From d1a0566ee9e9d6cf4587f4870a6934d0a6e2de78 Mon Sep 17 00:00:00 2001 From: Jesse Gross Date: Mon, 5 Nov 2012 15:47:41 -0800 Subject: [PATCH] datapath: Don't allow flows installed with only TUN_ID. Tunnel ports now always include full outer IP information, even if userspace can't understand it. Since our flows our exact match this information must also be provided when setting up flows. Since flows with only OVS_KEY_ATTR_TUN_ID keys don't contain all of this information they can never be hit and we should just reject them at setup time. Signed-off-by: Jesse Gross Acked-by: Kyle Mestery --- datapath/flow.c | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/datapath/flow.c b/datapath/flow.c index 2acdd0599..f33760aff 100644 --- a/datapath/flow.c +++ b/datapath/flow.c @@ -1041,14 +1041,11 @@ int ovs_flow_from_nlattrs(struct sw_flow_key *swkey, int *key_lenp, if (tun_id != tun_key->tun_id) return -EINVAL; - memcpy(&swkey->phy.tun.tun_key, tun_key, sizeof(swkey->phy.tun.tun_key)); - attrs &= ~(1ULL << OVS_KEY_ATTR_TUN_ID); - attrs &= ~(1ULL << OVS_KEY_ATTR_IPV4_TUNNEL); - } else if (attrs & (1ULL << OVS_KEY_ATTR_TUN_ID)) { - swkey->phy.tun.tun_key.tun_id = nla_get_be64(a[OVS_KEY_ATTR_TUN_ID]); - swkey->phy.tun.tun_key.tun_flags |= OVS_FLOW_TNL_F_KEY; + memcpy(&swkey->phy.tun.tun_key, tun_key, + sizeof(swkey->phy.tun.tun_key)); attrs &= ~(1ULL << OVS_KEY_ATTR_TUN_ID); + attrs &= ~(1ULL << OVS_KEY_ATTR_IPV4_TUNNEL); } else if (attrs & (1ULL << OVS_KEY_ATTR_IPV4_TUNNEL)) { struct ovs_key_ipv4_tunnel *tun_key; tun_key = nla_data(a[OVS_KEY_ATTR_IPV4_TUNNEL]); @@ -1056,7 +1053,9 @@ int ovs_flow_from_nlattrs(struct sw_flow_key *swkey, int *key_lenp, if (!tun_key->ipv4_dst) return -EINVAL; - memcpy(&swkey->phy.tun.tun_key, tun_key, sizeof(swkey->phy.tun.tun_key)); + memcpy(&swkey->phy.tun.tun_key, tun_key, + sizeof(swkey->phy.tun.tun_key)); + attrs &= ~(1ULL << OVS_KEY_ATTR_IPV4_TUNNEL); } -- 2.20.1