git.cascardo.eti.br Git - cascardo/ovs.git/log

ovn: Add 128-bit support for ct_label

To support 128-bits in ct_label, the value of the ct_label is expected
as a hex string in the 'ct_commit' action.

Added a new accessor in the 'mf_subvalue' struct to access ovs_be128
values.

Signed-off-by: Numan Siddique <nusiddiq@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>

system-ovn.at: Add a OVN load-balancing unit test.

Signed-off-by: Gurucharan Shetty <guru@ovn.org>
Acked-by: Joe Stringer <joe@ovn.org>

system-ovn.at: Add a OVN NAT test using OVN gateway.

This unit test adds a basic OVN NAT test that tests north-south
DNAT, south-north SNAT and east-west DNAT and SNAT. It uses network
namespaces connected to br-int using veth pairs to act as logical
ports. This test does not cover multi-host scenarios, so there is
a gap. But userspace OVN tests do multi-host scenarios (without NAT
testing), so it should still be a decent coverage.

Signed-off-by: Gurucharan Shetty <guru@ovn.org>
Acked-by: Joe Stringer <joe@ovn.org>

datapath: Check for flow key tunnel proto to detect tunnel.

This brings in missing hunks from upstream commit 00a93babd06aaa
("openvswitch: add tunnel protocol to sw_flow_key").

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: openvswitch: update checksum in {push,pop}_mpls

Upstream commit:
    commit bc7cc5999fd392cc799630d7e375b2f4e29cc398
    Author: Simon Horman <simon.horman@netronome.com>

    openvswitch: update checksum in {push,pop}_mpls

    In the case of CHECKSUM_COMPLETE the skb checksum should be updated in
    {push,pop}_mpls() as they the type in the ethernet header.

    As suggested by Pravin Shelar.

Cc: Pravin Shelar <pshelar@ovn.org>
    Fixes: 25cd9ba0abc0 ("openvswitch: Add basic MPLS support to kernel")
Signed-off-by: Simon Horman <simon.horman@netronome.com>
Acked-by: Pravin B Shelar <pshelar@ovn.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: vxlan: enable zero checksum on recv.

partialy backport commit c868ee7063bdb5 ("lwt: fix rx checksum setting
for lwt devices tunneling over ipv6").

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: internal-dev: set IFF_NO_QUEUE

Introduced by upstream commit 4272cc51a6d ("openvswitch: Convert to
using IFF_NO_QUEUE").

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: ovs: set name assign type of internal port

upstream commit:
    commit 684ff4ef5edd758c47929b852b4ea79be56f8bc0
    Author: Zhang Shengju <zhangshengju@cmss.chinamobile.com>

    ovs: set name assign type of internal port

    Set name_assign_type of internal port to NET_NAME_USER.

Signed-off-by: Zhang Shengju <zhangshengju@cmss.chinamobile.com>
Acked-by: Pravin B Shelar <pshelar@ovn.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: ovs: do not allocate memory from offline numa node

Upstream commit:
    commit 598c12d0ba6de9060f04999746eb1e015774044b
    Author: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>

    ovs: do not allocate memory from offline numa node

    When openvswitch tries allocate memory from offline numa node 0:
    stats = kmem_cache_alloc_node(flow_stats_cache, GFP_KERNEL | __GFP_ZERO, 0)
    It catches VM_BUG_ON(nid < 0 || nid >= MAX_NUMNODES || !node_online(nid))
    [ replaced with VM_WARN_ON(!node_online(nid)) recently ] in linux/gfp.h
    This patch disables numa affinity in this case.

Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
Acked-by: Pravin B Shelar <pshelar@ovn.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: Move key memset to ovs_flow_key_extract_userspace()

Synchronize code with upstream ovs_nla_get_flow_metadata().

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: use PTR_ERR_OR_ZERO

Upstream commit:
    commit f35423c137b0e64155f52c166db1d13834a551f2
    Author: Fabian Frederick <fabf@skynet.be>

    openvswitch: use PTR_ERR_OR_ZERO

Signed-off-by: Fabian Frederick <fabf@skynet.be>
Acked-by: Pravin B Shelar <pshelar@ovn.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: libnl: nla_put_be64(): align on a 64-bit area

Upstream commit:
    commit b46f6ded906ef0be52a4881ba50a084aeca64d7e
    Author: Nicolas Dichtel <nicolas.dichtel@6wind.com>

    libnl: nla_put_be64(): align on a 64-bit area

    nla_data() is now aligned on a 64-bit area.

    A temporary version (nla_put_be64_32bit()) is added for nla_put_net64().
    This function is removed in the next patch.

Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: ovs: propagate per dp max headroom to all vports

Upstream commit:
    commit 3a927bc7cf9d0fbe8f4a8189dd5f8440228f64e7
    Author: Paolo Abeni <pabeni@redhat.com>

    ovs: propagate per dp max headroom to all vports

    This patch implements bookkeeping support to compute the maximum
    headroom for all the devices in each datapath. When said value
    changes, the underlying devs are notified via the
    ndo_set_rx_headroom method.

    This also increases the internal vports xmit performance.

Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: ovs: use nla_put_u64_64bit()

Upstream commit:

    commit 0238b7204b7ff1bad1d2d4489f010d670cbd89f2
    Author: Nicolas Dichtel <nicolas.dichtel@6wind.com>

    ovs: use nla_put_u64_64bit()

Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: ovs: align nlattr properly when needed

Upstream commit:
    commit 66c7a5ee1a6b7c69d41dfd68d207fdd54efba56a
    Author: Nicolas Dichtel <nicolas.dichtel@6wind.com>

    ovs: align nlattr properly when needed

    I also fix commit 8b32ab9e6ef1: use nla_total_size_64bit() for
    OVS_FLOW_ATTR_USED in ovs_flow_cmd_msg_size().

    Fixes: 8b32ab9e6ef1 ("ovs: use nla_put_u64_64bit()")
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: ovs: allow nl 'flow set' to use ufid without flow key

Upstream commit:
    commit 6f15cdbf8a8ac2e22767cc8b1eae225702733c95
    Author: Samuel Gauthier <samuel.gauthier@6wind.com>

    ovs: allow nl 'flow set' to use ufid without flow key

    When we want to change a flow using netlink, we have to identify it to
    be able to perform a lookup. Both the flow key and unique flow ID
    (ufid) are valid identifiers, but we always have to specify the flow
    key in the netlink message. When both attributes are there, the ufid
    is used. The flow key is used to validate the actions provided by
    the userland.

    This commit allows to use the ufid without having to provide the flow
    key, as it is already done in the netlink 'flow get' and 'flow del'
    path. The flow key remains mandatory when an action is provided.

Signed-off-by: Samuel Gauthier <samuel.gauthier@6wind.com>
Reviewed-by: Simon Horman <simon.horman@netronome.com>
Acked-by: Pravin B Shelar <pshelar@ovn.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: retain parsed IPv6 header fields in flow on error skipping extension headers

Upstream commit:
    commit c30da497893718abc6cec4f1d34d35875200edee
    Author: Simon Horman <simon.horman@netronome.com>

    openvswitch: retain parsed IPv6 header fields in flow on error skipping extension headers

    When an error occurs skipping IPv6 extension headers retain the already
    parsed IP protocol and IPv6 addresses in the flow. Also assume that the
    packet is not a fragment in the absence of information to the contrary;
    that is always use the frag_off value set by ipv6_skip_exthdr().

    This allows matching on the IP protocol and IPv6 addresses of packets
    with malformed extension headers.

Signed-off-by: Simon Horman <simon.horman@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: openvswitch: allow management from inside user namespaces

Upstream commit:
    commit 4a92602aa1cd5bbaeedbd9536ff992f7d26fe9d1
    Author: Tycho Andersen <tycho.andersen@canonical.com>

    openvswitch: allow management from inside user namespaces

    Operations with the GENL_ADMIN_PERM flag fail permissions checks because
    this flag means we call netlink_capable, which uses the init user ns.

    Instead, let's introduce a new flag, GENL_UNS_ADMIN_PERM for operations
    which should be allowed inside a user namespace.

    The motivation for this is to be able to run openvswitch in unprivileged
    containers. I've tested this and it seems to work, but I really have no
    idea about the security consequences of this patch, so thoughts would be
    much appreciated.

    v2: use the GENL_UNS_ADMIN_PERM flag instead of a check in each function
    v3: use separate ifs for UNS_ADMIN_PERM and ADMIN_PERM, instead of one
        massive one

Reported-by: James Page <james.page@canonical.com>
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
CC: Eric Biederman <ebiederm@xmission.com>
CC: Pravin Shelar <pshelar@ovn.org>
CC: Justin Pettit <jpettit@ovn.org>
CC: "David S. Miller" <davem@davemloft.net>
Acked-by: Pravin B Shelar <pshelar@ovn.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: remove get_pcpu_ptr

There is no need to support old kernel so now we can use
newer api to access per cpu data.

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: Use skb_postpush_rcsum()

Use kernel function to update checksum.

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: compat: reset md_dst on recieve.

On transmit metadata dst is cleared, do same on recieve.

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: compat: Set OVS-GSO segment handler only for GSO packet.

This simplify OVS compat code where non gso packet can be directly sent
to network stack.

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: tnl-segmentation: clone dst for each segment.

Each skb segment needs a dst entry.

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: compat: clear skb IPCB block.

OVS compat ip_local_out/ip6_local_out clear out skb IPCB, we also
need to do it for non compat version.

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

packaging: Remove PyQt4 dependency.

This doesn't seem to have been necessary since ovsdbmonitor was removed
in commit 7868fbc6c97c ("ovsdbmonitor: Remove."). Drop the dependency.

Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>

datapath-windows: Fixed packet limits on STT protocol

"If the length of the payload to be encapsulated exceeds 64KB, or if
the offset to the L4 header exceeds 255 bytes, then it will not be
possible to offload the packet to the NIC for segmentation." (STT RFC)
In this case the packet needs to be segmented by us, before sending it.

Signed-off-by: Paul-Daniel Boca <pboca@cloudbasesolutions.com>
Acked-by: Sairam Venugopal <vsairam@vmware.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>

ovs-vtep: Handle tunnel key configuration in any order.

Presently, ovs-vtep expects the datapath tunnel key to be available
in the VTEP DB at startup. This may not be the case which is also
observed as interrmittent unit test failures. This patch allows
for the tunnel key to later appear in the VTEP database.

Signed-off-by: Darrell Ball <dlu998@gmail.com>
Acked-by: Russell Bryant <russell@ovn.org>
Acked-by: Daniele Di Proietto <diproiettod@vmware.com>

ovn-controller-vtep: occasional failure in "binding 1" test case

The ovn-controller-vtep "binding 1" test case fails occasionally
due to a race with the ovs-vtep daemon. If ovs-vtep happens to
execute handle_physical() after "ovs-vsctl del-port p0", but before
the test script has executed "vtep-ctl del-port br-vtep p0", the
latter command will fail because ovs-vtep will have already deleted
p0 from the vtep db.

Eliminate this race while adding an additional check to verify that
ovs-vtep is working as expected by waiting for ovs-vtep to remove
entries for the deleted physical ports from the vtep db.

Signed-off-by: Lance Richardson <lrichard@redhat.com>
Suggested-by: Darrell Ball <dlu998@gmail.com>
Acked-by: Darrell Ball <dlu998@gmail.com>
Signed-off-by: Russell Bryant <russell@ovn.org>

system-traffic: Remove datapath specific tests and macro.

We generally try to keep the testsuite independent of the underlying
datapath. This patch removes the datapath-specific tests and macros.

Tested-at: https://travis-ci.org/williamtu/ovs-travis/builds/141642065
Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Joe Stringer <joe@ovn.org>

ovn-northd: Remove extraneous ip4 mulicast logical flow.

IPv4 multicast is already dropped by a previous logical flow
written for the logical router, so there is no reason to add
a lower priority rule for it.

Signed-off-by: Ryan Moats <rmoats@us.ibm.com>
Acked-by: Flavio Fernandes <flavio@flaviof.com>
Signed-off-by: Russell Bryant <russell@ovn.org>

tests: daemon specific tests

Testing out the named pipe implementation revealed a problem in
"daemon --detach startup errors". If the daemon actually started nobody
is stopping it.
In the case of test failure kill the daemon.

Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Acked-by: Paul Boca <pboca@cloudbasesolutions.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>

ofp-actions: Remove XXX comment for write-actions in ofpacts_format().

I don't know why this was here. The write_actions instruction works fine.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>

ofp-actions: Translate OF1.1+ mod_nw_ttl action to OF1.0 properly.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>

ofp-actions: Translate mod_nw_ecn action to OF1.1 properly.

Also, translate OF1.2+ "set_field" on OXM_OF_IP_ECN properly to OF1.1
"mod_nw_ecn".

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>

ofp-actions: Translate OF1.0 "enqueue" actions for OF1.1+.

Previously, the OF1.0 "enqueue" action was simply omitted when actions
were translated into OpenFlow 1.1 or later, which do not have a similar
action. This commit translates this action into an equivalent sequence
of actions.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>

OVN-Tutorial: Update sample output.

A previous patch made some additions to section 1 of this tutorial.
This patch includes updates to the sample output that I got while
testing the additions to the tutorial.

Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ryan Moats <rmoats@us.ibm.com>

ofp-actions: Add extension to support "group" action in OF1.0.

From time to time it confuses users that "group" actions disappear when
using OpenFlow 1.0.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>

AUTHORS: Add Eziz Durdyyev.

Signed-off-by: Ben Pfaff <blp@ovn.org>

token-bucket: Correctly truncate existing tokens.

Submitted-at: https://github.com/openvswitch/ovs/pull/141
Signed-off-by: Eziz Durdyyev <ezizdurdy@gmail.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>

Windows: Use NETLINK_NETFILTER instead of NETLINK_GENERIC

Windows datapath lacked support for different Netlink Family protocols.
Now that Windows supports different Netlink protocol, revert the change to
override NETLINK_NETFILTER to use NETLINK_GENERIC.

Signed-off-by: Sairam Venugopal <vsairam@vmware.com>
Acked-by: Nithin Raju <nithin@vmware.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>

Windows: Add support for handling protocol (netlink family)

Windows datapath currently has no notion of netlink family.
It assumes all netlink messages to belong to NETLINK_GENERIC family.
This patch adds support for handling other protocols if the userspace sends it down to kernel.

This patch introduces a new NETLINK_CMD - OVS_CTRL_CMD_SOCK_PROP to manage
all properties associated with a socket. The properties are passed down as
netlink message attributes. This makes it easier to introduce other
properties in the future.

Signed-off-by: Sairam Venugopal <vsairam@vmware.com>
Acked-by: Nithin Raju <nithin@vmware.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>

ovn-sbctl: Adjust formatting of lflow-list.

Adjust the field width for a couple of elements in the output of the
lflow-list sub-command of ovn-sbctl. We now have a table ID of 10, so
set a field width of 2 to keep output aligned. Table names have grown to
a max of 19 characters, so update the field width to keep output
aligned. Finally, left justify values in fields, as I find that to look
a little nicer.

Also update sample output in OVN-Tutorial.md to match the current state.

Signed-off-by: Russell Bryant <russell@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>

ofproto: Fix consistent hashing

Hashing will not be consistent as long as we use for hashing the index of the
bucket in the list (for remove/insert of buckets not from/to the end of the
bucket list).
Use bucket_id for hashing instead.

Signed-off-by: Liran Schour <lirans@il.ibm.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Simon Horman <simon.horman@netronome.com>

sset: New function sset_from_delimited_string().

This simplifies code in a couple of places.

Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-By: Ryan Moats <rmoats@us.ibm.com>

ovn-northd: Use ovs_be32 for an IP address in find_lrp_member_ip().

Fixes a number of warnings from "sparse".

Fixes: 4685e523695c ("ovn: Support multiple addresses on a single logical router port.")
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Gurucharan Shetty <guru@ovn.org>

system-common-macros.at: Add a iface-id to interfaces.

IntegrationGuide.md explains the meaning of the key 'iface-id'. Adding
it as part of ADD_VETH is useful for OVN related tests. For non-OVN
tests, it should have no effect. Upcoming commits take advantage of this.

Signed-off-by: Gurucharan Shetty <guru@ovn.org>
Acked-by: Joe Stringer <joe@ovn.org>

system-common-macros: Enhance ADD_VETH to take mac and gateway.

It is useful to set the mac address and gateway while using ADD_VETH
to connect a namespace to a OVN logical topology. Upcoming commits
use this enhancement.

Signed-off-by: Gurucharan Shetty <guru@ovn.org>
Acked-by: Joe Stringer <joe@ovn.org>

ovsdb-client: Move iterator definition to prevent shadowing.

This doesn't fix a bug, but is more standard.

Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Daniele Di Proietto <diproiettod@vmware.com>

dpctl: Fix shadowed iterator in show_dpif().

Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Daniele Di Proietto <diproiettod@vmware.com>

ovn-northd: Fix shadowed iterators in port security functions.

Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Daniele Di Proietto <diproiettod@vmware.com>

ovn-nbctl: Print router port networks in "show".

Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>

ovn: Support multiple addresses on a single logical router port.

Supporting multiple addresses is only mildly interesting for IPv4.
However, it is a requirement for IPv6, which will arrive in a future
commit.

This commit introduces the extract_lrp_networks() function to ovn-util.[ch].

Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>

ovn-northd: Use strings from extract_lsp_addresses().

Extract port security and logical switch port addresses once and store
them as part of the ovn_port structure. Use the string representations
from the extracted addresses.

Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>

ovn-util: Remove 'store_ipv6' argument from extract_lsp_addresses().

With the addition of IPv6 routing, there won't be much need to
special-case not parsing IPv6 addresses.

Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>

ovn-util: Add string representations to 'lport_addresses'.

A future commit will reduce the amount of conversions used by the
existing users of 'lport_addresses'. This change will also make it
possible to use this structure for logical router port networks.

Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>

ovn-northd: Use strings for IP addresses in router instances of "ovn_port".

Reduce the amount of string conversions necessary. This will be
convenient when we want to start using IPv6 addresses, too.

Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>

ovn-northd: Use dynamic strings when building router and switch flows.

Reduce the number of memory allocations and risk of introducing shadow
variables.

Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>

ovn: Remove 'default_gw' from logical router table.

With static routes, it's not necessary to have a separate default
gateway parameter. This also makes configuring router ports clearer
when IPv6 and IPv4 addresses may be assigned to the same port.

Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>

ovn: Add xxreg[01] symbols.

Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>

ovn: Renumber logical field registers to the newly extended registers.

IPv6 addresses use four standard OVS registers, so move the existing
named registers back to make room for using more logical registers.

Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>

Introduce 128-bit xxregs.

These are needed to handle IPv6 addresses.

Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>

Increase number of registers to 16.

With eight 32-bit registers, we can only store two IPv6 addresses, which is
pretty tight.

Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>

ovn-northd: Fix comments about the flows.

References to the specifc tables should probably be dropped, since
they'll continue to drift towards wrong. In the meantime, correct the
ones that are there.

Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>

ovn-controller: Log OpenFlow errors at "info" level.

Otherwise, errors are logged at "debug" level. Errors when pushing
flows can then seemingly be silently lost.

Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>

ofctrl: Fix non-sensical comment.

Signed-off-by: Justin Pettit <jpettit@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>

ovs-bugtool: Port to python3.

Fix python2-specific code in ovs-bugtool:
* python2 long() is the same as python2 int() and python3 int(). Convert
the long() to int().
* raw_input() was renamed to input(). Use python-six's input() on python2.
* Drop lambda tuple unpacking, we can go back to regular lambda syntax.
* file() can be replaced with open().

Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Ben Pfaff <blp@ovn.org>

system-traffic: Use NC_EOF_OPT in truncate tests.

NC_EOF_OPT should always be passed to netcat in system-traffic tests
when invoking netcat to send a single packet that does not expect a
response. While on typical fedora/RH based distributions the default
behaviour is to send the packet then return, there are multiple other
implementations of netcat that do not do this (for example, those used
by Debian and Ubuntu by default). For these alternative implementations,
we provide $NC_EOF_OPT to ensure that netcat simply sends the packet
then returns immediately.

Signed-off-by: Joe Stringer <joe@ovn.org>
Acked-by: Andy Zhou <azhou@ovn.org>

datapath: Fix ip tunnel compilation for newer kernel.

compat iptunnel_xmit is used in backported tunnel code. but
it was only defined for kernel older than 3.18, This patch fixes
it by compiling it for all kernel which needs to use backported
tunnel implementation.

Reported-by: Justin Pettit <jpettit@ovn.org>
Reported-by: Joe Stringer <joe@ovn.org>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath-windows: remove unused 'ovsUserTimestampDelta'

Signed-off-by: Nithin Raju <nithin@vmware.com>
Acked-by: Sairam Venugopal <vsairam@vmware.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>

ovn-controller: Change strategy for gateway conntrack zone allocation.

Commit 263064aeaa31e7 (Convert binding_run to incremental processing.)
changed the way patched_datapaths were handled. Previously we would
destroy the datastructure in every run and re-create it fresh. The new
way causes problems with the way conntrack zones are allocated as now
we can have stale port_binding entries causing segmentation faults.

With this commit, we simply don't depend on port_binding records in
conntrack zone allocation and instead store the UUID as a string in
the patch_datapath datastructure.

(The test enhanced with this commit would fail without the changes
in the commit. i.e. ovn-controller would crash. )

Signed-off-by: Gurucharan Shetty <guru@ovn.org>
Acked-by: Ryan Moats <rmoats@us.ibm.com>

ovn: Remove unreferenced patched datapaths.

Patched datapaths that are no longer referenced should be removed from
the patched_datapaths map; otherwise incorrect state references for a
patched datapath may be used and also datapaths that are absent will be
interpreted as present.

Signed-off-by: Darrell Ball <dlu998@gmail.com>
Acked-by: Ryan Moats <rmoats@us.ibm.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>

datapath: backport: iptunnel: make rx/tx bytes counters consistent

Upstream commit:
commit bc22a0e2ea03b75b51a1f722f93821744b5b5ff1
Author: Nicolas Dichtel <nicolas.dichtel@6wind.com>

    iptunnel: make rx/tx bytes counters consistent

    This was already done a long time ago in
    commit 64194c31a0b6 ("inet: Make tunnel RX/TX byte counters more consistent")
    but tx path was broken (at least since 3.10).

    Before the patch the gre header was included on tx.

    After the patch:
    $ ping -c1 192.168.0.121 ; ip -s l ls dev gre1
    PING 192.168.0.121 (192.168.0.121) 56(84) bytes of data.
    64 bytes from 192.168.0.121: icmp_req=1 ttl=64 time=2.95 ms

    --- 192.168.0.121 ping statistics ---
    1 packets transmitted, 1 received, 0% packet loss, time 0ms
    rtt min/avg/max/mdev = 2.955/2.955/2.955/0.000 ms
    7: gre1@NONE: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1468 qdisc noqueue state UNKNOWN mode DEFAULT group default
        link/gre 10.16.0.249 peer 10.16.0.121
        RX: bytes  packets  errors  dropped overrun mcast
        84         1        0       0       0       0
        TX: bytes  packets  errors  dropped carrier collsns
        84         1        0       0       0       0

Reported-by: Julien Meunier <julien.meunier@6wind.com>
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: ovs/vxlan: fix rtnl notifications on iface deletion

At this point OVS tunneling is insync with upstream net
branch (commit 9a0fee2b552b1).

upstream commit:
    commit cf5da330bbdd0c06b05c525a3d1d58ccd82c87a6
    Author: Nicolas Dichtel <nicolas.dichtel@6wind.com>

    ovs/vxlan: fix rtnl notifications on iface deletion

    The function vxlan_dev_create() (only used by ovs) never calls
    rtnl_configure_link(). The consequence is that dev->rtnl_link_stat is
    never set to RTNL_LINK_INITIALIZED.
    During the deletion phase, the function rollback_registered_many() sends
    a RTM_DELLINK only if dev->rtnl_link_state is set to RTNL_LINK_INITIALIZED.

    Note that the function vxlan_dev_create() is moved after the rtnl stuff so
    that vxlan_dellink() can be called in this function.

    Fixes: dcc38c033b32 ("openvswitch: Re-add CONFIG_OPENVSWITCH_VXLAN")
CC: Thomas Graf <tgraf@suug.ch>
CC: Pravin B Shelar <pshelar@ovn.org>
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: ovs/geneve: fix rtnl notifications on iface deletion

Upstream Commit:
    commit 41009481b690493c169ce85f591b9d32c6fd9422
    Author: Nicolas Dichtel <nicolas.dichtel@6wind.com>

    ovs/geneve: fix rtnl notifications on iface deletion

    The function geneve_dev_create_fb() (only used by ovs) never calls
    rtnl_configure_link(). The consequence is that dev->rtnl_link_state is
    never set to RTNL_LINK_INITIALIZED.
    During the deletion phase, the function rollback_registered_many() sends
    a RTM_DELLINK only if dev->rtnl_link_state is set to RTNL_LINK_INITIALIZED.

    Fixes: e305ac6cf5a1 ("geneve: Add support to collect tunnel metadata.")
CC: Pravin B Shelar <pshelar@ovn.org>
CC: Jesse Gross <jesse@ovn.org>
CC: Thomas Graf <tgraf@suug.ch>
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: ovs/gre,geneve: fix error path when creating an iface

Upstream commit:
    commit 106da663ff495e0aea3ac15b8317aa410754fcac
    Author: Nicolas Dichtel <nicolas.dichtel@6wind.com>

    ovs/gre,geneve: fix error path when creating an iface

    After ipgre_newlink()/geneve_configure() call, the netdev is registered.

    Fixes: 7e059158d57b ("vxlan, gre, geneve: Set a large MTU on ovs-created tunnel devices")
CC: David Wragg <david@weave.works>
Signed-off-by: Nicolas Dichtel <nicolas.dichtel@6wind.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: geneve: fix tx_errors statistics

Upstream commit:
    commit efeb2267bba8aa893afdadfc9bae4790777c600c
    Author: Haishuang Yan <yanhaishuang@cmss.chinamobile.com>

    geneve: fix tx_errors statistics

    Tx errors present summation of errors encountered while transmitting
    packets.

Signed-off-by: Haishuang Yan <yanhaishuang@cmss.chinamobile.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: udp: prevent skbs lingering in tunnel socket queues

Upstream commit:
    commit e5aed006be918af163eb397e45aa5ea6cefd5e01
    Author: Hannes Frederic Sowa <hannes@stressinduktion.org>

    udp: prevent skbs lingering in tunnel socket queues

    In case we find a socket with encapsulation enabled we should call
    the encap_recv function even if just a udp header without payload is
    available. The callbacks are responsible for correctly verifying and
    dropping the packets.

    Also, in case the header validation fails for geneve and vxlan we
    shouldn't put the skb back into the socket queue, no one will pick
    them up there.  Instead we can simply discard them in the respective
    encap_recv functions.

Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: udp_offload: Set encapsulation before inner completes.

Upstream commit:
    commit 229740c63169462a838a8b8e16391ed000934631
    Author: Jarno Rajahalme <jarno@ovn.org>

    udp_offload: Set encapsulation before inner completes.

    UDP tunnel segmentation code relies on the inner offsets being set for
    an UDP tunnel GSO packet, but the inner *_complete() functions will
    set the inner offsets only if 'encapsulation' is set before calling
    them.  Currently, udp_gro_complete() sets 'encapsulation' only after
    the inner *_complete() functions are done.  This causes the inner
    offsets having invalid values after udp_gro_complete() returns, which
    in turn will make it impossible to properly segment the packet in case
    it needs to be forwarded, which would be visible to the user either as
    invalid packets being sent or as packet loss.

    This patch fixes this by setting skb's 'encapsulation' in
    udp_gro_complete() before calling into the inner complete functions,
    and by making each possible UDP tunnel gro_complete() callback set the
    inner_mac_header to the beginning of the tunnel payload.

Signed-off-by: Jarno Rajahalme <jarno@ovn.org>
Reviewed-by: Alexander Duyck <aduyck@mirantis.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: geneve: add IPv6 bits to geneve_fill_metadata_dst

Upstream commit:
    commit b8812fa88371ae567c907448d9a7ba62d09b90c9
    Author: John W. Linville <linville@tuxdriver.com>

    geneve: add IPv6 bits to geneve_fill_metadata_dst

Signed-off-by: John W. Linville <linville@tuxdriver.com>
Reviewed-by: Jesse Gross <jesse@ovn.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: compat: get rid of OVS_CB inner header offsets.

OVS has GSO compat functionality which needs inner offset
of the packet to segment a packet. older kernel did not
include these offsets in skb, therefore these were stored
in OVS_GSO_CB. Now OVS has dropped support for these
old kernel, So none of the supported kernel needs this
comapt code. Following patch removes it.

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: openvswitch: correct encoding of set tunnel action attributes

upstream commit:
    commit e905eabc90a5b787d8708df164543ee295bea5f2
    Author: Simon Horman <simon.horman@netronome.com>

    openvswitch: correct encoding of set tunnel action attributes

    In a set action tunnel attributes should be encoded in a
    nested action.

    I noticed this because ovs-dpctl was reporting an error
    when dumping flows due to the incorrect encoding of tunnel attributes
    in a set action.

    Fixes: fc4099f17240 ("openvswitch: Fix egress tunnel info.")
Signed-off-by: Simon Horman <simon.horman@netronome.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: compat: Use dst-cache for Geneve and VxLAN tunnels.

It partialy backport commit:
    commit d71785ffc7e7cae3fbdc4ea8a9d05b7a1c59f7b8
    Author: Paolo Abeni <pabeni@redhat.com>

    net: add dst_cache to ovs vxlan lwtunnel

    In case of UDP traffic with datagram length
    below MTU this give about 2% performance increase
    when tunneling over ipv4 and about 60% when tunneling
    over ipv6

Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Suggested-and-acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Bug fix commit db3c6139e6e ("bpf, vxlan, geneve, gre: fix usage of
dst_cache on xmit"). is also included. Geneve changes
were added in 468dfffcd762cbb2777ec5a76bc21e3748ebf47e ("geneve: add
dst caching support")

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: Add support for IPv6 tunnels.

Mostly backports upstream commit along with other pieces
to make IPv6 tunneling work.

    commit 6b26ba3a7d952e611dcde1f3f77ce63bcc70540a
    Author: Jiri Benc <jbenc@redhat.com>

    openvswitch: netlink attributes for IPv6 tunneling

    Add netlink attributes for IPv6 tunnel addresses. This enables IPv6 support
    for tunnels.

Signed-off-by: Jiri Benc <jbenc@redhat.com>
Acked-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Thomas Graf <tgraf@suug.ch>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: compat: Update Geneve and VxLAN modules.

This patch brings in various updates to upstream Geneve and VxLAN
modules. For geneve this patch adds IPv6 support, for vxlan it adds
VXLAN GPE is the major feature.
This should make OVS compat tunnel implementation in sync upto
current net branch.

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: compat: Add support for IPv6 UDP tunnel segmentation.

Next patch adds support for IPV6 Geneve and VXLAN, But support for UDP
segmentation is available on all supported kernel.
Following patch adds support for UDP tunnels over IPv6 for such kernels.

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: compat: Prepare tnl-segmentation for ipv6.

Current tnl_skb_gso_segment() is written for ipv4 tunnels. Following
patch make it generic so that it can also handle ipv6 tunnels.

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: ip_tunnel: Move stats update to iptunnel_xmit()

Upstream commit:
    commit 039f50629b7f860f36644ed1f34b27da9aa62f43
    Author: Pravin B Shelar <pshelar@ovn.org>

    ip_tunnel: Move stats update to iptunnel_xmit()

    By moving stats update into iptunnel_xmit(), we can simplify
    iptunnel_xmit() usage. With this change there is no need to
    call another function (iptunnel_xmit_stats()) to update stats
    in tunnel xmit code path.

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: udp: Add socket based GRO and config

Upstream commit:
    commit 38fd2af24fcfda93f9fea3e53f26e48775ae9e09
    Author: Tom Herbert <tom@herbertland.com>

    udp: Add socket based GRO and config

    Add gro_receive and  gro_complete to struct udp_tunnel_sock_cfg.

Signed-off-by: Tom Herbert <tom@herbertland.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: compat: Update IPv6 in setup_udp_tunnel_sock()

Update setup_udp_tunnel_sock() to handle ipv6 sockets.

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: compat: Update udp_sock_create

Update udp-socket-create to create ipv6 socket currectly.

Partially backports commit fd384412e199b ("udp_tunnel: Seperate ipv6
functions into its own file.")

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: compat: rename HAVE_METADATA_DST to USE_UPSTREAM_TUNNEL

To better represent the meaning of symbol.

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: ip_tunnel: add support for setting flow label via collect metadata

Update udp_tunnel6_xmit_skb(). Specificaly changes are
related to setting ipv6 label.

Upstream commit:
    commit 134611446dc657e1bbc73ca0e4e6b599df687db0
    Author: Daniel Borkmann <daniel@iogearbox.net>

    ip_tunnel: add support for setting flow label via collect metadata

    This patch extends udp_tunnel6_xmit_skb() to pass in the IPv6 flow label
    from call sites. Currently, there's no such option and it's always set to
    zero when writing ip6_flow_hdr(). Add a label member to ip_tunnel_key, so
    that flow-based tunnels via collect metadata frontends can make use of it.
    vxlan and geneve will be converted to add flow label support separately.

Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: compat: Remove unnecessary iptunnel_xmit() declaration.

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: tunnel: introduce ipv6_tun_rx_dst()

Update ovs_udp_tun_rx_dst() to handle ipv6 tunnels.

This commit partially backports c29a70d2c ("tunnel: introduce udp_tun_rx_dst()")

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: ip_tunnel_core: iptunnel_handle_offloads returns int and doesn't free skb

There is return type change in upstream handle-offload functions.
Following patch brings these changes in.
This is backport of aed069df ("ip_tunnel_core:
iptunnel_handle_offloads returns int and doesn't free skb")
I have also removed duplicate definitions of tunnel_handle_offloads()
from ip-tunnel header.

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: net: add dst_cache support

This backports dst-cache implementation from upstream implementation.

    commit 911362c70df5b766c243dc297fadeaced786ffd8
    Author: Paolo Abeni <pabeni@redhat.com>

    net: add dst_cache support
    This patch add a generic, lockless dst cache implementation.
    The need for lock is avoided updating the dst cache fields
    only in per cpu scope, and requiring that the cache manipulation
    functions are invoked with the local bh disabled.

    The refresh_ts and reset_ts fields are used to ensure the cache
    consistency in case of cuncurrent cache update (dst_cache_set*) and
    reset operation (dst_cache_reset).

    Consider the following scenario:

    CPU1:                                       CPU2:
      <cache lookup with emtpy cache: it fails>
      <get dst via uncached route lookup>
                                                <related configuration changes>
                                                dst_cache_reset()
      dst_cache_set()

    The dst entry set passed to dst_cache_set() should not be used
    for later dst cache lookup, because it's obtained using old
    configuration values.

    Since the refresh_ts is updated only on dst_cache lookup, the
    cached value in the above scenario will be discarded on the next
    lookup.

Signed-off-by: Paolo Abeni <pabeni@redhat.com>
Suggested-and-acked-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: tunnels: Remove encapsulation offloads on decap.

Following patch backports updated iptunnel pull function.
Also brings in following upstream fix:

    commit a09a4c8dd1ec7f830e1fb9e59eb72bddc965d168
    Author: Jesse Gross <jesse@kernel.org>

    tunnels: Remove encapsulation offloads on decap.

    If a packet is either locally encapsulated or processed through GRO
    it is marked with the offloads that it requires. However, when it is
    decapsulated these tunnel offload indications are not removed. This
    means that if we receive an encapsulated TCP packet, aggregate it with
    GRO, decapsulate, and retransmit the resulting frame on a NIC that does
    not support encapsulation, we won't be able to take advantage of hardware
    offloads even though it is just a simple TCP packet at this point.

    This fixes the problem by stripping off encapsulation offload indications
    when packets are decapsulated.

    The performance impacts of this bug are significant. In a test where a
    Geneve encapsulated TCP stream is sent to a hypervisor, GRO'ed, decapsulated,
    and bridged to a VM performance is improved by 60% (5Gbps->8Gbps) as a
    result of avoiding unnecessary segmentation at the VM tap interface.

Reported-by: Ramu Ramamurthy <sramamur@linux.vnet.ibm.com>
    Fixes: 68c33163 ("v4 GRE: Add TCP segmentation offload for GRE")
Signed-off-by: Jesse Gross <jesse@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: backport: iptunnel: scrub packet in iptunnel_pull_header

Upstream Commit:
    commit 7f290c94352e59b1d720055fce760a69a63bd0a1
    Author: Jiri Benc <jbenc@redhat.com>

    iptunnel: scrub packet in iptunnel_pull_header

    Part of skb_scrub_packet was open coded in iptunnel_pull_header. Let it call
    skb_scrub_packet directly instead.

Signed-off-by: Jiri Benc <jbenc@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

datapath: compat: Refactor egress tunnel info

upstream tunnel egress info is retrieved using ndo_fill_metadata_dst.
Since we do not have it on older kernel we need to keep vport operation
to do same on these kernels.
Following patch try to merge these to operations into one to avoid code
duplication.
This commit backports fc4099f1 ("openvswitch:
Fix egress tunnel info.")

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jesse Gross <jesse@kernel.org>

dpif-netdev: Remove PMD latency on seq_mutex

The PMD thread needs to keep processing RX queues in order
to achieve maximum throughput. It also needs to sweep emc
cache and quiesce which use seq_mutex. That mutex can
eventually block the PMD thread causing latency spikes and
affecting the throughput.

Since there is no requirement for running those tasks at a
specific time, this patch extend seq API to allow tentative
locking instead.

Reported-by: Karl Rister <krister@redhat.com>
Co-authored-by: Karl Rister <krister@redhat.com>
Signed-off-by: Flavio Leitner <fbl@redhat.com>
Signed-off-by: Daniele Di Proietto <diproiettod@vmware.com>