X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=lib%2Fdpif-netdev.c;h=8852e9d543414c2e59a8222dce4018982e875b30;hb=996c1b3d7a4d6e82e1831ff8821e5fd7e1a5522c;hp=4c25f1393884004b732b107cba4bca8d04c95ed9;hpb=4d678233e981fa319a338f6b0949e9dc625941a4;p=sliver-openvswitch.git diff --git a/lib/dpif-netdev.c b/lib/dpif-netdev.c index 4c25f1393..8852e9d54 100644 --- a/lib/dpif-netdev.c +++ b/lib/dpif-netdev.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009 Nicira Networks. + * Copyright (c) 2009, 2010, 2011 Nicira Networks. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -22,8 +22,10 @@ #include #include #include -#include #include +#include +#include +#include #include #include #include @@ -31,27 +33,28 @@ #include #include "csum.h" +#include "dpif.h" #include "dpif-provider.h" +#include "dummy.h" +#include "dynamic-string.h" #include "flow.h" #include "hmap.h" #include "list.h" #include "netdev.h" +#include "netlink.h" #include "odp-util.h" #include "ofp-print.h" #include "ofpbuf.h" #include "packets.h" #include "poll-loop.h" -#include "queue.h" +#include "shash.h" #include "timeval.h" #include "util.h" - #include "vlog.h" -#define THIS_MODULE VLM_dpif_netdev + +VLOG_DEFINE_THIS_MODULE(dpif_netdev); /* Configuration parameters. */ -enum { N_QUEUES = 2 }; /* Number of queues for dpif_recv(). */ -enum { MAX_QUEUE_LEN = 100 }; /* Maximum number of packets per queue. */ -enum { N_GROUPS = 16 }; /* Number of port groups. */ enum { MAX_PORTS = 256 }; /* Maximum number of ports. */ enum { MAX_FLOWS = 65536 }; /* Maximum number of flows in flow table. */ @@ -59,17 +62,27 @@ enum { MAX_FLOWS = 65536 }; /* Maximum number of flows in flow table. */ * headers to be aligned on a 4-byte boundary. */ enum { DP_NETDEV_HEADROOM = 2 + VLAN_HEADER_LEN }; +/* Queues. */ +enum { N_QUEUES = 2 }; /* Number of queues for dpif_recv(). */ +enum { MAX_QUEUE_LEN = 128 }; /* Maximum number of packets per queue. */ +enum { QUEUE_MASK = MAX_QUEUE_LEN - 1 }; +BUILD_ASSERT_DECL(IS_POW2(MAX_QUEUE_LEN)); + +struct dp_netdev_queue { + struct dpif_upcall *upcalls[MAX_QUEUE_LEN]; + unsigned int head, tail; +}; + /* Datapath based on the network device interface from netdev.h. */ struct dp_netdev { - struct list node; - int dp_idx; + const struct dpif_class *class; + char *name; int open_cnt; - bool deleted; + bool destroyed; bool drop_frags; /* Drop all IP fragments, if true. */ - struct ovs_queue queues[N_QUEUES]; /* Messages queued for dpif_recv(). */ + struct dp_netdev_queue queues[N_QUEUES]; struct hmap flow_table; /* Flow table. */ - struct odp_port_group groups[N_GROUPS]; /* Statistics. */ long long int n_frags; /* Number of dropped IP fragments. */ @@ -89,24 +102,23 @@ struct dp_netdev_port { int port_no; /* Index into dp_netdev's 'ports'. */ struct list node; /* Element in dp_netdev's 'port_list'. */ struct netdev *netdev; - bool internal; /* Internal port (as ODP_PORT_INTERNAL)? */ + bool internal; /* Internal port? */ }; /* A flow in dp_netdev's 'flow_table'. */ struct dp_netdev_flow { struct hmap_node node; /* Element in dp_netdev's 'flow_table'. */ - flow_t key; + struct flow key; /* Statistics. */ - struct timeval used; /* Last used time, in milliseconds. */ - long long int packet_count; /* Number of packets matched. */ - long long int byte_count; /* Number of bytes matched. */ - uint8_t ip_tos; /* IP TOS value. */ - uint16_t tcp_ctl; /* Bitwise-OR of seen tcp_ctl values. */ + struct timespec used; /* Last used time. */ + long long int packet_count; /* Number of packets matched. */ + long long int byte_count; /* Number of bytes matched. */ + uint16_t tcp_ctl; /* Bitwise-OR of seen tcp_ctl values. */ /* Actions. */ - union odp_action *actions; - unsigned int n_actions; + struct nlattr *actions; + size_t actions_len; }; /* Interface to netdev-based datapath. */ @@ -118,9 +130,7 @@ struct dpif_netdev { }; /* All netdev-based datapaths. */ -static struct dp_netdev *dp_netdevs[256]; -struct list dp_netdev_list = LIST_INITIALIZER(&dp_netdev_list); -enum { N_DP_NETDEVS = ARRAY_SIZE(dp_netdevs) }; +static struct shash dp_netdevs = SHASH_INITIALIZER(&dp_netdevs); /* Maximum port MTU seen so far. */ static int max_mtu = ETH_PAYLOAD_MAX; @@ -131,19 +141,25 @@ static int get_port_by_name(struct dp_netdev *, const char *devname, struct dp_netdev_port **portp); static void dp_netdev_free(struct dp_netdev *); static void dp_netdev_flow_flush(struct dp_netdev *); -static int do_add_port(struct dp_netdev *, const char *devname, uint16_t flags, - uint16_t port_no); +static int do_add_port(struct dp_netdev *, const char *devname, + const char *type, uint16_t port_no); static int do_del_port(struct dp_netdev *, uint16_t port_no); +static int dpif_netdev_open(const struct dpif_class *, const char *name, + bool create, struct dpif **); static int dp_netdev_output_control(struct dp_netdev *, const struct ofpbuf *, - int queue_no, int port_no, uint32_t arg); + int queue_no, const struct flow *, + uint64_t arg); static int dp_netdev_execute_actions(struct dp_netdev *, - struct ofpbuf *, flow_t *, - const union odp_action *, int n); + struct ofpbuf *, struct flow *, + const struct nlattr *actions, + size_t actions_len); + +static struct dpif_class dpif_dummy_class; static struct dpif_netdev * dpif_netdev_cast(const struct dpif *dpif) { - dpif_assert_class(dpif, &dpif_netdev_class); + assert(dpif->dpif_class->open == dpif_netdev_open); return CONTAINER_OF(dpif, struct dpif_netdev, dpif); } @@ -153,152 +169,111 @@ get_dp_netdev(const struct dpif *dpif) return dpif_netdev_cast(dpif)->dp; } -static int -name_to_dp_idx(const char *name) -{ - if (!strncmp(name, "dp", 2) && isdigit((unsigned char)name[2])) { - int dp_idx = atoi(name + 2); - if (dp_idx >= 0 && dp_idx < N_DP_NETDEVS) { - return dp_idx; - } - } - return -1; -} - -static struct dp_netdev * -find_dp_netdev(const char *name) -{ - int dp_idx; - size_t i; - - dp_idx = name_to_dp_idx(name); - if (dp_idx >= 0) { - return dp_netdevs[dp_idx]; - } - - for (i = 0; i < N_DP_NETDEVS; i++) { - struct dp_netdev *dp = dp_netdevs[i]; - if (dp) { - struct dp_netdev_port *port; - if (!get_port_by_name(dp, name, &port)) { - return dp; - } - } - } - return NULL; -} - static struct dpif * create_dpif_netdev(struct dp_netdev *dp) { + uint16_t netflow_id = hash_string(dp->name, 0); struct dpif_netdev *dpif; - char *dpname; dp->open_cnt++; - dpname = xasprintf("netdev:dp%d", dp->dp_idx); dpif = xmalloc(sizeof *dpif); - dpif_init(&dpif->dpif, &dpif_netdev_class, dpname, dp->dp_idx, dp->dp_idx); + dpif_init(&dpif->dpif, dp->class, dp->name, netflow_id >> 8, netflow_id); dpif->dp = dp; dpif->listen_mask = 0; dpif->dp_serial = dp->serial; - free(dpname); return &dpif->dpif; } static int -create_dp_netdev(const char *name, int dp_idx, struct dpif **dpifp) +create_dp_netdev(const char *name, const struct dpif_class *class, + struct dp_netdev **dpp) { struct dp_netdev *dp; int error; int i; - if (dp_netdevs[dp_idx]) { - return EBUSY; - } - - /* Create datapath. */ - dp_netdevs[dp_idx] = dp = xcalloc(1, sizeof *dp); - list_push_back(&dp_netdev_list, &dp->node); - dp->dp_idx = dp_idx; + dp = xzalloc(sizeof *dp); + dp->class = class; + dp->name = xstrdup(name); dp->open_cnt = 0; dp->drop_frags = false; for (i = 0; i < N_QUEUES; i++) { - queue_init(&dp->queues[i]); + dp->queues[i].head = dp->queues[i].tail = 0; } hmap_init(&dp->flow_table); - for (i = 0; i < N_GROUPS; i++) { - dp->groups[i].ports = NULL; - dp->groups[i].n_ports = 0; - dp->groups[i].group = i; - } list_init(&dp->port_list); - error = do_add_port(dp, name, ODP_PORT_INTERNAL, ODPP_LOCAL); + error = do_add_port(dp, name, "internal", ODPP_LOCAL); if (error) { dp_netdev_free(dp); return error; } - *dpifp = create_dpif_netdev(dp); + shash_add(&dp_netdevs, name, dp); + + *dpp = dp; return 0; } static int -dpif_netdev_open(const char *name UNUSED, char *suffix, bool create, - struct dpif **dpifp) +dpif_netdev_open(const struct dpif_class *class, const char *name, + bool create, struct dpif **dpifp) { - if (create) { - if (find_dp_netdev(suffix)) { - return EEXIST; - } else { - int dp_idx = name_to_dp_idx(suffix); - if (dp_idx >= 0) { - return create_dp_netdev(suffix, dp_idx, dpifp); - } else { - /* Scan for unused dp_idx number. */ - for (dp_idx = 0; dp_idx < N_DP_NETDEVS; dp_idx++) { - int error = create_dp_netdev(suffix, dp_idx, dpifp); - if (error != EBUSY) { - return error; - } - } + struct dp_netdev *dp; - /* All datapath numbers in use. */ - return ENOBUFS; + dp = shash_find_data(&dp_netdevs, name); + if (!dp) { + if (!create) { + return ENODEV; + } else { + int error = create_dp_netdev(name, class, &dp); + if (error) { + return error; } + assert(dp != NULL); } } else { - struct dp_netdev *dp = find_dp_netdev(suffix); - if (dp) { - *dpifp = create_dpif_netdev(dp); - return 0; - } else { - return ENODEV; + if (dp->class != class) { + return EINVAL; + } else if (create) { + return EEXIST; } } + + *dpifp = create_dpif_netdev(dp); + return 0; } static void -dp_netdev_free(struct dp_netdev *dp) +dp_netdev_purge_queues(struct dp_netdev *dp) { int i; + for (i = 0; i < N_QUEUES; i++) { + struct dp_netdev_queue *q = &dp->queues[i]; + + while (q->tail != q->head) { + struct dpif_upcall *upcall = q->upcalls[q->tail++ & QUEUE_MASK]; + + ofpbuf_delete(upcall->packet); + free(upcall); + } + } +} + +static void +dp_netdev_free(struct dp_netdev *dp) +{ dp_netdev_flow_flush(dp); while (dp->n_ports > 0) { struct dp_netdev_port *port = CONTAINER_OF( dp->port_list.next, struct dp_netdev_port, node); do_del_port(dp, port->port_no); } - for (i = 0; i < N_QUEUES; i++) { - queue_destroy(&dp->queues[i]); - } + dp_netdev_purge_queues(dp); hmap_destroy(&dp->flow_table); - for (i = 0; i < N_GROUPS; i++) { - free(dp->groups[i].ports); - } - dp_netdevs[dp->dp_idx] = NULL; - list_remove(&dp->node); + free(dp->name); free(dp); } @@ -307,17 +282,18 @@ dpif_netdev_close(struct dpif *dpif) { struct dp_netdev *dp = get_dp_netdev(dpif); assert(dp->open_cnt > 0); - if (--dp->open_cnt == 0 && dp->deleted) { + if (--dp->open_cnt == 0 && dp->destroyed) { + shash_find_and_delete(&dp_netdevs, dp->name); dp_netdev_free(dp); } free(dpif); } static int -dpif_netdev_delete(struct dpif *dpif) +dpif_netdev_destroy(struct dpif *dpif) { struct dp_netdev *dp = get_dp_netdev(dpif); - dp->deleted = true; + dp->destroyed = true; return 0; } @@ -326,18 +302,10 @@ dpif_netdev_get_stats(const struct dpif *dpif, struct odp_stats *stats) { struct dp_netdev *dp = get_dp_netdev(dpif); memset(stats, 0, sizeof *stats); - stats->n_flows = hmap_count(&dp->flow_table); - stats->cur_capacity = hmap_capacity(&dp->flow_table); - stats->max_capacity = MAX_FLOWS; - stats->n_ports = dp->n_ports; - stats->max_ports = MAX_PORTS; - stats->max_groups = N_GROUPS; stats->n_frags = dp->n_frags; stats->n_hit = dp->n_hit; stats->n_missed = dp->n_missed; stats->n_lost = dp->n_lost; - stats->max_miss_queue = MAX_QUEUE_LEN; - stats->max_action_queue = MAX_QUEUE_LEN; return 0; } @@ -358,25 +326,37 @@ dpif_netdev_set_drop_frags(struct dpif *dpif, bool drop_frags) } static int -do_add_port(struct dp_netdev *dp, const char *devname, uint16_t flags, +do_add_port(struct dp_netdev *dp, const char *devname, const char *type, uint16_t port_no) { - bool internal = (flags & ODP_PORT_INTERNAL) != 0; struct dp_netdev_port *port; + struct netdev_options netdev_options; struct netdev *netdev; + bool internal; int mtu; int error; /* XXX reject devices already in some dp_netdev. */ + if (type[0] == '\0' || !strcmp(type, "system")) { + internal = false; + } else if (!strcmp(type, "internal")) { + internal = true; + } else { + VLOG_WARN("%s: unsupported port type %s", devname, type); + return EINVAL; + } /* Open and validate network device. */ - if (!internal) { - error = netdev_open(devname, NETDEV_ETH_TYPE_ANY, &netdev); - } else { - char *tapname = xasprintf("tap:%s", devname); - error = netdev_open(tapname, NETDEV_ETH_TYPE_ANY, &netdev); - free(tapname); + memset(&netdev_options, 0, sizeof netdev_options); + netdev_options.name = devname; + netdev_options.ethertype = NETDEV_ETH_TYPE_ANY; + if (dp->class == &dpif_dummy_class) { + netdev_options.type = "dummy"; + } else if (internal) { + netdev_options.type = "tap"; } + + error = netdev_open(&netdev_options, &netdev); if (error) { return error; } @@ -408,7 +388,7 @@ do_add_port(struct dp_netdev *dp, const char *devname, uint16_t flags, } static int -dpif_netdev_port_add(struct dpif *dpif, const char *devname, uint16_t flags, +dpif_netdev_port_add(struct dpif *dpif, struct netdev *netdev, uint16_t *port_nop) { struct dp_netdev *dp = get_dp_netdev(dpif); @@ -417,7 +397,8 @@ dpif_netdev_port_add(struct dpif *dpif, const char *devname, uint16_t flags, for (port_no = 0; port_no < MAX_PORTS; port_no++) { if (!dp->ports[port_no]) { *port_nop = port_no; - return do_add_port(dp, devname, flags, port_no); + return do_add_port(dp, netdev_get_name(netdev), + netdev_get_type(netdev), port_no); } } return EFBIG; @@ -455,7 +436,7 @@ get_port_by_name(struct dp_netdev *dp, { struct dp_netdev_port *port; - LIST_FOR_EACH (port, struct dp_netdev_port, node, &dp->port_list) { + LIST_FOR_EACH (port, node, &dp->port_list) { if (!strcmp(netdev_get_name(port->netdev), devname)) { *portp = port; return 0; @@ -468,6 +449,7 @@ static int do_del_port(struct dp_netdev *dp, uint16_t port_no) { struct dp_netdev_port *port; + char *name; int error; error = get_port_by_number(dp, port_no, &port); @@ -480,25 +462,27 @@ do_del_port(struct dp_netdev *dp, uint16_t port_no) dp->n_ports--; dp->serial++; + name = xstrdup(netdev_get_name(port->netdev)); netdev_close(port->netdev); + + free(name); free(port); return 0; } static void -answer_port_query(const struct dp_netdev_port *port, struct odp_port *odp_port) +answer_port_query(const struct dp_netdev_port *port, + struct dpif_port *dpif_port) { - memset(odp_port, 0, sizeof *odp_port); - ovs_strlcpy(odp_port->devname, netdev_get_name(port->netdev), - sizeof odp_port->devname); - odp_port->port = port->port_no; - odp_port->flags = port->internal ? ODP_PORT_INTERNAL : 0; + dpif_port->name = xstrdup(netdev_get_name(port->netdev)); + dpif_port->type = xstrdup(port->internal ? "internal" : "system"); + dpif_port->port_no = port->port_no; } static int dpif_netdev_port_query_by_number(const struct dpif *dpif, uint16_t port_no, - struct odp_port *odp_port) + struct dpif_port *dpif_port) { struct dp_netdev *dp = get_dp_netdev(dpif); struct dp_netdev_port *port; @@ -506,14 +490,14 @@ dpif_netdev_port_query_by_number(const struct dpif *dpif, uint16_t port_no, error = get_port_by_number(dp, port_no, &port); if (!error) { - answer_port_query(port, odp_port); + answer_port_query(port, dpif_port); } return error; } static int dpif_netdev_port_query_by_name(const struct dpif *dpif, const char *devname, - struct odp_port *odp_port) + struct dpif_port *dpif_port) { struct dp_netdev *dp = get_dp_netdev(dpif); struct dp_netdev_port *port; @@ -521,11 +505,17 @@ dpif_netdev_port_query_by_name(const struct dpif *dpif, const char *devname, error = get_port_by_name(dp, devname, &port); if (!error) { - answer_port_query(port, odp_port); + answer_port_query(port, dpif_port); } return error; } +static int +dpif_netdev_get_max_ports(const struct dpif *dpif OVS_UNUSED) +{ + return MAX_PORTS; +} + static void dp_netdev_free_flow(struct dp_netdev *dp, struct dp_netdev_flow *flow) { @@ -539,8 +529,7 @@ dp_netdev_flow_flush(struct dp_netdev *dp) { struct dp_netdev_flow *flow, *next; - HMAP_FOR_EACH_SAFE (flow, next, struct dp_netdev_flow, node, - &dp->flow_table) { + HMAP_FOR_EACH_SAFE (flow, next, node, &dp->flow_table) { dp_netdev_free_flow(dp, flow); } } @@ -553,27 +542,52 @@ dpif_netdev_flow_flush(struct dpif *dpif) return 0; } +struct dp_netdev_port_state { + uint32_t port_no; + char *name; +}; + static int -dpif_netdev_port_list(const struct dpif *dpif, struct odp_port *ports, int n) +dpif_netdev_port_dump_start(const struct dpif *dpif OVS_UNUSED, void **statep) { - struct dp_netdev *dp = get_dp_netdev(dpif); - struct dp_netdev_port *port; - int i; + *statep = xzalloc(sizeof(struct dp_netdev_port_state)); + return 0; +} - i = 0; - LIST_FOR_EACH (port, struct dp_netdev_port, node, &dp->port_list) { - struct odp_port *odp_port = &ports[i]; - if (i >= n) { - break; +static int +dpif_netdev_port_dump_next(const struct dpif *dpif, void *state_, + struct dpif_port *dpif_port) +{ + struct dp_netdev_port_state *state = state_; + struct dp_netdev *dp = get_dp_netdev(dpif); + uint32_t port_no; + + for (port_no = state->port_no; port_no < MAX_PORTS; port_no++) { + struct dp_netdev_port *port = dp->ports[port_no]; + if (port) { + free(state->name); + state->name = xstrdup(netdev_get_name(port->netdev)); + dpif_port->name = state->name; + dpif_port->type = port->internal ? "internal" : "system"; + dpif_port->port_no = port->port_no; + state->port_no = port_no + 1; + return 0; } - answer_port_query(port, odp_port); - i++; } - return dp->n_ports; + return EOF; } static int -dpif_netdev_port_poll(const struct dpif *dpif_, char **devnamep UNUSED) +dpif_netdev_port_dump_done(const struct dpif *dpif OVS_UNUSED, void *state_) +{ + struct dp_netdev_port_state *state = state_; + free(state->name); + free(state); + return 0; +} + +static int +dpif_netdev_port_poll(const struct dpif *dpif_, char **devnamep OVS_UNUSED) { struct dpif_netdev *dpif = dpif_netdev_cast(dpif_); if (dpif->dp_serial != dpif->dp->serial) { @@ -593,70 +607,12 @@ dpif_netdev_port_poll_wait(const struct dpif *dpif_) } } -static int -get_port_group(const struct dpif *dpif, int group_no, - struct odp_port_group **groupp) -{ - struct dp_netdev *dp = get_dp_netdev(dpif); - - if (group_no >= 0 && group_no < N_GROUPS) { - *groupp = &dp->groups[group_no]; - return 0; - } else { - *groupp = NULL; - return EINVAL; - } -} - -static int -dpif_netdev_port_group_get(const struct dpif *dpif, int group_no, - uint16_t ports[], int n) -{ - struct odp_port_group *group; - int error; - - if (n < 0) { - return -EINVAL; - } - - error = get_port_group(dpif, group_no, &group); - if (!error) { - memcpy(ports, group->ports, MIN(n, group->n_ports) * sizeof *ports); - return group->n_ports; - } else { - return -error; - } -} - -static int -dpif_netdev_port_group_set(struct dpif *dpif, int group_no, - const uint16_t ports[], int n) -{ - struct odp_port_group *group; - int error; - - if (n < 0 || n > MAX_PORTS) { - return EINVAL; - } - - error = get_port_group(dpif, group_no, &group); - if (!error) { - free(group->ports); - group->ports = xmemdup(ports, n * sizeof *group->ports); - group->n_ports = n; - group->group = group_no; - } - return error; -} - static struct dp_netdev_flow * -dp_netdev_lookup_flow(const struct dp_netdev *dp, const flow_t *key) +dp_netdev_lookup_flow(const struct dp_netdev *dp, const struct flow *key) { struct dp_netdev_flow *flow; - assert(key->reserved == 0); - HMAP_FOR_EACH_WITH_HASH (flow, struct dp_netdev_flow, node, - flow_hash(key, 0), &dp->flow_table) { + HMAP_FOR_EACH_WITH_HASH (flow, node, flow_hash(key, 0), &dp->flow_table) { if (flow_equal(&flow->key, key)) { return flow; } @@ -664,30 +620,60 @@ dp_netdev_lookup_flow(const struct dp_netdev *dp, const flow_t *key) return NULL; } +/* The caller must fill in odp_flow->key itself. */ static void -answer_flow_query(const struct dp_netdev_flow *flow, +answer_flow_query(struct dp_netdev_flow *flow, uint32_t query_flags, struct odp_flow *odp_flow) { if (flow) { - odp_flow->key = flow->key; odp_flow->stats.n_packets = flow->packet_count; odp_flow->stats.n_bytes = flow->byte_count; odp_flow->stats.used_sec = flow->used.tv_sec; - odp_flow->stats.used_nsec = flow->used.tv_usec * 1000; + odp_flow->stats.used_nsec = flow->used.tv_nsec; odp_flow->stats.tcp_flags = TCP_FLAGS(flow->tcp_ctl); - odp_flow->stats.ip_tos = flow->ip_tos; + odp_flow->stats.reserved = 0; odp_flow->stats.error = 0; - if (odp_flow->n_actions > 0) { - unsigned int n = MIN(odp_flow->n_actions, flow->n_actions); + if (odp_flow->actions_len > 0) { memcpy(odp_flow->actions, flow->actions, - n * sizeof *odp_flow->actions); - odp_flow->n_actions = flow->n_actions; + MIN(odp_flow->actions_len, flow->actions_len)); + odp_flow->actions_len = flow->actions_len; + } + + if (query_flags & ODPFF_ZERO_TCP_FLAGS) { + flow->tcp_ctl = 0; } + } else { odp_flow->stats.error = ENOENT; } } +static int +dpif_netdev_flow_from_nlattrs(const struct nlattr *key, uint32_t key_len, + struct flow *flow) +{ + if (odp_flow_key_to_flow(key, key_len, flow)) { + /* This should not happen: it indicates that odp_flow_key_from_flow() + * and odp_flow_key_to_flow() disagree on the acceptable form of a + * flow. Log the problem as an error, with enough details to enable + * debugging. */ + static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); + + if (!VLOG_DROP_ERR(&rl)) { + struct ds s; + + ds_init(&s); + odp_flow_key_format(key, key_len, &s); + VLOG_ERR("internal error parsing flow key %s", ds_cstr(&s)); + ds_destroy(&s); + } + + return EINVAL; + } + + return 0; +} + static int dpif_netdev_flow_get(const struct dpif *dpif, struct odp_flow flows[], int n) { @@ -696,50 +682,61 @@ dpif_netdev_flow_get(const struct dpif *dpif, struct odp_flow flows[], int n) for (i = 0; i < n; i++) { struct odp_flow *odp_flow = &flows[i]; - answer_flow_query(dp_netdev_lookup_flow(dp, &odp_flow->key), odp_flow); + struct flow key; + int error; + + error = dpif_netdev_flow_from_nlattrs(odp_flow->key, odp_flow->key_len, + &key); + if (error) { + return error; + } + + answer_flow_query(dp_netdev_lookup_flow(dp, &key), + odp_flow->flags, odp_flow); } return 0; } static int -dpif_netdev_validate_actions(const union odp_action *actions, int n_actions, - bool *mutates) +dpif_netdev_validate_actions(const struct nlattr *actions, + size_t actions_len, bool *mutates) { - unsigned int i; + const struct nlattr *a; + unsigned int left; *mutates = false; - for (i = 0; i < n_actions; i++) { - const union odp_action *a = &actions[i]; - switch (a->type) { - case ODPAT_OUTPUT: - if (a->output.port >= MAX_PORTS) { - return EINVAL; - } - break; + NL_ATTR_FOR_EACH (a, left, actions, actions_len) { + uint16_t type = nl_attr_type(a); + int len = odp_action_len(type); - case ODPAT_OUTPUT_GROUP: - *mutates = true; - if (a->output_group.group >= N_GROUPS) { - return EINVAL; + if (len != nl_attr_get_size(a)) { + return EINVAL; + } + + switch (type) { + case ODPAT_OUTPUT: + if (nl_attr_get_u32(a) >= MAX_PORTS) { + return EINVAL; } - break; + break; case ODPAT_CONTROLLER: + case ODPAT_DROP_SPOOFED_ARP: break; - case ODPAT_SET_VLAN_VID: + case ODPAT_SET_DL_TCI: *mutates = true; - if (a->vlan_vid.vlan_vid & htons(~VLAN_VID_MASK)) { - return EINVAL; + if (nl_attr_get_be16(a) & htons(VLAN_CFI)) { + return EINVAL; } - break; + break; - case ODPAT_SET_VLAN_PCP: + case ODPAT_SET_NW_TOS: *mutates = true; - if (a->vlan_pcp.vlan_pcp & ~VLAN_PCP_MASK) { - return EINVAL; + if (nl_attr_get_u8(a) & IP_ECN_MASK) { + return EINVAL; } - break; + break; case ODPAT_STRIP_VLAN: case ODPAT_SET_DL_SRC: @@ -751,46 +748,43 @@ dpif_netdev_validate_actions(const union odp_action *actions, int n_actions, *mutates = true; break; - default: + case ODPAT_SET_TUNNEL: + case ODPAT_SET_PRIORITY: + case ODPAT_POP_PRIORITY: + default: return EOPNOTSUPP; - } - } - return 0; + } + } + return 0; } static int set_flow_actions(struct dp_netdev_flow *flow, struct odp_flow *odp_flow) { - size_t n_bytes; bool mutates; int error; - if (odp_flow->n_actions >= 4096 / sizeof *odp_flow->actions) { - return EINVAL; - } error = dpif_netdev_validate_actions(odp_flow->actions, - odp_flow->n_actions, &mutates); + odp_flow->actions_len, &mutates); if (error) { return error; } - n_bytes = odp_flow->n_actions * sizeof *flow->actions; - flow->actions = xrealloc(flow->actions, n_bytes); - flow->n_actions = odp_flow->n_actions; - memcpy(flow->actions, odp_flow->actions, n_bytes); + flow->actions = xrealloc(flow->actions, odp_flow->actions_len); + flow->actions_len = odp_flow->actions_len; + memcpy(flow->actions, odp_flow->actions, odp_flow->actions_len); return 0; } static int -add_flow(struct dpif *dpif, struct odp_flow *odp_flow) +add_flow(struct dpif *dpif, const struct flow *key, struct odp_flow *odp_flow) { struct dp_netdev *dp = get_dp_netdev(dpif); struct dp_netdev_flow *flow; int error; - flow = xcalloc(1, sizeof *flow); - flow->key = odp_flow->key; - flow->key.reserved = 0; + flow = xzalloc(sizeof *flow); + flow->key = *key; error = set_flow_actions(flow, odp_flow); if (error) { @@ -806,10 +800,9 @@ static void clear_stats(struct dp_netdev_flow *flow) { flow->used.tv_sec = 0; - flow->used.tv_usec = 0; + flow->used.tv_nsec = 0; flow->packet_count = 0; flow->byte_count = 0; - flow->ip_tos = 0; flow->tcp_ctl = 0; } @@ -818,12 +811,20 @@ dpif_netdev_flow_put(struct dpif *dpif, struct odp_flow_put *put) { struct dp_netdev *dp = get_dp_netdev(dpif); struct dp_netdev_flow *flow; + struct flow key; + int error; + + error = dpif_netdev_flow_from_nlattrs(put->flow.key, put->flow.key_len, + &key); + if (error) { + return error; + } - flow = dp_netdev_lookup_flow(dp, &put->flow.key); + flow = dp_netdev_lookup_flow(dp, &key); if (!flow) { if (put->flags & ODPPF_CREATE) { if (hmap_count(&dp->flow_table) < MAX_FLOWS) { - return add_flow(dpif, &put->flow); + return add_flow(dpif, &key, &put->flow); } else { return EFBIG; } @@ -849,10 +850,18 @@ dpif_netdev_flow_del(struct dpif *dpif, struct odp_flow *odp_flow) { struct dp_netdev *dp = get_dp_netdev(dpif); struct dp_netdev_flow *flow; + struct flow key; + int error; - flow = dp_netdev_lookup_flow(dp, &odp_flow->key); + error = dpif_netdev_flow_from_nlattrs(odp_flow->key, odp_flow->key_len, + &key); + if (error) { + return error; + } + + flow = dp_netdev_lookup_flow(dp, &key); if (flow) { - answer_flow_query(flow, odp_flow); + answer_flow_query(flow, 0, odp_flow); dp_netdev_free_flow(dp, flow); return 0; } else { @@ -860,39 +869,68 @@ dpif_netdev_flow_del(struct dpif *dpif, struct odp_flow *odp_flow) } } +struct dp_netdev_flow_state { + uint32_t bucket; + uint32_t offset; +}; + +static int +dpif_netdev_flow_dump_start(const struct dpif *dpif OVS_UNUSED, void **statep) +{ + *statep = xzalloc(sizeof(struct dp_netdev_flow_state)); + return 0; +} + static int -dpif_netdev_flow_list(const struct dpif *dpif, struct odp_flow flows[], int n) +dpif_netdev_flow_dump_next(const struct dpif *dpif, void *state_, + struct odp_flow *odp_flow) { + struct dp_netdev_flow_state *state = state_; struct dp_netdev *dp = get_dp_netdev(dpif); struct dp_netdev_flow *flow; - int i; + struct hmap_node *node; + struct ofpbuf key; - i = 0; - HMAP_FOR_EACH (flow, struct dp_netdev_flow, node, &dp->flow_table) { - if (i >= n) { - break; - } - answer_flow_query(flow, &flows[i++]); + node = hmap_at_position(&dp->flow_table, &state->bucket, &state->offset); + if (!node) { + return EOF; } - return hmap_count(&dp->flow_table); + + flow = CONTAINER_OF(node, struct dp_netdev_flow, node); + + ofpbuf_use_stack(&key, odp_flow->key, odp_flow->key_len); + odp_flow_key_from_flow(&key, &flow->key); + odp_flow->key_len = key.size; + ofpbuf_uninit(&key); + + answer_flow_query(flow, 0, odp_flow); + + return 0; +} + +static int +dpif_netdev_flow_dump_done(const struct dpif *dpif OVS_UNUSED, void *state) +{ + free(state); + return 0; } static int -dpif_netdev_execute(struct dpif *dpif, uint16_t in_port, - const union odp_action actions[], int n_actions, +dpif_netdev_execute(struct dpif *dpif, + const struct nlattr *actions, size_t actions_len, const struct ofpbuf *packet) { struct dp_netdev *dp = get_dp_netdev(dpif); struct ofpbuf copy; bool mutates; - flow_t flow; + struct flow key; int error; if (packet->size < ETH_HEADER_LEN || packet->size > UINT16_MAX) { return EINVAL; } - error = dpif_netdev_validate_actions(actions, n_actions, &mutates); + error = dpif_netdev_validate_actions(actions, actions_len, &mutates); if (error) { return error; } @@ -901,7 +939,7 @@ dpif_netdev_execute(struct dpif *dpif, uint16_t in_port, /* We need a deep copy of 'packet' since we're going to modify its * data. */ ofpbuf_init(©, DP_NETDEV_HEADROOM + packet->size); - copy.data = (char*)copy.base + DP_NETDEV_HEADROOM; + ofpbuf_reserve(©, DP_NETDEV_HEADROOM); ofpbuf_put(©, packet->data, packet->size); } else { /* We still need a shallow copy of 'packet', even though we won't @@ -910,8 +948,8 @@ dpif_netdev_execute(struct dpif *dpif, uint16_t in_port, * if we don't. */ copy = *packet; } - flow_extract(©, in_port, &flow); - error = dp_netdev_execute_actions(dp, ©, &flow, actions, n_actions); + flow_extract(©, 0, -1, &key); + error = dp_netdev_execute_actions(dp, ©, &key, actions, actions_len); if (mutates) { ofpbuf_uninit(©); } @@ -938,7 +976,7 @@ dpif_netdev_recv_set_mask(struct dpif *dpif, int listen_mask) } } -static struct ovs_queue * +static struct dp_netdev_queue * find_nonempty_queue(struct dpif *dpif) { struct dpif_netdev *dpif_netdev = dpif_netdev_cast(dpif); @@ -947,8 +985,8 @@ find_nonempty_queue(struct dpif *dpif) int i; for (i = 0; i < N_QUEUES; i++) { - struct ovs_queue *q = &dp->queues[i]; - if (q->n && mask & (1u << i)) { + struct dp_netdev_queue *q = &dp->queues[i]; + if (q->head != q->tail && mask & (1u << i)) { return q; } } @@ -956,11 +994,14 @@ find_nonempty_queue(struct dpif *dpif) } static int -dpif_netdev_recv(struct dpif *dpif, struct ofpbuf **bufp) +dpif_netdev_recv(struct dpif *dpif, struct dpif_upcall *upcall) { - struct ovs_queue *q = find_nonempty_queue(dpif); + struct dp_netdev_queue *q = find_nonempty_queue(dpif); if (q) { - *bufp = queue_pop_head(q); + struct dpif_upcall *u = q->upcalls[q->tail++ & QUEUE_MASK]; + *upcall = *u; + free(u); + return 0; } else { return EAGAIN; @@ -970,30 +1011,31 @@ dpif_netdev_recv(struct dpif *dpif, struct ofpbuf **bufp) static void dpif_netdev_recv_wait(struct dpif *dpif) { - struct ovs_queue *q = find_nonempty_queue(dpif); - if (q) { + if (find_nonempty_queue(dpif)) { poll_immediate_wake(); } else { /* No messages ready to be received, and dp_wait() will ensure that we * wake up to queue new messages, so there is nothing to do. */ } } + +static void +dpif_netdev_recv_purge(struct dpif *dpif) +{ + struct dpif_netdev *dpif_netdev = dpif_netdev_cast(dpif); + dp_netdev_purge_queues(dpif_netdev->dp); +} static void -dp_netdev_flow_used(struct dp_netdev_flow *flow, const flow_t *key, +dp_netdev_flow_used(struct dp_netdev_flow *flow, struct flow *key, const struct ofpbuf *packet) { - time_timeval(&flow->used); + time_timespec(&flow->used); flow->packet_count++; flow->byte_count += packet->size; - if (key->dl_type == htons(ETH_TYPE_IP)) { - struct ip_header *nh = packet->l3; - flow->ip_tos = nh->ip_tos; - - if (key->nw_proto == IPPROTO_TCP) { - struct tcp_header *th = packet->l4; - flow->tcp_ctl |= th->tcp_ctl; - } + if (key->dl_type == htons(ETH_TYPE_IP) && key->nw_proto == IPPROTO_TCP) { + struct tcp_header *th = packet->l4; + flow->tcp_ctl |= th->tcp_ctl; } } @@ -1002,9 +1044,12 @@ dp_netdev_port_input(struct dp_netdev *dp, struct dp_netdev_port *port, struct ofpbuf *packet) { struct dp_netdev_flow *flow; - flow_t key; + struct flow key; - if (flow_extract(packet, port->port_no, &key) && dp->drop_frags) { + if (packet->size < ETH_HEADER_LEN) { + return; + } + if (flow_extract(packet, 0, port->port_no, &key) && dp->drop_frags) { dp->n_frags++; return; } @@ -1013,36 +1058,37 @@ dp_netdev_port_input(struct dp_netdev *dp, struct dp_netdev_port *port, if (flow) { dp_netdev_flow_used(flow, &key, packet); dp_netdev_execute_actions(dp, packet, &key, - flow->actions, flow->n_actions); + flow->actions, flow->actions_len); dp->n_hit++; } else { dp->n_missed++; - dp_netdev_output_control(dp, packet, _ODPL_MISS_NR, port->port_no, 0); + dp_netdev_output_control(dp, packet, _ODPL_MISS_NR, &key, 0); } } static void dp_netdev_run(void) { + struct shash_node *node; struct ofpbuf packet; - struct dp_netdev *dp; - ofpbuf_init(&packet, DP_NETDEV_HEADROOM + max_mtu); - LIST_FOR_EACH (dp, struct dp_netdev, node, &dp_netdev_list) { + ofpbuf_init(&packet, DP_NETDEV_HEADROOM + VLAN_ETH_HEADER_LEN + max_mtu); + SHASH_FOR_EACH (node, &dp_netdevs) { + struct dp_netdev *dp = node->data; struct dp_netdev_port *port; - LIST_FOR_EACH (port, struct dp_netdev_port, node, &dp->port_list) { + LIST_FOR_EACH (port, node, &dp->port_list) { int error; /* Reset packet contents. */ - packet.data = (char*)packet.base + DP_NETDEV_HEADROOM; - packet.size = 0; + ofpbuf_clear(&packet); + ofpbuf_reserve(&packet, DP_NETDEV_HEADROOM); error = netdev_recv(port->netdev, &packet); if (!error) { dp_netdev_port_input(dp, port, &packet); - } else if (error != EAGAIN) { - struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); + } else if (error != EAGAIN && error != EOPNOTSUPP) { + static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); VLOG_ERR_RL(&rl, "error receiving data from %s: %s", netdev_get_name(port->netdev), strerror(error)); } @@ -1054,123 +1100,153 @@ dp_netdev_run(void) static void dp_netdev_wait(void) { - struct dp_netdev *dp; + struct shash_node *node; - LIST_FOR_EACH (dp, struct dp_netdev, node, &dp_netdev_list) { + SHASH_FOR_EACH (node, &dp_netdevs) { + struct dp_netdev *dp = node->data; struct dp_netdev_port *port; - LIST_FOR_EACH (port, struct dp_netdev_port, node, &dp->port_list) { + + LIST_FOR_EACH (port, node, &dp->port_list) { netdev_recv_wait(port->netdev); } } } + +/* Modify the TCI field of 'packet'. If a VLAN tag is present, its TCI field + * is replaced by 'tci'. If a VLAN tag is not present, one is added with the + * TCI field set to 'tci'. + */ static void -dp_netdev_modify_vlan_tci(struct ofpbuf *packet, flow_t *key, - uint16_t tci, uint16_t mask) +dp_netdev_set_dl_tci(struct ofpbuf *packet, uint16_t tci) { struct vlan_eth_header *veh; + struct eth_header *eh; - if (key->dl_vlan != htons(ODP_VLAN_NONE)) { - /* Modify 'mask' bits, but maintain other TCI bits. */ + eh = packet->l2; + if (packet->size >= sizeof(struct vlan_eth_header) + && eh->eth_type == htons(ETH_TYPE_VLAN)) { veh = packet->l2; - veh->veth_tci &= ~htons(mask); - veh->veth_tci |= htons(tci); + veh->veth_tci = tci; } else { /* Insert new 802.1Q header. */ - struct eth_header *eh = packet->l2; struct vlan_eth_header tmp; memcpy(tmp.veth_dst, eh->eth_dst, ETH_ADDR_LEN); memcpy(tmp.veth_src, eh->eth_src, ETH_ADDR_LEN); tmp.veth_type = htons(ETH_TYPE_VLAN); - tmp.veth_tci = htons(tci); + tmp.veth_tci = tci; tmp.veth_next_type = eh->eth_type; veh = ofpbuf_push_uninit(packet, VLAN_HEADER_LEN); memcpy(veh, &tmp, sizeof tmp); packet->l2 = (char*)packet->l2 - VLAN_HEADER_LEN; } - - key->dl_vlan = veh->veth_tci & htons(VLAN_VID_MASK); } static void -dp_netdev_strip_vlan(struct ofpbuf *packet, flow_t *key) +dp_netdev_strip_vlan(struct ofpbuf *packet) { struct vlan_eth_header *veh = packet->l2; - if (veh->veth_type == htons(ETH_TYPE_VLAN)) { + if (packet->size >= sizeof *veh + && veh->veth_type == htons(ETH_TYPE_VLAN)) { struct eth_header tmp; memcpy(tmp.eth_dst, veh->veth_dst, ETH_ADDR_LEN); memcpy(tmp.eth_src, veh->veth_src, ETH_ADDR_LEN); tmp.eth_type = veh->veth_next_type; - packet->size -= VLAN_HEADER_LEN; - packet->data = (char*)packet->data + VLAN_HEADER_LEN; + ofpbuf_pull(packet, VLAN_HEADER_LEN); packet->l2 = (char*)packet->l2 + VLAN_HEADER_LEN; memcpy(packet->data, &tmp, sizeof tmp); - - key->dl_vlan = htons(ODP_VLAN_NONE); } } static void -dp_netdev_set_dl_src(struct ofpbuf *packet, - const uint8_t dl_addr[ETH_ADDR_LEN]) +dp_netdev_set_dl_src(struct ofpbuf *packet, const uint8_t dl_addr[ETH_ADDR_LEN]) { struct eth_header *eh = packet->l2; memcpy(eh->eth_src, dl_addr, sizeof eh->eth_src); } static void -dp_netdev_set_dl_dst(struct ofpbuf *packet, - const uint8_t dl_addr[ETH_ADDR_LEN]) +dp_netdev_set_dl_dst(struct ofpbuf *packet, const uint8_t dl_addr[ETH_ADDR_LEN]) { struct eth_header *eh = packet->l2; memcpy(eh->eth_dst, dl_addr, sizeof eh->eth_dst); } +static bool +is_ip(const struct ofpbuf *packet, const struct flow *key) +{ + return key->dl_type == htons(ETH_TYPE_IP) && packet->l4; +} + static void -dp_netdev_set_nw_addr(struct ofpbuf *packet, flow_t *key, - const struct odp_action_nw_addr *a) +dp_netdev_set_nw_addr(struct ofpbuf *packet, const struct flow *key, + const struct nlattr *a) { - if (key->dl_type == htons(ETH_TYPE_IP)) { + if (is_ip(packet, key)) { struct ip_header *nh = packet->l3; + ovs_be32 ip = nl_attr_get_be32(a); + uint16_t type = nl_attr_type(a); uint32_t *field; - field = a->type == ODPAT_SET_NW_SRC ? &nh->ip_src : &nh->ip_dst; - if (key->nw_proto == IP_TYPE_TCP) { + field = type == ODPAT_SET_NW_SRC ? &nh->ip_src : &nh->ip_dst; + if (key->nw_proto == IP_TYPE_TCP && packet->l7) { struct tcp_header *th = packet->l4; - th->tcp_csum = recalc_csum32(th->tcp_csum, *field, a->nw_addr); - } else if (key->nw_proto == IP_TYPE_UDP) { + th->tcp_csum = recalc_csum32(th->tcp_csum, *field, ip); + } else if (key->nw_proto == IP_TYPE_UDP && packet->l7) { struct udp_header *uh = packet->l4; if (uh->udp_csum) { - uh->udp_csum = recalc_csum32(uh->udp_csum, *field, a->nw_addr); + uh->udp_csum = recalc_csum32(uh->udp_csum, *field, ip); if (!uh->udp_csum) { uh->udp_csum = 0xffff; } } } - nh->ip_csum = recalc_csum32(nh->ip_csum, *field, a->nw_addr); - *field = a->nw_addr; + nh->ip_csum = recalc_csum32(nh->ip_csum, *field, ip); + *field = ip; } } static void -dp_netdev_set_tp_port(struct ofpbuf *packet, flow_t *key, - const struct odp_action_tp_port *a) +dp_netdev_set_nw_tos(struct ofpbuf *packet, const struct flow *key, + uint8_t nw_tos) { - if (key->dl_type == htons(ETH_TYPE_IP)) { + if (is_ip(packet, key)) { + struct ip_header *nh = packet->l3; + uint8_t *field = &nh->ip_tos; + + /* Set the DSCP bits and preserve the ECN bits. */ + uint8_t new = nw_tos | (nh->ip_tos & IP_ECN_MASK); + + nh->ip_csum = recalc_csum16(nh->ip_csum, htons((uint16_t)*field), + htons((uint16_t) new)); + *field = new; + } +} + +static void +dp_netdev_set_tp_port(struct ofpbuf *packet, const struct flow *key, + const struct nlattr *a) +{ + if (is_ip(packet, key)) { + uint16_t type = nl_attr_type(a); + ovs_be16 port = nl_attr_get_be16(a); uint16_t *field; - if (key->nw_proto == IPPROTO_TCP) { + + if (key->nw_proto == IPPROTO_TCP && packet->l7) { struct tcp_header *th = packet->l4; - field = a->type == ODPAT_SET_TP_SRC ? &th->tcp_src : &th->tcp_dst; - th->tcp_csum = recalc_csum16(th->tcp_csum, *field, a->tp_port); - *field = a->tp_port; - } else if (key->nw_proto == IPPROTO_UDP) { + field = type == ODPAT_SET_TP_SRC ? &th->tcp_src : &th->tcp_dst; + th->tcp_csum = recalc_csum16(th->tcp_csum, *field, port); + *field = port; + } else if (key->nw_proto == IPPROTO_UDP && packet->l7) { struct udp_header *uh = packet->l4; - field = a->type == ODPAT_SET_TP_SRC ? &uh->udp_src : &uh->udp_dst; - uh->udp_csum = recalc_csum16(uh->udp_csum, *field, a->tp_port); - *field = a->tp_port; + field = type == ODPAT_SET_TP_SRC ? &uh->udp_src : &uh->udp_dst; + uh->udp_csum = recalc_csum16(uh->udp_csum, *field, port); + *field = port; + } else { + return; } } } @@ -1179,116 +1255,133 @@ static void dp_netdev_output_port(struct dp_netdev *dp, struct ofpbuf *packet, uint16_t out_port) { - struct dp_netdev_port *p = dp->ports[out_port]; + struct dp_netdev_port *p = dp->ports[out_port]; if (p) { netdev_send(p->netdev, packet); } } -static void -dp_netdev_output_group(struct dp_netdev *dp, uint16_t group, uint16_t in_port, - struct ofpbuf *packet) -{ - struct odp_port_group *g = &dp->groups[group]; - int i; - - for (i = 0; i < g->n_ports; i++) { - uint16_t out_port = g->ports[i]; - if (out_port != in_port) { - dp_netdev_output_port(dp, packet, out_port); - } - } -} - static int dp_netdev_output_control(struct dp_netdev *dp, const struct ofpbuf *packet, - int queue_no, int port_no, uint32_t arg) + int queue_no, const struct flow *flow, uint64_t arg) { - struct ovs_queue *q = &dp->queues[queue_no]; - struct odp_msg *header; - struct ofpbuf *msg; - size_t msg_size; + struct dp_netdev_queue *q = &dp->queues[queue_no]; + struct dpif_upcall *upcall; + struct ofpbuf *buf; + size_t key_len; - if (q->n >= MAX_QUEUE_LEN) { + if (q->head - q->tail >= MAX_QUEUE_LEN) { dp->n_lost++; return ENOBUFS; } - msg_size = sizeof *header + packet->size; - msg = ofpbuf_new(msg_size); - header = ofpbuf_put_uninit(msg, sizeof *header); - header->type = queue_no; - header->length = msg_size; - header->port = port_no; - header->arg = arg; - ofpbuf_put(msg, packet->data, packet->size); - queue_push_tail(q, msg); + buf = ofpbuf_new(ODPUTIL_FLOW_KEY_BYTES + 2 + packet->size); + odp_flow_key_from_flow(buf, flow); + key_len = buf->size; + ofpbuf_pull(buf, key_len); + ofpbuf_reserve(buf, 2); + ofpbuf_put(buf, packet->data, packet->size); + + upcall = xzalloc(sizeof *upcall); + upcall->type = queue_no; + upcall->packet = buf; + upcall->key = buf->base; + upcall->key_len = key_len; + upcall->userdata = arg; + + q->upcalls[++q->head & QUEUE_MASK] = upcall; return 0; } +/* Returns true if 'packet' is an invalid Ethernet+IPv4 ARP packet: one with + * screwy or truncated header fields or one whose inner and outer Ethernet + * address differ. */ +static bool +dp_netdev_is_spoofed_arp(struct ofpbuf *packet, const struct flow *key) +{ + struct arp_eth_header *arp; + struct eth_header *eth; + ptrdiff_t l3_size; + + if (key->dl_type != htons(ETH_TYPE_ARP)) { + return false; + } + + l3_size = (char *) ofpbuf_end(packet) - (char *) packet->l3; + if (l3_size < sizeof(struct arp_eth_header)) { + return true; + } + + eth = packet->l2; + arp = packet->l3; + return (arp->ar_hrd != htons(ARP_HRD_ETHERNET) + || arp->ar_pro != htons(ARP_PRO_IP) + || arp->ar_hln != ETH_HEADER_LEN + || arp->ar_pln != 4 + || !eth_addr_equals(arp->ar_sha, eth->eth_src)); +} + static int dp_netdev_execute_actions(struct dp_netdev *dp, - struct ofpbuf *packet, flow_t *key, - const union odp_action *actions, int n_actions) + struct ofpbuf *packet, struct flow *key, + const struct nlattr *actions, + size_t actions_len) { - int i; - for (i = 0; i < n_actions; i++) { - const union odp_action *a = &actions[i]; - - switch (a->type) { - case ODPAT_OUTPUT: - dp_netdev_output_port(dp, packet, a->output.port); - break; + const struct nlattr *a; + unsigned int left; - case ODPAT_OUTPUT_GROUP: - dp_netdev_output_group(dp, a->output_group.group, key->in_port, - packet); - break; + NL_ATTR_FOR_EACH_UNSAFE (a, left, actions, actions_len) { + switch (nl_attr_type(a)) { + case ODPAT_OUTPUT: + dp_netdev_output_port(dp, packet, nl_attr_get_u32(a)); + break; - case ODPAT_CONTROLLER: + case ODPAT_CONTROLLER: dp_netdev_output_control(dp, packet, _ODPL_ACTION_NR, - key->in_port, a->controller.arg); - break; + key, nl_attr_get_u64(a)); + break; + + case ODPAT_SET_DL_TCI: + dp_netdev_set_dl_tci(packet, nl_attr_get_be16(a)); + break; + + case ODPAT_STRIP_VLAN: + dp_netdev_strip_vlan(packet); + break; + + case ODPAT_SET_DL_SRC: + dp_netdev_set_dl_src(packet, nl_attr_get_unspec(a, ETH_ADDR_LEN)); + break; + + case ODPAT_SET_DL_DST: + dp_netdev_set_dl_dst(packet, nl_attr_get_unspec(a, ETH_ADDR_LEN)); + break; + + case ODPAT_SET_NW_SRC: + case ODPAT_SET_NW_DST: + dp_netdev_set_nw_addr(packet, key, a); + break; - case ODPAT_SET_VLAN_VID: - dp_netdev_modify_vlan_tci(packet, key, ntohs(a->vlan_vid.vlan_vid), - VLAN_VID_MASK); + case ODPAT_SET_NW_TOS: + dp_netdev_set_nw_tos(packet, key, nl_attr_get_u8(a)); break; - case ODPAT_SET_VLAN_PCP: - dp_netdev_modify_vlan_tci(packet, key, a->vlan_pcp.vlan_pcp << 13, - VLAN_PCP_MASK); + case ODPAT_SET_TP_SRC: + case ODPAT_SET_TP_DST: + dp_netdev_set_tp_port(packet, key, a); break; - case ODPAT_STRIP_VLAN: - dp_netdev_strip_vlan(packet, key); - break; - - case ODPAT_SET_DL_SRC: - dp_netdev_set_dl_src(packet, a->dl_addr.dl_addr); - break; - - case ODPAT_SET_DL_DST: - dp_netdev_set_dl_dst(packet, a->dl_addr.dl_addr); - break; - - case ODPAT_SET_NW_SRC: - case ODPAT_SET_NW_DST: - dp_netdev_set_nw_addr(packet, key, &a->nw_addr); - break; - - case ODPAT_SET_TP_SRC: - case ODPAT_SET_TP_DST: - dp_netdev_set_tp_port(packet, key, &a->tp_port); - break; - } - } + case ODPAT_DROP_SPOOFED_ARP: + if (dp_netdev_is_spoofed_arp(packet, key)) { + return 0; + } + } + } return 0; } const struct dpif_class dpif_netdev_class = { - "netdev", "netdev", dp_netdev_run, dp_netdev_wait, @@ -1296,7 +1389,7 @@ const struct dpif_class dpif_netdev_class = { dpif_netdev_open, dpif_netdev_close, NULL, /* get_all_names */ - dpif_netdev_delete, + dpif_netdev_destroy, dpif_netdev_get_stats, dpif_netdev_get_drop_frags, dpif_netdev_set_drop_frags, @@ -1304,19 +1397,36 @@ const struct dpif_class dpif_netdev_class = { dpif_netdev_port_del, dpif_netdev_port_query_by_number, dpif_netdev_port_query_by_name, - dpif_netdev_port_list, + dpif_netdev_get_max_ports, + dpif_netdev_port_dump_start, + dpif_netdev_port_dump_next, + dpif_netdev_port_dump_done, dpif_netdev_port_poll, dpif_netdev_port_poll_wait, - dpif_netdev_port_group_get, - dpif_netdev_port_group_set, dpif_netdev_flow_get, dpif_netdev_flow_put, dpif_netdev_flow_del, dpif_netdev_flow_flush, - dpif_netdev_flow_list, + dpif_netdev_flow_dump_start, + dpif_netdev_flow_dump_next, + dpif_netdev_flow_dump_done, dpif_netdev_execute, dpif_netdev_recv_get_mask, dpif_netdev_recv_set_mask, + NULL, /* get_sflow_probability */ + NULL, /* set_sflow_probability */ + NULL, /* queue_to_priority */ dpif_netdev_recv, dpif_netdev_recv_wait, + dpif_netdev_recv_purge, }; + +void +dpif_dummy_register(void) +{ + if (!dpif_dummy_class.type) { + dpif_dummy_class = dpif_netdev_class; + dpif_dummy_class.type = "dummy"; + dp_register_provider(&dpif_dummy_class); + } +}