12 Sep, 2013
1 commit
-
In function __parse_flow_nlattrs(), we check for condition
(type > OVS_KEY_ATTR_MAX) and if true, print an error, but we do
not return from this function as in other checks. It seems this
has been forgotten, as otherwise, we could access beyond the
memory of ovs_key_lens, which is of ovs_key_lens[OVS_KEY_ATTR_MAX + 1].
Hence, a maliciously prepared nla_type from user space could access
beyond this upper limit.Introduced by 03f0d916a ("openvswitch: Mega flow implementation").
Signed-off-by: Daniel Borkmann
Cc: Andy Zhou
Acked-by: Jesse Gross
Signed-off-by: David S. Miller
06 Sep, 2013
1 commit
-
sw_flow_key alignment was declared as " __aligned(__alignof__(long))".
However, this breaks on the m68k architecture where long is 32 bit in
size but 16 bit aligned by default. This aligns to the size of a long to
ensure that we can always do comparsions in full long-sized chunks. It
also adds an additional build check to catch any reduction in alignment.CC: Andy Zhou
Reported-by: Fengguang Wu
Reported-by: Geert Uytterhoeven
Signed-off-by: Jesse Gross
Signed-off-by: David S. Miller
04 Sep, 2013
3 commits
-
The goal of this patch is to harmonize cleanup done on a skbuff on xmit path.
Before this patch, behaviors were different depending of the tunnel type.Signed-off-by: Nicolas Dichtel
Signed-off-by: David S. Miller -
This argument is not used, let's remove it.
Signed-off-by: Nicolas Dichtel
Signed-off-by: David S. Miller -
This argument is not used, let's remove it.
Signed-off-by: Nicolas Dichtel
Signed-off-by: David S. Miller
01 Sep, 2013
1 commit
-
This patch adds IPv6 support to vxlan device, as the new version
RFC already mentions it:http://tools.ietf.org/html/draft-mahalingam-dutt-dcops-vxlan-03
Cc: David Stevens
Cc: Stephen Hemminger
Cc: David S. Miller
Signed-off-by: Cong Wang
Signed-off-by: David S. Miller
28 Aug, 2013
1 commit
-
Make sure the sw_flow_key structure and valid mask boundaries are always
machine word aligned. Optimize the flow compare and mask operations
using machine word size operations. This patch improves throughput on
average by 15% when CPU is the bottleneck of forwarding packets.This patch is inspired by ideas and code from a patch submitted by Peter
Klausler titled "replace memcmp() with specialized comparator".
However, The original patch only optimizes for architectures
support unaligned machine word access. This patch optimizes for all
architectures.Signed-off-by: Andy Zhou
Signed-off-by: Jesse Gross
27 Aug, 2013
2 commits
-
Key_end is a better name describing the ending boundary than key_len.
Rename those variables to make it less confusing.Signed-off-by: Andy Zhou
Signed-off-by: Jesse Gross -
This patch adds support for rewriting SCTP src,dst ports similar to the
functionality already available for TCP/UDP.Rewriting SCTP ports is expensive due to double-recalculation of the
SCTP checksums; this is performed to ensure that packets traversing OVS
with invalid checksums will continue to the destination with any
checksum corruption intact.Reviewed-by: Simon Horman
Signed-off-by: Joe Stringer
Signed-off-by: Ben Pfaff
Signed-off-by: Jesse Gross
24 Aug, 2013
7 commits
-
Add wildcarded flow support in kernel datapath.
Wildcarded flow can improve OVS flow set up performance by avoid sending
matching new flows to the user space program. The exact performance boost
will largely dependent on wildcarded flow hit rate.In case all new flows hits wildcard flows, the flow set up rate is
within 5% of that of linux bridge module.Pravin has made significant contributions to this patch. Including API
clean ups and bug fixes.Signed-off-by: Pravin B Shelar
Signed-off-by: Andy Zhou
Signed-off-by: Jesse Gross -
Cc: Jesse Gross
Cc: Pravin B Shelar
Signed-off-by: Cong Wang
Signed-off-by: Jesse Gross -
Signed-off-by: Justin Pettit
Signed-off-by: Jesse Gross -
Link upper device properly. That will make IFLA_MASTER filled up.
Set the master to port 0 of the datapath under which the port belongs.Signed-off-by: Jiri Pirko
Signed-off-by: Jesse Gross -
Flow table destroy is done in rcu call-back context. Therefore
there is no need to use rcu variant of hlist_del().Signed-off-by: Pravin B Shelar
Signed-off-by: Jesse Gross -
RCUfy dp-dump operation which is already read-only. This
makes all ovs dump operations lockless.Signed-off-by: Pravin B Shelar
Signed-off-by: Jesse Gross -
Flow dump operation is read-only operation. There is no need to
take ovs-lock. Following patch use rcu-lock for dumping flows.Signed-off-by: Pravin B Shelar
Signed-off-by: Jesse Gross
20 Aug, 2013
1 commit
-
Following patch adds vxlan vport type for openvswitch using
vxlan api. So now there is vxlan dependency for openvswitch.CC: Jesse Gross
Signed-off-by: Pravin B Shelar
Acked-by: Jesse Gross
Signed-off-by: David S. Miller
15 Aug, 2013
3 commits
-
It doesn't make sense to output a tunnel packet using the same
parameters that it was received with since that will generally
just result in the packet going back to us. As a result, userspace
assumes that the tunnel key is cleared when transitioning through
the switch. In the majority of cases this doesn't matter since a
packet is either going to a tunnel port (in which the key is
overwritten with new values) or to a non-tunnel port (in which
case the key is ignored). However, it's theoreticaly possible that
userspace could rely on the documented behavior, so this corrects
it.Signed-off-by: Jesse Gross
-
Flex array is used to allocate hash buckets which is type struct
hlist_head, but we use `struct hlist_head *` to calculate
array size. Since hlist_head is of size pointer it works fine.Following patch use correct type.
Signed-off-by: Pravin B Shelar
Signed-off-by: Jesse Gross -
git silently included an extra hunk in vport_cmd_set() during
automatic merging. This code is unreachable so it does not actually
introduce a problem but it is clearly incorrect.Signed-off-by: Jesse Gross
02 Jul, 2013
1 commit
-
Openvswitch uses function from NET_IPGRE_DEMUX module.
Add Kconfig dependency to fix following compilation errors:
http://marc.info/?l=linux-netdev&m=137244035226634CC: Jesse Gross
Reported-by: Randy Dunlap
Signed-off-by: Pravin Shelar
Acked-by: Randy Dunlap
Acked-by: Jesse Gross
Signed-off-by: David S. Miller
24 Jun, 2013
1 commit
-
This bug was introduced by commit aa310701e787087
(openvswitch: Add gre tunnel support.)Signed-off-by: Pravin B Shelar
Signed-off-by: David S. Miller
20 Jun, 2013
5 commits
-
Add gre vport implementation. Most of gre protocol processing
is pushed to gre module. It make use of gre demultiplexer
therefore it can co-exist with linux device based gre tunnels.Signed-off-by: Pravin B Shelar
Acked-by: Jesse Gross
Signed-off-by: David S. Miller -
Following patch adds start offset for sw_flow-key, so that we can
skip tunneling information in key for non-tunnel flows.Signed-off-by: Pravin B Shelar
Acked-by: Jesse Gross
Signed-off-by: David S. Miller -
MAX_ACTIONS_BUFSIZE limits action list size, set tunnel action
needs extra space on action list, for now increase max actions list limit.Signed-off-by: Pravin B Shelar
Acked-by: Jesse Gross
Signed-off-by: David S. Miller -
Add ovs tunnel interface for set tunnel action for userspace.
Signed-off-by: Pravin B Shelar
Acked-by: Jesse Gross
Signed-off-by: David S. Miller -
Rather than validating actions and then copying all actiaons
in one block, following patch does same operation in single pass.
This validate and copy action one by one. This is required for
ovs tunneling patch.This patch does not change any functionality.
Signed-off-by: Pravin B Shelar
Acked-by: Jesse Gross
Signed-off-by: David S. Miller
15 Jun, 2013
8 commits
-
Jesse Gross says:
====================
A few miscellaneous improvements and cleanups before the GRE tunnel
integration series. Intended for net-next/3.11.
====================Signed-off-by: David S. Miller
-
This is not functional change, this is just code cleanup.
Signed-off-by: Pravin B Shelar
Signed-off-by: Jesse Gross -
Following patch keeps skb->csum correct across ovs.
Signed-off-by: Pravin B Shelar
Signed-off-by: Jesse Gross -
Flagged with: https://github.com/lyda/misspell-check
Run with: git ls-files | misspellings -f -Signed-off-by: Andy Hill
Signed-off-by: Jesse Gross -
Signed-off-by: Lorand Jakab
Signed-off-by: Jesse Gross -
Following patch changes vport->send return type so that vport
layer can do error accounting.Signed-off-by: Pravin B Shelar
Signed-off-by: Jesse Gross -
The get_config vport op is left over from old compatibility code,
it is neither used nor implemented any more.Signed-off-by: Jesse Gross
-
It is an error to try to change the type of a vport using the set
command. However, while we check that this is an error, we still
proceed to allocate memory which then gets freed immediately.
This stops processing after noticing the error, which does not
actually fix a bug but is more correct.Signed-off-by: Jesse Gross
29 May, 2013
1 commit
-
So far, only net_device * could be passed along with netdevice notifier
event. This patch provides a possibility to pass custom structure
able to provide info that event listener needs to know.Signed-off-by: Jiri Pirko
v2->v3: fix typo on simeth
shortened dev_getter
shortened notifier_info struct name
v1->v2: fix notifier_call parameter in call_netdevice_notifier()
Signed-off-by: David S. Miller
30 Apr, 2013
1 commit
-
The only user is get_dpifindex(), no need to redirect via the port
operations.Signed-off-by: Thomas Graf
Signed-off-by: David S. Miller
25 Apr, 2013
1 commit
-
OVS locking was recently changed to have private OVS lock which
simplified overall locking. Therefore there is no need to have
another global genl lock to protect OVS data structures. Following
patch uses of parallel_ops genl family for OVS. This also allows
more granual OVS locking using ovs_mutex for protecting OVS data
structures, which gives more concurrencey. E.g multiple genl
operations OVS_PACKET_CMD_EXECUTE can run in parallel, etc.Signed-off-by: Pravin B Shelar
Signed-off-by: David S. Miller
23 Apr, 2013
1 commit
-
Conflicts:
drivers/net/ethernet/emulex/benet/be_main.c
drivers/net/ethernet/intel/igb/igb_main.c
drivers/net/wireless/brcm80211/brcmsmac/mac80211_if.c
include/net/scm.h
net/batman-adv/routing.c
net/ipv4/tcp_input.cThe e{uid,gid} --> {uid,gid} credentials fix conflicted with the
cleanup in net-next to now pass cred structs around.The be2net driver had a bug fix in 'net' that overlapped with the VLAN
interface changes by Patrick McHardy in net-next.An IGB conflict existed because in 'net' the build_skb() support was
reverted, and in 'net-next' there was a comment style fix within that
code.Several batman-adv conflicts were resolved by making sure that all
calls to batadv_is_my_mac() are changed to have a new bat_priv first
argument.Eric Dumazet's TS ECR fix in TCP in 'net' conflicted with the F-RTO
rewrite in 'net-next', mostly overlapping changes.Thanks to Stephen Rothwell and Antonio Quartulli for help with several
of these merge resolutions.Signed-off-by: David S. Miller
20 Apr, 2013
1 commit
-
Add a protocol argument to the VLAN packet tagging functions. In case of HW
tagging, we need that protocol available in the ndo_start_xmit functions,
so it is stored in a new field in the skb. The new field fits into a hole
(on 64 bit) and doesn't increase the sks's size.Signed-off-by: Patrick McHardy
Signed-off-by: David S. Miller
