[ovs-git] Open vSwitch: Release Open vSwitch 1.0.3 (lts-1.0)
dev at openvswitch.org
dev at openvswitch.org
Fri Oct 8 17:25:48 PDT 2010
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Open vSwitch".
The branch, lts-1.0 has been created
at 0dfae8613ef3e5dc9bae8fa2a671510d5752b3b1 (commit)
- Log -----------------------------------------------------------------
commit 0dfae8613ef3e5dc9bae8fa2a671510d5752b3b1
Author: Justin Pettit <jpettit at nicira.com>
Date: Fri Oct 8 17:17:28 2010 -0700
Release Open vSwitch 1.0.3
commit fcba238dd229ce0edb953161d774f6a3b4161c13
Author: Ben Pfaff <blp at nicira.com>
Date: Thu Oct 7 16:44:32 2010 -0700
ofproto: Drop flows from datapath more quickly under heavy load.
In normal operation it makes sense to keep track of all of the flows that
have been seen recently and to cache all of them in the kernel. Under
unusual conditions, such as those caused by network scanning tools or by an
actual targeted DoS attack against the vswitch, the number of flows can
explode to extremely high numbers (hundreds of thousands or more). In such
a situation the vswitch needs to guard against memory exhaustion by
expiring flows more quickly and more often. This commit implements an
inexpensive technique for determining which flows should be dropped in such
a situation.
commit 3ad6619bf3f7e1fc879bb74285f0379ac473243f
Author: Ben Pfaff <blp at nicira.com>
Date: Thu Oct 7 10:36:02 2010 -0700
classifier: Introduce macros for iterating exact-match flows.
This special case of iterating through flows is easier and presumably
faster to implement using a macro.
commit eabc4fc41952e9d4b979ba137d15d9b7ab791959
Author: Ben Pfaff <blp at nicira.com>
Date: Wed Sep 29 13:04:03 2010 -0700
ofproto: Iterate through exact-match rules first during expiration.
A wildcarded flow is idle only if all of its subrules have expired because
they were idle, so unless we expire exact-match rules first it is possible
that a wildcarded flow fails to expire as soon as it should.
(The current implementation of classifier_for_each() iterates through
exact-match rules before wildcarded rules, but nothing in the interface
guarantees that.)
commit 7163da861e2c7c3115118680361eeaa80c036f59
Author: Ben Pfaff <blp at nicira.com>
Date: Wed Sep 29 12:54:05 2010 -0700
ofproto: Drop unneeded poll_immediate_wake().
This poll_immediate_wake() is unnecessary because netflow_run() is always
called afterward within the same poll loop. It's better to delete it, to
avoid wasting CPU.
commit 0652e3433ced5ec2f1d77487fd53dca831186beb
Author: Ben Pfaff <blp at nicira.com>
Date: Thu Sep 30 10:13:47 2010 -0700
ofproto: Fix effective memory leak for uninstallable flows.
In one or two corner cases, flows cannot be installed because every packet
in the flow must be processed by userspace. The code to expire rules was
ignoring these uninstallable rules, and thus they would never get freed,
even after they became idle. This commit fixes the problem.
commit bef90330c13461066d50a11268d8d3f0466cb186
Author: Ben Pfaff <blp at nicira.com>
Date: Thu Oct 7 10:08:21 2010 -0700
ofproto: Factor conditional out of loop in send_flow_removed().
commit 6348e9482369ebd7f1c2d7ec167bd09b9a3d7ecc
Author: Ben Pfaff <blp at nicira.com>
Date: Wed Oct 6 14:39:56 2010 -0700
ofproto: Group functions related to flow expiration together.
This should be a purely stylistic change, with no effect on behavior.
This commit changes the callback pointer passed to the
classifier_for_each() from a pointer to an ofproto to a pointer to a
structure that includes an ofproto. Future commits planned will add
more members to this new structure.
commit 7fa8c6709db0ac416a78896545b0005e35556903
Author: Justin Pettit <jpettit at nicira.com>
Date: Fri Oct 8 17:15:05 2010 -0700
Release Open vSwitch 1.0.2
commit ff9a6b34ed9fa087df43ca6aabca5e3b3e532146
Author: Justin Pettit <jpettit at nicira.com>
Date: Fri Oct 8 14:18:28 2010 -0700
netdev: Enforce a floor "linux-htb" min-rate
commit 40271de1421e0d02f87b37b27a2d8a8d93cfdc8c
Author: Justin Pettit <jpettit at nicira.com>
Date: Fri Oct 8 13:50:16 2010 -0700
netdev: Don't divide by zero when "linux-htb" zero min-rate is used
A "min-rate" of zero for the "linux-htb" QoS type would cause a divide
by zero exception. This patch prevents that by just returning zero. A
later patch will try to enforce reasonable values for "min-rate".
Bug #3745
commit fa0d5349c39593656e75bdc82330bf04e9f612f7
Author: Ethan Jackson <ethan at nicira.com>
Date: Fri Oct 1 02:29:27 2010 +0000
xenserver: ovs-external-ids log to file instead of syslog
ovs-external-ids was crashing on startup because it was brought up
before /dev/log exists. The simplest solution to this problem is
to have it log to /var/log/openvswitch/ovs-external-ids.log . This
is consistent with vswitchd and ovsdb-server.
Signed-off-by: Ethan Jackson <ethan at nicira.com>
commit f22a24b7b3b8aec61f6778bf9c8e6e7c5514039a
Author: Ben Pfaff <blp at nicira.com>
Date: Wed Sep 1 12:45:24 2010 -0700
netflow: Avoid (theoretically) looping 2**32 times.
If the netflow byte counter is UINT64_MAX, or at any rate much larger than
UINT32_MAX, netflow_expire() could loop for a very long time. This commit
avoids that case.
This is only a theoretical bug fix. I don't know of any actual bug that
would cause a counter to be that high.
commit 92428253d585ccdc9eeb628d4c2c6aac30ad9336
Author: Ben Pfaff <blp at nicira.com>
Date: Wed Sep 1 12:43:11 2010 -0700
netflow: Do 64-bit division less often.
64-bit division is expensive. Usually we can avoid it entirely, as done by
this patch.
commit 19f997675dd321ab6b04e0d48e643aac53fd302d
Author: Ben Pfaff <blp at nicira.com>
Date: Thu Sep 16 15:38:10 2010 -0700
netdev-linux: Fix off-by-one error dumping queue stats.
Linux kernel queue numbers are one greater than OpenFlow queue numbers, for
HTB anyhow. The code to dump queues wasn't compensating for this, so this
commit fixes it up.
commit 59b380da47991502517e3a70b148deda7a2ecfca
Author: Ethan Jackson <ethan at nicira.com>
Date: Wed Sep 22 12:40:39 2010 -0700
xenserver: monitor-external-ids should run with --monitor
The init script starts monitor-external-ids with --monitor when
configured to do so. Also made changes to guarantee that --monitor
actually restarts ovs-external-ids.
Signed-off-by: Ethan Jackson <ethan at nicira.com>
commit 0f4dec74a7851b603a42291a16b0e7802d12e7f9
Author: Ethan Jackson <ethan at nicira.com>
Date: Wed Sep 22 15:38:17 2010 -0700
xenserver: Added additional logging to ovs-external-ids
Added additional logging for debug-ability and migrated to python
logging module.
Signed-off-by: Ethan Jackson <ethan at nicira.com>
commit d9a3e3ef8aa2b4fb42a448e5a96ad0f163b6fa65
Author: Ethan Jackson <ethan at nicira.com>
Date: Tue Sep 21 18:03:07 2010 -0700
xenserver: Rename monitor-external-ids -> ovs-external-ids
Renamed the monitor-external-ids script ovs-external-ids.
Hopefully this will make it clearer who owns it when someone does
ps xa.
Also removed trailing whitespace from ovs-external-ids.
Signed-off-by: Ethan Jackson <ethan at nicira.com>
commit 3db4d1d0a993ea682c61bdc87223860116f5a5c1
Author: Ben Pfaff <blp at nicira.com>
Date: Wed Sep 22 10:03:31 2010 -0700
xenserver: Add license to uuid.py.
There seemed to be some confusion regarding this file's provenance, so it
is best to clarify.
Signed-off-by: Ben Pfaff <blp at nicira.com>
commit ead8a654f1e6e85e42152b80fcef0558f3c6759c
Author: Ben Pfaff <blp at nicira.com>
Date: Wed Sep 22 10:05:29 2010 -0700
xenserver: Add explicit license to refresh-xs-network-uuids.
I had assumed that a trivial one-line shell script didn't need an explicit
license, but it seems that I was wrong.
Signed-off-by: Ben Pfaff <blp at nicira.com>
commit 09e2e9de329e22ecc5eaac66e7478c5556256dfe
Author: Ben Pfaff <blp at nicira.com>
Date: Wed Sep 22 09:32:58 2010 -0700
xenserver: Change license of xsconsole plugin to GPLv2.
This file was under a proprietary license because it was derived from
proprietary XenServer code. That upstream code is now under GPLv2, so
change the downstream code to GPLv2 also.
Acked-by: Ian Campbell <Ian.Campbell at citrix.com>
Signed-off-by: Ben Pfaff <blp at nicira.com>
commit b7384540fc15270a94beebb4797fcf09a8494a58
Author: Ethan Jackson <ethan at nicira.com>
Date: Fri Sep 17 15:06:17 2010 -0700
python: timer_wait_until calculated current time incorrectly
The timer_wait_until function in poller.py was using Time.msec to
figure out the current time. Unfortunately, Time.msec does not in
exist. Changed to use ovs.timeval.msec .
commit 083d5565bb3dc5471affa1b490311c8980be7857
Author: Ben Pfaff <blp at nicira.com>
Date: Thu Sep 2 10:06:42 2010 -0700
ovsdb: Fix bug in "wait" command implementation.
The declaration of "error" that this commit removes shadowed an outer local
declaration of "error", which caused errors detected by this code not to be
propagated up to the outer level.
Found with GCC -Wshadow.
commit 04f796a8393016cb274720438f078f3290bd099c
Author: Ethan Jackson <ethan at nicira.com>
Date: Fri Sep 17 08:23:32 2010 -0700
xenserver: monitor-external-ids remove redundant ovs-vsctl calls
The number of ovs-vsctl calls required to add a new vif in
monitor-external-ids grew linearly with the number of vifs in the
system. Changed to only do O(1) ovs-vsctl calls per vif addition.
commit 3786d27da280ca70d5e1d2b679333776b16b1954
Author: Ben Pfaff <blp at nicira.com>
Date: Fri Sep 17 14:37:51 2010 -0700
ovs-vsctl: Remove default timeout.
On overloaded XenServers the current default timeout of 5 seconds can
occasionally be reached, which causes VM startup to fail. This commit
fixes the problem by removing the default timeout and changing each
invocation of ovs-vsctl within the tree to specify its own timeout,
if appropriate.
Bug #3573.
commit ba429bfa0a4c5e20cc2ab5f1b16519f84b6ee92b
Author: Vivien Bernet-Rollande <vbr at soprive.net>
Date: Thu Sep 16 10:56:55 2010 -0700
brcompat_mod: Check if user has CAP_NET_ADMIN in ioctl handler
This patch checks that the user calling ioctl() to create, delete, or
modify bridges has the CAP_NET_ADMIN capability. This prevents
unpriviledged users from modifying the bridge configuration through
brcompatd. The checks are actually the same performed in
net/bridge/br_ioctl.c by the Linux kernel.
Signed-off-by: Vivien Bernet-Rollande <vbr at soprive.net>
Signed-off-by: Jesse Gross <jesse at nicira.com>
commit a842e7b093786019292998fa192d4ed7d228d686
Author: Jesse Gross <jesse at nicira.com>
Date: Wed Sep 15 16:52:48 2010 -0700
datapath: Check IS_ERR() in do_execute().
flow_actions_alloc() returns an error code in the form of a pointer
but we checked that the pointer was not NULL, which is always true.
This caused oopses on allocation errors when we would write into
an invalid pointer.
NIC-234
Signed-off-by: Jesse Gross <jesse at nicira.com>
Acked-by: Ben Pfaff <blp at nicira.com>
commit 51a66e1bc935c50afe955da947cf253adf115751
Author: Ben Pfaff <blp at nicira.com>
Date: Tue Sep 14 13:32:36 2010 -0700
datapath: Increase maximum number of actions per flow.
Until now the number of actions in a flow has been limited to what fits in
a page. Each action is 8 bytes, and on 32-bit architectures there is a
12-byte header, so with 4-kB pages that limits flows to 510 actions. We
and Citrix have noticed that OVS stops working properly after about 509
VIFs are added to a bridge. According to log messages this is the reason:
at this point it is no longer possible to flood a packet to all ports.
This commit should help, by increasing the maximum number of actions in a
flow. In the long term, though, we should adopt use of port groups or
otherwise reduce the number of actions needed to flood a packet.
Signed-off-by: Ben Pfaff <blp at nicira.com>
Bug #3573.
NIC-234.
commit aa536b6e43828e23c48c54612d4047024f209eeb
Author: Justin Pettit <jpettit at nicira.com>
Date: Fri Sep 10 14:32:41 2010 -0700
xenserver: Don't delete pidfile when stopping monitor-external-ids
It's not necessary to explicitly delete the pidfile when stopping
monitor-external-ids through the init script, since the daemon will take
care of that.
commit c22f712bb99bdcdd042ce0ffbf4f31fc5016109a
Author: Justin Pettit <jpettit at nicira.com>
Date: Fri Sep 10 14:20:49 2010 -0700
xenserver: Don't monitor external-ids until XAPI is up
monitor-external-ids can't complete all its tasks until XAPI is up. The
daemon is usually started before XAPI, so it can miss events. This
commit causes the daemon to block until XAPI is finished initializing.
-----------------------------------------------------------------------
hooks/post-receive
--
Open vSwitch
More information about the git
mailing list