X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=ofproto%2Fofproto-dpif.c;h=d4c7fd877dc7b016a90e8ce29694ec0309b72c81;hb=d8653c386aa8bfaed60863710da6d785797d530f;hp=baa191e7dd5066fe21e2774b23bbcd326ae3f8e8;hpb=33158a18daadcb4c7eaddb226fcfbdcca54539b7;p=sliver-openvswitch.git diff --git a/ofproto/ofproto-dpif.c b/ofproto/ofproto-dpif.c index baa191e7d..d4c7fd877 100644 --- a/ofproto/ofproto-dpif.c +++ b/ofproto/ofproto-dpif.c @@ -34,6 +34,7 @@ #include "lacp.h" #include "learn.h" #include "mac-learning.h" +#include "meta-flow.h" #include "multipath.h" #include "netdev.h" #include "netlink.h" @@ -75,8 +76,6 @@ struct ofproto_dpif; struct rule_dpif { struct rule up; - long long int used; /* Time last used; time created if not used. */ - /* These statistics: * * - Do include packets and bytes from facets that have been deleted or @@ -106,7 +105,7 @@ static struct rule_dpif *rule_dpif_cast(const struct rule *rule) static struct rule_dpif *rule_dpif_lookup(struct ofproto_dpif *, const struct flow *, uint8_t table); -static void flow_push_stats(const struct rule_dpif *, const struct flow *, +static void flow_push_stats(struct rule_dpif *, const struct flow *, uint64_t packets, uint64_t bytes, long long int used); @@ -162,7 +161,7 @@ struct ofbundle { bool use_priority_tags; /* Use 802.1p tag for frames in VLAN 0? */ /* Status. */ - bool floodable; /* True if no port has OFPPC_NO_FLOOD set. */ + bool floodable; /* True if no port has OFPUTIL_PC_NO_FLOOD set. */ /* Port mirroring info. */ mirror_mask_t src_mirrors; /* Mirrors triggered when packet received. */ @@ -191,6 +190,8 @@ static struct ofbundle ofpp_none_bundle = { static void stp_run(struct ofproto_dpif *ofproto); static void stp_wait(struct ofproto_dpif *ofproto); +static int set_stp_port(struct ofport *, + const struct ofproto_port_stp_settings *); static bool ofbundle_includes_vlan(const struct ofbundle *, uint16_t vlan); @@ -214,7 +215,17 @@ struct action_xlate_ctx { * we are just revalidating. */ bool may_learn; - /* If nonnull, called just before executing a resubmit action. + /* The rule that we are currently translating, or NULL. */ + struct rule_dpif *rule; + + /* Union of the set of TCP flags seen so far in this flow. (Used only by + * NXAST_FIN_TIMEOUT. Set to zero to avoid updating updating rules' + * timeouts.) */ + uint8_t tcp_flags; + + /* If nonnull, called just before executing a resubmit action. In + * addition, disables logging of traces when the recursion depth is + * exceeded. * * This is normally null so the client has to set it manually after * calling action_xlate_ctx_init(). */ @@ -229,6 +240,7 @@ struct action_xlate_ctx { * be reassessed for every packet. */ bool has_learn; /* Actions include NXAST_LEARN? */ bool has_normal; /* Actions output to OFPP_NORMAL? */ + bool has_fin_timeout; /* Actions include NXAST_FIN_TIMEOUT? */ uint16_t nf_output_iface; /* Output interface index for NetFlow. */ mirror_mask_t mirrors; /* Bitmap of associated mirrors. */ @@ -236,6 +248,7 @@ struct action_xlate_ctx { * reason to look at them. */ int recurse; /* Recursion level, via xlate_table_action. */ + bool max_resubmit_trigger; /* Recursed too deeply during translation. */ struct flow base_flow; /* Flow at the last commit. */ uint32_t orig_skb_priority; /* Priority when packet arrived. */ uint8_t table_id; /* OpenFlow table ID where flow was found. */ @@ -247,7 +260,8 @@ struct action_xlate_ctx { static void action_xlate_ctx_init(struct action_xlate_ctx *, struct ofproto_dpif *, const struct flow *, - ovs_be16 initial_tci, const struct ofpbuf *); + ovs_be16 initial_tci, struct rule_dpif *, + uint8_t tcp_flags, const struct ofpbuf *); static struct ofpbuf *xlate_actions(struct action_xlate_ctx *, const union ofp_action *in, size_t n_in); @@ -301,6 +315,7 @@ struct facet { /* Accounting. */ uint64_t accounted_bytes; /* Bytes processed by facet_account(). */ struct netflow_flow nf_flow; /* Per-flow NetFlow tracking data. */ + uint8_t tcp_flags; /* TCP flags seen for this 'rule'. */ /* Properties of datapath actions. * @@ -311,32 +326,27 @@ struct facet { bool may_install; /* Reassess actions for every packet? */ bool has_learn; /* Actions include NXAST_LEARN? */ bool has_normal; /* Actions output to OFPP_NORMAL? */ + bool has_fin_timeout; /* Actions include NXAST_FIN_TIMEOUT? */ tag_type tags; /* Tags that would require revalidation. */ mirror_mask_t mirrors; /* Bitmap of dependent mirrors. */ }; static struct facet *facet_create(struct rule_dpif *, const struct flow *); -static void facet_remove(struct ofproto_dpif *, struct facet *); +static void facet_remove(struct facet *); static void facet_free(struct facet *); static struct facet *facet_find(struct ofproto_dpif *, const struct flow *); static struct facet *facet_lookup_valid(struct ofproto_dpif *, const struct flow *); -static bool facet_revalidate(struct ofproto_dpif *, struct facet *); +static bool facet_revalidate(struct facet *); +static bool facet_check_consistency(struct facet *); -static bool execute_controller_action(struct ofproto_dpif *, - const struct flow *, - const struct nlattr *odp_actions, - size_t actions_len, - struct ofpbuf *packet, bool clone); +static void facet_flush_stats(struct facet *); -static void facet_flush_stats(struct ofproto_dpif *, struct facet *); - -static void facet_update_time(struct ofproto_dpif *, struct facet *, - long long int used); +static void facet_update_time(struct facet *, long long int used); static void facet_reset_counters(struct facet *); static void facet_push_stats(struct facet *); -static void facet_account(struct ofproto_dpif *, struct facet *); +static void facet_account(struct facet *); static bool facet_is_controller_flow(struct facet *); @@ -378,26 +388,26 @@ struct subfacet { ovs_be16 initial_tci; /* Initial VLAN TCI value. */ }; -static struct subfacet *subfacet_create(struct ofproto_dpif *, struct facet *, - enum odp_key_fitness, +static struct subfacet *subfacet_create(struct facet *, enum odp_key_fitness, const struct nlattr *key, size_t key_len, ovs_be16 initial_tci); static struct subfacet *subfacet_find(struct ofproto_dpif *, const struct nlattr *key, size_t key_len); -static void subfacet_destroy(struct ofproto_dpif *, struct subfacet *); -static void subfacet_destroy__(struct ofproto_dpif *, struct subfacet *); +static void subfacet_destroy(struct subfacet *); +static void subfacet_destroy__(struct subfacet *); +static void subfacet_get_key(struct subfacet *, struct odputil_keybuf *, + struct ofpbuf *key); static void subfacet_reset_dp_stats(struct subfacet *, struct dpif_flow_stats *); -static void subfacet_update_time(struct ofproto_dpif *, struct subfacet *, - long long int used); -static void subfacet_update_stats(struct ofproto_dpif *, struct subfacet *, +static void subfacet_update_time(struct subfacet *, long long int used); +static void subfacet_update_stats(struct subfacet *, const struct dpif_flow_stats *); -static void subfacet_make_actions(struct ofproto_dpif *, struct subfacet *, +static void subfacet_make_actions(struct subfacet *, const struct ofpbuf *packet); -static int subfacet_install(struct ofproto_dpif *, struct subfacet *, +static int subfacet_install(struct subfacet *, const struct nlattr *actions, size_t actions_len, struct dpif_flow_stats *); -static void subfacet_uninstall(struct ofproto_dpif *, struct subfacet *); +static void subfacet_uninstall(struct subfacet *); struct ofport_dpif { struct ofport up; @@ -409,6 +419,7 @@ struct ofport_dpif { tag_type tag; /* Tag associated with this port. */ uint32_t bond_stable_id; /* stable_id to use as bond slave, or 0. */ bool may_enable; /* May be enabled in bonds. */ + long long int carrier_seq; /* Carrier status changes. */ /* Spanning tree. */ struct stp_port *stp_port; /* Spanning Tree Protocol, if any. */ @@ -551,6 +562,9 @@ static struct ofport_dpif *get_ofp_port(struct ofproto_dpif *, uint16_t ofp_port); static struct ofport_dpif *get_odp_port(struct ofproto_dpif *, uint32_t odp_port); +static void ofproto_trace(struct ofproto_dpif *, const struct flow *, + const struct ofpbuf *, ovs_be16 initial_tci, + struct ds *); /* Packet processing. */ static void update_learning_table(struct ofproto_dpif *, @@ -621,7 +635,7 @@ dealloc(struct ofproto *ofproto_) } static int -construct(struct ofproto *ofproto_, int *n_tablesp) +construct(struct ofproto *ofproto_) { struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_); const char *name = ofproto->up.name; @@ -640,9 +654,7 @@ construct(struct ofproto *ofproto_, int *n_tablesp) dpif_flow_flush(ofproto->dpif); dpif_recv_purge(ofproto->dpif); - error = dpif_recv_set_mask(ofproto->dpif, - ((1u << DPIF_UC_MISS) | - (1u << DPIF_UC_ACTION))); + error = dpif_recv_set(ofproto->dpif, true); if (error) { VLOG_ERR("failed to listen on datapath %s: %s", name, strerror(error)); dpif_close(ofproto->dpif); @@ -653,7 +665,7 @@ construct(struct ofproto *ofproto_, int *n_tablesp) ofproto->sflow = NULL; ofproto->stp = NULL; hmap_init(&ofproto->bundles); - ofproto->ml = mac_learning_create(); + ofproto->ml = mac_learning_create(MAC_ENTRY_DEFAULT_IDLE_TIME); for (i = 0; i < MAX_MIRRORS; i++) { ofproto->mirrors[i] = NULL; } @@ -685,9 +697,10 @@ construct(struct ofproto *ofproto_, int *n_tablesp) hmap_insert(&all_ofproto_dpifs, &ofproto->all_ofproto_dpifs_node, hash_string(ofproto->up.name, 0)); - - *n_tablesp = N_TABLES; memset(&ofproto->stats, 0, sizeof ofproto->stats); + + ofproto_init_tables(ofproto_, N_TABLES); + return 0; } @@ -708,7 +721,7 @@ destruct(struct ofproto *ofproto_) { struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_); struct rule_dpif *rule, *next_rule; - struct classifier *table; + struct oftable *table; int i; hmap_remove(&all_ofproto_dpifs, &ofproto->all_ofproto_dpifs_node); @@ -717,7 +730,7 @@ destruct(struct ofproto *ofproto_) OFPROTO_FOR_EACH_TABLE (table, &ofproto->up) { struct cls_cursor cursor; - cls_cursor_init(&cursor, table, NULL); + cls_cursor_init(&cursor, &table->cls, NULL); CLS_CURSOR_FOR_EACH_SAFE (rule, next_rule, up.cr, &cursor) { ofproto_rule_destroy(&rule->up); } @@ -823,7 +836,20 @@ run(struct ofproto *ofproto_) HMAP_FOR_EACH_SAFE (facet, next, hmap_node, &ofproto->facets) { if (revalidate_all || tag_set_intersects(&revalidate_set, facet->tags)) { - facet_revalidate(ofproto, facet); + facet_revalidate(facet); + } + } + } + + /* Check the consistency of a random facet, to aid debugging. */ + if (!hmap_is_empty(&ofproto->facets) && !ofproto->need_revalidate) { + struct facet *facet; + + facet = CONTAINER_OF(hmap_random_node(&ofproto->facets), + struct facet, hmap_node); + if (!tag_set_intersects(&ofproto->revalidate_set, facet->tags)) { + if (!facet_check_consistency(facet)) { + ofproto->need_revalidate = true; } } } @@ -888,28 +914,28 @@ flush(struct ofproto *ofproto_) subfacet->dp_packet_count = 0; subfacet->dp_byte_count = 0; } - facet_remove(ofproto, facet); + facet_remove(facet); } dpif_flow_flush(ofproto->dpif); } static void get_features(struct ofproto *ofproto_ OVS_UNUSED, - bool *arp_match_ip, uint32_t *actions) + bool *arp_match_ip, enum ofputil_action_bitmap *actions) { *arp_match_ip = true; - *actions = ((1u << OFPAT_OUTPUT) | - (1u << OFPAT_SET_VLAN_VID) | - (1u << OFPAT_SET_VLAN_PCP) | - (1u << OFPAT_STRIP_VLAN) | - (1u << OFPAT_SET_DL_SRC) | - (1u << OFPAT_SET_DL_DST) | - (1u << OFPAT_SET_NW_SRC) | - (1u << OFPAT_SET_NW_DST) | - (1u << OFPAT_SET_NW_TOS) | - (1u << OFPAT_SET_TP_SRC) | - (1u << OFPAT_SET_TP_DST) | - (1u << OFPAT_ENQUEUE)); + *actions = (OFPUTIL_A_OUTPUT | + OFPUTIL_A_SET_VLAN_VID | + OFPUTIL_A_SET_VLAN_PCP | + OFPUTIL_A_STRIP_VLAN | + OFPUTIL_A_SET_DL_SRC | + OFPUTIL_A_SET_DL_DST | + OFPUTIL_A_SET_NW_SRC | + OFPUTIL_A_SET_NW_DST | + OFPUTIL_A_SET_NW_TOS | + OFPUTIL_A_SET_TP_SRC | + OFPUTIL_A_SET_TP_DST | + OFPUTIL_A_ENQUEUE); } static void @@ -957,6 +983,7 @@ port_construct(struct ofport *port_) hmap_init(&port->priorities); port->realdev_ofp_port = 0; port->vlandev_vid = 0; + port->carrier_seq = netdev_get_carrier_resets(port->up.netdev); if (ofproto->sflow) { dpif_sflow_add_port(ofproto->sflow, port_); @@ -993,17 +1020,17 @@ port_modified(struct ofport *port_) } static void -port_reconfigured(struct ofport *port_, ovs_be32 old_config) +port_reconfigured(struct ofport *port_, enum ofputil_port_config old_config) { struct ofport_dpif *port = ofport_dpif_cast(port_); struct ofproto_dpif *ofproto = ofproto_dpif_cast(port->up.ofproto); - ovs_be32 changed = old_config ^ port->up.opp.config; + enum ofputil_port_config changed = old_config ^ port->up.pp.config; - if (changed & htonl(OFPPC_NO_RECV | OFPPC_NO_RECV_STP | - OFPPC_NO_FWD | OFPPC_NO_FLOOD)) { + if (changed & (OFPUTIL_PC_NO_RECV | OFPUTIL_PC_NO_RECV_STP | + OFPUTIL_PC_NO_FWD | OFPUTIL_PC_NO_FLOOD)) { ofproto->need_revalidate = true; - if (changed & htonl(OFPPC_NO_FLOOD) && port->bundle) { + if (changed & OFPUTIL_PC_NO_FLOOD && port->bundle) { bundle_update(port->bundle); } } @@ -1138,6 +1165,12 @@ set_stp(struct ofproto *ofproto_, const struct ofproto_stp_settings *s) stp_set_max_age(ofproto->stp, s->max_age); stp_set_forward_delay(ofproto->stp, s->fwd_delay); } else { + struct ofport *ofport; + + HMAP_FOR_EACH (ofport, hmap_node, &ofproto->up.ports) { + set_stp_port(ofport, NULL); + } + stp_destroy(ofproto->stp); ofproto->stp = NULL; } @@ -1174,7 +1207,7 @@ update_stp_port_state(struct ofport_dpif *ofport) /* Update state. */ if (ofport->stp_state != state) { - ovs_be32 of_state; + enum ofputil_port_state of_state; bool fwd_change; VLOG_DBG_RL(&rl, "port %s: STP state changed from %s to %s", @@ -1184,7 +1217,7 @@ update_stp_port_state(struct ofport_dpif *ofport) if (stp_learn_in_state(ofport->stp_state) != stp_learn_in_state(state)) { /* xxx Learning action flows should also be flushed. */ - mac_learning_flush(ofproto->ml); + mac_learning_flush(ofproto->ml, &ofproto->revalidate_set); } fwd_change = stp_forward_in_state(ofport->stp_state) != stp_forward_in_state(state); @@ -1198,12 +1231,12 @@ update_stp_port_state(struct ofport_dpif *ofport) } /* Update the STP state bits in the OpenFlow port description. */ - of_state = (ofport->up.opp.state & htonl(~OFPPS_STP_MASK)) - | htonl(state == STP_LISTENING ? OFPPS_STP_LISTEN - : state == STP_LEARNING ? OFPPS_STP_LEARN - : state == STP_FORWARDING ? OFPPS_STP_FORWARD - : state == STP_BLOCKING ? OFPPS_STP_BLOCK - : 0); + of_state = ofport->up.pp.state & ~OFPUTIL_PS_STP_MASK; + of_state |= (state == STP_LISTENING ? OFPUTIL_PS_STP_LISTEN + : state == STP_LEARNING ? OFPUTIL_PS_STP_LEARN + : state == STP_FORWARDING ? OFPUTIL_PS_STP_FORWARD + : state == STP_BLOCKING ? OFPUTIL_PS_STP_BLOCK + : 0); ofproto_port_set_state(&ofport->up, of_state); } } @@ -1287,6 +1320,10 @@ stp_run(struct ofproto_dpif *ofproto) update_stp_port_state(ofport); } } + + if (stp_check_and_reset_fdb_flush(ofproto->stp)) { + mac_learning_flush(ofproto->ml, &ofproto->revalidate_set); + } } } @@ -1487,7 +1524,8 @@ bundle_update(struct ofbundle *bundle) bundle->floodable = true; LIST_FOR_EACH (port, bundle_node, &bundle->ports) { - if (port->up.opp.config & htonl(OFPPC_NO_FLOOD)) { + if (port->up.pp.config & OFPUTIL_PC_NO_FLOOD + || !stp_forward_in_state(port->stp_state)) { bundle->floodable = false; break; } @@ -1534,7 +1572,8 @@ bundle_add_port(struct ofbundle *bundle, uint32_t ofp_port, port->bundle = bundle; list_push_back(&bundle->ports, &port->bundle_node); - if (port->up.opp.config & htonl(OFPPC_NO_FLOOD)) { + if (port->up.pp.config & OFPUTIL_PC_NO_FLOOD + || !stp_forward_in_state(port->stp_state)) { bundle->floodable = false; } } @@ -1870,7 +1909,7 @@ bundle_run(struct ofbundle *bundle) } bond_run(bundle->bond, &bundle->ofproto->revalidate_set, - lacp_negotiated(bundle->lacp)); + lacp_status(bundle->lacp)); if (bond_should_send_learning_packets(bundle->bond)) { bundle_send_learning_packets(bundle); } @@ -2055,7 +2094,7 @@ mirror_set(struct ofproto *ofproto_, void *aux, } ofproto->need_revalidate = true; - mac_learning_flush(ofproto->ml); + mac_learning_flush(ofproto->ml, &ofproto->revalidate_set); mirror_update_dups(ofproto); return 0; @@ -2074,7 +2113,7 @@ mirror_destroy(struct ofmirror *mirror) ofproto = mirror->ofproto; ofproto->need_revalidate = true; - mac_learning_flush(ofproto->ml); + mac_learning_flush(ofproto->ml, &ofproto->revalidate_set); mirror_bit = MIRROR_MASK_C(1) << mirror->idx; HMAP_FOR_EACH (bundle, hmap_node, &ofproto->bundles) { @@ -2117,8 +2156,7 @@ set_flood_vlans(struct ofproto *ofproto_, unsigned long *flood_vlans) { struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_); if (mac_learning_set_flood_vlans(ofproto->ml, flood_vlans)) { - ofproto->need_revalidate = true; - mac_learning_flush(ofproto->ml); + mac_learning_flush(ofproto->ml, &ofproto->revalidate_set); } return 0; } @@ -2138,6 +2176,13 @@ forward_bpdu_changed(struct ofproto *ofproto_) /* Revalidate cached flows whenever forward_bpdu option changes. */ ofproto->need_revalidate = true; } + +static void +set_mac_idle_time(struct ofproto *ofproto_, unsigned int idle_time) +{ + struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_); + mac_learning_set_idle_time(ofproto->ml, idle_time); +} /* Ports. */ @@ -2166,8 +2211,12 @@ ofproto_port_from_dpif_port(struct ofproto_port *ofproto_port, static void port_run(struct ofport_dpif *ofport) { + long long int carrier_seq = netdev_get_carrier_resets(ofport->up.netdev); + bool carrier_changed = carrier_seq != ofport->carrier_seq; bool enable = netdev_get_carrier(ofport->up.netdev); + ofport->carrier_seq = carrier_seq; + if (ofport->cfm) { cfm_run(ofport->cfm); @@ -2175,7 +2224,7 @@ port_run(struct ofport_dpif *ofport) struct ofpbuf packet; ofpbuf_init(&packet, 0); - cfm_compose_ccm(ofport->cfm, &packet, ofport->up.opp.hw_addr); + cfm_compose_ccm(ofport->cfm, &packet, ofport->up.pp.hw_addr); send_packet(ofport, &packet); ofpbuf_uninit(&packet); } @@ -2186,6 +2235,9 @@ port_run(struct ofport_dpif *ofport) if (ofport->bundle) { enable = enable && lacp_slave_may_enable(ofport->bundle->lacp, ofport); + if (carrier_changed) { + lacp_slave_carrier_changed(ofport->bundle->lacp, ofport); + } } if (ofport->may_enable != enable) { @@ -2404,56 +2456,37 @@ struct flow_miss { }; struct flow_miss_op { - union dpif_op dpif_op; + struct dpif_op dpif_op; struct subfacet *subfacet; }; /* Sends an OFPT_PACKET_IN message for 'packet' of type OFPR_NO_MATCH to each * OpenFlow controller as necessary according to their individual - * configurations. - * - * If 'clone' is true, the caller retains ownership of 'packet'. Otherwise, - * ownership is transferred to this function. */ + * configurations. */ static void -send_packet_in_miss(struct ofproto_dpif *ofproto, struct ofpbuf *packet, - const struct flow *flow, bool clone) +send_packet_in_miss(struct ofproto_dpif *ofproto, const struct ofpbuf *packet, + const struct flow *flow) { struct ofputil_packet_in pin; - pin.packet = packet; - pin.in_port = flow->in_port; + pin.packet = packet->data; + pin.packet_len = packet->size; + pin.total_len = packet->size; pin.reason = OFPR_NO_MATCH; + pin.controller_id = 0; + + pin.table_id = 0; + pin.cookie = 0; + pin.buffer_id = 0; /* not yet known */ pin.send_len = 0; /* not used for flow table misses */ - connmgr_send_packet_in(ofproto->up.connmgr, &pin, flow, - clone ? NULL : packet); -} -/* Sends an OFPT_PACKET_IN message for 'packet' of type OFPR_ACTION to each - * OpenFlow controller as necessary according to their individual - * configurations. - * - * 'send_len' should be the number of bytes of 'packet' to send to the - * controller, as specified in the action that caused the packet to be sent. - * - * If 'clone' is true, the caller retains ownership of 'upcall->packet'. - * Otherwise, ownership is transferred to this function. */ -static void -send_packet_in_action(struct ofproto_dpif *ofproto, struct ofpbuf *packet, - uint64_t userdata, const struct flow *flow, bool clone) -{ - struct ofputil_packet_in pin; - struct user_action_cookie cookie; + flow_get_metadata(flow, &pin.fmd); - memcpy(&cookie, &userdata, sizeof(cookie)); + /* Registers aren't meaningful on a miss. */ + memset(pin.fmd.reg_masks, 0, sizeof pin.fmd.reg_masks); - pin.packet = packet; - pin.in_port = flow->in_port; - pin.reason = OFPR_ACTION; - pin.buffer_id = 0; /* not yet known */ - pin.send_len = cookie.data; - connmgr_send_packet_in(ofproto->up.connmgr, &pin, flow, - clone ? NULL : packet); + connmgr_send_packet_in(ofproto->up.connmgr, &pin); } static bool @@ -2527,10 +2560,10 @@ handle_flow_miss(struct ofproto_dpif *ofproto, struct flow_miss *miss, rule = rule_dpif_lookup(ofproto, flow, 0); if (!rule) { - /* Don't send a packet-in if OFPPC_NO_PACKET_IN asserted. */ + /* Don't send a packet-in if OFPUTIL_PC_NO_PACKET_IN asserted. */ struct ofport_dpif *port = get_ofp_port(ofproto, flow->in_port); if (port) { - if (port->up.opp.config & htonl(OFPPC_NO_PACKET_IN)) { + if (port->up.pp.config & OFPUTIL_PC_NO_PACKET_IN) { COVERAGE_INC(ofproto_dpif_no_packet_in); /* XXX install 'drop' flow entry */ return; @@ -2540,10 +2573,8 @@ handle_flow_miss(struct ofproto_dpif *ofproto, struct flow_miss *miss, flow->in_port); } - LIST_FOR_EACH_SAFE (packet, next_packet, list_node, - &miss->packets) { - list_remove(&packet->list_node); - send_packet_in_miss(ofproto, packet, flow, false); + LIST_FOR_EACH (packet, list_node, &miss->packets) { + send_packet_in_miss(ofproto, packet, flow); } return; @@ -2552,14 +2583,15 @@ handle_flow_miss(struct ofproto_dpif *ofproto, struct flow_miss *miss, facet = facet_create(rule, flow); } - subfacet = subfacet_create(ofproto, facet, + subfacet = subfacet_create(facet, miss->key_fitness, miss->key, miss->key_len, miss->initial_tci); LIST_FOR_EACH_SAFE (packet, next_packet, list_node, &miss->packets) { struct dpif_flow_stats stats; + struct flow_miss_op *op; + struct dpif_execute *execute; - list_remove(&packet->list_node); ofproto->n_matches++; if (facet->rule->up.cr.priority == FAIL_OPEN_PRIORITY) { @@ -2573,53 +2605,50 @@ handle_flow_miss(struct ofproto_dpif *ofproto, struct flow_miss *miss, * * See the top-level comment in fail-open.c for more information. */ - send_packet_in_miss(ofproto, packet, flow, true); + send_packet_in_miss(ofproto, packet, flow); } if (!facet->may_install || !subfacet->actions) { - subfacet_make_actions(ofproto, subfacet, packet); + subfacet_make_actions(subfacet, packet); } - /* Credit statistics to subfacet for this packet. We must do this now - * because execute_controller_action() below may destroy 'packet'. */ dpif_flow_stats_extract(&facet->flow, packet, &stats); - subfacet_update_stats(ofproto, subfacet, &stats); - - if (!execute_controller_action(ofproto, &facet->flow, - subfacet->actions, - subfacet->actions_len, packet, true) - && subfacet->actions_len > 0) { - struct flow_miss_op *op = &ops[(*n_ops)++]; - struct dpif_execute *execute = &op->dpif_op.execute; - - if (flow->vlan_tci != subfacet->initial_tci) { - /* This packet was received on a VLAN splinter port. We added - * a VLAN to the packet to make the packet resemble the flow, - * but the actions were composed assuming that the packet - * contained no VLAN. So, we must remove the VLAN header from - * the packet before trying to execute the actions. */ - eth_pop_vlan(packet); - } + subfacet_update_stats(subfacet, &stats); - op->subfacet = subfacet; - execute->type = DPIF_OP_EXECUTE; - execute->key = miss->key; - execute->key_len = miss->key_len; - execute->actions - = (facet->may_install - ? subfacet->actions - : xmemdup(subfacet->actions, subfacet->actions_len)); - execute->actions_len = subfacet->actions_len; - execute->packet = packet; + if (!subfacet->actions_len) { + /* No actions to execute, so skip talking to the dpif. */ + continue; } + + if (flow->vlan_tci != subfacet->initial_tci) { + /* This packet was received on a VLAN splinter port. We added + * a VLAN to the packet to make the packet resemble the flow, + * but the actions were composed assuming that the packet + * contained no VLAN. So, we must remove the VLAN header from + * the packet before trying to execute the actions. */ + eth_pop_vlan(packet); + } + + op = &ops[(*n_ops)++]; + execute = &op->dpif_op.u.execute; + op->subfacet = subfacet; + op->dpif_op.type = DPIF_OP_EXECUTE; + execute->key = miss->key; + execute->key_len = miss->key_len; + execute->actions = (facet->may_install + ? subfacet->actions + : xmemdup(subfacet->actions, + subfacet->actions_len)); + execute->actions_len = subfacet->actions_len; + execute->packet = packet; } if (facet->may_install && subfacet->key_fitness != ODP_FIT_TOO_LITTLE) { struct flow_miss_op *op = &ops[(*n_ops)++]; - struct dpif_flow_put *put = &op->dpif_op.flow_put; + struct dpif_flow_put *put = &op->dpif_op.u.flow_put; op->subfacet = subfacet; - put->type = DPIF_OP_FLOW_PUT; + op->dpif_op.type = DPIF_OP_FLOW_PUT; put->flags = DPIF_FP_CREATE | DPIF_FP_MODIFY; put->key = miss->key; put->key_len = miss->key_len; @@ -2701,7 +2730,7 @@ handle_miss_upcalls(struct ofproto_dpif *ofproto, struct dpif_upcall *upcalls, struct dpif_upcall *upcall; struct flow_miss *miss, *next_miss; struct flow_miss_op flow_miss_ops[FLOW_MISS_MAX_BATCH * 2]; - union dpif_op *dpif_ops[FLOW_MISS_MAX_BATCH * 2]; + struct dpif_op *dpif_ops[FLOW_MISS_MAX_BATCH * 2]; struct hmap todo; size_t n_ops; size_t i; @@ -2753,14 +2782,10 @@ handle_miss_upcalls(struct ofproto_dpif *ofproto, struct dpif_upcall *upcalls, /* Process each element in the to-do list, constructing the set of * operations to batch. */ n_ops = 0; - HMAP_FOR_EACH_SAFE (miss, next_miss, hmap_node, &todo) { + HMAP_FOR_EACH (miss, hmap_node, &todo) { handle_flow_miss(ofproto, miss, flow_miss_ops, &n_ops); - ofpbuf_list_delete(&miss->packets); - hmap_remove(&todo, &miss->hmap_node); - free(miss); } assert(n_ops <= ARRAY_SIZE(flow_miss_ops)); - hmap_destroy(&todo); /* Execute batch. */ for (i = 0; i < n_ops; i++) { @@ -2772,25 +2797,28 @@ handle_miss_upcalls(struct ofproto_dpif *ofproto, struct dpif_upcall *upcalls, for (i = 0; i < n_ops; i++) { struct flow_miss_op *op = &flow_miss_ops[i]; struct dpif_execute *execute; - struct dpif_flow_put *put; switch (op->dpif_op.type) { case DPIF_OP_EXECUTE: - execute = &op->dpif_op.execute; + execute = &op->dpif_op.u.execute; if (op->subfacet->actions != execute->actions) { free((struct nlattr *) execute->actions); } - ofpbuf_delete((struct ofpbuf *) execute->packet); break; case DPIF_OP_FLOW_PUT: - put = &op->dpif_op.flow_put; - if (!put->error) { + if (!op->dpif_op.error) { op->subfacet->installed = true; } break; } } + HMAP_FOR_EACH_SAFE (miss, next_miss, hmap_node, &todo) { + ofpbuf_list_delete(&miss->packets); + hmap_remove(&todo, &miss->hmap_node); + free(miss); + } + hmap_destroy(&todo); } static void @@ -2817,15 +2845,10 @@ handle_userspace_upcall(struct ofproto_dpif *ofproto, dpif_sflow_received(ofproto->sflow, upcall->packet, &flow, &cookie); } - ofpbuf_delete(upcall->packet); - } else if (cookie.type == USER_ACTION_COOKIE_CONTROLLER) { - COVERAGE_INC(ofproto_dpif_ctlr_action); - send_packet_in_action(ofproto, upcall->packet, upcall->userdata, - &flow, false); } else { VLOG_WARN_RL(&rl, "invalid user cookie : 0x%"PRIx64, upcall->userdata); - ofpbuf_delete(upcall->packet); } + ofpbuf_delete(upcall->packet); } static int @@ -2887,7 +2910,7 @@ static int expire(struct ofproto_dpif *ofproto) { struct rule_dpif *rule, *next_rule; - struct classifier *table; + struct oftable *table; int dp_max_idle; /* Update stats for each flow in the datapath. */ @@ -2901,7 +2924,7 @@ expire(struct ofproto_dpif *ofproto) OFPROTO_FOR_EACH_TABLE (table, &ofproto->up) { struct cls_cursor cursor; - cls_cursor_init(&cursor, table, NULL); + cls_cursor_init(&cursor, &table->cls, NULL); CLS_CURSOR_FOR_EACH_SAFE (rule, next_rule, up.cr, &cursor) { rule_expire(rule); } @@ -2965,8 +2988,10 @@ update_stats(struct ofproto_dpif *p) subfacet->dp_packet_count = stats->n_packets; subfacet->dp_byte_count = stats->n_bytes; - subfacet_update_time(p, subfacet, stats->used); - facet_account(p, facet); + facet->tcp_flags |= stats->tcp_flags; + + subfacet_update_time(subfacet, stats->used); + facet_account(facet); facet_push_stats(facet); } else { if (!VLOG_DROP_WARN(&rl)) { @@ -3084,7 +3109,7 @@ expire_subfacets(struct ofproto_dpif *ofproto, int dp_max_idle) HMAP_FOR_EACH_SAFE (subfacet, next_subfacet, hmap_node, &ofproto->subfacets) { if (subfacet->used < cutoff) { - subfacet_destroy(ofproto, subfacet); + subfacet_destroy(subfacet); } } } @@ -3094,7 +3119,6 @@ expire_subfacets(struct ofproto_dpif *ofproto, int dp_max_idle) static void rule_expire(struct rule_dpif *rule) { - struct ofproto_dpif *ofproto = ofproto_dpif_cast(rule->up.ofproto); struct facet *facet, *next_facet; long long int now; uint8_t reason; @@ -3104,8 +3128,8 @@ rule_expire(struct rule_dpif *rule) if (rule->up.hard_timeout && now > rule->up.modified + rule->up.hard_timeout * 1000) { reason = OFPRR_HARD_TIMEOUT; - } else if (rule->up.idle_timeout && list_is_empty(&rule->facets) - && now > rule->used + rule->up.idle_timeout * 1000) { + } else if (rule->up.idle_timeout + && now > rule->up.used + rule->up.idle_timeout * 1000) { reason = OFPRR_IDLE_TIMEOUT; } else { return; @@ -3116,7 +3140,7 @@ rule_expire(struct rule_dpif *rule) /* Update stats. (This is a no-op if the rule expired due to an idle * timeout, because that only happens when the rule has no facets left.) */ LIST_FOR_EACH_SAFE (facet, next_facet, list_node, &rule->facets) { - facet_remove(ofproto, facet); + facet_remove(facet); } /* Get rid of the rule. */ @@ -3158,39 +3182,6 @@ facet_free(struct facet *facet) free(facet); } -/* If the 'actions_len' bytes of actions in 'odp_actions' are just a single - * OVS_ACTION_ATTR_USERSPACE action, executes it internally and returns true. - * Otherwise, returns false without doing anything. - * - * If 'clone' is true, the caller always retains ownership of 'packet'. - * Otherwise, ownership is transferred to this function if it returns true. */ -static bool -execute_controller_action(struct ofproto_dpif *ofproto, - const struct flow *flow, - const struct nlattr *odp_actions, size_t actions_len, - struct ofpbuf *packet, bool clone) -{ - if (actions_len - && odp_actions->nla_type == OVS_ACTION_ATTR_USERSPACE - && NLA_ALIGN(odp_actions->nla_len) == actions_len) { - /* As an optimization, avoid a round-trip from userspace to kernel to - * userspace. This also avoids possibly filling up kernel packet - * buffers along the way. - * - * This optimization will not accidentally catch sFlow - * OVS_ACTION_ATTR_USERSPACE actions, since those are encapsulated - * inside OVS_ACTION_ATTR_SAMPLE. */ - const struct nlattr *nla; - - nla = nl_attr_find_nested(odp_actions, OVS_USERSPACE_ATTR_USERDATA); - send_packet_in_action(ofproto, packet, nl_attr_get_u64(nla), flow, - clone); - return true; - } else { - return false; - } -} - /* Executes, within 'ofproto', the 'n_actions' actions in 'actions' on * 'packet', which arrived on 'in_port'. * @@ -3204,11 +3195,6 @@ execute_odp_actions(struct ofproto_dpif *ofproto, const struct flow *flow, struct ofpbuf key; int error; - if (execute_controller_action(ofproto, flow, odp_actions, actions_len, - packet, false)) { - return true; - } - ofpbuf_use_stack(&key, &keybuf, sizeof keybuf); odp_flow_key_from_flow(&key, flow); @@ -3227,24 +3213,39 @@ execute_odp_actions(struct ofproto_dpif *ofproto, const struct flow *flow, * - Removes 'facet' from its rule and from ofproto->facets. */ static void -facet_remove(struct ofproto_dpif *ofproto, struct facet *facet) +facet_remove(struct facet *facet) { + struct ofproto_dpif *ofproto = ofproto_dpif_cast(facet->rule->up.ofproto); struct subfacet *subfacet, *next_subfacet; + assert(!list_is_empty(&facet->subfacets)); + + /* First uninstall all of the subfacets to get final statistics. */ + LIST_FOR_EACH (subfacet, list_node, &facet->subfacets) { + subfacet_uninstall(subfacet); + } + + /* Flush the final stats to the rule. + * + * This might require us to have at least one subfacet around so that we + * can use its actions for accounting in facet_account(), which is why we + * have uninstalled but not yet destroyed the subfacets. */ + facet_flush_stats(facet); + + /* Now we're really all done so destroy everything. */ LIST_FOR_EACH_SAFE (subfacet, next_subfacet, list_node, &facet->subfacets) { - subfacet_destroy__(ofproto, subfacet); + subfacet_destroy__(subfacet); } - - facet_flush_stats(ofproto, facet); hmap_remove(&ofproto->facets, &facet->hmap_node); list_remove(&facet->list_node); facet_free(facet); } static void -facet_account(struct ofproto_dpif *ofproto, struct facet *facet) +facet_account(struct facet *facet) { + struct ofproto_dpif *ofproto = ofproto_dpif_cast(facet->rule->up.ofproto); uint64_t n_bytes; struct subfacet *subfacet; const struct nlattr *a; @@ -3260,11 +3261,14 @@ facet_account(struct ofproto_dpif *ofproto, struct facet *facet) /* Feed information from the active flows back into the learning table to * ensure that table is always in sync with what is actually flowing * through the datapath. */ - if (facet->has_learn || facet->has_normal) { + if (facet->has_learn || facet->has_normal + || (facet->has_fin_timeout + && facet->tcp_flags & (TCP_FIN | TCP_RST))) { struct action_xlate_ctx ctx; action_xlate_ctx_init(&ctx, ofproto, &facet->flow, - facet->flow.vlan_tci, NULL); + facet->flow.vlan_tci, + facet->rule, facet->tcp_flags, NULL); ctx.may_learn = true; ofpbuf_delete(xlate_actions(&ctx, facet->rule->up.actions, facet->rule->up.n_actions)); @@ -3328,8 +3332,9 @@ facet_is_controller_flow(struct facet *facet) * 'facet''s statistics in the datapath should have been zeroed and folded into * its packet and byte counts before this function is called. */ static void -facet_flush_stats(struct ofproto_dpif *ofproto, struct facet *facet) +facet_flush_stats(struct facet *facet) { + struct ofproto_dpif *ofproto = ofproto_dpif_cast(facet->rule->up.ofproto); struct subfacet *subfacet; LIST_FOR_EACH (subfacet, list_node, &facet->subfacets) { @@ -3338,7 +3343,7 @@ facet_flush_stats(struct ofproto_dpif *ofproto, struct facet *facet) } facet_push_stats(facet); - facet_account(ofproto, facet); + facet_account(facet); if (ofproto->netflow && !facet_is_controller_flow(facet)) { struct ofexpired expired; @@ -3357,6 +3362,7 @@ facet_flush_stats(struct ofproto_dpif *ofproto, struct facet *facet) facet_reset_counters(facet); netflow_flow_clear(&facet->nf_flow); + facet->tcp_flags = 0; } /* Searches 'ofproto''s table of facets for one exactly equal to 'flow'. @@ -3393,7 +3399,7 @@ facet_lookup_valid(struct ofproto_dpif *ofproto, const struct flow *flow) if (facet && (ofproto->need_revalidate || tag_set_intersects(&ofproto->revalidate_set, facet->tags)) - && !facet_revalidate(ofproto, facet)) { + && !facet_revalidate(facet)) { COVERAGE_INC(facet_invalidated); return NULL; } @@ -3401,7 +3407,125 @@ facet_lookup_valid(struct ofproto_dpif *ofproto, const struct flow *flow) return facet; } -/* Re-searches 'ofproto''s classifier for a rule matching 'facet': +static bool +facet_check_consistency(struct facet *facet) +{ + static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 15); + + struct ofproto_dpif *ofproto = ofproto_dpif_cast(facet->rule->up.ofproto); + + struct rule_dpif *rule; + struct subfacet *subfacet; + bool may_log = false; + bool ok; + + /* Check the rule for consistency. */ + rule = rule_dpif_lookup(ofproto, &facet->flow, 0); + if (!rule) { + if (!VLOG_DROP_WARN(&rl)) { + char *s = flow_to_string(&facet->flow); + VLOG_WARN("%s: facet should not exist", s); + free(s); + } + return false; + } else if (rule != facet->rule) { + may_log = !VLOG_DROP_WARN(&rl); + ok = false; + if (may_log) { + struct ds s; + + ds_init(&s); + flow_format(&s, &facet->flow); + ds_put_format(&s, ": facet associated with wrong rule (was " + "table=%"PRIu8",", facet->rule->up.table_id); + cls_rule_format(&facet->rule->up.cr, &s); + ds_put_format(&s, ") (should have been table=%"PRIu8",", + rule->up.table_id); + cls_rule_format(&rule->up.cr, &s); + ds_put_char(&s, ')'); + + VLOG_WARN("%s", ds_cstr(&s)); + ds_destroy(&s); + } + } else { + ok = true; + } + + /* Check the datapath actions for consistency. */ + LIST_FOR_EACH (subfacet, list_node, &facet->subfacets) { + struct action_xlate_ctx ctx; + struct ofpbuf *odp_actions; + bool actions_changed; + bool should_install; + + action_xlate_ctx_init(&ctx, ofproto, &facet->flow, + subfacet->initial_tci, rule, 0, NULL); + odp_actions = xlate_actions(&ctx, rule->up.actions, + rule->up.n_actions); + + should_install = (ctx.may_set_up_flow + && subfacet->key_fitness != ODP_FIT_TOO_LITTLE); + if (!should_install && !subfacet->installed) { + /* The actions for uninstallable flows may vary from one packet to + * the next, so don't compare the actions. */ + goto next; + } + + actions_changed = (subfacet->actions_len != odp_actions->size + || memcmp(subfacet->actions, odp_actions->data, + subfacet->actions_len)); + if (should_install != subfacet->installed || actions_changed) { + if (ok) { + may_log = !VLOG_DROP_WARN(&rl); + ok = false; + } + + if (may_log) { + struct odputil_keybuf keybuf; + struct ofpbuf key; + struct ds s; + + ds_init(&s); + subfacet_get_key(subfacet, &keybuf, &key); + odp_flow_key_format(key.data, key.size, &s); + + ds_put_cstr(&s, ": inconsistency in subfacet"); + if (should_install != subfacet->installed) { + enum odp_key_fitness fitness = subfacet->key_fitness; + + ds_put_format(&s, " (should%s have been installed)", + should_install ? "" : " not"); + ds_put_format(&s, " (may_set_up_flow=%s, fitness=%s)", + ctx.may_set_up_flow ? "true" : "false", + odp_key_fitness_to_string(fitness)); + } + if (actions_changed) { + ds_put_cstr(&s, " (actions were: "); + format_odp_actions(&s, subfacet->actions, + subfacet->actions_len); + ds_put_cstr(&s, ") (correct actions: "); + format_odp_actions(&s, odp_actions->data, + odp_actions->size); + ds_put_char(&s, ')'); + } else { + ds_put_cstr(&s, " (actions: "); + format_odp_actions(&s, subfacet->actions, + subfacet->actions_len); + ds_put_char(&s, ')'); + } + VLOG_WARN("%s", ds_cstr(&s)); + ds_destroy(&s); + } + } + + next: + ofpbuf_delete(odp_actions); + } + + return ok; +} + +/* Re-searches the classifier for 'facet': * * - If the rule found is different from 'facet''s current rule, moves * 'facet' to the new rule and recompiles its actions. @@ -3413,8 +3537,9 @@ facet_lookup_valid(struct ofproto_dpif *ofproto, const struct flow *flow) * * Returns true if 'facet' still exists, false if it has been destroyed. */ static bool -facet_revalidate(struct ofproto_dpif *ofproto, struct facet *facet) +facet_revalidate(struct facet *facet) { + struct ofproto_dpif *ofproto = ofproto_dpif_cast(facet->rule->up.ofproto); struct actions { struct nlattr *odp_actions; size_t actions_len; @@ -3433,7 +3558,7 @@ facet_revalidate(struct ofproto_dpif *ofproto, struct facet *facet) new_rule = rule_dpif_lookup(ofproto, &facet->flow, 0); if (!new_rule) { /* No new rule, so delete the facet. */ - facet_remove(ofproto, facet); + facet_remove(facet); return false; } @@ -3453,7 +3578,7 @@ facet_revalidate(struct ofproto_dpif *ofproto, struct facet *facet) bool should_install; action_xlate_ctx_init(&ctx, ofproto, &facet->flow, - subfacet->initial_tci, NULL); + subfacet->initial_tci, new_rule, 0, NULL); odp_actions = xlate_actions(&ctx, new_rule->up.actions, new_rule->up.n_actions); actions_changed = (subfacet->actions_len != odp_actions->size @@ -3466,11 +3591,11 @@ facet_revalidate(struct ofproto_dpif *ofproto, struct facet *facet) if (should_install) { struct dpif_flow_stats stats; - subfacet_install(ofproto, subfacet, + subfacet_install(subfacet, odp_actions->data, odp_actions->size, &stats); - subfacet_update_stats(ofproto, subfacet, &stats); + subfacet_update_stats(subfacet, &stats); } else { - subfacet_uninstall(ofproto, subfacet); + subfacet_uninstall(subfacet); } if (!new_actions) { @@ -3486,7 +3611,7 @@ facet_revalidate(struct ofproto_dpif *ofproto, struct facet *facet) i++; } if (new_actions) { - facet_flush_stats(ofproto, facet); + facet_flush_stats(facet); } /* Update 'facet' now that we've taken care of all the old state. */ @@ -3495,6 +3620,7 @@ facet_revalidate(struct ofproto_dpif *ofproto, struct facet *facet) facet->may_install = ctx.may_set_up_flow; facet->has_learn = ctx.has_learn; facet->has_normal = ctx.has_normal; + facet->has_fin_timeout = ctx.has_fin_timeout; facet->mirrors = ctx.mirrors; if (new_actions) { i = 0; @@ -3523,14 +3649,12 @@ facet_revalidate(struct ofproto_dpif *ofproto, struct facet *facet) /* Updates 'facet''s used time. Caller is responsible for calling * facet_push_stats() to update the flows which 'facet' resubmits into. */ static void -facet_update_time(struct ofproto_dpif *ofproto, struct facet *facet, - long long int used) +facet_update_time(struct facet *facet, long long int used) { + struct ofproto_dpif *ofproto = ofproto_dpif_cast(facet->rule->up.ofproto); if (used > facet->used) { facet->used = used; - if (used > facet->rule->used) { - facet->rule->used = used; - } + ofproto_rule_update_used(&facet->rule->up, used); netflow_flow_update_time(ofproto->netflow, &facet->nf_flow, used); } } @@ -3585,14 +3709,14 @@ push_resubmit(struct action_xlate_ctx *ctx, struct rule_dpif *rule) if (rule) { rule->packet_count += push->packets; rule->byte_count += push->bytes; - rule->used = MAX(push->used, rule->used); + ofproto_rule_update_used(&rule->up, push->used); } } /* Pushes flow statistics to the rules which 'flow' resubmits into given * 'rule''s actions and mirrors. */ static void -flow_push_stats(const struct rule_dpif *rule, +flow_push_stats(struct rule_dpif *rule, const struct flow *flow, uint64_t packets, uint64_t bytes, long long int used) { @@ -3603,7 +3727,10 @@ flow_push_stats(const struct rule_dpif *rule, push.bytes = bytes; push.used = used; - action_xlate_ctx_init(&push.ctx, ofproto, flow, flow->vlan_tci, NULL); + ofproto_rule_update_used(&rule->up, used); + + action_xlate_ctx_init(&push.ctx, ofproto, flow, flow->vlan_tci, rule, + 0, NULL); push.ctx.resubmit_hook = push_resubmit; ofpbuf_delete(xlate_actions(&push.ctx, rule->up.actions, rule->up.n_actions)); @@ -3639,10 +3766,10 @@ subfacet_find__(struct ofproto_dpif *ofproto, * which case the caller must populate the actions with * subfacet_make_actions(). */ static struct subfacet * -subfacet_create(struct ofproto_dpif *ofproto, struct facet *facet, - enum odp_key_fitness key_fitness, +subfacet_create(struct facet *facet, enum odp_key_fitness key_fitness, const struct nlattr *key, size_t key_len, ovs_be16 initial_tci) { + struct ofproto_dpif *ofproto = ofproto_dpif_cast(facet->rule->up.ofproto); uint32_t key_hash = odp_flow_key_hash(key, key_len); struct subfacet *subfacet; @@ -3654,7 +3781,7 @@ subfacet_create(struct ofproto_dpif *ofproto, struct facet *facet, /* This shouldn't happen. */ VLOG_ERR_RL(&rl, "subfacet with wrong facet"); - subfacet_destroy(ofproto, subfacet); + subfacet_destroy(subfacet); } subfacet = xzalloc(sizeof *subfacet); @@ -3694,9 +3821,12 @@ subfacet_find(struct ofproto_dpif *ofproto, /* Uninstalls 'subfacet' from the datapath, if it is installed, removes it from * its facet within 'ofproto', and frees it. */ static void -subfacet_destroy__(struct ofproto_dpif *ofproto, struct subfacet *subfacet) +subfacet_destroy__(struct subfacet *subfacet) { - subfacet_uninstall(ofproto, subfacet); + struct facet *facet = subfacet->facet; + struct ofproto_dpif *ofproto = ofproto_dpif_cast(facet->rule->up.ofproto); + + subfacet_uninstall(subfacet); hmap_remove(&ofproto->subfacets, &subfacet->hmap_node); list_remove(&subfacet->list_node); free(subfacet->key); @@ -3707,13 +3837,15 @@ subfacet_destroy__(struct ofproto_dpif *ofproto, struct subfacet *subfacet) /* Destroys 'subfacet', as with subfacet_destroy__(), and then if this was the * last remaining subfacet in its facet destroys the facet too. */ static void -subfacet_destroy(struct ofproto_dpif *ofproto, struct subfacet *subfacet) +subfacet_destroy(struct subfacet *subfacet) { struct facet *facet = subfacet->facet; - subfacet_destroy__(ofproto, subfacet); - if (list_is_empty(&facet->subfacets)) { - facet_remove(ofproto, facet); + if (list_is_singleton(&facet->subfacets)) { + /* facet_remove() needs at least one subfacet (it will remove it). */ + facet_remove(facet); + } else { + subfacet_destroy__(subfacet); } } @@ -3734,21 +3866,22 @@ subfacet_get_key(struct subfacet *subfacet, struct odputil_keybuf *keybuf, /* Composes the datapath actions for 'subfacet' based on its rule's actions. */ static void -subfacet_make_actions(struct ofproto_dpif *p, struct subfacet *subfacet, - const struct ofpbuf *packet) +subfacet_make_actions(struct subfacet *subfacet, const struct ofpbuf *packet) { struct facet *facet = subfacet->facet; - const struct rule_dpif *rule = facet->rule; + struct rule_dpif *rule = facet->rule; + struct ofproto_dpif *ofproto = ofproto_dpif_cast(rule->up.ofproto); struct ofpbuf *odp_actions; struct action_xlate_ctx ctx; - action_xlate_ctx_init(&ctx, p, &facet->flow, subfacet->initial_tci, - packet); + action_xlate_ctx_init(&ctx, ofproto, &facet->flow, subfacet->initial_tci, + rule, 0, packet); odp_actions = xlate_actions(&ctx, rule->up.actions, rule->up.n_actions); facet->tags = ctx.tags; facet->may_install = ctx.may_set_up_flow; facet->has_learn = ctx.has_learn; facet->has_normal = ctx.has_normal; + facet->has_fin_timeout = ctx.has_fin_timeout; facet->nf_flow.output_iface = ctx.nf_output_iface; facet->mirrors = ctx.mirrors; @@ -3769,10 +3902,12 @@ subfacet_make_actions(struct ofproto_dpif *p, struct subfacet *subfacet, * * Returns 0 if successful, otherwise a positive errno value. */ static int -subfacet_install(struct ofproto_dpif *ofproto, struct subfacet *subfacet, +subfacet_install(struct subfacet *subfacet, const struct nlattr *actions, size_t actions_len, struct dpif_flow_stats *stats) { + struct facet *facet = subfacet->facet; + struct ofproto_dpif *ofproto = ofproto_dpif_cast(facet->rule->up.ofproto); struct odputil_keybuf keybuf; enum dpif_flow_put_flags flags; struct ofpbuf key; @@ -3796,19 +3931,21 @@ subfacet_install(struct ofproto_dpif *ofproto, struct subfacet *subfacet, /* If 'subfacet' is installed in the datapath, uninstalls it. */ static void -subfacet_uninstall(struct ofproto_dpif *p, struct subfacet *subfacet) +subfacet_uninstall(struct subfacet *subfacet) { if (subfacet->installed) { + struct rule_dpif *rule = subfacet->facet->rule; + struct ofproto_dpif *ofproto = ofproto_dpif_cast(rule->up.ofproto); struct odputil_keybuf keybuf; struct dpif_flow_stats stats; struct ofpbuf key; int error; subfacet_get_key(subfacet, &keybuf, &key); - error = dpif_flow_del(p->dpif, key.data, key.size, &stats); + error = dpif_flow_del(ofproto->dpif, key.data, key.size, &stats); subfacet_reset_dp_stats(subfacet, &stats); if (!error) { - subfacet_update_stats(p, subfacet, &stats); + subfacet_update_stats(subfacet, &stats); } subfacet->installed = false; } else { @@ -3840,12 +3977,11 @@ subfacet_reset_dp_stats(struct subfacet *subfacet, /* Updates 'subfacet''s used time. The caller is responsible for calling * facet_push_stats() to update the flows which 'subfacet' resubmits into. */ static void -subfacet_update_time(struct ofproto_dpif *ofproto, struct subfacet *subfacet, - long long int used) +subfacet_update_time(struct subfacet *subfacet, long long int used) { if (used > subfacet->used) { subfacet->used = used; - facet_update_time(ofproto, subfacet->facet, used); + facet_update_time(subfacet->facet, used); } } @@ -3856,15 +3992,16 @@ subfacet_update_time(struct ofproto_dpif *ofproto, struct subfacet *subfacet, * represents a packet that was sent by hand or if it represents statistics * that have been cleared out of the datapath. */ static void -subfacet_update_stats(struct ofproto_dpif *ofproto, struct subfacet *subfacet, +subfacet_update_stats(struct subfacet *subfacet, const struct dpif_flow_stats *stats) { if (stats->n_packets || stats->used > subfacet->used) { struct facet *facet = subfacet->facet; - subfacet_update_time(ofproto, subfacet, stats->used); + subfacet_update_time(subfacet, stats->used); facet->packet_count += stats->n_packets; facet->byte_count += stats->n_bytes; + facet->tcp_flags |= stats->tcp_flags; facet_push_stats(facet); netflow_flow_update_flags(&facet->nf_flow, stats->tcp_flags); } @@ -3883,7 +4020,7 @@ rule_dpif_lookup(struct ofproto_dpif *ofproto, const struct flow *flow, return NULL; } - cls = &ofproto->up.tables[table_id]; + cls = &ofproto->up.tables[table_id].cls; if (flow->nw_frag & FLOW_NW_FRAG_ANY && ofproto->up.frag_handling == OFPC_FRAG_NORMAL) { /* For OFPC_NORMAL frag_handling, we must pretend that transport ports @@ -3927,14 +4064,14 @@ rule_dealloc(struct rule *rule_) free(rule); } -static int +static enum ofperr rule_construct(struct rule *rule_) { struct rule_dpif *rule = rule_dpif_cast(rule_); struct ofproto_dpif *ofproto = ofproto_dpif_cast(rule->up.ofproto); struct rule_dpif *victim; uint8_t table_id; - int error; + enum ofperr error; error = validate_actions(rule->up.actions, rule->up.n_actions, &rule->up.cr.flow, ofproto->max_ports); @@ -3942,7 +4079,6 @@ rule_construct(struct rule *rule_) return error; } - rule->used = rule->up.created; rule->packet_count = 0; rule->byte_count = 0; @@ -3981,11 +4117,10 @@ static void rule_destruct(struct rule *rule_) { struct rule_dpif *rule = rule_dpif_cast(rule_); - struct ofproto_dpif *ofproto = ofproto_dpif_cast(rule->up.ofproto); struct facet *facet, *next_facet; LIST_FOR_EACH_SAFE (facet, next_facet, list_node, &rule->facets) { - facet_revalidate(ofproto, facet); + facet_revalidate(facet); } complete_operation(rule); @@ -4011,7 +4146,7 @@ rule_get_stats(struct rule *rule_, uint64_t *packets, uint64_t *bytes) } } -static int +static enum ofperr rule_execute(struct rule *rule_, const struct flow *flow, struct ofpbuf *packet) { @@ -4021,15 +4156,15 @@ rule_execute(struct rule *rule_, const struct flow *flow, struct ofpbuf *odp_actions; size_t size; - action_xlate_ctx_init(&ctx, ofproto, flow, flow->vlan_tci, packet); + action_xlate_ctx_init(&ctx, ofproto, flow, flow->vlan_tci, + rule, packet_get_tcp_flags(packet, flow), packet); odp_actions = xlate_actions(&ctx, rule->up.actions, rule->up.n_actions); size = packet->size; if (execute_odp_actions(ofproto, flow, odp_actions->data, odp_actions->size, packet)) { - rule->used = time_msec(); rule->packet_count++; rule->byte_count += size; - flow_push_stats(rule, flow, 1, size, rule->used); + flow_push_stats(rule, flow, 1, size, time_msec()); } ofpbuf_delete(odp_actions); @@ -4041,7 +4176,7 @@ rule_modify_actions(struct rule *rule_) { struct rule_dpif *rule = rule_dpif_cast(rule_); struct ofproto_dpif *ofproto = ofproto_dpif_cast(rule->up.ofproto); - int error; + enum ofperr error; error = validate_actions(rule->up.actions, rule->up.n_actions, &rule->up.cr.flow, ofproto->max_ports); @@ -4215,7 +4350,7 @@ compose_output_action__(struct action_xlate_ctx *ctx, uint16_t ofp_port, if (ofport) { struct priority_to_dscp *pdscp; - if (ofport->up.opp.config & htonl(OFPPC_NO_FWD) + if (ofport->up.pp.config & OFPUTIL_PC_NO_FWD || (check_stp && !stp_forward_in_state(ofport->stp_state))) { return; } @@ -4291,8 +4426,12 @@ xlate_table_action(struct action_xlate_ctx *ctx, } if (rule) { + struct rule_dpif *old_rule = ctx->rule; + ctx->recurse++; + ctx->rule = rule; do_xlate_actions(rule->up.actions, rule->up.n_actions, ctx); + ctx->rule = old_rule; ctx->recurse--; } @@ -4302,6 +4441,7 @@ xlate_table_action(struct action_xlate_ctx *ctx, VLOG_ERR_RL(&recurse_rl, "resubmit actions recursed over %d times", MAX_RESUBMIT_RECURSION); + ctx->max_resubmit_trigger = true; } } @@ -4334,7 +4474,7 @@ flood_packets(struct action_xlate_ctx *ctx, bool all) if (all) { compose_output_action__(ctx, ofp_port, false); - } else if (!(ofport->up.opp.config & htonl(OFPPC_NO_FLOOD))) { + } else if (!(ofport->up.pp.config & OFPUTIL_PC_NO_FLOOD)) { compose_output_action(ctx, ofp_port); } } @@ -4343,16 +4483,84 @@ flood_packets(struct action_xlate_ctx *ctx, bool all) } static void -compose_controller_action(struct action_xlate_ctx *ctx, int len) +execute_controller_action(struct action_xlate_ctx *ctx, int len, + enum ofp_packet_in_reason reason, + uint16_t controller_id) { - struct user_action_cookie cookie; + struct ofputil_packet_in pin; + struct ofpbuf *packet; - commit_odp_actions(&ctx->flow, &ctx->base_flow, ctx->odp_actions); - cookie.type = USER_ACTION_COOKIE_CONTROLLER; - cookie.data = len; - cookie.n_output = 0; - cookie.vlan_tci = 0; - put_userspace_action(ctx->ofproto, ctx->odp_actions, &ctx->flow, &cookie); + ctx->may_set_up_flow = false; + if (!ctx->packet) { + return; + } + + packet = ofpbuf_clone(ctx->packet); + + if (packet->l2 && packet->l3) { + struct eth_header *eh; + + eth_pop_vlan(packet); + eh = packet->l2; + assert(eh->eth_type == ctx->flow.dl_type); + memcpy(eh->eth_src, ctx->flow.dl_src, sizeof eh->eth_src); + memcpy(eh->eth_dst, ctx->flow.dl_dst, sizeof eh->eth_dst); + + if (ctx->flow.vlan_tci & htons(VLAN_CFI)) { + eth_push_vlan(packet, ctx->flow.vlan_tci); + } + + if (packet->l4) { + if (ctx->flow.dl_type == htons(ETH_TYPE_IP)) { + packet_set_ipv4(packet, ctx->flow.nw_src, ctx->flow.nw_dst, + ctx->flow.nw_tos, ctx->flow.nw_ttl); + } + + if (packet->l7) { + if (ctx->flow.nw_proto == IPPROTO_TCP) { + packet_set_tcp_port(packet, ctx->flow.tp_src, + ctx->flow.tp_dst); + } else if (ctx->flow.nw_proto == IPPROTO_UDP) { + packet_set_udp_port(packet, ctx->flow.tp_src, + ctx->flow.tp_dst); + } + } + } + } + + pin.packet = packet->data; + pin.packet_len = packet->size; + pin.reason = reason; + pin.controller_id = controller_id; + pin.table_id = ctx->table_id; + pin.cookie = ctx->rule ? ctx->rule->up.flow_cookie : 0; + + pin.buffer_id = 0; + pin.send_len = len; + pin.total_len = packet->size; + flow_get_metadata(&ctx->flow, &pin.fmd); + + connmgr_send_packet_in(ctx->ofproto->up.connmgr, &pin); + ofpbuf_delete(packet); +} + +static bool +compose_dec_ttl(struct action_xlate_ctx *ctx) +{ + if (ctx->flow.dl_type != htons(ETH_TYPE_IP) && + ctx->flow.dl_type != htons(ETH_TYPE_IPV6)) { + return false; + } + + if (ctx->flow.nw_ttl > 1) { + ctx->flow.nw_ttl--; + return false; + } else { + execute_controller_action(ctx, UINT16_MAX, OFPR_INVALID_TTL, 0); + + /* Stop processing for current table. */ + return true; + } } static void @@ -4380,13 +4588,11 @@ xlate_output_action__(struct action_xlate_ctx *ctx, flood_packets(ctx, true); break; case OFPP_CONTROLLER: - compose_controller_action(ctx, max_len); - break; - case OFPP_LOCAL: - compose_output_action(ctx, OFPP_LOCAL); + execute_controller_action(ctx, max_len, OFPR_ACTION, 0); break; case OFPP_NONE: break; + case OFPP_LOCAL: default: if (port != ctx->flow.in_port) { compose_output_action(ctx, port); @@ -4408,9 +4614,11 @@ static void xlate_output_reg_action(struct action_xlate_ctx *ctx, const struct nx_action_output_reg *naor) { + struct mf_subfield src; uint64_t ofp_port; - ofp_port = nxm_read_field_bits(naor->src, naor->ofs_nbits, &ctx->flow); + nxm_decode(&src, naor->src, naor->ofs_nbits); + ofp_port = mf_get_subfield(&src, &ctx->flow); if (ofp_port <= UINT16_MAX) { xlate_output_action__(ctx, ofp_port, ntohs(naor->max_len)); @@ -4539,20 +4747,41 @@ xlate_learn_action(struct action_xlate_ctx *ctx, error = ofproto_flow_mod(&ctx->ofproto->up, &fm); if (error && !VLOG_DROP_WARN(&rl)) { - char *msg = ofputil_error_to_string(error); - VLOG_WARN("learning action failed to modify flow table (%s)", msg); - free(msg); + VLOG_WARN("learning action failed to modify flow table (%s)", + ofperr_get_name(error)); } free(fm.actions); } +/* Reduces '*timeout' to no more than 'max'. A value of zero in either case + * means "infinite". */ +static void +reduce_timeout(uint16_t max, uint16_t *timeout) +{ + if (max && (!*timeout || *timeout > max)) { + *timeout = max; + } +} + +static void +xlate_fin_timeout(struct action_xlate_ctx *ctx, + const struct nx_action_fin_timeout *naft) +{ + if (ctx->tcp_flags & (TCP_FIN | TCP_RST) && ctx->rule) { + struct rule_dpif *rule = ctx->rule; + + reduce_timeout(ntohs(naft->fin_idle_timeout), &rule->up.idle_timeout); + reduce_timeout(ntohs(naft->fin_hard_timeout), &rule->up.hard_timeout); + } +} + static bool may_receive(const struct ofport_dpif *port, struct action_xlate_ctx *ctx) { - if (port->up.opp.config & (eth_addr_equals(ctx->flow.dl_dst, eth_addr_stp) - ? htonl(OFPPC_NO_RECV_STP) - : htonl(OFPPC_NO_RECV))) { + if (port->up.pp.config & (eth_addr_equals(ctx->flow.dl_dst, eth_addr_stp) + ? OFPUTIL_PC_NO_RECV_STP + : OFPUTIL_PC_NO_RECV)) { return false; } @@ -4574,6 +4803,7 @@ do_xlate_actions(const union ofp_action *in, size_t n_in, { const struct ofport_dpif *port; const union ofp_action *ia; + bool was_evictable = true; size_t left; port = get_ofp_port(ctx->ofproto, ctx->flow.in_port); @@ -4582,6 +4812,11 @@ do_xlate_actions(const union ofp_action *in, size_t n_in, return; } + if (ctx->rule) { + /* Don't let the rule we're working on get evicted underneath us. */ + was_evictable = ctx->rule->up.evictable; + ctx->rule->up.evictable = false; + } OFPUTIL_ACTION_FOR_EACH_UNSAFE (ia, left, in, n_in) { const struct ofp_action_dl_addr *oada; const struct nx_action_resubmit *nar; @@ -4591,6 +4826,7 @@ do_xlate_actions(const union ofp_action *in, size_t n_in, const struct nx_action_autopath *naa; const struct nx_action_bundle *nab; const struct nx_action_output_reg *naor; + const struct nx_action_controller *nac; enum ofputil_action_code code; ovs_be64 tun_id; @@ -4600,57 +4836,60 @@ do_xlate_actions(const union ofp_action *in, size_t n_in, code = ofputil_decode_action_unsafe(ia); switch (code) { - case OFPUTIL_OFPAT_OUTPUT: + case OFPUTIL_OFPAT10_OUTPUT: xlate_output_action(ctx, &ia->output); break; - case OFPUTIL_OFPAT_SET_VLAN_VID: + case OFPUTIL_OFPAT10_SET_VLAN_VID: ctx->flow.vlan_tci &= ~htons(VLAN_VID_MASK); ctx->flow.vlan_tci |= ia->vlan_vid.vlan_vid | htons(VLAN_CFI); break; - case OFPUTIL_OFPAT_SET_VLAN_PCP: + case OFPUTIL_OFPAT10_SET_VLAN_PCP: ctx->flow.vlan_tci &= ~htons(VLAN_PCP_MASK); ctx->flow.vlan_tci |= htons( (ia->vlan_pcp.vlan_pcp << VLAN_PCP_SHIFT) | VLAN_CFI); break; - case OFPUTIL_OFPAT_STRIP_VLAN: + case OFPUTIL_OFPAT10_STRIP_VLAN: ctx->flow.vlan_tci = htons(0); break; - case OFPUTIL_OFPAT_SET_DL_SRC: + case OFPUTIL_OFPAT10_SET_DL_SRC: oada = ((struct ofp_action_dl_addr *) ia); memcpy(ctx->flow.dl_src, oada->dl_addr, ETH_ADDR_LEN); break; - case OFPUTIL_OFPAT_SET_DL_DST: + case OFPUTIL_OFPAT10_SET_DL_DST: oada = ((struct ofp_action_dl_addr *) ia); memcpy(ctx->flow.dl_dst, oada->dl_addr, ETH_ADDR_LEN); break; - case OFPUTIL_OFPAT_SET_NW_SRC: + case OFPUTIL_OFPAT10_SET_NW_SRC: ctx->flow.nw_src = ia->nw_addr.nw_addr; break; - case OFPUTIL_OFPAT_SET_NW_DST: + case OFPUTIL_OFPAT10_SET_NW_DST: ctx->flow.nw_dst = ia->nw_addr.nw_addr; break; - case OFPUTIL_OFPAT_SET_NW_TOS: - ctx->flow.nw_tos &= ~IP_DSCP_MASK; - ctx->flow.nw_tos |= ia->nw_tos.nw_tos & IP_DSCP_MASK; + case OFPUTIL_OFPAT10_SET_NW_TOS: + /* OpenFlow 1.0 only supports IPv4. */ + if (ctx->flow.dl_type == htons(ETH_TYPE_IP)) { + ctx->flow.nw_tos &= ~IP_DSCP_MASK; + ctx->flow.nw_tos |= ia->nw_tos.nw_tos & IP_DSCP_MASK; + } break; - case OFPUTIL_OFPAT_SET_TP_SRC: + case OFPUTIL_OFPAT10_SET_TP_SRC: ctx->flow.tp_src = ia->tp_port.tp_port; break; - case OFPUTIL_OFPAT_SET_TP_DST: + case OFPUTIL_OFPAT10_SET_TP_DST: ctx->flow.tp_dst = ia->tp_port.tp_port; break; - case OFPUTIL_OFPAT_ENQUEUE: + case OFPUTIL_OFPAT10_ENQUEUE: xlate_enqueue_action(ctx, (const struct ofp_action_enqueue *) ia); break; @@ -4734,32 +4973,56 @@ do_xlate_actions(const union ofp_action *in, size_t n_in, } break; + case OFPUTIL_NXAST_DEC_TTL: + if (compose_dec_ttl(ctx)) { + goto out; + } + break; + case OFPUTIL_NXAST_EXIT: ctx->exit = true; break; + + case OFPUTIL_NXAST_FIN_TIMEOUT: + ctx->has_fin_timeout = true; + xlate_fin_timeout(ctx, (const struct nx_action_fin_timeout *) ia); + break; + + case OFPUTIL_NXAST_CONTROLLER: + nac = (const struct nx_action_controller *) ia; + execute_controller_action(ctx, ntohs(nac->max_len), nac->reason, + ntohs(nac->controller_id)); + break; } } +out: /* We've let OFPP_NORMAL and the learning action look at the packet, * so drop it now if forwarding is disabled. */ if (port && !stp_forward_in_state(port->stp_state)) { ofpbuf_clear(ctx->odp_actions); add_sflow_action(ctx); } + if (ctx->rule) { + ctx->rule->up.evictable = was_evictable; + } } static void action_xlate_ctx_init(struct action_xlate_ctx *ctx, struct ofproto_dpif *ofproto, const struct flow *flow, - ovs_be16 initial_tci, const struct ofpbuf *packet) + ovs_be16 initial_tci, struct rule_dpif *rule, + uint8_t tcp_flags, const struct ofpbuf *packet) { ctx->ofproto = ofproto; ctx->flow = *flow; ctx->base_flow = ctx->flow; ctx->base_flow.tun_id = 0; ctx->base_flow.vlan_tci = initial_tci; + ctx->rule = rule; ctx->packet = packet; ctx->may_learn = packet != NULL; + ctx->tcp_flags = tcp_flags; ctx->resubmit_hook = NULL; } @@ -4777,9 +5040,11 @@ xlate_actions(struct action_xlate_ctx *ctx, ctx->may_set_up_flow = true; ctx->has_learn = false; ctx->has_normal = false; + ctx->has_fin_timeout = false; ctx->nf_output_iface = NF_OUT_DROP; ctx->mirrors = 0; ctx->recurse = 0; + ctx->max_resubmit_trigger = false; ctx->orig_skb_priority = ctx->flow.skb_priority; ctx->table_id = 0; ctx->exit = false; @@ -4801,6 +5066,9 @@ xlate_actions(struct action_xlate_ctx *ctx, case OFPC_FRAG_NX_MATCH: /* Nothing to do. */ break; + + case OFPC_INVALID_TTL_TO_CONTROLLER: + NOT_REACHED(); } } @@ -4808,9 +5076,24 @@ xlate_actions(struct action_xlate_ctx *ctx, ctx->may_set_up_flow = false; return ctx->odp_actions; } else { + static struct vlog_rate_limit trace_rl = VLOG_RATE_LIMIT_INIT(1, 1); + struct flow original_flow = ctx->flow; + ovs_be16 initial_tci = ctx->base_flow.vlan_tci; + add_sflow_action(ctx); do_xlate_actions(in, n_in, ctx); + if (ctx->max_resubmit_trigger && !ctx->resubmit_hook + && !VLOG_DROP_ERR(&trace_rl)) { + struct ds ds = DS_EMPTY_INITIALIZER; + + ofproto_trace(ctx->ofproto, &original_flow, ctx->packet, + initial_tci, &ds); + VLOG_ERR("Trace triggered by excessive resubmit recursion:\n%s", + ds_cstr(&ds)); + ds_destroy(&ds); + } + if (!connmgr_may_set_up_flow(ctx->ofproto->up.connmgr, &ctx->flow, ctx->odp_actions->data, ctx->odp_actions->size)) { @@ -5441,13 +5724,13 @@ static void table_update_taggable(struct ofproto_dpif *ofproto, uint8_t table_id) { struct table_dpif *table = &ofproto->tables[table_id]; - const struct classifier *cls = &ofproto->up.tables[table_id]; + const struct oftable *oftable = &ofproto->up.tables[table_id]; struct cls_table *catchall, *other; struct cls_table *t; catchall = other = NULL; - switch (hmap_count(&cls->tables)) { + switch (hmap_count(&oftable->cls.tables)) { case 0: /* We could tag this OpenFlow table but it would make the logic a * little harder and it's a corner case that doesn't seem worth it @@ -5456,7 +5739,7 @@ table_update_taggable(struct ofproto_dpif *ofproto, uint8_t table_id) case 1: case 2: - HMAP_FOR_EACH (t, hmap_node, &cls->tables) { + HMAP_FOR_EACH (t, hmap_node, &oftable->cls.tables) { if (cls_table_is_catchall(t)) { catchall = t; } else if (!other) { @@ -5520,31 +5803,40 @@ set_frag_handling(struct ofproto *ofproto_, } } -static int +static enum ofperr packet_out(struct ofproto *ofproto_, struct ofpbuf *packet, const struct flow *flow, const union ofp_action *ofp_actions, size_t n_ofp_actions) { struct ofproto_dpif *ofproto = ofproto_dpif_cast(ofproto_); - int error; + enum ofperr error; if (flow->in_port >= ofproto->max_ports && flow->in_port < OFPP_MAX) { - return ofp_mkerr_nicira(OFPET_BAD_REQUEST, NXBRC_BAD_IN_PORT); + return OFPERR_NXBRC_BAD_IN_PORT; } error = validate_actions(ofp_actions, n_ofp_actions, flow, ofproto->max_ports); if (!error) { struct odputil_keybuf keybuf; - struct action_xlate_ctx ctx; struct ofpbuf *odp_actions; + struct ofproto_push push; struct ofpbuf key; ofpbuf_use_stack(&key, &keybuf, sizeof keybuf); odp_flow_key_from_flow(&key, flow); - action_xlate_ctx_init(&ctx, ofproto, flow, flow->vlan_tci, packet); - odp_actions = xlate_actions(&ctx, ofp_actions, n_ofp_actions); + action_xlate_ctx_init(&push.ctx, ofproto, flow, flow->vlan_tci, NULL, + packet_get_tcp_flags(packet, flow), packet); + + /* Ensure that resubmits in 'ofp_actions' get accounted to their + * matching rules. */ + push.packets = 1; + push.bytes = packet->size; + push.used = time_msec(); + push.ctx.resubmit_hook = push_resubmit; + + odp_actions = xlate_actions(&push.ctx, ofp_actions, n_ofp_actions); dpif_execute(ofproto->dpif, key.data, key.size, odp_actions->data, odp_actions->size, packet); ofpbuf_delete(odp_actions); @@ -5593,9 +5885,9 @@ send_active_timeout(struct ofproto_dpif *ofproto, struct facet *facet) if (subfacet->installed) { struct dpif_flow_stats stats; - subfacet_install(ofproto, subfacet, subfacet->actions, + subfacet_install(subfacet, subfacet->actions, subfacet->actions_len, &stats); - subfacet_update_stats(ofproto, subfacet, &stats); + subfacet_update_stats(subfacet, &stats); } } @@ -5632,19 +5924,25 @@ ofproto_dpif_lookup(const char *name) } static void -ofproto_unixctl_fdb_flush(struct unixctl_conn *conn, int argc OVS_UNUSED, +ofproto_unixctl_fdb_flush(struct unixctl_conn *conn, int argc, const char *argv[], void *aux OVS_UNUSED) { - const struct ofproto_dpif *ofproto; + struct ofproto_dpif *ofproto; - ofproto = ofproto_dpif_lookup(argv[1]); - if (!ofproto) { - unixctl_command_reply(conn, 501, "no such bridge"); - return; + if (argc > 1) { + ofproto = ofproto_dpif_lookup(argv[1]); + if (!ofproto) { + unixctl_command_reply_error(conn, "no such bridge"); + return; + } + mac_learning_flush(ofproto->ml, &ofproto->revalidate_set); + } else { + HMAP_FOR_EACH (ofproto, all_ofproto_dpifs_node, &all_ofproto_dpifs) { + mac_learning_flush(ofproto->ml, &ofproto->revalidate_set); + } } - mac_learning_flush(ofproto->ml); - unixctl_command_reply(conn, 200, "table successfully flushed"); + unixctl_command_reply(conn, "table successfully flushed"); } static void @@ -5657,7 +5955,7 @@ ofproto_unixctl_fdb_show(struct unixctl_conn *conn, int argc OVS_UNUSED, ofproto = ofproto_dpif_lookup(argv[1]); if (!ofproto) { - unixctl_command_reply(conn, 501, "no such bridge"); + unixctl_command_reply_error(conn, "no such bridge"); return; } @@ -5666,13 +5964,14 @@ ofproto_unixctl_fdb_show(struct unixctl_conn *conn, int argc OVS_UNUSED, struct ofbundle *bundle = e->port.p; ds_put_format(&ds, "%5d %4d "ETH_ADDR_FMT" %3d\n", ofbundle_get_a_port(bundle)->odp_port, - e->vlan, ETH_ADDR_ARGS(e->mac), mac_entry_age(e)); + e->vlan, ETH_ADDR_ARGS(e->mac), + mac_entry_age(ofproto->ml, e)); } - unixctl_command_reply(conn, 200, ds_cstr(&ds)); + unixctl_command_reply(conn, ds_cstr(&ds)); ds_destroy(&ds); } -struct ofproto_trace { +struct trace_ctx { struct action_xlate_ctx ctx; struct flow flow; struct ds *result; @@ -5701,7 +6000,7 @@ trace_format_rule(struct ds *result, uint8_t table_id, int level, static void trace_format_flow(struct ds *result, int level, const char *title, - struct ofproto_trace *trace) + struct trace_ctx *trace) { ds_put_char_multiple(result, '\t', level); ds_put_format(result, "%s: ", title); @@ -5716,7 +6015,7 @@ trace_format_flow(struct ds *result, int level, const char *title, static void trace_format_regs(struct ds *result, int level, const char *title, - struct ofproto_trace *trace) + struct trace_ctx *trace) { size_t i; @@ -5728,15 +6027,28 @@ trace_format_regs(struct ds *result, int level, const char *title, ds_put_char(result, '\n'); } +static void +trace_format_odp(struct ds *result, int level, const char *title, + struct trace_ctx *trace) +{ + struct ofpbuf *odp_actions = trace->ctx.odp_actions; + + ds_put_char_multiple(result, '\t', level); + ds_put_format(result, "%s: ", title); + format_odp_actions(result, odp_actions->data, odp_actions->size); + ds_put_char(result, '\n'); +} + static void trace_resubmit(struct action_xlate_ctx *ctx, struct rule_dpif *rule) { - struct ofproto_trace *trace = CONTAINER_OF(ctx, struct ofproto_trace, ctx); + struct trace_ctx *trace = CONTAINER_OF(ctx, struct trace_ctx, ctx); struct ds *result = trace->result; ds_put_char(result, '\n'); trace_format_flow(result, ctx->recurse + 1, "Resubmitted flow", trace); trace_format_regs(result, ctx->recurse + 1, "Resubmitted regs", trace); + trace_format_odp(result, ctx->recurse + 1, "Resubmitted odp", trace); trace_format_rule(result, ctx->table_id, ctx->recurse + 1, rule); } @@ -5748,7 +6060,6 @@ ofproto_unixctl_trace(struct unixctl_conn *conn, int argc, const char *argv[], struct ofproto_dpif *ofproto; struct ofpbuf odp_key; struct ofpbuf *packet; - struct rule_dpif *rule; ovs_be16 initial_tci; struct ds result; struct flow flow; @@ -5760,8 +6071,8 @@ ofproto_unixctl_trace(struct unixctl_conn *conn, int argc, const char *argv[], ofproto = ofproto_dpif_lookup(dpname); if (!ofproto) { - unixctl_command_reply(conn, 501, "Unknown ofproto (use ofproto/list " - "for help)"); + unixctl_command_reply_error(conn, "Unknown ofproto (use ofproto/list " + "for help)"); goto exit; } if (argc == 3 || (argc == 4 && !strcmp(argv[3], "-generate"))) { @@ -5774,7 +6085,7 @@ ofproto_unixctl_trace(struct unixctl_conn *conn, int argc, const char *argv[], ofpbuf_init(&odp_key, 0); error = odp_flow_key_from_string(flow_s, NULL, &odp_key); if (error) { - unixctl_command_reply(conn, 501, "Bad flow syntax"); + unixctl_command_reply_error(conn, "Bad flow syntax"); goto exit; } @@ -5783,7 +6094,7 @@ ofproto_unixctl_trace(struct unixctl_conn *conn, int argc, const char *argv[], odp_key.size, &flow, &initial_tci, NULL); if (error == ODP_FIT_ERROR) { - unixctl_command_reply(conn, 501, "Invalid flow"); + unixctl_command_reply_error(conn, "Invalid flow"); goto exit; } @@ -5805,61 +6116,73 @@ ofproto_unixctl_trace(struct unixctl_conn *conn, int argc, const char *argv[], msg = eth_from_hex(packet_s, &packet); if (msg) { - unixctl_command_reply(conn, 501, msg); + unixctl_command_reply_error(conn, msg); goto exit; } ds_put_cstr(&result, "Packet: "); - s = ofp_packet_to_string(packet->data, packet->size, packet->size); + s = ofp_packet_to_string(packet->data, packet->size); ds_put_cstr(&result, s); free(s); flow_extract(packet, priority, tun_id, in_port, &flow); initial_tci = flow.vlan_tci; } else { - unixctl_command_reply(conn, 501, "Bad command syntax"); + unixctl_command_reply_error(conn, "Bad command syntax"); goto exit; } - ds_put_cstr(&result, "Flow: "); - flow_format(&result, &flow); - ds_put_char(&result, '\n'); + ofproto_trace(ofproto, &flow, packet, initial_tci, &result); + unixctl_command_reply(conn, ds_cstr(&result)); + +exit: + ds_destroy(&result); + ofpbuf_delete(packet); + ofpbuf_uninit(&odp_key); +} + +static void +ofproto_trace(struct ofproto_dpif *ofproto, const struct flow *flow, + const struct ofpbuf *packet, ovs_be16 initial_tci, + struct ds *ds) +{ + struct rule_dpif *rule; + + ds_put_cstr(ds, "Flow: "); + flow_format(ds, flow); + ds_put_char(ds, '\n'); - rule = rule_dpif_lookup(ofproto, &flow, 0); - trace_format_rule(&result, 0, 0, rule); + rule = rule_dpif_lookup(ofproto, flow, 0); + trace_format_rule(ds, 0, 0, rule); if (rule) { - struct ofproto_trace trace; + struct trace_ctx trace; struct ofpbuf *odp_actions; + uint8_t tcp_flags; - trace.result = &result; - trace.flow = flow; - action_xlate_ctx_init(&trace.ctx, ofproto, &flow, initial_tci, packet); + tcp_flags = packet ? packet_get_tcp_flags(packet, flow) : 0; + trace.result = ds; + trace.flow = *flow; + action_xlate_ctx_init(&trace.ctx, ofproto, flow, initial_tci, + rule, tcp_flags, packet); trace.ctx.resubmit_hook = trace_resubmit; odp_actions = xlate_actions(&trace.ctx, rule->up.actions, rule->up.n_actions); - ds_put_char(&result, '\n'); - trace_format_flow(&result, 0, "Final flow", &trace); - ds_put_cstr(&result, "Datapath actions: "); - format_odp_actions(&result, odp_actions->data, odp_actions->size); + ds_put_char(ds, '\n'); + trace_format_flow(ds, 0, "Final flow", &trace); + ds_put_cstr(ds, "Datapath actions: "); + format_odp_actions(ds, odp_actions->data, odp_actions->size); ofpbuf_delete(odp_actions); if (!trace.ctx.may_set_up_flow) { if (packet) { - ds_put_cstr(&result, "\nThis flow is not cachable."); + ds_put_cstr(ds, "\nThis flow is not cachable."); } else { - ds_put_cstr(&result, "\nThe datapath actions are incomplete--" + ds_put_cstr(ds, "\nThe datapath actions are incomplete--" "for complete actions, please supply a packet."); } } } - - unixctl_command_reply(conn, 200, ds_cstr(&result)); - -exit: - ds_destroy(&result); - ofpbuf_delete(packet); - ofpbuf_uninit(&odp_key); } static void @@ -5867,7 +6190,7 @@ ofproto_dpif_clog(struct unixctl_conn *conn OVS_UNUSED, int argc OVS_UNUSED, const char *argv[] OVS_UNUSED, void *aux OVS_UNUSED) { clogged = true; - unixctl_command_reply(conn, 200, NULL); + unixctl_command_reply(conn, NULL); } static void @@ -5875,7 +6198,58 @@ ofproto_dpif_unclog(struct unixctl_conn *conn OVS_UNUSED, int argc OVS_UNUSED, const char *argv[] OVS_UNUSED, void *aux OVS_UNUSED) { clogged = false; - unixctl_command_reply(conn, 200, NULL); + unixctl_command_reply(conn, NULL); +} + +/* Runs a self-check of flow translations in 'ofproto'. Appends a message to + * 'reply' describing the results. */ +static void +ofproto_dpif_self_check__(struct ofproto_dpif *ofproto, struct ds *reply) +{ + struct facet *facet; + int errors; + + errors = 0; + HMAP_FOR_EACH (facet, hmap_node, &ofproto->facets) { + if (!facet_check_consistency(facet)) { + errors++; + } + } + if (errors) { + ofproto->need_revalidate = true; + } + + if (errors) { + ds_put_format(reply, "%s: self-check failed (%d errors)\n", + ofproto->up.name, errors); + } else { + ds_put_format(reply, "%s: self-check passed\n", ofproto->up.name); + } +} + +static void +ofproto_dpif_self_check(struct unixctl_conn *conn, + int argc, const char *argv[], void *aux OVS_UNUSED) +{ + struct ds reply = DS_EMPTY_INITIALIZER; + struct ofproto_dpif *ofproto; + + if (argc > 1) { + ofproto = ofproto_dpif_lookup(argv[1]); + if (!ofproto) { + unixctl_command_reply_error(conn, "Unknown ofproto (use " + "ofproto/list for help)"); + return; + } + ofproto_dpif_self_check__(ofproto, &reply); + } else { + HMAP_FOR_EACH (ofproto, all_ofproto_dpifs_node, &all_ofproto_dpifs) { + ofproto_dpif_self_check__(ofproto, &reply); + } + } + + unixctl_command_reply(conn, ds_cstr(&reply)); + ds_destroy(&reply); } static void @@ -5890,8 +6264,8 @@ ofproto_dpif_unixctl_init(void) unixctl_command_register( "ofproto/trace", "bridge {tun_id in_port packet | odp_flow [-generate]}", - 2, 4, ofproto_unixctl_trace, NULL); - unixctl_command_register("fdb/flush", "bridge", 1, 1, + 2, 5, ofproto_unixctl_trace, NULL); + unixctl_command_register("fdb/flush", "[bridge]", 0, 1, ofproto_unixctl_fdb_flush, NULL); unixctl_command_register("fdb/show", "bridge", 1, 1, ofproto_unixctl_fdb_show, NULL); @@ -5899,6 +6273,8 @@ ofproto_dpif_unixctl_init(void) ofproto_dpif_clog, NULL); unixctl_command_register("ofproto/unclog", "", 0, 0, ofproto_dpif_unclog, NULL); + unixctl_command_register("ofproto/self-check", "[bridge]", 0, 1, + ofproto_dpif_self_check, NULL); } /* Linux VLAN device support (e.g. "eth0.10" for VLAN 10.) @@ -5946,6 +6322,13 @@ hash_realdev_vid(uint16_t realdev_ofp_port, int vid) return hash_2words(realdev_ofp_port, vid); } +/* Returns the ODP port number of the Linux VLAN device that corresponds to + * 'vlan_tci' on the network device with port number 'realdev_odp_port' in + * 'ofproto'. For example, given 'realdev_odp_port' of eth0 and 'vlan_tci' 9, + * it would return the port number of eth0.9. + * + * Unless VLAN splinters are enabled for port 'realdev_odp_port', this + * function just returns its 'realdev_odp_port' argument. */ static uint32_t vsp_realdev_to_vlandev(const struct ofproto_dpif *ofproto, uint32_t realdev_odp_port, ovs_be16 vlan_tci) @@ -5982,9 +6365,18 @@ vlandev_find(const struct ofproto_dpif *ofproto, uint16_t vlandev_ofp_port) return NULL; } +/* Returns the OpenFlow port number of the "real" device underlying the Linux + * VLAN device with OpenFlow port number 'vlandev_ofp_port' and stores the + * VLAN VID of the Linux VLAN device in '*vid'. For example, given + * 'vlandev_ofp_port' of eth0.9, it would return the OpenFlow port number of + * eth0 and store 9 in '*vid'. + * + * Returns 0 and does not modify '*vid' if 'vlandev_ofp_port' is not a Linux + * VLAN device. Unless VLAN splinters are enabled, this is what this function + * always does.*/ static uint16_t vsp_vlandev_to_realdev(const struct ofproto_dpif *ofproto, - uint16_t vlandev_ofp_port, int *vid) + uint16_t vlandev_ofp_port, int *vid) { if (!hmap_is_empty(&ofproto->vlandev_map)) { const struct vlan_splinter *vsp; @@ -6101,5 +6493,6 @@ const struct ofproto_class ofproto_dpif_class = { set_flood_vlans, is_mirror_output_bundle, forward_bpdu_changed, + set_mac_idle_time, set_realdev, };