From patchwork Fri Jan 27 22:13:27 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anand Kumar X-Patchwork-Id: 720962 X-Patchwork-Delegate: diproiettod@vmware.com Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from mail.linuxfoundation.org (mail.linuxfoundation.org [140.211.169.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3v9Cl56x1Xz9t1Q for ; Sat, 28 Jan 2017 09:14:57 +1100 (AEDT) Received: from mail.linux-foundation.org (localhost [127.0.0.1]) by mail.linuxfoundation.org (Postfix) with ESMTP id A996ABAC; Fri, 27 Jan 2017 22:13:54 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@mail.linuxfoundation.org Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 0FBD2982 for ; Fri, 27 Jan 2017 22:13:51 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from EX13-EDG-OU-002.vmware.com (ex13-edg-ou-002.vmware.com [208.91.0.190]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 848D51CB for ; Fri, 27 Jan 2017 22:13:50 +0000 (UTC) Received: from sc9-mailhost3.vmware.com (10.113.161.73) by EX13-EDG-OU-002.vmware.com (10.113.208.156) with Microsoft SMTP Server id 15.0.1156.6; Fri, 27 Jan 2017 14:13:08 -0800 Received: from localhost.localdomain (htb-1s-eng-dhcp104.eng.vmware.com [10.33.78.104]) by sc9-mailhost3.vmware.com (Postfix) with ESMTP id 331464057A; Fri, 27 Jan 2017 14:13:48 -0800 (PST) From: Anand Kumar To: Date: Fri, 27 Jan 2017 14:13:27 -0800 Message-ID: <20170127221330.3844-3-kumaranand@vmware.com> X-Mailer: git-send-email 2.9.3.windows.1 In-Reply-To: <20170127221330.3844-1-kumaranand@vmware.com> References: <20170127221330.3844-1-kumaranand@vmware.com> MIME-Version: 1.0 Received-SPF: None (EX13-EDG-OU-002.vmware.com: kumaranand@vmware.com does not designate permitted sender hosts) X-Spam-Status: No, score=-5.1 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_NONE, RP_MATCHES_RCVD autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: [ovs-dev] [PATCH v3 2/5] datapath-windows: Added Ipv4 fragments support in Conntrack X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ovs-dev-bounces@openvswitch.org Errors-To: ovs-dev-bounces@openvswitch.org This patch adds support for tracking Ipv4 fragments in conntrack module. Individual fragments are not tracked and are consumed by the fragmentation/reassembly. Only the reassembled Ipv4 datagram is tracked and treated as a single ct entry. Added MRU field in OvsForwardingContext, to keep track of Maximum recieved unit from all the recieved IPv4 fragments. v2->v3: - Updated log messages and fixed alignment. v1->v2: No change Signed-off-by: Anand Kumar --- datapath-windows/ovsext/Actions.c | 16 ++++++++++++---- datapath-windows/ovsext/Conntrack.c | 35 ++++++++++++++++++++++++++++------- datapath-windows/ovsext/Conntrack.h | 7 ++++++- 3 files changed, 46 insertions(+), 12 deletions(-) diff --git a/datapath-windows/ovsext/Actions.c b/datapath-windows/ovsext/Actions.c index b4a286b..5f7c50c 100644 --- a/datapath-windows/ovsext/Actions.c +++ b/datapath-windows/ovsext/Actions.c @@ -125,6 +125,9 @@ typedef struct OvsForwardingContext { /* header information */ OVS_PACKET_HDR_INFO layers; + + /* Maximum Recieving Unit */ + UINT16 mru; } OvsForwardingContext; /* @@ -1910,11 +1913,16 @@ OvsDoExecuteActions(POVS_SWITCH_CONTEXT switchContext, } } - status = OvsExecuteConntrackAction(ovsFwdCtx.curNbl, layers, - key, (const PNL_ATTR)a); + status = OvsExecuteConntrackAction(switchContext, &ovsFwdCtx.curNbl, &(ovsFwdCtx.mru), + ovsFwdCtx.completionList, + ovsFwdCtx.fwdDetail->SourcePortId, + layers, key, (const PNL_ATTR)a); if (status != NDIS_STATUS_SUCCESS) { - OVS_LOG_ERROR("CT Action failed"); - dropReason = L"OVS-conntrack action failed"; + /* Pending NBLs are consumed by Defragmentation. */ + if (status != NDIS_STATUS_PENDING) { + OVS_LOG_ERROR("CT Action failed"); + dropReason = L"OVS-conntrack action failed"; + } goto dropit; } break; diff --git a/datapath-windows/ovsext/Conntrack.c b/datapath-windows/ovsext/Conntrack.c index d1be480..0420f9b 100644 --- a/datapath-windows/ovsext/Conntrack.c +++ b/datapath-windows/ovsext/Conntrack.c @@ -15,6 +15,7 @@ */ #include "Conntrack.h" +#include "IpFragment.h" #include "Jhash.h" #include "PacketParser.h" #include "Event.h" @@ -312,13 +313,25 @@ OvsCtEntryExpired(POVS_CT_ENTRY entry) } static __inline NDIS_STATUS -OvsDetectCtPacket(OvsFlowKey *key) +OvsDetectCtPacket(POVS_SWITCH_CONTEXT switchContext, + PNET_BUFFER_LIST *curNbl, + OvsCompletionList *completionList, + NDIS_SWITCH_PORT_ID sourcePort, + OvsFlowKey *key, + UINT16 *mru, + PNET_BUFFER_LIST *newNbl) { /* Currently we support only Unfragmented TCP packets */ switch (ntohs(key->l2.dlType)) { case ETH_TYPE_IPV4: if (key->ipKey.nwFrag != OVS_FRAG_TYPE_NONE) { - return NDIS_STATUS_NOT_SUPPORTED; + return OvsProcessIpv4Fragment(switchContext, + curNbl, + completionList, + sourcePort, + mru, + key->tunKey.tunnelId, + newNbl); } if (key->ipKey.nwProto == IPPROTO_TCP || key->ipKey.nwProto == IPPROTO_UDP @@ -684,11 +697,17 @@ OvsCtExecute_(PNET_BUFFER_LIST curNbl, /* *--------------------------------------------------------------------------- * OvsExecuteConntrackAction - * Executes Conntrack actions XXX - Add more + * Executes Conntrack actions + * For the Ipv4 fragments, consume the orginal fragment NBL + * XXX - Add more *--------------------------------------------------------------------------- */ NDIS_STATUS -OvsExecuteConntrackAction(PNET_BUFFER_LIST curNbl, +OvsExecuteConntrackAction(POVS_SWITCH_CONTEXT switchContext, + PNET_BUFFER_LIST *curNbl, + UINT16 *mru, + OvsCompletionList *completionList, + NDIS_SWITCH_PORT_ID sourcePort, OVS_PACKET_HDR_INFO *layers, OvsFlowKey *key, const PNL_ATTR a) @@ -699,10 +718,11 @@ OvsExecuteConntrackAction(PNET_BUFFER_LIST curNbl, MD_MARK *mark = NULL; MD_LABELS *labels = NULL; PCHAR helper = NULL; - + PNET_BUFFER_LIST newNbl = NULL; NDIS_STATUS status; - status = OvsDetectCtPacket(key); + status = OvsDetectCtPacket(switchContext, curNbl, completionList, + sourcePort, key, mru, &newNbl); if (status != NDIS_STATUS_SUCCESS) { return status; } @@ -735,7 +755,8 @@ OvsExecuteConntrackAction(PNET_BUFFER_LIST curNbl, } } - status = OvsCtExecute_(curNbl, key, layers, + /* If newNbl is not allocated, use the current Nbl*/ + status = OvsCtExecute_(newNbl != NULL ? newNbl : *curNbl, key, layers, commit, zone, mark, labels, helper); return status; } diff --git a/datapath-windows/ovsext/Conntrack.h b/datapath-windows/ovsext/Conntrack.h index af99885..2e7285b 100644 --- a/datapath-windows/ovsext/Conntrack.h +++ b/datapath-windows/ovsext/Conntrack.h @@ -20,6 +20,7 @@ #include "precomp.h" #include "Flow.h" #include "Debug.h" +#include "PacketIO.h" #include #ifdef OVS_DBG_MOD @@ -155,7 +156,11 @@ OvsGetTcpPayloadLength(PNET_BUFFER_LIST nbl) VOID OvsCleanupConntrack(VOID); NTSTATUS OvsInitConntrack(POVS_SWITCH_CONTEXT context); -NDIS_STATUS OvsExecuteConntrackAction(PNET_BUFFER_LIST curNbl, +NDIS_STATUS OvsExecuteConntrackAction(POVS_SWITCH_CONTEXT switchContext, + PNET_BUFFER_LIST *curNbl, + UINT16 *mru, + OvsCompletionList *completionList, + NDIS_SWITCH_PORT_ID sourcePort, OVS_PACKET_HDR_INFO *layers, OvsFlowKey *key, const PNL_ATTR a);