Merge branch 'net_next_ovs' of git://git.kernel.org/pub/scm/linux/kernel/git/pshelar/openvswitch

+15

include/uapi/linux/openvswitch.h

··· 157 157 * notification if the %OVS_ACTION_ATTR_USERSPACE action specified an 158 158 * %OVS_USERSPACE_ATTR_USERDATA attribute, with the same length and content 159 159 * specified there. 160 + * @OVS_PACKET_ATTR_EGRESS_TUN_KEY: Present for an %OVS_PACKET_CMD_ACTION 161 + * notification if the %OVS_ACTION_ATTR_USERSPACE action specified an 162 + * %OVS_USERSPACE_ATTR_EGRESS_TUN_PORT attribute, which is sent only if the 163 + * output port is actually a tunnel port. Contains the output tunnel key 164 + * extracted from the packet as nested %OVS_TUNNEL_KEY_ATTR_* attributes. 160 165 * 161 166 * These attributes follow the &struct ovs_header within the Generic Netlink 162 167 * payload for %OVS_PACKET_* commands. ··· 172 167 OVS_PACKET_ATTR_KEY, /* Nested OVS_KEY_ATTR_* attributes. */ 173 168 OVS_PACKET_ATTR_ACTIONS, /* Nested OVS_ACTION_ATTR_* attributes. */ 174 169 OVS_PACKET_ATTR_USERDATA, /* OVS_ACTION_ATTR_USERSPACE arg. */ 170 + OVS_PACKET_ATTR_EGRESS_TUN_KEY, /* Nested OVS_TUNNEL_KEY_ATTR_* 171 + attributes. */ 175 172 __OVS_PACKET_ATTR_MAX 176 173 }; 177 174 ··· 322 315 OVS_TUNNEL_KEY_ATTR_CSUM, /* No argument. CSUM packet. */ 323 316 OVS_TUNNEL_KEY_ATTR_OAM, /* No argument. OAM frame. */ 324 317 OVS_TUNNEL_KEY_ATTR_GENEVE_OPTS, /* Array of Geneve options. */ 318 + OVS_TUNNEL_KEY_ATTR_TP_SRC, /* be16 src Transport Port. */ 319 + OVS_TUNNEL_KEY_ATTR_TP_DST, /* be16 dst Transport Port. */ 325 320 __OVS_TUNNEL_KEY_ATTR_MAX 326 321 }; 327 322 ··· 457 448 OVS_FLOW_ATTR_USED, /* u64 msecs last used in monotonic time. */ 458 449 OVS_FLOW_ATTR_CLEAR, /* Flag to clear stats, tcp_flags, used. */ 459 450 OVS_FLOW_ATTR_MASK, /* Sequence of OVS_KEY_ATTR_* attributes. */ 451 + OVS_FLOW_ATTR_PROBE, /* Flow operation is a feature probe, error 452 + * logging should be suppressed. */ 460 453 __OVS_FLOW_ATTR_MAX 461 454 }; 462 455 ··· 491 480 * message should be sent. Required. 492 481 * @OVS_USERSPACE_ATTR_USERDATA: If present, its variable-length argument is 493 482 * copied to the %OVS_PACKET_CMD_ACTION message as %OVS_PACKET_ATTR_USERDATA. 483 + * @OVS_USERSPACE_ATTR_EGRESS_TUN_PORT: If present, u32 output port to get 484 + * tunnel info. 494 485 */ 495 486 enum ovs_userspace_attr { 496 487 OVS_USERSPACE_ATTR_UNSPEC, 497 488 OVS_USERSPACE_ATTR_PID, /* u32 Netlink PID to receive upcalls. */ 498 489 OVS_USERSPACE_ATTR_USERDATA, /* Optional user-specified cookie. */ 490 + OVS_USERSPACE_ATTR_EGRESS_TUN_PORT, /* Optional, u32 output port 491 + * to get tunnel info. */ 499 492 __OVS_USERSPACE_ATTR_MAX 500 493 }; 501 494

+131 -51

net/openvswitch/actions.c

··· 69 69 fifo->tail = 0; 70 70 } 71 71 72 - static bool action_fifo_is_empty(struct action_fifo *fifo) 72 + static bool action_fifo_is_empty(const struct action_fifo *fifo) 73 73 { 74 74 return (fifo->head == fifo->tail); 75 75 } ··· 92 92 93 93 /* Return true if fifo is not full */ 94 94 static struct deferred_action *add_deferred_actions(struct sk_buff *skb, 95 - struct sw_flow_key *key, 95 + const struct sw_flow_key *key, 96 96 const struct nlattr *attr) 97 97 { 98 98 struct action_fifo *fifo; ··· 109 109 return da; 110 110 } 111 111 112 + static void invalidate_flow_key(struct sw_flow_key *key) 113 + { 114 + key->eth.type = htons(0); 115 + } 116 + 117 + static bool is_flow_key_valid(const struct sw_flow_key *key) 118 + { 119 + return !!key->eth.type; 120 + } 121 + 112 122 static int make_writable(struct sk_buff *skb, int write_len) 113 123 { 114 124 if (!pskb_may_pull(skb, write_len)) ··· 130 120 return pskb_expand_head(skb, 0, 0, GFP_ATOMIC); 131 121 } 132 122 133 - static int push_mpls(struct sk_buff *skb, 123 + static int push_mpls(struct sk_buff *skb, struct sw_flow_key *key, 134 124 const struct ovs_action_push_mpls *mpls) 135 125 { 136 126 __be32 *new_mpls_lse; ··· 161 151 skb_set_inner_protocol(skb, skb->protocol); 162 152 skb->protocol = mpls->mpls_ethertype; 163 153 154 + invalidate_flow_key(key); 164 155 return 0; 165 156 } 166 157 167 - static int pop_mpls(struct sk_buff *skb, const __be16 ethertype) 158 + static int pop_mpls(struct sk_buff *skb, struct sw_flow_key *key, 159 + const __be16 ethertype) 168 160 { 169 161 struct ethhdr *hdr; 170 162 int err; ··· 193 181 hdr->h_proto = ethertype; 194 182 if (eth_p_mpls(skb->protocol)) 195 183 skb->protocol = ethertype; 184 + 185 + invalidate_flow_key(key); 196 186 return 0; 197 187 } 198 188 199 - static int set_mpls(struct sk_buff *skb, const __be32 *mpls_lse) 189 + static int set_mpls(struct sk_buff *skb, struct sw_flow_key *key, 190 + const __be32 *mpls_lse) 200 191 { 201 192 __be32 *stack; 202 193 int err; ··· 211 196 stack = (__be32 *)skb_mpls_header(skb); 212 197 if (skb->ip_summed == CHECKSUM_COMPLETE) { 213 198 __be32 diff[] = { ~(*stack), *mpls_lse }; 214 - 215 199 skb->csum = ~csum_partial((char *)diff, sizeof(diff), 216 200 ~skb->csum); 217 201 } 218 202 219 203 *stack = *mpls_lse; 220 - 204 + key->mpls.top_lse = *mpls_lse; 221 205 return 0; 222 206 } 223 207 ··· 251 237 return 0; 252 238 } 253 239 254 - static int pop_vlan(struct sk_buff *skb) 240 + static int pop_vlan(struct sk_buff *skb, struct sw_flow_key *key) 255 241 { 256 242 __be16 tci; 257 243 int err; ··· 269 255 } 270 256 /* move next vlan tag to hw accel tag */ 271 257 if (likely(skb->protocol != htons(ETH_P_8021Q) || 272 - skb->len < VLAN_ETH_HLEN)) 258 + skb->len < VLAN_ETH_HLEN)) { 259 + key->eth.tci = 0; 273 260 return 0; 261 + } 274 262 263 + invalidate_flow_key(key); 275 264 err = __pop_vlan_tci(skb, &tci); 276 265 if (unlikely(err)) 277 266 return err; ··· 283 266 return 0; 284 267 } 285 268 286 - static int push_vlan(struct sk_buff *skb, const struct ovs_action_push_vlan *vlan) 269 + static int push_vlan(struct sk_buff *skb, struct sw_flow_key *key, 270 + const struct ovs_action_push_vlan *vlan) 287 271 { 288 272 if (unlikely(vlan_tx_tag_present(skb))) { 289 273 u16 current_tag; ··· 301 283 skb->csum = csum_add(skb->csum, csum_partial(skb->data 302 284 + (2 * ETH_ALEN), VLAN_HLEN, 0)); 303 285 286 + invalidate_flow_key(key); 287 + } else { 288 + key->eth.tci = vlan->vlan_tci; 304 289 } 305 290 __vlan_hwaccel_put_tag(skb, vlan->vlan_tpid, ntohs(vlan->vlan_tci) & ~VLAN_TAG_PRESENT); 306 291 return 0; 307 292 } 308 293 309 - static int set_eth_addr(struct sk_buff *skb, 294 + static int set_eth_addr(struct sk_buff *skb, struct sw_flow_key *key, 310 295 const struct ovs_key_ethernet *eth_key) 311 296 { 312 297 int err; ··· 324 303 325 304 ovs_skb_postpush_rcsum(skb, eth_hdr(skb), ETH_ALEN * 2); 326 305 306 + ether_addr_copy(key->eth.src, eth_key->eth_src); 307 + ether_addr_copy(key->eth.dst, eth_key->eth_dst); 327 308 return 0; 328 309 } 329 310 330 311 static void set_ip_addr(struct sk_buff *skb, struct iphdr *nh, 331 - __be32 *addr, __be32 new_addr) 312 + __be32 *addr, __be32 new_addr) 332 313 { 333 314 int transport_len = skb->len - skb_transport_offset(skb); 334 315 ··· 409 386 nh->ttl = new_ttl; 410 387 } 411 388 412 - static int set_ipv4(struct sk_buff *skb, const struct ovs_key_ipv4 *ipv4_key) 389 + static int set_ipv4(struct sk_buff *skb, struct sw_flow_key *key, 390 + const struct ovs_key_ipv4 *ipv4_key) 413 391 { 414 392 struct iphdr *nh; 415 393 int err; ··· 422 398 423 399 nh = ip_hdr(skb); 424 400 425 - if (ipv4_key->ipv4_src != nh->saddr) 401 + if (ipv4_key->ipv4_src != nh->saddr) { 426 402 set_ip_addr(skb, nh, &nh->saddr, ipv4_key->ipv4_src); 403 + key->ipv4.addr.src = ipv4_key->ipv4_src; 404 + } 427 405 428 - if (ipv4_key->ipv4_dst != nh->daddr) 406 + if (ipv4_key->ipv4_dst != nh->daddr) { 429 407 set_ip_addr(skb, nh, &nh->daddr, ipv4_key->ipv4_dst); 408 + key->ipv4.addr.dst = ipv4_key->ipv4_dst; 409 + } 430 410 431 - if (ipv4_key->ipv4_tos != nh->tos) 411 + if (ipv4_key->ipv4_tos != nh->tos) { 432 412 ipv4_change_dsfield(nh, 0, ipv4_key->ipv4_tos); 413 + key->ip.tos = nh->tos; 414 + } 433 415 434 - if (ipv4_key->ipv4_ttl != nh->ttl) 416 + if (ipv4_key->ipv4_ttl != nh->ttl) { 435 417 set_ip_ttl(skb, nh, ipv4_key->ipv4_ttl); 418 + key->ip.ttl = ipv4_key->ipv4_ttl; 419 + } 436 420 437 421 return 0; 438 422 } 439 423 440 - static int set_ipv6(struct sk_buff *skb, const struct ovs_key_ipv6 *ipv6_key) 424 + static int set_ipv6(struct sk_buff *skb, struct sw_flow_key *key, 425 + const struct ovs_key_ipv6 *ipv6_key) 441 426 { 442 427 struct ipv6hdr *nh; 443 428 int err; ··· 462 429 saddr = (__be32 *)&nh->saddr; 463 430 daddr = (__be32 *)&nh->daddr; 464 431 465 - if (memcmp(ipv6_key->ipv6_src, saddr, sizeof(ipv6_key->ipv6_src))) 432 + if (memcmp(ipv6_key->ipv6_src, saddr, sizeof(ipv6_key->ipv6_src))) { 466 433 set_ipv6_addr(skb, ipv6_key->ipv6_proto, saddr, 467 434 ipv6_key->ipv6_src, true); 435 + memcpy(&key->ipv6.addr.src, ipv6_key->ipv6_src, 436 + sizeof(ipv6_key->ipv6_src)); 437 + } 468 438 469 439 if (memcmp(ipv6_key->ipv6_dst, daddr, sizeof(ipv6_key->ipv6_dst))) { 470 440 unsigned int offset = 0; ··· 481 445 482 446 set_ipv6_addr(skb, ipv6_key->ipv6_proto, daddr, 483 447 ipv6_key->ipv6_dst, recalc_csum); 448 + memcpy(&key->ipv6.addr.dst, ipv6_key->ipv6_dst, 449 + sizeof(ipv6_key->ipv6_dst)); 484 450 } 485 451 486 452 set_ipv6_tc(nh, ipv6_key->ipv6_tclass); 487 - set_ipv6_fl(nh, ntohl(ipv6_key->ipv6_label)); 488 - nh->hop_limit = ipv6_key->ipv6_hlimit; 453 + key->ip.tos = ipv6_get_dsfield(nh); 489 454 455 + set_ipv6_fl(nh, ntohl(ipv6_key->ipv6_label)); 456 + key->ipv6.label = *(__be32 *)nh & htonl(IPV6_FLOWINFO_FLOWLABEL); 457 + 458 + nh->hop_limit = ipv6_key->ipv6_hlimit; 459 + key->ip.ttl = ipv6_key->ipv6_hlimit; 490 460 return 0; 491 461 } 492 462 ··· 520 478 } 521 479 } 522 480 523 - static int set_udp(struct sk_buff *skb, const struct ovs_key_udp *udp_port_key) 481 + static int set_udp(struct sk_buff *skb, struct sw_flow_key *key, 482 + const struct ovs_key_udp *udp_port_key) 524 483 { 525 484 struct udphdr *uh; 526 485 int err; ··· 532 489 return err; 533 490 534 491 uh = udp_hdr(skb); 535 - if (udp_port_key->udp_src != uh->source) 492 + if (udp_port_key->udp_src != uh->source) { 536 493 set_udp_port(skb, &uh->source, udp_port_key->udp_src); 494 + key->tp.src = udp_port_key->udp_src; 495 + } 537 496 538 - if (udp_port_key->udp_dst != uh->dest) 497 + if (udp_port_key->udp_dst != uh->dest) { 539 498 set_udp_port(skb, &uh->dest, udp_port_key->udp_dst); 499 + key->tp.dst = udp_port_key->udp_dst; 500 + } 540 501 541 502 return 0; 542 503 } 543 504 544 - static int set_tcp(struct sk_buff *skb, const struct ovs_key_tcp *tcp_port_key) 505 + static int set_tcp(struct sk_buff *skb, struct sw_flow_key *key, 506 + const struct ovs_key_tcp *tcp_port_key) 545 507 { 546 508 struct tcphdr *th; 547 509 int err; ··· 557 509 return err; 558 510 559 511 th = tcp_hdr(skb); 560 - if (tcp_port_key->tcp_src != th->source) 512 + if (tcp_port_key->tcp_src != th->source) { 561 513 set_tp_port(skb, &th->source, tcp_port_key->tcp_src, &th->check); 514 + key->tp.src = tcp_port_key->tcp_src; 515 + } 562 516 563 - if (tcp_port_key->tcp_dst != th->dest) 517 + if (tcp_port_key->tcp_dst != th->dest) { 564 518 set_tp_port(skb, &th->dest, tcp_port_key->tcp_dst, &th->check); 519 + key->tp.dst = tcp_port_key->tcp_dst; 520 + } 565 521 566 522 return 0; 567 523 } 568 524 569 - static int set_sctp(struct sk_buff *skb, 570 - const struct ovs_key_sctp *sctp_port_key) 525 + static int set_sctp(struct sk_buff *skb, struct sw_flow_key *key, 526 + const struct ovs_key_sctp *sctp_port_key) 571 527 { 572 528 struct sctphdr *sh; 573 529 int err; ··· 598 546 sh->checksum = old_csum ^ old_correct_csum ^ new_csum; 599 547 600 548 skb_clear_hash(skb); 549 + key->tp.src = sctp_port_key->sctp_src; 550 + key->tp.dst = sctp_port_key->sctp_dst; 601 551 } 602 552 603 553 return 0; ··· 618 564 static int output_userspace(struct datapath *dp, struct sk_buff *skb, 619 565 struct sw_flow_key *key, const struct nlattr *attr) 620 566 { 567 + struct ovs_tunnel_info info; 621 568 struct dp_upcall_info upcall; 622 569 const struct nlattr *a; 623 570 int rem; 624 571 625 572 upcall.cmd = OVS_PACKET_CMD_ACTION; 626 - upcall.key = key; 627 573 upcall.userdata = NULL; 628 574 upcall.portid = 0; 575 + upcall.egress_tun_info = NULL; 629 576 630 577 for (a = nla_data(attr), rem = nla_len(attr); rem > 0; 631 578 a = nla_next(a, &rem)) { ··· 638 583 case OVS_USERSPACE_ATTR_PID: 639 584 upcall.portid = nla_get_u32(a); 640 585 break; 586 + 587 + case OVS_USERSPACE_ATTR_EGRESS_TUN_PORT: { 588 + /* Get out tunnel info. */ 589 + struct vport *vport; 590 + 591 + vport = ovs_vport_rcu(dp, nla_get_u32(a)); 592 + if (vport) { 593 + int err; 594 + 595 + err = ovs_vport_get_egress_tun_info(vport, skb, 596 + &info); 597 + if (!err) 598 + upcall.egress_tun_info = &info; 599 + } 600 + break; 641 601 } 602 + 603 + } /* End of switch. */ 642 604 } 643 605 644 - return ovs_dp_upcall(dp, skb, &upcall); 606 + return ovs_dp_upcall(dp, skb, key, &upcall); 645 607 } 646 608 647 609 static int sample(struct datapath *dp, struct sk_buff *skb, ··· 728 656 key->ovs_flow_hash = hash; 729 657 } 730 658 731 - static int execute_set_action(struct sk_buff *skb, 732 - const struct nlattr *nested_attr) 659 + static int execute_set_action(struct sk_buff *skb, struct sw_flow_key *key, 660 + const struct nlattr *nested_attr) 733 661 { 734 662 int err = 0; 735 663 736 664 switch (nla_type(nested_attr)) { 737 665 case OVS_KEY_ATTR_PRIORITY: 738 666 skb->priority = nla_get_u32(nested_attr); 667 + key->phy.priority = skb->priority; 739 668 break; 740 669 741 670 case OVS_KEY_ATTR_SKB_MARK: 742 671 skb->mark = nla_get_u32(nested_attr); 672 + key->phy.skb_mark = skb->mark; 743 673 break; 744 674 745 675 case OVS_KEY_ATTR_TUNNEL_INFO: ··· 749 675 break; 750 676 751 677 case OVS_KEY_ATTR_ETHERNET: 752 - err = set_eth_addr(skb, nla_data(nested_attr)); 678 + err = set_eth_addr(skb, key, nla_data(nested_attr)); 753 679 break; 754 680 755 681 case OVS_KEY_ATTR_IPV4: 756 - err = set_ipv4(skb, nla_data(nested_attr)); 682 + err = set_ipv4(skb, key, nla_data(nested_attr)); 757 683 break; 758 684 759 685 case OVS_KEY_ATTR_IPV6: 760 - err = set_ipv6(skb, nla_data(nested_attr)); 686 + err = set_ipv6(skb, key, nla_data(nested_attr)); 761 687 break; 762 688 763 689 case OVS_KEY_ATTR_TCP: 764 - err = set_tcp(skb, nla_data(nested_attr)); 690 + err = set_tcp(skb, key, nla_data(nested_attr)); 765 691 break; 766 692 767 693 case OVS_KEY_ATTR_UDP: 768 - err = set_udp(skb, nla_data(nested_attr)); 694 + err = set_udp(skb, key, nla_data(nested_attr)); 769 695 break; 770 696 771 697 case OVS_KEY_ATTR_SCTP: 772 - err = set_sctp(skb, nla_data(nested_attr)); 698 + err = set_sctp(skb, key, nla_data(nested_attr)); 773 699 break; 774 700 775 701 case OVS_KEY_ATTR_MPLS: 776 - err = set_mpls(skb, nla_data(nested_attr)); 702 + err = set_mpls(skb, key, nla_data(nested_attr)); 777 703 break; 778 704 } 779 705 ··· 785 711 const struct nlattr *a, int rem) 786 712 { 787 713 struct deferred_action *da; 788 - int err; 789 714 790 - err = ovs_flow_key_update(skb, key); 791 - if (err) 792 - return err; 715 + if (!is_flow_key_valid(key)) { 716 + int err; 717 + 718 + err = ovs_flow_key_update(skb, key); 719 + if (err) 720 + return err; 721 + } 722 + BUG_ON(!is_flow_key_valid(key)); 793 723 794 724 if (!nla_is_last(a, rem)) { 795 725 /* Recirc action is the not the last action ··· 830 752 /* Every output action needs a separate clone of 'skb', but the common 831 753 * case is just a single output action, so that doing a clone and 832 754 * then freeing the original skbuff is wasteful. So the following code 833 - * is slightly obscure just to avoid that. */ 755 + * is slightly obscure just to avoid that. 756 + */ 834 757 int prev_port = -1; 835 758 const struct nlattr *a; 836 759 int rem; ··· 863 784 break; 864 785 865 786 case OVS_ACTION_ATTR_PUSH_MPLS: 866 - err = push_mpls(skb, nla_data(a)); 787 + err = push_mpls(skb, key, nla_data(a)); 867 788 break; 868 789 869 790 case OVS_ACTION_ATTR_POP_MPLS: 870 - err = pop_mpls(skb, nla_get_be16(a)); 791 + err = pop_mpls(skb, key, nla_get_be16(a)); 871 792 break; 872 793 873 794 case OVS_ACTION_ATTR_PUSH_VLAN: 874 - err = push_vlan(skb, nla_data(a)); 795 + err = push_vlan(skb, key, nla_data(a)); 875 796 if (unlikely(err)) /* skb already freed. */ 876 797 return err; 877 798 break; 878 799 879 800 case OVS_ACTION_ATTR_POP_VLAN: 880 - err = pop_vlan(skb); 801 + err = pop_vlan(skb, key); 881 802 break; 882 803 883 804 case OVS_ACTION_ATTR_RECIRC: ··· 892 813 break; 893 814 894 815 case OVS_ACTION_ATTR_SET: 895 - err = execute_set_action(skb, nla_data(a)); 816 + err = execute_set_action(skb, key, nla_data(a)); 896 817 break; 897 818 898 819 case OVS_ACTION_ATTR_SAMPLE: ··· 944 865 945 866 /* Execute a list of actions against 'skb'. */ 946 867 int ovs_execute_actions(struct datapath *dp, struct sk_buff *skb, 947 - struct sw_flow_actions *acts, struct sw_flow_key *key) 868 + const struct sw_flow_actions *acts, 869 + struct sw_flow_key *key) 948 870 { 949 871 int level = this_cpu_read(exec_actions_level); 950 872 int err;

+81 -48

net/openvswitch/datapath.c

··· 59 59 #include "vport-netdev.h" 60 60 61 61 int ovs_net_id __read_mostly; 62 - EXPORT_SYMBOL(ovs_net_id); 62 + EXPORT_SYMBOL_GPL(ovs_net_id); 63 63 64 64 static struct genl_family dp_packet_genl_family; 65 65 static struct genl_family dp_flow_genl_family; ··· 131 131 else 132 132 return 1; 133 133 } 134 - EXPORT_SYMBOL(lockdep_ovsl_is_held); 134 + EXPORT_SYMBOL_GPL(lockdep_ovsl_is_held); 135 135 #endif 136 136 137 137 static struct vport *new_vport(const struct vport_parms *); 138 138 static int queue_gso_packets(struct datapath *dp, struct sk_buff *, 139 + const struct sw_flow_key *, 139 140 const struct dp_upcall_info *); 140 141 static int queue_userspace_packet(struct datapath *dp, struct sk_buff *, 142 + const struct sw_flow_key *, 141 143 const struct dp_upcall_info *); 142 144 143 145 /* Must be called with rcu_read_lock. */ ··· 178 176 return vport->ops->get_name(vport); 179 177 } 180 178 181 - static int get_dpifindex(struct datapath *dp) 179 + static int get_dpifindex(const struct datapath *dp) 182 180 { 183 181 struct vport *local; 184 182 int ifindex; ··· 273 271 int error; 274 272 275 273 upcall.cmd = OVS_PACKET_CMD_MISS; 276 - upcall.key = key; 277 274 upcall.userdata = NULL; 278 275 upcall.portid = ovs_vport_find_upcall_portid(p, skb); 279 - error = ovs_dp_upcall(dp, skb, &upcall); 276 + upcall.egress_tun_info = NULL; 277 + error = ovs_dp_upcall(dp, skb, key, &upcall); 280 278 if (unlikely(error)) 281 279 kfree_skb(skb); 282 280 else ··· 300 298 } 301 299 302 300 int ovs_dp_upcall(struct datapath *dp, struct sk_buff *skb, 301 + const struct sw_flow_key *key, 303 302 const struct dp_upcall_info *upcall_info) 304 303 { 305 304 struct dp_stats_percpu *stats; ··· 312 309 } 313 310 314 311 if (!skb_is_gso(skb)) 315 - err = queue_userspace_packet(dp, skb, upcall_info); 312 + err = queue_userspace_packet(dp, skb, key, upcall_info); 316 313 else 317 - err = queue_gso_packets(dp, skb, upcall_info); 314 + err = queue_gso_packets(dp, skb, key, upcall_info); 318 315 if (err) 319 316 goto err; 320 317 ··· 331 328 } 332 329 333 330 static int queue_gso_packets(struct datapath *dp, struct sk_buff *skb, 331 + const struct sw_flow_key *key, 334 332 const struct dp_upcall_info *upcall_info) 335 333 { 336 334 unsigned short gso_type = skb_shinfo(skb)->gso_type; 337 - struct dp_upcall_info later_info; 338 335 struct sw_flow_key later_key; 339 336 struct sk_buff *segs, *nskb; 337 + struct ovs_skb_cb ovs_cb; 340 338 int err; 341 339 340 + ovs_cb = *OVS_CB(skb); 342 341 segs = __skb_gso_segment(skb, NETIF_F_SG, false); 342 + *OVS_CB(skb) = ovs_cb; 343 343 if (IS_ERR(segs)) 344 344 return PTR_ERR(segs); 345 345 if (segs == NULL) 346 346 return -EINVAL; 347 347 348 + if (gso_type & SKB_GSO_UDP) { 349 + /* The initial flow key extracted by ovs_flow_key_extract() 350 + * in this case is for a first fragment, so we need to 351 + * properly mark later fragments. 352 + */ 353 + later_key = *key; 354 + later_key.ip.frag = OVS_FRAG_TYPE_LATER; 355 + } 356 + 348 357 /* Queue all of the segments. */ 349 358 skb = segs; 350 359 do { 351 - err = queue_userspace_packet(dp, skb, upcall_info); 360 + *OVS_CB(skb) = ovs_cb; 361 + if (gso_type & SKB_GSO_UDP && skb != segs) 362 + key = &later_key; 363 + 364 + err = queue_userspace_packet(dp, skb, key, upcall_info); 352 365 if (err) 353 366 break; 354 367 355 - if (skb == segs && gso_type & SKB_GSO_UDP) { 356 - /* The initial flow key extracted by ovs_flow_extract() 357 - * in this case is for a first fragment, so we need to 358 - * properly mark later fragments. 359 - */ 360 - later_key = *upcall_info->key; 361 - later_key.ip.frag = OVS_FRAG_TYPE_LATER; 362 - 363 - later_info = *upcall_info; 364 - later_info.key = &later_key; 365 - upcall_info = &later_info; 366 - } 367 368 } while ((skb = skb->next)); 368 369 369 370 /* Free all of the segments. */ ··· 382 375 return err; 383 376 } 384 377 385 - static size_t upcall_msg_size(const struct nlattr *userdata, 378 + static size_t upcall_msg_size(const struct dp_upcall_info *upcall_info, 386 379 unsigned int hdrlen) 387 380 { 388 381 size_t size = NLMSG_ALIGN(sizeof(struct ovs_header)) ··· 390 383 + nla_total_size(ovs_key_attr_size()); /* OVS_PACKET_ATTR_KEY */ 391 384 392 385 /* OVS_PACKET_ATTR_USERDATA */ 393 - if (userdata) 394 - size += NLA_ALIGN(userdata->nla_len); 386 + if (upcall_info->userdata) 387 + size += NLA_ALIGN(upcall_info->userdata->nla_len); 388 + 389 + /* OVS_PACKET_ATTR_EGRESS_TUN_KEY */ 390 + if (upcall_info->egress_tun_info) 391 + size += nla_total_size(ovs_tun_key_attr_size()); 395 392 396 393 return size; 397 394 } 398 395 399 396 static int queue_userspace_packet(struct datapath *dp, struct sk_buff *skb, 397 + const struct sw_flow_key *key, 400 398 const struct dp_upcall_info *upcall_info) 401 399 { 402 400 struct ovs_header *upcall; ··· 452 440 else 453 441 hlen = skb->len; 454 442 455 - len = upcall_msg_size(upcall_info->userdata, hlen); 443 + len = upcall_msg_size(upcall_info, hlen); 456 444 user_skb = genlmsg_new_unicast(len, &info, GFP_ATOMIC); 457 445 if (!user_skb) { 458 446 err = -ENOMEM; ··· 464 452 upcall->dp_ifindex = dp_ifindex; 465 453 466 454 nla = nla_nest_start(user_skb, OVS_PACKET_ATTR_KEY); 467 - err = ovs_nla_put_flow(upcall_info->key, upcall_info->key, user_skb); 455 + err = ovs_nla_put_flow(key, key, user_skb); 468 456 BUG_ON(err); 469 457 nla_nest_end(user_skb, nla); 470 458 ··· 472 460 __nla_put(user_skb, OVS_PACKET_ATTR_USERDATA, 473 461 nla_len(upcall_info->userdata), 474 462 nla_data(upcall_info->userdata)); 463 + 464 + if (upcall_info->egress_tun_info) { 465 + nla = nla_nest_start(user_skb, OVS_PACKET_ATTR_EGRESS_TUN_KEY); 466 + err = ovs_nla_put_egress_tunnel_key(user_skb, 467 + upcall_info->egress_tun_info); 468 + BUG_ON(err); 469 + nla_nest_end(user_skb, nla); 470 + } 475 471 476 472 /* Only reserve room for attribute header, packet data is added 477 473 * in skb_zerocopy() */ ··· 526 506 struct vport *input_vport; 527 507 int len; 528 508 int err; 509 + bool log = !a[OVS_FLOW_ATTR_PROBE]; 529 510 530 511 err = -EINVAL; 531 512 if (!a[OVS_PACKET_ATTR_PACKET] || !a[OVS_PACKET_ATTR_KEY] || ··· 560 539 goto err_kfree_skb; 561 540 562 541 err = ovs_flow_key_extract_userspace(a[OVS_PACKET_ATTR_KEY], packet, 563 - &flow->key); 542 + &flow->key, log); 564 543 if (err) 565 544 goto err_flow_free; 566 545 567 546 err = ovs_nla_copy_actions(a[OVS_PACKET_ATTR_ACTIONS], 568 - &flow->key, &acts); 547 + &flow->key, &acts, log); 569 548 if (err) 570 549 goto err_flow_free; 571 550 ··· 634 613 .n_ops = ARRAY_SIZE(dp_packet_genl_ops), 635 614 }; 636 615 637 - static void get_dp_stats(struct datapath *dp, struct ovs_dp_stats *stats, 616 + static void get_dp_stats(const struct datapath *dp, struct ovs_dp_stats *stats, 638 617 struct ovs_dp_megaflow_stats *mega_stats) 639 618 { 640 619 int i; ··· 856 835 struct sw_flow_actions *acts; 857 836 struct sw_flow_match match; 858 837 int error; 838 + bool log = !a[OVS_FLOW_ATTR_PROBE]; 859 839 860 840 /* Must have key and actions. */ 861 841 error = -EINVAL; 862 842 if (!a[OVS_FLOW_ATTR_KEY]) { 863 - OVS_NLERR("Flow key attribute not present in new flow.\n"); 843 + OVS_NLERR(log, "Flow key attr not present in new flow."); 864 844 goto error; 865 845 } 866 846 if (!a[OVS_FLOW_ATTR_ACTIONS]) { 867 - OVS_NLERR("Flow actions attribute not present in new flow.\n"); 847 + OVS_NLERR(log, "Flow actions attr not present in new flow."); 868 848 goto error; 869 849 } 870 850 ··· 880 858 881 859 /* Extract key. */ 882 860 ovs_match_init(&match, &new_flow->unmasked_key, &mask); 883 - error = ovs_nla_get_match(&match, 884 - a[OVS_FLOW_ATTR_KEY], a[OVS_FLOW_ATTR_MASK]); 861 + error = ovs_nla_get_match(&match, a[OVS_FLOW_ATTR_KEY], 862 + a[OVS_FLOW_ATTR_MASK], log); 885 863 if (error) 886 864 goto err_kfree_flow; 887 865 ··· 889 867 890 868 /* Validate actions. */ 891 869 error = ovs_nla_copy_actions(a[OVS_FLOW_ATTR_ACTIONS], &new_flow->key, 892 - &acts); 870 + &acts, log); 893 871 if (error) { 894 - OVS_NLERR("Flow actions may not be safe on all matching packets.\n"); 872 + OVS_NLERR(log, "Flow actions may not be safe on all matching packets."); 895 873 goto err_kfree_flow; 896 874 } 897 875 ··· 944 922 } 945 923 /* The unmasked key has to be the same for flow updates. */ 946 924 if (unlikely(!ovs_flow_cmp_unmasked_key(flow, &match))) { 925 + /* Look for any overlapping flow. */ 947 926 flow = ovs_flow_tbl_lookup_exact(&dp->table, &match); 948 927 if (!flow) { 949 928 error = -ENOENT; ··· 987 964 /* Factor out action copy to avoid "Wframe-larger-than=1024" warning. */ 988 965 static struct sw_flow_actions *get_flow_actions(const struct nlattr *a, 989 966 const struct sw_flow_key *key, 990 - const struct sw_flow_mask *mask) 967 + const struct sw_flow_mask *mask, 968 + bool log) 991 969 { 992 970 struct sw_flow_actions *acts; 993 971 struct sw_flow_key masked_key; 994 972 int error; 995 973 996 974 ovs_flow_mask_key(&masked_key, key, mask); 997 - error = ovs_nla_copy_actions(a, &masked_key, &acts); 975 + error = ovs_nla_copy_actions(a, &masked_key, &acts, log); 998 976 if (error) { 999 - OVS_NLERR("Actions may not be safe on all matching packets.\n"); 977 + OVS_NLERR(log, 978 + "Actions may not be safe on all matching packets"); 1000 979 return ERR_PTR(error); 1001 980 } 1002 981 ··· 1017 992 struct sw_flow_actions *old_acts = NULL, *acts = NULL; 1018 993 struct sw_flow_match match; 1019 994 int error; 995 + bool log = !a[OVS_FLOW_ATTR_PROBE]; 1020 996 1021 997 /* Extract key. */ 1022 998 error = -EINVAL; 1023 999 if (!a[OVS_FLOW_ATTR_KEY]) { 1024 - OVS_NLERR("Flow key attribute not present in set flow.\n"); 1000 + OVS_NLERR(log, "Flow key attribute not present in set flow."); 1025 1001 goto error; 1026 1002 } 1027 1003 1028 1004 ovs_match_init(&match, &key, &mask); 1029 - error = ovs_nla_get_match(&match, 1030 - a[OVS_FLOW_ATTR_KEY], a[OVS_FLOW_ATTR_MASK]); 1005 + error = ovs_nla_get_match(&match, a[OVS_FLOW_ATTR_KEY], 1006 + a[OVS_FLOW_ATTR_MASK], log); 1031 1007 if (error) 1032 1008 goto error; 1033 1009 1034 1010 /* Validate actions. */ 1035 1011 if (a[OVS_FLOW_ATTR_ACTIONS]) { 1036 - acts = get_flow_actions(a[OVS_FLOW_ATTR_ACTIONS], &key, &mask); 1012 + acts = get_flow_actions(a[OVS_FLOW_ATTR_ACTIONS], &key, &mask, 1013 + log); 1037 1014 if (IS_ERR(acts)) { 1038 1015 error = PTR_ERR(acts); 1039 1016 goto error; ··· 1116 1089 struct datapath *dp; 1117 1090 struct sw_flow_match match; 1118 1091 int err; 1092 + bool log = !a[OVS_FLOW_ATTR_PROBE]; 1119 1093 1120 1094 if (!a[OVS_FLOW_ATTR_KEY]) { 1121 - OVS_NLERR("Flow get message rejected, Key attribute missing.\n"); 1095 + OVS_NLERR(log, 1096 + "Flow get message rejected, Key attribute missing."); 1122 1097 return -EINVAL; 1123 1098 } 1124 1099 1125 1100 ovs_match_init(&match, &key, NULL); 1126 - err = ovs_nla_get_match(&match, a[OVS_FLOW_ATTR_KEY], NULL); 1101 + err = ovs_nla_get_match(&match, a[OVS_FLOW_ATTR_KEY], NULL, log); 1127 1102 if (err) 1128 1103 return err; 1129 1104 ··· 1166 1137 struct datapath *dp; 1167 1138 struct sw_flow_match match; 1168 1139 int err; 1140 + bool log = !a[OVS_FLOW_ATTR_PROBE]; 1169 1141 1170 1142 if (likely(a[OVS_FLOW_ATTR_KEY])) { 1171 1143 ovs_match_init(&match, &key, NULL); 1172 - err = ovs_nla_get_match(&match, a[OVS_FLOW_ATTR_KEY], NULL); 1144 + err = ovs_nla_get_match(&match, a[OVS_FLOW_ATTR_KEY], NULL, 1145 + log); 1173 1146 if (unlikely(err)) 1174 1147 return err; 1175 1148 } ··· 1261 1230 1262 1231 static const struct nla_policy flow_policy[OVS_FLOW_ATTR_MAX + 1] = { 1263 1232 [OVS_FLOW_ATTR_KEY] = { .type = NLA_NESTED }, 1233 + [OVS_FLOW_ATTR_MASK] = { .type = NLA_NESTED }, 1264 1234 [OVS_FLOW_ATTR_ACTIONS] = { .type = NLA_NESTED }, 1265 1235 [OVS_FLOW_ATTR_CLEAR] = { .type = NLA_FLAG }, 1236 + [OVS_FLOW_ATTR_PROBE] = { .type = NLA_FLAG }, 1266 1237 }; 1267 1238 1268 1239 static const struct genl_ops dp_flow_genl_ops[] = { ··· 1365 1332 1366 1333 /* Called with rcu_read_lock or ovs_mutex. */ 1367 1334 static struct datapath *lookup_datapath(struct net *net, 1368 - struct ovs_header *ovs_header, 1335 + const struct ovs_header *ovs_header, 1369 1336 struct nlattr *a[OVS_DP_ATTR_MAX + 1]) 1370 1337 { 1371 1338 struct datapath *dp; ··· 1393 1360 dp->user_features = 0; 1394 1361 } 1395 1362 1396 - static void ovs_dp_change(struct datapath *dp, struct nlattr **a) 1363 + static void ovs_dp_change(struct datapath *dp, struct nlattr *a[]) 1397 1364 { 1398 1365 if (a[OVS_DP_ATTR_USER_FEATURES]) 1399 1366 dp->user_features = nla_get_u32(a[OVS_DP_ATTR_USER_FEATURES]); ··· 1757 1724 1758 1725 /* Called with ovs_mutex or RCU read lock. */ 1759 1726 static struct vport *lookup_vport(struct net *net, 1760 - struct ovs_header *ovs_header, 1727 + const struct ovs_header *ovs_header, 1761 1728 struct nlattr *a[OVS_VPORT_ATTR_MAX + 1]) 1762 1729 { 1763 1730 struct datapath *dp;

+11 -11

net/openvswitch/datapath.h

··· 108 108 /** 109 109 * struct dp_upcall - metadata to include with a packet to send to userspace 110 110 * @cmd: One of %OVS_PACKET_CMD_*. 111 - * @key: Becomes %OVS_PACKET_ATTR_KEY. Must be nonnull. 112 111 * @userdata: If nonnull, its variable-length value is passed to userspace as 113 112 * %OVS_PACKET_ATTR_USERDATA. 114 - * @pid: Netlink PID to which packet should be sent. If @pid is 0 then no 115 - * packet is sent and the packet is accounted in the datapath's @n_lost 113 + * @portid: Netlink portid to which packet should be sent. If @portid is 0 114 + * then no packet is sent and the packet is accounted in the datapath's @n_lost 116 115 * counter. 116 + * @egress_tun_info: If nonnull, becomes %OVS_PACKET_ATTR_EGRESS_TUN_KEY. 117 117 */ 118 118 struct dp_upcall_info { 119 - u8 cmd; 120 - const struct sw_flow_key *key; 119 + const struct ovs_tunnel_info *egress_tun_info; 121 120 const struct nlattr *userdata; 122 121 u32 portid; 122 + u8 cmd; 123 123 }; 124 124 125 125 /** ··· 149 149 #define rcu_dereference_ovsl(p) \ 150 150 rcu_dereference_check(p, lockdep_ovsl_is_held()) 151 151 152 - static inline struct net *ovs_dp_get_net(struct datapath *dp) 152 + static inline struct net *ovs_dp_get_net(const struct datapath *dp) 153 153 { 154 154 return read_pnet(&dp->net); 155 155 } ··· 185 185 void ovs_dp_process_packet(struct sk_buff *skb, struct sw_flow_key *key); 186 186 void ovs_dp_detach_port(struct vport *); 187 187 int ovs_dp_upcall(struct datapath *, struct sk_buff *, 188 - const struct dp_upcall_info *); 188 + const struct sw_flow_key *, const struct dp_upcall_info *); 189 189 190 190 const char *ovs_dp_name(const struct datapath *dp); 191 191 struct sk_buff *ovs_vport_cmd_build_info(struct vport *, u32 pid, u32 seq, 192 192 u8 cmd); 193 193 194 194 int ovs_execute_actions(struct datapath *dp, struct sk_buff *skb, 195 - struct sw_flow_actions *acts, struct sw_flow_key *); 195 + const struct sw_flow_actions *, struct sw_flow_key *); 196 196 197 197 void ovs_dp_notify_wq(struct work_struct *work); 198 198 199 199 int action_fifos_init(void); 200 200 void action_fifos_exit(void); 201 201 202 - #define OVS_NLERR(fmt, ...) \ 202 + #define OVS_NLERR(logging_allowed, fmt, ...) \ 203 203 do { \ 204 - if (net_ratelimit()) \ 205 - pr_info("netlink: " fmt, ##__VA_ARGS__); \ 204 + if (logging_allowed && net_ratelimit()) \ 205 + pr_info("netlink: " fmt "\n", ##__VA_ARGS__); \ 206 206 } while (0) 207 207 #endif /* datapath.h */

+4 -4

net/openvswitch/flow.c

··· 66 66 #define TCP_FLAGS_BE16(tp) (*(__be16 *)&tcp_flag_word(tp) & htons(0x0FFF)) 67 67 68 68 void ovs_flow_stats_update(struct sw_flow *flow, __be16 tcp_flags, 69 - struct sk_buff *skb) 69 + const struct sk_buff *skb) 70 70 { 71 71 struct flow_stats *stats; 72 72 int node = numa_node_id(); ··· 679 679 return key_extract(skb, key); 680 680 } 681 681 682 - int ovs_flow_key_extract(struct ovs_tunnel_info *tun_info, 682 + int ovs_flow_key_extract(const struct ovs_tunnel_info *tun_info, 683 683 struct sk_buff *skb, struct sw_flow_key *key) 684 684 { 685 685 /* Extract metadata from packet. */ ··· 712 712 713 713 int ovs_flow_key_extract_userspace(const struct nlattr *attr, 714 714 struct sk_buff *skb, 715 - struct sw_flow_key *key) 715 + struct sw_flow_key *key, bool log) 716 716 { 717 717 int err; 718 718 719 719 /* Extract metadata from netlink attributes. */ 720 - err = ovs_nla_get_flow_metadata(attr, key); 720 + err = ovs_nla_get_flow_metadata(attr, key, log); 721 721 if (err) 722 722 return err; 723 723

+53 -18

net/openvswitch/flow.h

··· 37 37 38 38 /* Used to memset ovs_key_ipv4_tunnel padding. */ 39 39 #define OVS_TUNNEL_KEY_SIZE \ 40 - (offsetof(struct ovs_key_ipv4_tunnel, ipv4_ttl) + \ 41 - FIELD_SIZEOF(struct ovs_key_ipv4_tunnel, ipv4_ttl)) 40 + (offsetof(struct ovs_key_ipv4_tunnel, tp_dst) + \ 41 + FIELD_SIZEOF(struct ovs_key_ipv4_tunnel, tp_dst)) 42 42 43 43 struct ovs_key_ipv4_tunnel { 44 44 __be64 tun_id; ··· 47 47 __be16 tun_flags; 48 48 u8 ipv4_tos; 49 49 u8 ipv4_ttl; 50 + __be16 tp_src; 51 + __be16 tp_dst; 50 52 } __packed __aligned(4); /* Minimize padding. */ 51 53 52 54 struct ovs_tunnel_info { 53 55 struct ovs_key_ipv4_tunnel tunnel; 54 - struct geneve_opt *options; 56 + const struct geneve_opt *options; 55 57 u8 options_len; 56 58 }; 57 59 ··· 66 64 FIELD_SIZEOF(struct sw_flow_key, tun_opts) - \ 67 65 opt_len)) 68 66 69 - static inline void ovs_flow_tun_info_init(struct ovs_tunnel_info *tun_info, 70 - const struct iphdr *iph, 71 - __be64 tun_id, __be16 tun_flags, 72 - struct geneve_opt *opts, 73 - u8 opts_len) 67 + static inline void __ovs_flow_tun_info_init(struct ovs_tunnel_info *tun_info, 68 + __be32 saddr, __be32 daddr, 69 + u8 tos, u8 ttl, 70 + __be16 tp_src, 71 + __be16 tp_dst, 72 + __be64 tun_id, 73 + __be16 tun_flags, 74 + const struct geneve_opt *opts, 75 + u8 opts_len) 74 76 { 75 77 tun_info->tunnel.tun_id = tun_id; 76 - tun_info->tunnel.ipv4_src = iph->saddr; 77 - tun_info->tunnel.ipv4_dst = iph->daddr; 78 - tun_info->tunnel.ipv4_tos = iph->tos; 79 - tun_info->tunnel.ipv4_ttl = iph->ttl; 78 + tun_info->tunnel.ipv4_src = saddr; 79 + tun_info->tunnel.ipv4_dst = daddr; 80 + tun_info->tunnel.ipv4_tos = tos; 81 + tun_info->tunnel.ipv4_ttl = ttl; 80 82 tun_info->tunnel.tun_flags = tun_flags; 81 83 82 - /* clear struct padding. */ 83 - memset((unsigned char *)&tun_info->tunnel + OVS_TUNNEL_KEY_SIZE, 0, 84 - sizeof(tun_info->tunnel) - OVS_TUNNEL_KEY_SIZE); 84 + /* For the tunnel types on the top of IPsec, the tp_src and tp_dst of 85 + * the upper tunnel are used. 86 + * E.g: GRE over IPSEC, the tp_src and tp_port are zero. 87 + */ 88 + tun_info->tunnel.tp_src = tp_src; 89 + tun_info->tunnel.tp_dst = tp_dst; 90 + 91 + /* Clear struct padding. */ 92 + if (sizeof(tun_info->tunnel) != OVS_TUNNEL_KEY_SIZE) 93 + memset((unsigned char *)&tun_info->tunnel + OVS_TUNNEL_KEY_SIZE, 94 + 0, sizeof(tun_info->tunnel) - OVS_TUNNEL_KEY_SIZE); 85 95 86 96 tun_info->options = opts; 87 97 tun_info->options_len = opts_len; 88 98 } 99 + 100 + static inline void ovs_flow_tun_info_init(struct ovs_tunnel_info *tun_info, 101 + const struct iphdr *iph, 102 + __be16 tp_src, 103 + __be16 tp_dst, 104 + __be64 tun_id, 105 + __be16 tun_flags, 106 + const struct geneve_opt *opts, 107 + u8 opts_len) 108 + { 109 + __ovs_flow_tun_info_init(tun_info, iph->saddr, iph->daddr, 110 + iph->tos, iph->ttl, 111 + tp_src, tp_dst, 112 + tun_id, tun_flags, 113 + opts, opts_len); 114 + } 115 + 116 + #define OVS_SW_FLOW_KEY_METADATA_SIZE \ 117 + (offsetof(struct sw_flow_key, recirc_id) + \ 118 + FIELD_SIZEOF(struct sw_flow_key, recirc_id)) 89 119 90 120 struct sw_flow_key { 91 121 u8 tun_opts[255]; ··· 244 210 } __packed; 245 211 246 212 void ovs_flow_stats_update(struct sw_flow *, __be16 tcp_flags, 247 - struct sk_buff *); 213 + const struct sk_buff *); 248 214 void ovs_flow_stats_get(const struct sw_flow *, struct ovs_flow_stats *, 249 215 unsigned long *used, __be16 *tcp_flags); 250 216 void ovs_flow_stats_clear(struct sw_flow *); 251 217 u64 ovs_flow_used_time(unsigned long flow_jiffies); 252 218 253 219 int ovs_flow_key_update(struct sk_buff *skb, struct sw_flow_key *key); 254 - int ovs_flow_key_extract(struct ovs_tunnel_info *tun_info, struct sk_buff *skb, 220 + int ovs_flow_key_extract(const struct ovs_tunnel_info *tun_info, 221 + struct sk_buff *skb, 255 222 struct sw_flow_key *key); 256 223 /* Extract key from packet coming from userspace. */ 257 224 int ovs_flow_key_extract_userspace(const struct nlattr *attr, 258 225 struct sk_buff *skb, 259 - struct sw_flow_key *key); 226 + struct sw_flow_key *key, bool log); 260 227 261 228 #endif /* flow.h */

+208 -149

net/openvswitch/flow_netlink.c

··· 112 112 } while (0) 113 113 114 114 static bool match_validate(const struct sw_flow_match *match, 115 - u64 key_attrs, u64 mask_attrs) 115 + u64 key_attrs, u64 mask_attrs, bool log) 116 116 { 117 117 u64 key_expected = 1 << OVS_KEY_ATTR_ETHERNET; 118 118 u64 mask_allowed = key_attrs; /* At most allow all key attributes */ ··· 230 230 231 231 if ((key_attrs & key_expected) != key_expected) { 232 232 /* Key attributes check failed. */ 233 - OVS_NLERR("Missing expected key attributes (key_attrs=%llx, expected=%llx).\n", 234 - (unsigned long long)key_attrs, (unsigned long long)key_expected); 233 + OVS_NLERR(log, "Missing key (keys=%llx, expected=%llx)", 234 + (unsigned long long)key_attrs, 235 + (unsigned long long)key_expected); 235 236 return false; 236 237 } 237 238 238 239 if ((mask_attrs & mask_allowed) != mask_attrs) { 239 240 /* Mask attributes check failed. */ 240 - OVS_NLERR("Contain more than allowed mask fields (mask_attrs=%llx, mask_allowed=%llx).\n", 241 - (unsigned long long)mask_attrs, (unsigned long long)mask_allowed); 241 + OVS_NLERR(log, "Unexpected mask (mask=%llx, allowed=%llx)", 242 + (unsigned long long)mask_attrs, 243 + (unsigned long long)mask_allowed); 242 244 return false; 243 245 } 244 246 245 247 return true; 248 + } 249 + 250 + size_t ovs_tun_key_attr_size(void) 251 + { 252 + /* Whenever adding new OVS_TUNNEL_KEY_ FIELDS, we should consider 253 + * updating this function. 254 + */ 255 + return nla_total_size(8) /* OVS_TUNNEL_KEY_ATTR_ID */ 256 + + nla_total_size(4) /* OVS_TUNNEL_KEY_ATTR_IPV4_SRC */ 257 + + nla_total_size(4) /* OVS_TUNNEL_KEY_ATTR_IPV4_DST */ 258 + + nla_total_size(1) /* OVS_TUNNEL_KEY_ATTR_TOS */ 259 + + nla_total_size(1) /* OVS_TUNNEL_KEY_ATTR_TTL */ 260 + + nla_total_size(0) /* OVS_TUNNEL_KEY_ATTR_DONT_FRAGMENT */ 261 + + nla_total_size(0) /* OVS_TUNNEL_KEY_ATTR_CSUM */ 262 + + nla_total_size(0) /* OVS_TUNNEL_KEY_ATTR_OAM */ 263 + + nla_total_size(256) /* OVS_TUNNEL_KEY_ATTR_GENEVE_OPTS */ 264 + + nla_total_size(2) /* OVS_TUNNEL_KEY_ATTR_TP_SRC */ 265 + + nla_total_size(2); /* OVS_TUNNEL_KEY_ATTR_TP_DST */ 246 266 } 247 267 248 268 size_t ovs_key_attr_size(void) ··· 274 254 275 255 return nla_total_size(4) /* OVS_KEY_ATTR_PRIORITY */ 276 256 + nla_total_size(0) /* OVS_KEY_ATTR_TUNNEL */ 277 - + nla_total_size(8) /* OVS_TUNNEL_KEY_ATTR_ID */ 278 - + nla_total_size(4) /* OVS_TUNNEL_KEY_ATTR_IPV4_SRC */ 279 - + nla_total_size(4) /* OVS_TUNNEL_KEY_ATTR_IPV4_DST */ 280 - + nla_total_size(1) /* OVS_TUNNEL_KEY_ATTR_TOS */ 281 - + nla_total_size(1) /* OVS_TUNNEL_KEY_ATTR_TTL */ 282 - + nla_total_size(0) /* OVS_TUNNEL_KEY_ATTR_DONT_FRAGMENT */ 283 - + nla_total_size(0) /* OVS_TUNNEL_KEY_ATTR_CSUM */ 284 - + nla_total_size(0) /* OVS_TUNNEL_KEY_ATTR_OAM */ 285 - + nla_total_size(256) /* OVS_TUNNEL_KEY_ATTR_GENEVE_OPTS */ 257 + + ovs_tun_key_attr_size() 286 258 + nla_total_size(4) /* OVS_KEY_ATTR_IN_PORT */ 287 259 + nla_total_size(4) /* OVS_KEY_ATTR_SKB_MARK */ 288 260 + nla_total_size(4) /* OVS_KEY_ATTR_DP_HASH */ ··· 330 318 331 319 static int __parse_flow_nlattrs(const struct nlattr *attr, 332 320 const struct nlattr *a[], 333 - u64 *attrsp, bool nz) 321 + u64 *attrsp, bool log, bool nz) 334 322 { 335 323 const struct nlattr *nla; 336 324 u64 attrs; ··· 342 330 int expected_len; 343 331 344 332 if (type > OVS_KEY_ATTR_MAX) { 345 - OVS_NLERR("Unknown key attribute (type=%d, max=%d).\n", 333 + OVS_NLERR(log, "Key type %d is out of range max %d", 346 334 type, OVS_KEY_ATTR_MAX); 347 335 return -EINVAL; 348 336 } 349 337 350 338 if (attrs & (1 << type)) { 351 - OVS_NLERR("Duplicate key attribute (type %d).\n", type); 339 + OVS_NLERR(log, "Duplicate key (type %d).", type); 352 340 return -EINVAL; 353 341 } 354 342 355 343 expected_len = ovs_key_lens[type]; 356 344 if (nla_len(nla) != expected_len && expected_len != -1) { 357 - OVS_NLERR("Key attribute has unexpected length (type=%d" 358 - ", length=%d, expected=%d).\n", type, 359 - nla_len(nla), expected_len); 345 + OVS_NLERR(log, "Key %d has unexpected len %d expected %d", 346 + type, nla_len(nla), expected_len); 360 347 return -EINVAL; 361 348 } 362 349 ··· 365 354 } 366 355 } 367 356 if (rem) { 368 - OVS_NLERR("Message has %d unknown bytes.\n", rem); 357 + OVS_NLERR(log, "Message has %d unknown bytes.", rem); 369 358 return -EINVAL; 370 359 } 371 360 ··· 374 363 } 375 364 376 365 static int parse_flow_mask_nlattrs(const struct nlattr *attr, 377 - const struct nlattr *a[], u64 *attrsp) 366 + const struct nlattr *a[], u64 *attrsp, 367 + bool log) 378 368 { 379 - return __parse_flow_nlattrs(attr, a, attrsp, true); 369 + return __parse_flow_nlattrs(attr, a, attrsp, log, true); 380 370 } 381 371 382 372 static int parse_flow_nlattrs(const struct nlattr *attr, 383 - const struct nlattr *a[], u64 *attrsp) 373 + const struct nlattr *a[], u64 *attrsp, 374 + bool log) 384 375 { 385 - return __parse_flow_nlattrs(attr, a, attrsp, false); 376 + return __parse_flow_nlattrs(attr, a, attrsp, log, false); 377 + } 378 + 379 + static int genev_tun_opt_from_nlattr(const struct nlattr *a, 380 + struct sw_flow_match *match, bool is_mask, 381 + bool log) 382 + { 383 + unsigned long opt_key_offset; 384 + 385 + if (nla_len(a) > sizeof(match->key->tun_opts)) { 386 + OVS_NLERR(log, "Geneve option length err (len %d, max %zu).", 387 + nla_len(a), sizeof(match->key->tun_opts)); 388 + return -EINVAL; 389 + } 390 + 391 + if (nla_len(a) % 4 != 0) { 392 + OVS_NLERR(log, "Geneve opt len %d is not a multiple of 4.", 393 + nla_len(a)); 394 + return -EINVAL; 395 + } 396 + 397 + /* We need to record the length of the options passed 398 + * down, otherwise packets with the same format but 399 + * additional options will be silently matched. 400 + */ 401 + if (!is_mask) { 402 + SW_FLOW_KEY_PUT(match, tun_opts_len, nla_len(a), 403 + false); 404 + } else { 405 + /* This is somewhat unusual because it looks at 406 + * both the key and mask while parsing the 407 + * attributes (and by extension assumes the key 408 + * is parsed first). Normally, we would verify 409 + * that each is the correct length and that the 410 + * attributes line up in the validate function. 411 + * However, that is difficult because this is 412 + * variable length and we won't have the 413 + * information later. 414 + */ 415 + if (match->key->tun_opts_len != nla_len(a)) { 416 + OVS_NLERR(log, "Geneve option len %d != mask len %d", 417 + match->key->tun_opts_len, nla_len(a)); 418 + return -EINVAL; 419 + } 420 + 421 + SW_FLOW_KEY_PUT(match, tun_opts_len, 0xff, true); 422 + } 423 + 424 + opt_key_offset = (unsigned long)GENEVE_OPTS((struct sw_flow_key *)0, 425 + nla_len(a)); 426 + SW_FLOW_KEY_MEMCPY_OFFSET(match, opt_key_offset, nla_data(a), 427 + nla_len(a), is_mask); 428 + return 0; 386 429 } 387 430 388 431 static int ipv4_tun_from_nlattr(const struct nlattr *attr, 389 - struct sw_flow_match *match, bool is_mask) 432 + struct sw_flow_match *match, bool is_mask, 433 + bool log) 390 434 { 391 435 struct nlattr *a; 392 436 int rem; 393 437 bool ttl = false; 394 438 __be16 tun_flags = 0; 395 - unsigned long opt_key_offset; 396 439 397 440 nla_for_each_nested(a, attr, rem) { 398 441 int type = nla_type(a); 442 + int err; 443 + 399 444 static const u32 ovs_tunnel_key_lens[OVS_TUNNEL_KEY_ATTR_MAX + 1] = { 400 445 [OVS_TUNNEL_KEY_ATTR_ID] = sizeof(u64), 401 446 [OVS_TUNNEL_KEY_ATTR_IPV4_SRC] = sizeof(u32), ··· 460 393 [OVS_TUNNEL_KEY_ATTR_TTL] = 1, 461 394 [OVS_TUNNEL_KEY_ATTR_DONT_FRAGMENT] = 0, 462 395 [OVS_TUNNEL_KEY_ATTR_CSUM] = 0, 396 + [OVS_TUNNEL_KEY_ATTR_TP_SRC] = sizeof(u16), 397 + [OVS_TUNNEL_KEY_ATTR_TP_DST] = sizeof(u16), 463 398 [OVS_TUNNEL_KEY_ATTR_OAM] = 0, 464 399 [OVS_TUNNEL_KEY_ATTR_GENEVE_OPTS] = -1, 465 400 }; 466 401 467 402 if (type > OVS_TUNNEL_KEY_ATTR_MAX) { 468 - OVS_NLERR("Unknown IPv4 tunnel attribute (type=%d, max=%d).\n", 469 - type, OVS_TUNNEL_KEY_ATTR_MAX); 403 + OVS_NLERR(log, "Tunnel attr %d out of range max %d", 404 + type, OVS_TUNNEL_KEY_ATTR_MAX); 470 405 return -EINVAL; 471 406 } 472 407 473 408 if (ovs_tunnel_key_lens[type] != nla_len(a) && 474 409 ovs_tunnel_key_lens[type] != -1) { 475 - OVS_NLERR("IPv4 tunnel attribute type has unexpected " 476 - " length (type=%d, length=%d, expected=%d).\n", 410 + OVS_NLERR(log, "Tunnel attr %d has unexpected len %d expected %d", 477 411 type, nla_len(a), ovs_tunnel_key_lens[type]); 478 412 return -EINVAL; 479 413 } ··· 508 440 case OVS_TUNNEL_KEY_ATTR_CSUM: 509 441 tun_flags |= TUNNEL_CSUM; 510 442 break; 443 + case OVS_TUNNEL_KEY_ATTR_TP_SRC: 444 + SW_FLOW_KEY_PUT(match, tun_key.tp_src, 445 + nla_get_be16(a), is_mask); 446 + break; 447 + case OVS_TUNNEL_KEY_ATTR_TP_DST: 448 + SW_FLOW_KEY_PUT(match, tun_key.tp_dst, 449 + nla_get_be16(a), is_mask); 450 + break; 511 451 case OVS_TUNNEL_KEY_ATTR_OAM: 512 452 tun_flags |= TUNNEL_OAM; 513 453 break; 514 454 case OVS_TUNNEL_KEY_ATTR_GENEVE_OPTS: 455 + err = genev_tun_opt_from_nlattr(a, match, is_mask, log); 456 + if (err) 457 + return err; 458 + 515 459 tun_flags |= TUNNEL_OPTIONS_PRESENT; 516 - if (nla_len(a) > sizeof(match->key->tun_opts)) { 517 - OVS_NLERR("Geneve option length exceeds maximum size (len %d, max %zu).\n", 518 - nla_len(a), 519 - sizeof(match->key->tun_opts)); 520 - return -EINVAL; 521 - } 522 - 523 - if (nla_len(a) % 4 != 0) { 524 - OVS_NLERR("Geneve option length is not a multiple of 4 (len %d).\n", 525 - nla_len(a)); 526 - return -EINVAL; 527 - } 528 - 529 - /* We need to record the length of the options passed 530 - * down, otherwise packets with the same format but 531 - * additional options will be silently matched. 532 - */ 533 - if (!is_mask) { 534 - SW_FLOW_KEY_PUT(match, tun_opts_len, nla_len(a), 535 - false); 536 - } else { 537 - /* This is somewhat unusual because it looks at 538 - * both the key and mask while parsing the 539 - * attributes (and by extension assumes the key 540 - * is parsed first). Normally, we would verify 541 - * that each is the correct length and that the 542 - * attributes line up in the validate function. 543 - * However, that is difficult because this is 544 - * variable length and we won't have the 545 - * information later. 546 - */ 547 - if (match->key->tun_opts_len != nla_len(a)) { 548 - OVS_NLERR("Geneve option key length (%d) is different from mask length (%d).", 549 - match->key->tun_opts_len, 550 - nla_len(a)); 551 - return -EINVAL; 552 - } 553 - 554 - SW_FLOW_KEY_PUT(match, tun_opts_len, 0xff, 555 - true); 556 - } 557 - 558 - opt_key_offset = (unsigned long)GENEVE_OPTS( 559 - (struct sw_flow_key *)0, 560 - nla_len(a)); 561 - SW_FLOW_KEY_MEMCPY_OFFSET(match, opt_key_offset, 562 - nla_data(a), nla_len(a), 563 - is_mask); 564 460 break; 565 461 default: 566 - OVS_NLERR("Unknown IPv4 tunnel attribute (%d).\n", 462 + OVS_NLERR(log, "Unknown IPv4 tunnel attribute %d", 567 463 type); 568 464 return -EINVAL; 569 465 } ··· 536 504 SW_FLOW_KEY_PUT(match, tun_key.tun_flags, tun_flags, is_mask); 537 505 538 506 if (rem > 0) { 539 - OVS_NLERR("IPv4 tunnel attribute has %d unknown bytes.\n", rem); 507 + OVS_NLERR(log, "IPv4 tunnel attribute has %d unknown bytes.", 508 + rem); 540 509 return -EINVAL; 541 510 } 542 511 543 512 if (!is_mask) { 544 513 if (!match->key->tun_key.ipv4_dst) { 545 - OVS_NLERR("IPv4 tunnel destination address is zero.\n"); 514 + OVS_NLERR(log, "IPv4 tunnel dst address is zero"); 546 515 return -EINVAL; 547 516 } 548 517 549 518 if (!ttl) { 550 - OVS_NLERR("IPv4 tunnel TTL not specified.\n"); 519 + OVS_NLERR(log, "IPv4 tunnel TTL not specified."); 551 520 return -EINVAL; 552 521 } 553 522 } ··· 581 548 if ((output->tun_flags & TUNNEL_CSUM) && 582 549 nla_put_flag(skb, OVS_TUNNEL_KEY_ATTR_CSUM)) 583 550 return -EMSGSIZE; 551 + if (output->tp_src && 552 + nla_put_be16(skb, OVS_TUNNEL_KEY_ATTR_TP_SRC, output->tp_src)) 553 + return -EMSGSIZE; 554 + if (output->tp_dst && 555 + nla_put_be16(skb, OVS_TUNNEL_KEY_ATTR_TP_DST, output->tp_dst)) 556 + return -EMSGSIZE; 584 557 if ((output->tun_flags & TUNNEL_OAM) && 585 558 nla_put_flag(skb, OVS_TUNNEL_KEY_ATTR_OAM)) 586 559 return -EMSGSIZE; ··· 597 558 598 559 return 0; 599 560 } 600 - 601 561 602 562 static int ipv4_tun_to_nlattr(struct sk_buff *skb, 603 563 const struct ovs_key_ipv4_tunnel *output, ··· 618 580 return 0; 619 581 } 620 582 583 + int ovs_nla_put_egress_tunnel_key(struct sk_buff *skb, 584 + const struct ovs_tunnel_info *egress_tun_info) 585 + { 586 + return __ipv4_tun_to_nlattr(skb, &egress_tun_info->tunnel, 587 + egress_tun_info->options, 588 + egress_tun_info->options_len); 589 + } 590 + 621 591 static int metadata_from_nlattrs(struct sw_flow_match *match, u64 *attrs, 622 - const struct nlattr **a, bool is_mask) 592 + const struct nlattr **a, bool is_mask, 593 + bool log) 623 594 { 624 595 if (*attrs & (1 << OVS_KEY_ATTR_DP_HASH)) { 625 596 u32 hash_val = nla_get_u32(a[OVS_KEY_ATTR_DP_HASH]); ··· 656 609 if (is_mask) { 657 610 in_port = 0xffffffff; /* Always exact match in_port. */ 658 611 } else if (in_port >= DP_MAX_PORTS) { 659 - OVS_NLERR("Port (%d) exceeds maximum allowable (%d).\n", 612 + OVS_NLERR(log, "Port %d exceeds max allowable %d", 660 613 in_port, DP_MAX_PORTS); 661 614 return -EINVAL; 662 615 } ··· 675 628 } 676 629 if (*attrs & (1 << OVS_KEY_ATTR_TUNNEL)) { 677 630 if (ipv4_tun_from_nlattr(a[OVS_KEY_ATTR_TUNNEL], match, 678 - is_mask)) 631 + is_mask, log)) 679 632 return -EINVAL; 680 633 *attrs &= ~(1 << OVS_KEY_ATTR_TUNNEL); 681 634 } ··· 683 636 } 684 637 685 638 static int ovs_key_from_nlattrs(struct sw_flow_match *match, u64 attrs, 686 - const struct nlattr **a, bool is_mask) 639 + const struct nlattr **a, bool is_mask, 640 + bool log) 687 641 { 688 642 int err; 689 643 690 - err = metadata_from_nlattrs(match, &attrs, a, is_mask); 644 + err = metadata_from_nlattrs(match, &attrs, a, is_mask, log); 691 645 if (err) 692 646 return err; 693 647 ··· 709 661 tci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]); 710 662 if (!(tci & htons(VLAN_TAG_PRESENT))) { 711 663 if (is_mask) 712 - OVS_NLERR("VLAN TCI mask does not have exact match for VLAN_TAG_PRESENT bit.\n"); 664 + OVS_NLERR(log, "VLAN TCI mask does not have exact match for VLAN_TAG_PRESENT bit."); 713 665 else 714 - OVS_NLERR("VLAN TCI does not have VLAN_TAG_PRESENT bit set.\n"); 666 + OVS_NLERR(log, "VLAN TCI does not have VLAN_TAG_PRESENT bit set."); 715 667 716 668 return -EINVAL; 717 669 } ··· 728 680 /* Always exact match EtherType. */ 729 681 eth_type = htons(0xffff); 730 682 } else if (ntohs(eth_type) < ETH_P_802_3_MIN) { 731 - OVS_NLERR("EtherType is less than minimum (type=%x, min=%x).\n", 732 - ntohs(eth_type), ETH_P_802_3_MIN); 683 + OVS_NLERR(log, "EtherType %x is less than min %x", 684 + ntohs(eth_type), ETH_P_802_3_MIN); 733 685 return -EINVAL; 734 686 } 735 687 ··· 744 696 745 697 ipv4_key = nla_data(a[OVS_KEY_ATTR_IPV4]); 746 698 if (!is_mask && ipv4_key->ipv4_frag > OVS_FRAG_TYPE_MAX) { 747 - OVS_NLERR("Unknown IPv4 fragment type (value=%d, max=%d).\n", 748 - ipv4_key->ipv4_frag, OVS_FRAG_TYPE_MAX); 699 + OVS_NLERR(log, "IPv4 frag type %d is out of range max %d", 700 + ipv4_key->ipv4_frag, OVS_FRAG_TYPE_MAX); 749 701 return -EINVAL; 750 702 } 751 703 SW_FLOW_KEY_PUT(match, ip.proto, ··· 768 720 769 721 ipv6_key = nla_data(a[OVS_KEY_ATTR_IPV6]); 770 722 if (!is_mask && ipv6_key->ipv6_frag > OVS_FRAG_TYPE_MAX) { 771 - OVS_NLERR("Unknown IPv6 fragment type (value=%d, max=%d).\n", 772 - ipv6_key->ipv6_frag, OVS_FRAG_TYPE_MAX); 723 + OVS_NLERR(log, "IPv6 frag type %d is out of range max %d", 724 + ipv6_key->ipv6_frag, OVS_FRAG_TYPE_MAX); 773 725 return -EINVAL; 774 726 } 775 727 SW_FLOW_KEY_PUT(match, ipv6.label, ··· 799 751 800 752 arp_key = nla_data(a[OVS_KEY_ATTR_ARP]); 801 753 if (!is_mask && (arp_key->arp_op & htons(0xff00))) { 802 - OVS_NLERR("Unknown ARP opcode (opcode=%d).\n", 754 + OVS_NLERR(log, "Unknown ARP opcode (opcode=%d).", 803 755 arp_key->arp_op); 804 756 return -EINVAL; 805 757 } ··· 900 852 } 901 853 902 854 if (attrs != 0) { 903 - OVS_NLERR("Unknown key attributes (%llx).\n", 855 + OVS_NLERR(log, "Unknown key attributes %llx", 904 856 (unsigned long long)attrs); 905 857 return -EINVAL; 906 858 } ··· 941 893 * of this flow. 942 894 * @mask: Optional. Netlink attribute holding nested %OVS_KEY_ATTR_* Netlink 943 895 * attribute specifies the mask field of the wildcarded flow. 896 + * @log: Boolean to allow kernel error logging. Normally true, but when 897 + * probing for feature compatibility this should be passed in as false to 898 + * suppress unnecessary error logging. 944 899 */ 945 900 int ovs_nla_get_match(struct sw_flow_match *match, 946 901 const struct nlattr *nla_key, 947 - const struct nlattr *nla_mask) 902 + const struct nlattr *nla_mask, 903 + bool log) 948 904 { 949 905 const struct nlattr *a[OVS_KEY_ATTR_MAX + 1]; 950 906 const struct nlattr *encap; ··· 958 906 bool encap_valid = false; 959 907 int err; 960 908 961 - err = parse_flow_nlattrs(nla_key, a, &key_attrs); 909 + err = parse_flow_nlattrs(nla_key, a, &key_attrs, log); 962 910 if (err) 963 911 return err; 964 912 ··· 969 917 970 918 if (!((key_attrs & (1 << OVS_KEY_ATTR_VLAN)) && 971 919 (key_attrs & (1 << OVS_KEY_ATTR_ENCAP)))) { 972 - OVS_NLERR("Invalid Vlan frame.\n"); 920 + OVS_NLERR(log, "Invalid Vlan frame."); 973 921 return -EINVAL; 974 922 } 975 923 ··· 980 928 encap_valid = true; 981 929 982 930 if (tci & htons(VLAN_TAG_PRESENT)) { 983 - err = parse_flow_nlattrs(encap, a, &key_attrs); 931 + err = parse_flow_nlattrs(encap, a, &key_attrs, log); 984 932 if (err) 985 933 return err; 986 934 } else if (!tci) { 987 935 /* Corner case for truncated 802.1Q header. */ 988 936 if (nla_len(encap)) { 989 - OVS_NLERR("Truncated 802.1Q header has non-zero encap attribute.\n"); 937 + OVS_NLERR(log, "Truncated 802.1Q header has non-zero encap attribute."); 990 938 return -EINVAL; 991 939 } 992 940 } else { 993 - OVS_NLERR("Encap attribute is set for a non-VLAN frame.\n"); 941 + OVS_NLERR(log, "Encap attr is set for non-VLAN frame"); 994 942 return -EINVAL; 995 943 } 996 944 } 997 945 998 - err = ovs_key_from_nlattrs(match, key_attrs, a, false); 946 + err = ovs_key_from_nlattrs(match, key_attrs, a, false, log); 999 947 if (err) 1000 948 return err; 1001 949 ··· 1029 977 nla_mask = newmask; 1030 978 } 1031 979 1032 - err = parse_flow_mask_nlattrs(nla_mask, a, &mask_attrs); 980 + err = parse_flow_mask_nlattrs(nla_mask, a, &mask_attrs, log); 1033 981 if (err) 1034 982 goto free_newmask; 1035 983 ··· 1041 989 __be16 tci = 0; 1042 990 1043 991 if (!encap_valid) { 1044 - OVS_NLERR("Encap mask attribute is set for non-VLAN frame.\n"); 992 + OVS_NLERR(log, "Encap mask attribute is set for non-VLAN frame."); 1045 993 err = -EINVAL; 1046 994 goto free_newmask; 1047 995 } ··· 1053 1001 if (eth_type == htons(0xffff)) { 1054 1002 mask_attrs &= ~(1 << OVS_KEY_ATTR_ETHERTYPE); 1055 1003 encap = a[OVS_KEY_ATTR_ENCAP]; 1056 - err = parse_flow_mask_nlattrs(encap, a, &mask_attrs); 1004 + err = parse_flow_mask_nlattrs(encap, a, 1005 + &mask_attrs, log); 1057 1006 if (err) 1058 1007 goto free_newmask; 1059 1008 } else { 1060 - OVS_NLERR("VLAN frames must have an exact match on the TPID (mask=%x).\n", 1061 - ntohs(eth_type)); 1009 + OVS_NLERR(log, "VLAN frames must have an exact match on the TPID (mask=%x).", 1010 + ntohs(eth_type)); 1062 1011 err = -EINVAL; 1063 1012 goto free_newmask; 1064 1013 } ··· 1068 1015 tci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]); 1069 1016 1070 1017 if (!(tci & htons(VLAN_TAG_PRESENT))) { 1071 - OVS_NLERR("VLAN tag present bit must have an exact match (tci_mask=%x).\n", ntohs(tci)); 1018 + OVS_NLERR(log, "VLAN tag present bit must have an exact match (tci_mask=%x).", 1019 + ntohs(tci)); 1072 1020 err = -EINVAL; 1073 1021 goto free_newmask; 1074 1022 } 1075 1023 } 1076 1024 1077 - err = ovs_key_from_nlattrs(match, mask_attrs, a, true); 1025 + err = ovs_key_from_nlattrs(match, mask_attrs, a, true, log); 1078 1026 if (err) 1079 1027 goto free_newmask; 1080 1028 } 1081 1029 1082 - if (!match_validate(match, key_attrs, mask_attrs)) 1030 + if (!match_validate(match, key_attrs, mask_attrs, log)) 1083 1031 err = -EINVAL; 1084 1032 1085 1033 free_newmask: ··· 1093 1039 * @key: Receives extracted in_port, priority, tun_key and skb_mark. 1094 1040 * @attr: Netlink attribute holding nested %OVS_KEY_ATTR_* Netlink attribute 1095 1041 * sequence. 1042 + * @log: Boolean to allow kernel error logging. Normally true, but when 1043 + * probing for feature compatibility this should be passed in as false to 1044 + * suppress unnecessary error logging. 1096 1045 * 1097 1046 * This parses a series of Netlink attributes that form a flow key, which must 1098 1047 * take the same form accepted by flow_from_nlattrs(), but only enough of it to ··· 1104 1047 */ 1105 1048 1106 1049 int ovs_nla_get_flow_metadata(const struct nlattr *attr, 1107 - struct sw_flow_key *key) 1050 + struct sw_flow_key *key, 1051 + bool log) 1108 1052 { 1109 1053 const struct nlattr *a[OVS_KEY_ATTR_MAX + 1]; 1110 1054 struct sw_flow_match match; 1111 1055 u64 attrs = 0; 1112 1056 int err; 1113 1057 1114 - err = parse_flow_nlattrs(attr, a, &attrs); 1058 + err = parse_flow_nlattrs(attr, a, &attrs, log); 1115 1059 if (err) 1116 1060 return -EINVAL; 1117 1061 ··· 1121 1063 1122 1064 key->phy.in_port = DP_MAX_PORTS; 1123 1065 1124 - return metadata_from_nlattrs(&match, &attrs, a, false); 1066 + return metadata_from_nlattrs(&match, &attrs, a, false, log); 1125 1067 } 1126 1068 1127 1069 int ovs_nla_put_flow(const struct sw_flow_key *swkey, ··· 1341 1283 1342 1284 #define MAX_ACTIONS_BUFSIZE (32 * 1024) 1343 1285 1344 - static struct sw_flow_actions *nla_alloc_flow_actions(int size) 1286 + static struct sw_flow_actions *nla_alloc_flow_actions(int size, bool log) 1345 1287 { 1346 1288 struct sw_flow_actions *sfa; 1347 1289 1348 1290 if (size > MAX_ACTIONS_BUFSIZE) { 1349 - OVS_NLERR("Flow action size (%u bytes) exceeds maximum", size); 1291 + OVS_NLERR(log, "Flow action size %u bytes exceeds max", size); 1350 1292 return ERR_PTR(-EINVAL); 1351 1293 } 1352 1294 ··· 1366 1308 } 1367 1309 1368 1310 static struct nlattr *reserve_sfa_size(struct sw_flow_actions **sfa, 1369 - int attr_len) 1311 + int attr_len, bool log) 1370 1312 { 1371 1313 1372 1314 struct sw_flow_actions *acts; ··· 1386 1328 new_acts_size = MAX_ACTIONS_BUFSIZE; 1387 1329 } 1388 1330 1389 - acts = nla_alloc_flow_actions(new_acts_size); 1331 + acts = nla_alloc_flow_actions(new_acts_size, log); 1390 1332 if (IS_ERR(acts)) 1391 1333 return (void *)acts; 1392 1334 ··· 1401 1343 } 1402 1344 1403 1345 static struct nlattr *__add_action(struct sw_flow_actions **sfa, 1404 - int attrtype, void *data, int len) 1346 + int attrtype, void *data, int len, bool log) 1405 1347 { 1406 1348 struct nlattr *a; 1407 1349 1408 - a = reserve_sfa_size(sfa, nla_attr_size(len)); 1350 + a = reserve_sfa_size(sfa, nla_attr_size(len), log); 1409 1351 if (IS_ERR(a)) 1410 1352 return a; 1411 1353 ··· 1420 1362 } 1421 1363 1422 1364 static int add_action(struct sw_flow_actions **sfa, int attrtype, 1423 - void *data, int len) 1365 + void *data, int len, bool log) 1424 1366 { 1425 1367 struct nlattr *a; 1426 1368 1427 - a = __add_action(sfa, attrtype, data, len); 1369 + a = __add_action(sfa, attrtype, data, len, log); 1428 1370 if (IS_ERR(a)) 1429 1371 return PTR_ERR(a); 1430 1372 ··· 1432 1374 } 1433 1375 1434 1376 static inline int add_nested_action_start(struct sw_flow_actions **sfa, 1435 - int attrtype) 1377 + int attrtype, bool log) 1436 1378 { 1437 1379 int used = (*sfa)->actions_len; 1438 1380 int err; 1439 1381 1440 - err = add_action(sfa, attrtype, NULL, 0); 1382 + err = add_action(sfa, attrtype, NULL, 0, log); 1441 1383 if (err) 1442 1384 return err; 1443 1385 ··· 1456 1398 static int __ovs_nla_copy_actions(const struct nlattr *attr, 1457 1399 const struct sw_flow_key *key, 1458 1400 int depth, struct sw_flow_actions **sfa, 1459 - __be16 eth_type, __be16 vlan_tci); 1401 + __be16 eth_type, __be16 vlan_tci, bool log); 1460 1402 1461 1403 static int validate_and_copy_sample(const struct nlattr *attr, 1462 1404 const struct sw_flow_key *key, int depth, 1463 1405 struct sw_flow_actions **sfa, 1464 - __be16 eth_type, __be16 vlan_tci) 1406 + __be16 eth_type, __be16 vlan_tci, bool log) 1465 1407 { 1466 1408 const struct nlattr *attrs[OVS_SAMPLE_ATTR_MAX + 1]; 1467 1409 const struct nlattr *probability, *actions; ··· 1487 1429 return -EINVAL; 1488 1430 1489 1431 /* validation done, copy sample action. */ 1490 - start = add_nested_action_start(sfa, OVS_ACTION_ATTR_SAMPLE); 1432 + start = add_nested_action_start(sfa, OVS_ACTION_ATTR_SAMPLE, log); 1491 1433 if (start < 0) 1492 1434 return start; 1493 1435 err = add_action(sfa, OVS_SAMPLE_ATTR_PROBABILITY, 1494 - nla_data(probability), sizeof(u32)); 1436 + nla_data(probability), sizeof(u32), log); 1495 1437 if (err) 1496 1438 return err; 1497 - st_acts = add_nested_action_start(sfa, OVS_SAMPLE_ATTR_ACTIONS); 1439 + st_acts = add_nested_action_start(sfa, OVS_SAMPLE_ATTR_ACTIONS, log); 1498 1440 if (st_acts < 0) 1499 1441 return st_acts; 1500 1442 1501 1443 err = __ovs_nla_copy_actions(actions, key, depth + 1, sfa, 1502 - eth_type, vlan_tci); 1444 + eth_type, vlan_tci, log); 1503 1445 if (err) 1504 1446 return err; 1505 1447 ··· 1536 1478 } 1537 1479 1538 1480 static int validate_and_copy_set_tun(const struct nlattr *attr, 1539 - struct sw_flow_actions **sfa) 1481 + struct sw_flow_actions **sfa, bool log) 1540 1482 { 1541 1483 struct sw_flow_match match; 1542 1484 struct sw_flow_key key; ··· 1545 1487 int err, start; 1546 1488 1547 1489 ovs_match_init(&match, &key, NULL); 1548 - err = ipv4_tun_from_nlattr(nla_data(attr), &match, false); 1490 + err = ipv4_tun_from_nlattr(nla_data(attr), &match, false, log); 1549 1491 if (err) 1550 1492 return err; 1551 1493 ··· 1574 1516 key.tun_key.tun_flags |= crit_opt ? TUNNEL_CRIT_OPT : 0; 1575 1517 }; 1576 1518 1577 - start = add_nested_action_start(sfa, OVS_ACTION_ATTR_SET); 1519 + start = add_nested_action_start(sfa, OVS_ACTION_ATTR_SET, log); 1578 1520 if (start < 0) 1579 1521 return start; 1580 1522 1581 1523 a = __add_action(sfa, OVS_KEY_ATTR_TUNNEL_INFO, NULL, 1582 - sizeof(*tun_info) + key.tun_opts_len); 1524 + sizeof(*tun_info) + key.tun_opts_len, log); 1583 1525 if (IS_ERR(a)) 1584 1526 return PTR_ERR(a); 1585 1527 ··· 1607 1549 static int validate_set(const struct nlattr *a, 1608 1550 const struct sw_flow_key *flow_key, 1609 1551 struct sw_flow_actions **sfa, 1610 - bool *set_tun, __be16 eth_type) 1552 + bool *set_tun, __be16 eth_type, bool log) 1611 1553 { 1612 1554 const struct nlattr *ovs_key = nla_data(a); 1613 1555 int key_type = nla_type(ovs_key); ··· 1636 1578 return -EINVAL; 1637 1579 1638 1580 *set_tun = true; 1639 - err = validate_and_copy_set_tun(a, sfa); 1581 + err = validate_and_copy_set_tun(a, sfa, log); 1640 1582 if (err) 1641 1583 return err; 1642 1584 break; ··· 1711 1653 static const struct nla_policy userspace_policy[OVS_USERSPACE_ATTR_MAX + 1] = { 1712 1654 [OVS_USERSPACE_ATTR_PID] = {.type = NLA_U32 }, 1713 1655 [OVS_USERSPACE_ATTR_USERDATA] = {.type = NLA_UNSPEC }, 1656 + [OVS_USERSPACE_ATTR_EGRESS_TUN_PORT] = {.type = NLA_U32 }, 1714 1657 }; 1715 1658 struct nlattr *a[OVS_USERSPACE_ATTR_MAX + 1]; 1716 1659 int error; ··· 1729 1670 } 1730 1671 1731 1672 static int copy_action(const struct nlattr *from, 1732 - struct sw_flow_actions **sfa) 1673 + struct sw_flow_actions **sfa, bool log) 1733 1674 { 1734 1675 int totlen = NLA_ALIGN(from->nla_len); 1735 1676 struct nlattr *to; 1736 1677 1737 - to = reserve_sfa_size(sfa, from->nla_len); 1678 + to = reserve_sfa_size(sfa, from->nla_len, log); 1738 1679 if (IS_ERR(to)) 1739 1680 return PTR_ERR(to); 1740 1681 ··· 1745 1686 static int __ovs_nla_copy_actions(const struct nlattr *attr, 1746 1687 const struct sw_flow_key *key, 1747 1688 int depth, struct sw_flow_actions **sfa, 1748 - __be16 eth_type, __be16 vlan_tci) 1689 + __be16 eth_type, __be16 vlan_tci, bool log) 1749 1690 { 1750 1691 const struct nlattr *a; 1751 1692 bool out_tnl_port = false; ··· 1868 1809 1869 1810 case OVS_ACTION_ATTR_SET: 1870 1811 err = validate_set(a, key, sfa, 1871 - &out_tnl_port, eth_type); 1812 + &out_tnl_port, eth_type, log); 1872 1813 if (err) 1873 1814 return err; 1874 1815 ··· 1877 1818 1878 1819 case OVS_ACTION_ATTR_SAMPLE: 1879 1820 err = validate_and_copy_sample(a, key, depth, sfa, 1880 - eth_type, vlan_tci); 1821 + eth_type, vlan_tci, log); 1881 1822 if (err) 1882 1823 return err; 1883 1824 skip_copy = true; 1884 1825 break; 1885 1826 1886 1827 default: 1887 - OVS_NLERR("Unknown tunnel attribute (%d).\n", type); 1828 + OVS_NLERR(log, "Unknown Action type %d", type); 1888 1829 return -EINVAL; 1889 1830 } 1890 1831 if (!skip_copy) { 1891 - err = copy_action(a, sfa); 1832 + err = copy_action(a, sfa, log); 1892 1833 if (err) 1893 1834 return err; 1894 1835 } ··· 1902 1843 1903 1844 int ovs_nla_copy_actions(const struct nlattr *attr, 1904 1845 const struct sw_flow_key *key, 1905 - struct sw_flow_actions **sfa) 1846 + struct sw_flow_actions **sfa, bool log) 1906 1847 { 1907 1848 int err; 1908 1849 1909 - *sfa = nla_alloc_flow_actions(nla_len(attr)); 1850 + *sfa = nla_alloc_flow_actions(nla_len(attr), log); 1910 1851 if (IS_ERR(*sfa)) 1911 1852 return PTR_ERR(*sfa); 1912 1853 1913 1854 err = __ovs_nla_copy_actions(attr, key, 0, sfa, key->eth.type, 1914 - key->eth.tci); 1855 + key->eth.tci, log); 1915 1856 if (err) 1916 1857 kfree(*sfa); 1917 1858

+8 -5

net/openvswitch/flow_netlink.h

··· 37 37 38 38 #include "flow.h" 39 39 40 + size_t ovs_tun_key_attr_size(void); 40 41 size_t ovs_key_attr_size(void); 41 42 42 43 void ovs_match_init(struct sw_flow_match *match, ··· 45 44 46 45 int ovs_nla_put_flow(const struct sw_flow_key *, 47 46 const struct sw_flow_key *, struct sk_buff *); 48 - int ovs_nla_get_flow_metadata(const struct nlattr *, struct sw_flow_key *); 47 + int ovs_nla_get_flow_metadata(const struct nlattr *, struct sw_flow_key *, 48 + bool log); 49 49 50 - int ovs_nla_get_match(struct sw_flow_match *match, 51 - const struct nlattr *, 52 - const struct nlattr *); 50 + int ovs_nla_get_match(struct sw_flow_match *, const struct nlattr *key, 51 + const struct nlattr *mask, bool log); 52 + int ovs_nla_put_egress_tunnel_key(struct sk_buff *, 53 + const struct ovs_tunnel_info *); 53 54 54 55 int ovs_nla_copy_actions(const struct nlattr *attr, 55 56 const struct sw_flow_key *key, 56 - struct sw_flow_actions **sfa); 57 + struct sw_flow_actions **sfa, bool log); 57 58 int ovs_nla_put_actions(const struct nlattr *attr, 58 59 int len, struct sk_buff *skb); 59 60

+6 -6

net/openvswitch/flow_table.c

··· 107 107 return ERR_PTR(-ENOMEM); 108 108 } 109 109 110 - int ovs_flow_tbl_count(struct flow_table *table) 110 + int ovs_flow_tbl_count(const struct flow_table *table) 111 111 { 112 112 return table->count; 113 113 } ··· 401 401 } 402 402 403 403 bool ovs_flow_cmp_unmasked_key(const struct sw_flow *flow, 404 - struct sw_flow_match *match) 404 + const struct sw_flow_match *match) 405 405 { 406 406 struct sw_flow_key *key = match->key; 407 407 int key_start = flow_key_start(key); ··· 412 412 413 413 static struct sw_flow *masked_flow_lookup(struct table_instance *ti, 414 414 const struct sw_flow_key *unmasked, 415 - struct sw_flow_mask *mask) 415 + const struct sw_flow_mask *mask) 416 416 { 417 417 struct sw_flow *flow; 418 418 struct hlist_head *head; ··· 460 460 } 461 461 462 462 struct sw_flow *ovs_flow_tbl_lookup_exact(struct flow_table *tbl, 463 - struct sw_flow_match *match) 463 + const struct sw_flow_match *match) 464 464 { 465 465 struct table_instance *ti = rcu_dereference_ovsl(tbl->ti); 466 466 struct sw_flow_mask *mask; ··· 563 563 564 564 /* Add 'mask' into the mask list, if it is not already there. */ 565 565 static int flow_mask_insert(struct flow_table *tbl, struct sw_flow *flow, 566 - struct sw_flow_mask *new) 566 + const struct sw_flow_mask *new) 567 567 { 568 568 struct sw_flow_mask *mask; 569 569 mask = flow_mask_find(tbl, new); ··· 586 586 587 587 /* Must be called with OVS mutex held. */ 588 588 int ovs_flow_tbl_insert(struct flow_table *table, struct sw_flow *flow, 589 - struct sw_flow_mask *mask) 589 + const struct sw_flow_mask *mask) 590 590 { 591 591 struct table_instance *new_ti = NULL; 592 592 struct table_instance *ti;

+4 -4

net/openvswitch/flow_table.h

··· 61 61 void ovs_flow_free(struct sw_flow *, bool deferred); 62 62 63 63 int ovs_flow_tbl_init(struct flow_table *); 64 - int ovs_flow_tbl_count(struct flow_table *table); 64 + int ovs_flow_tbl_count(const struct flow_table *table); 65 65 void ovs_flow_tbl_destroy(struct flow_table *table); 66 66 int ovs_flow_tbl_flush(struct flow_table *flow_table); 67 67 68 68 int ovs_flow_tbl_insert(struct flow_table *table, struct sw_flow *flow, 69 - struct sw_flow_mask *mask); 69 + const struct sw_flow_mask *mask); 70 70 void ovs_flow_tbl_remove(struct flow_table *table, struct sw_flow *flow); 71 71 int ovs_flow_tbl_num_masks(const struct flow_table *table); 72 72 struct sw_flow *ovs_flow_tbl_dump_next(struct table_instance *table, ··· 77 77 struct sw_flow *ovs_flow_tbl_lookup(struct flow_table *, 78 78 const struct sw_flow_key *); 79 79 struct sw_flow *ovs_flow_tbl_lookup_exact(struct flow_table *tbl, 80 - struct sw_flow_match *match); 80 + const struct sw_flow_match *match); 81 81 bool ovs_flow_cmp_unmasked_key(const struct sw_flow *flow, 82 - struct sw_flow_match *match); 82 + const struct sw_flow_match *match); 83 83 84 84 void ovs_flow_mask_key(struct sw_flow_key *dst, const struct sw_flow_key *src, 85 85 const struct sw_flow_mask *mask);

+21 -2

net/openvswitch/vport-geneve.c

··· 68 68 } 69 69 70 70 /* Convert 24 bit VNI to 64 bit tunnel ID. */ 71 - static __be64 vni_to_tunnel_id(__u8 *vni) 71 + static __be64 vni_to_tunnel_id(const __u8 *vni) 72 72 { 73 73 #ifdef __BIG_ENDIAN 74 74 return (vni[0] << 16) | (vni[1] << 8) | vni[2]; ··· 97 97 98 98 key = vni_to_tunnel_id(geneveh->vni); 99 99 100 - ovs_flow_tun_info_init(&tun_info, ip_hdr(skb), key, flags, 100 + ovs_flow_tun_info_init(&tun_info, ip_hdr(skb), 101 + udp_hdr(skb)->source, udp_hdr(skb)->dest, 102 + key, flags, 101 103 geneveh->options, opts_len); 102 104 103 105 ovs_vport_receive(vport, skb, &tun_info); ··· 230 228 return geneve_port->name; 231 229 } 232 230 231 + static int geneve_get_egress_tun_info(struct vport *vport, struct sk_buff *skb, 232 + struct ovs_tunnel_info *egress_tun_info) 233 + { 234 + struct geneve_port *geneve_port = geneve_vport(vport); 235 + struct net *net = ovs_dp_get_net(vport->dp); 236 + __be16 dport = inet_sk(geneve_port->gs->sock->sk)->inet_sport; 237 + __be16 sport = udp_flow_src_port(net, skb, 1, USHRT_MAX, true); 238 + 239 + /* Get tp_src and tp_dst, refert to geneve_build_header(). 240 + */ 241 + return ovs_tunnel_get_egress_info(egress_tun_info, 242 + ovs_dp_get_net(vport->dp), 243 + OVS_CB(skb)->egress_tun_info, 244 + IPPROTO_UDP, skb->mark, sport, dport); 245 + } 246 + 233 247 static struct vport_ops ovs_geneve_vport_ops = { 234 248 .type = OVS_VPORT_TYPE_GENEVE, 235 249 .create = geneve_tnl_create, ··· 254 236 .get_options = geneve_get_options, 255 237 .send = geneve_tnl_send, 256 238 .owner = THIS_MODULE, 239 + .get_egress_tun_info = geneve_get_egress_tun_info, 257 240 }; 258 241 259 242 static int __init ovs_geneve_tnl_init(void)

+11 -1

net/openvswitch/vport-gre.c

··· 108 108 return PACKET_REJECT; 109 109 110 110 key = key_to_tunnel_id(tpi->key, tpi->seq); 111 - ovs_flow_tun_info_init(&tun_info, ip_hdr(skb), key, 111 + ovs_flow_tun_info_init(&tun_info, ip_hdr(skb), 0, 0, key, 112 112 filter_tnl_flags(tpi->flags), NULL, 0); 113 113 114 114 ovs_vport_receive(vport, skb, &tun_info); ··· 284 284 gre_exit(); 285 285 } 286 286 287 + static int gre_get_egress_tun_info(struct vport *vport, struct sk_buff *skb, 288 + struct ovs_tunnel_info *egress_tun_info) 289 + { 290 + return ovs_tunnel_get_egress_info(egress_tun_info, 291 + ovs_dp_get_net(vport->dp), 292 + OVS_CB(skb)->egress_tun_info, 293 + IPPROTO_GRE, skb->mark, 0, 0); 294 + } 295 + 287 296 static struct vport_ops ovs_gre_vport_ops = { 288 297 .type = OVS_VPORT_TYPE_GRE, 289 298 .create = gre_create, 290 299 .destroy = gre_tnl_destroy, 291 300 .get_name = gre_get_name, 292 301 .send = gre_tnl_send, 302 + .get_egress_tun_info = gre_get_egress_tun_info, 293 303 .owner = THIS_MODULE, 294 304 }; 295 305

+1 -1

net/openvswitch/vport-netdev.c

··· 77 77 return RX_HANDLER_CONSUMED; 78 78 } 79 79 80 - static struct net_device *get_dpdev(struct datapath *dp) 80 + static struct net_device *get_dpdev(const struct datapath *dp) 81 81 { 82 82 struct vport *local; 83 83

+23 -1

net/openvswitch/vport-vxlan.c

··· 69 69 /* Save outer tunnel values */ 70 70 iph = ip_hdr(skb); 71 71 key = cpu_to_be64(ntohl(vx_vni) >> 8); 72 - ovs_flow_tun_info_init(&tun_info, iph, key, TUNNEL_KEY, NULL, 0); 72 + ovs_flow_tun_info_init(&tun_info, iph, 73 + udp_hdr(skb)->source, udp_hdr(skb)->dest, 74 + key, TUNNEL_KEY, NULL, 0); 73 75 74 76 ovs_vport_receive(vport, skb, &tun_info); 75 77 } ··· 191 189 return err; 192 190 } 193 191 192 + static int vxlan_get_egress_tun_info(struct vport *vport, struct sk_buff *skb, 193 + struct ovs_tunnel_info *egress_tun_info) 194 + { 195 + struct net *net = ovs_dp_get_net(vport->dp); 196 + struct vxlan_port *vxlan_port = vxlan_vport(vport); 197 + __be16 dst_port = inet_sk(vxlan_port->vs->sock->sk)->inet_sport; 198 + __be16 src_port; 199 + int port_min; 200 + int port_max; 201 + 202 + inet_get_local_port_range(net, &port_min, &port_max); 203 + src_port = udp_flow_src_port(net, skb, 0, 0, true); 204 + 205 + return ovs_tunnel_get_egress_info(egress_tun_info, net, 206 + OVS_CB(skb)->egress_tun_info, 207 + IPPROTO_UDP, skb->mark, 208 + src_port, dst_port); 209 + } 210 + 194 211 static const char *vxlan_get_name(const struct vport *vport) 195 212 { 196 213 struct vxlan_port *vxlan_port = vxlan_vport(vport); ··· 223 202 .get_name = vxlan_get_name, 224 203 .get_options = vxlan_get_options, 225 204 .send = vxlan_tnl_send, 205 + .get_egress_tun_info = vxlan_get_egress_tun_info, 226 206 .owner = THIS_MODULE, 227 207 }; 228 208

+71 -10

net/openvswitch/vport.c

··· 68 68 kfree(dev_table); 69 69 } 70 70 71 - static struct hlist_head *hash_bucket(struct net *net, const char *name) 71 + static struct hlist_head *hash_bucket(const struct net *net, const char *name) 72 72 { 73 73 unsigned int hash = jhash(name, strlen(name), (unsigned long) net); 74 74 return &dev_table[hash & (VPORT_HASH_BUCKETS - 1)]; ··· 90 90 ovs_unlock(); 91 91 return err; 92 92 } 93 - EXPORT_SYMBOL(ovs_vport_ops_register); 93 + EXPORT_SYMBOL_GPL(ovs_vport_ops_register); 94 94 95 95 void ovs_vport_ops_unregister(struct vport_ops *ops) 96 96 { ··· 98 98 list_del(&ops->list); 99 99 ovs_unlock(); 100 100 } 101 - EXPORT_SYMBOL(ovs_vport_ops_unregister); 101 + EXPORT_SYMBOL_GPL(ovs_vport_ops_unregister); 102 102 103 103 /** 104 104 * ovs_vport_locate - find a port that has already been created ··· 107 107 * 108 108 * Must be called with ovs or RCU read lock. 109 109 */ 110 - struct vport *ovs_vport_locate(struct net *net, const char *name) 110 + struct vport *ovs_vport_locate(const struct net *net, const char *name) 111 111 { 112 112 struct hlist_head *bucket = hash_bucket(net, name); 113 113 struct vport *vport; ··· 165 165 166 166 return vport; 167 167 } 168 - EXPORT_SYMBOL(ovs_vport_alloc); 168 + EXPORT_SYMBOL_GPL(ovs_vport_alloc); 169 169 170 170 /** 171 171 * ovs_vport_free - uninitialize and free vport ··· 186 186 free_percpu(vport->percpu_stats); 187 187 kfree(vport); 188 188 } 189 - EXPORT_SYMBOL(ovs_vport_free); 189 + EXPORT_SYMBOL_GPL(ovs_vport_free); 190 190 191 191 static struct vport_ops *ovs_vport_lookup(const struct vport_parms *parms) 192 192 { ··· 380 380 * 381 381 * Must be called with ovs_mutex. 382 382 */ 383 - int ovs_vport_set_upcall_portids(struct vport *vport, struct nlattr *ids) 383 + int ovs_vport_set_upcall_portids(struct vport *vport, const struct nlattr *ids) 384 384 { 385 385 struct vport_portids *old, *vport_portids; 386 386 ··· 471 471 * skb->data should point to the Ethernet header. 472 472 */ 473 473 void ovs_vport_receive(struct vport *vport, struct sk_buff *skb, 474 - struct ovs_tunnel_info *tun_info) 474 + const struct ovs_tunnel_info *tun_info) 475 475 { 476 476 struct pcpu_sw_netstats *stats; 477 477 struct sw_flow_key key; ··· 493 493 } 494 494 ovs_dp_process_packet(skb, &key); 495 495 } 496 - EXPORT_SYMBOL(ovs_vport_receive); 496 + EXPORT_SYMBOL_GPL(ovs_vport_receive); 497 497 498 498 /** 499 499 * ovs_vport_send - send a packet on a device ··· 572 572 573 573 call_rcu(&vport->rcu, free_vport_rcu); 574 574 } 575 - EXPORT_SYMBOL(ovs_vport_deferred_free); 575 + EXPORT_SYMBOL_GPL(ovs_vport_deferred_free); 576 + 577 + int ovs_tunnel_get_egress_info(struct ovs_tunnel_info *egress_tun_info, 578 + struct net *net, 579 + const struct ovs_tunnel_info *tun_info, 580 + u8 ipproto, 581 + u32 skb_mark, 582 + __be16 tp_src, 583 + __be16 tp_dst) 584 + { 585 + const struct ovs_key_ipv4_tunnel *tun_key; 586 + struct rtable *rt; 587 + struct flowi4 fl; 588 + 589 + if (unlikely(!tun_info)) 590 + return -EINVAL; 591 + 592 + tun_key = &tun_info->tunnel; 593 + 594 + /* Route lookup to get srouce IP address. 595 + * The process may need to be changed if the corresponding process 596 + * in vports ops changed. 597 + */ 598 + memset(&fl, 0, sizeof(fl)); 599 + fl.daddr = tun_key->ipv4_dst; 600 + fl.saddr = tun_key->ipv4_src; 601 + fl.flowi4_tos = RT_TOS(tun_key->ipv4_tos); 602 + fl.flowi4_mark = skb_mark; 603 + fl.flowi4_proto = IPPROTO_GRE; 604 + 605 + rt = ip_route_output_key(net, &fl); 606 + if (IS_ERR(rt)) 607 + return PTR_ERR(rt); 608 + 609 + ip_rt_put(rt); 610 + 611 + /* Generate egress_tun_info based on tun_info, 612 + * saddr, tp_src and tp_dst 613 + */ 614 + __ovs_flow_tun_info_init(egress_tun_info, 615 + fl.saddr, tun_key->ipv4_dst, 616 + tun_key->ipv4_tos, 617 + tun_key->ipv4_ttl, 618 + tp_src, tp_dst, 619 + tun_key->tun_id, 620 + tun_key->tun_flags, 621 + tun_info->options, 622 + tun_info->options_len); 623 + 624 + return 0; 625 + } 626 + EXPORT_SYMBOL_GPL(ovs_tunnel_get_egress_info); 627 + 628 + int ovs_vport_get_egress_tun_info(struct vport *vport, struct sk_buff *skb, 629 + struct ovs_tunnel_info *info) 630 + { 631 + /* get_egress_tun_info() is only implemented on tunnel ports. */ 632 + if (unlikely(!vport->ops->get_egress_tun_info)) 633 + return -EINVAL; 634 + 635 + return vport->ops->get_egress_tun_info(vport, skb, info); 636 + }

+17 -3

net/openvswitch/vport.h

··· 45 45 struct vport *ovs_vport_add(const struct vport_parms *); 46 46 void ovs_vport_del(struct vport *); 47 47 48 - struct vport *ovs_vport_locate(struct net *net, const char *name); 48 + struct vport *ovs_vport_locate(const struct net *net, const char *name); 49 49 50 50 void ovs_vport_get_stats(struct vport *, struct ovs_vport_stats *); 51 51 52 52 int ovs_vport_set_options(struct vport *, struct nlattr *options); 53 53 int ovs_vport_get_options(const struct vport *, struct sk_buff *); 54 54 55 - int ovs_vport_set_upcall_portids(struct vport *, struct nlattr *pids); 55 + int ovs_vport_set_upcall_portids(struct vport *, const struct nlattr *pids); 56 56 int ovs_vport_get_upcall_portids(const struct vport *, struct sk_buff *); 57 57 u32 ovs_vport_find_upcall_portid(const struct vport *, struct sk_buff *); 58 58 59 59 int ovs_vport_send(struct vport *, struct sk_buff *); 60 + 61 + int ovs_tunnel_get_egress_info(struct ovs_tunnel_info *egress_tun_info, 62 + struct net *net, 63 + const struct ovs_tunnel_info *tun_info, 64 + u8 ipproto, 65 + u32 skb_mark, 66 + __be16 tp_src, 67 + __be16 tp_dst); 68 + int ovs_vport_get_egress_tun_info(struct vport *vport, struct sk_buff *skb, 69 + struct ovs_tunnel_info *info); 60 70 61 71 /* The following definitions are for implementers of vport devices: */ 62 72 ··· 156 146 * @get_name: Get the device's name. 157 147 * @send: Send a packet on the device. Returns the length of the packet sent, 158 148 * zero for dropped packets or negative for error. 149 + * @get_egress_tun_info: Get the egress tunnel 5-tuple and other info for 150 + * a packet. 159 151 */ 160 152 struct vport_ops { 161 153 enum ovs_vport_type type; ··· 173 161 const char *(*get_name)(const struct vport *); 174 162 175 163 int (*send)(struct vport *, struct sk_buff *); 164 + int (*get_egress_tun_info)(struct vport *, struct sk_buff *, 165 + struct ovs_tunnel_info *); 176 166 177 167 struct module *owner; 178 168 struct list_head list; ··· 224 210 } 225 211 226 212 void ovs_vport_receive(struct vport *, struct sk_buff *, 227 - struct ovs_tunnel_info *); 213 + const struct ovs_tunnel_info *); 228 214 229 215 static inline void ovs_skb_postpush_rcsum(struct sk_buff *skb, 230 216 const void *start, unsigned int len)