git.cascardo.eti.br Git - cascardo/ovs.git/log

Announce that ovs-vswitchd is now multi-threaded.

Might be worth mentioning the biggest change in 2.0.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

Set release date for 2.0.0.

Signed-off-by: Justin Pettit <jpettit@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

lib/meta-flow: Include util.h for ovs_assert().

Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

tests: fix failure when $PKIDIR contains uuid-like string

this fixes a test failure with my working directory:
/disks/ea6a5743-ad5f-11e2-9410-08606e7f74e7/git/openvswitch

stop filtering uuid as it's unnecessary for this specific test case.

Signed-off-by: YAMAMOTO Takashi <yamamoto@valinux.co.jp>
Signed-off-by: Ben Pfaff <blp@nicira.com>

lib/meta-flow: Enforce mf_fields array order.

The elements of the array must be in the enum order.

Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

tests: Make ovsdb-server add/remove remote test faster and more reliable.

Until now, the "ovsdb-server/add-remote and remove-remote with --monitor"
test killed ovsdb-server with SIGSEGV twice. Each time, the "--monitor"
option caused the supervisor process to restart the child, but the second
time it incurred a 10-second delay intended to prevent the daemon from
wasting CPU time by restarting itself and dying again very quickly in a
loop. This made the test take over 10 seconds to execute. It also made
it occasionally fail because the OVS_WAIT_UNTIL check waits at most
approximately 10 seconds before it decides that the condition that it is
testing for will never occur.

This commit fixes the problem by breaking the test into two tests, each of
which kills ovsdb-server with SIGSEGV only once.

Signed-off-by: Alex Wang <alexw@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

rconn: Make thread-safe.

This should make sending OFPT_FLOW_REMOVED and NXST_FLOW_MONITOR safe from
miss handler threads.

Bug #20271.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

connmgr: Formalize 'ofproto_mutex' as protecting ofconn monitor data.

'ofproto_mutex' has effectively protected the monitor-related members of
struct ofconn since its introduction, but this was not written down or
systematically annotated. This commit makes it more systematic and fixes
a few issues found using the annotations.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

connmgr: Use 'ofproto_mutex' to protect ofconns from being destroyed.

Code in the ofproto-dpif miss handler threads can currently access
ofconns, sending flow_removed and flow monitor messages due to NXAST_LEARN
actions. Nothing currently protects those threads from accessing ofconns
that are in the process of being destroyed. This commit adds protection
'ofproto_mutex', which NXAST_LEARN already takes.

Later patches will address other races that remain.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

rconn: Make rconn_packet_counter thread-safe.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto-dpif-xlate: Do initial rule lookup for callers.

None of the functions available in ofproto-dpif.h are thread safe
unless holding the xlate_rwlock because one can't know that an ofproto
or ofport used as argument will survive during the function call. For
this reason, ofproto-dpif-upcall's invocation of rule_dpif_lookup()
is unsafe because the ofproto could be destroyed during the call.

This patch fixes the problem by optionally doing the initial rule
lookup in xlate_actions() so that it can be done while holding the
xlate_rwlock. This has the nice side benefit of removing a bunch of
boilerplate.

Note that this only partially solves the problem, there's still
vsp_realdev_to_vlandev() and ofproto_dpif_send_packet_in() which
aren't thread safe for the same reason.

Signed-off-by: Ethan Jackson <ethan@nicira.com>

ovs-controller: Avoid dereferencing NULL pointer when the switch acts as a hub

Starting ovs-controller with '-H' option will lead to a segment fault problem.
Add a check, and adjust the indentation of the following code.

Signed-off-by: ZhengLingyun <konghuarukhr@163.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ovs-lib: Revert "Return the exit status of ovs-ctl in ovs_ctl()."

This reverts commit 0e37488562d1 which had a side-effect that
ssh executing start/restart command on a remote machine would
hang as one of the file descriptors created in that commit
was getting passed along to the daemons. The daemons weren't closing
it and hence ssh would just wait for them to close and hang.

Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ovs-lib: Return the exit status of ovs-ctl in ovs_ctl().

commit 46528f78e5c(debian, rhel, xenserver: Ability to collect ovs-ctl logs)
made changes in the startup scripts such that the o/p of ovs-ctl is logged
into ovs-ctl.log. But it had an unintended consequence that the exit status
of ovs-ctl was no longer returned. We would always return success(the exit
status of tee).

With this commit, we return the exit status of ovs-ctl instead of tee.
Code referenced from: (line wrapped).
http://unix.stackexchange.com/questions/14270/\
get-exit-status-of-process-thats-piped-to-another/70675#70675)

Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>
Signed-off-by: Duffie Cooley <dcooley@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

datapath: Fix vxlan gso with vlan.

To use ovs-gso-compatibility we need to record inner skb offset.
In case of vxlan it is done before vlan header is pushed which
gives wrong inner packet to ovs-gso.
Following patch reset skb offsets after inner skb is completely built.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>

rhel: fix the exit status of the openvswitch init script.

This is a fix for a request to make sure that the openvswitch status command
in rhel based distros gives a useful exit status. That was fixed in

commit 5e0c05bc058c78a11be6747f62e6ad88e5d06b70
debian: Fix exit status of openvswitch-switch init script "status" command

Signed-off-by: Duffie Cooley <dcooley@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

hmap: Make bad hash functions easier to find.

The hmap code has for a long time incremented a counter when a hash bucket
grew to have many entries. This can let a developer know that some hash
function is performing poorly, but doesn't give any hint as to which one.
This commit improves the situation by adding rate-limited debug logging
that points out a particular line of code as the source of the poor hash
behavior. It should make issues easier to track down.

Bug #19926.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Lauded-by: Keith Amidon <keith@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

ofproto: Fix memory leak in rule_actions_unref().

Found by valgrind.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

ofproto: Allow ofproto_delete_flow() to delete hidden rules.

Commit 97f63e57a8 (ofproto: Remove soon-to-be-invalid optimizations.)
changed ofproto_delete_flow() to use the general-purpose flow_mod
implementation.  However, the general-purpose flow_mod never matches hidden
flows, which are exactly the flows that ofproto_delete_flow()'s callers
want to delete.

This commit fixes the problem by allowing flow_mods that specify a priority
that can only be for a hidden flow to delete a hidden flow.  (This doesn't
allow OpenFlow clients to meddle with hidden flows because OpenFlow uses
only a 16-bit field to specify priority.)

I verified that, without this commit, if I change from one controller to
another with "ovs-vsctl set-controller", then the in-band rules for the
old controller remain.  With this commit, the old rules are removed.

Reported-by: YAMAMOTO Takashi <yamamoto@valinux.co.jp>
Bug #19821.
Reported-by: Luca Giraudo <lgiraudo@vmware.com>
Bug #19888.
Reported-by: Ying Chen <yingchen@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

cfm: Don't enforce CFM_FAULT_INTERVAL.

While upgrading a deployment, it's possible that transient
configuration changes could cause the cfm interval on two ends of a
link to be different. If these two configured values are close to
each other, this condition could have no impact on traffic. Therefore
it's better to let this slide than force a tunnel down guaranteeing an
impact

Signed-off-by: Ethan Jackson <ethan@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

cfm: Prevent interval fault when demand mode is enabled on one end.

This commit prevents cfm from raising 'interval' fault when demand
mode is only enabled on one end of link.

Signed-off-by: Alex Wang <alexw@nicira.com>
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

datapath: Remove net_device_ops compatibility code.

The symbol HAVE_NET_DEVICE_OPS was changed in 3.1 but code the that
it was protecting dates back to before 2.6.32. Therefore, we can
just assume that net_device_ops exists in all cases and drop the
compat code.

Signed-off-by: Jesse Gross <jesse@nicira.com>
Acked-by: Pravin B Shelar <pshelar@nicira.com>

utilities: a top like tool for ovs-dpctl dump-flows.

This python script summarizes ovs-dpctl dump-flows content by aggregating
the number of packets, total bytes and occurrence of the following fields:
  - Datapath in_port
  - Ethernet type
  - Source and destination MAC addresses
  - IP protocol
  - Source and destination IPv4 addresses
  - Source and destination IPv6 addresses
  - UDP and TCP destination port
  - Tunnel source and destination addresses

Testing included confirming both mega-flows and non-megaflows are
properly parsed. Bit masks are applied in the case of mega-flows
prior to aggregation.  Test --script parameter which runs in
non-interactive mode. Tested syntax against python 2.4.3, 2.6 and 2.7.
Confirmed script passes pep8 and pylint run as:

pylint --disable=I0011 --include-id=y --reports=n

This tool has been added to these distribution:
  - add ovs-dpctl-top to debian distribution
  - add ovs-dpctl-top to rpm distribution.
  - add ovs-dpctl-top to XenServer RPM.

Signed-off-by: Mark Hamilton <mhamilton@nicira.com>
Signed-off-by: Gurucharan Shetty <gshetty@nicira.com>

vlog: Fix formatting of milliseconds in Python log messages.

Commit 2b31d8e713de7 (vlog: Report timestamps in millisecond resolution in
log messages.) introduced milliseconds to log messages by default, but the
Python version did not ensure that milliseconds were always formatted with
3 digits, so 3.001 was formatted as "3.1" and 3.012 as "3.12", and so on.
This commit fixes the problem.

CC: Paul Ingram <paul@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ovsdb: write commit timestamps to millisecond resolution.

This is expected to make system debugging easier.

This raises two compatibility issues:
1. When a new ovsdb-tool reads an old database, it will multiply by 1000 any
  timestamp it reads which is less than 1<<31. Since this date corresponds to
  Jan 16 1970 this is unlikely to cause a problem.
2. When an old ovsdb-tool reads a new database, it will interpret the
  millisecond timestamps as seconds and report dates in the far future; the
  time of this commit is reported as the year 45672 (each second since the
  epoch is interpreted as 16 minutes).

Signed-off-by: Paul Ingram <pingram@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ovsdb: Use DB load time, not on-disk commit times, for compaction.

The ovsdb-server compaction timing logic is written assuming monotonic
time at milliscond resolution but it calculated the next compaction time
based on the oldest commit in the database. This was a problem because
commit timestamps are written in wall-clock time to second resolution.

This commit calculates the next compaction time based on the time when
the database was first loaded or the last compaction was done, both in
monotonic time at millisecond resolution.

Signed-off-by: Paul Ingram <pingram@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

vlog: Report timestamps in millisecond resolution in log messages.

To make debugging easier.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Paul Ingram <pingram@nicira.com>

ofproto-dpif: Fix use-after-free error deleting last bridge.

valgrind reported:

    Invalid read of size 4
       at 0x806ADC1: odp_port_to_ofport (hmap.h:267)
       by 0x8077C05: xlate_receive (ofproto-dpif-xlate.c:523)
       by 0x8073994: handle_miss_upcalls (ofproto-dpif-upcall.c:642)
       by 0x80741AA: udpif_miss_handler (ofproto-dpif-upcall.c:412)
       by 0x56FCC38: start_thread (pthread_create.c:304)
       by 0x735378D: clone (clone.S:130)
     Address 0x786c084 is 4 bytes inside a block of size 16 free'd
       at 0x4D8350C: free (vg_replace_malloc.c:427)
       by 0x8065EDA: close_dpif_backer (ofproto-dpif.c:1094)

The problem is that close_dpif_backer() destroys odp_to_ofport_map and the
associated mutex before it calls udpif_destroy() to stop the forwarding
threads.  This gives the forwarding threads a window in which to try to
use odp_to_ofport_map.

This commit moves the udpif_destroy() call much earlier, solving the
problem.  (The call to udpif_destroy() must follow the call to
drop_key_clear() because drop_key_clear() uses the udpif.)

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>

tests: Make ovsdb-server add-db/remove-db test faster and more reliable.

Until now, the "ovsdb-server/add-db and remove-db with --monitor" test
killed ovsdb-server with SIGSEGV twice.  Each time, the "--monitor" option
caused the supervisor process to restart the child, but the second time it
incurred a 10-second delay intended to prevent the daemon from wasting CPU
time by restarting itself and dying again very quickly in a loop.  This
made the test take over 10 seconds to execute.  It also made it
occasionally fail because the OVS_WAIT_UNTIL check waits at most
approximately 10 seconds before it decides that the condition that it is
testing for will never occur.

This commit fixes the problem by breaking the test into two tests, each of
which kills ovsdb-server with SIGSEGV only once.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

FAQ: Fix version number for 2.0.

Presumably we will have minor version releases in the 2.x series
as well.

Signed-off-by: Jesse Gross <jesse@nicira.com>

ofproto-dpif: Move "learn" actions into individual threads.

Before OVS introduced threading, any given ``learn'' action took effect in
the flow table before the next incoming flow was set up. This meant that
if a packet came in, used ``learn'' to set up a flow to handle replies, and
then a reply came in, the reply would always hit the flow set up by the
``learn'' action. Until now, with the threading implementation, though,
the effects of ``learn'' actions happen asynchronously via a queue, which
means that the reply can arrive before the flow to handle it is set up.
This introduced an unacceptable regression in important use cases.

This commit fixes the problem by switching back to executing learn actions
before forwarding the packet that triggered it.

I imagine that there is considerable opportunity for optimization here.

Bug #19147.
Bug #19244.
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: Remove redundant cls parameter from a few functions.

Previously this parameter was useful for Clang locking annotations
but it isn't actually a locking requirement anymore, so remove
the parameter.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: Add global locking around flow table changes.

This makes 'ofproto_mutex' protect the flow table well enough that threads
other than the main one can realistically modify flows.

I need to look at the interface between ofproto and connmgr: I think that
there might need to be some locking there too.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: Refactor eviction cases to use common code.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: New helper any_pending_ops().

This function is trivial now but in an upcoming commit it will need to
become slightly more complicated, which makes writing it as a function
worthwhile.

Until then, this commit simplifies the logic, which was redundant since
the 'deletions' hmap always points into the 'pending' list anyway.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: Mark immutable members of struct rule 'const'.

One difficult part of make flow_mods thread-safe is sorting out which
members of each structure can be modified under which locks and,
especially, documenting this in a way that makes it hard for programmers to
get it wrong later. The compiler provides some tools for us, however, and
'const' is one of the nicer ones since it is standardized rather than part
of a compiler extension.

This commit makes use of 'const' to mark the immutable members of struct
rule, which is definitely the most confusing structure regarding thread
safety simply because it has so many members that use different forms of
synchronization. It also adds a bunch of CONST_CASTs to allow these
members to be initialized and destroyed where necessary.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: Make some functions for rules private to ofproto.c.

These aren't used outside this file.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: Remove ->timeout_mutex from struct rule (just use ->mutex).

I think that ->timeout_mutex and ->mutex were separate because the latter
(which was actually a rwlock named ->rwlock until recently) was held for
long periods of time, which meant that having a separate ->timeout_mutex
reduced lock contention. But ->mutex is now only held briefly, so it seems
reasonable to just use it.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: Replace rwlock in struct rule by a mutex.

A rwlock is suitable when one expects long hold times so there is a need
for some parallelism for readers.  But when the lock is held briefly, it
makes more sense to use a mutex for two reasons.  First, a rwlock is more
complex than a mutex so one would expect it to be more expensive to
acquire.  Second, a rwlock is less fair than a mutex: as long as there are
any readers this blocks out writers.

At least, that's the behavior I intuitively expect, and a few looks around
the web suggest that I'm not the only one.

Previously, struct rule's rwlock was held for long periods, so using a
rwlock made sense.  Now it is held only briefly, so this commit replaces it
by a mutex.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: Protect index by cookie with ofproto_mutex.

The cookie index is only used for flow_mods, so it makes sense to use this
global mutex.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: Drop 'expirable_mutex' in favor of new global 'ofproto_mutex'.

This is the first step toward making a global lock that protects everything
needed for updating the flow table. This commit starts out by merging one
lock into the new one, and later commits will continue that process.

The mutex is initially a recursive one, because I wasn't sure that there
were no nested acquisitions at this stage, but a later commit will change
it to a regular error-checking mutex once it's settled down a bit.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: Move rule_execute() out of ofopgroup_complete().

One goal we're moving toward is to be able to execute "learn" actions
in each thread that handles packets that arrive on an interface just before
we forward those packets.  The planned strategy there is to have a global
lock that protects everything required to modify the flow table.  Generally
this works out well, but rule_execute() is a trouble spot.  That's because
it's called during a flow table modification (when that global lock is
held) which means that a "learn" action triggered by the executing the
packet would try to recursively modify the flow table and reacquire the
global lock.

I can see two ways out of this issue.  One would be to make the global lock
a recursive one, or otherwise deal with handling recursive flow_mods.  The
other is to just queue up flow_mods due to rule_execute(), which itself is
a corner case (it only happens when a flow_mod sent via OpenFlow includes
a buffer_id).  (I guess there could be other more radical solutions, like
just dropping packets that contain "learn" actions if they occur in this
situation.)

This commit implements the second solution because it seems less likely to
be wrong in a way that crashes the switch.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

classifier: Allow CLS_CURSOR_FOR_EACH to use a const-qualified iterator.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

guarded-list: New data structure for thread-safe queue.

We already had queues that were suitable for replacement by this data
structure, and I intend to add another one later on.

flow_miss_batch_ofproto_destroyed() did not work well with the guarded-list
structure (it required either adding a lot more functions or breaking the
abstraction) so I changed the caller to just use udpif_revalidate().

Checking reval_seq at the end of handle_miss_upcalls() also didn't work
well with the abstraction, so I decided that since this was a corner case
anyway it would be acceptable to just drop those in flow_miss_batch_next().

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: Add a ref_count to "struct rule" to protect it from being freed.

Taking a read-lock on the 'rwlock' member of struct rule prevents members
of the rule from changing.  This is a short-term use of the 'rwlock': one
takes the lock, reads some members, and releases the lock.

Taking a read-lock on the 'rwlock' also prevents the rule from being freed.
This is often a relatively long-term need.  For example, until now flow
translation has held the rwlock in xlate_table_action() across the entire
recursive translation, which can call into a great deal of different code
across multiple files.

This commit switches to using a reference count for this second purpose
of struct rule's rwlock.  This means that all the code that previously
held a read-lock on the rwlock across deep stacks of functions can now
simply keep a reference.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: Break actions out of rule into new rule_actions structure.

This permits code to ensure long-term access to a rule's actions
without holding a long-term lock on the rule's rwlock.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: Remove soon-to-be-invalid optimizations.

Until now, ofproto_add_flow() and ofproto_delete_flow() assumed that the
flow table could not change between its flow table check and its later
modification to the flow table. This assumption will soon be untrue, so
remove it.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: Move function find_meter() into ofpacts as ofpacts_get_meter().

ofproto is too big anyway so we might as well move out code that can
reasonably live elsewhere.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: Merge ofproto_rule_delete() and ofproto_delete_rule().

These functions were identical but had different names (one just called
the other). Make them a single function.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto-dpif: Remove vestigial "clogged" feature.

Before this commit, ofproto-dpif did not ordinarily ever defer
completion of a flow_mod, but it was possible to use "ovs-appctl
ofproto/clog" to force deferring completion, which allowed some basic
debugging of deferred completion. I only ever used that feature once,
while doing initial debugging of the deferred completion feature. I
intend in future commits to make changes that will make deferred
completion harder to implement in ofproto-dpif, so this commit removes
that feature in advance.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: Avoid gratuitous memory allocation and free.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: Correct comments.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: Eliminate 'ofproto_node' member from struct rule.

The ofproto_node member is convenient for collecting lists of rules, but
it is also challenging for concurrency because only a single thread at a
time can put a given rule on a list. This commit eliminates the
ofproto_node member and introduces a new 'struct rule_collection' that
can be use in a thread-safe manner.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: Reduce number of "collect" functions taking lots of parameters.

The long lists of parameters for all these "collect" functions was starting
to get to me. This reduces the number of such functions to one.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: Factor code out of collect_rules_{loose,strict} into new helper.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: Use proper error code when meter_id is out of range.

Use OUT_OF_METERS when given meter_id is greater than what is supported
by the datapath. Retain the INVALID_METER error code for the meter_ids
outside of the range supported by the specification.

Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

Delete meters in the right place.

Signed-off-by: Jarno Rajahalme <jrajahalme@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

list: New function list_move().

An upcoming commit will add more users.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Reviewed-by: Simon Horman <horms@verge.net.au>

ofproto: Avoid removing rules from meter lists twice.

Since the meter code was introduced, the oftable_remove_rule() function
(recently renamed oftable_remove_rule__()) has had two blocks of code to
remove a rule from its meter's list of rules that reference that meter.
This commit reduces that to one.

Also modifies oftable_remove_rule__() to maintain the invariant that
'rule' is in a meter's list if and only if
!list_is_empty(&rule->meter_list_node). I don't believe that that fixes
a real bug, but it seems like a good idea.

(This seemed like a serious bug at first, but in fact list_remove() is
idempotent: calling it two times in a row has the same effect as calling
it once.)

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>

vswitchd: Clear bfd_status column when bfd is disabled or not supported

This commit makes vswitchd clear the 'bfd_status' column
in ovsdb when bfd is disabled or not supported.

Reported-by: Ansis Atteka <aatteka@nicira.com>
Signed-off-by: Alex Wang <alexw@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

bridge: Always call smap_destroy() after smap_init()

This commit fixes a place in bridge.c where smap_destroy() is not
always called after smap_init(). Though there is no memory leak
now, it is necessary to fix it and prevent memory leak in the
future when smap_init() may be modified to allocate dynamic memory.

Reported-by: Ansis Atteka <aatteka@nicira.com>
Signed-off-by: Alex Wang <alexw@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ofproto: Reduce default number of miss handlers.

The default number of miss handlers should be the number of processors
minus two to account for the dispatcher and main threads.

Signed-off-by: Ethan Jackson <ethan@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ofproto-dpif: Don't hold mac rwlock while calling send_packet().

Holding the mac learning rwlock while calling send_packet() which
calls xlate_actions() is dangerous because somewhere deep in the chain
the same lock might be acquired causing a deadlock. Though we haven't
run into this problem in testing, it seems prudent to refactor it.

Reported-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ofproto: Fix core dump due to uninitialized cls_rule.

Bug #19568.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ofproto: Do not call ->rule_destruct() if ->rule_construct() failed.

Found by inspection.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

datapath: flow: fix potential illegal memory access in __parse_flow_nlattrs

In function __parse_flow_nlattrs(), we check for condition
(type > OVS_KEY_ATTR_MAX) and if true, print an error, but we do
not return from this function as in other checks. It seems this
has been forgotten, as otherwise, we could access beyond the
memory of ovs_key_lens, which is of ovs_key_lens[OVS_KEY_ATTR_MAX + 1].
Hence, a maliciously prepared nla_type from user space could access
beyond this upper limit.

Introduced by 03f0d916a ("openvswitch: Mega flow implementation").

Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Cc: Andy Zhou <azhou@nicira.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>

util: Don't set thread name to empty

In monitor_daemon(), it set subprogram_name to "" which causes system crash
in some platform when trying to set the thread name to "". This change set
thread name to program name in this case.

Signed-off-by: Guolin Yang <gyang@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

datapath: Remove compat files.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>

datapath: Remove reciprocal_div compat code.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>

datapath: Remove compat support for NLA_NUL_STRING

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>

datapath: Cleanup compat support.

cleanup various header file.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>

datapath: Cleanup netlink compat code.

Patch removes genl, netlink, rtnl compat code and dpif-linux
fallback-id compat code.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>

datapath: Remove vlan compat support

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>

datapath: Remove checksum compat support

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>

datapath: Remove skb->mark compat code.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>

datapath: Remove namespace compat support.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>

datapath: vport: Remove compat support

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>

datapath: Drop support for RHEL5 build

RHEL5 is based on kernel 2.6.18.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>

datapath: Move kernel version check to configure.

Rather than having compile time check in datapath.c, its better
to check kernel version at configuration step.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>

datapath: Drop support for linux pre-2.6.32 kernel.

This makes datapath module much close to upstream datapath and
make code easy to understand.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>

datapath: Fix alignment of struct sw_flow_key.

sw_flow_key alignment was declared as " __aligned(__alignof__(long))".
However, this breaks on the m68k architecture where long is 32 bit in
size but 16 bit aligned by default. This aligns to the size of a long to
ensure that we can always do comparsions in full long-sized chunks. It
also adds an additional build check to catch any reduction in alignment.

CC: Andy Zhou <azhou@nicira.com>
Reported-by: Fengguang Wu <fengguang.wu@intel.com>
Reported-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Jesse Gross <jesse@nicira.com>

ovs-ofctl: Correct formatting of instructions in manpage.

Adjust formatting in ovs-ofctl manpage so that apply_actions, clear_actions
write_metadata and goto_table appear at the same level of indentation as
actions rather being indented as if they are arguments to the learn action.

Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ofproto: Rename struct rule's evict lock and use it more widely.

There are a few fields in struct rule which are accessible by
functions in ofproto-dpif and therefore need to accessed in a thread
safe manner. This patch achieves this by generalizing the rules evict
rwlock and requiring a writelock to be held to edit them.

Signed-off-by: Ethan Jackson <ethan@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ofproto-dpif: Don't manage eviction groups from threads.

Managing eviction groups from threads was going to be difficult to do
in a performant thread-safe manner, so this patch punts the problem to
the main thread.

Signed-off-by: Ethan Jackson <ethan@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ofproto-dpif: Hide struct rule_dpif internally.

By hiding struct rule_dpif inside ofproto-dpif, it becomes very clear
which attributes are accessed by multiple threads and need to be
protected by locks.

Signed-off-by: Ethan Jackson <ethan@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>

ofproto-dpif: Do not dpif_port_del() patch ports in port_del().

Patch ports don't have datapath ports so it doesn't make sense to try to
call dpif_port_del() on them.  If we do try, it will fail, which makes the
caller think that the port wasn't really deleted, which in turn keeps
ofproto from reporting the port deletion via OpenFlow.  This fixes the
problem.

Without this patch, the following commands, executed under "make sandbox",
will report the patch port addition in "ovs-ofctl monitor" output, but not
the patch port deletion.  With this patch, both the addition and deletion
will be reported.

    ovs-vsctl add-br br0 -- set bridge br0 datapath_type=netdev
    ovs-ofctl monitor br0 128 &
    ovs-vsctl add-port br0 patch1 \
        -- set interface patch1 type=patch options:peer=patch2 \
        -- add-port br0 patch2 \
        -- set interface patch2 type=patch options:peer=patch1
    ovs-vsctl del-port patch1
    ovs-vsctl del-port patch2

Reported-by: YAMAMOTO Takashi <yamamoto@valinux.co.jp>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ofproto-dpif-xlate: Fix confusion between "no stp port" and "stp port 0".

Commit 9d189a50e (ofproto-dpif-xlate: Pull STP xlation into
ofproto-dpif-xlate.) introduced the bug that considers 'stp_port_no'
of 0 as stp disabled on the port. However 'stp_port_no' is
actually the index of the stp struct's port array and ranges
between [0, STP_MAX_PORTS). So the bug allows the blocked
port keep transmitting packets and generates loop.

This commit fixes this bug.

Signed-off-by: Alex Wang <alexw@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

dpif: fix segfault in CONTROLLER action with sflow or ipfix setup

Signed-off-by: Romain Lenglet <rlenglet@vmware.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ofproto: Convert units correctly in ofport_open().

netdev_features_to_bps() returns a speed in bps, but struct
ofputil_phy_port's curr_speed and max_speed are in kbps, so a conversion
is necessary. This commit fixes the problem.

Reported-by: Benjamin Lunsky <benjamin.lunsky@netronome.com>
Tested-by: Benjamin Lunsky <benjamin.lunsky@netronome.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

flow: Fix hypothetical memory leak in miniflow_move().

Ordinarily a miniflow will use its inline_values if its values can fit, but
there is nothing to prevent a small number of values from being stored
in malloc()'d memory.  If this happened, then miniflow_move() would leak
memory.  This commit fixes the problem.

This is a hypothetical problem.  I haven't seen it in practice.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto: Fix memory leak in add_flow().

Found by inspection.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto-dpif-mirror: Fix memory leak in mbridge_unref().

Found by valgrind.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

flow: Fix memory leak in minimask_move().

Found by valgrind.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto-dpif: Fix use-after-free deleting a bridge with active traffic.

When a bridge that has active traffic is deleted, the bridge's ofproto can
be referenced by in-flight "flow_miss"es. This commit fixes the problem
by destroying "flow_miss"es that reference the ofproto that is being
deleted.

I found the problem by adding and removing a bridge that had active traffic
(via hping3) while running under valgrind.

Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

ofproto-dpif: Destroy facets on ofproto removal.

Facets maintain a pointer to their owning ofproto-dpif, and therefore
when an ofproto-dpif is destroyed all of their child facets should be
destroyed along with it. If they aren't, it's possible a subfacet
looked up in the dpif-backer could access it's parent facet and
therefore a defunct parent ofproto causing a segmentation fault.

Bug #19421.
Bug #19423.
Diagnosed-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Ethan Jackson <ethan@nicira.com>

cfm: Fix a memory allocation bug in cfm_get_remove_mpids().

In cfm, when allocating the rmp array, the size is not calculated correctly
which cause the remote MPID not correctly updated in ovsdb.

This bug was introduced by commit 13b1b2ae70 (cfm: Make the CFM module
thread safe.).

Signed-off-by: Guolin Yang <gyang@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>

ofproto-dpif-xlate: Fix mac learning deadlock.

xlate_normal() held the mac_learning lock while calling
output_normal(). When running with patch ports, this could cause
xlate_actions() to be called again, possibly attempting to take a
write lock on the same learning table causing a deadlock. This patch
solves the problem by holding the lock for a very brief period of
time.

Bug #19423.
Signed-off-by: Ethan Jackson <ethan@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>

Fix a bug in conversion between flow/mask and flow key

In odp_flow_key_from_flow__(), when converting ICMPv6 flow/mask
to flow/mask key, we should always use flow to check for whether
ND informaition is present or not. In mask case, both type and code
field should be masked, otherwise ND fields can be masked.

Similarly in reverse conversion (parse_l2_5_onward()), we should
have same check.

Signed-off-by: Guolin Yang <gyang@nicira.com>
[blp@nicira.com changed && to || in parse_l2_5_onward()
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Andy Zhou <azhou@nicira.com>

util: Include pthread_np.h on FreeBSD

On FreeBSD pthread_set_name_np's prototype is provided by pthread_np.h.
As I believe it is the only platform to provide the "set_name" (with an
underscore) variant I hope it's fine to use the existing autoconf macro
HAVE_PTHREAD_SET_NAME_NP.

Signed-off-by: Ed Maste <emaste@freebsd.org>
Signed-off-by: Ben Pfaff <blp@nicira.com>

datapath: Sync vxlan tunneling code with upstream ovs-vxlan.

Upstream vxlan implementation was changed according to few
comments. Following patch brings back those changes to out
of tree ovs module.

Signed-off-by: Pravin B Shelar <pshelar@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>