diff --git a/SOURCES/openvswitch-3.1.0.patch b/SOURCES/openvswitch-3.1.0.patch index 4376ddf..ae6698d 100644 --- a/SOURCES/openvswitch-3.1.0.patch +++ b/SOURCES/openvswitch-3.1.0.patch @@ -3603,6 +3603,20 @@ index acf174927..47c15bde7 100644 uint32_t erspan_idx; uint8_t erspan_ver; uint8_t erspan_dir; +diff --git a/lib/netlink-conntrack.c b/lib/netlink-conntrack.c +index 4fcde9ba1..492bfcffb 100644 +--- a/lib/netlink-conntrack.c ++++ b/lib/netlink-conntrack.c +@@ -579,7 +579,8 @@ nl_ct_put_tuple_proto(struct ofpbuf *buf, const struct ct_dpif_tuple *tuple) + nl_msg_put_u8(buf, CTA_PROTO_ICMPV6_TYPE, tuple->icmp_type); + nl_msg_put_u8(buf, CTA_PROTO_ICMPV6_CODE, tuple->icmp_code); + } else if (tuple->ip_proto == IPPROTO_TCP || +- tuple->ip_proto == IPPROTO_UDP) { ++ tuple->ip_proto == IPPROTO_UDP || ++ tuple->ip_proto == IPPROTO_SCTP) { + nl_msg_put_be16(buf, CTA_PROTO_SRC_PORT, tuple->src_port); + nl_msg_put_be16(buf, CTA_PROTO_DST_PORT, tuple->dst_port); + } else { diff --git a/lib/ofp-parse.c b/lib/ofp-parse.c index a90b926ef..102b183a8 100644 --- a/lib/ofp-parse.c @@ -7457,10 +7471,28 @@ index 784bada12..15e789a24 100644 +"]) +AT_CLEANUP diff --git a/tests/system-kmod-macros.at b/tests/system-kmod-macros.at -index 11920e60b..1f9950f83 100644 +index 11920e60b..cbec8de02 100644 --- a/tests/system-kmod-macros.at +++ b/tests/system-kmod-macros.at -@@ -224,3 +224,13 @@ m4_define([VSCTL_ADD_DATAPATH_TABLE], +@@ -112,6 +112,17 @@ m4_define([CHECK_CONNTRACK_ZEROIP_SNAT], + AT_SKIP_IF([test "$IS_WIN32" = "yes"]) + ]) + ++# CHECK_CONNTRACK_SCTP() ++# ++# Perform requirements checks for running conntrack SCTP. The kernel ++# optionally support nf proto sctp. ++# ++m4_define([CHECK_CONNTRACK_SCTP], ++[ ++ AT_SKIP_IF([test "$IS_WIN32" = "yes"]) ++ AT_SKIP_IF([! test -e /proc/sys/net/netfilter/nf_conntrack_sctp_timeout_closed]) ++]) ++ + # CHECK_CONNTRACK_TIMEOUT() + # + # Perform requirements checks for running conntrack customized timeout tests. +@@ -224,3 +235,13 @@ m4_define([VSCTL_ADD_DATAPATH_TABLE], # or necessary for the userspace datapath as it is checking for a kernel # specific regression. m4_define([CHECK_L3L4_CONNTRACK_REASM]) @@ -7620,10 +7652,27 @@ index d36da0580..8dd3bdf88 100644 +"]) +AT_CLEANUP diff --git a/tests/system-traffic.at b/tests/system-traffic.at -index 221d96aef..6678911b4 100644 +index 221d96aef..0f0970a31 100644 --- a/tests/system-traffic.at +++ b/tests/system-traffic.at -@@ -2360,8 +2360,10 @@ priority=100,in_port=2,icmp,action=ct(zone=5,commit),1 +@@ -2343,6 +2343,7 @@ AT_CLEANUP + + AT_SETUP([conntrack - ct flush]) + CHECK_CONNTRACK() ++CHECK_CONNTRACK_SCTP() + OVS_TRAFFIC_VSWITCHD_START() + + ADD_NAMESPACES(at_ns0, at_ns1) +@@ -2353,15 +2354,15 @@ ADD_VETH(p1, at_ns1, br0, "10.1.1.2/24") + AT_DATA([flows.txt], [dnl + priority=1,action=drop + priority=10,arp,action=normal +-priority=100,in_port=1,udp,action=ct(commit),2 +-priority=100,in_port=2,udp,action=ct(zone=5,commit),1 +-priority=100,in_port=1,icmp,action=ct(commit),2 +-priority=100,in_port=2,icmp,action=ct(zone=5,commit),1 ++priority=100,in_port=1,ip,action=ct(commit),2 ++priority=100,in_port=2,ip,action=ct(zone=5,commit),1 ]) AT_CHECK([ovs-ofctl --bundle add-flows br0 flows.txt]) @@ -7634,10 +7683,11 @@ index 221d96aef..6678911b4 100644 [ovs-ofctl ct-flush br0]], [ AS_BOX([Testing with FLUSH_CMD]) -@@ -2504,8 +2506,48 @@ udp,orig=(src=10.1.1.2,dst=10.1.1.1,sport=2,dport=1),reply=(src=10.1.1.1,dst=10. +@@ -2503,9 +2504,68 @@ udp,orig=(src=10.1.1.2,dst=10.1.1.1,sport=2,dport=1),reply=(src=10.1.1.1,dst=10. + AT_CHECK([FLUSH_CMD zone=5 '' 'ct_nw_src=10.1.1.1']) - AT_CHECK([ovs-appctl dpctl/dump-conntrack | grep "10\.1\.1\.1"], [1]) ++AT_CHECK([ovs-appctl dpctl/dump-conntrack | grep "10\.1\.1\.1"], [1]) + +dnl Test UDP from port 1 and 2, flush without arguments +AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 "in_port=1 packet=50540000000a50540000000908004500001c000000000011a4cd0a0101010a0101020001000200080000 actions=resubmit(,0)"]) @@ -7647,13 +7697,32 @@ index 221d96aef..6678911b4 100644 +AT_CHECK([ovs-appctl dpctl/dump-conntrack | grep "10\.1\.1\.1" | sort], [0], [dnl +udp,orig=(src=10.1.1.1,dst=10.1.1.2,sport=1,dport=2),reply=(src=10.1.1.2,dst=10.1.1.1,sport=2,dport=1) +udp,orig=(src=10.1.1.2,dst=10.1.1.1,sport=2,dport=1),reply=(src=10.1.1.1,dst=10.1.1.2,sport=1,dport=2),zone=5 - ]) - ++]) ++ +AT_CHECK([FLUSH_CMD]) + +AT_CHECK([ovs-appctl dpctl/dump-conntrack | grep "10\.1\.1\.1"], [1]) ++ ++dnl Test SCTP flush based on port. ++AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 "in_port=1 packet=50540000000a50540000000908004500003400010000408464410a0101010a01010200010002000000009178f7d30100001470e18ccc00000000000a000a00000000 actions=resubmit(,0)"]) ++AT_CHECK([ovs-ofctl -O OpenFlow13 packet-out br0 "in_port=2 packet=50540000000950540000000a08004500003400010000408464410a0101020a010101000200010000000098f29e470100001470e18ccc00000000000a000a00000000 actions=resubmit(,0)"]) ++ ++AT_CHECK([ovs-appctl dpctl/dump-conntrack | grep "10\.1\.1\.1" | sed "s/,protoinfo=.*$//" | sort], [0], [dnl ++sctp,orig=(src=10.1.1.1,dst=10.1.1.2,sport=1,dport=2),reply=(src=10.1.1.2,dst=10.1.1.1,sport=2,dport=1) ++sctp,orig=(src=10.1.1.2,dst=10.1.1.1,sport=2,dport=1),reply=(src=10.1.1.1,dst=10.1.1.2,sport=1,dport=2),zone=5 ++]) ++ ++AT_CHECK([FLUSH_CMD 'ct_nw_src=10.1.1.1,ct_nw_proto=132,ct_tp_src=1,ct_tp_dst=2']) ++ ++AT_CHECK([ovs-appctl dpctl/dump-conntrack | grep "10\.1\.1\.1" | sed "s/,protoinfo=.*$//" | sort], [0], [dnl ++sctp,orig=(src=10.1.1.2,dst=10.1.1.1,sport=2,dport=1),reply=(src=10.1.1.1,dst=10.1.1.2,sport=1,dport=2),zone=5 +]) + ++AT_CHECK([FLUSH_CMD 'ct_nw_src=10.1.1.2,ct_nw_proto=132,ct_tp_src=2,ct_tp_dst=1']) ++ + AT_CHECK([ovs-appctl dpctl/dump-conntrack | grep "10\.1\.1\.1"], [1]) + ]) + +dnl Test flush with invalid arguments + +AT_CHECK([ovs-appctl dpctl/flush-conntrack zone=invalid 'ct_nw_src=10.1.1.1' 'ct_nw_dst=10.1.1.1'], [2], [ignore], [stderr]) @@ -7683,7 +7752,7 @@ index 221d96aef..6678911b4 100644 OVS_TRAFFIC_VSWITCHD_STOP AT_CLEANUP -@@ -7220,7 +7262,7 @@ table=2,in_port=ovs-server,ip,ct_state=+trk+rpl,actions=output:ovs-client +@@ -7220,7 +7280,7 @@ table=2,in_port=ovs-server,ip,ct_state=+trk+rpl,actions=output:ovs-client AT_CHECK([ovs-ofctl add-flows br0 flows.txt]) rm server.pcap @@ -7692,7 +7761,7 @@ index 221d96aef..6678911b4 100644 OVS_WAIT_UNTIL([grep "listening" tcpdump0_err]) dnl Send UDP client->server -@@ -7262,7 +7304,7 @@ dnl Check the ICMP error in reply direction +@@ -7262,7 +7322,7 @@ dnl Check the ICMP error in reply direction AT_CHECK([ovs-appctl dpctl/flush-conntrack zone=42]) rm client.pcap @@ -7702,10 +7771,27 @@ index 221d96aef..6678911b4 100644 dnl Send UDP client->server diff --git a/tests/system-userspace-macros.at b/tests/system-userspace-macros.at -index b34a84775..40210f7fa 100644 +index b34a84775..2db62bf8d 100644 --- a/tests/system-userspace-macros.at +++ b/tests/system-userspace-macros.at -@@ -325,3 +325,11 @@ m4_define([CHECK_L3L4_CONNTRACK_REASM], +@@ -106,6 +106,16 @@ m4_define([CHECK_CONNTRACK_NAT]) + # + m4_define([CHECK_CONNTRACK_ZEROIP_SNAT]) + ++# CHECK_CONNTRACK_SCTP() ++# ++# Perform requirements checks for running conntrack SCTP. The userspace ++# datapath does not support SCTP. ++# ++m4_define([CHECK_CONNTRACK_SCTP], ++[ ++ AT_SKIP_IF([:]) ++]) ++ + # CHECK_CONNTRACK_TIMEOUT() + # + # Perform requirements checks for running conntrack customized timeout tests. +@@ -325,3 +335,11 @@ m4_define([CHECK_L3L4_CONNTRACK_REASM], [ AT_SKIP_IF([:]) ]) diff --git a/SPECS/openvswitch3.1.spec b/SPECS/openvswitch3.1.spec index 17a6770..8dffa7d 100644 --- a/SPECS/openvswitch3.1.spec +++ b/SPECS/openvswitch3.1.spec @@ -63,7 +63,7 @@ Summary: Open vSwitch Group: System Environment/Daemons daemon/database/utilities URL: http://www.openvswitch.org/ Version: 3.1.0 -Release: 60%{?dist} +Release: 61%{?dist} # Nearly all of openvswitch is ASL 2.0. The bugtool is LGPLv2+, and the # lib/sflow*.[ch] files are SISSL @@ -757,6 +757,12 @@ exit 0 %endif %changelog +* Sat Sep 09 2023 Open vSwitch CI - 3.1.0-61 +- Merging upstream branch-3.1 [RH git: 926dad1f04] + Commit list: + 8e8131eff7 netlink-conntrack: Fix partial match of entries with SCTP. (#2228037) + + * Wed Sep 06 2023 Open vSwitch CI - 3.1.0-60 - Merging upstream branch-3.1 [RH git: 0b6a4adefd] Commit list: