subject:"\[ovs\-dev\] \[PATCH branch\-3.2 2\/2\] conntrack\: Fix flush not flushing all elements."

Re: [ovs-dev] [PATCH branch-3.2 2/2] conntrack: Fix flush not flushing all elements.

2024-03-06 Thread 0-day Robot

Bleep bloop.  Greetings 'Simon Horman', I am a robot and I have tried out your 
patch.
Thanks for your contribution.

I encountered some error that I wasn't expecting.  See the details below.


checkpatch:
WARNING: Unexpected sign-offs from developers who are not authors or co-authors 
or committers: Simon Horman 
Lines checked: 141, Warnings: 1, Errors: 0


Please check this out.  If you feel there has been an error, please email 
acon...@redhat.com

Thanks,
0-day Robot
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH branch-3.2 2/2] conntrack: Fix flush not flushing all elements.

2024-03-06 Thread 'Simon Horman'

From: Xavier Simonart 

On netdev datapath, when a ct element was cleaned, the cmap
could be shrinked, potentially causing some elements to be skipped
in the flush iteration.

Fixes: 967bb5c5cd90 ("conntrack: Add rcu support.")
Signed-off-by: Xavier Simonart 
Acked-by: Mike Pattrick 
Signed-off-by: Simon Horman 
---
The test has been updated to avoid using ovs-ofctl compose-packet --bare
which does not exist until OVS v3.3. Instead frames are constructed
using printf.
---
 lib/conntrack.c | 14 
 lib/conntrack.h |  2 +-
 tests/system-traffic.at | 59 +
 3 files changed, 64 insertions(+), 11 deletions(-)

diff --git a/lib/conntrack.c b/lib/conntrack.c
index 47a443fba4db..592bbaa3e149 100644
--- a/lib/conntrack.c
+++ b/lib/conntrack.c
@@ -2632,25 +2632,19 @@ conntrack_dump_start(struct conntrack *ct, struct 
conntrack_dump *dump,
 
 dump->ct = ct;
 *ptot_bkts = 1; /* Need to clean up the callers. */
+dump->cursor = cmap_cursor_start(>conns);
 return 0;
 }
 
 int
 conntrack_dump_next(struct conntrack_dump *dump, struct ct_dpif_entry *entry)
 {
-struct conntrack *ct = dump->ct;
 long long now = time_msec();
 
-for (;;) {
-struct cmap_node *cm_node = cmap_next_position(>conns,
-   >cm_pos);
-if (!cm_node) {
-break;
-}
-struct conn_key_node *keyn;
-struct conn *conn;
+struct conn_key_node *keyn;
+struct conn *conn;
 
-INIT_CONTAINER(keyn, cm_node, cm_node);
+CMAP_CURSOR_FOR_EACH_CONTINUE (keyn, cm_node, >cursor) {
 if (keyn->dir != CT_DIR_FWD) {
 continue;
 }
diff --git a/lib/conntrack.h b/lib/conntrack.h
index 57d5159b61b8..ecf539b736c2 100644
--- a/lib/conntrack.h
+++ b/lib/conntrack.h
@@ -101,8 +101,8 @@ struct conntrack_dump {
 struct conntrack *ct;
 unsigned bucket;
 union {
-struct cmap_position cm_pos;
 struct hmap_position hmap_pos;
+struct cmap_cursor cursor;
 };
 bool filter_zone;
 uint16_t zone;
diff --git a/tests/system-traffic.at b/tests/system-traffic.at
index 3cdc27951449..23404a279972 100644
--- a/tests/system-traffic.at
+++ b/tests/system-traffic.at
@@ -7913,6 +7913,65 @@ AT_CHECK([ovs-pcap client.pcap | grep 
20102000], [0], [dnl
 OVS_TRAFFIC_VSWITCHD_STOP
 AT_CLEANUP
 
+AT_SETUP([conntrack - Flush many conntrack entries by port])
+CHECK_CONNTRACK()
+OVS_TRAFFIC_VSWITCHD_START()
+
+ADD_NAMESPACES(at_ns0, at_ns1)
+
+ADD_VETH(p0, at_ns0, br0, "10.1.1.1/24")
+ADD_VETH(p1, at_ns1, br0, "10.1.1.2/24")
+
+AT_DATA([flows.txt], [dnl
+priority=100,in_port=1,udp,action=ct(zone=1,commit),2
+])
+
+AT_CHECK([ovs-ofctl --bundle add-flows br0 flows.txt])
+
+dnl 20 packets from port 1 and 1 packet from port 2.
+flow_l3="\
+eth_src=50:54:00:00:00:09,eth_dst=50:54:00:00:00:0a,dl_type=0x0800,\
+nw_src=10.1.1.1,nw_dst=10.1.1.2,nw_proto=17,nw_ttl=64,nw_frag=no"
+
+head="5054000a505400090800455c4011648d0a0101010a010102"
+len=72
+base_csum=1366
+tail="000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f\
+  202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f"
+
+dst_port=1
+for src_port in $(seq 1 20); do
+csum=$((base_csum - src_port - dst_port))
+frame=$(printf "%s%04x%04x%04x%04x%s" $head 1 $src_port $len $csum $tail)
+AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 "in_port=1 packet=$frame 
actions=resubmit(,0)"])
+done
+
+src_port=2
+dst_port=1
+csum=$((base_csum - src_port - dst_port))
+frame=$(printf "%s%04x%04x%04x%04x%s" $head $src_port $dst_port $len $csum 
$tail)
+AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 "in_port=1 packet=$frame 
actions=resubmit(,0)"])
+
+: > conntrack
+
+for i in $(seq 1 20); do
+echo 
"udp,orig=(src=10.1.1.1,dst=10.1.1.2,sport=1,dport=${i}),reply=(src=10.1.1.2,dst=10.1.1.1,sport=${i},dport=1),zone=1"
 >> conntrack
+done
+echo 
"udp,orig=(src=10.1.1.1,dst=10.1.1.2,sport=2,dport=1),reply=(src=10.1.1.2,dst=10.1.1.1,sport=1,dport=2),zone=1"
 >> conntrack
+
+sort conntrack > expout
+
+AT_CHECK([ovs-appctl dpctl/dump-conntrack zone=1 | grep -F "src=10.1.1.1," | 
sort ], [0], [expout])
+
+dnl Check that flushing conntrack by port 1 flush all ct for port 1 but keeps 
ct for port 2.
+AT_CHECK([ovs-appctl dpctl/flush-conntrack zone=1 
'ct_nw_proto=17,ct_tp_src=1'])
+AT_CHECK([ovs-appctl dpctl/dump-conntrack zone=1 | grep -F "src=10.1.1.1," | 
sort ], [0], [dnl
+udp,orig=(src=10.1.1.1,dst=10.1.1.2,sport=2,dport=1),reply=(src=10.1.1.2,dst=10.1.1.1,sport=1,dport=2),zone=1
+])
+
+OVS_TRAFFIC_VSWITCHD_STOP
+AT_CLEANUP
+
 AT_BANNER([IGMP])
 
 AT_SETUP([IGMP - flood under normal action])

-- 
2.43.0

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH branch-3.2 2/2] conntrack: Fix flush not flushing all elements.

[ovs-dev] [PATCH branch-3.2 2/2] conntrack: Fix flush not flushing all elements.

2 matches

Site Navigation

Mail list logo

Footer information