2 * Copyright (c) 2009, 2010, 2011, 2012, 2013 Nicira, Inc.
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at:
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
18 #include "classifier.h"
20 #include <netinet/in.h>
21 #include "byte-order.h"
22 #include "dynamic-string.h"
28 #include "ovs-thread.h"
30 static struct cls_table *find_table(const struct classifier *,
31 const struct minimask *);
32 static struct cls_table *insert_table(struct classifier *,
33 const struct minimask *);
35 static void destroy_table(struct classifier *, struct cls_table *);
37 static void update_tables_after_insertion(struct classifier *,
39 unsigned int new_priority);
40 static void update_tables_after_removal(struct classifier *,
42 unsigned int del_priority);
44 static struct cls_rule *find_match(const struct cls_table *,
46 static struct cls_rule *find_equal(struct cls_table *,
47 const struct miniflow *, uint32_t hash);
48 static struct cls_rule *insert_rule(struct classifier *,
49 struct cls_table *, struct cls_rule *);
51 /* Iterates RULE over HEAD and all of the cls_rules on HEAD->list. */
52 #define FOR_EACH_RULE_IN_LIST(RULE, HEAD) \
53 for ((RULE) = (HEAD); (RULE) != NULL; (RULE) = next_rule_in_list(RULE))
54 #define FOR_EACH_RULE_IN_LIST_SAFE(RULE, NEXT, HEAD) \
55 for ((RULE) = (HEAD); \
56 (RULE) != NULL && ((NEXT) = next_rule_in_list(RULE), true); \
59 static struct cls_rule *next_rule_in_list__(struct cls_rule *);
60 static struct cls_rule *next_rule_in_list(struct cls_rule *);
64 /* Initializes 'rule' to match packets specified by 'match' at the given
65 * 'priority'. 'match' must satisfy the invariant described in the comment at
66 * the definition of struct match.
68 * The caller must eventually destroy 'rule' with cls_rule_destroy().
70 * (OpenFlow uses priorities between 0 and UINT16_MAX, inclusive, but
71 * internally Open vSwitch supports a wider range.) */
73 cls_rule_init(struct cls_rule *rule,
74 const struct match *match, unsigned int priority)
76 minimatch_init(&rule->match, match);
77 rule->priority = priority;
80 /* Same as cls_rule_init() for initialization from a "struct minimatch". */
82 cls_rule_init_from_minimatch(struct cls_rule *rule,
83 const struct minimatch *match,
84 unsigned int priority)
86 minimatch_clone(&rule->match, match);
87 rule->priority = priority;
90 /* Initializes 'dst' as a copy of 'src'.
92 * The caller must eventually destroy 'dst' with cls_rule_destroy(). */
94 cls_rule_clone(struct cls_rule *dst, const struct cls_rule *src)
96 minimatch_clone(&dst->match, &src->match);
97 dst->priority = src->priority;
100 /* Initializes 'dst' with the data in 'src', destroying 'src'.
102 * The caller must eventually destroy 'dst' with cls_rule_destroy(). */
104 cls_rule_move(struct cls_rule *dst, struct cls_rule *src)
106 minimatch_move(&dst->match, &src->match);
107 dst->priority = src->priority;
110 /* Frees memory referenced by 'rule'. Doesn't free 'rule' itself (it's
111 * normally embedded into a larger structure).
113 * ('rule' must not currently be in a classifier.) */
115 cls_rule_destroy(struct cls_rule *rule)
117 minimatch_destroy(&rule->match);
120 /* Returns true if 'a' and 'b' match the same packets at the same priority,
121 * false if they differ in some way. */
123 cls_rule_equal(const struct cls_rule *a, const struct cls_rule *b)
125 return a->priority == b->priority && minimatch_equal(&a->match, &b->match);
128 /* Returns a hash value for 'rule', folding in 'basis'. */
130 cls_rule_hash(const struct cls_rule *rule, uint32_t basis)
132 return minimatch_hash(&rule->match, hash_int(rule->priority, basis));
135 /* Appends a string describing 'rule' to 's'. */
137 cls_rule_format(const struct cls_rule *rule, struct ds *s)
139 minimatch_format(&rule->match, s, rule->priority);
142 /* Returns true if 'rule' matches every packet, false otherwise. */
144 cls_rule_is_catchall(const struct cls_rule *rule)
146 return minimask_is_catchall(&rule->match.mask);
149 /* Initializes 'cls' as a classifier that initially contains no classification
152 classifier_init(struct classifier *cls)
155 hmap_init(&cls->tables);
156 list_init(&cls->tables_priority);
157 ovs_rwlock_init(&cls->rwlock);
160 /* Destroys 'cls'. Rules within 'cls', if any, are not freed; this is the
161 * caller's responsibility. */
163 classifier_destroy(struct classifier *cls)
166 struct cls_table *table, *next_table;
168 HMAP_FOR_EACH_SAFE (table, next_table, hmap_node, &cls->tables) {
169 destroy_table(cls, table);
171 hmap_destroy(&cls->tables);
172 ovs_rwlock_destroy(&cls->rwlock);
176 /* Returns true if 'cls' contains no classification rules, false otherwise. */
178 classifier_is_empty(const struct classifier *cls)
180 return cls->n_rules == 0;
183 /* Returns the number of rules in 'cls'. */
185 classifier_count(const struct classifier *cls)
190 /* Inserts 'rule' into 'cls'. Until 'rule' is removed from 'cls', the caller
191 * must not modify or free it.
193 * If 'cls' already contains an identical rule (including wildcards, values of
194 * fixed fields, and priority), replaces the old rule by 'rule' and returns the
195 * rule that was replaced. The caller takes ownership of the returned rule and
196 * is thus responsible for destroying it with cls_rule_destroy(), freeing the
197 * memory block in which it resides, etc., as necessary.
199 * Returns NULL if 'cls' does not contain a rule with an identical key, after
200 * inserting the new rule. In this case, no rules are displaced by the new
201 * rule, even rules that cannot have any effect because the new rule matches a
202 * superset of their flows and has higher priority. */
204 classifier_replace(struct classifier *cls, struct cls_rule *rule)
206 struct cls_rule *old_rule;
207 struct cls_table *table;
209 table = find_table(cls, &rule->match.mask);
211 table = insert_table(cls, &rule->match.mask);
214 old_rule = insert_rule(cls, table, rule);
216 table->n_table_rules++;
222 /* Inserts 'rule' into 'cls'. Until 'rule' is removed from 'cls', the caller
223 * must not modify or free it.
225 * 'cls' must not contain an identical rule (including wildcards, values of
226 * fixed fields, and priority). Use classifier_find_rule_exactly() to find
229 classifier_insert(struct classifier *cls, struct cls_rule *rule)
231 struct cls_rule *displaced_rule = classifier_replace(cls, rule);
232 ovs_assert(!displaced_rule);
235 /* Removes 'rule' from 'cls'. It is the caller's responsibility to destroy
236 * 'rule' with cls_rule_destroy(), freeing the memory block in which 'rule'
237 * resides, etc., as necessary. */
239 classifier_remove(struct classifier *cls, struct cls_rule *rule)
241 struct cls_rule *head;
242 struct cls_table *table;
244 table = find_table(cls, &rule->match.mask);
245 head = find_equal(table, &rule->match.flow, rule->hmap_node.hash);
247 list_remove(&rule->list);
248 } else if (list_is_empty(&rule->list)) {
249 hmap_remove(&table->rules, &rule->hmap_node);
251 struct cls_rule *next = CONTAINER_OF(rule->list.next,
252 struct cls_rule, list);
254 list_remove(&rule->list);
255 hmap_replace(&table->rules, &rule->hmap_node, &next->hmap_node);
258 if (--table->n_table_rules == 0) {
259 destroy_table(cls, table);
261 update_tables_after_removal(cls, table, rule->priority);
266 /* Finds and returns the highest-priority rule in 'cls' that matches 'flow'.
267 * Returns a null pointer if no rules in 'cls' match 'flow'. If multiple rules
268 * of equal priority match 'flow', returns one arbitrarily.
270 * If a rule is found and 'wc' is non-null, bitwise-OR's 'wc' with the
271 * set of bits that were significant in the lookup. At some point
272 * earlier, 'wc' should have been initialized (e.g., by
273 * flow_wildcards_init_catchall()). */
275 classifier_lookup(const struct classifier *cls, const struct flow *flow,
276 struct flow_wildcards *wc)
278 struct cls_table *table;
279 struct cls_rule *best;
282 LIST_FOR_EACH (table, list_node, &cls->tables_priority) {
283 struct cls_rule *rule = find_match(table, flow);
286 flow_wildcards_fold_minimask(wc, &table->mask);
290 LIST_FOR_EACH_CONTINUE (table, list_node, &cls->tables_priority) {
291 if (table->max_priority <= best->priority) {
292 /* Tables in descending priority order,
293 * can not find anything better. */
296 rule = find_match(table, flow);
298 flow_wildcards_fold_minimask(wc, &table->mask);
300 if (rule && rule->priority > best->priority) {
310 /* Finds and returns a rule in 'cls' with exactly the same priority and
311 * matching criteria as 'target'. Returns a null pointer if 'cls' doesn't
312 * contain an exact match. */
314 classifier_find_rule_exactly(const struct classifier *cls,
315 const struct cls_rule *target)
317 struct cls_rule *head, *rule;
318 struct cls_table *table;
320 table = find_table(cls, &target->match.mask);
325 /* Skip if there is no hope. */
326 if (target->priority > table->max_priority) {
330 head = find_equal(table, &target->match.flow,
331 miniflow_hash_in_minimask(&target->match.flow,
332 &target->match.mask, 0));
333 FOR_EACH_RULE_IN_LIST (rule, head) {
334 if (target->priority >= rule->priority) {
335 return target->priority == rule->priority ? rule : NULL;
341 /* Finds and returns a rule in 'cls' with priority 'priority' and exactly the
342 * same matching criteria as 'target'. Returns a null pointer if 'cls' doesn't
343 * contain an exact match. */
345 classifier_find_match_exactly(const struct classifier *cls,
346 const struct match *target,
347 unsigned int priority)
349 struct cls_rule *retval;
352 cls_rule_init(&cr, target, priority);
353 retval = classifier_find_rule_exactly(cls, &cr);
354 cls_rule_destroy(&cr);
359 /* Checks if 'target' would overlap any other rule in 'cls'. Two rules are
360 * considered to overlap if both rules have the same priority and a packet
361 * could match both. */
363 classifier_rule_overlaps(const struct classifier *cls,
364 const struct cls_rule *target)
366 struct cls_table *table;
368 /* Iterate tables in the descending max priority order. */
369 LIST_FOR_EACH (table, list_node, &cls->tables_priority) {
370 uint32_t storage[FLOW_U32S];
371 struct minimask mask;
372 struct cls_rule *head;
374 if (target->priority > table->max_priority) {
375 break; /* Can skip this and the rest of the tables. */
378 minimask_combine(&mask, &target->match.mask, &table->mask, storage);
379 HMAP_FOR_EACH (head, hmap_node, &table->rules) {
380 struct cls_rule *rule;
382 FOR_EACH_RULE_IN_LIST (rule, head) {
383 if (rule->priority < target->priority) {
384 break; /* Rules in descending priority order. */
386 if (rule->priority == target->priority
387 && miniflow_equal_in_minimask(&target->match.flow,
388 &rule->match.flow, &mask)) {
398 /* Returns true if 'rule' exactly matches 'criteria' or if 'rule' is more
399 * specific than 'criteria'. That is, 'rule' matches 'criteria' and this
400 * function returns true if, for every field:
402 * - 'criteria' and 'rule' specify the same (non-wildcarded) value for the
405 * - 'criteria' wildcards the field,
407 * Conversely, 'rule' does not match 'criteria' and this function returns false
408 * if, for at least one field:
410 * - 'criteria' and 'rule' specify different values for the field, or
412 * - 'criteria' specifies a value for the field but 'rule' wildcards it.
414 * Equivalently, the truth table for whether a field matches is:
419 * r +---------+---------+
420 * i wild | yes | yes |
422 * e +---------+---------+
423 * r exact | no |if values|
425 * a +---------+---------+
427 * This is the matching rule used by OpenFlow 1.0 non-strict OFPT_FLOW_MOD
428 * commands and by OpenFlow 1.0 aggregate and flow stats.
430 * Ignores rule->priority. */
432 cls_rule_is_loose_match(const struct cls_rule *rule,
433 const struct minimatch *criteria)
435 return (!minimask_has_extra(&rule->match.mask, &criteria->mask)
436 && miniflow_equal_in_minimask(&rule->match.flow, &criteria->flow,
443 rule_matches(const struct cls_rule *rule, const struct cls_rule *target)
446 || miniflow_equal_in_minimask(&rule->match.flow,
448 &target->match.mask));
451 static struct cls_rule *
452 search_table(const struct cls_table *table, const struct cls_rule *target)
454 if (!target || !minimask_has_extra(&table->mask, &target->match.mask)) {
455 struct cls_rule *rule;
457 HMAP_FOR_EACH (rule, hmap_node, &table->rules) {
458 if (rule_matches(rule, target)) {
466 /* Initializes 'cursor' for iterating through rules in 'cls':
468 * - If 'target' is null, the cursor will visit every rule in 'cls'.
470 * - If 'target' is nonnull, the cursor will visit each 'rule' in 'cls'
471 * such that cls_rule_is_loose_match(rule, target) returns true.
473 * Ignores target->priority. */
475 cls_cursor_init(struct cls_cursor *cursor, const struct classifier *cls,
476 const struct cls_rule *target)
479 cursor->target = target && !cls_rule_is_catchall(target) ? target : NULL;
482 /* Returns the first matching cls_rule in 'cursor''s iteration, or a null
483 * pointer if there are no matches. */
485 cls_cursor_first(struct cls_cursor *cursor)
487 struct cls_table *table;
489 HMAP_FOR_EACH (table, hmap_node, &cursor->cls->tables) {
490 struct cls_rule *rule = search_table(table, cursor->target);
492 cursor->table = table;
500 /* Returns the next matching cls_rule in 'cursor''s iteration, or a null
501 * pointer if there are no more matches. */
503 cls_cursor_next(struct cls_cursor *cursor, struct cls_rule *rule)
505 const struct cls_table *table;
506 struct cls_rule *next;
508 next = next_rule_in_list__(rule);
509 if (next->priority < rule->priority) {
513 /* 'next' is the head of the list, that is, the rule that is included in
514 * the table's hmap. (This is important when the classifier contains rules
515 * that differ only in priority.) */
517 HMAP_FOR_EACH_CONTINUE (rule, hmap_node, &cursor->table->rules) {
518 if (rule_matches(rule, cursor->target)) {
523 table = cursor->table;
524 HMAP_FOR_EACH_CONTINUE (table, hmap_node, &cursor->cls->tables) {
525 rule = search_table(table, cursor->target);
527 cursor->table = table;
535 static struct cls_table *
536 find_table(const struct classifier *cls, const struct minimask *mask)
538 struct cls_table *table;
540 HMAP_FOR_EACH_IN_BUCKET (table, hmap_node, minimask_hash(mask, 0),
542 if (minimask_equal(mask, &table->mask)) {
549 static struct cls_table *
550 insert_table(struct classifier *cls, const struct minimask *mask)
552 struct cls_table *table;
554 table = xzalloc(sizeof *table);
555 hmap_init(&table->rules);
556 minimask_clone(&table->mask, mask);
557 hmap_insert(&cls->tables, &table->hmap_node, minimask_hash(mask, 0));
558 list_push_back(&cls->tables_priority, &table->list_node);
564 destroy_table(struct classifier *cls, struct cls_table *table)
566 minimask_destroy(&table->mask);
567 hmap_remove(&cls->tables, &table->hmap_node);
568 hmap_destroy(&table->rules);
569 list_remove(&table->list_node);
573 /* This function performs the following updates for 'table' in 'cls' following
574 * the addition of a new rule with priority 'new_priority' to 'table':
576 * - Update 'table->max_priority' and 'table->max_count' if necessary.
578 * - Update 'table''s position in 'cls->tables_priority' if necessary.
580 * This function should only be called after adding a new rule, not after
581 * replacing a rule by an identical one or modifying a rule in-place. */
583 update_tables_after_insertion(struct classifier *cls, struct cls_table *table,
584 unsigned int new_priority)
586 if (new_priority == table->max_priority) {
588 } else if (new_priority > table->max_priority) {
589 struct cls_table *iter;
591 table->max_priority = new_priority;
592 table->max_count = 1;
594 /* Possibly move 'table' earlier in the priority list. If we break out
595 * of the loop, then 'table' should be moved just after that 'iter'.
596 * If the loop terminates normally, then 'iter' will be the list head
597 * and we'll move table just after that (e.g. to the front of the
600 LIST_FOR_EACH_REVERSE_CONTINUE (iter, list_node,
601 &cls->tables_priority) {
602 if (iter->max_priority >= table->max_priority) {
607 /* Move 'table' just after 'iter' (unless it's already there). */
608 if (iter->list_node.next != &table->list_node) {
609 list_splice(iter->list_node.next,
610 &table->list_node, table->list_node.next);
615 /* This function performs the following updates for 'table' in 'cls' following
616 * the deletion of a rule with priority 'del_priority' from 'table':
618 * - Update 'table->max_priority' and 'table->max_count' if necessary.
620 * - Update 'table''s position in 'cls->tables_priority' if necessary.
622 * This function should only be called after removing a rule, not after
623 * replacing a rule by an identical one or modifying a rule in-place. */
625 update_tables_after_removal(struct classifier *cls, struct cls_table *table,
626 unsigned int del_priority)
628 struct cls_table *iter;
630 if (del_priority == table->max_priority && --table->max_count == 0) {
631 struct cls_rule *head;
633 table->max_priority = 0;
634 HMAP_FOR_EACH (head, hmap_node, &table->rules) {
635 if (head->priority > table->max_priority) {
636 table->max_priority = head->priority;
637 table->max_count = 1;
638 } else if (head->priority == table->max_priority) {
643 /* Possibly move 'table' later in the priority list. If we break out
644 * of the loop, then 'table' should be moved just before that 'iter'.
645 * If the loop terminates normally, then 'iter' will be the list head
646 * and we'll move table just before that (e.g. to the back of the
649 LIST_FOR_EACH_CONTINUE (iter, list_node, &cls->tables_priority) {
650 if (iter->max_priority <= table->max_priority) {
655 /* Move 'table' just before 'iter' (unless it's already there). */
656 if (iter->list_node.prev != &table->list_node) {
657 list_splice(&iter->list_node,
658 &table->list_node, table->list_node.next);
663 static struct cls_rule *
664 find_match(const struct cls_table *table, const struct flow *flow)
666 uint32_t hash = flow_hash_in_minimask(flow, &table->mask, 0);
667 struct cls_rule *rule;
669 HMAP_FOR_EACH_WITH_HASH (rule, hmap_node, hash, &table->rules) {
670 if (miniflow_equal_flow_in_minimask(&rule->match.flow, flow,
679 static struct cls_rule *
680 find_equal(struct cls_table *table, const struct miniflow *flow, uint32_t hash)
682 struct cls_rule *head;
684 HMAP_FOR_EACH_WITH_HASH (head, hmap_node, hash, &table->rules) {
685 if (miniflow_equal(&head->match.flow, flow)) {
692 static struct cls_rule *
693 insert_rule(struct classifier *cls,
694 struct cls_table *table, struct cls_rule *new)
696 struct cls_rule *head;
697 struct cls_rule *old = NULL;
699 new->hmap_node.hash = miniflow_hash_in_minimask(&new->match.flow,
700 &new->match.mask, 0);
702 head = find_equal(table, &new->match.flow, new->hmap_node.hash);
704 hmap_insert(&table->rules, &new->hmap_node, new->hmap_node.hash);
705 list_init(&new->list);
708 /* Scan the list for the insertion point that will keep the list in
709 * order of decreasing priority. */
710 struct cls_rule *rule;
711 FOR_EACH_RULE_IN_LIST (rule, head) {
712 if (new->priority >= rule->priority) {
714 /* 'new' is the new highest-priority flow in the list. */
715 hmap_replace(&table->rules,
716 &rule->hmap_node, &new->hmap_node);
719 if (new->priority == rule->priority) {
720 list_replace(&new->list, &rule->list);
724 list_insert(&rule->list, &new->list);
730 /* Insert 'new' at the end of the list. */
731 list_push_back(&head->list, &new->list);
736 update_tables_after_insertion(cls, table, new->priority);
741 static struct cls_rule *
742 next_rule_in_list__(struct cls_rule *rule)
744 struct cls_rule *next = OBJECT_CONTAINING(rule->list.next, next, list);
748 static struct cls_rule *
749 next_rule_in_list(struct cls_rule *rule)
751 struct cls_rule *next = next_rule_in_list__(rule);
752 return next->priority < rule->priority ? next : NULL;
git://git.onelab.eu / sliver-openvswitch.git / blob