diff --git a/SOURCES/openvswitch-3.3.0.patch b/SOURCES/openvswitch-3.3.0.patch index ec326e5..be58252 100644 --- a/SOURCES/openvswitch-3.3.0.patch +++ b/SOURCES/openvswitch-3.3.0.patch @@ -2702,10 +2702,39 @@ index b5cbeed878..a046f8a339 100644 } ukey_state = ukey->state; diff --git a/ofproto/ofproto-dpif-xlate.c b/ofproto/ofproto-dpif-xlate.c -index 1cf4d5f7c9..7c49508950 100644 +index 1cf4d5f7c9..fec01aea1f 100644 --- a/ofproto/ofproto-dpif-xlate.c +++ b/ofproto/ofproto-dpif-xlate.c -@@ -3815,6 +3815,8 @@ native_tunnel_output(struct xlate_ctx *ctx, const struct xport *xport, +@@ -677,6 +677,7 @@ static size_t count_skb_priorities(const struct xport *); + static bool dscp_from_skb_priority(const struct xport *, uint32_t skb_priority, + uint8_t *dscp); + ++static bool xlate_resubmit_resource_check(struct xlate_ctx *); + static void xlate_xbridge_init(struct xlate_cfg *, struct xbridge *); + static void xlate_xbundle_init(struct xlate_cfg *, struct xbundle *); + static void xlate_xport_init(struct xlate_cfg *, struct xport *); +@@ -3655,6 +3656,10 @@ compose_table_xlate(struct xlate_ctx *ctx, const struct xport *out_dev, + struct ofpact_output output; + struct flow flow; + ++ if (!xlate_resubmit_resource_check(ctx)) { ++ return 0; ++ } ++ + ofpact_init(&output.ofpact, OFPACT_OUTPUT, sizeof output); + flow_extract(packet, &flow); + flow.in_port.ofp_port = out_dev->ofp_port; +@@ -3663,7 +3668,8 @@ compose_table_xlate(struct xlate_ctx *ctx, const struct xport *out_dev, + + return ofproto_dpif_execute_actions__(xbridge->ofproto, version, &flow, + NULL, &output.ofpact, sizeof output, +- ctx->depth, ctx->resubmits, packet); ++ ctx->depth + 1, ctx->resubmits, ++ packet); + } + + static void +@@ -3815,6 +3821,8 @@ native_tunnel_output(struct xlate_ctx *ctx, const struct xport *xport, if (flow->tunnel.ip_src) { in6_addr_set_mapped_ipv4(&s_ip6, flow->tunnel.ip_src); @@ -2714,7 +2743,7 @@ index 1cf4d5f7c9..7c49508950 100644 } err = tnl_route_lookup_flow(ctx, flow, &d_ip6, &s_ip6, &out_dev); -@@ -5078,10 +5080,37 @@ put_controller_user_action(struct xlate_ctx *ctx, +@@ -5078,10 +5086,37 @@ put_controller_user_action(struct xlate_ctx *ctx, bool dont_send, bool continuation, uint32_t recirc_id, int len, enum ofp_packet_in_reason reason, @@ -2752,7 +2781,7 @@ index 1cf4d5f7c9..7c49508950 100644 memset(&cookie, 0, sizeof cookie); cookie.type = USER_ACTION_COOKIE_CONTROLLER; cookie.ofp_in_port = OFPP_NONE, -@@ -5099,6 +5128,11 @@ put_controller_user_action(struct xlate_ctx *ctx, +@@ -5099,6 +5134,11 @@ put_controller_user_action(struct xlate_ctx *ctx, uint32_t pid = dpif_port_get_pid(ctx->xbridge->dpif, odp_port); odp_put_userspace_action(pid, &cookie, sizeof cookie, ODPP_NONE, false, ctx->odp_actions, NULL); @@ -2764,7 +2793,7 @@ index 1cf4d5f7c9..7c49508950 100644 } static void -@@ -5143,32 +5177,6 @@ xlate_controller_action(struct xlate_ctx *ctx, int len, +@@ -5143,32 +5183,6 @@ xlate_controller_action(struct xlate_ctx *ctx, int len, } recirc_refs_add(&ctx->xout->recircs, recirc_id); @@ -2797,7 +2826,7 @@ index 1cf4d5f7c9..7c49508950 100644 /* Generate the datapath flows even if we don't send the packet-in * so that debugging more closely represents normal state. */ bool dont_send = false; -@@ -5176,12 +5184,7 @@ xlate_controller_action(struct xlate_ctx *ctx, int len, +@@ -5176,12 +5190,7 @@ xlate_controller_action(struct xlate_ctx *ctx, int len, dont_send = true; } put_controller_user_action(ctx, dont_send, false, recirc_id, len, @@ -2811,7 +2840,7 @@ index 1cf4d5f7c9..7c49508950 100644 } /* Creates a frozen state, and allocates a unique recirc id for the given -@@ -5233,6 +5236,7 @@ finish_freezing__(struct xlate_ctx *ctx, uint8_t table) +@@ -5233,6 +5242,7 @@ finish_freezing__(struct xlate_ctx *ctx, uint8_t table) put_controller_user_action(ctx, false, true, recirc_id, ctx->pause->max_len, ctx->pause->reason, @@ -5756,7 +5785,7 @@ index 7d899fbbfd..5d88d38f26 100644 ovs_assert(snprintf(s, 6, "abcde") == 5); diff --git a/tests/tunnel-push-pop-ipv6.at b/tests/tunnel-push-pop-ipv6.at -index a8dd28c5b5..f1c5d42f66 100644 +index a8dd28c5b5..abf9b1d64c 100644 --- a/tests/tunnel-push-pop-ipv6.at +++ b/tests/tunnel-push-pop-ipv6.at @@ -19,11 +19,12 @@ AT_CHECK([ovs-vsctl add-port int-br3 t3 -- set Interface t3 type=srv6 \ @@ -5833,7 +5862,7 @@ index a8dd28c5b5..f1c5d42f66 100644 ]) AT_CHECK([ovs-ofctl add-flow br0 action=normal]) -@@ -636,3 +642,177 @@ Listening ports: +@@ -636,3 +642,260 @@ Listening ports: OVS_VSWITCHD_STOP AT_CLEANUP @@ -6011,8 +6040,91 @@ index a8dd28c5b5..f1c5d42f66 100644 + +OVS_VSWITCHD_STOP +AT_CLEANUP ++ ++AT_SETUP([tunnel_push_pop_ipv6 - Mirror over tunnels]) ++OVS_VSWITCHD_START([dnl ++ add-br br-ext -- set bridge br-ext datapath_type=dummy \ ++ other-config:hwaddr=aa:55:aa:55:00:00 \ ++ -- add-port br0 t1 -- set Interface t1 type=geneve \ ++ options:remote_ip=2001:cafe::91 \ ++ -- add-port br0 t2 -- set Interface t2 type=erspan \ ++ options:remote_ip=2001:cafe::92 options:key=flow \ ++ options:erspan_ver=1 options:erspan_idx=flow \ ++ -- add-port br0 p0 -- set Interface p0 type=dummy \ ++ -- add-port br0 p1 -- set Interface p1 type=dummy \ ++ -- add-port br-ext p-ext -- set Interface p-ext type=dummy \ ++ options:pcap=ext.pcap]) ++ ++dnl Configure mirroring over the UDP and ERSPAN tunnels. ++AT_CHECK([dnl ++ ovs-vsctl \ ++ set Bridge br0 mirrors=@m1,@m2 -- \ ++ --id=@t1 get Port t1 -- \ ++ --id=@t2 get Port t2 -- \ ++ --id=@m1 create Mirror name=vxlan select_all=true output_port=@t1 -- \ ++ --id=@m2 create Mirror name=erspan select_all=true output_port=@t2], ++ [0], [stdout]) ++ ++AT_CHECK([ovs-ofctl add-flow br-ext actions=normal]) ++AT_CHECK([ovs-ofctl add-flow br0 actions=normal]) ++ ++dnl Make sure ephemeral ports stay static across tests. ++AT_CHECK([ovs-appctl tnl/egress_port_range 35190 35190], [0], [OK ++]) ++ ++dnl Setup an IP address. ++AT_CHECK([ovs-appctl netdev-dummy/ip6addr br-ext 2001:cafe::90/64], [0], [OK ++]) ++ ++dnl Send two ND packets to set the tunnel's port and mac address. ++AT_CHECK([ovs-appctl netdev-dummy/receive p-ext dnl ++ 'eth(src=f8:bc:12:44:34:b3,dst=aa:55:aa:55:00:00),eth_type(0x86dd),dnl ++ ipv6(src=2001:cafe::91,dst=2001:cafe::90,label=0,proto=58,tclass=0,hlimit=255,frag=no),dnl ++ icmpv6(type=136,code=0),dnl ++ nd(target=2001:cafe::91,sll=00:00:00:00:00:00,tll=f8:bc:12:44:34:b3)' ++]) ++AT_CHECK([ovs-appctl netdev-dummy/receive p-ext dnl ++ 'eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:00),eth_type(0x86dd),dnl ++ ipv6(src=2001:cafe::92,dst=2001:cafe::90,label=0,proto=58,tclass=0,hlimit=255,frag=no),dnl ++ icmpv6(type=136,code=0),dnl ++ nd(target=2001:cafe::92,sll=00:00:00:00:00:00,tll=f8:bc:12:44:34:b6)' ++]) ++ ++m4_define([FLOW], [m4_join([,], ++ [in_port(p1)], ++ [eth(src=50:54:00:00:00:05,dst=50:54:00:00:00:07),eth_type(0x0800)], ++ [ipv4(src=192.168.0.1,dst=192.168.0.2,proto=1,tos=0,ttl=128,frag=no)], ++ [icmp(type=8,code=0)])]) ++ ++m4_define([ERSPAN_ACT], [m4_join([,], ++ [clone(tnl_push(tnl_port(erspan_sys)], ++ [header(size=70,type=108], ++ [eth(dst=f8:bc:12:44:34:b6,src=aa:55:aa:55:00:00,dl_type=0x86dd)], ++ [ipv6(src=2001:cafe::90,dst=2001:cafe::92,label=0,proto=47,tclass=0x0,hlimit=64)], ++ [erspan(ver=1,sid=0x0,idx=0x0))], ++ [out_port(br-ext))], ++ [p-ext)])]) ++ ++m4_define([GENEVE_ACT], [m4_join([,], ++ [clone(tnl_push(tnl_port(genev_sys_6081)], ++ [header(size=70,type=5], ++ [eth(dst=f8:bc:12:44:34:b3,src=aa:55:aa:55:00:00,dl_type=0x86dd)], ++ [ipv6(src=2001:cafe::90,dst=2001:cafe::91,label=0,proto=17,tclass=0x0,hlimit=64)], ++ [udp(src=0,dst=6081,csum=0xffff)], ++ [geneve(vni=0x0))], ++ [out_port(br-ext))], ++ [p-ext)])]) ++ ++dnl Verify packet is mirrored to both tunnels. Tunnel actions may happen ++dnl in any order. ++AT_CHECK([ovs-appctl ofproto/trace --names ovs-dummy "FLOW"], [0], [stdout]) ++AT_CHECK([grep -q "ERSPAN_ACT" stdout]) ++AT_CHECK([grep -q "GENEVE_ACT" stdout]) ++ ++OVS_VSWITCHD_STOP ++AT_CLEANUP diff --git a/tests/tunnel-push-pop.at b/tests/tunnel-push-pop.at -index b1440f5904..508737c53e 100644 +index b1440f5904..885df07e5a 100644 --- a/tests/tunnel-push-pop.at +++ b/tests/tunnel-push-pop.at @@ -30,17 +30,15 @@ dummy@ovs-dummy: hit:0 missed:0 @@ -6247,7 +6359,7 @@ index b1440f5904..508737c53e 100644 ]) dnl Send an ARP reply to port b8 on br0, so that packets will be forwarded -@@ -993,3 +1085,170 @@ udp(src=0,dst=4789,csum=0x0),vxlan(flags=0x8000000,vni=0x0)),out_port(100)),8),7 +@@ -993,3 +1085,249 @@ udp(src=0,dst=4789,csum=0x0),vxlan(flags=0x8000000,vni=0x0)),out_port(100)),8),7 OVS_VSWITCHD_STOP AT_CLEANUP @@ -6418,6 +6530,85 @@ index b1440f5904..508737c53e 100644 + +OVS_VSWITCHD_STOP +AT_CLEANUP ++ ++AT_SETUP([tunnel_push_pop - Mirror over tunnels]) ++OVS_VSWITCHD_START([dnl ++ add-br br-ext -- set bridge br-ext datapath_type=dummy \ ++ other-config:hwaddr=aa:55:aa:55:00:00 \ ++ -- add-port br0 t1 -- set Interface t1 type=geneve \ ++ options:remote_ip=1.1.1.1 \ ++ -- add-port br0 t2 -- set Interface t2 type=erspan \ ++ options:remote_ip=1.1.1.2 options:key=flow options:erspan_ver=1 \ ++ options:erspan_idx=flow \ ++ -- add-port br0 p0 -- set Interface p0 type=dummy \ ++ -- add-port br0 p1 -- set Interface p1 type=dummy \ ++ -- add-port br-ext p-ext -- set Interface p-ext type=dummy \ ++ options:pcap=ext.pcap]) ++ ++dnl Configure mirroring over the UDP and ERSPAN tunnels. ++AT_CHECK([dnl ++ ovs-vsctl \ ++ set Bridge br0 mirrors=@m1,@m2 -- \ ++ --id=@t1 get Port t1 -- \ ++ --id=@t2 get Port t2 -- \ ++ --id=@m1 create Mirror name=vxlan select_all=true output_port=@t1 -- \ ++ --id=@m2 create Mirror name=erspan select_all=true output_port=@t2], ++ [0], [stdout]) ++ ++AT_CHECK([ovs-ofctl add-flow br-ext actions=normal]) ++AT_CHECK([ovs-ofctl add-flow br0 actions=normal]) ++ ++dnl Make sure ephemeral ports stay static across tests. ++AT_CHECK([ovs-appctl tnl/egress_port_range 35190 35190], [0], [OK ++]) ++ ++dnl Setup an IP address for the local side of the tunnel. ++AT_CHECK([ovs-appctl netdev-dummy/ip4addr br-ext 1.1.1.3/24], [0], [OK ++]) ++ ++dnl Send two arp replies to populate arp table with tunnel remote endpoints. ++AT_CHECK([ovs-appctl netdev-dummy/receive p-ext dnl ++ 'eth(src=f8:bc:12:44:34:b6,dst=ff:ff:ff:ff:ff:ff),eth_type(0x0806),dnl ++ arp(sip=1.1.1.1,tip=1.1.1.3,op=2,sha=f8:bc:12:44:34:b6,tha=00:00:00:00:00:00)' ++]) ++AT_CHECK([ovs-appctl netdev-dummy/receive p-ext dnl ++ 'eth(src=f8:bc:12:44:34:b3,dst=ff:ff:ff:ff:ff:ff),eth_type(0x0806),dnl ++ arp(sip=1.1.1.2,tip=1.1.1.3,op=2,sha=f8:bc:12:44:34:b3,tha=00:00:00:00:00:00)' ++]) ++ ++m4_define([FLOW], [m4_join([,], ++ [in_port(p1)], ++ [eth(src=50:54:00:00:00:05,dst=50:54:00:00:00:07),eth_type(0x0800)], ++ [ipv4(src=192.168.0.1,dst=192.168.0.2,proto=1,tos=0,ttl=128,frag=no)], ++ [icmp(type=8,code=0)])]) ++ ++m4_define([ERSPAN_ACT], [m4_join([,], ++ [clone(tnl_push(tnl_port(erspan_sys)], ++ [header(size=50,type=107], ++ [eth(dst=f8:bc:12:44:34:b3,src=aa:55:aa:55:00:00,dl_type=0x0800)], ++ [ipv4(src=1.1.1.3,dst=1.1.1.2,proto=47,tos=0,ttl=64,frag=0x4000)], ++ [erspan(ver=1,sid=0x0,idx=0x0))], ++ [out_port(br-ext))], ++ [p-ext)])]) ++ ++m4_define([GENEVE_ACT], [m4_join([,], ++ [clone(tnl_push(tnl_port(genev_sys_6081)], ++ [header(size=50,type=5], ++ [eth(dst=f8:bc:12:44:34:b6,src=aa:55:aa:55:00:00,dl_type=0x0800)], ++ [ipv4(src=1.1.1.3,dst=1.1.1.1,proto=17,tos=0,ttl=64,frag=0x4000)], ++ [udp(src=0,dst=6081,csum=0x0)], ++ [geneve(vni=0x0))], ++ [out_port(br-ext))], ++ [p-ext)])]) ++ ++dnl Verify packet is mirrored to both tunnels. Tunnel actions may happen ++dnl in any order. ++AT_CHECK([ovs-appctl ofproto/trace --names ovs-dummy "FLOW"], [0], [stdout]) ++AT_CHECK([grep -q "ERSPAN_ACT" stdout]) ++AT_CHECK([grep -q "GENEVE_ACT" stdout]) ++ ++OVS_VSWITCHD_STOP ++AT_CLEANUP diff --git a/tests/tunnel.at b/tests/tunnel.at index 282651ac73..9d539ee6f6 100644 --- a/tests/tunnel.at diff --git a/SPECS/openvswitch3.3.spec b/SPECS/openvswitch3.3.spec index 54a9339..beb6e48 100644 --- a/SPECS/openvswitch3.3.spec +++ b/SPECS/openvswitch3.3.spec @@ -57,7 +57,7 @@ Summary: Open vSwitch Group: System Environment/Daemons daemon/database/utilities URL: http://www.openvswitch.org/ Version: 3.3.0 -Release: 41%{?dist} +Release: 42%{?dist} # Nearly all of openvswitch is ASL 2.0. The bugtool is LGPLv2+, and the # lib/sflow*.[ch] files are SISSL @@ -769,6 +769,13 @@ exit 0 %endif %changelog +* Mon Aug 12 2024 Open vSwitch CI - 3.3.0-42 +- Merging upstream branch-3.3 [RH git: 7188a23809] + Commit list: + 73c563efc7 tunnel, tests: Add test for mirroring over tunnels. + 81e64f47d7 ofproto-dpif-xlate: Add a recursion limit to tunnel address lookup. + + * Thu Aug 08 2024 Open vSwitch CI - 3.3.0-41 - Merging upstream branch-3.3 [RH git: 65b2f8cd44] Commit list: