1. 12 2月, 2015 1 次提交
  2. 08 2月, 2015 1 次提交
    • J
      net: openvswitch: Support masked set actions. · 83d2b9ba
      Jarno Rajahalme 提交于
      OVS userspace already probes the openvswitch kernel module for
      OVS_ACTION_ATTR_SET_MASKED support.  This patch adds the kernel module
      implementation of masked set actions.
      
      The existing set action sets many fields at once.  When only a subset
      of the IP header fields, for example, should be modified, all the IP
      fields need to be exact matched so that the other field values can be
      copied to the set action.  A masked set action allows modification of
      an arbitrary subset of the supported header bits without requiring the
      rest to be matched.
      
      Masked set action is now supported for all writeable key types, except
      for the tunnel key.  The set tunnel action is an exception as any
      input tunnel info is cleared before action processing starts, so there
      is no tunnel info to mask.
      
      The kernel module converts all (non-tunnel) set actions to masked set
      actions.  This makes action processing more uniform, and results in
      less branching and duplicating the action processing code.  When
      returning actions to userspace, the fully masked set actions are
      converted back to normal set actions.  We use a kernel internal action
      code to be able to tell the userspace provided and converted masked
      set actions apart.
      Signed-off-by: NJarno Rajahalme <jrajahalme@nicira.com>
      Acked-by: NPravin B Shelar <pshelar@nicira.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      83d2b9ba
  3. 27 1月, 2015 2 次提交
    • J
      openvswitch: Add support for unique flow IDs. · 74ed7ab9
      Joe Stringer 提交于
      Previously, flows were manipulated by userspace specifying a full,
      unmasked flow key. This adds significant burden onto flow
      serialization/deserialization, particularly when dumping flows.
      
      This patch adds an alternative way to refer to flows using a
      variable-length "unique flow identifier" (UFID). At flow setup time,
      userspace may specify a UFID for a flow, which is stored with the flow
      and inserted into a separate table for lookup, in addition to the
      standard flow table. Flows created using a UFID must be fetched or
      deleted using the UFID.
      
      All flow dump operations may now be made more terse with OVS_UFID_F_*
      flags. For example, the OVS_UFID_F_OMIT_KEY flag allows responses to
      omit the flow key from a datapath operation if the flow has a
      corresponding UFID. This significantly reduces the time spent assembling
      and transacting netlink messages. With all OVS_UFID_F_OMIT_* flags
      enabled, the datapath only returns the UFID and statistics for each flow
      during flow dump, increasing ovs-vswitchd revalidator performance by 40%
      or more.
      Signed-off-by: NJoe Stringer <joestringer@nicira.com>
      Acked-by: NPravin B Shelar <pshelar@nicira.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      74ed7ab9
    • J
      openvswitch: Refactor ovs_nla_fill_match(). · 5b4237bb
      Joe Stringer 提交于
      Refactor the ovs_nla_fill_match() function into separate netlink
      serialization functions ovs_nla_put_{unmasked_key,mask}(). Modify
      ovs_nla_put_flow() to handle attribute nesting and expose the 'is_mask'
      parameter - all callers need to nest the flow, and callers have better
      knowledge about whether it is serializing a mask or not.
      Signed-off-by: NJoe Stringer <joestringer@nicira.com>
      Acked-by: NPravin B Shelar <pshelar@nicira.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      5b4237bb
  4. 15 1月, 2015 3 次提交
    • T
      openvswitch: Support VXLAN Group Policy extension · 1dd144cf
      Thomas Graf 提交于
      Introduces support for the group policy extension to the VXLAN virtual
      port. The extension is disabled by default and only enabled if the user
      has provided the respective configuration.
      
        ovs-vsctl add-port br0 vxlan0 -- \
           set Interface vxlan0 type=vxlan options:exts=gbp
      
      The configuration interface to enable the extension is based on a new
      attribute OVS_VXLAN_EXT_GBP nested inside OVS_TUNNEL_ATTR_EXTENSION
      which can carry additional extensions as needed in the future.
      
      The group policy metadata is stored as binary blob (struct ovs_vxlan_opts)
      internally just like Geneve options but transported as nested Netlink
      attributes to user space.
      
      Renames the existing TUNNEL_OPTIONS_PRESENT to TUNNEL_GENEVE_OPT with the
      binary value kept intact, a new flag TUNNEL_VXLAN_OPT is introduced.
      
      The attributes OVS_TUNNEL_KEY_ATTR_VXLAN_OPTS and existing
      OVS_TUNNEL_KEY_ATTR_GENEVE_OPTS are implemented mutually exclusive.
      Signed-off-by: NThomas Graf <tgraf@suug.ch>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      1dd144cf
    • T
      openvswitch: Allow for any level of nesting in flow attributes · 81bfe3c3
      Thomas Graf 提交于
      nlattr_set() is currently hardcoded to two levels of nesting. This change
      introduces struct ovs_len_tbl to define minimal length requirements plus
      next level nesting tables to traverse the key attributes to arbitrary depth.
      Signed-off-by: NThomas Graf <tgraf@suug.ch>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      81bfe3c3
    • T
      openvswitch: Rename GENEVE_TUN_OPTS() to TUN_METADATA_OPTS() · d91641d9
      Thomas Graf 提交于
      Also factors out Geneve validation code into a new separate function
      validate_and_copy_geneve_opts().
      
      A subsequent patch will introduce VXLAN options. Rename the existing
      GENEVE_TUN_OPTS() to reflect its extended purpose of carrying generic
      tunnel metadata options.
      Signed-off-by: NThomas Graf <tgraf@suug.ch>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      d91641d9
  5. 24 12月, 2014 1 次提交
  6. 06 12月, 2014 1 次提交
  7. 21 11月, 2014 1 次提交
  8. 17 11月, 2014 1 次提交
  9. 15 11月, 2014 2 次提交
  10. 10 11月, 2014 2 次提交
  11. 06 11月, 2014 6 次提交
  12. 18 10月, 2014 1 次提交
    • P
      openvswitch: Create right mask with disabled megaflows · f47de068
      Pravin B Shelar 提交于
      If megaflows are disabled, the userspace does not send the netlink attribute
      OVS_FLOW_ATTR_MASK, and the kernel must create an exact match mask.
      
      sw_flow_mask_set() sets every bytes (in 'range') of the mask to 0xff, even the
      bytes that represent padding for struct sw_flow, or the bytes that represent
      fields that may not be set during ovs_flow_extract().
      This is a problem, because when we extract a flow from a packet,
      we do not memset() anymore the struct sw_flow to 0.
      
      This commit gets rid of sw_flow_mask_set() and introduces mask_set_nlattr(),
      which operates on the netlink attributes rather than on the mask key. Using
      this approach we are sure that only the bytes that the user provided in the
      flow are matched.
      
      Also, if the parse_flow_mask_nlattrs() for the mask ENCAP attribute fails, we
      now return with an error.
      
      This bug is introduced by commit 07148121
      ("openvswitch: Eliminate memset() from flow_extract").
      Reported-by: NAlex Wang <alexw@nicira.com>
      Signed-off-by: NDaniele Di Proietto <ddiproietto@vmware.com>
      Signed-off-by: NAndy Zhou <azhou@nicira.com>
      Signed-off-by: NPravin B Shelar <pshelar@nicira.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      f47de068
  13. 06 10月, 2014 3 次提交
  14. 16 9月, 2014 2 次提交
  15. 23 5月, 2014 1 次提交
    • J
      openvswitch: Compact sw_flow_key. · 1139e241
      Jarno Rajahalme 提交于
      Minimize padding in sw_flow_key and move 'tp' top the main struct.
      These changes simplify code when accessing the transport port numbers
      and the tcp flags, and makes the sw_flow_key 8 bytes smaller on 64-bit
      systems (128->120 bytes).  These changes also make the keys for IPv4
      packets to fit in one cache line.
      
      There is a valid concern for safety of packing the struct
      ovs_key_ipv4_tunnel, as it would be possible to take the address of
      the tun_id member as a __be64 * which could result in unaligned access
      in some systems. However:
      
      - sw_flow_key itself is 64-bit aligned, so the tun_id within is
        always
        64-bit aligned.
      - We never make arrays of ovs_key_ipv4_tunnel (which would force
        every
        second tun_key to be misaligned).
      - We never take the address of the tun_id in to a __be64 *.
      - Whereever we use struct ovs_key_ipv4_tunnel outside the
        sw_flow_key,
        it is in stack (on tunnel input functions), where compiler has full
        control of the alignment.
      Signed-off-by: NJarno Rajahalme <jrajahalme@nicira.com>
      Signed-off-by: NPravin B Shelar <pshelar@nicira.com>
      1139e241
  16. 17 5月, 2014 6 次提交
  17. 07 1月, 2014 2 次提交
  18. 02 11月, 2013 1 次提交
    • J
      openvswitch: TCP flags matching support. · 5eb26b15
      Jarno Rajahalme 提交于
          tcp_flags=flags/mask
              Bitwise  match on TCP flags.  The flags and mask are 16-bit num‐
              bers written in decimal or in hexadecimal prefixed by 0x.   Each
              1-bit  in  mask requires that the corresponding bit in port must
              match.  Each 0-bit in mask causes the corresponding  bit  to  be
              ignored.
      
              TCP  protocol  currently  defines  9 flag bits, and additional 3
              bits are reserved (must be transmitted as zero), see  RFCs  793,
              3168, and 3540.  The flag bits are, numbering from the least
              significant bit:
      
              0: FIN No more data from sender.
      
              1: SYN Synchronize sequence numbers.
      
              2: RST Reset the connection.
      
              3: PSH Push function.
      
              4: ACK Acknowledgement field significant.
      
              5: URG Urgent pointer field significant.
      
              6: ECE ECN Echo.
      
              7: CWR Congestion Windows Reduced.
      
              8: NS  Nonce Sum.
      
              9-11:  Reserved.
      
              12-15: Not matchable, must be zero.
      Signed-off-by: NJarno Rajahalme <jrajahalme@nicira.com>
      Signed-off-by: NJesse Gross <jesse@nicira.com>
      5eb26b15
  19. 04 10月, 2013 1 次提交
  20. 12 9月, 2013 1 次提交
  21. 06 9月, 2013 1 次提交