ovs-ofctl needs to mask the allowed protocols with the usable protocols
after calling parse_ofp_str() so that only usable protocols will be
negotiated.
This problem became apparent to me after 8621547cc94ad910
("lib/ofp-actions: Enforce action consistency.") as it allows
parse_ofp_str() to reduce the maximum usable protocol. As the highest
mutually supported protocol is negotiated this can easily lead to
negotiation of a protocol that is not allowed.
Also add a for this case. And another test that that the allowed protocols
is honoured even when usable protocols doesn't restrict it - which works
even without the code-change in this patch.
Cc: Jarno Rajahalme <[email protected]>
Signed-off-by: Simon Horman <[email protected]>
---
tests/ovs-ofctl.at | 23 +++++++++++++++++++++++
utilities/ovs-ofctl.c | 6 +++++-
2 files changed, 28 insertions(+), 1 deletion(-)
diff --git a/tests/ovs-ofctl.at b/tests/ovs-ofctl.at
index a99a161..5e7fa3c 100644
--- a/tests/ovs-ofctl.at
+++ b/tests/ovs-ofctl.at
@@ -2524,3 +2524,26 @@ AT_CHECK([tail -1 stdout], [0],
OVS_VSWITCHD_STOP
AT_CLEANUP
+
+AT_SETUP([ovs-ofctl - honour allowed protocols])
+OVS_VSWITCHD_START
+AT_CHECK([ovs-ofctl -vwarn -O OpenFlow10,OpenFlow12 add-flow br0
actions=drop], [0], [], [])
+AT_CHECK([grep "version bitmap" ovs-vswitchd.log], [0], [dnl
+ version bitmap: 0x01, 0x02, 0x03, 0x04
+ version bitmap: 0x01, 0x03
+])
+OVS_VSWITCHD_STOP
+AT_CLEANUP
+
+dnl The actions are inconsistent as strip_vlan should be accompanied
+dnl by a VLAN match. This causes the allowed protocols to be
+dnl downgraded to only OpenFlow10.
+AT_SETUP([ovs-ofctl - downgrade to allowed protocol])
+OVS_VSWITCHD_START
+AT_CHECK([ovs-ofctl -vwarn -O OpenFlow10,OpenFlow12 add-flow br0
actions=strip_vlan], [0], [], [])
+AT_CHECK([grep "version bitmap" ovs-vswitchd.log], [0], [dnl
+ version bitmap: 0x01, 0x02, 0x03, 0x04
+ version bitmap: 0x01
+])
+OVS_VSWITCHD_STOP
+AT_CLEANUP
diff --git a/utilities/ovs-ofctl.c b/utilities/ovs-ofctl.c
index a0dc5c8..574be55 100644
--- a/utilities/ovs-ofctl.c
+++ b/utilities/ovs-ofctl.c
@@ -1084,9 +1084,13 @@ open_vconn_for_flow_mod(const char *remote, struct vconn
**vconnp,
"allowed flow formats (%s)", usable_s, allowed_s);
}
+ /* Restrict allowed protocols to usable protocols */
+ mask_allowed_ofp_versions(ofputil_protocols_to_version_bitmap(
+ usable_protocols));
+
/* If the initial flow format is allowed and usable, keep it. */
cur_protocol = open_vconn(remote, vconnp);
- if (usable_protocols & allowed_protocols & cur_protocol) {
+ if (allowed_protocols & cur_protocol) {
return cur_protocol;
}
--
1.8.4
_______________________________________________
dev mailing list
[email protected]
http://openvswitch.org/mailman/listinfo/dev
