cascardo/ovs.git
5 years agonetdev-dpdk: fix mbuf leaks master
Yuanhan Liu [Tue, 8 Mar 2016 01:50:48 +0000 (09:50 +0800)]
netdev-dpdk: fix mbuf leaks

mbufs could be chained (by the "next" field of rte_mbuf struct), when
an mbuf is not big enough to hold a big packet, say when TSO is enabled.

rte_pktmbuf_free_seg() frees the head mbuf only, leading mbuf leaks.
This patch fix it by invoking the right API rte_pktmbuf_free(), to
free all mbufs in the chain.

Signed-off-by: Yuanhan Liu <yuanhan.liu@linux.intel.com>
Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
5 years agoovsdb-server: Fix a reference count leak bug
andy zhou [Mon, 7 Mar 2016 23:44:34 +0000 (15:44 -0800)]
ovsdb-server: Fix a reference count leak bug

When destroying an ovsdb_jsonrpc_monitor, the jsonrpc monitor still
holds a reference count to the monitors 'changes' indexed with
'unflushed' transaction id.  The bug is that the reference count was
not decremented as it should in the code path.

The bug caused 'changes' that have been flushed to all jsonrpc
clients to linger around unnecessarily, occupying increasingly
large amount of memory. See "Reported-at" URL for more details.

This bug is tricky to find since the memory is not leaked; they will
eventually be freed when monitors are destroyed.

Reported-by: Lei Huang <huang.f.lei@gmail.com>
Reported-at: http://openvswitch.org/pipermail/dev/2016-March/067274.html
Signed-off-by: Andy Zhou <azhou@ovn.org>
Tested-by: Han Zhou <zhouhan@gmail.com>
Acked-by: Han Zhou <zhouhan@gmail.com>
Acked-by: Liran Schour <lirans@il.ibm.com>
5 years agorhel: Use ovn-ctl to ovn-controller service
bschanmu@redhat.com [Tue, 8 Mar 2016 13:15:02 +0000 (18:45 +0530)]
rhel: Use ovn-ctl to ovn-controller service

Trying to revert the changes caused by 8520deefbf208b24518c2bf67baad6d230f39dc0
to travis build failures

Signed-off-by: Babu Shanmugam <bschanmu@redhat.com>
Signed-off-by: Russell Bryant <russell@ovn.org>
5 years agoopenflow: Support matching and modifying MPLS TTL field.
Ben Pfaff [Tue, 8 Mar 2016 04:46:48 +0000 (20:46 -0800)]
openflow: Support matching and modifying MPLS TTL field.

Occasionally we get asked about this and I don't see a reason not to
support it.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
5 years agonetdev: Improve comments on netdev_rxq_recv().
Ben Pfaff [Sat, 5 Mar 2016 21:38:19 +0000 (13:38 -0800)]
netdev: Improve comments on netdev_rxq_recv().

The comment was incomplete in some ways and simply wrong in others.

Also ensure that *cnt is set to 0 if an error is encountered.  It's nice
when callers can rely on this.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
5 years agodpif-netdev: Fix typo in comment.
Ben Pfaff [Fri, 4 Mar 2016 04:43:20 +0000 (20:43 -0800)]
dpif-netdev: Fix typo in comment.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
5 years agoovs-ofctl: Fix command names in documentation.
Ben Pfaff [Mon, 7 Mar 2016 00:55:51 +0000 (16:55 -0800)]
ovs-ofctl: Fix command names in documentation.

The actual command names do not capitalize "tlv".

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
5 years agoofp-actions: Assert variable actions have len>0.
Joe Stringer [Mon, 7 Mar 2016 23:36:36 +0000 (15:36 -0800)]
ofp-actions: Assert variable actions have len>0.

Variable-length actions must have a nonzero length; if they don't,
something went wrong and we should bail out.

Suggested-by: Ben Pfaff <blp@ovn.org>
Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agotests: Expand 'bundle with many ports' test.
Joe Stringer [Mon, 7 Mar 2016 23:36:38 +0000 (15:36 -0800)]
tests: Expand 'bundle with many ports' test.

Explain what this test is doing, and check that the decoded action can
be re-encoded and dumped back out of OVS.

Suggested-by: Ben Pfaff <blp@ovn.org>
Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agoRevert "ovn-controller: race between binding-run and patch-run for localnet ports"
Ben Pfaff [Mon, 7 Mar 2016 22:58:25 +0000 (14:58 -0800)]
Revert "ovn-controller: race between binding-run and patch-run for localnet ports"

This reverts commit 3a83007a76bbf05144cee1fda7ad81c1c717dca7.  It's really
nonobvious from the code why the condition added by that commit makes sense.
The new condition should not be necessary now that binding_run() always keeps
track of the local datapaths, since commit 7c040135cf351 (binding: Track local
datapaths even when no transaction is possible).

CC: Ramu Ramamurthy <ramu.ramamurthy@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Russell Bryant <russell@ovn.org>
5 years agounixctl: Log commands received and their replies (at debug level).
Ben Pfaff [Mon, 7 Mar 2016 23:13:15 +0000 (15:13 -0800)]
unixctl: Log commands received and their replies (at debug level).

These commands are also visible through the "jsonrpc" module, but turning
up the log level there also exposes a lot of OVSDB traffic that usually
isn't interesting.

Also, enable this logging for the tests.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
5 years agobinding: Track local datapaths even when no transaction is possible.
Ben Pfaff [Mon, 7 Mar 2016 20:53:15 +0000 (12:53 -0800)]
binding: Track local datapaths even when no transaction is possible.

Plenty of other code depends on the set of local datapaths.  Most notably,
the lflow code will drop logical flows when their logical datapaths aren't
present locally.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Russell Bryant <russell@ovn.org>
5 years agoovs-sandbox: Add note about OVN to initial output.
Russell Bryant [Mon, 7 Mar 2016 15:47:21 +0000 (10:47 -0500)]
ovs-sandbox: Add note about OVN to initial output.

When you run ovs-sandbox, it finishes with a note describing the dummy
environment it has set up.  Add some additional text that indicates that
OVN is also enabled when that is the case.

Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
Acked-by: Ryan Moats <rmoats@us.ibm.com>
5 years agoofp-util: Fix use-after-free in group append.
William Tu [Fri, 4 Mar 2016 23:18:54 +0000 (15:18 -0800)]
ofp-util: Fix use-after-free in group append.

It is possible for ofpbuf_put() to realloc a newly allocated address,
casuing the previously referenced pointer, ogds, points to old/free'd
address. The issue is generated by forcing ofpbuf_put() to use newly
allocated buffer and valgrind reports invalid write. The similiar syndrome
is reported at: https://patchwork.ozlabs.org/patch/591330/

Invalid write of size 2
    ofputil_append_ofp15_group_desc_reply (ofp-util.c:8367)
    ofputil_append_group_desc_reply (ofp-util.c:8392)
    append_group_desc (ofproto.c:6262)
    handle_group_request (ofproto.c:6230)
    handle_group_desc_stats_request (ofproto.c:6269)
    handle_openflow__ (ofproto.c:7337)
    handle_openflow (ofproto.c:7403)
    ofconn_run (connmgr.c:1379)
    connmgr_run (connmgr.c:323)
    ofproto_run (ofproto.c:1762)
    bridge_run__ (bridge.c:2885)
    bridge_run (bridge.c:2940)
    main (ovs-vswitchd.c:120)

Address 0x7cb1020 is 144 bytes inside a block of size 1,144 free'd
    free (vg_replace_malloc.c:530)
    ofpbuf_resize__ (ofpbuf.c:246)
    ofpbuf_put (ofpbuf.c:386)
    nx_put_header__ (nx-match.c:1241)
    nxm_put__ (nx-match.c:697)
    oxm_put_field_array (nx-match.c:1226)
    ofputil_put_group_prop_ntr_selection_method (ofp-util.c:8305)
    ofputil_append_ofp15_group_desc_reply (ofp-util.c:8364)
    ofputil_append_group_desc_reply (ofp-util.c:8392)
    append_group_desc (ofproto.c:6262)

Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Joe Stringer <joe@ovn.org>
5 years agoofpbuf: Fix use-after-free in bundle parse.
William Tu [Sat, 5 Mar 2016 02:00:46 +0000 (18:00 -0800)]
ofpbuf: Fix use-after-free in bundle parse.

Address pointed by bundle could be obsolete/free'd when
realloc, called from ofpbuf_put_zero(), returns new address.
Reported by Valgrind 367: ovs-ofctl parse-flows (NXM)

Invalid write of size 4
    bundle_parse__ (bundle.c:200)
    bundle_parse_load (bundle.c:272)
    parse_bundle_load (ofp-actions.c:1324)
    ofpacts_parse__ (ofp-actions.c:7484)
    ofpacts_parse (ofp-actions.c:7540)
    ofpacts_parse_copy (ofp-actions.c:7558)
    parse_ofp_str__ (ofp-parse.c:491)
    parse_ofp_str (ofp-parse.c:544)
    parse_ofp_flow_mod_str (ofp-parse.c:870)

Address 0x7a4e96c is 12 bytes inside a block of size 64 free'd
    free (vg_replace_malloc.c:530)
    ofpbuf_resize__ (ofpbuf.c:246) (purposely add to force using new buf)
    ofpbuf_put_zeros (ofpbuf.c:375)
    bundle_parse__ (bundle.c:181)
    bundle_parse_load (bundle.c:272)
    parse_bundle_load (ofp-actions.c:1324)
    ofpacts_parse__ (ofp-actions.c:7484)
    ofpacts_parse (ofp-actions.c:7540)
    ofpacts_parse_copy (ofp-actions.c:7558)

Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Joe Stringer <joe@ovn.org>
5 years agoofpbuf: Fix setting of 'msg' in ofpbuf_clone_with_headroom()
Jarno Rajahalme [Mon, 7 Mar 2016 19:00:44 +0000 (11:00 -0800)]
ofpbuf: Fix setting of 'msg' in ofpbuf_clone_with_headroom()

Commit 38876d31 fixed setting 'msg' when resizing an ofpbuf, but
failed to fix the same issue in ofpbuf_clone_with_headroom().  Without
this fix the newly cloned ofpbuf's 'msg', if non-NULL, will point to
the buffer of the original ofpbuf.

Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Joe Stringer <joe@ovn.org>
5 years agoofpbuf: Rename 'data_delta' to 'xxx_offset'
Jarno Rajahalme [Mon, 7 Mar 2016 19:00:44 +0000 (11:00 -0800)]
ofpbuf: Rename 'data_delta' to 'xxx_offset'

Using more accurate and descriptive variable names improves code
readability.

Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Joe Stringer <joe@ovn.org>
5 years agoofpbuf: Make offset calculation more consistent.
Jarno Rajahalme [Mon, 7 Mar 2016 19:00:44 +0000 (11:00 -0800)]
ofpbuf: Make offset calculation more consistent.

Use the same method of offset calculation in
ofpbuf_clone_with_headroom() as in ofpbuf_resize__().

Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Joe Stringer <joe@ovn.org>
5 years agoAUTHORS: Add Ramu Ramamurthy.
Russell Bryant [Mon, 7 Mar 2016 15:23:35 +0000 (10:23 -0500)]
AUTHORS: Add Ramu Ramamurthy.

Ramu is the author of 3a83007a76bbf05144cee1fda7ad81c1c717dca7.

Signed-off-by: Russell Bryant <russell@ovn.org>
5 years agoovn-controller: race between binding-run and patch-run for localnet ports
Ramu Ramamurthy [Sat, 5 Mar 2016 01:40:26 +0000 (20:40 -0500)]
ovn-controller: race between binding-run and patch-run for localnet ports

when ctx->ovnsb_idl_txn is null, binding_run exits early
and does not add any local_datapaths, but patch_run
doesnt check this, and ends up deleting localnet ports,
because there are no local datapaths for them,
They get readded in a subsequent run causing unnecessary
deletion and readdition.

Signed-off-by: Ramu Ramamurthy <ramu.ramamurthy@us.ibm.com>
Signed-off-by: Russell Bryant <russell@ovn.org>
5 years agoUse 'RUNDIR' from make for rhel/ovn-controller.service
bschanmu@redhat.com [Mon, 7 Mar 2016 05:03:34 +0000 (10:33 +0530)]
Use 'RUNDIR' from make for rhel/ovn-controller.service

Perviously it was using the platform's runtime directory which can be
different from the runtime directory of ovsdb-server started by the
openvswitch service

Signed-off-by: Babu Shanmugam <bschanmu@redhat.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Signed-off-by: Russell Bryant <russell@ovn.org>
5 years agonetdev-dpdk: Fix memory leak in netdev_dpdk_vhost_destruct().
Ilya Maximets [Thu, 3 Mar 2016 08:30:06 +0000 (11:30 +0300)]
netdev-dpdk: Fix memory leak in netdev_dpdk_vhost_destruct().

Fixes: 4573fbd38fa1 ("netdev-dpdk: Add vhost-user multiqueue support")
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Acked-by: Daniele Di Proietto <diproiettod@vmware.com>
5 years agodatapath: STT: Fix checksum handling.
Pravin B Shelar [Fri, 4 Mar 2016 00:15:40 +0000 (16:15 -0800)]
datapath: STT: Fix checksum handling.

On packet receive STT verifies the checksum if not done in
hardware. But IP and TCP were pulled before the verification
step. The verification expect to see packet with TCP header.
This causes STT to drop packet in certain cases.

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Joe Stringer <joe@ovn.org>
5 years agoofpbuf: Use ptrdiff_t for pointer delta.
Joe Stringer [Thu, 3 Mar 2016 08:22:51 +0000 (21:22 +1300)]
ofpbuf: Use ptrdiff_t for pointer delta.

Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>
5 years agoofp-actions: Prevent integer overflow in decode.
Joe Stringer [Thu, 3 Mar 2016 08:22:50 +0000 (21:22 +1300)]
ofp-actions: Prevent integer overflow in decode.

When decoding a variable-length action, if the length of the action
exceeds the length storable in a uint16_t then something has gone
terribly wrong. Assert that this is not the case.

Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>
5 years agoofp-actions: Fix use-after-free in bundle action.
Joe Stringer [Thu, 3 Mar 2016 08:22:49 +0000 (21:22 +1300)]
ofp-actions: Fix use-after-free in bundle action.

If the actions list in an incoming flow mod is long enough, and there is
a bundle() action with 3 or more slaves, then it is possible for a
reallocation to occur after placing the ofpact_bundle into the ofpacts
buffer, while slave ports into the buffer. If the memory freed by this
reallocation is then passed to another thread, then that thread may
modify the value that bundle->n_slaves points to. If this occurs quickly
enough before the main thread finishes copying all of the slaves, then
the iteration may continue beyond the originally intended number of
slaves, copying (and swapping) an undetermined number of 2-byte chunks
from the openflow message. Finally, the length of the ofpact will be
updated based on how much data was written to the buffer, which may be
significantly longer than intended.

In many cases, the freed memory may not be allocated to another thread
and be left untouched. In some milder bug cases, this will lead to
'bundle' actions using more memory than required. In more serious cases,
this length may then exceed the maximum length of an OpenFlow action,
which is then stored (truncated) into the 16-bit length field in the
ofpact header. Later execution of ofpacts_verify() would then use this
length to iterate through the ofpacts, and may dereference memory in
unintended ways, causing crashes or infinite loops by attempting to
parse/validate arbitrary data as ofpact objects.

Fix the issue by updating 'bundle' within the iteration, immediately
after (potentially) expanding the bundle.

Thanks to Jarno Rajahalme for his keen pair of eyes on finding this
issue.

VMWare-BZ: #1614715
Fixes: f25d0cf3c366 ("Introduce ofpacts, an abstraction of OpenFlow actions.")
Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>
5 years agotests: Add bundle action test with buffer realloc.
Joe Stringer [Thu, 3 Mar 2016 08:22:48 +0000 (21:22 +1300)]
tests: Add bundle action test with buffer realloc.

Add a test which causes internal reallocation of the ofpacts buffer,
followed by a large bundle action which should cause a subsequent
reallocation while decoding slave ports. Running this test under
valgrind reveals the issue below, which is fixed in the following
commit.

Invalid read of size 4
   at 0x4CED87: decode_bundle (ofp-actions.c:1253)
   by 0x4CEDFC: decode_NXAST_RAW_BUNDLE (ofp-actions.c:1272)
   by 0x4DBDE6: ofpact_decode (ofp-actions.inc2:3765)
   by 0x4D6914: ofpacts_decode (ofp-actions.c:5735)
   by 0x4D6A3D: ofpacts_pull_openflow_actions__ (ofp-actions.c:5772)
   by 0x4D74F3: ofpacts_pull_openflow_instructions (ofp-actions.c:6352)
   by 0x4F59FA: ofputil_decode_flow_mod (ofp-util.c:1704)
   by 0x4EAD18: ofp_print_flow_mod (ofp-print.c:786)
   by 0x4F0711: ofp_to_string__ (ofp-print.c:3220)
   by 0x4F0D98: ofp_to_string (ofp-print.c:3453)
   by 0x5486B3: do_recv (vconn.c:644)
   by 0x548498: vconn_recv (vconn.c:598)
   by 0x524582: rconn_recv (rconn.c:703)
   by 0x45DA61: ofconn_run (connmgr.c:1370)
   by 0x45B3B4: connmgr_run (connmgr.c:323)
   by 0x41D1E8: ofproto_run (ofproto.c:1762)
   by 0x40CEE0: bridge_run__ (bridge.c:2885)
   by 0x40D093: bridge_run (bridge.c:2940)
   by 0x412F7E: main (ovs-vswitchd.c:120)
Address 0x66aa460 is 1,152 bytes inside a block of size 1,184 free'd
   at 0x4C2AF2E: realloc (vg_replace_malloc.c:692)
   by 0x543D27: xrealloc (util.c:123)
   by 0x5089EF: ofpbuf_resize__ (ofpbuf.c:243)
   by 0x508B81: ofpbuf_prealloc_tailroom (ofpbuf.c:290)
   by 0x508D5C: ofpbuf_put_uninit (ofpbuf.c:364)
   by 0x508DEF: ofpbuf_put (ofpbuf.c:387)
   by 0x4CED7D: decode_bundle (ofp-actions.c:1255)
   by 0x4CEDFC: decode_NXAST_RAW_BUNDLE (ofp-actions.c:1272)
   by 0x4DBDE6: ofpact_decode (ofp-actions.inc2:3765)
   by 0x4D6914: ofpacts_decode (ofp-actions.c:5735)
   by 0x4D6A3D: ofpacts_pull_openflow_actions__ (ofp-actions.c:5772)
   by 0x4D74F3: ofpacts_pull_openflow_instructions (ofp-actions.c:6352)
   by 0x4F59FA: ofputil_decode_flow_mod (ofp-util.c:1704)
   by 0x4EAD18: ofp_print_flow_mod (ofp-print.c:786)
   by 0x4F0711: ofp_to_string__ (ofp-print.c:3220)
   by 0x4F0D98: ofp_to_string (ofp-print.c:3453)
   by 0x5486B3: do_recv (vconn.c:644)
   by 0x548498: vconn_recv (vconn.c:598)
   by 0x524582: rconn_recv (rconn.c:703)
   by 0x45DA61: ofconn_run (connmgr.c:1370)

Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>
5 years agoovs-ofctl.8: commit is required with alg in ct().
Russell Bryant [Thu, 3 Mar 2016 15:15:14 +0000 (10:15 -0500)]
ovs-ofctl.8: commit is required with alg in ct().

The "alg=" argument to the ct() action only makes sense when used in
combination with "commit".  Add this to the documentation to help make
it clear.

Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
5 years agoINSTALL.DPDK.md: Installation steps correction for DPDK 2.2.
mweglicx [Tue, 1 Mar 2016 07:33:41 +0000 (07:33 +0000)]
INSTALL.DPDK.md: Installation steps correction for DPDK 2.2.

Missing step added to INSTALL.DPDK.md which prevents
installation error message.

Signed-off-by: Michal Weglicki <michalx.weglicki@intel.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
5 years agonetdev_dpdk.c: Add QoS functionality.
Ian Stokes [Wed, 2 Mar 2016 20:35:54 +0000 (20:35 +0000)]
netdev_dpdk.c: Add QoS functionality.

This patch provides the modifications required in netdev-dpdk.c and
vswitch.xml to allow for a DPDK user space QoS algorithm.

This patch adds a QoS configuration structure for netdev-dpdk and
expected QoS operations 'dpdk_qos_ops'. Various helper functions
are also supplied.

Also included are the modifications required for vswitch.xml to allow a
new QoS implementation for netdev-dpdk devices. This includes a new QoS type
`egress-policer` as well as its expected QoS table entries.

The QoS functionality implemented for DPDK devices is `egress-policer`.
This can be used to drop egress packets at a configurable rate.

The INSTALL.DPDK.md guide has also been modified to provide an example
configuration of `egress-policer` QoS.

Signed-off-by: Ian Stokes <ian.stokes@intel.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Acked-by: Daniele Di Proietto <diproiettod@vmware.com>
5 years agoofpbuf: Fix trivial spelling typo.
Russell Bryant [Mon, 29 Feb 2016 20:51:57 +0000 (15:51 -0500)]
ofpbuf: Fix trivial spelling typo.

s/bofy/body/. I noticed this spelling typo while reading this header
file.

Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agoofp: Add support for bundles extension in OpenFlow 1.3.
Jarno Rajahalme [Wed, 17 Feb 2016 22:08:04 +0000 (14:08 -0800)]
ofp: Add support for bundles extension in OpenFlow 1.3.

ONF Extension 230 adds support for OpenFlow 1.4 bundles to OpenFlow
1.3.  Supporting this allows OpenFlow 1.3 controllers to start using
bundles.  Also the ovs-ofctl '--bundle' option can now be used with
OpenFlow 1.3.

Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agoodp-util: Use FLOW_MAX_MPLS_LABELS when parsing MPLS ODP keys.
Jarno Rajahalme [Mon, 29 Feb 2016 19:13:28 +0000 (11:13 -0800)]
odp-util: Use FLOW_MAX_MPLS_LABELS when parsing MPLS ODP keys.

Even though the number of supported MPLS labels may vary between a
datapath and the OVS userspace, it is better to use the
FLOW_MAX_MPLS_LABELS than a hard-coded '3' as the maximum number of
labels to scan.

Requested-by: Ben Pfaff <blp@ovn.org>
Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agorhel: Add 'rpm-fedora' and 'rpm-fedora-kmod' targets
Lance Richardson [Fri, 19 Feb 2016 19:30:31 +0000 (14:30 -0500)]
rhel: Add 'rpm-fedora' and 'rpm-fedora-kmod' targets

Add make targets for Fedora and RHEL7 RPMs, update INSTALL.Fedora.md
to document their use

Added distribution tarball and rpm build directory to .gitignore.

Signed-off-by: Lance Richardson <lrichard@redhat.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Signed-off-by: Ben Pfaff <blp@ovn.org>
5 years agoovn: Suppport ct_mark/ct_label in lflow matches.
Russell Bryant [Mon, 29 Feb 2016 14:32:26 +0000 (09:32 -0500)]
ovn: Suppport ct_mark/ct_label in lflow matches.

Add support for matching on ct_mark and ct_label in OVN logical flows.

Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agoovsdb-server: Refactoring and clean up remote status reporting.
Andy Zhou [Wed, 24 Feb 2016 01:48:11 +0000 (17:48 -0800)]
ovsdb-server: Refactoring and clean up remote status reporting.

When reporting remote status, A listening remote will randomly
pick a session and report its session status. This does not seem
to make much sense. It is probably better to leave those fields
untouched.

Update ovs-vswitchd.conf.db(5) to match the change in implementation.

Signed-off-by: Andy Zhou <azhou@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agoovsdb: fix a typo in ovs-vswitchd.conf.db(5).
Andy Zhou [Wed, 24 Feb 2016 01:50:55 +0000 (17:50 -0800)]
ovsdb: fix a typo in ovs-vswitchd.conf.db(5).

Signed-off-by: Andy Zhou <azhou@ovn.org>
Acked-by: Joe Stringer <joe@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agonetdev-dpdk: clean up mbuf initialization
Mark Kavanagh [Fri, 19 Feb 2016 11:25:11 +0000 (11:25 +0000)]
netdev-dpdk: clean up mbuf initialization

Current mbuf initialization relies on magic numbers and does not
accomodate mbufs of different sizes.

Resolve this issue by ensuring that mbufs are always aligned to a 1k
boundary (a typical DPDK NIC Rx buffer alignment).

Signed-off-by: Mark Kavanagh <mark.b.kavanagh@intel.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
5 years agotestsuite: Add timeout to add_of_br() command.
Ilya Maximets [Fri, 26 Feb 2016 11:57:40 +0000 (14:57 +0300)]
testsuite: Add timeout to add_of_br() command.

Fixes hang of testsuite on ovs-vswitchd failure.

Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
5 years agoClean code in netlink-socket
Alin Serdean [Fri, 26 Feb 2016 14:10:12 +0000 (14:10 +0000)]
Clean code in netlink-socket

Found by inspection.

Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
5 years agoovn: Connect to remote lports through localnet port.
Han Zhou [Fri, 26 Feb 2016 04:49:46 +0000 (20:49 -0800)]
ovn: Connect to remote lports through localnet port.

Before this patch, inter-chassis communication between VIFs of same
lswitch will always go through tunnel, which end up of modeling a
single physical network with many lswitches and pairs of lports, and
complexity in CMS like OpenStack neutron to manage the lswitches and
lports.

With this patch, inter-chassis communication can go through physical
networks via localnet port with a 1:1 mapping between lswitches and
physical networks. The pipeline becomes:

Ingress -> Egress (local) -> Ingress (remote) -> Egress

The original tunneling mechanism will still be used if there is no
localnet port configured on the lswitch.

Signed-off-by: Han Zhou <zhouhan@gmail.com>
Acked-by: Russell Bryant <russell@ovn.org>
Signed-off-by: Ben Pfaff <blp@ovn.org>
5 years agoovn: Avoid ARP responder for packets from localnet port
Han Zhou [Fri, 26 Feb 2016 04:26:23 +0000 (20:26 -0800)]
ovn: Avoid ARP responder for packets from localnet port

This is required by next commit that allows lswitch with localnet
port to be attached to multiple chassises. Without this patch, if
an ARP request comes from localnet port, on each chassis there will
be an ARP response, which is not desired.

An new stage ls_in_arp_rsp is introduced for ARP responder before
ls_in_l2_lkup.

Suggested-by: Russell Bryant <russell@ovn.org>
Signed-off-by: Han Zhou <zhouhan@gmail.com>
Acked-by: Russell Bryant <russell@ovn.org>
Signed-off-by: Ben Pfaff <blp@ovn.org>
5 years agofedora: include ovs-save file in the rpm package
Ansis Atteka [Sat, 13 Feb 2016 21:37:35 +0000 (13:37 -0800)]
fedora: include ovs-save file in the rpm package

Otherwise, "ovs-ctl force-reload-kmod ..." command fails with:

Detected internal interfaces: br-int p1                    [  OK  ]
Saving flows /usr/share/openvswitch/scripts/ovs-ctl:
line 267: /usr/share/openvswitch/scripts/ovs-save: No such file or directory
                                                           [FAILED]
Exiting ovsdb-server (3228)                                [  OK  ]
Starting ovsdb-server                                      [  OK  ]
Configuring Open vSwitch system IDs                        [  OK  ]
Exiting ovs-vswitchd (3243)                                [  OK  ]
Saving interface configuration /usr/share/openvswitch/scripts/ovs-ctl:
line 294: /usr/share/openvswitch/scripts/ovs-save: No such file or directory
                                                           [FAILED]
Failed to save configuration, not replacing kernel module ... (warning).
Starting ovs-vswitchd                                      [  OK  ]
Enabling remote OVSDB managers                             [  OK  ]

Signed-off-by: Ansis Atteka <ansisatteka@gmail.com>
Reported-by: Sanal Pillai <sanalp@vmware.com>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agoofp-parse: Remove unneeded #include.
Ben Pfaff [Fri, 26 Feb 2016 22:42:58 +0000 (14:42 -0800)]
ofp-parse: Remove unneeded #include.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
5 years agothread: Keep openvswitch/thread.h #includes more contained within include/.
Ben Pfaff [Fri, 26 Feb 2016 22:23:19 +0000 (14:23 -0800)]
thread: Keep openvswitch/thread.h #includes more contained within include/.

It's better if the "include" directory is self-contained to the extent
possible.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
5 years agotests: Fix use of "test".
Ben Pfaff [Thu, 25 Feb 2016 22:24:20 +0000 (14:24 -0800)]
tests: Fix use of "test".

Only = is portable for testing equality, == is a nonportable extension.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Russell Bryant <russell@ovn.org>
5 years agom4: Rename compat.at to compat.m4.
Ben Pfaff [Mon, 22 Feb 2016 17:58:54 +0000 (09:58 -0800)]
m4: Rename compat.at to compat.m4.

This is used by both Autoconf and Autotest, so it doesn't make sense for
it to have a .at (Autotest) extension.

Signed-off-by: Ben Pfaff <blp@ovn.org>
5 years agotests: Move Autotest compatibility macros into tests directory.
Ben Pfaff [Mon, 22 Feb 2016 17:57:50 +0000 (09:57 -0800)]
tests: Move Autotest compatibility macros into tests directory.

compat.at mixes compatibility for m4sh, which is used by Autoconf and
Autotest, with compatibility for Autotest.  It makes more sense to separate
them.  This moves the Autotest-only compatibility macros into an Autotest
specific file.

Signed-off-by: Ben Pfaff <blp@ovn.org>
5 years agotests: Add Autoconf 2.63 compatibility support for AS_VAR_APPEND.
Ben Pfaff [Fri, 26 Feb 2016 20:46:48 +0000 (12:46 -0800)]
tests: Add Autoconf 2.63 compatibility support for AS_VAR_APPEND.

Reported-by: William Tu <u9012063@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
5 years agoovn-northd: Remove info log in extract_lport_addresses().
Han Zhou [Fri, 26 Feb 2016 07:35:35 +0000 (23:35 -0800)]
ovn-northd: Remove info log in extract_lport_addresses().

When a lport is with address "unknown", the function will complain
and print misleading logs. There is no need to print the log.

Signed-off-by: Han Zhou <zhouhan@gmail.com>
Acked-by: Numan Siddique <nusiddiq@redhat.com>
Signed-off-by: Russell Bryant <russell@ovn.org>
5 years agorhel: provide our own SELinux custom policy package
Ansis Atteka [Tue, 19 Jan 2016 17:59:12 +0000 (09:59 -0800)]
rhel: provide our own SELinux custom policy package

CentOS, RHEL and Fedora distributions ship with their own Open vSwitch
SELinux policy that is too strict and prevents Open vSwitch to work
normally out of the box.

As a solution, this patch introduces a new package which will "loosen"
up "openvswitch_t" SELinux domain so that Open vSwitch could operate
normally.

Intended use-cases of this package are:
1. to allow users to install newer Open vSwitch on already released Fedora,
RHEL and CentOS distributions where the default Open vSwitch SELinux policy
that shipped with the corresponding Linux distribution is not up to date
and did not anticipate that a newer Open vSwitch version might need to
invoke new system calls or need to access certain system resources that
it did not before; And
2. to provide alternative means through which Open vSwitch developers
can proactively fix SELinux related policy issues without waiting for
corresponding Linux distribution maintainers to update their central
Open vSwitch SELinux policy.

This patch was tested on Fedora 23 and CentOS 7. I verified that now
on Fedora 23 Open vSwitch can create a NetLink socket; and that I did
not see following error messages:

vlog|INFO|opened log file /var/log/openvswitch/ovs-vswitchd.log
ovs_numa|INFO|Discovered 2 CPU cores on NUMA node 0
ovs_numa|INFO|Discovered 1 NUMA nodes and 2 CPU cores
reconnect|INFO|unix:/var/run/openvswitch/db.sock: connecting...
reconnect|INFO|unix:/var/run/openvswitch/db.sock: connected
netlink_socket|ERR|fcntl: Permission denied
dpif_netlink|ERR|Generic Netlink family 'ovs_datapath' does not exist.
                 The Open vSwitch kernel module is p robably not loaded.
dpif|WARN|failed to enumerate system datapaths: Permission denied
dpif|WARN|failed to create datapath ovs-system: Permission denied

I did not test all Open vSwitch features so there still could be some
OVS configuration that would get "Permission denied" errors.

Since, Open vSwitch daemons on Ubuntu 15.10 by default run under "unconfined"
SELinux domain, then there is no need to create a similar debian package
for Ubuntu, because it works on default Ubuntu installation.

Signed-off-by: Ansis Atteka <aatteka@nicira.com>
Acked-by: Flavio Leitner <fbl@sysclose.com>
5 years agodpif-netdev: Fix double inclusion of cmap.h
Ilya Maximets [Thu, 25 Feb 2016 07:51:01 +0000 (10:51 +0300)]
dpif-netdev: Fix double inclusion of cmap.h

Also, all headers sorted lexicographically.

Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Signed-off-by: Joe Stringer <joe@ovn.org>
5 years agoovn-northd: Allow lport 'addresses' to store multiple ips in each set
Numan Siddique [Mon, 22 Feb 2016 10:29:37 +0000 (15:59 +0530)]
ovn-northd: Allow lport 'addresses' to store multiple ips in each set

If a logical port has two ipv4 addresses and one ipv6 address
it will be stored as ["MAC IPv41 IPv42 IPv61"] instead of
["MAC IPv41", "MAC IPv42", "MAC IPv61"].

Signed-off-by: Numan Siddique <nusiddiq@redhat.com>
[blp@ovn.org made changes to comments and ovn.at]
Signed-off-by: Ben Pfaff <blp@ovn.org>
5 years agoAdd useful information to ovn E2E test
RYAN D. MOATS [Fri, 19 Feb 2016 17:25:07 +0000 (11:25 -0600)]
Add useful information to ovn E2E test

Make test 2002 "ovn -- 3 HVs, 1 LS, 3 lports/HV" output the OF flows from
all three hypervisors to help in case something goes wrong.

Signed-off-by: RYAN D. MOATS <rmoats@us.ibm.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
5 years agoovn: Add a section on containers in OVN Tutorial
Numan Siddique [Fri, 19 Feb 2016 14:31:53 +0000 (20:01 +0530)]
ovn: Add a section on containers in OVN Tutorial

Signed-Off-by: Numan Siddique <nusiddiq@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
5 years agoovn: Add a TODO item for GARP generation.
Russell Bryant [Thu, 25 Feb 2016 19:57:02 +0000 (14:57 -0500)]
ovn: Add a TODO item for GARP generation.

Reported-at: https://bugs.launchpad.net/networking-ovn/+bug/1545897
Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agotests: Gracefully terminate daemons in OVN tests
Lance Richardson [Thu, 25 Feb 2016 15:57:28 +0000 (10:57 -0500)]
tests: Gracefully terminate daemons in OVN tests

Daemons started in OVN tests are currently killed (via "on_exit kill"
in start_daemon()). This is problematic for tools (such as gcov) that
rely on exit() being called.

Fix by using "ovs-appctl ... exit" to gracefully terminate the daemons.

Signed-off-by: Lance Richardson <lrichard@redhat.com>
Tested-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
5 years agoxlate: Always recirculate after an MPLS POP to a non-MPLS ethertype.
Jarno Rajahalme [Thu, 25 Feb 2016 00:10:42 +0000 (16:10 -0800)]
xlate: Always recirculate after an MPLS POP to a non-MPLS ethertype.

So far we have tried to optimize MPLS POP action not to recirculate
unless later matching actually needs the inner headers.  This made the
code complex and error-prone.  Also the cases where this optimization
would have been useful seem rare, as one would typically want to do
something else with the inner packet than blindly send it to some
output port.

With this change multiple consecutive MPLS POPs do not need
recirculation in between, so even if the blind output case is now
little bit less optimal, the multiple POP case is correspondingly
faster with this change.

Suggested-by: Ben Pfaff <blp@ovn.org>
Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agoodp-util: Format and scan multiple MPLS labels.
Jarno Rajahalme [Thu, 25 Feb 2016 00:10:42 +0000 (16:10 -0800)]
odp-util: Format and scan multiple MPLS labels.

So far we have been limited to including only one MPLS label in the
textual datapath flow format.  Allow upto 3 labels to be included so
that testing with multiple labels becomes easier.

Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agotests: Fix MPLS tests.
Jarno Rajahalme [Thu, 25 Feb 2016 00:10:42 +0000 (16:10 -0800)]
tests: Fix MPLS tests.

Some MPLS tests used non-MPLS ethertype for popping a label from a
multi-label stack.  Also, reveal actions in some MPLS tests.  This
will make later patches more easily understandable.

Fix the mpls-xlate banner and remove '-generate' option from MPLS
tests as it is no longer needed to create recirculation state.

Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agoovsdb: avoid unnecessary call to ovsdb_monitor_get_update()
Andy Zhou [Mon, 22 Feb 2016 08:35:28 +0000 (00:35 -0800)]
ovsdb: avoid unnecessary call to ovsdb_monitor_get_update()

Optimizing ovsdb_jsonrpc_mintor_flush_all() by avoiding calling
ovsdb_monitor_get_update() on monitors that do not have any
unflushed updates.  This change saves CPU cycles on ovsdb-server's
main loop, but should not introduce any client visible changes.

Reported-by: Liran Schour <lirans@il.ibm.com>
Signed-off-by: Andy Zhou <azhou@ovn.org>
Acked-by: Liran Schour <lirans@il.ibm.com>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agoovsdb: rename variables in ovsdb_monitor_get_update()
Andy Zhou [Mon, 22 Feb 2016 08:31:03 +0000 (00:31 -0800)]
ovsdb: rename variables in ovsdb_monitor_get_update()

'prev_txn' and 'next_txn" are more confusing than 'unflushed' and
'unflushed_next'. Rename them.

Signed-off-by: Andy Zhou <azhou@ovn.org>
Acked-by: Liran Schour <lirans@il.ibm.com>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agoovsdb: Fix one off error in tracking monitor changes
Andy Zhou [Mon, 22 Feb 2016 08:24:06 +0000 (00:24 -0800)]
ovsdb: Fix one off error in tracking monitor changes

dbmon's changes should be stored with the next transaction number,
rather than the current transaction number.  This bug causes the
changes of a transaction stored in a monitor to be unnoticed by
the jsonrpc connections that is responsible for flush the monitor
content.

However, the bug was not noticed until it was exposed by a later
optimization patch: "avoid unnecessary call to ovsdb_monitor_get_update()."
The lack of optimization means that the update is still generated
when 'unflushed' equals to n_transactions + 1, which should have
indicated the monitor has been flushed already.

Signed-off-by: Andy Zhou <azhou@ovn.org>
Acked-by: Liran Schour <lirans@il.ibm.com>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agotravis: Automatically recheck failed tests.
Ben Pfaff [Tue, 9 Feb 2016 19:44:40 +0000 (11:44 -0800)]
travis: Automatically recheck failed tests.

This should make the automatic testsuite more reliable on Travis.  It's
better to fix tests to be more reliable, of course, but in practie it's
difficult to make all of them 100% reliable.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Andy Zhou <azhou@ovn.org>
5 years agotests: Add ability to automatically rerun failed tests.
Ben Pfaff [Wed, 24 Feb 2016 23:42:24 +0000 (15:42 -0800)]
tests: Add ability to automatically rerun failed tests.

A lot of packaging was doing this already, so this simplifies their
implementation.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Andy Zhou <azhou@ovn.org>
5 years agoINSTALL.DPDK: Add notes regarding vhost multiq configuration.
Ian Stokes [Wed, 24 Feb 2016 17:30:57 +0000 (17:30 +0000)]
INSTALL.DPDK: Add notes regarding vhost multiq configuration.

Linux kernel network devices in a guest should have the number of
multi-purpose channels configured when used with DPDK multiqueue on the host.
This commit adds an example of how this can be done. Also add QEMU 2.5
requirements for multiqueue with DPDK in NEWS.

Signed-off-by: Ian Stokes <ian.stokes@intel.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Acked-by: Daniele Di Proietto <diproiettod@vmware.com>
5 years agonetdev-dpdk: vhost-user: Fix sending packets to queues not enabled by guest.
Ilya Maximets [Wed, 24 Feb 2016 14:14:43 +0000 (17:14 +0300)]
netdev-dpdk: vhost-user: Fix sending packets to queues not enabled by guest.

Currently virtio driver in guest operating system have to be configured
to use exactly same number of queues. If number of queues will be less,
some packets will get stuck in queues unused by guest and will not be
received.

Fix that by using new 'vring_state_changed' callback, which is
available for vhost-user since DPDK 2.2.
Implementation uses additional mapping from configured tx queues to
enabled by virtio driver. This requires mandatory locking of TX queues
in __netdev_dpdk_vhost_send(), but this locking was almost always anyway
because of calling set_multiq with n_txq = 'ovs_numa_get_n_cores() + 1'.

OVS_VHOST_MAX_QUEUE_NUM = 1024 chosen based on the fact that this is
the maximum number of queues supported by QEMU.

Fixes: 4573fbd38fa1 ("netdev-dpdk: Add vhost-user multiqueue support")
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Acked-by: Daniele Di Proietto <diproiettod@vmware.com>
5 years agoImplement OFPT_TABLE_STATUS Message.
Saloni Jain [Thu, 18 Feb 2016 10:24:26 +0000 (15:54 +0530)]
Implement OFPT_TABLE_STATUS Message.

On change in a table state, the controller needs to be informed with
the OFPT_TABLE_STATUS message. The message is sent with reason
OFPTR_VACANCY_DOWN or OFPTR_VACANCY_UP in case of change in remaining
space eventually crossing any one of the threshold.

Signed-off-by: Saloni Jain <saloni.jain@tcs.com>
Co-authored-by: Rishi Bamba <rishi.bamba@tcs.com>
Signed-off-by: Rishi Bamba <rishi.bamba@tcs.com>
[blp@ovn.org added vacancy event initialization and tests
 and updated NEWS]
Signed-off-by: Ben Pfaff <blp@ovn.org>
5 years agoconfigure: Fix checking of six library for Python 3.
Ilya Maximets [Wed, 24 Feb 2016 15:04:57 +0000 (18:04 +0300)]
configure: Fix checking of six library for Python 3.

Copied from python 2 checker but not corrected.

Fixes: 8fb7d02686ed ("configure: Check for presence of Python 3.")
Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Signed-off-by: Russell Bryant <russell@ovn.org>
5 years agoflow: add miniflow_pad_from_64
Simon Horman [Wed, 20 Jan 2016 06:15:01 +0000 (15:15 +0900)]
flow: add miniflow_pad_from_64

Provide leading padding to allow pushing a value to a miniflow where
the value is not aligned to 64 bytes and no value has already been
pushed to the same word.

This will be used by a follow-up patch to allow layer 3 packet - that is
packets without an ethernet header - to be represented in flows.

Signed-off-by: Simon Horman <simon.horman@netronome.com>
Acked-by: Jarno Rajahalme <jarno@ovn.org>
5 years agoflow: add miniflow_push_uint8
Simon Horman [Wed, 20 Jan 2016 06:15:00 +0000 (15:15 +0900)]
flow: add miniflow_push_uint8

The motivation is to allow pushing single bytes in
a manner to that already used for 16, 32 and 64 bit integers.

This will be used by a follow-up patch to allow layer 3 packet -
that is packets without an ethernet header - to be represented in flows.

Signed-off-by: Simon Horman <simon.horman@netronome.com>
Acked-by: Jarno Rajahalme <jarno@ovn.org>
5 years agonetdev-dpdk: Do not add vhost-user ports with '/' or '\' in name.
Daniele Di Proietto [Wed, 3 Feb 2016 01:24:32 +0000 (17:24 -0800)]
netdev-dpdk: Do not add vhost-user ports with '/' or '\' in name.

This check prevents an obvious way for a vhost-user socket to escape the
intended directory.

There might be other ways to escape the directory (none comes to mind at
the moment), but this is a problem that should be properly solved by
mandatory access control.

A similar check is done for a bridge name, since that name is used as
part of a socket as well.

Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>
5 years agotests/dpdk/ring_client: extend range of supported dpdkr ports
Mauricio Vásquez [Tue, 23 Feb 2016 22:06:38 +0000 (23:06 +0100)]
tests/dpdk/ring_client: extend range of supported dpdkr ports

Current implementation of the ring_client test only supports until the
dpdkr255 port, this patch extends it to support the full range of possible
dpdkr ports.

Signed-off-by: Mauricio Vasquez B <mauricio.vasquezbernal@studenti.polito.it>
Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
5 years agolib/netdev-dpdk: make device name parsing more robust
Mauricio Vásquez [Tue, 23 Feb 2016 22:06:37 +0000 (23:06 +0100)]
lib/netdev-dpdk: make device name parsing more robust

Current implementation of dpdk_dev_parse_name does not perform a robust
error handling, port names as "dpdkr" and "dpdkr1x" are considered valid.

With this patch only positive port numbers in decimal notation are considered
valid.

Signed-off-by: Mauricio Vasquez B <mauricio.vasquezbernal@studenti.polito.it>
Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
5 years agovtep: Add error messages for logical router support
Dennis Sam [Tue, 23 Feb 2016 21:43:46 +0000 (13:43 -0800)]
vtep: Add error messages for logical router support

Documents error codes that a Hardware Switch Controller can publish to the NVC
to indicate errors related to the provisioning of logical routers.

Signed-off-by: Dennis Sam <dsam@arista.com>
Acked-by: Anupam Chanda <achandra@vmware.com>
Signed-off-by: Justin Pettit <jpettit@ovn.org>
5 years agoovs-ofctl.8: Clarify conntrack documentation.
Joe Stringer [Tue, 23 Feb 2016 21:26:29 +0000 (13:26 -0800)]
ovs-ofctl.8: Clarify conntrack documentation.

Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>
5 years agolib: Fix netbsd compilation error.
Lance Richardson [Mon, 15 Feb 2016 15:08:51 +0000 (10:08 -0500)]
lib: Fix netbsd compilation error.

NetBSD requires <netinet/in.h> to be included before <netinit/ip6.h>.
Without this fix we have:

In file included from lib/netdev-vport.c:25:0:
/usr/include/netinet/ip6.h:82:18: error: field 'ip6_src' has incomplete type
/usr/include/netinet/ip6.h:83:18: error: field 'ip6_dst' has incomplete type

Signed-off-by: Lance Richardson <lrichard@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
5 years agolib/netdev-dpdk: increase ring name length for dpdkr ports
Mauricio Vásquez [Sun, 24 Jan 2016 03:20:13 +0000 (22:20 -0500)]
lib/netdev-dpdk: increase ring name length for dpdkr ports

A ring name length of 10 characters is not enough for dpdkr ports
starting from dpdkr10, then it is increased to RTE_RING_NAMESIZE
characters.

Signed-off-by: Mauricio Vasquez B <mauricio.vasquezbernal@studenti.polito.it>
Acked-by: Aaron Conole <aconole@redhat.com>
Acked-by: Daniele Di Proietto <diproiettod@vmware.com>
5 years agoMakefile.am: Clean flake8-check too.
Ben Pfaff [Mon, 22 Feb 2016 23:47:06 +0000 (15:47 -0800)]
Makefile.am: Clean flake8-check too.

Found by "make distcheck".

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Russell Bryant <russell@ovn.org>
5 years agoofproto-dpif-xlate: Fix crash when using multicast snooping.
Thadeu Lima de Souza Cascardo [Wed, 17 Feb 2016 14:43:56 +0000 (12:43 -0200)]
ofproto-dpif-xlate: Fix crash when using multicast snooping.

The revalidator thread may set may_learn and call xlate_actions with no packet
data. If the revalidated flow is IGMPv3 or MLD, vswitchd will crash when trying
to access the NULL packet.

Only process IGMP and MLD flows when there is a packet. This is a similar
behavior than what we have for other special packets.

Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com>
Reported-by: Yi Ba <yby.developer@yahoo.com>
Reported-at: http://openvswitch.org/pipermail/discuss/2016-January/020023.html
Fixes: 06994f879c9d ("mcast-snooping: Add Multicast Listener Discovery support")
Signed-off-by: Ben Pfaff <blp@ovn.org>
5 years agorhel: Add missing ovn bugtool files
Flavio Leitner [Tue, 23 Feb 2016 03:26:39 +0000 (00:26 -0300)]
rhel: Add missing ovn bugtool files

Fixes: 981cbd52c942 ("ovs-bugtool: Create OVN plugin and add output.")
Signed-off-by: Flavio Leitner <fbl@redhat.com>
Acked-by: Simon Horman <simon.horman@netronome.com>
Signed-off-by: Russell Bryant <russell@ovn.org>
5 years agodpif-netdev: Move rxq management into functions.
Ilya Maximets [Mon, 8 Feb 2016 15:30:30 +0000 (18:30 +0300)]
dpif-netdev: Move rxq management into functions.

Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
5 years agodpif-netdev: Reload each thread only once in do_add_port.
Ilya Maximets [Mon, 8 Feb 2016 15:30:29 +0000 (18:30 +0300)]
dpif-netdev: Reload each thread only once in do_add_port.

While adding of pmd interface with multiple queues several queues
may be assigned to one thread and this thread will be reloaded
one time for each added queue.

Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>
5 years agodpif-netdev: Add dpif-netdev/pmd-rxq-show appctl command.
Ilya Maximets [Mon, 8 Feb 2016 07:38:47 +0000 (10:38 +0300)]
dpif-netdev: Add dpif-netdev/pmd-rxq-show appctl command.

This command can be used to check the port/rxq assignment to
pmd threads. For each pmd thread of the datapath shows list
of queue-ids with port names.

Additionally log message from pmd_thread_main() extended with
queue-id, and type of this message changed from INFO to DBG.

Signed-off-by: Ilya Maximets <i.maximets@samsung.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Acked-by: Daniele Di Proietto <diproiettod@vmware.com>
5 years agobuild-windows: Enable parallel jobs for msbuild
Alin Serdean [Thu, 11 Feb 2016 03:09:32 +0000 (03:09 +0000)]
build-windows: Enable parallel jobs for msbuild

This patch enables parallel build from the command line.

If vstudio_config is defined change from:
make ovsext_make to make ovsext and also update the dependecy for it,
since the project requires OvsDpInterface.h to be built.

Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Acked-by: Sairam Venugopal <vsairam@vmware.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
5 years agoovs-bugtool: Create OVN plugin and add output.
William Tu [Sat, 6 Feb 2016 04:04:14 +0000 (20:04 -0800)]
ovs-bugtool: Create OVN plugin and add output.

Create a new ovn/utilities/bugtool directory, add ovn.xml to bugtool
plugins, and add ovn-nbctl show, ovn-sbctl show, and ovn-sbctl
lflow-list.

Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
5 years agoNEWS: Claim support for Python 3.
Russell Bryant [Fri, 18 Dec 2015 19:53:32 +0000 (14:53 -0500)]
NEWS: Claim support for Python 3.

Also update the Python ovs package info to note that both Python 2 and 3
are supported.

Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agovlog.at: Run tests for Python 2 and 3.
Russell Bryant [Fri, 18 Dec 2015 19:14:22 +0000 (14:14 -0500)]
vlog.at: Run tests for Python 2 and 3.

Update these Python tests to run with both Python 2 and 3.

Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agounixctl-py.at: Run tests for Python 2 and 3.
Russell Bryant [Fri, 18 Dec 2015 19:00:25 +0000 (14:00 -0500)]
unixctl-py.at: Run tests for Python 2 and 3.

Update these Python tests to run with both Python 2 and 3.

Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agodaemon-py.at: Run tests with Python 2 and 3.
Russell Bryant [Fri, 18 Dec 2015 18:24:57 +0000 (13:24 -0500)]
daemon-py.at: Run tests with Python 2 and 3.

Update these Python tests to run with both Python 2 and 3.

Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agoreconnect.at: Run tests for Python 2 and 3.
Russell Bryant [Fri, 18 Dec 2015 15:56:28 +0000 (10:56 -0500)]
reconnect.at: Run tests for Python 2 and 3.

Update the reconnect tests to use both Python 2 and 3.

Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agojsonrpc-py.at: Run tests with Python 2 and 3.
Russell Bryant [Fri, 18 Dec 2015 15:52:31 +0000 (10:52 -0500)]
jsonrpc-py.at: Run tests with Python 2 and 3.

Convert these Python tests to run with both Python 2 and 3.

Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agolibrary.at: Run tests for Python 2 and 3.
Russell Bryant [Fri, 18 Dec 2015 15:38:53 +0000 (10:38 -0500)]
library.at: Run tests for Python 2 and 3.

Update Python tests to run for both Python 2 and 3.

Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agoovsdb-idl.at: Run tests with both Python 2 and 3.
Russell Bryant [Fri, 18 Dec 2015 15:29:32 +0000 (10:29 -0500)]
ovsdb-idl.at: Run tests with both Python 2 and 3.

Update Python tests to run for both Python 2 and Python 3.

Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agoovsdb.at: Run Python tests for Python 2 and 3.
Russell Bryant [Fri, 18 Dec 2015 13:33:30 +0000 (08:33 -0500)]
ovsdb.at: Run Python tests for Python 2 and 3.

ovsdb.at includes some macros for running some identical test cases for
both C and Python.  Update these macros to run the test case for both
Python 2 and 3.  Retain the existing behavior for the direct use of the
_PY versions of these macros to only run against Python 2 without any
changes needed.

Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agojson.at: Run for Python 2 and 3.
Russell Bryant [Fri, 18 Dec 2015 01:55:18 +0000 (20:55 -0500)]
json.at: Run for Python 2 and 3.

Run json.at tests for both Python 2 and 3 if available.

Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agoconfigure: Check for presence of Python 3.
Russell Bryant [Fri, 18 Dec 2015 00:58:33 +0000 (19:58 -0500)]
configure: Check for presence of Python 3.

The configure script already checked for Python 2 (>=2.7).  Add another
check for Python 3 (>=3.4).  This will be used later for automatically
running tests with Python 3 as well if available.

Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agotests: Deal with Python output differences.
Russell Bryant [Thu, 17 Dec 2015 17:22:31 +0000 (12:22 -0500)]
tests: Deal with Python output differences.

This test checks the output based on Python's string representation of
an array of two unicode strings.  These strings have a "u" prefix in
Python 2, but not Python 3.  In Python 3, all strings are unicode.

Use sed on the output to strip the "u" from Python 2 output when
checking for the expected result.

Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>
5 years agogcc: Fix compile errors due to anonymous union initilization.
William Tu [Thu, 18 Feb 2016 02:00:22 +0000 (18:00 -0800)]
gcc: Fix compile errors due to anonymous union initilization.

gcc 4.4.7 lets you initialize named fields, and assign to anonymous union members,
but cannot statically initialize a named member of an anonymous union. This causes
errors when doing make:
fproto/fail-open.c: In function ‘send_bogus_packet_ins’:
ofproto/fail-open.c:130: error: unknown field ‘pin’ specified in initializer
ofproto/fail-open.c:131: error: unknown field ‘up’ specified in initializer
ofproto/fail-open.c:132: error: unknown field ‘packet’ specified in initializer
ofproto/fail-open.c:132: warning: missing braces around initializer
ofproto/fail-open.c:132: warning: (near initialization for ‘am.<anonymous>.pin.up’)
ofproto/fail-open.c:134: error: extra brace group at end of initializer

Examaple: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=42875
We can either assign a name to the union or, in this patch, remove the unnecessary union.

Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
5 years agoINSTALL.md: Fix shell command line formatting.
Jarno Rajahalme [Fri, 29 Jan 2016 23:18:14 +0000 (15:18 -0800)]
INSTALL.md: Fix shell command line formatting.

Some shell command lines were quoted inconsistently from others.

Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
Signed-off-by: Ben Pfaff <blp@ovn.org>