[ovs-dev,v3,2/6] netnsid: update device only if netnsid matches.

Message ID 20171207022224.25215-3-fbl@redhat.com
State New
Headers show
Series
  • Add minimum network namespace support.
Related show

Commit Message

Flavio Leitner Dec. 7, 2017, 2:22 a.m.
Recent kernels provide the network namespace ID of a port,
so use that to discover where the port currently is.

A network device in another network namespace could have the
same name, so once the socket starts listening to other network
namespaces, it is necessary to confirm the netnsid.

Signed-off-by: Flavio Leitner <fbl@redhat.com>
---
 datapath/linux/compat/include/linux/openvswitch.h |  2 +
 lib/dpif-netlink.c                                |  8 +++
 lib/dpif-netlink.h                                |  1 +
 lib/netdev-linux.c                                | 63 ++++++++++++++++++++---
 4 files changed, 68 insertions(+), 6 deletions(-)

Patch

diff --git a/datapath/linux/compat/include/linux/openvswitch.h b/datapath/linux/compat/include/linux/openvswitch.h
index 561f89502..f28d140ca 100644
--- a/datapath/linux/compat/include/linux/openvswitch.h
+++ b/datapath/linux/compat/include/linux/openvswitch.h
@@ -283,6 +283,8 @@  enum ovs_vport_attr {
 				/* receiving upcalls */
 	OVS_VPORT_ATTR_STATS,	/* struct ovs_vport_stats */
 	OVS_VPORT_ATTR_PAD,
+	OVS_VPORT_ATTR_IFINDEX,
+	OVS_VPORT_ATTR_NETNSID,
 	__OVS_VPORT_ATTR_MAX
 };
 
diff --git a/lib/dpif-netlink.c b/lib/dpif-netlink.c
index fd333094d..8f04ed311 100644
--- a/lib/dpif-netlink.c
+++ b/lib/dpif-netlink.c
@@ -46,6 +46,7 @@ 
 #include "netlink-notifier.h"
 #include "netlink-socket.h"
 #include "netlink.h"
+#include "netnsid.h"
 #include "odp-util.h"
 #include "openvswitch/ofpbuf.h"
 #include "packets.h"
@@ -3065,6 +3066,7 @@  dpif_netlink_vport_from_ofpbuf(struct dpif_netlink_vport *vport,
         [OVS_VPORT_ATTR_STATS] = { NL_POLICY_FOR(struct ovs_vport_stats),
                                    .optional = true },
         [OVS_VPORT_ATTR_OPTIONS] = { .type = NL_A_NESTED, .optional = true },
+        [OVS_VPORT_ATTR_NETNSID] = { .type = NL_A_U32, .optional = true },
     };
 
     dpif_netlink_vport_init(vport);
@@ -3100,6 +3102,12 @@  dpif_netlink_vport_from_ofpbuf(struct dpif_netlink_vport *vport,
         vport->options = nl_attr_get(a[OVS_VPORT_ATTR_OPTIONS]);
         vport->options_len = nl_attr_get_size(a[OVS_VPORT_ATTR_OPTIONS]);
     }
+    if (a[OVS_VPORT_ATTR_NETNSID]) {
+        netnsid_set(&vport->netnsid,
+                    nl_attr_get_u32(a[OVS_VPORT_ATTR_NETNSID]));
+    } else {
+        netnsid_set_local(&vport->netnsid);
+    }
     return 0;
 }
 
diff --git a/lib/dpif-netlink.h b/lib/dpif-netlink.h
index 568b81441..0a9628088 100644
--- a/lib/dpif-netlink.h
+++ b/lib/dpif-netlink.h
@@ -32,6 +32,7 @@  struct dpif_netlink_vport {
 
     /* ovs_vport header. */
     int dp_ifindex;
+    int netnsid;                           /* Network Namespace ID. */
     odp_port_t port_no;                    /* ODPP_NONE if unknown. */
     enum ovs_vport_type type;
 
diff --git a/lib/netdev-linux.c b/lib/netdev-linux.c
index bebd34402..bf8aee5c7 100644
--- a/lib/netdev-linux.c
+++ b/lib/netdev-linux.c
@@ -60,6 +60,7 @@ 
 #include "netlink-notifier.h"
 #include "netlink-socket.h"
 #include "netlink.h"
+#include "netnsid.h"
 #include "openvswitch/ofpbuf.h"
 #include "openflow/openflow.h"
 #include "ovs-atomic.h"
@@ -476,6 +477,7 @@  struct netdev_linux {
     long long int miimon_interval;  /* Miimon Poll rate. Disabled if <= 0. */
     struct timer miimon_timer;
 
+    int netnsid;                    /* Network namespace ID. */
     /* The following are figured out "on demand" only.  They are only valid
      * when the corresponding VALID_* bit in 'cache_valid' is set. */
     int ifindex;
@@ -571,7 +573,42 @@  netdev_rxq_linux_cast(const struct netdev_rxq *rx)
     return CONTAINER_OF(rx, struct netdev_rxq_linux, up);
 }
 
-static void netdev_linux_update(struct netdev_linux *netdev,
+static int
+netdev_linux_netnsid_update__(struct netdev_linux *netdev)
+{
+    struct dpif_netlink_vport reply;
+    struct ofpbuf *buf;
+    int error;
+
+    error = dpif_netlink_vport_get(netdev_get_name(&netdev->up), &reply, &buf);
+    if (error) {
+        netnsid_unset(&netdev->netnsid);
+        return error;
+    }
+
+    netnsid_set(&netdev->netnsid, reply.netnsid);
+    ofpbuf_delete(buf);
+    return 0;
+}
+
+static int
+netdev_linux_netnsid_update(struct netdev_linux *netdev)
+{
+    if (netnsid_is_unset(netdev->netnsid)) {
+        return netdev_linux_netnsid_update__(netdev);
+    }
+
+    return 0;
+}
+
+static bool
+netdev_linux_netnsid_is_eq(struct netdev_linux *netdev, int nsid)
+{
+    netdev_linux_netnsid_update(netdev);
+    return netnsid_eq(netdev->netnsid, nsid);
+}
+
+static void netdev_linux_update(struct netdev_linux *netdev, int,
                                 const struct rtnetlink_change *)
     OVS_REQUIRES(netdev->mutex);
 static void netdev_linux_changed(struct netdev_linux *netdev,
@@ -635,10 +672,11 @@  netdev_linux_run(const struct netdev_class *netdev_class OVS_UNUSED)
     do {
         static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
         uint64_t buf_stub[4096 / 8];
+        int nsid;
         struct ofpbuf buf;
 
         ofpbuf_use_stub(&buf, buf_stub, sizeof buf_stub);
-        error = nl_sock_recv(sock, &buf, NULL, false);
+        error = nl_sock_recv(sock, &buf, &nsid, false);
         if (!error) {
             struct rtnetlink_change change;
 
@@ -657,7 +695,7 @@  netdev_linux_run(const struct netdev_class *netdev_class OVS_UNUSED)
                     struct netdev_linux *netdev = netdev_linux_cast(netdev_);
 
                     ovs_mutex_lock(&netdev->mutex);
-                    netdev_linux_update(netdev, &change);
+                    netdev_linux_update(netdev, nsid, &change);
                     ovs_mutex_unlock(&netdev->mutex);
                 }
                 netdev_close(netdev_);
@@ -724,11 +762,11 @@  netdev_linux_changed(struct netdev_linux *dev,
 }
 
 static void
-netdev_linux_update(struct netdev_linux *dev,
-                    const struct rtnetlink_change *change)
+netdev_linux_update__(struct netdev_linux *dev,
+                      const struct rtnetlink_change *change)
     OVS_REQUIRES(dev->mutex)
 {
-    if (rtnetlink_type_is_rtnlgrp_link(change->nlmsg_type)){
+    if (rtnetlink_type_is_rtnlgrp_link(change->nlmsg_type)) {
         if (change->nlmsg_type == RTM_NEWLINK) {
             /* Keep drv-info, and ip addresses. */
             netdev_linux_changed(dev, change->ifi_flags,
@@ -752,6 +790,7 @@  netdev_linux_update(struct netdev_linux *dev,
             dev->get_ifindex_error = 0;
         } else {
             netdev_linux_changed(dev, change->ifi_flags, 0);
+            netnsid_unset(&dev->netnsid);
         }
     } else if (rtnetlink_type_is_rtnlgrp_addr(change->nlmsg_type)) {
         /* Invalidates in4, in6. */
@@ -761,6 +800,16 @@  netdev_linux_update(struct netdev_linux *dev,
     }
 }
 
+static void
+netdev_linux_update(struct netdev_linux *dev, int nsid,
+                    const struct rtnetlink_change *change)
+    OVS_REQUIRES(dev->mutex)
+{
+    if (netdev_linux_netnsid_is_eq(dev, nsid)) {
+        netdev_linux_update__(dev, change);
+    }
+}
+
 static struct netdev *
 netdev_linux_alloc(void)
 {
@@ -788,6 +837,8 @@  netdev_linux_common_construct(struct netdev *netdev_)
         return EINVAL;
     }
 
+    /* The device could be in the same network namespace or in another one. */
+    netnsid_unset(&netdev->netnsid);
     ovs_mutex_init(&netdev->mutex);
     return 0;
 }