X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=ofproto%2Fofproto.c;h=4b2cbc90fa1f317f04a33a12199ae5f444a9589f;hb=e0edde6fee279cdbbf3c179f5f50adaf0c7c7f1e;hp=2d41704fff85f6751b2eff5ecac5729a42a5ef34;hpb=765899376740486ca111c62a851b6120864f5698;p=sliver-openvswitch.git diff --git a/ofproto/ofproto.c b/ofproto/ofproto.c index 2d41704ff..4b2cbc90f 100644 --- a/ofproto/ofproto.c +++ b/ofproto/ofproto.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2009, 2010, 2011 Nicira Networks. + * Copyright (c) 2009, 2010, 2011, 2012 Nicira, Inc. * Copyright (c) 2010 Jean Tourrilhes - HP-Labs. * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -21,6 +21,7 @@ #include #include #include +#include "bitmap.h" #include "byte-order.h" #include "classifier.h" #include "connmgr.h" @@ -28,8 +29,10 @@ #include "dynamic-string.h" #include "hash.h" #include "hmap.h" +#include "meta-flow.h" #include "netdev.h" #include "nx-match.h" +#include "ofp-errors.h" #include "ofp-print.h" #include "ofp-util.h" #include "ofpbuf.h" @@ -40,6 +43,7 @@ #include "pinsched.h" #include "pktbuf.h" #include "poll-loop.h" +#include "random.h" #include "shash.h" #include "sset.h" #include "timeval.h" @@ -61,6 +65,7 @@ COVERAGE_DEFINE(ofproto_update_port); enum ofproto_state { S_OPENFLOW, /* Processing OpenFlow commands. */ + S_EVICT, /* Evicting flows from over-limit tables. */ S_FLUSH, /* Deleting all flow table rules. */ }; @@ -122,33 +127,78 @@ static void ofoperation_create(struct ofopgroup *, struct rule *, enum ofoperation_type); static void ofoperation_destroy(struct ofoperation *); -static void ofport_destroy__(struct ofport *); -static void ofport_destroy(struct ofport *); +/* oftable. */ +static void oftable_init(struct oftable *); +static void oftable_destroy(struct oftable *); -static uint64_t pick_datapath_id(const struct ofproto *); -static uint64_t pick_fallback_dpid(void); +static void oftable_set_name(struct oftable *, const char *name); -static void ofproto_destroy__(struct ofproto *); +static void oftable_disable_eviction(struct oftable *); +static void oftable_enable_eviction(struct oftable *, + const struct mf_subfield *fields, + size_t n_fields); -static void ofproto_rule_destroy__(struct rule *); -static void ofproto_rule_send_removed(struct rule *, uint8_t reason); +static void oftable_remove_rule(struct rule *); +static struct rule *oftable_replace_rule(struct rule *); +static void oftable_substitute_rule(struct rule *old, struct rule *new); -static void ofopgroup_destroy(struct ofopgroup *); +/* A set of rules within a single OpenFlow table (oftable) that have the same + * values for the oftable's eviction_fields. A rule to be evicted, when one is + * needed, is taken from the eviction group that contains the greatest number + * of rules. + * + * An oftable owns any number of eviction groups, each of which contains any + * number of rules. + * + * Membership in an eviction group is imprecise, based on the hash of the + * oftable's eviction_fields (in the eviction_group's id_node.hash member). + * That is, if two rules have different eviction_fields, but those + * eviction_fields hash to the same value, then they will belong to the same + * eviction_group anyway. + * + * (When eviction is not enabled on an oftable, we don't track any eviction + * groups, to save time and space.) */ +struct eviction_group { + struct hmap_node id_node; /* In oftable's "eviction_groups_by_id". */ + struct heap_node size_node; /* In oftable's "eviction_groups_by_size". */ + struct heap rules; /* Contains "struct rule"s. */ +}; -static int add_flow(struct ofproto *, struct ofconn *, - const struct ofputil_flow_mod *, - const struct ofp_header *); +static struct rule *choose_rule_to_evict(struct oftable *); +static void ofproto_evict(struct ofproto *); +static uint32_t rule_eviction_priority(struct rule *); -static bool handle_openflow(struct ofconn *, struct ofpbuf *); -static int handle_flow_mod__(struct ofproto *, struct ofconn *, - const struct ofputil_flow_mod *, - const struct ofp_header *); +/* ofport. */ +static void ofport_destroy__(struct ofport *); +static void ofport_destroy(struct ofport *); static void update_port(struct ofproto *, const char *devname); static int init_ports(struct ofproto *); static void reinit_ports(struct ofproto *); -static void set_internal_devs_mtu(struct ofproto *); +/* rule. */ +static void ofproto_rule_destroy__(struct rule *); +static void ofproto_rule_send_removed(struct rule *, uint8_t reason); +static bool rule_is_modifiable(const struct rule *); +static bool rule_is_hidden(const struct rule *); + +/* OpenFlow. */ +static enum ofperr add_flow(struct ofproto *, struct ofconn *, + const struct ofputil_flow_mod *, + const struct ofp_header *); +static void delete_flow__(struct rule *, struct ofopgroup *); +static bool handle_openflow(struct ofconn *, struct ofpbuf *); +static enum ofperr handle_flow_mod__(struct ofproto *, struct ofconn *, + const struct ofputil_flow_mod *, + const struct ofp_header *); + +/* ofproto. */ +static uint64_t pick_datapath_id(const struct ofproto *); +static uint64_t pick_fallback_dpid(void); +static void ofproto_destroy__(struct ofproto *); +static void update_mtu(struct ofproto *, struct ofport *); + +/* unixctl. */ static void ofproto_unixctl_init(void); /* All registered ofproto classes, in probe order. */ @@ -285,9 +335,7 @@ ofproto_create(const char *datapath_name, const char *datapath_type, struct ofproto **ofprotop) { const struct ofproto_class *class; - struct classifier *table; struct ofproto *ofproto; - int n_tables; int error; *ofprotop = NULL; @@ -337,8 +385,11 @@ ofproto_create(const char *datapath_name, const char *datapath_type, list_init(&ofproto->pending); ofproto->n_pending = 0; hmap_init(&ofproto->deletions); + ofproto->vlan_bitmap = NULL; + ofproto->vlans_changed = false; + ofproto->min_mtu = INT_MAX; - error = ofproto->ofproto_class->construct(ofproto, &n_tables); + error = ofproto->ofproto_class->construct(ofproto); if (error) { VLOG_ERR("failed to open datapath %s: %s", datapath_name, strerror(error)); @@ -346,12 +397,7 @@ ofproto_create(const char *datapath_name, const char *datapath_type, return error; } - assert(n_tables >= 1 && n_tables <= 255); - ofproto->n_tables = n_tables; - ofproto->tables = xmalloc(n_tables * sizeof *ofproto->tables); - OFPROTO_FOR_EACH_TABLE (table, ofproto) { - classifier_init(table); - } + assert(ofproto->n_tables); ofproto->datapath_id = pick_datapath_id(ofproto); VLOG_INFO("using datapath ID %016"PRIx64, ofproto->datapath_id); @@ -361,6 +407,21 @@ ofproto_create(const char *datapath_name, const char *datapath_type, return 0; } +void +ofproto_init_tables(struct ofproto *ofproto, int n_tables) +{ + struct oftable *table; + + assert(!ofproto->n_tables); + assert(n_tables >= 1 && n_tables <= 255); + + ofproto->n_tables = n_tables; + ofproto->tables = xmalloc(n_tables * sizeof *ofproto->tables); + OFPROTO_FOR_EACH_TABLE (table, ofproto) { + oftable_init(table); + } +} + void ofproto_set_datapath_id(struct ofproto *p, uint64_t datapath_id) { @@ -443,6 +504,16 @@ ofproto_set_forward_bpdu(struct ofproto *ofproto, bool forward_bpdu) } } +/* Sets the MAC aging timeout for the OFPP_NORMAL action on 'ofproto' to + * 'idle_time', in seconds. */ +void +ofproto_set_mac_idle_time(struct ofproto *ofproto, unsigned idle_time) +{ + if (ofproto->ofproto_class->set_mac_idle_time) { + ofproto->ofproto_class->set_mac_idle_time(ofproto, idle_time); + } +} + void ofproto_set_desc(struct ofproto *p, const char *mfr_desc, const char *hw_desc, @@ -593,8 +664,8 @@ ofproto_port_get_stp_status(struct ofproto *ofproto, uint16_t ofp_port, { struct ofport *ofport = ofproto_get_port(ofproto, ofp_port); if (!ofport) { - VLOG_WARN("%s: cannot get STP status on nonexistent port %"PRIu16, - ofproto->name, ofp_port); + VLOG_WARN_RL(&rl, "%s: cannot get STP status on nonexistent " + "port %"PRIu16, ofproto->name, ofp_port); return ENODEV; } @@ -603,6 +674,33 @@ ofproto_port_get_stp_status(struct ofproto *ofproto, uint16_t ofp_port, : EOPNOTSUPP); } +/* Queue DSCP configuration. */ + +/* Registers meta-data associated with the 'n_qdscp' Qualities of Service + * 'queues' attached to 'ofport'. This data is not intended to be sufficient + * to implement QoS. Instead, it is used to implement features which require + * knowledge of what queues exist on a port, and some basic information about + * them. + * + * Returns 0 if successful, otherwise a positive errno value. */ +int +ofproto_port_set_queues(struct ofproto *ofproto, uint16_t ofp_port, + const struct ofproto_port_queue *queues, + size_t n_queues) +{ + struct ofport *ofport = ofproto_get_port(ofproto, ofp_port); + + if (!ofport) { + VLOG_WARN("%s: cannot set queues on nonexistent port %"PRIu16, + ofproto->name, ofp_port); + return ENODEV; + } + + return (ofproto->ofproto_class->set_queues + ? ofproto->ofproto_class->set_queues(ofport, queues, n_queues) + : EOPNOTSUPP); +} + /* Connectivity Fault Management configuration. */ /* Clears the CFM configuration from 'ofp_port' on 'ofproto'. */ @@ -694,10 +792,7 @@ ofproto_bundle_unregister(struct ofproto *ofproto, void *aux) /* Registers a mirror associated with client data pointer 'aux' in 'ofproto'. * If 'aux' is already registered then this function updates its configuration - * to 's'. Otherwise, this function registers a new mirror. - * - * Mirrors affect only the treatment of packets output to the OFPP_NORMAL - * port. */ + * to 's'. Otherwise, this function registers a new mirror. */ int ofproto_mirror_register(struct ofproto *ofproto, void *aux, const struct ofproto_mirror_settings *s) @@ -715,6 +810,23 @@ ofproto_mirror_unregister(struct ofproto *ofproto, void *aux) return ofproto_mirror_register(ofproto, aux, NULL); } +/* Retrieves statistics from mirror associated with client data pointer + * 'aux' in 'ofproto'. Stores packet and byte counts in 'packets' and + * 'bytes', respectively. If a particular counters is not supported, + * the appropriate argument is set to UINT64_MAX. */ +int +ofproto_mirror_get_stats(struct ofproto *ofproto, void *aux, + uint64_t *packets, uint64_t *bytes) +{ + if (!ofproto->ofproto_class->mirror_get_stats) { + *packets = *bytes = UINT64_MAX; + return EOPNOTSUPP; + } + + return ofproto->ofproto_class->mirror_get_stats(ofproto, aux, + packets, bytes); +} + /* Configures the VLANs whose bits are set to 1 in 'flood_vlans' as VLANs on * which all packets are flooded, instead of using MAC learning. If * 'flood_vlans' is NULL, then MAC learning applies to all VLANs. @@ -739,6 +851,59 @@ ofproto_is_mirror_output_bundle(const struct ofproto *ofproto, void *aux) : false); } +/* Configuration of OpenFlow tables. */ + +/* Returns the number of OpenFlow tables in 'ofproto'. */ +int +ofproto_get_n_tables(const struct ofproto *ofproto) +{ + return ofproto->n_tables; +} + +/* Configures the OpenFlow table in 'ofproto' with id 'table_id' with the + * settings from 's'. 'table_id' must be in the range 0 through the number of + * OpenFlow tables in 'ofproto' minus 1, inclusive. + * + * For read-only tables, only the name may be configured. */ +void +ofproto_configure_table(struct ofproto *ofproto, int table_id, + const struct ofproto_table_settings *s) +{ + struct oftable *table; + + assert(table_id >= 0 && table_id < ofproto->n_tables); + table = &ofproto->tables[table_id]; + + oftable_set_name(table, s->name); + + if (table->flags & OFTABLE_READONLY) { + return; + } + + if (s->groups) { + oftable_enable_eviction(table, s->groups, s->n_groups); + } else { + oftable_disable_eviction(table); + } + + table->max_flows = s->max_flows; + if (classifier_count(&table->cls) > table->max_flows + && table->eviction_fields) { + /* 'table' contains more flows than allowed. We might not be able to + * evict them right away because of the asynchronous nature of flow + * table changes. Schedule eviction for later. */ + switch (ofproto->state) { + case S_OPENFLOW: + ofproto->state = S_EVICT; + break; + case S_EVICT: + case S_FLUSH: + /* We're already deleting flows, nothing more to do. */ + break; + } + } +} + bool ofproto_has_snoops(const struct ofproto *ofproto) { @@ -754,8 +919,8 @@ ofproto_get_snoops(const struct ofproto *ofproto, struct sset *snoops) static void ofproto_flush__(struct ofproto *ofproto) { - struct classifier *table; struct ofopgroup *group; + struct oftable *table; if (ofproto->ofproto_class->flush) { ofproto->ofproto_class->flush(ofproto); @@ -766,11 +931,15 @@ ofproto_flush__(struct ofproto *ofproto) struct rule *rule, *next_rule; struct cls_cursor cursor; - cls_cursor_init(&cursor, table, NULL); + if (table->flags & OFTABLE_HIDDEN) { + continue; + } + + cls_cursor_init(&cursor, &table->cls, NULL); CLS_CURSOR_FOR_EACH_SAFE (rule, next_rule, cr, &cursor) { if (!rule->pending) { ofoperation_create(group, rule, OFOPERATION_DELETE); - classifier_remove(table, &rule->cr); + oftable_remove_rule(rule); ofproto->ofproto_class->rule_destruct(rule); } } @@ -781,7 +950,7 @@ ofproto_flush__(struct ofproto *ofproto) static void ofproto_destroy__(struct ofproto *ofproto) { - struct classifier *table; + struct oftable *table; assert(list_is_empty(&ofproto->pending)); assert(!ofproto->n_pending); @@ -800,13 +969,14 @@ ofproto_destroy__(struct ofproto *ofproto) shash_destroy(&ofproto->port_by_name); OFPROTO_FOR_EACH_TABLE (table, ofproto) { - assert(classifier_is_empty(table)); - classifier_destroy(table); + oftable_destroy(table); } free(ofproto->tables); hmap_destroy(&ofproto->deletions); + free(ofproto->vlan_bitmap); + ofproto->ofproto_class->dealloc(ofproto); } @@ -857,41 +1027,56 @@ process_port_change(struct ofproto *ofproto, int error, char *devname) int ofproto_run(struct ofproto *p) { + struct sset changed_netdevs; + const char *changed_netdev; struct ofport *ofport; - char *devname; int error; error = p->ofproto_class->run(p); - if (error == ENODEV) { - /* Someone destroyed the datapath behind our back. The caller - * better destroy us and give up, because we're just going to - * spin from here on out. */ - static struct vlog_rate_limit rl2 = VLOG_RATE_LIMIT_INIT(1, 5); - VLOG_ERR_RL(&rl2, "%s: datapath was destroyed externally", - p->name); - return ENODEV; + if (error && error != EAGAIN) { + VLOG_ERR_RL(&rl, "%s: run failed (%s)", p->name, strerror(error)); } if (p->ofproto_class->port_poll) { + char *devname; + while ((error = p->ofproto_class->port_poll(p, &devname)) != EAGAIN) { process_port_change(p, error, devname); } } + /* Update OpenFlow port status for any port whose netdev has changed. + * + * Refreshing a given 'ofport' can cause an arbitrary ofport to be + * destroyed, so it's not safe to update ports directly from the + * HMAP_FOR_EACH loop, or even to use HMAP_FOR_EACH_SAFE. Instead, we + * need this two-phase approach. */ + sset_init(&changed_netdevs); HMAP_FOR_EACH (ofport, hmap_node, &p->ports) { unsigned int change_seq = netdev_change_seq(ofport->netdev); if (ofport->change_seq != change_seq) { ofport->change_seq = change_seq; - update_port(p, netdev_get_name(ofport->netdev)); + sset_add(&changed_netdevs, netdev_get_name(ofport->netdev)); } } - + SSET_FOR_EACH (changed_netdev, &changed_netdevs) { + update_port(p, changed_netdev); + } + sset_destroy(&changed_netdevs); switch (p->state) { case S_OPENFLOW: connmgr_run(p->connmgr, handle_openflow); break; + case S_EVICT: + connmgr_run(p->connmgr, NULL); + ofproto_evict(p); + if (list_is_empty(&p->pending) && hmap_is_empty(&p->deletions)) { + p->state = S_OPENFLOW; + } + break; + case S_FLUSH: connmgr_run(p->connmgr, NULL); ofproto_flush__(p); @@ -905,7 +1090,26 @@ ofproto_run(struct ofproto *p) NOT_REACHED(); } - return 0; + return error; +} + +/* Performs periodic activity required by 'ofproto' that needs to be done + * with the least possible latency. + * + * It makes sense to call this function a couple of times per poll loop, to + * provide a significant performance boost on some benchmarks with the + * ofproto-dpif implementation. */ +int +ofproto_run_fast(struct ofproto *p) +{ + int error; + + error = p->ofproto_class->run_fast ? p->ofproto_class->run_fast(p) : 0; + if (error && error != EAGAIN) { + VLOG_ERR_RL(&rl, "%s: fastpath run failed (%s)", + p->name, strerror(error)); + } + return error; } void @@ -929,6 +1133,7 @@ ofproto_wait(struct ofproto *p) connmgr_wait(p->connmgr, true); break; + case S_EVICT: case S_FLUSH: connmgr_wait(p->connmgr, false); if (list_is_empty(&p->pending) && hmap_is_empty(&p->deletions)) { @@ -1117,7 +1322,7 @@ ofproto_add_flow(struct ofproto *ofproto, const struct cls_rule *cls_rule, const struct rule *rule; rule = rule_from_cls_rule(classifier_find_rule_exactly( - &ofproto->tables[0], cls_rule)); + &ofproto->tables[0].cls, cls_rule)); if (!rule || !ofputil_actions_equal(rule->actions, rule->n_actions, actions, n_actions)) { struct ofputil_flow_mod fm; @@ -1132,9 +1337,8 @@ ofproto_add_flow(struct ofproto *ofproto, const struct cls_rule *cls_rule, } /* Executes the flow modification specified in 'fm'. Returns 0 on success, an - * OpenFlow error code as encoded by ofp_mkerr() on failure, or - * OFPROTO_POSTPONE if the operation cannot be initiated now but may be retried - * later. + * OFPERR_* OpenFlow error code on failure, or OFPROTO_POSTPONE if the + * operation cannot be initiated now but may be retried later. * * This is a helper function for in-band control and fail-open. */ int @@ -1153,7 +1357,7 @@ ofproto_delete_flow(struct ofproto *ofproto, const struct cls_rule *target) struct rule *rule; rule = rule_from_cls_rule(classifier_find_rule_exactly( - &ofproto->tables[0], target)); + &ofproto->tables[0].cls, target)); if (!rule) { /* No such rule -> success. */ return true; @@ -1165,8 +1369,8 @@ ofproto_delete_flow(struct ofproto *ofproto, const struct cls_rule *target) /* Initiate deletion -> success. */ struct ofopgroup *group = ofopgroup_create_unattached(ofproto); ofoperation_create(group, rule, OFOPERATION_DELETE); - classifier_remove(&ofproto->tables[rule->table_id], &rule->cr); - rule->ofproto->ofproto_class->rule_destruct(rule); + oftable_remove_rule(rule); + ofproto->ofproto_class->rule_destruct(rule); ofopgroup_submit(group); return true; } @@ -1211,9 +1415,9 @@ reinit_ports(struct ofproto *p) /* Opens and returns a netdev for 'ofproto_port', or a null pointer if the * netdev cannot be opened. On success, also fills in 'opp'. */ static struct netdev * -ofport_open(const struct ofproto_port *ofproto_port, struct ofp_phy_port *opp) +ofport_open(const struct ofproto_port *ofproto_port, + struct ofputil_phy_port *pp) { - uint32_t curr, advertised, supported, peer; enum netdev_flags flags; struct netdev *netdev; int error; @@ -1227,36 +1431,36 @@ ofport_open(const struct ofproto_port *ofproto_port, struct ofp_phy_port *opp) return NULL; } + pp->port_no = ofproto_port->ofp_port; + netdev_get_etheraddr(netdev, pp->hw_addr); + ovs_strlcpy(pp->name, ofproto_port->name, sizeof pp->name); netdev_get_flags(netdev, &flags); - netdev_get_features(netdev, &curr, &advertised, &supported, &peer); - - opp->port_no = htons(ofproto_port->ofp_port); - netdev_get_etheraddr(netdev, opp->hw_addr); - ovs_strzcpy(opp->name, ofproto_port->name, sizeof opp->name); - opp->config = flags & NETDEV_UP ? 0 : htonl(OFPPC_PORT_DOWN); - opp->state = netdev_get_carrier(netdev) ? 0 : htonl(OFPPS_LINK_DOWN); - opp->curr = htonl(curr); - opp->advertised = htonl(advertised); - opp->supported = htonl(supported); - opp->peer = htonl(peer); + pp->config = flags & NETDEV_UP ? 0 : OFPUTIL_PC_PORT_DOWN; + pp->state = netdev_get_carrier(netdev) ? 0 : OFPUTIL_PS_LINK_DOWN; + netdev_get_features(netdev, &pp->curr, &pp->advertised, + &pp->supported, &pp->peer); + pp->curr_speed = netdev_features_to_bps(pp->curr); + pp->max_speed = netdev_features_to_bps(pp->supported); return netdev; } /* Returns true if most fields of 'a' and 'b' are equal. Differences in name, - * port number, and 'config' bits other than OFPPC_PORT_DOWN are + * port number, and 'config' bits other than OFPUTIL_PS_LINK_DOWN are * disregarded. */ static bool -ofport_equal(const struct ofp_phy_port *a, const struct ofp_phy_port *b) +ofport_equal(const struct ofputil_phy_port *a, + const struct ofputil_phy_port *b) { - BUILD_ASSERT_DECL(sizeof *a == 48); /* Detect ofp_phy_port changes. */ - return (!memcmp(a->hw_addr, b->hw_addr, sizeof a->hw_addr) + return (eth_addr_equals(a->hw_addr, b->hw_addr) && a->state == b->state - && !((a->config ^ b->config) & htonl(OFPPC_PORT_DOWN)) + && !((a->config ^ b->config) & OFPUTIL_PC_PORT_DOWN) && a->curr == b->curr && a->advertised == b->advertised && a->supported == b->supported - && a->peer == b->peer); + && a->peer == b->peer + && a->curr_speed == b->curr_speed + && a->max_speed == b->max_speed); } /* Adds an ofport to 'p' initialized based on the given 'netdev' and 'opp'. @@ -1264,11 +1468,10 @@ ofport_equal(const struct ofp_phy_port *a, const struct ofp_phy_port *b) * one with the same name or port number). */ static void ofport_install(struct ofproto *p, - struct netdev *netdev, const struct ofp_phy_port *opp) + struct netdev *netdev, const struct ofputil_phy_port *pp) { const char *netdev_name = netdev_get_name(netdev); struct ofport *ofport; - int dev_mtu; int error; /* Create ofport. */ @@ -1280,26 +1483,21 @@ ofport_install(struct ofproto *p, ofport->ofproto = p; ofport->netdev = netdev; ofport->change_seq = netdev_change_seq(netdev); - ofport->opp = *opp; - ofport->ofp_port = ntohs(opp->port_no); + ofport->pp = *pp; + ofport->ofp_port = pp->port_no; /* Add port to 'p'. */ hmap_insert(&p->ports, &ofport->hmap_node, hash_int(ofport->ofp_port, 0)); shash_add(&p->port_by_name, netdev_name, ofport); - if (!netdev_get_mtu(netdev, &dev_mtu)) { - set_internal_devs_mtu(p); - ofport->mtu = dev_mtu; - } else { - ofport->mtu = 0; - } + update_mtu(p, ofport); /* Let the ofproto_class initialize its private data. */ error = p->ofproto_class->port_construct(ofport); if (error) { goto error; } - connmgr_send_port_status(p->connmgr, opp, OFPPR_ADD); + connmgr_send_port_status(p->connmgr, pp, OFPPR_ADD); return; error: @@ -1316,7 +1514,7 @@ error: static void ofport_remove(struct ofport *ofport) { - connmgr_send_port_status(ofport->ofproto->connmgr, &ofport->opp, + connmgr_send_port_status(ofport->ofproto->connmgr, &ofport->pp, OFPPR_DELETE); ofport_destroy(ofport); } @@ -1332,32 +1530,34 @@ ofport_remove_with_name(struct ofproto *ofproto, const char *name) } } -/* Updates 'port' with new 'opp' description. +/* Updates 'port' with new 'pp' description. * * Does not handle a name or port number change. The caller must implement * such a change as a delete followed by an add. */ static void -ofport_modified(struct ofport *port, struct ofp_phy_port *opp) +ofport_modified(struct ofport *port, struct ofputil_phy_port *pp) { - memcpy(port->opp.hw_addr, opp->hw_addr, ETH_ADDR_LEN); - port->opp.config = ((port->opp.config & ~htonl(OFPPC_PORT_DOWN)) - | (opp->config & htonl(OFPPC_PORT_DOWN))); - port->opp.state = opp->state; - port->opp.curr = opp->curr; - port->opp.advertised = opp->advertised; - port->opp.supported = opp->supported; - port->opp.peer = opp->peer; + memcpy(port->pp.hw_addr, pp->hw_addr, ETH_ADDR_LEN); + port->pp.config = ((port->pp.config & ~OFPUTIL_PC_PORT_DOWN) + | (pp->config & OFPUTIL_PC_PORT_DOWN)); + port->pp.state = pp->state; + port->pp.curr = pp->curr; + port->pp.advertised = pp->advertised; + port->pp.supported = pp->supported; + port->pp.peer = pp->peer; + port->pp.curr_speed = pp->curr_speed; + port->pp.max_speed = pp->max_speed; - connmgr_send_port_status(port->ofproto->connmgr, &port->opp, OFPPR_MODIFY); + connmgr_send_port_status(port->ofproto->connmgr, &port->pp, OFPPR_MODIFY); } /* Update OpenFlow 'state' in 'port' and notify controller. */ void -ofproto_port_set_state(struct ofport *port, ovs_be32 state) +ofproto_port_set_state(struct ofport *port, enum ofputil_port_state state) { - if (port->opp.state != state) { - port->opp.state = state; - connmgr_send_port_status(port->ofproto->connmgr, &port->opp, + if (port->pp.state != state) { + port->pp.state = state; + connmgr_send_port_status(port->ofproto->connmgr, &port->pp, OFPPR_MODIFY); } } @@ -1367,6 +1567,12 @@ ofproto_port_unregister(struct ofproto *ofproto, uint16_t ofp_port) { struct ofport *port = ofproto_get_port(ofproto, ofp_port); if (port) { + if (port->ofproto->ofproto_class->set_realdev) { + port->ofproto->ofproto_class->set_realdev(port, 0, 0); + } + if (port->ofproto->ofproto_class->set_stp_port) { + port->ofproto->ofproto_class->set_stp_port(port, NULL); + } if (port->ofproto->ofproto_class->set_cfm) { port->ofproto->ofproto_class->set_cfm(port, NULL); } @@ -1413,11 +1619,26 @@ ofproto_get_port(const struct ofproto *ofproto, uint16_t ofp_port) return NULL; } +int +ofproto_port_get_stats(const struct ofport *port, struct netdev_stats *stats) +{ + struct ofproto *ofproto = port->ofproto; + int error; + + if (ofproto->ofproto_class->port_get_stats) { + error = ofproto->ofproto_class->port_get_stats(port, stats); + } else { + error = EOPNOTSUPP; + } + + return error; +} + static void update_port(struct ofproto *ofproto, const char *name) { struct ofproto_port ofproto_port; - struct ofp_phy_port opp; + struct ofputil_phy_port pp; struct netdev *netdev; struct ofport *port; @@ -1425,27 +1646,19 @@ update_port(struct ofproto *ofproto, const char *name) /* Fetch 'name''s location and properties from the datapath. */ netdev = (!ofproto_port_query_by_name(ofproto, name, &ofproto_port) - ? ofport_open(&ofproto_port, &opp) + ? ofport_open(&ofproto_port, &pp) : NULL); if (netdev) { port = ofproto_get_port(ofproto, ofproto_port.ofp_port); if (port && !strcmp(netdev_get_name(port->netdev), name)) { struct netdev *old_netdev = port->netdev; - int dev_mtu; /* 'name' hasn't changed location. Any properties changed? */ - if (!ofport_equal(&port->opp, &opp)) { - ofport_modified(port, &opp); + if (!ofport_equal(&port->pp, &pp)) { + ofport_modified(port, &pp); } - /* If this is a non-internal port and the MTU changed, check - * if the datapath's MTU needs to be updated. */ - if (strcmp(netdev_get_type(netdev), "internal") - && !netdev_get_mtu(netdev, &dev_mtu) - && port->mtu != dev_mtu) { - set_internal_devs_mtu(ofproto); - port->mtu = dev_mtu; - } + update_mtu(ofproto, port); /* Install the newly opened netdev in case it has changed. * Don't close the old netdev yet in case port_modified has to @@ -1466,7 +1679,7 @@ update_port(struct ofproto *ofproto, const char *name) ofport_remove(port); } ofport_remove_with_name(ofproto, name); - ofport_install(ofproto, netdev, &opp); + ofport_install(ofproto, netdev, &pp); } } else { /* Any port named 'name' is gone now. */ @@ -1490,12 +1703,12 @@ init_ports(struct ofproto *p) VLOG_WARN_RL(&rl, "ignoring duplicate device %s in datapath", ofproto_port.name); } else { - struct ofp_phy_port opp; + struct ofputil_phy_port pp; struct netdev *netdev; - netdev = ofport_open(&ofproto_port, &opp); + netdev = ofport_open(&ofproto_port, &pp); if (netdev) { - ofport_install(p, netdev, &opp); + ofport_install(p, netdev, &pp); } } } @@ -1532,19 +1745,44 @@ find_min_mtu(struct ofproto *p) return mtu ? mtu: ETH_PAYLOAD_MAX; } -/* Set the MTU of all datapath devices on 'p' to the minimum of the - * non-datapath ports. */ +/* Update MTU of all datapath devices on 'p' to the minimum of the + * non-datapath ports in event of 'port' added or changed. */ static void -set_internal_devs_mtu(struct ofproto *p) +update_mtu(struct ofproto *p, struct ofport *port) { struct ofport *ofport; - int mtu = find_min_mtu(p); + struct netdev *netdev = port->netdev; + int dev_mtu, old_min; + + if (netdev_get_mtu(netdev, &dev_mtu)) { + port->mtu = 0; + return; + } + if (!strcmp(netdev_get_type(port->netdev), "internal")) { + if (dev_mtu > p->min_mtu) { + if (!netdev_set_mtu(port->netdev, p->min_mtu)) { + dev_mtu = p->min_mtu; + } + } + port->mtu = dev_mtu; + return; + } + + /* For non-internal port find new min mtu. */ + old_min = p->min_mtu; + port->mtu = dev_mtu; + p->min_mtu = find_min_mtu(p); + if (p->min_mtu == old_min) { + return; + } HMAP_FOR_EACH (ofport, hmap_node, &p->ports) { struct netdev *netdev = ofport->netdev; if (!strcmp(netdev_get_type(netdev), "internal")) { - netdev_set_mtu(netdev, mtu); + if (!netdev_set_mtu(netdev, p->min_mtu)) { + ofport->mtu = p->min_mtu; + } } } } @@ -1552,8 +1790,10 @@ set_internal_devs_mtu(struct ofproto *p) static void ofproto_rule_destroy__(struct rule *rule) { - free(rule->actions); - rule->ofproto->ofproto_class->rule_dealloc(rule); + if (rule) { + free(rule->actions); + rule->ofproto->ofproto_class->rule_dealloc(rule); + } } /* This function allows an ofproto implementation to destroy any rules that @@ -1568,7 +1808,7 @@ void ofproto_rule_destroy(struct rule *rule) { assert(!rule->pending); - classifier_remove(&rule->ofproto->tables[rule->table_id], &rule->cr); + oftable_remove_rule(rule); ofproto_rule_destroy__(rule); } @@ -1621,63 +1861,80 @@ rule_is_hidden(const struct rule *rule) { return rule->cr.priority > UINT16_MAX; } + +static enum oftable_flags +rule_get_flags(const struct rule *rule) +{ + return rule->ofproto->tables[rule->table_id].flags; +} + +static bool +rule_is_modifiable(const struct rule *rule) +{ + return !(rule_get_flags(rule) & OFTABLE_READONLY); +} -static int +static enum ofperr handle_echo_request(struct ofconn *ofconn, const struct ofp_header *oh) { ofconn_send_reply(ofconn, make_echo_reply(oh)); return 0; } -static int +static enum ofperr handle_features_request(struct ofconn *ofconn, const struct ofp_header *oh) { struct ofproto *ofproto = ofconn_get_ofproto(ofconn); - struct ofp_switch_features *osf; - struct ofpbuf *buf; + struct ofputil_switch_features features; struct ofport *port; bool arp_match_ip; - uint32_t actions; + struct ofpbuf *b; - ofproto->ofproto_class->get_features(ofproto, &arp_match_ip, &actions); - assert(actions & (1 << OFPAT_OUTPUT)); /* sanity check */ + ofproto->ofproto_class->get_features(ofproto, &arp_match_ip, + &features.actions); + assert(features.actions & OFPUTIL_A_OUTPUT); /* sanity check */ - osf = make_openflow_xid(sizeof *osf, OFPT_FEATURES_REPLY, oh->xid, &buf); - osf->datapath_id = htonll(ofproto->datapath_id); - osf->n_buffers = htonl(pktbuf_capacity()); - osf->n_tables = ofproto->n_tables; - osf->capabilities = htonl(OFPC_FLOW_STATS | OFPC_TABLE_STATS | - OFPC_PORT_STATS | OFPC_QUEUE_STATS); + features.datapath_id = ofproto->datapath_id; + features.n_buffers = pktbuf_capacity(); + features.n_tables = ofproto->n_tables; + features.capabilities = (OFPUTIL_C_FLOW_STATS | OFPUTIL_C_TABLE_STATS | + OFPUTIL_C_PORT_STATS | OFPUTIL_C_QUEUE_STATS); if (arp_match_ip) { - osf->capabilities |= htonl(OFPC_ARP_MATCH_IP); + features.capabilities |= OFPUTIL_C_ARP_MATCH_IP; } - osf->actions = htonl(actions); + b = ofputil_encode_switch_features(&features, ofconn_get_protocol(ofconn), + oh->xid); HMAP_FOR_EACH (port, hmap_node, &ofproto->ports) { - ofpbuf_put(buf, &port->opp, sizeof port->opp); + ofputil_put_switch_features_port(&port->pp, b); } - ofconn_send_reply(ofconn, buf); + ofconn_send_reply(ofconn, b); return 0; } -static int +static enum ofperr handle_get_config_request(struct ofconn *ofconn, const struct ofp_header *oh) { struct ofproto *ofproto = ofconn_get_ofproto(ofconn); struct ofp_switch_config *osc; + enum ofp_config_flags flags; struct ofpbuf *buf; /* Send reply. */ osc = make_openflow_xid(sizeof *osc, OFPT_GET_CONFIG_REPLY, oh->xid, &buf); - osc->flags = htons(ofproto->frag_handling); + flags = ofproto->frag_handling; + if (ofconn_get_invalid_ttl_to_controller(ofconn)) { + flags |= OFPC_INVALID_TTL_TO_CONTROLLER; + } + osc->flags = htons(flags); osc->miss_send_len = htons(ofconn_get_miss_send_len(ofconn)); ofconn_send_reply(ofconn, buf); return 0; } -static int +static enum ofperr handle_set_config(struct ofconn *ofconn, const struct ofp_switch_config *osc) { struct ofproto *ofproto = ofconn_get_ofproto(ofconn); @@ -1699,6 +1956,8 @@ handle_set_config(struct ofconn *ofconn, const struct ofp_switch_config *osc) } } } + ofconn_set_invalid_ttl_to_controller(ofconn, + (flags & OFPC_INVALID_TTL_TO_CONTROLLER)); ofconn_set_miss_send_len(ofconn, ntohs(osc->miss_send_len)); @@ -1706,30 +1965,29 @@ handle_set_config(struct ofconn *ofconn, const struct ofp_switch_config *osc) } /* Checks whether 'ofconn' is a slave controller. If so, returns an OpenFlow - * error message code (composed with ofp_mkerr()) for the caller to propagate - * upward. Otherwise, returns 0. */ -static int -reject_slave_controller(const struct ofconn *ofconn) + * error message code for the caller to propagate upward. Otherwise, returns + * 0. + * + * The log message mentions 'msg_type'. */ +static enum ofperr +reject_slave_controller(struct ofconn *ofconn) { if (ofconn_get_type(ofconn) == OFCONN_PRIMARY && ofconn_get_role(ofconn) == NX_ROLE_SLAVE) { - return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_EPERM); + return OFPERR_OFPBRC_EPERM; } else { return 0; } } -static int -handle_packet_out(struct ofconn *ofconn, const struct ofp_header *oh) +static enum ofperr +handle_packet_out(struct ofconn *ofconn, const struct ofp_packet_out *opo) { struct ofproto *p = ofconn_get_ofproto(ofconn); - struct ofp_packet_out *opo; - struct ofpbuf payload, *buffer; - union ofp_action *ofp_actions; - struct ofpbuf request; + struct ofputil_packet_out po; + struct ofpbuf *payload; struct flow flow; - size_t n_ofp_actions; - int error; + enum ofperr error; COVERAGE_INC(ofproto_packet_out); @@ -1738,89 +1996,89 @@ handle_packet_out(struct ofconn *ofconn, const struct ofp_header *oh) return error; } - /* Get ofp_packet_out. */ - ofpbuf_use_const(&request, oh, ntohs(oh->length)); - opo = ofpbuf_pull(&request, offsetof(struct ofp_packet_out, actions)); - - /* Get actions. */ - error = ofputil_pull_actions(&request, ntohs(opo->actions_len), - &ofp_actions, &n_ofp_actions); + /* Decode message. */ + error = ofputil_decode_packet_out(&po, opo); if (error) { return error; } /* Get payload. */ - if (opo->buffer_id != htonl(UINT32_MAX)) { - error = ofconn_pktbuf_retrieve(ofconn, ntohl(opo->buffer_id), - &buffer, NULL); - if (error || !buffer) { + if (po.buffer_id != UINT32_MAX) { + error = ofconn_pktbuf_retrieve(ofconn, po.buffer_id, &payload, NULL); + if (error || !payload) { return error; } - payload = *buffer; } else { - payload = request; - buffer = NULL; + payload = xmalloc(sizeof *payload); + ofpbuf_use_const(payload, po.packet, po.packet_len); } /* Send out packet. */ - flow_extract(&payload, 0, 0, ntohs(opo->in_port), &flow); - error = p->ofproto_class->packet_out(p, &payload, &flow, - ofp_actions, n_ofp_actions); - ofpbuf_delete(buffer); + flow_extract(payload, 0, 0, po.in_port, &flow); + error = p->ofproto_class->packet_out(p, payload, &flow, + po.actions, po.n_actions); + ofpbuf_delete(payload); return error; } static void -update_port_config(struct ofport *port, ovs_be32 config, ovs_be32 mask) +update_port_config(struct ofport *port, + enum ofputil_port_config config, + enum ofputil_port_config mask) { - ovs_be32 old_config = port->opp.config; + enum ofputil_port_config old_config = port->pp.config; + enum ofputil_port_config toggle; - mask &= config ^ port->opp.config; - if (mask & htonl(OFPPC_PORT_DOWN)) { - if (config & htonl(OFPPC_PORT_DOWN)) { + toggle = (config ^ port->pp.config) & mask; + if (toggle & OFPUTIL_PC_PORT_DOWN) { + if (config & OFPUTIL_PC_PORT_DOWN) { netdev_turn_flags_off(port->netdev, NETDEV_UP, true); } else { netdev_turn_flags_on(port->netdev, NETDEV_UP, true); } + toggle &= ~OFPUTIL_PC_PORT_DOWN; } - port->opp.config ^= mask & (htonl(OFPPC_NO_RECV | OFPPC_NO_RECV_STP | - OFPPC_NO_FLOOD | OFPPC_NO_FWD | - OFPPC_NO_PACKET_IN)); - if (port->opp.config != old_config) { + port->pp.config ^= toggle; + if (port->pp.config != old_config) { port->ofproto->ofproto_class->port_reconfigured(port, old_config); } } -static int +static enum ofperr handle_port_mod(struct ofconn *ofconn, const struct ofp_header *oh) { struct ofproto *p = ofconn_get_ofproto(ofconn); - const struct ofp_port_mod *opm = (const struct ofp_port_mod *) oh; + struct ofputil_port_mod pm; struct ofport *port; - int error; + enum ofperr error; error = reject_slave_controller(ofconn); if (error) { return error; } - port = ofproto_get_port(p, ntohs(opm->port_no)); + error = ofputil_decode_port_mod(oh, &pm); + if (error) { + return error; + } + + port = ofproto_get_port(p, pm.port_no); if (!port) { - return ofp_mkerr(OFPET_PORT_MOD_FAILED, OFPPMFC_BAD_PORT); - } else if (memcmp(port->opp.hw_addr, opm->hw_addr, OFP_ETH_ALEN)) { - return ofp_mkerr(OFPET_PORT_MOD_FAILED, OFPPMFC_BAD_HW_ADDR); + return OFPERR_OFPPMFC_BAD_PORT; + } else if (!eth_addr_equals(port->pp.hw_addr, pm.hw_addr)) { + return OFPERR_OFPPMFC_BAD_HW_ADDR; } else { - update_port_config(port, opm->config, opm->mask); - if (opm->advertise) { - netdev_set_advertisements(port->netdev, ntohl(opm->advertise)); + update_port_config(port, pm.config, pm.mask); + if (pm.advertise) { + netdev_set_advertisements(port->netdev, pm.advertise); } } return 0; } -static int +static enum ofperr handle_desc_stats_request(struct ofconn *ofconn, const struct ofp_stats_msg *request) { @@ -1839,7 +2097,7 @@ handle_desc_stats_request(struct ofconn *ofconn, return 0; } -static int +static enum ofperr handle_table_stats_request(struct ofconn *ofconn, const struct ofp_stats_msg *request) { @@ -1856,11 +2114,23 @@ handle_table_stats_request(struct ofconn *ofconn, sprintf(ots[i].name, "table%zu", i); ots[i].wildcards = htonl(OFPFW_ALL); ots[i].max_entries = htonl(1000000); /* An arbitrary big number. */ - ots[i].active_count = htonl(classifier_count(&p->tables[i])); + ots[i].active_count = htonl(classifier_count(&p->tables[i].cls)); } p->ofproto_class->get_tables(p, ots); + for (i = 0; i < p->n_tables; i++) { + const struct oftable *table = &p->tables[i]; + + if (table->name) { + ovs_strzcpy(ots[i].name, table->name, sizeof ots[i].name); + } + + if (table->max_flows < ntohl(ots[i].max_entries)) { + ots[i].max_entries = htonl(table->max_flows); + } + } + ofconn_send_reply(ofconn, msg); return 0; } @@ -1874,10 +2144,10 @@ append_port_stat(struct ofport *port, struct list *replies) /* Intentionally ignore return value, since errors will set * 'stats' to all-1s, which is correct for OpenFlow, and * netdev_get_stats() will log errors. */ - netdev_get_stats(port->netdev, &stats); + ofproto_port_get_stats(port, &stats); ops = ofputil_append_stats_reply(sizeof *ops, replies); - ops->port_no = port->opp.port_no; + ops->port_no = htons(port->pp.port_no); memset(ops->pad, 0, sizeof ops->pad); put_32aligned_be64(&ops->rx_packets, htonll(stats.rx_packets)); put_32aligned_be64(&ops->tx_packets, htonll(stats.tx_packets)); @@ -1893,7 +2163,7 @@ append_port_stat(struct ofport *port, struct list *replies) put_32aligned_be64(&ops->collisions, htonll(stats.collisions)); } -static int +static enum ofperr handle_port_stats_request(struct ofconn *ofconn, const struct ofp_port_stats_request *psr) { @@ -1918,57 +2188,81 @@ handle_port_stats_request(struct ofconn *ofconn, } static void -calc_flow_duration__(long long int start, uint32_t *sec, uint32_t *nsec) +calc_flow_duration__(long long int start, long long int now, + uint32_t *sec, uint32_t *nsec) { - long long int msecs = time_msec() - start; + long long int msecs = now - start; *sec = msecs / 1000; *nsec = (msecs % 1000) * (1000 * 1000); } -static struct classifier * +/* Checks whether 'table_id' is 0xff or a valid table ID in 'ofproto'. Returns + * 0 if 'table_id' is OK, otherwise an OpenFlow error code. */ +static enum ofperr +check_table_id(const struct ofproto *ofproto, uint8_t table_id) +{ + return (table_id == 0xff || table_id < ofproto->n_tables + ? 0 + : OFPERR_NXBRC_BAD_TABLE_ID); + +} + +static struct oftable * +next_visible_table(struct ofproto *ofproto, uint8_t table_id) +{ + struct oftable *table; + + for (table = &ofproto->tables[table_id]; + table < &ofproto->tables[ofproto->n_tables]; + table++) { + if (!(table->flags & OFTABLE_HIDDEN)) { + return table; + } + } + + return NULL; +} + +static struct oftable * first_matching_table(struct ofproto *ofproto, uint8_t table_id) { if (table_id == 0xff) { - return &ofproto->tables[0]; + return next_visible_table(ofproto, 0); } else if (table_id < ofproto->n_tables) { return &ofproto->tables[table_id]; } else { - /* It would probably be better to reply with an error but there doesn't - * seem to be any appropriate value, so that might just be - * confusing. */ - VLOG_WARN_RL(&rl, "controller asked for invalid table %"PRIu8, - table_id); return NULL; } } -static struct classifier * +static struct oftable * next_matching_table(struct ofproto *ofproto, - struct classifier *cls, uint8_t table_id) + struct oftable *table, uint8_t table_id) { - return (table_id == 0xff && cls != &ofproto->tables[ofproto->n_tables - 1] - ? cls + 1 + return (table_id == 0xff + ? next_visible_table(ofproto, (table - ofproto->tables) + 1) : NULL); } -/* Assigns CLS to each classifier table, in turn, that matches TABLE_ID in - * OFPROTO: +/* Assigns TABLE to each oftable, in turn, that matches TABLE_ID in OFPROTO: * * - If TABLE_ID is 0xff, this iterates over every classifier table in - * OFPROTO. + * OFPROTO, skipping tables marked OFTABLE_HIDDEN. * * - If TABLE_ID is the number of a table in OFPROTO, then the loop iterates - * only once, for that table. + * only once, for that table. (This can be used to access tables marked + * OFTABLE_HIDDEN.) * - * - Otherwise, TABLE_ID isn't valid for OFPROTO, so ofproto logs a warning - * and does not enter the loop at all. + * - Otherwise, TABLE_ID isn't valid for OFPROTO, so the loop won't be + * entered at all. (Perhaps you should have validated TABLE_ID with + * check_table_id().) * * All parameters are evaluated multiple times. */ -#define FOR_EACH_MATCHING_TABLE(CLS, TABLE_ID, OFPROTO) \ - for ((CLS) = first_matching_table(OFPROTO, TABLE_ID); \ - (CLS) != NULL; \ - (CLS) = next_matching_table(OFPROTO, CLS, TABLE_ID)) +#define FOR_EACH_MATCHING_TABLE(TABLE, TABLE_ID, OFPROTO) \ + for ((TABLE) = first_matching_table(OFPROTO, TABLE_ID); \ + (TABLE) != NULL; \ + (TABLE) = next_matching_table(OFPROTO, TABLE, TABLE_ID)) /* Searches 'ofproto' for rules in table 'table_id' (or in all tables, if * 'table_id' is 0xff) that match 'match' in the "loose" way required for @@ -1981,24 +2275,32 @@ next_matching_table(struct ofproto *ofproto, * Hidden rules are always omitted. * * Returns 0 on success, otherwise an OpenFlow error code. */ -static int +static enum ofperr collect_rules_loose(struct ofproto *ofproto, uint8_t table_id, - const struct cls_rule *match, uint16_t out_port, - struct list *rules) + const struct cls_rule *match, + ovs_be64 cookie, ovs_be64 cookie_mask, + uint16_t out_port, struct list *rules) { - struct classifier *cls; + struct oftable *table; + enum ofperr error; + + error = check_table_id(ofproto, table_id); + if (error) { + return error; + } list_init(rules); - FOR_EACH_MATCHING_TABLE (cls, table_id, ofproto) { + FOR_EACH_MATCHING_TABLE (table, table_id, ofproto) { struct cls_cursor cursor; struct rule *rule; - cls_cursor_init(&cursor, cls, match); + cls_cursor_init(&cursor, &table->cls, match); CLS_CURSOR_FOR_EACH (rule, cr, &cursor) { if (rule->pending) { return OFPROTO_POSTPONE; } - if (!rule_is_hidden(rule) && rule_has_out_port(rule, out_port)) { + if (!rule_is_hidden(rule) && rule_has_out_port(rule, out_port) + && !((rule->flow_cookie ^ cookie) & cookie_mask)) { list_push_back(rules, &rule->ofproto_node); } } @@ -2017,23 +2319,32 @@ collect_rules_loose(struct ofproto *ofproto, uint8_t table_id, * Hidden rules are always omitted. * * Returns 0 on success, otherwise an OpenFlow error code. */ -static int +static enum ofperr collect_rules_strict(struct ofproto *ofproto, uint8_t table_id, - const struct cls_rule *match, uint16_t out_port, - struct list *rules) + const struct cls_rule *match, + ovs_be64 cookie, ovs_be64 cookie_mask, + uint16_t out_port, struct list *rules) { - struct classifier *cls; + struct oftable *table; + int error; + + error = check_table_id(ofproto, table_id); + if (error) { + return error; + } list_init(rules); - FOR_EACH_MATCHING_TABLE (cls, table_id, ofproto) { + FOR_EACH_MATCHING_TABLE (table, table_id, ofproto) { struct rule *rule; - rule = rule_from_cls_rule(classifier_find_rule_exactly(cls, match)); + rule = rule_from_cls_rule(classifier_find_rule_exactly(&table->cls, + match)); if (rule) { if (rule->pending) { return OFPROTO_POSTPONE; } - if (!rule_is_hidden(rule) && rule_has_out_port(rule, out_port)) { + if (!rule_is_hidden(rule) && rule_has_out_port(rule, out_port) + && !((rule->flow_cookie ^ cookie) & cookie_mask)) { list_push_back(rules, &rule->ofproto_node); } } @@ -2041,7 +2352,17 @@ collect_rules_strict(struct ofproto *ofproto, uint8_t table_id, return 0; } +/* Returns 'age_ms' (a duration in milliseconds), converted to seconds and + * forced into the range of a uint16_t. */ static int +age_secs(long long int age_ms) +{ + return (age_ms < 0 ? 0 + : age_ms >= UINT16_MAX * 1000 ? UINT16_MAX + : (unsigned int) age_ms / 1000); +} + +static enum ofperr handle_flow_stats_request(struct ofconn *ofconn, const struct ofp_stats_msg *osm) { @@ -2050,7 +2371,7 @@ handle_flow_stats_request(struct ofconn *ofconn, struct list replies; struct list rules; struct rule *rule; - int error; + enum ofperr error; error = ofputil_decode_flow_stats_request(&fsr, &osm->header); if (error) { @@ -2058,6 +2379,7 @@ handle_flow_stats_request(struct ofconn *ofconn, } error = collect_rules_loose(ofproto, fsr.table_id, &fsr.match, + fsr.cookie, fsr.cookie_mask, fsr.out_port, &rules); if (error) { return error; @@ -2065,15 +2387,18 @@ handle_flow_stats_request(struct ofconn *ofconn, ofputil_start_stats_reply(osm, &replies); LIST_FOR_EACH (rule, ofproto_node, &rules) { + long long int now = time_msec(); struct ofputil_flow_stats fs; fs.rule = rule->cr; fs.cookie = rule->flow_cookie; fs.table_id = rule->table_id; - calc_flow_duration__(rule->created, &fs.duration_sec, + calc_flow_duration__(rule->created, now, &fs.duration_sec, &fs.duration_nsec); fs.idle_timeout = rule->idle_timeout; fs.hard_timeout = rule->hard_timeout; + fs.idle_age = age_secs(now - rule->used); + fs.hard_age = age_secs(now - rule->modified); ofproto->ofproto_class->rule_get_stats(rule, &fs.packet_count, &fs.byte_count); fs.actions = rule->actions; @@ -2116,13 +2441,13 @@ flow_stats_ds(struct rule *rule, struct ds *results) void ofproto_get_all_flows(struct ofproto *p, struct ds *results) { - struct classifier *cls; + struct oftable *table; - OFPROTO_FOR_EACH_TABLE (cls, p) { + OFPROTO_FOR_EACH_TABLE (table, p) { struct cls_cursor cursor; struct rule *rule; - cls_cursor_init(&cursor, cls, NULL); + cls_cursor_init(&cursor, &table->cls, NULL); CLS_CURSOR_FOR_EACH (rule, cr, &cursor) { flow_stats_ds(rule, results); } @@ -2138,9 +2463,10 @@ ofproto_get_netflow_ids(const struct ofproto *ofproto, ofproto->ofproto_class->get_netflow_ids(ofproto, engine_type, engine_id); } -/* Checks the fault status of CFM for 'ofp_port' within 'ofproto'. Returns 1 - * if CFM is faulted (generally indiciating a connectivity problem), 0 if CFM - * is not faulted, and -1 if CFM is not enabled on 'ofp_port'. */ +/* Checks the fault status of CFM for 'ofp_port' within 'ofproto'. Returns a + * bitmask of 'cfm_fault_reason's to indicate a CFM fault (generally + * indicating a connectivity problem). Returns zero if CFM is not faulted, + * and -1 if CFM is not enabled on 'port'. */ int ofproto_port_get_cfm_fault(const struct ofproto *ofproto, uint16_t ofp_port) { @@ -2169,7 +2495,20 @@ ofproto_port_get_cfm_remote_mpids(const struct ofproto *ofproto, : -1); } -static int +/* Checks the health of the CFM for 'ofp_port' within 'ofproto'. Returns an + * integer value between 0 and 100 to indicate the health of the port as a + * percentage which is the average of cfm health of all the remote_mpids or + * returns -1 if CFM is not enabled on 'ofport'. */ +int +ofproto_port_get_cfm_health(const struct ofproto *ofproto, uint16_t ofp_port) +{ + struct ofport *ofport = ofproto_get_port(ofproto, ofp_port); + return (ofport && ofproto->ofproto_class->get_cfm_health + ? ofproto->ofproto_class->get_cfm_health(ofport) + : -1); +} + +static enum ofperr handle_aggregate_stats_request(struct ofconn *ofconn, const struct ofp_stats_msg *osm) { @@ -2180,7 +2519,7 @@ handle_aggregate_stats_request(struct ofconn *ofconn, struct ofpbuf *reply; struct list rules; struct rule *rule; - int error; + enum ofperr error; error = ofputil_decode_flow_stats_request(&request, &osm->header); if (error) { @@ -2188,6 +2527,7 @@ handle_aggregate_stats_request(struct ofconn *ofconn, } error = collect_rules_loose(ofproto, request.table_id, &request.match, + request.cookie, request.cookie_mask, request.out_port, &rules); if (error) { return error; @@ -2241,7 +2581,7 @@ put_queue_stats(struct queue_stats_cbdata *cbdata, uint32_t queue_id, struct ofp_queue_stats *reply; reply = ofputil_append_stats_reply(sizeof *reply, &cbdata->replies); - reply->port_no = cbdata->ofport->opp.port_no; + reply->port_no = htons(cbdata->ofport->pp.port_no); memset(reply->pad, 0, sizeof reply->pad); reply->queue_id = htonl(queue_id); put_32aligned_be64(&reply->tx_bytes, htonll(stats->tx_bytes)); @@ -2276,7 +2616,7 @@ handle_queue_stats_for_port(struct ofport *port, uint32_t queue_id, } } -static int +static enum ofperr handle_queue_stats_request(struct ofconn *ofconn, const struct ofp_queue_stats_request *qsr) { @@ -2303,7 +2643,7 @@ handle_queue_stats_request(struct ofconn *ofconn, } } else { ofpbuf_list_delete(&cbdata.replies); - return ofp_mkerr(OFPET_QUEUE_OP_FAILED, OFPQOFC_BAD_PORT); + return OFPERR_OFPQOFC_BAD_PORT; } ofconn_send_replies(ofconn, &cbdata.replies); @@ -2335,21 +2675,26 @@ is_flow_deletion_pending(const struct ofproto *ofproto, * * Adds the flow specified by 'ofm', which is followed by 'n_actions' * ofp_actions, to the ofproto's flow table. Returns 0 on success, an OpenFlow - * error code as encoded by ofp_mkerr() on failure, or OFPROTO_POSTPONE if the - * operation cannot be initiated now but may be retried later. + * error code on failure, or OFPROTO_POSTPONE if the operation cannot be + * initiated now but may be retried later. * * 'ofconn' is used to retrieve the packet buffer specified in ofm->buffer_id, * if any. */ -static int +static enum ofperr add_flow(struct ofproto *ofproto, struct ofconn *ofconn, const struct ofputil_flow_mod *fm, const struct ofp_header *request) { - struct classifier *table; + struct oftable *table; struct ofopgroup *group; struct rule *victim; struct rule *rule; int error; + error = check_table_id(ofproto, fm->table_id); + if (error) { + return error; + } + /* Pick table. */ if (fm->table_id == 0xff) { uint8_t table_id; @@ -2367,13 +2712,17 @@ add_flow(struct ofproto *ofproto, struct ofconn *ofconn, } else if (fm->table_id < ofproto->n_tables) { table = &ofproto->tables[fm->table_id]; } else { - return ofp_mkerr_nicira(OFPET_FLOW_MOD_FAILED, NXFMFC_BAD_TABLE_ID); + return OFPERR_NXFMFC_BAD_TABLE_ID; + } + + if (table->flags & OFTABLE_READONLY) { + return OFPERR_OFPBRC_EPERM; } /* Check for overlap, if requested. */ if (fm->flags & OFPFF_CHECK_OVERLAP - && classifier_rule_overlaps(table, &fm->cr)) { - return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_OVERLAP); + && classifier_rule_overlaps(&table->cls, &fm->cr)) { + return OFPERR_OFPFMFC_OVERLAP; } /* Serialize against pending deletion. */ @@ -2392,19 +2741,44 @@ add_flow(struct ofproto *ofproto, struct ofconn *ofconn, rule->cr = fm->cr; rule->pending = NULL; rule->flow_cookie = fm->cookie; - rule->created = rule->modified = time_msec(); + rule->created = rule->modified = rule->used = time_msec(); rule->idle_timeout = fm->idle_timeout; rule->hard_timeout = fm->hard_timeout; rule->table_id = table - ofproto->tables; rule->send_flow_removed = (fm->flags & OFPFF_SEND_FLOW_REM) != 0; rule->actions = ofputil_actions_clone(fm->actions, fm->n_actions); rule->n_actions = fm->n_actions; + rule->evictable = true; + rule->eviction_group = NULL; /* Insert new rule. */ - victim = rule_from_cls_rule(classifier_replace(table, &rule->cr)); - if (victim && victim->pending) { + victim = oftable_replace_rule(rule); + if (victim && !rule_is_modifiable(victim)) { + error = OFPERR_OFPBRC_EPERM; + } else if (victim && victim->pending) { error = OFPROTO_POSTPONE; } else { + struct rule *evict; + + if (classifier_count(&table->cls) > table->max_flows) { + bool was_evictable; + + was_evictable = rule->evictable; + rule->evictable = false; + evict = choose_rule_to_evict(table); + rule->evictable = was_evictable; + + if (!evict) { + error = OFPERR_OFPFMFC_ALL_TABLES_FULL; + goto exit; + } else if (evict->pending) { + error = OFPROTO_POSTPONE; + goto exit; + } + } else { + evict = NULL; + } + group = ofopgroup_create(ofproto, ofconn, request, fm->buffer_id); ofoperation_create(group, rule, OFOPERATION_ADD); rule->pending->victim = victim; @@ -2412,17 +2786,16 @@ add_flow(struct ofproto *ofproto, struct ofconn *ofconn, error = ofproto->ofproto_class->rule_construct(rule); if (error) { ofoperation_destroy(rule->pending); + } else if (evict) { + delete_flow__(evict, group); } ofopgroup_submit(group); } +exit: /* Back out if an error occurred. */ if (error) { - if (victim) { - classifier_replace(table, &victim->cr); - } else { - classifier_remove(table, &rule->cr); - } + oftable_substitute_rule(rule, victim); ofproto_rule_destroy__(rule); } return error; @@ -2437,16 +2810,25 @@ add_flow(struct ofproto *ofproto, struct ofconn *ofconn, * if any. * * Returns 0 on success, otherwise an OpenFlow error code. */ -static int +static enum ofperr modify_flows__(struct ofproto *ofproto, struct ofconn *ofconn, const struct ofputil_flow_mod *fm, const struct ofp_header *request, struct list *rules) { struct ofopgroup *group; struct rule *rule; + enum ofperr error; group = ofopgroup_create(ofproto, ofconn, request, fm->buffer_id); + error = OFPERR_OFPBRC_EPERM; LIST_FOR_EACH (rule, ofproto_node, rules) { + if (rule_is_modifiable(rule)) { + /* At least one rule is modifiable, don't report EPERM error. */ + error = 0; + } else { + continue; + } + if (!ofputil_actions_equal(fm->actions, fm->n_actions, rule->actions, rule->n_actions)) { ofoperation_create(group, rule, OFOPERATION_MODIFY); @@ -2454,7 +2836,7 @@ modify_flows__(struct ofproto *ofproto, struct ofconn *ofconn, rule->pending->n_actions = rule->n_actions; rule->actions = ofputil_actions_clone(fm->actions, fm->n_actions); rule->n_actions = fm->n_actions; - rule->ofproto->ofproto_class->rule_modify_actions(rule); + ofproto->ofproto_class->rule_modify_actions(rule); } else { rule->modified = time_msec(); } @@ -2462,15 +2844,15 @@ modify_flows__(struct ofproto *ofproto, struct ofconn *ofconn, } ofopgroup_submit(group); - return 0; + return error; } -/* Implements OFPFC_MODIFY. Returns 0 on success or an OpenFlow error code as - * encoded by ofp_mkerr() on failure. +/* Implements OFPFC_MODIFY. Returns 0 on success or an OpenFlow error code on + * failure. * * 'ofconn' is used to retrieve the packet buffer specified in fm->buffer_id, * if any. */ -static int +static enum ofperr modify_flows_loose(struct ofproto *ofproto, struct ofconn *ofconn, const struct ofputil_flow_mod *fm, const struct ofp_header *request) @@ -2478,19 +2860,20 @@ modify_flows_loose(struct ofproto *ofproto, struct ofconn *ofconn, struct list rules; int error; - error = collect_rules_loose(ofproto, fm->table_id, &fm->cr, OFPP_NONE, - &rules); + error = collect_rules_loose(ofproto, fm->table_id, &fm->cr, + fm->cookie, fm->cookie_mask, + OFPP_NONE, &rules); return (error ? error : list_is_empty(&rules) ? add_flow(ofproto, ofconn, fm, request) : modify_flows__(ofproto, ofconn, fm, request, &rules)); } /* Implements OFPFC_MODIFY_STRICT. Returns 0 on success or an OpenFlow error - * code as encoded by ofp_mkerr() on failure. + * code on failure. * * 'ofconn' is used to retrieve the packet buffer specified in fm->buffer_id, * if any. */ -static int +static enum ofperr modify_flow_strict(struct ofproto *ofproto, struct ofconn *ofconn, const struct ofputil_flow_mod *fm, const struct ofp_header *request) @@ -2498,8 +2881,9 @@ modify_flow_strict(struct ofproto *ofproto, struct ofconn *ofconn, struct list rules; int error; - error = collect_rules_strict(ofproto, fm->table_id, &fm->cr, OFPP_NONE, - &rules); + error = collect_rules_strict(ofproto, fm->table_id, &fm->cr, + fm->cookie, fm->cookie_mask, + OFPP_NONE, &rules); return (error ? error : list_is_empty(&rules) ? add_flow(ofproto, ofconn, fm, request) : list_is_singleton(&rules) ? modify_flows__(ofproto, ofconn, @@ -2509,10 +2893,22 @@ modify_flow_strict(struct ofproto *ofproto, struct ofconn *ofconn, /* OFPFC_DELETE implementation. */ +static void +delete_flow__(struct rule *rule, struct ofopgroup *group) +{ + struct ofproto *ofproto = rule->ofproto; + + ofproto_rule_send_removed(rule, OFPRR_DELETE); + + ofoperation_create(group, rule, OFOPERATION_DELETE); + oftable_remove_rule(rule); + ofproto->ofproto_class->rule_destruct(rule); +} + /* Deletes the rules listed in 'rules'. * * Returns 0 on success, otherwise an OpenFlow error code. */ -static int +static enum ofperr delete_flows__(struct ofproto *ofproto, struct ofconn *ofconn, const struct ofp_header *request, struct list *rules) { @@ -2521,11 +2917,7 @@ delete_flows__(struct ofproto *ofproto, struct ofconn *ofconn, group = ofopgroup_create(ofproto, ofconn, request, UINT32_MAX); LIST_FOR_EACH_SAFE (rule, next, ofproto_node, rules) { - ofproto_rule_send_removed(rule, OFPRR_DELETE); - - ofoperation_create(group, rule, OFOPERATION_DELETE); - classifier_remove(&ofproto->tables[rule->table_id], &rule->cr); - rule->ofproto->ofproto_class->rule_destruct(rule); + delete_flow__(rule, group); } ofopgroup_submit(group); @@ -2533,16 +2925,17 @@ delete_flows__(struct ofproto *ofproto, struct ofconn *ofconn, } /* Implements OFPFC_DELETE. */ -static int +static enum ofperr delete_flows_loose(struct ofproto *ofproto, struct ofconn *ofconn, const struct ofputil_flow_mod *fm, const struct ofp_header *request) { struct list rules; - int error; + enum ofperr error; - error = collect_rules_loose(ofproto, fm->table_id, &fm->cr, fm->out_port, - &rules); + error = collect_rules_loose(ofproto, fm->table_id, &fm->cr, + fm->cookie, fm->cookie_mask, + fm->out_port, &rules); return (error ? error : !list_is_empty(&rules) ? delete_flows__(ofproto, ofconn, request, &rules) @@ -2550,16 +2943,17 @@ delete_flows_loose(struct ofproto *ofproto, struct ofconn *ofconn, } /* Implements OFPFC_DELETE_STRICT. */ -static int +static enum ofperr delete_flow_strict(struct ofproto *ofproto, struct ofconn *ofconn, const struct ofputil_flow_mod *fm, const struct ofp_header *request) { struct list rules; - int error; + enum ofperr error; - error = collect_rules_strict(ofproto, fm->table_id, &fm->cr, fm->out_port, - &rules); + error = collect_rules_strict(ofproto, fm->table_id, &fm->cr, + fm->cookie, fm->cookie_mask, + fm->out_port, &rules); return (error ? error : list_is_singleton(&rules) ? delete_flows__(ofproto, ofconn, request, &rules) @@ -2578,7 +2972,8 @@ ofproto_rule_send_removed(struct rule *rule, uint8_t reason) fr.rule = rule->cr; fr.cookie = rule->flow_cookie; fr.reason = reason; - calc_flow_duration__(rule->created, &fr.duration_sec, &fr.duration_nsec); + calc_flow_duration__(rule->created, time_msec(), + &fr.duration_sec, &fr.duration_nsec); fr.idle_timeout = rule->idle_timeout; rule->ofproto->ofproto_class->rule_get_stats(rule, &fr.packet_count, &fr.byte_count); @@ -2586,6 +2981,20 @@ ofproto_rule_send_removed(struct rule *rule, uint8_t reason) connmgr_send_flow_removed(rule->ofproto->connmgr, &fr); } +void +ofproto_rule_update_used(struct rule *rule, long long int used) +{ + if (used > rule->used) { + struct eviction_group *evg = rule->eviction_group; + + rule->used = used; + if (evg) { + heap_change(&evg->rules, &rule->evg_node, + rule_eviction_priority(rule)); + } + } +} + /* Sends an OpenFlow "flow removed" message with the given 'reason' (either * OFPRR_HARD_TIMEOUT or OFPRR_IDLE_TIMEOUT), and then removes 'rule' from its * ofproto. @@ -2604,24 +3013,23 @@ ofproto_rule_expire(struct rule *rule, uint8_t reason) group = ofopgroup_create_unattached(ofproto); ofoperation_create(group, rule, OFOPERATION_DELETE); - classifier_remove(&ofproto->tables[rule->table_id], &rule->cr); - rule->ofproto->ofproto_class->rule_destruct(rule); + oftable_remove_rule(rule); + ofproto->ofproto_class->rule_destruct(rule); ofopgroup_submit(group); } -static int +static enum ofperr handle_flow_mod(struct ofconn *ofconn, const struct ofp_header *oh) { struct ofputil_flow_mod fm; - int error; + enum ofperr error; error = reject_slave_controller(ofconn); if (error) { return error; } - error = ofputil_decode_flow_mod(&fm, oh, - ofconn_get_flow_mod_table_id(ofconn)); + error = ofputil_decode_flow_mod(&fm, oh, ofconn_get_protocol(ofconn)); if (error) { return error; } @@ -2631,13 +3039,13 @@ handle_flow_mod(struct ofconn *ofconn, const struct ofp_header *oh) if (fm.flags & OFPFF_EMERG) { /* There isn't a good fit for an error code, so just state that the * flow table is full. */ - return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_ALL_TABLES_FULL); + return OFPERR_OFPFMFC_ALL_TABLES_FULL; } return handle_flow_mod__(ofconn_get_ofproto(ofconn), ofconn, &fm, oh); } -static int +static enum ofperr handle_flow_mod__(struct ofproto *ofproto, struct ofconn *ofconn, const struct ofputil_flow_mod *fm, const struct ofp_header *oh) @@ -2668,11 +3076,11 @@ handle_flow_mod__(struct ofproto *ofproto, struct ofconn *ofconn, VLOG_WARN_RL(&rl, "flow_mod has explicit table_id but " "flow_mod_table_id extension is not enabled"); } - return ofp_mkerr(OFPET_FLOW_MOD_FAILED, OFPFMFC_BAD_COMMAND); + return OFPERR_OFPFMFC_BAD_COMMAND; } } -static int +static enum ofperr handle_role_request(struct ofconn *ofconn, const struct ofp_header *oh) { struct nx_role_request *nrr = (struct nx_role_request *) oh; @@ -2680,15 +3088,10 @@ handle_role_request(struct ofconn *ofconn, const struct ofp_header *oh) struct ofpbuf *buf; uint32_t role; - if (ofconn_get_type(ofconn) != OFCONN_PRIMARY) { - return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_EPERM); - } - role = ntohl(nrr->role); if (role != NX_ROLE_OTHER && role != NX_ROLE_MASTER && role != NX_ROLE_SLAVE) { - /* There's no good error code for this. */ - return ofp_mkerr(OFPET_BAD_REQUEST, -1); + return OFPERR_OFPRRFC_BAD_ROLE; } if (ofconn_get_role(ofconn) != role @@ -2705,40 +3108,104 @@ handle_role_request(struct ofconn *ofconn, const struct ofp_header *oh) return 0; } -static int +static enum ofperr handle_nxt_flow_mod_table_id(struct ofconn *ofconn, const struct ofp_header *oh) { - const struct nxt_flow_mod_table_id *msg - = (const struct nxt_flow_mod_table_id *) oh; + const struct nx_flow_mod_table_id *msg + = (const struct nx_flow_mod_table_id *) oh; + enum ofputil_protocol cur, next; + + cur = ofconn_get_protocol(ofconn); + next = ofputil_protocol_set_tid(cur, msg->set != 0); + ofconn_set_protocol(ofconn, next); - ofconn_set_flow_mod_table_id(ofconn, msg->set != 0); return 0; } -static int +static enum ofperr handle_nxt_set_flow_format(struct ofconn *ofconn, const struct ofp_header *oh) { - const struct nxt_set_flow_format *msg - = (const struct nxt_set_flow_format *) oh; + const struct nx_set_flow_format *msg + = (const struct nx_set_flow_format *) oh; + enum ofputil_protocol cur, next; + enum ofputil_protocol next_base; + + next_base = ofputil_nx_flow_format_to_protocol(ntohl(msg->format)); + if (!next_base) { + return OFPERR_OFPBRC_EPERM; + } + + cur = ofconn_get_protocol(ofconn); + next = ofputil_protocol_set_base(cur, next_base); + if (cur != next && ofconn_has_pending_opgroups(ofconn)) { + /* Avoid sending async messages in surprising protocol. */ + return OFPROTO_POSTPONE; + } + + ofconn_set_protocol(ofconn, next); + return 0; +} + +static enum ofperr +handle_nxt_set_packet_in_format(struct ofconn *ofconn, + const struct ofp_header *oh) +{ + const struct nx_set_packet_in_format *msg; uint32_t format; + msg = (const struct nx_set_packet_in_format *) oh; format = ntohl(msg->format); - if (format != NXFF_OPENFLOW10 && format != NXFF_NXM) { - return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_EPERM); + if (format != NXPIF_OPENFLOW10 && format != NXPIF_NXM) { + return OFPERR_OFPBRC_EPERM; } - if (format != ofconn_get_flow_format(ofconn) + if (format != ofconn_get_packet_in_format(ofconn) && ofconn_has_pending_opgroups(ofconn)) { - /* Avoid sending async messages in surprising flow format. */ + /* Avoid sending async message in surprsing packet in format. */ return OFPROTO_POSTPONE; } - ofconn_set_flow_format(ofconn, format); + ofconn_set_packet_in_format(ofconn, format); return 0; } -static int +static enum ofperr +handle_nxt_set_async_config(struct ofconn *ofconn, const struct ofp_header *oh) +{ + const struct nx_async_config *msg = (const struct nx_async_config *) oh; + uint32_t master[OAM_N_TYPES]; + uint32_t slave[OAM_N_TYPES]; + + master[OAM_PACKET_IN] = ntohl(msg->packet_in_mask[0]); + master[OAM_PORT_STATUS] = ntohl(msg->port_status_mask[0]); + master[OAM_FLOW_REMOVED] = ntohl(msg->flow_removed_mask[0]); + + slave[OAM_PACKET_IN] = ntohl(msg->packet_in_mask[1]); + slave[OAM_PORT_STATUS] = ntohl(msg->port_status_mask[1]); + slave[OAM_FLOW_REMOVED] = ntohl(msg->flow_removed_mask[1]); + + ofconn_set_async_config(ofconn, master, slave); + + return 0; +} + +static enum ofperr +handle_nxt_set_controller_id(struct ofconn *ofconn, + const struct ofp_header *oh) +{ + const struct nx_controller_id *nci; + + nci = (const struct nx_controller_id *) oh; + if (!is_all_zeros(nci->zero, sizeof nci->zero)) { + return OFPERR_NXBRC_MUST_BE_ZERO; + } + + ofconn_set_controller_id(ofconn, ntohs(nci->controller_id)); + return 0; +} + +static enum ofperr handle_barrier_request(struct ofconn *ofconn, const struct ofp_header *oh) { struct ofp_header *ob; @@ -2748,17 +3215,17 @@ handle_barrier_request(struct ofconn *ofconn, const struct ofp_header *oh) return OFPROTO_POSTPONE; } - ob = make_openflow_xid(sizeof *ob, OFPT_BARRIER_REPLY, oh->xid, &buf); + ob = make_openflow_xid(sizeof *ob, OFPT10_BARRIER_REPLY, oh->xid, &buf); ofconn_send_reply(ofconn, buf); return 0; } -static int +static enum ofperr handle_openflow__(struct ofconn *ofconn, const struct ofpbuf *msg) { const struct ofp_header *oh = msg->data; const struct ofputil_msg_type *type; - int error; + enum ofperr error; error = ofputil_decode_msg_type(oh, &type); if (error) { @@ -2780,7 +3247,7 @@ handle_openflow__(struct ofconn *ofconn, const struct ofpbuf *msg) return handle_set_config(ofconn, msg->data); case OFPUTIL_OFPT_PACKET_OUT: - return handle_packet_out(ofconn, oh); + return handle_packet_out(ofconn, msg->data); case OFPUTIL_OFPT_PORT_MOD: return handle_port_mod(ofconn, oh); @@ -2805,9 +3272,22 @@ handle_openflow__(struct ofconn *ofconn, const struct ofpbuf *msg) case OFPUTIL_NXT_SET_FLOW_FORMAT: return handle_nxt_set_flow_format(ofconn, oh); + case OFPUTIL_NXT_SET_PACKET_IN_FORMAT: + return handle_nxt_set_packet_in_format(ofconn, oh); + + case OFPUTIL_NXT_SET_CONTROLLER_ID: + return handle_nxt_set_controller_id(ofconn, oh); + case OFPUTIL_NXT_FLOW_MOD: return handle_flow_mod(ofconn, oh); + case OFPUTIL_NXT_FLOW_AGE: + /* Nothing to do. */ + return 0; + + case OFPUTIL_NXT_SET_ASYNC_CONFIG: + return handle_nxt_set_async_config(ofconn, oh); + /* Statistics requests. */ case OFPUTIL_OFPST_DESC_REQUEST: return handle_desc_stats_request(ofconn, msg->data); @@ -2848,14 +3328,14 @@ handle_openflow__(struct ofconn *ofconn, const struct ofpbuf *msg) case OFPUTIL_OFPST_AGGREGATE_REPLY: case OFPUTIL_NXT_ROLE_REPLY: case OFPUTIL_NXT_FLOW_REMOVED: + case OFPUTIL_NXT_PACKET_IN: case OFPUTIL_NXST_FLOW_REPLY: case OFPUTIL_NXST_AGGREGATE_REPLY: default: - if (oh->type == OFPT_STATS_REQUEST || oh->type == OFPT_STATS_REPLY) { - return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_STAT); - } else { - return ofp_mkerr(OFPET_BAD_REQUEST, OFPBRC_BAD_TYPE); - } + return (oh->type == OFPT10_STATS_REQUEST || + oh->type == OFPT10_STATS_REPLY + ? OFPERR_OFPBRC_BAD_STAT + : OFPERR_OFPBRC_BAD_TYPE); } } @@ -3000,8 +3480,7 @@ ofoperation_destroy(struct ofoperation *op) } /* Indicates that 'op' completed with status 'error', which is either 0 to - * indicate success or an OpenFlow error code (constructed with - * e.g. ofp_mkerr()). + * indicate success or an OpenFlow error code on failure. * * If 'error' is 0, indicating success, the operation will be committed * permanently to the flow table. There is one interesting subcase: @@ -3030,15 +3509,14 @@ ofoperation_destroy(struct ofoperation *op) * Please see the large comment in ofproto/ofproto-provider.h titled * "Asynchronous Operation Support" for more information. */ void -ofoperation_complete(struct ofoperation *op, int error) +ofoperation_complete(struct ofoperation *op, enum ofperr error) { struct ofopgroup *group = op->group; struct rule *rule = op->rule; - struct classifier *table = &rule->ofproto->tables[rule->table_id]; + struct ofproto *ofproto = rule->ofproto; assert(rule->pending == op); assert(op->status < 0); - assert(error >= 0); if (!error && !group->error @@ -3063,19 +3541,24 @@ ofoperation_complete(struct ofoperation *op, int error) switch (op->type) { case OFOPERATION_ADD: if (!error) { - if (op->victim) { - ofproto_rule_destroy__(op->victim); + ofproto_rule_destroy__(op->victim); + if ((rule->cr.wc.vlan_tci_mask & htons(VLAN_VID_MASK)) + == htons(VLAN_VID_MASK)) { + if (ofproto->vlan_bitmap) { + uint16_t vid = vlan_tci_to_vid(rule->cr.flow.vlan_tci); + + if (!bitmap_is_set(ofproto->vlan_bitmap, vid)) { + bitmap_set1(ofproto->vlan_bitmap, vid); + ofproto->vlans_changed = true; + } + } else { + ofproto->vlans_changed = true; + } } } else { - if (op->victim) { - classifier_replace(table, &op->victim->cr); - op->victim = NULL; - } else { - classifier_remove(table, &rule->cr); - } + oftable_substitute_rule(rule, op->victim); ofproto_rule_destroy__(rule); } - op->victim = NULL; break; case OFOPERATION_DELETE: @@ -3136,6 +3619,395 @@ pick_fallback_dpid(void) return eth_addr_to_uint64(ea); } +/* Table overflow policy. */ + +/* Chooses and returns a rule to evict from 'table'. Returns NULL if the table + * is not configured to evict rules or if the table contains no evictable + * rules. (Rules with 'evictable' set to false or with no timeouts are not + * evictable.) */ +static struct rule * +choose_rule_to_evict(struct oftable *table) +{ + struct eviction_group *evg; + + if (!table->eviction_fields) { + return NULL; + } + + /* In the common case, the outer and inner loops here will each be entered + * exactly once: + * + * - The inner loop normally "return"s in its first iteration. If the + * eviction group has any evictable rules, then it always returns in + * some iteration. + * + * - The outer loop only iterates more than once if the largest eviction + * group has no evictable rules. + * + * - The outer loop can exit only if table's 'max_flows' is all filled up + * by unevictable rules'. */ + HEAP_FOR_EACH (evg, size_node, &table->eviction_groups_by_size) { + struct rule *rule; + + HEAP_FOR_EACH (rule, evg_node, &evg->rules) { + if (rule->evictable) { + return rule; + } + } + } + + return NULL; +} + +/* Searches 'ofproto' for tables that have more flows than their configured + * maximum and that have flow eviction enabled, and evicts as many flows as + * necessary and currently feasible from them. + * + * This triggers only when an OpenFlow table has N flows in it and then the + * client configures a maximum number of flows less than N. */ +static void +ofproto_evict(struct ofproto *ofproto) +{ + struct ofopgroup *group; + struct oftable *table; + + group = ofopgroup_create_unattached(ofproto); + OFPROTO_FOR_EACH_TABLE (table, ofproto) { + while (classifier_count(&table->cls) > table->max_flows + && table->eviction_fields) { + struct rule *rule; + + rule = choose_rule_to_evict(table); + if (!rule || rule->pending) { + break; + } + + ofoperation_create(group, rule, OFOPERATION_DELETE); + oftable_remove_rule(rule); + ofproto->ofproto_class->rule_destruct(rule); + } + } + ofopgroup_submit(group); +} + +/* Eviction groups. */ + +/* Returns the priority to use for an eviction_group that contains 'n_rules' + * rules. The priority contains low-order random bits to ensure that eviction + * groups with the same number of rules are prioritized randomly. */ +static uint32_t +eviction_group_priority(size_t n_rules) +{ + uint16_t size = MIN(UINT16_MAX, n_rules); + return (size << 16) | random_uint16(); +} + +/* Updates 'evg', an eviction_group within 'table', following a change that + * adds or removes rules in 'evg'. */ +static void +eviction_group_resized(struct oftable *table, struct eviction_group *evg) +{ + heap_change(&table->eviction_groups_by_size, &evg->size_node, + eviction_group_priority(heap_count(&evg->rules))); +} + +/* Destroys 'evg', an eviction_group within 'table': + * + * - Removes all the rules, if any, from 'evg'. (It doesn't destroy the + * rules themselves, just removes them from the eviction group.) + * + * - Removes 'evg' from 'table'. + * + * - Frees 'evg'. */ +static void +eviction_group_destroy(struct oftable *table, struct eviction_group *evg) +{ + while (!heap_is_empty(&evg->rules)) { + struct rule *rule; + + rule = CONTAINER_OF(heap_pop(&evg->rules), struct rule, evg_node); + rule->eviction_group = NULL; + } + hmap_remove(&table->eviction_groups_by_id, &evg->id_node); + heap_remove(&table->eviction_groups_by_size, &evg->size_node); + heap_destroy(&evg->rules); + free(evg); +} + +/* Removes 'rule' from its eviction group, if any. */ +static void +eviction_group_remove_rule(struct rule *rule) +{ + if (rule->eviction_group) { + struct oftable *table = &rule->ofproto->tables[rule->table_id]; + struct eviction_group *evg = rule->eviction_group; + + rule->eviction_group = NULL; + heap_remove(&evg->rules, &rule->evg_node); + if (heap_is_empty(&evg->rules)) { + eviction_group_destroy(table, evg); + } else { + eviction_group_resized(table, evg); + } + } +} + +/* Hashes the 'rule''s values for the eviction_fields of 'rule''s table, and + * returns the hash value. */ +static uint32_t +eviction_group_hash_rule(struct rule *rule) +{ + struct oftable *table = &rule->ofproto->tables[rule->table_id]; + const struct mf_subfield *sf; + uint32_t hash; + + hash = table->eviction_group_id_basis; + for (sf = table->eviction_fields; + sf < &table->eviction_fields[table->n_eviction_fields]; + sf++) + { + if (mf_are_prereqs_ok(sf->field, &rule->cr.flow)) { + union mf_value value; + + mf_get_value(sf->field, &rule->cr.flow, &value); + if (sf->ofs) { + bitwise_zero(&value, sf->field->n_bytes, 0, sf->ofs); + } + if (sf->ofs + sf->n_bits < sf->field->n_bytes * 8) { + unsigned int start = sf->ofs + sf->n_bits; + bitwise_zero(&value, sf->field->n_bytes, start, + sf->field->n_bytes * 8 - start); + } + hash = hash_bytes(&value, sf->field->n_bytes, hash); + } else { + hash = hash_int(hash, 0); + } + } + + return hash; +} + +/* Returns an eviction group within 'table' with the given 'id', creating one + * if necessary. */ +static struct eviction_group * +eviction_group_find(struct oftable *table, uint32_t id) +{ + struct eviction_group *evg; + + HMAP_FOR_EACH_WITH_HASH (evg, id_node, id, &table->eviction_groups_by_id) { + return evg; + } + + evg = xmalloc(sizeof *evg); + hmap_insert(&table->eviction_groups_by_id, &evg->id_node, id); + heap_insert(&table->eviction_groups_by_size, &evg->size_node, + eviction_group_priority(0)); + heap_init(&evg->rules); + + return evg; +} + +/* Returns an eviction priority for 'rule'. The return value should be + * interpreted so that higher priorities make a rule more attractive candidates + * for eviction. */ +static uint32_t +rule_eviction_priority(struct rule *rule) +{ + long long int hard_expiration; + long long int idle_expiration; + long long int expiration; + uint32_t expiration_offset; + + /* Calculate time of expiration. */ + hard_expiration = (rule->hard_timeout + ? rule->modified + rule->hard_timeout * 1000 + : LLONG_MAX); + idle_expiration = (rule->idle_timeout + ? rule->used + rule->idle_timeout * 1000 + : LLONG_MAX); + expiration = MIN(hard_expiration, idle_expiration); + if (expiration == LLONG_MAX) { + return 0; + } + + /* Calculate the time of expiration as a number of (approximate) seconds + * after program startup. + * + * This should work OK for program runs that last UINT32_MAX seconds or + * less. Therefore, please restart OVS at least once every 136 years. */ + expiration_offset = (expiration >> 10) - (time_boot_msec() >> 10); + + /* Invert the expiration offset because we're using a max-heap. */ + return UINT32_MAX - expiration_offset; +} + +/* Adds 'rule' to an appropriate eviction group for its oftable's + * configuration. Does nothing if 'rule''s oftable doesn't have eviction + * enabled, or if 'rule' is a permanent rule (one that will never expire on its + * own). + * + * The caller must ensure that 'rule' is not already in an eviction group. */ +static void +eviction_group_add_rule(struct rule *rule) +{ + struct ofproto *ofproto = rule->ofproto; + struct oftable *table = &ofproto->tables[rule->table_id]; + + if (table->eviction_fields + && (rule->hard_timeout || rule->idle_timeout)) { + struct eviction_group *evg; + + evg = eviction_group_find(table, eviction_group_hash_rule(rule)); + + rule->eviction_group = evg; + heap_insert(&evg->rules, &rule->evg_node, + rule_eviction_priority(rule)); + eviction_group_resized(table, evg); + } +} + +/* oftables. */ + +/* Initializes 'table'. */ +static void +oftable_init(struct oftable *table) +{ + memset(table, 0, sizeof *table); + classifier_init(&table->cls); +} + +/* Destroys 'table', including its classifier and eviction groups. + * + * The caller is responsible for freeing 'table' itself. */ +static void +oftable_destroy(struct oftable *table) +{ + assert(classifier_is_empty(&table->cls)); + oftable_disable_eviction(table); + classifier_destroy(&table->cls); + free(table->name); +} + +/* Changes the name of 'table' to 'name'. If 'name' is NULL or the empty + * string, then 'table' will use its default name. + * + * This only affects the name exposed for a table exposed through the OpenFlow + * OFPST_TABLE (as printed by "ovs-ofctl dump-tables"). */ +static void +oftable_set_name(struct oftable *table, const char *name) +{ + if (name && name[0]) { + int len = strnlen(name, OFP_MAX_TABLE_NAME_LEN); + if (!table->name || strncmp(name, table->name, len)) { + free(table->name); + table->name = xmemdup0(name, len); + } + } else { + free(table->name); + table->name = NULL; + } +} + +/* oftables support a choice of two policies when adding a rule would cause the + * number of flows in the table to exceed the configured maximum number: either + * they can refuse to add the new flow or they can evict some existing flow. + * This function configures the former policy on 'table'. */ +static void +oftable_disable_eviction(struct oftable *table) +{ + if (table->eviction_fields) { + struct eviction_group *evg, *next; + + HMAP_FOR_EACH_SAFE (evg, next, id_node, + &table->eviction_groups_by_id) { + eviction_group_destroy(table, evg); + } + hmap_destroy(&table->eviction_groups_by_id); + heap_destroy(&table->eviction_groups_by_size); + + free(table->eviction_fields); + table->eviction_fields = NULL; + table->n_eviction_fields = 0; + } +} + +/* oftables support a choice of two policies when adding a rule would cause the + * number of flows in the table to exceed the configured maximum number: either + * they can refuse to add the new flow or they can evict some existing flow. + * This function configures the latter policy on 'table', with fairness based + * on the values of the 'n_fields' fields specified in 'fields'. (Specifying + * 'n_fields' as 0 disables fairness.) */ +static void +oftable_enable_eviction(struct oftable *table, + const struct mf_subfield *fields, size_t n_fields) +{ + struct cls_cursor cursor; + struct rule *rule; + + if (table->eviction_fields + && n_fields == table->n_eviction_fields + && (!n_fields + || !memcmp(fields, table->eviction_fields, + n_fields * sizeof *fields))) { + /* No change. */ + return; + } + + oftable_disable_eviction(table); + + table->n_eviction_fields = n_fields; + table->eviction_fields = xmemdup(fields, n_fields * sizeof *fields); + + table->eviction_group_id_basis = random_uint32(); + hmap_init(&table->eviction_groups_by_id); + heap_init(&table->eviction_groups_by_size); + + cls_cursor_init(&cursor, &table->cls, NULL); + CLS_CURSOR_FOR_EACH (rule, cr, &cursor) { + eviction_group_add_rule(rule); + } +} + +/* Removes 'rule' from the oftable that contains it. */ +static void +oftable_remove_rule(struct rule *rule) +{ + struct ofproto *ofproto = rule->ofproto; + struct oftable *table = &ofproto->tables[rule->table_id]; + + classifier_remove(&table->cls, &rule->cr); + eviction_group_remove_rule(rule); +} + +/* Inserts 'rule' into its oftable. Removes any existing rule from 'rule''s + * oftable that has an identical cls_rule. Returns the rule that was removed, + * if any, and otherwise NULL. */ +static struct rule * +oftable_replace_rule(struct rule *rule) +{ + struct ofproto *ofproto = rule->ofproto; + struct oftable *table = &ofproto->tables[rule->table_id]; + struct rule *victim; + + victim = rule_from_cls_rule(classifier_replace(&table->cls, &rule->cr)); + if (victim) { + eviction_group_remove_rule(victim); + } + eviction_group_add_rule(rule); + return victim; +} + +/* Removes 'old' from its oftable then, if 'new' is nonnull, inserts 'new'. */ +static void +oftable_substitute_rule(struct rule *old, struct rule *new) +{ + if (new) { + oftable_replace_rule(new); + } else { + oftable_remove_rule(old); + } +} + /* unixctl commands. */ struct ofproto * @@ -3153,8 +4025,8 @@ ofproto_lookup(const char *name) } static void -ofproto_unixctl_list(struct unixctl_conn *conn, const char *arg OVS_UNUSED, - void *aux OVS_UNUSED) +ofproto_unixctl_list(struct unixctl_conn *conn, int argc OVS_UNUSED, + const char *argv[] OVS_UNUSED, void *aux OVS_UNUSED) { struct ofproto *ofproto; struct ds results; @@ -3163,7 +4035,7 @@ ofproto_unixctl_list(struct unixctl_conn *conn, const char *arg OVS_UNUSED, HMAP_FOR_EACH (ofproto, hmap_node, &all_ofprotos) { ds_put_format(&results, "%s\n", ofproto->name); } - unixctl_command_reply(conn, 200, ds_cstr(&results)); + unixctl_command_reply(conn, ds_cstr(&results)); ds_destroy(&results); } @@ -3176,5 +4048,90 @@ ofproto_unixctl_init(void) } registered = true; - unixctl_command_register("ofproto/list", "", ofproto_unixctl_list, NULL); + unixctl_command_register("ofproto/list", "", 0, 0, + ofproto_unixctl_list, NULL); +} + +/* Linux VLAN device support (e.g. "eth0.10" for VLAN 10.) + * + * This is deprecated. It is only for compatibility with broken device drivers + * in old versions of Linux that do not properly support VLANs when VLAN + * devices are not used. When broken device drivers are no longer in + * widespread use, we will delete these interfaces. */ + +/* Sets a 1-bit in the 4096-bit 'vlan_bitmap' for each VLAN ID that is matched + * (exactly) by an OpenFlow rule in 'ofproto'. */ +void +ofproto_get_vlan_usage(struct ofproto *ofproto, unsigned long int *vlan_bitmap) +{ + const struct oftable *oftable; + + free(ofproto->vlan_bitmap); + ofproto->vlan_bitmap = bitmap_allocate(4096); + ofproto->vlans_changed = false; + + OFPROTO_FOR_EACH_TABLE (oftable, ofproto) { + const struct cls_table *table; + + HMAP_FOR_EACH (table, hmap_node, &oftable->cls.tables) { + if ((table->wc.vlan_tci_mask & htons(VLAN_VID_MASK)) + == htons(VLAN_VID_MASK)) { + const struct cls_rule *rule; + + HMAP_FOR_EACH (rule, hmap_node, &table->rules) { + uint16_t vid = vlan_tci_to_vid(rule->flow.vlan_tci); + bitmap_set1(vlan_bitmap, vid); + bitmap_set1(ofproto->vlan_bitmap, vid); + } + } + } + } +} + +/* Returns true if new VLANs have come into use by the flow table since the + * last call to ofproto_get_vlan_usage(). + * + * We don't track when old VLANs stop being used. */ +bool +ofproto_has_vlan_usage_changed(const struct ofproto *ofproto) +{ + return ofproto->vlans_changed; +} + +/* Configures a VLAN splinter binding between the ports identified by OpenFlow + * port numbers 'vlandev_ofp_port' and 'realdev_ofp_port'. If + * 'realdev_ofp_port' is nonzero, then the VLAN device is enslaved to the real + * device as a VLAN splinter for VLAN ID 'vid'. If 'realdev_ofp_port' is zero, + * then the VLAN device is un-enslaved. */ +int +ofproto_port_set_realdev(struct ofproto *ofproto, uint16_t vlandev_ofp_port, + uint16_t realdev_ofp_port, int vid) +{ + struct ofport *ofport; + int error; + + assert(vlandev_ofp_port != realdev_ofp_port); + + ofport = ofproto_get_port(ofproto, vlandev_ofp_port); + if (!ofport) { + VLOG_WARN("%s: cannot set realdev on nonexistent port %"PRIu16, + ofproto->name, vlandev_ofp_port); + return EINVAL; + } + + if (!ofproto->ofproto_class->set_realdev) { + if (!vlandev_ofp_port) { + return 0; + } + VLOG_WARN("%s: vlan splinters not supported", ofproto->name); + return EOPNOTSUPP; + } + + error = ofproto->ofproto_class->set_realdev(ofport, realdev_ofp_port, vid); + if (error) { + VLOG_WARN("%s: setting realdev on port %"PRIu16" (%s) failed (%s)", + ofproto->name, vlandev_ofp_port, + netdev_get_name(ofport->netdev), strerror(error)); + } + return error; }