Re: [ovs-dev] [PATCH/RFC] datapath: offload hooks

Wed, 08 Oct 2014 16:52:48 -0700 

On Tue, Oct 07, 2014 at 09:50:36PM -0700, Stephen Hemminger wrote:
> On Wed,  8 Oct 2014 09:40:51 +0900
> Simon Horman <simon.hor...@netronome.com> wrote:
> 
> > +struct ovs_offload_ops {
> > +   /* Flow offload functions  */
> > +   /* Called when a flow entry is added to the flow table */
> > +   void (*flow_new)(struct sw_flow *);
> > +   /* Called when a flow entry is modified */
> > +   void (*flow_set)(struct sw_flow *);
> > +   /* Called when a flow entry is removed from the flow table */
> > +   void (*flow_del)(struct sw_flow *);
> > +   /* Called when flow stats are queried */
> > +   void (*flow_stats_get)(const struct sw_flow *, struct ovs_flow_stats *,
> > +                         unsigned long *used, __be16 *tcp_flags);
> > +   /* Called when flow stats are removed */
> > +   void (*flow_stats_clear)(struct sw_flow *);
> > +
> > +   /* Port offload functions  */
> > +   /* Called when a vport is added to the datapath */
> > +   void (*vport_new)(struct sk_buff *, struct vport *,
> > +                     struct vport_parms *);
> > +   /* Called when a vport is modified */
> > +   void (*vport_set)(struct sk_buff *, struct vport *);
> > +   /* Called when a vport is removed from the datapath */
> > +   void (*vport_del)(struct sk_buff *, struct vport *);
> > +   /* Called when vport stats are queried */
> > +   void (*vport_stats_get)(struct vport *, struct ovs_vport_stats *);
> > +   /* Called when vport stats are set */
> > +   void (*vport_stats_set)(struct vport *, struct ovs_vport_stats *);
> > +
> > +   /* Datapath offload functions  */
> > +   /* Called when the datapath is created */
> > +   void (*dp_new)(struct datapath *);
> > +   /* Called when the datapath is modified */
> > +   void (*dp_set)(struct datapath *);
> > +   /* Called when the datapath is removed */
> > +   void (*dp_del)(struct datapath *);
> > +   /* Called when the datapath stats are queried */
> > +   void (*dp_stats_get)(struct datapath *, struct ovs_dp_stats *);
> > +}
> 
> For security, you should mark any ops type table const, so an
> attacker can't find a home to poke their favorite routine into.

Thanks, I'll get that fixed.
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

Reply via email to