diff --git a/SOURCES/openvswitch-2.15.0.patch b/SOURCES/openvswitch-2.15.0.patch index 48e9f6b..a33b00a 100644 --- a/SOURCES/openvswitch-2.15.0.patch +++ b/SOURCES/openvswitch-2.15.0.patch @@ -19377,6 +19377,122 @@ index 64111768b3..41ef886194 100755 def unixctl_xfrm_policies(conn, unused_argv, unused_aux): global xfrm policies = xfrm.get_policies() +diff --git a/lib/bfd.c b/lib/bfd.c +index 3c965699ac..9698576d07 100644 +--- a/lib/bfd.c ++++ b/lib/bfd.c +@@ -131,16 +131,17 @@ enum diag { + * | Required Min Echo RX Interval | + * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ */ + struct msg { +- uint8_t vers_diag; /* Version and diagnostic. */ +- uint8_t flags; /* 2bit State field followed by flags. */ +- uint8_t mult; /* Fault detection multiplier. */ +- uint8_t length; /* Length of this BFD message. */ +- ovs_be32 my_disc; /* My discriminator. */ +- ovs_be32 your_disc; /* Your discriminator. */ +- ovs_be32 min_tx; /* Desired minimum tx interval. */ +- ovs_be32 min_rx; /* Required minimum rx interval. */ +- ovs_be32 min_rx_echo; /* Required minimum echo rx interval. */ ++ uint8_t vers_diag; /* Version and diagnostic. */ ++ uint8_t flags; /* 2bit State field followed by flags. */ ++ uint8_t mult; /* Fault detection multiplier. */ ++ uint8_t length; /* Length of this BFD message. */ ++ ovs_16aligned_be32 my_disc; /* My discriminator. */ ++ ovs_16aligned_be32 your_disc; /* Your discriminator. */ ++ ovs_16aligned_be32 min_tx; /* Desired minimum tx interval. */ ++ ovs_16aligned_be32 min_rx; /* Required minimum rx interval. */ ++ ovs_16aligned_be32 min_rx_echo; /* Required minimum echo rx interval. */ + }; ++ + BUILD_ASSERT_DECL(BFD_PACKET_LEN == sizeof(struct msg)); + + #define DIAG_MASK 0x1f +@@ -634,9 +635,9 @@ bfd_put_packet(struct bfd *bfd, struct dp_packet *p, + + msg->mult = bfd->mult; + msg->length = BFD_PACKET_LEN; +- msg->my_disc = htonl(bfd->disc); +- msg->your_disc = htonl(bfd->rmt_disc); +- msg->min_rx_echo = htonl(0); ++ put_16aligned_be32(&msg->my_disc, htonl(bfd->disc)); ++ put_16aligned_be32(&msg->your_disc, htonl(bfd->rmt_disc)); ++ put_16aligned_be32(&msg->min_rx_echo, htonl(0)); + + if (bfd_in_poll(bfd)) { + min_tx = bfd->poll_min_tx; +@@ -646,8 +647,8 @@ bfd_put_packet(struct bfd *bfd, struct dp_packet *p, + min_rx = bfd->min_rx; + } + +- msg->min_tx = htonl(min_tx * 1000); +- msg->min_rx = htonl(min_rx * 1000); ++ put_16aligned_be32(&msg->min_tx, htonl(min_tx * 1000)); ++ put_16aligned_be32(&msg->min_rx, htonl(min_rx * 1000)); + + bfd->flags &= ~FLAG_FINAL; + *oam = bfd->oam; +@@ -781,12 +782,12 @@ bfd_process_packet(struct bfd *bfd, const struct flow *flow, + goto out; + } + +- if (!msg->my_disc) { ++ if (!get_16aligned_be32(&msg->my_disc)) { + log_msg(VLL_WARN, msg, "NULL my_disc", bfd); + goto out; + } + +- pkt_your_disc = ntohl(msg->your_disc); ++ pkt_your_disc = ntohl(get_16aligned_be32(&msg->your_disc)); + if (pkt_your_disc) { + /* Technically, we should use the your discriminator field to figure + * out which 'struct bfd' this packet is destined towards. That way a +@@ -806,7 +807,7 @@ bfd_process_packet(struct bfd *bfd, const struct flow *flow, + bfd_status_changed(bfd); + } + +- bfd->rmt_disc = ntohl(msg->my_disc); ++ bfd->rmt_disc = ntohl(get_16aligned_be32(&msg->my_disc)); + bfd->rmt_state = rmt_state; + bfd->rmt_flags = flags; + bfd->rmt_diag = msg->vers_diag & DIAG_MASK; +@@ -834,7 +835,7 @@ bfd_process_packet(struct bfd *bfd, const struct flow *flow, + bfd->rmt_mult = msg->mult; + } + +- rmt_min_rx = MAX(ntohl(msg->min_rx) / 1000, 1); ++ rmt_min_rx = MAX(ntohl(get_16aligned_be32(&msg->min_rx)) / 1000, 1); + if (bfd->rmt_min_rx != rmt_min_rx) { + bfd->rmt_min_rx = rmt_min_rx; + if (bfd->next_tx) { +@@ -843,7 +844,7 @@ bfd_process_packet(struct bfd *bfd, const struct flow *flow, + log_msg(VLL_INFO, msg, "New remote min_rx", bfd); + } + +- bfd->rmt_min_tx = MAX(ntohl(msg->min_tx) / 1000, 1); ++ bfd->rmt_min_tx = MAX(ntohl(get_16aligned_be32(&msg->min_tx)) / 1000, 1); + bfd->detect_time = bfd_rx_interval(bfd) * bfd->rmt_mult + time_msec(); + + if (bfd->state == STATE_ADMIN_DOWN) { +@@ -1105,10 +1106,14 @@ log_msg(enum vlog_level level, const struct msg *p, const char *message, + bfd_diag_str(p->vers_diag & DIAG_MASK), + bfd_state_str(p->flags & STATE_MASK), + p->mult, p->length, bfd_flag_str(p->flags & FLAGS_MASK), +- ntohl(p->my_disc), ntohl(p->your_disc), +- ntohl(p->min_tx), ntohl(p->min_tx) / 1000, +- ntohl(p->min_rx), ntohl(p->min_rx) / 1000, +- ntohl(p->min_rx_echo), ntohl(p->min_rx_echo) / 1000); ++ ntohl(get_16aligned_be32(&p->my_disc)), ++ ntohl(get_16aligned_be32(&p->your_disc)), ++ ntohl(get_16aligned_be32(&p->min_tx)), ++ ntohl(get_16aligned_be32(&p->min_tx)) / 1000, ++ ntohl(get_16aligned_be32(&p->min_rx)), ++ ntohl(get_16aligned_be32(&p->min_rx)) / 1000, ++ ntohl(get_16aligned_be32(&p->min_rx_echo)), ++ ntohl(get_16aligned_be32(&p->min_rx_echo)) / 1000); + bfd_put_details(&ds, bfd); + VLOG(level, "%s", ds_cstr(&ds)); + ds_destroy(&ds); diff --git a/lib/conntrack.c b/lib/conntrack.c index feaaec1c3f..15d1cde79d 100644 --- a/lib/conntrack.c @@ -19540,6 +19656,19 @@ index ae59ecf2c2..34d45b82a1 100644 } } else if (retval < 0) { VLOG_FATAL("waitpid failed (%s)", ovs_strerror(errno)); +diff --git a/lib/dp-packet.c b/lib/dp-packet.c +index 72f6d09ac7..35c72542a2 100644 +--- a/lib/dp-packet.c ++++ b/lib/dp-packet.c +@@ -294,7 +294,7 @@ dp_packet_resize(struct dp_packet *b, size_t new_headroom, size_t new_tailroom) + void + dp_packet_prealloc_tailroom(struct dp_packet *b, size_t size) + { +- if (size > dp_packet_tailroom(b)) { ++ if ((size && !dp_packet_base(b)) || (size > dp_packet_tailroom(b))) { + dp_packet_resize(b, dp_packet_headroom(b), MAX(size, 64)); + } + } diff --git a/lib/dp-packet.h b/lib/dp-packet.h index 9e2d06b3dd..4e02425f7c 100644 --- a/lib/dp-packet.h @@ -20516,6 +20645,21 @@ index d75d66b863..ba096dd0c8 100644 void jsonrpc_session_set_max_backoff(struct jsonrpc_session *, int max_backoff); +diff --git a/lib/lldp/lldp.c b/lib/lldp/lldp.c +index 18afbab9a7..dfeb2a8002 100644 +--- a/lib/lldp/lldp.c ++++ b/lib/lldp/lldp.c +@@ -146,7 +146,9 @@ static void + lldp_tlv_end(struct dp_packet *p, unsigned int start) + { + ovs_be16 *tlv = dp_packet_at_assert(p, start, 2); +- *tlv |= htons((dp_packet_size(p) - (start + 2)) & 0x1ff); ++ put_unaligned_be16(tlv, ++ get_unaligned_be16(tlv) ++ | htons((dp_packet_size(p) - (start + 2)) & 0x1ff)); + } + + int diff --git a/lib/meta-flow.c b/lib/meta-flow.c index c808d205d5..e03cd8d0c5 100644 --- a/lib/meta-flow.c @@ -21697,6 +21841,81 @@ index f0cac8e0fa..7f5561f827 100644 return NULL; } +diff --git a/lib/stopwatch.c b/lib/stopwatch.c +index f5602163bc..1c71df1a12 100644 +--- a/lib/stopwatch.c ++++ b/lib/stopwatch.c +@@ -114,7 +114,6 @@ static void + calc_percentile(unsigned long long n_samples, struct percentile *pctl, + unsigned long long new_sample) + { +- + if (n_samples < P_SQUARE_MIN) { + pctl->samples[n_samples - 1] = new_sample; + } +@@ -228,13 +227,12 @@ add_sample(struct stopwatch *sw, unsigned long long new_sample) + sw->min = new_sample; + } + +- calc_percentile(sw->n_samples, &sw->pctl, new_sample); +- + if (sw->n_samples++ == 0) { + sw->short_term.average = sw->long_term.average = new_sample; + return; + } + ++ calc_percentile(sw->n_samples, &sw->pctl, new_sample); + calc_average(&sw->short_term, new_sample); + calc_average(&sw->long_term, new_sample); + } +diff --git a/lib/stp.c b/lib/stp.c +index 809b405a52..a869b5f390 100644 +--- a/lib/stp.c ++++ b/lib/stp.c +@@ -737,7 +737,7 @@ void + stp_received_bpdu(struct stp_port *p, const void *bpdu, size_t bpdu_size) + { + struct stp *stp = p->stp; +- const struct stp_bpdu_header *header; ++ struct stp_bpdu_header header; + + ovs_mutex_lock(&mutex); + if (p->state == STP_DISABLED) { +@@ -750,19 +750,19 @@ stp_received_bpdu(struct stp_port *p, const void *bpdu, size_t bpdu_size) + goto out; + } + +- header = bpdu; +- if (header->protocol_id != htons(STP_PROTOCOL_ID)) { ++ memcpy(&header, bpdu, sizeof header); ++ if (header.protocol_id != htons(STP_PROTOCOL_ID)) { + VLOG_WARN("%s: received BPDU with unexpected protocol ID %"PRIu16, +- stp->name, ntohs(header->protocol_id)); ++ stp->name, ntohs(header.protocol_id)); + p->error_count++; + goto out; + } +- if (header->protocol_version != STP_PROTOCOL_VERSION) { ++ if (header.protocol_version != STP_PROTOCOL_VERSION) { + VLOG_DBG("%s: received BPDU with unexpected protocol version %"PRIu8, +- stp->name, header->protocol_version); ++ stp->name, header.protocol_version); + } + +- switch (header->bpdu_type) { ++ switch (header.bpdu_type) { + case STP_TYPE_CONFIG: + if (bpdu_size < sizeof(struct stp_config_bpdu)) { + VLOG_WARN("%s: received config BPDU with invalid size %"PRIuSIZE, +@@ -785,7 +785,7 @@ stp_received_bpdu(struct stp_port *p, const void *bpdu, size_t bpdu_size) + + default: + VLOG_WARN("%s: received BPDU of unexpected type %"PRIu8, +- stp->name, header->bpdu_type); ++ stp->name, header.bpdu_type); + p->error_count++; + goto out; + } diff --git a/lib/tc.c b/lib/tc.c index 3192207984..d88198a138 100644 --- a/lib/tc.c @@ -22946,7 +23165,7 @@ index 72756eb1f2..ba28e36d78 100644 struct ovsdb_schema *schema2 = fetch_schema(rpc, schema1->name); diff --git a/ovsdb/ovsdb-idlc.in b/ovsdb/ovsdb-idlc.in -index 5914e08789..61cded16d3 100755 +index 5914e08789..20c5f6399f 100755 --- a/ovsdb/ovsdb-idlc.in +++ b/ovsdb/ovsdb-idlc.in @@ -1,6 +1,5 @@ @@ -22956,6 +23175,15 @@ index 5914e08789..61cded16d3 100755 import getopt import os import re +@@ -1273,7 +1272,7 @@ struct ovsdb_idl_cursor + struct ovsdb_idl_index *index, const struct %(s)s *target) + { + ovs_assert(index->table->class_ == &%(p)stable_%(tl)s); +- return ovsdb_idl_cursor_first_ge(index, &target->header_); ++ return ovsdb_idl_cursor_first_ge(index, target ? &target->header_ : NULL); + } + + struct %(s)s * diff --git a/ovsdb/ovsdb-server.c b/ovsdb/ovsdb-server.c index 29a2bace84..ce6aee3008 100644 --- a/ovsdb/ovsdb-server.c diff --git a/SPECS/openvswitch2.15.spec b/SPECS/openvswitch2.15.spec index 47f4645..d45fec8 100644 --- a/SPECS/openvswitch2.15.spec +++ b/SPECS/openvswitch2.15.spec @@ -57,7 +57,7 @@ Summary: Open vSwitch Group: System Environment/Daemons daemon/database/utilities URL: http://www.openvswitch.org/ Version: 2.15.0 -Release: 72%{?dist} +Release: 73%{?dist} # Nearly all of openvswitch is ASL 2.0. The bugtool is LGPLv2+, and the # lib/sflow*.[ch] files are SISSL @@ -702,6 +702,15 @@ exit 0 %endif %changelog +* Tue Feb 15 2022 Open vSwitch CI - 2.15.0-73 +- Merging upstream branch-2.15 [RH git: 0b62621839] + Commit list: + 7691fbe77b dp-packet: Ensure packet base is always non-NULL. + deb59ba9af bfd: lldp: stp: Fix misaligned packet field access. + 2b2371b3c3 ovsdb-idlc: Avoid accessing member within NULL idl index cursors. + 193c79ca40 stopwatch: Fix buffer underflow when computing percentiles. + + * Wed Feb 09 2022 Open vSwitch CI - 2.15.0-72 - Merging upstream branch-2.15 [RH git: e478bef7a4] Commit list: