On Wed, Jan 29, 2025 at 9:20 AM Frode Nordahl <[email protected]> wrote:
>
> When a route has no gateway/next hop IP address, the next hop
> register is set to ipN.dst.
>
> The commit in the fixes tag introduced a logic bug where it would
> be possible to produce logical flows where a 32-bit IPv4 address
> would be attempted stored in a 128-bit register and vice versa,
> producing errors like:
>
>     lflow|WARN|error parsing actions "ip.ttl--; reg8[0..15] = 0; \
>     xxreg0 = ip4.dst; xxreg1 = fe80::d3:79ff:fefb:688f; \
>     eth.src = 02:d3:79:fb:68:8f; \
>     outport = "lrp-XXX"; flags.loopback = 1; reg9[9] = 0; next;": \
>     Can't assign 32-bit value to 128-bit destination.
>
> Cc: Felix Huettner <[email protected]>
> Cc: Martin Kalcok <[email protected]>
> Fixes: 559924291c7f ("northd: Handle routing for other address families.")
> Signed-off-by: Frode Nordahl <[email protected]>
> ---

Recheck-request: github-robot-_ovn-kubernetes

>  northd/northd.c     | 10 +++++++---
>  tests/ovn-northd.at | 10 ++++++++++
>  2 files changed, 17 insertions(+), 3 deletions(-)
>
> diff --git a/northd/northd.c b/northd/northd.c
> index 74a33a432..47137a580 100644
> --- a/northd/northd.c
> +++ b/northd/northd.c
> @@ -11922,12 +11922,16 @@ add_route(struct lflow_table *lflows, struct 
> ovn_datapath *od,
>      if (is_discard_route) {
>          ds_put_cstr(&actions, debug_drop_action());
>      } else {
> -        ds_put_format(&common_actions, REG_ECMP_GROUP_ID" = 0; %s = ",
> -                      is_ipv4_nexthop ? REG_NEXT_HOP_IPV4 : 
> REG_NEXT_HOP_IPV6);
> +        ds_put_format(&common_actions, REG_ECMP_GROUP_ID" = 0; ");
>          if (gateway) {
> +            ds_put_format(&common_actions, "%s = ",
> +                          is_ipv4_nexthop ? REG_NEXT_HOP_IPV4 :
> +                                            REG_NEXT_HOP_IPV6);
>              ipv6_format_mapped(gateway, &common_actions);
>          } else {
> -            ds_put_format(&common_actions, "ip%s.dst",
> +            ds_put_format(&common_actions, "%s = ip%s.dst",
> +                          is_ipv4_prefix ? REG_NEXT_HOP_IPV4 :
> +                                           REG_NEXT_HOP_IPV6,
>                            is_ipv4_prefix ? "4" : "6");
>          }
>          ds_put_format(&common_actions, "; "
> diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at
> index c157b00da..34330e4b6 100644
> --- a/tests/ovn-northd.at
> +++ b/tests/ovn-northd.at
> @@ -5209,6 +5209,16 @@ check_lflows() {
>      ro2_arp_resolve=$(grep lr_in_arp_resolve <<< "$ro2_flows")
>      match=$(grep -c 'match=(outport == "ro2-sw" && reg0 == {10.0.0.100})' 
> <<< "$ro2_arp_resolve")
>      AT_CHECK([test "$expected" = "$match"])
> +
> +    ro3_flows=$(ovn-sbctl lflow-list ro3)
> +    ro3_ip_routing=$(grep lr_in_ip_routing <<< "$ro3_flows")
> +    match=$(grep -c "match=(ip4.dst == 10.0.0.100/32).*; reg0 = ip4.dst" \
> +        <<< "$ro3_ip_routing")
> +    AT_CHECK([test "$expected" = "$match"])
> +
> +    match=$(grep -c "match=(ip4.dst == 20.0.0.100/32).*; reg0 = ip4.dst" \
> +        <<< "$ro3_ip_routing")
> +    AT_CHECK([test "$expected" = "$match"])
>  }
>
>  ovn_start
> --
> 2.43.0
>
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Reply via email to