[ovs-dev] [PATCH v2] tc: On last action use drop action attribute instead of pipe

Sat, 22 Oct 2022 23:27:42 -0700 

OVN is setting ct drop rule with a ct clear action.
OVS datapath behavior is if there is no forward action
the default is drop.
TC behavior is to continue with next match.
Fix to match tc to ovs behavior by setting last action
attribute as drop instead of pipe.
Also update lastused when parsing ct action.

example rule
recirc_id(0x1),in_port(2),ct_state(+trk),eth(),eth_type(0x0800),ipv4(frag=no),
packets:82, bytes:8036, used:2.108s, actions:ct_clear

Reviewed-by: Maor Dickman <[email protected]>
Signed-off-by: Roi Dayan <[email protected]>
---

Notes:
    v2
    - add missing TCA_CT_TM to policy struct ct policy.

 lib/tc.c | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/lib/tc.c b/lib/tc.c
index 94044cde6060..f8419e637b9d 100644
--- a/lib/tc.c
+++ b/lib/tc.c
@@ -1541,6 +1541,9 @@ static const struct nl_policy ct_policy[] = {
                               .optional = true, },
     [TCA_CT_NAT_PORT_MAX] = { .type = NL_A_U16,
                               .optional = true, },
+    [TCA_CT_TM] = { .type = NL_A_UNSPEC,
+                    .min_len = sizeof(struct tcf_t),
+                    .optional = true, },
 };
 
 static int
@@ -1551,6 +1554,7 @@ nl_parse_act_ct(struct nlattr *options, struct tc_flower 
*flower)
     struct tc_action *action;
     const struct tc_ct *ct;
     uint16_t ct_action = 0;
+    struct tcf_t tm;
 
     if (!nl_parse_nested(options, ct_policy, ct_attrs,
                          ARRAY_SIZE(ct_policy))) {
@@ -1636,6 +1640,11 @@ nl_parse_act_ct(struct nlattr *options, struct tc_flower 
*flower)
     }
     action->type = TC_ACT_CT;
 
+    if (ct_attrs[TCA_CT_TM]) {
+        memcpy(&tm, nl_attr_get_unspec(ct_attrs[TCA_CT_TM], sizeof tm),
+               sizeof tm);
+        nl_parse_tcf(&tm, flower);
+    }
     nl_parse_action_pc(ct->action, action);
     return 0;
 }
@@ -3126,7 +3135,11 @@ nl_msg_put_flower_acts(struct ofpbuf *request, struct 
tc_flower *flower)
             uint32_t action_pc; /* Programmatic Control */
 
             if (!action->jump_action) {
-                action_pc = TC_ACT_PIPE;
+                if (i == flower->action_count - 1) {
+                    action_pc = TC_ACT_SHOT;
+                } else {
+                    action_pc = TC_ACT_PIPE;
+                }
             } else if (action->jump_action == JUMP_ACTION_STOP) {
                 action_pc = TC_ACT_STOLEN;
             } else {
-- 
2.8.0

_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Reply via email to