git.cascardo.eti.br Git - cascardo/ovs.git/log

ovn-northd: Add appctl support.

This commit adds appctl support to ovn-northd and the 'exit' command.
The 'exit' command can be used in autotest for stopping the ovn-northd.

Signed-off-by: Alex Wang <alexw@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ovn-controller: Add physical/logical translation for containers.

When containers are running inside VMs and the openflow flows
are added in the hypervisor, the physical to logical translation
(and vice versa) needs to handle the VLAN tags that the packet
comes with.

Signed-off-by: Gurucharan Shetty <shettyg@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ovn-controller: Update actions correctly.

When a desired flow is different than the installed flow,
we should update its actions based on the desired flow.

Signed-off-by: Gurucharan Shetty <shettyg@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ovs-sandbox: Fix ovn support.

The last merge from master broke ovs-sandbox OVN support. The rungdb
function now takes an additional argument for whether or not the
daemon should be automatically started under gdb.

Signed-off-by: Russell Bryant <rbryant@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ofctrl: Correctly remove flows that are no longer needed.

The correct group ID to avoid requiring any particular output group when
removing a flow is OFPG_ANY. OFPG_ALL just caused the OFPFC_DELETE_STRICT
commands to be ignored because no OVN flows output to OFPG_ALL.

Before this patch, ofctrl wasn't deleting flows when logical ports were
deleted; this fixes the problem.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Gurucharan Shetty <gshetty@nicira.com>

ovn-controller: Initialize physical/logical translation module.

This is necessary to allow it to work.

This bug was introduced during the review process.

Reported-by: Gurucharan Shetty <shettyg@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

Merge "master" into "ovn".

This brings in STT.

Conflicts:
tutorial/ovs-sandbox

ovn: Adopt consistent naming, by renaming "Bindings" to "Binding".

The convention in OVSDB is to use singular names for database tables,
but Bindings was plural.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

dpctl: Ignore enumeration errors if there is at least one datapath.

When dpctl commands are used to inspect a userspace datapath, but OVS
has also built-in support for the kernel datapath, an error message is
reported if the kernel module is not loaded. This commit suppresses the
message.

Suggested-by: Ethan Jackson <ethan@nicira.com>
Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

dpctl: Factor out common code to iterate through all dpifs.

This commit introduces dps_for_each() which calls a callback for each
datapath of each registered type.

Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

lldp: Fix clang warning.

Clang-3.7 generates warnings such as the following:
../lib/ovs-lldp.c:394:19: error: address of array 'hardware->h_ifname'
will always evaluate to 'true' [-Werror,-Wpointer-bool-conversion]

This value is fetched from a netdev, which as far as I can tell must
always have a non-NULL name. Simplify this code.

Signed-off-by: Joe Stringer <joestringer@nicira.com>
Acked-by: Dennis Flynn <drflynn@avaya.com>
Acked-by: Ben Pfaff <blp@nicira.com>

dpctl: Add OVS_PRINTF_FORMAT annotation to dpctl_* functions.

Fixes passing variable data as a printf() format string.

Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

AUTHORS: Add Billy O'Mahony.

Signed-off-by: Ben Pfaff <blp@nicira.com>

docs: Clarify creation & bonding of DPDK enabled interfaces.

Unlike system interfaces, DPDK enabled interfaces must have their interface
type explicitly set when used to create ports. Mention this in relevant parts
of the documentation and add references to INTALL.DPDK.md, where there are many
examples.

Signed-off-by: Billy O'Mahony <billy.o.mahony@intel.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

match: Fix compile of match initializer on GCC 4.6.1.

GCC 4.6.1 complained about the match structure not being properly
initialzed when using MATCH_CATCHALL_INITIALIZER macro.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>

controller: Set chassis for container port.

ovn-controller updates the chassis column of the Bindings table in
OVN_Southbound when a logical port appears on the local switch. A
logical port that has a parent will never appear on a switch managed
by ovn-controller. When a parent port appears, all child container
ports should be updated as being on that chassis, as well.

Signed-off-by: Russell Bryant <rbryant@redhat.com>
Signed-off-by: Justin Pettit <jpettit@nicira.com>

FAQ: Explain how "tap" devices work and why you should not use them.

CC: 张伟 <zhangwqh@126.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Daniele Di Proietto <diproiettod@vmware.com>

ovn-controller: Implement logical/physical translation flows.

This last piece allows us to start testing and debugging a complete OVN
installation. A previous version of this patch was tested in a VM
environment, but this exact version has not been.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

ovs-architecture: Recommend disable-in-band=true for integration bridge.

Also implement in ovs-sandbox.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

ovn-controller: Install generated pipeline flows into OVS via OpenFlow.

This implementation is really simple, but it seems effective enough in my
minimal testing.

We still need code to generate flows for logical-to-physical and
physical-to-logical translation. With that, plus code to set up tunnels,
we should be able to start end-to-end testing.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

match: Add MATCH_CATCHALL_INITIALIZER.

An upcoming patch will add the first user.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>
Signed-off-by: Justin Pettit <jpettit@nicira.com>

ovs-sandbox: Use "secure" mode for br-int, in OVN mode.

This is documented in ovn-architecture(7).

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

rconn: Only increment seqno when connection actually drops or reconnects.

rconn_get_connection_seqno() is documented to change only when an rconn
connects or disconnnects, but in fact it was also changing whenever an
rconn went into or out of the "idle" state (following sending an echo
request). This fixes the problem.

rconn_get_connection_seqno() didn't have any existing users, but an
upcoming commit adds one.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

ovn-controller: Implement translation of OVN flows into OpenFlow.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

datapath: stt compatibility for RHEL7

RHEL7 backported nf_hookfn from newer kernel. Handle compatibility
by checking nf_hookfn declaration.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>

ovn: New module for parsing OVN actions as OpenFlow.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

odp-util: Fix a bug in parse_flag().

This commit fixes a bug in the parse_flag() function which causes
failure of parsing tunnel flags like:

tunnel(tun_id=0x0,src=1.2.3.4,dst=1.2.3.5,tos=0,ttl=64,flags(-df+csum+key))

Reported-by: Jacob Cherkas <jcherkas@nicira.com>
Signed-off-by: Alex Wang <alexw@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

xenserver: Use kernel uname version for XenServer 6.5

In XenServer 6.5, multiple kernel packages with different
rpm versions can have the same uname. So, it is not
necessary for openvswitch kernel module to require the
exact rpm version. Instead, the kernel module package
should check the uname version.

This commit will add a new variable %{kernel_uname} to
specify whether to use kernel uname version or kernel
rpm version as requirement.

When %{kernel_name} is used, openvswitch-module will have
"Requires: kernel-uname-r = <uname version>" set instead of
"Requires: kernel = <version>".

Reported-by: Gosen Chien <astgosen@ccu.edu.tw>
Signed-off-by: Edwin Chiu <echiu@vmware.com>
Signed-off-by: Alex Wang <alexw@nicira.com>

datapath: gre: Reset fix_segment pointer.

For kernel version 3.12 to 3.18, GRE uses compat code to
transmit packets which used fix_segment to segment packets.
but ovs_gso_cb->fix_segment is not initialized for GRE tunnels.
Following patches fixes it by resetting fix_segment.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>

ovn-controller: Free some more memory before exit.

Free a few pointers to malloc'd memory before exit.

Signed-off-by: Russell Bryant <rbryant@redhat.com>
Acked-by: Kyle Mestery <mestery@mestery.com>
Signed-off-by: Justin Pettit <jpettit@nicira.com>

ovn-controller: Fix invalid br_int_name handling.

While doing some testing, I noticed the following error message:

  Integration bridge '<garbage>' dissapeared

The reason is that the code kept around the value of the "ovn-bridge"
configuration without copying it.  The result was pointing to bogus
memory.  You would only see this if you set "ovn_bridge".  If you
relied on the default, the bug would not occur.

Signed-off-by: Russell Bryant <rbryant@redhat.com>
Acked-by: Kyle Mestery <mestery@mestery.com>
Signed-off-by: Justin Pettit <jpettit@nicira.com>

dpctl: cleaner dpctl output for tunnel ports.

Currently dont-fragment and TTL are initialized to zero, but
those are not default config for tunnel ports. dpctl
does not show default config of a port. So by setting these
values to default we can get cleaner `dpctl show` output.

% ovs-dpctl show
system@ovs-system:
port 0: ovs-system (internal)
port 1: br0 (internal)
port 4: gre_sys (gre: df_default=false, ttl=0)

% ovs-dpctl show # After initializing default values.
system@ovs-system:
port 0: ovs-system (internal)
port 1: br0 (internal)
port 4: gre_sys (gre)

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>

ovn-controller: Create tunnels based on Chassis configuration.

This creates a tunnel to each Chassis's specified Encaps. In the
future, we may want to limit this to only Chassis that share a logical
datapath on the local system.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ovn: Constrain supported tunnel types.

Limit the supported tunnel types to Geneve and STT on hypervisors, and
VXLAN, Geneve, and STT on gateways. This commit adds "DESIGN.md" that
describes the reasoning.

Wes Felter provided suggestions for improving the wording in the
architecture document.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ovn-controller: Rename "chassis_name" to "chassis_id".

This makes it more consistent with other IDs in the system.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ovn-controller: Don't log every interface missing "iface-id".

Tunnels create a lot of interfaces without an "external-id:iface-id", so
logging each interface missing one (even at debug) seems unnecessary.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ovn-controller: Clarify that some config changes require a restart.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ovn-controller: Make integration bridge config part of general context.

The integration bridge will be needed by other components soon, so make
it part of the general ovn-controller context.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>
Acked-by: Ben Pfaff <blp@nicira.com>

expr: Make expr_to_flows() include conj_id flows.

When I wrote expr_to_flows() originally, I assumed that the caller could
simply add an appropriate conj_id=X flow for each of the conjunctive
matches. I forgot that the conj_id=X flows also need to include
prerequisites for actions, e.g. if the OpenFlow actions manipulate TCP
fields, then the conj_id=X field must match on eth_type=0x800 and
ip_proto=6. That's hard for the caller to generate itself, so this commit
changes expr_to_matches() to generate the conj_id=X flows also.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

ovn: Add tunnel_key concept to Bindings table, assign in ovn-northd.

When packets travel among nodes in OVN over tunnels, a tunnel key value is
needed to convey the logical port to which the packet is destined. This
commit adds a tunnel_key column to the Bindings table and adds code to
ovn-northd to assign a unique tunnel_key value to each logical port.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

DPDK: add support for v2.0.0

Update relevant artifacts to add support for DPDK v2.0.0
- INSTALL.DPDK.md
- travis build script
- acinclude.m4: add 'mssse3' flag to OVS_CFLAGS
- netdev-dpdk: fix build with unified offload types in DPDK v2.0.0

Note that this breaks compatibility with DPDK v1.8.0

Signed-off-by: Mark Kavanagh <mark.b.kavanagh@intel.com>
Signed-off-by: Panu Matilainen <pmatilai@redhat.com>
Acked-by: Pravin B Shelar <pshelar@nicira.com>

ovn-sb: Fix reference to "port" that should have been "flow".

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

gitignore: Add file to .gitignore

Add testsuite.tmp.orig to .gitignore

Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>

datapath: Tidy up duplicate symbol detection.

Don't print each symbol that is iterated.
Make the error message more clear by prefixing "error: ".

Signed-off-by: Joe Stringer <joestringer@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

test-ovsdb: Fix conditional statement.

Old version of python does not support the following conditional
statement syntax in one assignment:

var = value1 if cond else value2

This commit fixes it by convert it back to use two assignments.

Signed-off-by: Alex Wang <alexw@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>

datapath: Add Stateless TCP Tunneling protocol.

The Stateless TCP Tunnel (STT) protocol encapsulates traffic in
IPv4/TCP packets.
STT uses TCP segmentation offload available in most of NIC. On
packet xmit STT driver appends STT header along with TCP header
to the packet. For GSO packet GSO parameters are set according
to tunnel configuration and packet is handed over to networking
stack. This allows use of segmentation offload available in NICs

The protocol is documented at
http://www.ietf.org/archive/id/draft-davie-stt-06.txt

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>

ovs-hyperv: make kernel return values netlink socket like

In this patch, we make changes to usersapce as well as
kernel datapath on hyperv to make it more netlink socket
like. Previously, the kernel datapath did not distinguish
between "transport errors" and other errors. Netlink
semantics dictate that netlink functions should only
return an error only in the case of a "transport error"
which is generally something fatal. Eg. failure to
communicate with the OVS module, or an invalid command
altogether. Other errors such as an unsupported action,
or an invalid flow key is not considered a "transport
error", and in such cases, netlink functions are to return
success with a 'struct nlmsgerr' populated in the output
buffer.

This patch implements these semantics.

Signed-off-by: Nithin Raju <nithin@vmware.com>
Acked-by: Sorin Vinturis <svinturis@cloudbasesolutions.com>
Reported-at: https://github.com/openvswitch/ovs-issues/issues/72
Signed-off-by: Ben Pfaff <blp@nicira.com>

datapath-windows: Enable extension after rrestart

The extension failed to be activated during booting due to the
failure to initialize tunnel filter. This happened because the Base
Filtering Engine (BFE) is not started and no session to the engine
could be acquired.

The solution for this was to registered a BFE notification callback
that is called whenever the BFE's state changes. Only if the BFE's
state is running the tunnel filter is initialized.

Signed-off-by: Sorin Vinturis <svinturis@cloudbasesolutions.com>
Reported-by: Sorin Vinturis <svinturis@cloudbasesolutions.com>
Reported-at: https://github.com/openvswitch/ovs-issues/issues/77
Acked-by: Eitan Eliahu <eliahue@vmware.com>
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>

ovn-northd: Set logical_datapath in each Bindings record.

Without a logical_datapath, ovn-controller won't be able to tell which
logical datapath a logical port belongs to, thus it won't be able to
implement logical flows related to the logical port.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

lex: New functions lex_lookahead() and lexer_match_id().

These functions will have their first users in upcoming commits.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

ovn-nb: Mark some features as not yet implemented.

Reported-by: Justin Pettit <jpettit@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

ovn: Back off on port_security specification and implementation.

The implementation of port_security was partial, and the specification was
vague. This reduces both to what was actually meant to be supported at
this point. It shouldn't be hard to fully implement port security when we
have a clear specification.

Reported-by: Justin Pettit <jpettit@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

ovn-northd: Port security allows receiving packets to multicast/broadcast.

Otherwise ARP and other broadcast protocols would be problematic.

Reported-by: Justin Pettit <jpettit@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

ovn-sb.xml: Revise description of "actions"; rename "resubmit" to "next".

Also update ovn-northd to use the revised syntax.

Reported-by: Justin Pettit <jpettit@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

datapath-windows: Removed duplicate instance pid removal

Instance PID is already deleted in the OvsCleanupPacketQueue function.

Signed-off-by: Sorin Vinturis <svinturis@cloudbasesolutions.com>
Acked-by: Nithin Raju <nithin@vmware.com>
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>

datapath: Fix check-export-symbol for non-bash shells

Avoid using a bash construct (=~) in the target.

An alternative would be to make the configure script require
bash explicitly. (Currently it doesn't and on NetBSD /bin/ksh
is likely used.)

The code in question was introduced by
commit b296b82a87326e68773b970284b8e012def0e3ba .
("datapath: Check the export of public functions in linux/compat/linux/.")

Signed-off-by: YAMAMOTO Takashi <yamamoto@valinux.co.jp>
Acked-by: Alex Wang <alexw@nicira.com>

datapath: Stop using __DATE__ and __TIME__ in startup string.

An increasing number of distributions ship with GCC 4.9 (including
Fedora and Ubuntu) that has -Werror=date-time. This causes kernel
compilation to fail because the builds are not exactly reproducible.

This simply removes the use of those constants, which was already
done for the upstream Linux version of the module. It retains the
version string, however, which should provide the same information
in most cases.

Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ovn-northd: Fix treatment of ports with unknown MACs.

Ports with unknown MACs are a per-lswitch concept but the code here was
treating them as global and also dereferenced a null pointer (generally
'lport' was null in the expression 'lswitch->lport').

Reported-by: Alex Wang <alexw@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Alex Wang <alexw@nicira.com>

Allow subclasses of Idl to define a notification hook

It is useful to make the notification events that Idl processes
accessible to users of the library. This will make it possible to
keep external systems in sync, but does not impose any particular
notification pattern.

The Row.from_json() call is added to be able to convert the 'old'
JSON response on an update to a Row object to make it easy for
users of notify() to see what changed, though this usage of Row
is quite different than Idl's typical use.

Signed-off-by: Terry Wilson <twilson@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ofp-parse: Correctly report error parsing selection method parameter.

Found by LLVM scan-build.

Reported-by: Kevin Lo <kevlo@FreeBSD.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Simon Horman <simon.horman@netronome.com>
Acked-by: Kevin Lo <kevlo@FreeBSD.org>

datapath: Use kernel Geneve implementation on 4.0 and above.

When Geneve was originally backported, it wasn't available as part
of a released kernel version but it is now, so we can take advantage
of the native implementation.

Note that Geneve was actually first available as part of the 3.18
kernel release but some drivers erroreously try to offload it as
if it were VXLAN, which was fixed in the 4.0 release. Since our
UDP tunnel compat layer already takes care of this, we continue
using the OVS Geneve implementation until 4.0.

Reported-by: Alex Wang <alexw@nicira.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
Reviewed-by: Simon Horman <simon.horman@netronome.com>

udptunnel: Kernel 3.20 doesn't exist.

When the UDP tunnel compat code was written, it backported some
functions that were slated to be in the next kernel release, then
called 3.20. However, this was ultimately released as 4.0 instead.

Signed-off-by: Jesse Gross <jesse@nicira.com>
Reviewed-by: Simon Horman <simon.horman@netronome.com>

datapath: Check the export of public functions in linux/compat/linux/.

This commit adds check in datapath/Makefile to make sure that all public
functions and exported symbols in linux/compat/ are either rpl_ or ovs_
prefixed, except those defined in compat/build-aux/export-check-whitelist.

Signed-off-by: Alex Wang <alexw@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>

datapath: Prevent linker error of unknown symbol.

With the latest change of separating vports into their own modules,
it is necessary to export all public functions in linux/compat/
directory. Also, we should prefix functions which replace the
upstream ones with 'rpl_' and others with 'ovs_'. This will prevent
the linker error when vport modules use those functions in the future.
e.g., the to be merged vport-stt module will use the flex_array_*
functions which are not currently exported.

Co-authored-by: Tuan Nguyen <tuan.nguyen@veriksystems.com>
Signed-off-by: Alex Wang <alexw@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>

datapath: Remove linux/compat/include/linux/log2.h.

No longer need this compat file, we can use the upstream version
of the function.

Signed-off-by: Alex Wang <alexw@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>

datapath-windows: Removed gOvsCtrlLock global spinlock

There is no need to use gOvsCtrlLock spinlock to guard the switch
context, as there is now the switch context's reference count used
for this purpose.

Now the gOvsCtrlLock spinlock guards only one shared resource, the
OVS_OPEN_INSTANCE global instance array.

Signed-off-by: Sorin Vinturis <svinturis@cloudbasesolutions.com>
Acked-by: Nithin Raju <nithin@vmware.com>
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>

Remove compiler warning

When linking executables on windows the following argument is passed
to the linker -Qunused-arguments.
This results in the following warning:
Command line warning D9002 : ignoring unknown option '-Qunused-arguments'

This patch removes that warning.

Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>

datapath-windows: don't free switch cxt until ref == 0

This is a hard to hit corner case, because currently we recommend that
all handles to the kernel datapath be closed before trying to unload the
OVS extension.

Signed-off-by: Nithin Raju <nithin@vmware.com>
Acked-by: Sorin Vinturis <svinturis@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

testsuite: Don't apply the testsuite.patch on non-Windows platforms.

On CentOS machines which use autoconf version 2.63, the patch
application would fail.

Reported-by: Ian Stokes <ian.stokes@intel.com>
Tested-by: Ian Stokes <ian.stokes@intel.com>
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>

ovn-nbctl: Update usage output for show command.

The show command takes an optional LSWITCH argument. In that case, it
only prints the info for a single switch instead of all of them.
Update the usage text to reflect that option.

Signed-off-by: Russell Bryant <rbryant@redhat.com>
Signed-off-by: Justin Pettit <jpettit@nicira.com>

netdev-dpdk: Reset RSS hash on transmit

When using DPDK rings (dpdkr port type), packet buffers get shared
to consumers of the rings (e.g. Virtual Machines). The packet buffers
also include the RSS hash. This is a hash of a number of fields
in the packet and is used in order to do a fast lookup in the EMC.

However, if a consumer of the packet modifies the packet without
regenerating the RSS hash, the EMC will use the same hash for lookup
even though the packet may belong to a different flow. This would
cause unnecessary collisions in the EMC reducing performance in the
presence of multiple flows.

To avoid receiving an incorrect RSS hash on reception from a DPDK
ring, the RSS hash needs to be reset on transmission. This will reduce
performance of the forwarding path as the RSS hash will need to
calculated for every packet received from an dpdkr but will behave
correctly in the presence of a large number of flows that get
modified by the consumer of a DPDK ring

Signed-off-by: Mark D. Gray <mark.d.gray@intel.com>
Acked-by: Daniele Di Proietto <diproiettod@vmware.com>
Acked-by: Pravin B Shelar <pshelar@nicira.com>

tests: Avoid Windows unit tests from hanging.

It has been observed that sometimes Windows unit tests hang.
This happens when a daemon is started but does not get terminated
when the test ends.

In one particular case, OVS_VSWITCHD_STOP is called which inturn
calls 'ovs-appctl exit'. This causes ovs-vswitchd's atexit handler
to cleanup the pidfiles. After this, the pthread destructurs get
called and a deadlock happens in there. This results in the
daemons not getting force killed resulting in the tests hanging
because the cleanup file tries to run the command
"kill `cat ovs-vswitchd.pid`" and ovs-vswitchd.pid no longer exists.

With this commit, we write the pid value of the daemons in the
cleanup file (instead of asking it to 'cat' the value later from
the pidfile). This way, even if the pidfiles get deleted, we can
still kill the daemons.

This commit also changes the way daemons are force killed in
Windows. It was observed that 'taskkill //F ' failed to kill
a deadlocked daemon running its pthread destructor. But
tskill succeeds.

Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
(ON_EXIT_UNQUOTED macro provided by Ben.)
Co-authored-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ovn: Remove complete to-do items.

Reported-by: Justin Pettit <jpettit@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

ovs-ctl.8: Add a missing synopsis.

Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

dpctl.at: tap devices don't exist on Windows.

The tests fail on Windows because tap device is not
a valid device on Windows. Use "dummy" device instead.

Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ovs-dev: Load all available vport modules on modinst

Automatically load all vport modules upon 'modinst' in case
they are not properly installed and thus not autoloaded.

Suggested-by: Flavio Leitner <fbl@sysclose.org>
Signed-off-by: Thomas Graf <tgraf@noironetworks.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>

NEWS: Leave a comment that vports are now separate kernel modules

Signed-off-by: Thomas Graf <tgraf@noironetworks.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>

ovs-dev: Hint that vport modules may need to be loaded manually

In case the openvswitch.ko is loaded manually without dependencies
built, the vport modules need to be loaded manually as well.

Signed-off-by: Thomas Graf <tgraf@noironetworks.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>

ovs-ctl: Unload & reload vport modules on force-reload-kmod

We manually rmmod the loaded vports as using modprobe -r
only works if the modules are available through modules.dep

We do not treat failures to load vports as a fatal error in case
the vport module has been renamed. Bringing the bridge back up is
considered more important. The error is still reported though.

Reported-by: Pravin Shelar <pshelar@nicira.com>
Signed-off-by: Thomas Graf <tgraf@noironetworks.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>

ofp-parse: Properly report error for invalid group ID.

The inner 'error' shadowed an outer one, so that the error, when set, was
never returned to the caller.

Found by LLVM scan-build.

Reported-by: Kevin Lo <kevlo@FreeBSD.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Andy Zhou <azhou@nicira.com>

ofp-util: Add missing 'break;' in bad_group_cmd().

Otherwise you get an assertion failure in place of a helpful error message.

Also fix typo where the "remove-bucket" command was output as
"insert-bucket".

Also fix a nearby style violation and add a pair of tests to prevent
regression.

Found by LLVM scan-build.

Reported-by: Kevin Lo <kevlo@FreeBSD.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Andy Zhou <azhou@nicira.com>

ovn/lib: Add symbol file for libovn.la.

This follows the pattern used for the other .la files so I assume that it
is equally useful.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

ovn: Move all library files into ovn/lib, and merge libraries.

There is no value in having two separate libraries for OVN.

Reported-by: Justin Pettit <jpettit@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

ovn-nbctl: Add "show" command.

It's often useful to see an overview of the configuration.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ovn-nbctl: Add lport-set-port-security command.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

ovn-nbctl: Simplify documentation for lport-set-macs.

Elsewhere, I think we just write ... to indicate that there can be more
than one, and let it be understood otherwise.

I want to add a "lport-set-port-security" command that has a similar format
and don't want to use up extra vertical space to mention that you can have
more than one argument.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

ovn-northd: Always use semicolons for each action.

When generating actions, the preferred style is to end each action with
a semicolon.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

netdev-dummy: Fix null pointer deref in dummy_packet_conn_set_config().

This would trigger if someone tried to switch a dummy device between
active and passive connections. It's not very important because dummy
devices are only enabled during testing.

Found by LLVM scan-build.

Reported-by: Kevin Lo <kevlo@FreeBSD.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Andy Zhou <azhou@nicira.com>

ovn*.xml: Convert tabs to spaces.

These files used both tabs and spaces for indentation. Convert all of
the tabs to spaces for consistency.

Signed-off-by: Russell Bryant <rbryant@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

dpctl.at: Ignore string representation of error messages in output.

Different C libraries represent the same error code (particularly ENODEV)
differently. This caused spurious test failures on BSD. This commit
avoids the problem by ignoring the error string representations entirely.

Reported-by: YAMAMOTO Takashi <yamamoto@valinux.co.jp>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: YAMAMOTO Takashi <yamamoto@valinux.co.jp>

ovn-northd: Implement basic Pipeline generation.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>

bridge: Remove redundant call to discover_types().

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>

FAQ: Refine discussion of how to get a kernel module.

This has come up a couple of times lately.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>

bridge: Remove unused macro OFP_PORT_ACTION_WINDOW.

I guess that this was missed when the corresponding feature was removed.

Reported-by: David Evans <davidjoshuaevans@gmail.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>

in-band: Mention ofproto name in the VLOG.

This will help the debugging of in-band module.

Signed-off-by: Alex Wang <alexw@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

in-band: Do not use manager with loopback address for in-band control.

If the manager resides on the same host as ovs, the manager target will
be the loopback address. Then, if in-band is enabled on a bridge, the
in-band module will constantly checks the connection to the manager to
make sure the manager is reachable. However, the connection checking
implementation cannot identify the route for the loopback address and
will keep issuing the following warning:

|in_band|WARN|cannot find route for controller (127.0.0.1): No such
device or address.

To fix this, this commit makes ovs not consider manager with loopback
for in-band control at all, since the manager is always reachable
on the same host.

Signed-off-by: Alex Wang <alexw@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

datapath-windows: Removed assert from FilterNetPnPEvent handler

I have removed an inappropriate assert from the FilterNetPnPEvent
routine, OvsExtNetPnPEvent. When NDIS calls the FilterNetPnPEvent
routine, the extension is in paused state and, obviously, the
switch is not active. The switch becomes active after FilterRestart
routine is called and the restart is successfully complete.

Signed-off-by: Sorin Vinturis <svinturis@cloudbasesolutions.com>
Acked-by: Eitan Eliahu <eliahue@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ovn-sb.xml: Make output to ingress port a no-op.

This provides better alignment with OpenFlow semantics.

Reported-by: Russell Bryant <rbryant@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

ovn-nb.xml: "true" match is actually expressed "1".

The original draft for the OVN expression language included "true" and
'false" keywords but later I changed them to "1" and "0" and forgot to
update this text.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

ovn-nb: Disallow priority 0 ACLs.

We need to have a priority-0 logical datapath flow to act as a catch-all.
The easiest way to make sure that it doesn't overlap with NB-provided ACLs
is to prohibit them from using priority 0.

Maybe we should restrict ACLs to some smaller range of priorities to allow
for higher- and lower- priority flows in the logical datapath table. I
haven't carefully thought it through.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>
Acked-by: Justin Pettit <jpettit@nicira.com>