diff --git a/backport-dpif-netlink-avoid-netlink-modify-flow-put-op-failed-after-tc-modify-flow-put-op-failed.patch b/backport-dpif-netlink-avoid-netlink-modify-flow-put-op-failed-after-tc-modify-flow-put-op-failed.patch new file mode 100644 index 0000000000000000000000000000000000000000..8c803ed37406bfec5e2cec900b4e65f8d96a0ee4 --- /dev/null +++ b/backport-dpif-netlink-avoid-netlink-modify-flow-put-op-failed-after-tc-modify-flow-put-op-failed.patch @@ -0,0 +1,160 @@ +From patchwork Sat Mar 21 06:54:21 2020 +Content-Type: text/plain; charset="utf-8" +MIME-Version: 1.0 +Content-Transfer-Encoding: 7bit +X-Patchwork-Submitter: wenxu +X-Patchwork-Id: 1259295 +Return-Path: +X-Original-To: incoming@patchwork.ozlabs.org +Delivered-To: patchwork-incoming@bilbo.ozlabs.org +Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) + smtp.mailfrom=openvswitch.org (client-ip=140.211.166.133; + helo=hemlock.osuosl.org; + envelope-from=ovs-dev-bounces@openvswitch.org; + receiver=) +Authentication-Results: ozlabs.org; + dmarc=fail (p=none dis=none) header.from=ucloud.cn +Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) + (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 + bits)) (No client certificate requested) + by ozlabs.org (Postfix) with ESMTPS id 48krwp45Rqz9sPR + for ; + Sat, 21 Mar 2020 17:54:34 +1100 (AEDT) +Received: from localhost (localhost [127.0.0.1]) + by hemlock.osuosl.org (Postfix) with ESMTP id 1829489424; + Sat, 21 Mar 2020 06:54:33 +0000 (UTC) +X-Virus-Scanned: amavisd-new at osuosl.org +Received: from hemlock.osuosl.org ([127.0.0.1]) + by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id 3JodhcswCEYy; Sat, 21 Mar 2020 06:54:31 +0000 (UTC) +Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) + by hemlock.osuosl.org (Postfix) with ESMTP id 9C17E89383; + Sat, 21 Mar 2020 06:54:31 +0000 (UTC) +Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) + by lists.linuxfoundation.org (Postfix) with ESMTP id 8470EC089F; + Sat, 21 Mar 2020 06:54:31 +0000 (UTC) +X-Original-To: dev@openvswitch.org +Delivered-To: ovs-dev@lists.linuxfoundation.org +Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) + by lists.linuxfoundation.org (Postfix) with ESMTP id E1868C07FF + for ; Sat, 21 Mar 2020 06:54:29 +0000 (UTC) +Received: from localhost (localhost [127.0.0.1]) + by fraxinus.osuosl.org (Postfix) with ESMTP id DEBC286813 + for ; Sat, 21 Mar 2020 06:54:29 +0000 (UTC) +X-Virus-Scanned: amavisd-new at osuosl.org +Received: from fraxinus.osuosl.org ([127.0.0.1]) + by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id vvlN2NAtNL6N for ; + Sat, 21 Mar 2020 06:54:28 +0000 (UTC) +X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 +Received: from m9784.mail.qiye.163.com (m9784.mail.qiye.163.com + [220.181.97.84]) + by fraxinus.osuosl.org (Postfix) with ESMTPS id 5B60C8679E + for ; Sat, 21 Mar 2020 06:54:28 +0000 (UTC) +Received: from localhost.localdomain (unknown [123.59.132.129]) + by m9784.mail.qiye.163.com (Hmail) with ESMTPA id 9C56941610; + Sat, 21 Mar 2020 14:54:21 +0800 (CST) +From: wenxu@ucloud.cn +To: simon.horman@netronome.com +Date: Sat, 21 Mar 2020 14:54:21 +0800 +Message-Id: <1584773661-6886-1-git-send-email-wenxu@ucloud.cn> +X-Mailer: git-send-email 1.8.3.1 +X-HM-Spam-Status: e1kfGhgUHx5ZQUtXWQgYFAkeWUFZSFVPSU1CQkJDS0xITkxMQllXWShZQU + lCN1dZLVlBSVdZCQ4XHghZQVk1NCk2OjckKS43PlkG +X-HM-Sender-Digest: e1kMHhlZQR0aFwgeV1kSHx4VD1lBWUc6PAg6Ixw4KTgxQxM0EzoKHBQX + EDwKCiNVSlVKTkNPTExITU1KTUNDVTMWGhIXVQweFQMOOw4YFxQOH1UYFUVZV1kSC1lBWUpJSFVO + QlVKSElVSklCWVdZCAFZQUhNQk03Bg++ +X-HM-Tid: 0a70fbdf03d02086kuqy9c56941610 +Cc: dev@openvswitch.org +Subject: [ovs-dev] [PATCH branch-2.12] dpif-netlink: avoid netlink modify + flow put op failed after tc modify flow put op failed. +X-BeenThere: ovs-dev@openvswitch.org +X-Mailman-Version: 2.1.15 +Precedence: list +List-Id: +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +MIME-Version: 1.0 +Errors-To: ovs-dev-bounces@openvswitch.org +Sender: "dev" + +From: wenxu + +The tc modify flow put always delete the original flow first and +then add the new flow. If the modfiy flow put operation failed, +the flow put operation will change from modify to create if success +to delete the original flow in tc (which will be always failed with +ENOENT, the flow is already be deleted before add the new flow in tc). +Finally, the modify flow put will failed to add in kernel datapath. + +Signed-off-by: wenxu +--- + lib/dpif-netlink.c | 7 ++++++- + lib/netdev-offload-tc.c | 7 +++++-- + lib/netdev-offload.h | 3 +++ + 3 files changed, 14 insertions(+), 3 deletions(-) + +diff --git a/lib/dpif-netlink.c b/lib/dpif-netlink.c +index 7bc71d6..7e088c0 100644 +--- a/lib/dpif-netlink.c ++++ b/lib/dpif-netlink.c +@@ -2038,6 +2038,7 @@ parse_flow_put(struct dpif_netlink *dpif, struct dpif_flow_put *put) + info.dpif_class = dpif_class; + info.tp_dst_port = dst_port; + info.tunnel_csum_on = csum_on; ++ info.tc_modify_flow_deleted = false; + err = netdev_flow_put(dev, &match, + CONST_CAST(struct nlattr *, put->actions), + put->actions_len, +@@ -2088,7 +2089,11 @@ parse_flow_put(struct dpif_netlink *dpif, struct dpif_flow_put *put) + out: + if (err && err != EEXIST && (put->flags & DPIF_FP_MODIFY)) { + /* Modified rule can't be offloaded, try and delete from HW */ +- int del_err = netdev_flow_del(dev, put->ufid, put->stats); ++ int del_err = 0; ++ ++ if (!info.tc_modify_flow_deleted) { ++ del_err = netdev_flow_del(dev, put->ufid, put->stats); ++ } + + if (!del_err) { + /* Delete from hw success, so old flow was offloaded. +diff --git a/lib/netdev-offload-tc.c b/lib/netdev-offload-tc.c +index 4cc044b..c95de1e 100644 +--- a/lib/netdev-offload-tc.c ++++ b/lib/netdev-offload-tc.c +@@ -1359,9 +1359,12 @@ netdev_tc_flow_put(struct netdev *netdev, struct match *match, + block_id = get_block_id_from_netdev(netdev); + handle = get_ufid_tc_mapping(ufid, &prio, NULL); + if (handle && prio) { ++ bool flow_deleted; ++ + VLOG_DBG_RL(&rl, "updating old handle: %d prio: %d", handle, prio); +- del_filter_and_ufid_mapping(ifindex, prio, handle, block_id, ufid, +- hook); ++ flow_deleted = !del_filter_and_ufid_mapping(ifindex, prio, handle, ++ block_id, ufid, hook); ++ info->tc_modify_flow_deleted = flow_deleted; + } + + if (!prio) { +diff --git a/lib/netdev-offload.h b/lib/netdev-offload.h +index 97a5006..34721ef 100644 +--- a/lib/netdev-offload.h ++++ b/lib/netdev-offload.h +@@ -71,6 +71,9 @@ struct offload_info { + * it will be in the pkt meta data. + */ + uint32_t flow_mark; ++ ++ bool tc_modify_flow_deleted; /* Indicate the tc modify flow put success ++ * to delete the original flow. */ + }; + + int netdev_flow_flush(struct netdev *); + diff --git a/openvswitch.spec b/openvswitch.spec index 426a91acfa33ef2c1779036cfcc1d69ce095c436..20ad9f9a68b6408c2dae75fb11e6c53886842157 100644 --- a/openvswitch.spec +++ b/openvswitch.spec @@ -6,7 +6,7 @@ Summary: Production Quality, Multilayer Open Virtual Switch URL: http://www.openvswitch.org/ Version: 2.12.0 License: ASL 2.0 and ISC -Release: 22 +Release: 23 Source: https://www.openvswitch.org/releases/openvswitch-%{version}.tar.gz Buildroot: /tmp/openvswitch-rpm Patch0000: 0000-openvswitch-add-stack-protector-strong.patch @@ -19,6 +19,7 @@ Patch0006: CVE-2020-27827.patch Patch0007: CVE-2015-8011.patch Patch0008: backport-CVE-2021-36980.patch Patch0009: CVE-2021-3905.patch +Patch0010: backport-dpif-netlink-avoid-netlink-modify-flow-put-op-failed-after-tc-modify-flow-put-op-failed.patch Patch9000: fix-selinux-err.patch @@ -291,6 +292,9 @@ exit 0 %doc README.rst NEWS rhel/README.RHEL.rst %changelog +* Tue Aug 09 2022 wangkerong -2.12.0-23 +- add backport-dpif-netlink-avoid-netlink-modify-flow-put-op-failed-after-tc-modify-flow-put-op-failed.patch + * Mon Jul 25 2022 zhouwenpei - 2.12.0-22 - revent "Add ovn-central ovn-central and ovn-host subpackage"