From e9a878f3704762dbf769b2309b8d9667dff08b45 Mon Sep 17 00:00:00 2001 From: Open vSwitch CI Date: Sep 21 2024 01:54:20 +0000 Subject: Import openvswitch2.17-2.17.0-169 from Fast DataPath --- diff --git a/SOURCES/openvswitch-2.17.0.patch b/SOURCES/openvswitch-2.17.0.patch index 585c18d..5c123b3 100644 --- a/SOURCES/openvswitch-2.17.0.patch +++ b/SOURCES/openvswitch-2.17.0.patch @@ -114250,6 +114250,32 @@ index 49dc06e38c..558632320c 100644 ${OVS_USER_OPT} \ --no-monitor restart $OPTIONS +TimeoutSec=300 +diff --git a/selinux/openvswitch-custom.te.in b/selinux/openvswitch-custom.te.in +index beb0ab0d66..fe2c5bb61a 100644 +--- a/selinux/openvswitch-custom.te.in ++++ b/selinux/openvswitch-custom.te.in +@@ -49,8 +49,8 @@ require { + class fifo_file { getattr read write append ioctl lock open }; + class filesystem getattr; + class lnk_file { read open }; +- class netlink_audit_socket { create nlmsg_relay audit_write read write }; +- class netlink_netfilter_socket { create nlmsg_relay audit_write read write }; ++ class netlink_audit_socket { create nlmsg_relay read write }; ++ class netlink_netfilter_socket { create read write }; + @begin_dpdk@ + class netlink_rdma_socket { setopt bind create }; + @end_dpdk@ +@@ -79,8 +79,8 @@ domtrans_pattern(openvswitch_t, openvswitch_load_module_exec_t, openvswitch_load + + #============= openvswitch_t ============== + allow openvswitch_t self:capability { dac_override audit_write net_broadcast net_raw }; +-allow openvswitch_t self:netlink_audit_socket { create nlmsg_relay audit_write read write }; +-allow openvswitch_t self:netlink_netfilter_socket { create nlmsg_relay audit_write read write }; ++allow openvswitch_t self:netlink_audit_socket { create nlmsg_relay read write }; ++allow openvswitch_t self:netlink_netfilter_socket { create read write }; + @begin_dpdk@ + allow openvswitch_t self:netlink_rdma_socket { setopt bind create }; + @end_dpdk@ diff --git a/tests/.gitignore b/tests/.gitignore index a3d927e5d5..4c52fb2534 100644 --- a/tests/.gitignore diff --git a/SPECS/openvswitch2.17.spec b/SPECS/openvswitch2.17.spec index 33614c0..5ea9b7b 100644 --- a/SPECS/openvswitch2.17.spec +++ b/SPECS/openvswitch2.17.spec @@ -57,7 +57,7 @@ Summary: Open vSwitch Group: System Environment/Daemons daemon/database/utilities URL: http://www.openvswitch.org/ Version: 2.17.0 -Release: 168%{?dist} +Release: 169%{?dist} # Nearly all of openvswitch is ASL 2.0. The bugtool is LGPLv2+, and the # lib/sflow*.[ch] files are SISSL @@ -751,6 +751,12 @@ exit 0 %endif %changelog +* Fri Sep 20 2024 Open vSwitch CI - 2.17.0-169 +- Merging upstream branch-2.17 [RH git: 242e9035f1] + Commit list: + a31060e609 selinux: Update policy file. + + * Fri Sep 20 2024 Open vSwitch CI - 2.17.0-168 - Merging upstream branch-2.17 [RH git: 683255f9ce] Commit list: