From f6ecf944a985f2b87053719d54c7218016e1ad01 Mon Sep 17 00:00:00 2001 From: Justin Pettit Date: Tue, 20 Oct 2015 22:03:02 -0700 Subject: [PATCH] vswitchd: Allow modifying ICMP type and code. Signed-off-by: Justin Pettit Acked-by: Flavio Leitner --- NEWS | 1 + lib/flow.h | 4 ++-- lib/meta-flow.h | 8 ++++---- lib/odp-execute.c | 12 ++++++++++-- lib/odp-util.c | 44 +++++++++++++++++++++++++++++++++++++++++--- lib/ofp-actions.c | 4 ++++ tests/ofproto.at | 4 ++-- 7 files changed, 64 insertions(+), 13 deletions(-) diff --git a/NEWS b/NEWS index 9b9dff2bb..cf9984430 100644 --- a/NEWS +++ b/NEWS @@ -9,6 +9,7 @@ Post-v2.4.0 * OpenFlow 1.4+ "importance" is now considered for flow eviction. * OpenFlow 1.4+ OFPTC_EVICTION is now implemented. * OpenFlow 1.4+ OFPMP_TABLE_DESC is now implemented. + * Allow modifying the ICMPv4/ICMPv6 type and code fields. - Support for matching/generating options as well as the OAM bit with Geneve tunnels. - Support Multicast Listener Discovery (MLDv1 and MLDv2). diff --git a/lib/flow.h b/lib/flow.h index efd34a0da..41397d47e 100644 --- a/lib/flow.h +++ b/lib/flow.h @@ -135,8 +135,8 @@ struct flow { ovs_be16 pad3; /* Pad to 64 bits. */ /* L4 (64-bit aligned) */ - ovs_be16 tp_src; /* TCP/UDP/SCTP source port. */ - ovs_be16 tp_dst; /* TCP/UDP/SCTP destination port. */ + ovs_be16 tp_src; /* TCP/UDP/SCTP source port/ICMP type. */ + ovs_be16 tp_dst; /* TCP/UDP/SCTP destination port/ICMP code. */ ovs_be32 igmp_group_ip4; /* IGMP group IPv4 address. * Keep last for BUILD_ASSERT_DECL below. */ }; diff --git a/lib/meta-flow.h b/lib/meta-flow.h index d22c1562e..736abc4ee 100644 --- a/lib/meta-flow.h +++ b/lib/meta-flow.h @@ -1569,7 +1569,7 @@ enum OVS_PACKED_ENUM mf_field_id { * Maskable: no. * Formatting: decimal. * Prerequisites: ICMPv4. - * Access: read-only. + * Access: read/write. * NXM: NXM_OF_ICMP_TYPE(13) since v1.1. * OXM: OXM_OF_ICMPV4_TYPE(19) since OF1.2 and v1.7. * OF1.0: exact match. @@ -1585,7 +1585,7 @@ enum OVS_PACKED_ENUM mf_field_id { * Maskable: no. * Formatting: decimal. * Prerequisites: ICMPv4. - * Access: read-only. + * Access: read/write. * NXM: NXM_OF_ICMP_CODE(14) since v1.1. * OXM: OXM_OF_ICMPV4_CODE(20) since OF1.2 and v1.7. * OF1.0: exact match. @@ -1601,7 +1601,7 @@ enum OVS_PACKED_ENUM mf_field_id { * Maskable: no. * Formatting: decimal. * Prerequisites: ICMPv6. - * Access: read-only. + * Access: read/write. * NXM: NXM_NX_ICMPV6_TYPE(21) since v1.1. * OXM: OXM_OF_ICMPV6_TYPE(29) since OF1.2 and v1.7. */ @@ -1615,7 +1615,7 @@ enum OVS_PACKED_ENUM mf_field_id { * Maskable: no. * Formatting: decimal. * Prerequisites: ICMPv6. - * Access: read-only. + * Access: read/write. * NXM: NXM_NX_ICMPV6_CODE(22) since v1.1. * OXM: OXM_OF_ICMPV6_CODE(30) since OF1.2 and v1.7. */ diff --git a/lib/odp-execute.c b/lib/odp-execute.c index d2be71c86..b5204b270 100644 --- a/lib/odp-execute.c +++ b/lib/odp-execute.c @@ -301,6 +301,16 @@ odp_execute_set_action(struct dp_packet *packet, const struct nlattr *a) set_arp(packet, nl_attr_get(a), NULL); break; + case OVS_KEY_ATTR_ICMP: + case OVS_KEY_ATTR_ICMPV6: + if (OVS_LIKELY(dp_packet_get_icmp_payload(packet))) { + const struct ovs_key_icmp *icmp_key + = nl_attr_get_unspec(a, sizeof(struct ovs_key_icmp)); + + packet_set_icmp(packet, icmp_key->icmp_type, icmp_key->icmp_code); + } + break; + case OVS_KEY_ATTR_ND: if (OVS_LIKELY(dp_packet_get_nd_payload(packet))) { const struct ovs_key_nd *nd_key @@ -323,8 +333,6 @@ odp_execute_set_action(struct dp_packet *packet, const struct nlattr *a) case OVS_KEY_ATTR_ETHERTYPE: case OVS_KEY_ATTR_IN_PORT: case OVS_KEY_ATTR_VLAN: - case OVS_KEY_ATTR_ICMP: - case OVS_KEY_ATTR_ICMPV6: case OVS_KEY_ATTR_TCP_FLAGS: case OVS_KEY_ATTR_CT_STATE: case OVS_KEY_ATTR_CT_ZONE: diff --git a/lib/odp-util.c b/lib/odp-util.c index 8f0f39a81..9b9792dae 100644 --- a/lib/odp-util.c +++ b/lib/odp-util.c @@ -5188,6 +5188,43 @@ commit_set_arp_action(const struct flow *flow, struct flow *base_flow, return 0; } +static void +get_icmp_key(const struct flow *flow, struct ovs_key_icmp *icmp) +{ + /* icmp_type and icmp_code are stored in tp_src and tp_dst, respectively */ + icmp->icmp_type = ntohs(flow->tp_src); + icmp->icmp_code = ntohs(flow->tp_dst); +} + +static void +put_icmp_key(const struct ovs_key_icmp *icmp, struct flow *flow) +{ + /* icmp_type and icmp_code are stored in tp_src and tp_dst, respectively */ + flow->tp_src = htons(icmp->icmp_type); + flow->tp_dst = htons(icmp->icmp_code); +} + +static enum slow_path_reason +commit_set_icmp_action(const struct flow *flow, struct flow *base_flow, + struct ofpbuf *odp_actions, struct flow_wildcards *wc) +{ + struct ovs_key_icmp key, mask, base; + enum ovs_key_attr attr; + + get_icmp_key(flow, &key); + get_icmp_key(base_flow, &base); + get_icmp_key(&wc->masks, &mask); + + attr = flow->dl_type == htons(ETH_TYPE_IP) ? OVS_KEY_ATTR_ICMP + : OVS_KEY_ATTR_ICMPV6; + if (commit(attr, false, &key, &base, &mask, sizeof key, odp_actions)) { + put_icmp_key(&base, base_flow); + put_icmp_key(&mask, &wc->masks); + return SLOW_ACTION; + } + return 0; +} + static void get_nd_key(const struct flow *flow, struct ovs_key_nd *nd) { @@ -5361,15 +5398,16 @@ commit_odp_actions(const struct flow *flow, struct flow *base, struct ofpbuf *odp_actions, struct flow_wildcards *wc, bool use_masked) { - enum slow_path_reason slow; + enum slow_path_reason slow1, slow2; commit_set_ether_addr_action(flow, base, odp_actions, wc, use_masked); - slow = commit_set_nw_action(flow, base, odp_actions, wc, use_masked); + slow1 = commit_set_nw_action(flow, base, odp_actions, wc, use_masked); commit_set_port_action(flow, base, odp_actions, wc, use_masked); + slow2 = commit_set_icmp_action(flow, base, odp_actions, wc); commit_mpls_action(flow, base, odp_actions); commit_vlan_action(flow->vlan_tci, base, odp_actions, wc); commit_set_priority_action(flow, base, odp_actions, wc, use_masked); commit_set_pkt_mark_action(flow, base, odp_actions, wc, use_masked); - return slow; + return slow1 ? slow1 : slow2; } diff --git a/lib/ofp-actions.c b/lib/ofp-actions.c index 1b195b82f..43d4b721e 100644 --- a/lib/ofp-actions.c +++ b/lib/ofp-actions.c @@ -1880,6 +1880,10 @@ OFP_ASSERT(sizeof(struct onf_action_copy_field) == 24); * - NXM_OF_TCP_DST * - NXM_OF_UDP_SRC * - NXM_OF_UDP_DST + * - NXM_OF_ICMP_TYPE + * - NXM_OF_ICMP_CODE + * - NXM_NX_ICMPV6_TYPE + * - NXM_NX_ICMPV6_CODE * - NXM_NX_ARP_SHA * - NXM_NX_ARP_THA * - NXM_OF_ARP_OP diff --git a/tests/ofproto.at b/tests/ofproto.at index 634735b86..5c40c7d8f 100644 --- a/tests/ofproto.at +++ b/tests/ofproto.at @@ -1431,7 +1431,7 @@ head_table() { instructions: apply_actions,clear_actions,write_actions,write_metadata,goto_table Write-Actions and Apply-Actions features: actions: output group set_field strip_vlan push_vlan mod_nw_ttl dec_ttl set_mpls_ttl dec_mpls_ttl push_mpls pop_mpls set_queue - supported on Set-Field: metadata in_port_oxm eth_src eth_dst vlan_vid vlan_pcp mpls_label mpls_tc ip_src ip_dst ipv6_src ipv6_dst ipv6_label ip_dscp nw_ecn arp_op arp_spa arp_tpa arp_sha arp_tha tcp_src tcp_dst udp_src udp_dst sctp_src sctp_dst nd_target nd_sll nd_tll + supported on Set-Field: metadata in_port_oxm eth_src eth_dst vlan_vid vlan_pcp mpls_label mpls_tc ip_src ip_dst ipv6_src ipv6_dst ipv6_label ip_dscp nw_ecn arp_op arp_spa arp_tpa arp_sha arp_tha tcp_src tcp_dst udp_src udp_dst sctp_src sctp_dst icmp_type icmp_code icmpv6_type icmpv6_code nd_target nd_sll nd_tll matching: metadata: exact match or wildcard in_port_oxm: exact match or wildcard @@ -1534,7 +1534,7 @@ head_table () { actions: output group set_field strip_vlan push_vlan mod_nw_ttl dec_ttl set_mpls_ttl dec_mpls_ttl push_mpls pop_mpls set_queue supported on Set-Field: tun_id tun_src tun_dst tun_flags tun_gbp_id tun_gbp_flags tun_metadata0 dnl tun_metadata1 tun_metadata2 tun_metadata3 tun_metadata4 tun_metadata5 tun_metadata6 tun_metadata7 tun_metadata8 tun_metadata9 tun_metadata10 tun_metadata11 tun_metadata12 tun_metadata13 tun_metadata14 tun_metadata15 tun_metadata16 tun_metadata17 tun_metadata18 tun_metadata19 tun_metadata20 tun_metadata21 tun_metadata22 tun_metadata23 tun_metadata24 tun_metadata25 tun_metadata26 tun_metadata27 tun_metadata28 tun_metadata29 tun_metadata30 tun_metadata31 tun_metadata32 tun_metadata33 tun_metadata34 tun_metadata35 tun_metadata36 tun_metadata37 tun_metadata38 tun_metadata39 tun_metadata40 tun_metadata41 tun_metadata42 tun_metadata43 tun_metadata44 tun_metadata45 tun_metadata46 tun_metadata47 tun_metadata48 tun_metadata49 tun_metadata50 tun_metadata51 tun_metadata52 tun_metadata53 tun_metadata54 tun_metadata55 tun_metadata56 tun_metadata57 tun_metadata58 tun_metadata59 tun_metadata60 tun_metadata61 tun_metadata62 tun_metadata63 dnl -metadata in_port in_port_oxm pkt_mark ct_mark ct_label reg0 reg1 reg2 reg3 reg4 reg5 reg6 reg7 xreg0 xreg1 xreg2 xreg3 eth_src eth_dst vlan_tci vlan_vid vlan_pcp mpls_label mpls_tc ip_src ip_dst ipv6_src ipv6_dst ipv6_label nw_tos ip_dscp nw_ecn nw_ttl arp_op arp_spa arp_tpa arp_sha arp_tha tcp_src tcp_dst udp_src udp_dst sctp_src sctp_dst nd_target nd_sll nd_tll +metadata in_port in_port_oxm pkt_mark ct_mark ct_label reg0 reg1 reg2 reg3 reg4 reg5 reg6 reg7 xreg0 xreg1 xreg2 xreg3 eth_src eth_dst vlan_tci vlan_vid vlan_pcp mpls_label mpls_tc ip_src ip_dst ipv6_src ipv6_dst ipv6_label nw_tos ip_dscp nw_ecn nw_ttl arp_op arp_spa arp_tpa arp_sha arp_tha tcp_src tcp_dst udp_src udp_dst sctp_src sctp_dst icmp_type icmp_code icmpv6_type icmpv6_code nd_target nd_sll nd_tll matching: dp_hash: arbitrary mask recirc_id: exact match or wildcard -- 2.20.1