[ovs-dev] [PATCH] dpif-netdev: Free packets on TUNNEL_PUSH if may_steal.

Ilya Maximets i.maximets at samsung.com
Thu May 24 09:54:51 UTC 2018


On 24.05.2018 11:52, Ilya Maximets wrote:
> On 15.05.2018 20:18, Ben Pfaff wrote:
>> On Tue, May 15, 2018 at 02:23:38PM +0300, Ilya Maximets wrote:
>>> Unconditional return may cause packet leak in case of
>>> 'may_steal == true'.
>>>
>>> Additionally, removed redundant checking for depth level and
>>> clarified ignoring of the 'false' value of 'may_steal'.
>>>
>>> CC: Sugesh Chandran <sugesh.chandran at intel.com>
>>> Fixes: 7c12dfc527a5 ("tunneling: Avoid datapath-recirc by
>>>                       combining recirc actions at xlate.")
>>> Signed-off-by: Ilya Maximets <i.maximets at samsung.com>
>>
>> Thanks.  This seems reasonable to me.
>>
>> Did you take a look at the other cases in the function to see whether
>> they have the same problem?
>>
>> Since this is in dpif-netdev I'll leave the final review to Ian for his
>> branch.
> 
> Hello, Ian.
> What do you think about this patch?
> Sorry for pinging, but this is a really bad issue which drains the mempool
> in case of badly configured OpenFlow rules. We're faced this on one of SDN
> setups in our testing lab. Is it possible to include the fix in one of the
> next pull requests?

I've sent v2 rebased on top of current master with updates related to recent
patches from Darrell.
v1 should be used for stable branches: 2.8 and 2.9.

> 
> Best regards, Ilya Maximets.
> 


More information about the dev mailing list