-/* Copyright (c) 2008, 2009, 2010, 2011, 2012 Nicira, Inc.
+/* Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013 Nicira, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
#include <config.h>
#include "bridge.h"
-#include <assert.h>
#include <errno.h>
#include <inttypes.h>
#include <stdlib.h>
+#include "async-append.h"
+#include "bfd.h"
#include "bitmap.h"
#include "bond.h"
#include "cfm.h"
#include "meta-flow.h"
#include "netdev.h"
#include "ofp-print.h"
+#include "ofp-util.h"
#include "ofpbuf.h"
#include "ofproto/ofproto.h"
#include "poll-loop.h"
struct hmap_node hmap_node; /* Node in bridge's if_cfg_todo. */
const struct ovsrec_interface *cfg; /* Interface record. */
const struct ovsrec_port *parent; /* Parent port record. */
+ ofp_port_t ofport; /* Requested OpenFlow port number. */
};
/* OpenFlow port slated for removal from ofproto. */
struct ofpp_garbage {
struct list list_node; /* Node in bridge's ofpp_garbage. */
- uint16_t ofp_port; /* Port to be deleted. */
+ ofp_port_t ofp_port; /* Port to be deleted. */
};
struct iface {
/* These members are valid only after bridge_reconfigure() causes them to
* be initialized. */
struct hmap_node ofp_port_node; /* In struct bridge's "ifaces" hmap. */
- int ofp_port; /* OpenFlow port number, -1 if unknown. */
+ ofp_port_t ofp_port; /* OpenFlow port number, */
+ /* OFPP_NONE if unknown. */
struct netdev *netdev; /* Network device. */
const char *type; /* Usually same as cfg->type. */
const struct ovsrec_interface *cfg;
/* OVSDB IDL used to obtain configuration. */
static struct ovsdb_idl *idl;
+/* We want to complete daemonization, fully detaching from our parent process,
+ * only after we have completed our initial configuration, committed our state
+ * to the database, and received confirmation back from the database server
+ * that it applied the commit. This allows our parent process to know that,
+ * post-detach, ephemeral fields such as datapath-id and ofport are very likely
+ * to have already been filled in. (It is only "very likely" rather than
+ * certain because there is always a slim possibility that the transaction will
+ * fail or that some other client has added new bridges, ports, etc. while
+ * ovs-vswitchd was configuring using an old configuration.)
+ *
+ * We only need to do this once for our initial configuration at startup, so
+ * 'initial_config_done' tracks whether we've already done it. While we are
+ * waiting for a response to our commit, 'daemonize_txn' tracks the transaction
+ * itself and is otherwise NULL. */
+static bool initial_config_done;
+static struct ovsdb_idl_txn *daemonize_txn;
+
/* Most recently processed IDL sequence number. */
static unsigned int idl_seqno;
static void bridge_add_del_ports(struct bridge *,
const unsigned long int *splinter_vlans);
static void bridge_refresh_ofp_port(struct bridge *);
+static void bridge_configure_flow_miss_model(const char *opt);
static void bridge_configure_datapath_id(struct bridge *);
-static void bridge_configure_flow_eviction_threshold(struct bridge *);
static void bridge_configure_netflow(struct bridge *);
static void bridge_configure_forward_bpdu(struct bridge *);
-static void bridge_configure_mac_idle_time(struct bridge *);
+static void bridge_configure_mac_table(struct bridge *);
static void bridge_configure_sflow(struct bridge *, int *sflow_bridge_number);
+static void bridge_configure_ipfix(struct bridge *);
static void bridge_configure_stp(struct bridge *);
static void bridge_configure_tables(struct bridge *);
+static void bridge_configure_dp_desc(struct bridge *);
static void bridge_configure_remotes(struct bridge *,
const struct sockaddr_in *managers,
size_t n_managers);
static void port_configure(struct port *);
static struct lacp_settings *port_configure_lacp(struct port *,
struct lacp_settings *);
-static void port_configure_bond(struct port *, struct bond_settings *,
- uint32_t *bond_stable_ids);
+static void port_configure_bond(struct port *, struct bond_settings *);
static bool port_is_synthetic(const struct port *);
static void reconfigure_system_stats(const struct ovsrec_open_vswitch *);
static void mirror_refresh_stats(struct mirror *);
static void iface_configure_lacp(struct iface *, struct lacp_slave_settings *);
-static bool iface_create(struct bridge *, struct if_cfg *, int ofp_port);
+static bool iface_create(struct bridge *, struct if_cfg *,
+ ofp_port_t ofp_port);
+static bool iface_is_internal(const struct ovsrec_interface *iface,
+ const struct ovsrec_bridge *br);
static const char *iface_get_type(const struct ovsrec_interface *,
const struct ovsrec_bridge *);
static void iface_destroy(struct iface *);
static struct iface *iface_find(const char *name);
static struct if_cfg *if_cfg_lookup(const struct bridge *, const char *name);
static struct iface *iface_from_ofp_port(const struct bridge *,
- uint16_t ofp_port);
+ ofp_port_t ofp_port);
static void iface_set_mac(struct iface *);
-static void iface_set_ofport(const struct ovsrec_interface *, int64_t ofport);
+static void iface_set_ofport(const struct ovsrec_interface *, ofp_port_t ofport);
static void iface_clear_db_record(const struct ovsrec_interface *if_cfg);
static void iface_configure_qos(struct iface *, const struct ovsrec_qos *);
static void iface_configure_cfm(struct iface *);
static void iface_refresh_stats(struct iface *);
static void iface_refresh_status(struct iface *);
static bool iface_is_synthetic(const struct iface *);
+static ofp_port_t iface_pick_ofport(const struct ovsrec_interface *);
/* Linux VLAN device support (e.g. "eth0.10" for VLAN 10.)
*
static void add_vlan_splinter_ports(struct bridge *,
const unsigned long int *splinter_vlans,
struct shash *ports);
+
+static void
+bridge_init_ofproto(const struct ovsrec_open_vswitch *cfg)
+{
+ struct shash iface_hints;
+ static bool initialized = false;
+ int i;
+
+ if (initialized) {
+ return;
+ }
+
+ shash_init(&iface_hints);
+
+ if (cfg) {
+ for (i = 0; i < cfg->n_bridges; i++) {
+ const struct ovsrec_bridge *br_cfg = cfg->bridges[i];
+ int j;
+
+ for (j = 0; j < br_cfg->n_ports; j++) {
+ struct ovsrec_port *port_cfg = br_cfg->ports[j];
+ int k;
+
+ for (k = 0; k < port_cfg->n_interfaces; k++) {
+ struct ovsrec_interface *if_cfg = port_cfg->interfaces[k];
+ struct iface_hint *iface_hint;
+
+ iface_hint = xmalloc(sizeof *iface_hint);
+ iface_hint->br_name = br_cfg->name;
+ iface_hint->br_type = br_cfg->datapath_type;
+ iface_hint->ofp_port = iface_pick_ofport(if_cfg);
+
+ shash_add(&iface_hints, if_cfg->name, iface_hint);
+ }
+ }
+ }
+ }
+
+ ofproto_init(&iface_hints);
+
+ shash_destroy_free_data(&iface_hints);
+ initialized = true;
+}
\f
/* Public functions. */
bridge_init(const char *remote)
{
/* Create connection to database. */
- idl = ovsdb_idl_create(remote, &ovsrec_idl_class, true);
+ idl = ovsdb_idl_create(remote, &ovsrec_idl_class, true, true);
idl_seqno = ovsdb_idl_get_seqno(idl);
ovsdb_idl_set_lock(idl, "ovs_vswitchd");
+ ovsdb_idl_verify_write_only(idl);
ovsdb_idl_omit_alert(idl, &ovsrec_open_vswitch_col_cur_cfg);
ovsdb_idl_omit_alert(idl, &ovsrec_open_vswitch_col_statistics);
ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_link_speed);
ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_link_state);
ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_link_resets);
+ ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_mac_in_use);
+ ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_ifindex);
ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_mtu);
ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_ofport);
ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_statistics);
ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_cfm_remote_mpids);
ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_cfm_health);
ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_cfm_remote_opstate);
+ ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_bfd_status);
ovsdb_idl_omit_alert(idl, &ovsrec_interface_col_lacp_current);
ovsdb_idl_omit(idl, &ovsrec_interface_col_external_ids);
ovsdb_idl_omit_alert(idl, &ovsrec_mirror_col_statistics);
ovsdb_idl_omit(idl, &ovsrec_netflow_col_external_ids);
-
ovsdb_idl_omit(idl, &ovsrec_sflow_col_external_ids);
+ ovsdb_idl_omit(idl, &ovsrec_ipfix_col_external_ids);
+ ovsdb_idl_omit(idl, &ovsrec_flow_sample_collector_set_col_external_ids);
ovsdb_idl_omit(idl, &ovsrec_manager_col_external_ids);
ovsdb_idl_omit(idl, &ovsrec_manager_col_inactivity_probe);
COVERAGE_INC(bridge_reconfigure);
- assert(!reconfiguring);
+ ovs_assert(!reconfiguring);
reconfiguring = true;
+ ofproto_set_flow_eviction_threshold(
+ smap_get_int(&ovs_cfg->other_config, "flow-eviction-threshold",
+ OFPROTO_FLOW_EVICTION_THRESHOLD_DEFAULT));
+
+ bridge_configure_flow_miss_model(smap_get(&ovs_cfg->other_config,
+ "force-miss-model"));
+
/* Destroy "struct bridge"s, "struct port"s, and "struct iface"s according
* to 'ovs_cfg' while update the "if_cfg_queue", with only very minimal
* configuration otherwise.
struct if_cfg *if_cfg, *next;
HMAP_FOR_EACH_SAFE (if_cfg, next, hmap_node, &br->if_cfg_todo) {
- iface_create(br, if_cfg, -1);
+ iface_create(br, if_cfg, OFPP_NONE);
time_refresh();
if (time_msec() >= deadline) {
return false;
struct bridge *br;
bool done;
- assert(reconfiguring);
+ ovs_assert(reconfiguring);
done = bridge_reconfigure_ofp();
/* Complete the configuration. */
iface_configure_cfm(iface);
iface_configure_qos(iface, port->cfg->qos);
iface_set_mac(iface);
+ ofproto_port_set_bfd(br->ofproto, iface->ofp_port,
+ &iface->cfg->bfd);
}
}
bridge_configure_mirrors(br);
- bridge_configure_flow_eviction_threshold(br);
bridge_configure_forward_bpdu(br);
- bridge_configure_mac_idle_time(br);
+ bridge_configure_mac_table(br);
bridge_configure_remotes(br, managers, n_managers);
bridge_configure_netflow(br);
bridge_configure_sflow(br, &sflow_bridge_number);
+ bridge_configure_ipfix(br);
bridge_configure_stp(br);
bridge_configure_tables(br);
- }
- free(managers);
-
- if (done) {
- /* ovs-vswitchd has completed initialization, so allow the process that
- * forked us to exit successfully. */
- daemonize_complete();
- reconfiguring = false;
+ bridge_configure_dp_desc(br);
- VLOG_INFO("%s (Open vSwitch) %s", program_name, VERSION);
+ if (smap_get(&br->cfg->other_config, "flow-eviction-threshold")) {
+ /* XXX: Remove this warning message eventually. */
+ VLOG_WARN_ONCE("As of June 2013, flow-eviction-threshold has been"
+ " moved to the Open_vSwitch table. Ignoring its"
+ " setting in the bridge table.");
+ }
}
+ free(managers);
return done;
}
error = ofproto_port_del(br2->ofproto, ofproto_port.ofp_port);
if (error) {
VLOG_ERR("failed to delete port %s: %s", ofproto_port.name,
- strerror(error));
+ ovs_strerror(error));
}
ofproto_port_destroy(&ofproto_port);
}
error = ofproto_create(br->name, br->type, &br->ofproto);
if (error) {
VLOG_ERR("failed to create bridge %s: %s", br->name,
- strerror(error));
+ ovs_strerror(error));
bridge_destroy(br);
}
}
/* Get bond settings. */
if (s.n_slaves > 1) {
s.bond = &bond_settings;
- s.bond_stable_ids = xmalloc(s.n_slaves * sizeof *s.bond_stable_ids);
- port_configure_bond(port, &bond_settings, s.bond_stable_ids);
+ port_configure_bond(port, &bond_settings);
} else {
s.bond = NULL;
- s.bond_stable_ids = NULL;
-
LIST_FOR_EACH (iface, port_elem, &port->ifaces) {
netdev_set_miimon_interval(iface->netdev, 0);
}
free(s.slaves);
free(s.trunks);
free(s.lacp_slaves);
- free(s.bond_stable_ids);
+}
+
+static void
+bridge_configure_flow_miss_model(const char *opt)
+{
+ enum ofproto_flow_miss_model model = OFPROTO_HANDLE_MISS_AUTO;
+
+ if (opt) {
+ if (strcmp(opt, "with-facets")) {
+ model = OFPROTO_HANDLE_MISS_WITH_FACETS;
+ } else if (strcmp(opt, "without-facets")) {
+ model = OFPROTO_HANDLE_MISS_WITHOUT_FACETS;
+ }
+ }
+
+ ofproto_set_flow_miss_model(model);
}
/* Pick local port hardware address and datapath ID for 'br'. */
static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
VLOG_ERR_RL(&rl, "bridge %s: failed to set bridge "
"Ethernet address: %s",
- br->name, strerror(error));
+ br->name, ovs_strerror(error));
}
}
memcpy(br->ea, ea, ETH_ADDR_LEN);
free(dpid_string);
}
+/* Returns a bitmap of "enum ofputil_protocol"s that are allowed for use with
+ * 'br'. */
+static uint32_t
+bridge_get_allowed_versions(struct bridge *br)
+{
+ if (!br->cfg->n_protocols)
+ return 0;
+
+ return ofputil_versions_from_strings(br->cfg->protocols,
+ br->cfg->n_protocols);
+}
+
/* Set NetFlow configuration on 'br'. */
static void
bridge_configure_netflow(struct bridge *br)
sset_destroy(&oso.targets);
}
+/* Set IPFIX configuration on 'br'. */
+static void
+bridge_configure_ipfix(struct bridge *br)
+{
+ const struct ovsrec_ipfix *be_cfg = br->cfg->ipfix;
+ const struct ovsrec_flow_sample_collector_set *fe_cfg;
+ struct ofproto_ipfix_bridge_exporter_options be_opts;
+ struct ofproto_ipfix_flow_exporter_options *fe_opts = NULL;
+ size_t n_fe_opts = 0;
+
+ OVSREC_FLOW_SAMPLE_COLLECTOR_SET_FOR_EACH(fe_cfg, idl) {
+ if (fe_cfg->bridge == br->cfg) {
+ n_fe_opts++;
+ }
+ }
+
+ if (!be_cfg && n_fe_opts == 0) {
+ ofproto_set_ipfix(br->ofproto, NULL, NULL, 0);
+ return;
+ }
+
+ if (be_cfg) {
+ memset(&be_opts, 0, sizeof be_opts);
+
+ sset_init(&be_opts.targets);
+ sset_add_array(&be_opts.targets, be_cfg->targets, be_cfg->n_targets);
+
+ if (be_cfg->sampling) {
+ be_opts.sampling_rate = *be_cfg->sampling;
+ } else {
+ be_opts.sampling_rate = SFL_DEFAULT_SAMPLING_RATE;
+ }
+ if (be_cfg->obs_domain_id) {
+ be_opts.obs_domain_id = *be_cfg->obs_domain_id;
+ }
+ if (be_cfg->obs_point_id) {
+ be_opts.obs_point_id = *be_cfg->obs_point_id;
+ }
+ }
+
+ if (n_fe_opts > 0) {
+ struct ofproto_ipfix_flow_exporter_options *opts;
+ fe_opts = xcalloc(n_fe_opts, sizeof *fe_opts);
+ opts = fe_opts;
+ OVSREC_FLOW_SAMPLE_COLLECTOR_SET_FOR_EACH(fe_cfg, idl) {
+ if (fe_cfg->bridge == br->cfg) {
+ opts->collector_set_id = fe_cfg->id;
+ sset_init(&opts->targets);
+ sset_add_array(&opts->targets, fe_cfg->ipfix->targets,
+ fe_cfg->ipfix->n_targets);
+ opts++;
+ }
+ }
+ }
+
+ ofproto_set_ipfix(br->ofproto, be_cfg ? &be_opts : NULL, fe_opts,
+ n_fe_opts);
+
+ if (be_cfg) {
+ sset_destroy(&be_opts.targets);
+ }
+
+ if (n_fe_opts > 0) {
+ struct ofproto_ipfix_flow_exporter_options *opts = fe_opts;
+ size_t i;
+ for (i = 0; i < n_fe_opts; i++) {
+ sset_destroy(&opts->targets);
+ opts++;
+ }
+ free(fe_opts);
+ }
+}
+
static void
port_configure_stp(const struct ofproto *ofproto, struct port *port,
struct ofproto_port_stp_settings *port_s,
port_s->path_cost = strtoul(config_str, NULL, 10);
} else {
enum netdev_features current;
+ unsigned int mbps;
- if (netdev_get_features(iface->netdev, ¤t, NULL, NULL, NULL)) {
- /* Couldn't get speed, so assume 100Mb/s. */
- port_s->path_cost = 19;
- } else {
- unsigned int mbps;
-
- mbps = netdev_features_to_bps(current) / 1000000;
- port_s->path_cost = stp_convert_speed_to_cost(mbps);
- }
+ netdev_get_features(iface->netdev, ¤t, NULL, NULL, NULL);
+ mbps = netdev_features_to_bps(current, 100 * 1000 * 1000) / 1000000;
+ port_s->path_cost = stp_convert_speed_to_cost(mbps);
}
config_str = smap_get(&port->cfg->other_config, "stp-port-priority");
}
static void
-iface_set_ofp_port(struct iface *iface, int ofp_port)
+iface_set_ofp_port(struct iface *iface, ofp_port_t ofp_port)
{
struct bridge *br = iface->port->bridge;
- assert(iface->ofp_port < 0 && ofp_port >= 0);
+ ovs_assert(iface->ofp_port == OFPP_NONE && ofp_port != OFPP_NONE);
iface->ofp_port = ofp_port;
- hmap_insert(&br->ifaces, &iface->ofp_port_node, hash_int(ofp_port, 0));
+ hmap_insert(&br->ifaces, &iface->ofp_port_node,
+ hash_ofp_port(ofp_port));
iface_set_ofport(iface->cfg, ofp_port);
}
error = netdev_set_config(netdev, &iface_cfg->options);
if (error) {
VLOG_WARN("could not configure network device %s (%s)",
- iface_cfg->name, strerror(error));
+ iface_cfg->name, ovs_strerror(error));
}
return error;
}
{
const char *name = ofproto_port->name;
const char *type = ofproto_port->type;
- uint16_t ofp_port = ofproto_port->ofp_port;
+ ofp_port_t ofp_port = ofproto_port->ofp_port;
struct iface *iface = iface_lookup(br, name);
if (iface) {
/* Check that the name-to-number mapping is one-to-one. */
- if (iface->ofp_port >= 0) {
+ if (iface->ofp_port != OFPP_NONE) {
VLOG_WARN("bridge %s: interface %s reported twice",
br->name, name);
return false;
* configured as the user requested, so we must destroy it. */
return false;
} else {
- /* It's the right type and configured correctly. keep it. */
+ /* It's the right type and configured correctly. Keep it. */
iface_set_ofp_port(iface, ofp_port);
return true;
}
struct iface *iface;
LIST_FOR_EACH (iface, port_elem, &port->ifaces) {
- iface->ofp_port = -1;
+ iface->ofp_port = OFPP_NONE;
}
}
struct iface *iface, *iface_next;
LIST_FOR_EACH_SAFE (iface, iface_next, port_elem, &port->ifaces) {
- if (iface->ofp_port < 0) {
+ if (iface->ofp_port == OFPP_NONE) {
bridge_queue_if_cfg(br, iface->cfg, port->cfg);
iface_destroy(iface);
}
}
}
-/* Opens a network device for 'iface_cfg' and configures it. If '*ofp_portp'
- * is negative, adds the network device to br->ofproto and stores the OpenFlow
+/* Opens a network device for 'if_cfg' and configures it. If '*ofp_portp'
+ * is OFPP_NONE, adds the network device to br->ofproto and stores the OpenFlow
* port number in '*ofp_portp'; otherwise leaves br->ofproto and '*ofp_portp'
* untouched.
*
* failure, returns a positive errno value and stores NULL in '*netdevp'. */
static int
iface_do_create(const struct bridge *br,
- const struct ovsrec_interface *iface_cfg,
- const struct ovsrec_port *port_cfg,
- int *ofp_portp, struct netdev **netdevp)
+ const struct if_cfg *if_cfg,
+ ofp_port_t *ofp_portp, struct netdev **netdevp)
{
- struct netdev *netdev;
+ const struct ovsrec_interface *iface_cfg = if_cfg->cfg;
+ const struct ovsrec_port *port_cfg = if_cfg->parent;
+ struct netdev *netdev = NULL;
int error;
+ if (netdev_is_reserved_name(iface_cfg->name)) {
+ VLOG_WARN("could not create interface %s, name is reserved",
+ iface_cfg->name);
+ error = EINVAL;
+ goto error;
+ }
+
error = netdev_open(iface_cfg->name,
iface_get_type(iface_cfg, br->cfg), &netdev);
if (error) {
VLOG_WARN("could not open network device %s (%s)",
- iface_cfg->name, strerror(error));
+ iface_cfg->name, ovs_strerror(error));
goto error;
}
goto error;
}
- if (*ofp_portp < 0) {
- uint16_t ofp_port;
+ if (*ofp_portp == OFPP_NONE) {
+ ofp_port_t ofp_port = if_cfg->ofport;
error = ofproto_port_add(br->ofproto, netdev, &ofp_port);
if (error) {
br->name, iface_cfg->name, *ofp_portp);
}
- if (port_cfg->vlan_mode && !strcmp(port_cfg->vlan_mode, "splinter")) {
- netdev_turn_flags_on(netdev, NETDEV_UP, true);
+ if ((port_cfg->vlan_mode && !strcmp(port_cfg->vlan_mode, "splinter"))
+ || iface_is_internal(iface_cfg, br->cfg)) {
+ netdev_turn_flags_on(netdev, NETDEV_UP, NULL);
}
*netdevp = netdev;
}
/* Creates a new iface on 'br' based on 'if_cfg'. The new iface has OpenFlow
- * port number 'ofp_port'. If ofp_port is negative, an OpenFlow port is
+ * port number 'ofp_port'. If ofp_port is OFPP_NONE, an OpenFlow port is
* automatically allocated for the iface. Takes ownership of and
* deallocates 'if_cfg'.
*
* Return true if an iface is successfully created, false otherwise. */
static bool
-iface_create(struct bridge *br, struct if_cfg *if_cfg, int ofp_port)
+iface_create(struct bridge *br, struct if_cfg *if_cfg, ofp_port_t ofp_port)
{
const struct ovsrec_interface *iface_cfg = if_cfg->cfg;
const struct ovsrec_port *port_cfg = if_cfg->parent;
struct iface *iface;
struct port *port;
int error;
-
- /* Get rid of 'if_cfg' itself. We already copied out the interesting
- * bits. */
- hmap_remove(&br->if_cfg_todo, &if_cfg->hmap_node);
- free(if_cfg);
+ bool ok = true;
/* Do the bits that can fail up front.
*
* internal datastructures may not be consistent. Eventually, when port
* additions and deletions are cheaper, these calls should be removed. */
bridge_run_fast();
- assert(!iface_lookup(br, iface_cfg->name));
- error = iface_do_create(br, iface_cfg, port_cfg, &ofp_port, &netdev);
+ ovs_assert(!iface_lookup(br, iface_cfg->name));
+ error = iface_do_create(br, if_cfg, &ofp_port, &netdev);
bridge_run_fast();
if (error) {
+ iface_set_ofport(iface_cfg, OFPP_NONE);
iface_clear_db_record(iface_cfg);
- return false;
+ ok = false;
+ goto done;
}
/* Get or create the port structure. */
hash_string(iface_cfg->name, 0));
iface->port = port;
iface->name = xstrdup(iface_cfg->name);
- iface->ofp_port = -1;
+ iface->ofp_port = OFPP_NONE;
iface->netdev = netdev;
iface->type = iface_get_type(iface_cfg, br->cfg);
iface->cfg = iface_cfg;
error = netdev_open(port->name, "internal", &netdev);
if (!error) {
- ofproto_port_add(br->ofproto, netdev, NULL);
+ ofp_port_t fake_ofp_port = if_cfg->ofport;
+
+ ofproto_port_add(br->ofproto, netdev, &fake_ofp_port);
netdev_close(netdev);
} else {
VLOG_WARN("could not open network device %s (%s)",
- port->name, strerror(error));
+ port->name, ovs_strerror(error));
}
} else {
/* Already exists, nothing to do. */
}
}
- return true;
-}
-
-/* Set Flow eviction threshold */
-static void
-bridge_configure_flow_eviction_threshold(struct bridge *br)
-{
- const char *threshold_str;
- unsigned threshold;
+done:
+ hmap_remove(&br->if_cfg_todo, &if_cfg->hmap_node);
+ free(if_cfg);
- threshold_str = smap_get(&br->cfg->other_config,
- "flow-eviction-threshold");
- if (threshold_str) {
- threshold = strtoul(threshold_str, NULL, 10);
- } else {
- threshold = OFPROTO_FLOW_EVICTON_THRESHOLD_DEFAULT;
- }
- ofproto_set_flow_eviction_threshold(br->ofproto, threshold);
+ return ok;
}
/* Set forward BPDU option. */
false));
}
-/* Set MAC aging time for 'br'. */
+/* Set MAC learning table configuration for 'br'. */
static void
-bridge_configure_mac_idle_time(struct bridge *br)
+bridge_configure_mac_table(struct bridge *br)
{
const char *idle_time_str;
int idle_time;
+ const char *mac_table_size_str;
+ int mac_table_size;
+
idle_time_str = smap_get(&br->cfg->other_config, "mac-aging-time");
idle_time = (idle_time_str && atoi(idle_time_str)
? atoi(idle_time_str)
: MAC_ENTRY_DEFAULT_IDLE_TIME);
- ofproto_set_mac_idle_time(br->ofproto, idle_time);
+
+ mac_table_size_str = smap_get(&br->cfg->other_config, "mac-table-size");
+ mac_table_size = (mac_table_size_str && atoi(mac_table_size_str)
+ ? atoi(mac_table_size_str)
+ : MAC_DEFAULT_MAX);
+
+ ofproto_set_mac_table_config(br->ofproto, idle_time, mac_table_size);
}
static void
found_addr = true;
}
}
- if (found_addr) {
- VLOG_DBG("bridge %s: using bridge Ethernet address "ETH_ADDR_FMT,
- br->name, ETH_ADDR_ARGS(ea));
- } else {
- static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 10);
+
+ if (!found_addr) {
memcpy(ea, br->default_ea, ETH_ADDR_LEN);
*hw_addr_iface = NULL;
- VLOG_WARN_RL(&rl, "bridge %s: using default bridge Ethernet "
- "address "ETH_ADDR_FMT, br->name, ETH_ADDR_ARGS(ea));
}
hmapx_destroy(&mirror_output_ports);
int64_t bps;
int mtu;
int64_t mtu_64;
+ uint8_t mac[ETH_ADDR_LEN];
+ int64_t ifindex64;
int error;
if (iface_is_synthetic(iface)) {
smap_init(&smap);
- if (!netdev_get_drv_info(iface->netdev, &smap)) {
+ if (!netdev_get_status(iface->netdev, &smap)) {
ovsrec_interface_set_status(iface->cfg, &smap);
} else {
ovsrec_interface_set_status(iface->cfg, NULL);
smap_destroy(&smap);
error = netdev_get_features(iface->netdev, ¤t, NULL, NULL, NULL);
- if (!error) {
+ bps = !error ? netdev_features_to_bps(current, 0) : 0;
+ if (bps) {
ovsrec_interface_set_duplex(iface->cfg,
netdev_features_is_full_duplex(current)
? "full" : "half");
- /* warning: uint64_t -> int64_t conversion */
- bps = netdev_features_to_bps(current);
ovsrec_interface_set_link_speed(iface->cfg, &bps, 1);
- }
- else {
+ } else {
ovsrec_interface_set_duplex(iface->cfg, NULL);
ovsrec_interface_set_link_speed(iface->cfg, NULL, 0);
}
if (!error) {
mtu_64 = mtu;
ovsrec_interface_set_mtu(iface->cfg, &mtu_64, 1);
- }
- else {
+ } else {
ovsrec_interface_set_mtu(iface->cfg, NULL, 0);
}
+
+ error = netdev_get_etheraddr(iface->netdev, mac);
+ if (!error) {
+ char mac_string[32];
+
+ sprintf(mac_string, ETH_ADDR_FMT, ETH_ADDR_ARGS(mac));
+ ovsrec_interface_set_mac_in_use(iface->cfg, mac_string);
+ } else {
+ ovsrec_interface_set_mac_in_use(iface->cfg, NULL);
+ }
+
+ /* The netdev may return a negative number (such as -EOPNOTSUPP)
+ * if there is no valid ifindex number. */
+ ifindex64 = netdev_get_ifindex(iface->netdev);
+ if (ifindex64 < 0) {
+ ifindex64 = 0;
+ }
+ ovsrec_interface_set_ifindex(iface->cfg, &ifindex64, 1);
}
/* Writes 'iface''s CFM statistics to the database. 'iface' must not be
iface_refresh_cfm_stats(struct iface *iface)
{
const struct ovsrec_interface *cfg = iface->cfg;
- int fault, opup, error;
- const uint64_t *rmps;
- size_t n_rmps;
- int health;
-
- fault = ofproto_port_get_cfm_fault(iface->port->bridge->ofproto,
- iface->ofp_port);
- if (fault >= 0) {
+ struct ofproto_cfm_status status;
+
+ if (!ofproto_port_get_cfm_status(iface->port->bridge->ofproto,
+ iface->ofp_port, &status)) {
+ ovsrec_interface_set_cfm_fault(cfg, NULL, 0);
+ ovsrec_interface_set_cfm_fault_status(cfg, NULL, 0);
+ ovsrec_interface_set_cfm_remote_opstate(cfg, NULL);
+ ovsrec_interface_set_cfm_health(cfg, NULL, 0);
+ ovsrec_interface_set_cfm_remote_mpids(cfg, NULL, 0);
+ } else {
const char *reasons[CFM_FAULT_N_REASONS];
- bool fault_bool = fault;
+ int64_t cfm_health = status.health;
+ bool faulted = status.faults != 0;
size_t i, j;
+ ovsrec_interface_set_cfm_fault(cfg, &faulted, 1);
+
j = 0;
for (i = 0; i < CFM_FAULT_N_REASONS; i++) {
int reason = 1 << i;
- if (fault & reason) {
+ if (status.faults & reason) {
reasons[j++] = cfm_fault_reason_to_str(reason);
}
}
-
- ovsrec_interface_set_cfm_fault(cfg, &fault_bool, 1);
ovsrec_interface_set_cfm_fault_status(cfg, (char **) reasons, j);
- } else {
- ovsrec_interface_set_cfm_fault(cfg, NULL, 0);
- ovsrec_interface_set_cfm_fault_status(cfg, NULL, 0);
- }
- opup = ofproto_port_get_cfm_opup(iface->port->bridge->ofproto,
- iface->ofp_port);
- if (opup >= 0) {
- ovsrec_interface_set_cfm_remote_opstate(cfg, opup ? "up" : "down");
- } else {
- ovsrec_interface_set_cfm_remote_opstate(cfg, NULL);
- }
+ if (status.remote_opstate >= 0) {
+ const char *remote_opstate = status.remote_opstate ? "up" : "down";
+ ovsrec_interface_set_cfm_remote_opstate(cfg, remote_opstate);
+ } else {
+ ovsrec_interface_set_cfm_remote_opstate(cfg, NULL);
+ }
- error = ofproto_port_get_cfm_remote_mpids(iface->port->bridge->ofproto,
- iface->ofp_port, &rmps, &n_rmps);
- if (error >= 0) {
- ovsrec_interface_set_cfm_remote_mpids(cfg, (const int64_t *)rmps,
- n_rmps);
- } else {
- ovsrec_interface_set_cfm_remote_mpids(cfg, NULL, 0);
- }
+ ovsrec_interface_set_cfm_remote_mpids(cfg,
+ (const int64_t *)status.rmps,
+ status.n_rmps);
+ if (cfm_health >= 0) {
+ ovsrec_interface_set_cfm_health(cfg, &cfm_health, 1);
+ } else {
+ ovsrec_interface_set_cfm_health(cfg, NULL, 0);
+ }
- health = ofproto_port_get_cfm_health(iface->port->bridge->ofproto,
- iface->ofp_port);
- if (health >= 0) {
- int64_t cfm_health = health;
- ovsrec_interface_set_cfm_health(cfg, &cfm_health, 1);
- } else {
- ovsrec_interface_set_cfm_health(cfg, NULL, 0);
+ free(status.rmps);
}
}
IFACE_STAT(rx_crc_errors, "rx_crc_err") \
IFACE_STAT(collisions, "collisions")
-#define IFACE_STAT(MEMBER, NAME) NAME,
- static char *keys[] = { IFACE_STATS };
+#define IFACE_STAT(MEMBER, NAME) + 1
+ enum { N_IFACE_STATS = IFACE_STATS };
#undef IFACE_STAT
- int64_t values[ARRAY_SIZE(keys)];
- int i;
+ int64_t values[N_IFACE_STATS];
+ char *keys[N_IFACE_STATS];
+ int n;
struct netdev_stats stats;
* all-1s, and we will deal with that correctly below. */
netdev_get_stats(iface->netdev, &stats);
- /* Copy statistics into values[] array. */
- i = 0;
-#define IFACE_STAT(MEMBER, NAME) values[i++] = stats.MEMBER;
+ /* Copy statistics into keys[] and values[]. */
+ n = 0;
+#define IFACE_STAT(MEMBER, NAME) \
+ if (stats.MEMBER != UINT64_MAX) { \
+ keys[n] = NAME; \
+ values[n] = stats.MEMBER; \
+ n++; \
+ }
IFACE_STATS;
#undef IFACE_STAT
- assert(i == ARRAY_SIZE(keys));
+ ovs_assert(n <= N_IFACE_STATS);
- ovsrec_interface_set_statistics(iface->cfg, keys, values,
- ARRAY_SIZE(keys));
+ ovsrec_interface_set_statistics(iface->cfg, keys, values, n);
#undef IFACE_STATS
}
}
static inline const char *
-nx_role_to_str(enum nx_role role)
+ofp12_controller_role_to_str(enum ofp12_controller_role role)
{
switch (role) {
- case NX_ROLE_OTHER:
+ case OFPCR12_ROLE_EQUAL:
return "other";
- case NX_ROLE_MASTER:
+ case OFPCR12_ROLE_MASTER:
return "master";
- case NX_ROLE_SLAVE:
+ case OFPCR12_ROLE_SLAVE:
return "slave";
+ case OFPCR12_ROLE_NOCHANGE:
default:
return "*** INVALID ROLE ***";
}
}
ovsrec_controller_set_is_connected(cfg, cinfo->is_connected);
- ovsrec_controller_set_role(cfg, nx_role_to_str(cinfo->role));
+ ovsrec_controller_set_role(cfg, ofp12_controller_role_to_str(
+ cinfo->role));
ovsrec_controller_set_status(cfg, &smap);
smap_destroy(&smap);
} else {
ofproto_free_ofproto_controller_info(&info);
}
+\f
+/* "Instant" stats.
+ *
+ * Some information in the database must be kept as up-to-date as possible to
+ * allow controllers to respond rapidly to network outages. We call these
+ * statistics "instant" stats.
+ *
+ * We wish to update these statistics every INSTANT_INTERVAL_MSEC milliseconds,
+ * assuming that they've changed. The only means we have to determine whether
+ * they have changed are:
+ *
+ * - Try to commit changes to the database. If nothing changed, then
+ * ovsdb_idl_txn_commit() returns TXN_UNCHANGED, otherwise some other
+ * value.
+ *
+ * - instant_stats_run() is called late in the run loop, after anything that
+ * might change any of the instant stats.
+ *
+ * We use these two facts together to avoid waking the process up every
+ * INSTANT_INTERVAL_MSEC whether there is any change or not.
+ */
+
+/* Minimum interval between writing updates to the instant stats to the
+ * database. */
+#define INSTANT_INTERVAL_MSEC 100
+
+/* Current instant stats database transaction, NULL if there is no ongoing
+ * transaction. */
+static struct ovsdb_idl_txn *instant_txn;
+
+/* Next time (in msec on monotonic clock) at which we will update the instant
+ * stats. */
+static long long int instant_next_txn = LLONG_MIN;
+
+/* True if the run loop has run since we last saw that the instant stats were
+ * unchanged, that is, this is true if we need to wake up at 'instant_next_txn'
+ * to refresh the instant stats. */
+static bool instant_stats_could_have_changed;
static void
-refresh_instant_stats(void)
+instant_stats_run(void)
{
- static struct ovsdb_idl_txn *txn = NULL;
+ enum ovsdb_idl_txn_status status;
- if (!txn) {
+ instant_stats_could_have_changed = true;
+
+ if (!instant_txn) {
struct bridge *br;
- txn = ovsdb_idl_txn_create(idl);
+ if (time_msec() < instant_next_txn) {
+ return;
+ }
+ instant_next_txn = time_msec() + INSTANT_INTERVAL_MSEC;
+ instant_txn = ovsdb_idl_txn_create(idl);
HMAP_FOR_EACH (br, node, &all_bridges) {
struct iface *iface;
struct port *port;
HMAP_FOR_EACH (iface, name_node, &br->iface_by_name) {
enum netdev_flags flags;
+ struct smap smap;
const char *link_state;
int64_t link_resets;
int current, error;
ovsrec_interface_set_link_resets(iface->cfg, &link_resets, 1);
iface_refresh_cfm_stats(iface);
+
+ smap_init(&smap);
+ if (!ofproto_port_get_bfd_status(br->ofproto, iface->ofp_port,
+ &smap)) {
+ ovsrec_interface_set_bfd_status(iface->cfg, &smap);
+ smap_destroy(&smap);
+ }
}
}
}
- if (ovsdb_idl_txn_commit(txn) != TXN_INCOMPLETE) {
- ovsdb_idl_txn_destroy(txn);
- txn = NULL;
+ status = ovsdb_idl_txn_commit(instant_txn);
+ if (status != TXN_INCOMPLETE) {
+ ovsdb_idl_txn_destroy(instant_txn);
+ instant_txn = NULL;
+ }
+ if (status == TXN_UNCHANGED) {
+ instant_stats_could_have_changed = false;
}
}
+static void
+instant_stats_wait(void)
+{
+ if (instant_txn) {
+ ovsdb_idl_txn_wait(instant_txn);
+ } else if (instant_stats_could_have_changed) {
+ poll_timer_wait_until(instant_next_txn);
+ }
+}
+\f
/* Performs periodic activity required by bridges that needs to be done with
* the least possible latency.
*
void
bridge_run_fast(void)
{
+ struct sset types;
+ const char *type;
struct bridge *br;
+ sset_init(&types);
+ ofproto_enumerate_types(&types);
+ SSET_FOR_EACH (type, &types) {
+ ofproto_type_run_fast(type);
+ }
+ sset_destroy(&types);
+
HMAP_FOR_EACH (br, node, &all_bridges) {
ofproto_run_fast(br->ofproto);
}
void
bridge_run(void)
{
- static const struct ovsrec_open_vswitch null_cfg;
+ static struct ovsrec_open_vswitch null_cfg;
const struct ovsrec_open_vswitch *cfg;
struct ovsdb_idl_txn *reconf_txn = NULL;
+ struct sset types;
+ const char *type;
bool vlan_splinters_changed;
struct bridge *br;
- ovsrec_open_vswitch_init((struct ovsrec_open_vswitch *) &null_cfg);
+ ovsrec_open_vswitch_init(&null_cfg);
/* (Re)configure if necessary. */
if (!reconfiguring) {
struct bridge *br, *next_br;
VLOG_ERR_RL(&rl, "another ovs-vswitchd process is running, "
- "disabling this process until it goes away");
+ "disabling this process (pid %ld) until it goes away",
+ (long int) getpid());
HMAP_FOR_EACH_SAFE (br, next_br, node, &all_bridges) {
bridge_destroy(br);
}
+ /* Since we will not be running system_stats_run() in this process
+ * with the current situation of multiple ovs-vswitchd daemons,
+ * disable system stats collection. */
+ system_stats_enable(false);
return;
} else if (!ovsdb_idl_has_lock(idl)) {
return;
}
cfg = ovsrec_open_vswitch_first(idl);
+ /* Initialize the ofproto library. This only needs to run once, but
+ * it must be done after the configuration is set. If the
+ * initialization has already occurred, bridge_init_ofproto()
+ * returns immediately. */
+ bridge_init_ofproto(cfg);
+
+ /* Once the value of flow-restore-wait is false, we no longer should
+ * check its value from the database. */
+ if (cfg && ofproto_get_flow_restore_wait()) {
+ ofproto_set_flow_restore_wait(smap_get_bool(&cfg->other_config,
+ "flow-restore-wait", false));
+ }
+
+ /* Let each datapath type do the work that it needs to do. */
+ sset_init(&types);
+ ofproto_enumerate_types(&types);
+ SSET_FOR_EACH (type, &types) {
+ ofproto_type_run(type);
+ }
+ sset_destroy(&types);
+
/* Let each bridge do the work that it needs to do. */
HMAP_FOR_EACH (br, node, &all_bridges) {
ofproto_run(br->ofproto);
}
if (reconfiguring) {
- if (cfg) {
- if (!reconf_txn) {
- reconf_txn = ovsdb_idl_txn_create(idl);
- }
- if (bridge_reconfigure_continue(cfg)) {
+ if (!reconf_txn) {
+ reconf_txn = ovsdb_idl_txn_create(idl);
+ }
+
+ if (bridge_reconfigure_continue(cfg ? cfg : &null_cfg)) {
+ reconfiguring = false;
+
+ if (cfg) {
ovsrec_open_vswitch_set_cur_cfg(cfg, cfg->next_cfg);
}
- } else {
- bridge_reconfigure_continue(&null_cfg);
+
+ /* If we are completing our initial configuration for this run
+ * of ovs-vswitchd, then keep the transaction around to monitor
+ * it for completion. */
+ if (!initial_config_done) {
+ initial_config_done = true;
+ daemonize_txn = reconf_txn;
+ reconf_txn = NULL;
+ }
}
}
reconf_txn = NULL;
}
+ if (daemonize_txn) {
+ enum ovsdb_idl_txn_status status = ovsdb_idl_txn_commit(daemonize_txn);
+ if (status != TXN_INCOMPLETE) {
+ ovsdb_idl_txn_destroy(daemonize_txn);
+ daemonize_txn = NULL;
+
+ /* ovs-vswitchd has completed initialization, so allow the
+ * process that forked us to exit successfully. */
+ daemonize_complete();
+
+ vlog_enable_async();
+
+ VLOG_INFO_ONCE("%s (Open vSwitch) %s", program_name, VERSION);
+ }
+ }
+
/* Refresh interface and mirror stats if necessary. */
if (time_msec() >= iface_stats_timer) {
if (cfg) {
}
run_system_stats();
- refresh_instant_stats();
+ instant_stats_run();
}
void
bridge_wait(void)
{
+ struct sset types;
+ const char *type;
+
ovsdb_idl_wait(idl);
+ if (daemonize_txn) {
+ ovsdb_idl_txn_wait(daemonize_txn);
+ }
if (reconfiguring) {
poll_immediate_wake();
}
+ sset_init(&types);
+ ofproto_enumerate_types(&types);
+ SSET_FOR_EACH (type, &types) {
+ ofproto_type_wait(type);
+ }
+ sset_destroy(&types);
+
if (!hmap_is_empty(&all_bridges)) {
struct bridge *br;
}
system_stats_wait();
+ instant_stats_wait();
}
/* Adds some memory usage statistics for bridges into 'usage', for use with
}
} else {
ds_put_format(ds, "\tFailed to get statistics for queue %u: %s",
- queue_id, strerror(error));
+ queue_id, ovs_strerror(error));
}
}
error = netdev_dump_queues(iface->netdev, qos_unixctl_show_cb, &data);
if (error) {
- ds_put_format(&ds, "failed to dump queues: %s", strerror(error));
+ ds_put_format(&ds, "failed to dump queues: %s",
+ ovs_strerror(error));
}
unixctl_command_reply(conn, ds_cstr(&ds));
} else {
{
struct bridge *br;
- assert(!bridge_lookup(br_cfg->name));
+ ovs_assert(!bridge_lookup(br_cfg->name));
br = xzalloc(sizeof *br);
br->name = xstrdup(br_cfg->name);
if_cfg->cfg = cfg;
if_cfg->parent = parent;
+ if_cfg->ofport = iface_pick_ofport(cfg);
hmap_insert(&br->if_cfg_todo, &if_cfg->hmap_node,
hash_string(if_cfg->cfg->name, 0));
}
struct shash new_ports;
size_t i;
- assert(hmap_is_empty(&br->if_cfg_todo));
+ ovs_assert(hmap_is_empty(&br->if_cfg_todo));
/* Collect new ports. */
shash_init(&new_ports);
/* Bring up the local interface. */
netdev = local_iface->netdev;
- netdev_turn_flags_on(netdev, NETDEV_UP, true);
+ netdev_turn_flags_on(netdev, NETDEV_UP, NULL);
/* Configure the IP address and netmask. */
if (!c->local_netmask
}
if (!netdev_set_in4(netdev, ip, mask)) {
VLOG_INFO("bridge %s: configured IP address "IP_FMT", netmask "IP_FMT,
- br->name, IP_ARGS(&ip.s_addr), IP_ARGS(&mask.s_addr));
+ br->name, IP_ARGS(ip.s_addr), IP_ARGS(mask.s_addr));
}
/* Configure the default gateway. */
&& gateway.s_addr) {
if (!netdev_add_router(netdev, gateway)) {
VLOG_INFO("bridge %s: configured gateway "IP_FMT,
- br->name, IP_ARGS(&gateway.s_addr));
+ br->name, IP_ARGS(gateway.s_addr));
}
}
}
/* Returns true if 'a' and 'b' are the same except that any number of slashes
* in either string are treated as equal to any number of slashes in the other,
- * e.g. "x///y" is equal to "x/y". */
+ * e.g. "x///y" is equal to "x/y".
+ *
+ * Also, if 'b_stoplen' bytes from 'b' are found to be equal to corresponding
+ * bytes from 'a', the function considers this success. Specify 'b_stoplen' as
+ * SIZE_MAX to compare all of 'a' to all of 'b' rather than just a prefix of
+ * 'b' against a prefix of 'a'.
+ */
static bool
-equal_pathnames(const char *a, const char *b)
+equal_pathnames(const char *a, const char *b, size_t b_stoplen)
{
- while (*a == *b) {
- if (*a == '/') {
+ const char *b_start = b;
+ for (;;) {
+ if (b - b_start >= b_stoplen) {
+ return true;
+ } else if (*a != *b) {
+ return false;
+ } else if (*a == '/') {
a += strspn(a, "/");
b += strspn(b, "/");
} else if (*a == '\0') {
b++;
}
}
- return false;
}
static void
static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
char *whitelist;
- whitelist = xasprintf("unix:%s/%s.controller",
+ if (!strncmp(c->target, "unix:", 5)) {
+ /* Connect to a listening socket */
+ whitelist = xasprintf("unix:%s/", ovs_rundir());
+ if (strchr(c->target, '/') &&
+ !equal_pathnames(c->target, whitelist,
+ strlen(whitelist))) {
+ /* Absolute path specified, but not in ovs_rundir */
+ VLOG_ERR_RL(&rl, "bridge %s: Not connecting to socket "
+ "controller \"%s\" due to possibility for "
+ "remote exploit. Instead, specify socket "
+ "in whitelisted \"%s\" or connect to "
+ "\"unix:%s/%s.mgmt\" (which is always "
+ "available without special configuration).",
+ br->name, c->target, whitelist,
ovs_rundir(), br->name);
- if (!equal_pathnames(c->target, whitelist)) {
- /* Prevent remote ovsdb-server users from accessing arbitrary
- * Unix domain sockets and overwriting arbitrary local
- * files. */
- VLOG_ERR_RL(&rl, "bridge %s: Not adding Unix domain socket "
- "controller \"%s\" due to possibility for remote "
- "exploit. Instead, specify whitelisted \"%s\" or "
- "connect to \"unix:%s/%s.mgmt\" (which is always "
- "available without special configuration).",
- br->name, c->target, whitelist,
- ovs_rundir(), br->name);
- free(whitelist);
- continue;
+ free(whitelist);
+ continue;
+ }
+ } else {
+ whitelist = xasprintf("punix:%s/%s.controller",
+ ovs_rundir(), br->name);
+ if (!equal_pathnames(c->target, whitelist, SIZE_MAX)) {
+ /* Prevent remote ovsdb-server users from accessing
+ * arbitrary Unix domain sockets and overwriting arbitrary
+ * local files. */
+ VLOG_ERR_RL(&rl, "bridge %s: Not adding Unix domain socket "
+ "controller \"%s\" due to possibility of "
+ "overwriting local files. Instead, specify "
+ "whitelisted \"%s\" or connect to "
+ "\"unix:%s/%s.mgmt\" (which is always "
+ "available without special configuration).",
+ br->name, c->target, whitelist,
+ ovs_rundir(), br->name);
+ free(whitelist);
+ continue;
+ }
}
free(whitelist);
n_ocs++;
}
- ofproto_set_controllers(br->ofproto, ocs, n_ocs);
+ ofproto_set_controllers(br->ofproto, ocs, n_ocs,
+ bridge_get_allowed_versions(br));
free(ocs[0].target); /* From bridge_ofproto_controller_for_mgmt(). */
free(ocs);
br->cfg->key_flow_tables[j]);
}
}
+
+static void
+bridge_configure_dp_desc(struct bridge *br)
+{
+ ofproto_set_dp_desc(br->ofproto,
+ smap_get(&br->cfg->other_config, "dp-desc"));
+}
\f
/* Port functions. */
key = smap_get_int(&iface->cfg->other_config, "lacp-aggregation-key", 0);
if (portid <= 0 || portid > UINT16_MAX) {
- portid = iface->ofp_port;
+ portid = ofp_to_u16(iface->ofp_port);
}
if (priority <= 0 || priority > UINT16_MAX) {
}
static void
-port_configure_bond(struct port *port, struct bond_settings *s,
- uint32_t *bond_stable_ids)
+port_configure_bond(struct port *port, struct bond_settings *s)
{
const char *detect_s;
struct iface *iface;
int miimon_interval;
- size_t i;
s->name = port->name;
s->balance = BM_AB;
s->fake_iface = port->cfg->bond_fake_iface;
- i = 0;
LIST_FOR_EACH (iface, port_elem, &port->ifaces) {
- long long stable_id;
-
- stable_id = smap_get_int(&iface->cfg->other_config, "bond-stable-id",
- 0);
- if (stable_id <= 0 || stable_id >= UINT32_MAX) {
- stable_id = iface->ofp_port;
- }
- bond_stable_ids[i++] = stable_id;
-
netdev_set_miimon_interval(iface->netdev, miimon_interval);
}
}
\f
/* Interface functions. */
+static bool
+iface_is_internal(const struct ovsrec_interface *iface,
+ const struct ovsrec_bridge *br)
+{
+ /* The local port and "internal" ports are always "internal". */
+ return !strcmp(iface->type, "internal") || !strcmp(iface->name, br->name);
+}
+
/* Returns the correct network device type for interface 'iface' in bridge
* 'br'. */
static const char *
iface_get_type(const struct ovsrec_interface *iface,
const struct ovsrec_bridge *br)
{
- /* The local port always has type "internal". Other ports take their type
- * from the database and default to "system" if none is specified. */
- return (!strcmp(iface->name, br->name) ? "internal"
- : iface->type[0] ? iface->type
- : "system");
+ const char *type;
+
+ /* The local port always has type "internal". Other ports take
+ * their type from the database and default to "system" if none is
+ * specified. */
+ if (iface_is_internal(iface, br)) {
+ type = "internal";
+ } else {
+ type = iface->type[0] ? iface->type : "system";
+ }
+
+ return ofproto_port_open_type(br->datapath_type, type);
}
static void
struct port *port = iface->port;
struct bridge *br = port->bridge;
- if (br->ofproto && iface->ofp_port >= 0) {
+ if (br->ofproto && iface->ofp_port != OFPP_NONE) {
ofproto_port_unregister(br->ofproto, iface->ofp_port);
}
- if (iface->ofp_port >= 0) {
+ if (iface->ofp_port != OFPP_NONE) {
hmap_remove(&br->ifaces, &iface->ofp_port_node);
}
}
static struct iface *
-iface_from_ofp_port(const struct bridge *br, uint16_t ofp_port)
+iface_from_ofp_port(const struct bridge *br, ofp_port_t ofp_port)
{
struct iface *iface;
- HMAP_FOR_EACH_IN_BUCKET (iface, ofp_port_node,
- hash_int(ofp_port, 0), &br->ifaces) {
+ HMAP_FOR_EACH_IN_BUCKET (iface, ofp_port_node, hash_ofp_port(ofp_port),
+ &br->ifaces) {
if (iface->ofp_port == ofp_port) {
return iface;
}
int error = netdev_set_etheraddr(iface->netdev, ea);
if (error) {
VLOG_ERR("interface %s: setting MAC failed (%s)",
- iface->name, strerror(error));
+ iface->name, ovs_strerror(error));
}
}
}
/* Sets the ofport column of 'if_cfg' to 'ofport'. */
static void
-iface_set_ofport(const struct ovsrec_interface *if_cfg, int64_t ofport)
+iface_set_ofport(const struct ovsrec_interface *if_cfg, ofp_port_t ofport)
{
+ int64_t port_;
+ port_ = (ofport == OFPP_NONE) ? -1 : ofp_to_u16(ofport);
if (if_cfg && !ovsdb_idl_row_is_synthetic(&if_cfg->header_)) {
- ovsrec_interface_set_ofport(if_cfg, &ofport, 1);
+ ovsrec_interface_set_ofport(if_cfg, &port_, 1);
}
}
iface_clear_db_record(const struct ovsrec_interface *if_cfg)
{
if (!ovsdb_idl_row_is_synthetic(&if_cfg->header_)) {
- iface_set_ofport(if_cfg, -1);
ovsrec_interface_set_status(if_cfg, NULL);
ovsrec_interface_set_admin_state(if_cfg, NULL);
ovsrec_interface_set_duplex(if_cfg, NULL);
ovsrec_interface_set_link_speed(if_cfg, NULL, 0);
ovsrec_interface_set_link_state(if_cfg, NULL);
+ ovsrec_interface_set_mac_in_use(if_cfg, NULL);
ovsrec_interface_set_mtu(if_cfg, NULL, 0);
ovsrec_interface_set_cfm_fault(if_cfg, NULL, 0);
ovsrec_interface_set_cfm_fault_status(if_cfg, NULL, 0);
ovsrec_interface_set_cfm_remote_mpids(if_cfg, NULL, 0);
ovsrec_interface_set_lacp_current(if_cfg, NULL, 0);
ovsrec_interface_set_statistics(if_cfg, NULL, NULL, 0);
+ ovsrec_interface_set_ifindex(if_cfg, NULL, 0);
}
}
}
}
- if (iface->ofp_port >= 0) {
+ if (iface->ofp_port != OFPP_NONE) {
const struct ofproto_port_queue *port_queues = queues_buf.data;
size_t n_queues = queues_buf.size / sizeof *port_queues;
const char *opstate_str;
const char *cfm_ccm_vlan;
struct cfm_settings s;
+ struct smap netdev_args;
if (!cfg->n_cfm_mpid) {
ofproto_port_clear_cfm(iface->port->bridge->ofproto, iface->ofp_port);
return;
}
+ s.check_tnl_key = false;
+ smap_init(&netdev_args);
+ if (!netdev_get_config(iface->netdev, &netdev_args)) {
+ const char *key = smap_get(&netdev_args, "key");
+ const char *in_key = smap_get(&netdev_args, "in_key");
+
+ s.check_tnl_key = (key && !strcmp(key, "flow"))
+ || (in_key && !strcmp(in_key, "flow"));
+ }
+ smap_destroy(&netdev_args);
+
s.mpid = *cfg->cfm_mpid;
s.interval = smap_get_int(&iface->cfg->other_config, "cfm_interval", 0);
cfm_ccm_vlan = smap_get(&iface->cfg->other_config, "cfm_ccm_vlan");
s.extended = smap_get_bool(&iface->cfg->other_config, "cfm_extended",
false);
+ s.demand = smap_get_bool(&iface->cfg->other_config, "cfm_demand", false);
opstate_str = smap_get(&iface->cfg->other_config, "cfm_opstate");
s.opup = !opstate_str || !strcasecmp("up", opstate_str);
return ovsdb_idl_row_is_synthetic(&iface->cfg->header_);
}
+static ofp_port_t
+iface_pick_ofport(const struct ovsrec_interface *cfg)
+{
+ ofp_port_t ofport = cfg->n_ofport ? u16_to_ofp(*cfg->ofport)
+ : OFPP_NONE;
+ return cfg->n_ofport_request ? u16_to_ofp(*cfg->ofport_request)
+ : ofport;
+}
+
\f
/* Port mirroring. */
if (!netdev_open(vlan_dev->name, "system", &netdev)) {
if (!netdev_get_in4(netdev, NULL, NULL) ||
!netdev_get_in6(netdev, NULL)) {
- vlandev_del(vlan_dev->name);
- } else {
/* It has an IP address configured, so we don't own
* it. Don't delete it. */
+ } else {
+ vlandev_del(vlan_dev->name);
}
netdev_close(netdev);
}
configure_splinter_port(struct port *port)
{
struct ofproto *ofproto = port->bridge->ofproto;
- uint16_t realdev_ofp_port;
+ ofp_port_t realdev_ofp_port;
const char *realdev_name;
struct iface *vlandev, *realdev;