| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
| |
When OVS sees a tunnel push with a nested list next, it will not
clone the packet, as a clone is not needed. However, a clone action will
still be created with the tunnel push encapsulated inside. There is no
need to create the clone action in this case, as extra parsing will need
to be performed, which is less efficient.
Signed-off-by: Rosemarie O'Riorden <roriorden@redhat.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
During a netlink transaction, in case of replies of type NLMSG_ERROR,
the current behavior includes the translation of the error number
received into a string that describes the error code.
Netlink replies may carry a more descriptive error message, and
although it is possible to read those messages using the existing perf
tracepoint, it is more convenient to retrieve them directly from ovs.
This patch extends nl_msg_nlmsgerr() so that it retrieves the message
that later, if present, will be used by nl_sock_transact_multiple__()
in place of the generic descriptive form of the error number. This is
particularly useful with tc that makes use of such kind of mechanism.
As an example, with this patch applied, the following generic message:
ovs|00239|netlink_socket|DBG|received NAK error=0 (Operation not supported)
becomes:
ovs|00239|netlink_socket|DBG|received NAK error=0 - Conntrack isn't enabled
The layout has been slightly modified to avoid nested parentheses.
Suggested-by: Marcelo Ricardo Leitner <mleitner@redhat.com>
Reviewed-by: Marcelo Ricardo Leitner <mleitner@redhat.com>
Signed-off-by: Paolo Valerio <pvalerio@redhat.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Data retrieved from netlink and friends may include link layer
address. Add type to nl_attr_type and min/max functions to allow
use of nl_policy_parse with this type of data.
While this will not be used by Open vSwitch itself at this time,
sibling and derived projects want to use the great netlink library
that OVS provides, and it is not possible to safely override the
global nl_attr_type symbol at link time.
Signed-off-by: Frode Nordahl <frode.nordahl@canonical.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
| |
FreeBSD insists that <sys/types.h> be included before <netinet/in.h> and
that <netinet/in.h> be included before <arpa/inet.h>. This adds guards to
the "sparse" headers to yield a warning if this order is violated. This
commit also adjusts the order of many #includes to suit this requirement.
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Justin Pettit <jpettit@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
| |
C++ does not allow implicit conversion from void pointer to a specific
pointer type. This change adds explicit typecasts to appropriate types
wherever needed.
Signed-off-by: Shireesh Kumar Singh <shireeshkum@vmware.com>
Signed-off-by: Sairam Venugopal <vsairam@vmware.com>
Co-authored-by: Sairam Venugopal <vsairam@vmware.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use the helpers in appropriate places. In most cases, this fixes a
misaligned reference, since ovs_be128 and ovs_u128 require 8-byte alignment
but Netlink only guarantees 4-byte.
Found by GCC -fsanitize=undefined.
Reported-by: Lance Richardson <lrichard@redhat.com>
Signed-off-by: Ben Pfaff <blp@ovn.org>
Acked-by: Lance Richardson <lrichard@redhat.com>
|
|
|
|
|
|
|
| |
Future patches will make use of those changes.
Signed-off-by: Andy Zhou <azhou@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>
|
|
|
|
|
|
|
| |
Later patch will make use of nl_msg_end_non_empty_nested()
Signed-off-by: Andy Zhou <azhou@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds support for specifying a "helper" or ALG to assist
connection tracking for protocols that consist of multiple streams.
Initially, only support for FTP is included.
Below is an example set of flows to allow FTP control connections from
port 1->2 to establish active data connections in the reverse direction:
table=0,priority=1,action=drop
table=0,arp,action=normal
table=0,in_port=1,tcp,action=ct(alg=ftp,commit),2
table=0,in_port=2,tcp,ct_state=-trk,action=ct(table=1)
table=1,in_port=2,tcp,ct_state=+trk+est,action=1
table=1,in_port=2,tcp,ct_state=+trk+rel,action=ct(commit),1
Signed-off-by: Joe Stringer <joestringer@nicira.com>
Acked-by: Jarno Rajahalme <jrajahalme@nicira.com>
Acked-by: Ben Pfaff <blp@nicira.com>
|
|
|
|
|
|
|
|
| |
[cascardo: add NL_A_IPV6, used in next patch]
Signed-off-by: Jiri Benc <jbenc@redhat.com>
Signed-off-by: Thadeu Lima de Souza Cascardo <cascardo@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Until now the Netlink code has considered an attribute to exceed the
maximum length if the *padded* size of the attribute exceeds 65535 bytes.
For example, an attribute with a 65529-byte payload, together with 4-byte
header and 3 bytes of padding, takes up 65536 bytes and therefore the
existing code rejected it.
However, the restriction on Netlink attribute sizes is to ensure that the
length fits in the 16-bit nla_len field. This field includes the 4-byte
header but not the padding, so a 65529-byte payload is acceptable because,
with the header but not the padding, it comes to only 65533 bytes.
Thus, this commit relaxes the restriction on Netlink attribute sizes by
omitting padding from size checks. It also changes one piece of code that
inlined a size check to use the central function nl_attr_oversized().
This change should fix an assertion failure when OVS userspace passes a
maximum-size (65529+ byte) packet back to the kernel.
Reported-by: Shuping Cui <scui@redhat.com>
Reported-by: Jiri Benc <jbenc@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
|
|
|
|
|
|
|
|
|
|
| |
There is no reason to enforce padding after the last attribute.
Dropping this enforcement will ease efforts to implement zerocopy
upcall.
Signed-off-by: Thomas Graf <tgraf@redhat.com>
Acked-by: Ben Pfaff <blp@nicira.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
|
|
|
|
|
|
|
| |
This function already had a few potential users, which this commit
converts. An upcoming commit adds more users.
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
|
|
|
|
|
|
|
|
|
|
| |
If we allow oversize datapath actions to make it out of translation, then
we will assert-fail later when we try to put those actions into a Netlink
attribute.
Bug #19277.
Reported-by: Paul ingram <paul@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Justin Pettit <jpettit@nicira.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Until now, datapath ports and openflow ports were both represented by
unsigned integers of various sizes. With implicit conversions, etc., it is
easy to mix them up and use one where the other is expected. This commit
creates two typedefs, ofp_port_t and odp_port_t. Both of these two types
are marked by "__attribute__((bitwise))" so that sparse can be used to
detect any misuse.
Signed-off-by: Alex Wang <alexw@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
|
|
|
|
|
|
|
| |
Replaced all instances of Nicira Networks(, Inc) to Nicira, Inc.
Feature #10593
Signed-off-by: Raju Subramanian <rsubramanian@nicira.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
|
| |
|
| |
|
|
|
|
|
|
| |
I was feeling tempted in some code to just guess "hey, 32 bytes ought to
be big enough" and so on, but really it seems better to just have a
convenient way to measure.
|
|
|
|
|
|
| |
These are really just copies of the corresponding "put" functions. An
upcoming commit will introduce a user of nl_msg_push_u32(). I thought I
might as well create all of these while I was at it.
|
|
|
|
| |
Upcoming commits will introduce more users.
|
|
|
|
|
|
| |
Many of our functions pass around a pointer to Netlink attributes
and a length. This exposes the version of nl_attr_find that takes
that format so it can be used by callers outside the Netlink library.
|
|
|
|
|
|
| |
This warning doesn't indicate a genuine problem, since 'nla' must be
aligned properly and NLA_ALIGN ensures that the offset is aligned properly
too. Casting via void * suppresses the warning.
|
|
|
|
|
|
|
|
| |
These are semantically identical, so they might as well share existing
values, but they help to document the endianness of attributes in Netlink
attribute policies.
Acked-by: Jesse Gross <jesse@nicira.com>
|
|
|
|
|
|
|
|
|
| |
These functions are useful in the occasional case where a piece of code
only cares about one or a few attributes, probably knows that the format
is correct, and doesn't want to go to the trouble of doing a full parse.
Upcoming commits will add a user.
Reviewed by Justin Pettit.
|
|
|
|
| |
Acked-by: Jesse Gross <jesse@nicira.com>
|
|
|
|
|
|
|
|
| |
Linux since v2.6.24 has a couple of couple of bits at the top of
nla_type that one is apparently supposed to ignore. This commit
starts doing that in Open vSwitch userspace.
Acked-by: Jesse Gross <jesse@nicira.com>
|
|
|
|
|
|
|
| |
These _be<N> functions are completely equivalent to the corresponding
_u<N> functions, but the names help to make their purpose clear.
Acked-by: Jesse Gross <jesse@nicira.com>
|
|
|
|
|
|
|
|
|
| |
The parts of the netlink module that are related to sockets are
Linux-specific, since only Linux has AF_NETLINK sockets. The rest can be
built anywhere. This commit breaks them into two modules, and builds the
generic one on all platforms.
Acked-by: Jesse Gross <jesse@nicira.com>
|
|
|
|
|
|
|
|
|
| |
Fairly often it happens that nested Netlink attributes must themselves
contain Netlink attributes. In such a case, nlmsg_put_nested() is not so
convenient, because it requires the contents to be pre-assembled and then
copied into place. This commit introduces a new interface that instead
allows the nested attributes to be assembled in-place. As a demonstration,
it updates nl_msg_put_nested() to use this new interface.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
These two functions use their "sock" parameter only to figure out the
nlmsg_pid to put in the nlmsghdr. But that field can be filled in just
as well right before sending the message. Since our functions for sending
Netlink messages always modify the nlmsghdr anyhow (to fill in the length),
there is little benefit to filling in the nlmsg_pid in advance. The cost,
on the other hand, is having to pass another argument to functions that
already have too many. So this commit removes the argument.
|
| |
|
|
|