diff --git a/SOURCES/openvswitch-2.13.0.patch b/SOURCES/openvswitch-2.13.0.patch
index c3c2f53..f1512c0 100644
--- a/SOURCES/openvswitch-2.13.0.patch
+++ b/SOURCES/openvswitch-2.13.0.patch
@@ -81215,6 +81215,122 @@ index 37e3703245..41ef886194 100755
error, unixctl_server = ovs.unixctl.server.UnixctlServer.create(None)
if error:
+diff --git a/lib/bfd.c b/lib/bfd.c
+index cc8c6857af..a8e9b9ebb1 100644
+--- a/lib/bfd.c
++++ b/lib/bfd.c
+@@ -131,16 +131,17 @@ enum diag {
+ * | Required Min Echo RX Interval |
+ * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ */
+ struct msg {
+- uint8_t vers_diag; /* Version and diagnostic. */
+- uint8_t flags; /* 2bit State field followed by flags. */
+- uint8_t mult; /* Fault detection multiplier. */
+- uint8_t length; /* Length of this BFD message. */
+- ovs_be32 my_disc; /* My discriminator. */
+- ovs_be32 your_disc; /* Your discriminator. */
+- ovs_be32 min_tx; /* Desired minimum tx interval. */
+- ovs_be32 min_rx; /* Required minimum rx interval. */
+- ovs_be32 min_rx_echo; /* Required minimum echo rx interval. */
++ uint8_t vers_diag; /* Version and diagnostic. */
++ uint8_t flags; /* 2bit State field followed by flags. */
++ uint8_t mult; /* Fault detection multiplier. */
++ uint8_t length; /* Length of this BFD message. */
++ ovs_16aligned_be32 my_disc; /* My discriminator. */
++ ovs_16aligned_be32 your_disc; /* Your discriminator. */
++ ovs_16aligned_be32 min_tx; /* Desired minimum tx interval. */
++ ovs_16aligned_be32 min_rx; /* Required minimum rx interval. */
++ ovs_16aligned_be32 min_rx_echo; /* Required minimum echo rx interval. */
+ };
++
+ BUILD_ASSERT_DECL(BFD_PACKET_LEN == sizeof(struct msg));
+
+ #define DIAG_MASK 0x1f
+@@ -631,9 +632,9 @@ bfd_put_packet(struct bfd *bfd, struct dp_packet *p,
+
+ msg->mult = bfd->mult;
+ msg->length = BFD_PACKET_LEN;
+- msg->my_disc = htonl(bfd->disc);
+- msg->your_disc = htonl(bfd->rmt_disc);
+- msg->min_rx_echo = htonl(0);
++ put_16aligned_be32(&msg->my_disc, htonl(bfd->disc));
++ put_16aligned_be32(&msg->your_disc, htonl(bfd->rmt_disc));
++ put_16aligned_be32(&msg->min_rx_echo, htonl(0));
+
+ if (bfd_in_poll(bfd)) {
+ min_tx = bfd->poll_min_tx;
+@@ -643,8 +644,8 @@ bfd_put_packet(struct bfd *bfd, struct dp_packet *p,
+ min_rx = bfd->min_rx;
+ }
+
+- msg->min_tx = htonl(min_tx * 1000);
+- msg->min_rx = htonl(min_rx * 1000);
++ put_16aligned_be32(&msg->min_tx, htonl(min_tx * 1000));
++ put_16aligned_be32(&msg->min_rx, htonl(min_rx * 1000));
+
+ bfd->flags &= ~FLAG_FINAL;
+ *oam = bfd->oam;
+@@ -771,12 +772,12 @@ bfd_process_packet(struct bfd *bfd, const struct flow *flow,
+ goto out;
+ }
+
+- if (!msg->my_disc) {
++ if (!get_16aligned_be32(&msg->my_disc)) {
+ log_msg(VLL_WARN, msg, "NULL my_disc", bfd);
+ goto out;
+ }
+
+- pkt_your_disc = ntohl(msg->your_disc);
++ pkt_your_disc = ntohl(get_16aligned_be32(&msg->your_disc));
+ if (pkt_your_disc) {
+ /* Technically, we should use the your discriminator field to figure
+ * out which 'struct bfd' this packet is destined towards. That way a
+@@ -796,7 +797,7 @@ bfd_process_packet(struct bfd *bfd, const struct flow *flow,
+ bfd_status_changed(bfd);
+ }
+
+- bfd->rmt_disc = ntohl(msg->my_disc);
++ bfd->rmt_disc = ntohl(get_16aligned_be32(&msg->my_disc));
+ bfd->rmt_state = rmt_state;
+ bfd->rmt_flags = flags;
+ bfd->rmt_diag = msg->vers_diag & DIAG_MASK;
+@@ -824,7 +825,7 @@ bfd_process_packet(struct bfd *bfd, const struct flow *flow,
+ bfd->rmt_mult = msg->mult;
+ }
+
+- rmt_min_rx = MAX(ntohl(msg->min_rx) / 1000, 1);
++ rmt_min_rx = MAX(ntohl(get_16aligned_be32(&msg->min_rx)) / 1000, 1);
+ if (bfd->rmt_min_rx != rmt_min_rx) {
+ bfd->rmt_min_rx = rmt_min_rx;
+ if (bfd->next_tx) {
+@@ -833,7 +834,7 @@ bfd_process_packet(struct bfd *bfd, const struct flow *flow,
+ log_msg(VLL_INFO, msg, "New remote min_rx", bfd);
+ }
+
+- bfd->rmt_min_tx = MAX(ntohl(msg->min_tx) / 1000, 1);
++ bfd->rmt_min_tx = MAX(ntohl(get_16aligned_be32(&msg->min_tx)) / 1000, 1);
+ bfd->detect_time = bfd_rx_interval(bfd) * bfd->rmt_mult + time_msec();
+
+ if (bfd->state == STATE_ADMIN_DOWN) {
+@@ -1095,10 +1096,14 @@ log_msg(enum vlog_level level, const struct msg *p, const char *message,
+ bfd_diag_str(p->vers_diag & DIAG_MASK),
+ bfd_state_str(p->flags & STATE_MASK),
+ p->mult, p->length, bfd_flag_str(p->flags & FLAGS_MASK),
+- ntohl(p->my_disc), ntohl(p->your_disc),
+- ntohl(p->min_tx), ntohl(p->min_tx) / 1000,
+- ntohl(p->min_rx), ntohl(p->min_rx) / 1000,
+- ntohl(p->min_rx_echo), ntohl(p->min_rx_echo) / 1000);
++ ntohl(get_16aligned_be32(&p->my_disc)),
++ ntohl(get_16aligned_be32(&p->your_disc)),
++ ntohl(get_16aligned_be32(&p->min_tx)),
++ ntohl(get_16aligned_be32(&p->min_tx)) / 1000,
++ ntohl(get_16aligned_be32(&p->min_rx)),
++ ntohl(get_16aligned_be32(&p->min_rx)) / 1000,
++ ntohl(get_16aligned_be32(&p->min_rx_echo)),
++ ntohl(get_16aligned_be32(&p->min_rx_echo)) / 1000);
+ bfd_put_details(&ds, bfd);
+ VLOG(level, "%s", ds_cstr(&ds));
+ ds_destroy(&ds);
diff --git a/lib/classifier.c b/lib/classifier.c
index 0fad953213..2a1d155dad 100644
--- a/lib/classifier.c
@@ -81635,6 +81751,19 @@ index 7e48630f0e..4e2874c22e 100644
}
} else if (retval < 0) {
VLOG_FATAL("waitpid failed (%s)", ovs_strerror(errno));
+diff --git a/lib/dp-packet.c b/lib/dp-packet.c
+index cd2623500e..1e3b0ec609 100644
+--- a/lib/dp-packet.c
++++ b/lib/dp-packet.c
+@@ -296,7 +296,7 @@ dp_packet_resize(struct dp_packet *b, size_t new_headroom, size_t new_tailroom)
+ void
+ dp_packet_prealloc_tailroom(struct dp_packet *b, size_t size)
+ {
+- if (size > dp_packet_tailroom(b)) {
++ if ((size && !dp_packet_base(b)) || (size > dp_packet_tailroom(b))) {
+ dp_packet_resize(b, dp_packet_headroom(b), MAX(size, 64));
+ }
+ }
diff --git a/lib/dp-packet.h b/lib/dp-packet.h
index 9f8991faad..4c14951d6a 100644
--- a/lib/dp-packet.h
@@ -83066,7 +83195,7 @@ index a44114e8dc..d75d66b863 100644
#endif /* jsonrpc.h */
diff --git a/lib/lldp/lldp.c b/lib/lldp/lldp.c
-index 74f747fcdc..18afbab9a7 100644
+index 74f747fcdc..dfeb2a8002 100644
--- a/lib/lldp/lldp.c
+++ b/lib/lldp/lldp.c
@@ -59,7 +59,7 @@ VLOG_DEFINE_THIS_MODULE(lldp);
@@ -83078,7 +83207,18 @@ index 74f747fcdc..18afbab9a7 100644
#define PEEK_CMP(value, bytes) \
(length -= (bytes), \
pos += (bytes), \
-@@ -341,6 +341,12 @@ lldp_send(struct lldpd *global OVS_UNUSED,
+@@ -146,7 +146,9 @@ static void
+ lldp_tlv_end(struct dp_packet *p, unsigned int start)
+ {
+ ovs_be16 *tlv = dp_packet_at_assert(p, start, 2);
+- *tlv |= htons((dp_packet_size(p) - (start + 2)) & 0x1ff);
++ put_unaligned_be16(tlv,
++ get_unaligned_be16(tlv)
++ | htons((dp_packet_size(p) - (start + 2)) & 0x1ff));
+ }
+
+ int
+@@ -341,6 +343,12 @@ lldp_send(struct lldpd *global OVS_UNUSED,
return dp_packet_size(p);
}
@@ -83091,7 +83231,7 @@ index 74f747fcdc..18afbab9a7 100644
int
lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s,
-@@ -359,7 +365,7 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s,
+@@ -359,7 +367,7 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s,
int length, af;
bool gotend = false;
bool ttl_received = false;
@@ -83100,7 +83240,7 @@ index 74f747fcdc..18afbab9a7 100644
u_int8_t *pos, *tlv;
void *b;
struct lldpd_aa_isid_vlan_maps_tlv *isid_vlan_map = NULL;
-@@ -411,6 +417,31 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s,
+@@ -411,6 +419,31 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s,
hardware->h_ifname);
goto malformed;
}
@@ -83132,7 +83272,7 @@ index 74f747fcdc..18afbab9a7 100644
switch (tlv_type) {
case LLDP_TLV_END:
-@@ -428,7 +459,8 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s,
+@@ -428,7 +461,8 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s,
case LLDP_TLV_CHASSIS_ID:
case LLDP_TLV_PORT_ID:
@@ -83142,7 +83282,7 @@ index 74f747fcdc..18afbab9a7 100644
tlv_subtype = PEEK_UINT8;
if (tlv_subtype == 0 || tlv_subtype > 7) {
VLOG_WARN("unknown subtype for tlv id received on %s",
-@@ -438,10 +470,22 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s,
+@@ -438,10 +472,22 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s,
b = xzalloc(tlv_size - 1);
PEEK_BYTES(b, tlv_size - 1);
if (tlv_type == LLDP_TLV_PORT_ID) {
@@ -83165,7 +83305,7 @@ index 74f747fcdc..18afbab9a7 100644
chassis->c_id_subtype = tlv_subtype;
chassis->c_id = b;
chassis->c_id_len = tlv_size - 1;
-@@ -449,6 +493,11 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s,
+@@ -449,6 +495,11 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s,
break;
case LLDP_TLV_TTL:
@@ -83177,7 +83317,7 @@ index 74f747fcdc..18afbab9a7 100644
CHECK_TLV_SIZE(2, "TTL");
chassis->c_ttl = PEEK_UINT16;
ttl_received = true;
-@@ -464,10 +513,13 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s,
+@@ -464,10 +515,13 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s,
b = xzalloc(tlv_size + 1);
PEEK_BYTES(b, tlv_size);
if (tlv_type == LLDP_TLV_PORT_DESCR) {
@@ -83191,7 +83331,7 @@ index 74f747fcdc..18afbab9a7 100644
chassis->c_descr = b;
}
break;
-@@ -481,6 +533,11 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s,
+@@ -481,6 +535,11 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s,
case LLDP_TLV_MGMT_ADDR:
CHECK_TLV_SIZE(1, "Management address");
addr_str_length = PEEK_UINT8;
@@ -83203,7 +83343,7 @@ index 74f747fcdc..18afbab9a7 100644
CHECK_TLV_SIZE(1 + addr_str_length, "Management address");
PEEK_BYTES(addr_str_buffer, addr_str_length);
addr_length = addr_str_length - 1;
-@@ -505,7 +562,7 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s,
+@@ -505,7 +564,7 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s,
break;
case LLDP_TLV_ORG:
@@ -83212,7 +83352,7 @@ index 74f747fcdc..18afbab9a7 100644
PEEK_BYTES(orgid, sizeof orgid);
tlv_subtype = PEEK_UINT8;
if (memcmp(dot1, orgid, sizeof orgid) == 0) {
-@@ -625,6 +682,7 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s,
+@@ -625,6 +684,7 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s,
VLOG_WARN("unknown tlv (%d) received on %s",
tlv_type,
hardware->h_ifname);
@@ -86019,6 +86159,81 @@ index eda265dfc5..a635ff7689 100644
#define SHA1_FMT \
"%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x" \
+diff --git a/lib/stopwatch.c b/lib/stopwatch.c
+index f5602163bc..1c71df1a12 100644
+--- a/lib/stopwatch.c
++++ b/lib/stopwatch.c
+@@ -114,7 +114,6 @@ static void
+ calc_percentile(unsigned long long n_samples, struct percentile *pctl,
+ unsigned long long new_sample)
+ {
+-
+ if (n_samples < P_SQUARE_MIN) {
+ pctl->samples[n_samples - 1] = new_sample;
+ }
+@@ -228,13 +227,12 @@ add_sample(struct stopwatch *sw, unsigned long long new_sample)
+ sw->min = new_sample;
+ }
+
+- calc_percentile(sw->n_samples, &sw->pctl, new_sample);
+-
+ if (sw->n_samples++ == 0) {
+ sw->short_term.average = sw->long_term.average = new_sample;
+ return;
+ }
+
++ calc_percentile(sw->n_samples, &sw->pctl, new_sample);
+ calc_average(&sw->short_term, new_sample);
+ calc_average(&sw->long_term, new_sample);
+ }
+diff --git a/lib/stp.c b/lib/stp.c
+index 809b405a52..a869b5f390 100644
+--- a/lib/stp.c
++++ b/lib/stp.c
+@@ -737,7 +737,7 @@ void
+ stp_received_bpdu(struct stp_port *p, const void *bpdu, size_t bpdu_size)
+ {
+ struct stp *stp = p->stp;
+- const struct stp_bpdu_header *header;
++ struct stp_bpdu_header header;
+
+ ovs_mutex_lock(&mutex);
+ if (p->state == STP_DISABLED) {
+@@ -750,19 +750,19 @@ stp_received_bpdu(struct stp_port *p, const void *bpdu, size_t bpdu_size)
+ goto out;
+ }
+
+- header = bpdu;
+- if (header->protocol_id != htons(STP_PROTOCOL_ID)) {
++ memcpy(&header, bpdu, sizeof header);
++ if (header.protocol_id != htons(STP_PROTOCOL_ID)) {
+ VLOG_WARN("%s: received BPDU with unexpected protocol ID %"PRIu16,
+- stp->name, ntohs(header->protocol_id));
++ stp->name, ntohs(header.protocol_id));
+ p->error_count++;
+ goto out;
+ }
+- if (header->protocol_version != STP_PROTOCOL_VERSION) {
++ if (header.protocol_version != STP_PROTOCOL_VERSION) {
+ VLOG_DBG("%s: received BPDU with unexpected protocol version %"PRIu8,
+- stp->name, header->protocol_version);
++ stp->name, header.protocol_version);
+ }
+
+- switch (header->bpdu_type) {
++ switch (header.bpdu_type) {
+ case STP_TYPE_CONFIG:
+ if (bpdu_size < sizeof(struct stp_config_bpdu)) {
+ VLOG_WARN("%s: received config BPDU with invalid size %"PRIuSIZE,
+@@ -785,7 +785,7 @@ stp_received_bpdu(struct stp_port *p, const void *bpdu, size_t bpdu_size)
+
+ default:
+ VLOG_WARN("%s: received BPDU of unexpected type %"PRIu8,
+- stp->name, header->bpdu_type);
++ stp->name, header.bpdu_type);
+ p->error_count++;
+ goto out;
+ }
diff --git a/lib/tc.c b/lib/tc.c
index 12af0192b6..e224642fb8 100644
--- a/lib/tc.c
@@ -87507,7 +87722,7 @@ index 406c293114..10d0c0c134 100755
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
diff --git a/ovsdb/ovsdb-idlc.in b/ovsdb/ovsdb-idlc.in
-index c285ee4b3c..9bec653421 100755
+index c285ee4b3c..cdfc6838e7 100755
--- a/ovsdb/ovsdb-idlc.in
+++ b/ovsdb/ovsdb-idlc.in
@@ -1,6 +1,5 @@
@@ -87557,6 +87772,15 @@ index c285ee4b3c..9bec653421 100755
bool %(s)s_is_updated(const struct %(s)s *, enum %(s)s_column_id);
''' % {'s': structName, 'S': structName.upper()})
+@@ -1257,7 +1272,7 @@ struct ovsdb_idl_cursor
+ struct ovsdb_idl_index *index, const struct %(s)s *target)
+ {
+ ovs_assert(index->table->class_ == &%(p)stable_%(tl)s);
+- return ovsdb_idl_cursor_first_ge(index, &target->header_);
++ return ovsdb_idl_cursor_first_ge(index, target ? &target->header_ : NULL);
+ }
+
+ struct %(s)s *
diff --git a/ovsdb/ovsdb-server.1.in b/ovsdb/ovsdb-server.1.in
index 338f3bc299..b8bd1c2d57 100644
--- a/ovsdb/ovsdb-server.1.in
diff --git a/SPECS/openvswitch2.13.spec b/SPECS/openvswitch2.13.spec
index 3075032..e8cb3f1 100644
--- a/SPECS/openvswitch2.13.spec
+++ b/SPECS/openvswitch2.13.spec
@@ -59,7 +59,7 @@ Summary: Open vSwitch
Group: System Environment/Daemons daemon/database/utilities
URL: http://www.openvswitch.org/
Version: 2.13.0
-Release: 158%{?commit0:.%{date}git%{shortcommit0}}%{?commit1:dpdk%{shortcommit1}}%{?dist}
+Release: 159%{?commit0:.%{date}git%{shortcommit0}}%{?commit1:dpdk%{shortcommit1}}%{?dist}
# Nearly all of openvswitch is ASL 2.0. The bugtool is LGPLv2+, and the
# lib/sflow*.[ch] files are SISSL
@@ -715,6 +715,15 @@ exit 0
%endif
%changelog
+* Tue Feb 15 2022 Open vSwitch CI <ovs-ci@redhat.com> - 2.13.0-159
+- Merging upstream branch-2.13 [RH git: df7530e646]
+ Commit list:
+ 0f46251323 dp-packet: Ensure packet base is always non-NULL.
+ e02a4c1028 bfd: lldp: stp: Fix misaligned packet field access.
+ 5eb8f56e22 ovsdb-idlc: Avoid accessing member within NULL idl index cursors.
+ 80263672ad stopwatch: Fix buffer underflow when computing percentiles.
+
+
* Wed Feb 09 2022 Open vSwitch CI <ovs-ci@redhat.com> - 2.13.0-158
- Merging upstream branch-2.13 [RH git: fe171fdd17]
Commit list: