From patchwork Fri Oct 4 18:58:00 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mike Pattrick X-Patchwork-Id: 1992950 X-Patchwork-Delegate: i.maximets@samsung.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=PrKUVbyc; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=2605:bc80:3010::138; helo=smtp1.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org) Received: from smtp1.osuosl.org (smtp1.osuosl.org [IPv6:2605:bc80:3010::138]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4XKyVg3Rbxz1xsn for ; Sat, 5 Oct 2024 04:58:17 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id F11D784481; Fri, 4 Oct 2024 18:58:14 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id N53NCUUmIAKB; Fri, 4 Oct 2024 18:58:12 +0000 (UTC) X-Comment: SPF check N/A for local connections - client-ip=140.211.9.56; helo=lists.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver= DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org B993581110 Authentication-Results: smtp1.osuosl.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=PrKUVbyc Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp1.osuosl.org (Postfix) with ESMTPS id B993581110; Fri, 4 Oct 2024 18:58:12 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 930A7C08A6; Fri, 4 Oct 2024 18:58:12 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by lists.linuxfoundation.org (Postfix) with ESMTP id 61E32C08A3 for ; Fri, 4 Oct 2024 18:58:11 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id 4683860087 for ; Fri, 4 Oct 2024 18:58:11 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id NwIzBfSzu8Zb for ; Fri, 4 Oct 2024 18:58:10 +0000 (UTC) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=170.10.129.124; helo=us-smtp-delivery-124.mimecast.com; envelope-from=mkp@redhat.com; receiver= DMARC-Filter: OpenDMARC Filter v1.4.2 smtp3.osuosl.org EED0160011 Authentication-Results: smtp3.osuosl.org; dmarc=pass (p=none dis=none) header.from=redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org EED0160011 Authentication-Results: smtp3.osuosl.org; dkim=pass (1024-bit key, unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=PrKUVbyc Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by smtp3.osuosl.org (Postfix) with ESMTPS id EED0160011 for ; Fri, 4 Oct 2024 18:58:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1728068288; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=g10qPIXYjCJv6tettXzZPB2pVzazNwXUg3H52KGsJLk=; b=PrKUVbycj5pdgMT3k/k7Ke8Va4ySYwjYDNfOfGJUG/bhqTNQSUWIQihV3CZPDzWx4ukALs WM8HkCI8aVOLrxSE1gjBk/iaXWcar3lISBkOT6+vywlUNIVgMtPnnfWcNOiRsP7JnW86Rc zjj+V2OZoJtJuHwH89kTTNd2eFYa4MA= Received: from mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-79-Vfu900D7OaS5_Nds1wQUkQ-1; Fri, 04 Oct 2024 14:58:06 -0400 X-MC-Unique: Vfu900D7OaS5_Nds1wQUkQ-1 Received: from mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.15]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 90EC31955DC8 for ; Fri, 4 Oct 2024 18:58:05 +0000 (UTC) Received: from mpattric.remote.csb (unknown [10.22.65.70]) by mx-prod-int-02.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id C44371956088; Fri, 4 Oct 2024 18:58:04 +0000 (UTC) From: Mike Pattrick To: dev@openvswitch.org Date: Fri, 4 Oct 2024 14:58:00 -0400 Message-ID: <20241004185800.290565-1-mkp@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.15 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Subject: [ovs-dev] [PATCH v3] ofproto-dpif-upcall: Fix redundant mirror on metadata modification. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" Previously a commit attempted to reset the mirror context when packets were modified. However, this commit erroneously also reset the mirror context when only a packet's metadata was modified. An intermediate commit corrected this for tunnel metadata, but now that correction is extended to other forms of metadata as well. Fixes: feed7f677505 ("ofproto-dpif-upcall: Mirror packets that are modified.") Reported-at: https://issues.redhat.com/browse/FDP-699 Signed-off-by: Mike Pattrick Acked-by: Eelco Chaudron --- v2: - Added extra whitespace - Moved N_IDS to never reached section - Added unit test v3: - Fixed unit test, added ovs-vstl to AT_CHECK and changed mirror to select_all --- include/openvswitch/meta-flow.h | 1 + lib/meta-flow.c | 109 ++++++++++++++++++++++++++++++++ ofproto/ofproto-dpif-xlate.c | 2 +- tests/ofproto-dpif.at | 24 +++++++ 4 files changed, 135 insertions(+), 1 deletion(-) diff --git a/include/openvswitch/meta-flow.h b/include/openvswitch/meta-flow.h index aff917bcf..65d8b01fe 100644 --- a/include/openvswitch/meta-flow.h +++ b/include/openvswitch/meta-flow.h @@ -2308,6 +2308,7 @@ void mf_set_flow_value_masked(const struct mf_field *, const union mf_value *mask, struct flow *); bool mf_is_tun_metadata(const struct mf_field *); +bool mf_is_metadata(const struct mf_field *); bool mf_is_frozen_metadata(const struct mf_field *); bool mf_is_pipeline_field(const struct mf_field *); bool mf_is_set(const struct mf_field *, const struct flow *); diff --git a/lib/meta-flow.c b/lib/meta-flow.c index 499be04b6..e11fa67e4 100644 --- a/lib/meta-flow.c +++ b/lib/meta-flow.c @@ -1790,6 +1790,115 @@ mf_is_tun_metadata(const struct mf_field *mf) mf->id < MFF_TUN_METADATA0 + TUN_METADATA_NUM_OPTS; } +bool +mf_is_metadata(const struct mf_field *mf) +{ + switch (mf->id) { + case MFF_ARP_OP: + case MFF_ARP_SHA: + case MFF_ARP_SPA: + case MFF_ARP_THA: + case MFF_ARP_TPA: + case MFF_DL_VLAN: + case MFF_DL_VLAN_PCP: + case MFF_ETH_DST: + case MFF_ETH_SRC: + case MFF_ETH_TYPE: + case MFF_ICMPV4_CODE: + case MFF_ICMPV4_TYPE: + case MFF_ICMPV6_CODE: + case MFF_ICMPV6_TYPE: + case MFF_IPV4_DST: + case MFF_IPV4_SRC: + case MFF_IPV6_DST: + case MFF_IPV6_LABEL: + case MFF_IPV6_SRC: + case MFF_IP_DSCP: + case MFF_IP_DSCP_SHIFTED: + case MFF_IP_ECN: + case MFF_IP_FRAG: + case MFF_IP_PROTO: + case MFF_IP_TTL: + case MFF_MPLS_BOS: + case MFF_MPLS_LABEL: + case MFF_MPLS_TC: + case MFF_MPLS_TTL: + case MFF_ND_OPTIONS_TYPE: + case MFF_ND_RESERVED: + case MFF_ND_SLL: + case MFF_ND_TARGET: + case MFF_ND_TLL: + case MFF_NSH_C1: + case MFF_NSH_C2: + case MFF_NSH_C3: + case MFF_NSH_C4: + case MFF_NSH_FLAGS: + case MFF_NSH_MDTYPE: + case MFF_NSH_NP: + case MFF_NSH_SI: + case MFF_NSH_SPI: + case MFF_NSH_TTL: + case MFF_PACKET_TYPE: + case MFF_SCTP_DST: + case MFF_SCTP_SRC: + case MFF_TCP_DST: + case MFF_TCP_FLAGS: + case MFF_TCP_SRC: + case MFF_TUN_DST: + case MFF_TUN_ERSPAN_HWID: + case MFF_TUN_ERSPAN_IDX: + case MFF_TUN_ERSPAN_VER: + case MFF_TUN_FLAGS: + case MFF_TUN_GBP_FLAGS: + case MFF_TUN_GBP_ID: + case MFF_TUN_GTPU_FLAGS: + case MFF_TUN_GTPU_MSGTYPE: + case MFF_TUN_ID: + case MFF_TUN_IPV6_DST: + case MFF_TUN_IPV6_SRC: + case MFF_TUN_SRC: + case MFF_TUN_TOS: + case MFF_TUN_TTL: + case MFF_UDP_DST: + case MFF_UDP_SRC: + case MFF_VLAN_PCP: + case MFF_VLAN_TCI: + case MFF_VLAN_VID: + return false; + + CASE_MFF_REGS: + CASE_MFF_TUN_METADATA: + CASE_MFF_XREGS: + CASE_MFF_XXREGS: + case MFF_ACTSET_OUTPUT: + case MFF_CONJ_ID: + case MFF_CT_IPV6_DST: + case MFF_CT_IPV6_SRC: + case MFF_CT_LABEL: + case MFF_CT_MARK: + case MFF_CT_NW_DST: + case MFF_CT_NW_PROTO: + case MFF_CT_NW_SRC: + case MFF_CT_STATE: + case MFF_CT_TP_DST: + case MFF_CT_TP_SRC: + case MFF_CT_ZONE: + case MFF_DP_HASH: + case MFF_IN_PORT: + case MFF_IN_PORT_OXM: + case MFF_METADATA: + case MFF_PKT_MARK: + case MFF_RECIRC_ID: + case MFF_SKB_PRIORITY: + case MFF_TUN_ERSPAN_DIR: + return true; + + case MFF_N_IDS: + default: + OVS_NOT_REACHED(); + } +} + bool mf_is_frozen_metadata(const struct mf_field *mf) { diff --git a/ofproto/ofproto-dpif-xlate.c b/ofproto/ofproto-dpif-xlate.c index 7506ab537..8d668b955 100644 --- a/ofproto/ofproto-dpif-xlate.c +++ b/ofproto/ofproto-dpif-xlate.c @@ -7278,7 +7278,7 @@ reset_mirror_ctx(struct xlate_ctx *ctx, const struct flow *flow, set_field = ofpact_get_SET_FIELD(a); mf = set_field->field; - if (mf_are_prereqs_ok(mf, flow, NULL) && !mf_is_tun_metadata(mf)) { + if (mf_are_prereqs_ok(mf, flow, NULL) && !mf_is_metadata(mf)) { ctx->mirrors = 0; } return; diff --git a/tests/ofproto-dpif.at b/tests/ofproto-dpif.at index 12cb7f7a6..f2339b709 100644 --- a/tests/ofproto-dpif.at +++ b/tests/ofproto-dpif.at @@ -5514,6 +5514,30 @@ AT_CHECK_UNQUOTED([tail -1 stdout], [0], OVS_VSWITCHD_STOP AT_CLEANUP +AT_SETUP([ofproto-dpif - mirroring, metadata modification]) +AT_KEYWORDS([mirror mirrors mirroring]) +OVS_VSWITCHD_START +add_of_ports br0 1 2 3 +AT_CHECK([ovs-vsctl set Bridge br0 mirrors=@m -- \ + --id=@p1 get Port p1 -- --id=@p3 get Port p3 -- \ + --id=@m create Mirror name=mymirror select_all=true output_port=@p3], + [0], [ignore]) + +AT_DATA([flows.txt], [dnl +in_port=1 actions=load:0x00->NXM_OF_IN_PORT[[]],output:2 +]) +AT_CHECK([ovs-ofctl add-flows br0 flows.txt]) + +dnl Metadata modified, packet shouldn't duplicate. +flow="in_port(1),eth(src=50:54:00:00:00:05,dst=50:54:00:00:00:07),eth_type(0x0800),ipv4(src=192.168.0.1,dst=192.168.0.2,proto=1,tos=0,ttl=128,frag=no),icmp(type=8,code=0)" +AT_CHECK([ovs-appctl ofproto/trace ovs-dummy "$flow"], [0], [stdout]) +AT_CHECK_UNQUOTED([tail -1 stdout], [0], + [Datapath actions: 3,2 +]) + +OVS_VSWITCHD_STOP +AT_CLEANUP + AT_SETUP([ofproto-dpif - mirroring, OFPP_NONE ingress port]) AT_KEYWORDS([mirror mirrors mirroring]) OVS_VSWITCHD_START