Bug 1991650

Summary: [RHEL-7] bad key length while flow construction for geneve tunnel offload
Product: Red Hat Enterprise Linux Fast Datapath Reporter: Timothy Redaelli <tredaelli>
Component: openvswitch2.13Assignee: Paolo Valerio <pvalerio>
Status: CLOSED ERRATA QA Contact: Zhiqian Guan <zhguan>
Severity: medium Docs Contact:
Priority: unspecified    
Version: FDP 21.GCC: ctrautma, hakhande, i.maximets, jhsiao, kfida, mleitner, pvalerio, ralongi, tredaelli, zhguan, zshi
Target Milestone: ---Keywords: Reopened
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openvswitch2.13-2.13.0-102.el7fdp Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1927736 Environment:
Last Closed: 2022-11-21 14:15:48 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Timothy Redaelli 2021-08-09 15:28:50 UTC 
+++ This bug was initially created as a clone of Bug #1927736 +++

Description of problem:

While working on ml2/ovn offload with geneve tunnel, observed following flow.

ufid:82f3fade-f87d-4815-a635-6d8584e13c8c, skb_priority(0/0),skb_mark(0/0),ct_state(0/0),ct_zone(0/0),ct_mark(0/0),ct_label(0/0),recirc_id(0),dp_hash(0/0),in_port(ens1f1_1),packet_type(ns=0/0,id=0/0),eth(src=00:00:00:00:00:00/01:00:00:00:00:00,dst=f8:f2:1e:03:bf:f4),eth_type(0x0800),ipv4(src=0.0.0.0/0.0.0.0,dst=0.0.0.0/0.0.0.0,proto=0/0,tos=0/0x3,ttl=0/0,frag=no), packets:662, bytes:105920, used:0.610s, offloaded:yes, dp:tc, actions:set(tunnel(tun_id=0x2,dst=152.20.0.11,ttl=64,tp_dst=6081,key6(bad key length 1, expected 0)(01)geneve({class=0x102,type=0x80,len=4,0x20003}),flags(key))),genev_sys_6081


While discussing over IRC, imaximets informed this.
"looks like a bug in netdev-offload-tc in OVS.  While dumping flows from TC it constructs OVS_TUNNEL_KEY_ATTR_CSUM (key #6) with 'nl_msg_put_u8' passing a boolean value instead of 'nl_msg_put_flag' without a value.  The flow itself in TC should be OK, but this should definitely be fixed."


Version-Release number of selected component (if applicable):
openvswitch2.13-2.13.0-71.el8fdp.x86_64

How reproducible:
Always

Steps to Reproduce:
1. Deploy ovs hw offload
2. Have genve provider network and VM belongs to it
3. Ping to outside destination.

Actual results:
bad key length.

Expected results:
No bad key length

Additional info:

--- Additional comment from Paolo Valerio on 2021-04-30 23:03:02 CEST ---

Posted upstream on April 7, 2021

https://patchwork.ozlabs.org/project/openvswitch/patch/161779578418.6597.11950001999120876543.stgit@fed.void/

--- Additional comment from Ilya Maximets on 2021-06-25 12:43:57 CEST ---



--- Additional comment from Paolo Valerio on 2021-07-28 20:01:38 CEST ---

Patch got accepted upstream and backported all the way to 2.12.

https://mail.openvswitch.org/pipermail/ovs-dev/2021-July/384753.html

The next FDP release will pick up the fix.
Comment 3 Zhiqian Guan 2021-08-20 07:34:44 UTC 
[root@netqe4 ~]# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.9 (Maipo)
[root@netqe4 ~]# uname -r
3.10.0-1160.36.2.el7.x86_64
[root@netqe4 ~]# rpm -qa | grep openvswitch2
openvswitch2.13-2.13.0-102.el7fdp.x86_64
[root@netqe4 ~]#
[root@netqe4 ~]# ovs-vsctl show
e8da0994-ab65-414d-8227-9bb97d6838b7
    Bridge ovsbr0
        Port geneve1
            Interface geneve1
                type: geneve
                options: {csum="true", key="100", local_ip="1.1.1.1", remote_ip="1.1.1.2"}
        Port p1p1_pf0vf0
            Interface p1p1_pf0vf0
        Port ovsbr0
            Interface ovsbr0
                type: internal
    ovs_version: "2.13.5"
[root@netqe4 ~]#
[root@netqe4 ~]# ovs-appctl dpctl/dump-flows type=offloaded --names -m
tunnel(tun_id=0x64,src=1.1.1.2,dst=1.1.1.1,tp_dst=6081,flags(+key)),recirc_id(0),in_port(3),eth(src=22:c3:aa:17:a1:ec,dst=e4:11:22:33:44:60),eth_type(0x0800),ipv4(frag=no), packets:425, bytes:35700, used:0.680s, actions:2
recirc_id(0),in_port(2),eth(src=e4:11:22:33:44:60,dst=22:c3:aa:17:a1:ec),eth_type(0x0800),ipv4(tos=0/0x3,frag=no), packets:425, bytes:35700, used:0.680s, actions:set(tunnel(tun_id=0x64,src=1.1.1.1,dst=1.1.1.2,ttl=64,tp_dst=6081,flags(csum|key))),3
[root@netqe4 ~]#
Comment 4 Zhiqian Guan 2021-08-20 07:40:08 UTC 
Based on comment3, no more bad key length in the offloading flow rules, set this to VERIFIED
Comment 6 errata-xmlrpc 2022-11-21 14:15:48 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (openvswitch2.13 bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:8558