Re: [ovs-dev] [PATCH ovn] tests: fixed "ovn-controller port security OF flows"

2023-07-05 Thread Dumitru Ceara 
On 7/4/23 13:33, Xavier Simonart wrote:
> The order of Port Binding key generation is not guaranteed, and
> it might happen that sw0p1 and sw0p2 get different value than
> the hardcoded 1 and 2 (e.g. 2 and 1).
> Get the value from DB instead.
> 
> In addition, move "check_port_sec_offlows" definition
> before it is being used the first time.
> 
> Fixes: 8cab00bdb581 ("ovn-controller: Add OF rules for port security.")
> Signed-off-by: Xavier Simonart 
> ---

Thanks, Xavier!  I applied this to main and backported it to all stable
branches down to 22.06.

Regards,
Dumitru

___
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH ovn] tests: fixed "ovn-controller port security OF flows"

2023-07-04 Thread Xavier Simonart 
The order of Port Binding key generation is not guaranteed, and
it might happen that sw0p1 and sw0p2 get different value than
the hardcoded 1 and 2 (e.g. 2 and 1).
Get the value from DB instead.

In addition, move "check_port_sec_offlows" definition
before it is being used the first time.

Fixes: 8cab00bdb581 ("ovn-controller: Add OF rules for port security.")
Signed-off-by: Xavier Simonart 
---
 tests/ovn.at | 216 +--
 1 file changed, 108 insertions(+), 108 deletions(-)

diff --git a/tests/ovn.at b/tests/ovn.at
index 53fd1c495..bd7eb928f 100644
--- a/tests/ovn.at
+++ b/tests/ovn.at
@@ -34036,6 +34036,14 @@ sw0p2_key=$(printf "%x" $(fetch_column Port_Binding 
tunnel_key logical_port=sw0p
 > hv2_t74_flows.expected
 > hv2_t75_flows.expected
 
+check_port_sec_offlows() {
+hv=$1
+t=$2
+
+as $hv ovs-ofctl dump-flows br-int table=${t} | ofctl_strip_all | sort | 
grep -v NXST_FLOW > ${hv}_t${t}_flows.actual
+AT_CHECK([diff -u ${hv}_t${t}_flows.actual ${hv}_t${t}_flows.expected])
+}
+
 check_port_sec_offlows hv1 73
 check_port_sec_offlows hv1 74
 check_port_sec_offlows hv1 75
@@ -34047,33 +34055,25 @@ check_port_sec_offlows hv2 75
 # Set port security for sw0p1
 check ovn-nbctl --wait=hv lsp-set-port-security sw0p1 "00:00:00:00:00:03"
 
-check_port_sec_offlows() {
-hv=$1
-t=$2
-
-as $hv ovs-ofctl dump-flows br-int table=${t} | ofctl_strip_all | sort | 
grep -v NXST_FLOW > ${hv}_t${t}_flows.actual
-AT_CHECK([diff -u ${hv}_t${t}_flows.actual ${hv}_t${t}_flows.expected])
-}
-
 echo " table=73, priority=80,reg14=0x$sw0p1_key,metadata=0x$sw0_dp_key 
actions=load:0x1->NXM_NX_REG10[[12]]
  table=73, 
priority=90,reg14=0x$sw0p1_key,metadata=0x$sw0_dp_key,dl_src=00:00:00:00:00:03 
actions=resubmit(,74)
- table=73, priority=95,arp,reg14=0x1,metadata=0x$sw0_dp_key 
actions=resubmit(,74)" > hv1_t73_flows.expected
+ table=73, priority=95,arp,reg14=0x$sw0p1_key,metadata=0x$sw0_dp_key 
actions=resubmit(,74)" > hv1_t73_flows.expected
 
 check_port_sec_offlows hv1 73
 
-echo " table=74, priority=80,arp,reg14=0x1,metadata=0x1 
actions=load:0x1->NXM_NX_REG10[[12]]
- table=74, priority=80,icmp6,reg14=0x1,metadata=0x1,nw_ttl=255,icmp_type=135 
actions=load:0->NXM_NX_REG10[[12]]
- table=74, priority=80,icmp6,reg14=0x1,metadata=0x1,nw_ttl=255,icmp_type=136 
actions=load:0x1->NXM_NX_REG10[[12]]
- table=74, 
priority=90,arp,reg14=0x1,metadata=0x1,dl_src=00:00:00:00:00:03,arp_sha=00:00:00:00:00:03
 actions=load:0->NXM_NX_REG10[[12]]
- table=74, 
priority=90,icmp6,reg14=0x1,metadata=0x1,nw_ttl=225,icmp_type=135,icmp_code=0,nd_sll=00:00:00:00:00:00
 actions=load:0->NXM_NX_REG10[[12]]
- table=74, 
priority=90,icmp6,reg14=0x1,metadata=0x1,nw_ttl=225,icmp_type=135,icmp_code=0,nd_sll=00:00:00:00:00:03
 actions=load:0->NXM_NX_REG10[[12]]
- table=74, 
priority=90,icmp6,reg14=0x1,metadata=0x1,nw_ttl=225,icmp_type=136,icmp_code=0,nd_tll=00:00:00:00:00:00
 actions=load:0->NXM_NX_REG10[[12]]
- table=74, 
priority=90,icmp6,reg14=0x1,metadata=0x1,nw_ttl=225,icmp_type=136,icmp_code=0,nd_tll=00:00:00:00:00:03
 actions=load:0->NXM_NX_REG10[[12]]" > hv1_t74_flows.expected
+echo " table=74, priority=80,arp,reg14=0x$sw0p1_key,metadata=0x1 
actions=load:0x1->NXM_NX_REG10[[12]]
+ table=74, 
priority=80,icmp6,reg14=0x$sw0p1_key,metadata=0x1,nw_ttl=255,icmp_type=135 
actions=load:0->NXM_NX_REG10[[12]]
+ table=74, 
priority=80,icmp6,reg14=0x$sw0p1_key,metadata=0x1,nw_ttl=255,icmp_type=136 
actions=load:0x1->NXM_NX_REG10[[12]]
+ table=74, 
priority=90,arp,reg14=0x$sw0p1_key,metadata=0x1,dl_src=00:00:00:00:00:03,arp_sha=00:00:00:00:00:03
 actions=load:0->NXM_NX_REG10[[12]]
+ table=74, 
priority=90,icmp6,reg14=0x$sw0p1_key,metadata=0x1,nw_ttl=225,icmp_type=135,icmp_code=0,nd_sll=00:00:00:00:00:00
 actions=load:0->NXM_NX_REG10[[12]]
+ table=74, 
priority=90,icmp6,reg14=0x$sw0p1_key,metadata=0x1,nw_ttl=225,icmp_type=135,icmp_code=0,nd_sll=00:00:00:00:00:03
 actions=load:0->NXM_NX_REG10[[12]]
+ table=74, 
priority=90,icmp6,reg14=0x$sw0p1_key,metadata=0x1,nw_ttl=225,icmp_type=136,icmp_code=0,nd_tll=00:00:00:00:00:00
 actions=load:0->NXM_NX_REG10[[12]]
+ table=74, 
priority=90,icmp6,reg14=0x$sw0p1_key,metadata=0x1,nw_ttl=225,icmp_type=136,icmp_code=0,nd_tll=00:00:00:00:00:03
 actions=load:0->NXM_NX_REG10[[12]]" > hv1_t74_flows.expected
 
 check_port_sec_offlows hv1 74
 
-echo " table=75, priority=80,reg15=0x1,metadata=0x1 
actions=load:0x1->NXM_NX_REG10[[12]]
- table=75, priority=85,reg15=0x1,metadata=0x1,dl_dst=00:00:00:00:00:03 
actions=load:0->NXM_NX_REG10[[12]]" > hv1_t75_flows.expected
+echo " table=75, priority=80,reg15=0x$sw0p1_key,metadata=0x1 
actions=load:0x1->NXM_NX_REG10[[12]]
+ table=75, 
priority=85,reg15=0x$sw0p1_key,metadata=0x1,dl_dst=00:00:00:00:00:03 
actions=load:0->NXM_NX_REG10[[12]]" > hv1_t75_flows.expected
 
 check_port_sec_offlows hv1 75
 
@@ -34088,42 +34088,42 @@ check_port_sec_offlows hv2 75
 # Add IPv4 addresses to sw0p1
 check ovn-nbctl --wait=hv lsp-set-port-secu