# Copyright (C) 2009, 2010, 2013, 2014 Nicira Networks, Inc.
#
# Copying and distribution of this file, with or without modification,
# are permitted in any medium without royalty provided the copyright
# notice and this notice are preserved. This file is offered as-is,
# without warranty of any kind.
#
# If tests have to be skipped while building, specify the '--without check'
# option. For example:
# rpmbuild -bb --without check rhel/openvswitch-fedora.spec
# This defines the base package name's version.
%define pkgname openvswitch2.17
%if 0%{?commit:1}
%global shortcommit %(c=%{commit}; echo ${c:0:7})
%endif
# Enable PIE, bz#955181
%global _hardened_build 1
# RHEL-7 doesn't define _rundir macro yet
# Fedora 15 onwards uses /run as _rundir
%if 0%{!?_rundir:1}
%define _rundir /run
%endif
# FIXME Test "STP - flush the fdb and mdb when topology changed" fails on s390x
# FIXME 2 tests fails on ppc64le. They will be hopefully fixed before official 2.11
%ifarch %{ix86} x86_64 aarch64
%bcond_without check
%else
%bcond_with check
%endif
# option to run kernel datapath tests, requires building as root!
%bcond_with check_datapath_kernel
# option to build with libcap-ng, needed for running OVS as regular user
%bcond_without libcapng
# option to build with ipsec support
%bcond_without ipsec
# Build python2 (that provides python) and python3 subpackages on Fedora
# Build only python3 (that provides python) subpackage on RHEL8
# Build only python subpackage on RHEL7
%if 0%{?rhel} > 7 || 0%{?fedora}
# On RHEL8 Sphinx is included in buildroot
%global external_sphinx 1
%else
# Don't use external sphinx (RHV doesn't have optional repositories enabled)
%global external_sphinx 0
%endif
Name: %{pkgname}
Summary: Open vSwitch
Group: System Environment/Daemons daemon/database/utilities
URL: http://www.openvswitch.org/
Version: 2.17.0
Release: 15%{?dist}
# Nearly all of openvswitch is ASL 2.0. The bugtool is LGPLv2+, and the
# lib/sflow*.[ch] files are SISSL
# datapath/ is GPLv2 (although not built into any of the binary packages)
License: ASL 2.0 and LGPLv2+ and SISSL
%define dpdkver 21.11
%define dpdkdir dpdk
%define dpdksver %(echo %{dpdkver} | cut -d. -f-2)
# NOTE: DPDK does not currently build for s390x
# DPDK on aarch64 is not stable enough to be enabled in FDP
%if 0%{?rhel} > 7 || 0%{?fedora}
%define dpdkarches x86_64 ppc64le
%else
%define dpdkarches
%endif
%if 0%{?commit:1}
Source: https://github.com/openvswitch/ovs/archive/%{commit}.tar.gz#/openvswitch-%{commit}.tar.gz
%else
Source: https://github.com/openvswitch/ovs/archive/v%{version}.tar.gz#/openvswitch-%{version}.tar.gz
%endif
Source10: https://fast.dpdk.org/rel/dpdk-%{dpdkver}.tar.xz
%define docutilsver 0.12
%define pygmentsver 1.4
%define sphinxver 1.2.3
%define pyelftoolsver 0.27
Source100: https://pypi.io/packages/source/d/docutils/docutils-%{docutilsver}.tar.gz
Source101: https://pypi.io/packages/source/P/Pygments/Pygments-%{pygmentsver}.tar.gz
Source102: https://pypi.io/packages/source/S/Sphinx/Sphinx-%{sphinxver}.tar.gz
Source103: https://pypi.io/packages/source/p/pyelftools/pyelftools-%{pyelftoolsver}.tar.gz
Patch: openvswitch-%{version}.patch
# The DPDK is designed to optimize througput of network traffic using, among
# other techniques, carefully crafted assembly instructions. As such it
# needs extensive work to port it to other architectures.
ExclusiveArch: x86_64 aarch64 ppc64le s390x
# Do not enable this otherwise YUM will break on any upgrade.
# Provides: openvswitch
Conflicts: openvswitch < 2.17
Conflicts: openvswitch-dpdk < 2.17
Conflicts: openvswitch2.10
Conflicts: openvswitch2.11
Conflicts: openvswitch2.12
Conflicts: openvswitch2.13
Conflicts: openvswitch2.14
Conflicts: openvswitch2.15
Conflicts: openvswitch2.16
# FIXME Sphinx is used to generate some manpages, unfortunately, on RHEL, it's
# in the -optional repository and so we can't require it directly since RHV
# doesn't have the -optional repository enabled and so TPS fails
%if %{external_sphinx}
BuildRequires: python3-sphinx
%else
# Sphinx dependencies
BuildRequires: python-devel
BuildRequires: python-setuptools
#BuildRequires: python2-docutils
BuildRequires: python-jinja2
BuildRequires: python-nose
#BuildRequires: python2-pygments
# docutils dependencies
BuildRequires: python-imaging
# pygments dependencies
BuildRequires: python-nose
%endif
BuildRequires: gcc gcc-c++ make
BuildRequires: autoconf automake libtool
BuildRequires: systemd-units openssl openssl-devel
BuildRequires: python3-devel python3-setuptools
BuildRequires: desktop-file-utils
BuildRequires: groff-base graphviz
BuildRequires: unbound-devel
BuildRequires: systemtap-sdt-devel
# make check dependencies
BuildRequires: procps-ng
%if %{with check_datapath_kernel}
BuildRequires: nmap-ncat
# would be useful but not available in RHEL or EPEL
#BuildRequires: pyftpdlib
%endif
%if %{with libcapng}
BuildRequires: libcap-ng libcap-ng-devel
%endif
%ifarch %{dpdkarches}
BuildRequires: meson
%if 0%{?rhel} > 8 || 0%{?fedora}
BuildRequires: python3-pyelftools
%endif
# DPDK driver dependencies
BuildRequires: zlib-devel numactl-devel
%ifarch x86_64
BuildRequires: rdma-core-devel >= 15 libmnl-devel
%endif
# Required by packaging policy for the bundled DPDK
Provides: bundled(dpdk) = %{dpdkver}
%endif
Requires: openssl iproute module-init-tools
#Upstream kernel commit 4f647e0a3c37b8d5086214128614a136064110c3
#Requires: kernel >= 3.15.0-0
Requires: openvswitch-selinux-extra-policy
Requires(pre): shadow-utils
Requires(post): /bin/sed
Requires(post): /usr/sbin/usermod
Requires(post): /usr/sbin/groupadd
Requires(post): systemd-units
Requires(preun): systemd-units
Requires(postun): systemd-units
Obsoletes: openvswitch-controller <= 0:2.1.0-1
%if 0%{?rhel}
# sortedcontainers are not packaged on RHEL yet, but ovs includes it
%global __requires_exclude ^python%{python3_version}dist\\(sortedcontainers\\)$
%endif
%description
Open vSwitch provides standard network bridging functions and
support for the OpenFlow protocol for remote per-flow control of
traffic.
%package -n python3-%{pkgname}
Summary: Open vSwitch python3 bindings
License: ASL 2.0
Requires: %{pkgname} = %{?epoch:%{epoch}:}%{version}-%{release}
Provides: python-%{pkgname} = %{?epoch:%{epoch}:}%{version}-%{release}
%description -n python3-%{pkgname}
Python bindings for the Open vSwitch database
%package test
Summary: Open vSwitch testing utilities
License: ASL 2.0
BuildArch: noarch
Requires: python3-%{pkgname} = %{?epoch:%{epoch}:}%{version}-%{release}
Requires: tcpdump
%description test
Utilities that are useful to diagnose performance and connectivity
issues in Open vSwitch setup.
%package devel
Summary: Open vSwitch OpenFlow development package (library, headers)
License: ASL 2.0
Requires: %{pkgname} = %{?epoch:%{epoch}:}%{version}-%{release}
%description devel
This provides shared library, libopenswitch.so and the openvswitch header
files needed to build an external application.
%if 0%{?rhel} == 8 || 0%{?fedora} > 28
%package -n network-scripts-%{name}
Summary: Open vSwitch legacy network service support
License: ASL 2.0
Requires: network-scripts
Supplements: (%{name} and network-scripts)
%description -n network-scripts-%{name}
This provides the ifup and ifdown scripts for use with the legacy network
service.
%endif
%if %{with ipsec}
%package ipsec
Summary: Open vSwitch IPsec tunneling support
License: ASL 2.0
Requires: python3-%{pkgname} = %{?epoch:%{epoch}:}%{version}-%{release}
Requires: libreswan
%description ipsec
This package provides IPsec tunneling support for OVS tunnels.
%endif
%prep
%if 0%{?commit:1}
%setup -q -n ovs-%{commit} -a 10
%else
%setup -q -n ovs-%{version} -a 10
%endif
%if ! %{external_sphinx}
%if 0%{?commit:1}
%setup -n ovs-%{commit} -q -D -T -a 100 -a 101 -a 102
%else
%setup -n ovs-%{version} -q -D -T -a 100 -a 101 -a 102
%endif
%endif
%if 0%{?rhel} && 0%{?rhel} < 9
%if 0%{?commit:1}
%setup -n ovs-%{commit} -q -D -T -a 103
%else
%setup -n ovs-%{version} -q -D -T -a 103
%endif
%endif
mv dpdk-*/ %{dpdkdir}/
# FIXME should we propose a way to do that upstream?
sed -ri "/^subdir\('(usertools|app)'\)/d" %{dpdkdir}/meson.build
%patch -p1
%build
%if 0%{?rhel} && 0%{?rhel} < 9
export PYTHONPATH="${PWD}/pyelftools-%{pyelftoolsver}"
%endif
# Build Sphinx on RHEL
%if ! %{external_sphinx}
export PYTHONPATH="${PYTHONPATH:+$PYTHONPATH:}%{_builddir}/pytmp/lib/python"
for x in docutils-%{docutilsver} Pygments-%{pygmentsver} Sphinx-%{sphinxver}; do
pushd "$x"
python2 setup.py install --home %{_builddir}/pytmp
popd
done
export PATH="$PATH:%{_builddir}/pytmp/bin"
%endif
./boot.sh
%ifarch %{dpdkarches} # build dpdk
# Lets build DPDK first
cd %{dpdkdir}
ENABLED_DRIVERS=(
bus/pci
bus/vdev
mempool/ring
net/failsafe
net/i40e
net/ring
net/vhost
net/virtio
net/tap
)
%ifarch x86_64
ENABLED_DRIVERS+=(
bus/auxiliary
bus/vmbus
common/iavf
common/mlx5
net/bnxt
net/enic
net/iavf
net/ice
net/mlx5
net/netvsc
net/nfp
net/qede
net/vdev_netvsc
)
%endif
%ifarch aarch64 x86_64
ENABLED_DRIVERS+=(
net/e1000
net/ixgbe
)
%endif
for driver in "${ENABLED_DRIVERS[@]}"; do
enable_drivers="${enable_drivers:+$enable_drivers,}"$driver
done
# As of 21.11-rc3, following libraries can be disabled:
# optional_libs = [
# 'bitratestats',
# 'gpudev',
# 'gro',
# 'gso',
# 'kni',
# 'jobstats',
# 'latencystats',
# 'metrics',
# 'pdump',
# 'power',
# 'vhost',
# ]
# If doing any updates, this must be aligned with:
# https://access.redhat.com/articles/3538141
DISABLED_LIBS=(
gpudev
kni
jobstats
power
)
for lib in "${DISABLED_LIBS[@]}"; do
disable_libs="${disable_libs:+$disable_libs,}"$lib
done
%set_build_flags
%__meson --prefix=%{_builddir}/dpdk-build \
--buildtype=plain \
-Ddisable_libs="$disable_libs" \
-Denable_drivers="$enable_drivers" \
-Dplatform=generic \
-Dmax_ethports=1024 \
-Dmax_numa_nodes=8 \
-Dtests=false \
%{_vpath_builddir}
%meson_build
%__meson install -C %{_vpath_builddir} --no-rebuild
# FIXME currently with LTO enabled OVS tries to link with both static and shared libraries
rm -v %{_builddir}/dpdk-build/%{_lib}/*.so*
# Generate a list of supported drivers, its hard to tell otherwise.
cat << EOF > README.DPDK-PMDS
DPDK drivers included in this package:
EOF
for f in %{_builddir}/dpdk-build/%{_lib}/librte_net_*.a; do
basename ${f} | cut -c12- | cut -d. -f1 | tr [:lower:] [:upper:]
done >> README.DPDK-PMDS
cat << EOF >> README.DPDK-PMDS
For further information about the drivers, see
http://dpdk.org/doc/guides-%{dpdksver}/nics/index.html
EOF
cd -
%endif # build dpdk
# And now for OVS...
mkdir build-shared build-static
pushd build-shared
ln -s ../configure
%configure \
%if %{with libcapng}
--enable-libcapng \
%else
--disable-libcapng \
%endif
--disable-static \
--enable-shared \
--enable-ssl \
--with-pkidir=%{_sharedstatedir}/openvswitch/pki \
--enable-usdt-probes
make %{?_smp_mflags}
popd
pushd build-static
ln -s ../configure
%ifarch %{dpdkarches}
PKG_CONFIG_PATH=%{_builddir}/dpdk-build/%{_lib}/pkgconfig \
%endif
%configure \
%if %{with libcapng}
--enable-libcapng \
%else
--disable-libcapng \
%endif
--enable-ssl \
%ifarch %{dpdkarches}
--with-dpdk=static \
%endif
--with-pkidir=%{_sharedstatedir}/openvswitch/pki \
--enable-usdt-probes
make %{?_smp_mflags}
popd
/usr/bin/python3 build-aux/dpdkstrip.py \
--dpdk \
< rhel/usr_lib_systemd_system_ovs-vswitchd.service.in \
> rhel/usr_lib_systemd_system_ovs-vswitchd.service
%install
rm -rf $RPM_BUILD_ROOT
make -C build-shared install-libLTLIBRARIES DESTDIR=$RPM_BUILD_ROOT
make -C build-static install DESTDIR=$RPM_BUILD_ROOT
install -d -m 0755 $RPM_BUILD_ROOT%{_rundir}/openvswitch
install -d -m 0750 $RPM_BUILD_ROOT%{_localstatedir}/log/openvswitch
install -d -m 0755 $RPM_BUILD_ROOT%{_sysconfdir}/openvswitch
install -p -D -m 0644 rhel/usr_lib_udev_rules.d_91-vfio.rules \
$RPM_BUILD_ROOT%{_udevrulesdir}/91-vfio.rules
install -p -D -m 0644 \
rhel/usr_share_openvswitch_scripts_systemd_sysconfig.template \
$RPM_BUILD_ROOT/%{_sysconfdir}/sysconfig/openvswitch
for service in openvswitch ovsdb-server ovs-vswitchd \
ovs-delete-transient-ports; do
install -p -D -m 0644 \
rhel/usr_lib_systemd_system_${service}.service \
$RPM_BUILD_ROOT%{_unitdir}/${service}.service
done
%if %{with ipsec}
install -p -D -m 0644 rhel/usr_lib_systemd_system_openvswitch-ipsec.service \
$RPM_BUILD_ROOT%{_unitdir}/openvswitch-ipsec.service
%endif
install -m 0755 rhel/etc_init.d_openvswitch \
$RPM_BUILD_ROOT%{_datadir}/openvswitch/scripts/openvswitch.init
install -p -D -m 0644 rhel/etc_openvswitch_default.conf \
$RPM_BUILD_ROOT/%{_sysconfdir}/openvswitch/default.conf
install -p -D -m 0644 rhel/etc_logrotate.d_openvswitch \
$RPM_BUILD_ROOT/%{_sysconfdir}/logrotate.d/openvswitch
install -m 0644 vswitchd/vswitch.ovsschema \
$RPM_BUILD_ROOT/%{_datadir}/openvswitch/vswitch.ovsschema
%if 0%{?rhel} < 9
install -d -m 0755 $RPM_BUILD_ROOT/%{_sysconfdir}/sysconfig/network-scripts/
install -p -m 0755 rhel/etc_sysconfig_network-scripts_ifdown-ovs \
$RPM_BUILD_ROOT/%{_sysconfdir}/sysconfig/network-scripts/ifdown-ovs
install -p -m 0755 rhel/etc_sysconfig_network-scripts_ifup-ovs \
$RPM_BUILD_ROOT/%{_sysconfdir}/sysconfig/network-scripts/ifup-ovs
%endif
install -d -m 0755 $RPM_BUILD_ROOT%{python3_sitelib}
cp -a $RPM_BUILD_ROOT/%{_datadir}/openvswitch/python/ovstest \
$RPM_BUILD_ROOT%{python3_sitelib}
# Build the JSON C extension for the Python lib (#1417738)
pushd python
(
export CPPFLAGS="-I ../include -I ../build-shared/include"
export LDFLAGS="%{__global_ldflags} -L $RPM_BUILD_ROOT%{_libdir}"
%py3_build
%py3_install
[ -f "$RPM_BUILD_ROOT/%{python3_sitearch}/ovs/_json$(python3-config --extension-suffix)" ]
)
popd
rm -rf $RPM_BUILD_ROOT/%{_datadir}/openvswitch/python/
install -d -m 0755 $RPM_BUILD_ROOT/%{_sharedstatedir}/openvswitch
install -d -m 0755 $RPM_BUILD_ROOT%{_prefix}/lib/firewalld/services/
install -p -D -m 0755 \
rhel/usr_share_openvswitch_scripts_ovs-systemd-reload \
$RPM_BUILD_ROOT%{_datadir}/openvswitch/scripts/ovs-systemd-reload
touch $RPM_BUILD_ROOT%{_sysconfdir}/openvswitch/conf.db
# The db needs special permission as IPsec Pre-shared keys are stored in it.
chmod 0640 $RPM_BUILD_ROOT%{_sysconfdir}/openvswitch/conf.db
touch $RPM_BUILD_ROOT%{_sysconfdir}/openvswitch/system-id.conf
# remove unpackaged files
rm -f $RPM_BUILD_ROOT/%{_bindir}/ovs-benchmark \
$RPM_BUILD_ROOT/%{_bindir}/ovs-docker \
$RPM_BUILD_ROOT/%{_bindir}/ovs-parse-backtrace \
$RPM_BUILD_ROOT/%{_bindir}/ovs-testcontroller \
$RPM_BUILD_ROOT/%{_sbindir}/ovs-vlan-bug-workaround \
$RPM_BUILD_ROOT/%{_mandir}/man1/ovs-benchmark.1* \
$RPM_BUILD_ROOT/%{_mandir}/man8/ovs-testcontroller.* \
$RPM_BUILD_ROOT/%{_mandir}/man8/ovs-vlan-bug-workaround.8*
%if ! %{with ipsec}
rm -f $RPM_BUILD_ROOT/%{_datadir}/openvswitch/scripts/ovs-monitor-ipsec
%endif
# remove ovn unpackages files
rm -f $RPM_BUILD_ROOT%{_bindir}/ovn*
rm -f $RPM_BUILD_ROOT%{_mandir}/man1/ovn*
rm -f $RPM_BUILD_ROOT%{_mandir}/man5/ovn*
rm -f $RPM_BUILD_ROOT%{_mandir}/man7/ovn*
rm -f $RPM_BUILD_ROOT%{_mandir}/man8/ovn*
rm -f $RPM_BUILD_ROOT%{_datadir}/openvswitch/ovn*
rm -f $RPM_BUILD_ROOT%{_datadir}/openvswitch/scripts/ovn*
rm -f $RPM_BUILD_ROOT%{_includedir}/ovn/*
%check
%if %{with check}
pushd build-static
touch resolv.conf
export OVS_RESOLV_CONF=$(pwd)/resolv.conf
if make check TESTSUITEFLAGS='%{_smp_mflags}' ||
make check TESTSUITEFLAGS='--recheck'; then :;
else
cat tests/testsuite.log
exit 1
fi
popd
%endif
%if %{with check_datapath_kernel}
pushd build-static
if make check-kernel RECHECK=yes; then :;
else
cat tests/system-kmod-testsuite.log
exit 1
fi
popd
%endif
%clean
rm -rf $RPM_BUILD_ROOT
%preun
%if 0%{?systemd_preun:1}
%systemd_preun openvswitch.service
%else
if [ $1 -eq 0 ] ; then
# Package removal, not upgrade
/bin/systemctl --no-reload disable openvswitch.service >/dev/null 2>&1 || :
/bin/systemctl stop openvswitch.service >/dev/null 2>&1 || :
fi
%endif
%pre
getent group openvswitch >/dev/null || groupadd -r openvswitch
getent passwd openvswitch >/dev/null || \
useradd -r -g openvswitch -d / -s /sbin/nologin \
-c "Open vSwitch Daemons" openvswitch
%ifarch %{dpdkarches}
getent group hugetlbfs >/dev/null || groupadd hugetlbfs
usermod -a -G hugetlbfs openvswitch
%endif
exit 0
%post
if [ $1 -eq 1 ]; then
sed -i 's:^#OVS_USER_ID=:OVS_USER_ID=:' /etc/sysconfig/openvswitch
%ifarch %{dpdkarches}
sed -i \
's@OVS_USER_ID="openvswitch:openvswitch"@OVS_USER_ID="openvswitch:hugetlbfs"@'\
/etc/sysconfig/openvswitch
%endif
fi
chown -R openvswitch:openvswitch /etc/openvswitch
%if 0%{?systemd_post:1}
%systemd_post openvswitch.service
%else
# Package install, not upgrade
if [ $1 -eq 1 ]; then
/bin/systemctl daemon-reload >dev/null || :
fi
%endif
%postun
%if 0%{?systemd_postun:1}
%systemd_postun openvswitch.service
%else
/bin/systemctl daemon-reload >/dev/null 2>&1 || :
%endif
%triggerun -- openvswitch < 2.5.0-22.git20160727%{?dist}
# old rpm versions restart the service in postun, but
# due to systemd some preparation is needed.
if systemctl is-active openvswitch >/dev/null 2>&1 ; then
/usr/share/openvswitch/scripts/ovs-ctl stop >/dev/null 2>&1 || :
systemctl daemon-reload >/dev/null 2>&1 || :
systemctl stop openvswitch ovsdb-server ovs-vswitchd >/dev/null 2>&1 || :
systemctl start openvswitch >/dev/null 2>&1 || :
fi
exit 0
%files -n python3-%{pkgname}
%{python3_sitearch}/ovs
%{python3_sitearch}/ovs-*.egg-info
%doc LICENSE
%files test
%{_bindir}/ovs-pcap
%{_bindir}/ovs-tcpdump
%{_bindir}/ovs-tcpundump
%{_mandir}/man1/ovs-pcap.1*
%{_mandir}/man8/ovs-tcpdump.8*
%{_mandir}/man1/ovs-tcpundump.1*
%{_bindir}/ovs-test
%{_bindir}/ovs-vlan-test
%{_bindir}/ovs-l3ping
%{_mandir}/man8/ovs-test.8*
%{_mandir}/man8/ovs-vlan-test.8*
%{_mandir}/man8/ovs-l3ping.8*
%{python3_sitelib}/ovstest
%files devel
%{_libdir}/*.so
%{_libdir}/pkgconfig/*.pc
%{_includedir}/openvswitch/*
%{_includedir}/openflow/*
%exclude %{_libdir}/*.a
%exclude %{_libdir}/*.la
%if 0%{?rhel} == 8 || 0%{?fedora} > 28
%files -n network-scripts-%{name}
%{_sysconfdir}/sysconfig/network-scripts/ifup-ovs
%{_sysconfdir}/sysconfig/network-scripts/ifdown-ovs
%endif
%files
%defattr(-,openvswitch,openvswitch)
%dir %{_sysconfdir}/openvswitch
%{_sysconfdir}/openvswitch/default.conf
%config %ghost %verify(not owner group md5 size mtime) %{_sysconfdir}/openvswitch/conf.db
%ghost %attr(0600,-,-) %verify(not owner group md5 size mtime) %{_sysconfdir}/openvswitch/.conf.db.~lock~
%config %ghost %{_sysconfdir}/openvswitch/system-id.conf
%defattr(-,root,root)
%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/sysconfig/openvswitch
%{_sysconfdir}/bash_completion.d/ovs-appctl-bashcomp.bash
%{_sysconfdir}/bash_completion.d/ovs-vsctl-bashcomp.bash
%config(noreplace) %{_sysconfdir}/logrotate.d/openvswitch
%{_unitdir}/openvswitch.service
%{_unitdir}/ovsdb-server.service
%{_unitdir}/ovs-vswitchd.service
%{_unitdir}/ovs-delete-transient-ports.service
%{_datadir}/openvswitch/scripts/openvswitch.init
%{_datadir}/openvswitch/scripts/ovs-check-dead-ifs
%{_datadir}/openvswitch/scripts/ovs-lib
%{_datadir}/openvswitch/scripts/ovs-save
%{_datadir}/openvswitch/scripts/ovs-vtep
%{_datadir}/openvswitch/scripts/ovs-ctl
%{_datadir}/openvswitch/scripts/ovs-kmod-ctl
%{_datadir}/openvswitch/scripts/ovs-systemd-reload
%config %{_datadir}/openvswitch/vswitch.ovsschema
%config %{_datadir}/openvswitch/vtep.ovsschema
%{_bindir}/ovs-appctl
%{_bindir}/ovs-dpctl
%{_bindir}/ovs-ofctl
%{_bindir}/ovs-vsctl
%{_bindir}/ovsdb-client
%{_bindir}/ovsdb-tool
%{_bindir}/ovs-pki
%{_bindir}/vtep-ctl
%{_libdir}/*.so.*
%{_sbindir}/ovs-vswitchd
%{_sbindir}/ovsdb-server
%{_mandir}/man1/ovsdb-client.1*
%{_mandir}/man1/ovsdb-server.1*
%{_mandir}/man1/ovsdb-tool.1*
%{_mandir}/man5/ovsdb.5*
%{_mandir}/man5/ovsdb-server.5.*
%{_mandir}/man5/ovs-vswitchd.conf.db.5*
%{_mandir}/man5/vtep.5*
%{_mandir}/man7/ovsdb-server.7*
%{_mandir}/man7/ovsdb.7*
%{_mandir}/man7/ovs-actions.7*
%{_mandir}/man7/ovs-fields.7*
%{_mandir}/man8/vtep-ctl.8*
%{_mandir}/man8/ovs-appctl.8*
%{_mandir}/man8/ovs-ctl.8*
%{_mandir}/man8/ovs-dpctl.8*
%{_mandir}/man8/ovs-kmod-ctl.8.*
%{_mandir}/man8/ovs-ofctl.8*
%{_mandir}/man8/ovs-pki.8*
%{_mandir}/man8/ovs-vsctl.8*
%{_mandir}/man8/ovs-vswitchd.8*
%{_mandir}/man8/ovs-parse-backtrace.8*
%{_udevrulesdir}/91-vfio.rules
%doc LICENSE NOTICE README.rst NEWS rhel/README.RHEL.rst
%ifarch %{dpdkarches}
%doc %{dpdkdir}/README.DPDK-PMDS
%attr(750,openvswitch,hugetlbfs) %verify(not owner group) /var/log/openvswitch
%else
%attr(750,openvswitch,openvswitch) %verify(not owner group) /var/log/openvswitch
%endif
/var/lib/openvswitch
%ghost %attr(755,root,root) %verify(not owner group) %{_rundir}/openvswitch
%{_datadir}/openvswitch/bugtool-plugins/
%{_datadir}/openvswitch/scripts/ovs-bugtool-*
%{_bindir}/ovs-dpctl-top
%{_sbindir}/ovs-bugtool
%{_mandir}/man8/ovs-dpctl-top.8*
%{_mandir}/man8/ovs-bugtool.8*
%if (0%{?rhel} && 0%{?rhel} <= 7) || (0%{?fedora} && 0%{?fedora} < 29)
%{_sysconfdir}/sysconfig/network-scripts/ifup-ovs
%{_sysconfdir}/sysconfig/network-scripts/ifdown-ovs
%endif
%if %{with ipsec}
%files ipsec
%{_datadir}/openvswitch/scripts/ovs-monitor-ipsec
%{_unitdir}/openvswitch-ipsec.service
%endif
%changelog
* Mon May 02 2022 Open vSwitch CI <ovs-ci@redhat.com> - 2.17.0-15
- Merging upstream branch-2.17 [RH git: e706ea8148]
Commit list:
522c46884d python: idl: Raise AttributeError from uuid_to_row.
cb24c524e4 ofproto-dpif-xlate: Clear out vlan flow fields while processing native tunnel. (#2060552)
a665b75dec dpif-netdev-avx512: Fix overflow of UINT32_C(1).
* Thu Apr 28 2022 Timothy Redaelli <tredaelli@redhat.com> - 2.17.0-14
- vhost: fix queue number check when setting inflight FD [RH git: 2ac21853a2]
[ upstream commit 6442c329b9d2ded0f44b27d2016aaba8ba5844c5 ]
In function vhost_user_set_inflight_fd, queue number in inflight
message is used to access virtqueue. However, queue number could
be larger than VHOST_MAX_VRING and cause write OOB as this number
will be used to write inflight info in virtqueue structure. This
patch checks the queue number to avoid the issue and also make
sure virtqueues are allocated before setting inflight information.
Fixes: ad0a4ae491fe ("vhost: checkout resubmit inflight information")
Reported-by: Wenxiang Qian <leonwxqian@gmail.com>
Signed-off-by: Chenbo Xia <chenbo.xia@intel.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
* Thu Apr 28 2022 Timothy Redaelli <tredaelli@redhat.com> - 2.17.0-13
- vhost: fix FD leak with inflight messages [RH git: bff69b098f]
[ upstream commit af74f7db384ed149fe42b21dbd7975f8a54ef227 ]
Even if unlikely, a buggy vhost-user master might attach fds to inflight
messages. Add checks like for other types of vhost-user messages.
Fixes: d87f1a1cb7b6 ("vhost: support inflight info sharing")
Signed-off-by: David Marchand <david.marchand@redhat.com>
Reviewed-by: Maxime Coquelin <maxime.coquelin@redhat.com>
* Wed Apr 27 2022 Open vSwitch CI <ovs-ci@redhat.com> - 2.17.0-12
- Merging upstream branch-2.17 [RH git: 7a9f21a896]
Commit list:
60e7badd6e dpif-netdev-avx512: Fix ubsan shift error in bitmasks.
9cc329ec5b python: Politely handle misuse of table.condition.
0631be2b5a ofproto-xlate: Fix crash when forwarding packet between legacy_l3 tunnels.
df97903099 system-traffic: Fix fragment reassembly with L3 L4 protocol information.
ba159ee0f9 cirrus: Update FreeBSD versions.
* Thu Apr 21 2022 Timothy Redaelli <tredaelli@redhat.com> - 2.17.0-11
- Set RTE_ETH_MAXPORTS to 1024 [RH git: c02e6bcdc4] (#2077451)
Resolves: #2077451
* Wed Apr 13 2022 Timothy Redaelli <tredaelli@redhat.com> - 2.17.0-10
- redhat: network-scripts are gone in RHEL9 [RH git: 613e0e5190]
* Fri Apr 08 2022 Open vSwitch CI <ovs-ci@redhat.com> - 2.17.0-9
- Merging upstream branch-2.17 [RH git: 4b4333522a]
Commit list:
bd1a3b6b49 Prepare for 2.17.2.
41bb202fb3 Set release date for 2.17.1.
8f42d4f597 NEWS: Highlight libopenvswitch API change caused by UB fixes.
* Fri Apr 08 2022 Open vSwitch CI <ovs-ci@redhat.com> - 2.17.0-8
- Merging upstream branch-2.17 [RH git: 11b19654f7]
Commit list:
14301b3a3c netdev-offload-tc: Check for ct_state flag combinations that are not offloadable.
* Mon Apr 04 2022 Open vSwitch CI <ovs-ci@redhat.com> - 2.17.0-7
- Merging upstream branch-2.17 [RH git: 6cd8201ead]
Commit list:
3a2eef7927 python: idl: Set cond_changed to true if condition change requested.
d05ccf288d dpif-netdev: Fix dp_netdev_get_pmd() function getting correct core_id.
79e291f983 alb.at: Add tests for cross-numa polling.
9c3b74fb24 dpif-netdev: Fix PMD auto load balance with pmd-rxq-isolate.
8580ff9ddd pmd.at: Add tests for multi non-local numa pmds.
6bf4eeddbb dpif-netdev: Fix non-local numa selection for more than two numas.
c41434b3b7 dpif-netdev: Fix typo in function name.
e0aa5e1329 python: idl: Set cond_changed to false if last id is zero.
8da40d31c7 ofproto-dpif-xlate: Fix NULL pointer dereference in xlate_normal().
63a903ab42 ofproto/ofproto-dpif: Fix dpif_type for userspace tunnels.
* Mon Apr 04 2022 Timothy Redaelli <tredaelli@redhat.com> - 2.17.0-6
- downstream: Enable usdt probes in build [RH git: b366bbed8f]
Fixes: BZ1840877
* Thu Mar 31 2022 Michael Santana <msantana@redhat.com> - 2.17.0-5
- redhat/makefile: fix support for more rhel versions [RH git: 7c8bb3babb]
Signed-off-by: Michael Santana <msantana@redhat.com>
* Thu Mar 31 2022 Open vSwitch CI <ovs-ci@redhat.com> - 2.17.0-4
- Merging upstream branch-2.17 [RH git: 95e1c005d2]
Commit list:
14d54eb8b6 sset: add SHORT version of SAFE loop macros.
f0e63b115f sparse: bump recommended version and include headers.
70b87cf722 idlc: support short version of SAFE macros.
3777ed90c9 rculist: use multi-variable helpers for loop macros.
bb52e9bebf hindex: remove the next variable in safe loops.
7d6cbfa24b hindex: use multi-variable iterators.
97ad96b63a cmap: use multi-variable iterators.
cd62fda22d hmap: use short version of safe loops if possible.
d56bfd7521 hmap: implement UB-safe hmap pop iterator.
e2c8354861 hmap: use multi-variable helpers for hmap loops.
897d6647e6 list: use short version of safe loops if possible.
979a9eb5b5 list: use multi-variable helpers for list loops.
6bacf802c6 util: add helpers to overload SAFE macro.
f127123d66 util: add safe multi-variable iterators.
38e73f0b68 util: add multi-variable loop iterator macros.
e91edf4568 ovsdb: raft: Fix inability to read the database with DNS host names. (#2055097)
2404d45367 system-traffic.at: Fix flaky DNAT load balancing test.
6b8adfdd8d dpif-netdev: Keep orig_in_port as a field of the flow.
6098b7f250 tests: Fix incorrect usage of OVS_WAIT_UNTIL.
cf9018d373 odp-util: Fix output for tc to be equal to kernel.
992de24063 netdev-offload-tc: Fix IP and port ranges in flower returns.
7e26796c03 netdev-offload-tc: Fix use of ICMP values instead of masks defines.
e319e27064 netdev-offload-tc: Always include conntrack information to tc.
51ef81ad78 netdev-offload-tc: Check for valid netdev ifindex in flow_put.
974253dc2e netdev-offload-tc: Set the correct VLAN_VID and VLAN_PCP masks.
c43c159aea netdev-offload-tc: Add debug logs on tc rule verify failures.
d34622a03b tc: Keep header rewrite actions order.
5255713d1f faq: Update OVS/DPDK version table for OVS 2.15/2.16
05cf36a620 system-dpdk: Fix mfex autovalidator tests.
87540e3b9f ofp-prop: Silence the 'may be uninitialized' warning.
812164adef tests: Ignore log about failing to set NETLINK_EXT_ACK.
ae51ccc12c ovsdb-cluster.at: Avoid test failures due to different hashing.
f33cde23c7 ofproto: Use xlate map for uuid lookups.
6ac255496c ofproto: Add refcount to ofproto to fix ofproto use-after-free.
db0cc8be38 ofproto-dpif: Trigger revalidation when ipfix config set.
31b86e5c98 conntrack: Prefer dst port range during unique tuple search.
b761b532c3 conntrack: Select correct sport range for well-known origin sport.
78bd058c36 ipsec: StrongSwan report connection update failures to ovs logs.
aa05596dfb ipsec: Libreswan report connection failures to ovs logs.
427776ceae system-tso: Skip encap tests when userspace TSO is enabled.
66d16e2883 tc: Fix stats byte count on fragmented packets.
b63c41f31f compat: Add gen_stats include to define tc hw stats.
c531b3828f ovsdb: raft: Fix inability to join the cluster after interrupted attempt. (#2033514)
498cedc483 reconnect: Fix broken inactivity probe if there is no other reason to wake up.
5dc1423d80 datapath-windows: Fix NXM_OF_IP_TOS issue
91c0f0068d Prepare for 2.17.1.
* Wed Mar 30 2022 Timothy Redaelli <tredaelli@redhat.com> - 2.17.0-3
- redhat: fix setup on RHEL8 [RH git: 769c7d89ac]
* Wed Mar 30 2022 Timothy Redaelli <tredaelli@redhat.com> - 2.17.0-2
- rhel: avoid including sortedcontainers [RH git: 3c5b820d14]
* Mon Feb 21 2022 Timothy Redaelli <tredaelli@redhat.com> - 2.17.0-1
- redhat: Imported Red Hat build files. [RH git: 00b5f7b51b]