From patchwork Tue Aug 23 10:40:09 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Zong Kai LI <zealokii@gmail.com>
X-Patchwork-Id: 661822
Return-Path: <dev-bounces@openvswitch.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from archives.nicira.com (archives.nicira.com [96.126.127.54])
	by ozlabs.org (Postfix) with ESMTP id 3sJRm52HJTz9t0q
	for <incoming@patchwork.ozlabs.org>;
	Tue, 23 Aug 2016 20:40:21 +1000 (AEST)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=gmail.com header.i=@gmail.com header.b=KFWsISaB;
	dkim-atps=neutral
Received: from archives.nicira.com (localhost [127.0.0.1])
	by archives.nicira.com (Postfix) with ESMTP id 922AD10561;
	Tue, 23 Aug 2016 03:40:20 -0700 (PDT)
X-Original-To: dev@openvswitch.org
Delivered-To: dev@openvswitch.org
Received: from mx3v3.cudamail.com (mx3.cudamail.com [64.34.241.5])
	by archives.nicira.com (Postfix) with ESMTPS id 1622E10536
	for <dev@openvswitch.org>; Tue, 23 Aug 2016 03:40:19 -0700 (PDT)
Received: from bar6.cudamail.com (localhost [127.0.0.1])
	by mx3v3.cudamail.com (Postfix) with ESMTPS id A16E61625F6
	for <dev@openvswitch.org>; Tue, 23 Aug 2016 04:40:18 -0600 (MDT)
X-ASG-Debug-ID: 1471948817-0b32372d8342f260001-byXFYA
Received: from mx3-pf2.cudamail.com ([192.168.14.1]) by bar6.cudamail.com
	with
	ESMTP id wbUrGPThEybkHOUW (version=TLSv1 cipher=DHE-RSA-AES256-SHA
	bits=256 verify=NO) for <dev@openvswitch.org>;
	Tue, 23 Aug 2016 04:40:18 -0600 (MDT)
X-Barracuda-Envelope-From: zealokii@gmail.com
X-Barracuda-RBL-Trusted-Forwarder: 192.168.14.1
Received: from unknown (HELO mail-it0-f65.google.com) (209.85.214.65)
	by mx3-pf2.cudamail.com with ESMTPS (AES128-SHA encrypted);
	23 Aug 2016 10:40:17 -0000
Received-SPF: pass (mx3-pf2.cudamail.com: SPF record at _netblocks.google.com
	designates 209.85.214.65 as permitted sender)
X-Barracuda-Apparent-Source-IP: 209.85.214.65
X-Barracuda-RBL-IP: 209.85.214.65
Received: by mail-it0-f65.google.com with SMTP id f6so7536526ith.2
	for <dev@openvswitch.org>; Tue, 23 Aug 2016 03:40:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
	h=from:to:cc:subject:date:message-id;
	bh=eJIcDfY2ZwD7FntwVl4WzhFzS4FUBj7Fmn2FyL9jX7Y=;
	b=KFWsISaBKwpusdem4Hc/F+L5iQfN9mF5TjgFt7Dth+xcnZUDUeKhh6Aws1PjDFzpRb
	K9KGa/WFSlr8GAma/GFCtOmDrJeui79uM0nYkEMWkJdpNIdYaIFHlNpOyrJRGNBrMta2
	29jqu8YGYZaZOsXu14KoHeSANVSgfO7gmzoS1/DbwER7FOPkr8msJHlttPgkEccUjx3Q
	KrRPLXYBHisedq6B3RcWZ2aIO6i0/mFCHwTlgSGok4VVLgL/OjSLuqxrYMUxjPGNcvoF
	86ObVh0iiFnMfV4N0RLJitgs4m4oOLthTPUdYXF5lNs2TjQRxE5O/mQH/1yV7PaCCawL
	X7gw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:from:to:cc:subject:date:message-id;
	bh=eJIcDfY2ZwD7FntwVl4WzhFzS4FUBj7Fmn2FyL9jX7Y=;
	b=Fh+p0en/JTVdviAIwxAK82UF6Pt2DohT9lbhGpfoAsDYpI6jbqHh4pAgHuK0OpFQgB
	QShbLF+pxKRzJoGQTANzvH4lgXqbjHhC5C9NJSxI68AnlSigPsjPyRCL+JNb1JSYErjl
	tec8ryVsofdCD0FNb4mqUuJ84zADbMjfkf2bsE59QUdu3UHc8tka37dNqxs7HSRjZoeL
	JOVla4cIsXVYfNqockrdJDhPf4q9BwGWMc2MbBkuU9OWRK4dn00kk4N+btDGeBxSmSO6
	K3K/78YrFrSRZGOoa5J688nyG+J7p7TYFX66UdfTkmvJGavWcI2HgdWw3O09A93mSldS
	Z3vw==
X-Gm-Message-State: 
 AEkooutf/e8AeExuRtDtocBaZGDHxrDwmTrwH9vpbMyv80jgGHgd+s5UZA+gh3ChciOGZg==
X-Received: by 10.36.1.75 with SMTP id 72mr2377803itk.40.1471948816595;
	Tue, 23 Aug 2016 03:40:16 -0700 (PDT)
Received: from localhost.localdomain ([106.38.0.71])
	by smtp.gmail.com with ESMTPSA id i4sm906076itf.0.2016.08.23.03.40.13
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Tue, 23 Aug 2016 03:40:16 -0700 (PDT)
X-CudaMail-Envelope-Sender: zealokii@gmail.com
From: Zong Kai LI <zealokii@gmail.com>
To: dev@openvswitch.org
X-CudaMail-MID: CM-V2-822003339
X-CudaMail-DTE: 082316
X-CudaMail-Originating-IP: 209.85.214.65
Date: Tue, 23 Aug 2016 18:40:09 +0800
X-ASG-Orig-Subj: [##CM-V2-822003339##][ovs-dev] [PATCH v1,
	3/6] ovs.lib.flow: extend is_nd for all ND messages types
Message-Id: <1471948809-28007-1-git-send-email-zealokii@gmail.com>
X-Mailer: git-send-email 1.9.1
X-GBUdb-Analysis: 0, 209.85.214.65, Ugly c=0.387593 p=-0.209302 Source Normal
X-MessageSniffer-Rules: 0-0-0-9345-c
X-Barracuda-Connect: UNKNOWN[192.168.14.1]
X-Barracuda-Start-Time: 1471948818
X-Barracuda-Encrypted: DHE-RSA-AES256-SHA
X-Barracuda-URL: https://web.cudamail.com:443/cgi-mod/mark.cgi
X-Virus-Scanned: by bsmtpd at cudamail.com
X-Barracuda-BRTS-Status: 1
X-Barracuda-Spam-Score: 0.60
X-Barracuda-Spam-Status: No, SCORE=0.60 using global scores of TAG_LEVEL=3.5
	QUARANTINE_LEVEL=1000.0 KILL_LEVEL=4.0
	tests=BSF_SC5_MJ1963, DKIM_SIGNED, RDNS_NONE
X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.3.32247
	Rule breakdown below
	pts rule name              description
	---- ----------------------
	--------------------------------------------------
	0.00 DKIM_SIGNED Domain Keys Identified Mail: message has a signature
	0.10 RDNS_NONE Delivered to trusted network by a host with no rDNS
	0.50 BSF_SC5_MJ1963         Custom Rule MJ1963
Subject: [ovs-dev]  [PATCH v1,
	3/6] ovs.lib.flow: extend is_nd for all ND messages types
X-BeenThere: dev@openvswitch.org
X-Mailman-Version: 2.1.16
Precedence: list
List-Id: <dev.openvswitch.org>
List-Unsubscribe: <http://openvswitch.org/mailman/options/dev>,
	<mailto:dev-request@openvswitch.org?subject=unsubscribe>
List-Archive: <http://openvswitch.org/pipermail/dev>
List-Post: <mailto:dev@openvswitch.org>
List-Help: <mailto:dev-request@openvswitch.org?subject=help>
List-Subscribe: <http://openvswitch.org/mailman/listinfo/dev>,
	<mailto:dev-request@openvswitch.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: dev-bounces@openvswitch.org
Sender: "dev" <dev-bounces@openvswitch.org>

From: Zongkai LI <zealokii@gmail.com>

This patch updates method "is_nd" to let type ND_ROUTER_SOLICIT,
ND_ROUTER_ADVERT, ND_REDIRECT can be recoginzed.
---
 lib/flow.h               |  5 ++++-
 lib/nx-match.c           |  4 +++-
 lib/odp-util.c           |  6 +++++-
 ovn/controller/pinctrl.c | 10 ++++++----
 4 files changed, 18 insertions(+), 7 deletions(-)

diff --git a/lib/flow.h b/lib/flow.h
index 5b83695..56b4f40 100644
--- a/lib/flow.h
+++ b/lib/flow.h
@@ -937,7 +937,10 @@ static inline bool is_nd(const struct flow *flow,
             memset(&wc->masks.tp_src, 0xff, sizeof wc->masks.tp_src);
         }
         return (flow->tp_src == htons(ND_NEIGHBOR_SOLICIT) ||
-                flow->tp_src == htons(ND_NEIGHBOR_ADVERT));
+                flow->tp_src == htons(ND_NEIGHBOR_ADVERT) ||
+                flow->tp_src == htons(ND_ROUTER_SOLICIT) ||
+                flow->tp_src == htons(ND_ROUTER_ADVERT) ||
+                flow->tp_src == htons(ND_REDIRECT));
     }
     return false;
 }
diff --git a/lib/nx-match.c b/lib/nx-match.c
index b03ccf2..115147a 100644
--- a/lib/nx-match.c
+++ b/lib/nx-match.c
@@ -879,7 +879,9 @@ nxm_put_ip(struct ofpbuf *b, const struct match *match, enum ofp_version oxm)
                 nxm_put_8(b, MFF_ICMPV6_CODE, oxm,
                           ntohs(flow->tp_dst));
             }
-            if (is_nd(flow, NULL)) {
+            if (is_nd(flow, NULL)
+                && (flow->tp_src == htons(ND_NEIGHBOR_SOLICIT)
+                    || flow->tp_src == htons(ND_NEIGHBOR_ADVERT))) {
                 nxm_put_ipv6(b, MFF_ND_TARGET, oxm,
                              &flow->nd_target, &match->wc.masks.nd_target);
                 if (flow->tp_src == htons(ND_NEIGHBOR_SOLICIT)) {
diff --git a/lib/odp-util.c b/lib/odp-util.c
index 6d29b67..9fadfcd 100644
--- a/lib/odp-util.c
+++ b/lib/odp-util.c
@@ -4429,6 +4429,8 @@ odp_flow_key_from_flow__(const struct odp_flow_key_parms *parms,
             icmpv6_key->icmpv6_code = ntohs(data->tp_dst);
 
             if (is_nd(flow, NULL)
+                && (flow->tp_src == htons(ND_NEIGHBOR_SOLICIT)
+                    || flow->tp_src == htons(ND_NEIGHBOR_ADVERT))
                 /* Even though 'tp_src' and 'tp_dst' are 16 bits wide, ICMP
                  * type and code are 8 bits wide.  Therefore, an exact match
                  * looks like htons(0xff), not htons(0xffff).  See
@@ -4963,7 +4965,9 @@ parse_l2_5_onward(const struct nlattr *attrs[OVS_KEY_ATTR_MAX + 1],
             flow->tp_src = htons(icmpv6_key->icmpv6_type);
             flow->tp_dst = htons(icmpv6_key->icmpv6_code);
             expected_bit = OVS_KEY_ATTR_ICMPV6;
-            if (is_nd(src_flow, NULL)) {
+            if (is_nd(src_flow, NULL)
+                && (src_flow->tp_src == htons(ND_NEIGHBOR_SOLICIT)
+                    || src_flow->tp_src == htons(ND_NEIGHBOR_ADVERT))) {
                 if (!is_mask) {
                     expected_attrs |= UINT64_C(1) << OVS_KEY_ATTR_ND;
                 }
diff --git a/ovn/controller/pinctrl.c b/ovn/controller/pinctrl.c
index 2737467..725b711 100644
--- a/ovn/controller/pinctrl.c
+++ b/ovn/controller/pinctrl.c
@@ -1355,11 +1355,13 @@ static void
 pinctrl_handle_nd_na(const struct flow *ip_flow, const struct match *md,
                      struct ofpbuf *userdata)
 {
-    /* This action only works for IPv6 ND packets, and the switch should only
-     * send us ND packets this way, but check here just to be sure. */
-    if (!is_nd(ip_flow, NULL)) {
+    /* This action only works for IPv6 ND Neighbor Solicitation packets,
+     * and the switch should only send us such packets this way, but check
+     * here just to be sure. */
+    if (!is_nd(ip_flow, NULL)
+        || ip_flow->tp_src != htons(ND_NEIGHBOR_SOLICIT)) {
         static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
-        VLOG_WARN_RL(&rl, "NA action on non-ND packet");
+        VLOG_WARN_RL(&rl, "NA action on non-ND-NS packet");
         return;
     }