From patchwork Tue Mar 5 04:17:05 2019 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ankur Sharma X-Patchwork-Id: 1051608 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=openvswitch.org (client-ip=140.211.169.12; helo=mail.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=nutanix.com Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=nutanix.com header.i=@nutanix.com header.b="YzfcDB+H"; dkim-atps=neutral Received: from mail.linuxfoundation.org (mail.linuxfoundation.org [140.211.169.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 44D3tB45b8z9s4Y for ; Tue, 5 Mar 2019 15:33:22 +1100 (AEDT) Received: from mail.linux-foundation.org (localhost [127.0.0.1]) by mail.linuxfoundation.org (Postfix) with ESMTP id 71870F111; Tue, 5 Mar 2019 04:32:22 +0000 (UTC) X-Original-To: ovs-dev@openvswitch.org Delivered-To: ovs-dev@mail.linuxfoundation.org Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 252B4EA39 for ; Tue, 5 Mar 2019 04:17:10 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mx0b-002c1b01.pphosted.com (mx0b-002c1b01.pphosted.com [148.163.155.12]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id E8826180 for ; Tue, 5 Mar 2019 04:17:08 +0000 (UTC) Received: from pps.filterd (m0127841.ppops.net [127.0.0.1]) by mx0b-002c1b01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id x254F0Oq024470 for ; Mon, 4 Mar 2019 20:17:08 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nutanix.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : content-transfer-encoding : mime-version; s=proofpoint20171006; bh=QqWgjEqW3FKsprioGBnxTX99sb13ihxGZehgZEX3ZdI=; b=YzfcDB+HTLiac7t2q40FPdOnFi4O7nGai4FTdZZZ9Y8p5jYd42p9n5B/nzYaEyo18n/Z g+BqO1dzuoN2JZJit8P5zKcUWw4EVjPEMCeCFvhkkthzflQhD6q0yHK1773JuxJYSckB 1JLAA9snkiMDwG2PwMtwPy3H0NQDpJYRUdzaFNPa/GlWfENhsAEW5VhKqF39GV5ZTUTs 9NTyKzIDP/rXby7JcitsxMRxCfsL+L2PPYjt0MCCNKpngvzw51U67Gwty7x//JA02iXN p+FeOVf/IO8D3OJyYluqmDJYGHWlkFeQJ+3AyyO3G0YoTmBfq9lSM7BT0jIRG0ac4fqw 7Q== Received: from nam03-by2-obe.outbound.protection.outlook.com (mail-by2nam03lp2054.outbound.protection.outlook.com [104.47.42.54]) by mx0b-002c1b01.pphosted.com with ESMTP id 2qyr8b4bvy-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT) for ; Mon, 04 Mar 2019 20:17:08 -0800 Received: from MW2PR02MB3899.namprd02.prod.outlook.com (52.132.178.28) by MW2PR02MB3737.namprd02.prod.outlook.com (52.132.177.138) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.1665.19; Tue, 5 Mar 2019 04:17:06 +0000 Received: from MW2PR02MB3899.namprd02.prod.outlook.com ([fe80::4976:1b78:f55b:3cfd]) by MW2PR02MB3899.namprd02.prod.outlook.com ([fe80::4976:1b78:f55b:3cfd%8]) with mapi id 15.20.1665.020; Tue, 5 Mar 2019 04:17:06 +0000 From: Ankur Sharma To: "ovs-dev@openvswitch.org" Thread-Topic: [RFC PATCH v2 2/3] OVN ACL: Allow ct_mark and ct_label values to be set from register as well Thread-Index: AQHU0wpKpaUTe6YjI0mHj5WhwLooqQ== Date: Tue, 5 Mar 2019 04:17:05 +0000 Message-ID: <1551759463-61412-3-git-send-email-ankur.sharma@nutanix.com> References: <1551759463-61412-1-git-send-email-ankur.sharma@nutanix.com> In-Reply-To: <1551759463-61412-1-git-send-email-ankur.sharma@nutanix.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-clientproxiedby: BYAPR01CA0049.prod.exchangelabs.com (2603:10b6:a03:94::26) To MW2PR02MB3899.namprd02.prod.outlook.com (2603:10b6:907:4::28) x-ms-exchange-messagesentrepresentingtype: 1 x-mailer: git-send-email 1.8.3.1 x-originating-ip: [192.146.154.1] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 1f676465-6c81-4a97-0e0d-08d6a1216d2d x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600127)(711020)(4605104)(2017052603328)(7153060)(7193020); SRVR:MW2PR02MB3737; x-ms-traffictypediagnostic: MW2PR02MB3737: x-proofpoint-crosstenant: true x-microsoft-exchange-diagnostics: =?utf-8?q?1=3BMW2PR02MB3737=3B23=3AVz8v?= =?utf-8?q?a1RFFQOiRvaN+NY2w4voCl1qQDTDBp0kjQ3Z5e2koZJ1q5iuxLhMWkDZ?= =?utf-8?q?xaekwOvW2PQXsK8xuc9Uff/Cde1ONrjoMMIOTjhpmYHihQSJAeHzriNI?= =?utf-8?q?AVdPzxJAmiYldHFHSERzCTISQvKPhNhrwvahCAONQqAvZeGKq0p8Z92t?= =?utf-8?q?fUwKb7ZLOh5v3frBtf5G3NZCL20bBZJpXM9dfT3brBtCDLGNOqqnfzyZ?= =?utf-8?q?QYU1KTHgqpxjP27exLKmpxfvDXn60aVk6R6Td4sFhd40zOg/BcHdDVGh?= =?utf-8?q?LrqpOcabkYiwcy76GtZyS2svF+fIhw7rUqrtBwvD97uSjApqRXFIlUKy?= =?utf-8?q?wfVS7ZmHFx4SQ/AGyShKEJYFjnYUQG2sA/Q6gCjFRtz6E6X97TW2YuSw?= =?utf-8?q?D3xZV/NX5MwuRVuNAJPR0KGKPzjYimBu7uUYMjL4ZOQrxamrFKhK1MDs?= =?utf-8?q?gfUQD5qTrfCcctO+7yQgnxboXgfAjbnZ66nfh9SO6W4n2t1e06nHvye1?= =?utf-8?q?MPCnCsDHB7UFyYpzk84FsWAbj2QK0Kq1Vn8TKZBU3DjTKseNJre6kpRN?= =?utf-8?q?6y7ZsqHZZFZvo+wxy7qWrpY/2P1RtL8U+WJkoyTR6DLFXfWRtcrkXlFM?= =?utf-8?q?j4+5pI05J5aevmPmOTZ4VXKr9I6lpWjAbzsRi4fbx8Es4kWP3wZnVJOZ?= =?utf-8?q?Yep2+GiRknEuCcb545eQT2ysos0cP3uUUdbQFDt31XJCTM62UUlkJ2da?= =?utf-8?q?j9AxnccI9M8RpvrBRXLLIejpHroQnds07MuNl822V0F6Xod7nE7haYVD?= =?utf-8?q?vD5ABe4hhzd1YLyDAOt7t+EKxkKifZUqiAnETNrbT+T6NKcV+AjIrQeC?= =?utf-8?q?SxNZIjj4kgi2G7pMXJUtvzSLlCmRVlB9nQEqwe37j4NhvQ8pW7YV3aJq?= =?utf-8?q?nAABu89u8NnDOi/cOejKKa+52G27jXZI9MfQVRTIrpq+xeaD0Qt5nBIq?= =?utf-8?q?g1k5vLPAo9m1MhjtSM6RzEmojR4tDKjgfNp9z9NReGXyT1uGmjXmv4k/?= =?utf-8?q?gyLpns5XAOLx7USdWF6BuWV9879ldN2WyqNhnrOEhwmBELl51PsHbVc2?= =?utf-8?q?OBh2RKrEec599twgLhmsFCENMPHG07L0JqUVXIo49YFk0kRGRGKutcyg?= =?utf-8?q?fE/THygElV7PC6a+VJX2aurWzGiT0fCXMrPNmusmlq+g0Ltlp8TSGG7S?= =?utf-8?q?eRTnmLLq2Ku0gglsEf2fRSXGIrVt+NNFFj4FvQoUfubZZkiFRMjuQEGI?= =?utf-8?q?3Y9TKrIlDd7Bi+dHWmjZIc2TWrIZ9xyElYxbwqYgvVOU0dIyCdWiKwKS?= =?utf-8?q?HveU+pujH6+JoVhuN152xwkzKxzdULqrNbG8bD2gcWUCJczI8C3l?= x-microsoft-antispam-prvs: x-forefront-prvs: 0967749BC1 x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39860400002)(346002)(376002)(396003)(136003)(366004)(199004)(189003)(305945005)(25786009)(99286004)(105586002)(6116002)(71200400001)(26005)(5640700003)(53936002)(66066001)(2351001)(6512007)(6436002)(106356001)(4720700003)(478600001)(76176011)(52116002)(14454004)(36756003)(6916009)(6486002)(71190400001)(186003)(2906002)(256004)(4326008)(107886003)(81166006)(316002)(86362001)(476003)(446003)(11346002)(8936002)(3846002)(2616005)(6506007)(68736007)(50226002)(81156014)(97736004)(102836004)(2501003)(44832011)(8676002)(7736002)(5660300002)(486006)(386003)(64030200001); DIR:OUT; SFP:1102; SCL:1; SRVR:MW2PR02MB3737; H:MW2PR02MB3899.namprd02.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; A:1; MX:1; received-spf: None (protection.outlook.com: nutanix.com does not designate permitted sender hosts) x-ms-exchange-senderadcheck: 1 x-microsoft-antispam-message-info: JIb2w7MLnYV1tqJtrNxlJXrJY4h0ygIGofHCop7WU51gbAdHzWsUi+nJtZSAJnlmx6F6NCr6jNrrWcNQ8WyZjCaKMQuejulH72BVWn8MMPcM37AujiVpyBB67RjQDFTHlqJxslln1lVxKUOwgtKxzOoOpnzf0Pad5DvJeF8rTz3LSxPYtCaoBM/oCjXOhzVH3VmMfdZ1yRhYiYFUWnQJwtfF7NK90+sBJhbCXgBsLZQr/J6q9p8Oe2NBveE5KUekgbMwX9CnN9QWLyZVWm2rxQmLZqTn3GLJjoJZePDnmujcAaQmCmeDmQlMboWwOCkWhXZYtomfXvon8JWOwwzIbPnrklYAooYE8gFR+MEylGq7Q6IB52aipMtsFCfYjccxo+biR2Grybv3CpD36nW8KXXXGskDxH6hGWxXwj6TmxI= MIME-Version: 1.0 X-OriginatorOrg: nutanix.com X-MS-Exchange-CrossTenant-Network-Message-Id: 1f676465-6c81-4a97-0e0d-08d6a1216d2d X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Mar 2019 04:17:06.0368 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: bb047546-786f-4de1-bd75-24e5b6f79043 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW2PR02MB3737 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-03-05_01:, , signatures=0 X-Proofpoint-Spam-Reason: safe X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, KHOP_DYNAMIC, RCVD_IN_DNSWL_LOW autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: [ovs-dev] [RFC PATCH v2 2/3] OVN ACL: Allow ct_mark and ct_label values to be set from register as well X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ovs-dev-bounces@openvswitch.org Errors-To: ovs-dev-bounces@openvswitch.org OVN allows only an integer (or masked integer) to be assigned to ct_mark and ct_label. This patch, enhances the parser code to allow ct_mark and ct_label to be assigned from 32 bit registers (MFF_REG0 - MFF_REG15) and 128 bit registers (MFF_XXREG0 - MFF_XXREG3) respectively. Signed-off-by: Ankur Sharma --- include/ovn/actions.h | 3 ++ ovn/lib/actions.c | 77 +++++++++++++++++++++++++++++++++++++++++++++------ ovn/ovn-sb.xml | 20 +++++++------ tests/ovn.at | 16 +++++++++++ 4 files changed, 99 insertions(+), 17 deletions(-) diff --git a/include/ovn/actions.h b/include/ovn/actions.h index 1c0c67c..58b96a1 100644 --- a/include/ovn/actions.h +++ b/include/ovn/actions.h @@ -24,6 +24,7 @@ #include "openvswitch/dynamic-string.h" #include "openvswitch/hmap.h" #include "openvswitch/uuid.h" +#include "openvswitch/meta-flow.h" #include "util.h" struct expr; @@ -196,8 +197,10 @@ struct ovnact_ct_next { /* OVNACT_CT_COMMIT. */ struct ovnact_ct_commit { struct ovnact ovnact; + bool is_ct_mark_reg, is_ct_label_reg; /* If the value is from a register */ uint32_t ct_mark, ct_mark_mask; ovs_be128 ct_label, ct_label_mask; + enum mf_field_id ct_mark_reg, ct_label_reg; }; /* OVNACT_CT_DNAT, OVNACT_CT_SNAT. */ diff --git a/ovn/lib/actions.c b/ovn/lib/actions.c index 7b7a894..957bbce 100644 --- a/ovn/lib/actions.c +++ b/ovn/lib/actions.c @@ -627,8 +627,28 @@ parse_ct_commit_arg(struct action_context *ctx, } else if (ctx->lexer->token.type == LEX_T_MASKED_INTEGER) { cc->ct_mark = ntohll(ctx->lexer->token.value.integer); cc->ct_mark_mask = ntohll(ctx->lexer->token.mask.integer); + } else if (ctx->lexer->token.type == LEX_T_ID) { + + cc->ct_mark_mask = UINT32_MAX; + + const struct mf_field *mf = mf_from_name(ctx->lexer->token.s); + if (mf) { + + if (mf->id >= MFF_REG0 && mf->id <= MFF_REG15) { + cc->is_ct_mark_reg = true; + cc->ct_mark_reg = mf->id; + } else { + lexer_syntax_error(ctx->lexer, "input: %s, not a 32 bit " + "register", mf->name); + return; + } + } else { + lexer_syntax_error(ctx->lexer, "invalid field name: %s", + ctx->lexer->token.s); + return; + } } else { - lexer_syntax_error(ctx->lexer, "expecting integer"); + lexer_syntax_error(ctx->lexer, "invalid token type"); return; } lexer_get(ctx->lexer); @@ -642,9 +662,28 @@ parse_ct_commit_arg(struct action_context *ctx, } else if (ctx->lexer->token.type == LEX_T_MASKED_INTEGER) { cc->ct_label = ctx->lexer->token.value.be128_int; cc->ct_label_mask = ctx->lexer->token.mask.be128_int; + } else if (ctx->lexer->token.type == LEX_T_ID) { + + cc->ct_label_mask = OVS_BE128_MAX; + const struct mf_field *mf = mf_from_name(ctx->lexer->token.s); + if (mf) { + if (mf->id >= MFF_XXREG0 && mf->id <= MFF_XXREG3) { + cc->is_ct_label_reg = true; + cc->ct_label_reg = mf->id; + } else { + lexer_syntax_error(ctx->lexer, "input: %s, not a 128 bit " + "register", mf->name); + return; + } + } else { + lexer_syntax_error(ctx->lexer, "invalid field name: %s", + ctx->lexer->token.s); + return; + } + } else { - lexer_syntax_error(ctx->lexer, "expecting integer"); - return; + lexer_syntax_error(ctx->lexer, "invalid token type"); + return; } lexer_get(ctx->lexer); } else { @@ -713,14 +752,36 @@ encode_CT_COMMIT(const struct ovnact_ct_commit *cc, ofpbuf_pull(ofpacts, set_field_offset); if (cc->ct_mark_mask) { - const ovs_be32 value = htonl(cc->ct_mark); - const ovs_be32 mask = htonl(cc->ct_mark_mask); - ofpact_put_set_field(ofpacts, mf_from_id(MFF_CT_MARK), &value, &mask); + if (cc->is_ct_mark_reg) { + struct ofpact_reg_move *move = ofpact_put_REG_MOVE(ofpacts); + + move->src.field = mf_from_id(cc->ct_mark_reg); + move->src.ofs = 0; + move->src.n_bits = 32; + move->dst.field = mf_from_id(MFF_CT_MARK); + move->dst.ofs = 0; + move->dst.n_bits = 32; + } else { + const ovs_be32 value = htonl(cc->ct_mark); + const ovs_be32 mask = htonl(cc->ct_mark_mask); + ofpact_put_set_field(ofpacts, mf_from_id(MFF_CT_MARK), &value, &mask); + } } if (!ovs_be128_is_zero(cc->ct_label_mask)) { - ofpact_put_set_field(ofpacts, mf_from_id(MFF_CT_LABEL), &cc->ct_label, - &cc->ct_label_mask); + if (cc->is_ct_label_reg) { + struct ofpact_reg_move *move = ofpact_put_REG_MOVE(ofpacts); + + move->src.field = mf_from_id(cc->ct_label_reg); + move->src.ofs = 0; + move->src.n_bits = 128; + move->dst.field = mf_from_id(MFF_CT_LABEL); + move->dst.ofs = 0; + move->dst.n_bits = 128; + } else { + ofpact_put_set_field(ofpacts, mf_from_id(MFF_CT_LABEL), &cc->ct_label, + &cc->ct_label_mask); + } } ofpacts->header = ofpbuf_push_uninit(ofpacts, set_field_offset); diff --git a/ovn/ovn-sb.xml b/ovn/ovn-sb.xml index 4e080ab..4b75ef8 100644 --- a/ovn/ovn-sb.xml +++ b/ovn/ovn-sb.xml @@ -1180,19 +1180,21 @@
ct_commit;
-
ct_commit(ct_mark=value[/mask]);
-
ct_commit(ct_label=value[/mask]);
-
ct_commit(ct_mark=value[/mask], ct_label=value[/mask]);
+
ct_commit(ct_mark=(value[/mask] OR regX));
+
ct_commit(ct_label=(value[/mask] OR xxregX));
+
ct_commit(ct_mark=(value[/mask] OR regX), ct_label=(value[/mask] OR xxregX));

Commit the flow to the connection tracking entry associated with it - by a previous call to ct_next. When - ct_mark=value[/mask] and/or - ct_label=value[/mask] are supplied, + by a previous call to ct_next. When + ct_mark=value[/mask] OR xxregX and/or + ct_label=value[/mask] OR xxregX are supplied, ct_mark and/or ct_label will be set to the - values indicated by value[/mask] on the connection - tracking entry. ct_mark is a 32-bit field. - ct_label is a 128-bit field. The value[/mask] + values indicated by value[/mask] or 32 bit/128 bit registers + on the connection tracking entry. ct_mark is a 32-bit field + and hence will read value only from a 32 bit register (reg0 - reg9). + ct_label is a 128-bit field and hence will read value only + from a 128 bit register (xxreg0 - xxreg1). The value[/mask] should be specified in hex string if more than 64bits are to be used.

diff --git a/tests/ovn.at b/tests/ovn.at index 0199cdc..d2c5187 100644 --- a/tests/ovn.at +++ b/tests/ovn.at @@ -1021,6 +1021,22 @@ ct_commit(ct_label=18446744073709551615); ct_commit(ct_label=18446744073709551616); Decimal constants must be less than 2**64. +ct_commit(ct_label=xxreg1); + formats as ct_commit(ct_label=0); + encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(move:NXM_NX_XXREG1[]->NXM_NX_CT_LABEL[])) + has prereqs ip + +ct_commit(ct_mark=reg1); + formats as ct_commit(ct_mark=0); + encodes as ct(commit,zone=NXM_NX_REG13[0..15],exec(move:NXM_NX_REG1[]->NXM_NX_CT_MARK[])) + has prereqs ip + +ct_commit(ct_label=reg1); + Syntax error at `reg1' input: reg1, not a 128 bit register. + +ct_commit(ct_mark=xxreg1); + Syntax error at `xxreg1' input: xxreg1, not a 32 bit register. + # ct_dnat ct_dnat; encodes as ct(table=19,zone=NXM_NX_REG11[0..15],nat)