From patchwork Fri Apr 21 18:30:21 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Anand Kumar <kumaranand@vmware.com>
X-Patchwork-Id: 753516
Return-Path: <ovs-dev-bounces@openvswitch.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from mail.linuxfoundation.org (mail.linuxfoundation.org
	[140.211.169.12])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 3w8knj0P96z9s2s
	for <incoming@patchwork.ozlabs.org>;
	Sat, 22 Apr 2017 04:30:48 +1000 (AEST)
Received: from mail.linux-foundation.org (localhost [127.0.0.1])
	by mail.linuxfoundation.org (Postfix) with ESMTP id E4985CB6;
	Fri, 21 Apr 2017 18:30:45 +0000 (UTC)
X-Original-To: dev@openvswitch.org
Delivered-To: ovs-dev@mail.linuxfoundation.org
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id D6211C9F
	for <dev@openvswitch.org>; Fri, 21 Apr 2017 18:30:44 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from EX13-EDG-OU-001.vmware.com (ex13-edg-ou-001.vmware.com
	[208.91.0.189])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 4BD3A189
	for <dev@openvswitch.org>; Fri, 21 Apr 2017 18:30:44 +0000 (UTC)
Received: from sc9-mailhost1.vmware.com (10.113.161.71) by
	EX13-EDG-OU-001.vmware.com (10.113.208.155) with Microsoft SMTP
	Server id 15.0.1156.6; Fri, 21 Apr 2017 11:28:59 -0700
Received: from localhost.localdomain (htb-1s-eng-dhcp259.eng.vmware.com
	[10.33.79.3])
	by sc9-mailhost1.vmware.com (Postfix) with ESMTP id 021B0183B5;
	Fri, 21 Apr 2017 11:30:43 -0700 (PDT)
From: Anand Kumar <kumaranand@vmware.com>
To: <dev@openvswitch.org>
Date: Fri, 21 Apr 2017 11:30:21 -0700
Message-ID: <20170421183024.3516-3-kumaranand@vmware.com>
X-Mailer: git-send-email 2.9.3.windows.1
In-Reply-To: <20170421183024.3516-1-kumaranand@vmware.com>
References: <20170421183024.3516-1-kumaranand@vmware.com>
MIME-Version: 1.0
Received-SPF: None (EX13-EDG-OU-001.vmware.com: kumaranand@vmware.com does
	not designate permitted sender hosts)
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_NONE,
	RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
Subject: [ovs-dev] [PATCH v7 2/5] datapath-windows: Added Ipv4 fragments
	support in Conntrack
X-BeenThere: ovs-dev@openvswitch.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <ovs-dev.openvswitch.org>
List-Unsubscribe: <https://mail.openvswitch.org/mailman/options/ovs-dev>,
	<mailto:ovs-dev-request@openvswitch.org?subject=unsubscribe>
List-Archive: <http://mail.openvswitch.org/pipermail/ovs-dev/>
List-Post: <mailto:ovs-dev@openvswitch.org>
List-Help: <mailto:ovs-dev-request@openvswitch.org?subject=help>
List-Subscribe: <https://mail.openvswitch.org/mailman/listinfo/ovs-dev>,
	<mailto:ovs-dev-request@openvswitch.org?subject=subscribe>
Sender: ovs-dev-bounces@openvswitch.org
Errors-To: ovs-dev-bounces@openvswitch.org

This patch adds support for tracking Ipv4 fragments in conntrack module.
Individual fragments are not tracked and are consumed by the
fragmentation/reassembly. Only the reassembled Ipv4 datagram is tracked and
treated as a single ct entry.

Signed-off-by: Anand Kumar <kumaranand@vmware.com>
---
v6->v7: Made changes to use FowardingCtx and initialize forwarding ctx 
		for the reassembled packet
v5->v6: No Change
v4->v5:
	- Removed MRU argument from function declarations as MRU is now retained
	in _OVS_BUFFER_CONTEXT.
v3->v4: No Change
v2->v3:
	- Updated log messages and fixed alignment.
v1->v2: No change
---
 datapath-windows/ovsext/Actions.c   | 21 +++++++++++++++++++--
 datapath-windows/ovsext/Conntrack.c | 23 ++++++++++++++++-------
 2 files changed, 35 insertions(+), 9 deletions(-)

diff --git a/datapath-windows/ovsext/Actions.c b/datapath-windows/ovsext/Actions.c
index 3bd00a7..b5c13c7 100644
--- a/datapath-windows/ovsext/Actions.c
+++ b/datapath-windows/ovsext/Actions.c
@@ -1975,12 +1975,29 @@ OvsDoExecuteActions(POVS_SWITCH_CONTEXT switchContext,
                 }
             }
 
+            PNET_BUFFER_LIST oldNbl = ovsFwdCtx.curNbl;
             status = OvsExecuteConntrackAction(&ovsFwdCtx, key,
                                                (const PNL_ATTR)a);
             if (status != NDIS_STATUS_SUCCESS) {
-                OVS_LOG_ERROR("CT Action failed");
-                dropReason = L"OVS-conntrack action failed";
+                /* Pending NBLs are consumed by Defragmentation. */
+                if (status != NDIS_STATUS_PENDING) {
+                    OVS_LOG_ERROR("CT Action failed");
+                    dropReason = L"OVS-conntrack action failed";
+                }
                 goto dropit;
+            } else if (oldNbl != ovsFwdCtx.curNbl) {
+               /*
+                * OvsIpv4Reassemble consumes the original NBL and creates a
+                * new one and assigns it to the curNbl of ovsFwdCtx.
+                */
+               OvsInitForwardingCtx(&ovsFwdCtx,
+                                    ovsFwdCtx.switchContext,
+                                    ovsFwdCtx.curNbl,
+                                    ovsFwdCtx.srcVportNo,
+                                    ovsFwdCtx.sendFlags,
+                                    NET_BUFFER_LIST_SWITCH_FORWARDING_DETAIL(ovsFwdCtx.curNbl),
+                                    ovsFwdCtx.completionList,
+                                    &ovsFwdCtx.layers, FALSE);
             }
             break;
         }
diff --git a/datapath-windows/ovsext/Conntrack.c b/datapath-windows/ovsext/Conntrack.c
index 8658910..dce0c1b 100644
--- a/datapath-windows/ovsext/Conntrack.c
+++ b/datapath-windows/ovsext/Conntrack.c
@@ -15,6 +15,7 @@
  */
 
 #include "Conntrack.h"
+#include "IpFragment.h"
 #include "Jhash.h"
 #include "PacketParser.h"
 #include "Event.h"
@@ -317,13 +318,20 @@ OvsCtEntryExpired(POVS_CT_ENTRY entry)
 }
 
 static __inline NDIS_STATUS
-OvsDetectCtPacket(OvsFlowKey *key)
+OvsDetectCtPacket(OvsForwardingContext *fwdCtx,
+                  OvsFlowKey *key,
+                  PNET_BUFFER_LIST *newNbl)
 {
     /* Currently we support only Unfragmented TCP packets */
     switch (ntohs(key->l2.dlType)) {
     case ETH_TYPE_IPV4:
         if (key->ipKey.nwFrag != OVS_FRAG_TYPE_NONE) {
-            return NDIS_STATUS_NOT_SUPPORTED;
+            return OvsProcessIpv4Fragment(fwdCtx->switchContext,
+                                          &fwdCtx->curNbl,
+                                          fwdCtx->completionList,
+                                          fwdCtx->fwdDetail->SourcePortId,
+                                          key->tunKey.tunnelId,
+                                          newNbl);
         }
         if (key->ipKey.nwProto == IPPROTO_TCP
             || key->ipKey.nwProto == IPPROTO_UDP
@@ -707,6 +715,7 @@ OvsCtExecute_(PNET_BUFFER_LIST curNbl,
  *---------------------------------------------------------------------------
  * OvsExecuteConntrackAction
  *     Executes Conntrack actions XXX - Add more
+ *     For the Ipv4 fragments, consume the orginal fragment NBL
  *---------------------------------------------------------------------------
  */
 NDIS_STATUS
@@ -723,10 +732,10 @@ OvsExecuteConntrackAction(OvsForwardingContext *fwdCtx,
     PCHAR helper = NULL;
     PNET_BUFFER_LIST curNbl = fwdCtx->curNbl;
     OVS_PACKET_HDR_INFO *layers = &fwdCtx->layers;
-
+    PNET_BUFFER_LIST newNbl = NULL;
     NDIS_STATUS status;
 
-    status = OvsDetectCtPacket(key);
+    status = OvsDetectCtPacket(fwdCtx, key, &newNbl);
     if (status != NDIS_STATUS_SUCCESS) {
         return status;
     }
@@ -765,9 +774,9 @@ OvsExecuteConntrackAction(OvsForwardingContext *fwdCtx,
         /* Force implicitly means commit */
         commit = TRUE;
     }
-
-    status = OvsCtExecute_(curNbl, key, layers, commit, force,
-                           zone, mark, labels, helper);
+    /* If newNbl is not allocated, use the current Nbl*/
+    status = OvsCtExecute_(newNbl != NULL ? newNbl : curNbl, key, layers,
+                           commit, force, zone, mark, labels, helper);
     return status;
 }