[ovs-dev] [PATCH] RPM: Improve doc to use builddep tool.

[Flavio Leitner]

Instead of listing all the dependencies, use the RPM group
'Development Tools' and the builddep tool to find specific
ones.

Signed-off-by: Flavio Leitner 
---
 Documentation/intro/install/fedora.rst | 54 +++---
 Documentation/intro/install/rhel.rst   | 34 +++--
 2 files changed, 62 insertions(+), 26 deletions(-)

diff --git a/Documentation/intro/install/fedora.rst 
b/Documentation/intro/install/fedora.rst
index 3119bd9aa..70cebfb16 100644
--- a/Documentation/intro/install/fedora.rst
+++ b/Documentation/intro/install/fedora.rst
@@ -36,23 +36,43 @@ RHEL 7.x and its derivatives, including CentOS 7.x and 
Scientific Linux 7.x.
 Build Requirements
 --
 
-To build packages for a Fedora Linux host, you will need the packages described
-in the :doc:`general`. Specific packages (by package name) include:
-
-- rpm-build
-- autoconf automake libtool
-- systemd-units openssl openssl-devel
-- python2-devel python3-devel
-- python2 python2-twisted python2-zope-interface python2-six python2-sphinx
-- desktop-file-utils
-- groff graphviz
-- procps-ng
-- checkpolicy selinux-policy-devel
-
-And (optionally):
-
-- libcap-ng libcap-ng-devel
-- dpdk-devel
+You will need to install all required packages to build the RPMs.
+Newer distributions use ``dnf`` but if it's not available, then use
+``yum`` instructions.
+
+The command below will install RPM tools and generic build dependencies.
+And (optionally) include these packages: libcap-ng libcap-ng-devel dpdk-devel.
+
+DNF:
+::
+
+$ dnf install @'Development Tools' rpm-build dnf-plugins-core
+
+YUM:
+::
+
+$ yum install @'Development Tools' rpm-build yum-utils
+
+Then it is necessary to install Open vSwitch specific build dependencies.
+The dependencies are listed in the SPEC file, but first it is necessary
+to replace the VERSION tag to be a valid SPEC.
+
+The command below will create a temporary SPEC file:
+::
+$ sed -e 's/@VERSION@/0.0.1/' rhel/openvswitch-fedora.spec.in \
+  > /tmp/ovs.spec
+
+And to install specific dependencies, use the corresponding tool below.
+
+DNF:
+::
+$ dnf builddep /tmp/ovs.spec
+
+YUM:
+::
+$ yum-builddep /tmp/ovs.spec
+
+Once that is completed, remove the file ``/tmp/ovs.spec``.
 
 Bootstraping
 
diff --git a/Documentation/intro/install/rhel.rst 
b/Documentation/intro/install/rhel.rst
index 0ef6f55a3..184089e89 100644
--- a/Documentation/intro/install/rhel.rst
+++ b/Documentation/intro/install/rhel.rst
@@ -70,17 +70,33 @@ directory is ``/usr/src/redhat/SOURCES``. On RHEL 6, the 
default ``_topdir`` is
 Build Requirements
 --
 
-To compile the RPMs, you will need to install the packages described in the
-:doc:`general` along with some additional packages. These can be installed with
-the below command::
+You will need to install all required packages to build the RPMs.
+The command below will install RPM tools and generic build dependencies:
+::
+$ yum install @'Development Tools' rpm-build yum-utils
 
-$ yum install gcc make python-devel openssl-devel kernel-devel graphviz \
-kernel-debug-devel autoconf automake rpm-build redhat-rpm-config \
-libtool checkpolicy selinux-policy-devel python-sphinx
+Then it is necessary to install Open vSwitch specific build dependencies.
+The dependencies are listed in the SPEC file, but first it is necessary
+to replace the VERSION tag to be a valid SPEC.
 
-.. note::
-  If python-sphinx package is not available in your version of RHEL, you can
-  install it via pip with 'pip install sphinx'.
+The command below will create a temporary SPEC file:
+::
+$ sed -e 's/@VERSION@/0.0.1/' rhel/openvswitch.spec.in > /tmp/ovs.spec
+
+And to install specific dependencies, use yum-builddep tool:
+::
+$ yum-builddep /tmp/ovs.spec
+
+Once that is completed, remove the file ``/tmp/ovs.spec``.
+
+If python-sphinx package is not available in your version of RHEL, you can
+install it via pip with 'pip install sphinx'.
+
+Open vSwitch requires python 2.7 or newer which is not available in older
+distributions. In the case of RHEL 6.x and its derivatives, one option is
+to install python34 and python34-six from `EPEL`_.
+
+.. _EPEL: https://fedoraproject.org/wiki/EPEL
 
 .. _rhel-bootstrapping:
 
-- 
2.13.6


___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH v2] netdev, dpif: fix the crash/assert on port delete

[Ashish Varma]

Tested the patch with the steps causing the crash.
No problem detected. Also ran make check with no issues.

On Mon, Nov 13, 2017 at 2:06 PM, Ben Pfaff  wrote:

> I sent a patch series that should help a little.  Would you mind testing
> it against the case that was causing problems?  The series is posted
> here:
> https://patchwork.ozlabs.org/project/openvswitch/list/?series=13360
>
> On Mon, Nov 13, 2017 at 12:36:06PM -0800, Ashish Varma wrote:
> > Thanks Ben.
> >
> > On Mon, Nov 13, 2017 at 11:36 AM, Ben Pfaff  wrote:
> >
> > > On Mon, Nov 06, 2017 at 12:17:45PM -0800, Ashish Varma wrote:
> > > > a crash is seen in "netdev_ports_remove" when an interface is deleted
> > > and added
> > > > back in the system and when the interface is part of a bridge
> > > configuration.
> > > > e.g. steps:
> > > >   create a tap0 interface using "ip tuntap add.."
> > > >   add the tap0 interface to br0 using "ovs-vsctl add-port.."
> > > >   delete the tap0 interface from system using "ip tuntap del.."
> > > >   add the tap0 interface back in system using "ip tuntap add.."
> > > >(this changes the ifindex of the interface)
> > > >   delete tap0 from br0 using "ovs-vsctl del-port.."
> > > >
> > > > In the function "netdev_ports_insert", two hmap entries were created
> for
> > > > mapping "portnum -> netdev" and "ifindex -> portnum".
> > > > When the interface is deleted from the system, the
> "netdev_ports_remove"
> > > > function is not getting called and the old ifindex entry is not
> getting
> > > > cleaned up from the "ifindex_to_port" hmap.
> > > >
> > > > As part of the fix, added function "dpif_port_remove" which will call
> > > > "netdev_ports_remove" in the path where the interface deletion from
> the
> > > system
> > > > is detected.
> > > > Also, in "netdev_ports_remove", added the code where the
> > > "ifindex_to_port_data"
> > > > (ifindex -> portnum map node) is getting freed when the ifindex is
> not
> > > > available any more. (as the interface is already deleted.)
> > > >
> > > > VMware-BZ: #1975788
> > > > Signed-off-by: Ashish Varma 
> > >
> > > Thanks.  I applied this to master and branch-2.8.
> > >
> > > I still think that the underlying design here is a bad one.  I'm going
> > > to look at a better fix.
> > >
>
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH] rhel.rst: Add python-sphinx as a dependency.

[Flavio Leitner]

On Wed, 8 Nov 2017 12:18:36 -0800
Ben Pfaff  wrote:

> On Wed, Nov 08, 2017 at 03:31:48PM -0200, Flavio Leitner wrote:
> > On Wed, 01 Nov 2017 13:21:22 -0400
> > Aaron Conole  wrote:
> > 
> > > Guru Shetty  writes:
> > > 
> > > > On 31 October 2017 at 13:06, Aaron Conole  wrote:
> > > >
> > > >  Ben Pfaff  writes:
> > > >  
> > > >  > On Tue, Oct 31, 2017 at 03:47:35PM -0400, Aaron Conole wrote:  
> > > >  >> Ben Pfaff  writes:
> > > >  >>  
> > > >  >> > On Fri, Oct 20, 2017 at 12:39:10AM -0700, Gurucharan Shetty 
> > > > wrote:  
> > > >  >> >> Signed-off-by: Gurucharan Shetty 
> > > >  >> >> ---
> > > >  >> >>  Documentation/intro/install/rhel.rst | 2 +-
> > > >  >> >>  1 file changed, 1 insertion(+), 1 deletion(-)
> > > >  >> >>
> > > >  >> >> diff --git a/Documentation/intro/install/rhel.rst 
> > > > b/Documentation/intro/install/rhel.rst
> > > >  >> >> index 86c5cf3..aff6ccf 100644
> > > >  >> >> --- a/Documentation/intro/install/rhel.rst
> > > >  >> >> +++ b/Documentation/intro/install/rhel.rst
> > > >  >> >> @@ -76,7 +76,7 @@ the below command::
> > > >  >> >>
> > > >  >> >>  $ yum install gcc make python-devel openssl-devel 
> > > > kernel-devel graphviz \
> > > >  >> >>  kernel-debug-devel autoconf automake rpm-build 
> > > > redhat-rpm-config \
> > > >  >> >> -libtool checkpolicy selinux-policy-devel
> > > >  >> >> +libtool checkpolicy selinux-policy-devel python-sphinx  
> > > >  >> >
> > > >  >> > For Debian, we just recommend installing the build-dependencies 
> > > > listed
> > > >  >> > in debian/control.  That has the advantage that it can't get out 
> > > > of
> > > >  >> > date.  It has the disadvantage, though, that it's not easy to cut 
> > > > and
> > > >  >> > paste (although "apt-get build-dep openvswitch" usually does the 
> > > > trick).
> > > >  >> > Maybe "yum" has some mode that installs dependencies from a spec 
> > > > file?  
> > > >  >>
> > > >  >> For 'yum' distributions:
> > > >  >>
> > > >  >>   yum-builddep
> > > >  >>
> > > >  >> For 'dnf' distributions (newer Fedora, and future RHEL versions):
> > > >  >>
> > > >  >>   dnf builddep  
> > > >  >
> > > >  > Would it be reasonable to change rhel.rst to recommend using one of
> > > >  > those tools, to ease future maintenance?  
> > > >
> > > >  Sure.  Something like below?  I don't know about the wordsmithing, so
> > > >  I'll defer that to Guru.
> > > >
> > > >  ---
> > > >
> > > >  diff --git a/Documentation/intro/install/rhel.rst 
> > > > b/Documentation/intro/install/
> > > >  rhel.rst
> > > >  index 86c5cf3..36bb661 100644
> > > >  --- a/Documentation/intro/install/rhel.rst
> > > >  +++ b/Documentation/intro/install/rhel.rst
> > > >  @@ -72,11 +72,14 @@ Build Requirements
> > > >
> > > >   To compile the RPMs, you will need to install the packages described 
> > > > in the
> > > >   :doc:`general` along with some additional packages. These can be 
> > > > installed with
> > > >  -the below command::
> > > >  +the below command for ``yum`` based distributions (but note that the
> > > >  +openvswitch source RPM must be available somewhere)::
> > > >
> > > > Expecting source rpm while building the rpm, looks like is not going to 
> > > > happen for majority of the
> > > > cases. I took it that we will need it if "yum-builddep openvswitch" 
> > > > needs to succeed?.  
> > > 
> > > I didn't think about.  As I understand, `yum-builddep` requires the
> > > source RPM.  That means we would need to build the SRPM (rpmbuild -bs)
> > > first.
> > 
> > You can use both tools with the spec file:
> > [fleitner@plex ovs]$ sudo yum-builddep rhel/openvswitch-fedora.spec
> 
> Hey, that seems about perfect.  Can we recommend using that?

I posted this patch that uses in-tree spec file and also uses
RPM Development Tools group to simplify the process:

https://mail.openvswitch.org/pipermail/ovs-dev/2017-November/340929.html

Thanks,
-- 
Flavio

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] 12 Temas INEDITOS

[Auditoría y Control Interno]

Ponemos a su alcance por primera vez y por tiempo limitado, un exclusivo 
programa con 12 Temas INEDITOS específicamente 
creados para mejorar su negocio en forma completa, conveniente y accesible . 
Con este programa usted 
y sus colaboradores podrán obtener 12 conferencias a las cuales podrán tener 
acceso las 24 horas del día, los 7 días 
de la semana durante 3 meses que dure la vigencia, este donde este.

Los 12 Módulos indispensables para los responsables de AUDITORÍA Y CONTROL 
INTERNO:

-Conceptos básicos de auditoría y control interno para no auditores.
-Auditoría Administrativa.
-Auditoría Forense en la Investigación Criminal del lavado de dinero y activos.
-Auditoría Informática.
-Auditoría de Recursos Humanos.
-Auditoría de Compras.
-Auditoría Financiera.
-Auditorías de Calidad.
-Redacción de informes de Auditoría.
-Recomendaciones legales y administrativas para enfrentar fraudes Personas 
fisicas, personas morales e instituciones gubernamentales
-Liderazgo, coaching y manejo de conflictos.
-Todo lo que el director general debe saber de las auditorías y sus auditores.

Para mayores detalles responda este correo con la palabra: Auditoría y llene 
sus datos en la parte de abajo.
Nombre:   
Teléfono: 
Correo:

centro telefónico: 018002129393
 


Coordinador de Evento



___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH] openvswitch: meter: fix NULL pointer dereference in ovs_meter_cmd_reply_start

[Gustavo A. R. Silva]

It seems that the intention of the code is to null check the value
returned by function genlmsg_put. But the current code is null
checking the address of the pointer that holds the value returned
by genlmsg_put.

Fix this by properly null checking the value returned by function
genlmsg_put in order to avoid a pontential null pointer dereference.

Addresses-Coverity-ID: 1461561 ("Dereference before null check")
Addresses-Coverity-ID: 1461562 ("Dereference null return value")
Fixes: 96fbc13d7e77 ("openvswitch: Add meter infrastructure")
Signed-off-by: Gustavo A. R. Silva 
---
 net/openvswitch/meter.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/openvswitch/meter.c b/net/openvswitch/meter.c
index 2a5ba35..bc0b6fc 100644
--- a/net/openvswitch/meter.c
+++ b/net/openvswitch/meter.c
@@ -106,7 +106,7 @@ ovs_meter_cmd_reply_start(struct genl_info *info, u8 cmd,
*ovs_reply_header = genlmsg_put(skb, info->snd_portid,
info->snd_seq,
_meter_genl_family, 0, cmd);
-   if (!ovs_reply_header) {
+   if (!*ovs_reply_header) {
nlmsg_free(skb);
return ERR_PTR(-EMSGSIZE);
}
-- 
2.7.4

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH v2 1/2] timeval: Introduce macros to convert timespec and timeval.

[Bhanuprakash Bodireddy]

This commit replaces the numbers with MSEC_PER_SEC, NSEC_PER_SEC and
USEC_PER_MSEC macros when dealing with timespec and timeval.

This commit doesn't change functionality.

Signed-off-by: Bhanuprakash Bodireddy 
---
 lib/timeval.c| 29 -
 lib/timeval.h|  7 +++
 lib/util.c   |  6 +++---
 ofproto/ofproto-dpif-ipfix.c |  2 +-
 4 files changed, 27 insertions(+), 17 deletions(-)

diff --git a/lib/timeval.c b/lib/timeval.c
index b60bf30..567c26e 100644
--- a/lib/timeval.c
+++ b/lib/timeval.c
@@ -266,7 +266,7 @@ time_alarm(unsigned int secs)
 time_init();
 
 now = time_msec();
-msecs = secs * 1000LL;
+msecs = secs * MSEC_PER_SEC * 1LL;
 deadline = now < LLONG_MAX - msecs ? now + msecs : LLONG_MAX;
 }
 
@@ -372,25 +372,28 @@ time_poll(struct pollfd *pollfds, int n_pollfds, HANDLE 
*handles OVS_UNUSED,
 long long int
 timespec_to_msec(const struct timespec *ts)
 {
-return (long long int) ts->tv_sec * 1000 + ts->tv_nsec / (1000 * 1000);
+return (long long int) ts->tv_sec * MSEC_PER_SEC +
+ts->tv_nsec / NSEC_PER_MSEC;
 }
 
 long long int
 timeval_to_msec(const struct timeval *tv)
 {
-return (long long int) tv->tv_sec * 1000 + tv->tv_usec / 1000;
+return (long long int) tv->tv_sec * MSEC_PER_SEC +
+tv->tv_usec / USEC_PER_MSEC;
 }
 
 long long int
 timespec_to_usec(const struct timespec *ts)
 {
-return (long long int) ts->tv_sec * 1000 * 1000 + ts->tv_nsec / 1000;
+return (long long int) ts->tv_sec * USEC_PER_SEC +
+ts->tv_nsec / NSEC_PER_USEC;
 }
 
 long long int
 timeval_to_usec(const struct timeval *tv)
 {
-return (long long int) tv->tv_sec * 1000 * 1000 + tv->tv_usec;
+return (long long int) tv->tv_sec * USEC_PER_SEC + tv->tv_usec;
 }
 
 /* Returns the monotonic time at which the "time" module was initialized, in
@@ -510,8 +513,8 @@ xclock_gettime(clock_t id, struct timespec *ts)
 static void
 msec_to_timespec(long long int ms, struct timespec *ts)
 {
-ts->tv_sec = ms / 1000;
-ts->tv_nsec = (ms % 1000) * 1000 * 1000;
+ts->tv_sec = ms / MSEC_PER_SEC;
+ts->tv_nsec = (ms % 1000) * NSEC_PER_MSEC;
 }
 
 static void
@@ -596,8 +599,8 @@ timespec_add(struct timespec *sum,
 
 tmp.tv_sec = a->tv_sec + b->tv_sec;
 tmp.tv_nsec = a->tv_nsec + b->tv_nsec;
-if (tmp.tv_nsec >= 1000 * 1000 * 1000) {
-tmp.tv_nsec -= 1000 * 1000 * 1000;
+if (tmp.tv_nsec >= NSEC_PER_SEC) {
+tmp.tv_nsec -= NSEC_PER_SEC;
 tmp.tv_sec++;
 }
 
@@ -621,7 +624,7 @@ log_poll_interval(long long int last_wakeup)
 {
 long long int interval = time_msec() - last_wakeup;
 
-if (interval >= 1000 && !is_warped(_clock)) {
+if (interval >= MSEC_PER_SEC && !is_warped(_clock)) {
 const struct rusage *last_rusage = get_recent_rusage();
 struct rusage rusage;
 
@@ -713,7 +716,7 @@ refresh_rusage(void)
 
 if (!getrusage_thread(recent_rusage)) {
 long long int now = time_msec();
-if (now >= t->newer.when + 3 * 1000) {
+if (now >= t->newer.when + 3 * MSEC_PER_SEC) {
 t->older = t->newer;
 t->newer.when = now;
 t->newer.cpu = (timeval_to_msec(_rusage->ru_utime) +
@@ -837,7 +840,7 @@ strftime_msec(char *s, size_t max, const char *format,
 struct tm_msec *
 localtime_msec(long long int now, struct tm_msec *result)
 {
-  time_t now_sec = now / 1000;
+  time_t now_sec = now / MSEC_PER_SEC;
   localtime_r(_sec, >tm);
   result->msec = now % 1000;
   return result;
@@ -846,7 +849,7 @@ localtime_msec(long long int now, struct tm_msec *result)
 struct tm_msec *
 gmtime_msec(long long int now, struct tm_msec *result)
 {
-  time_t now_sec = now / 1000;
+  time_t now_sec = now / MSEC_PER_SEC;
   gmtime_r(_sec, >tm);
   result->msec = now % 1000;
   return result;
diff --git a/lib/timeval.h b/lib/timeval.h
index c3dbb51..5e2a731 100644
--- a/lib/timeval.h
+++ b/lib/timeval.h
@@ -40,6 +40,13 @@ BUILD_ASSERT_DECL(TYPE_IS_SIGNED(time_t));
 #define TIME_MAX TYPE_MAXIMUM(time_t)
 #define TIME_MIN TYPE_MINIMUM(time_t)
 
+#define MSEC_PER_SEC1000L
+#define USEC_PER_SEC100L
+#define NSEC_PER_SEC10L
+#define USEC_PER_MSEC   1000L
+#define NSEC_PER_MSEC   100L
+#define NSEC_PER_USEC   1000L
+
 #ifdef _WIN32
 #define localtime_r(timep, result) localtime_s(result, timep)
 #define gmtime_r(timep, result) gmtime_s(result, timep)
diff --git a/lib/util.c b/lib/util.c
index 9e6edd2..17c2c99 100644
--- a/lib/util.c
+++ b/lib/util.c
@@ -586,7 +586,7 @@ get_boot_time(void)
 char line[128];
 FILE *stream;
 
-cache_expiration = time_msec() + 5 * 1000;
+cache_expiration = time_msec() + 5 * MSEC_PER_SEC;
 
 stream = fopen(stat_file, "r");
 if (!stream) {
@@ -598,7 +598,7 @@ get_boot_time(void)
 while (fgets(line, sizeof line, stream)) {
 long long int btime;

[ovs-dev] [PATCH v2 2/2] util: Add high resolution sleep support.

[Bhanuprakash Bodireddy]

This commit introduces xnanosleep() for the threads needing high
resolution sleep timeouts.

usleep() that provides microsecond granularity is deprecated and
threads wanting sub-second(ms,us,ns) granularity can use this implementation.

CC: Aaron Conole 
CC: Alin Gabriel Serdean 
CC: Ben Pfaff 
Signed-off-by: Bhanuprakash Bodireddy 
---
 lib/timeval.c | 19 +++
 lib/timeval.h |  1 +
 lib/util.c| 35 +++
 lib/util.h|  1 +
 4 files changed, 56 insertions(+)

diff --git a/lib/timeval.c b/lib/timeval.c
index 567c26e..2fde90f 100644
--- a/lib/timeval.c
+++ b/lib/timeval.c
@@ -517,6 +517,25 @@ msec_to_timespec(long long int ms, struct timespec *ts)
 ts->tv_nsec = (ms % 1000) * NSEC_PER_MSEC;
 }
 
+void
+nsec_to_timespec(long long int nsec, struct timespec *ts)
+{
+if (!nsec) {
+ts->tv_sec = ts->tv_nsec = 0;
+return;
+}
+ts->tv_sec = nsec / NSEC_PER_SEC;
+
+nsec = nsec % NSEC_PER_SEC;
+/* This is to handle dates before epoch. */
+if (OVS_UNLIKELY(nsec < 0)) {
+nsec += NSEC_PER_SEC;
+ts->tv_sec--;
+}
+
+ts->tv_nsec = nsec;
+}
+
 static void
 timewarp_work(void)
 {
diff --git a/lib/timeval.h b/lib/timeval.h
index 5e2a731..095c334 100644
--- a/lib/timeval.h
+++ b/lib/timeval.h
@@ -80,6 +80,7 @@ size_t strftime_msec(char *s, size_t max, const char *format,
  const struct tm_msec *);
 void xgettimeofday(struct timeval *);
 void xclock_gettime(clock_t, struct timespec *);
+void nsec_to_timespec(long long int , struct timespec *);
 
 int get_cpu_usage(void);
 
diff --git a/lib/util.c b/lib/util.c
index 17c2c99..2c184d9 100644
--- a/lib/util.c
+++ b/lib/util.c
@@ -2205,6 +2205,41 @@ xsleep(unsigned int seconds)
 ovsrcu_quiesce_end();
 }
 
+/* High resolution sleep. */
+void
+xnanosleep(uint64_t nanoseconds)
+{
+ovsrcu_quiesce_start();
+#ifndef _WIN32
+int retval;
+struct timespec ts_sleep;
+nsec_to_timespec(nanoseconds, _sleep);
+
+int error = 0;
+do {
+retval = nanosleep(_sleep, NULL);
+error = retval < 0 ? errno : 0;
+} while (error == EINTR);
+#else
+HANDLE timer = CreateWaitableTimer(NULL, FALSE, NULL);
+if (timer) {
+LARGE_INTEGER duetime;
+duetime.QuadPart = -nanoseconds;
+if (SetWaitableTimer(timer, , 0, NULL, NULL, FALSE)) {
+WaitForSingleObject(timer, INFINITE);
+} else {
+VLOG_ERR_ONCE("SetWaitableTimer Failed (%s)",
+   ovs_lasterror_to_string());
+}
+CloseHandle(timer);
+} else {
+VLOG_ERR_ONCE("CreateWaitableTimer Failed (%s)",
+   ovs_lasterror_to_string());
+}
+#endif
+ovsrcu_quiesce_end();
+}
+
 /* Determine whether standard output is a tty or not. This is useful to decide
  * whether to use color output or not when --color option for utilities is set
  * to `auto`.
diff --git a/lib/util.h b/lib/util.h
index 3c43c2c..d355313 100644
--- a/lib/util.h
+++ b/lib/util.h
@@ -502,6 +502,7 @@ ovs_u128_and(const ovs_u128 a, const ovs_u128 b)
 }
 
 void xsleep(unsigned int seconds);
+void xnanosleep(uint64_t nanoseconds);
 
 bool is_stdout_a_tty(void);
 
-- 
2.4.11

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH v2 0/8] Add minimum network namespace support.

[Gregory Rose]

On 11/9/2017 9:30 AM, Flavio Leitner wrote:

Today Open vSwitch doesn't know about network namespaces (netns), but
users are moving internal ports to other namespaces.  Although packets
are still flowing, the daemon fails to find out basic port information,
like if it is UP or DOWN, for instance.

This patchset rely on a new kernel vport API recently accepted to find
out the new network namespace ID of a bridge's port. This information
along with the port's name recorded in the database is used to match the
corresponding netlink messages.

This patchset also leverages another kernel API that allows the daemon
to listen to all netlink messages from all netns which has an ID assigned
into it.  This and the previous change allows the userspace to track ports
in other network namespaces.

If any of the APIs aren't available, it falls back to the older APIs to
not break backwards compatibility.


Flavio Leitner (8):
   netlink: provide network namespace id from a msg.
   netdev-linux: initialize netns as invalid.
   vport: retrieve the netnsid if available.
   netdev: update device info only if netns matches.
   netdev-linux: use netlink to update netdev.
   netlink linux: enable listening to all nsids
   nlmon: added netns support.
   netdev-linux: fail ops not supporting remote netns.

  configure.ac  |   3 +-
  datapath/linux/compat/include/linux/openvswitch.h |   2 +
  lib/automake.mk   |   1 +
  lib/daemon-unix.c |   3 +-
  lib/daemon.man|   6 +-
  lib/daemon.xml|   8 +-
  lib/dpif-netlink.c|  12 +-
  lib/dpif-netlink.h|   2 +
  lib/netdev-linux.c| 314 --
  lib/netlink-notifier.c|   2 +-
  lib/netlink-protocol.h|   6 +
  lib/netlink-socket.c  |  80 +-
  lib/netlink-socket.h  |   6 +-
  lib/netns.h   | 119 
  tests/ofproto-macros.at   |   1 +
  tests/ovn-controller-vtep.at  |   1 +
  utilities/nlmon.c |   9 +-
  17 files changed, 531 insertions(+), 44 deletions(-)
  create mode 100644 lib/netns.h



Besides one little nit in patch 3 it all looks good.  I'll let someone 
who knows the namespace code

better than I give it an ack but...

Reviewed-by: Greg Rose 
Tested-by: Greg Rose 

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH 1/3] netdev: Indentation and style fixes.

[Gregory Rose]

On 11/13/2017 2:04 PM, Ben Pfaff wrote:

White space changes only.

Signed-off-by: Ben Pfaff 
---
  lib/netdev.c | 30 +++---
  1 file changed, 15 insertions(+), 15 deletions(-)

diff --git a/lib/netdev.c b/lib/netdev.c
index 0c1545a83e3d..7792b1b75681 100644
--- a/lib/netdev.c
+++ b/lib/netdev.c
@@ -2190,11 +2190,11 @@ netdev_ports_lookup(odp_port_t port_no, const struct 
dpif_class *dpif_class)
  size_t hash = NETDEV_PORTS_HASH_INT(port_no, dpif_class);
  struct port_to_netdev_data *data;
  
-HMAP_FOR_EACH_WITH_HASH(data, node, hash, _to_netdev) {

-if (data->dpif_class == dpif_class
-&& data->dpif_port.port_no == port_no) {
-return data;
-}
+HMAP_FOR_EACH_WITH_HASH (data, node, hash, _to_netdev) {
+if (data->dpif_class == dpif_class
+&& data->dpif_port.port_no == port_no) {
+return data;
+}
  }
  return NULL;
  }
@@ -2311,10 +2311,10 @@ netdev_ifindex_to_odp_port(int ifindex)
  
  ovs_mutex_lock(_hmap_mutex);

  HMAP_FOR_EACH_WITH_HASH(data, node, ifindex, _to_port) {
-if (data->ifindex == ifindex) {
-ret = data->port;
-break;
-}
+if (data->ifindex == ifindex) {
+ret = data->port;
+break;
+}
  }
  ovs_mutex_unlock(_hmap_mutex);
  
@@ -2327,7 +2327,7 @@ netdev_ports_flow_flush(const struct dpif_class *dpif_class)

  struct port_to_netdev_data *data;
  
  ovs_mutex_lock(_hmap_mutex);

-HMAP_FOR_EACH(data, node, _to_netdev) {
+HMAP_FOR_EACH (data, node, _to_netdev) {
  if (data->dpif_class == dpif_class) {
  netdev_flow_flush(data->netdev);
  }
@@ -2344,7 +2344,7 @@ netdev_ports_flow_dump_create(const struct dpif_class 
*dpif_class, int *ports)
  int i = 0;
  
  ovs_mutex_lock(_hmap_mutex);

-HMAP_FOR_EACH(data, node, _to_netdev) {
+HMAP_FOR_EACH (data, node, _to_netdev) {
  if (data->dpif_class == dpif_class) {
  count++;
  }
@@ -2352,7 +2352,7 @@ netdev_ports_flow_dump_create(const struct dpif_class 
*dpif_class, int *ports)
  
  dumps = count ? xzalloc(sizeof *dumps * count) : NULL;
  
-HMAP_FOR_EACH(data, node, _to_netdev) {

+HMAP_FOR_EACH (data, node, _to_netdev) {
  if (data->dpif_class == dpif_class) {
  if (netdev_flow_dump_create(data->netdev, [i])) {
  continue;
@@ -2376,7 +2376,7 @@ netdev_ports_flow_del(const struct dpif_class *dpif_class,
  struct port_to_netdev_data *data;
  
  ovs_mutex_lock(_hmap_mutex);

-HMAP_FOR_EACH(data, node, _to_netdev) {
+HMAP_FOR_EACH (data, node, _to_netdev) {
  if (data->dpif_class == dpif_class
  && !netdev_flow_del(data->netdev, ufid, stats)) {
  ovs_mutex_unlock(_hmap_mutex);
@@ -2396,7 +2396,7 @@ netdev_ports_flow_get(const struct dpif_class 
*dpif_class, struct match *match,
  struct port_to_netdev_data *data;
  
  ovs_mutex_lock(_hmap_mutex);

-HMAP_FOR_EACH(data, node, _to_netdev) {
+HMAP_FOR_EACH (data, node, _to_netdev) {
  if (data->dpif_class == dpif_class
  && !netdev_flow_get(data->netdev, match, actions,
  ufid, stats, buf)) {
@@ -2415,7 +2415,7 @@ netdev_ports_flow_init(void)
  struct port_to_netdev_data *data;
  
  ovs_mutex_lock(_hmap_mutex);

-HMAP_FOR_EACH(data, node, _to_netdev) {
+HMAP_FOR_EACH (data, node, _to_netdev) {
 netdev_init_flow_api(data->netdev);
  }
  ovs_mutex_unlock(_hmap_mutex);


LGTM

Reviewed-by: Greg Rose 
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH] openvswitch: meter: fix NULL pointer dereference in ovs_meter_cmd_reply_start

[David Miller]

From: "Gustavo A. R. Silva" 
Date: Tue, 14 Nov 2017 14:26:16 -0600

> It seems that the intention of the code is to null check the value
> returned by function genlmsg_put. But the current code is null
> checking the address of the pointer that holds the value returned
> by genlmsg_put.
> 
> Fix this by properly null checking the value returned by function
> genlmsg_put in order to avoid a pontential null pointer dereference.
> 
> Addresses-Coverity-ID: 1461561 ("Dereference before null check")
> Addresses-Coverity-ID: 1461562 ("Dereference null return value")
> Fixes: 96fbc13d7e77 ("openvswitch: Add meter infrastructure")
> Signed-off-by: Gustavo A. R. Silva 

Applied.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH] Skip processing actions when batch is emptied.

[Vishal Deep Ajmera]

Hi,

Do anyone see any issues with the approach below of skipping ovs actions when 
batch is emptied ?

Warm Regards,
Vishal

-Original Message-
From: ovs-dev-boun...@openvswitch.org [mailto:ovs-dev-boun...@openvswitch.org] 
On Behalf Of Vishal Deep Ajmera
Sent: Wednesday, November 08, 2017 3:14 PM
To: d...@openvswitch.org
Subject: [ovs-dev] [PATCH] Skip processing actions when batch is emptied.

Today in OVS, when errors are encountered during the execution of an action the 
entire batch of packets may be deleted (for e.g. in processing push_tnl_action, 
if the port is not found in the port_cache of PMD). The remaining actions 
continue to be executed even though there are no packets to be processed. It is 
assumed that the code dealing with each action checks that the batch is not 
empty before executing. Crashes may occur if the assumption is not met.

The patch makes OVS skip processing of further actions from the action-set once 
a batch is emptied. Doing so centralizes the check in one place and avoids the 
possibility of crashes.

Signed-off-by: Vishal Deep Ajmera 
---
lib/odp-execute.c | 9 ++---
1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/lib/odp-execute.c b/lib/odp-execute.c index 3109f39..8697727 100644
--- a/lib/odp-execute.c
+++ b/lib/odp-execute.c
@@ -685,9 +685,12 @@ odp_execute_actions(void *dp, struct dp_packet_batch 
*batch, bool steal,
 dp_execute_action(dp, batch, a, may_steal);
-if (last_action) {
-/* We do not need to free the packets. dp_execute_actions()
- * has stolen them */
+if (last_action || (batch->count == 0)) {
+/* We do not need to free the packets.
+ * Either dp_execute_actions() has stolen them
+ * or the batch is freed due to errors. In either
+ * case we do not need to execute further actions.
+ */
 return;
 }
 }
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH] RPM: Improve doc to use builddep tool.

[Aaron Conole]

Flavio Leitner  writes:

> Instead of listing all the dependencies, use the RPM group
> 'Development Tools' and the builddep tool to find specific
> ones.
>
> Signed-off-by: Flavio Leitner 
> ---
>  Documentation/intro/install/fedora.rst | 54 
> +++---
>  Documentation/intro/install/rhel.rst   | 34 +++--
>  2 files changed, 62 insertions(+), 26 deletions(-)
>
> diff --git a/Documentation/intro/install/fedora.rst
> b/Documentation/intro/install/fedora.rst
> index 3119bd9aa..70cebfb16 100644
> --- a/Documentation/intro/install/fedora.rst
> +++ b/Documentation/intro/install/fedora.rst
> @@ -36,23 +36,43 @@ RHEL 7.x and its derivatives, including CentOS 7.x
> and Scientific Linux 7.x.
>  Build Requirements
>  --
>  
> -To build packages for a Fedora Linux host, you will need the packages 
> described
> -in the :doc:`general`. Specific packages (by package name) include:
> -
> -- rpm-build
> -- autoconf automake libtool
> -- systemd-units openssl openssl-devel
> -- python2-devel python3-devel
> -- python2 python2-twisted python2-zope-interface python2-six python2-sphinx
> -- desktop-file-utils
> -- groff graphviz
> -- procps-ng
> -- checkpolicy selinux-policy-devel
> -
> -And (optionally):
> -
> -- libcap-ng libcap-ng-devel
> -- dpdk-devel
> +You will need to install all required packages to build the RPMs.
> +Newer distributions use ``dnf`` but if it's not available, then use
> +``yum`` instructions.
> +
> +The command below will install RPM tools and generic build dependencies.
> +And (optionally) include these packages: libcap-ng libcap-ng-devel 
> dpdk-devel.
> +
> +DNF:
> +::
> +
> +$ dnf install @'Development Tools' rpm-build dnf-plugins-core
> +
> +YUM:
> +::
> +
> +$ yum install @'Development Tools' rpm-build yum-utils
> +
> +Then it is necessary to install Open vSwitch specific build dependencies.
> +The dependencies are listed in the SPEC file, but first it is necessary
> +to replace the VERSION tag to be a valid SPEC.
> +
> +The command below will create a temporary SPEC file:
> +::
> +$ sed -e 's/@VERSION@/0.0.1/' rhel/openvswitch-fedora.spec.in \
> +  > /tmp/ovs.spec
> +
> +And to install specific dependencies, use the corresponding tool below.

Is there any reason we can't `make rhel/openvswitch-fedora.spec` for
this?  I think ./boot && ./configure would work with Development Tools
installed, and then the only thing left is let the make system create
just that file?

> +DNF:
> +::
> +$ dnf builddep /tmp/ovs.spec
> +
> +YUM:
> +::
> +$ yum-builddep /tmp/ovs.spec
> +
> +Once that is completed, remove the file ``/tmp/ovs.spec``.
>  
>  Bootstraping
>  
> diff --git a/Documentation/intro/install/rhel.rst
> b/Documentation/intro/install/rhel.rst
> index 0ef6f55a3..184089e89 100644
> --- a/Documentation/intro/install/rhel.rst
> +++ b/Documentation/intro/install/rhel.rst
> @@ -70,17 +70,33 @@ directory is ``/usr/src/redhat/SOURCES``. On RHEL
> 6, the default ``_topdir`` is
>  Build Requirements
>  --
>  
> -To compile the RPMs, you will need to install the packages described in the
> -:doc:`general` along with some additional packages. These can be installed 
> with
> -the below command::
> +You will need to install all required packages to build the RPMs.
> +The command below will install RPM tools and generic build dependencies:
> +::
> +$ yum install @'Development Tools' rpm-build yum-utils
>  
> -$ yum install gcc make python-devel openssl-devel kernel-devel graphviz \
> -kernel-debug-devel autoconf automake rpm-build redhat-rpm-config \
> -libtool checkpolicy selinux-policy-devel python-sphinx
> +Then it is necessary to install Open vSwitch specific build dependencies.
> +The dependencies are listed in the SPEC file, but first it is necessary
> +to replace the VERSION tag to be a valid SPEC.
>  
> -.. note::
> -  If python-sphinx package is not available in your version of RHEL, you can
> -  install it via pip with 'pip install sphinx'.
> +The command below will create a temporary SPEC file:
> +::
> +$ sed -e 's/@VERSION@/0.0.1/' rhel/openvswitch.spec.in > /tmp/ovs.spec
> +
> +And to install specific dependencies, use yum-builddep tool:
> +::
> +$ yum-builddep /tmp/ovs.spec
> +
> +Once that is completed, remove the file ``/tmp/ovs.spec``.
> +
> +If python-sphinx package is not available in your version of RHEL, you can
> +install it via pip with 'pip install sphinx'.
> +
> +Open vSwitch requires python 2.7 or newer which is not available in older
> +distributions. In the case of RHEL 6.x and its derivatives, one option is
> +to install python34 and python34-six from `EPEL`_.
> +
> +.. _EPEL: https://fedoraproject.org/wiki/EPEL
>  
>  .. _rhel-bootstrapping:
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH v4 1/2] OVN: Add multicast keep-local flag.

[Numan Siddique]

On Mon, Nov 13, 2017 at 8:50 AM, Mark Michelson  wrote:

> When this flag is set, then a multicast packet that would normally be
> delivered to ports on multiple hypervisors is only delivered to ports
> on the local hypervisor.
>
> The primary known use case for this is when multicast packets originate
> from ovn-controller. Multiple ovn-controllers will be attempting to send
> out those multicast packets, and so each should only be responsible for
> delivering those packets to their local ports.
>
> Signed-off-by: Mark Michelson 
>

Acked-by: Numan Siddique 


> ---
>  ovn/controller/physical.c  | 15 +++
>  ovn/lib/logical-fields.h   |  6 ++
>  ovn/ovn-architecture.7.xml | 10 ++
>  3 files changed, 31 insertions(+)
>
> diff --git a/ovn/controller/physical.c b/ovn/controller/physical.c
> index df71979f9..b2216457f 100644
> --- a/ovn/controller/physical.c
> +++ b/ovn/controller/physical.c
> @@ -995,6 +995,21 @@ physical_run(struct controller_ctx *ctx, enum
> mf_field_id mff_ovn_geneve,
>  struct ofpbuf remote_ofpacts;
>  ofpbuf_init(_ofpacts, 0);
>  SBREC_MULTICAST_GROUP_FOR_EACH (mc, ctx->ovnsb_idl) {
> +/* Table 32, priority 150.
> + * ===
> + *
> + * Multicast packets that should not be sent to other hypervisors.
> + */
> +struct match match = MATCH_CATCHALL_INITIALIZER;
> +match_set_metadata(, htonll(mc->datapath->tunnel_key));
> +match_set_reg(, MFF_LOG_OUTPORT - MFF_REG0, mc->tunnel_key);
> +match_set_reg_masked(, MFF_LOG_FLAGS - MFF_REG0,
> + MLF_KEEP_LOCAL, MLF_KEEP_LOCAL);
> +ofpbuf_clear();
> +put_resubmit(OFTABLE_LOCAL_OUTPUT, );
> +ofctrl_add_flow(flow_table, OFTABLE_REMOTE_OUTPUT, 150, 0, ,
> +);
> +
>  consider_mc_group(mff_ovn_geneve, ct_zones, local_datapaths,
> chassis,
>mc, , _ofpacts, flow_table);
>  }
> diff --git a/ovn/lib/logical-fields.h b/ovn/lib/logical-fields.h
> index 696c529be..eb0b8f422 100644
> --- a/ovn/lib/logical-fields.h
> +++ b/ovn/lib/logical-fields.h
> @@ -49,6 +49,7 @@ enum mff_log_flags_bits {
>  MLF_RCV_FROM_VXLAN_BIT = 1,
>  MLF_FORCE_SNAT_FOR_DNAT_BIT = 2,
>  MLF_FORCE_SNAT_FOR_LB_BIT = 3,
> +MLF_KEEP_LOCAL_BIT = 4,
>  };
>
>  /* MFF_LOG_FLAGS_REG flag assignments */
> @@ -69,6 +70,11 @@ enum mff_log_flags {
>  /* Indicate that a packet needs a force SNAT in the gateway router
> when
>   * load-balancing has taken place. */
>  MLF_FORCE_SNAT_FOR_LB = (1 << MLF_FORCE_SNAT_FOR_LB_BIT),
> +
> +/* Indicate that a packet that should be distributed across multiple
> + * hypervisors should instead only be output to local targets
> + */
> +MLF_KEEP_LOCAL = (1 << MLF_KEEP_LOCAL_BIT),
>  };
>
>  #endif /* ovn/lib/logical-fields.h */
> diff --git a/ovn/ovn-architecture.7.xml b/ovn/ovn-architecture.7.xml
> index b13b41177..9c7663e93 100644
> --- a/ovn/ovn-architecture.7.xml
> +++ b/ovn/ovn-architecture.7.xml
> @@ -1027,6 +1027,16 @@
>their traffic should never go out through a tunnel.
>  
>  
> +  A higher-priority rule to match packets that have the
> MLF_KEEP_LOCAL
> +  logical flow flag set, and whose destination is a multicast
> address.
> +  This flag indicates that the packet should not be delivered to
> remote
> +  hypervisors, even if the multicast destination includes ports on
> +  remote hypervisors. This flag is used when ovn-controller is the
> +  originator of the multicast packet. Since each ovn-controller
> +  instance is originating these packets, the packets only need to
> be
> +  delivered to local ports.
> +
> +
>A fallback flow that resubmits to table 33 if there is no other
>match.
>  
> --
> 2.13.5
>
> ___
> dev mailing list
> d...@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
>
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH net-next] openvswitch: Fix return value check in ovs_meter_cmd_features()

[David Miller]

From: Wei Yongjun 
Date: Tue, 14 Nov 2017 06:20:16 +

> In case of error, the function ovs_meter_cmd_reply_start() returns
> ERR_PTR() not NULL. The NULL test in the return value check should
> be replaced with IS_ERR().
> 
> Fixes: 96fbc13d7e77 ("openvswitch: Add meter infrastructure")
> Signed-off-by: Wei Yongjun 

Applied.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH net-next] openvswitch: Make local function ovs_nsh_key_attr_size() static

[David Miller]

From: Wei Yongjun 
Date: Tue, 14 Nov 2017 06:27:03 +

> Fixes the following sparse warnings:
> 
> net/openvswitch/flow_netlink.c:340:8: warning:
>  symbol 'ovs_nsh_key_attr_size' was not declared. Should it be static?
> 
> Signed-off-by: Wei Yongjun 

Applied.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH net-next] openvswitch: Using kfree_rcu() to simplify the code

[David Miller]

From: Wei Yongjun 
Date: Tue, 14 Nov 2017 06:27:12 +

> The callback function of call_rcu() just calls a kfree(), so we
> can use kfree_rcu() instead of call_rcu() + callback function.
> 
> Signed-off-by: Wei Yongjun 

Applied.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH v4 2/2] OVN: Add support for periodic router advertisements.

[Numan Siddique]

A few comments inline, otherwise LGTM.

Thanks
Numan


On Mon, Nov 13, 2017 at 8:50 AM, Mark Michelson  wrote:

> This change adds three new options to the Northbound
> Logical_Router_Port's ipv6_ra_configs option:
>
> * send_periodic: If set to "true", then OVN will send periodic router
> advertisements out of this router port.
> * max_interval: The maximum amount of time to wait between sending
> periodic router advertisements.
> * min_interval: The minimum amount of time to wait between sending
> periodic router advertisements.
>
> When send_periodic is true, then IPv6 RA configs, as well as some layer
> 2 and layer 3 information about the router port, are copied to the
> southbound database. From there, ovn-controller can use this information
> to know when to send periodic RAs and what to send in them.
>
> Because periodic RAs originate from each ovn-controller, the new
> keep-local flag is set on the packet so that ports don't receive an
> overabundance of RAs.
>
> Signed-off-by: Mark Michelson 
>
---
>  lib/packets.h|   7 +
>  ovn/controller/pinctrl.c | 343 ++
> +
>  ovn/northd/ovn-northd.c  |  66 +
>  ovn/ovn-nb.xml   |  19 +++
>  tests/ovn-northd.at  | 110 +++
>  tests/ovn.at | 150 +
>  6 files changed, 695 insertions(+)
>
> diff --git a/lib/packets.h b/lib/packets.h
> index 057935cbf..b8249047f 100644
> --- a/lib/packets.h
> +++ b/lib/packets.h
> @@ -976,6 +976,7 @@ BUILD_ASSERT_DECL(ND_PREFIX_OPT_LEN == sizeof(struct
> ovs_nd_prefix_opt));
>
>  /* Neighbor Discovery option: MTU. */
>  #define ND_MTU_OPT_LEN 8
> +#define ND_MTU_DEFAULT 0
>  struct ovs_nd_mtu_opt {
>  uint8_t  type;  /* ND_OPT_MTU */
>  uint8_t  len;   /* Always 1. */
> @@ -1015,6 +1016,12 @@ BUILD_ASSERT_DECL(RA_MSG_LEN == sizeof(struct
> ovs_ra_msg));
>  #define ND_RA_MANAGED_ADDRESS 0x80
>  #define ND_RA_OTHER_CONFIG0x40
>
> +/* Defaults based on MaxRtrInterval and MinRtrInterval from RFC 4861
> section
> + * 6.2.1
> + */
> +#define ND_RA_MAX_INTERVAL_DEFAULT 600
> +#define ND_RA_MIN_INTERVAL_DEFAULT(max) ((max) >= 9 ? (max) / 3 : (max)
> * 3 / 4)
> +
>  /*
>   * Use the same struct for MLD and MLD2, naming members as the defined
> fields in
>   * in the corresponding version of the protocol, though they are reserved
> in the
> diff --git a/ovn/controller/pinctrl.c b/ovn/controller/pinctrl.c
> index 29b2dde0c..4e6a289b4 100644
> --- a/ovn/controller/pinctrl.c
> +++ b/ovn/controller/pinctrl.c
> @@ -48,6 +48,7 @@
>  #include "socket-util.h"
>  #include "timeval.h"
>  #include "vswitch-idl.h"
> +#include "lflow.h"
>
>  VLOG_DEFINE_THIS_MODULE(pinctrl);
>
> @@ -88,6 +89,11 @@ static void pinctrl_handle_put_nd_ra_opts(
>  static void pinctrl_handle_nd_ns(const struct flow *ip_flow,
>   const struct match *md,
>   struct ofpbuf *userdata);
> +static void init_ipv6_ras(void);
> +static void destroy_ipv6_ras(void);
> +static void ipv6_ra_wait(void);
> +static void send_ipv6_ras(const struct controller_ctx *ctx,
> +struct hmap *local_datapaths);
>
>  COVERAGE_DEFINE(pinctrl_drop_put_mac_binding);
>
> @@ -98,6 +104,7 @@ pinctrl_init(void)
>  conn_seq_no = 0;
>  init_put_mac_bindings();
>  init_send_garps();
> +init_ipv6_ras();
>  }
>
>  static ovs_be32
> @@ -1083,8 +1090,342 @@ pinctrl_run(struct controller_ctx *ctx,
>  run_put_mac_bindings(ctx);
>  send_garp_run(ctx, br_int, chassis, chassis_index, local_datapaths,
>active_tunnels);
> +send_ipv6_ras(ctx, local_datapaths);
>  }
>
> +/* Table of ipv6_ra_state structures, keyed on logical port name */
> +static struct shash ipv6_ras;
> +
> +/* Next IPV6 RA in seconds. */
> +static long long int send_ipv6_ra_time;
> +
> +struct ipv6_network_prefix {
> +struct in6_addr addr;
> +unsigned int prefix_len;
> +};
>

We probably don't need this structure if we reuse the function
parse_and_store_addresses from ovn-util.c
Please see below for more comments on this.

+
> +struct ipv6_ra_config {
> +time_t min_interval;
> +time_t max_interval;
> +struct eth_addr eth_src;
> +struct eth_addr eth_dst;
> +struct in6_addr ipv6_src;
> +struct in6_addr ipv6_dst;
> +ovs_be32 mtu;
> +uint8_t mo_flags; /* Managed/Other flags for RAs */
> +uint8_t la_flags; /* On-link/autonomous flags for address prefixes */
> +struct ipv6_network_prefix *prefixes;
> +int n_prefixes;
> +};
> +
> +struct ipv6_ra_state {
> +long long int next_announce;
> +struct ipv6_ra_config *config;
> +int64_t port_key;
> +int64_t metadata;
> +bool deleteme;
>

small nit: can be renamed to delete_me.

> +};
> +
> +static void
> +init_ipv6_ras(void)
> +{
> +shash_init(_ras);
> +send_ipv6_ra_time = LLONG_MAX;
> +}
> +
> +static void
> +ipv6_ra_config_delete(struct 

[ovs-dev] I’m passionate to discuss something with you, Can i confide in you? Please confirm if you did receive my letter

[Mrs Jemilah Wahab]

Dear beloved in the lord,

God bless you. Am sorry if my letter surprised you. I am writing this letter in 
confidence believing that it is the will of God to meet with you since we have 
not meet before. As you can see I'm passionate to discuss something with 
you,Because i have a pressing story which might benefit the less privileges. i 
cant sleep. Please urgently email me directly on my email address (  
jemilahwahab2...@outlook.com ). Its very important, My name is Mrs. Jemilah 
Wahab from Malay Singaporean, I am 68 years old. Please urgently get back to me 
for details . Thanks. God bless you.

Lieber Geliebter im Herrn,

Gott segne dich. Es tut mir leid, wenn mein Brief dich überrascht hat. Ich 
schreibe diesen Brief vertraulich und glaube, dass es der Wille Gottes ist, 
sich mit Ihnen zu treffen, seit wir uns vorher nicht getroffen haben. Wie Sie 
sehen können, bin ich leidenschaftlich, etwas mit Ihnen zu besprechen, weil ich 
eine drückende Geschichte habe, die den weniger Privilegien zugute kommen 
könnte. Ich kann nicht schlafen. Bitte senden Sie mir eine E-Mail direkt an 
meine E-Mail-Adresse (jemilahwahab2...@outlook.com). Es ist sehr wichtig, mein 
Name ist Frau Jemilah Wahab aus Malay Singapur, ich bin 68 Jahre alt. Bitte 
wenden Sie sich für Details dringend an mich. Vielen Dank. Gott segne dich.

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH 3/7] util: High resolution sleep support for windows.

[Bodireddy, Bhanuprakash]

Hi Alin,

>Thanks a lot for the patch.
>
>I have a few comments inlined.
>
>> -Original Message-
>> From: ovs-dev-boun...@openvswitch.org [mailto:ovs-dev-
>> boun...@openvswitch.org] On Behalf Of Bhanuprakash Bodireddy
>> Sent: Wednesday, November 8, 2017 6:36 PM
>> To: d...@openvswitch.org
>> Cc: Alin Gabriel Serdean 
>> Subject: [ovs-dev] [PATCH 3/7] util: High resolution sleep support for
>> windows.
>>
>> This commit implements xnanosleep() for the threads needing high
>> resolution sleep timeouts in windows.
>>
>> CC: Alin Gabriel Serdean 
>> CC: Aaron Conole 
>> Signed-off-by: Bhanuprakash Bodireddy
>> 
>> ---
>>  lib/util.c | 17 +
>>  1 file changed, 17 insertions(+)
>>
>> diff --git a/lib/util.c b/lib/util.c
>> index a29e288..46b5691 100644
>> --- a/lib/util.c
>> +++ b/lib/util.c
>> @@ -2217,6 +2217,23 @@ xnanosleep(uint64_t nanoseconds)
>>  retval = nanosleep(_sleep, NULL);
>>  error = retval < 0 ? errno : 0;
>>  } while (error == EINTR);
>> +#else
>> +HANDLE timer = CreateWaitableTimer(NULL, FALSE, "NSTIMER");
>[Alin Serdean] Small nit we don't need to name the timer because we don't
>reuse it.
>> +if (timer) {
>> +LARGE_INTEGER duetime;
>> +duetime.QuadPart = -nanoseconds;
>> +if (SetWaitableTimer(timer, , 0, NULL, NULL, FALSE)) {
>> +WaitForSingleObject(timer, INFINITE);
>> +CloseHandle(timer);
>> +} else {
>> +CloseHandle(timer);
>> +VLOG_ERR_ONCE("SetWaitableTimer Failed (%s)",
>> +   ovs_lasterror_to_string());
>> +}
>[Alin Serdean] Can you move the CloseHandle part here?
>> +} else {
>> +VLOG_ERR_ONCE("CreateWaitableTimer Failed (%s)",
>> +   ovs_lasterror_to_string());
>> +}
>>  #endif
>>  ovsrcu_quiesce_end();
>>  }

Thanks for your comments. I will send across v2 with the above changes.

- Bhanuprakash. 

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH v6 2/2] ofproto-dpif-ipfix: add interface Information Elements to flow key

[Michal Weglicki]

Extend flow key part of data record to include following Information Elements:
- ingressInterface
- ingressInterfaceType
- egressInterface
- egressInterfaceType
- interfaceName
- interfaceDescription

In case of input sampling we don't have information about egress port.
Define templates depending not only on protocol types, but also on flow
direction. Only egress flow will include egress information elements.

With this change, dpif_ipfix_exporter stores every port in hmap rather
than only tunnel ports. It allows to easily retrieve required
information about interfaces during sampling upcalls.

v1->v2
* Add interfaceType and interfaceDescription
* Rework ipfix_get_iface_data_record function
v2->v3: Code rebase.
v3->v4: Minor comments applied.
v4->v5: Clang complation problem fix.

Co-authored-by: Michal Weglicki 
Signed-off-by: Michal Weglicki 
Signed-off-by: Przemyslaw Szczerbik 
---
 ofproto/ofproto-dpif-ipfix.c | 358 +++
 ofproto/ofproto-dpif-ipfix.h |   6 +-
 ofproto/ofproto-dpif-xlate.c |   4 +-
 ofproto/ofproto-dpif.c   |  19 +--
 4 files changed, 277 insertions(+), 110 deletions(-)

diff --git a/ofproto/ofproto-dpif-ipfix.c b/ofproto/ofproto-dpif-ipfix.c
index 4d16878..98a8e7e 100644
--- a/ofproto/ofproto-dpif-ipfix.c
+++ b/ofproto/ofproto-dpif-ipfix.c
@@ -115,11 +115,12 @@ struct dpif_ipfix_global_stats {
 };
 
 struct dpif_ipfix_port {
-struct hmap_node hmap_node; /* In struct dpif_ipfix's "tunnel_ports" hmap. 
*/
+struct hmap_node hmap_node; /* In struct dpif_ipfix's "ports" hmap. */
 struct ofport *ofport;  /* To retrieve port stats. */
 odp_port_t odp_port;
 enum dpif_ipfix_tunnel_type tunnel_type;
 uint8_t tunnel_key_length;
+uint32_t ifindex;
 };
 
 struct dpif_ipfix_exporter {
@@ -157,9 +158,9 @@ struct dpif_ipfix_flow_exporter_map_node {
 struct dpif_ipfix {
 struct dpif_ipfix_bridge_exporter bridge_exporter;
 struct hmap flow_exporter_map;  /* dpif_ipfix_flow_exporter_map_node. */
-struct hmap tunnel_ports;   /* Contains "struct dpif_ipfix_port"s.
- * It makes tunnel port lookups faster in
- * sampling upcalls. */
+struct hmap ports;  /* Contains "struct dpif_ipfix_port"s.
+ * It makes port lookups faster in sampling
+ * upcalls. */
 struct ovs_refcount ref_cnt;
 };
 
@@ -293,7 +294,8 @@ BUILD_ASSERT_DECL(sizeof(struct 
ipfix_template_field_specifier) == 8);
 /* Cf. IETF RFC 5102 Section 5.11.6. */
 enum ipfix_flow_direction {
 INGRESS_FLOW = 0x00,
-EGRESS_FLOW = 0x01
+EGRESS_FLOW = 0x01,
+NUM_IPFIX_FLOW_DIRECTION
 };
 
 /* Part of data record flow key for common metadata and Ethernet entities. */
@@ -308,6 +310,18 @@ struct ipfix_data_record_flow_key_common {
 });
 BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_common) == 20);
 
+/* Part of data record flow key for interface information. Since some of the
+ * elements have variable length, members of this structure should be appended
+ * to the 'struct dp_packet' one by one. */
+struct ipfix_data_record_flow_key_iface {
+ovs_be32 if_index; /* (INGRESS | EGRESS)_INTERFACE */
+ovs_be32 if_type; /* (INGRESS | EGRESS)_INTERFACE_TYPE */
+uint8_t if_name_len;   /* Variable length element: INTERFACE_NAME */
+char *if_name;
+uint8_t if_descr_len; /* Variable length element: INTERFACE_DESCRIPTION */
+char *if_descr;
+};
+
 /* Part of data record flow key for VLAN entities. */
 OVS_PACKED(
 struct ipfix_data_record_flow_key_vlan {
@@ -745,7 +759,7 @@ dpif_ipfix_find_port(const struct dpif_ipfix *di,
 struct dpif_ipfix_port *dip;
 
 HMAP_FOR_EACH_IN_BUCKET (dip, hmap_node, hash_odp_port(odp_port),
- >tunnel_ports) {
+ >ports) {
 if (dip->odp_port == odp_port) {
 return dip;
 }
@@ -754,82 +768,116 @@ dpif_ipfix_find_port(const struct dpif_ipfix *di,
 }
 
 static void
-dpif_ipfix_del_port(struct dpif_ipfix *di,
+dpif_ipfix_del_port__(struct dpif_ipfix *di,
   struct dpif_ipfix_port *dip)
 OVS_REQUIRES(mutex)
 {
-hmap_remove(>tunnel_ports, >hmap_node);
+hmap_remove(>ports, >hmap_node);
 free(dip);
 }
 
+static enum dpif_ipfix_tunnel_type
+dpif_ipfix_tunnel_type(const struct ofport *ofport)
+{
+const char *type = netdev_get_type(ofport->netdev);
+
+if (type == NULL) {
+return DPIF_IPFIX_TUNNEL_UNKNOWN;
+}
+if (strcmp(type, "gre") == 0) {
+return DPIF_IPFIX_TUNNEL_GRE;
+} else if (strcmp(type, "vxlan") == 0) {
+return DPIF_IPFIX_TUNNEL_VXLAN;
+} else if (strcmp(type, "lisp") == 0) {
+return DPIF_IPFIX_TUNNEL_LISP;
+} else if (strcmp(type, "geneve") == 0) {
+

[ovs-dev] [PATCH v6 1/2] netdev-dpdk: extend netdev_dpdk_get_status to include if_type and if_descr

[Michal Weglicki]

This commit extends netdev_dpdk_get_status API to include additional
driver-related information: if_type and if_descr.

v2->v3: Code rebase.
v3->v4: Minor comments applied.
v5->v6: Adds DPDK port specific description in documentation.

Co-authored-by: Michal Weglicki 
Signed-off-by: Michal Weglicki 
Signed-off-by: Przemyslaw Szczerbik 
---
 lib/netdev-dpdk.c|  9 
 vswitchd/vswitch.xml | 64 
 2 files changed, 73 insertions(+)

diff --git a/lib/netdev-dpdk.c b/lib/netdev-dpdk.c
index 76e79be..3560bdd 100644
--- a/lib/netdev-dpdk.c
+++ b/lib/netdev-dpdk.c
@@ -36,6 +36,7 @@
 #include 
 #include 
 #include 
+#include 
 
 #include "dirs.h"
 #include "dp-packet.h"
@@ -2509,6 +2510,14 @@ netdev_dpdk_get_status(const struct netdev *netdev, 
struct smap *args)
 smap_add_format(args, "max_vfs", "%u", dev_info.max_vfs);
 smap_add_format(args, "max_vmdq_pools", "%u", dev_info.max_vmdq_pools);
 
+/* Querying the DPDK library for iftype may be done in future, pending
+ * support; cf. RFC 3635 Section 3.2.4. */
+enum { IF_TYPE_ETHERNETCSMACD = 6 };
+
+smap_add_format(args, "if_type", "%"PRIu32, IF_TYPE_ETHERNETCSMACD);
+smap_add_format(args, "if_descr", "%s %s", rte_version(),
+   dev_info.driver_name);
+
 if (dev_info.pci_dev) {
 smap_add_format(args, "pci-vendor_id", "0x%u",
 dev_info.pci_dev->id.vendor_id);
diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml
index c145e1a..72cf353 100644
--- a/vswitchd/vswitch.xml
+++ b/vswitchd/vswitch.xml
@@ -2815,6 +2815,70 @@ ovs-vsctl add-port br0 p0 -- set Interface p0 type=patch 
options:peer=p1 \
 Whether carrier is detected on .
   
+
+  
+
+  DPDK specific interface status options.
+
+
+  
+DPDK port ID.
+  
+
+  
+NUMA socket ID to which an Ethernet device is connected.
+  
+
+  
+Minimum size of RX buffer.
+  
+
+  
+Maximum configurable length of RX pkt.
+  
+
+  
+Maximum number of RX queues.
+  
+
+  
+Maximum number of TX queues.
+  
+
+  
+Maximum number of MAC addresses.
+  
+
+  
+Maximum number of hash MAC addresses for MTA and UTA.
+  
+
+  
+Maximum number of hash MAC addresses for MTA and UTA.
+Maximum number of VFs.
+  
+
+  
+Maximum number of VMDq pools.
+  
+
+  
+Interface type ID according to IANA ifTYPE MIB definitions.
+  
+
+  
+Interface description string.
+  
+
+  
+Vendor ID of PCI device.
+  
+
+  
+Device ID of PCI device.
+  
+
+  
 
 
 
-- 
1.8.3.1

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH net-next] openvswitch: Make local function ovs_nsh_key_attr_size() static

[Pravin Shelar]

On Tue, Nov 14, 2017 at 11:57 AM, Wei Yongjun  wrote:
> Fixes the following sparse warnings:
>
> net/openvswitch/flow_netlink.c:340:8: warning:
>  symbol 'ovs_nsh_key_attr_size' was not declared. Should it be static?
>
Acked-by: Pravin B Shelar 


> Signed-off-by: Wei Yongjun 
> ---
>  net/openvswitch/flow_netlink.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/net/openvswitch/flow_netlink.c b/net/openvswitch/flow_netlink.c
> index 4201f92..d79c364 100644
> --- a/net/openvswitch/flow_netlink.c
> +++ b/net/openvswitch/flow_netlink.c
> @@ -337,7 +337,7 @@ size_t ovs_tun_key_attr_size(void)
> + nla_total_size(4);   /* OVS_TUNNEL_KEY_ATTR_ERSPAN_OPTS */
>  }
>
> -size_t ovs_nsh_key_attr_size(void)
> +static size_t ovs_nsh_key_attr_size(void)
>  {
> /* Whenever adding new OVS_NSH_KEY_ FIELDS, we should consider
>  * updating this function.
>
> ___
> dev mailing list
> d...@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH net-next] openvswitch: Fix return value check in ovs_meter_cmd_features()

[Pravin Shelar]

On Tue, Nov 14, 2017 at 11:50 AM, Wei Yongjun  wrote:
> In case of error, the function ovs_meter_cmd_reply_start() returns
> ERR_PTR() not NULL. The NULL test in the return value check should
> be replaced with IS_ERR().
>
> Fixes: 96fbc13d7e77 ("openvswitch: Add meter infrastructure")
> Signed-off-by: Wei Yongjun 

Acked-by: Pravin B Shelar 
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH net-next] openvswitch: Using kfree_rcu() to simplify the code

[Pravin Shelar]

On Tue, Nov 14, 2017 at 11:57 AM, Wei Yongjun  wrote:
> The callback function of call_rcu() just calls a kfree(), so we
> can use kfree_rcu() instead of call_rcu() + callback function.
>
> Signed-off-by: Wei Yongjun 

Acked-by: Pravin B Shelar 
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH] tests: Try harder to figure out whether IPv6 is supported.

[William Tu]

On Mon, Nov 13, 2017 at 7:36 PM, Gregory Rose  wrote:
> On 11/13/2017 4:58 PM, Ben Pfaff wrote:
>>
>> Until now, the tests have tried to create an IPv6 socket to figure out
>> whether the system under test supports IPv6.  Recently we've seen test
>> failures on Travis which appear to be because, although the system
>> supports
>> IPv6, test programs are not allowed to connect or bind IPv6 addresses.
>> This commit refines the test for IPv6 to also try to bind the IPv6
>> localhost address, which should convert the test failures to "skip"s.
>>
>> CC: William Tu 
>> CC: Greg Rose 
>> Reported-at: https://github.com/travis-ci/travis-ci/issues/8711
>> Signed-off-by: Ben Pfaff 
>> ---
>>   tests/atlocal.in | 7 ++-
>>   1 file changed, 6 insertions(+), 1 deletion(-)
>
>
> Much better.  Thanks!!!
>
> https://travis-ci.org/gvrose8192/ovs-experimental
>
> Reviewed-by: Greg Rose 
>
Looks good to me.

Acked-by: William Tu 
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH v2 0/2] ifindex mapping fixes

[Ben Pfaff]

v1->v2: Applied and dropped patch 2.

Ben Pfaff (2):
  netdev: Indentation and style fixes.
  netdev: Eliminate redundant ifindex mapping.

 lib/netdev.c | 77 
 1 file changed, 20 insertions(+), 57 deletions(-)

-- 
2.10.2

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH] ovn.at: Fix MSYS IPv6 interpretation

[Ben Pfaff]

On Tue, Nov 14, 2017 at 03:49:44AM +0200, Alin Gabriel Serdean wrote:
> Unfortunately MSYS transforms `0::` into the location of the binaries i.e.:
> c:\MinGW\msys\1.0\64.
> 
> Currently the test:
> `testing ovn -- IPv6 Neighbor Solicitation for unknown MAC`
> fails because of the above:
> "ovn-nbctl: lrp0_ip6: invalid network address: aef0;c:\MinGW\msys\1.0\64"
> 
> This patch uses the full form of the IPv6 address instead of its shorter
> notation.
> 
> Signed-off-by: Alin Gabriel Serdean 
> ---
>  tests/ovn.at | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/tests/ovn.at b/tests/ovn.at
> index f051d86..b6a83cc 100644
> --- a/tests/ovn.at
> +++ b/tests/ovn.at
> @@ -8877,7 +8877,7 @@ ovn-nbctl lsp-set-port-security sw0_ip6-port1 \
>  "50:64:00:00:00:02 aef0::5264:00ff:fe00:0002"
>  
>  ovn-nbctl lr-add lr0_ip6
> -ovn-nbctl lrp-add lr0_ip6 lrp0_ip6 00:00:00:00:af:01 aef0::/64
> +ovn-nbctl lrp-add lr0_ip6 lrp0_ip6 00:00:00:00:af:01 aef0:0:0:0:0:0:0:0/64

That's actually kind of funny.

Acked-by: Ben Pfaff 
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH v1 0/3] datapath-windows: New lock implementation in conntrack

[Anand Kumar]

This patch series replaces existing one RW lock implemenation in
conntrack with two RW locks in conntrack and one RW lock in NAT.

Anand Kumar (3):
  datapath-windows: Refactor conntrack code.
  datapath-windows: Add a global level RW lock for NAT
  datapath-windows: Optimize conntrack lock implementation.

 datapath-windows/ovsext/Conntrack-nat.c |  17 +-
 datapath-windows/ovsext/Conntrack.c | 407 
 datapath-windows/ovsext/Conntrack.h |   7 +-
 3 files changed, 274 insertions(+), 157 deletions(-)

-- 
2.9.3.windows.1

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH v1 3/3] datapath-windows: Optimize conntrack lock implementation.

[Anand Kumar]

Currently, there is one global lock for conntrack module, which protects
conntrack entries and conntrack table. All the NAT operations are
performed holding this lock.

This becomes inefficient, as the number of conntrack entries grow.
With new implementation, we will have two PNDIS_RW_LOCK_EX locks in
conntrack.

1. ovsCtBucketLock - one rw lock per bucket of the conntrack table,
which is shared by all the ct entries that belong to the same bucket.
2. lock -  a rw lock in OVS_CT_ENTRY structure that protects the members
of conntrack entry.

Also, OVS_CT_ENTRY structure will have a lock reference(bucketLockRef)
to the corresponding OvsCtBucketLock of conntrack table.
We need this reference to retrieve ovsCtBucketLock from ct entry
for delete operation.

Signed-off-by: Anand Kumar 
---
 datapath-windows/ovsext/Conntrack-nat.c |   6 +
 datapath-windows/ovsext/Conntrack.c | 231 
 datapath-windows/ovsext/Conntrack.h |   3 +
 3 files changed, 154 insertions(+), 86 deletions(-)

diff --git a/datapath-windows/ovsext/Conntrack-nat.c 
b/datapath-windows/ovsext/Conntrack-nat.c
index 7975770..33a86cf 100644
--- a/datapath-windows/ovsext/Conntrack-nat.c
+++ b/datapath-windows/ovsext/Conntrack-nat.c
@@ -167,12 +167,16 @@ OvsNatPacket(OvsForwardingContext *ovsFwdCtx,
 {
 UINT32 natFlag;
 const struct ct_endpoint* endpoint;
+LOCK_STATE_EX lockState;
+/* XXX Move conntrack locks out of NAT after implementing lock in NAT. */
+NdisAcquireRWLockRead(entry->lock, , 0);
 /* When it is NAT, only entry->rev_key contains NATTED address;
When it is unNAT, only entry->key contains the UNNATTED address;*/
 const OVS_CT_KEY *ctKey = reverse ? >key : >rev_key;
 BOOLEAN isSrcNat;
 
 if (!(natAction & (NAT_ACTION_SRC | NAT_ACTION_DST))) {
+NdisReleaseRWLock(entry->lock, );
 return;
 }
 isSrcNat = (((natAction & NAT_ACTION_SRC) && !reverse) ||
@@ -202,6 +206,7 @@ OvsNatPacket(OvsForwardingContext *ovsFwdCtx,
 }
 } else if (ctKey->dl_type == htons(ETH_TYPE_IPV6)){
 // XXX: IPv6 packet not supported yet.
+NdisReleaseRWLock(entry->lock, );
 return;
 }
 if (natAction & (NAT_ACTION_SRC_PORT | NAT_ACTION_DST_PORT)) {
@@ -215,6 +220,7 @@ OvsNatPacket(OvsForwardingContext *ovsFwdCtx,
 }
 }
 }
+NdisReleaseRWLock(entry->lock, );
 }
 
 
diff --git a/datapath-windows/ovsext/Conntrack.c 
b/datapath-windows/ovsext/Conntrack.c
index ba0dc88..f5e4996 100644
--- a/datapath-windows/ovsext/Conntrack.c
+++ b/datapath-windows/ovsext/Conntrack.c
@@ -31,7 +31,7 @@
 KSTART_ROUTINE OvsConntrackEntryCleaner;
 static PLIST_ENTRY ovsConntrackTable;
 static OVS_CT_THREAD_CTX ctThreadCtx;
-static PNDIS_RW_LOCK_EX ovsConntrackLockObj;
+static PNDIS_RW_LOCK_EX *ovsCtBucketLock;
 static PNDIS_RW_LOCK_EX ovsCtNatLockObj;
 extern POVS_SWITCH_CONTEXT gOvsSwitchContext;
 static LONG ctTotalEntries;
@@ -47,20 +47,13 @@ static __inline NDIS_STATUS OvsCtFlush(UINT16 zone);
 NTSTATUS
 OvsInitConntrack(POVS_SWITCH_CONTEXT context)
 {
-NTSTATUS status;
+NTSTATUS status = STATUS_SUCCESS;
 HANDLE threadHandle = NULL;
 ctTotalEntries = 0;
 
 /* Init the sync-lock */
-ovsConntrackLockObj = NdisAllocateRWLock(context->NdisFilterHandle);
-if (ovsConntrackLockObj == NULL) {
-return STATUS_INSUFFICIENT_RESOURCES;
-}
-
 ovsCtNatLockObj = NdisAllocateRWLock(context->NdisFilterHandle);
 if (ovsCtNatLockObj == NULL) {
-NdisFreeRWLock(ovsConntrackLockObj);
-ovsConntrackLockObj = NULL;
 return STATUS_INSUFFICIENT_RESOURCES;
 }
 
@@ -69,15 +62,26 @@ OvsInitConntrack(POVS_SWITCH_CONTEXT context)
  * CT_HASH_TABLE_SIZE,
  OVS_CT_POOL_TAG);
 if (ovsConntrackTable == NULL) {
-NdisFreeRWLock(ovsConntrackLockObj);
-ovsConntrackLockObj = NULL;
 NdisFreeRWLock(ovsCtNatLockObj);
 ovsCtNatLockObj = NULL;
 return STATUS_INSUFFICIENT_RESOURCES;
 }
 
-for (int i = 0; i < CT_HASH_TABLE_SIZE; i++) {
+ovsCtBucketLock = OvsAllocateMemoryWithTag(sizeof(PNDIS_RW_LOCK_EX)
+   * CT_HASH_TABLE_SIZE,
+   OVS_CT_POOL_TAG);
+if (ovsCtBucketLock == NULL) {
+status = STATUS_INSUFFICIENT_RESOURCES;
+goto freeTable;
+}
+
+for (UINT32 i = 0; i < CT_HASH_TABLE_SIZE; i++) {
 InitializeListHead([i]);
+ovsCtBucketLock[i] = NdisAllocateRWLock(context->NdisFilterHandle);
+if (ovsCtBucketLock[i] == NULL) {
+status = STATUS_INSUFFICIENT_RESOURCES;
+goto freeBucketLock;
+}
 }
 
 /* Init CT Cleaner Thread */
@@ -87,16 +91,7 @@ OvsInitConntrack(POVS_SWITCH_CONTEXT context)
   );
 
 if (status != 

Re: [ovs-dev] [PATCH] tests: Try harder to figure out whether IPv6 is supported.

[Ben Pfaff]

On Mon, Nov 13, 2017 at 07:36:39PM -0800, Gregory Rose wrote:
> On 11/13/2017 4:58 PM, Ben Pfaff wrote:
> >Until now, the tests have tried to create an IPv6 socket to figure out
> >whether the system under test supports IPv6.  Recently we've seen test
> >failures on Travis which appear to be because, although the system supports
> >IPv6, test programs are not allowed to connect or bind IPv6 addresses.
> >This commit refines the test for IPv6 to also try to bind the IPv6
> >localhost address, which should convert the test failures to "skip"s.
> >
> >CC: William Tu 
> >CC: Greg Rose 
> >Reported-at: https://github.com/travis-ci/travis-ci/issues/8711
> >Signed-off-by: Ben Pfaff 
> >---
> >  tests/atlocal.in | 7 ++-
> >  1 file changed, 6 insertions(+), 1 deletion(-)
> 
> Much better.  Thanks!!!
> 
> https://travis-ci.org/gvrose8192/ovs-experimental
> 
> Reviewed-by: Greg Rose 

Thanks Greg and William, I applied this to master.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH] tests: Try harder to figure out whether IPv6 is supported.

[Ben Pfaff]

On Tue, Nov 14, 2017 at 10:08:54AM -0800, Ben Pfaff wrote:
> On Mon, Nov 13, 2017 at 07:36:39PM -0800, Gregory Rose wrote:
> > On 11/13/2017 4:58 PM, Ben Pfaff wrote:
> > >Until now, the tests have tried to create an IPv6 socket to figure out
> > >whether the system under test supports IPv6.  Recently we've seen test
> > >failures on Travis which appear to be because, although the system supports
> > >IPv6, test programs are not allowed to connect or bind IPv6 addresses.
> > >This commit refines the test for IPv6 to also try to bind the IPv6
> > >localhost address, which should convert the test failures to "skip"s.
> > >
> > >CC: William Tu 
> > >CC: Greg Rose 
> > >Reported-at: https://github.com/travis-ci/travis-ci/issues/8711
> > >Signed-off-by: Ben Pfaff 
> > >---
> > >  tests/atlocal.in | 7 ++-
> > >  1 file changed, 6 insertions(+), 1 deletion(-)
> > 
> > Much better.  Thanks!!!
> > 
> > https://travis-ci.org/gvrose8192/ovs-experimental
> > 
> > Reviewed-by: Greg Rose 
> 
> Thanks Greg and William, I applied this to master.

I backported this as far as branch-2.5 since it seems best to have all
the branches' tests work.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH 2/3] netdev: Change macro to function.

[Ben Pfaff]

On Mon, Nov 13, 2017 at 06:41:20PM -0800, Gregory Rose wrote:
> 
> 
> On 11/13/2017 2:04 PM, Ben Pfaff wrote:
> >There was no reason that this should have been a macro.
> >
> >Signed-off-by: Ben Pfaff 
> >---
> >  lib/netdev.c | 17 ++---
> >  1 file changed, 10 insertions(+), 7 deletions(-)
> >
> >diff --git a/lib/netdev.c b/lib/netdev.c
> >index 7792b1b75681..8dd35864d7cb 100644
> >--- a/lib/netdev.c
> >+++ b/lib/netdev.c
> >@@ -2179,18 +2179,21 @@ struct ifindex_to_port_data {
> >  const struct dpif_class *dpif_class;
> >  };
> >-#define NETDEV_PORTS_HASH_INT(port, dpif) \
> >-hash_int(odp_to_u32(port),\
> >-hash_pointer(dpif, 0));
> >+static uint32_t
> >+netdev_ports_hash(odp_port_t port, const struct dpif_class *dpif_class)
> >+{
> >+return hash_int(odp_to_u32(port), hash_pointer(dpif_class, 0));
> >+}
> >  static struct port_to_netdev_data *
> >  netdev_ports_lookup(odp_port_t port_no, const struct dpif_class 
> > *dpif_class)
> >  OVS_REQUIRES(netdev_hmap_mutex)
> >  {
> >-size_t hash = NETDEV_PORTS_HASH_INT(port_no, dpif_class);
> >  struct port_to_netdev_data *data;
> >-HMAP_FOR_EACH_WITH_HASH (data, node, hash, _to_netdev) {
> >+HMAP_FOR_EACH_WITH_HASH (data, node,
> >+ netdev_ports_hash(port_no, dpif_class),
> >+ _to_netdev) {
> >  if (data->dpif_class == dpif_class
> >  && data->dpif_port.port_no == port_no) {
> >  return data;
> >@@ -2203,7 +2206,6 @@ int
> >  netdev_ports_insert(struct netdev *netdev, const struct dpif_class 
> > *dpif_class,
> >  struct dpif_port *dpif_port)
> >  {
> >-size_t hash = NETDEV_PORTS_HASH_INT(dpif_port->port_no, dpif_class);
> >  struct port_to_netdev_data *data;
> >  struct ifindex_to_port_data *ifidx;
> >  int ifindex = netdev_get_ifindex(netdev);
> >@@ -2228,7 +2230,8 @@ netdev_ports_insert(struct netdev *netdev, const 
> >struct dpif_class *dpif_class,
> >  ifidx->port = dpif_port->port_no;
> >  ifidx->dpif_class = dpif_class;
> >-hmap_insert(_to_netdev, >node, hash);
> >+hmap_insert(_to_netdev, >node,
> >+netdev_ports_hash(dpif_port->port_no, dpif_class));
> >  hmap_insert(_to_port, >node, ifidx->ifindex);
> >  ovs_mutex_unlock(_hmap_mutex);
> Much better.
> 
> Reviewed-by: Greg Rose 
> 

Thanks, I applied this to master.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH v2 1/2] netdev: Indentation and style fixes.

[Ben Pfaff]

White space changes only.

Signed-off-by: Ben Pfaff 
---
 lib/netdev.c | 20 ++--
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/lib/netdev.c b/lib/netdev.c
index 7aa3e0aedb4c..8dd35864d7cb 100644
--- a/lib/netdev.c
+++ b/lib/netdev.c
@@ -2314,10 +2314,10 @@ netdev_ifindex_to_odp_port(int ifindex)
 
 ovs_mutex_lock(_hmap_mutex);
 HMAP_FOR_EACH_WITH_HASH(data, node, ifindex, _to_port) {
-if (data->ifindex == ifindex) {
-ret = data->port;
-break;
-}
+if (data->ifindex == ifindex) {
+ret = data->port;
+break;
+}
 }
 ovs_mutex_unlock(_hmap_mutex);
 
@@ -2330,7 +2330,7 @@ netdev_ports_flow_flush(const struct dpif_class 
*dpif_class)
 struct port_to_netdev_data *data;
 
 ovs_mutex_lock(_hmap_mutex);
-HMAP_FOR_EACH(data, node, _to_netdev) {
+HMAP_FOR_EACH (data, node, _to_netdev) {
 if (data->dpif_class == dpif_class) {
 netdev_flow_flush(data->netdev);
 }
@@ -2347,7 +2347,7 @@ netdev_ports_flow_dump_create(const struct dpif_class 
*dpif_class, int *ports)
 int i = 0;
 
 ovs_mutex_lock(_hmap_mutex);
-HMAP_FOR_EACH(data, node, _to_netdev) {
+HMAP_FOR_EACH (data, node, _to_netdev) {
 if (data->dpif_class == dpif_class) {
 count++;
 }
@@ -2355,7 +2355,7 @@ netdev_ports_flow_dump_create(const struct dpif_class 
*dpif_class, int *ports)
 
 dumps = count ? xzalloc(sizeof *dumps * count) : NULL;
 
-HMAP_FOR_EACH(data, node, _to_netdev) {
+HMAP_FOR_EACH (data, node, _to_netdev) {
 if (data->dpif_class == dpif_class) {
 if (netdev_flow_dump_create(data->netdev, [i])) {
 continue;
@@ -2379,7 +2379,7 @@ netdev_ports_flow_del(const struct dpif_class *dpif_class,
 struct port_to_netdev_data *data;
 
 ovs_mutex_lock(_hmap_mutex);
-HMAP_FOR_EACH(data, node, _to_netdev) {
+HMAP_FOR_EACH (data, node, _to_netdev) {
 if (data->dpif_class == dpif_class
 && !netdev_flow_del(data->netdev, ufid, stats)) {
 ovs_mutex_unlock(_hmap_mutex);
@@ -2399,7 +2399,7 @@ netdev_ports_flow_get(const struct dpif_class 
*dpif_class, struct match *match,
 struct port_to_netdev_data *data;
 
 ovs_mutex_lock(_hmap_mutex);
-HMAP_FOR_EACH(data, node, _to_netdev) {
+HMAP_FOR_EACH (data, node, _to_netdev) {
 if (data->dpif_class == dpif_class
 && !netdev_flow_get(data->netdev, match, actions,
 ufid, stats, buf)) {
@@ -2418,7 +2418,7 @@ netdev_ports_flow_init(void)
 struct port_to_netdev_data *data;
 
 ovs_mutex_lock(_hmap_mutex);
-HMAP_FOR_EACH(data, node, _to_netdev) {
+HMAP_FOR_EACH (data, node, _to_netdev) {
netdev_init_flow_api(data->netdev);
 }
 ovs_mutex_unlock(_hmap_mutex);
-- 
2.10.2

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH v2 2/2] netdev: Eliminate redundant ifindex mapping.

[Ben Pfaff]

Until now, the code for mapping ODP port number to ifindexes and vice versa
has maintained two completely separate data structures, one for each
direction.  It was possible for the two mappings to become out of sync
with each other since either one could change independently.  This commit
merges them into a single data structure (with two indexes), which at least
means that if one is removed then the other is as well.

Signed-off-by: Ben Pfaff 
---
 lib/netdev.c | 71 +++-
 1 file changed, 17 insertions(+), 54 deletions(-)

diff --git a/lib/netdev.c b/lib/netdev.c
index 8dd35864d7cb..c52680659e3f 100644
--- a/lib/netdev.c
+++ b/lib/netdev.c
@@ -2166,17 +2166,12 @@ static struct hmap ifindex_to_port 
OVS_GUARDED_BY(netdev_hmap_mutex)
 = HMAP_INITIALIZER(_to_port);
 
 struct port_to_netdev_data {
-struct hmap_node node;
+struct hmap_node portno_node; /* By (dpif_class, dpif_port.port_no). */
+struct hmap_node ifindex_node; /* By (dpif_class, ifindex). */
 struct netdev *netdev;
 struct dpif_port dpif_port;
 const struct dpif_class *dpif_class;
-};
-
-struct ifindex_to_port_data {
-struct hmap_node node;
 int ifindex;
-odp_port_t port;
-const struct dpif_class *dpif_class;
 };
 
 static uint32_t
@@ -2191,7 +2186,7 @@ netdev_ports_lookup(odp_port_t port_no, const struct 
dpif_class *dpif_class)
 {
 struct port_to_netdev_data *data;
 
-HMAP_FOR_EACH_WITH_HASH (data, node,
+HMAP_FOR_EACH_WITH_HASH (data, portno_node,
  netdev_ports_hash(port_no, dpif_class),
  _to_netdev) {
 if (data->dpif_class == dpif_class
@@ -2207,7 +2202,6 @@ netdev_ports_insert(struct netdev *netdev, const struct 
dpif_class *dpif_class,
 struct dpif_port *dpif_port)
 {
 struct port_to_netdev_data *data;
-struct ifindex_to_port_data *ifidx;
 int ifindex = netdev_get_ifindex(netdev);
 
 if (ifindex < 0) {
@@ -2224,15 +2218,11 @@ netdev_ports_insert(struct netdev *netdev, const struct 
dpif_class *dpif_class,
 data->netdev = netdev_ref(netdev);
 data->dpif_class = dpif_class;
 dpif_port_clone(>dpif_port, dpif_port);
+data->ifindex = ifindex;
 
-ifidx = xzalloc(sizeof *ifidx);
-ifidx->ifindex = ifindex;
-ifidx->port = dpif_port->port_no;
-ifidx->dpif_class = dpif_class;
-
-hmap_insert(_to_netdev, >node,
+hmap_insert(_to_netdev, >portno_node,
 netdev_ports_hash(dpif_port->port_no, dpif_class));
-hmap_insert(_to_port, >node, ifidx->ifindex);
+hmap_insert(_to_port, >ifindex_node, ifindex);
 ovs_mutex_unlock(_hmap_mutex);
 
 netdev_init_flow_api(netdev);
@@ -2265,38 +2255,11 @@ netdev_ports_remove(odp_port_t port_no, const struct 
dpif_class *dpif_class)
 ovs_mutex_lock(_hmap_mutex);
 
 data = netdev_ports_lookup(port_no, dpif_class);
-
 if (data) {
-int ifindex = netdev_get_ifindex(data->netdev);
-struct ifindex_to_port_data *ifidx = NULL;
-
-if (ifindex > 0) {
-HMAP_FOR_EACH_WITH_HASH (ifidx, node, ifindex, _to_port) {
-if (ifidx->port == port_no) {
-hmap_remove(_to_port, >node);
-free(ifidx);
-break;
-}
-}
-ovs_assert(ifidx);
-} else {
-/* case where the interface is already deleted form the datapath
- * (e.g. tunctl -d or ip tuntap del), then the ifindex is not
- * valid anymore. Traverse the HMAP for the port number. */
-HMAP_FOR_EACH (ifidx, node, _to_port) {
-if (ifidx->port == port_no &&
-ifidx->dpif_class == dpif_class) {
-hmap_remove(_to_port, >node);
-free(ifidx);
-break;
-}
-}
-ovs_assert(ifidx);
-}
-
 dpif_port_destroy(>dpif_port);
 netdev_close(data->netdev); /* unref and possibly close */
-hmap_remove(_to_netdev, >node);
+hmap_remove(_to_netdev, >portno_node);
+hmap_remove(_to_port, >ifindex_node);
 free(data);
 ret = 0;
 }
@@ -2309,13 +2272,13 @@ netdev_ports_remove(odp_port_t port_no, const struct 
dpif_class *dpif_class)
 odp_port_t
 netdev_ifindex_to_odp_port(int ifindex)
 {
-struct ifindex_to_port_data *data;
+struct port_to_netdev_data *data;
 odp_port_t ret = 0;
 
 ovs_mutex_lock(_hmap_mutex);
-HMAP_FOR_EACH_WITH_HASH(data, node, ifindex, _to_port) {
+HMAP_FOR_EACH_WITH_HASH (data, ifindex_node, ifindex, _to_port) {
 if (data->ifindex == ifindex) {
-ret = data->port;
+ret = data->dpif_port.port_no;
 break;
 }
 }
@@ -2330,7 +2293,7 @@ netdev_ports_flow_flush(const struct dpif_class 
*dpif_class)
 struct port_to_netdev_data *data;
 

Re: [ovs-dev] [PATCH] ovn.at: Fix MSYS IPv6 interpretation

[aserdean]

> -Original Message-
> From: ovs-dev-boun...@openvswitch.org [mailto:ovs-dev-
> boun...@openvswitch.org] On Behalf Of Ben Pfaff
> Sent: Tuesday, November 14, 2017 8:16 PM
> To: Alin Gabriel Serdean 
> Cc: d...@openvswitch.org
> Subject: Re: [ovs-dev] [PATCH] ovn.at: Fix MSYS IPv6 interpretation
> 
> On Tue, Nov 14, 2017 at 03:49:44AM +0200, Alin Gabriel Serdean wrote:
> > Unfortunately MSYS transforms `0::` into the location of the binaries i.e.:
> > c:\MinGW\msys\1.0\64.
> >
> > Currently the test:
> > `testing ovn -- IPv6 Neighbor Solicitation for unknown MAC` fails
> > because of the above:
> > "ovn-nbctl: lrp0_ip6: invalid network address:
> aef0;c:\MinGW\msys\1.0\64"
> >
> > This patch uses the full form of the IPv6 address instead of its
> > shorter notation.
> >
> > Signed-off-by: Alin Gabriel Serdean 
> > ---
> >  tests/ovn.at | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/tests/ovn.at b/tests/ovn.at index f051d86..b6a83cc 100644
> > --- a/tests/ovn.at
> > +++ b/tests/ovn.at
> > @@ -8877,7 +8877,7 @@ ovn-nbctl lsp-set-port-security sw0_ip6-port1 \
> >  "50:64:00:00:00:02 aef0::5264:00ff:fe00:0002"
> >
> >  ovn-nbctl lr-add lr0_ip6
> > -ovn-nbctl lrp-add lr0_ip6 lrp0_ip6 00:00:00:00:af:01 aef0::/64
> > +ovn-nbctl lrp-add lr0_ip6 lrp0_ip6 00:00:00:00:af:01
> > +aef0:0:0:0:0:0:0:0/64
> 
> That's actually kind of funny.
> 
> Acked-by: Ben Pfaff 
It has its moments .
Thanks for the quick review. I applied on master.

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH v1 2/3] datapath-windows: Add a global level RW lock for NAT

[Anand Kumar]

Currently NAT module relies on the existing conntrack lock.
This patch provides a basic lock implementation for NAT module
in conntrack.

Signed-off-by: Anand Kumar 
---
 datapath-windows/ovsext/Conntrack.c | 36 ++--
 1 file changed, 34 insertions(+), 2 deletions(-)

diff --git a/datapath-windows/ovsext/Conntrack.c 
b/datapath-windows/ovsext/Conntrack.c
index 48d4abf..ba0dc88 100644
--- a/datapath-windows/ovsext/Conntrack.c
+++ b/datapath-windows/ovsext/Conntrack.c
@@ -32,6 +32,7 @@ KSTART_ROUTINE OvsConntrackEntryCleaner;
 static PLIST_ENTRY ovsConntrackTable;
 static OVS_CT_THREAD_CTX ctThreadCtx;
 static PNDIS_RW_LOCK_EX ovsConntrackLockObj;
+static PNDIS_RW_LOCK_EX ovsCtNatLockObj;
 extern POVS_SWITCH_CONTEXT gOvsSwitchContext;
 static LONG ctTotalEntries;
 
@@ -56,6 +57,13 @@ OvsInitConntrack(POVS_SWITCH_CONTEXT context)
 return STATUS_INSUFFICIENT_RESOURCES;
 }
 
+ovsCtNatLockObj = NdisAllocateRWLock(context->NdisFilterHandle);
+if (ovsCtNatLockObj == NULL) {
+NdisFreeRWLock(ovsConntrackLockObj);
+ovsConntrackLockObj = NULL;
+return STATUS_INSUFFICIENT_RESOURCES;
+}
+
 /* Init the Hash Buffer */
 ovsConntrackTable = OvsAllocateMemoryWithTag(sizeof(LIST_ENTRY)
  * CT_HASH_TABLE_SIZE,
@@ -63,6 +71,8 @@ OvsInitConntrack(POVS_SWITCH_CONTEXT context)
 if (ovsConntrackTable == NULL) {
 NdisFreeRWLock(ovsConntrackLockObj);
 ovsConntrackLockObj = NULL;
+NdisFreeRWLock(ovsCtNatLockObj);
+ovsCtNatLockObj = NULL;
 return STATUS_INSUFFICIENT_RESOURCES;
 }
 
@@ -80,6 +90,9 @@ OvsInitConntrack(POVS_SWITCH_CONTEXT context)
 NdisFreeRWLock(ovsConntrackLockObj);
 ovsConntrackLockObj = NULL;
 
+NdisFreeRWLock(ovsCtNatLockObj);
+ovsCtNatLockObj = NULL;
+
 OvsFreeMemoryWithTag(ovsConntrackTable, OVS_CT_POOL_TAG);
 ovsConntrackTable = NULL;
 
@@ -109,7 +122,7 @@ OvsInitConntrack(POVS_SWITCH_CONTEXT context)
 VOID
 OvsCleanupConntrack(VOID)
 {
-LOCK_STATE_EX lockState;
+LOCK_STATE_EX lockState, lockStateNat;
 NdisAcquireRWLockWrite(ovsConntrackLockObj, , 0);
 ctThreadCtx.exit = 1;
 KeSetEvent(, 0, FALSE);
@@ -129,7 +142,11 @@ OvsCleanupConntrack(VOID)
 
 NdisFreeRWLock(ovsConntrackLockObj);
 ovsConntrackLockObj = NULL;
+NdisAcquireRWLockWrite(ovsCtNatLockObj, , 0);
 OvsNatCleanup();
+NdisReleaseRWLock(ovsCtNatLockObj, );
+NdisFreeRWLock(ovsCtNatLockObj);
+ovsCtNatLockObj = NULL;
 }
 
 static __inline VOID
@@ -195,15 +212,19 @@ OvsCtAddEntry(POVS_CT_ENTRY entry, 
OvsConntrackKeyLookupCtx *ctx,
 if (natInfo == NULL) {
 entry->natInfo.natAction = NAT_ACTION_NONE;
 } else {
+LOCK_STATE_EX lockStateNat;
+NdisAcquireRWLockWrite(ovsCtNatLockObj, , 0);
 if (OvsIsForwardNat(natInfo->natAction)) {
 entry->natInfo = *natInfo;
 if (!OvsNatTranslateCtEntry(entry)) {
+NdisReleaseRWLock(ovsCtNatLockObj, );
 return FALSE;
 }
 ctx->hash = OvsHashCtKey(>key);
 } else {
 entry->natInfo.natAction = natInfo->natAction;
 }
+NdisReleaseRWLock(ovsCtNatLockObj, );
 }
 
 entry->timestampStart = now;
@@ -356,7 +377,10 @@ OvsCtEntryDelete(POVS_CT_ENTRY entry, BOOLEAN forceDelete)
 }
 if (forceDelete || OvsCtEntryExpired(entry)) {
 if (entry->natInfo.natAction) {
+LOCK_STATE_EX lockStateNat;
+NdisAcquireRWLockWrite(ovsCtNatLockObj, , 0);
 OvsNatDeleteKey(>key);
+NdisReleaseRWLock(ovsCtNatLockObj, );
 }
 OvsPostCtEventEntry(entry, OVS_EVENT_CT_DELETE);
 RemoveEntryList(>link);
@@ -558,7 +582,10 @@ OvsCtSetupLookupCtx(OvsFlowKey *flowKey,
 return NDIS_STATUS_INVALID_PACKET;
 }
 
+LOCK_STATE_EX lockStateNat;
+NdisAcquireRWLockRead(ovsCtNatLockObj, , 0);
 natEntry = OvsNatLookup(>key, TRUE);
+NdisReleaseRWLock(ovsCtNatLockObj, );
 if (natEntry) {
 /* Translate address first for reverse NAT */
 ctx->key = natEntry->ctEntry->key;
@@ -811,8 +838,11 @@ OvsCtExecute_(OvsForwardingContext *fwdCtx,
  */
 if (natInfo->natAction != NAT_ACTION_NONE)
 {
+LOCK_STATE_EX lockStateNat;
+NdisAcquireRWLockWrite(ovsCtNatLockObj, , 0);
 OvsNatPacket(fwdCtx, entry, entry->natInfo.natAction,
  key, ctx.reply);
+NdisReleaseRWLock(ovsCtNatLockObj, );
 }
 
 OvsCtSetMarkLabel(key, entry, mark, labels, );
@@ -1050,7 +1080,7 @@ OvsCtFlush(UINT16 zone)
 PLIST_ENTRY link, next;
 POVS_CT_ENTRY entry;
 
-LOCK_STATE_EX lockState;
+LOCK_STATE_EX lockState, lockStateNat;
 NdisAcquireRWLockWrite(ovsConntrackLockObj, , 0);
 
 if (ctTotalEntries) {
@@ -1064,7 +1094,9 @@ OvsCtFlush(UINT16 zone)
 }

[ovs-dev] [PATCH v1 1/3] datapath-windows: Refactor conntrack code.

[Anand Kumar]

Some of the functions and  code are refactored
so that new conntrack lock can be implemented

Signed-off-by: Anand Kumar 
---
 datapath-windows/ovsext/Conntrack-nat.c |  11 +--
 datapath-windows/ovsext/Conntrack.c | 170 ++--
 datapath-windows/ovsext/Conntrack.h |   4 -
 3 files changed, 101 insertions(+), 84 deletions(-)

diff --git a/datapath-windows/ovsext/Conntrack-nat.c 
b/datapath-windows/ovsext/Conntrack-nat.c
index c778f12..7975770 100644
--- a/datapath-windows/ovsext/Conntrack-nat.c
+++ b/datapath-windows/ovsext/Conntrack-nat.c
@@ -93,26 +93,23 @@ NTSTATUS OvsNatInit()
 sizeof(LIST_ENTRY) * NAT_HASH_TABLE_SIZE,
 OVS_CT_POOL_TAG);
 if (ovsNatTable == NULL) {
-goto failNoMem;
+return STATUS_INSUFFICIENT_RESOURCES;
 }
 
 ovsUnNatTable = OvsAllocateMemoryWithTag(
 sizeof(LIST_ENTRY) * NAT_HASH_TABLE_SIZE,
 OVS_CT_POOL_TAG);
 if (ovsUnNatTable == NULL) {
-goto freeNatTable;
+OvsFreeMemoryWithTag(ovsNatTable, OVS_CT_POOL_TAG);
+return STATUS_INSUFFICIENT_RESOURCES;
 }
 
 for (int i = 0; i < NAT_HASH_TABLE_SIZE; i++) {
 InitializeListHead([i]);
 InitializeListHead([i]);
 }
-return STATUS_SUCCESS;
 
-freeNatTable:
-OvsFreeMemoryWithTag(ovsNatTable, OVS_CT_POOL_TAG);
-failNoMem:
-return STATUS_INSUFFICIENT_RESOURCES;
+return STATUS_SUCCESS;
 }
 
 /*
diff --git a/datapath-windows/ovsext/Conntrack.c 
b/datapath-windows/ovsext/Conntrack.c
index 3203411..48d4abf 100644
--- a/datapath-windows/ovsext/Conntrack.c
+++ b/datapath-windows/ovsext/Conntrack.c
@@ -33,7 +33,7 @@ static PLIST_ENTRY ovsConntrackTable;
 static OVS_CT_THREAD_CTX ctThreadCtx;
 static PNDIS_RW_LOCK_EX ovsConntrackLockObj;
 extern POVS_SWITCH_CONTEXT gOvsSwitchContext;
-static UINT64 ctTotalEntries;
+static LONG ctTotalEntries;
 
 static __inline NDIS_STATUS OvsCtFlush(UINT16 zone);
 
@@ -210,7 +210,7 @@ OvsCtAddEntry(POVS_CT_ENTRY entry, OvsConntrackKeyLookupCtx 
*ctx,
 InsertHeadList([ctx->hash & CT_HASH_TABLE_MASK],
>link);
 
-ctTotalEntries++;
+InterlockedIncrement((LONG volatile *));
 return TRUE;
 }
 
@@ -233,11 +233,6 @@ OvsCtEntryCreate(OvsForwardingContext *fwdCtx,
 *entryCreated = FALSE;
 state |= OVS_CS_F_NEW;
 
-parentEntry = OvsCtRelatedLookup(ctx->key, currentTime);
-if (parentEntry != NULL) {
-state |= OVS_CS_F_RELATED;
-}
-
 switch (ipProto) {
 case IPPROTO_TCP:
 {
@@ -281,6 +276,11 @@ OvsCtEntryCreate(OvsForwardingContext *fwdCtx,
 break;
 }
 
+parentEntry = OvsCtRelatedLookup(ctx->key, currentTime);
+if (parentEntry != NULL && state != OVS_CS_F_INVALID) {
+state |= OVS_CS_F_RELATED;
+}
+
 if (state != OVS_CS_F_INVALID && commit) {
 if (entry) {
 entry->parent = parentEntry;
@@ -313,6 +313,7 @@ OvsCtUpdateEntry(OVS_CT_ENTRY* entry,
  BOOLEAN reply,
  UINT64 now)
 {
+CT_UPDATE_RES status;
 switch (ipProto) {
 case IPPROTO_TCP:
 {
@@ -320,32 +321,23 @@ OvsCtUpdateEntry(OVS_CT_ENTRY* entry,
 const TCPHdr *tcp;
 tcp = OvsGetTcp(nbl, l4Offset, );
 if (!tcp) {
-return CT_UPDATE_INVALID;
+status =  CT_UPDATE_INVALID;
+break;
 }
-return OvsConntrackUpdateTcpEntry(entry, tcp, nbl, reply, now);
+status =  OvsConntrackUpdateTcpEntry(entry, tcp, nbl, reply, now);
+break;
 }
 case IPPROTO_ICMP:
-return OvsConntrackUpdateIcmpEntry(entry, reply, now);
+status =  OvsConntrackUpdateIcmpEntry(entry, reply, now);
+break;
 case IPPROTO_UDP:
-return OvsConntrackUpdateOtherEntry(entry, reply, now);
+status =  OvsConntrackUpdateOtherEntry(entry, reply, now);
+break;
 default:
-return CT_UPDATE_INVALID;
-}
-}
-
-static __inline VOID
-OvsCtEntryDelete(POVS_CT_ENTRY entry)
-{
-if (entry == NULL) {
-return;
-}
-if (entry->natInfo.natAction) {
-OvsNatDeleteKey(>key);
+status =  CT_UPDATE_INVALID;
+break;
 }
-OvsPostCtEventEntry(entry, OVS_EVENT_CT_DELETE);
-RemoveEntryList(>link);
-OvsFreeMemoryWithTag(entry, OVS_CT_POOL_TAG);
-ctTotalEntries--;
+return status;
 }
 
 static __inline BOOLEAN
@@ -356,6 +348,24 @@ OvsCtEntryExpired(POVS_CT_ENTRY entry)
 return entry->expiration < currentTime;
 }
 
+static __inline VOID
+OvsCtEntryDelete(POVS_CT_ENTRY entry, BOOLEAN forceDelete)
+{
+if (entry == NULL) {
+return;
+}
+if (forceDelete || OvsCtEntryExpired(entry)) {
+if (entry->natInfo.natAction) {
+OvsNatDeleteKey(>key);
+}
+OvsPostCtEventEntry(entry, OVS_EVENT_CT_DELETE);
+RemoveEntryList(>link);
+OvsFreeMemoryWithTag(entry, OVS_CT_POOL_TAG);
+InterlockedDecrement((LONG volatile*));

Re: [ovs-dev] [PATCH v2 3/8] vport: retrieve the netnsid if available.

[Gregory Rose]

On 11/9/2017 9:31 AM, Flavio Leitner wrote:

Recent kernels provide the network namespace ID of a port,
so use that to discover where the port currently is.

Signed-off-by: Flavio Leitner 
---
  datapath/linux/compat/include/linux/openvswitch.h |  2 ++
  lib/dpif-netlink.c|  6 ++
  lib/dpif-netlink.h|  2 ++
  lib/netdev-linux.c| 20 
  4 files changed, 30 insertions(+)

diff --git a/datapath/linux/compat/include/linux/openvswitch.h 
b/datapath/linux/compat/include/linux/openvswitch.h
index bc6c94b8d..d2712d05f 100644
--- a/datapath/linux/compat/include/linux/openvswitch.h
+++ b/datapath/linux/compat/include/linux/openvswitch.h
@@ -283,6 +283,8 @@ enum ovs_vport_attr {
/* receiving upcalls */
OVS_VPORT_ATTR_STATS,   /* struct ovs_vport_stats */
OVS_VPORT_ATTR_PAD,
+   OVS_VPORT_ATTR_IFINDEX,
+   OVS_VPORT_ATTR_NETNSID,
__OVS_VPORT_ATTR_MAX
  };
  
diff --git a/lib/dpif-netlink.c b/lib/dpif-netlink.c

index fd333094d..b85e74c50 100644
--- a/lib/dpif-netlink.c
+++ b/lib/dpif-netlink.c
@@ -3065,6 +3065,7 @@ dpif_netlink_vport_from_ofpbuf(struct dpif_netlink_vport 
*vport,
  [OVS_VPORT_ATTR_STATS] = { NL_POLICY_FOR(struct ovs_vport_stats),
 .optional = true },
  [OVS_VPORT_ATTR_OPTIONS] = { .type = NL_A_NESTED, .optional = true },
+[OVS_VPORT_ATTR_NETNSID] = { .type = NL_A_U32, .optional = true },
  };
  
  dpif_netlink_vport_init(vport);

@@ -3100,6 +3101,11 @@ dpif_netlink_vport_from_ofpbuf(struct dpif_netlink_vport 
*vport,
  vport->options = nl_attr_get(a[OVS_VPORT_ATTR_OPTIONS]);
  vport->options_len = nl_attr_get_size(a[OVS_VPORT_ATTR_OPTIONS]);
  }
+if (a[OVS_VPORT_ATTR_NETNSID]) {
+netns_set_id(>netns, 
nl_attr_get_u32(a[OVS_VPORT_ATTR_NETNSID]));


This line is greater than 79 characters long according to checkpatch.

No other issues I can see.

- Greg


+} else {
+netns_set_local(>netns);
+}
  return 0;
  }
  
diff --git a/lib/dpif-netlink.h b/lib/dpif-netlink.h

index 568b81441..680a74c2f 100644
--- a/lib/dpif-netlink.h
+++ b/lib/dpif-netlink.h
@@ -21,6 +21,7 @@
  #include 
  #include 
  #include "odp-netlink.h"
+#include "netns.h"
  
  #include "flow.h"
  
@@ -32,6 +33,7 @@ struct dpif_netlink_vport {
  
  /* ovs_vport header. */

  int dp_ifindex;
+struct netns netns;
  odp_port_t port_no;/* ODPP_NONE if unknown. */
  enum ovs_vport_type type;
  
diff --git a/lib/netdev-linux.c b/lib/netdev-linux.c

index c31334ce1..fd181272b 100644
--- a/lib/netdev-linux.c
+++ b/lib/netdev-linux.c
@@ -476,6 +476,7 @@ struct netdev_linux {
  long long int miimon_interval;  /* Miimon Poll rate. Disabled if <= 0. */
  struct timer miimon_timer;
  
+struct netns netns; /* network namespace. */

  /* The following are figured out "on demand" only.  They are only valid
   * when the corresponding VALID_* bit in 'cache_valid' is set. */
  int ifindex;
@@ -571,6 +572,25 @@ netdev_rxq_linux_cast(const struct netdev_rxq *rx)
  return CONTAINER_OF(rx, struct netdev_rxq_linux, up);
  }
  
+static int
+netdev_linux_netns_update(struct netdev_linux *netdev)
+{
+struct netns *dev_netns = >netns;
+struct dpif_netlink_vport reply;
+struct ofpbuf *buf;
+int error;
+
+error = dpif_netlink_vport_get(netdev_get_name(>up), , );
+if (error) {
+netns_set_invalid(dev_netns);
+return error;
+}
+
+netns_copy(dev_netns, );
+ofpbuf_delete(buf);
+return 0;
+}
+
  static void netdev_linux_update(struct netdev_linux *netdev,
  const struct rtnetlink_change *)
  OVS_REQUIRES(netdev->mutex);


___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev