-/* Copyright (c) 2008, 2009, 2010, 2011, 2012 Nicira, Inc.
+/* Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013 Nicira, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include <config.h>
#include "bridge.h"
-#include <assert.h>
#include <errno.h>
#include <inttypes.h>
#include <stdlib.h>
static void bridge_configure_flow_eviction_threshold(struct bridge *);
static void bridge_configure_netflow(struct bridge *);
static void bridge_configure_forward_bpdu(struct bridge *);
-static void bridge_configure_mac_idle_time(struct bridge *);
+static void bridge_configure_mac_table(struct bridge *);
static void bridge_configure_sflow(struct bridge *, int *sflow_bridge_number);
static void bridge_configure_stp(struct bridge *);
static void bridge_configure_tables(struct bridge *);
+static void bridge_configure_dp_desc(struct bridge *);
static void bridge_configure_remotes(struct bridge *,
const struct sockaddr_in *managers,
size_t n_managers);
static void port_configure(struct port *);
static struct lacp_settings *port_configure_lacp(struct port *,
struct lacp_settings *);
-static void port_configure_bond(struct port *, struct bond_settings *,
- uint32_t *bond_stable_ids);
+static void port_configure_bond(struct port *, struct bond_settings *);
static bool port_is_synthetic(const struct port *);
static void reconfigure_system_stats(const struct ovsrec_open_vswitch *);
bridge_init(const char *remote)
{
/* Create connection to database. */
- idl = ovsdb_idl_create(remote, &ovsrec_idl_class, true);
+ idl = ovsdb_idl_create(remote, &ovsrec_idl_class, true, true);
idl_seqno = ovsdb_idl_get_seqno(idl);
ovsdb_idl_set_lock(idl, "ovs_vswitchd");
ovsdb_idl_verify_write_only(idl);
ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_link_speed);
ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_link_state);
ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_link_resets);
+ ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_mac_in_use);
ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_mtu);
ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_ofport);
ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_statistics);
COVERAGE_INC(bridge_reconfigure);
- assert(!reconfiguring);
+ ovs_assert(!reconfiguring);
reconfiguring = true;
/* Destroy "struct bridge"s, "struct port"s, and "struct iface"s according
struct bridge *br;
bool done;
- assert(reconfiguring);
+ ovs_assert(reconfiguring);
done = bridge_reconfigure_ofp();
/* Complete the configuration. */
bridge_configure_mirrors(br);
bridge_configure_flow_eviction_threshold(br);
bridge_configure_forward_bpdu(br);
- bridge_configure_mac_idle_time(br);
+ bridge_configure_mac_table(br);
bridge_configure_remotes(br, managers, n_managers);
bridge_configure_netflow(br);
bridge_configure_sflow(br, &sflow_bridge_number);
bridge_configure_stp(br);
bridge_configure_tables(br);
+ bridge_configure_dp_desc(br);
}
free(managers);
daemonize_complete();
reconfiguring = false;
- VLOG_INFO("%s (Open vSwitch) %s", program_name, VERSION);
+ VLOG_INFO_ONCE("%s (Open vSwitch) %s", program_name, VERSION);
}
return done;
/* Get bond settings. */
if (s.n_slaves > 1) {
s.bond = &bond_settings;
- s.bond_stable_ids = xmalloc(s.n_slaves * sizeof *s.bond_stable_ids);
- port_configure_bond(port, &bond_settings, s.bond_stable_ids);
+ port_configure_bond(port, &bond_settings);
} else {
s.bond = NULL;
- s.bond_stable_ids = NULL;
-
LIST_FOR_EACH (iface, port_elem, &port->ifaces) {
netdev_set_miimon_interval(iface->netdev, 0);
}
free(s.slaves);
free(s.trunks);
free(s.lacp_slaves);
- free(s.bond_stable_ids);
}
/* Pick local port hardware address and datapath ID for 'br'. */
{
struct bridge *br = iface->port->bridge;
- assert(iface->ofp_port < 0 && ofp_port >= 0);
+ ovs_assert(iface->ofp_port < 0 && ofp_port >= 0);
iface->ofp_port = ofp_port;
hmap_insert(&br->ifaces, &iface->ofp_port_node, hash_int(ofp_port, 0));
iface_set_ofport(iface->cfg, ofp_port);
* internal datastructures may not be consistent. Eventually, when port
* additions and deletions are cheaper, these calls should be removed. */
bridge_run_fast();
- assert(!iface_lookup(br, iface_cfg->name));
+ ovs_assert(!iface_lookup(br, iface_cfg->name));
error = iface_do_create(br, if_cfg, &ofp_port, &netdev);
bridge_run_fast();
if (error) {
error = netdev_open(port->name, "internal", &netdev);
if (!error) {
- uint16_t ofp_port = if_cfg->ofport;
+ uint16_t fake_ofp_port = if_cfg->ofport;
- ofproto_port_add(br->ofproto, netdev, &ofp_port);
+ ofproto_port_add(br->ofproto, netdev, &fake_ofp_port);
netdev_close(netdev);
} else {
VLOG_WARN("could not open network device %s (%s)",
false));
}
-/* Set MAC aging time for 'br'. */
+/* Set MAC learning table configuration for 'br'. */
static void
-bridge_configure_mac_idle_time(struct bridge *br)
+bridge_configure_mac_table(struct bridge *br)
{
const char *idle_time_str;
int idle_time;
+ const char *mac_table_size_str;
+ int mac_table_size;
+
idle_time_str = smap_get(&br->cfg->other_config, "mac-aging-time");
idle_time = (idle_time_str && atoi(idle_time_str)
? atoi(idle_time_str)
: MAC_ENTRY_DEFAULT_IDLE_TIME);
- ofproto_set_mac_idle_time(br->ofproto, idle_time);
+
+ mac_table_size_str = smap_get(&br->cfg->other_config, "mac-table-size");
+ mac_table_size = (mac_table_size_str && atoi(mac_table_size_str)
+ ? atoi(mac_table_size_str)
+ : MAC_DEFAULT_MAX);
+
+ ofproto_set_mac_table_config(br->ofproto, idle_time, mac_table_size);
}
static void
int64_t bps;
int mtu;
int64_t mtu_64;
+ uint8_t mac[ETH_ADDR_LEN];
int error;
if (iface_is_synthetic(iface)) {
smap_init(&smap);
- if (!netdev_get_drv_info(iface->netdev, &smap)) {
+ if (!netdev_get_status(iface->netdev, &smap)) {
ovsrec_interface_set_status(iface->cfg, &smap);
} else {
ovsrec_interface_set_status(iface->cfg, NULL);
netdev_features_is_full_duplex(current)
? "full" : "half");
ovsrec_interface_set_link_speed(iface->cfg, &bps, 1);
- }
- else {
+ } else {
ovsrec_interface_set_duplex(iface->cfg, NULL);
ovsrec_interface_set_link_speed(iface->cfg, NULL, 0);
}
if (!error) {
mtu_64 = mtu;
ovsrec_interface_set_mtu(iface->cfg, &mtu_64, 1);
- }
- else {
+ } else {
ovsrec_interface_set_mtu(iface->cfg, NULL, 0);
}
+
+ error = netdev_get_etheraddr(iface->netdev, mac);
+ if (!error) {
+ char mac_string[32];
+
+ sprintf(mac_string, ETH_ADDR_FMT, ETH_ADDR_ARGS(mac));
+ ovsrec_interface_set_mac_in_use(iface->cfg, mac_string);
+ } else {
+ ovsrec_interface_set_mac_in_use(iface->cfg, NULL);
+ }
}
/* Writes 'iface''s CFM statistics to the database. 'iface' must not be
iface_refresh_cfm_stats(struct iface *iface)
{
const struct ovsrec_interface *cfg = iface->cfg;
- int fault, opup, error;
- const uint64_t *rmps;
- size_t n_rmps;
- int health;
-
- fault = ofproto_port_get_cfm_fault(iface->port->bridge->ofproto,
- iface->ofp_port);
- if (fault >= 0) {
+ struct ofproto_cfm_status status;
+
+ if (!ofproto_port_get_cfm_status(iface->port->bridge->ofproto,
+ iface->ofp_port, &status)) {
+ ovsrec_interface_set_cfm_fault(cfg, NULL, 0);
+ ovsrec_interface_set_cfm_fault_status(cfg, NULL, 0);
+ ovsrec_interface_set_cfm_remote_opstate(cfg, NULL);
+ ovsrec_interface_set_cfm_health(cfg, NULL, 0);
+ ovsrec_interface_set_cfm_remote_mpids(cfg, NULL, 0);
+ } else {
const char *reasons[CFM_FAULT_N_REASONS];
- bool fault_bool = fault;
+ int64_t cfm_health = status.health;
+ bool faulted = status.faults != 0;
size_t i, j;
+ ovsrec_interface_set_cfm_fault(cfg, &faulted, 1);
+
j = 0;
for (i = 0; i < CFM_FAULT_N_REASONS; i++) {
int reason = 1 << i;
- if (fault & reason) {
+ if (status.faults & reason) {
reasons[j++] = cfm_fault_reason_to_str(reason);
}
}
-
- ovsrec_interface_set_cfm_fault(cfg, &fault_bool, 1);
ovsrec_interface_set_cfm_fault_status(cfg, (char **) reasons, j);
- } else {
- ovsrec_interface_set_cfm_fault(cfg, NULL, 0);
- ovsrec_interface_set_cfm_fault_status(cfg, NULL, 0);
- }
- opup = ofproto_port_get_cfm_opup(iface->port->bridge->ofproto,
- iface->ofp_port);
- if (opup >= 0) {
- ovsrec_interface_set_cfm_remote_opstate(cfg, opup ? "up" : "down");
- } else {
- ovsrec_interface_set_cfm_remote_opstate(cfg, NULL);
- }
-
- error = ofproto_port_get_cfm_remote_mpids(iface->port->bridge->ofproto,
- iface->ofp_port, &rmps, &n_rmps);
- if (error >= 0) {
- ovsrec_interface_set_cfm_remote_mpids(cfg, (const int64_t *)rmps,
- n_rmps);
- } else {
- ovsrec_interface_set_cfm_remote_mpids(cfg, NULL, 0);
- }
+ if (status.remote_opstate >= 0) {
+ const char *remote_opstate = status.remote_opstate ? "up" : "down";
+ ovsrec_interface_set_cfm_remote_opstate(cfg, remote_opstate);
+ } else {
+ ovsrec_interface_set_cfm_remote_opstate(cfg, NULL);
+ }
- health = ofproto_port_get_cfm_health(iface->port->bridge->ofproto,
- iface->ofp_port);
- if (health >= 0) {
- int64_t cfm_health = health;
- ovsrec_interface_set_cfm_health(cfg, &cfm_health, 1);
- } else {
- ovsrec_interface_set_cfm_health(cfg, NULL, 0);
+ ovsrec_interface_set_cfm_remote_mpids(cfg,
+ (const int64_t *)status.rmps,
+ status.n_rmps);
+ if (cfm_health >= 0) {
+ ovsrec_interface_set_cfm_health(cfg, &cfm_health, 1);
+ } else {
+ ovsrec_interface_set_cfm_health(cfg, NULL, 0);
+ }
}
}
#define IFACE_STAT(MEMBER, NAME) values[i++] = stats.MEMBER;
IFACE_STATS;
#undef IFACE_STAT
- assert(i == ARRAY_SIZE(keys));
+ ovs_assert(i == ARRAY_SIZE(keys));
ovsrec_interface_set_statistics(iface->cfg, keys, values,
ARRAY_SIZE(keys));
}
static inline const char *
-nx_role_to_str(enum nx_role role)
+ofp12_controller_role_to_str(enum ofp12_controller_role role)
{
switch (role) {
- case NX_ROLE_OTHER:
+ case OFPCR12_ROLE_EQUAL:
return "other";
- case NX_ROLE_MASTER:
+ case OFPCR12_ROLE_MASTER:
return "master";
- case NX_ROLE_SLAVE:
+ case OFPCR12_ROLE_SLAVE:
return "slave";
+ case OFPCR12_ROLE_NOCHANGE:
default:
return "*** INVALID ROLE ***";
}
}
ovsrec_controller_set_is_connected(cfg, cinfo->is_connected);
- ovsrec_controller_set_role(cfg, nx_role_to_str(cinfo->role));
+ ovsrec_controller_set_role(cfg, ofp12_controller_role_to_str(
+ cinfo->role));
ovsrec_controller_set_status(cfg, &smap);
smap_destroy(&smap);
} else {
void
bridge_run(void)
{
- static const struct ovsrec_open_vswitch null_cfg;
+ static struct ovsrec_open_vswitch null_cfg;
const struct ovsrec_open_vswitch *cfg;
struct ovsdb_idl_txn *reconf_txn = NULL;
struct sset types;
bool vlan_splinters_changed;
struct bridge *br;
- ovsrec_open_vswitch_init((struct ovsrec_open_vswitch *) &null_cfg);
+ ovsrec_open_vswitch_init(&null_cfg);
/* (Re)configure if necessary. */
if (!reconfiguring) {
{
struct bridge *br;
- assert(!bridge_lookup(br_cfg->name));
+ ovs_assert(!bridge_lookup(br_cfg->name));
br = xzalloc(sizeof *br);
br->name = xstrdup(br_cfg->name);
struct shash new_ports;
size_t i;
- assert(hmap_is_empty(&br->if_cfg_todo));
+ ovs_assert(hmap_is_empty(&br->if_cfg_todo));
/* Collect new ports. */
shash_init(&new_ports);
}
if (!netdev_set_in4(netdev, ip, mask)) {
VLOG_INFO("bridge %s: configured IP address "IP_FMT", netmask "IP_FMT,
- br->name, IP_ARGS(&ip.s_addr), IP_ARGS(&mask.s_addr));
+ br->name, IP_ARGS(ip.s_addr), IP_ARGS(mask.s_addr));
}
/* Configure the default gateway. */
&& gateway.s_addr) {
if (!netdev_add_router(netdev, gateway)) {
VLOG_INFO("bridge %s: configured gateway "IP_FMT,
- br->name, IP_ARGS(&gateway.s_addr));
+ br->name, IP_ARGS(gateway.s_addr));
}
}
}
/* Returns true if 'a' and 'b' are the same except that any number of slashes
* in either string are treated as equal to any number of slashes in the other,
- * e.g. "x///y" is equal to "x/y". */
+ * e.g. "x///y" is equal to "x/y".
+ *
+ * Also, if 'b_stoplen' bytes from 'b' are found to be equal to corresponding
+ * bytes from 'a', the function considers this success. Specify 'b_stoplen' as
+ * SIZE_MAX to compare all of 'a' to all of 'b' rather than just a prefix of
+ * 'b' against a prefix of 'a'.
+ */
static bool
-equal_pathnames(const char *a, const char *b)
+equal_pathnames(const char *a, const char *b, size_t b_stoplen)
{
- while (*a == *b) {
- if (*a == '/') {
+ const char *b_start = b;
+ for (;;) {
+ if (b - b_start >= b_stoplen) {
+ return true;
+ } else if (*a != *b) {
+ return false;
+ } else if (*a == '/') {
a += strspn(a, "/");
b += strspn(b, "/");
} else if (*a == '\0') {
b++;
}
}
- return false;
}
static void
static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
char *whitelist;
- whitelist = xasprintf("unix:%s/%s.controller",
+ if (!strncmp(c->target, "unix:", 5)) {
+ /* Connect to a listening socket */
+ whitelist = xasprintf("unix:%s/", ovs_rundir());
+ if (strchr(c->target, '/') &&
+ !equal_pathnames(c->target, whitelist,
+ strlen(whitelist))) {
+ /* Absolute path specified, but not in ovs_rundir */
+ VLOG_ERR_RL(&rl, "bridge %s: Not connecting to socket "
+ "controller \"%s\" due to possibility for "
+ "remote exploit. Instead, specify socket "
+ "in whitelisted \"%s\" or connect to "
+ "\"unix:%s/%s.mgmt\" (which is always "
+ "available without special configuration).",
+ br->name, c->target, whitelist,
ovs_rundir(), br->name);
- if (!equal_pathnames(c->target, whitelist)) {
- /* Prevent remote ovsdb-server users from accessing arbitrary
- * Unix domain sockets and overwriting arbitrary local
- * files. */
- VLOG_ERR_RL(&rl, "bridge %s: Not adding Unix domain socket "
- "controller \"%s\" due to possibility for remote "
- "exploit. Instead, specify whitelisted \"%s\" or "
- "connect to \"unix:%s/%s.mgmt\" (which is always "
- "available without special configuration).",
- br->name, c->target, whitelist,
- ovs_rundir(), br->name);
- free(whitelist);
- continue;
+ free(whitelist);
+ continue;
+ }
+ } else {
+ whitelist = xasprintf("punix:%s/%s.controller",
+ ovs_rundir(), br->name);
+ if (!equal_pathnames(c->target, whitelist, SIZE_MAX)) {
+ /* Prevent remote ovsdb-server users from accessing
+ * arbitrary Unix domain sockets and overwriting arbitrary
+ * local files. */
+ VLOG_ERR_RL(&rl, "bridge %s: Not adding Unix domain socket "
+ "controller \"%s\" due to possibility of "
+ "overwriting local files. Instead, specify "
+ "whitelisted \"%s\" or connect to "
+ "\"unix:%s/%s.mgmt\" (which is always "
+ "available without special configuration).",
+ br->name, c->target, whitelist,
+ ovs_rundir(), br->name);
+ free(whitelist);
+ continue;
+ }
}
free(whitelist);
br->cfg->key_flow_tables[j]);
}
}
+
+static void
+bridge_configure_dp_desc(struct bridge *br)
+{
+ ofproto_set_dp_desc(br->ofproto,
+ smap_get(&br->cfg->other_config, "dp-desc"));
+}
\f
/* Port functions. */
}
static void
-port_configure_bond(struct port *port, struct bond_settings *s,
- uint32_t *bond_stable_ids)
+port_configure_bond(struct port *port, struct bond_settings *s)
{
const char *detect_s;
struct iface *iface;
int miimon_interval;
- size_t i;
s->name = port->name;
s->balance = BM_AB;
s->fake_iface = port->cfg->bond_fake_iface;
- i = 0;
LIST_FOR_EACH (iface, port_elem, &port->ifaces) {
- long long stable_id;
-
- stable_id = smap_get_int(&iface->cfg->other_config, "bond-stable-id",
- 0);
- if (stable_id <= 0 || stable_id >= UINT32_MAX) {
- stable_id = iface->ofp_port;
- }
- bond_stable_ids[i++] = stable_id;
-
netdev_set_miimon_interval(iface->netdev, miimon_interval);
}
}
ovsrec_interface_set_duplex(if_cfg, NULL);
ovsrec_interface_set_link_speed(if_cfg, NULL, 0);
ovsrec_interface_set_link_state(if_cfg, NULL);
+ ovsrec_interface_set_mac_in_use(if_cfg, NULL);
ovsrec_interface_set_mtu(if_cfg, NULL, 0);
ovsrec_interface_set_cfm_fault(if_cfg, NULL, 0);
ovsrec_interface_set_cfm_fault_status(if_cfg, NULL, 0);
git://git.onelab.eu / sliver-openvswitch.git / blobdiff