From patchwork Tue Jan 24 15:16:28 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?q?Adri=C3=A1n_Moreno?= X-Patchwork-Id: 1731267 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=2605:bc80:3010::137; helo=smtp4.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=ecyOsQdu; dkim-atps=neutral Received: from smtp4.osuosl.org (smtp4.osuosl.org [IPv6:2605:bc80:3010::137]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4P1Vvn2fg6z23h0 for ; Wed, 25 Jan 2023 02:17:41 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 433E841A6B; Tue, 24 Jan 2023 15:17:39 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 433E841A6B Authentication-Results: smtp4.osuosl.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=ecyOsQdu X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MJZxihoXbtwe; Tue, 24 Jan 2023 15:17:37 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp4.osuosl.org (Postfix) with ESMTPS id AE458419AE; Tue, 24 Jan 2023 15:17:34 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org AE458419AE Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id D0162C0087; Tue, 24 Jan 2023 15:17:32 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp3.osuosl.org (smtp3.osuosl.org [IPv6:2605:bc80:3010::136]) by lists.linuxfoundation.org (Postfix) with ESMTP id 312D8C002D for ; Tue, 24 Jan 2023 15:17:29 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id AEB1160F5D for ; Tue, 24 Jan 2023 15:17:27 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org AEB1160F5D Authentication-Results: smtp3.osuosl.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=ecyOsQdu X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O4z-6t-rrFXW for ; Tue, 24 Jan 2023 15:17:27 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org E1F3760864 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by smtp3.osuosl.org (Postfix) with ESMTPS id E1F3760864 for ; Tue, 24 Jan 2023 15:17:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1674573445; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ZMC7d5Ii82+cPk2IB4npbnw7K1lQBJB48OiW/h72lho=; b=ecyOsQdu1PojrUyQgdHAx6d+aldJyB2Tx7AsquZZlG4eV9h0unBE5DyQ/ym3cNanfaycKZ jCM4t03oCnbPN2O5M2ccyIEqA1+8o/rBsh0nLXTml+A1FccWgytAXfNtJ9MiO099jtZ0pV vrQrONm7FoysJ52C+H4K6sZLYAmPZTw= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-360-9NluNwQAPsq2lmObmAp5Gw-1; Tue, 24 Jan 2023 10:17:23 -0500 X-MC-Unique: 9NluNwQAPsq2lmObmAp5Gw-1 Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.rdu2.redhat.com [10.11.54.10]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 2A973914700 for ; Tue, 24 Jan 2023 15:16:38 +0000 (UTC) Received: from antares.redhat.com (unknown [10.39.194.157]) by smtp.corp.redhat.com (Postfix) with ESMTP id 2D67B492B00; Tue, 24 Jan 2023 15:16:36 +0000 (UTC) From: =?utf-8?q?Adri=C3=A1n_Moreno?= To: dev@openvswitch.org Date: Tue, 24 Jan 2023 16:16:28 +0100 Message-Id: <20230124151632.695912-3-amorenoz@redhat.com> In-Reply-To: <20230124151632.695912-1-amorenoz@redhat.com> References: <20230124151632.695912-1-amorenoz@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.10 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Subject: [ovs-dev] [PATCH ovn v1 2/6] northd: fix unsampled drops and unit test X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Adrian Moreno Some drops were left unsampled and a change in IFS made the test fail to detect them. This patch fixes it. Fixes: a42c808f30b4 ("northd: add drop sampling") Acked-by: Mark Michelson Signed-off-by: Adrian Moreno --- northd/northd.c | 17 ++++++++++------- tests/ovn.at | 7 +++++-- 2 files changed, 15 insertions(+), 9 deletions(-) diff --git a/northd/northd.c b/northd/northd.c index 0944a7b56..820889141 100644 --- a/northd/northd.c +++ b/northd/northd.c @@ -5642,7 +5642,7 @@ build_lswitch_port_sec_op(struct ovn_port *op, struct hmap *lflows, ds_put_format(match, "outport == %s", op->json_key); ovn_lflow_add_with_lport_and_hint( lflows, op->od, S_SWITCH_IN_L2_UNKNOWN, 50, ds_cstr(match), - "drop;", op->key, &op->nbsp->header_); + debug_drop_action(), op->key, &op->nbsp->header_); return; } @@ -5736,7 +5736,7 @@ build_lswitch_output_port_sec_od(struct ovn_datapath *od, REGBIT_PORT_SEC_DROP" = check_out_port_sec(); next;"); ovn_lflow_add(lflows, od, S_SWITCH_OUT_APPLY_PORT_SEC, 50, - REGBIT_PORT_SEC_DROP" == 1", "drop;"); + REGBIT_PORT_SEC_DROP" == 1", debug_drop_action()); ovn_lflow_add(lflows, od, S_SWITCH_OUT_APPLY_PORT_SEC, 0, "1", "output;"); @@ -6683,7 +6683,8 @@ build_acls(struct ovn_datapath *od, const struct chassis_features *features, struct hmap *lflows, const struct hmap *port_groups, const struct shash *meter_groups) { - const char *default_acl_action = default_acl_drop ? "drop;" : "next;"; + const char *default_acl_action = default_acl_drop ? debug_drop_action() : + "next;"; bool has_stateful = od->has_stateful_acl || od->has_lb_vip; const char *ct_blocked_match = features->ct_no_masked_label ? "ct_mark.blocked" @@ -6752,7 +6753,7 @@ build_acls(struct ovn_datapath *od, const struct chassis_features *features, REGBIT_CONNTRACK_COMMIT" = 1; next;"); default_acl_action = default_acl_drop - ? "drop;" + ? debug_drop_action() : REGBIT_CONNTRACK_COMMIT" = 1; next;"; ovn_lflow_add(lflows, od, S_SWITCH_IN_ACL, 1, "ip && !ct.est", default_acl_action); @@ -9085,7 +9086,8 @@ build_lswitch_ip_unicast_lookup(struct ovn_port *op, * or IPv6 addresses (or both). */ struct eth_addr mac; bool lsp_enabled = lsp_is_enabled(op->nbsp); - char *action = lsp_enabled ? "outport = %s; output;" : "drop;"; + const char *action = lsp_enabled ? "outport = %s; output;" : + debug_drop_action(); if (ovs_scan(op->nbsp->addresses[i], ETH_ADDR_SCAN_FMT, ETH_ADDR_SCAN_ARGS(mac))) { ds_clear(match); @@ -12912,12 +12914,13 @@ build_gateway_redirect_flows_for_lrouter( nat_entry_is_v6(nat) ? "6" : "4", nat->nb->external_ip); ovn_lflow_add(lflows, od, S_ROUTER_IN_GW_REDIRECT, 70, - ds_cstr(&match_ext), "drop;"); + ds_cstr(&match_ext), debug_drop_action()); add_def_flow = false; } } else if (nat->nb->exempted_ext_ips) { ovn_lflow_add_with_hint(lflows, od, S_ROUTER_IN_GW_REDIRECT, - 75, ds_cstr(&match_ext), "drop;", + 75, ds_cstr(&match_ext), + debug_drop_action(), stage_hint); } ds_destroy(&match_ext); diff --git a/tests/ovn.at b/tests/ovn.at index e9b8bc677..6bd1efb38 100644 --- a/tests/ovn.at +++ b/tests/ovn.at @@ -33910,9 +33910,12 @@ check_sample_drops() { AT_CAPTURE_FILE([oflows_sample]) # Check that every drop has now contains a "sample" action. - for flow in "$drop_matches"; do - AT_CHECK([grep -q "$flow actions=.*sample.*" oflows_sample], [0], [ignore], [ignore], [echo "Flow $flow has a drop and did not get sampled"]) + save_IFS=$IFS + IFS=$'\n' + for flow in $drop_matches; do + AT_CHECK([grep "${flow}actions=.*sample.*" oflows_sample], [0], [ignore], [ignore], [echo "Flow $flow has a drop and did not get sampled"]) done + IFS=$save_IFS } check_drops() {