date:20180127

[ovs-dev] [PATCH] rhel: Fix support for root user using DPDK

2018-01-27 Thread Marcos Felipe Schwarz

Since 2.8.0 OVS runs as non-root user on rhel distros, but the current
implementation breaks the ability to run as root with DPDK and as a
consequence there is no way possible to use UIO drivers on kernel 4.0 and
newer [1, 2].
[1]
http://dpdk.org/browse/dpdk/commit/?id=cdc242f260e766bd95a658b5e0686a62ec04f5b0
[2] https://www.kernel.org/doc/Documentation/vm/pagemap.txt

Signed-off-by: Marcos Schwarz 
---
 lib/daemon-unix.c   | 3 ++-
 rhel/usr_lib_systemd_system_ovs-vswitchd.service.in | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/lib/daemon-unix.c b/lib/daemon-unix.c
index adb549c98..06528e9ab 100644
--- a/lib/daemon-unix.c
+++ b/lib/daemon-unix.c
@@ -1047,5 +1047,6 @@ daemon_set_new_user(const char *user_spec)
 }
 }

-switch_user = true;
+if (!uid_verify(uid) || !gid_verify(gid))
+switch_user = true;
 }
diff --git a/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in b/rhel/
usr_lib_systemd_system_ovs-vswitchd.service.in
index c6d9aa1b8..9b01c9271 100644
--- a/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in
+++ b/rhel/usr_lib_systemd_system_ovs-vswitchd.service.in
@@ -14,7 +14,7 @@ Environment=HOME=/var/run/openvswitch
 EnvironmentFile=/etc/openvswitch/default.conf
 EnvironmentFile=-/etc/sysconfig/openvswitch
 @begin_dpdk@
-ExecStartPre=-/usr/bin/chown :hugetlbfs /dev/hugepages
+ExecStartPre=-/bin/sh -c '/usr/bin/chown :${OVS_USER_ID##*:}
/dev/hugepages'
 ExecStartPre=-/usr/bin/chmod 0775 /dev/hugepages
 @end_dpdk@
 ExecStart=/usr/share/openvswitch/scripts/ovs-ctl \
--
2.14.3
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] Proposal

2018-01-27 Thread Ms.Yael Ronen

I have a confidential deal for you, please contact me for more details via this 
email immediately.


God Bless,
Ms.Yael Ronen

  

-- 
Este mensaje ha sido analizado por MailScanner
en busca de virus y otros contenidos peligrosos,
y se considera que est� limpio.


___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] OVS DPDK: dpdk_merge pull request for master

2018-01-27 Thread Ben Pfaff

Thanks for all the pull requests.  I merged all of these into their
respective branches.
___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

Re: [ovs-dev] [PATCH v2 2/2] ovs-ofctl: Add "compose-packet" command for testing flow_compose().

2018-01-27 Thread Ben Pfaff

Thanks a lot for the review and for the fix to the comment.  I folded in
that fix and applied these patches to master.

On Fri, Jan 26, 2018 at 04:41:58PM -0800, Yifeng Sun wrote:
> Thanks for the patch. Tested and looks good to me.
> 
> I feel it may be a little better if the comment is changed like below:
> 
> - * can do something like "ovs-ofctl compose-packet udp | tcpdump -
> -r-" to
> + * can do something like "ovs-ofctl compose-packet udp --pcap | tcpdump
> - -r-" to
> 
> 
> Tested-by: Yifeng Sun 
> 
> Reviewed-by: Yifeng Sun 
> 
> On Fri, Jan 26, 2018 at 3:03 PM, Ben Pfaff  wrote:
> 
> > I don't feel obligated to add a bunch of automatic tests for
> > flow_compose(), but this is handy for manual testing or for simple packet
> > generation.
> >
> > Signed-off-by: Ben Pfaff 
> > ---
> >  utilities/ovs-ofctl.c | 72 ++
> > +
> >  1 file changed, 72 insertions(+)
> >
> > diff --git a/utilities/ovs-ofctl.c b/utilities/ovs-ofctl.c
> > index 953184da4d19..94bd9abd6dc1 100644
> > --- a/utilities/ovs-ofctl.c
> > +++ b/utilities/ovs-ofctl.c
> > @@ -138,6 +138,9 @@ static bool should_show_ports(void);
> >  /* --stats, --no-stats: Show statistics in flow dumps? */
> >  static int show_stats = 1;
> >
> > +/* --pcap: Makes "compose-packet" print a pcap on stdout. */
> > +static int print_pcap = 0;
> > +
> >  static const struct ovs_cmdl_command *get_all_commands(void);
> >
> >  OVS_NO_RETURN static void usage(void);
> > @@ -223,6 +226,7 @@ parse_options(int argc, char *argv[])
> >  {"bundle", no_argument, NULL, OPT_BUNDLE},
> >  {"color", optional_argument, NULL, OPT_COLOR},
> >  {"may-create", no_argument, NULL, OPT_MAY_CREATE},
> > +{"pcap", no_argument, _pcap, 1},
> >  {"read-only", no_argument, NULL, OPT_READ_ONLY},
> >  DAEMON_LONG_OPTIONS,
> >  OFP_VERSION_LONG_OPTIONS,
> > @@ -4492,6 +4496,73 @@ ofctl_parse_key_value(struct ovs_cmdl_context *ctx)
> >  }
> >  }
> >
> > +/* "compose-packet [--pcap] FLOW [L7]": Converts the OpenFlow flow
> > + * specification FLOW to a packet with flow_compose() and prints the hex
> > bytes
> > + * in the packet on stdout.  Also verifies that the flow extracted from
> > that
> > + * packet matches the original FLOW.
> > + *
> > + * With --pcap, prints the packet to stdout instead as a pcap file, so
> > that you
> > + * can do something like "ovs-ofctl compose-packet udp | tcpdump -
> > -r-" to
> > + * use another tool to dump the packet contents.
> > + *
> > + * If L7 is specified, draws the L7 payload data from it, otherwise
> > defaults to
> > + * 64 bytes of payload. */
> > +static void
> > +ofctl_compose_packet(struct ovs_cmdl_context *ctx)
> > +{
> > +if (print_pcap && isatty(STDOUT_FILENO)) {
> > +ovs_fatal(1, "not writing pcap data to stdout; redirect to a file
> > "
> > +  "or pipe to tcpdump instead");
> > +}
> > +
> > +struct flow flow1;
> > +char *error = parse_ofp_exact_flow(, NULL, NULL, ctx->argv[1],
> > NULL);
> > +if (error) {
> > +ovs_fatal(0, "%s", error);
> > +}
> > +
> > +struct dp_packet p;
> > +memset(, 0, sizeof p);
> > +dp_packet_init(, 0);
> > +
> > +void *l7 = NULL;
> > +size_t l7_len = 64;
> > +if (ctx->argc > 2) {
> > +struct dp_packet payload;
> > +memset(, 0, sizeof payload);
> > +dp_packet_init(, 0);
> > +if (dp_packet_put_hex(, ctx->argv[2], NULL)[0] != '\0') {
> > +ovs_fatal(0, "%s: trailing garbage in packet data",
> > ctx->argv[2]);
> > +}
> > +l7_len = dp_packet_size();
> > +l7 = dp_packet_steal_data();
> > +}
> > +flow_compose(, , l7, l7_len);
> > +free(l7);
> > +
> > +if (print_pcap) {
> > +ovs_pcap_write_header(stdout);
> > +ovs_pcap_write(stdout, );
> > +} else {
> > +ovs_hex_dump(stdout, dp_packet_data(), dp_packet_size(), 0,
> > false);
> > +}
> > +
> > +struct flow flow2;
> > +flow_extract(, );
> > +flow2.in_port.ofp_port = OFPP_ANY;
> > +
> > +dp_packet_uninit();
> > +
> > +if (!flow_equal(, )) {
> > +fprintf(stderr, "specified and extracted flows differ:\n");
> > +fputs("specified: ", stderr);
> > +flow_print(stderr, , NULL);
> > +fputs("\nextracted: ", stderr);
> > +flow_print(stderr, , NULL);
> > +exit(1);
> > +}
> > +}
> > +
> >  static const struct ovs_cmdl_command all_commands[] = {
> >  { "show", "switch",
> >1, 1, ofctl_show, OVS_RO },
> > @@ -4625,6 +4696,7 @@ static const struct ovs_cmdl_command all_commands[]
> > = {
> >  { "ofp-print", NULL, 1, 2, ofctl_ofp_print, OVS_RW },
> >  { "encode-hello", NULL, 1, 1, ofctl_encode_hello, OVS_RW },
> >  { "parse-key-value", NULL, 1, INT_MAX, ofctl_parse_key_value, OVS_RW
> > },
> > +{

[ovs-dev] [PATCH] rhel: Fix support for root user using DPDK

[ovs-dev] Proposal

Re: [ovs-dev] OVS DPDK: dpdk_merge pull request for master

Re: [ovs-dev] [PATCH v2 2/2] ovs-ofctl: Add "compose-packet" command for testing flow_compose().

4 matches

Site Navigation

Mail list logo

Footer information