X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=lib%2Fnetdev-vport.c;h=cf717cc7bcbfc4620086739709f189abe40d8fa5;hb=a4e47607974ee30782d7d8085a2c12a91971177e;hp=1ef9114c7e3ab27206030fc26236e398270fb27d;hpb=2b9d65898426b2e15d05dc6a9ffdbcb92933398f;p=sliver-openvswitch.git diff --git a/lib/netdev-vport.c b/lib/netdev-vport.c index 1ef9114c7..cf717cc7b 100644 --- a/lib/netdev-vport.c +++ b/lib/netdev-vport.c @@ -20,19 +20,49 @@ #include #include +#include +#include #include #include +#include "byte-order.h" +#include "hash.h" +#include "hmap.h" #include "list.h" #include "netdev-provider.h" +#include "netlink.h" +#include "netlink-socket.h" +#include "ofpbuf.h" #include "openvswitch/datapath-protocol.h" #include "openvswitch/tunnel.h" #include "packets.h" +#include "rtnetlink.h" +#include "rtnetlink-route.h" +#include "rtnetlink-link.h" #include "shash.h" #include "socket-util.h" #include "vlog.h" -VLOG_DEFINE_THIS_MODULE(netdev_vport) +VLOG_DEFINE_THIS_MODULE(netdev_vport); + +static struct hmap name_map; +static struct hmap route_map; +static struct rtnetlink_notifier netdev_vport_link_notifier; +static struct rtnetlink_notifier netdev_vport_route_notifier; + +struct route_node { + struct hmap_node node; /* Node in route_map. */ + int rta_oif; /* Egress interface index. */ + uint32_t rta_dst; /* Destination address in host byte order. */ + unsigned char rtm_dst_len; /* Destination address length. */ +}; + +struct name_node { + struct hmap_node node; /* Node in name_map. */ + uint32_t ifi_index; /* Kernel interface index. */ + + char ifname[IFNAMSIZ]; /* Interface name. */ +}; struct netdev_vport_notifier { struct netdev_notifier notifier; @@ -42,21 +72,17 @@ struct netdev_vport_notifier { struct netdev_dev_vport { struct netdev_dev netdev_dev; + uint64_t config[VPORT_CONFIG_SIZE / 8]; }; struct netdev_vport { struct netdev netdev; }; -struct vport_info { - const char *devname; - const char *type; - void *config; -}; - struct vport_class { - const struct netdev_class netdev_class; - int (*parse_config)(struct vport_info *port, const struct shash *args); + struct netdev_class netdev_class; + int (*parse_config)(const struct netdev_dev *, const struct shash *args, + void *config); }; static struct shash netdev_vport_notifiers = @@ -69,6 +95,13 @@ static int netdev_vport_create(const struct netdev_class *, const char *, const struct shash *, struct netdev_dev **); static void netdev_vport_poll_notify(const struct netdev *); +static void netdev_vport_tnl_iface_init(void); +static void netdev_vport_route_change(const struct rtnetlink_route_change *, + void *); +static void netdev_vport_link_change(const struct rtnetlink_link_change *, + void *); +static const char *netdev_vport_get_tnl_iface(const struct netdev *netdev); + static bool is_vport_class(const struct netdev_class *class) { @@ -97,71 +130,46 @@ netdev_vport_cast(const struct netdev *netdev) return CONTAINER_OF(netdev, struct netdev_vport, netdev); } -static int -netdev_vport_parse_config(const struct netdev_class *netdev_class, - const char *name, const struct shash *args, - void **configp) -{ - const struct vport_class *c = vport_class_cast(netdev_class); - if (c->parse_config) { - struct vport_info info; - int error; - - info.devname = name; - info.type = netdev_class->type; - error = (c->parse_config)(&info, args); - *configp = info.config; - return error; - } else { - if (!shash_is_empty(args)) { - VLOG_WARN("%s: arguments for %s vports should be empty", - name, netdev_class->type); - } - *configp = NULL; - return 0; +/* If 'netdev' is a vport netdev, copies its kernel configuration into + * 'config'. Otherwise leaves 'config' untouched. */ +void +netdev_vport_get_config(const struct netdev *netdev, void *config) +{ + const struct netdev_dev *dev = netdev_get_dev(netdev); + + if (is_vport_class(netdev_dev_get_class(dev))) { + const struct netdev_dev_vport *vport = netdev_dev_vport_cast(dev); + memcpy(config, vport->config, VPORT_CONFIG_SIZE); } } static int -netdev_vport_create(const struct netdev_class *class, const char *name, - const struct shash *args OVS_UNUSED, - struct netdev_dev **netdev_devp) +netdev_vport_init(void) { - int err; - struct odp_vport_add ova; - struct netdev_dev_vport *netdev_dev; - - ovs_strlcpy(ova.port_type, class->type, sizeof ova.port_type); - ovs_strlcpy(ova.devname, name, sizeof ova.devname); - err = netdev_vport_parse_config(class, name, args, &ova.config); - if (err) { - goto exit; - } + netdev_vport_tnl_iface_init(); + return 0; +} - err = netdev_vport_do_ioctl(ODP_VPORT_ADD, &ova); +static int +netdev_vport_create(const struct netdev_class *netdev_class, const char *name, + const struct shash *args, + struct netdev_dev **netdev_devp) +{ + const struct vport_class *vport_class = vport_class_cast(netdev_class); + struct netdev_dev_vport *dev; + int error; - if (err == EBUSY) { - VLOG_WARN("%s: destroying existing device", name); + dev = xmalloc(sizeof *dev); + *netdev_devp = &dev->netdev_dev; + netdev_dev_init(&dev->netdev_dev, name, netdev_class); - err = netdev_vport_do_ioctl(ODP_VPORT_DEL, ova.devname); - if (err) { - goto exit; - } + memset(dev->config, 0, sizeof dev->config); + error = vport_class->parse_config(&dev->netdev_dev, args, dev->config); - err = netdev_vport_do_ioctl(ODP_VPORT_ADD, &ova); - } - if (err) { - goto exit; + if (error) { + netdev_dev_uninit(&dev->netdev_dev, true); } - - netdev_dev = xmalloc(sizeof *netdev_dev); - netdev_dev_init(&netdev_dev->netdev_dev, name, class); - - *netdev_devp = &netdev_dev->netdev_dev; - -exit: - free(ova.config); - return err; + return error; } static void @@ -193,23 +201,29 @@ netdev_vport_close(struct netdev *netdev_) } static int -netdev_vport_reconfigure(struct netdev_dev *netdev_dev, +netdev_vport_reconfigure(struct netdev_dev *dev_, const struct shash *args) { - const char *name = netdev_dev_get_name(netdev_dev); - struct odp_vport_mod ovm; - int err; - - ovs_strlcpy(ovm.devname, name, sizeof ovm.devname); - err = netdev_vport_parse_config(netdev_dev_get_class(netdev_dev), name, - args, &ovm.config); - if (err) { - return err; + const struct netdev_class *netdev_class = netdev_dev_get_class(dev_); + const struct vport_class *vport_class = vport_class_cast(netdev_class); + struct netdev_dev_vport *dev = netdev_dev_vport_cast(dev_); + struct odp_port port; + int error; + + memset(&port, 0, sizeof port); + strncpy(port.devname, netdev_dev_get_name(dev_), sizeof port.devname); + strncpy(port.type, netdev_dev_get_type(dev_), sizeof port.type); + error = vport_class->parse_config(dev_, args, port.config); + if (!error && memcmp(port.config, dev->config, sizeof dev->config)) { + error = netdev_vport_do_ioctl(ODP_VPORT_MOD, &port); + if (!error || error == ENODEV) { + /* Either reconfiguration succeeded or this vport is not installed + * in the kernel (e.g. it hasn't been added to a dpif yet with + * dpif_port_add()). */ + memcpy(dev->config, port.config, sizeof dev->config); + } } - - err = netdev_vport_do_ioctl(ODP_VPORT_MOD, &ovm); - free(ovm.config); - return err; + return error; } static int @@ -270,13 +284,6 @@ netdev_vport_get_mtu(const struct netdev *netdev, int *mtup) return 0; } -static int -netdev_vport_get_carrier(const struct netdev *netdev OVS_UNUSED, bool *carrier) -{ - *carrier = true; - return 0; -} - int netdev_vport_get_stats(const struct netdev *netdev, struct netdev_stats *stats) { @@ -298,19 +305,19 @@ netdev_vport_get_stats(const struct netdev *netdev, struct netdev_stats *stats) stats->tx_errors = ovsr.stats.tx_errors; stats->rx_dropped = ovsr.stats.rx_dropped; stats->tx_dropped = ovsr.stats.tx_dropped; - stats->multicast = UINT64_MAX; + stats->multicast = ovsr.stats.multicast; stats->collisions = ovsr.stats.collisions; - stats->rx_length_errors = UINT64_MAX; - stats->rx_over_errors = ovsr.stats.rx_over_err; - stats->rx_crc_errors = ovsr.stats.rx_crc_err; - stats->rx_frame_errors = ovsr.stats.rx_frame_err; - stats->rx_fifo_errors = UINT64_MAX; - stats->rx_missed_errors = UINT64_MAX; - stats->tx_aborted_errors = UINT64_MAX; - stats->tx_carrier_errors = UINT64_MAX; - stats->tx_fifo_errors = UINT64_MAX; - stats->tx_heartbeat_errors = UINT64_MAX; - stats->tx_window_errors = UINT64_MAX; + stats->rx_length_errors = ovsr.stats.rx_length_errors; + stats->rx_over_errors = ovsr.stats.rx_over_errors; + stats->rx_crc_errors = ovsr.stats.rx_crc_errors; + stats->rx_frame_errors = ovsr.stats.rx_frame_errors; + stats->rx_fifo_errors = ovsr.stats.rx_fifo_errors; + stats->rx_missed_errors = ovsr.stats.rx_missed_errors; + stats->tx_aborted_errors = ovsr.stats.tx_aborted_errors; + stats->tx_carrier_errors = ovsr.stats.tx_carrier_errors; + stats->tx_fifo_errors = ovsr.stats.tx_fifo_errors; + stats->tx_heartbeat_errors = ovsr.stats.tx_heartbeat_errors; + stats->tx_window_errors = ovsr.stats.tx_window_errors; return 0; } @@ -331,10 +338,19 @@ netdev_vport_set_stats(struct netdev *netdev, const struct netdev_stats *stats) ovsr.stats.tx_errors = stats->tx_errors; ovsr.stats.rx_dropped = stats->rx_dropped; ovsr.stats.tx_dropped = stats->tx_dropped; + ovsr.stats.multicast = stats->multicast; ovsr.stats.collisions = stats->collisions; - ovsr.stats.rx_over_err = stats->rx_over_errors; - ovsr.stats.rx_crc_err = stats->rx_crc_errors; - ovsr.stats.rx_frame_err = stats->rx_frame_errors; + ovsr.stats.rx_length_errors = stats->rx_length_errors; + ovsr.stats.rx_over_errors = stats->rx_over_errors; + ovsr.stats.rx_crc_errors = stats->rx_crc_errors; + ovsr.stats.rx_frame_errors = stats->rx_frame_errors; + ovsr.stats.rx_fifo_errors = stats->rx_fifo_errors; + ovsr.stats.rx_missed_errors = stats->rx_missed_errors; + ovsr.stats.tx_aborted_errors = stats->tx_aborted_errors; + ovsr.stats.tx_carrier_errors = stats->tx_carrier_errors; + ovsr.stats.tx_fifo_errors = stats->tx_fifo_errors; + ovsr.stats.tx_heartbeat_errors = stats->tx_heartbeat_errors; + ovsr.stats.tx_window_errors = stats->tx_window_errors; err = netdev_vport_do_ioctl(ODP_VPORT_STATS_SET, &ovsr); @@ -349,6 +365,18 @@ netdev_vport_set_stats(struct netdev *netdev, const struct netdev_stats *stats) return err; } +static int +netdev_vport_get_status(const struct netdev *netdev, struct shash *sh) +{ + const char *iface = netdev_vport_get_tnl_iface(netdev); + + if (iface) { + shash_add(sh, "tunnel_egress_iface", xstrdup(iface)); + } + + return 0; +} + static int netdev_vport_update_flags(struct netdev *netdev OVS_UNUSED, enum netdev_flags off, enum netdev_flags on OVS_UNUSED, @@ -382,8 +410,7 @@ netdev_vport_poll_add(struct netdev *netdev, if (!shash_node) { list = xmalloc(sizeof *list); list_init(list); - shash_node = shash_add(&netdev_vport_notifiers, - netdev_get_name(netdev), list); + shash_node = shash_add(&netdev_vport_notifiers, poll_name, list); } else { list = shash_node->data; } @@ -415,6 +442,284 @@ netdev_vport_poll_remove(struct netdev_notifier *notifier_) free(notifier); } + +static void +netdev_vport_run(void) +{ + rtnetlink_link_notifier_run(); + rtnetlink_route_notifier_run(); +} + +static void +netdev_vport_wait(void) +{ + rtnetlink_link_notifier_wait(); + rtnetlink_route_notifier_wait(); +} + +/* get_tnl_iface() implementation. */ + +static struct name_node * +name_node_lookup(int ifi_index) +{ + struct name_node *nn; + + HMAP_FOR_EACH_WITH_HASH(nn, node, hash_int(ifi_index, 0), &name_map) { + if (nn->ifi_index == ifi_index) { + return nn; + } + } + + return NULL; +} + +static struct route_node * +route_node_lookup(int rta_oif, uint32_t rta_dst, unsigned char rtm_dst_len) +{ + uint32_t hash; + struct route_node *rn; + + hash = hash_3words(rta_oif, rta_dst, rtm_dst_len); + HMAP_FOR_EACH_WITH_HASH(rn, node, hash, &route_map) { + if (rn->rta_oif == rn->rta_oif && + rn->rta_dst == rn->rta_dst && + rn->rtm_dst_len == rn->rtm_dst_len) { + return rn; + } + } + + return NULL; +} + +/* Resets the name or route map depending on the value of 'is_name'. Clears + * the appropriate map, makes an rtnetlink dump request, and calls the change + * callback for each reply from the kernel. One should probably use + * netdev_vport_reset_routes or netdev_vport_reset_names instead. */ +static int +netdev_vport_reset_name_else_route(bool is_name) +{ + int error; + int nlmsg_type; + struct nl_dump dump; + struct rtgenmsg *rtmsg; + struct ofpbuf request, reply; + static struct nl_sock *rtnl_sock; + + if (is_name) { + struct name_node *nn, *nn_next; + + HMAP_FOR_EACH_SAFE(nn, nn_next, node, &name_map) { + hmap_remove(&name_map, &nn->node); + free(nn); + } + } else { + struct route_node *rn, *rn_next; + + HMAP_FOR_EACH_SAFE(rn, rn_next, node, &route_map) { + hmap_remove(&route_map, &rn->node); + free(rn); + } + } + + error = nl_sock_create(NETLINK_ROUTE, 0, 0, 0, &rtnl_sock); + if (error) { + VLOG_WARN_RL(&rl, "Failed to create NETLINK_ROUTE socket"); + return error; + } + + ofpbuf_init(&request, 0); + + nlmsg_type = is_name ? RTM_GETLINK : RTM_GETROUTE; + nl_msg_put_nlmsghdr(&request, sizeof *rtmsg, nlmsg_type, NLM_F_REQUEST); + + rtmsg = ofpbuf_put_zeros(&request, sizeof *rtmsg); + rtmsg->rtgen_family = AF_INET; + + nl_dump_start(&dump, rtnl_sock, &request); + + while (nl_dump_next(&dump, &reply)) { + if (is_name) { + struct rtnetlink_link_change change; + + if (rtnetlink_link_parse(&reply, &change)) { + netdev_vport_link_change(&change, NULL); + } + } else { + struct rtnetlink_route_change change; + + if (rtnetlink_route_parse(&reply, &change)) { + netdev_vport_route_change(&change, NULL); + } + } + } + + error = nl_dump_done(&dump); + nl_sock_destroy(rtnl_sock); + + return error; +} + +static int +netdev_vport_reset_routes(void) +{ + return netdev_vport_reset_name_else_route(false); +} + +static int +netdev_vport_reset_names(void) +{ + return netdev_vport_reset_name_else_route(true); +} + +static void +netdev_vport_route_change(const struct rtnetlink_route_change *change, + void *aux OVS_UNUSED) +{ + + if (!change) { + netdev_vport_reset_routes(); + } else if (change->nlmsg_type == RTM_NEWROUTE) { + uint32_t hash; + struct route_node *rn; + + if (route_node_lookup(change->rta_oif, change->rta_dst, + change->rtm_dst_len)) { + return; + } + + rn = xzalloc(sizeof *rn); + rn->rta_oif = change->rta_oif; + rn->rta_dst = change->rta_dst; + rn->rtm_dst_len = change->rtm_dst_len; + + hash = hash_3words(rn->rta_oif, rn->rta_dst, rn->rtm_dst_len); + hmap_insert(&route_map, &rn->node, hash); + } else if (change->nlmsg_type == RTM_DELROUTE) { + struct route_node *rn; + + rn = route_node_lookup(change->rta_oif, change->rta_dst, + change->rtm_dst_len); + + if (rn) { + hmap_remove(&route_map, &rn->node); + free(rn); + } + } else { + VLOG_WARN_RL(&rl, "Received unexpected rtnetlink message type %d", + change->nlmsg_type); + } +} + +static void +netdev_vport_link_change(const struct rtnetlink_link_change *change, + void *aux OVS_UNUSED) +{ + + if (!change) { + netdev_vport_reset_names(); + } else if (change->nlmsg_type == RTM_NEWLINK) { + struct name_node *nn; + + if (name_node_lookup(change->ifi_index)) { + return; + } + + nn = xzalloc(sizeof *nn); + nn->ifi_index = change->ifi_index; + + strncpy(nn->ifname, change->ifname, IFNAMSIZ); + nn->ifname[IFNAMSIZ - 1] = '\0'; + + hmap_insert(&name_map, &nn->node, hash_int(nn->ifi_index, 0)); + } else if (change->nlmsg_type == RTM_DELLINK) { + struct name_node *nn; + + nn = name_node_lookup(change->ifi_index); + + if (nn) { + hmap_remove(&name_map, &nn->node); + free(nn); + } + + /* Link deletions do not result in all of the RTM_DELROUTE messages one + * would expect. For now, go ahead and reset route_map whenever a link + * is deleted. */ + netdev_vport_reset_routes(); + } else { + VLOG_WARN_RL(&rl, "Received unexpected rtnetlink message type %d", + change->nlmsg_type); + } +} + +static void +netdev_vport_tnl_iface_init(void) +{ + static bool tnl_iface_is_init = false; + + if (!tnl_iface_is_init) { + hmap_init(&name_map); + hmap_init(&route_map); + + rtnetlink_link_notifier_register(&netdev_vport_link_notifier, + netdev_vport_link_change, NULL); + + rtnetlink_route_notifier_register(&netdev_vport_route_notifier, + netdev_vport_route_change, NULL); + + netdev_vport_reset_names(); + netdev_vport_reset_routes(); + tnl_iface_is_init = true; + } +} + +static const char * +netdev_vport_get_tnl_iface(const struct netdev *netdev) +{ + int dst_len; + uint32_t route; + struct netdev_dev_vport *ndv; + struct tnl_port_config *config; + struct route_node *rn, *rn_def, *rn_iter; + + ndv = netdev_dev_vport_cast(netdev_get_dev(netdev)); + config = (struct tnl_port_config *) ndv->config; + route = ntohl(config->daddr); + + dst_len = 0; + rn = NULL; + rn_def = NULL; + + HMAP_FOR_EACH(rn_iter, node, &route_map) { + if (rn_iter->rtm_dst_len == 0 && rn_iter->rta_dst == 0) { + /* Default route. */ + rn_def = rn_iter; + } else if (rn_iter->rtm_dst_len > dst_len) { + uint32_t mask = 0xffffffff << (32 - rn_iter->rtm_dst_len); + if ((route & mask) == (rn_iter->rta_dst & mask)) { + rn = rn_iter; + dst_len = rn_iter->rtm_dst_len; + } + } + } + + if (!rn) { + rn = rn_def; + } + + if (rn) { + uint32_t hash; + struct name_node *nn; + + hash = hash_int(rn->rta_oif, 0); + HMAP_FOR_EACH_WITH_HASH(nn, node, hash, &name_map) { + if (nn->ifi_index == rn->rta_oif) { + return nn->ifname; + } + } + } + + return NULL; +} /* Helper functions. */ @@ -456,108 +761,154 @@ netdev_vport_poll_notify(const struct netdev *netdev) /* Code specific to individual vport types. */ static int -parse_tunnel_config(struct vport_info *port, const struct shash *args) +parse_tunnel_config(const struct netdev_dev *dev, const struct shash *args, + void *configp) { - const char *name = port->devname; - bool is_gre = !strcmp(port->type, "gre"); - struct tnl_port_config *config; + const char *name = netdev_dev_get_name(dev); + const char *type = netdev_dev_get_type(dev); + bool is_gre = false; + bool is_ipsec = false; + struct tnl_port_config config; struct shash_node *node; - bool ipsec_ip_set = false; bool ipsec_mech_set = false; - config = port->config = xzalloc(sizeof *config); - config->flags |= TNL_F_PMTUD; - config->flags |= TNL_F_HDR_CACHE; + memset(&config, 0, sizeof config); + config.flags |= TNL_F_PMTUD; + config.flags |= TNL_F_HDR_CACHE; + + if (!strcmp(type, "gre")) { + is_gre = true; + } else if (!strcmp(type, "ipsec_gre")) { + is_gre = true; + is_ipsec = true; + + config.flags |= TNL_F_IPSEC; + + /* IPsec doesn't work when header caching is enabled. */ + config.flags &= ~TNL_F_HDR_CACHE; + } SHASH_FOR_EACH (node, args) { if (!strcmp(node->name, "remote_ip")) { struct in_addr in_addr; if (lookup_ip(node->data, &in_addr)) { - VLOG_WARN("%s: bad %s 'remote_ip'", name, port->type); + VLOG_WARN("%s: bad %s 'remote_ip'", name, type); } else { - config->daddr = in_addr.s_addr; + config.daddr = in_addr.s_addr; } } else if (!strcmp(node->name, "local_ip")) { struct in_addr in_addr; if (lookup_ip(node->data, &in_addr)) { - VLOG_WARN("%s: bad %s 'local_ip'", name, port->type); + VLOG_WARN("%s: bad %s 'local_ip'", name, type); } else { - config->saddr = in_addr.s_addr; + config.saddr = in_addr.s_addr; } } else if (!strcmp(node->name, "key") && is_gre) { if (!strcmp(node->data, "flow")) { - config->flags |= TNL_F_IN_KEY_MATCH; - config->flags |= TNL_F_OUT_KEY_ACTION; + config.flags |= TNL_F_IN_KEY_MATCH; + config.flags |= TNL_F_OUT_KEY_ACTION; } else { - config->out_key = config->in_key = htonl(atoi(node->data)); + uint64_t key = strtoull(node->data, NULL, 0); + config.out_key = config.in_key = htonll(key); } } else if (!strcmp(node->name, "in_key") && is_gre) { if (!strcmp(node->data, "flow")) { - config->flags |= TNL_F_IN_KEY_MATCH; + config.flags |= TNL_F_IN_KEY_MATCH; } else { - config->in_key = htonl(atoi(node->data)); + config.in_key = htonll(strtoull(node->data, NULL, 0)); } } else if (!strcmp(node->name, "out_key") && is_gre) { if (!strcmp(node->data, "flow")) { - config->flags |= TNL_F_OUT_KEY_ACTION; + config.flags |= TNL_F_OUT_KEY_ACTION; } else { - config->out_key = htonl(atoi(node->data)); + config.out_key = htonll(strtoull(node->data, NULL, 0)); } } else if (!strcmp(node->name, "tos")) { if (!strcmp(node->data, "inherit")) { - config->flags |= TNL_F_TOS_INHERIT; + config.flags |= TNL_F_TOS_INHERIT; } else { - config->tos = atoi(node->data); + config.tos = atoi(node->data); } } else if (!strcmp(node->name, "ttl")) { if (!strcmp(node->data, "inherit")) { - config->flags |= TNL_F_TTL_INHERIT; + config.flags |= TNL_F_TTL_INHERIT; } else { - config->ttl = atoi(node->data); + config.ttl = atoi(node->data); } } else if (!strcmp(node->name, "csum") && is_gre) { if (!strcmp(node->data, "true")) { - config->flags |= TNL_F_CSUM; + config.flags |= TNL_F_CSUM; } } else if (!strcmp(node->name, "pmtud")) { if (!strcmp(node->data, "false")) { - config->flags &= ~TNL_F_PMTUD; + config.flags &= ~TNL_F_PMTUD; } } else if (!strcmp(node->name, "header_cache")) { if (!strcmp(node->data, "false")) { - config->flags &= ~TNL_F_HDR_CACHE; + config.flags &= ~TNL_F_HDR_CACHE; + } + } else if (!strcmp(node->name, "peer_cert") && is_ipsec) { + if (shash_find(args, "certificate")) { + ipsec_mech_set = true; + } else { + const char *use_ssl_cert; + + /* If the "use_ssl_cert" is true, then "certificate" and + * "private_key" will be pulled from the SSL table. The + * use of this option is strongly discouraged, since it + * will like be removed when multiple SSL configurations + * are supported by OVS. + */ + use_ssl_cert = shash_find_data(args, "use_ssl_cert"); + if (!use_ssl_cert || strcmp(use_ssl_cert, "true")) { + VLOG_WARN("%s: 'peer_cert' requires 'certificate' argument", + name); + return EINVAL; + } + ipsec_mech_set = true; } - } else if (!strcmp(node->name, "ipsec_local_ip")) { - ipsec_ip_set = true; - } else if (!strcmp(node->name, "ipsec_cert") - || !strcmp(node->name, "ipsec_psk")) { + } else if (!strcmp(node->name, "psk") && is_ipsec) { ipsec_mech_set = true; + } else if (is_ipsec + && (!strcmp(node->name, "certificate") + || !strcmp(node->name, "private_key") + || !strcmp(node->name, "use_ssl_cert"))) { + /* Ignore options not used by the netdev. */ } else { VLOG_WARN("%s: unknown %s argument '%s'", - name, port->type, node->name); + name, type, node->name); } } - /* IPsec doesn't work when header caching is enabled. Disable it if the - * IPsec local IP address and authentication mechanism have been defined. */ - if (ipsec_ip_set && ipsec_mech_set) { - VLOG_INFO("%s: header caching disabled due to use of IPsec", name); - config->flags &= ~TNL_F_HDR_CACHE; + if (is_ipsec) { + if (shash_find(args, "peer_cert") && shash_find(args, "psk")) { + VLOG_WARN("%s: cannot define both 'peer_cert' and 'psk'", name); + return EINVAL; + } + + if (!ipsec_mech_set) { + VLOG_WARN("%s: IPsec requires an 'peer_cert' or psk' argument", + name); + return EINVAL; + } } - if (!config->daddr) { + if (!config.daddr) { VLOG_WARN("%s: %s type requires valid 'remote_ip' argument", - name, port->type); + name, type); return EINVAL; } + BUILD_ASSERT(sizeof config <= VPORT_CONFIG_SIZE); + memcpy(configp, &config, sizeof config); return 0; } static int -parse_patch_config(struct vport_info *port, const struct shash *args) +parse_patch_config(const struct netdev_dev *dev, const struct shash *args, + void *configp) { - const char *name = port->devname; + const char *name = netdev_dev_get_name(dev); const char *peer; peer = shash_find_data(args, "peer"); @@ -571,7 +922,7 @@ parse_patch_config(struct vport_info *port, const struct shash *args) return EINVAL; } - if (strlen(peer) >= IFNAMSIZ) { + if (strlen(peer) >= MIN(IFNAMSIZ, VPORT_CONFIG_SIZE)) { VLOG_WARN("%s: patch 'peer' arg too long", name); return EINVAL; } @@ -581,15 +932,15 @@ parse_patch_config(struct vport_info *port, const struct shash *args) return EINVAL; } - port->config = xstrdup(peer); + strncpy(configp, peer, VPORT_CONFIG_SIZE); return 0; } -#define VPORT_FUNCTIONS \ - NULL, /* init */ \ - NULL, /* run */ \ - NULL, /* wait */ \ +#define VPORT_FUNCTIONS(GET_STATUS) \ + netdev_vport_init, \ + netdev_vport_run, \ + netdev_vport_wait, \ \ netdev_vport_create, \ netdev_vport_destroy, \ @@ -611,7 +962,7 @@ parse_patch_config(struct vport_info *port, const struct shash *args) netdev_vport_get_etheraddr, \ netdev_vport_get_mtu, \ NULL, /* get_ifindex */ \ - netdev_vport_get_carrier, \ + NULL, /* get_carrier */ \ netdev_vport_get_stats, \ netdev_vport_set_stats, \ \ @@ -636,6 +987,7 @@ parse_patch_config(struct vport_info *port, const struct shash *args) NULL, /* get_in6 */ \ NULL, /* add_router */ \ NULL, /* get_next_hop */ \ + GET_STATUS, \ NULL, /* arp_lookup */ \ \ netdev_vport_update_flags, \ @@ -643,19 +995,22 @@ parse_patch_config(struct vport_info *port, const struct shash *args) netdev_vport_poll_add, \ netdev_vport_poll_remove, -static const struct vport_class vport_gre_class - = { { "gre", VPORT_FUNCTIONS }, parse_tunnel_config }; - -static const struct vport_class vport_capwap_class - = { { "capwap", VPORT_FUNCTIONS }, parse_tunnel_config }; - -static const struct vport_class vport_patch_class - = { { "patch", VPORT_FUNCTIONS }, parse_patch_config }; - void netdev_vport_register(void) { - netdev_register_provider(&vport_gre_class.netdev_class); - netdev_register_provider(&vport_capwap_class.netdev_class); - netdev_register_provider(&vport_patch_class.netdev_class); + static const struct vport_class vport_classes[] = { + { { "gre", VPORT_FUNCTIONS(netdev_vport_get_status) }, + parse_tunnel_config }, + { { "ipsec_gre", VPORT_FUNCTIONS(netdev_vport_get_status) }, + parse_tunnel_config }, + { { "capwap", VPORT_FUNCTIONS(netdev_vport_get_status) }, + parse_tunnel_config }, + { { "patch", VPORT_FUNCTIONS(NULL) }, parse_patch_config } + }; + + int i; + + for (i = 0; i < ARRAY_SIZE(vport_classes); i++) { + netdev_register_provider(&vport_classes[i].netdev_class); + } }