From patchwork Mon Apr 22 07:35:59 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ales Musil X-Patchwork-Id: 1926021 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=emVb7Hi7; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=2605:bc80:3010::137; helo=smtp4.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org) Received: from smtp4.osuosl.org (smtp4.osuosl.org [IPv6:2605:bc80:3010::137]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4VNHB93Wl1z1yZP for ; Mon, 22 Apr 2024 17:36:33 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id A5792408DE; Mon, 22 Apr 2024 07:36:31 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id oBSxcnoqZN96; Mon, 22 Apr 2024 07:36:30 +0000 (UTC) X-Comment: SPF check N/A for local connections - client-ip=140.211.9.56; helo=lists.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver= DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 0499C40882 Authentication-Results: smtp4.osuosl.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=emVb7Hi7 Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp4.osuosl.org (Postfix) with ESMTPS id 0499C40882; Mon, 22 Apr 2024 07:36:28 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 10E0DC0DCF; Mon, 22 Apr 2024 07:36:28 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 15057C0077 for ; Mon, 22 Apr 2024 07:36:27 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 96D7A409F1 for ; Mon, 22 Apr 2024 07:36:19 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id Vg_sT1EV6L1d for ; Mon, 22 Apr 2024 07:36:16 +0000 (UTC) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=170.10.129.124; helo=us-smtp-delivery-124.mimecast.com; envelope-from=amusil@redhat.com; receiver= DMARC-Filter: OpenDMARC Filter v1.4.2 smtp2.osuosl.org 8617740930 Authentication-Results: smtp2.osuosl.org; dmarc=pass (p=none dis=none) header.from=redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 8617740930 Authentication-Results: smtp2.osuosl.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=emVb7Hi7 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by smtp2.osuosl.org (Postfix) with ESMTPS id 8617740930 for ; Mon, 22 Apr 2024 07:36:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1713771374; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=OavLEzcZv9uvXpPpzTSvwYeNqnmcKdMTnDZW7lzkfRU=; b=emVb7Hi7cDEzZk8fp4Dz9ANA5vsmsNVDpsr0VkwlTSD9Ylv7uH8NOgjxXXmMpCCS58cPxD rKi9RKZDM+p7TZFmDDw5K0oKkBtZGYDj5CKPRU/uTxlE0YvyN47lIQZOxL1GM/smGbC6Mw 24Aars/8ASjtgazoZa9gLxmBOickVyo= Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-383-Bfb-Ll6oPWeeH0qRrvdZTg-1; Mon, 22 Apr 2024 03:36:04 -0400 X-MC-Unique: Bfb-Ll6oPWeeH0qRrvdZTg-1 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.rdu2.redhat.com [10.11.54.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id A2D8A29AB3F8 for ; Mon, 22 Apr 2024 07:36:04 +0000 (UTC) Received: from amusil.brq.redhat.com (unknown [10.43.17.32]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1752A49F1F; Mon, 22 Apr 2024 07:36:03 +0000 (UTC) From: Ales Musil To: dev@openvswitch.org Date: Mon, 22 Apr 2024 09:35:59 +0200 Message-ID: <20240422073602.258855-2-amusil@redhat.com> In-Reply-To: <20240422073602.258855-1-amusil@redhat.com> References: <20240422073602.258855-1-amusil@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.1 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Subject: [ovs-dev] [PATCH ovn 1/4] northd, controller: Handle tunnel_key change consistently. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" Currently the tunnel_key change for either LS/LR/LSP/LRP wasn't consistent. That would lead to a situations when some old would still be present, breaking the connection especially for already existing FDBs and MAC bindings. Make sure the FDB entries are up to date by removing them from DB when there is a tunnel_key change as those entries have only tunnel_key refrences (dp_key, port_key). MAC bindings have references to the datapath and port name, instead of removing those entries do recompute in the controller when we detect tunnel_key change. This can be costly at scale, however the tunnel_key is not expected to change constantly, in most cases it shouldn't change at all. Fixes: b337750e45be ("northd: Incremental processing of VIF changes in 'northd' node.") Fixes: 425f699e2b20 ("controller: fixed potential segfault when changing tunnel_key and deleting ls.") Reported-at: https://issues.redhat.com/browse/FDP-393 Signed-off-by: Ales Musil --- controller/binding.c | 13 ++++++++-- controller/ovn-controller.c | 27 +++++++------------ northd/northd.c | 7 +++++ tests/ovn.at | 52 +++++++++++++++++++++++++++++++++++++ 4 files changed, 79 insertions(+), 20 deletions(-) diff --git a/controller/binding.c b/controller/binding.c index 8ac2ce3e2..0712d7030 100644 --- a/controller/binding.c +++ b/controller/binding.c @@ -3126,8 +3126,17 @@ delete_done: update_ld_peers(pb, b_ctx_out->local_datapaths); } - handled = handle_updated_port(b_ctx_in, b_ctx_out, pb); - if (!handled) { + if (!handle_updated_port(b_ctx_in, b_ctx_out, pb)) { + handled = false; + break; + } + + if (!sbrec_port_binding_is_new(pb) && + sbrec_port_binding_is_updated(pb, + SBREC_PORT_BINDING_COL_TUNNEL_KEY) && + get_local_datapath(b_ctx_out->local_datapaths, + pb->datapath->tunnel_key)) { + handled = false; break; } } diff --git a/controller/ovn-controller.c b/controller/ovn-controller.c index 23269af83..356ce881a 100644 --- a/controller/ovn-controller.c +++ b/controller/ovn-controller.c @@ -1894,7 +1894,6 @@ runtime_data_sb_datapath_binding_handler(struct engine_node *node OVS_UNUSED, engine_get_input("SB_datapath_binding", node)); const struct sbrec_datapath_binding *dp; struct ed_type_runtime_data *rt_data = data; - struct local_datapath *ld; SBREC_DATAPATH_BINDING_TABLE_FOR_EACH_TRACKED (dp, dp_table) { if (sbrec_datapath_binding_is_deleted(dp)) { @@ -1902,27 +1901,19 @@ runtime_data_sb_datapath_binding_handler(struct engine_node *node OVS_UNUSED, dp->tunnel_key)) { return false; } + + } + + if (sbrec_datapath_binding_is_updated( + dp, SBREC_DATAPATH_BINDING_COL_TUNNEL_KEY) && + !sbrec_datapath_binding_is_new(dp)) { /* If the tunnel key got updated, get_local_datapath will not find * the ld. Use get_local_datapath_no_hash which does not * rely on the hash. */ - if (sbrec_datapath_binding_is_updated( - dp, SBREC_DATAPATH_BINDING_COL_TUNNEL_KEY)) { - if (get_local_datapath_no_hash(&rt_data->local_datapaths, - dp->tunnel_key)) { - return false; - } - } - } else if (sbrec_datapath_binding_is_updated( - dp, SBREC_DATAPATH_BINDING_COL_TUNNEL_KEY) - && !sbrec_datapath_binding_is_new(dp)) { - /* If the tunnel key is updated, remove the entry (with a wrong - * hash) from the map. It will be (properly) added back later. - */ - if ((ld = get_local_datapath_no_hash(&rt_data->local_datapaths, - dp->tunnel_key))) { - hmap_remove(&rt_data->local_datapaths, &ld->hmap_node); - local_datapath_destroy(ld); + if (get_local_datapath_no_hash(&rt_data->local_datapaths, + dp->tunnel_key)) { + return false; } } } diff --git a/northd/northd.c b/northd/northd.c index 331d9c267..eda1a6823 100644 --- a/northd/northd.c +++ b/northd/northd.c @@ -4541,6 +4541,8 @@ ls_handle_lsp_changes(struct ovsdb_idl_txn *ovnsb_idl_txn, op->visited = true; continue; } + + uint32_t old_tunnel_key = op->tunnel_key; if (!ls_port_reinit(op, ovnsb_idl_txn, &nd->ls_ports, new_nbsp, NULL, od, sb, ni->sbrec_mirror_table, @@ -4550,6 +4552,11 @@ ls_handle_lsp_changes(struct ovsdb_idl_txn *ovnsb_idl_txn, goto fail; } add_op_to_northd_tracked_ports(&trk_lsps->updated, op); + + if (old_tunnel_key != op->tunnel_key) { + delete_fdb_entry(ni->sbrec_fdb_by_dp_and_port, od->tunnel_key, + old_tunnel_key); + } } op->visited = true; } diff --git a/tests/ovn.at b/tests/ovn.at index dc6aafd53..9825870eb 100644 --- a/tests/ovn.at +++ b/tests/ovn.at @@ -37422,6 +37422,8 @@ sim_add hv1 as hv1 check ovs-vsctl add-br br-phys ovn_attach n1 br-phys 192.168.0.11 +ovs-vsctl -- add-port br-int vif1 -- \ + set interface vif1 external-ids:iface-id=lsp1 check ovn-nbctl --wait=hv ls-add ls \ -- lsp-add ls lsp1 \ @@ -37434,6 +37436,56 @@ check ovn-nbctl --wait=hv ls-add ls \ addresses=router \ -- lrp-set-gateway-chassis lr-ls hv1 +dp_uuid=$(fetch_column datapath _uuid external_ids:name=lr) +ovn-sbctl create MAC_Binding ip=192.168.1.10 datapath=$dp_uuid logical_port=lr-ls mac='"00:00:00:00:00:01"' + +OVN_POPULATE_ARP +wait_for_ports_up +check ovn-nbctl --wait=hv sync + +create_fdb() { + ls_key=$(fetch_column datapath tunnel_key external_ids:name=ls) + lsp_key=$(fetch_column port_binding tunnel_key logical_port=lsp1) + + ovn-sbctl create FDB mac='"00:00:00:00:00:01"' dp_key=$ls_key port_key=$lsp_key +} + +AS_BOX([Logical switch tunnel_key change]) +create_fdb + +check ovn-nbctl --wait=hv set Logical_Switch ls other_config:requested-tnl-key=10 +ovn-sbctl list datapath +CHECK_FLOWS_AFTER_RECOMPUTE([hv1], [hv1]) + +check_row_count FDB 0 mac='"00:00:00:00:00:01"' + +AS_BOX([Logical switch port tunnel_key change]) +create_fdb + +check ovn-nbctl --wait=hv set Logical_Switch_Port lsp1 options:requested-tnl-key=10 +CHECK_FLOWS_AFTER_RECOMPUTE([hv1], [hv1]) + +check_row_count FDB 0 mac='"00:00:00:00:00:01"' + +AS_BOX([Logical router tunnel_key change]) +check ovn-nbctl --wait=hv set Logical_Router lr options:requested-tnl-key=20 +CHECK_FLOWS_AFTER_RECOMPUTE([hv1], [hv1]) + +check_row_count Mac_Binding 1 ip=192.168.1.10 +AT_CHECK([ovs-ofctl dump-flows br-int table=OFTABLE_MAC_LOOKUP | grep -c metadata=0x14], [0], [dnl +1 +]) + +AS_BOX([Logical router port tunnel_key change]) +check ovn-nbctl --wait=hv set Logical_Router_Port lr-ls options:requested-tnl-key=20 +CHECK_FLOWS_AFTER_RECOMPUTE([hv1], [hv1]) + +check_row_count Mac_Binding 1 ip=192.168.1.10 +AT_CHECK([ovs-ofctl dump-flows br-int table=OFTABLE_MAC_LOOKUP | grep -c reg14=0x14], [0], [dnl +1 +]) + +AS_BOX([Logical switch tunnel_key change, potential segfault]) sleep_controller hv1 check ovn-nbctl --wait=sb set Logical_Switch ls other_config:requested-tnl-key=1000