* [PATCH net-next V13 0/3] openvswitch: Add support for 802.1ad
@ 2015-09-24 17:58 Thomas F Herbert
[not found] ` <1443117498-19123-1-git-send-email-thomasfherbert-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-09-24 17:58 ` [PATCH 2/3] Check for vlan ethernet types for 8021.q or 802.1ad Thomas F Herbert
0 siblings, 2 replies; 9+ messages in thread
From: Thomas F Herbert @ 2015-09-24 17:58 UTC (permalink / raw)
To: netdev-u79uwXL29TY76Z2rM5mHXA, pshelar-l0M0P4e3n4LQT0dZR+AlfA
Cc: dev-yBygre7rU0TnMu66kgdUjQ, therbert-H+wXaHxf7aLQT0dZR+AlfA
V13: Fix incorrect encoding and decoding of netlink to/from key
attributes.
V12: Fix some problems and issues pointed out by reviewers. When parsing
netlink attributes Ether types other then 0x88a8 as outer tpid.
V11: Add inner tpid to flow key. Fix separate inner encap attribute
when parsing netlink attributes. Merge 2 patches to consolidate
qinq changes.
V10: Implement reviewer comments: Consolidate vlan parsing functions.
Splits netlink parsing and flow conversion into a separate patch. Uses
double encap attribute encapsulation for 802.1ad. Netlink attributes
now look like this:
eth_type(0x88a8),vlan(vid=100),encap(eth_type(0x8100), vlan(vid=200),
encap(eth_type(0x0800), ...))
The double encap atributes in this version of the patch is incompatible with
old versions of the user level 802.1ad patch. A new user level patch which
is also being submitted simultaneously to openvswitch dev mailing list.
V9: Includes changes suggested by reviewers
V8: Includes changes suggested by reviewers
V7: Includes changes suggested by reviewers
V6: Rebased to net-next
V5: Use encapsulated attributes
Although the Open Flow specification specified support for 802.1AD (qinq)
as well as push and pop vlan headers, So far Open vSwitch has only
supported a single tag header.
This patch accompanies version 10 of the user level openvswitch patch
submitted to openvswitch dev list.
For discussion, history and previous versions of the kernel module
patch and the user code patch see the OVS dev mailing list,
openvswitch.org/pipermail/dev/..
Thomas F Herbert (3):
openvswitch: 802.1ad uapi changes.
Check for vlan ethernet types for 8021.q or 802.1ad
802.1AD: Flow handling, actions, vlan parsing and netlink attributes
include/linux/if_vlan.h | 17 ++++
include/uapi/linux/openvswitch.h | 17 ++--
net/openvswitch/flow.c | 83 ++++++++++++++++----
net/openvswitch/flow.h | 5 ++
net/openvswitch/flow_netlink.c | 166 ++++++++++++++++++++++++++++++++++++---
5 files changed, 256 insertions(+), 32 deletions(-)
--
2.4.3
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH 1/3] openvswitch: 802.1ad uapi changes.
[not found] ` <1443117498-19123-1-git-send-email-thomasfherbert-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
@ 2015-09-24 17:58 ` Thomas F Herbert
2015-09-24 17:58 ` [PATCH 3/3] 802.1AD: Flow handling, actions, vlan parsing and netlink attributes Thomas F Herbert
1 sibling, 0 replies; 9+ messages in thread
From: Thomas F Herbert @ 2015-09-24 17:58 UTC (permalink / raw)
To: netdev-u79uwXL29TY76Z2rM5mHXA, pshelar-l0M0P4e3n4LQT0dZR+AlfA
Cc: dev-yBygre7rU0TnMu66kgdUjQ, therbert-H+wXaHxf7aLQT0dZR+AlfA
openvswitch: Add support for 8021.AD
Change the description of the VLAN tpid field.
Signed-off-by: Thomas F Herbert <thomasfherbert@gmail.com>
---
include/uapi/linux/openvswitch.h | 17 +++++++++--------
1 file changed, 9 insertions(+), 8 deletions(-)
diff --git a/include/uapi/linux/openvswitch.h b/include/uapi/linux/openvswitch.h
index 32e07d8..b0c959c 100644
--- a/include/uapi/linux/openvswitch.h
+++ b/include/uapi/linux/openvswitch.h
@@ -585,13 +585,13 @@ struct ovs_action_push_mpls {
* @vlan_tci: Tag control identifier (TCI) to push. The CFI bit must be set
* (but it will not be set in the 802.1Q header that is pushed).
*
- * The @vlan_tpid value is typically %ETH_P_8021Q. The only acceptable TPID
- * values are those that the kernel module also parses as 802.1Q headers, to
- * prevent %OVS_ACTION_ATTR_PUSH_VLAN followed by %OVS_ACTION_ATTR_POP_VLAN
- * from having surprising results.
+ * The @vlan_tpid value is typically %ETH_P_8021Q or %ETH_P_8021AD.
+ * The only acceptable TPID values are those that the kernel module also parses
+ * as 802.1Q or 802.1AD headers, to prevent %OVS_ACTION_ATTR_PUSH_VLAN followed
+ * by %OVS_ACTION_ATTR_POP_VLAN from having surprising results.
*/
struct ovs_action_push_vlan {
- __be16 vlan_tpid; /* 802.1Q TPID. */
+ __be16 vlan_tpid; /* 802.1Q or 802.1ad TPID. */
__be16 vlan_tci; /* 802.1Q TCI (VLAN ID and priority). */
};
@@ -664,9 +664,10 @@ enum ovs_ct_attr {
* is copied from the value to the packet header field, rest of the bits are
* left unchanged. The non-masked value bits must be passed in as zeroes.
* Masking is not supported for the %OVS_KEY_ATTR_TUNNEL attribute.
- * @OVS_ACTION_ATTR_PUSH_VLAN: Push a new outermost 802.1Q header onto the
- * packet.
- * @OVS_ACTION_ATTR_POP_VLAN: Pop the outermost 802.1Q header off the packet.
+ * @OVS_ACTION_ATTR_PUSH_VLAN: Push a new outermost 802.1Q or 802.1ad header
+ * onto the packet.
+ * @OVS_ACTION_ATTR_POP_VLAN: Pop the outermost 802.1Q or 802.1ad header
+ * from the packet.
* @OVS_ACTION_ATTR_SAMPLE: Probabilitically executes actions, as specified in
* the nested %OVS_SAMPLE_ATTR_* attributes.
* @OVS_ACTION_ATTR_PUSH_MPLS: Push a new MPLS label stack entry onto the
--
2.4.3
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 2/3] Check for vlan ethernet types for 8021.q or 802.1ad
2015-09-24 17:58 [PATCH net-next V13 0/3] openvswitch: Add support for 802.1ad Thomas F Herbert
[not found] ` <1443117498-19123-1-git-send-email-thomasfherbert-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
@ 2015-09-24 17:58 ` Thomas F Herbert
1 sibling, 0 replies; 9+ messages in thread
From: Thomas F Herbert @ 2015-09-24 17:58 UTC (permalink / raw)
To: netdev, pshelar; +Cc: therbert, dev, Thomas F Herbert
Signed-off-by: Thomas F Herbert <thomasfherbert@gmail.com>
---
include/linux/if_vlan.h | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/include/linux/if_vlan.h b/include/linux/if_vlan.h
index 67ce5bd..88d1be4 100644
--- a/include/linux/if_vlan.h
+++ b/include/linux/if_vlan.h
@@ -627,6 +627,23 @@ static inline netdev_features_t vlan_features_check(const struct sk_buff *skb,
return features;
}
+/**
+ * eth_type_vlan - check for valid vlan ether type.
+ * @ethertype: ether type to check
+ *
+ * Returns true if the ether type is a vlan ether type.
+ */
+static inline bool eth_type_vlan(__be16 ethertype)
+{
+ switch (ethertype) {
+ case (htons(ETH_P_8021Q)):
+ return true;
+ case (htons(ETH_P_8021AD)):
+ return true;
+ default:
+ return false;
+ }
+}
/**
* compare_vlan_header - Compare two vlan headers
--
2.4.3
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 3/3] 802.1AD: Flow handling, actions, vlan parsing and netlink attributes
[not found] ` <1443117498-19123-1-git-send-email-thomasfherbert-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-09-24 17:58 ` [PATCH 1/3] openvswitch: 802.1ad uapi changes Thomas F Herbert
@ 2015-09-24 17:58 ` Thomas F Herbert
[not found] ` <1443117498-19123-4-git-send-email-thomasfherbert-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
1 sibling, 1 reply; 9+ messages in thread
From: Thomas F Herbert @ 2015-09-24 17:58 UTC (permalink / raw)
To: netdev-u79uwXL29TY76Z2rM5mHXA, pshelar-l0M0P4e3n4LQT0dZR+AlfA
Cc: dev-yBygre7rU0TnMu66kgdUjQ, therbert-H+wXaHxf7aLQT0dZR+AlfA
Add support for 802.1ad including the ability to push and pop double
tagged vlans. Add support for 802.1ad to netlink parsing and flow
conversion. Uses double nested encap attributes to represent double
tagged vlan. Inner TPID encoded along with ctci in nested attributes.
Signed-off-by: Thomas F Herbert <thomasfherbert@gmail.com>
---
net/openvswitch/flow.c | 83 +++++++++++++++++----
net/openvswitch/flow.h | 5 ++
net/openvswitch/flow_netlink.c | 166 ++++++++++++++++++++++++++++++++++++++---
3 files changed, 230 insertions(+), 24 deletions(-)
diff --git a/net/openvswitch/flow.c b/net/openvswitch/flow.c
index c8db44a..db58e47 100644
--- a/net/openvswitch/flow.c
+++ b/net/openvswitch/flow.c
@@ -305,21 +305,77 @@ static bool icmp6hdr_ok(struct sk_buff *skb)
static int parse_vlan(struct sk_buff *skb, struct sw_flow_key *key)
{
struct qtag_prefix {
- __be16 eth_type; /* ETH_P_8021Q */
+ __be16 eth_type; /* ETH_P_8021Q or ETH_P_8021AD */
__be16 tci;
};
- struct qtag_prefix *qp;
+ struct qtag_prefix *qp = (struct qtag_prefix *)skb->data;
- if (unlikely(skb->len < sizeof(struct qtag_prefix) + sizeof(__be16)))
+ struct qinqtag_prefix {
+ __be16 eth_type; /* ETH_P_8021Q or ETH_P_8021AD */
+ __be16 tci;
+ __be16 inner_tpid; /* ETH_P_8021Q */
+ __be16 ctci;
+ };
+
+ if (likely(skb_vlan_tag_present(skb))) {
+ key->eth.tci = htons(skb->vlan_tci);
+
+ /* Case where upstream
+ * processing has already stripped the outer vlan tag.
+ */
+ if (unlikely(skb->vlan_proto == htons(ETH_P_8021AD))) {
+ if (unlikely(skb->len < sizeof(struct qtag_prefix) +
+ sizeof(__be16))) {
+ key->eth.tci = 0;
+ return 0;
+ }
+
+ if (unlikely(!pskb_may_pull(skb,
+ sizeof(struct qtag_prefix) +
+ sizeof(__be16))))
+ return -ENOMEM;
+
+ key->eth.cvlan.ctci =
+ qp->tci | htons(VLAN_TAG_PRESENT);
+ key->eth.cvlan.c_tpid = qp->eth_type;
+
+ __skb_pull(skb, sizeof(struct qtag_prefix));
+ }
return 0;
+ }
- if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
- sizeof(__be16))))
- return -ENOMEM;
- qp = (struct qtag_prefix *) skb->data;
- key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
- __skb_pull(skb, sizeof(struct qtag_prefix));
+ if (qp->eth_type == htons(ETH_P_8021AD)) {
+ struct qinqtag_prefix *qinqp =
+ (struct qinqtag_prefix *)skb->data;
+
+ if (unlikely(skb->len < sizeof(struct qinqtag_prefix) +
+ sizeof(__be16)))
+ return 0;
+
+ if (unlikely(!pskb_may_pull(skb, sizeof(struct qinqtag_prefix) +
+ sizeof(__be16))))
+ return -ENOMEM;
+ key->eth.tci = qinqp->tci | htons(VLAN_TAG_PRESENT);
+ key->eth.cvlan.ctci = qinqp->ctci | htons(VLAN_TAG_PRESENT);
+ key->eth.cvlan.c_tpid = qinqp->inner_tpid;
+
+ __skb_pull(skb, sizeof(struct qinqtag_prefix));
+
+ return 0;
+ }
+ if (qp->eth_type == htons(ETH_P_8021Q)) {
+ if (unlikely(skb->len < sizeof(struct qtag_prefix) +
+ sizeof(__be16)))
+ return -ENOMEM;
+
+ if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
+ sizeof(__be16))))
+ return 0;
+ key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
+
+ __skb_pull(skb, sizeof(struct qtag_prefix));
+ }
return 0;
}
@@ -481,11 +537,10 @@ static int key_extract(struct sk_buff *skb, struct sw_flow_key *key)
*/
key->eth.tci = 0;
- if (skb_vlan_tag_present(skb))
- key->eth.tci = htons(skb->vlan_tci);
- else if (eth->h_proto == htons(ETH_P_8021Q))
- if (unlikely(parse_vlan(skb, key)))
- return -ENOMEM;
+ key->eth.cvlan.ctci = 0;
+ key->eth.cvlan.c_tpid = 0;
+ if (unlikely(parse_vlan(skb, key)))
+ return -ENOMEM;
key->eth.type = parse_ethertype(skb);
if (unlikely(key->eth.type == htons(0)))
diff --git a/net/openvswitch/flow.h b/net/openvswitch/flow.h
index fe527d2..2c491e8 100644
--- a/net/openvswitch/flow.h
+++ b/net/openvswitch/flow.h
@@ -69,6 +69,11 @@ struct sw_flow_key {
u8 src[ETH_ALEN]; /* Ethernet source address. */
u8 dst[ETH_ALEN]; /* Ethernet destination address. */
__be16 tci; /* 0 if no VLAN, VLAN_TAG_PRESENT set otherwise. */
+ struct {
+ __be16 c_tpid; /* Vlan DL_type 802.1q or 802.1ad */
+ __be16 ctci; /* 0 if no CVLAN, VLAN_TAG_PRESENT */
+ /* set otherwise. */
+ } cvlan;
__be16 type; /* Ethernet frame type. */
} eth;
union {
diff --git a/net/openvswitch/flow_netlink.c b/net/openvswitch/flow_netlink.c
index c92d6a2..5fe415d 100644
--- a/net/openvswitch/flow_netlink.c
+++ b/net/openvswitch/flow_netlink.c
@@ -811,6 +811,27 @@ static int metadata_from_nlattrs(struct net *net, struct sw_flow_match *match,
return 0;
}
+static int cust_vlan_from_nlattrs(struct sw_flow_match *match,
+ const struct nlattr *a[],
+ bool is_mask, bool log)
+{
+ __be16 ctci = 0;
+ __be16 c_tpid = 0;
+
+ ctci = nla_get_be16(a[OVS_KEY_ATTR_VLAN]);
+ if (!(ctci & htons(VLAN_TAG_PRESENT))) {
+ if (is_mask)
+ OVS_NLERR(log, "VLAN CTCI mask does not have exact match for VLAN_TAG_PRESENT bit.");
+ else
+ OVS_NLERR(log, "VLAN CTCI does not have VLAN_TAG_PRESENT bit set.");
+ return -EINVAL;
+ }
+ c_tpid = nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]);
+ SW_FLOW_KEY_PUT(match, eth.cvlan.c_tpid, c_tpid, is_mask);
+ SW_FLOW_KEY_PUT(match, eth.cvlan.ctci, ctci, is_mask);
+ return 0;
+}
+
static int ovs_key_from_nlattrs(struct net *net, struct sw_flow_match *match,
u64 attrs, const struct nlattr **a,
bool is_mask, bool log)
@@ -1064,6 +1085,80 @@ static void mask_set_nlattr(struct nlattr *attr, u8 val)
nlattr_set(attr, val, ovs_key_lens);
}
+static int parse_vlan_from_nlattrs(const struct nlattr **nla,
+ struct sw_flow_match *match,
+ u64 *key_attrs, bool *ie_valid,
+ const struct nlattr **a, bool is_mask,
+ bool log)
+{
+ int err;
+ const struct nlattr *encap;
+
+ *ie_valid = false;
+ if (!is_mask) {
+ u64 v_attrs = 0;
+
+ err = parse_flow_nlattrs(*nla, a, &v_attrs, log);
+ if (err)
+ return err;
+ /* Another encap attribute here indicates
+ * the presence of a double tagged vlan.
+ */
+ if ((v_attrs & (1 << OVS_KEY_ATTR_ETHERTYPE)) &&
+ eth_type_vlan(nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]))) {
+ if (!((v_attrs & (1ULL << OVS_KEY_ATTR_VLAN)) &&
+ (v_attrs & (1ULL << OVS_KEY_ATTR_ENCAP)))) {
+ OVS_NLERR(log, "Invalid Inner VLAN frame");
+ return -EINVAL;
+ }
+ encap = a[OVS_KEY_ATTR_ENCAP];
+ v_attrs &= ~(1 << OVS_KEY_ATTR_ENCAP);
+
+ err = cust_vlan_from_nlattrs(match, a, is_mask, log);
+ if (err)
+ return err;
+ *ie_valid = true;
+ *nla = encap;
+
+ /* Insure that tci key attribute isn't
+ * overwritten by encapsulated customer tci.
+ * Ethertype is cleared because it is c_tpid.
+ */
+ v_attrs &= ~(1 << OVS_KEY_ATTR_VLAN);
+ v_attrs &= ~(1 << OVS_KEY_ATTR_ETHERTYPE);
+ }
+ *key_attrs |= v_attrs;
+
+ } else {
+ u64 mask_v_attrs = 0;
+
+ err = parse_flow_mask_nlattrs(*nla, a, &mask_v_attrs, log);
+ if (err)
+ return err;
+
+ if (mask_v_attrs & 1 << OVS_KEY_ATTR_ENCAP) {
+ if (!*ie_valid) {
+ OVS_NLERR(log, "Encap mask attribute is set for non-CVLAN frame.");
+ err = -EINVAL;
+ return err;
+ }
+ encap = a[OVS_KEY_ATTR_ENCAP];
+ mask_v_attrs &= ~(1 << OVS_KEY_ATTR_ENCAP);
+
+ err = cust_vlan_from_nlattrs(match, a, is_mask, log);
+ if (err)
+ return err;
+ *nla = encap;
+
+ mask_v_attrs &= ~(1ULL << OVS_KEY_ATTR_VLAN);
+ mask_v_attrs &= ~(1ULL << OVS_KEY_ATTR_ETHERTYPE);
+ }
+
+ *key_attrs |= mask_v_attrs;
+ }
+ return 0;
+}
+
/**
* ovs_nla_get_match - parses Netlink attributes into a flow key and
* mask. In case the 'mask' is NULL, the flow is treated as exact match
@@ -1091,6 +1186,7 @@ int ovs_nla_get_match(struct net *net, struct sw_flow_match *match,
u64 key_attrs = 0;
u64 mask_attrs = 0;
bool encap_valid = false;
+ bool i_encap_valid = false;
int err;
err = parse_flow_nlattrs(nla_key, a, &key_attrs, log);
@@ -1099,11 +1195,11 @@ int ovs_nla_get_match(struct net *net, struct sw_flow_match *match,
if ((key_attrs & (1 << OVS_KEY_ATTR_ETHERNET)) &&
(key_attrs & (1 << OVS_KEY_ATTR_ETHERTYPE)) &&
- (nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]) == htons(ETH_P_8021Q))) {
+ eth_type_vlan(nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]))) {
__be16 tci;
- if (!((key_attrs & (1 << OVS_KEY_ATTR_VLAN)) &&
- (key_attrs & (1 << OVS_KEY_ATTR_ENCAP)))) {
+ if (!((key_attrs & (1ULL << OVS_KEY_ATTR_VLAN)) &&
+ (key_attrs & (1ULL << OVS_KEY_ATTR_ENCAP)))) {
OVS_NLERR(log, "Invalid Vlan frame.");
return -EINVAL;
}
@@ -1115,9 +1211,19 @@ int ovs_nla_get_match(struct net *net, struct sw_flow_match *match,
encap_valid = true;
if (tci & htons(VLAN_TAG_PRESENT)) {
- err = parse_flow_nlattrs(encap, a, &key_attrs, log);
+ err = parse_vlan_from_nlattrs(&encap, match, &key_attrs,
+ &i_encap_valid, a, false,
+ log);
if (err)
return err;
+
+ if (i_encap_valid) {
+ err = parse_flow_nlattrs(encap, a,
+ &key_attrs,
+ log);
+ if (err)
+ return err;
+ }
} else if (!tci) {
/* Corner case for truncated 802.1Q header. */
if (nla_len(encap)) {
@@ -1188,10 +1294,21 @@ int ovs_nla_get_match(struct net *net, struct sw_flow_match *match,
if (eth_type == htons(0xffff)) {
mask_attrs &= ~(1 << OVS_KEY_ATTR_ETHERTYPE);
encap = a[OVS_KEY_ATTR_ENCAP];
- err = parse_flow_mask_nlattrs(encap, a,
- &mask_attrs, log);
+ err = parse_vlan_from_nlattrs(&encap, match,
+ &mask_attrs,
+ &i_encap_valid,
+ a, true, log);
if (err)
goto free_newmask;
+
+ if (i_encap_valid) {
+ err =
+ parse_flow_mask_nlattrs(encap, a,
+ &mask_attrs,
+ log);
+ if (err)
+ goto free_newmask;
+ }
} else {
OVS_NLERR(log, "VLAN frames must have an exact match on the TPID (mask=%x).",
ntohs(eth_type));
@@ -1320,6 +1437,7 @@ static int __ovs_nla_put_key(const struct sw_flow_key *swkey,
{
struct ovs_key_ethernet *eth_key;
struct nlattr *nla, *encap;
+ struct nlattr *in_encap = NULL;
if (nla_put_u32(skb, OVS_KEY_ATTR_RECIRC_ID, output->recirc_id))
goto nla_put_failure;
@@ -1368,17 +1486,42 @@ static int __ovs_nla_put_key(const struct sw_flow_key *swkey,
ether_addr_copy(eth_key->eth_src, output->eth.src);
ether_addr_copy(eth_key->eth_dst, output->eth.dst);
- if (swkey->eth.tci || swkey->eth.type == htons(ETH_P_8021Q)) {
+ if (swkey->eth.tci || eth_type_vlan(swkey->eth.type)) {
__be16 eth_type;
- eth_type = !is_mask ? htons(ETH_P_8021Q) : htons(0xffff);
+
+ if (swkey->eth.cvlan.ctci ||
+ eth_type_vlan(swkey->eth.cvlan.c_tpid))
+ eth_type = !is_mask ? htons(ETH_P_8021AD) :
+ htons(0xffff);
+ else
+ eth_type = !is_mask ? htons(ETH_P_8021Q) :
+ htons(0xffff);
+
if (nla_put_be16(skb, OVS_KEY_ATTR_ETHERTYPE, eth_type) ||
nla_put_be16(skb, OVS_KEY_ATTR_VLAN, output->eth.tci))
goto nla_put_failure;
encap = nla_nest_start(skb, OVS_KEY_ATTR_ENCAP);
if (!swkey->eth.tci)
goto unencap;
- } else
+ if (swkey->eth.cvlan.ctci || eth_type_vlan(swkey->eth.type)) {
+ __be16 eth_type;
+
+ /* Customer tci is nested but uses same key attribute.
+ */
+ eth_type = !is_mask ? htons(ETH_P_8021Q) :
+ htons(0xffff);
+ if (nla_put_be16(skb, OVS_KEY_ATTR_ETHERTYPE,
+ eth_type) ||
+ nla_put_be16(skb, OVS_KEY_ATTR_VLAN,
+ output->eth.cvlan.ctci))
+ goto nla_put_failure;
+ in_encap = nla_nest_start(skb, OVS_KEY_ATTR_ENCAP);
+ if (!swkey->eth.cvlan.ctci)
+ goto unencap;
+ }
+ } else {
encap = NULL;
+ }
if (swkey->eth.type == htons(ETH_P_802_2)) {
/*
@@ -1525,6 +1668,8 @@ static int __ovs_nla_put_key(const struct sw_flow_key *swkey,
unencap:
if (encap)
nla_nest_end(skb, encap);
+ if (in_encap)
+ nla_nest_end(skb, in_encap);
return 0;
@@ -2174,7 +2319,8 @@ static int __ovs_nla_copy_actions(struct net *net, const struct nlattr *attr,
case OVS_ACTION_ATTR_PUSH_VLAN:
vlan = nla_data(a);
- if (vlan->vlan_tpid != htons(ETH_P_8021Q))
+ if ((vlan->vlan_tpid != htons(ETH_P_8021Q)) &&
+ (vlan->vlan_tpid != htons(ETH_P_8021AD)))
return -EINVAL;
if (!(vlan->vlan_tci & htons(VLAN_TAG_PRESENT)))
return -EINVAL;
--
2.4.3
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH 3/3] 802.1AD: Flow handling, actions, vlan parsing and netlink attributes
[not found] ` <1443117498-19123-4-git-send-email-thomasfherbert-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
@ 2015-09-24 23:42 ` Pravin Shelar
2015-09-25 19:18 ` Thomas F Herbert
2015-09-25 22:35 ` Thomas F Herbert
0 siblings, 2 replies; 9+ messages in thread
From: Pravin Shelar @ 2015-09-24 23:42 UTC (permalink / raw)
To: Thomas F Herbert
Cc: dev-yBygre7rU0TnMu66kgdUjQ@public.gmane.org, netdev,
therbert-H+wXaHxf7aLQT0dZR+AlfA
On Thu, Sep 24, 2015 at 10:58 AM, Thomas F Herbert
<thomasfherbert@gmail.com> wrote:
> Add support for 802.1ad including the ability to push and pop double
> tagged vlans. Add support for 802.1ad to netlink parsing and flow
> conversion. Uses double nested encap attributes to represent double
> tagged vlan. Inner TPID encoded along with ctci in nested attributes.
>
> Signed-off-by: Thomas F Herbert <thomasfherbert@gmail.com>
> ---
> net/openvswitch/flow.c | 83 +++++++++++++++++----
> net/openvswitch/flow.h | 5 ++
> net/openvswitch/flow_netlink.c | 166 ++++++++++++++++++++++++++++++++++++++---
> 3 files changed, 230 insertions(+), 24 deletions(-)
>
> diff --git a/net/openvswitch/flow.c b/net/openvswitch/flow.c
> index c8db44a..db58e47 100644
> --- a/net/openvswitch/flow.c
> +++ b/net/openvswitch/flow.c
> @@ -305,21 +305,77 @@ static bool icmp6hdr_ok(struct sk_buff *skb)
> static int parse_vlan(struct sk_buff *skb, struct sw_flow_key *key)
> {
> struct qtag_prefix {
> - __be16 eth_type; /* ETH_P_8021Q */
> + __be16 eth_type; /* ETH_P_8021Q or ETH_P_8021AD */
> __be16 tci;
> };
> - struct qtag_prefix *qp;
> + struct qtag_prefix *qp = (struct qtag_prefix *)skb->data;
>
> - if (unlikely(skb->len < sizeof(struct qtag_prefix) + sizeof(__be16)))
> + struct qinqtag_prefix {
> + __be16 eth_type; /* ETH_P_8021Q or ETH_P_8021AD */
> + __be16 tci;
> + __be16 inner_tpid; /* ETH_P_8021Q */
> + __be16 ctci;
> + };
> +
> + if (likely(skb_vlan_tag_present(skb))) {
> + key->eth.tci = htons(skb->vlan_tci);
> +
> + /* Case where upstream
> + * processing has already stripped the outer vlan tag.
> + */
> + if (unlikely(skb->vlan_proto == htons(ETH_P_8021AD))) {
> + if (unlikely(skb->len < sizeof(struct qtag_prefix) +
> + sizeof(__be16))) {
> + key->eth.tci = 0;
> + return 0;
> + }
> +
> + if (unlikely(!pskb_may_pull(skb,
> + sizeof(struct qtag_prefix) +
> + sizeof(__be16))))
> + return -ENOMEM;
> +
qp pointer is no longer valid after pskb_may_pull() call.
> + key->eth.cvlan.ctci =
> + qp->tci | htons(VLAN_TAG_PRESENT);
> + key->eth.cvlan.c_tpid = qp->eth_type;
> +
> + __skb_pull(skb, sizeof(struct qtag_prefix));
> + }
> return 0;
> + }
>
> - if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
> - sizeof(__be16))))
> - return -ENOMEM;
>
> - qp = (struct qtag_prefix *) skb->data;
> - key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
> - __skb_pull(skb, sizeof(struct qtag_prefix));
qp access is done without skb_may_pull() call.
> + if (qp->eth_type == htons(ETH_P_8021AD)) {
> + struct qinqtag_prefix *qinqp =
> + (struct qinqtag_prefix *)skb->data;
> +
> + if (unlikely(skb->len < sizeof(struct qinqtag_prefix) +
> + sizeof(__be16)))
> + return 0;
> +
> + if (unlikely(!pskb_may_pull(skb, sizeof(struct qinqtag_prefix) +
> + sizeof(__be16))))
> + return -ENOMEM;
same as above qinqp pointer is not valid after psk_may_pull().
> + key->eth.tci = qinqp->tci | htons(VLAN_TAG_PRESENT);
> + key->eth.cvlan.ctci = qinqp->ctci | htons(VLAN_TAG_PRESENT);
> + key->eth.cvlan.c_tpid = qinqp->inner_tpid;
> +
> + __skb_pull(skb, sizeof(struct qinqtag_prefix));
> +
> + return 0;
> + }
> + if (qp->eth_type == htons(ETH_P_8021Q)) {
> + if (unlikely(skb->len < sizeof(struct qtag_prefix) +
> + sizeof(__be16)))
> + return -ENOMEM;
> +
> + if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
> + sizeof(__be16))))
> + return 0;
same issue as above.
> + key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
> +
> + __skb_pull(skb, sizeof(struct qtag_prefix));
> + }
>
> return 0;
> }
...
> diff --git a/net/openvswitch/flow.h b/net/openvswitch/flow.h
> index fe527d2..2c491e8 100644
> --- a/net/openvswitch/flow.h
> +++ b/net/openvswitch/flow.h
> @@ -69,6 +69,11 @@ struct sw_flow_key {
> u8 src[ETH_ALEN]; /* Ethernet source address. */
> u8 dst[ETH_ALEN]; /* Ethernet destination address. */
> __be16 tci; /* 0 if no VLAN, VLAN_TAG_PRESENT set otherwise. */
> + struct {
> + __be16 c_tpid; /* Vlan DL_type 802.1q or 802.1ad */
> + __be16 ctci; /* 0 if no CVLAN, VLAN_TAG_PRESENT */
Lets call c_tpid type and ctci tci, to keep naming consistent with outer vlan.
> + /* set otherwise. */
> + } cvlan;
> __be16 type; /* Ethernet frame type. */
> } eth;
> union {
> diff --git a/net/openvswitch/flow_netlink.c b/net/openvswitch/flow_netlink.c
> index c92d6a2..5fe415d 100644
> --- a/net/openvswitch/flow_netlink.c
> +++ b/net/openvswitch/flow_netlink.c
...
> @@ -1064,6 +1085,80 @@ static void mask_set_nlattr(struct nlattr *attr, u8 val)
> nlattr_set(attr, val, ovs_key_lens);
> }
>
> +static int parse_vlan_from_nlattrs(const struct nlattr **nla,
> + struct sw_flow_match *match,
> + u64 *key_attrs, bool *ie_valid,
> + const struct nlattr **a, bool is_mask,
> + bool log)
> +{
> + int err;
> + const struct nlattr *encap;
> +
> + *ie_valid = false;
> + if (!is_mask) {
> + u64 v_attrs = 0;
> +
> + err = parse_flow_nlattrs(*nla, a, &v_attrs, log);
> + if (err)
> + return err;
> + /* Another encap attribute here indicates
> + * the presence of a double tagged vlan.
> + */
> + if ((v_attrs & (1 << OVS_KEY_ATTR_ETHERTYPE)) &&
> + eth_type_vlan(nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]))) {
> + if (!((v_attrs & (1ULL << OVS_KEY_ATTR_VLAN)) &&
> + (v_attrs & (1ULL << OVS_KEY_ATTR_ENCAP)))) {
> + OVS_NLERR(log, "Invalid Inner VLAN frame");
> + return -EINVAL;
> + }
> + encap = a[OVS_KEY_ATTR_ENCAP];
> + v_attrs &= ~(1 << OVS_KEY_ATTR_ENCAP);
> +
> + err = cust_vlan_from_nlattrs(match, a, is_mask, log);
> + if (err)
> + return err;
> + *ie_valid = true;
> + *nla = encap;
> +
> + /* Insure that tci key attribute isn't
> + * overwritten by encapsulated customer tci.
> + * Ethertype is cleared because it is c_tpid.
> + */
> + v_attrs &= ~(1 << OVS_KEY_ATTR_VLAN);
> + v_attrs &= ~(1 << OVS_KEY_ATTR_ETHERTYPE);
> + }
> + *key_attrs |= v_attrs;
> +
> + } else {
> + u64 mask_v_attrs = 0;
> +
> + err = parse_flow_mask_nlattrs(*nla, a, &mask_v_attrs, log);
> + if (err)
> + return err;
> +
> + if (mask_v_attrs & 1 << OVS_KEY_ATTR_ENCAP) {
> + if (!*ie_valid) {
> + OVS_NLERR(log, "Encap mask attribute is set for non-CVLAN frame.");
> + err = -EINVAL;
No need to set err it is not read again.
> + return err;
> + }
At the beginning of this same function ie_valid is set to false. So
this case always return error resulting failure in flow install. This
make me wonder if you ever tested this code with multiple encap
traffic.
> + encap = a[OVS_KEY_ATTR_ENCAP];
> + mask_v_attrs &= ~(1 << OVS_KEY_ATTR_ENCAP);
> +
> + err = cust_vlan_from_nlattrs(match, a, is_mask, log);
> + if (err)
> + return err;
> + *nla = encap;
> +
> + mask_v_attrs &= ~(1ULL << OVS_KEY_ATTR_VLAN);
> + mask_v_attrs &= ~(1ULL << OVS_KEY_ATTR_ETHERTYPE);
> + }
> +
> + *key_attrs |= mask_v_attrs;
> + }
> + return 0;
> +}
> +
> /**
> * ovs_nla_get_match - parses Netlink attributes into a flow key and
> * mask. In case the 'mask' is NULL, the flow is treated as exact match
> @@ -1091,6 +1186,7 @@ int ovs_nla_get_match(struct net *net, struct sw_flow_match *match,
> u64 key_attrs = 0;
> u64 mask_attrs = 0;
> bool encap_valid = false;
> + bool i_encap_valid = false;
> int err;
>
> err = parse_flow_nlattrs(nla_key, a, &key_attrs, log);
> @@ -1099,11 +1195,11 @@ int ovs_nla_get_match(struct net *net, struct sw_flow_match *match,
>
> if ((key_attrs & (1 << OVS_KEY_ATTR_ETHERNET)) &&
> (key_attrs & (1 << OVS_KEY_ATTR_ETHERTYPE)) &&
> - (nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]) == htons(ETH_P_8021Q))) {
> + eth_type_vlan(nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]))) {
> __be16 tci;
>
> - if (!((key_attrs & (1 << OVS_KEY_ATTR_VLAN)) &&
> - (key_attrs & (1 << OVS_KEY_ATTR_ENCAP)))) {
> + if (!((key_attrs & (1ULL << OVS_KEY_ATTR_VLAN)) &&
> + (key_attrs & (1ULL << OVS_KEY_ATTR_ENCAP)))) {
> OVS_NLERR(log, "Invalid Vlan frame.");
> return -EINVAL;
> }
> @@ -1115,9 +1211,19 @@ int ovs_nla_get_match(struct net *net, struct sw_flow_match *match,
> encap_valid = true;
>
> if (tci & htons(VLAN_TAG_PRESENT)) {
> - err = parse_flow_nlattrs(encap, a, &key_attrs, log);
> + err = parse_vlan_from_nlattrs(&encap, match, &key_attrs,
> + &i_encap_valid, a, false,
> + log);
> if (err)
> return err;
> +
> + if (i_encap_valid) {
> + err = parse_flow_nlattrs(encap, a,
> + &key_attrs,
> + log);
> + if (err)
> + return err;
> + }
Can you call this function from parse_vlan_from_nlattrs()? This will
eliminate following call site too.
> } else if (!tci) {
> /* Corner case for truncated 802.1Q header. */
> if (nla_len(encap)) {
> @@ -1188,10 +1294,21 @@ int ovs_nla_get_match(struct net *net, struct sw_flow_match *match,
> if (eth_type == htons(0xffff)) {
> mask_attrs &= ~(1 << OVS_KEY_ATTR_ETHERTYPE);
> encap = a[OVS_KEY_ATTR_ENCAP];
> - err = parse_flow_mask_nlattrs(encap, a,
> - &mask_attrs, log);
> + err = parse_vlan_from_nlattrs(&encap, match,
> + &mask_attrs,
> + &i_encap_valid,
> + a, true, log);
> if (err)
> goto free_newmask;
> +
> + if (i_encap_valid) {
> + err =
> + parse_flow_mask_nlattrs(encap, a,
> + &mask_attrs,
> + log);
> + if (err)
> + goto free_newmask;
> + }
> } else {
> OVS_NLERR(log, "VLAN frames must have an exact match on the TPID (mask=%x).",
> ntohs(eth_type));
> @@ -1320,6 +1437,7 @@ static int __ovs_nla_put_key(const struct sw_flow_key *swkey,
> {
> struct ovs_key_ethernet *eth_key;
> struct nlattr *nla, *encap;
> + struct nlattr *in_encap = NULL;
>
> if (nla_put_u32(skb, OVS_KEY_ATTR_RECIRC_ID, output->recirc_id))
> goto nla_put_failure;
> @@ -1368,17 +1486,42 @@ static int __ovs_nla_put_key(const struct sw_flow_key *swkey,
> ether_addr_copy(eth_key->eth_src, output->eth.src);
> ether_addr_copy(eth_key->eth_dst, output->eth.dst);
>
> - if (swkey->eth.tci || swkey->eth.type == htons(ETH_P_8021Q)) {
> + if (swkey->eth.tci || eth_type_vlan(swkey->eth.type)) {
> __be16 eth_type;
> - eth_type = !is_mask ? htons(ETH_P_8021Q) : htons(0xffff);
> +
> + if (swkey->eth.cvlan.ctci ||
> + eth_type_vlan(swkey->eth.cvlan.c_tpid))
> + eth_type = !is_mask ? htons(ETH_P_8021AD) :
> + htons(0xffff);
> + else
> + eth_type = !is_mask ? htons(ETH_P_8021Q) :
> + htons(0xffff);
> +
Here we can directly dump output->eth.type to netlink. No need to
check for inner encap.
> if (nla_put_be16(skb, OVS_KEY_ATTR_ETHERTYPE, eth_type) ||
> nla_put_be16(skb, OVS_KEY_ATTR_VLAN, output->eth.tci))
> goto nla_put_failure;
> encap = nla_nest_start(skb, OVS_KEY_ATTR_ENCAP);
> if (!swkey->eth.tci)
> goto unencap;
> - } else
> + if (swkey->eth.cvlan.ctci || eth_type_vlan(swkey->eth.type)) {
> + __be16 eth_type;
> +
> + /* Customer tci is nested but uses same key attribute.
> + */
> + eth_type = !is_mask ? htons(ETH_P_8021Q) :
> + htons(0xffff);
We can just dump eth_type from output key into netlink attribute
rather than deriving it from other values.
> + if (nla_put_be16(skb, OVS_KEY_ATTR_ETHERTYPE,
> + eth_type) ||
> + nla_put_be16(skb, OVS_KEY_ATTR_VLAN,
> + output->eth.cvlan.ctci))
> + goto nla_put_failure;
> + in_encap = nla_nest_start(skb, OVS_KEY_ATTR_ENCAP);
> + if (!swkey->eth.cvlan.ctci)
> + goto unencap;
> + }
> + } else {
> encap = NULL;
> + }
>
> if (swkey->eth.type == htons(ETH_P_802_2)) {
> /*
> @@ -1525,6 +1668,8 @@ static int __ovs_nla_put_key(const struct sw_flow_key *swkey,
> unencap:
> if (encap)
> nla_nest_end(skb, encap);
> + if (in_encap)
> + nla_nest_end(skb, in_encap);
>
> return 0;
>
> @@ -2174,7 +2319,8 @@ static int __ovs_nla_copy_actions(struct net *net, const struct nlattr *attr,
>
> case OVS_ACTION_ATTR_PUSH_VLAN:
> vlan = nla_data(a);
> - if (vlan->vlan_tpid != htons(ETH_P_8021Q))
> + if ((vlan->vlan_tpid != htons(ETH_P_8021Q)) &&
> + (vlan->vlan_tpid != htons(ETH_P_8021AD)))
> return -EINVAL;
This is open coded negative eth_type_vlan() function.
You also need to update packet_length() in vport-netdev.c
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 3/3] 802.1AD: Flow handling, actions, vlan parsing and netlink attributes
2015-09-24 23:42 ` Pravin Shelar
@ 2015-09-25 19:18 ` Thomas F Herbert
2015-09-25 22:35 ` Thomas F Herbert
1 sibling, 0 replies; 9+ messages in thread
From: Thomas F Herbert @ 2015-09-25 19:18 UTC (permalink / raw)
To: Pravin Shelar; +Cc: netdev, therbert, dev@openvswitch.org
Pravin,
Thanks for the review,
Comments in line below.
--TFH
On 9/24/15 7:42 PM, Pravin Shelar wrote:
> On Thu, Sep 24, 2015 at 10:58 AM, Thomas F Herbert
> <thomasfherbert@gmail.com> wrote:
>> Add support for 802.1ad including the ability to push and pop double
>> tagged vlans. Add support for 802.1ad to netlink parsing and flow
>> conversion. Uses double nested encap attributes to represent double
>> tagged vlan. Inner TPID encoded along with ctci in nested attributes.
>>
>> Signed-off-by: Thomas F Herbert <thomasfherbert@gmail.com>
>> ---
>> net/openvswitch/flow.c | 83 +++++++++++++++++----
>> net/openvswitch/flow.h | 5 ++
>> net/openvswitch/flow_netlink.c | 166 ++++++++++++++++++++++++++++++++++++++---
>> 3 files changed, 230 insertions(+), 24 deletions(-)
>>
>> diff --git a/net/openvswitch/flow.c b/net/openvswitch/flow.c
>> index c8db44a..db58e47 100644
>> --- a/net/openvswitch/flow.c
>> +++ b/net/openvswitch/flow.c
>> @@ -305,21 +305,77 @@ static bool icmp6hdr_ok(struct sk_buff *skb)
>> static int parse_vlan(struct sk_buff *skb, struct sw_flow_key *key)
>> {
>> struct qtag_prefix {
>> - __be16 eth_type; /* ETH_P_8021Q */
>> + __be16 eth_type; /* ETH_P_8021Q or ETH_P_8021AD */
>> __be16 tci;
>> };
>> - struct qtag_prefix *qp;
>> + struct qtag_prefix *qp = (struct qtag_prefix *)skb->data;
>>
>> - if (unlikely(skb->len < sizeof(struct qtag_prefix) + sizeof(__be16)))
>> + struct qinqtag_prefix {
>> + __be16 eth_type; /* ETH_P_8021Q or ETH_P_8021AD */
>> + __be16 tci;
>> + __be16 inner_tpid; /* ETH_P_8021Q */
>> + __be16 ctci;
>> + };
>> +
>> + if (likely(skb_vlan_tag_present(skb))) {
>> + key->eth.tci = htons(skb->vlan_tci);
>> +
>> + /* Case where upstream
>> + * processing has already stripped the outer vlan tag.
>> + */
>> + if (unlikely(skb->vlan_proto == htons(ETH_P_8021AD))) {
>> + if (unlikely(skb->len < sizeof(struct qtag_prefix) +
>> + sizeof(__be16))) {
>> + key->eth.tci = 0;
>> + return 0;
>> + }
>> +
>> + if (unlikely(!pskb_may_pull(skb,
>> + sizeof(struct qtag_prefix) +
>> + sizeof(__be16))))
>> + return -ENOMEM;
>> +
> qp pointer is no longer valid after pskb_may_pull() call.
>
>> + key->eth.cvlan.ctci =
>> + qp->tci | htons(VLAN_TAG_PRESENT);
>> + key->eth.cvlan.c_tpid = qp->eth_type;
>> +
>> + __skb_pull(skb, sizeof(struct qtag_prefix));
>> + }
>> return 0;
>> + }
>>
>> - if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
>> - sizeof(__be16))))
>> - return -ENOMEM;
>>
>> - qp = (struct qtag_prefix *) skb->data;
>> - key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
>> - __skb_pull(skb, sizeof(struct qtag_prefix));
>
> qp access is done without skb_may_pull() call.
>> + if (qp->eth_type == htons(ETH_P_8021AD)) {
>> + struct qinqtag_prefix *qinqp =
>> + (struct qinqtag_prefix *)skb->data;
>> +
>> + if (unlikely(skb->len < sizeof(struct qinqtag_prefix) +
>> + sizeof(__be16)))
>> + return 0;
>> +
>> + if (unlikely(!pskb_may_pull(skb, sizeof(struct qinqtag_prefix) +
>> + sizeof(__be16))))
>> + return -ENOMEM;
>
> same as above qinqp pointer is not valid after psk_may_pull().
>
>> + key->eth.tci = qinqp->tci | htons(VLAN_TAG_PRESENT);
>> + key->eth.cvlan.ctci = qinqp->ctci | htons(VLAN_TAG_PRESENT);
>> + key->eth.cvlan.c_tpid = qinqp->inner_tpid;
>> +
>> + __skb_pull(skb, sizeof(struct qinqtag_prefix));
>> +
>> + return 0;
>> + }
>> + if (qp->eth_type == htons(ETH_P_8021Q)) {
>> + if (unlikely(skb->len < sizeof(struct qtag_prefix) +
>> + sizeof(__be16)))
>> + return -ENOMEM;
>> +
>> + if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
>> + sizeof(__be16))))
>> + return 0;
> same issue as above.
>
>> + key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
>> +
>> + __skb_pull(skb, sizeof(struct qtag_prefix));
>> + }
>>
>> return 0;
>> }
> ...
>
>> diff --git a/net/openvswitch/flow.h b/net/openvswitch/flow.h
>> index fe527d2..2c491e8 100644
>> --- a/net/openvswitch/flow.h
>> +++ b/net/openvswitch/flow.h
>> @@ -69,6 +69,11 @@ struct sw_flow_key {
>> u8 src[ETH_ALEN]; /* Ethernet source address. */
>> u8 dst[ETH_ALEN]; /* Ethernet destination address. */
>> __be16 tci; /* 0 if no VLAN, VLAN_TAG_PRESENT set otherwise. */
>> + struct {
>> + __be16 c_tpid; /* Vlan DL_type 802.1q or 802.1ad */
>> + __be16 ctci; /* 0 if no CVLAN, VLAN_TAG_PRESENT */
> Lets call c_tpid type and ctci tci, to keep naming consistent with outer vlan.
>> + /* set otherwise. */
>> + } cvlan;
>> __be16 type; /* Ethernet frame type. */
>> } eth;
>> union {
>> diff --git a/net/openvswitch/flow_netlink.c b/net/openvswitch/flow_netlink.c
>> index c92d6a2..5fe415d 100644
>> --- a/net/openvswitch/flow_netlink.c
>> +++ b/net/openvswitch/flow_netlink.c
> ...
>
>> @@ -1064,6 +1085,80 @@ static void mask_set_nlattr(struct nlattr *attr, u8 val)
>> nlattr_set(attr, val, ovs_key_lens);
>> }
>>
>> +static int parse_vlan_from_nlattrs(const struct nlattr **nla,
>> + struct sw_flow_match *match,
>> + u64 *key_attrs, bool *ie_valid,
>> + const struct nlattr **a, bool is_mask,
>> + bool log)
>> +{
>> + int err;
>> + const struct nlattr *encap;
>> +
>> + *ie_valid = false;
>> + if (!is_mask) {
>> + u64 v_attrs = 0;
>> +
>> + err = parse_flow_nlattrs(*nla, a, &v_attrs, log);
>> + if (err)
>> + return err;
>> + /* Another encap attribute here indicates
>> + * the presence of a double tagged vlan.
>> + */
>> + if ((v_attrs & (1 << OVS_KEY_ATTR_ETHERTYPE)) &&
>> + eth_type_vlan(nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]))) {
>> + if (!((v_attrs & (1ULL << OVS_KEY_ATTR_VLAN)) &&
>> + (v_attrs & (1ULL << OVS_KEY_ATTR_ENCAP)))) {
>> + OVS_NLERR(log, "Invalid Inner VLAN frame");
>> + return -EINVAL;
>> + }
>> + encap = a[OVS_KEY_ATTR_ENCAP];
>> + v_attrs &= ~(1 << OVS_KEY_ATTR_ENCAP);
>> +
>> + err = cust_vlan_from_nlattrs(match, a, is_mask, log);
>> + if (err)
>> + return err;
>> + *ie_valid = true;
>> + *nla = encap;
>> +
>> + /* Insure that tci key attribute isn't
>> + * overwritten by encapsulated customer tci.
>> + * Ethertype is cleared because it is c_tpid.
>> + */
>> + v_attrs &= ~(1 << OVS_KEY_ATTR_VLAN);
>> + v_attrs &= ~(1 << OVS_KEY_ATTR_ETHERTYPE);
>> + }
>> + *key_attrs |= v_attrs;
>> +
>> + } else {
>> + u64 mask_v_attrs = 0;
>> +
>> + err = parse_flow_mask_nlattrs(*nla, a, &mask_v_attrs, log);
>> + if (err)
>> + return err;
>> +
>> + if (mask_v_attrs & 1 << OVS_KEY_ATTR_ENCAP) {
>> + if (!*ie_valid) {
>> + OVS_NLERR(log, "Encap mask attribute is set for non-CVLAN frame.");
>> + err = -EINVAL;
> No need to set err it is not read again.
Pravin, thanks for your review.
err is set so the caller knows to has to free the new mask if one was
created. With the change you suggested below, calling
parse_flow_nlattrs() from this function, this return won't be necessary
anyway.
>
>> + return err;
>> + }
> At the beginning of this same function ie_valid is set to false. So
> this case always return error resulting failure in flow install. This
> make me wonder if you ever tested this code with multiple encap
> traffic.
Yes, you are correct. ie_valid is initialized already in parent
function. I have tested with double tagged and single tagged traffic. I
don't know why the Encap mask error didn't show up with this version of
the patch. I will verify that mask attribute is initialized correctly
before this function is called.
>
>> + encap = a[OVS_KEY_ATTR_ENCAP];
>> + mask_v_attrs &= ~(1 << OVS_KEY_ATTR_ENCAP);
>> +
>> + err = cust_vlan_from_nlattrs(match, a, is_mask, log);
>> + if (err)
>> + return err;
>> + *nla = encap;
>> +
>> + mask_v_attrs &= ~(1ULL << OVS_KEY_ATTR_VLAN);
>> + mask_v_attrs &= ~(1ULL << OVS_KEY_ATTR_ETHERTYPE);
>> + }
>> +
>> + *key_attrs |= mask_v_attrs;
>> + }
>> + return 0;
>> +}
>> +
>> /**
>> * ovs_nla_get_match - parses Netlink attributes into a flow key and
>> * mask. In case the 'mask' is NULL, the flow is treated as exact match
>> @@ -1091,6 +1186,7 @@ int ovs_nla_get_match(struct net *net, struct sw_flow_match *match,
>> u64 key_attrs = 0;
>> u64 mask_attrs = 0;
>> bool encap_valid = false;
>> + bool i_encap_valid = false;
>> int err;
>>
>> err = parse_flow_nlattrs(nla_key, a, &key_attrs, log);
>> @@ -1099,11 +1195,11 @@ int ovs_nla_get_match(struct net *net, struct sw_flow_match *match,
>>
>> if ((key_attrs & (1 << OVS_KEY_ATTR_ETHERNET)) &&
>> (key_attrs & (1 << OVS_KEY_ATTR_ETHERTYPE)) &&
>> - (nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]) == htons(ETH_P_8021Q))) {
>> + eth_type_vlan(nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]))) {
>> __be16 tci;
>>
>> - if (!((key_attrs & (1 << OVS_KEY_ATTR_VLAN)) &&
>> - (key_attrs & (1 << OVS_KEY_ATTR_ENCAP)))) {
>> + if (!((key_attrs & (1ULL << OVS_KEY_ATTR_VLAN)) &&
>> + (key_attrs & (1ULL << OVS_KEY_ATTR_ENCAP)))) {
>> OVS_NLERR(log, "Invalid Vlan frame.");
>> return -EINVAL;
>> }
>> @@ -1115,9 +1211,19 @@ int ovs_nla_get_match(struct net *net, struct sw_flow_match *match,
>> encap_valid = true;
>>
>> if (tci & htons(VLAN_TAG_PRESENT)) {
>> - err = parse_flow_nlattrs(encap, a, &key_attrs, log);
>> + err = parse_vlan_from_nlattrs(&encap, match, &key_attrs,
>> + &i_encap_valid, a, false,
>> + log);
>> if (err)
>> return err;
>> +
>> + if (i_encap_valid) {
>> + err = parse_flow_nlattrs(encap, a,
>> + &key_attrs,
>> + log);
>> + if (err)
>> + return err;
>> + }
> Can you call this function from parse_vlan_from_nlattrs()? This will
> eliminate following call site too.
>
>> } else if (!tci) {
>> /* Corner case for truncated 802.1Q header. */
>> if (nla_len(encap)) {
>> @@ -1188,10 +1294,21 @@ int ovs_nla_get_match(struct net *net, struct sw_flow_match *match,
>> if (eth_type == htons(0xffff)) {
>> mask_attrs &= ~(1 << OVS_KEY_ATTR_ETHERTYPE);
>> encap = a[OVS_KEY_ATTR_ENCAP];
>> - err = parse_flow_mask_nlattrs(encap, a,
>> - &mask_attrs, log);
>> + err = parse_vlan_from_nlattrs(&encap, match,
>> + &mask_attrs,
>> + &i_encap_valid,
>> + a, true, log);
>> if (err)
>> goto free_newmask;
>> +
>> + if (i_encap_valid) {
>> + err =
>> + parse_flow_mask_nlattrs(encap, a,
>> + &mask_attrs,
>> + log);
>> + if (err)
>> + goto free_newmask;
>> + }
>> } else {
>> OVS_NLERR(log, "VLAN frames must have an exact match on the TPID (mask=%x).",
>> ntohs(eth_type));
>> @@ -1320,6 +1437,7 @@ static int __ovs_nla_put_key(const struct sw_flow_key *swkey,
>> {
>> struct ovs_key_ethernet *eth_key;
>> struct nlattr *nla, *encap;
>> + struct nlattr *in_encap = NULL;
>>
>> if (nla_put_u32(skb, OVS_KEY_ATTR_RECIRC_ID, output->recirc_id))
>> goto nla_put_failure;
>> @@ -1368,17 +1486,42 @@ static int __ovs_nla_put_key(const struct sw_flow_key *swkey,
>> ether_addr_copy(eth_key->eth_src, output->eth.src);
>> ether_addr_copy(eth_key->eth_dst, output->eth.dst);
>>
>> - if (swkey->eth.tci || swkey->eth.type == htons(ETH_P_8021Q)) {
>> + if (swkey->eth.tci || eth_type_vlan(swkey->eth.type)) {
>> __be16 eth_type;
>> - eth_type = !is_mask ? htons(ETH_P_8021Q) : htons(0xffff);
>> +
>> + if (swkey->eth.cvlan.ctci ||
>> + eth_type_vlan(swkey->eth.cvlan.c_tpid))
>> + eth_type = !is_mask ? htons(ETH_P_8021AD) :
>> + htons(0xffff);
>> + else
>> + eth_type = !is_mask ? htons(ETH_P_8021Q) :
>> + htons(0xffff);
>> +
> Here we can directly dump output->eth.type to netlink. No need to
> check for inner encap.
>
>> if (nla_put_be16(skb, OVS_KEY_ATTR_ETHERTYPE, eth_type) ||
>> nla_put_be16(skb, OVS_KEY_ATTR_VLAN, output->eth.tci))
>> goto nla_put_failure;
>> encap = nla_nest_start(skb, OVS_KEY_ATTR_ENCAP);
>> if (!swkey->eth.tci)
>> goto unencap;
>> - } else
>> + if (swkey->eth.cvlan.ctci || eth_type_vlan(swkey->eth.type)) {
>> + __be16 eth_type;
>> +
>> + /* Customer tci is nested but uses same key attribute.
>> + */
>> + eth_type = !is_mask ? htons(ETH_P_8021Q) :
>> + htons(0xffff);
>
> We can just dump eth_type from output key into netlink attribute
> rather than deriving it from other values.
>
>> + if (nla_put_be16(skb, OVS_KEY_ATTR_ETHERTYPE,
>> + eth_type) ||
>> + nla_put_be16(skb, OVS_KEY_ATTR_VLAN,
>> + output->eth.cvlan.ctci))
>> + goto nla_put_failure;
>> + in_encap = nla_nest_start(skb, OVS_KEY_ATTR_ENCAP);
>> + if (!swkey->eth.cvlan.ctci)
>> + goto unencap;
>> + }
>> + } else {
>> encap = NULL;
>> + }
>>
>> if (swkey->eth.type == htons(ETH_P_802_2)) {
>> /*
>> @@ -1525,6 +1668,8 @@ static int __ovs_nla_put_key(const struct sw_flow_key *swkey,
>> unencap:
>> if (encap)
>> nla_nest_end(skb, encap);
>> + if (in_encap)
>> + nla_nest_end(skb, in_encap);
>>
>> return 0;
>>
>> @@ -2174,7 +2319,8 @@ static int __ovs_nla_copy_actions(struct net *net, const struct nlattr *attr,
>>
>> case OVS_ACTION_ATTR_PUSH_VLAN:
>> vlan = nla_data(a);
>> - if (vlan->vlan_tpid != htons(ETH_P_8021Q))
>> + if ((vlan->vlan_tpid != htons(ETH_P_8021Q)) &&
>> + (vlan->vlan_tpid != htons(ETH_P_8021AD)))
>> return -EINVAL;
>
> This is open coded negative eth_type_vlan() function.
>
> You also need to update packet_length() in vport-netdev.c
>
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 3/3] 802.1AD: Flow handling, actions, vlan parsing and netlink attributes
2015-09-24 23:42 ` Pravin Shelar
2015-09-25 19:18 ` Thomas F Herbert
@ 2015-09-25 22:35 ` Thomas F Herbert
[not found] ` <5605CC2F.1010700-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
1 sibling, 1 reply; 9+ messages in thread
From: Thomas F Herbert @ 2015-09-25 22:35 UTC (permalink / raw)
To: Pravin Shelar; +Cc: netdev, therbert, dev@openvswitch.org
Pravin,
Another comment and question. Please seen inline below.
Thanks,
--Tom
On 9/24/15 7:42 PM, Pravin Shelar wrote:
> On Thu, Sep 24, 2015 at 10:58 AM, Thomas F Herbert
> <thomasfherbert@gmail.com> wrote:
>> Add support for 802.1ad including the ability to push and pop double
>> tagged vlans. Add support for 802.1ad to netlink parsing and flow
>> conversion. Uses double nested encap attributes to represent double
>> tagged vlan. Inner TPID encoded along with ctci in nested attributes.
>>
>> Signed-off-by: Thomas F Herbert <thomasfherbert@gmail.com>
>> ---
>> net/openvswitch/flow.c | 83 +++++++++++++++++----
>> net/openvswitch/flow.h | 5 ++
>> net/openvswitch/flow_netlink.c | 166 ++++++++++++++++++++++++++++++++++++++---
>> 3 files changed, 230 insertions(+), 24 deletions(-)
>>
>> diff --git a/net/openvswitch/flow.c b/net/openvswitch/flow.c
>> index c8db44a..db58e47 100644
>> --- a/net/openvswitch/flow.c
>> +++ b/net/openvswitch/flow.c
>> @@ -305,21 +305,77 @@ static bool icmp6hdr_ok(struct sk_buff *skb)
>> static int parse_vlan(struct sk_buff *skb, struct sw_flow_key *key)
>> {
>> struct qtag_prefix {
>> - __be16 eth_type; /* ETH_P_8021Q */
>> + __be16 eth_type; /* ETH_P_8021Q or ETH_P_8021AD */
>> __be16 tci;
>> };
>> - struct qtag_prefix *qp;
>> + struct qtag_prefix *qp = (struct qtag_prefix *)skb->data;
>>
>> - if (unlikely(skb->len < sizeof(struct qtag_prefix) + sizeof(__be16)))
>> + struct qinqtag_prefix {
>> + __be16 eth_type; /* ETH_P_8021Q or ETH_P_8021AD */
>> + __be16 tci;
>> + __be16 inner_tpid; /* ETH_P_8021Q */
>> + __be16 ctci;
>> + };
>> +
>> + if (likely(skb_vlan_tag_present(skb))) {
>> + key->eth.tci = htons(skb->vlan_tci);
>> +
>> + /* Case where upstream
>> + * processing has already stripped the outer vlan tag.
>> + */
>> + if (unlikely(skb->vlan_proto == htons(ETH_P_8021AD))) {
>> + if (unlikely(skb->len < sizeof(struct qtag_prefix) +
>> + sizeof(__be16))) {
>> + key->eth.tci = 0;
>> + return 0;
>> + }
>> +
>> + if (unlikely(!pskb_may_pull(skb,
>> + sizeof(struct qtag_prefix) +
>> + sizeof(__be16))))
>> + return -ENOMEM;
>> +
> qp pointer is no longer valid after pskb_may_pull() call.
>
>> + key->eth.cvlan.ctci =
>> + qp->tci | htons(VLAN_TAG_PRESENT);
>> + key->eth.cvlan.c_tpid = qp->eth_type;
>> +
>> + __skb_pull(skb, sizeof(struct qtag_prefix));
>> + }
>> return 0;
>> + }
>>
>> - if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
>> - sizeof(__be16))))
>> - return -ENOMEM;
>>
>> - qp = (struct qtag_prefix *) skb->data;
>> - key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
>> - __skb_pull(skb, sizeof(struct qtag_prefix));
>
> qp access is done without skb_may_pull() call.
>> + if (qp->eth_type == htons(ETH_P_8021AD)) {
>> + struct qinqtag_prefix *qinqp =
>> + (struct qinqtag_prefix *)skb->data;
>> +
>> + if (unlikely(skb->len < sizeof(struct qinqtag_prefix) +
>> + sizeof(__be16)))
>> + return 0;
>> +
>> + if (unlikely(!pskb_may_pull(skb, sizeof(struct qinqtag_prefix) +
>> + sizeof(__be16))))
>> + return -ENOMEM;
>
> same as above qinqp pointer is not valid after psk_may_pull().
>
>> + key->eth.tci = qinqp->tci | htons(VLAN_TAG_PRESENT);
>> + key->eth.cvlan.ctci = qinqp->ctci | htons(VLAN_TAG_PRESENT);
>> + key->eth.cvlan.c_tpid = qinqp->inner_tpid;
>> +
>> + __skb_pull(skb, sizeof(struct qinqtag_prefix));
>> +
>> + return 0;
>> + }
>> + if (qp->eth_type == htons(ETH_P_8021Q)) {
>> + if (unlikely(skb->len < sizeof(struct qtag_prefix) +
>> + sizeof(__be16)))
>> + return -ENOMEM;
>> +
>> + if (unlikely(!pskb_may_pull(skb, sizeof(struct qtag_prefix) +
>> + sizeof(__be16))))
>> + return 0;
> same issue as above.
>
>> + key->eth.tci = qp->tci | htons(VLAN_TAG_PRESENT);
>> +
>> + __skb_pull(skb, sizeof(struct qtag_prefix));
>> + }
>>
>> return 0;
>> }
> ...
>
>> diff --git a/net/openvswitch/flow.h b/net/openvswitch/flow.h
>> index fe527d2..2c491e8 100644
>> --- a/net/openvswitch/flow.h
>> +++ b/net/openvswitch/flow.h
>> @@ -69,6 +69,11 @@ struct sw_flow_key {
>> u8 src[ETH_ALEN]; /* Ethernet source address. */
>> u8 dst[ETH_ALEN]; /* Ethernet destination address. */
>> __be16 tci; /* 0 if no VLAN, VLAN_TAG_PRESENT set otherwise. */
Do you think I should I also add tpid here with tci for the outer vlan
as a struct? Please see comment below.
>> + struct {
>> + __be16 c_tpid; /* Vlan DL_type 802.1q or 802.1ad */
>> + __be16 ctci; /* 0 if no CVLAN, VLAN_TAG_PRESENT */
> Lets call c_tpid type and ctci tci, to keep naming consistent with outer vlan.
>> + /* set otherwise. */
>> + } cvlan;
>> __be16 type; /* Ethernet frame type. */
>> } eth;
>> union {
>> diff --git a/net/openvswitch/flow_netlink.c b/net/openvswitch/flow_netlink.c
>> index c92d6a2..5fe415d 100644
>> --- a/net/openvswitch/flow_netlink.c
>> +++ b/net/openvswitch/flow_netlink.c
> ...
>
>> @@ -1064,6 +1085,80 @@ static void mask_set_nlattr(struct nlattr *attr, u8 val)
>> nlattr_set(attr, val, ovs_key_lens);
>> }
>>
>> +static int parse_vlan_from_nlattrs(const struct nlattr **nla,
>> + struct sw_flow_match *match,
>> + u64 *key_attrs, bool *ie_valid,
>> + const struct nlattr **a, bool is_mask,
>> + bool log)
>> +{
>> + int err;
>> + const struct nlattr *encap;
>> +
>> + *ie_valid = false;
>> + if (!is_mask) {
>> + u64 v_attrs = 0;
>> +
>> + err = parse_flow_nlattrs(*nla, a, &v_attrs, log);
>> + if (err)
>> + return err;
>> + /* Another encap attribute here indicates
>> + * the presence of a double tagged vlan.
>> + */
>> + if ((v_attrs & (1 << OVS_KEY_ATTR_ETHERTYPE)) &&
>> + eth_type_vlan(nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]))) {
>> + if (!((v_attrs & (1ULL << OVS_KEY_ATTR_VLAN)) &&
>> + (v_attrs & (1ULL << OVS_KEY_ATTR_ENCAP)))) {
>> + OVS_NLERR(log, "Invalid Inner VLAN frame");
>> + return -EINVAL;
>> + }
>> + encap = a[OVS_KEY_ATTR_ENCAP];
>> + v_attrs &= ~(1 << OVS_KEY_ATTR_ENCAP);
>> +
>> + err = cust_vlan_from_nlattrs(match, a, is_mask, log);
>> + if (err)
>> + return err;
>> + *ie_valid = true;
>> + *nla = encap;
>> +
>> + /* Insure that tci key attribute isn't
>> + * overwritten by encapsulated customer tci.
>> + * Ethertype is cleared because it is c_tpid.
>> + */
>> + v_attrs &= ~(1 << OVS_KEY_ATTR_VLAN);
>> + v_attrs &= ~(1 << OVS_KEY_ATTR_ETHERTYPE);
>> + }
>> + *key_attrs |= v_attrs;
>> +
>> + } else {
>> + u64 mask_v_attrs = 0;
>> +
>> + err = parse_flow_mask_nlattrs(*nla, a, &mask_v_attrs, log);
>> + if (err)
>> + return err;
>> +
>> + if (mask_v_attrs & 1 << OVS_KEY_ATTR_ENCAP) {
>> + if (!*ie_valid) {
>> + OVS_NLERR(log, "Encap mask attribute is set for non-CVLAN frame.");
>> + err = -EINVAL;
> No need to set err it is not read again.
>
>> + return err;
>> + }
> At the beginning of this same function ie_valid is set to false. So
> this case always return error resulting failure in flow install. This
> make me wonder if you ever tested this code with multiple encap
> traffic.
>
>> + encap = a[OVS_KEY_ATTR_ENCAP];
>> + mask_v_attrs &= ~(1 << OVS_KEY_ATTR_ENCAP);
>> +
>> + err = cust_vlan_from_nlattrs(match, a, is_mask, log);
>> + if (err)
>> + return err;
>> + *nla = encap;
>> +
>> + mask_v_attrs &= ~(1ULL << OVS_KEY_ATTR_VLAN);
>> + mask_v_attrs &= ~(1ULL << OVS_KEY_ATTR_ETHERTYPE);
>> + }
>> +
>> + *key_attrs |= mask_v_attrs;
>> + }
>> + return 0;
>> +}
>> +
>> /**
>> * ovs_nla_get_match - parses Netlink attributes into a flow key and
>> * mask. In case the 'mask' is NULL, the flow is treated as exact match
>> @@ -1091,6 +1186,7 @@ int ovs_nla_get_match(struct net *net, struct sw_flow_match *match,
>> u64 key_attrs = 0;
>> u64 mask_attrs = 0;
>> bool encap_valid = false;
>> + bool i_encap_valid = false;
>> int err;
>>
>> err = parse_flow_nlattrs(nla_key, a, &key_attrs, log);
>> @@ -1099,11 +1195,11 @@ int ovs_nla_get_match(struct net *net, struct sw_flow_match *match,
>>
>> if ((key_attrs & (1 << OVS_KEY_ATTR_ETHERNET)) &&
>> (key_attrs & (1 << OVS_KEY_ATTR_ETHERTYPE)) &&
>> - (nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]) == htons(ETH_P_8021Q))) {
>> + eth_type_vlan(nla_get_be16(a[OVS_KEY_ATTR_ETHERTYPE]))) {
>> __be16 tci;
>>
>> - if (!((key_attrs & (1 << OVS_KEY_ATTR_VLAN)) &&
>> - (key_attrs & (1 << OVS_KEY_ATTR_ENCAP)))) {
>> + if (!((key_attrs & (1ULL << OVS_KEY_ATTR_VLAN)) &&
>> + (key_attrs & (1ULL << OVS_KEY_ATTR_ENCAP)))) {
>> OVS_NLERR(log, "Invalid Vlan frame.");
>> return -EINVAL;
>> }
>> @@ -1115,9 +1211,19 @@ int ovs_nla_get_match(struct net *net, struct sw_flow_match *match,
>> encap_valid = true;
>>
>> if (tci & htons(VLAN_TAG_PRESENT)) {
>> - err = parse_flow_nlattrs(encap, a, &key_attrs, log);
>> + err = parse_vlan_from_nlattrs(&encap, match, &key_attrs,
>> + &i_encap_valid, a, false,
>> + log);
>> if (err)
>> return err;
>> +
>> + if (i_encap_valid) {
>> + err = parse_flow_nlattrs(encap, a,
>> + &key_attrs,
>> + log);
>> + if (err)
>> + return err;
>> + }
> Can you call this function from parse_vlan_from_nlattrs()? This will
> eliminate following call site too.
>
>> } else if (!tci) {
>> /* Corner case for truncated 802.1Q header. */
>> if (nla_len(encap)) {
>> @@ -1188,10 +1294,21 @@ int ovs_nla_get_match(struct net *net, struct sw_flow_match *match,
>> if (eth_type == htons(0xffff)) {
>> mask_attrs &= ~(1 << OVS_KEY_ATTR_ETHERTYPE);
>> encap = a[OVS_KEY_ATTR_ENCAP];
>> - err = parse_flow_mask_nlattrs(encap, a,
>> - &mask_attrs, log);
>> + err = parse_vlan_from_nlattrs(&encap, match,
>> + &mask_attrs,
>> + &i_encap_valid,
>> + a, true, log);
>> if (err)
>> goto free_newmask;
>> +
>> + if (i_encap_valid) {
>> + err =
>> + parse_flow_mask_nlattrs(encap, a,
>> + &mask_attrs,
>> + log);
>> + if (err)
>> + goto free_newmask;
>> + }
>> } else {
>> OVS_NLERR(log, "VLAN frames must have an exact match on the TPID (mask=%x).",
>> ntohs(eth_type));
>> @@ -1320,6 +1437,7 @@ static int __ovs_nla_put_key(const struct sw_flow_key *swkey,
>> {
>> struct ovs_key_ethernet *eth_key;
>> struct nlattr *nla, *encap;
>> + struct nlattr *in_encap = NULL;
>>
>> if (nla_put_u32(skb, OVS_KEY_ATTR_RECIRC_ID, output->recirc_id))
>> goto nla_put_failure;
>> @@ -1368,17 +1486,42 @@ static int __ovs_nla_put_key(const struct sw_flow_key *swkey,
>> ether_addr_copy(eth_key->eth_src, output->eth.src);
>> ether_addr_copy(eth_key->eth_dst, output->eth.dst);
>>
>> - if (swkey->eth.tci || swkey->eth.type == htons(ETH_P_8021Q)) {
>> + if (swkey->eth.tci || eth_type_vlan(swkey->eth.type)) {
>> __be16 eth_type;
>> - eth_type = !is_mask ? htons(ETH_P_8021Q) : htons(0xffff);
>> +
>> + if (swkey->eth.cvlan.ctci ||
>> + eth_type_vlan(swkey->eth.cvlan.c_tpid))
>> + eth_type = !is_mask ? htons(ETH_P_8021AD) :
>> + htons(0xffff);
>> + else
>> + eth_type = !is_mask ? htons(ETH_P_8021Q) :
>> + htons(0xffff);
>> +
> Here we can directly dump output->eth.type to netlink. No need to
> check for inner encap.
The eth.type is set to the inner encapsulated protocol not to the tpid.
We don't "know" what the outer tpid so I assume it is 802.1Q. To address
this situation, do you think I should add the outer tpid to sw_flow_key?
Also see comment above in flow.h.
>
>> if (nla_put_be16(skb, OVS_KEY_ATTR_ETHERTYPE, eth_type) ||
>> nla_put_be16(skb, OVS_KEY_ATTR_VLAN, output->eth.tci))
>> goto nla_put_failure;
>> encap = nla_nest_start(skb, OVS_KEY_ATTR_ENCAP);
>> if (!swkey->eth.tci)
>> goto unencap;
>> - } else
>> + if (swkey->eth.cvlan.ctci || eth_type_vlan(swkey->eth.type)) {
>> + __be16 eth_type;
>> +
>> + /* Customer tci is nested but uses same key attribute.
>> + */
>> + eth_type = !is_mask ? htons(ETH_P_8021Q) :
>> + htons(0xffff);
>
> We can just dump eth_type from output key into netlink attribute
> rather than deriving it from other values.
>
>> + if (nla_put_be16(skb, OVS_KEY_ATTR_ETHERTYPE,
>> + eth_type) ||
>> + nla_put_be16(skb, OVS_KEY_ATTR_VLAN,
>> + output->eth.cvlan.ctci))
>> + goto nla_put_failure;
>> + in_encap = nla_nest_start(skb, OVS_KEY_ATTR_ENCAP);
>> + if (!swkey->eth.cvlan.ctci)
>> + goto unencap;
>> + }
>> + } else {
>> encap = NULL;
>> + }
>>
>> if (swkey->eth.type == htons(ETH_P_802_2)) {
>> /*
>> @@ -1525,6 +1668,8 @@ static int __ovs_nla_put_key(const struct sw_flow_key *swkey,
>> unencap:
>> if (encap)
>> nla_nest_end(skb, encap);
>> + if (in_encap)
>> + nla_nest_end(skb, in_encap);
>>
>> return 0;
>>
>> @@ -2174,7 +2319,8 @@ static int __ovs_nla_copy_actions(struct net *net, const struct nlattr *attr,
>>
>> case OVS_ACTION_ATTR_PUSH_VLAN:
>> vlan = nla_data(a);
>> - if (vlan->vlan_tpid != htons(ETH_P_8021Q))
>> + if ((vlan->vlan_tpid != htons(ETH_P_8021Q)) &&
>> + (vlan->vlan_tpid != htons(ETH_P_8021AD)))
>> return -EINVAL;
>
> This is open coded negative eth_type_vlan() function.
>
> You also need to update packet_length() in vport-netdev.c
>
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 3/3] 802.1AD: Flow handling, actions, vlan parsing and netlink attributes
[not found] ` <5605CC2F.1010700-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
@ 2015-09-29 22:56 ` Pravin Shelar
2015-09-29 23:52 ` Thomas F Herbert
0 siblings, 1 reply; 9+ messages in thread
From: Pravin Shelar @ 2015-09-29 22:56 UTC (permalink / raw)
To: Thomas F Herbert
Cc: dev-yBygre7rU0TnMu66kgdUjQ@public.gmane.org, netdev,
therbert-H+wXaHxf7aLQT0dZR+AlfA
On Fri, Sep 25, 2015 at 3:35 PM, Thomas F Herbert
<thomasfherbert@gmail.com> wrote:
> Pravin,
>
> Another comment and question. Please seen inline below.
>
> Thanks,
>
> --Tom
>
> On 9/24/15 7:42 PM, Pravin Shelar wrote:
>>
>> On Thu, Sep 24, 2015 at 10:58 AM, Thomas F Herbert
>> <thomasfherbert@gmail.com> wrote:
>>>
>>> Add support for 802.1ad including the ability to push and pop double
>>> tagged vlans. Add support for 802.1ad to netlink parsing and flow
>>> conversion. Uses double nested encap attributes to represent double
>>> tagged vlan. Inner TPID encoded along with ctci in nested attributes.
>>>
>>> Signed-off-by: Thomas F Herbert <thomasfherbert@gmail.com>
>>> ---
>>> net/openvswitch/flow.c | 83 +++++++++++++++++----
>>> net/openvswitch/flow.h | 5 ++
>>> net/openvswitch/flow_netlink.c | 166
>>> ++++++++++++++++++++++++++++++++++++++---
>>> 3 files changed, 230 insertions(+), 24 deletions(-)
>>>
...
>>> @@ -1320,6 +1437,7 @@ static int __ovs_nla_put_key(const struct
>>> sw_flow_key *swkey,
>>> {
>>> struct ovs_key_ethernet *eth_key;
>>> struct nlattr *nla, *encap;
>>> + struct nlattr *in_encap = NULL;
>>>
>>> if (nla_put_u32(skb, OVS_KEY_ATTR_RECIRC_ID, output->recirc_id))
>>> goto nla_put_failure;
>>> @@ -1368,17 +1486,42 @@ static int __ovs_nla_put_key(const struct
>>> sw_flow_key *swkey,
>>> ether_addr_copy(eth_key->eth_src, output->eth.src);
>>> ether_addr_copy(eth_key->eth_dst, output->eth.dst);
>>>
>>> - if (swkey->eth.tci || swkey->eth.type == htons(ETH_P_8021Q)) {
>>> + if (swkey->eth.tci || eth_type_vlan(swkey->eth.type)) {
>>> __be16 eth_type;
>>> - eth_type = !is_mask ? htons(ETH_P_8021Q) : htons(0xffff);
>>> +
>>> + if (swkey->eth.cvlan.ctci ||
>>> + eth_type_vlan(swkey->eth.cvlan.c_tpid))
>>> + eth_type = !is_mask ? htons(ETH_P_8021AD) :
>>> + htons(0xffff);
>>> + else
>>> + eth_type = !is_mask ? htons(ETH_P_8021Q) :
>>> + htons(0xffff);
>>> +
>>
>> Here we can directly dump output->eth.type to netlink. No need to
>> check for inner encap.
>
> The eth.type is set to the inner encapsulated protocol not to the tpid. We
> don't "know" what the outer tpid so I assume it is 802.1Q. To address this
> situation, do you think I should add the outer tpid to sw_flow_key?
> Also see comment above in flow.h.
>
With the addition of nested vlan, we need to add outer tpid. This will
simplify vlan netlink serialization too.
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 3/3] 802.1AD: Flow handling, actions, vlan parsing and netlink attributes
2015-09-29 22:56 ` Pravin Shelar
@ 2015-09-29 23:52 ` Thomas F Herbert
0 siblings, 0 replies; 9+ messages in thread
From: Thomas F Herbert @ 2015-09-29 23:52 UTC (permalink / raw)
To: Pravin Shelar; +Cc: netdev, therbert, dev@openvswitch.org
On 9/29/15 6:56 PM, Pravin Shelar wrote:
> On Fri, Sep 25, 2015 at 3:35 PM, Thomas F Herbert
> <thomasfherbert@gmail.com> wrote:
>> Pravin,
>>
>> Another comment and question. Please seen inline below.
>>
>> Thanks,
>>
>> --Tom
>>
>> On 9/24/15 7:42 PM, Pravin Shelar wrote:
>>> On Thu, Sep 24, 2015 at 10:58 AM, Thomas F Herbert
>>> <thomasfherbert@gmail.com> wrote:
>>>> Add support for 802.1ad including the ability to push and pop double
>>>> tagged vlans. Add support for 802.1ad to netlink parsing and flow
>>>> conversion. Uses double nested encap attributes to represent double
>>>> tagged vlan. Inner TPID encoded along with ctci in nested attributes.
>>>>
>>>> Signed-off-by: Thomas F Herbert <thomasfherbert@gmail.com>
>>>> ---
>>>> net/openvswitch/flow.c | 83 +++++++++++++++++----
>>>> net/openvswitch/flow.h | 5 ++
>>>> net/openvswitch/flow_netlink.c | 166
>>>> ++++++++++++++++++++++++++++++++++++++---
>>>> 3 files changed, 230 insertions(+), 24 deletions(-)
>>>>
> ...
>
>>>> @@ -1320,6 +1437,7 @@ static int __ovs_nla_put_key(const struct
>>>> sw_flow_key *swkey,
>>>> {
>>>> struct ovs_key_ethernet *eth_key;
>>>> struct nlattr *nla, *encap;
>>>> + struct nlattr *in_encap = NULL;
>>>>
>>>> if (nla_put_u32(skb, OVS_KEY_ATTR_RECIRC_ID, output->recirc_id))
>>>> goto nla_put_failure;
>>>> @@ -1368,17 +1486,42 @@ static int __ovs_nla_put_key(const struct
>>>> sw_flow_key *swkey,
>>>> ether_addr_copy(eth_key->eth_src, output->eth.src);
>>>> ether_addr_copy(eth_key->eth_dst, output->eth.dst);
>>>>
>>>> - if (swkey->eth.tci || swkey->eth.type == htons(ETH_P_8021Q)) {
>>>> + if (swkey->eth.tci || eth_type_vlan(swkey->eth.type)) {
>>>> __be16 eth_type;
>>>> - eth_type = !is_mask ? htons(ETH_P_8021Q) : htons(0xffff);
>>>> +
>>>> + if (swkey->eth.cvlan.ctci ||
>>>> + eth_type_vlan(swkey->eth.cvlan.c_tpid))
>>>> + eth_type = !is_mask ? htons(ETH_P_8021AD) :
>>>> + htons(0xffff);
>>>> + else
>>>> + eth_type = !is_mask ? htons(ETH_P_8021Q) :
>>>> + htons(0xffff);
>>>> +
>>> Here we can directly dump output->eth.type to netlink. No need to
>>> check for inner encap.
>> The eth.type is set to the inner encapsulated protocol not to the tpid. We
>> don't "know" what the outer tpid so I assume it is 802.1Q. To address this
>> situation, do you think I should add the outer tpid to sw_flow_key?
>> Also see comment above in flow.h.
>>
> With the addition of nested vlan, we need to add outer tpid. This will
> simplify vlan netlink serialization too.
Yes, thanks. I agree that this is the sensible approach.
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2015-09-29 23:52 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-09-24 17:58 [PATCH net-next V13 0/3] openvswitch: Add support for 802.1ad Thomas F Herbert
[not found] ` <1443117498-19123-1-git-send-email-thomasfherbert-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-09-24 17:58 ` [PATCH 1/3] openvswitch: 802.1ad uapi changes Thomas F Herbert
2015-09-24 17:58 ` [PATCH 3/3] 802.1AD: Flow handling, actions, vlan parsing and netlink attributes Thomas F Herbert
[not found] ` <1443117498-19123-4-git-send-email-thomasfherbert-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-09-24 23:42 ` Pravin Shelar
2015-09-25 19:18 ` Thomas F Herbert
2015-09-25 22:35 ` Thomas F Herbert
[not found] ` <5605CC2F.1010700-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-09-29 22:56 ` Pravin Shelar
2015-09-29 23:52 ` Thomas F Herbert
2015-09-24 17:58 ` [PATCH 2/3] Check for vlan ethernet types for 8021.q or 802.1ad Thomas F Herbert
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).