X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=ofproto%2Fofproto-dpif.c;h=1fe5da68db271f030a2dd3678f2f171914a8417b;hb=0e553d9c1063be047824c6f1afce9ffc6db6c671;hp=381ffaf8de8b5e346d96ac2a5914dd3d66bbcd7d;hpb=aa3080c905ff87f5889a5916ef1480365cba0515;p=sliver-openvswitch.git diff --git a/ofproto/ofproto-dpif.c b/ofproto/ofproto-dpif.c index 381ffaf8d..1fe5da68d 100644 --- a/ofproto/ofproto-dpif.c +++ b/ofproto/ofproto-dpif.c @@ -34,6 +34,7 @@ #include "lacp.h" #include "learn.h" #include "mac-learning.h" +#include "meta-flow.h" #include "multipath.h" #include "netdev.h" #include "netlink.h" @@ -75,8 +76,6 @@ struct ofproto_dpif; struct rule_dpif { struct rule up; - long long int used; /* Time last used; time created if not used. */ - /* These statistics: * * - Do include packets and bytes from facets that have been deleted or @@ -106,7 +105,7 @@ static struct rule_dpif *rule_dpif_cast(const struct rule *rule) static struct rule_dpif *rule_dpif_lookup(struct ofproto_dpif *, const struct flow *, uint8_t table); -static void flow_push_stats(const struct rule_dpif *, const struct flow *, +static void flow_push_stats(struct rule_dpif *, const struct flow *, uint64_t packets, uint64_t bytes, long long int used); @@ -214,8 +213,13 @@ struct action_xlate_ctx { * we are just revalidating. */ bool may_learn; - /* Cookie of the currently matching rule, or 0. */ - ovs_be64 cookie; + /* The rule that we are currently translating, or NULL. */ + struct rule_dpif *rule; + + /* Union of the set of TCP flags seen so far in this flow. (Used only by + * NXAST_FIN_TIMEOUT. Set to zero to avoid updating updating rules' + * timeouts.) */ + uint8_t tcp_flags; /* If nonnull, called just before executing a resubmit action. * @@ -232,6 +236,7 @@ struct action_xlate_ctx { * be reassessed for every packet. */ bool has_learn; /* Actions include NXAST_LEARN? */ bool has_normal; /* Actions output to OFPP_NORMAL? */ + bool has_fin_timeout; /* Actions include NXAST_FIN_TIMEOUT? */ uint16_t nf_output_iface; /* Output interface index for NetFlow. */ mirror_mask_t mirrors; /* Bitmap of associated mirrors. */ @@ -250,8 +255,8 @@ struct action_xlate_ctx { static void action_xlate_ctx_init(struct action_xlate_ctx *, struct ofproto_dpif *, const struct flow *, - ovs_be16 initial_tci, ovs_be64 cookie, - const struct ofpbuf *); + ovs_be16 initial_tci, struct rule_dpif *, + uint8_t tcp_flags, const struct ofpbuf *); static struct ofpbuf *xlate_actions(struct action_xlate_ctx *, const union ofp_action *in, size_t n_in); @@ -305,6 +310,7 @@ struct facet { /* Accounting. */ uint64_t accounted_bytes; /* Bytes processed by facet_account(). */ struct netflow_flow nf_flow; /* Per-flow NetFlow tracking data. */ + uint8_t tcp_flags; /* TCP flags seen for this 'rule'. */ /* Properties of datapath actions. * @@ -315,6 +321,7 @@ struct facet { bool may_install; /* Reassess actions for every packet? */ bool has_learn; /* Actions include NXAST_LEARN? */ bool has_normal; /* Actions output to OFPP_NORMAL? */ + bool has_fin_timeout; /* Actions include NXAST_FIN_TIMEOUT? */ tag_type tags; /* Tags that would require revalidation. */ mirror_mask_t mirrors; /* Bitmap of dependent mirrors. */ }; @@ -619,7 +626,7 @@ dealloc(struct ofproto *ofproto_) } static int -construct(struct ofproto *ofproto_, int *n_tablesp) +construct(struct ofproto *ofproto_) { struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_); const char *name = ofproto->up.name; @@ -649,7 +656,7 @@ construct(struct ofproto *ofproto_, int *n_tablesp) ofproto->sflow = NULL; ofproto->stp = NULL; hmap_init(&ofproto->bundles); - ofproto->ml = mac_learning_create(); + ofproto->ml = mac_learning_create(MAC_ENTRY_DEFAULT_IDLE_TIME); for (i = 0; i < MAX_MIRRORS; i++) { ofproto->mirrors[i] = NULL; } @@ -681,9 +688,10 @@ construct(struct ofproto *ofproto_, int *n_tablesp) hmap_insert(&all_ofproto_dpifs, &ofproto->all_ofproto_dpifs_node, hash_string(ofproto->up.name, 0)); - - *n_tablesp = N_TABLES; memset(&ofproto->stats, 0, sizeof ofproto->stats); + + ofproto_init_tables(ofproto_, N_TABLES); + return 0; } @@ -704,7 +712,7 @@ destruct(struct ofproto *ofproto_) { struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_); struct rule_dpif *rule, *next_rule; - struct classifier *table; + struct oftable *table; int i; hmap_remove(&all_ofproto_dpifs, &ofproto->all_ofproto_dpifs_node); @@ -713,7 +721,7 @@ destruct(struct ofproto *ofproto_) OFPROTO_FOR_EACH_TABLE (table, &ofproto->up) { struct cls_cursor cursor; - cls_cursor_init(&cursor, table, NULL); + cls_cursor_init(&cursor, &table->cls, NULL); CLS_CURSOR_FOR_EACH_SAFE (rule, next_rule, up.cr, &cursor) { ofproto_rule_destroy(&rule->up); } @@ -1193,7 +1201,7 @@ update_stp_port_state(struct ofport_dpif *ofport) if (stp_learn_in_state(ofport->stp_state) != stp_learn_in_state(state)) { /* xxx Learning action flows should also be flushed. */ - mac_learning_flush(ofproto->ml); + mac_learning_flush(ofproto->ml, &ofproto->revalidate_set); } fwd_change = stp_forward_in_state(ofport->stp_state) != stp_forward_in_state(state); @@ -1296,6 +1304,10 @@ stp_run(struct ofproto_dpif *ofproto) update_stp_port_state(ofport); } } + + if (stp_check_and_reset_fdb_flush(ofproto->stp)) { + mac_learning_flush(ofproto->ml, &ofproto->revalidate_set); + } } } @@ -1879,7 +1891,7 @@ bundle_run(struct ofbundle *bundle) } bond_run(bundle->bond, &bundle->ofproto->revalidate_set, - lacp_negotiated(bundle->lacp)); + lacp_status(bundle->lacp)); if (bond_should_send_learning_packets(bundle->bond)) { bundle_send_learning_packets(bundle); } @@ -2064,7 +2076,7 @@ mirror_set(struct ofproto *ofproto_, void *aux, } ofproto->need_revalidate = true; - mac_learning_flush(ofproto->ml); + mac_learning_flush(ofproto->ml, &ofproto->revalidate_set); mirror_update_dups(ofproto); return 0; @@ -2083,7 +2095,7 @@ mirror_destroy(struct ofmirror *mirror) ofproto = mirror->ofproto; ofproto->need_revalidate = true; - mac_learning_flush(ofproto->ml); + mac_learning_flush(ofproto->ml, &ofproto->revalidate_set); mirror_bit = MIRROR_MASK_C(1) << mirror->idx; HMAP_FOR_EACH (bundle, hmap_node, &ofproto->bundles) { @@ -2126,8 +2138,7 @@ set_flood_vlans(struct ofproto *ofproto_, unsigned long *flood_vlans) { struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_); if (mac_learning_set_flood_vlans(ofproto->ml, flood_vlans)) { - ofproto->need_revalidate = true; - mac_learning_flush(ofproto->ml); + mac_learning_flush(ofproto->ml, &ofproto->revalidate_set); } return 0; } @@ -2147,6 +2158,13 @@ forward_bpdu_changed(struct ofproto *ofproto_) /* Revalidate cached flows whenever forward_bpdu option changes. */ ofproto->need_revalidate = true; } + +static void +set_mac_idle_time(struct ofproto *ofproto_, unsigned int idle_time) +{ + struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_); + mac_learning_set_idle_time(ofproto->ml, idle_time); +} /* Ports. */ @@ -2421,7 +2439,7 @@ struct flow_miss_op { * OpenFlow controller as necessary according to their individual * configurations. */ static void -send_packet_in_miss(struct ofproto_dpif *ofproto, struct ofpbuf *packet, +send_packet_in_miss(struct ofproto_dpif *ofproto, const struct ofpbuf *packet, const struct flow *flow) { struct ofputil_packet_in pin; @@ -2576,7 +2594,6 @@ handle_flow_miss(struct ofproto_dpif *ofproto, struct flow_miss *miss, continue; } - list_remove(&packet->list_node); if (flow->vlan_tci != subfacet->initial_tci) { /* This packet was received on a VLAN splinter port. We added * a VLAN to the packet to make the packet resemble the flow, @@ -2739,14 +2756,10 @@ handle_miss_upcalls(struct ofproto_dpif *ofproto, struct dpif_upcall *upcalls, /* Process each element in the to-do list, constructing the set of * operations to batch. */ n_ops = 0; - HMAP_FOR_EACH_SAFE (miss, next_miss, hmap_node, &todo) { + HMAP_FOR_EACH (miss, hmap_node, &todo) { handle_flow_miss(ofproto, miss, flow_miss_ops, &n_ops); - ofpbuf_list_delete(&miss->packets); - hmap_remove(&todo, &miss->hmap_node); - free(miss); } assert(n_ops <= ARRAY_SIZE(flow_miss_ops)); - hmap_destroy(&todo); /* Execute batch. */ for (i = 0; i < n_ops; i++) { @@ -2765,7 +2778,6 @@ handle_miss_upcalls(struct ofproto_dpif *ofproto, struct dpif_upcall *upcalls, if (op->subfacet->actions != execute->actions) { free((struct nlattr *) execute->actions); } - ofpbuf_delete((struct ofpbuf *) execute->packet); break; case DPIF_OP_FLOW_PUT: @@ -2775,6 +2787,12 @@ handle_miss_upcalls(struct ofproto_dpif *ofproto, struct dpif_upcall *upcalls, break; } } + HMAP_FOR_EACH_SAFE (miss, next_miss, hmap_node, &todo) { + ofpbuf_list_delete(&miss->packets); + hmap_remove(&todo, &miss->hmap_node); + free(miss); + } + hmap_destroy(&todo); } static void @@ -2866,7 +2884,7 @@ static int expire(struct ofproto_dpif *ofproto) { struct rule_dpif *rule, *next_rule; - struct classifier *table; + struct oftable *table; int dp_max_idle; /* Update stats for each flow in the datapath. */ @@ -2880,7 +2898,7 @@ expire(struct ofproto_dpif *ofproto) OFPROTO_FOR_EACH_TABLE (table, &ofproto->up) { struct cls_cursor cursor; - cls_cursor_init(&cursor, table, NULL); + cls_cursor_init(&cursor, &table->cls, NULL); CLS_CURSOR_FOR_EACH_SAFE (rule, next_rule, up.cr, &cursor) { rule_expire(rule); } @@ -2944,6 +2962,8 @@ update_stats(struct ofproto_dpif *p) subfacet->dp_packet_count = stats->n_packets; subfacet->dp_byte_count = stats->n_bytes; + facet->tcp_flags |= stats->tcp_flags; + subfacet_update_time(subfacet, stats->used); facet_account(facet); facet_push_stats(facet); @@ -3083,7 +3103,7 @@ rule_expire(struct rule_dpif *rule) && now > rule->up.modified + rule->up.hard_timeout * 1000) { reason = OFPRR_HARD_TIMEOUT; } else if (rule->up.idle_timeout && list_is_empty(&rule->facets) - && now > rule->used + rule->up.idle_timeout * 1000) { + && now > rule->up.used + rule->up.idle_timeout * 1000) { reason = OFPRR_IDLE_TIMEOUT; } else { return; @@ -3215,12 +3235,14 @@ facet_account(struct facet *facet) /* Feed information from the active flows back into the learning table to * ensure that table is always in sync with what is actually flowing * through the datapath. */ - if (facet->has_learn || facet->has_normal) { + if (facet->has_learn || facet->has_normal + || (facet->has_fin_timeout + && facet->tcp_flags & (TCP_FIN | TCP_RST))) { struct action_xlate_ctx ctx; action_xlate_ctx_init(&ctx, ofproto, &facet->flow, facet->flow.vlan_tci, - facet->rule->up.flow_cookie, NULL); + facet->rule, facet->tcp_flags, NULL); ctx.may_learn = true; ofpbuf_delete(xlate_actions(&ctx, facet->rule->up.actions, facet->rule->up.n_actions)); @@ -3314,6 +3336,7 @@ facet_flush_stats(struct facet *facet) facet_reset_counters(facet); netflow_flow_clear(&facet->nf_flow); + facet->tcp_flags = 0; } /* Searches 'ofproto''s table of facets for one exactly equal to 'flow'. @@ -3367,6 +3390,7 @@ facet_check_consistency(struct facet *facet) struct rule_dpif *rule; struct subfacet *subfacet; + bool may_log = false; bool ok; /* Check the rule for consistency. */ @@ -3379,22 +3403,24 @@ facet_check_consistency(struct facet *facet) } return false; } else if (rule != facet->rule) { - struct ds s; + may_log = !VLOG_DROP_WARN(&rl); + ok = false; + if (may_log) { + struct ds s; - ds_init(&s); - flow_format(&s, &facet->flow); - ds_put_format(&s, ": facet associated with wrong rule (was " - "table=%"PRIu8",", facet->rule->up.table_id); - cls_rule_format(&facet->rule->up.cr, &s); - ds_put_format(&s, ") (should have been table=%"PRIu8",", - rule->up.table_id); - cls_rule_format(&rule->up.cr, &s); - ds_put_char(&s, ')'); - - VLOG_WARN("%s", ds_cstr(&s)); - ds_destroy(&s); + ds_init(&s); + flow_format(&s, &facet->flow); + ds_put_format(&s, ": facet associated with wrong rule (was " + "table=%"PRIu8",", facet->rule->up.table_id); + cls_rule_format(&facet->rule->up.cr, &s); + ds_put_format(&s, ") (should have been table=%"PRIu8",", + rule->up.table_id); + cls_rule_format(&rule->up.cr, &s); + ds_put_char(&s, ')'); - ok = false; + VLOG_WARN("%s", ds_cstr(&s)); + ds_destroy(&s); + } } else { ok = true; } @@ -3407,8 +3433,7 @@ facet_check_consistency(struct facet *facet) bool should_install; action_xlate_ctx_init(&ctx, ofproto, &facet->flow, - subfacet->initial_tci, rule->up.flow_cookie, - NULL); + subfacet->initial_tci, rule, 0, NULL); odp_actions = xlate_actions(&ctx, rule->up.actions, rule->up.n_actions); @@ -3424,42 +3449,47 @@ facet_check_consistency(struct facet *facet) || memcmp(subfacet->actions, odp_actions->data, subfacet->actions_len)); if (should_install != subfacet->installed || actions_changed) { - struct odputil_keybuf keybuf; - struct ofpbuf key; - struct ds s; + if (ok) { + may_log = !VLOG_DROP_WARN(&rl); + ok = false; + } - ok = false; + if (may_log) { + struct odputil_keybuf keybuf; + struct ofpbuf key; + struct ds s; - ds_init(&s); - subfacet_get_key(subfacet, &keybuf, &key); - odp_flow_key_format(key.data, key.size, &s); - - ds_put_cstr(&s, ": inconsistency in subfacet"); - if (should_install != subfacet->installed) { - enum odp_key_fitness fitness = subfacet->key_fitness; - - ds_put_format(&s, " (should%s have been installed)", - should_install ? "" : " not"); - ds_put_format(&s, " (may_set_up_flow=%s, fitness=%s)", - ctx.may_set_up_flow ? "true" : "false", - odp_key_fitness_to_string(fitness)); - } - if (actions_changed) { - ds_put_cstr(&s, " (actions were: "); - format_odp_actions(&s, subfacet->actions, - subfacet->actions_len); - ds_put_cstr(&s, ") (correct actions: "); - format_odp_actions(&s, odp_actions->data, - odp_actions->size); - ds_put_char(&s, ')'); - } else { - ds_put_cstr(&s, " (actions: "); - format_odp_actions(&s, subfacet->actions, - subfacet->actions_len); - ds_put_char(&s, ')'); + ds_init(&s); + subfacet_get_key(subfacet, &keybuf, &key); + odp_flow_key_format(key.data, key.size, &s); + + ds_put_cstr(&s, ": inconsistency in subfacet"); + if (should_install != subfacet->installed) { + enum odp_key_fitness fitness = subfacet->key_fitness; + + ds_put_format(&s, " (should%s have been installed)", + should_install ? "" : " not"); + ds_put_format(&s, " (may_set_up_flow=%s, fitness=%s)", + ctx.may_set_up_flow ? "true" : "false", + odp_key_fitness_to_string(fitness)); + } + if (actions_changed) { + ds_put_cstr(&s, " (actions were: "); + format_odp_actions(&s, subfacet->actions, + subfacet->actions_len); + ds_put_cstr(&s, ") (correct actions: "); + format_odp_actions(&s, odp_actions->data, + odp_actions->size); + ds_put_char(&s, ')'); + } else { + ds_put_cstr(&s, " (actions: "); + format_odp_actions(&s, subfacet->actions, + subfacet->actions_len); + ds_put_char(&s, ')'); + } + VLOG_WARN("%s", ds_cstr(&s)); + ds_destroy(&s); } - VLOG_WARN("%s", ds_cstr(&s)); - ds_destroy(&s); } next: @@ -3522,8 +3552,7 @@ facet_revalidate(struct facet *facet) bool should_install; action_xlate_ctx_init(&ctx, ofproto, &facet->flow, - subfacet->initial_tci, new_rule->up.flow_cookie, - NULL); + subfacet->initial_tci, new_rule, 0, NULL); odp_actions = xlate_actions(&ctx, new_rule->up.actions, new_rule->up.n_actions); actions_changed = (subfacet->actions_len != odp_actions->size @@ -3565,6 +3594,7 @@ facet_revalidate(struct facet *facet) facet->may_install = ctx.may_set_up_flow; facet->has_learn = ctx.has_learn; facet->has_normal = ctx.has_normal; + facet->has_fin_timeout = ctx.has_fin_timeout; facet->mirrors = ctx.mirrors; if (new_actions) { i = 0; @@ -3598,9 +3628,7 @@ facet_update_time(struct facet *facet, long long int used) struct ofproto_dpif *ofproto = ofproto_dpif_cast(facet->rule->up.ofproto); if (used > facet->used) { facet->used = used; - if (used > facet->rule->used) { - facet->rule->used = used; - } + ofproto_rule_update_used(&facet->rule->up, used); netflow_flow_update_time(ofproto->netflow, &facet->nf_flow, used); } } @@ -3655,14 +3683,14 @@ push_resubmit(struct action_xlate_ctx *ctx, struct rule_dpif *rule) if (rule) { rule->packet_count += push->packets; rule->byte_count += push->bytes; - rule->used = MAX(push->used, rule->used); + ofproto_rule_update_used(&rule->up, push->used); } } /* Pushes flow statistics to the rules which 'flow' resubmits into given * 'rule''s actions and mirrors. */ static void -flow_push_stats(const struct rule_dpif *rule, +flow_push_stats(struct rule_dpif *rule, const struct flow *flow, uint64_t packets, uint64_t bytes, long long int used) { @@ -3673,8 +3701,10 @@ flow_push_stats(const struct rule_dpif *rule, push.bytes = bytes; push.used = used; - action_xlate_ctx_init(&push.ctx, ofproto, flow, flow->vlan_tci, - rule->up.flow_cookie, NULL); + ofproto_rule_update_used(&rule->up, used); + + action_xlate_ctx_init(&push.ctx, ofproto, flow, flow->vlan_tci, rule, + 0, NULL); push.ctx.resubmit_hook = push_resubmit; ofpbuf_delete(xlate_actions(&push.ctx, rule->up.actions, rule->up.n_actions)); @@ -3813,18 +3843,19 @@ static void subfacet_make_actions(struct subfacet *subfacet, const struct ofpbuf *packet) { struct facet *facet = subfacet->facet; - const struct rule_dpif *rule = facet->rule; + struct rule_dpif *rule = facet->rule; struct ofproto_dpif *ofproto = ofproto_dpif_cast(rule->up.ofproto); struct ofpbuf *odp_actions; struct action_xlate_ctx ctx; action_xlate_ctx_init(&ctx, ofproto, &facet->flow, subfacet->initial_tci, - rule->up.flow_cookie, packet); + rule, 0, packet); odp_actions = xlate_actions(&ctx, rule->up.actions, rule->up.n_actions); facet->tags = ctx.tags; facet->may_install = ctx.may_set_up_flow; facet->has_learn = ctx.has_learn; facet->has_normal = ctx.has_normal; + facet->has_fin_timeout = ctx.has_fin_timeout; facet->nf_flow.output_iface = ctx.nf_output_iface; facet->mirrors = ctx.mirrors; @@ -3944,6 +3975,7 @@ subfacet_update_stats(struct subfacet *subfacet, subfacet_update_time(subfacet, stats->used); facet->packet_count += stats->n_packets; facet->byte_count += stats->n_bytes; + facet->tcp_flags |= stats->tcp_flags; facet_push_stats(facet); netflow_flow_update_flags(&facet->nf_flow, stats->tcp_flags); } @@ -3962,7 +3994,7 @@ rule_dpif_lookup(struct ofproto_dpif *ofproto, const struct flow *flow, return NULL; } - cls = &ofproto->up.tables[table_id]; + cls = &ofproto->up.tables[table_id].cls; if (flow->nw_frag & FLOW_NW_FRAG_ANY && ofproto->up.frag_handling == OFPC_FRAG_NORMAL) { /* For OFPC_NORMAL frag_handling, we must pretend that transport ports @@ -4021,7 +4053,6 @@ rule_construct(struct rule *rule_) return error; } - rule->used = rule->up.created; rule->packet_count = 0; rule->byte_count = 0; @@ -4100,15 +4131,14 @@ rule_execute(struct rule *rule_, const struct flow *flow, size_t size; action_xlate_ctx_init(&ctx, ofproto, flow, flow->vlan_tci, - rule->up.flow_cookie, packet); + rule, packet_get_tcp_flags(packet, flow), packet); odp_actions = xlate_actions(&ctx, rule->up.actions, rule->up.n_actions); size = packet->size; if (execute_odp_actions(ofproto, flow, odp_actions->data, odp_actions->size, packet)) { - rule->used = time_msec(); rule->packet_count++; rule->byte_count += size; - flow_push_stats(rule, flow, 1, size, rule->used); + flow_push_stats(rule, flow, 1, size, time_msec()); } ofpbuf_delete(odp_actions); @@ -4370,12 +4400,12 @@ xlate_table_action(struct action_xlate_ctx *ctx, } if (rule) { - ovs_be64 old_cookie = ctx->cookie; + struct rule_dpif *old_rule = ctx->rule; ctx->recurse++; - ctx->cookie = rule->up.flow_cookie; + ctx->rule = rule; do_xlate_actions(rule->up.actions, rule->up.n_actions, ctx); - ctx->cookie = old_cookie; + ctx->rule = old_rule; ctx->recurse--; } @@ -4474,7 +4504,7 @@ execute_controller_action(struct action_xlate_ctx *ctx, int len, pin.packet_len = packet->size; pin.reason = reason; pin.table_id = ctx->table_id; - pin.cookie = ctx->cookie; + pin.cookie = ctx->rule ? ctx->rule->up.flow_cookie : 0; pin.buffer_id = 0; pin.send_len = len; @@ -4531,11 +4561,9 @@ xlate_output_action__(struct action_xlate_ctx *ctx, case OFPP_CONTROLLER: execute_controller_action(ctx, max_len, OFPR_ACTION); break; - case OFPP_LOCAL: - compose_output_action(ctx, OFPP_LOCAL); - break; case OFPP_NONE: break; + case OFPP_LOCAL: default: if (port != ctx->flow.in_port) { compose_output_action(ctx, port); @@ -4557,9 +4585,11 @@ static void xlate_output_reg_action(struct action_xlate_ctx *ctx, const struct nx_action_output_reg *naor) { + struct mf_subfield src; uint64_t ofp_port; - ofp_port = nxm_read_field_bits(naor->src, naor->ofs_nbits, &ctx->flow); + nxm_decode(&src, naor->src, naor->ofs_nbits); + ofp_port = mf_get_subfield(&src, &ctx->flow); if (ofp_port <= UINT16_MAX) { xlate_output_action__(ctx, ofp_port, ntohs(naor->max_len)); @@ -4695,6 +4725,28 @@ xlate_learn_action(struct action_xlate_ctx *ctx, free(fm.actions); } +/* Reduces '*timeout' to no more than 'max'. A value of zero in either case + * means "infinite". */ +static void +reduce_timeout(uint16_t max, uint16_t *timeout) +{ + if (max && (!*timeout || *timeout > max)) { + *timeout = max; + } +} + +static void +xlate_fin_timeout(struct action_xlate_ctx *ctx, + const struct nx_action_fin_timeout *naft) +{ + if (ctx->tcp_flags & (TCP_FIN | TCP_RST) && ctx->rule) { + struct rule_dpif *rule = ctx->rule; + + reduce_timeout(ntohs(naft->fin_idle_timeout), &rule->up.idle_timeout); + reduce_timeout(ntohs(naft->fin_hard_timeout), &rule->up.hard_timeout); + } +} + static bool may_receive(const struct ofport_dpif *port, struct action_xlate_ctx *ctx) { @@ -4722,6 +4774,7 @@ do_xlate_actions(const union ofp_action *in, size_t n_in, { const struct ofport_dpif *port; const union ofp_action *ia; + bool was_evictable = true; size_t left; port = get_ofp_port(ctx->ofproto, ctx->flow.in_port); @@ -4730,6 +4783,11 @@ do_xlate_actions(const union ofp_action *in, size_t n_in, return; } + if (ctx->rule) { + /* Don't let the rule we're working on get evicted underneath us. */ + was_evictable = ctx->rule->up.evictable; + ctx->rule->up.evictable = false; + } OFPUTIL_ACTION_FOR_EACH_UNSAFE (ia, left, in, n_in) { const struct ofp_action_dl_addr *oada; const struct nx_action_resubmit *nar; @@ -4894,6 +4952,11 @@ do_xlate_actions(const union ofp_action *in, size_t n_in, case OFPUTIL_NXAST_EXIT: ctx->exit = true; break; + + case OFPUTIL_NXAST_FIN_TIMEOUT: + ctx->has_fin_timeout = true; + xlate_fin_timeout(ctx, (const struct nx_action_fin_timeout *) ia); + break; } } @@ -4904,22 +4967,26 @@ out: ofpbuf_clear(ctx->odp_actions); add_sflow_action(ctx); } + if (ctx->rule) { + ctx->rule->up.evictable = was_evictable; + } } static void action_xlate_ctx_init(struct action_xlate_ctx *ctx, struct ofproto_dpif *ofproto, const struct flow *flow, - ovs_be16 initial_tci, ovs_be64 cookie, - const struct ofpbuf *packet) + ovs_be16 initial_tci, struct rule_dpif *rule, + uint8_t tcp_flags, const struct ofpbuf *packet) { ctx->ofproto = ofproto; ctx->flow = *flow; ctx->base_flow = ctx->flow; ctx->base_flow.tun_id = 0; ctx->base_flow.vlan_tci = initial_tci; - ctx->cookie = cookie; + ctx->rule = rule; ctx->packet = packet; ctx->may_learn = packet != NULL; + ctx->tcp_flags = tcp_flags; ctx->resubmit_hook = NULL; } @@ -4937,6 +5004,7 @@ xlate_actions(struct action_xlate_ctx *ctx, ctx->may_set_up_flow = true; ctx->has_learn = false; ctx->has_normal = false; + ctx->has_fin_timeout = false; ctx->nf_output_iface = NF_OUT_DROP; ctx->mirrors = 0; ctx->recurse = 0; @@ -5604,13 +5672,13 @@ static void table_update_taggable(struct ofproto_dpif *ofproto, uint8_t table_id) { struct table_dpif *table = &ofproto->tables[table_id]; - const struct classifier *cls = &ofproto->up.tables[table_id]; + const struct oftable *oftable = &ofproto->up.tables[table_id]; struct cls_table *catchall, *other; struct cls_table *t; catchall = other = NULL; - switch (hmap_count(&cls->tables)) { + switch (hmap_count(&oftable->cls.tables)) { case 0: /* We could tag this OpenFlow table but it would make the logic a * little harder and it's a corner case that doesn't seem worth it @@ -5619,7 +5687,7 @@ table_update_taggable(struct ofproto_dpif *ofproto, uint8_t table_id) case 1: case 2: - HMAP_FOR_EACH (t, hmap_node, &cls->tables) { + HMAP_FOR_EACH (t, hmap_node, &oftable->cls.tables) { if (cls_table_is_catchall(t)) { catchall = t; } else if (!other) { @@ -5706,8 +5774,8 @@ packet_out(struct ofproto *ofproto_, struct ofpbuf *packet, ofpbuf_use_stack(&key, &keybuf, sizeof keybuf); odp_flow_key_from_flow(&key, flow); - action_xlate_ctx_init(&push.ctx, ofproto, flow, flow->vlan_tci, 0, - packet); + action_xlate_ctx_init(&push.ctx, ofproto, flow, flow->vlan_tci, NULL, + packet_get_tcp_flags(packet, flow), packet); /* Ensure that resubmits in 'ofp_actions' get accounted to their * matching rules. */ @@ -5804,17 +5872,23 @@ ofproto_dpif_lookup(const char *name) } static void -ofproto_unixctl_fdb_flush(struct unixctl_conn *conn, int argc OVS_UNUSED, +ofproto_unixctl_fdb_flush(struct unixctl_conn *conn, int argc, const char *argv[], void *aux OVS_UNUSED) { - const struct ofproto_dpif *ofproto; + struct ofproto_dpif *ofproto; - ofproto = ofproto_dpif_lookup(argv[1]); - if (!ofproto) { - unixctl_command_reply(conn, 501, "no such bridge"); - return; + if (argc > 1) { + ofproto = ofproto_dpif_lookup(argv[1]); + if (!ofproto) { + unixctl_command_reply(conn, 501, "no such bridge"); + return; + } + mac_learning_flush(ofproto->ml, &ofproto->revalidate_set); + } else { + HMAP_FOR_EACH (ofproto, all_ofproto_dpifs_node, &all_ofproto_dpifs) { + mac_learning_flush(ofproto->ml, &ofproto->revalidate_set); + } } - mac_learning_flush(ofproto->ml); unixctl_command_reply(conn, 200, "table successfully flushed"); } @@ -5838,7 +5912,8 @@ ofproto_unixctl_fdb_show(struct unixctl_conn *conn, int argc OVS_UNUSED, struct ofbundle *bundle = e->port.p; ds_put_format(&ds, "%5d %4d "ETH_ADDR_FMT" %3d\n", ofbundle_get_a_port(bundle)->odp_port, - e->vlan, ETH_ADDR_ARGS(e->mac), mac_entry_age(e)); + e->vlan, ETH_ADDR_ARGS(e->mac), + mac_entry_age(ofproto->ml, e)); } unixctl_command_reply(conn, 200, ds_cstr(&ds)); ds_destroy(&ds); @@ -6002,11 +6077,13 @@ ofproto_unixctl_trace(struct unixctl_conn *conn, int argc, const char *argv[], if (rule) { struct ofproto_trace trace; struct ofpbuf *odp_actions; + uint8_t tcp_flags; + tcp_flags = packet ? packet_get_tcp_flags(packet, &flow) : 0; trace.result = &result; trace.flow = flow; action_xlate_ctx_init(&trace.ctx, ofproto, &flow, initial_tci, - rule->up.flow_cookie, packet); + rule, tcp_flags, packet); trace.ctx.resubmit_hook = trace_resubmit; odp_actions = xlate_actions(&trace.ctx, rule->up.actions, rule->up.n_actions); @@ -6115,7 +6192,7 @@ ofproto_dpif_unixctl_init(void) "ofproto/trace", "bridge {tun_id in_port packet | odp_flow [-generate]}", 2, 5, ofproto_unixctl_trace, NULL); - unixctl_command_register("fdb/flush", "bridge", 1, 1, + unixctl_command_register("fdb/flush", "[bridge]", 0, 1, ofproto_unixctl_fdb_flush, NULL); unixctl_command_register("fdb/show", "bridge", 1, 1, ofproto_unixctl_fdb_show, NULL); @@ -6327,5 +6404,6 @@ const struct ofproto_class ofproto_dpif_class = { set_flood_vlans, is_mirror_output_bundle, forward_bpdu_changed, + set_mac_idle_time, set_realdev, };