[ovs-dev] [PATCH v2] odp-util: Fix a null pointer dereference in odp_flow_format()

This patch fixes (dereference after null check) coverity issue. For this reason, we should add null check of 'mask' before calling nl_attr_find__() because the 'mask' maybe null. Addresses-Coverity: ("Dereference after null check") Fixes: e6cc0babc25d ("ovs-dpctl: Add mega flow support") Signed-of

Re: [ovs-dev] [PATCH v2] ovs-ctl: Allow recording hostname separately

On Tue, Aug 31, 2021 at 8:28 PM aginwala wrote: > > > > On Tue, Aug 31, 2021 at 11:20 AM Frode Nordahl > wrote: >> >> On Tue, Aug 31, 2021 at 8:01 PM aginwala wrote: >> > >> > Hi: >> > >> > Thanks for this improvement. As per our recent tests with ovs 2.16 with >> > 5.4* linux, the problem is

[ovs-dev] [PATCH 2/2] conntrack: limit port clash resolution attempts

From: wenxu In case almost or all available ports are taken, clash resolution can take a very long time, resulting in soft lockup. This can happen when many to-be-natted hosts connect to same destination:port (e.g. a proxy) and all connections pass the same SNAT. Pick a random offset in the acc

[ovs-dev] [PATCH 1/2] conntrack: restore the origin port for each round with new address

From: wenxu It is better to choose the origin select port as current port for each port search round with new address. Signed-off-by: wenxu --- lib/conntrack.c | 11 +++ 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/lib/conntrack.c b/lib/conntrack.c index 551c206..2d142

Re: [ovs-dev] [PATCH] odp-util: Fix a null pointer dereference

> -Original Message- > From: Aaron Conole [mailto:acon...@redhat.com] > Sent: Wednesday, September 1, 2021 3:21 AM > To: wangyunjian > Cc: d...@openvswitch.org; i.maxim...@ovn.org; dingxiaoxiong > > Subject: Re: [ovs-dev] [PATCH] odp-util: Fix a null pointer dereference > > w00273186 wr

Re: [ovs-dev] [PATCH v2] conntrack: fix src port selection for DNAT case

Got it Thanks. From: Paolo Valerio Date: 2021-08-31 22:25:10 To: we...@ucloud.cn,i.maxim...@ovn.org Cc: d...@openvswitch.org,"dce...@redhat.com" Subject: Re: [PATCH v2] conntrack: fix src port selection for DNAT case>Hello, > >we...@ucloud.cn writes: > >> From: wenxu >> >> For DNAT case

Re: [ovs-dev] [PATCH ovn 2/3] northd: support for RouteTables in LRs

On Tue, Aug 31, 2021 at 7:39 AM Numan Siddique wrote: > > On Tue, Aug 31, 2021 at 9:57 AM Odintsov Vladislav wrote: > > > > > > > > Regards, > > Vladislav Odintsov > > > > On 31 Aug 2021, at 16:51, Numan Siddique > wrote: > > > > On Tue, Aug 31, 2021 at 9:35 AM Odintsov Vladislav mailto:vlodint..

Re: [ovs-dev] [PATCH] AUTHORS: Update Simon Horman

On 8/23/21 10:40 AM, Simon Horman wrote: > Some of Netronome's activities and people have moved over to Corigine, > including OVS development and myself. > > Signed-off-by: Simon Horman > Signed-off-by: Louis Peens > --- Looks like this patch waits for formal review. Here it goes: Acked-by: I

Re: [ovs-dev] [PATCH v2 0/3] ovsdb: Reduce memory and CPU consumption by serializing json objects.

On 8/30/21 12:54 PM, Dumitru Ceara wrote: > On 8/24/21 9:00 PM, Ilya Maximets wrote: >> In short, database snapshot stored inside the raft module is >> a huge json object. E.g. in ovn-heater scale tests with 270 MB >> on-disk Southbound DB, json object of a snapshot takes 1.6 GB of >> RAM out of t

Re: [ovs-dev] [PATCH] odp-util: Fix a null pointer dereference

w00273186 writes: > From: Yunjian Wang > > This patch fixes (dereference after null check) coverity issue. > For this reason, we should add null check of 'mask' before calling > nl_attr_find__() because the 'mask' maybe null. > > Addresses-Coverity: ("Dereference after null check") > Fixes: e6cc

Re: [ovs-dev] [PATCH] ovs-actions: Convert man page from xml to rST.

On 8/9/21 9:07 AM, Roi Dayan wrote: > > > On 2021-08-07 2:54 AM, Ilya Maximets wrote: >> This way it's easier to show it on a website as it will be updated >> automatically along with the rest of the documentation. >> >> Sphinx doesn't render everything perfectly, but it looks good enough >> in b

Re: [ovs-dev] [PATCH] odp-util: Fix a null pointer dereference in odp_nsh_key_from_attr__()

Yunjian Wang writes: > This patch fixes (dereference after null check) coverity issue. > We should add null check of 'nsh_mask' to avoid passing NULL pointer > to memcpy() because the 'nsh_mask' maybe null. > > Addresses-Coverity: ("Dereference after null check") > Fixes: 81fdabb94dd7 ("nsh: fix

Re: [ovs-dev] [PATCH] json: Optimize string serialization.

On 8/24/21 11:07 PM, Ilya Maximets wrote: > Current string serialization code puts all characters one by one. > This is slow because dynamic string needs to perform length checks > on every ds_put_char() and it's also doesn't allow compiler to use > better memory copy operations, i.e. doesn't allow

Re: [ovs-dev] [PATCH] json: Optimize string serialization.

On 8/30/21 10:06 PM, Ben Pfaff wrote: > On Tue, Aug 24, 2021 at 11:07:22PM +0200, Ilya Maximets wrote: >> +count = 0; >> +start = string; >> while ((c = *string++) != '\0') { >> -escape = chars_escaping[c]; >> -while ((c2 = *escape++) != '\0') { >> -ds_put_c

Re: [ovs-dev] [PATCH v2] ovs-ctl: Allow recording hostname separately

On Tue, Aug 31, 2021 at 11:20 AM Frode Nordahl wrote: > On Tue, Aug 31, 2021 at 8:01 PM aginwala wrote: > > > > Hi: > > > > Thanks for this improvement. As per our recent tests with ovs 2.16 with > 5.4* linux, the problem is that ovs-vswitchd adds ovs-record-hostname as > required in the systemc

Re: [ovs-dev] [PATCH v2] ovs-ctl: Allow recording hostname separately

On Tue, Aug 31, 2021 at 8:01 PM aginwala wrote: > > Hi: > > Thanks for this improvement. As per our recent tests with ovs 2.16 with 5.4* > linux, the problem is that ovs-vswitchd adds ovs-record-hostname as required > in the systemctl params. > Because of that debian installation of ovs always c

Re: [ovs-dev] [PATCH v2] ovs-ctl: Allow recording hostname separately

Hi: Thanks for this improvement. As per our recent tests with ovs 2.16 with 5.4* linux, the problem is that ovs-vswitchd adds ovs-record-hostname as required in the systemctl params. Because of that debian installation of ovs always complaints Setting up openvswitch-switch (2.16.0-1) ... insserv:

Re: [ovs-dev] [PATCH v2 1/3] json: Add support for partially serialized json objects.

On 8/31/21 2:26 AM, Han Zhou wrote: > > > On Tue, Aug 24, 2021 at 12:00 PM Ilya Maximets > wrote: >> >> Introducing a new json type JSON_SERIALIZED_OBJECT.  It's not an >> actual type that can be seen in a json message on a wire, but >> internal type that is intended t

Re: [ovs-dev] [PATCH v2 2/3] raft: Don't keep full json objects in memory if no longer needed.

On Tue, Aug 31, 2021 at 9:12 AM Ilya Maximets wrote: > > On 8/31/21 2:18 AM, Han Zhou wrote: > > > > > > On Tue, Aug 24, 2021 at 12:00 PM Ilya Maximets mailto:i.maxim...@ovn.org>> wrote: > >> > >> Raft log entries (and raft database snapshot) contains json objects > >> of the data. Follower recei

Re: [ovs-dev] [PATCH] json: Optimize string serialization.

On 8/26/21 4:31 AM, Numan Siddique wrote: > On Tue, Aug 24, 2021 at 5:07 PM Ilya Maximets wrote: >> >> Current string serialization code puts all characters one by one. >> This is slow because dynamic string needs to perform length checks >> on every ds_put_char() and it's also doesn't allow compi

Re: [ovs-dev] [PATCH v2 2/3] raft: Don't keep full json objects in memory if no longer needed.

On 8/30/21 12:53 PM, Dumitru Ceara wrote: > On 8/24/21 9:00 PM, Ilya Maximets wrote: >> Raft log entries (and raft database snapshot) contains json objects >> of the data. Follower receives append requests with data that gets >> parsed and added to the raft log. Leader receives execution requests

Re: [ovs-dev] [PATCH v2 2/3] raft: Don't keep full json objects in memory if no longer needed.

On 8/31/21 2:18 AM, Han Zhou wrote: > > > On Tue, Aug 24, 2021 at 12:00 PM Ilya Maximets > wrote: >> >> Raft log entries (and raft database snapshot) contains json objects >> of the data.  Follower receives append requests with data that gets >> parsed and added to the

Re: [ovs-dev] [PATCH ovn 0/2] northd: Split northd

On Mon, Aug 30, 2021 at 3:46 PM Mark Gray wrote: > > On 30/08/2021 20:27, Mark Michelson wrote: > > On 8/30/21 6:14 AM, Mark Gray wrote: > >> On 27/08/2021 18:56, Mark Michelson wrote: > >>> Hi Mark, > >>> > >>> I had a look at this series, but I'm not 100% sure what the intent is. > >>> In patch

Re: [ovs-dev] [PATCH v2 ovn] Suppress LOCAL_ONLY traffic for localnet ports

On Tue, Aug 24, 2021 at 7:27 PM Ihar Hrachyshka wrote: > > When a router port is attached to a localnet switch, sending periodic > RAs through localnet port will confuse upstream router by leaking > conflicting router advertisements into datacenter network. > > This patch blocks all LOCAL_ONLY mar

Re: [ovs-dev] [PATCH ovn 2/2] ovn-northd: Don't check datapath groups in full if not needed.

On Tue, Aug 31, 2021 at 9:41 AM Dumitru Ceara wrote: > > On 8/27/21 9:17 PM, Ilya Maximets wrote: > > The '/* Push changes to the Logical_Flow table to database. */' loop > > reads all the datapaths from the datapath group and checks them even > > if it's not required. > > > > To check that flow h

Re: [ovs-dev] [PATCH ovn 2/3] northd: support for RouteTables in LRs

On Tue, Aug 31, 2021 at 9:57 AM Odintsov Vladislav wrote: > > > > Regards, > Vladislav Odintsov > > On 31 Aug 2021, at 16:51, Numan Siddique > mailto:num...@ovn.org>> wrote: > > On Tue, Aug 31, 2021 at 9:35 AM Odintsov Vladislav > mailto:vlodint...@croc.ru>> wrote: > > > > Regards, > Vladislav O

Re: [ovs-dev] [PATCH v2] conntrack: fix src port selection for DNAT case

Hello, we...@ucloud.cn writes: > From: wenxu > > For DNAT case the src port should never modified. > > Fixes: 61e48c2d1db2 ("conntrack: Handle SNAT with all-zero IP address") > Signed-off-by: wenxu > --- > lib/conntrack.c | 6 -- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff -

Re: [ovs-dev] [PATCH ovn 2/3] northd: support for RouteTables in LRs

Regards, Vladislav Odintsov On 31 Aug 2021, at 16:51, Numan Siddique mailto:num...@ovn.org>> wrote: On Tue, Aug 31, 2021 at 9:35 AM Odintsov Vladislav mailto:vlodint...@croc.ru>> wrote: Regards, Vladislav Odintsov On 31 Aug 2021, at 15:36, Numan Siddique mailto:num...@ovn.org>

Re: [ovs-dev] [PATCH ovn 2/3] northd: support for RouteTables in LRs

On Tue, Aug 31, 2021 at 9:35 AM Odintsov Vladislav wrote: > > > > Regards, > Vladislav Odintsov > > On 31 Aug 2021, at 15:36, Numan Siddique > mailto:num...@ovn.org>> wrote: > > On Tue, Aug 31, 2021 at 7:50 AM Odintsov Vladislav > mailto:vlodint...@croc.ru>> wrote: > > One more addition for the

Re: [ovs-dev] [PATCH ovn 2/2] ovn-northd: Don't check datapath groups in full if not needed.

On 8/27/21 9:17 PM, Ilya Maximets wrote: > The '/* Push changes to the Logical_Flow table to database. */' loop > reads all the datapaths from the datapath group and checks them even > if it's not required. > > To check that flow has at least one valid datapath, we need to find > one valid datapat

Re: [ovs-dev] [PATCH ovn 1/2] ovn-northd: Avoid creation of identical datapath groups.

On 8/27/21 9:17 PM, Ilya Maximets wrote: > Currently, in a case where datapath groups doesn't need to be changed, > but a new flow should be added, northd will create a new identical > datapath group for a new flow. It happens because we're not looking > for suitable group in Southbound database,

Re: [ovs-dev] [PATCH ovn 2/3] northd: support for RouteTables in LRs

Regards, Vladislav Odintsov On 31 Aug 2021, at 15:36, Numan Siddique mailto:num...@ovn.org>> wrote: On Tue, Aug 31, 2021 at 7:50 AM Odintsov Vladislav mailto:vlodint...@croc.ru>> wrote: One more addition for the ID usage: In ovn-ic code I gust copy route_table value from NB to IC SB:Route a

Re: [ovs-dev] [PATCH ovn 2/3] northd: support for RouteTables in LRs

On Tue, Aug 31, 2021 at 7:50 AM Odintsov Vladislav wrote: > > One more addition for the ID usage: > > In ovn-ic code I gust copy route_table value from NB to IC SB:Route and then > to NB on the other AZ. > If we supply inport for the route, how should this route be learned to > another AZ? It se

Re: [ovs-dev] [PATCH ovn 2/3] northd: support for RouteTables in LRs

One more addition for the ID usage: In ovn-ic code I gust copy route_table value from NB to IC SB:Route and then to NB on the other AZ. If we supply inport for the route, how should this route be learned to another AZ? It seems to me that to have an abstract identifier (route_table name) is a g

[ovs-dev] [PATCH] odp-util: Fix a null pointer dereference in odp_nsh_key_from_attr__()

This patch fixes (dereference after null check) coverity issue. We should add null check of 'nsh_mask' to avoid passing NULL pointer to memcpy() because the 'nsh_mask' maybe null. Addresses-Coverity: ("Dereference after null check") Fixes: 81fdabb94dd7 ("nsh: fix nested mask for OVS_KEY_ATTR_NSH")

Re: [ovs-dev] [PATCH ovn 2/3] northd: support for RouteTables in LRs

On Mon, Aug 30, 2021 at 11:48 PM Odintsov Vladislav wrote: > > Hi Han, > > Using Router Policies for the purpose of routing makes impossible to use filtering on the LR level (using Router Policies, not ACLs), because in that case routing flows and filter flows would be in the same lr stage. > We o