<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux-stable.git/net/openvswitch/actions.c, branch linux-3.12.y</title>
<subtitle>Linux kernel stable tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/'/>
<entry>
<title>openvswitch: fix panic with multiple vlan headers</title>
<updated>2014-10-17T07:43:13+00:00</updated>
<author>
<name>Jiri Benc</name>
<email>jbenc@redhat.com</email>
</author>
<published>2014-08-21T19:33:44+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=ddc07cc3af29477df691ed5d87a52c867c0f9b23'/>
<id>ddc07cc3af29477df691ed5d87a52c867c0f9b23</id>
<content type='text'>
[ Upstream commit 2ba5af42a7b59ef01f9081234d8855140738defd ]

When there are multiple vlan headers present in a received frame, the first
one is put into vlan_tci and protocol is set to ETH_P_8021Q. Anything in the
skb beyond the VLAN TPID may be still non-linear, including the inner TCI
and ethertype. While ovs_flow_extract takes care of IP and IPv6 headers, it
does nothing with ETH_P_8021Q. Later, if OVS_ACTION_ATTR_POP_VLAN is
executed, __pop_vlan_tci pulls the next vlan header into vlan_tci.

This leads to two things:

1. Part of the resulting ethernet header is in the non-linear part of the
   skb. When eth_type_trans is called later as the result of
   OVS_ACTION_ATTR_OUTPUT, kernel BUGs in __skb_pull. Also, __pop_vlan_tci
   is in fact accessing random data when it reads past the TPID.

2. network_header points into the ethernet header instead of behind it.
   mac_len is set to a wrong value (10), too.

Reported-by: Yulong Pei &lt;ypei@redhat.com&gt;
Signed-off-by: Jiri Benc &lt;jbenc@redhat.com&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Jiri Slaby &lt;jslaby@suse.cz&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
[ Upstream commit 2ba5af42a7b59ef01f9081234d8855140738defd ]

When there are multiple vlan headers present in a received frame, the first
one is put into vlan_tci and protocol is set to ETH_P_8021Q. Anything in the
skb beyond the VLAN TPID may be still non-linear, including the inner TCI
and ethertype. While ovs_flow_extract takes care of IP and IPv6 headers, it
does nothing with ETH_P_8021Q. Later, if OVS_ACTION_ATTR_POP_VLAN is
executed, __pop_vlan_tci pulls the next vlan header into vlan_tci.

This leads to two things:

1. Part of the resulting ethernet header is in the non-linear part of the
   skb. When eth_type_trans is called later as the result of
   OVS_ACTION_ATTR_OUTPUT, kernel BUGs in __skb_pull. Also, __pop_vlan_tci
   is in fact accessing random data when it reads past the TPID.

2. network_header points into the ethernet header instead of behind it.
   mac_len is set to a wrong value (10), too.

Reported-by: Yulong Pei &lt;ypei@redhat.com&gt;
Signed-off-by: Jiri Benc &lt;jbenc@redhat.com&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
Signed-off-by: Jiri Slaby &lt;jslaby@suse.cz&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>openvswitch: Add SCTP support</title>
<updated>2013-08-26T21:03:13+00:00</updated>
<author>
<name>Joe Stringer</name>
<email>joe@wand.net.nz</email>
</author>
<published>2013-08-22T19:30:48+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=a175a723301a8a4a9fedf9ce5b8ca586e7a97b40'/>
<id>a175a723301a8a4a9fedf9ce5b8ca586e7a97b40</id>
<content type='text'>
This patch adds support for rewriting SCTP src,dst ports similar to the
functionality already available for TCP/UDP.

Rewriting SCTP ports is expensive due to double-recalculation of the
SCTP checksums; this is performed to ensure that packets traversing OVS
with invalid checksums will continue to the destination with any
checksum corruption intact.

Reviewed-by: Simon Horman &lt;horms@verge.net.au&gt;
Signed-off-by: Joe Stringer &lt;joe@wand.net.nz&gt;
Signed-off-by: Ben Pfaff &lt;blp@nicira.com&gt;
Signed-off-by: Jesse Gross &lt;jesse@nicira.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
This patch adds support for rewriting SCTP src,dst ports similar to the
functionality already available for TCP/UDP.

Rewriting SCTP ports is expensive due to double-recalculation of the
SCTP checksums; this is performed to ensure that packets traversing OVS
with invalid checksums will continue to the destination with any
checksum corruption intact.

Reviewed-by: Simon Horman &lt;horms@verge.net.au&gt;
Signed-off-by: Joe Stringer &lt;joe@wand.net.nz&gt;
Signed-off-by: Ben Pfaff &lt;blp@nicira.com&gt;
Signed-off-by: Jesse Gross &lt;jesse@nicira.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>openvswitch: Mega flow implementation</title>
<updated>2013-08-23T23:43:07+00:00</updated>
<author>
<name>Andy Zhou</name>
<email>azhou@nicira.com</email>
</author>
<published>2013-08-08T03:01:00+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=03f0d916aa0317592dda11bd17c7357858719b6c'/>
<id>03f0d916aa0317592dda11bd17c7357858719b6c</id>
<content type='text'>
Add wildcarded flow support in kernel datapath.

Wildcarded flow can improve OVS flow set up performance by avoid sending
matching new flows to the user space program. The exact performance boost
will largely dependent on wildcarded flow hit rate.

In case all new flows hits wildcard flows, the flow set up rate is
within 5% of that of linux bridge module.

Pravin has made significant contributions to this patch. Including API
clean ups and bug fixes.

Signed-off-by: Pravin B Shelar &lt;pshelar@nicira.com&gt;
Signed-off-by: Andy Zhou &lt;azhou@nicira.com&gt;
Signed-off-by: Jesse Gross &lt;jesse@nicira.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Add wildcarded flow support in kernel datapath.

Wildcarded flow can improve OVS flow set up performance by avoid sending
matching new flows to the user space program. The exact performance boost
will largely dependent on wildcarded flow hit rate.

In case all new flows hits wildcard flows, the flow set up rate is
within 5% of that of linux bridge module.

Pravin has made significant contributions to this patch. Including API
clean ups and bug fixes.

Signed-off-by: Pravin B Shelar &lt;pshelar@nicira.com&gt;
Signed-off-by: Andy Zhou &lt;azhou@nicira.com&gt;
Signed-off-by: Jesse Gross &lt;jesse@nicira.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>openvswitch: Reset tunnel key between input and output.</title>
<updated>2013-08-14T22:50:36+00:00</updated>
<author>
<name>Jesse Gross</name>
<email>jesse@nicira.com</email>
</author>
<published>2013-08-14T22:50:36+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=36bf5cc66d60868bcc10aff209defed5a7b71c1d'/>
<id>36bf5cc66d60868bcc10aff209defed5a7b71c1d</id>
<content type='text'>
It doesn't make sense to output a tunnel packet using the same
parameters that it was received with since that will generally
just result in the packet going back to us. As a result, userspace
assumes that the tunnel key is cleared when transitioning through
the switch. In the majority of cases this doesn't matter since a
packet is either going to a tunnel port (in which the key is
overwritten with new values) or to a non-tunnel port (in which
case the key is ignored). However, it's theoreticaly possible that
userspace could rely on the documented behavior, so this corrects
it.

Signed-off-by: Jesse Gross &lt;jesse@nicira.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
It doesn't make sense to output a tunnel packet using the same
parameters that it was received with since that will generally
just result in the packet going back to us. As a result, userspace
assumes that the tunnel key is cleared when transitioning through
the switch. In the majority of cases this doesn't matter since a
packet is either going to a tunnel port (in which the key is
overwritten with new values) or to a non-tunnel port (in which
case the key is ignored). However, it's theoreticaly possible that
userspace could rely on the documented behavior, so this corrects
it.

Signed-off-by: Jesse Gross &lt;jesse@nicira.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>openvswitch: Add tunneling interface.</title>
<updated>2013-06-20T01:07:41+00:00</updated>
<author>
<name>Pravin B Shelar</name>
<email>pshelar@nicira.com</email>
</author>
<published>2013-06-18T00:50:18+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=7d5437c709ded4f152cb8b305d17972d6707f20c'/>
<id>7d5437c709ded4f152cb8b305d17972d6707f20c</id>
<content type='text'>
Add ovs tunnel interface for set tunnel action for userspace.

Signed-off-by: Pravin B Shelar &lt;pshelar@nicira.com&gt;
Acked-by: Jesse Gross &lt;jesse@nicira.com&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Add ovs tunnel interface for set tunnel action for userspace.

Signed-off-by: Pravin B Shelar &lt;pshelar@nicira.com&gt;
Acked-by: Jesse Gross &lt;jesse@nicira.com&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>openvswitch: make skb-&gt;csum consistent with rest of networking stack.</title>
<updated>2013-06-14T22:09:12+00:00</updated>
<author>
<name>Pravin B Shelar</name>
<email>pshelar@nicira.com</email>
</author>
<published>2013-06-13T18:11:44+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=b34df5e805a6e98cae0bc5bc80c1b52d9ff811de'/>
<id>b34df5e805a6e98cae0bc5bc80c1b52d9ff811de</id>
<content type='text'>
Following patch keeps skb-&gt;csum correct across ovs.

Signed-off-by: Pravin B Shelar &lt;pshelar@nicira.com&gt;
Signed-off-by: Jesse Gross &lt;jesse@nicira.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Following patch keeps skb-&gt;csum correct across ovs.

Signed-off-by: Pravin B Shelar &lt;pshelar@nicira.com&gt;
Signed-off-by: Jesse Gross &lt;jesse@nicira.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>net: vlan: add protocol argument to packet tagging functions</title>
<updated>2013-04-19T18:46:06+00:00</updated>
<author>
<name>Patrick McHardy</name>
<email>kaber@trash.net</email>
</author>
<published>2013-04-19T02:04:30+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=86a9bad3ab6b6f858fd4443b48738cabbb6d094c'/>
<id>86a9bad3ab6b6f858fd4443b48738cabbb6d094c</id>
<content type='text'>
Add a protocol argument to the VLAN packet tagging functions. In case of HW
tagging, we need that protocol available in the ndo_start_xmit functions,
so it is stored in a new field in the skb. The new field fits into a hole
(on 64 bit) and doesn't increase the sks's size.

Signed-off-by: Patrick McHardy &lt;kaber@trash.net&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Add a protocol argument to the VLAN packet tagging functions. In case of HW
tagging, we need that protocol available in the ndo_start_xmit functions,
so it is stored in a new field in the skb. The new field fits into a hole
(on 64 bit) and doesn't increase the sks's size.

Signed-off-by: Patrick McHardy &lt;kaber@trash.net&gt;
Signed-off-by: David S. Miller &lt;davem@davemloft.net&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>openvswitch: fix the calculation of checksum for vlan header</title>
<updated>2013-02-23T01:02:38+00:00</updated>
<author>
<name>Cong Wang</name>
<email>amwang@redhat.com</email>
</author>
<published>2013-02-22T09:32:26+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=7b024082b2b279af58e24ebd46e81777723d58da'/>
<id>7b024082b2b279af58e24ebd46e81777723d58da</id>
<content type='text'>
In vlan_insert_tag(), we insert a 4-byte VLAN header _after_
mac header:

        memmove(skb-&gt;data, skb-&gt;data + VLAN_HLEN, 2 * ETH_ALEN);
        ...
        veth-&gt;h_vlan_proto = htons(ETH_P_8021Q);
        ...
        veth-&gt;h_vlan_TCI = htons(vlan_tci);

so after it, we should recompute the checksum to include these 4 bytes.
skb-&gt;data still points to the mac header, therefore VLAN header is at
(2 * ETH_ALEN = 12) bytes after it, not (ETH_HLEN = 14) bytes.

This can also be observed via tcpdump:

         0x0000:  ffff ffff ffff 5254 005d 6f6e 8100 000a
         0x0010:  0806 0001 0800 0604 0001 5254 005d 6f6e
         0x0020:  c0a8 026e 0000 0000 0000 c0a8 0282

Similar for __pop_vlan_tci(), the vlan header we remove is the one
overwritten in:

	memmove(skb-&gt;data + VLAN_HLEN, skb-&gt;data, 2 * ETH_ALEN);

Therefore the VLAN_HLEN = 4 bytes after 2 * ETH_ALEN is the part
we want to sub from checksum.

Cc: David S. Miller &lt;davem@davemloft.net&gt;
Cc: Jesse Gross &lt;jesse@nicira.com&gt;
Signed-off-by: Cong Wang &lt;amwang@redhat.com&gt;
Signed-off-by: Jesse Gross &lt;jesse@nicira.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
In vlan_insert_tag(), we insert a 4-byte VLAN header _after_
mac header:

        memmove(skb-&gt;data, skb-&gt;data + VLAN_HLEN, 2 * ETH_ALEN);
        ...
        veth-&gt;h_vlan_proto = htons(ETH_P_8021Q);
        ...
        veth-&gt;h_vlan_TCI = htons(vlan_tci);

so after it, we should recompute the checksum to include these 4 bytes.
skb-&gt;data still points to the mac header, therefore VLAN header is at
(2 * ETH_ALEN = 12) bytes after it, not (ETH_HLEN = 14) bytes.

This can also be observed via tcpdump:

         0x0000:  ffff ffff ffff 5254 005d 6f6e 8100 000a
         0x0010:  0806 0001 0800 0604 0001 5254 005d 6f6e
         0x0020:  c0a8 026e 0000 0000 0000 c0a8 0282

Similar for __pop_vlan_tci(), the vlan header we remove is the one
overwritten in:

	memmove(skb-&gt;data + VLAN_HLEN, skb-&gt;data, 2 * ETH_ALEN);

Therefore the VLAN_HLEN = 4 bytes after 2 * ETH_ALEN is the part
we want to sub from checksum.

Cc: David S. Miller &lt;davem@davemloft.net&gt;
Cc: Jesse Gross &lt;jesse@nicira.com&gt;
Signed-off-by: Cong Wang &lt;amwang@redhat.com&gt;
Signed-off-by: Jesse Gross &lt;jesse@nicira.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>openvswitch: add skb mark matching and set action</title>
<updated>2012-11-26T19:33:18+00:00</updated>
<author>
<name>Ansis Atteka</name>
<email>aatteka@nicira.com</email>
</author>
<published>2012-11-26T19:24:11+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=39c7caebc94e851f58b84b54659156dd30522e8e'/>
<id>39c7caebc94e851f58b84b54659156dd30522e8e</id>
<content type='text'>
This patch adds support for skb mark matching and set action.

Signed-off-by: Ansis Atteka &lt;aatteka@nicira.com&gt;
Signed-off-by: Jesse Gross &lt;jesse@nicira.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
This patch adds support for skb mark matching and set action.

Signed-off-by: Ansis Atteka &lt;aatteka@nicira.com&gt;
Signed-off-by: Jesse Gross &lt;jesse@nicira.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>openvswitch: add ipv6 'set' action</title>
<updated>2012-11-13T23:57:33+00:00</updated>
<author>
<name>Ansis Atteka</name>
<email>aatteka@nicira.com</email>
</author>
<published>2012-11-13T23:44:14+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux-stable.git/commit/?id=3fdbd1ce11e5c0d7cafbe44c942c5cad61113d7b'/>
<id>3fdbd1ce11e5c0d7cafbe44c942c5cad61113d7b</id>
<content type='text'>
This patch adds ipv6 set action functionality. It allows to change
traffic class, flow label, hop-limit, ipv6 source and destination
address fields.

Signed-off-by: Ansis Atteka &lt;aatteka@nicira.com&gt;
Signed-off-by: Jesse Gross &lt;jesse@nicira.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
This patch adds ipv6 set action functionality. It allows to change
traffic class, flow label, hop-limit, ipv6 source and destination
address fields.

Signed-off-by: Ansis Atteka &lt;aatteka@nicira.com&gt;
Signed-off-by: Jesse Gross &lt;jesse@nicira.com&gt;
</pre>
</div>
</content>
</entry>
</feed>
