *dpif)
411 if (dpif->dpif_class->wait) {
412 dpif->dpif_class->wait(dpif);
416 /* Returns the name of datapath 'dpif' prefixed with the type
417 * (for use in log messages). */
419 dpif_name(const struct dpif *dpif)
421 return dpif->full_name;
424 /* Returns the name of datapath 'dpif' without the type
425 * (for use in device names). */
427 dpif_base_name(const struct dpif *dpif)
429 return dpif->base_name;
432 /* Returns the type of datapath 'dpif'. */
434 dpif_type(const struct dpif *dpif)
436 return dpif->dpif_class->type;
439 /* Returns the fully spelled out name for the given datapath 'type'.
441 * Normalized type string can be compared with strcmp(). Unnormalized type
442 * string might be the same even if they have different spellings. */
444 dpif_normalize_type(const char *type)
446 return type && type[0] ? type : "system";
449 /* Destroys the datapath that 'dpif' is connected to, first removing all of its
450 * ports. After calling this function, it does not make sense to pass 'dpif'
451 * to any functions other than dpif_name() or dpif_close(). */
453 dpif_delete(struct dpif *dpif)
457 COVERAGE_INC(dpif_destroy);
459 error = dpif->dpif_class->destroy(dpif);
460 log_operation(dpif, "delete", error);
464 /* Retrieves statistics for 'dpif' into 'stats'. Returns 0 if successful,
465 * otherwise a positive errno value. */
467 dpif_get_dp_stats(const struct dpif *dpif, struct dpif_dp_stats *stats)
469 int error = dpif->dpif_class->get_stats(dpif, stats);
471 memset(stats, 0, sizeof *stats);
473 log_operation(dpif, "get_stats", error);
478 dpif_port_open_type(const char *datapath_type, const char *port_type)
480 struct registered_dpif_class *rc;
482 datapath_type = dpif_normalize_type(datapath_type);
484 ovs_mutex_lock(&dpif_mutex);
485 rc = shash_find_data(&dpif_classes, datapath_type);
486 if (rc && rc->dpif_class->port_open_type) {
487 port_type = rc->dpif_class->port_open_type(rc->dpif_class, port_type);
489 ovs_mutex_unlock(&dpif_mutex);
494 /* Attempts to add 'netdev' as a port on 'dpif'. If 'port_nop' is
495 * non-null and its value is not ODPP_NONE, then attempts to use the
496 * value as the port number.
498 * If successful, returns 0 and sets '*port_nop' to the new port's port
499 * number (if 'port_nop' is non-null). On failure, returns a positive
500 * errno value and sets '*port_nop' to ODPP_NONE (if 'port_nop' is
503 dpif_port_add(struct dpif *dpif, struct netdev *netdev, odp_port_t *port_nop)
505 const char *netdev_name = netdev_get_name(netdev);
506 odp_port_t port_no = ODPP_NONE;
509 COVERAGE_INC(dpif_port_add);
515 error = dpif->dpif_class->port_add(dpif, netdev, &port_no);
517 VLOG_DBG_RL(&dpmsg_rl, "%s: added %s as port %"PRIu32,
518 dpif_name(dpif), netdev_name, port_no);
520 VLOG_WARN_RL(&error_rl, "%s: failed to add %s as port: %s",
521 dpif_name(dpif), netdev_name, ovs_strerror(error));
530 /* Attempts to remove 'dpif''s port number 'port_no'. Returns 0 if successful,
531 * otherwise a positive errno value. */
533 dpif_port_del(struct dpif *dpif, odp_port_t port_no)
537 COVERAGE_INC(dpif_port_del);
539 error = dpif->dpif_class->port_del(dpif, port_no);
541 VLOG_DBG_RL(&dpmsg_rl, "%s: port_del(%"PRIu32")",
542 dpif_name(dpif), port_no);
544 log_operation(dpif, "port_del", error);
549 /* Makes a deep copy of 'src' into 'dst'. */
551 dpif_port_clone(struct dpif_port *dst, const struct dpif_port *src)
553 dst->name = xstrdup(src->name);
554 dst->type = xstrdup(src->type);
555 dst->port_no = src->port_no;
558 /* Frees memory allocated to members of 'dpif_port'.
560 * Do not call this function on a dpif_port obtained from
561 * dpif_port_dump_next(): that function retains ownership of the data in the
564 dpif_port_destroy(struct dpif_port *dpif_port)
566 free(dpif_port->name);
567 free(dpif_port->type);
570 /* Checks if port named 'devname' exists in 'dpif'. If so, returns
571 * true; otherwise, returns false. */
573 dpif_port_exists(const struct dpif *dpif, const char *devname)
575 int error = dpif->dpif_class->port_query_by_name(dpif, devname, NULL);
576 if (error != 0 && error != ENOENT && error != ENODEV) {
577 VLOG_WARN_RL(&error_rl, "%s: failed to query port %s: %s",
578 dpif_name(dpif), devname, ovs_strerror(error));
584 /* Looks up port number 'port_no' in 'dpif'. On success, returns 0 and
585 * initializes '*port' appropriately; on failure, returns a positive errno
588 * The caller owns the data in 'port' and must free it with
589 * dpif_port_destroy() when it is no longer needed. */
591 dpif_port_query_by_number(const struct dpif *dpif, odp_port_t port_no,
592 struct dpif_port *port)
594 int error = dpif->dpif_class->port_query_by_number(dpif, port_no, port);
596 VLOG_DBG_RL(&dpmsg_rl, "%s: port %"PRIu32" is device %s",
597 dpif_name(dpif), port_no, port->name);
599 memset(port, 0, sizeof *port);
600 VLOG_WARN_RL(&error_rl, "%s: failed to query port %"PRIu32": %s",
601 dpif_name(dpif), port_no, ovs_strerror(error));
606 /* Looks up port named 'devname' in 'dpif'. On success, returns 0 and
607 * initializes '*port' appropriately; on failure, returns a positive errno
610 * The caller owns the data in 'port' and must free it with
611 * dpif_port_destroy() when it is no longer needed. */
613 dpif_port_query_by_name(const struct dpif *dpif, const char *devname,
614 struct dpif_port *port)
616 int error = dpif->dpif_class->port_query_by_name(dpif, devname, port);
618 VLOG_DBG_RL(&dpmsg_rl, "%s: device %s is on port %"PRIu32,
619 dpif_name(dpif), devname, port->port_no);
621 memset(port, 0, sizeof *port);
623 /* For ENOENT or ENODEV we use DBG level because the caller is probably
624 * interested in whether 'dpif' actually has a port 'devname', so that
625 * it's not an issue worth logging if it doesn't. Other errors are
626 * uncommon and more likely to indicate a real problem. */
628 error == ENOENT || error == ENODEV ? VLL_DBG : VLL_WARN,
629 "%s: failed to query port %s: %s",
630 dpif_name(dpif), devname, ovs_strerror(error));
635 /* Returns the Netlink PID value to supply in OVS_ACTION_ATTR_USERSPACE
636 * actions as the OVS_USERSPACE_ATTR_PID attribute's value, for use in
637 * flows whose packets arrived on port 'port_no'. In the case where the
638 * provider allocates multiple Netlink PIDs to a single port, it may use
639 * 'hash' to spread load among them. The caller need not use a particular
640 * hash function; a 5-tuple hash is suitable.
642 * (The datapath implementation might use some different hash function for
643 * distributing packets received via flow misses among PIDs. This means
644 * that packets received via flow misses might be reordered relative to
645 * packets received via userspace actions. This is not ordinarily a
648 * A 'port_no' of ODPP_NONE is a special case: it returns a reserved PID, not
649 * allocated to any port, that the client may use for special purposes.
651 * The return value is only meaningful when DPIF_UC_ACTION has been enabled in
652 * the 'dpif''s listen mask. It is allowed to change when DPIF_UC_ACTION is
653 * disabled and then re-enabled, so a client that does that must be prepared to
654 * update all of the flows that it installed that contain
655 * OVS_ACTION_ATTR_USERSPACE actions. */
657 dpif_port_get_pid(const struct dpif *dpif, odp_port_t port_no, uint32_t hash)
659 return (dpif->dpif_class->port_get_pid
660 ? (dpif->dpif_class->port_get_pid)(dpif, port_no, hash)
664 /* Looks up port number 'port_no' in 'dpif'. On success, returns 0 and copies
665 * the port's name into the 'name_size' bytes in 'name', ensuring that the
666 * result is null-terminated. On failure, returns a positive errno value and
667 * makes 'name' the empty string. */
669 dpif_port_get_name(struct dpif *dpif, odp_port_t port_no,
670 char *name, size_t name_size)
672 struct dpif_port port;
675 ovs_assert(name_size > 0);
677 error = dpif_port_query_by_number(dpif, port_no, &port);
679 ovs_strlcpy(name, port.name, name_size);
680 dpif_port_destroy(&port);
687 /* Initializes 'dump' to begin dumping the ports in a dpif.
689 * This function provides no status indication. An error status for the entire
690 * dump operation is provided when it is completed by calling
691 * dpif_port_dump_done().
694 dpif_port_dump_start(struct dpif_port_dump *dump, const struct dpif *dpif)
697 dump->error = dpif->dpif_class->port_dump_start(dpif, &dump->state);
698 log_operation(dpif, "port_dump_start", dump->error);
701 /* Attempts to retrieve another port from 'dump', which must have been
702 * initialized with dpif_port_dump_start(). On success, stores a new dpif_port
703 * into 'port' and returns true. On failure, returns false.
705 * Failure might indicate an actual error or merely that the last port has been
706 * dumped. An error status for the entire dump operation is provided when it
707 * is completed by calling dpif_port_dump_done().
709 * The dpif owns the data stored in 'port'. It will remain valid until at
710 * least the next time 'dump' is passed to dpif_port_dump_next() or
711 * dpif_port_dump_done(). */
713 dpif_port_dump_next(struct dpif_port_dump *dump, struct dpif_port *port)
715 const struct dpif *dpif = dump->dpif;
721 dump->error = dpif->dpif_class->port_dump_next(dpif, dump->state, port);
722 if (dump->error == EOF) {
723 VLOG_DBG_RL(&dpmsg_rl, "%s: dumped all ports", dpif_name(dpif));
725 log_operation(dpif, "port_dump_next", dump->error);
729 dpif->dpif_class->port_dump_done(dpif, dump->state);
735 /* Completes port table dump operation 'dump', which must have been initialized
736 * with dpif_port_dump_start(). Returns 0 if the dump operation was
737 * error-free, otherwise a positive errno value describing the problem. */
739 dpif_port_dump_done(struct dpif_port_dump *dump)
741 const struct dpif *dpif = dump->dpif;
743 dump->error = dpif->dpif_class->port_dump_done(dpif, dump->state);
744 log_operation(dpif, "port_dump_done", dump->error);
746 return dump->error == EOF ? 0 : dump->error;
749 /* Polls for changes in the set of ports in 'dpif'. If the set of ports in
750 * 'dpif' has changed, this function does one of the following:
752 * - Stores the name of the device that was added to or deleted from 'dpif' in
753 * '*devnamep' and returns 0. The caller is responsible for freeing
754 * '*devnamep' (with free()) when it no longer needs it.
756 * - Returns ENOBUFS and sets '*devnamep' to NULL.
758 * This function may also return 'false positives', where it returns 0 and
759 * '*devnamep' names a device that was not actually added or deleted or it
760 * returns ENOBUFS without any change.
762 * Returns EAGAIN if the set of ports in 'dpif' has not changed. May also
763 * return other positive errno values to indicate that something has gone
766 dpif_port_poll(const struct dpif *dpif, char **devnamep)
768 int error = dpif->dpif_class->port_poll(dpif, devnamep);
775 /* Arranges for the poll loop to wake up when port_poll(dpif) will return a
776 * value other than EAGAIN. */
778 dpif_port_poll_wait(const struct dpif *dpif)
780 dpif->dpif_class->port_poll_wait(dpif);
783 /* Extracts the flow stats for a packet. The 'flow' and 'packet'
784 * arguments must have been initialized through a call to flow_extract().
785 * 'used' is stored into stats->used. */
787 dpif_flow_stats_extract(const struct flow *flow, const struct ofpbuf *packet,
788 long long int used, struct dpif_flow_stats *stats)
790 stats->tcp_flags = ntohs(flow->tcp_flags);
791 stats->n_bytes = ofpbuf_size(packet);
792 stats->n_packets = 1;
796 /* Appends a human-readable representation of 'stats' to 's'. */
798 dpif_flow_stats_format(const struct dpif_flow_stats *stats, struct ds *s)
800 ds_put_format(s, "packets:%"PRIu64", bytes:%"PRIu64", used:",
801 stats->n_packets, stats->n_bytes);
803 ds_put_format(s, "%.3fs", (time_msec() - stats->used) / 1000.0);
805 ds_put_format(s, "never");
807 if (stats->tcp_flags) {
808 ds_put_cstr(s, ", flags:");
809 packet_format_tcp_flags(s, stats->tcp_flags);
813 /* Deletes all flows from 'dpif'. Returns 0 if successful, otherwise a
814 * positive errno value. */
816 dpif_flow_flush(struct dpif *dpif)
820 COVERAGE_INC(dpif_flow_flush);
822 error = dpif->dpif_class->flow_flush(dpif);
823 log_operation(dpif, "flow_flush", error);
827 /* Queries 'dpif' for a flow entry. The flow is specified by the Netlink
828 * attributes with types OVS_KEY_ATTR_* in the 'key_len' bytes starting at
831 * Returns 0 if successful. If no flow matches, returns ENOENT. On other
832 * failure, returns a positive errno value.
834 * If 'actionsp' is nonnull, then on success '*actionsp' will be set to an
835 * ofpbuf owned by the caller that contains the Netlink attributes for the
836 * flow's actions. The caller must free the ofpbuf (with ofpbuf_delete()) when
837 * it is no longer needed.
839 * If 'stats' is nonnull, then on success it will be updated with the flow's
842 dpif_flow_get(const struct dpif *dpif,
843 const struct nlattr *key, size_t key_len,
844 struct ofpbuf **actionsp, struct dpif_flow_stats *stats)
848 COVERAGE_INC(dpif_flow_get);
850 error = dpif->dpif_class->flow_get(dpif, key, key_len, actionsp, stats);
856 memset(stats, 0, sizeof *stats);
859 if (should_log_flow_message(error)) {
860 const struct nlattr *actions;
863 if (!error && actionsp) {
864 actions = ofpbuf_data(*actionsp);
865 actions_len = ofpbuf_size(*actionsp);
870 log_flow_message(dpif, error, "flow_get", key, key_len,
871 NULL, 0, stats, actions, actions_len);
877 dpif_flow_put__(struct dpif *dpif, const struct dpif_flow_put *put)
881 COVERAGE_INC(dpif_flow_put);
882 ovs_assert(!(put->flags & ~(DPIF_FP_CREATE | DPIF_FP_MODIFY
883 | DPIF_FP_ZERO_STATS)));
885 error = dpif->dpif_class->flow_put(dpif, put);
886 if (error && put->stats) {
887 memset(put->stats, 0, sizeof *put->stats);
889 log_flow_put_message(dpif, put, error);
893 /* Adds or modifies a flow in 'dpif'. The flow is specified by the Netlink
894 * attribute OVS_FLOW_ATTR_KEY with types OVS_KEY_ATTR_* in the 'key_len' bytes
895 * starting at 'key', and OVS_FLOW_ATTR_MASK with types of OVS_KEY_ATTR_* in
896 * the 'mask_len' bytes starting at 'mask'. The associated actions are
897 * specified by the Netlink attributes with types OVS_ACTION_ATTR_* in the
898 * 'actions_len' bytes starting at 'actions'.
900 * - If the flow's key does not exist in 'dpif', then the flow will be added if
901 * 'flags' includes DPIF_FP_CREATE. Otherwise the operation will fail with
904 * The datapath may reject attempts to insert overlapping flows with EINVAL
905 * or EEXIST, but clients should not rely on this: avoiding overlapping flows
906 * is primarily the client's responsibility.
908 * If the operation succeeds, then 'stats', if nonnull, will be zeroed.
910 * - If the flow's key does exist in 'dpif', then the flow's actions will be
911 * updated if 'flags' includes DPIF_FP_MODIFY. Otherwise the operation will
912 * fail with EEXIST. If the flow's actions are updated, then its statistics
913 * will be zeroed if 'flags' includes DPIF_FP_ZERO_STATS, and left as-is
916 * If the operation succeeds, then 'stats', if nonnull, will be set to the
917 * flow's statistics before the update.
920 dpif_flow_put(struct dpif *dpif, enum dpif_flow_put_flags flags,
921 const struct nlattr *key, size_t key_len,
922 const struct nlattr *mask, size_t mask_len,
923 const struct nlattr *actions, size_t actions_len,
924 struct dpif_flow_stats *stats)
926 struct dpif_flow_put put;
930 put.key_len = key_len;
932 put.mask_len = mask_len;
933 put.actions = actions;
934 put.actions_len = actions_len;
936 return dpif_flow_put__(dpif, &put);
940 dpif_flow_del__(struct dpif *dpif, struct dpif_flow_del *del)
944 COVERAGE_INC(dpif_flow_del);
946 error = dpif->dpif_class->flow_del(dpif, del);
947 if (error && del->stats) {
948 memset(del->stats, 0, sizeof *del->stats);
950 log_flow_del_message(dpif, del, error);
954 /* Deletes a flow from 'dpif' and returns 0, or returns ENOENT if 'dpif' does
955 * not contain such a flow. The flow is specified by the Netlink attributes
956 * with types OVS_KEY_ATTR_* in the 'key_len' bytes starting at 'key'.
958 * If the operation succeeds, then 'stats', if nonnull, will be set to the
959 * flow's statistics before its deletion. */
961 dpif_flow_del(struct dpif *dpif,
962 const struct nlattr *key, size_t key_len,
963 struct dpif_flow_stats *stats)
965 struct dpif_flow_del del;
968 del.key_len = key_len;
970 return dpif_flow_del__(dpif, &del);
973 /* Allocates thread-local state for use with the 'flow_dump_next' function for
974 * 'dpif'. On return, initializes '*statep' with any private data needed for
977 dpif_flow_dump_state_init(const struct dpif *dpif, void **statep)
979 dpif->dpif_class->flow_dump_state_init(statep);
982 /* Releases 'state' which was initialized by a call to the
983 * 'flow_dump_state_init' function for 'dpif'. */
985 dpif_flow_dump_state_uninit(const struct dpif *dpif, void *state)
987 dpif->dpif_class->flow_dump_state_uninit(state);
990 /* Initializes 'dump' to begin dumping the flows in a dpif. On sucess,
991 * initializes 'dump' with any data needed for iteration and returns 0.
992 * Otherwise, returns a positive errno value describing the problem. */
994 dpif_flow_dump_start(struct dpif_flow_dump *dump, const struct dpif *dpif)
998 error = dpif->dpif_class->flow_dump_start(dpif, &dump->iter);
999 log_operation(dpif, "flow_dump_start", error);
1003 /* Attempts to retrieve another flow from 'dump', using 'state' for
1004 * thread-local storage. 'dump' must have been initialized with a successful
1005 * call to dpif_flow_dump_start(), and 'state' must have been initialized with
1006 * dpif_flow_state_init().
1008 * On success, updates the output parameters as described below and returns
1009 * true. Otherwise, returns false. Failure might indicate an actual error or
1010 * merely the end of the flow table. An error status for the entire dump
1011 * operation is provided when it is completed by calling dpif_flow_dump_done().
1012 * Multiple threads may use the same 'dump' with this function, but all other
1013 * parameters must not be shared.
1015 * On success, if 'key' and 'key_len' are nonnull then '*key' and '*key_len'
1016 * will be set to Netlink attributes with types OVS_KEY_ATTR_* representing the
1017 * dumped flow's key. If 'actions' and 'actions_len' are nonnull then they are
1018 * set to Netlink attributes with types OVS_ACTION_ATTR_* representing the
1019 * dumped flow's actions. If 'stats' is nonnull then it will be set to the
1020 * dumped flow's statistics.
1022 * All of the returned data is owned by 'dpif', not by the caller, and the
1023 * caller must not modify or free it. 'dpif' guarantees that it remains
1024 * accessible and unchanging until at least the next call to 'flow_dump_next'
1025 * or 'flow_dump_done' for 'dump' and 'state'. */
1027 dpif_flow_dump_next(struct dpif_flow_dump *dump, void *state,
1028 const struct nlattr **key, size_t *key_len,
1029 const struct nlattr **mask, size_t *mask_len,
1030 const struct nlattr **actions, size_t *actions_len,
1031 const struct dpif_flow_stats **stats)
1033 const struct dpif *dpif = dump->dpif;
1036 error = dpif->dpif_class->flow_dump_next(dpif, dump->iter, state,
1037 key, key_len, mask, mask_len,
1038 actions, actions_len, stats);
1057 VLOG_DBG_RL(&dpmsg_rl, "%s: dumped all flows", dpif_name(dpif));
1058 } else if (should_log_flow_message(error)) {
1059 log_flow_message(dpif, error, "flow_dump",
1060 key ? *key : NULL, key ? *key_len : 0,
1061 mask ? *mask : NULL, mask ? *mask_len : 0,
1062 stats ? *stats : NULL, actions ? *actions : NULL,
1063 actions ? *actions_len : 0);
1068 /* Determines whether the next call to 'dpif_flow_dump_next' for 'dump' and
1069 * 'state' will modify or free the keys that it previously returned. 'state'
1070 * must have been initialized by a call to 'dpif_flow_dump_state_init' for
1073 * 'dpif' guarantees that data returned by flow_dump_next() will remain
1074 * accessible and unchanging until the next call. This function provides a way
1075 * for callers to determine whether that guarantee extends beyond the next
1078 * Returns true if the next call to flow_dump_next() is expected to be
1079 * destructive to previously returned keys for 'state', false otherwise. */
1081 dpif_flow_dump_next_may_destroy_keys(struct dpif_flow_dump *dump, void *state)
1083 const struct dpif *dpif = dump->dpif;
1084 return (dpif->dpif_class->flow_dump_next_may_destroy_keys
1085 ? dpif->dpif_class->flow_dump_next_may_destroy_keys(state)
1089 /* Completes flow table dump operation 'dump', which must have been initialized
1090 * with a successful call to dpif_flow_dump_start(). Returns 0 if the dump
1091 * operation was error-free, otherwise a positive errno value describing the
1094 dpif_flow_dump_done(struct dpif_flow_dump *dump)
1096 const struct dpif *dpif = dump->dpif;
1097 int error = dpif->dpif_class->flow_dump_done(dpif, dump->iter);
1098 log_operation(dpif, "flow_dump_done", error);
1099 return error == EOF ? 0 : error;
1102 struct dpif_execute_helper_aux {
1107 /* This is called for actions that need the context of the datapath to be
1110 dpif_execute_helper_cb(void *aux_, struct ofpbuf *packet,
1111 struct pkt_metadata *md,
1112 const struct nlattr *action, bool may_steal OVS_UNUSED)
1114 struct dpif_execute_helper_aux *aux = aux_;
1115 struct dpif_execute execute;
1116 int type = nl_attr_type(action);
1118 switch ((enum ovs_action_attr)type) {
1119 case OVS_ACTION_ATTR_OUTPUT:
1120 case OVS_ACTION_ATTR_USERSPACE:
1121 execute.actions = action;
1122 execute.actions_len = NLA_ALIGN(action->nla_len);
1123 execute.packet = packet;
1125 execute.needs_help = false;
1126 aux->error = aux->dpif->dpif_class->execute(aux->dpif, &execute);
1129 case OVS_ACTION_ATTR_PUSH_VLAN:
1130 case OVS_ACTION_ATTR_POP_VLAN:
1131 case OVS_ACTION_ATTR_PUSH_MPLS:
1132 case OVS_ACTION_ATTR_POP_MPLS:
1133 case OVS_ACTION_ATTR_SET:
1134 case OVS_ACTION_ATTR_SAMPLE:
1135 case OVS_ACTION_ATTR_UNSPEC:
1136 case OVS_ACTION_ATTR_RECIRC:
1137 case __OVS_ACTION_ATTR_MAX:
1142 /* Executes 'execute' by performing most of the actions in userspace and
1143 * passing the fully constructed packets to 'dpif' for output and userspace
1146 * This helps with actions that a given 'dpif' doesn't implement directly. */
1148 dpif_execute_with_help(struct dpif *dpif, struct dpif_execute *execute)
1150 struct dpif_execute_helper_aux aux = {dpif, 0};
1152 COVERAGE_INC(dpif_execute_with_help);
1154 odp_execute_actions(&aux, execute->packet, false, &execute->md,
1155 execute->actions, execute->actions_len,
1156 dpif_execute_helper_cb);
1160 /* Causes 'dpif' to perform the 'execute->actions_len' bytes of actions in
1161 * 'execute->actions' on the Ethernet frame in 'execute->packet' and on packet
1162 * metadata in 'execute->md'. The implementation is allowed to modify both the
1163 * '*execute->packet' and 'execute->md'.
1165 * Some dpif providers do not implement every action. The Linux kernel
1166 * datapath, in particular, does not implement ARP field modification. If
1167 * 'needs_help' is true, the dpif layer executes in userspace all of the
1168 * actions that it can, and for OVS_ACTION_ATTR_OUTPUT and
1169 * OVS_ACTION_ATTR_USERSPACE actions it passes the packet through to the dpif
1172 * This works even if 'execute->actions_len' is too long for a Netlink
1175 * Returns 0 if successful, otherwise a positive errno value. */
1177 dpif_execute(struct dpif *dpif, struct dpif_execute *execute)
1181 COVERAGE_INC(dpif_execute);
1182 if (execute->actions_len > 0) {
1183 error = (execute->needs_help || nl_attr_oversized(execute->actions_len)
1184 ? dpif_execute_with_help(dpif, execute)
1185 : dpif->dpif_class->execute(dpif, execute));
1190 log_execute_message(dpif, execute, error);
1195 /* Executes each of the 'n_ops' operations in 'ops' on 'dpif', in the order in
1196 * which they are specified, placing each operation's results in the "output"
1197 * members documented in comments.
1199 * This function exists because some datapaths can perform batched operations
1200 * faster than individual operations. */
1202 dpif_operate(struct dpif *dpif, struct dpif_op **ops, size_t n_ops)
1204 if (dpif->dpif_class->operate) {
1208 /* Count 'chunk', the number of ops that can be executed without
1209 * needing any help. Ops that need help should be rare, so we
1210 * expect this to ordinarily be 'n_ops', that is, all the ops. */
1211 for (chunk = 0; chunk < n_ops; chunk++) {
1212 struct dpif_op *op = ops[chunk];
1214 if (op->type == DPIF_OP_EXECUTE && op->u.execute.needs_help) {
1220 /* Execute a chunk full of ops that the dpif provider can
1221 * handle itself, without help. */
1224 dpif->dpif_class->operate(dpif, ops, chunk);
1226 for (i = 0; i < chunk; i++) {
1227 struct dpif_op *op = ops[i];
1230 case DPIF_OP_FLOW_PUT:
1231 log_flow_put_message(dpif, &op->u.flow_put, op->error);
1234 case DPIF_OP_FLOW_DEL:
1235 log_flow_del_message(dpif, &op->u.flow_del, op->error);
1238 case DPIF_OP_EXECUTE:
1239 log_execute_message(dpif, &op->u.execute, op->error);
1247 /* Help the dpif provider to execute one op. */
1248 struct dpif_op *op = ops[0];
1250 op->error = dpif_execute(dpif, &op->u.execute);
1258 for (i = 0; i < n_ops; i++) {
1259 struct dpif_op *op = ops[i];
1262 case DPIF_OP_FLOW_PUT:
1263 op->error = dpif_flow_put__(dpif, &op->u.flow_put);
1266 case DPIF_OP_FLOW_DEL:
1267 op->error = dpif_flow_del__(dpif, &op->u.flow_del);
1270 case DPIF_OP_EXECUTE:
1271 op->error = dpif_execute(dpif, &op->u.execute);
1281 /* Returns a string that represents 'type', for use in log messages. */
1283 dpif_upcall_type_to_string(enum dpif_upcall_type type)
1286 case DPIF_UC_MISS: return "miss";
1287 case DPIF_UC_ACTION: return "action";
1288 case DPIF_N_UC_TYPES: default: return "<unknown>";
1292 /* Enables or disables receiving packets with dpif_recv() on 'dpif'. Returns 0
1293 * if successful, otherwise a positive errno value.
1295 * Turning packet receive off and then back on may change the Netlink PID
1296 * assignments returned by dpif_port_get_pid(). If the client does this, it
1297 * must update all of the flows that have OVS_ACTION_ATTR_USERSPACE actions
1298 * using the new PID assignment. */
1300 dpif_recv_set(struct dpif *dpif, bool enable)
1302 int error = dpif->dpif_class->recv_set(dpif, enable);
1303 log_operation(dpif, "recv_set", error);
1307 /* Refreshes the poll loops and Netlink sockets associated to each port,
1308 * when the number of upcall handlers (upcall receiving thread) is changed
1309 * to 'n_handlers' and receiving packets for 'dpif' is enabled by
1312 * Since multiple upcall handlers can read upcalls simultaneously from
1313 * 'dpif', each port can have multiple Netlink sockets, one per upcall
1314 * handler. So, handlers_set() is responsible for the following tasks:
1316 * When receiving upcall is enabled, extends or creates the
1317 * configuration to support:
1319 * - 'n_handlers' Netlink sockets for each port.
1321 * - 'n_handlers' poll loops, one for each upcall handler.
1323 * - registering the Netlink sockets for the same upcall handler to
1324 * the corresponding poll loop.
1326 * Returns 0 if successful, otherwise a positive errno value. */
1328 dpif_handlers_set(struct dpif *dpif, uint32_t n_handlers)
1330 int error = dpif->dpif_class->handlers_set(dpif, n_handlers);
1331 log_operation(dpif, "handlers_set", error);
1335 /* Polls for an upcall from 'dpif' for an upcall handler. Since there
1336 * there can be multiple poll loops, 'handler_id' is needed as index to
1337 * identify the corresponding poll loop. If successful, stores the upcall
1338 * into '*upcall', using 'buf' for storage. Should only be called if
1339 * 'recv_set' has been used to enable receiving packets from 'dpif'.
1341 * 'upcall->key' and 'upcall->userdata' point into data in the caller-provided
1342 * 'buf', so their memory cannot be freed separately from 'buf'.
1344 * The caller owns the data of 'upcall->packet' and may modify it. If
1345 * packet's headroom is exhausted as it is manipulated, 'upcall->packet'
1346 * will be reallocated. This requires the data of 'upcall->packet' to be
1347 * released with ofpbuf_uninit() before 'upcall' is destroyed. However,
1348 * when an error is returned, the 'upcall->packet' may be uninitialized
1349 * and should not be released.
1351 * Returns 0 if successful, otherwise a positive errno value. Returns EAGAIN
1352 * if no upcall is immediately available. */
1354 dpif_recv(struct dpif *dpif, uint32_t handler_id, struct dpif_upcall *upcall,
1357 int error = dpif->dpif_class->recv(dpif, handler_id, upcall, buf);
1358 if (!error && !VLOG_DROP_DBG(&dpmsg_rl)) {
1362 packet = ofp_packet_to_string(ofpbuf_data(&upcall->packet),
1363 ofpbuf_size(&upcall->packet));
1366 odp_flow_key_format(upcall->key, upcall->key_len, &flow);
1368 VLOG_DBG("%s: %s upcall:\n%s\n%s",
1369 dpif_name(dpif), dpif_upcall_type_to_string(upcall->type),
1370 ds_cstr(&flow), packet);
1374 } else if (error && error != EAGAIN) {
1375 log_operation(dpif, "recv", error);
1380 /* Discards all messages that would otherwise be received by dpif_recv() on
1383 dpif_recv_purge(struct dpif *dpif)
1385 COVERAGE_INC(dpif_purge);
1386 if (dpif->dpif_class->recv_purge) {
1387 dpif->dpif_class->recv_purge(dpif);
1391 /* Arranges for the poll loop for an upcall handler to wake up when 'dpif'
1392 * 'dpif' has a message queued to be received with the recv member
1393 * function. Since there can be multiple poll loops, 'handler_id' is
1394 * needed as index to identify the corresponding poll loop. */
1396 dpif_recv_wait(struct dpif *dpif, uint32_t handler_id)
1398 dpif->dpif_class->recv_wait(dpif, handler_id);
1401 /* Obtains the NetFlow engine type and engine ID for 'dpif' into '*engine_type'
1402 * and '*engine_id', respectively. */
1404 dpif_get_netflow_ids(const struct dpif *dpif,
1405 uint8_t *engine_type, uint8_t *engine_id)
1407 *engine_type = dpif->netflow_engine_type;
1408 *engine_id = dpif->netflow_engine_id;
1411 /* Translates OpenFlow queue ID 'queue_id' (in host byte order) into a priority
1412 * value used for setting packet priority.
1413 * On success, returns 0 and stores the priority into '*priority'.
1414 * On failure, returns a positive errno value and stores 0 into '*priority'. */
1416 dpif_queue_to_priority(const struct dpif *dpif, uint32_t queue_id,
1419 int error = (dpif->dpif_class->queue_to_priority
1420 ? dpif->dpif_class->queue_to_priority(dpif, queue_id,
1426 log_operation(dpif, "queue_to_priority", error);
1431 dpif_init(struct dpif *dpif, const struct dpif_class *dpif_class,
1433 uint8_t netflow_engine_type, uint8_t netflow_engine_id)
1435 dpif->dpif_class = dpif_class;
1436 dpif->base_name = xstrdup(name);
1437 dpif->full_name = xasprintf("%s@%s", dpif_class->type, name);
1438 dpif->netflow_engine_type = netflow_engine_type;
1439 dpif->netflow_engine_id = netflow_engine_id;
1442 /* Undoes the results of initialization.
1444 * Normally this function only needs to be called from dpif_close().
1445 * However, it may be called by providers due to an error on opening
1446 * that occurs after initialization. It this case dpif_close() would
1447 * never be called. */
1449 dpif_uninit(struct dpif *dpif, bool close)
1451 char *base_name = dpif->base_name;
1452 char *full_name = dpif->full_name;
1455 dpif->dpif_class->close(dpif);
1463 log_operation(const struct dpif *dpif, const char *operation, int error)
1466 VLOG_DBG_RL(&dpmsg_rl, "%s: %s success", dpif_name(dpif), operation);
1467 } else if (ofperr_is_valid(error)) {
1468 VLOG_WARN_RL(&error_rl, "%s: %s failed (%s)",
1469 dpif_name(dpif), operation, ofperr_get_name(error));
1471 VLOG_WARN_RL(&error_rl, "%s: %s failed (%s)",
1472 dpif_name(dpif), operation, ovs_strerror(error));
1476 static enum vlog_level
1477 flow_message_log_level(int error)
1479 /* If flows arrive in a batch, userspace may push down multiple
1480 * unique flow definitions that overlap when wildcards are applied.
1481 * Kernels that support flow wildcarding will reject these flows as
1482 * duplicates (EEXIST), so lower the log level to debug for these
1483 * types of messages. */
1484 return (error && error != EEXIST) ? VLL_WARN : VLL_DBG;
1488 should_log_flow_message(int error)
1490 return !vlog_should_drop(THIS_MODULE, flow_message_log_level(error),
1491 error ? &error_rl : &dpmsg_rl);
1495 log_flow_message(const struct dpif *dpif, int error, const char *operation,
1496 const struct nlattr *key, size_t key_len,
1497 const struct nlattr *mask, size_t mask_len,
1498 const struct dpif_flow_stats *stats,
1499 const struct nlattr *actions, size_t actions_len)
1501 struct ds ds = DS_EMPTY_INITIALIZER;
1502 ds_put_format(&ds, "%s: ", dpif_name(dpif));
1504 ds_put_cstr(&ds, "failed to ");
1506 ds_put_format(&ds, "%s ", operation);
1508 ds_put_format(&ds, "(%s) ", ovs_strerror(error));
1510 odp_flow_format(key, key_len, mask, mask_len, NULL, &ds, true);
1512 ds_put_cstr(&ds, ", ");
1513 dpif_flow_stats_format(stats, &ds);
1515 if (actions || actions_len) {
1516 ds_put_cstr(&ds, ", actions:");
1517 format_odp_actions(&ds, actions, actions_len);
1519 vlog(THIS_MODULE, flow_message_log_level(error), "%s", ds_cstr(&ds));
1524 log_flow_put_message(struct dpif *dpif, const struct dpif_flow_put *put,
1527 if (should_log_flow_message(error)) {
1531 ds_put_cstr(&s, "put");
1532 if (put->flags & DPIF_FP_CREATE) {
1533 ds_put_cstr(&s, "[create]");
1535 if (put->flags & DPIF_FP_MODIFY) {
1536 ds_put_cstr(&s, "[modify]");
1538 if (put->flags & DPIF_FP_ZERO_STATS) {
1539 ds_put_cstr(&s, "[zero]");
1541 log_flow_message(dpif, error, ds_cstr(&s),
1542 put->key, put->key_len, put->mask, put->mask_len,
1543 put->stats, put->actions, put->actions_len);
1549 log_flow_del_message(struct dpif *dpif, const struct dpif_flow_del *del,
1552 if (should_log_flow_message(error)) {
1553 log_flow_message(dpif, error, "flow_del", del->key, del->key_len,
1554 NULL, 0, !error ? del->stats : NULL, NULL, 0);
1559 log_execute_message(struct dpif *dpif, const struct dpif_execute *execute,
1562 if (!(error ? VLOG_DROP_WARN(&error_rl) : VLOG_DROP_DBG(&dpmsg_rl))) {
1563 struct ds ds = DS_EMPTY_INITIALIZER;
1566 packet = ofp_packet_to_string(ofpbuf_data(execute->packet),
1567 ofpbuf_size(execute->packet));
1568 ds_put_format(&ds, "%s: execute ", dpif_name(dpif));
1569 format_odp_actions(&ds, execute->actions, execute->actions_len);
1571 ds_put_format(&ds, " failed (%s)", ovs_strerror(error));
1573 ds_put_format(&ds, " on packet %s", packet);
1574 vlog(THIS_MODULE, error ? VLL_WARN : VLL_DBG, "%s", ds_cstr(&ds));