Add YAML netlink spec for the OVS_PACKET_FAMILY (ovs_packet). This completes the set of OVS genetlink family specs (ovs_datapath, ovs_flow, ovs_vport already exist). The spec defines three operations: MISS (event), ACTION (event), and EXECUTE (do). MISS and ACTION are kernel-to-userspace upcalls sent via genlmsg_unicast(); EXECUTE is the only registered genl operation. Key, actions, and egress-tun-key attributes are typed as binary rather than nest because the nested attribute definitions belong to the ovs_flow spec and cross-spec references are not supported by the YNL framework. Signed-off-by: Minxi Hou --- Documentation/netlink/specs/ovs_packet.yaml | 130 ++++++++++++++++++++ 1 file changed, 130 insertions(+) create mode 100644 Documentation/netlink/specs/ovs_packet.yaml diff --git a/Documentation/netlink/specs/ovs_packet.yaml b/Documentation/netlink/specs/ovs_packet.yaml new file mode 100644 index 000000000000..e4c5f24b3b01 --- /dev/null +++ b/Documentation/netlink/specs/ovs_packet.yaml @@ -0,0 +1,130 @@ +# SPDX-License-Identifier: ((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause) +--- +name: ovs_packet +version: 1 +protocol: genetlink-legacy +uapi-header: linux/openvswitch.h + +doc: | + OVS packet execution over generic netlink. + + Only OVS_PACKET_CMD_EXECUTE is exposed as a genl operation. + OVS_PACKET_CMD_MISS and OVS_PACKET_CMD_ACTION are kernel-to-userspace + upcalls sent via genlmsg_unicast() to the vport's upcall_pid and have + no associated genl_ops or multicast group. + + Several attributes in the attribute set (userdata, egress-tun-key, len) + exist for the upcall path and are not used by the EXECUTE operation. + For EXECUTE, packet, key, and actions are mandatory (kernel returns + -EINVAL without them). + +definitions: + - + name: ovs-header + type: struct + members: + - + name: dp-ifindex + type: u32 + +attribute-sets: + - + name: packet + name-prefix: ovs-packet-attr- + enum-name: ovs-packet-attr + attributes: + - + name: packet + type: binary + doc: Packet data, from the start of the Ethernet header. + checks: + min-len: 14 + - + name: key + type: binary + doc: | + Nested OVS_KEY_ATTR_* attributes, extracted flow key. + Defined as binary because the key attribute-set belongs to the + ovs_flow family spec; cross-spec references are not supported. + - + name: actions + type: binary + doc: | + Nested OVS_ACTION_ATTR_* attributes. + Defined as binary for the same reason as key. + - + name: userdata + type: binary + doc: Opaque userspace cookie from OVS_USERSPACE_ATTR_USERDATA. + - + name: egress-tun-key + type: binary + doc: Nested OVS_TUNNEL_KEY_ATTR_* for output tunnel metadata. + - + name: unused1 + type: unused + - + name: unused2 + type: unused + - + name: probe + type: flag + doc: Packet operation is a feature probe, error logging suppressed. + - + name: mru + type: u16 + doc: Maximum received IP fragment size. + - + name: len + type: u32 + doc: Packet size before truncation. + - + name: hash + type: u64 + doc: Packet hash, low 32 bits are skb hash, upper bits are flags. + - + name: upcall-pid + type: u32 + doc: Netlink PID to use for upcalls during EXECUTE processing. + +operations: + fixed-header: ovs-header + name-prefix: ovs-packet-cmd- + list: + - + name: miss + doc: Notify userspace of a flow table miss for a received packet. + value: 1 + attribute-set: packet + event: + attributes: &event-attrs + - packet + - key + - userdata + - actions + - egress-tun-key + - mru + - len + - hash + - + name: action + doc: Notify userspace as requested by an OVS_ACTION_ATTR_USERSPACE action. + value: 2 + attribute-set: packet + event: + attributes: *event-attrs + - + name: execute + doc: Apply actions to a packet. + value: 3 + attribute-set: packet + do: + request: + attributes: + - packet + - key + - actions + - probe + - mru + - hash + - upcall-pid -- 2.54.0 Add ntf_bind() method to YnlFamily for binding the netlink socket without joining a multicast group. This enables receiving unicast notifications through the existing poll_ntf/check_ntf path. The OVS packet family sends MISS and ACTION upcalls via genlmsg_unicast() to a per-vport PID rather than through a multicast group. The existing ntf_subscribe() couples bind() with setsockopt(ADD_MEMBERSHIP), which does not fit the unicast case. ntf_bind() provides the bind-only alternative, with the address defaulting to (0, 0) but exposed as an explicit argument. Signed-off-by: Minxi Hou --- tools/net/ynl/pyynl/lib/ynl.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tools/net/ynl/pyynl/lib/ynl.py b/tools/net/ynl/pyynl/lib/ynl.py index 010aac0c6c67..092d132edec1 100644 --- a/tools/net/ynl/pyynl/lib/ynl.py +++ b/tools/net/ynl/pyynl/lib/ynl.py @@ -682,6 +682,7 @@ class YnlFamily(SpecFamily): ynl.ntf_subscribe(mcast_name) -- join a multicast group ynl.ntf_listen_all_nsid() -- listen on all netns + ynl.ntf_bind(addr=(0, 0)) -- bind socket for unicast notifications ynl.check_ntf() -- drain pending notifications ynl.poll_ntf(duration=None) -- yield notifications @@ -767,6 +768,10 @@ class YnlFamily(SpecFamily): return None return None + def ntf_bind(self, addr=(0, 0)): + """Bind socket for receiving unicast notifications.""" + self.sock.bind(addr) + def set_recv_dbg(self, enabled): self._recv_dbg = enabled -- 2.54.0