git.cascardo.eti.br Git - cascardo/ovs.git/log

ovsdb: Update _version more accurately in transaction commit.

The _version column in each OVSDB row is supposed to be updated whenever
any other column in the row changes.  However, the transaction code was
not careful to do this only when a row actually changed--there were other
cases where a row was considered at transaction commit time and _version
updated even though the row did not actually change.  For example,
ovsdb_txn_adjust_atom_refs() calls find_or_make_txn_row(), which calls
ovsdb_txn_row_modify(), which updates _version, but
ovsdb_txn_adjust_atom_refs() doesn't actually update any data.

One way to fix this would be to carefully consider and adjust all the code
that looks at transaction rows.  However, this seems somewhat error prone
and thus difficult to test.  This commit takes a different approach: it
drops the code that adjusts _version on the fly, instead replacing it by
a final pass over the database at the end of the commit process that checks
for each row whether any columns changed and updates _version at that point
if any did.  That seems pretty foolproof to me.

Reported-by: RishiRaj Maulick <rishi.raj2509@gmail.com>
Reported-at: http://openvswitch.org/pipermail/dev/2015-August/059439.html
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Andy Zhou <azhou@nicira.com>
Tested-by: RishiRaj Maulick <rishi.raj2509@gmail.com>

datapath-windows: Tunnel filter initialization check

Verify if the tunnel filter is initialized before submitting requests.

Signed-off-by: Sorin Vinturis <svinturis@cloudbasesolutions.com>
Reported-by: Sorin Vinturis <svinturis@cloudbasesolutions.com>
Reported-at: https://github.com/openvswitch/ovs-issues/issues/100
Acked-by: Nithin Raju <nithin@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

datapath-windows: Add corresponding tag for tunnel context allocations

Signed-off-by: Sorin Vinturis <svinturis@cloudbasesolutions.com>
Acked-by: Nithin Raju <nithin@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

datapath-windows: New tag for tunnel filter pool allocations

All memory allocations within tunnel filter code have 'WSVO' pool tag.

Signed-off-by: Sorin Vinturis <svinturis@cloudbasesolutions.com>
Acked-by: Nithin Raju <nithin@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

.travis.yml: Direct email notifications to ovs-build without encryption.

Maybe it'll work, this way.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

packets: Avoid compile errors.

Commit 74ff3298c880 (userspace: Define and use struct eth_addr.) introduced
a compilation issue due to a bad unsigned 64-bit constant, as well as an
implicit narrow.

This commit uses the C99 ULL suffix to tell the compiler to treat the
constant as 64-bits, and also masks portions of the uint64_t argument to
the htons() calls to avoid compiler errors.

Signed-off-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

Very pleased to make this change request.

Signed-off-by: Aaron Conole <aconole@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

tests: Add unit tests for ovn-nbctl.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ovn-nbctl: Sort output of most commands.

This will be helpful for unit tests.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

tests: Group the OVN tests together.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

tests: Fix banner name for ovn-sbctl.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

sandbox: Include vtep dir into the sandbox path

Otherwise the built vtep-ctl is not available from the
sandbox command line.

Signed-off-by: Miguel Angel Ajo <mangelajo@redhat.com>
Acked-by: Russell Bryant <rbryant@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

FAQ: Mention plotnetcfg tool.

The plotnetcfg is an open source tool to visualy represent
relationship between network interfaces on a single host.

It helps to understand the path of a packet on a host.

Signed-off-by: Flavio Leitner <fbl@sysclose.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>

datapath-windows: check vport attribute before access

OVS_VPORT_ATTR_OPTIONS being an optional attribute should be
preceded by a check for valid value before access.

Signed-off-by: Nithin Raju <nithin@vmware.com>
Acked-by: Sairam Venugopal <vsairam@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ovn: Document supported predicates.

ovn-sb(5) discussed that predicates are supported and described what
they were. It did not list the predicates that are defined for OVN
matches. This patch lists the supported predicates and what they
expand to.

Signed-off-by: Russell Bryant <rbryant@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

INSTALL.DPDK: Fix a typo.

I started by just fixing s/expect/expects/ and made a couple more
tweaks to the short paragraph while I was in there.

Signed-off-by: Russell Bryant <rbryant@redhat.com>
Acked-by: Flavio Leitner <fbl@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

netdev-linux: Don't set ethtool flags if flag is already set on netdev

Check if ethtool flags is already set on a netdev, before trying to set it.

This patch works around issues with some older verison of ethernet drivers,
which tend to reset the NIC when call to disable LRO is made, even if LRO is
already disable on that NIC. NIC reset is not desirable in OVS upgrade scenario
as it causes extended downtime.

Signed-off-by: Anoob Soman <anoob.soman@citrix.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>

datapath: Add net/ip6_checksum.h to stt.c

`csum_ipv6_magic` is an asm inline on most platforms. However if it is
not defined (like on ppc64le) including <net/ip6_checksum.h> will fall
back to the c implementation by wrapping it in an
`#ifndef _HAVE_ARCH_IPV6_CSUM`.

Signed-off-by: Jason Kölker <jason@koelker.net>
Signed-off-by: Jesse Gross <jesse@nicira.com>

dpif-netdev: Purge all ukeys when reconfigure pmd.

When dpdk configuration changes, all pmd threads are recreated
and rx queues of each port are reloaded.  After this process,
rx queue could be mapped to a different pmd thread other than
the one before reconfiguration.  However, this is totally
transparent to ofproto layer modules.  So, if the ofproto-dpif-upcall
module still holds ukeys generated before pmd thread recreation,
this old ukey will collide with the ukey for the new upcalls
from same traffic flow, causing flow installation failure.

To fix the bug, this commit adds a new call-back function
in dpif layer for notifying upper layer the purging of datapath
(e.g. pmd thread deletion in dpif-netdev).  So, the
ofproto-dpif-upcall module can react properly with deleting
the ukeys and with collecting flows' last stats.

Reported-by: Ilya Maximets <i.maximets@samsung.com>
Signed-off-by: Alex Wang <ee07b291@gmail.com>
Acked-by: Daniele Di Proietto <diproiettod@vmware.com>
Tested-by: Daniele Di Proietto <diproiettod@vmware.com>
Acked-by: Joe Stringer <joestringer@nicira.com>

ofproto-dpif-upcall: Allow main thread to pause all revalidators.

This commit adds logic using ovs barrier to allow main thread pause
all revalidators. This new feature will be used in a later patch.

Signed-off-by: Alex Wang <ee07b291@gmail.com>
Acked-by: Joe Stringer <joestringer@nicira.com>

ovn-sb: Describe the pipeline stages generated by ovn-northd.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>

ovn-sb: Clarify ovn-northd's responsibilities.

The old documentation incorrectly attributed logical flow generation to
the CMS instead of ovn-northd. This also corrects how a database is
referenced in the documentation.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>

ovn-architecture: Fix capitalization of a title.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>

lib/ofpbuf: make ofpbuf_use() static

There is no external users for ofpbuf_use() directly.

Signed-off-by: Andy Zhou <azhou@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

lib/jsonrpc: make use of ofpbuf_use_ds()

Make use of ofpbuf_use_ds() to simplify code.

Signed-off-by: Andy Zhou <azhou@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

jsonrpc: use json_to_ds to speed up jsonrpc_send

This change reuses the string length that available from 'ds', saving
a strlen() call.

Signed-off-by: Andy Zhou <azhou@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

lib/ofpbuf: add ofpbuf_use_ds() API

Add an API to convert a dynamic string object into ofpbuf.

Signed-off-by: Andy Zhou <azhou@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

lib/ofpbuf: refactor ofpbuf_use__() API

Add the size to its parameter list.

Signed-off-by: Andy Zhou <azhou@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

lib/dynamic-string: coding style fix

Remove tabs per coding style

Signed-off-by: Andy Zhou <azhou@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ovs-ctl: Add option to delete transient ports.

When using virtualization, new ports are created and removed all the time. These
ports do not persist after a system reboot, for example. They may be created
again by the virtualization manager, but that will happen after the vswitch is
already running, and the virtualization manager will add them again to the
bridge.

If a reboot happens without properly deleting such ports, all kinds of errors
will happen. The absence of the ports will be logged as errors, and adding those
ports again to the database will fail.

Deleting all bridges may not be an option, if the system cannot persist other
information outside of OVSDB.

This patch introduces the notion of transient ports. Ports may be added as
transient, as a boolean in other_config smap. When openvswitch is started by
using --delete-transient-ports ovs-ctl option, all transient ports will be
removed.

Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ovn: Add bridge mappings to ovn-controller.

Add a new OVN configuration entry in the Open_vSwitch database called
"ovn-bridge-mappings".  This allows the configuration of mappings
between a physical network name and an OVS bridge that provides
connectivity to that network.

For example, if you wanted to configure "physnet1" to map to "br-eth0"
and "physnet2" to map to "br-eth1", the configuration would be:

  $ ovs-vsctl set open . \
  > external-ids:ovn-bridge-mappings=physnet1:br-eth0,physnet2:br-eth1

Patch ports between these bridges and the integration bridge are
automatically created and also removed if necessary when the
configuration changes.

Signed-off-by: Russell Bryant <rbryant@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

authors: Update authors list with my new email.

Signed-off-by: Ethan J. Jackson <ejj@eecs.berkeley.edu>
Acked-by: Justin Pettit <jpettit@nicira.com>

datapath-windows: Clean up properly in case of driver init failure.

Signed-off-by: Sorin Vinturis <svinturis@cloudbasesolutions.com>
Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Acked-by: Nithin Raju <nithin@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ovsdb: Remove misleading OVS_UNUSED from ovsdb_monitor_change_cb().

This function does use this parameter.

(This does not change any behavior.)

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Andy Zhou <azhou@nicira.com>

datapath-windows: Support for IRP cancelling mechanism

Under certain circumstances, we might need to cancel a pending IRP
that has been submitted and not yet responded. This might occur when
the request takes too long to complete or when the process which
initiated the request terminated, leaving the request outstanding.

This patch provides this missing piece by adding support for IRP
cancelling mechanism.

Signed-off-by: Sorin Vinturis <svinturis@cloudbasesolutions.com>
Reported-by: Sorin Vinturis <svinturis@cloudbasesolutions.com>
Reported-at: https://github.com/openvswitch/ovs-issues/issues/95
Acked-by: Nithin Raju <nithin@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

datapath-windows: Process tunnel filter requests iteratively

In order to support IRP cancelling mechanism for pending IRPs, all
tunnel filter requests, VXLAN create/delete tunnel, need to be
processed iteratively.

Signed-off-by: Sorin Vinturis <svinturis@cloudbasesolutions.com>
Acked-by: Nithin Raju <nithin@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

netdev-windows: Fix typo in call to memcpy().

This fixes a build error introduced by commit 74ff3298c (userspace:
Define and use struct eth_addr.)

Signed-off-by: Nithin Raju <nithin@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

flow: Fix MSVC compile errors.

This fixes some MSVC build errors introduced by commit 74ff3298c
(userspace: Define and use struct eth_addr.)

MSVC doesn't like the change in 'const' between function declaration and
definition: it reports "formal parameter 2 different from declaration" for
each of the functions in flow.h corrected by this (commit. I think it's
technically wrong about that, standards-wise.)

MSVC doesn't like an empty-brace initializer. (I think it's technically
right about that, standards-wise.)

This commit attempts to fix both problems, but I have not tested it with
MSVC.

CC: Jarno Rajahalme <jrajahalme@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Nithin Raju <nithin@vmware.com>
Tested-by: Nithin Raju <nithin@vmware.com>

datapath: check for rx handler register

Red Hat Enterprise Linux 6 has backported the netdev RX
handler facility so use the netdev_rx_handler_register as
an indicator.

The handler prototype changed between 2.6.36 and 2.6.39
since there could be backports in any stage, don't look
at the kernel version, but at the prototype.

Signed-off-by: Flavio Leitner <fbl@redhat.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>

tunnel: Support matching on the presence of Geneve options.

Sometimes it is useful to match only on whether a Geneve option
is present even if the specific value is unimportant. A special
case of this is zero length options where there is no value at all
and the only information conveyed is whether the option was included
in the packet.

This operation was partially supported before but it was not consistent -
in particular, options were never serialized through NXM/OXM unless
they had a non-zero mask. Furthermore, zero length options were rejected
altogether when they were installed through the Geneve map OpenFlow
command.

This adds support for these types of matches by making any NXM/OXM for
tunnel metadata force a match on that field. In the case of a zero length
option, both the value and mask of the NXM are ignored.

Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>

bridge: Relax the whitelist format for punix path.

This commit relaxes the whitelist format for punix path of
service controller. Instead of only allowing
punix:<ovs_rundir>/<bridge_name>.controller, the new format
allows any suffix, like punix:<ovs_rundir>/<bridge_name>.*.
(except one containing '/').

Signed-off-by: Alex Wang <ee07b291@gmail.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ofproto-dpif-upcall: Do not attribute stats when flow_del returns error.

In the push_ukey_ops__(), when flow_del operation returns error, the 'struct
stats' passed to the operation function will be set to all zero. And we
should not use it to calculate the delta (i.e. minus the zero stats by the
cached stats causes overflow).

Even though this should rarely happen, it is still good to make
push_ukey_ops__() just ignore the operation when it fails.

Signed-off-by: Alex Wang <ee07b291@gmail.com>
Acked-by: Daniele Di Proietto <diproiettod@vmware.com>

datapath-windows: Fix broken build.

Change variable name from nlAttrs to flowAttrs.

Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Acked-by: Nithin Raju <nithin@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

userspace: Define and use struct eth_addr.

Define struct eth_addr and use it instead of a uint8_t array for all
ethernet addresses in OVS userspace.  The struct is always the right
size, and it can be assigned without an explicit memcpy, which makes
code more readable.

"struct eth_addr" is a good type name for this as many utility
functions are already named accordingly.

struct eth_addr can be accessed as bytes as well as ovs_be16's, which
makes the struct 16-bit aligned.  All use seems to be 16-bit aligned,
so some algorithms on the ethernet addresses can be made a bit more
efficient making use of this fact.

As the struct fits into a register (in 64-bit systems) we pass it by
value when possible.

This patch also changes the few uses of Linux specific ETH_ALEN to
OVS's own ETH_ADDR_LEN, and removes the OFP_ETH_ALEN, as it is no
longer needed.

This work stemmed from a desire to make all struct flow members
assignable for unrelated exploration purposes.  However, I think this
might be a nice code readability improvement by itself.

Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>

appveyor: Renew SSL link.

1_0_2a version not available for download.

Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>

rhel: Add variables for OVN and VTEP db locations.

Most real deployments will need to customize the database locations
for ovn-controller and ovn-controller-vtep. Instead of making them
override the entire command used to start the daemons, provide and
document some environment variables that can be overridden in a custom
config file.

Signed-off-by: Russell Bryant <rbryant@redhat.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>

rhel: Add systemd suport for ovn-controller-vtep.

Signed-off-by: Russell Bryant <rbryant@redhat.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>

rhel: Use same rundir for ovs and ovn.

The previous systemd units for OVN had systemd create a rundir for
each daemon (ovn-northd and ovn-controller).  This "worked", in that
the services did start successfully.  However, they didn't actually
work.  In practice, both services make use of files in the main ovs
rundir, so just run everything from there.  It keeps things simple and
makes the services actually work.

Signed-off-by: Russell Bryant <rbryant@redhat.com>
Acked-by: Flavio Leitner <fbl@sysclose.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ofp-actions: Don't encode variable length fields using NXAST_REG_LOAD.

Currently, when using an OpenFlow 1.0 connection to encode a
tunnel metadata set field action, a series of NXAST_REG_LOADs
are emitted. The result is something like this:

actions=load:0xa->NXM_NX_TUN_METADATA0[0..63],load:0->
NXM_NX_TUN_METADATA0[64..127],load:0->NXM_NX_TUN_METADATA0[128..191],
load:0->NXM_NX_TUN_METADATA0[192..255],load:0->NXM_NX_TUN_METADATA0
[256..319],load:0->NXM_NX_TUN_METADATA0[320..383],load:0->
NXM_NX_TUN_METADATA0[384..447],load:0->NXM_NX_TUN_METADATA0[448..511],
load:0->NXM_NX_TUN_METADATA0[512..575],load:0->NXM_NX_TUN_METADATA0
[576..639],load:0->NXM_NX_TUN_METADATA0[640..703],load:0->
NXM_NX_TUN_METADATA0[704..767],load:0->NXM_NX_TUN_METADATA0[768..831],
load:0->NXM_NX_TUN_METADATA0[832..895],load:0->NXM_NX_TUN_METADATA0
[896..959],load:0->NXM_NX_TUN_METADATA0[960..991]

This happens because tunnel metadata is seen as a maximum size field
and so many loads need to be emitted to cover the entire thing. Besides
being ugly (this shows up when using ovs-ofctl in the default
configuration), it exposes the internal size of the field. While this
shouldn't be an issue since specific protocol fields (such as Geneve
options) have fixed max sizes even if the OVS implementation is extended,
it's still not a great idea.

If we instead use NXAST_REG_LOAD2 in cases where there isn't a suitable
OpenFlow alternative, both problems are avoided:

actions=set_field:0xa->tun_metadata0

This prefers NXAST_REG_LOAD2 for variable length fields since they would
all generally have the same problems. In addition, since the concept of
this type of field is fairly new, there are no backwards compatibility
issues.

Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

datapath-windows: Suppress flow attribute probe.

This patch surpresses flow attribute probing in the windows datapath.

Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Acked-by: Nithin Raju <nithin@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

tests: Avoid nonportable "sed -i".

"sed -i" isn't entirely portable, and we can avoid it by using the
argument to check_logs as intended.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Alex Wang <alexw@nicira.com>

datapath-windows: Enable failure after restarting extension

If the extension was previously enabled and running, after issuing a
restart, stop+start, the extension fails to be enabled. This happens
because the extension's DeviceObject is not yet initialized before the
FilterAttach routine is called.

This patch addresses this issue.

Signed-off-by: Sorin Vinturis <svinturis@cloudbasesolutions.com>
Reported-by: Sorin Vinturis <svinturis@cloudbasesolutions.com>
Reported-at: https://github.com/openvswitch/ovs-issues/issues/96
Acked-by: Nithin Raju <nithin@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

datapath: check for el6 kernels for per_cpu

The OVS hook has been backported so it doesn't work to
decide per_cpu work arounds.

Signed-off-by: Flavio Leitner <fbl@redhat.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>

datapath: check for backported ip_is_fragment

Red Hat Enterprise Linux 6 has backported it from upstream,
so check for ip_is_fragment instead of kernel version.

Signed-off-by: Flavio Leitner <fbl@redhat.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>

datapath: check for backported proto_ports_offset

Red Hat Enterprise Linux 6 has backported it from upstream,
so check for proto_ports_offset instead of kernel version.

Signed-off-by: Flavio Leitner <fbl@redhat.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>

datapath: improve l4_rxhash regex

Red Hat Enterprise Linux 6 has a comment saying
that it doesn't support l4_rxhash which matches
the current grep regex.

Signed-off-by: Flavio Leitner <fbl@redhat.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>

AUTHORS: Add Sairam Venugopal

Signed-off-by: Nithin Raju <nithin@vmware.com>
Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>

Update my email address.

Signed-off-by: Alex Wang <ee07b291@gmail.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

flow: Workaround for GCC false-positive compilation error.

Without an explicit bounds check GCC 4.9 issues an array out of bounds
error. This patch adds explicit checks which will however be
optimized away as the relevant parameters are compile-time constants.

Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

meta-flow: Initialize the whole exact_match_mask.

Initialize the whole 'exact_match_mask' in global scope and use it in
mf_mask_field_and_prereqs() and mf_mask_field().

Requested-by: Jesse Gross <jesse@nicira.com>
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ovs-ctl: Fix indentation when deleting bridges.

Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com>
Acked-by: Russell Bryant <rbryant@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

expr: Add and clarify a few comments and assertions.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

sset: New function sset_intersect().

This will acquire its first user in an upcoming commit.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Andy Zhou <azhou@nicira.com>

datapath-windows: Fix iterator in NlAttrParse()

Signed-off-by: Sairam Venugopal <vsairam@vmware.com>
Acked-by: Nithin Raju <nithin@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

meta-flow: Minor refactoring.

Change mf_mask_field_and_prereqs() to take a struct flow_wildcards
pointer instead of a struct flow pointer so that we can use
WC_MASK_FIELD() and WC_MASK_FIELD_MASK() macros to wildcard fields.

Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

meta-flow: Avoid unnecessary large memset.

mf_mask_field_and_prereqs() used to memset a static variable again and
again. Now that mf_value is larger (due to tun_metadata field), this
is more expensive. Avoid this by using static initialization.

mf_mask_field_and_prereqs() is used only for set field and reg move,
which never deal with the tun_metadata field as a whole.

Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ofproto-dpif-rid: Make lookups cheaper.

This patch removes a large-ish copy from the recirculation context
lookup, which is performed for each recirculated upcall and
revalidation of a recirculating flow.

Tunnel metadata has grown large since the addition of Geneve options,
and copying that metadata for performing a lookup is not necessary.
Change recirc_metadata to use a pointer to struct flow_tnl, and only
copy the tunnel metadata when needed, and only copy as little of it as
possible.

Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

classifier: Retire partitions.

Classifier partitions allowed skipping subtables when if was known
from the flow's metadata field that the subtable cannot possibly
match. This functionality was later implemented in a more general
fashion by staged lookup, where the first stage also covers the
metadata field, among the rest of the non-packet fields in the struct
flow. While in theory skipping a subtable on the basis of the
metadata field alone could produce more effective wildcards, on the
basis of our testsuite coverage it does not seem to be the case, as
removing the partitioning feature did not result in any test failures.

Removing the partitioning feature makes classifier lookups roughly 20%
faster when a wildcard mask is not needed, and roughly 10% faster when
a wildcard mask is needed, as tested with the test-classifier
benchmark with one lookup thread.

Found by profiling with 'perf'.

Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

flow: Add struct flowmap.

Struct miniflow is now sometimes used just as a map.  Define a new
struct flowmap for that purpose.  The flowmap is defined as an array of
maps, and it is automatically sized according to the size of struct
flow, so it will be easier to maintain in the future.

It would have been tempting to use the existing struct bitmap for this
purpose. The main reason this is not feasible at the moment is that
some flowmap algorithms are simpler when it can be assumed that no
struct flow member requires more bits than can fit to a single map
unit. The tunnel member already requires more than 32 bits, so the map
unit needs to be 64 bits wide.

Performance critical algorithms enumerate the flowmap array units
explicitly, as it is easier for the compiler to optimize, compared to
the normal iterator.  Without this optimization a classifier lookup
without wildcard masks would be about 25% slower.

With this more general (and maintainable) algorithm the classifier
lookups are about 5% slower, when the struct flow actually becomes big
enough to require a second map.  This negates the performance gained
in the "Pre-compute stage masks" patch earlier in the series.

Requested-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

classifier: Pre-compute stage masks.

This makes stage mask computation happen only when a subtable is
inserted and allows simplification of the main lookup function.

Classifier benchmark shows that this speeds up the classification
(with wildcards) about 5%.

Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

nroff: Allow comments in more contexts.

Reported-by: Russell Bryant <rbryant@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>

coverage: Add coverage_try_clear() for performance-critical threads.

For performance-critical threads like pmd threads, we currently make them
never call coverage_clear() to avoid contention over the global mutex
'coverage_mutex'.  So, even though pmd thread still keeps updating their
thread-local coverage count, the count is never attributed to the global
total.  But it is useful to have them available.

This commit makes this happen by implementing a non-contending version
of the clear function, coverage_try_clear().  The function will use
the ovs_mutex_trylock() and return immediately if the mutex cannot
be acquired.  Since threads like pmd thread are always busy-looping,
the lock will eventually be acquired.

Requested-by: Ilya Maximets <i.maximets@samsung.com>
Signed-off-by: Alex Wang <alexw@nicira.com>
Acked-by: Ilya Maximets <i.maximets@samsung.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Acked-by: Daniele Di Proietto <diproiettod@vmware.com

ovs-pki: Handle Windows style path.

Reported-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ovn-controller: Minor tweaks to man page.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>

ovn-northd: Add man page describing daemon.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>

ovn-controller: Document supported ovs-appctl commands.

Currently only "exit" is supported, but more will be added shortly.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>

ovn-controller: Update man page comment on mid-run changes.

It's no longer necessary to restart ovn-controller when the chassis name
or integration bridge changes.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>

ofp-parse: Add "ipv4" and "ip4" shorthand notations.

This will allow ovs-ofctl to accept them on input and provides some
symmetry with the IPv6 versions. Documentation was not added, since
output will always be "ip".

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>

ovs-ofctl: Document missing shorthand notations.

Some new shorthands were added to ovs-ofctl, but not documented in the
man page. This adds most of them. A couple were left out that would
print differently than they would be input. For example, we accept
"ip6" and "ipv6", but we would output it as "ipv6", so "ip6" is not
documented.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>

ovn: Fix example in comment in expr.c.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>

datapath: Make 100 percents packets sampled when sampling rate is 1.

When sampling rate is 1, the sampling probability is UINT32_MAX. The packet
should be sampled even the prandom32() generate the number of UINT32_MAX.
And none packet need be sampled when the probability is 0.

Signed-off-by: Wenyu Zhang <wenyuz@vmware.com>
Acked-by: Pravin B Shelar <pshelar@nicira.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Upstream: e05176a3283 ("openvswitch: Make 100 percents packets
sampled when sampling rate is 1.")

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>

ofp-print: Fix redundant expression.

'features' is always a valid pointer to something on the stack, so
checking (!features || ...) is the same as checking (false || ...).
Simplify the expression.

Found by MIT STACK undefined behaviour checker.

Signed-off-by: Joe Stringer <joestringer@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

Set release dates for 2.4.0.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

docs: Fix typo in README-native-tunneling.md

Signed-off-by: Wei li <liw@dtdream.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ovn-controller-vtep.at: Remove all 'Broken pipe' warning logs from
ovsdb-server.log.

This commit makes the OVN_CONTROLLER_VTEP_STOP remove all 'Broken pipe'
warning logs from ovsdb-server.log before running 'check_log'.  This is in
that *ctl command (e.g. ovn-nbctl) exits right after committing the change
to database;  however, in reaction, some daemon (e.g. ovn-controller-vtep)
may immediately update the database;  this later update may cause database
sending update back to *ctl command if *ctl has not proceeded to exit yet;
and if *ctl command exits before database calling send, the send will fail
with 'Broken pipe' error.

Signed-off-by: Alex Wang <alexw@nicira.com>
Acked-by: Russell Bryant <rbryant@redhat.com>

ofp-util: For OF1.0, don't wildcard PCP field when 802.1Q header absent.

OpenFlow 1.0.1 says:

    The dl_vlan_pcp field must be ignored when the OFPFW_DL_VLAN wildcard
    bit is set or when the dl_vlan value is set to OFP_VLAN_NONE.  Fields
    that are ignored don’t need to be wildcarded and should be set to 0.

Previously, OVS wildcarded the PCP field when dl_vlan was OFP_VLAN_NONE,
but this commit changes the behavior to that suggested above: the PCP
field should not be wildcarded (and should be set to 0, but the code
already did that).

This commit only changes the translation from OVS's internal flow format
to the OpenFlow 1.0 wire format.  Translation in the other direction and
to other formats is unaffected.

Found by OFTest.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>

ovn: Add bootstrap options for OVN controllers.

This lets the central controller to push
its certificate to the OVN controllers.

Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ovsdb-server: Add the ability to push peer-cert.

In OVN, ovsdb-server is the daemon that manages the databases
and can be called as the central controller. So it would be
nice for ovsdb-server to be able to push its self-signed
certificate to all the other nodes where ovn-controller runs.

Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ovs-sandbox: Add support for ovn-controller-vtep.

When ovs-sandbox is run with ovn enabled, create the vtep database and
run ovn-controller-vtep.  This lets you do some basic testing with
ovn-controller-vtep.  For example:

    $ make sandbox SANDBOXFLAGS="--ovn"
    $ vtep-ctl add-ps ps0

After those commands, you can see that ovn-controller-vtep added a
Chassis row to OVN_Southbound for the physical switch.

Signed-off-by: Russell Bryant <rbryant@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ovs-vsctl: Add the missing ssl bootstrapping option parsing.

'man ovs-vsctl' mentions that ovs-vsctl can bootstrap itself
by getting the certificate from the server. But the option
was never parsed in the code.

Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

tun-metadata: Always set option present when copying data.

Whenever we write into a tunnel option field, we also need to mark
it as significant. If we don't, then the data will later be ignored.

We currently do this in every case except for flow metadata. This causes
us to not correctly serialize the tunnel metadata for Packet Ins to the
controller.

Rather than separately writing the data and marking the options as present,
it is better to combine the two steps to ensure that one can never be
done without the other.

Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

hmap: Ensure iterator is NULL after iteration.

The HMAP_FOR_EACH_()* macros had a usability issue where the iterator
was only NULL at the completion of iteration if the hmap_node was the
first struct member. This change ensures that the iterator is set to
NULL when iteration ends normally without a 'break'.

Signed-off-by: Russell Bryant <rbryant@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

test-classifier: Add benchmark.

Add a benchmark command for classifier lookup performance testing.

Running the test-classifier without arguments of with "--help" will
print the following usage:

usage: ovstest test-classifier benchmark <n_rules> <n_priorities> <n_subtables> <n_threads> <n_lookups>

where:

<n_rules>      - The number of rules to install for lookups.  More rules
                 makes misses less likely.
<n_priorities> - How many different priorities to use.  Using only 1
                 priority will force lookups to continue through all
                 subtables.
<n_subtables>  - Number of subtables to use.  Normally a classifier has
                 rules with different kinds of masks, resulting in
                 multiple subtables (one per mask).  However, in some
                 special cases a table may consist of only one kind of
                 rules, so there will be only one subtable.
<n_threads>    - How many lookup threads to use.  Using one thread should
                 give less variance accross runs, but classifier
                 scaling can be tested with multiple threads.
<n_lookups>    - How many lookups each thread should perform.

For testing the classifier is filled with <n_rules> rules using
<n_subtables> different mask patterns and <n_priorities> different
priorities.  A random set of lookup flows are created, and <n_threads>
lookup threads are spawned to perform <n_lookups> lookups each.  The
count of hits and misses, as well as the overall execution time is
reported.

Example run:

$ tests/ovstest test-classifier benchmark 1000 1 30 1 3800000

Benchmarking with:
1000 rules with 1 priorities in 30 tables, 1 threads doing 3800000 lookups each

Without wildcards:

hits: 461520, misses: 3338480
classifier lookups:    386 ms, 9844559 lookups/sec

With wildcards:

hits: 461520, misses: 3338480
classifier lookups:    866 ms, 4387990 lookups/sec

Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

rhel: Define rundir for older distros.

Some older distros might not define _rundir yet so in this case the RPM
build breaks. This patch defines it to Fedora's default.

Signed-off-by: Flavio Leitner <fbl@redhat.com>
Acked-by: Russell Bryant <rbryant@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ovs-ctl: do not attempt to restore flows when called with --delete-bridges

When called with --delete-bridges saved flows cannot be restored as the
bridges to which they belong no longer exist. This results in the following
error messages on restart.

ovs-ofctl: br0 is not a bridge or a socket
Restoring saved flows ... failed!

Although there is no effect of this error other than the message
it seems worth avoiding. This patch does so by skipping saving of flows
when --delete-bridges is in effect.

As flows are no longer saved when --delete-bridges is in effect
a side-effect of this change is that restart may be faster when
there are many flows.

Signed-off-by: Simon Horman <simon.horman@netronome.com>
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

meta-flow: Fix ip_frag handling in mf_set_wild().

The wildcard bits were set when they should have been cleared.

Found by inspection.

Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

odp-util: Fix put_nd_key().

Actually copy the 'nd_target' from the key.

Found by inspection.

Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

tunneling: Remove gre64 tunnel support.

GRE64 was introduced to extend gre key from 32-bit to 64-bit using
gre-key and sequence number field. But GRE64 is not standard
protocol. There are not many users of this protocol. Therefore we
have decided to remove it.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>

ovn-controller-vtep.at: Check the successful exit of ovn-controller-vtep.

Signed-off-by: Alex Wang <alexw@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ofp-util: Use correct error for indirect group with more than one bucket.

OpenFlow 1.5 says:

    If the group-mod request specifies more than one bucket for a group of
    type Indirect, the switch must refuse to add the group entry and must
    send an ofp_error_msg with OFPET_GROUP_MOD_FAILED type and
    OFPGMFC_INVALID_GROUP code.

Older versions don't specify a particular error for this case, so we might
as well use it for older OpenFlow also.

Found by OFTest.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>