diff --git a/SOURCES/openvswitch-3.1.0.patch b/SOURCES/openvswitch-3.1.0.patch index cba09ad..2c87ad1 100644 --- a/SOURCES/openvswitch-3.1.0.patch +++ b/SOURCES/openvswitch-3.1.0.patch @@ -216,7 +216,7 @@ index 952d964315..d73154a971 100644 memory: 4G diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml -index 82675b9734..7c66b07c4f 100644 +index 82675b9734..c21ed20188 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -2,13 +2,84 @@ name: Build and Test @@ -375,22 +375,7 @@ index 82675b9734..7c66b07c4f 100644 - name: update APT cache run: sudo apt update || true -@@ -136,6 +200,14 @@ jobs: - if: matrix.m32 != '' - run: sudo apt install -y gcc-multilib - -+ - name: Reduce ASLR entropy -+ if: matrix.asan != '' || matrix.ubsan != '' -+ # Asan in llvm 14 provided in ubuntu-22.04 is incompatible with -+ # high-entropy ASLR configured in much newer kernels that GitHub -+ # runners are using leading to random crashes: -+ # https://github.com/actions/runner-images/issues/9491 -+ run: sudo sysctl -w vm.mmap_rnd_bits=28 -+ - - name: prepare - run: ./.ci/linux-prepare.sh - -@@ -145,9 +217,9 @@ jobs: +@@ -145,9 +209,9 @@ jobs: - name: copy logs on failure if: failure() || cancelled() run: | @@ -402,7 +387,7 @@ index 82675b9734..7c66b07c4f 100644 # So, we're just archiving everything here to avoid any issues. mkdir logs cp config.log ./logs/ -@@ -156,7 +228,7 @@ jobs: +@@ -156,7 +220,7 @@ jobs: - name: upload logs on failure if: failure() || cancelled() @@ -411,7 +396,7 @@ index 82675b9734..7c66b07c4f 100644 with: name: logs-linux-${{ join(matrix.*, '-') }} path: logs.tgz -@@ -175,15 +247,15 @@ jobs: +@@ -175,15 +239,15 @@ jobs: steps: - name: checkout @@ -430,7 +415,7 @@ index 82675b9734..7c66b07c4f 100644 - name: install dependencies run: brew install automake libtool - name: prepare -@@ -192,7 +264,7 @@ jobs: +@@ -192,7 +256,7 @@ jobs: run: ./.ci/osx-build.sh - name: upload logs on failure if: failure() @@ -439,7 +424,7 @@ index 82675b9734..7c66b07c4f 100644 with: name: logs-osx-clang---disable-ssl path: config.log -@@ -216,7 +288,7 @@ jobs: +@@ -216,7 +280,7 @@ jobs: steps: - name: checkout @@ -448,7 +433,7 @@ index 82675b9734..7c66b07c4f 100644 - name: update PATH run: | -@@ -238,7 +310,7 @@ jobs: +@@ -238,7 +302,7 @@ jobs: run: ./.ci/linux-build.sh - name: upload deb packages @@ -1848,10 +1833,18 @@ index cf009f8264..91baeb9f5f 100644 /* "clang" annotations for thread safety check. * diff --git a/include/openvswitch/meta-flow.h b/include/openvswitch/meta-flow.h -index 045dce8f5f..3b0220aaa2 100644 +index 045dce8f5f..fb7d17ebe7 100644 --- a/include/openvswitch/meta-flow.h +++ b/include/openvswitch/meta-flow.h -@@ -2366,6 +2366,10 @@ void mf_format_subvalue(const union mf_subvalue *subvalue, struct ds *s); +@@ -2305,6 +2305,7 @@ void mf_set_flow_value_masked(const struct mf_field *, + const union mf_value *mask, + struct flow *); + bool mf_is_tun_metadata(const struct mf_field *); ++bool mf_is_any_metadata(const struct mf_field *); + bool mf_is_frozen_metadata(const struct mf_field *); + bool mf_is_pipeline_field(const struct mf_field *); + bool mf_is_set(const struct mf_field *, const struct flow *); +@@ -2366,6 +2367,10 @@ void mf_format_subvalue(const union mf_subvalue *subvalue, struct ds *s); void field_array_set(enum mf_field_id id, const union mf_value *, struct field_array *); @@ -4032,10 +4025,136 @@ index 029ca28558..98ec67281b 100644 ovs_rwlock_unlock(&ms->rwlock); } diff --git a/lib/meta-flow.c b/lib/meta-flow.c -index c576ae6202..474344194f 100644 +index c576ae6202..50d3379b44 100644 --- a/lib/meta-flow.c +++ b/lib/meta-flow.c -@@ -3676,3 +3676,28 @@ mf_bitmap_not(struct mf_bitmap x) +@@ -1788,6 +1788,115 @@ mf_is_tun_metadata(const struct mf_field *mf) + mf->id < MFF_TUN_METADATA0 + TUN_METADATA_NUM_OPTS; + } + ++bool ++mf_is_any_metadata(const struct mf_field *mf) ++{ ++ switch (mf->id) { ++ case MFF_DP_HASH: ++ case MFF_RECIRC_ID: ++ case MFF_PACKET_TYPE: ++ case MFF_CONJ_ID: ++ case MFF_TUN_ERSPAN_DIR: ++ CASE_MFF_TUN_METADATA: ++ case MFF_METADATA: ++ case MFF_IN_PORT: ++ case MFF_IN_PORT_OXM: ++ case MFF_ACTSET_OUTPUT: ++ case MFF_SKB_PRIORITY: ++ case MFF_PKT_MARK: ++ case MFF_CT_STATE: ++ case MFF_CT_ZONE: ++ case MFF_CT_MARK: ++ case MFF_CT_LABEL: ++ case MFF_CT_NW_PROTO: ++ case MFF_CT_NW_SRC: ++ case MFF_CT_NW_DST: ++ case MFF_CT_IPV6_SRC: ++ case MFF_CT_IPV6_DST: ++ case MFF_CT_TP_SRC: ++ case MFF_CT_TP_DST: ++ CASE_MFF_REGS: ++ CASE_MFF_XREGS: ++ CASE_MFF_XXREGS: ++ return true; ++ ++ case MFF_TUN_ID: ++ case MFF_TUN_SRC: ++ case MFF_TUN_DST: ++ case MFF_TUN_IPV6_SRC: ++ case MFF_TUN_IPV6_DST: ++ case MFF_TUN_FLAGS: ++ case MFF_TUN_TTL: ++ case MFF_TUN_TOS: ++ case MFF_TUN_GBP_ID: ++ case MFF_TUN_GBP_FLAGS: ++ case MFF_TUN_ERSPAN_IDX: ++ case MFF_TUN_ERSPAN_VER: ++ case MFF_TUN_ERSPAN_HWID: ++ case MFF_TUN_GTPU_FLAGS: ++ case MFF_TUN_GTPU_MSGTYPE: ++ case MFF_ETH_SRC: ++ case MFF_ETH_DST: ++ case MFF_ETH_TYPE: ++ case MFF_VLAN_TCI: ++ case MFF_DL_VLAN: ++ case MFF_VLAN_VID: ++ case MFF_DL_VLAN_PCP: ++ case MFF_VLAN_PCP: ++ case MFF_MPLS_LABEL: ++ case MFF_MPLS_TC: ++ case MFF_MPLS_BOS: ++ case MFF_MPLS_TTL: ++ case MFF_IPV4_SRC: ++ case MFF_IPV4_DST: ++ case MFF_IPV6_SRC: ++ case MFF_IPV6_DST: ++ case MFF_IPV6_LABEL: ++ case MFF_IP_PROTO: ++ case MFF_IP_DSCP: ++ case MFF_IP_DSCP_SHIFTED: ++ case MFF_IP_ECN: ++ case MFF_IP_TTL: ++ case MFF_IP_FRAG: ++ case MFF_ARP_OP: ++ case MFF_ARP_SPA: ++ case MFF_ARP_TPA: ++ case MFF_ARP_SHA: ++ case MFF_ARP_THA: ++ case MFF_TCP_SRC: ++ case MFF_TCP_DST: ++ case MFF_TCP_FLAGS: ++ case MFF_UDP_SRC: ++ case MFF_UDP_DST: ++ case MFF_SCTP_SRC: ++ case MFF_SCTP_DST: ++ case MFF_ICMPV4_TYPE: ++ case MFF_ICMPV4_CODE: ++ case MFF_ICMPV6_TYPE: ++ case MFF_ICMPV6_CODE: ++ case MFF_ND_TARGET: ++ case MFF_ND_SLL: ++ case MFF_ND_TLL: ++ case MFF_ND_RESERVED: ++ case MFF_ND_OPTIONS_TYPE: ++ case MFF_NSH_FLAGS: ++ case MFF_NSH_MDTYPE: ++ case MFF_NSH_NP: ++ case MFF_NSH_SPI: ++ case MFF_NSH_SI: ++ case MFF_NSH_C1: ++ case MFF_NSH_C2: ++ case MFF_NSH_C3: ++ case MFF_NSH_C4: ++ case MFF_NSH_TTL: ++ return false; ++ ++ case MFF_N_IDS: ++ default: ++ OVS_NOT_REACHED(); ++ } ++} ++ + bool + mf_is_frozen_metadata(const struct mf_field *mf) + { +@@ -2543,7 +2652,8 @@ mf_set(const struct mf_field *mf, + break; + + case MFF_IP_FRAG: +- match_set_nw_frag_masked(match, value->u8, mask->u8); ++ match_set_nw_frag_masked(match, value->u8, ++ mask->u8 & FLOW_NW_FRAG_MASK); + break; + + case MFF_ARP_SPA: +@@ -3676,3 +3786,28 @@ mf_bitmap_not(struct mf_bitmap x) bitmap_not(x.bm, MFF_N_IDS); return x; } @@ -7121,10 +7240,10 @@ index 0a615bb664..b6f8bda3e6 100644 /* Install new log file. */ diff --git a/ofproto/bond.c b/ofproto/bond.c -index cfdf44f854..0858de3746 100644 +index cfdf44f854..45a36fabb9 100644 --- a/ofproto/bond.c +++ b/ofproto/bond.c -@@ -186,7 +186,7 @@ static struct bond_member *choose_output_member(const struct bond *, +@@ -186,13 +186,14 @@ static struct bond_member *choose_output_member(const struct bond *, struct flow_wildcards *, uint16_t vlan) OVS_REQ_RDLOCK(rwlock); @@ -7133,7 +7252,14 @@ index cfdf44f854..0858de3746 100644 static bool bond_may_recirc(const struct bond *); static void bond_update_post_recirc_rules__(struct bond *, bool force) OVS_REQ_WRLOCK(rwlock); -@@ -246,7 +246,7 @@ bond_create(const struct bond_settings *s, struct ofproto_dpif *ofproto) + static bool bond_is_falling_back_to_ab(const struct bond *); + static void bond_add_lb_output_buckets(const struct bond *); + static void bond_del_lb_output_buckets(const struct bond *); ++static bool bond_is_balanced(const struct bond *bond) OVS_REQ_RDLOCK(rwlock); + + + /* Attempts to parse 's' as the name of a bond balancing mode. If successful, +@@ -246,7 +247,7 @@ bond_create(const struct bond_settings *s, struct ofproto_dpif *ofproto) ovs_refcount_init(&bond->ref_cnt); hmap_init(&bond->pr_rule_ops); @@ -7142,7 +7268,7 @@ index cfdf44f854..0858de3746 100644 bond->active_member_changed = false; bond->primary = NULL; -@@ -299,7 +299,10 @@ bond_unref(struct bond *bond) +@@ -299,7 +300,10 @@ bond_unref(struct bond *bond) } free(bond->hash); bond->hash = NULL; @@ -7154,7 +7280,7 @@ index cfdf44f854..0858de3746 100644 hmap_destroy(&bond->pr_rule_ops); free(bond->primary); -@@ -331,17 +334,8 @@ add_pr_rule(struct bond *bond, const struct match *match, +@@ -331,17 +335,8 @@ add_pr_rule(struct bond *bond, const struct match *match, hmap_insert(&bond->pr_rule_ops, &pr_op->hmap_node, hash); } @@ -7173,7 +7299,7 @@ index cfdf44f854..0858de3746 100644 { struct match match; struct bond_pr_rule_op *pr_op; -@@ -407,6 +401,15 @@ update_recirc_rules__(struct bond *bond) +@@ -407,6 +402,15 @@ update_recirc_rules__(struct bond *bond) VLOG_ERR("failed to remove post recirculation flow %s", err_s); free(err_s); @@ -7189,7 +7315,7 @@ index cfdf44f854..0858de3746 100644 } hmap_remove(&bond->pr_rule_ops, &pr_op->hmap_node); -@@ -421,12 +424,6 @@ update_recirc_rules__(struct bond *bond) +@@ -421,12 +425,6 @@ update_recirc_rules__(struct bond *bond) ofpbuf_uninit(&ofpacts); } @@ -7202,6 +7328,41 @@ index cfdf44f854..0858de3746 100644 /* Updates 'bond''s overall configuration to 's'. * +@@ -552,6 +550,7 @@ bond_find_member_by_mac(const struct bond *bond, const struct eth_addr mac) + + static void + bond_active_member_changed(struct bond *bond) ++ OVS_REQ_WRLOCK(rwlock) + { + if (bond->active_member) { + struct eth_addr mac; +@@ -561,6 +560,9 @@ bond_active_member_changed(struct bond *bond) + bond->active_member_mac = eth_addr_zero; + } + bond->active_member_changed = true; ++ if (!bond_is_balanced(bond)) { ++ bond->bond_revalidate = true; ++ } + seq_change(connectivity_seq_get()); + } + +@@ -1124,7 +1126,7 @@ bond_get_recirc_id_and_hash_basis(struct bond *bond, uint32_t *recirc_id, + /* Rebalancing. */ + + static bool +-bond_is_balanced(const struct bond *bond) OVS_REQ_RDLOCK(rwlock) ++bond_is_balanced(const struct bond *bond) + { + return bond->rebalance_interval + && (bond->balance == BM_SLB || bond->balance == BM_TCP) +@@ -1728,7 +1730,6 @@ bond_unixctl_set_active_member(struct unixctl_conn *conn, + } + + if (bond->active_member != member) { +- bond->bond_revalidate = true; + bond->active_member = member; + VLOG_INFO("bond %s: active member is now %s", + bond->name, member->name); diff --git a/ofproto/connmgr.c b/ofproto/connmgr.c index 7b14cae773..f7f7b12799 100644 --- a/ofproto/connmgr.c @@ -8017,7 +8178,7 @@ index 9224ee2e6d..2e1fcb3a6f 100644 static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); VLOG_WARN_RL(&rl, "xcache LEARN action execution failed."); diff --git a/ofproto/ofproto-dpif-xlate.c b/ofproto/ofproto-dpif-xlate.c -index a9cf3cbee0..73dd5d1910 100644 +index a9cf3cbee0..f27ce24afd 100644 --- a/ofproto/ofproto-dpif-xlate.c +++ b/ofproto/ofproto-dpif-xlate.c @@ -66,6 +66,7 @@ @@ -8700,7 +8861,7 @@ index a9cf3cbee0..73dd5d1910 100644 + + set_field = ofpact_get_SET_FIELD(a); + mf = set_field->field; -+ if (mf_are_prereqs_ok(mf, flow, NULL) && !mf_is_tun_metadata(mf)) { ++ if (mf_are_prereqs_ok(mf, flow, NULL) && !mf_is_any_metadata(mf)) { + ctx->mirrors = 0; + } + return; @@ -12231,10 +12392,60 @@ index 14aa554169..6a07e23c64 100644 + AT_CLEANUP diff --git a/tests/ofproto-dpif.at b/tests/ofproto-dpif.at -index fa6111c1ed..4fef5dd2aa 100644 +index fa6111c1ed..d8d686d9b4 100644 --- a/tests/ofproto-dpif.at +++ b/tests/ofproto-dpif.at -@@ -547,6 +547,23 @@ ovs-appctl time/warp 1000 100 +@@ -351,6 +351,49 @@ recirc_id(0),in_port(4),packet_type(ns=0,id=0),eth(src=50:54:00:00:00:0b,dst=ff: + OVS_VSWITCHD_STOP + AT_CLEANUP + ++AT_SETUP([ofproto-dpif - active-backup bonding set primary]) ++ ++OVS_VSWITCHD_START( ++ [add-bond br0 bond0 p1 p2 bond_mode=active-backup \ ++ other_config:bond-primary=p1 -- \ ++ set bridge br0 other-config:hwaddr=aa:66:aa:66:aa:00 -- \ ++ set interface p1 type=dummy options:pstream=punix:$OVS_RUNDIR/p1.sock ofport_request=1 -- \ ++ set interface p2 type=dummy options:pstream=punix:$OVS_RUNDIR/p2.sock ofport_request=2 -- \ ++ add-port br0 p7 -- set interface p7 ofport_request=7 type=dummy -- \ ++ add-br br1 -- \ ++ set bridge br1 other-config:hwaddr=aa:66:aa:66:00:00 -- \ ++ set bridge br1 datapath-type=dummy -- \ ++ add-bond br1 bond1 p3 p4 bond_mode=active-backup \ ++ other_config:bond-primary=p3 -- \ ++ set interface p3 type=dummy options:stream=unix:$OVS_RUNDIR/p1.sock ofport_request=3 -- \ ++ set interface p4 type=dummy options:stream=unix:$OVS_RUNDIR/p2.sock ofport_request=4 -- \ ++ add-port br1 p8 -- set interface p8 ofport_request=8 type=dummy]) ++ ++WAIT_FOR_DUMMY_PORTS([p3], [p4]) ++ ++AT_CHECK([ovs-ofctl add-flow br0 action=normal]) ++AT_CHECK([ovs-ofctl add-flow br1 action=normal]) ++ ++dnl Create datapath flow with bidirectional traffic. ++AT_CHECK([ovs-appctl netdev-dummy/receive p8 'in_port(8),eth(src=50:54:00:00:00:0a,dst=50:54:00:00:00:09),eth_type(0x0800),ipv4(src=10.0.0.1,dst=10.0.0.2,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0)']) ++AT_CHECK([ovs-appctl netdev-dummy/receive p7 'in_port(7),eth(src=50:54:00:00:00:09,dst=50:54:00:00:00:0a),eth_type(0x0800),ipv4(src=10.0.0.2,dst=10.0.0.1,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0)']) ++AT_CHECK([ovs-appctl netdev-dummy/receive p8 'in_port(8),eth(src=50:54:00:00:00:0a,dst=50:54:00:00:00:09),eth_type(0x0800),ipv4(src=10.0.0.1,dst=10.0.0.2,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0)']) ++AT_CHECK([ovs-appctl netdev-dummy/receive p7 'in_port(7),eth(src=50:54:00:00:00:09,dst=50:54:00:00:00:0a),eth_type(0x0800),ipv4(src=10.0.0.2,dst=10.0.0.1,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0)']) ++ ++dnl Set p2 and p4 as primary. ++AT_CHECK([ovs-vsctl set port bond0 other_config:bond-primary=p2 -- \ ++ set port bond1 other_config:bond-primary=p4]) ++ ++OVS_WAIT_UNTIL([ovs-appctl bond/show | grep -q 'active-backup primary: p4']) ++ ++AT_CHECK([ovs-appctl revalidator/wait]) ++ ++AT_CHECK([ovs-appctl dpctl/dump-flows --names | grep -q "actions:p[[13]]"], [1]) ++AT_CHECK([ovs-appctl dpctl/dump-flows --names | grep -q "actions:p[[24]]"], [0]) ++ ++OVS_VSWITCHD_STOP ++AT_CLEANUP ++ + AT_SETUP([ofproto-dpif - balance-slb bonding]) + # Create br0 with members bond0(p1, p2, p3) and p7, + # and br1 with members p4, p5, p6 and p8. +@@ -547,6 +590,23 @@ ovs-appctl time/warp 1000 100 ovs-appctl bond/show > bond3.txt AT_CHECK([sed -n '/member p2/,/^$/p' bond3.txt | grep 'hash'], [0], [ignore]) @@ -12258,7 +12469,7 @@ index fa6111c1ed..4fef5dd2aa 100644 OVS_VSWITCHD_STOP() AT_CLEANUP -@@ -740,6 +757,73 @@ Datapath actions: drop +@@ -740,6 +800,73 @@ Datapath actions: drop OVS_VSWITCHD_STOP() AT_CLEANUP @@ -12332,7 +12543,7 @@ index fa6111c1ed..4fef5dd2aa 100644 AT_SETUP([bond - allow duplicated frames]) dnl Receiving of duplicated multicast frames should be allowed with 'all_members_active'. OVS_VSWITCHD_START([dnl -@@ -849,7 +933,7 @@ table=2 ip actions=set_field:192.168.3.91->ip_src,output(11) +@@ -849,7 +976,7 @@ table=2 ip actions=set_field:192.168.3.91->ip_src,output(11) AT_CHECK([ovs-ofctl -O OpenFlow12 add-flows br0 flows.txt]) AT_CHECK([ovs-appctl ofproto/trace br0 'in_port=1,dl_src=50:54:00:00:00:05,dl_dst=50:54:00:00:00:07,dl_type=0x0800,nw_src=192.168.0.1,nw_dst=192.168.0.2,nw_proto=1,nw_tos=0,nw_ttl=128,nw_frag=no,icmp_type=8,icmp_code=0'], [0], [stdout]) AT_CHECK([tail -2 stdout], [0], @@ -12341,7 +12552,7 @@ index fa6111c1ed..4fef5dd2aa 100644 Datapath actions: 10,set(ipv4(src=192.168.3.91)),11,set(ipv4(src=192.168.3.90)),13 ]) OVS_VSWITCHD_STOP -@@ -912,7 +996,7 @@ AT_CHECK([ovs-appctl ofproto/trace br0 'in_port=1,dl_src=50:54:00:00:00:05,dl_ds +@@ -912,7 +1039,7 @@ AT_CHECK([ovs-appctl ofproto/trace br0 'in_port=1,dl_src=50:54:00:00:00:05,dl_ds # Must match on the source address to be able to restore it's value for # the second bucket AT_CHECK([tail -2 stdout], [0], @@ -12350,7 +12561,7 @@ index fa6111c1ed..4fef5dd2aa 100644 Datapath actions: set(ipv4(src=192.168.3.90)),10,set(ipv4(src=192.168.0.1)),11 ]) OVS_VSWITCHD_STOP -@@ -930,6 +1014,28 @@ AT_CHECK([tail -1 stdout], [0], +@@ -930,6 +1057,28 @@ AT_CHECK([tail -1 stdout], [0], OVS_VSWITCHD_STOP AT_CLEANUP @@ -12379,7 +12590,7 @@ index fa6111c1ed..4fef5dd2aa 100644 AT_SETUP([ofproto-dpif - group actions have no effect afterwards]) OVS_VSWITCHD_START add_of_ports br0 1 10 -@@ -944,7 +1050,7 @@ done +@@ -944,7 +1093,7 @@ done AT_CHECK([ovs-appctl dpctl/dump-flows | sed 's/dp_hash(.*\/0xf)/dp_hash(0xXXXX\/0xf)/' | sed 's/packets.*actions:/actions:/' | strip_ufid | strip_used | sort], [0], [dnl flow-dump from the main thread: recirc_id(0),in_port(1),packet_type(ns=0,id=0),eth_type(0x0800),ipv4(frag=no), actions:hash(sym_l4(0)),recirc(0x1) @@ -12388,7 +12599,7 @@ index fa6111c1ed..4fef5dd2aa 100644 ]) OVS_VSWITCHD_STOP -@@ -959,7 +1065,7 @@ AT_CHECK([ovs-appctl ofproto/trace br0 'in_port=1,dl_src=50:54:00:00:00:05,dl_ds +@@ -959,7 +1108,7 @@ AT_CHECK([ovs-appctl ofproto/trace br0 'in_port=1,dl_src=50:54:00:00:00:05,dl_ds # Must match on the source address to be able to restore it's value for # the third bucket AT_CHECK([tail -2 stdout], [0], @@ -12397,7 +12608,7 @@ index fa6111c1ed..4fef5dd2aa 100644 Datapath actions: set(ipv4(src=192.168.3.90)),10,set(ipv4(src=192.168.0.1)),11 ]) OVS_VSWITCHD_STOP -@@ -1132,6 +1238,60 @@ bucket3 >= 500 +@@ -1132,6 +1281,60 @@ bucket3 >= 500 OVS_VSWITCHD_STOP AT_CLEANUP @@ -12458,7 +12669,7 @@ index fa6111c1ed..4fef5dd2aa 100644 AT_SETUP([ofproto-dpif - select group with explicit dp_hash selection method]) OVS_VSWITCHD_START -@@ -1536,17 +1696,17 @@ AT_CHECK([ovs-ofctl add-flows br0 flows.txt]) +@@ -1536,17 +1739,17 @@ AT_CHECK([ovs-ofctl add-flows br0 flows.txt]) AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(1),eth(src=50:54:00:00:00:05,dst=50:54:00:00:00:07),eth_type(0x0800),ipv4(src=192.168.0.1,dst=192.168.0.2,proto=111,tos=0,ttl=2,frag=no)' -generate], [0], [stdout]) AT_CHECK([tail -4 stdout], [0], [ Final flow: ip,in_port=1,vlan_tci=0x0000,dl_src=50:54:00:00:00:05,dl_dst=50:54:00:00:00:07,nw_src=192.168.0.1,nw_dst=192.168.0.2,nw_proto=111,nw_tos=0,nw_ecn=0,nw_ttl=1,nw_frag=no @@ -12479,7 +12690,7 @@ index fa6111c1ed..4fef5dd2aa 100644 Datapath actions: set(ipv6(hlimit=127)),2,set(ipv6(hlimit=126)),3,4 ]) -@@ -1656,7 +1816,7 @@ AT_CHECK([ovs-vsctl -- \ +@@ -1656,7 +1859,7 @@ AT_CHECK([ovs-vsctl -- \ --id=@q2 create Queue dscp=2], [0], [ignore]) AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(9),eth(src=50:54:00:00:00:05,dst=50:54:00:00:00:07),eth_type(0x0800),ipv4(src=1.1.1.1,dst=2.2.2.2,proto=1,tos=0xff,ttl=128,frag=no),icmp(type=8,code=0)'], [0], [stdout]) AT_CHECK([tail -2 stdout], [0], @@ -12488,7 +12699,41 @@ index fa6111c1ed..4fef5dd2aa 100644 Datapath actions: dnl 100,dnl set(ipv4(tos=0x4/0xfc)),set(skb_priority(0x1)),1,dnl -@@ -5349,7 +5509,7 @@ AT_CHECK([ovs-ofctl add-flows br0 flows.txt]) +@@ -5242,6 +5445,33 @@ AT_CHECK_UNQUOTED([tail -1 stdout], [0], + OVS_VSWITCHD_STOP + AT_CLEANUP + ++AT_SETUP([ofproto-dpif - mirroring, metadata modification]) ++AT_KEYWORDS([mirror mirrors mirroring]) ++OVS_VSWITCHD_START ++add_of_ports br0 1 2 3 ++AT_CHECK([ovs-vsctl set Bridge br0 mirrors=@m -- \ ++ --id=@p3 get Port p3 -- \ ++ --id=@m create Mirror name=mymirror select_all=true output_port=@p3], ++ [0], [ignore]) ++ ++AT_DATA([flows.txt], [dnl ++in_port=1 actions=load:0x00->NXM_OF_IN_PORT[[]],output:2 ++]) ++AT_CHECK([ovs-ofctl add-flows br0 flows.txt]) ++ ++dnl Metadata modified, duplicate packet shouldn't be delivered to mirror. ++m4_define([ICMP_FLOW], [m4_join([,], ++ [in_port(1),eth(src=50:54:00:00:00:05,dst=50:54:00:00:00:07),eth_type(0x0800)], ++ [ipv4(src=192.168.0.1,dst=192.168.0.2,proto=1,tos=0,ttl=128,frag=no)], ++ [icmp(type=8,code=0)])]) ++AT_CHECK([ovs-appctl ofproto/trace ovs-dummy "ICMP_FLOW"], [0], [stdout]) ++AT_CHECK_UNQUOTED([tail -1 stdout], [0], ++ [Datapath actions: 3,2 ++]) ++ ++OVS_VSWITCHD_STOP ++AT_CLEANUP ++ + AT_SETUP([ofproto-dpif - mirroring, OFPP_NONE ingress port]) + AT_KEYWORDS([mirror mirrors mirroring]) + OVS_VSWITCHD_START +@@ -5349,7 +5579,7 @@ AT_CHECK([ovs-ofctl add-flows br0 flows.txt]) flow="in_port(1),eth(src=50:54:00:00:00:05,dst=50:54:00:00:00:07),eth_type(0x0800),ipv4(src=192.168.0.1,dst=192.168.0.2,proto=1,tos=0,ttl=128,frag=no),icmp(type=8,code=0)" AT_CHECK([ovs-appctl ofproto/trace ovs-dummy "$flow"], [0], [stdout]) AT_CHECK_UNQUOTED([tail -1 stdout], [0], @@ -12497,7 +12742,7 @@ index fa6111c1ed..4fef5dd2aa 100644 ]) flow="in_port(2),eth(src=50:54:00:00:00:05,dst=50:54:00:00:00:07),eth_type(0x0800),ipv4(src=192.168.0.1,dst=192.168.0.2,proto=1,tos=0,ttl=128,frag=no),icmp(type=8,code=0)" -@@ -5388,7 +5548,7 @@ flow="in_port(2),eth(src=50:54:00:00:00:05,dst=50:54:00:00:00:07),eth_type(0x080 +@@ -5388,7 +5618,7 @@ flow="in_port(2),eth(src=50:54:00:00:00:05,dst=50:54:00:00:00:07),eth_type(0x080 AT_CHECK([ovs-appctl ofproto/trace ovs-dummy "$flow"], [0], [stdout]) actual=`tail -1 stdout | sed 's/Datapath actions: //'` @@ -12506,7 +12751,7 @@ index fa6111c1ed..4fef5dd2aa 100644 AT_CHECK([ovs-dpctl normalize-actions "$flow" "$expected"], [0], [stdout]) mv stdout expout AT_CHECK([ovs-dpctl normalize-actions "$flow" "$actual"], [0], [expout]) -@@ -5656,7 +5816,7 @@ AT_CHECK([ovs-ofctl add-flows br0 flows.txt]) +@@ -5656,7 +5886,7 @@ AT_CHECK([ovs-ofctl add-flows br0 flows.txt]) flow="in_port(1),eth(src=50:54:00:00:00:05,dst=50:54:00:00:00:07),eth_type(0x0800),ipv4(src=192.168.0.1,dst=192.168.0.2,proto=1,tos=0,ttl=128,frag=no),icmp(type=8,code=0)" AT_CHECK([ovs-appctl ofproto/trace ovs-dummy "$flow"], [0], [stdout]) AT_CHECK_UNQUOTED([tail -1 stdout], [0], @@ -12515,7 +12760,7 @@ index fa6111c1ed..4fef5dd2aa 100644 ]) flow="in_port(2),eth(src=50:54:00:00:00:05,dst=50:54:00:00:00:07),eth_type(0x0800),ipv4(src=192.168.0.1,dst=192.168.0.2,proto=1,tos=0,ttl=128,frag=no),icmp(type=8,code=0)" -@@ -5854,6 +6014,40 @@ OVS_WAIT_UNTIL([check_flows], [ovs-ofctl dump-flows br0]) +@@ -5854,6 +6084,40 @@ OVS_WAIT_UNTIL([check_flows], [ovs-ofctl dump-flows br0]) OVS_VSWITCHD_STOP AT_CLEANUP @@ -12556,7 +12801,7 @@ index fa6111c1ed..4fef5dd2aa 100644 AT_SETUP([ofproto-dpif - debug_slow action]) OVS_VSWITCHD_START add_of_ports br0 1 2 3 -@@ -6144,6 +6338,57 @@ AT_CHECK([test 1 = `$PYTHON3 "$top_srcdir/utilities/ovs-pcap.in" p2-tx.pcap | wc +@@ -6144,6 +6408,57 @@ AT_CHECK([test 1 = `$PYTHON3 "$top_srcdir/utilities/ovs-pcap.in" p2-tx.pcap | wc OVS_VSWITCHD_STOP AT_CLEANUP @@ -12614,7 +12859,7 @@ index fa6111c1ed..4fef5dd2aa 100644 AT_SETUP([ofproto-dpif - continuation with patch port]) AT_KEYWORDS([continuations pause resume]) OVS_VSWITCHD_START( -@@ -7619,12 +7864,14 @@ dummy@ovs-dummy: hit:0 missed:0 +@@ -7619,12 +7934,14 @@ dummy@ovs-dummy: hit:0 missed:0 vm1 5/3: (dummy: ifindex=2011) ]) @@ -12632,7 +12877,7 @@ index fa6111c1ed..4fef5dd2aa 100644 dnl Prime ARP Cache for 1.1.2.92 AT_CHECK([ovs-appctl netdev-dummy/receive p0 'recirc_id(0),in_port(1),eth(src=f8:bc:12:44:34:b6,dst=ff:ff:ff:ff:ff:ff),eth_type(0x0806),arp(sip=1.1.2.92,tip=1.1.2.88,op=2,sha=f8:bc:12:44:34:b6,tha=00:00:00:00:00:00)']) -@@ -7635,10 +7882,13 @@ ovs-vsctl \ +@@ -7635,10 +7952,13 @@ ovs-vsctl \ --id=@sf create sflow targets=\"127.0.0.1:$SFLOW_PORT\" agent=127.0.0.1 \ header=128 sampling=1 polling=0 @@ -12648,7 +12893,7 @@ index fa6111c1ed..4fef5dd2aa 100644 ]) dnl add rule for int-br to force packet onto tunnel. There is no ifindex -@@ -11884,7 +12134,7 @@ ovs-ofctl dump-flows br0 +@@ -11884,7 +12204,7 @@ ovs-ofctl dump-flows br0 AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(1),eth(src=50:54:00:00:00:09,dst=50:54:00:00:00:0a),eth_type(0x0800),ipv4(src=10.10.10.2,dst=10.10.10.1,proto=1,tos=1,ttl=128,frag=no),icmp(type=8,code=0)'], [0], [stdout]) AT_CHECK([tail -3 stdout], [0], [dnl @@ -12657,7 +12902,7 @@ index fa6111c1ed..4fef5dd2aa 100644 Datapath actions: drop Translation failed (Recursion too deep), packet is dropped. ]) -@@ -11985,3 +12235,48 @@ AT_CHECK([test 1 = `ovs-ofctl parse-pcap p2-tx.pcap | wc -l`]) +@@ -11985,3 +12305,48 @@ AT_CHECK([test 1 = `ovs-ofctl parse-pcap p2-tx.pcap | wc -l`]) OVS_VSWITCHD_STOP AT_CLEANUP @@ -12962,6 +13207,62 @@ index a666bebcac..2889f81fb1 100644 +OVS_WAIT_UNTIL([grep "idle 6 seconds, sending inactivity probe" ovs-vswitchd.log]) +OVS_VSWITCHD_STOP(["/br0<->unix:testcontroller: connection failed/d"]) +AT_CLEANUP +diff --git a/tests/ovs-ofctl.at b/tests/ovs-ofctl.at +index 8531b2e2eb..9599ab7530 100644 +--- a/tests/ovs-ofctl.at ++++ b/tests/ovs-ofctl.at +@@ -3086,6 +3086,51 @@ AT_CHECK([ovs-ofctl -O OpenFlow14 dump-flows br0 | ofctl_strip | sed '/OFPST_FLO + OVS_VSWITCHD_STOP + AT_CLEANUP + ++AT_SETUP([ovs-ofctl replace-flows with fragments]) ++OVS_VSWITCHD_START ++ ++AT_DATA([frag_flows.txt], [dnl ++ ip,nw_frag=first actions=drop ++ ip,nw_frag=later actions=drop ++ ip,nw_frag=no actions=NORMAL ++ ip,nw_frag=not_later actions=NORMAL ++ ip,nw_frag=yes actions=LOCAL ++]) ++AT_DATA([replace_flows.txt], [dnl ++ ip,nw_frag=first actions=NORMAL ++ ip,nw_frag=later actions=LOCAL ++ ip,nw_frag=no actions=drop ++ ip,nw_frag=not_later actions=drop ++ ip,nw_frag=yes actions=drop ++]) ++ ++AT_CHECK([ovs-ofctl -O OpenFlow13 add-flows br0 frag_flows.txt]) ++on_exit 'ovs-ofctl -O OpenFlow13 dump-flows br0' ++ ++dnl Check that flow replacement works. ++AT_CHECK([ovs-ofctl -vvconn:console:dbg -O OpenFlow13 \ ++ replace-flows br0 replace_flows.txt 2>&1 | grep FLOW_MOD \ ++ | sed 's/.*\(OFPT_FLOW_MOD.*\)/\1/' | strip_xids | sort], [0], [dnl ++OFPT_FLOW_MOD (OF1.3): ADD ip,nw_frag=first actions=NORMAL ++OFPT_FLOW_MOD (OF1.3): ADD ip,nw_frag=later actions=LOCAL ++OFPT_FLOW_MOD (OF1.3): ADD ip,nw_frag=no actions=drop ++OFPT_FLOW_MOD (OF1.3): ADD ip,nw_frag=not_later actions=drop ++OFPT_FLOW_MOD (OF1.3): ADD ip,nw_frag=yes actions=drop ++]) ++ ++dnl Check that replacement to the same set doesn't cause flow modifications. ++AT_CHECK([ovs-ofctl -vvconn:console:dbg -O OpenFlow13 \ ++ replace-flows br0 replace_flows.txt 2>&1 | grep FLOW_MOD \ ++ | sed 's/.*\(OFPT_FLOW_MOD.*\)/\1/' | strip_xids | sort], [0], []) ++ ++dnl Compare the flow dump against the expected set. ++cat replace_flows.txt > expout ++AT_CHECK([ovs-ofctl -O OpenFlow13 dump-flows br0 \ ++ | ofctl_strip | sed '/OFPST_FLOW/d' | sort], [0], [expout]) ++ ++OVS_VSWITCHD_STOP ++AT_CLEANUP ++ + AT_SETUP([ovs-ofctl replace-flows with --bundle]) + OVS_VSWITCHD_START + diff --git a/tests/ovs-vsctl.at b/tests/ovs-vsctl.at index a92156f001..a368bff6ed 100644 --- a/tests/ovs-vsctl.at diff --git a/SPECS/openvswitch3.1.spec b/SPECS/openvswitch3.1.spec index 9d993dc..9baedac 100644 --- a/SPECS/openvswitch3.1.spec +++ b/SPECS/openvswitch3.1.spec @@ -57,7 +57,7 @@ Summary: Open vSwitch Group: System Environment/Daemons daemon/database/utilities URL: http://www.openvswitch.org/ Version: 3.1.0 -Release: 135%{?dist} +Release: 136%{?dist} # Nearly all of openvswitch is ASL 2.0. The bugtool is LGPLv2+, and the # lib/sflow*.[ch] files are SISSL @@ -756,6 +756,15 @@ exit 0 %endif %changelog +* Wed Oct 30 2024 Open vSwitch CI - 3.1.0-136 +- Merging upstream branch-3.1 [RH git: bbf4413d0c] + Commit list: + 95766972bf meta-flow: Fix nw_frag mask while parsing from string. + 7d3e133ffe github: Remove ASLR entropy workaround. + 77eb3e4241 bond: Always revalidate unbalanced bonds when active member changes. (FDP-845) + 44fc7ea932 ofproto-dpif-upcall: Fix redundant mirror on metadata modification. (FDP-699) + + * Fri Oct 25 2024 Open vSwitch CI - 3.1.0-135 - Merging dpdk subtree [RH git: 80da586a0a] Commit list: