Datapath requires in_port value to be exact match to function
correctly. Enforce exact match of in_port regardless of the mask
specified in the netlink message, or when it is absent.
Signed-off-by: Andy Zhou <az...@nicira.com>
---
datapath/flow.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/datapath/flow.c b/datapath/flow.c
index 84df4d3..a2111e7 100644
--- a/datapath/flow.c
+++ b/datapath/flow.c
@@ -138,8 +138,7 @@ static bool ovs_match_validate(const struct sw_flow_match
*match,
/* Tunnel mask is always allowed. */
mask_allowed |= (1ULL << OVS_KEY_ATTR_TUNNEL);
- if (match->key->phy.in_port == DP_MAX_PORTS &&
- match->mask && (match->mask->key.phy.in_port == 0xffff))
+ if (match->mask && (match->mask->key.phy.in_port == 0xffff))
mask_allowed |= (1ULL << OVS_KEY_ATTR_IN_PORT);
if (match->key->eth.type == htons(ETH_P_802_2) &&
@@ -1323,6 +1322,10 @@ static int metadata_from_nlattrs(struct sw_flow_match
*match, u64 *attrs,
SW_FLOW_KEY_PUT(match, phy.in_port, DP_MAX_PORTS, is_mask);
}
+ /* Always exact match in_port. */
+ if (is_mask)
+ SW_FLOW_KEY_PUT(match, phy.in_port, 0xffff, is_mask);
+
if (*attrs & (1ULL << OVS_KEY_ATTR_SKB_MARK)) {
uint32_t mark = nla_get_u32(a[OVS_KEY_ATTR_SKB_MARK]);
#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,20) && !defined(CONFIG_NETFILTER)
--
1.7.9.5
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
