| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
|
|
|
|
| |
Check if the first net buffer exists before trying to copy it.
Found using WDK 10 static code analysis.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
|
| |
`srcNb` should never be NULL since it was copied over from another nbl.
Add an assertion just in case and to keep static analysis happy.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
|
|
|
| |
We can safely use function annotations to instead of defining out own macros.
Nuke implementation of `OVS_VERIFY_IRQL_LE` and OVS_VERIFY_IRQL (unused).
Add function annotations to the functions which were using OVS_VERIFY_IRQL_LE`.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
| |
Found by inspection.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
|
|
| |
Add annotations to the function ` OvsAcquirePidHashLock`.
We make it aware that it raises the dispatch level, where it saves the
dispatch level and it acquires a lock.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Add function annotations for ` OvsReleasePidHashLock`.
We make it aware that it requires a certain dispatch level, that it
restores the dispatch level, that it requires a lock held and releases
a lock.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Add function annotations for ` OvsReleaseEventQueueLock`.
We make it aware that it requires a certain dispatch level, that it
restores the dispatch level, that it requires a lock held and releases
a lock.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
|
|
|
| |
The function should be aware that it raises the dispatch level, saves the
dispatch level and acquires a lock.
This patch adds annotation for that.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
|
|
| |
The function should be aware that it is cancel routine.
This patch adds annotation for that.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
|
|
| |
The function should be aware that it is cancel routine.
This patch adds annotation for that.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
|
|
| |
The function should be aware that it is cancel routine.
This patch adds annotation for that.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
|
|
|
| |
The function should be aware that it requires a certain dispatch level,
restores the dispatch level, requires lock held and releases a lock.
This patch adds annotation for that.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
|
|
|
| |
The function should be aware that it raises the dispatch level, saves the
dispatch level and acquires a lock.
This patch adds annotation for that.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
|
|
|
| |
The function should be aware that it raises the dispatch level, saves the
dispatch level and acquires a lock.
This patch adds annotation for that.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
|
| |
`OvsAcquireDatapathRead`, `OvsAcquireDatapathWrite`, `OvsReleaseDatapath`
are defined and implemented in Switch.h which is already included.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Add function annotations for `OvsReleaseCtrlLock`.
We make it aware that it requires a certain dispatch level, that it
restores the dispatch level, that it requires a lock held and release
a lock.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
|
|
| |
Add annotations to the function `OvsAcquireCtrlLock`.
We make it aware that it raises the dispatch level, where it saves the
dispatch level and it acquires a lock.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
|
| |
`ovsFwdCtx.switchContext` can't be null since it is passed from actions.
Add an assert to keep the static analyzer happy.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
|
|
| |
The mdl can be NULL.
Found using WDK 10 static code analysis.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
|
| |
Suppress static code analysis around PAGED_CODE(). The macro is useful only in
checked builds.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
|
|
| |
Unfortunately the WDK 10 static code analysis can't see this one clearly.
Add an ASSERT to silence the warning.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
| |
Found by inspection.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Bump the size of interfaceName so an overflow cannot occur when using
`ConvertInterfaceLuidToAlias`.
Found using WDK 10 static code analysis.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
| |
There are no annotations defined for `OvsExtDetach` and `OvsExtRestart`.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
|
|
| |
Use non-executable memory when using ExAllocatePoolWithTagPriority.
Found using WDK 10 static code analysis.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Shashank Ram <rams@vmware.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When compiling with WDK10 we are using server time when creating the catalog
file.
This patch enables the use of local time.
For reference:
https://github.com/cloudbase/ovs/commit/6b3706dc9afb26c3e39985d44a99bc9251bcf792
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Minimum valid fragment size is 400 bytes, any fragment smaller
is likely to be intentionally crafted (CVE-2000-0305).
- Validate maximum length of an Ip datagram
- Added counters to keep track of number of fragments for a given
Ip datagram.
Signed-off-by: Anand Kumar <kumaranand@vmware.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Acked-by: Sairam Venugopal <vsairam@vmware.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
In conntrack lookup, ICMP type and code fields were not being used to
determine a matching entry. As a result, ICMP4_ECHO_REQUEST packet could
be tracked as ICMP4_ECHO_REPLY packet and vice versa, which is invalid.
To fix this, add ICMP type and code fields for matching a conntrack entry.
Signed-off-by: Anand Kumar <kumaranand@vmware.com>
Acked-by: Sairam Venugopal <vsairam@vmware.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Adds validations in OvsGetIp() to make sure the IHL is
within valid bounds. If IHL is invalid, then the packet
is dropped by the callers of this function.
Signed-off-by: Shashank Ram <rams@vmware.com>
Acked-by: Sairam Venugopal <vsairam@vmware.com>
Acked-by: Nithin Raju <nithin@vmware.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Introduce a new event type OVS_EVENT_CT_UPDATE to send a conntrack event
whenever a MARK and/or LABEL gets changed for an existing conntrack entry.
- Parse netlink conntrack attribute OVS_CT_ATTR_EVENTMASK, which is used
to set the mask of bits specifying which conntrack events (IPCT_*)
should be delivered via the Netfilter netlink multicast groups.
- Send update event only when OVS_CT_ATTR_EVENTMASK attribute has the mask
of bits set for IPCT_MARK and/or IPCT_LABEL.
Signed-off-by: Anand Kumar <kumaranand@vmware.com>
Acked-by: Sairam Venugopal <vsairam@vmware.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
|
|
|
|
|
|
|
| |
Minor - Fix the switch case alignments. Found by inspection.
Signed-off-by: Sairam Venugopal <vsairam@vmware.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
OvsCtAddEntry returns TRUE or FALSE depending on whether
OvsNatTranslateCtEntry was successful or not. In the case of an
unsuccesful NAT translation, this will fail to insert the newly created
entry to the Conntrack Table. This entry needs to be freed and the states
should be accordingly in the flowKey instead of returning out.
Consolidated the parentEntry lookup and assignment portion across
different protocols and some minor refactoring to make the code more
readable.
Tests Done: Enabled driver verifier and tested the following:
- TCP & ICMP traffic through Conntrack Module.
- Flushed Conntrack Entries while traffic was flowing.
- Uninstalled and re-installed the driver when traffic was in progress.
Signed-off-by: Sairam Venugopal <vsairam@vmware.com>
Acked-by: Shashank Ram <rams@vmware.com>
Acked-by: Nithin Raju <nithin@vmware.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit https://github.com/openvswitch/ovs/commit/81765c00a13882acaaf652df23d7fa76fc3ad743
introduced openflow types to the include interface.
The Windows datapath needs to be aware of the new types included in the
common interface.
Fixes broken build on Windows.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Acked-by: Sairam Venugopal <vsairam@vmware.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
|
|
|
|
|
|
|
|
|
|
| |
Set conntrack-icmp entry to {0}. Add some compile time asserts to ensure
that conn_* struct's first member is OVS_CT_ENTRY.
Signed-off-by: Sairam Venugopal <vsairam@vmware.com>
Acked-by: Shashank Ram <rams@vmware.com>
Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The existing code throws a warning when compiled
with the Windows 10 SDK:
'typedef ': ignored on left of 'NAT_ACTION' when no variable is declared
Signed-off-by: Shashank Ram <rams@vmware.com>
Acked-by: Nithin Raju <nithin@vmware.com<mailto:nithin@vmware.com>>
Acked-by: Sairam Venugopal <vsairam@vmware.com>
Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
|
|
|
|
|
|
|
|
|
| |
Couple of minor fixes that got flagged with a static checker.
Signed-off-by: Nithin Raju <nithin@vmware.com>
Acked-by: Sairam Venugopal <vsairam@vmware.com>
Acked-by: Shashank Ram <rams@vmware.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
|
|
|
|
|
|
|
|
|
|
| |
There is a known bug with NAT where checksum computation is wrong on
the RX path if offload is enabled. This patch works around the problem
by always computing a software checksum and should be reverted once
we figure out the root cause of checksum error.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
|
|
|
|
|
|
|
|
|
| |
This patch integrates NAT module with existing conntrack module. NAT
action is now supported.
Signed-off-by: Yin Lin <linyi@vmware.com>
Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
|
|
|
|
|
|
| |
Signed-off-by: Yin Lin <linyi@vmware.com>
Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add support for parsing netlink attributes related to NAT
in conntrack.
Co-Authored-by: Yin Lin <linyi@vmware.com>
Co-Authored-by: Darrell Ball <dlu998@gmail.com>
Signed-off-by: Anand Kumar <kumaranand@vmware.com>
Signed-off-by: Yin Lin <linyi@vmware.com>
Signed-off-by: Darrell Ball <dlu998@gmail.com>
Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
|
|
|
|
|
|
|
|
|
| |
Add the original tuple to Flow Key. In case of ICMP and UDP, default the
parent entry to NULL until related connections is supported.
Signed-off-by: Sairam Venugopal <vsairam@vmware.com>
Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add two new build targets: 'Win8Analyze' and 'Win8.1Analyze'.
The new build targets have the static code analyzer (built in Visual
Studio feature).
This patch also introduces a new make target ('datapath_windows_analyze')
this can be added to the CI jobs to get a list warnings/errors issued
by the code analyzer.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Acked-by: Anand Kumar <kumaranand@vmware.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
The removal is mandatory to use the VStudio 2013 static code analyzer.
The only function that was used from the include is: 'StringCbLengthA'.
We were not checking the result of that function, nor will the
'vportGet->name' exceed the 'OVS_MAX_PORT_NAME_LENGTH' limitation.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Acked-By: Anand Kumar <kumaranand@vmware.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
|
|
|
|
|
|
|
|
| |
Found using static analysis tools.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Acked-by: Anand Kumar <kumaranand@vmware.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
| |
Update the key used by the actions which follow up defragmentation, with
no fragment set in the IP header.
Found while testing OVN with two VMs on the same host.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Acked-by: Anand Kumar kumaranand@vmware.com
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a conntrack action is applied over an IP fragment we pend the fragment
which will be consumed later. This should be transparent to the userspace.
Report that the action was applied successfully so it does not spam
the ovs-vswitchd log.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Acked-by: Anand Kumar <kumaranand@vmware.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
|
|
|
|
|
|
|
|
| |
Found by inspection.
Signed-off-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
Acked-by: Anand Kumar <kumaranand at vmware.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Previously, the 'Version' property passed to MSBuild
was not being passed to the RcComplile section. To
use the value of 'Version' property in the rc file,
it needs to be passed.
- Adds a macro to convert the Version to a string literal.
Previously, the Version was simply being converted
to a literal text 'Version' instead of the the version
number passed using the 'Version' property to MSBuild.
Signed-off-by: Shashank Ram <rams@vmware.com>
Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
Signed-off-by: Gurucharan Shetty <guru@ovn.org>
|
|
|
|
|
|
|
|
|
|
| |
This patch adds support for Fragmenting NBL based on the MRU value.
MRU value is updated only for Ipv4 fragments, if it is non zero, then
fragment the NBL and send out the new NBL to the vnic.
Signed-off-by: Anand Kumar <kumaranand@vmware.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
With this patch, OvsTcpSegmentNBL not only supports fragmenting NBL
to TCP segments but also Ipv4 fragments.
To reflect the new changes, renamed function name from OvsTcpSegmentNBL
to OvsFragmentNBL and created a wrapper for OvsTcpSegmentNBL.
Signed-off-by: Anand Kumar <kumaranand@vmware.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Alin Gabriel Serdean <aserdean@cloudbasesolutions.com>
|