[ovs-dev] [RFC] vlan: Make sure vlan tci mask has exact match for VLAN_CFI.
Alex Wang
alexw at nicira.com
Thu Jun 4 06:21:50 UTC 2015
OVS datapath has check which prevents the installation of flow
that matches VLAN TCI but does not have exact match for VLAN_CFI
bit. However, the ovs userspace does not enforce it, so OpenFlow
flow like "vlan_tci=0x000a/0x0fff,action=output:local" can be added
to ovs. Subsequently, the generated megaflow will have match
field for vlan like "vlan(vid=5/0xfff,pcp=0/0x0,cfi=1/0)".
With the OVS datapath check, the installation of such megaflow
will be rejected with:
"|WARN|system at ovs-system: failed to put[create][modify] (Invalid argument)"
This commit adds a check in userspace that mark the vlan mask
invalid if it does not exact match for VLAN_CFI. So users will
be asked to provide correct mask.
Reported-by: Ronald Lee <ronaldlee at vmware.com>
Signed-off-by: Alex Wang <alexw at nicira.com>
---
lib/meta-flow.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/lib/meta-flow.c b/lib/meta-flow.c
index 3bdca62..dfebc6c 100644
--- a/lib/meta-flow.c
+++ b/lib/meta-flow.c
@@ -252,7 +252,11 @@ mf_is_mask_valid(const struct mf_field *mf, const union mf_value *mask)
is_all_ones(mask, mf->n_bytes));
case MFM_FULLY:
- return true;
+ if (mf->id == MFF_VLAN_TCI) {
+ return mask->be16 & htons(VLAN_CFI);
+ } else {
+ return true;
+ }
}
OVS_NOT_REACHED();
--
1.7.9.5
More information about the dev
mailing list