[ovs-dev] [PATCH v5 13/13] datapath: Relax match_validate.

Jarno Rajahalme jrajahalme at nicira.com
Fri Sep 5 23:05:20 UTC 2014


When userspace inserts masked flows, it is not necessary to demand
that flows matching in a known ethertype also must have the
corresponding key, as a missing key will be automatically wildcarded.

For example, if a drop flow dropping all UDP packets is installed,
this patch allows the userspace application to not specify the
OVS_KEY_ATTR_UDP key.

Signed-off-by: Jarno Rajahalme <jrajahalme at nicira.com>
---
 datapath/flow_netlink.c |   23 -----------------------
 1 file changed, 23 deletions(-)

diff --git a/datapath/flow_netlink.c b/datapath/flow_netlink.c
index 09aaf41..690f0e9 100644
--- a/datapath/flow_netlink.c
+++ b/datapath/flow_netlink.c
@@ -114,7 +114,6 @@ static void update_range(struct sw_flow_match *match,
 static bool match_validate(const struct sw_flow_match *match,
 			   u64 key_attrs, u64 mask_attrs)
 {
-	u64 key_expected = 1ULL << OVS_KEY_ATTR_ETHERNET;
 	u64 mask_allowed = key_attrs;  /* At most allow all key attributes */
 
 	/* The following mask attributes allowed only if they
@@ -139,39 +138,32 @@ static bool match_validate(const struct sw_flow_match *match,
 	/* Check key attributes. */
 	if (match->key->eth.type == htons(ETH_P_ARP)
 			|| match->key->eth.type == htons(ETH_P_RARP)) {
-		key_expected |= 1ULL << OVS_KEY_ATTR_ARP;
 		if (match->mask && (match->mask->key.eth.type == htons(0xffff)))
 			mask_allowed |= 1ULL << OVS_KEY_ATTR_ARP;
 	}
 
 
 	if (eth_p_mpls(match->key->eth.type)) {
-		key_expected |= 1ULL << OVS_KEY_ATTR_MPLS;
 		if (match->mask && (match->mask->key.eth.type == htons(0xffff)))
 			mask_allowed |= 1ULL << OVS_KEY_ATTR_MPLS;
 	}
 
 	if (match->key->eth.type == htons(ETH_P_IP)) {
-		key_expected |= 1ULL << OVS_KEY_ATTR_IPV4;
 		if (match->mask && (match->mask->key.eth.type == htons(0xffff)))
 			mask_allowed |= 1ULL << OVS_KEY_ATTR_IPV4;
 
 		if (match->key->ip.frag != OVS_FRAG_TYPE_LATER) {
 			if (match->key->ip.proto == IPPROTO_UDP) {
-				key_expected |= 1ULL << OVS_KEY_ATTR_UDP;
 				if (match->mask && (match->mask->key.ip.proto == 0xff))
 					mask_allowed |= 1ULL << OVS_KEY_ATTR_UDP;
 			}
 
 			if (match->key->ip.proto == IPPROTO_SCTP) {
-				key_expected |= 1ULL << OVS_KEY_ATTR_SCTP;
 				if (match->mask && (match->mask->key.ip.proto == 0xff))
 					mask_allowed |= 1ULL << OVS_KEY_ATTR_SCTP;
 			}
 
 			if (match->key->ip.proto == IPPROTO_TCP) {
-				key_expected |= 1ULL << OVS_KEY_ATTR_TCP;
-				key_expected |= 1ULL << OVS_KEY_ATTR_TCP_FLAGS;
 				if (match->mask && (match->mask->key.ip.proto == 0xff)) {
 					mask_allowed |= 1ULL << OVS_KEY_ATTR_TCP;
 					mask_allowed |= 1ULL << OVS_KEY_ATTR_TCP_FLAGS;
@@ -179,7 +171,6 @@ static bool match_validate(const struct sw_flow_match *match,
 			}
 
 			if (match->key->ip.proto == IPPROTO_ICMP) {
-				key_expected |= 1ULL << OVS_KEY_ATTR_ICMP;
 				if (match->mask && (match->mask->key.ip.proto == 0xff))
 					mask_allowed |= 1ULL << OVS_KEY_ATTR_ICMP;
 			}
@@ -187,26 +178,21 @@ static bool match_validate(const struct sw_flow_match *match,
 	}
 
 	if (match->key->eth.type == htons(ETH_P_IPV6)) {
-		key_expected |= 1ULL << OVS_KEY_ATTR_IPV6;
 		if (match->mask && (match->mask->key.eth.type == htons(0xffff)))
 			mask_allowed |= 1ULL << OVS_KEY_ATTR_IPV6;
 
 		if (match->key->ip.frag != OVS_FRAG_TYPE_LATER) {
 			if (match->key->ip.proto == IPPROTO_UDP) {
-				key_expected |= 1ULL << OVS_KEY_ATTR_UDP;
 				if (match->mask && (match->mask->key.ip.proto == 0xff))
 					mask_allowed |= 1ULL << OVS_KEY_ATTR_UDP;
 			}
 
 			if (match->key->ip.proto == IPPROTO_SCTP) {
-				key_expected |= 1ULL << OVS_KEY_ATTR_SCTP;
 				if (match->mask && (match->mask->key.ip.proto == 0xff))
 					mask_allowed |= 1ULL << OVS_KEY_ATTR_SCTP;
 			}
 
 			if (match->key->ip.proto == IPPROTO_TCP) {
-				key_expected |= 1ULL << OVS_KEY_ATTR_TCP;
-				key_expected |= 1ULL << OVS_KEY_ATTR_TCP_FLAGS;
 				if (match->mask && (match->mask->key.ip.proto == 0xff)) {
 					mask_allowed |= 1ULL << OVS_KEY_ATTR_TCP;
 					mask_allowed |= 1ULL << OVS_KEY_ATTR_TCP_FLAGS;
@@ -214,14 +200,12 @@ static bool match_validate(const struct sw_flow_match *match,
 			}
 
 			if (match->key->ip.proto == IPPROTO_ICMPV6) {
-				key_expected |= 1ULL << OVS_KEY_ATTR_ICMPV6;
 				if (match->mask && (match->mask->key.ip.proto == 0xff))
 					mask_allowed |= 1ULL << OVS_KEY_ATTR_ICMPV6;
 
 				if (match->key->tp.src ==
 						htons(NDISC_NEIGHBOUR_SOLICITATION) ||
 				    match->key->tp.src == htons(NDISC_NEIGHBOUR_ADVERTISEMENT)) {
-					key_expected |= 1ULL << OVS_KEY_ATTR_ND;
 					if (match->mask && (match->mask->key.tp.src == htons(0xff)))
 						mask_allowed |= 1ULL << OVS_KEY_ATTR_ND;
 				}
@@ -229,13 +213,6 @@ static bool match_validate(const struct sw_flow_match *match,
 		}
 	}
 
-	if ((key_attrs & key_expected) != key_expected) {
-		/* Key attributes check failed. */
-		OVS_NLERR("Missing expected key attributes (key_attrs=%llx, expected=%llx).\n",
-				(unsigned long long)key_attrs, (unsigned long long)key_expected);
-		return false;
-	}
-
 	if ((mask_attrs & mask_allowed) != mask_attrs) {
 		/* Mask attributes check failed. */
 		OVS_NLERR("Contain more than allowed mask fields (mask_attrs=%llx, mask_allowed=%llx).\n",
-- 
1.7.10.4




More information about the dev mailing list