git.onelab.eu Git - sliver-openvswitch.git/log

ofproto-dpif: Fix another memory leak in type_run().

'devname' needs to be destroyed whether it's the datapath device or not.

Signed-off-by: Ben Pfaff <blp@nicira.com>

ofproto-dpif: Fix memory leak in type_run().

The dpif_port_destroy() call was in the dpif_port_query_by_name() error
path, when there's nothing to destroy, rather than in the "success" path,
where there is data to destroy.

Signed-off-by: Ben Pfaff <blp@nicira.com>

ofproto-dpif: Avoid potential undefined behavior in type_run().

When HMAP_FOR_EACH completes, the value in the loop control variable is not
necessarily NULL. It is NULL minus the offset of the hmap_node struct
member, which is nonnull if that offset is nonzero. Currently,
'all_ofproto_dpifs_node' is the first member in struct ofproto_dpif, so
there is no real bug, but there would be if the struct were rearranged.

This commit heads off the problem by avoiding any assumption about the
loop control variable after HMAP_FOR_EACH.

Signed-off-by: Ben Pfaff <blp@nicira.com>

vswitchd: log skb_mark and skb_priority

This patch adds logging support for skb_mark and skb_priority.

Acked-by: Jesse Gross <jesse@nicira.com>
Signed-off-by: Ansis Atteka <aatteka@nicira.com>

meta-flow: Fix and simplify mf_get_mask().

This function can be implemented as a trivial wrapper around
mf_get_value(), which I hadn't noticed before, so it's better to do it
that way. Also, examining the code that is removed, it had some bugs in
it (for example, all MFF_TUN_* fields were treated as if they were
MFF_TUN_ID) which mf_get_value() does not have, so this fixes bugs too.

Signed-off-by: Ben Pfaff <blp@nicira.com>

datapath: Zero out key when looking up null ports.

When we are searching for a tunnel port to receive traffic on,
everything should be zeroed out by the time that we get to null
ports since they are wildcarded. However, if certain other ports
also exist (primarily multicast ports with keys) then this might
not be the case and the key can be set.

Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>

OPENFLOW-1.1+: New file for OpenFlow 1.1 and later to-do list.

This is an updated plain text version of the webpage at
http://openvswitch.org/development/openflow-1-x-plan/
which I intend to replace by a link to this file after it is committed.

Signed-off-by: Ben Pfaff <blp@nicira.com>

flow: Fix harmless typo in flow_wildcards_hash().

Signed-off-by: Ben Pfaff <blp@nicira.com>

meta-flow: Don't allow negative port numbers.

If a negative number is supplied, the parsing code used to convert it
into a signed one.  We ran into an incident where a third-party script
was attempting to get the OpenFlow port number for an interface, but got
-1 from the database, since the number had not yet been assigned.  This
was converted to 65535, which maps to OFPP_NONE and all flows with
ingress port OFPP_NONE were modified.  This commit disallows negative
port numbers to help prevent broken integration scripts from disturbing
the flow table.

Issue #14036

Signed-off-by: Justin Pettit <jpettit@nicira.com>

ofp-util: Fix typo in invalid port range error message.

Signed-off-by: Justin Pettit <jpettit@nicira.com>

daemon: Start monitor process, not daemon process, in new session.

To keep control+C and other signals in the initiating session from killing
the monitor process, we need to put the monitor process into its own
session. However, until this point, we've only done that for the daemon
processes that the monitor started, which means that control+C would kill
the monitor but not the daemons that it launched.

I don't know of a benefit to putting the monitor and daemon processes in
different sessions, as opposed to one new session for both of them, so
this change does the latter.

daemonize_post_detach() is called from one additional context where we'd
want to be in a new session, the worker_start() function, but that function
is documented as to be called after daemonize_start(), in which case we
will (after this commit) already have called setsid(), so no additional
change is required there.

Bug #14280.
Reported-by: Gordon Good <ggood@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

packets: Change IP_ARGS interface to take an ovs_be32 instead of a pointer.

An ovs_be32 is a more obvious way to represent an IP address than a
pointer to one. It is also more type-safe, especially since "sparse" is
able to check that the argument is in network byte order.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ovs-vsctl: Allow command-specific options to mingle with global options.

Until now, a command like "ovs-vsctl --may-exist add-br br0" yielded a
confusing error message. Users had to realize that the correct form was
"ovs-vsctl -- --may-exist add-br br0", but instead they often reported a
bug or gave up in frustration. Even though the behavior was documented, it
was counterintuitive.

This commit allows command-specific options to be mixed with global
options, making both forms of the command listed above equally acceptable.

CC: 691508@bugs.debian.org
Reported-by: Adam Heath <doogie@brainfood.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>

Add OpenFlow13 to the allowed protocols for ofproto testing.

Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

Openflow 1.1 queue set/get config placeholders.

Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

vswitchd: Avoid writing to const struct

When built with Clang, vswitchd segfaulted in ovsrec_open_vswitch_init,
from calling memset() on a const struct.

Signed-off-by: Ed Maste <emaste@freebsd.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ofproto: Report correct error for emergency flow with timeout.

The OpenFlow 1.0 specification says:

    Emergency flow mod messages must have timeout values set to zero.
    Otherwise, the switch must refuse the addition and respond with an
    ofp_error_msg with OFPET_FLOW_MOD_FAILED type and
    OFPFMFC_BAD_EMERG_TIMEOUT code.

but Open vSwitch reported OFPFMFC_TABLE_FULL in this case.  This commit
fixes the problem.

Fixes detailed_contr_sw_messages.EmerFlowTimeout failure in OFTest.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>

vswitchd: Make the maximum size of MAC learning tables user-configurable.

We've had a couple of requests for this over the years. It's easy to do,
so let's implement it.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>

vlog: New vlog/enable-rate-limit and vlog/disable-rate-limit commands.

A few times while troubleshooting it would have been useful to get
complete logs, rather than post-rate-limiting snapshots of them. These
ovs-appctl commands make that possible.

Signed-off-by: Ben Pfaff <blp@nicira.com>

Added RHEL ovs-ifup STP option handling

Signed-off-by: Andres Toomsalu <andres@active.ee>
Signed-off-by: Ben Pfaff <blp@nicira.com>

nx-match: Log a warning when a wildcarded bit is set to 1.

This was prompted by a conversation on the openflow-discuss mailing list
where developers of some OpenFlow switches mentioned that they save an
entire copy of raw flows passed in by controllers because of the
possibility that there might be wildcarded 1-bits, e.g. something like
192.168.1.1/255.255.0.0 instead of 192.168.0.0/255.255.0.0.  I've always
intended that this not be necessary, but it was never explicitly written
down.  This commit starts the process of updating OVS to make this a
requirement, by logging a warning whenever such a NXM or OXM entry is seen,
and by updating the spec in nicira-ext.h to describe my intent.

This is related to issue EXT-238 (OXM should require that 0-bits in mask
be 0-bits in value) in the Open Networking Foundation's "extensibility"
bugtracker at https://www.opennetworking.org/bugs/browse/EXT-238.
(Unfortunately one must be an employee of an ONF member company to
access this bug tracker.  It's the network that's open, not the
foundation.)

Thanks to Zoltán Lajos Kis, Dan Talayco, Rob Sherwood, and HIDEyuki
Shimonishi for participating in the discussion on openflow-discuss.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>

netdev-bsd: Use underlying tap device on netdev_bsd_listen().

This is a trivial port to netdev-bsd of Justin Pettit's netdev-linux
commit 33d82a56d (netdev-linux: Use underlying tap device on
netdev_linux_listen().), which had the commit message:

  Commit acf608 (ofproto-dpif: Use a single underlying datapath across
  multiple bridges.) broke connectivity to userspace datapath devices.  The
  code assumed the first caller to open a tap device with
  netdev_linux_open() wanted to write to it.  This commit moves that logic
  to when netdev_linux_listen() is called.

This fixes the userspace datapath on FreeBSD.

Signed-off-by: Ed Maste <emaste@freebsd.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>

tests: Avoid race condition in flow monitoring test.

The execution of "ovs-appctl -t ovs-ofctl ofctl/send" could happen before
ovs-appctl received and printed the
    NXST_FLOW_MONITOR reply (xid=0x0):
     event=ADDED table=0 cookie=0 in_port=2 actions=output:1
msesage, which could cause the
    send: OFPT_FLOW_MOD: DEL priority=0 actions=drop
message to be printed before rather than after the NXST_FLOW_MONITOR reply.

This commit fixes the problem by inserting a serializing barrier.

Reported-by: Jarno Rajahalme <jarno.rajahalme@nsn.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

netdev-linux: Use underlying tap device on netdev_linux_listen().

Commit acf608 (ofproto-dpif: Use a single underlying datapath across
multiple bridges.) broke connectivity to userspace datapath devices.
The code assumed the first caller to open a tap device with
netdev_linux_open() wanted to write to it. This commit moves that logic
to when netdev_linux_listen() is called.

Thanks to Ben Pfaff for helping debug the issue.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Reported-by: Simon Horman <horms@verge.net.au>
Tested-by: Simon Horman <horms@verge.net.au>

linux/Makefile.main.in, acinclude: preparation for linux 3.7.0+

The version.h is moved from include/linux/version.h to
include/generated/uapi/linux/version.h.
So check both pathes.

Signed-off-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Jesse Gross <jesse@nicira.com>

Prevent pager from appearing during build

The config.h check added in commit 9e4ba00 may bring up the pager during
build (depending on git config).

Signed-off-by: Ed Maste <emaste@freebsd.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>

Makefile.am: Exclude third-party code from config.h check.

It doesn't make sense to enforce our rules for code in the third-
party directory.

Signed-off-by: Jesse Gross <jesse@nicira.com>

Makefile.am: Add a build check that every .c file #includes <config.h>.

This can find mysterious build problems.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ed Maste <emaste@freebsd.org>

lib: remove duplicate #include <config.h>

Signed-off-by: Ed Maste <emaste@freebsd.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>

netdev-vport: Drop extra parentheses around "vxlan".

Cc: Kyle Mestery <kmestery@cisco.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>

vxlan: Use sk_release_kernel() instead of sock_release().

A socket that is created using sock_create_kern() and then switched
to a namespace using sk_change_net() should be released using
sk_release_kernel() instead of sock_release(). This is because
sk_change_net() has already released a reference to the namespace
and we shouldn't try to release it again later.

Cc: Kyle Mestery <kmestery@cisco.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>

datapath: Add support for VXLAN tunnels to Open vSwitch

Add support for VXLAN tunnels to Open vSwitch. Add support
for setting the destination UDP port on a per-port basis.
This is done by adding a "dst_port" parameter to the port
configuration. This is only applicable currently to VXLAN
tunnels.

Please note this currently does not implement any sort of multicast
learning. With this patch, VXLAN tunnels must be configured similar
to GRE tunnels (e.g. point to point). A subsequent patch will implement
a VXLAN control plane in userspace to handle multicast learning.

This patch set is based on one posted by Ben Pfaff on Oct. 12, 2011
to the ovs-dev mailing list:

http://openvswitch.org/pipermail/dev/2011-October/012051.html

The patch has been maintained, updated, and freshened by me and a
version of it is available at the following github repository:

https://github.com/mestery/ovs-vxlan/tree/vxlan

I've tested this patch with multiple VXLAN tunnels between hosts
using different UDP port numbers. Performance is on par (though
slightly faster) than comparable GRE tunnels.

See the following IETF draft for additional information about VXLAN:
http://tools.ietf.org/html/draft-mahalingam-dutt-dcops-vxlan-02

Signed-off-by: Kyle Mestery <kmestery@cisco.com>
[jesse: simplify error path in vxlan_tunnel_setup, don't print default VXLAN port,
and remove dead code]
Signed-off-by: Jesse Gross <jesse@nicira.com>

rconn: Maintain original allowed_versions instead of substituting for zero.

rconn_create() was substituting OFPUTIL_DEFAULT_VERSIONS if an
allowed_versions of 0 was passed in. At the same time,
connmgr_set_controllers() compared the adjusted value of allowed_versions
against the original value, saw that they were different, and concluded
that it should kill off and recreate the rconn with the "corrected"
allowed_versions.

This commit fixes the problem by no longer adjusting allowed_versions.
There is no need, because it is only used in contexts where the original
version is OK.

This problem was introduced by commit 90ef0206ea8f5a39 (connmgr:
Reinitialise controllers if protocols changes).

Bug #14126.
CC: Simon Horman <horms@verge.net.au>
Reported-by: Natasha Gude <natasha@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

FAQ: Add table of supported Linux versions.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>
Acked-by: Jesse Gross <jesse@nicira.com>

datapath: Avoid useless holes in struct vport

Having the 16bit port_no in between a set of pointers creates
an unwanted and useless hole in the struct.

Signed-off-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Jesse Gross <jesse@nicira.com>

datapath: Use eth_mac_addr() instead of duplicating it

bonus: if we ever are to use IFF_LIVE_ADDR_CHANGE for
anything further than to check availability in eth_mac_addr(),
Open vSwitch will be ready for that.

Signed-off-by: Thomas Graf <tgraf@redhat.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>

datapath: Backport eth_mac_addr().

eth_mac_addr() has always been available on the kernels that we
support but the behavior has varied over time. This provides a
backport that is equivalent to the current kernel, previous OVS
behavior, and the bridge.

Signed-off-by: Jesse Gross <jesse@nicira.com>

ofp-errors: Make every error encodable.

Until now, some values could not be encoded to send over OpenFlow, for a
few possible reasons. This meant that, when one of these situations came
up, that a controller would not receive any notification that its request
failed. This is not a good way to behave, so this commit changes the
error encoder so that, if a particular error cannot be encoded, it will
instead encode a fallback error code.

This commit also slightly simplifies ofconn_send_error() because it no
longer has to handle ofperr_encode_error() returning NULL.

Reported-by: Jarno Rajahalme <jarno.rajahalme@nsn.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ofp-errors: Remove OFPERR_* values for error categories.

The main use of OFPERR_* is to define specific errors, but OFPERR_* also
existed for each possible category of error, to enable partial decoding of
unknown specific errors within a known category. However, in practice,
it was very easy to misuse the error categories as if they were particular
errors. This commit removes the error category values, to make that error
impossible.

(If partial decoding of unknown specific errors turns out to have been a
valuable feature, then we can reintroduce it some other way.)

Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ofp-errors: Correctly encode errors as extensions or not depending on domain.

When ofp-errors was introduced, each OFPERR_* was either an extension or
not.  However, since then, some Nicira extension error code have been
given official error codes in later OpenFlow versions, so now whether an
OFPERR_* is an extension depends on the OpenFlow versions.  This means
that certain errors were encoded incorrectly as extensions in later
OpenFlow versions.  This commit fixes the problem.

This commit also adds a test that should prevent a regression.

Signed-off-by: Ben Pfaff <blp@nicira.com>

Don't use error categories as if they were actually errors.

The OFPERR_* naming scheme is confusing, because it mixes categories with
specific errors. Categories can't be encoded for sending to controllers,
so this is a problem. This commit fixes up the cases where categories
were used as errors, replacing them by real errors types.

Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ofp-errors: Fix typo in comment.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com>

INSTALL.Debian: New instructions for installing on Debian.

Signed-off-by: Ben Pfaff <blp@nicira.com>

bridge: Set mac address when no physical ports attached.

Commit 1a8cfb41(bridge: Drop warning about thedefault bridge Ethernet
address.) attempted to reduce unnecessary logging, but deleted some code
that was necessary to set the mac address on local ports when no
physical ports were attached.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Issue #14126

INSTALL.RHEL: Explain how to work around RHEL 6 kernel-devel bug.

Based on http://networkstatic.net/open-vswitch-red-hat-installation/

Reported-by: Brent Salisbury <brent.salisbury@gmail.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>

include/openflow: Moved remaining common definitions from openflow-1.0.h

Moved remaining common definitions from openflow-1.0.h to
openflow-common.h and renamed 1.0 specific definitions with
the "10" infix. Added hstamp rules for new headers, fixed
non-ASCII characters in openflow-1.3.h, Commented out
trailing zero-length data members.

Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

connmgr: Reinitialise controllers if protocols changes

This is allows protocol changes to take effect without needing
to restart ovs-vswitchd. However, connected controllers will
be disconnected regardless of if the OpenFlow protocol of the
session remains acceptable or not.

My feeling is that this is acceptable to avoid the complexity
of further modifications to ofconn and pvconn to allow live
updates of protocols.

Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ovs-ctl: Don't run "ovs-save save-flows" on fake bridges.

Previously, ovs-ctl would determine which bridges to run "ovs-save
save-flows" on by running "ovs-vsctl list-br".  In addition to real
bridges, that command also returns fake bridges.  An error is returned
when "ovs-save save-flows" is run on a fake bridge.  By using the newly
added "--real" flag to "ovs-vsctl list-br", we can get rid of that
unnecessary warning.

Signed-off-by: Justin Pettit <jpettit@nicira.com>

ovs-vsctl: Add "--real" and "--fake" options to "list-br".

By default, "ovs-vsctl list-br" returns all bridges, real or fake. This
commit adds "--real" and "--fake" options that limit the output to only
bridges of that type. This will be useful in a future commit that needs
to perform actions only on bridges of a particular type.

Signed-off-by: Justin Pettit <jpettit@nicira.com>

Add OpenFlow 1.2 parse-flows test

This is based on an existing OpenFlow 1.0 variant of this test.

Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ofp-actions: Add OpenFlow1.1+ Set Queue action

Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ovs-dpctl: Describe -s option in usage message.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>

bond: Fix segfault sending learning packets with LACP disabled.

It is essentially an invalid configuration to disable LACP but request TCP
balancing: in this configuration, the bond drops all packets. But
may_send_learning_packets() would still indicate that learning packets
should be sent, so bond_compose_learning_packet() would try to choose an
output slave for those packets, which would be NULL (because all packets
are dropped), which would cause a segfault upon dereference.

This commit fixes the problem by making may_send_learning_packets() no
longer indicate that learning packets should be sent.

I tested this issue by modifying bond_should_send_learning_packets() to
always return true if may_send_learning_packets() returns true, and then
introducing the invalid configuration described above. Without this comit,
ovs-vswitchd segfaults quickly; with this commit, it does not.

Bug #14090.
Reported-by: Kiran Shanbhog <kiran@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

FAQ: Add Q&A to emphasize that VLANs partition a network.

A few users don't seem to understand this.

Signed-off-by: Ben Pfaff <blp@nicira.com>

bridge: Drop warning about the default bridge Ethernet address.

This information is also available via ovs-ofctl and through other means,
and it's not really anything we need to warn about anyhow.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

test: add ofproto OpenFlow1.2 tests

These were useful in isolating a number of bugs.

Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ovs-ofctl: By default, do not set flow format for OpenFlow 1.1+

Only set the default format for ovs-ofctl monitor if
OpenFlow 1.0 is the prevailing version. IMHO that is
the only case where it makes sense.

Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ovs-controller: Allow setting of allowed OpenFlow versions

--protocols allows configuration of the versions
that may be used when establishing an OpenFlow connection.

The default is 'OpenFlow10' which is consistent with
the behaviour prior to this patch.

The useful values at this time are:
'OpenFlow10', 'OpenFlow12', 'OpenFlow13',
Values may be combined in a comma delimited list.

e.g.: --protocols 'OpenFlow10,OpenFlow12,OpenFlow13'

Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ovs-ofctl: Reject impossible protocols configurations at startup.

The -O and -F options interact, so that it's possible to select only
flow formats that are not supported on a given OpenFlow version. It seems
best to report these problems up front rather than failing in a more
mysterious way later.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Simon Horman <horms@verge.net.au>

ofp-util: New functions for converting protocols to and from versions.

The values of enum ofputil_protocol have meanings that overlap with
OpenFlow version numbers. These new functions provide ways to figure out
these overlaps.

These functions will be used for the first time in an upcoming commit.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Simon Horman <horms@verge.net.au>

ofp-util: Make "OXM" flow format name include both OpenFlow 1.2 and 1.3.

To my mind, it makes sense, when a user requests OXM as the flow format,
to allow any protocol based on the OXM flow format to be used. Until this
commit, however, "OXM" was specifically OpenFlow 1.2, and "OpenFlow13" was
required to request OXM on OpenFlow 1.3.

This doesn't affect the behavior of any released version of Open vSwitch.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Simon Horman <horms@verge.net.au>

ofp-util: Style fixes.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Simon Horman <horms@verge.net.au>

ovs-ofctl: Add option to set allowed OpenFlow versions

--protocols allows configuration of the versions
that may be used when establishing an OpenFlow connection.

The default is 'OpenFlow10' which is consistent with
the behaviour prior to this patch.

The useful values at this time are:
'OpenFlow10', 'OpenFlow12', 'OpenFlow13',
Values may be combined in a comma delimited list.

e.g.: --protocols 'OpenFlow10,OpenFlow12,OpenFlow13'

Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ofp-version-opt: Fix wrong information in usage message.

This is my fault; I introduced this inconsistency when I modified Simon's
correct patch.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Simon Horman <horms@verge.net.au>

datapath: Use RCU callback when detaching netdevices.

Currently, each time a device is detached from an OVS datapath
we call synchronize RCU before freeing associated data structures.
However, if a bridge is deleted (which detaches all ports) when
many devices are connected then there can be a long delay. This
switches to use call_rcu() to group the cost together.

Reported-by: Justin Pettit <jpettit@nicira.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>

flow: use rule priority in match_format() function

The flow_format() function was incorrectly passing skb_priority
to the match_format() function. match_format() function instead
expects rule priority.

This issue was introduced with aa6c9932f2937fa9a2140ec1737668eb9105b0b5
(Change logging format for flows to that accepted by ofproto/trace).

Signed-off-by: Ansis Atteka <aatteka@nicira.com>

Add OF1.3 TUNNEL_ID support.

Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

lib: Add helpers for OpenFlow version command line options

Signed-off-by: Simon Horman <horms@verge.net.au>
[blp@nicira.com renamed some functions and options and revised
the documentation]
Signed-off-by: Ben Pfaff <blp@nicira.com>

Initial OpenFlow 1.3 support

Initial OpenFlow 1.3 support with new include/openflow/openflow-1.3.h.
Most of the messages that differ from 1.2 are implemented. OFPT_SET_ASYNC
is implemented via NX_SET_ASYNC_CONFIG, other new message types are yet to
be implemented. Stats replies that add duration fields are implemented at
encode/decode level only. Test cases for implemented features are included.
Remaining FIXME:s should not cause runtime aborts. Make check comes out
clean.

Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

AUTHORS: Add Jarno Rajahalme.

Signed-off-by: Ben Pfaff <blp@nicira.com>

ofp-util: Check out_group on flow_mod only for "delete" commands.

This conforms with OpenFlow 1.1+ wording.

Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

Fix handling of OFPP_ANY in OpenFlow 1.1 and later.

Add OFPP_ANY to include/openflow/openflow-1.1.h, and allow it as a port in
queue stats request. Make ovs_ofctl use OFPP_ANY instead of OFPP_ALL for queue
stats requests on OF 1.1+.

This patch changes "none" ports print out. "none" is still accepted on input
for backwards compatibility, but it prints out as "ANY". To make this less
confusing, I changed the test cases to use "controller" or "any" instead of
"none". The test case that tests for both "none" and "controller" still tests
for them.

Signed-off-by: Jarno Rajahalme <jarno.rajahalme@nsn.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

vswitchd: Make Interface's ofport a persistent column.

Currently, the 'ofport' column in Interface table is
ephemeral and is populated by vswitchd everytime it is
started or when a new interface is created with vswitchd
running.

Making it persistent lets vswitchd try and assign the
same ofport number to a particular interface across
restarts. This is just a fallback option when
'ofport_request' column is empty.

Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>

ovs-ctl.in: Don't save kernel datapath config.

Commit a41754333f6 (ovs-ctl.in: Ability to save flows and kernel
datapath config.) made ovs-ctl able to usefully save and restore
the flow table across loading and unloading the OVS kernel module
and stopping and starting the OVS daemons.  To ensure that the
flow table was still meaningful, it ensured that the datapath port
numbers were the same with the old and new versions of the kernel
module.

However, later commit e1b1d06afde (Separate OpenFlow port numbers
from datapath ones.) changed the OpenFlow implementation so that
keeping the same datapath port numbers no longer ensured that the
OpenFlow port numbers would be the same.  This caused a regression
in saving and restoring the flow table.  Although the flow table
was still saved and restored, it was no longer useful, since the
datapath port numbers might change.

This commit does not fix the regression, but it does drop the code
that saves and restores the port datapath numbers, since it is no
longer useful.  The following commit fixes the regression.

Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>

vswitchd: fix 32-bit builds

My previous 72e8bf28bb38e8816435c64859fb350215b6a9e6 (datapath:
add skb mark matching and set action) commit broke 32-bit builds.
This patch assures that size of struct flow is equal on both
32-bit and 64-bit architectures so that build asserts would
not fire anymore.

Acked-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Ansis Atteka <aatteka@nicira.com>

python/ovs/stream: Fix Stream.connect() retval for incomplete connection.

If the loop condition in Stream.connect() was false, which is especially
likely for TCP connections, then Stream.connect() would return None,
which violates its documented behavior. This commit fixes the problem.

Reported-by: Isaku Yamahata <yamahata@valinux.co.jp>
Tested-by: Isaku Yamahata <yamahata@valinux.co.jp>
Signed-off-by: Ben Pfaff <blp@nicira.com>

vswitchd: Log all tunnel parameters of given flow.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>

datapath: add skb mark matching and set action

This patch adds support for skb mark matching and set action.

Acked-by: Jesse Gross <jesse@nicira.com>
Signed-off-by: Ansis Atteka <aatteka@nicira.com>

socket-util: Remove get_socket_error().

It has no remaining users.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

socket-util: Avoid using SO_ERROR.

ESX doesn't implement it, and there's another approach that should work
everywhere, so drop back to that.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ovs-ofctl: Don't rely on stat() to check unix sockets.

ESX supports unix sockets, but they don't manifest themselves in
file system like they do on Linux. Instead of using stat to check
if a unix socket exist, this patch simply tries to open it instead.

Signed-off-by: Ethan Jackson <ethan@nicira.com>

ovs-appctl: fix help message for ofproto/trace command

The usage message for this command was wrong, because it did not
specify priority as one of its arguments.

Signed-off-by: Ansis Atteka <aatteka@nicira.com>

ofproto: Fix ofport allocation.

Currently running the following 3 commands results
in vswitchd running in an infinite loop.

ovs-vsctl add-port br1 port1 -- set interface port1 \
type=internal ofport_request=1
ovs-vsctl add-port br1 port2 -- set interface port2 \
type=internal ofport_request=2
ovs-vsctl add-port br1 port3 -- set interface port3 \
type=internal

This patch lets us go through all the possible ofport
values to find a free ofport.

Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>

bridge: Fix typo in comment.

Signed-off-by: Ben Pfaff <blp@nicira.com>

dpif-netdev: Make odp_flow_key_to_flow() check more explicit.

ODP_FIT_PERFECT has value 0 but this 'if' statement doesn't make much sense
unless you happen to know that.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>

python/ovs/socket_util: Fix error path in set_nonblocking.

'e' is an exception, not a socket, so get_exception_errno() is the
appropriate function to obtain an error code from it.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Kyle Mestery <kmestery@cisco.com>

ofp-util: Flow Dump Protocol for OpenFlow 12

Allow only OpenFlow 12 as a flow dump protocol.

The implementation of set_protocol_for_flow_dump ensures that
this will only be selected if an OpenFlow12 connection has
been negotiated.

Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>

daemon: Avoid the link() syscall.

make_pidfile() depends on the link() system call to atomically
create pidfiles when multiple daemons are started concurrently.
However, this system call isn't available on ESX so an alternative
strategy is necessary. Fortunately, the approach this patch takes
is cleaner than the original code.

Signed-off-by: Ethan Jackson <ethan@nicira.com>

vswitchd: Configuration of allowed OpenFlow versions

Versions may be configured using the protocols column of
the bridge table. The protocols column is a set which accepts zero
or more of the values: 'OpenFlow10' and 'OpenFlow12'.

If the protocols column is empty, then OpenFlow10 is used.
This default is consistent with the behaviour of ovs-vswtichd
prior to this patch.

Signed-off-by: Simon Horman <horms@verge.net.au>
[blp@nicira.com adjusted comments and documentation]
Signed-off-by: Ben Pfaff <blp@nicira.com>

connmgr: Use version of underlying rconn

Signed-off-by: Simon Horman <horms@verge.net.au>
[blp@nicira.com add OFPUTIL_P_NONE handling to ofconn_receives_async_msg()]
Signed-off-by: Ben Pfaff <blp@nicira.com>

connmgr: Mark ofconn_get_protocol() parameter const.

Signed-off-by: Ben Pfaff <blp@nicira.com>

don't use select.POLL* constants

Python doesn't have select.POLL* constants on some architectures
(e.g. MacOSX). This code needs to define the constants for itself. It
uses select.POLL* constants only internally (doesn't pass them
outside). So there is no harm even if the definition would conflict
with Python's those.

Signed-off-by: FUJITA Tomonori <fujita.tomonori@lab.ntt.co.jp>
Signed-off-by: Ben Pfaff <blp@nicira.com>

CodingStyle: Fix indentation.

This got changed away from what I actually prefer in commit be2c418b73fc
(Cleanup isdigit() warnings.).

Signed-off-by: Ben Pfaff <blp@nicira.com>

datapath: use this_cpu_ptr per-cpu helper

just use more faster this_cpu_ptr instead of per_cpu_ptr(p, smp_processor_id());

Signed-off-by: Shan Wei <davidshan@tencent.com>
Reviewed-by: Christoph Lameter <cl@linux.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>

datapath: Backport this_cpu_ptr to kernels < 2.6.33

An upstream commit uses this_cpu_ptr for a small performance benefit,
so this provides an equivalent to kernels that don't have that
function.

Signed-off-by: Jesse Gross <jesse@nicira.com>

ofproto-dpif: Remove datapath flows of deleted ports.

Commit acf608 (ofproto-dpif: Use a single underlying datapath across
multiple bridges.) causes datapath flows from deleted ports to not be
removed. The issue is that the code that bulk deletes old flows doesn't
know the datapath port number that makes up the datapath flow
definition. This commit keeps track of the datapath port in the facet
for use when the datapath flow eventually needs to be removed.

Signed-off-by: Justin Pettit <jpettit@nicira.com>

netdev-linux: Don't log vport warnings when kernel datapath not loaded.

The *_get_stats functions call get_stats_via_vport(), which tries to get
information about ports attached to the kernel datapath.  When a pure
userspace switch is used (eg, the OVS kernel module isn't loaded), ports
are not attached to a kernel datapath, so warnings get logged.  This
commit handles that case and doesn't log a warning.  However, if the
kernel datapath is loaded, ports attached to a userspace datapath will
still log a warning.

Signed-off-by: Justin Pettit <jpettit@nicira.com>

netdev-linux: "Down" tap devices before setting hw addr.

On Linux, it is not possible to set the mac address on "up" tap
interfaces. This commit temporarily "down"s the interface so the
address can be set for the netdev_linux_set_etheraddr() call.

Signed-off-by: Justin Pettit <jpettit@nicira.com>

bridge: Always "up" internal devices.

The kernel datapath automatically "up"s internal devices, but this
wasn't happening for the userspace datapath. This change has the bridge
module always "up" them.

Signed-off-by: Justin Pettit <jpettit@nicira.com>

bridge: Introduce iface_is_internal() function.

This will have an additional caller in the future.

Signed-off-by: Justin Pettit <jpettit@nicira.com>