Bug 1991655

Summary: bad key length while flow construction for geneve tunnel offload
Product: Red Hat Enterprise Linux Fast Datapath Reporter: Timothy Redaelli <tredaelli>
Component: openvswitch2.15Assignee: Paolo Valerio <pvalerio>
Status: CLOSED ERRATA QA Contact: Zhiqian Guan <zhguan>
Severity: medium Docs Contact:
Priority: unspecified    
Version: FDP 21.GCC: ctrautma, hakhande, i.maximets, jhsiao, kfida, mleitner, pvalerio, ralongi, tredaelli, zhguan, zshi
Target Milestone: ---Keywords: Reopened
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: openvswitch2.15-2.15.0-32.el8fdp Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1927736 Environment:
Last Closed: 2021-09-07 18:03:36 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Timothy Redaelli 2021-08-09 15:41:01 UTC 
+++ This bug was initially created as a clone of Bug #1927736 +++

Description of problem:

While working on ml2/ovn offload with geneve tunnel, observed following flow.

ufid:82f3fade-f87d-4815-a635-6d8584e13c8c, skb_priority(0/0),skb_mark(0/0),ct_state(0/0),ct_zone(0/0),ct_mark(0/0),ct_label(0/0),recirc_id(0),dp_hash(0/0),in_port(ens1f1_1),packet_type(ns=0/0,id=0/0),eth(src=00:00:00:00:00:00/01:00:00:00:00:00,dst=f8:f2:1e:03:bf:f4),eth_type(0x0800),ipv4(src=0.0.0.0/0.0.0.0,dst=0.0.0.0/0.0.0.0,proto=0/0,tos=0/0x3,ttl=0/0,frag=no), packets:662, bytes:105920, used:0.610s, offloaded:yes, dp:tc, actions:set(tunnel(tun_id=0x2,dst=152.20.0.11,ttl=64,tp_dst=6081,key6(bad key length 1, expected 0)(01)geneve({class=0x102,type=0x80,len=4,0x20003}),flags(key))),genev_sys_6081


While discussing over IRC, imaximets informed this.
"looks like a bug in netdev-offload-tc in OVS.  While dumping flows from TC it constructs OVS_TUNNEL_KEY_ATTR_CSUM (key #6) with 'nl_msg_put_u8' passing a boolean value instead of 'nl_msg_put_flag' without a value.  The flow itself in TC should be OK, but this should definitely be fixed."


Version-Release number of selected component (if applicable):
openvswitch2.13-2.13.0-71.el8fdp.x86_64

How reproducible:
Always

Steps to Reproduce:
1. Deploy ovs hw offload
2. Have genve provider network and VM belongs to it
3. Ping to outside destination.

Actual results:
bad key length.

Expected results:
No bad key length

Additional info:

--- Additional comment from Paolo Valerio on 2021-04-30 23:03:02 CEST ---

Posted upstream on April 7, 2021

https://patchwork.ozlabs.org/project/openvswitch/patch/161779578418.6597.11950001999120876543.stgit@fed.void/

--- Additional comment from Ilya Maximets on 2021-06-25 12:43:57 CEST ---



--- Additional comment from Paolo Valerio on 2021-07-28 20:01:38 CEST ---

Patch got accepted upstream and backported all the way to 2.12.

https://mail.openvswitch.org/pipermail/ovs-dev/2021-July/384753.html

The next FDP release will pick up the fix.
Comment 3 Zhiqian Guan 2021-08-17 07:54:44 UTC 
[root@netqe1 ~]# ovs-vsctl show
23fb31b2-3dca-4db5-8d48-288fa634fd97
    Bridge ovsbr0
        Port geneve1
            Interface geneve1
                type: geneve
                options: {csum="true", key="100", local_ip="1.1.1.1", remote_ip="1.1.1.2"}
        Port ovsbr0
            Interface ovsbr0
                type: internal
        Port ens1f0_pf0vf0
            Interface ens1f0_pf0vf0
    ovs_version: "2.15.2"
[root@netqe1 ~]#
[root@netqe1 ~]# ovs-appctl dpctl/dump-flows type=offloaded --names -m
recirc_id(0),tunnel(tun_id=0x64,src=1.1.1.2,dst=1.1.1.1,flags(-df-csum+key)),in_port(3),eth(src=06:8a:a7:48:06:e6,dst=e4:11:22:33:44:60),eth_type(0x0800),ipv4(frag=no), packets:72, bytes:7056, used:0.634s, actions:2
recirc_id(0),in_port(2),eth(src=e4:11:22:33:44:60,dst=06:8a:a7:48:06:e6),eth_type(0x0800),ipv4(tos=0/0x3,frag=no), packets:72, bytes:7056, used:0.634s, actions:set(tunnel(tun_id=0x64,src=1.1.1.1,dst=1.1.1.2,ttl=64,tp_dst=6081,flags(df|csum|key))),3
[root@netqe1 ~]#
[root@netqe1 ~]# rpm -qa | grep openvswitch2.15
openvswitch2.15-2.15.0-32.el8fdp.x86_64
[root@netqe1 ~]# uname -r
4.18.0-305.12.1.el8_4.x86_64
[root@netqe1 ~]# cat /etc/redhat-release
Red Hat Enterprise Linux release 8.4 (Ootpa)
[root@netqe1 ~]#
Comment 4 Zhiqian Guan 2021-08-17 08:08:40 UTC 
no more bad key length seen in the flows, 

ovs2.15 21.G on RHEL8.4

set this to VERIFIED.
Comment 6 errata-xmlrpc 2021-09-07 18:03:36 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (openvswitch2.15 bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2021:3449