From 11f3bcf8558b7ea95c7da9e9b146a835a10da1ba Mon Sep 17 00:00:00 2001
From: Open vSwitch CI <ovs-team@redhat.com>
Date: Sep 20 2024 21:18:33 +0000
Subject: Import openvswitch3.4-3.4.0-6 from Fast DataPath


---

diff --git a/SOURCES/openvswitch-3.4.0.patch b/SOURCES/openvswitch-3.4.0.patch
index f741614..f3a47ec 100644
--- a/SOURCES/openvswitch-3.4.0.patch
+++ b/SOURCES/openvswitch-3.4.0.patch
@@ -348,6 +348,32 @@ index 4d39bc5a71..e7d4c2b2c3 100644
                  if (result != UKEY_KEEP) {
                      /* Clears 'recircs' if filled by revalidate_ukey(). */
                      reval_op_init(&ops[n_ops++], result, udpif, ukey, &recircs,
+diff --git a/selinux/openvswitch-custom.te.in b/selinux/openvswitch-custom.te.in
+index beb0ab0d66..fe2c5bb61a 100644
+--- a/selinux/openvswitch-custom.te.in
++++ b/selinux/openvswitch-custom.te.in
+@@ -49,8 +49,8 @@ require {
+         class fifo_file { getattr read write append ioctl lock open };
+         class filesystem getattr;
+         class lnk_file { read open };
+-        class netlink_audit_socket { create nlmsg_relay audit_write read write };
+-        class netlink_netfilter_socket { create nlmsg_relay audit_write read write };
++        class netlink_audit_socket { create nlmsg_relay read write };
++        class netlink_netfilter_socket { create read write };
+ @begin_dpdk@
+         class netlink_rdma_socket { setopt bind create };
+ @end_dpdk@
+@@ -79,8 +79,8 @@ domtrans_pattern(openvswitch_t, openvswitch_load_module_exec_t, openvswitch_load
+ 
+ #============= openvswitch_t ==============
+ allow openvswitch_t self:capability { dac_override audit_write net_broadcast net_raw };
+-allow openvswitch_t self:netlink_audit_socket { create nlmsg_relay audit_write read write };
+-allow openvswitch_t self:netlink_netfilter_socket { create nlmsg_relay audit_write read write };
++allow openvswitch_t self:netlink_audit_socket { create nlmsg_relay read write };
++allow openvswitch_t self:netlink_netfilter_socket { create read write };
+ @begin_dpdk@
+ allow openvswitch_t self:netlink_rdma_socket { setopt bind create };
+ @end_dpdk@
 diff --git a/tests/ofproto-dpif.at b/tests/ofproto-dpif.at
 index 42fb66de68..12cb7f7a6a 100644
 --- a/tests/ofproto-dpif.at
diff --git a/SPECS/openvswitch3.4.spec b/SPECS/openvswitch3.4.spec
index 94ce7c4..358d778 100644
--- a/SPECS/openvswitch3.4.spec
+++ b/SPECS/openvswitch3.4.spec
@@ -57,7 +57,7 @@ Summary: Open vSwitch
 Group: System Environment/Daemons daemon/database/utilities
 URL: http://www.openvswitch.org/
 Version: 3.4.0
-Release: 5%{?dist}
+Release: 6%{?dist}
 
 # Nearly all of openvswitch is ASL 2.0.  The bugtool is LGPLv2+, and the
 # lib/sflow*.[ch] files are SISSL
@@ -770,6 +770,12 @@ exit 0
 %endif
 
 %changelog
+* Fri Sep 20 2024 Open vSwitch CI <ovs-ci@redhat.com> - 3.4.0-6
+- Merging upstream branch-3.4 [RH git: 0037d59a9b]
+    Commit list:
+    e05a769314 selinux: Update policy file.
+
+
 * Fri Sep 20 2024 Open vSwitch CI <ovs-ci@redhat.com> - 3.4.0-5
 - Merging upstream branch-3.4 [RH git: 17b80cd265]
     Commit list: