diff --git a/.openvswitch.metadata b/.openvswitch.metadata new file mode 100644 index 0000000..09a0382 --- /dev/null +++ b/.openvswitch.metadata @@ -0,0 +1,5 @@ +002450621b33c5690060345b0aac25bc2426d675 SOURCES/docutils-0.12.tar.gz +4ca001612922213b757483df9c37db23abece049 SOURCES/openvswitch-2.11.3.tar.gz +d34f96421a86004aa5d26ecf975edefd09f948b1 SOURCES/Pygments-1.4.tar.gz +6beb30f18ffac3de7689b7fd63e9a8a7d9c8df3a SOURCES/Sphinx-1.1.3.tar.gz +82672c04aee8a4a0415d3fca7b8445233315ddef SOURCES/dpdk-18.11.7.tar.xz diff --git a/SOURCES/openvswitch-2.11.3.patch b/SOURCES/openvswitch-2.11.3.patch index d637ff7..ad2b9db 100644 --- a/SOURCES/openvswitch-2.11.3.patch +++ b/SOURCES/openvswitch-2.11.3.patch @@ -1,5 +1,209 @@ +diff --git a/.ci/linux-build.sh b/.ci/linux-build.sh +new file mode 100755 +index 0000000000..61b73744d5 +--- /dev/null ++++ b/.ci/linux-build.sh +@@ -0,0 +1,131 @@ ++#!/bin/bash ++ ++set -o errexit ++ ++KERNELSRC="" ++CFLAGS="-Werror" ++SPARSE_FLAGS="" ++EXTRA_OPTS="" ++TARGET="x86_64-native-linuxapp-gcc" ++ ++function install_kernel() ++{ ++ if [[ "$1" =~ ^4.* ]]; then ++ PREFIX="v4.x" ++ elif [[ "$1" =~ ^3.* ]]; then ++ PREFIX="v3.x" ++ else ++ PREFIX="v2.6/longterm/v2.6.32" ++ fi ++ ++ wget https://www.kernel.org/pub/linux/kernel/${PREFIX}/linux-${1}.tar.gz ++ tar xzvf linux-${1}.tar.gz > /dev/null ++ cd linux-${1} ++ make allmodconfig ++ ++ # Cannot use CONFIG_KCOV: -fsanitize-coverage=trace-pc is not supported by compiler ++ sed -i 's/CONFIG_KCOV=y/CONFIG_KCOV=n/' .config ++ ++ # stack validation depends on tools/objtool, but objtool does not compile on travis. ++ # It is giving following error. ++ # >>> GEN arch/x86/insn/inat-tables.c ++ # >>> Semantic error at 40: Unknown imm opnd: AL ++ # So for now disable stack-validation for the build. ++ ++ sed -i 's/CONFIG_STACK_VALIDATION=y/CONFIG_STACK_VALIDATION=n/' .config ++ make oldconfig ++ ++ # Older kernels do not include openvswitch ++ if [ -d "net/openvswitch" ]; then ++ make net/openvswitch/ ++ else ++ make net/bridge/ ++ fi ++ ++ KERNELSRC=$(pwd) ++ if [ ! "$DPDK" ] && [ ! "$DPDK_SHARED" ]; then ++ EXTRA_OPTS="--with-linux=$(pwd)" ++ fi ++ echo "Installed kernel source in $(pwd)" ++ cd .. ++} ++ ++function install_dpdk() ++{ ++ if [ -n "$DPDK_GIT" ]; then ++ git clone $DPDK_GIT dpdk-$1 ++ cd dpdk-$1 ++ git checkout tags/v$1 ++ else ++ wget https://fast.dpdk.org/rel/dpdk-$1.tar.xz ++ tar xvf dpdk-$1.tar.xz > /dev/null ++ DIR_NAME=$(tar -tf dpdk-$1.tar.xz | head -1 | cut -f1 -d"/") ++ if [ $DIR_NAME != "dpdk-$1" ]; then mv $DIR_NAME dpdk-$1; fi ++ cd dpdk-$1 ++ fi ++ find ./ -type f | xargs sed -i 's/max-inline-insns-single=100/max-inline-insns-single=400/' ++ find ./ -type f | xargs sed -i 's/-Werror/-Werror -Wno-error=inline/' ++ echo 'CONFIG_RTE_BUILD_FPIC=y' >>config/common_linuxapp ++ sed -ri '/EXECENV_CFLAGS = -pthread -fPIC/{s/$/\nelse ifeq ($(CONFIG_RTE_BUILD_FPIC),y)/;s/$/\nEXECENV_CFLAGS = -pthread -fPIC/}' mk/exec-env/linuxapp/rte.vars.mk ++ if [ "$DPDK_SHARED" ]; then ++ sed -i '/CONFIG_RTE_BUILD_SHARED_LIB=n/s/=n/=y/' config/common_base ++ export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$(pwd)/$TARGET/lib ++ fi ++ make config CC=gcc T=$TARGET ++ make CC=gcc RTE_KERNELDIR=$KERNELSRC ++ echo "Installed DPDK source in $(pwd)" ++ cd .. ++} ++ ++function configure_ovs() ++{ ++ ./boot.sh && ./configure $* ++} ++ ++if [ "$KERNEL" ] || [ "$DPDK" ] || [ "$DPDK_SHARED" ]; then ++ install_kernel $KERNEL ++fi ++ ++if [ "$DPDK" ] || [ "$DPDK_SHARED" ]; then ++ if [ -z "$DPDK_VER" ]; then ++ DPDK_VER="18.11.11" ++ fi ++ install_dpdk $DPDK_VER ++ if [ "$CC" = "clang" ]; then ++ # Disregard cast alignment errors until DPDK is fixed ++ CFLAGS="$CFLAGS -Wno-cast-align" ++ fi ++ EXTRA_OPTS="$EXTRA_OPTS --with-dpdk=./dpdk-$DPDK_VER/build" ++elif [ "$CC" != "clang" ]; then ++ # DPDK headers currently trigger sparse errors ++ SPARSE_FLAGS="$SPARSE_FLAGS -Wsparse-error" ++fi ++ ++configure_ovs $EXTRA_OPTS $* ++ ++make selinux-policy ++ ++# Only build datapath if we are testing kernel w/o running testsuite ++if [ "$KERNEL" ] && [ ! "$TESTSUITE" ] && \ ++ [ ! "$DPDK" ] && [ ! "$DPDK_SHARED" ]; then ++ cd datapath ++fi ++ ++if [ "$CC" = "clang" ]; then ++ make -j2 CFLAGS="$CFLAGS -Wno-error=unused-command-line-argument" ++elif [[ $BUILD_ENV =~ "-m32" ]]; then ++ # Disable sparse for 32bit builds on 64bit machine ++ make -j2 CFLAGS="$CFLAGS $BUILD_ENV" ++else ++ make -j2 CFLAGS="$CFLAGS $BUILD_ENV $SPARSE_FLAGS" C=1 ++fi ++ ++if [ "$TESTSUITE" ] && [ "$CC" != "clang" ]; then ++ if ! make distcheck TESTSUITEFLAGS=-j4 RECHECK=yes; then ++ # testsuite.log is necessary for debugging. ++ cat */_build/tests/testsuite.log ++ exit 1 ++ fi ++fi ++ ++exit 0 +diff --git a/.ci/linux-prepare.sh b/.ci/linux-prepare.sh +new file mode 100755 +index 0000000000..89770c28d9 +--- /dev/null ++++ b/.ci/linux-prepare.sh +@@ -0,0 +1,14 @@ ++#!/bin/bash ++ ++set -ev ++ ++# Build and install sparse. ++# ++# Explicitly disable sparse support for llvm because some travis ++# environments claim to have LLVM (llvm-config exists and works) but ++# linking against it fails. ++git clone git://git.kernel.org/pub/scm/devel/sparse/chrisl/sparse.git ++cd sparse && make HAVE_LLVM= install && cd .. ++ ++pip install --disable-pip-version-check --user six flake8 hacking ++pip install --user --upgrade docutils +diff --git a/.ci/osx-build.sh b/.ci/osx-build.sh +new file mode 100755 +index 0000000000..f11d7b9af5 +--- /dev/null ++++ b/.ci/osx-build.sh +@@ -0,0 +1,28 @@ ++#!/bin/bash ++ ++set -o errexit ++ ++CFLAGS="-Werror $CFLAGS" ++EXTRA_OPTS="" ++ ++function configure_ovs() ++{ ++ ./boot.sh && ./configure $* ++} ++ ++configure_ovs $EXTRA_OPTS $* ++ ++if [ "$CC" = "clang" ]; then ++ make CFLAGS="$CFLAGS -Wno-error=unused-command-line-argument" ++else ++ make CFLAGS="$CFLAGS $BUILD_ENV" ++fi ++if [ "$TESTSUITE" ] && [ "$CC" != "clang" ]; then ++ if ! make distcheck RECHECK=yes; then ++ # testsuite.log is necessary for debugging. ++ cat */_build/tests/testsuite.log ++ exit 1 ++ fi ++fi ++ ++exit 0 +diff --git a/.ci/osx-prepare.sh b/.ci/osx-prepare.sh +new file mode 100755 +index 0000000000..4725fd829d +--- /dev/null ++++ b/.ci/osx-prepare.sh +@@ -0,0 +1,7 @@ ++#!/bin/bash ++set -ev ++pip2 install --user six ++pip2 install --user --upgrade docutils ++ ++brew update || true ++brew uninstall libtool && brew install libtool || true diff --git a/.cirrus.yml b/.cirrus.yml -index eb6af0a719..14d0cbec9f 100644 +index eb6af0a719..1bf81a983a 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -2,21 +2,21 @@ freebsd_build_task: @@ -8,7 +212,7 @@ index eb6af0a719..14d0cbec9f 100644 matrix: - image: freebsd-12-0-release-amd64 - image: freebsd-11-2-release-amd64 -+ image_family: freebsd-12-1-snap ++ image_family: freebsd-12-2-snap + image_family: freebsd-11-4-snap cpu: 4 memory: 8G @@ -28,19 +232,174 @@ index eb6af0a719..14d0cbec9f 100644 - pkg install -y ${DEPENDENCIES} configure_script: -diff --git a/.travis/linux-build.sh b/.travis/linux-build.sh -index de8e76f192..ab0089d554 100755 ---- a/.travis/linux-build.sh -+++ b/.travis/linux-build.sh -@@ -88,7 +88,7 @@ fi - - if [ "$DPDK" ] || [ "$DPDK_SHARED" ]; then - if [ -z "$DPDK_VER" ]; then -- DPDK_VER="18.11.2" -+ DPDK_VER="18.11.9" - fi - install_dpdk $DPDK_VER - if [ "$CC" = "clang" ]; then +diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml +new file mode 100644 +index 0000000000..f7a4ef2b9f +--- /dev/null ++++ b/.github/workflows/build-and-test.yml +@@ -0,0 +1,162 @@ ++name: Build and Test ++ ++on: [push, pull_request] ++ ++jobs: ++ build-linux: ++ env: ++ dependencies: | ++ automake libtool gcc bc libjemalloc1 libjemalloc-dev \ ++ libssl-dev llvm-dev libelf-dev libnuma-dev \ ++ python-sphinx selinux-policy-dev gcc-multilib ++ CC: ${{ matrix.compiler }} ++ DPDK: ${{ matrix.dpdk }} ++ DPDK_SHARED: ${{ matrix.dpdk_shared }} ++ KERNEL: ${{ matrix.kernel }} ++ LIBS: ${{ matrix.libs }} ++ BUILD_ENV: ${{ matrix.build_env }} ++ OPTS: ${{ matrix.opts }} ++ TESTSUITE: ${{ matrix.testsuite }} ++ ++ name: linux ${{ join(matrix.*, ' ') }} ++ runs-on: ubuntu-16.04 ++ timeout-minutes: 30 ++ ++ strategy: ++ fail-fast: false ++ matrix: ++ compiler: [gcc, clang] ++ kernel: ['4.18.20', '4.17.19', '4.16.18', '4.15.18', '4.14.111', ++ '4.9.149', '4.4.148', '3.16.57'] ++ opts: [''] ++ testsuite: [''] ++ dpdk: [''] ++ dpdk_shared: [''] ++ build_env: [''] ++ include: ++ - compiler: gcc ++ opts: --disable-ssl ++ - compiler: clang ++ opts: --disable-ssl ++ ++ - compiler: gcc ++ testsuite: test ++ kernel: 3.16.54 ++ - compiler: clang ++ testsuite: test ++ kernel: 3.16.54 ++ ++ - compiler: gcc ++ testsuite: test ++ opts: --enable-shared ++ - compiler: clang ++ testsuite: test ++ opts: --enable-shared ++ ++ - compiler: gcc ++ testsuite: test ++ libs: -ljemalloc ++ - compiler: clang ++ testsuite: test ++ libs: -ljemalloc ++ ++ - compiler: gcc ++ dpdk: dpdk ++ kernel: 3.16.54 ++ - compiler: clang ++ dpdk: dpdk ++ kernel: 3.16.54 ++ ++ - compiler: gcc ++ dpdk: dpdk ++ kernel: 3.16.54 ++ opts: --enable-shared ++ - compiler: clang ++ dpdk: dpdk ++ kernel: 3.16.54 ++ opts: --enable-shared ++ ++ - compiler: gcc ++ dpdk_shared: dpdk-shared ++ kernel: 3.16.54 ++ - compiler: clang ++ dpdk_shared: dpdk-shared ++ kernel: 3.16.54 ++ ++ - compiler: gcc ++ dpdk_shared: dpdk-shared ++ opts: --enable-shared ++ kernel: 3.16.54 ++ - compiler: clang ++ dpdk_shared: dpdk-shared ++ kernel: 3.16.54 ++ opts: --enable-shared ++ ++ - compiler: gcc ++ build_env: -m32 ++ opts: --disable-ssl ++ ++ steps: ++ - name: checkout ++ uses: actions/checkout@v2 ++ ++ - name: update APT cache ++ run: sudo apt update || true ++ - name: install common dependencies ++ run: sudo apt install -y ${{ env.dependencies }} ++ - name: install libunbound ++ if: matrix.build_env == '' ++ run: sudo apt install -y libunbound-dev ++ ++ - name: prepare ++ run: ./.ci/linux-prepare.sh ++ ++ - name: build ++ run: PATH="$PATH:$HOME/bin" ./.ci/linux-build.sh ${{ env.OPTS }} ++ ++ - name: copy logs on failure ++ if: failure() || cancelled() ++ run: | ++ # upload-artifact@v2 throws exceptions if it tries to upload socket ++ # files and we could have some socket files in testsuite.dir. ++ # Also, upload-artifact@v2 doesn't work well enough with wildcards. ++ # So, we're just archiving everything here to avoid any issues. ++ mkdir logs ++ cp config.log ./logs/ ++ cp -r ./*/_build/sub/tests/testsuite.* ./logs/ || true ++ tar -czvf logs.tgz logs/ ++ ++ - name: upload logs on failure ++ if: failure() || cancelled() ++ uses: actions/upload-artifact@v2 ++ with: ++ name: logs-linux-${{ join(matrix.*, '-') }} ++ path: logs.tgz ++ ++ build-osx: ++ env: ++ CC: clang ++ OPTS: --disable-ssl ++ ++ name: osx clang --disable-ssl ++ runs-on: macos-latest ++ timeout-minutes: 30 ++ ++ strategy: ++ fail-fast: false ++ ++ steps: ++ - name: checkout ++ uses: actions/checkout@v2 ++ - name: install dependencies ++ run: brew install automake libtool ++ - name: prepare ++ run: ./.ci/osx-prepare.sh ++ - name: build ++ run: PATH="$PATH:$HOME/bin" ./.ci/osx-build.sh ++ - name: upload logs on failure ++ if: failure() ++ uses: actions/upload-artifact@v2 ++ with: ++ name: logs-osx-clang---disable-ssl ++ path: config.log diff --git a/AUTHORS.rst b/AUTHORS.rst index f3237e1828..e1e1e5fa36 100644 --- a/AUTHORS.rst @@ -86,7 +445,7 @@ index cb2c6b4eca..ff3b71a5d4 100644 A: First, why do you want to do this? Two connected bridges are not much diff --git a/Documentation/faq/releases.rst b/Documentation/faq/releases.rst -index eeb949d4a6..302da72fcd 100644 +index eeb949d4a6..d6a93b943b 100644 --- a/Documentation/faq/releases.rst +++ b/Documentation/faq/releases.rst @@ -164,9 +164,9 @@ Q: What DPDK version does each Open vSwitch release work with? @@ -111,11 +470,30 @@ index eeb949d4a6..302da72fcd 100644 - ============ ======= + 2.9.x 17.11.10 + 2.10.x 17.11.10 -+ 2.11.x 18.11.9 ++ 2.11.x 18.11.11 + ============ ======== Q: Are all the DPDK releases that OVS versions work with maintained? +diff --git a/Documentation/internals/contributing/submitting-patches.rst b/Documentation/internals/contributing/submitting-patches.rst +index 5a314cc60a..f2039595e7 100644 +--- a/Documentation/internals/contributing/submitting-patches.rst ++++ b/Documentation/internals/contributing/submitting-patches.rst +@@ -68,11 +68,9 @@ Testing is also important: + feature. A bug fix patch should preferably add a test that would + fail if the bug recurs. + +-If you are using GitHub, then you may utilize the travis-ci.org CI build system +-by linking your GitHub repository to it. This will run some of the above tests +-automatically when you push changes to your repository. See the "Continuous +-Integration with Travis-CI" in :doc:`/topics/testing` for details on how to set +-it up. ++If you are using GitHub, then you may utilize the GitHub Actions CI build ++system. It will run some of the above tests automatically when you push ++changes to your repository. + + Email Subject + ------------- diff --git a/Documentation/internals/mailing-lists.rst b/Documentation/internals/mailing-lists.rst index 33f20277be..e8b3440943 100644 --- a/Documentation/internals/mailing-lists.rst @@ -127,7 +505,7 @@ index 33f20277be..e8b3440943 100644 -__ security@ovs.org +__ security@openvswitch.org diff --git a/Documentation/intro/install/dpdk.rst b/Documentation/intro/install/dpdk.rst -index 6e5f1ea60a..f0a7bffce9 100644 +index 6e5f1ea60a..a441715fd4 100644 --- a/Documentation/intro/install/dpdk.rst +++ b/Documentation/intro/install/dpdk.rst @@ -42,7 +42,7 @@ Build requirements @@ -135,7 +513,7 @@ index 6e5f1ea60a..f0a7bffce9 100644 vSwitch with DPDK will require the following: -- DPDK 18.11.2 -+- DPDK 18.11.9 ++- DPDK 18.11.11 - A `DPDK supported NIC`_ @@ -146,9 +524,9 @@ index 6e5f1ea60a..f0a7bffce9 100644 - $ wget http://fast.dpdk.org/rel/dpdk-18.11.2.tar.xz - $ tar xf dpdk-18.11.2.tar.xz - $ export DPDK_DIR=/usr/src/dpdk-stable-18.11.2 -+ $ wget http://fast.dpdk.org/rel/dpdk-18.11.9.tar.xz -+ $ tar xf dpdk-18.11.9.tar.xz -+ $ export DPDK_DIR=/usr/src/dpdk-stable-18.11.9 ++ $ wget http://fast.dpdk.org/rel/dpdk-18.11.11.tar.xz ++ $ tar xf dpdk-18.11.11.tar.xz ++ $ export DPDK_DIR=/usr/src/dpdk-stable-18.11.11 $ cd $DPDK_DIR #. (Optional) Configure DPDK as a shared library @@ -199,7 +577,7 @@ index 93d74df452..9bf6e3112a 100644 ----------------------------------------------- diff --git a/Documentation/topics/dpdk/vhost-user.rst b/Documentation/topics/dpdk/vhost-user.rst -index 33361ec359..3bd2dc608a 100644 +index 33361ec359..adef15a133 100644 --- a/Documentation/topics/dpdk/vhost-user.rst +++ b/Documentation/topics/dpdk/vhost-user.rst @@ -303,6 +303,31 @@ The default value is false. @@ -241,9 +619,9 @@ index 33361ec359..3bd2dc608a 100644 - $ wget http://fast.dpdk.org/rel/dpdk-18.11.2.tar.xz - $ tar xf dpdk-18.11.2.tar.xz - $ export DPDK_DIR=/root/dpdk/dpdk-stable-18.11.2 -+ $ wget http://fast.dpdk.org/rel/dpdk-18.11.9.tar.xz -+ $ tar xf dpdk-18.11.9.tar.xz -+ $ export DPDK_DIR=/root/dpdk/dpdk-stable-18.11.9 ++ $ wget http://fast.dpdk.org/rel/dpdk-18.11.11.tar.xz ++ $ tar xf dpdk-18.11.11.tar.xz ++ $ export DPDK_DIR=/root/dpdk/dpdk-stable-18.11.11 $ export DPDK_TARGET=x86_64-native-linuxapp-gcc $ export DPDK_BUILD=$DPDK_DIR/$DPDK_TARGET $ cd $DPDK_DIR @@ -298,13 +676,112 @@ index 33361ec359..3bd2dc608a 100644 vhost-user Dequeue Zero Copy (experimental) ------------------------------------------- +diff --git a/Documentation/topics/testing.rst b/Documentation/topics/testing.rst +index a8892e1c1c..b74653436d 100644 +--- a/Documentation/topics/testing.rst ++++ b/Documentation/topics/testing.rst +@@ -372,45 +372,17 @@ You should invoke scan-view to view analysis results. The last line of output + from ``clang-analyze`` will list the command (containing results directory) + that you should invoke to view the results on a browser. + +-Continuous Integration with Travis CI +-------------------------------------- ++Continuous Integration with GitHub Actions ++------------------------------------------ + +-A .travis.yml file is provided to automatically build Open vSwitch with various +-build configurations and run the testsuite using Travis CI. Builds will be +-performed with gcc, sparse and clang with the -Werror compiler flag included, +-therefore the build will fail if a new warning has been introduced. ++A ``.github/workflows/*.yml`` files provided to automatically build ++Open vSwitch with various build configurations and run the testsuite using ++GitHub Actions. Builds will be performed with gcc, sparse and clang with the ++-Werror compiler flag included, therefore the build will fail if a new warning ++has been introduced. + + The CI build is triggered via git push (regardless of the specific branch) or +-pull request against any Open vSwitch GitHub repository that is linked to +-travis-ci. +- +-Instructions to setup travis-ci for your GitHub repository: +- +-1. Go to https://travis-ci.org/ and sign in using your GitHub ID. +-2. Go to the "Repositories" tab and enable the ovs repository. You may disable +- builds for pushes or pull requests. +-3. In order to avoid forks sending build failures to the upstream mailing list, +- the notification email recipient is encrypted. If you want to receive email +- notification for build failures, replace the the encrypted string: +- +- 1. Install the travis-ci CLI (Requires ruby >=2.0): gem install travis +- 2. In your Open vSwitch repository: travis encrypt mylist@mydomain.org +- 3. Add/replace the notifications section in .travis.yml and fill in the +- secure string as returned by travis encrypt:: +- +- notifications: +- email: +- recipients: +- - secure: "....." +- +- .. note:: +- You may remove/omit the notifications section to fall back to default +- notification behaviour which is to send an email directly to the author and +- committer of the failing commit. Note that the email is only sent if the +- author/committer have commit rights for the particular GitHub repository. +- +-4. Pushing a commit to the repository which breaks the build or the +- testsuite will now trigger a email sent to mylist@mydomain.org ++pull request against any Open vSwitch GitHub repository. + + vsperf + ------ +diff --git a/Makefile.am b/Makefile.am +index ff1f94b484..4f9f1866c0 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -76,12 +76,12 @@ EXTRA_DIST = \ + MAINTAINERS.rst \ + README.rst \ + NOTICE \ ++ .ci/linux-build.sh \ ++ .ci/linux-prepare.sh \ ++ .ci/osx-build.sh \ ++ .ci/osx-prepare.sh \ + .cirrus.yml \ +- .travis.yml \ +- .travis/linux-build.sh \ +- .travis/linux-prepare.sh \ +- .travis/osx-build.sh \ +- .travis/osx-prepare.sh \ ++ .github/workflows/build-and-test.yml \ + appveyor.yml \ + boot.sh \ + poc/builders/Vagrantfile \ diff --git a/NEWS b/NEWS -index f177d7efc1..b0d3022eb6 100644 +index f177d7efc1..b8510e01ea 100644 --- a/NEWS +++ b/NEWS -@@ -1,3 +1,20 @@ -+v2.11.5 - xx xxx xxxx +@@ -1,3 +1,39 @@ ++v2.11.8 - xx xxx xxxx ++--------------------- ++ ++v2.11.7 - 05 Mar 2021 +--------------------- ++ - Bug fixes ++ - DPDK ++ * OVS validated with DPDK 18.11.11. Due to this being the final release ++ in the DPDK 18.11 series it is recommended to be used. ++ ++v2.11.6 - 10 Feb 2021 ++--------------------- ++ - Bug fixes ++ - Security: ++ * Fixed packet parsing vulnerability CVE-2020-35498. ++ ++v2.11.5 - 13 Jan 2021 ++--------------------- ++ - Bug fixes ++ - LLDP: ++ * Security fixes for CVE-2015-8011 and CVE-2020-27827. + - OVSDB: + * Fixed SHA-1 hash computation for databases larger than 512 MB. + - DPDK: @@ -323,6 +800,21 @@ index f177d7efc1..b0d3022eb6 100644 v2.11.3 - 06 Sep 2019 --------------------- - Fix compilation issue with Ubuntu kernel 4.15.60. +diff --git a/README.rst b/README.rst +index 54d06d04be..37d7685c88 100644 +--- a/README.rst ++++ b/README.rst +@@ -6,8 +6,8 @@ + Open vSwitch + ============ + +-.. image:: https://travis-ci.org/openvswitch/ovs.png +- :target: https://travis-ci.org/openvswitch/ovs ++.. image:: https://github.com/openvswitch/ovs/workflows/Build%20and%20Test/badge.svg ++ :target: https://github.com/openvswitch/ovs/actions + .. image:: https://ci.appveyor.com/api/projects/status/github/openvswitch/ovs?branch=master&svg=true&retina=true + :target: https://ci.appveyor.com/project/blp/ovs/history + diff --git a/acinclude.m4 b/acinclude.m4 index f15b1ff670..71813077c6 100644 --- a/acinclude.m4 @@ -390,8 +882,21 @@ index f15b1ff670..71813077c6 100644 if cmp -s datapath/linux/kcompat.h.new \ datapath/linux/kcompat.h >/dev/null 2>&1; then +diff --git a/build-aux/dist-docs b/build-aux/dist-docs +index 9f6ca7b2cb..85641745ee 100755 +--- a/build-aux/dist-docs ++++ b/build-aux/dist-docs +@@ -43,7 +43,7 @@ rm -rf $distdir + mkdir $distdir + + # Install manpages. +-${MAKE-make} install-man mandir="$abs_distdir"/man ++${MAKE-make} install-man install-man-rst mandir="$abs_distdir"/man + (cd $distdir && mv `find man -type f` . && rm -rf man) + manpages=`cd $distdir && echo *` + diff --git a/configure.ac b/configure.ac -index 45ff8cb07e..deb5e1a083 100644 +index 45ff8cb07e..86fb44d19b 100644 --- a/configure.ac +++ b/configure.ac @@ -13,7 +13,7 @@ @@ -399,7 +904,7 @@ index 45ff8cb07e..deb5e1a083 100644 AC_PREREQ(2.63) -AC_INIT(openvswitch, 2.11.3, bugs@openvswitch.org) -+AC_INIT(openvswitch, 2.11.5, bugs@openvswitch.org) ++AC_INIT(openvswitch, 2.11.8, bugs@openvswitch.org) AC_CONFIG_SRCDIR([datapath/datapath.c]) AC_CONFIG_MACRO_DIR([m4]) AC_CONFIG_AUX_DIR([build-aux]) @@ -585,6 +1090,36 @@ index fd050d5dd8..bc12e1166d 100644 const struct ovs_key_ipv4 *ipAttr); NDIS_STATUS +diff --git a/datapath/conntrack.c b/datapath/conntrack.c +index 83840f9579..974387addb 100644 +--- a/datapath/conntrack.c ++++ b/datapath/conntrack.c +@@ -1895,7 +1895,8 @@ static void ovs_ct_limit_exit(struct net *net, struct ovs_net *ovs_net) + struct hlist_head *head = &info->limits[i]; + struct ovs_ct_limit *ct_limit; + +- hlist_for_each_entry_rcu(ct_limit, head, hlist_node) ++ hlist_for_each_entry_rcu(ct_limit, head, hlist_node, ++ lockdep_ovsl_is_held()) + kfree_rcu(ct_limit, rcu); + } + kfree(ovs_net->ct_limit_info->limits); +diff --git a/datapath/datapath.c b/datapath/datapath.c +index 2febcb3f2a..c645c2b797 100644 +--- a/datapath/datapath.c ++++ b/datapath/datapath.c +@@ -2383,8 +2383,10 @@ static void __net_exit ovs_exit_net(struct net *dnet) + + ovs_netns_frags6_exit(dnet); + ovs_netns_frags_exit(dnet); +- ovs_ct_exit(dnet); + ovs_lock(); ++ ++ ovs_ct_exit(dnet); ++ + list_for_each_entry_safe(dp, dp_next, &ovs_net->dps, list_node) + __dp_destroy(dp); + diff --git a/datapath/linux/compat/include/linux/openvswitch.h b/datapath/linux/compat/include/linux/openvswitch.h index 9b087f1b06..3369c8630d 100644 --- a/datapath/linux/compat/include/linux/openvswitch.h @@ -684,6 +1219,41 @@ index 7c346aa31a..a039142e22 100644 #if !defined this_cpu_read #define this_cpu_read(ptr) percpu_read(ptr) #endif +diff --git a/datapath/linux/compat/include/linux/rculist.h b/datapath/linux/compat/include/linux/rculist.h +index 8df8ad8a27..40fd5e1710 100644 +--- a/datapath/linux/compat/include/linux/rculist.h ++++ b/datapath/linux/compat/include/linux/rculist.h +@@ -9,9 +9,28 @@ + #define hlist_pprev_rcu(node) (*((struct hlist_node __rcu **)((node)->pprev))) + #endif + ++/* ++ * Check during list traversal that we are within an RCU reader ++ */ ++ ++#define check_arg_count_one(dummy) ++ ++#ifdef CONFIG_PROVE_RCU_LIST ++#define __list_check_rcu(dummy, cond, extra...) \ ++ ({ \ ++ check_arg_count_one(extra); \ ++ RCU_LOCKDEP_WARN(!cond && !rcu_read_lock_any_held(), \ ++ "RCU-list traversed in non-reader section!"); \ ++ }) ++#else ++#define __list_check_rcu(dummy, cond, extra...) \ ++ ({ check_arg_count_one(extra); }) ++#endif ++ + #undef hlist_for_each_entry_rcu +-#define hlist_for_each_entry_rcu(pos, head, member) \ +- for (pos = hlist_entry_safe (rcu_dereference_raw(hlist_first_rcu(head)),\ ++#define hlist_for_each_entry_rcu(pos, head, member, cond...) \ ++ for (__list_check_rcu(dummy, ## cond, 0), \ ++ pos = hlist_entry_safe(rcu_dereference_raw(hlist_first_rcu(head)),\ + typeof(*(pos)), member); \ + pos; \ + pos = hlist_entry_safe(rcu_dereference_raw(hlist_next_rcu(\ diff --git a/datapath/linux/compat/include/linux/skbuff.h b/datapath/linux/compat/include/linux/skbuff.h index 4a6ac2384c..9828f811d9 100644 --- a/datapath/linux/compat/include/linux/skbuff.h @@ -759,15 +1329,33 @@ index 9d77d98271..715388d838 100644 { struct inet6_skb_parm h; diff --git a/debian/changelog b/debian/changelog -index d08cfbfd91..851cca9cb6 100644 +index d08cfbfd91..5b1d53da32 100644 --- a/debian/changelog +++ b/debian/changelog -@@ -1,3 +1,15 @@ +@@ -1,3 +1,33 @@ ++openvswitch (2.11.8-1) unstable; urgency=low ++ [ Open vSwitch team ] ++ * New upstream version ++ ++ -- Open vSwitch team Fri, 05 Mar 2021 16:27:47 +0100 ++ ++openvswitch (2.11.7-1) unstable; urgency=low ++ [ Open vSwitch team ] ++ * New upstream version ++ ++ -- Open vSwitch team Fri, 05 Mar 2021 16:27:47 +0100 ++ ++openvswitch (2.11.6-1) unstable; urgency=low ++ [ Open vSwitch team ] ++ * New upstream version ++ ++ -- Open vSwitch team Wed, 10 Feb 2021 16:07:06 +0100 ++ +openvswitch (2.11.5-1) unstable; urgency=low + [ Open vSwitch team ] + * New upstream version + -+ -- Open vSwitch team Thu, 30 Jul 2020 00:25:16 +0200 ++ -- Open vSwitch team Wed, 13 Jan 2021 11:26:35 -0500 + +openvswitch (2.11.4-1) unstable; urgency=low + [ Open vSwitch team ] @@ -14368,6 +14956,22 @@ index a36ab45e7c..0000000000 -#endif - -#endif /* RTE_FLOW_H_ */ +diff --git a/ipsec/ovs-monitor-ipsec.in b/ipsec/ovs-monitor-ipsec.in +index 4710be039a..534a5043fa 100755 +--- a/ipsec/ovs-monitor-ipsec.in ++++ b/ipsec/ovs-monitor-ipsec.in +@@ -617,7 +617,10 @@ conn prevent_unencrypted_vxlan + continue + + conn = m.group(1) +- m = re.match(r"(.*)(-in-\d+|-out-\d+|-\d+)", conn) ++ m = re.match(r"(.*)(-in-\d+|-out-\d+)", conn) ++ if not m: ++ # GRE connections have format - ++ m = re.match(r"(.*)(-\d+)", conn) + if not m: + continue + diff --git a/lib/automake.mk b/lib/automake.mk index b1ff495ff1..49fbb1deaf 100644 --- a/lib/automake.mk @@ -14558,7 +15162,7 @@ index d1bd4aa12a..f646a8f742 100644 enum { diff --git a/lib/conntrack.c b/lib/conntrack.c -index ea9486b735..2d050b627e 100644 +index ea9486b735..07ffc05e57 100644 --- a/lib/conntrack.c +++ b/lib/conntrack.c @@ -640,7 +640,7 @@ static void @@ -14566,7 +15170,7 @@ index ea9486b735..2d050b627e 100644 { char *tail = dp_packet_tail(pkt); - char pad = dp_packet_l2_pad_size(pkt); -+ uint8_t pad = dp_packet_l2_pad_size(pkt); ++ uint16_t pad = dp_packet_l2_pad_size(pkt); struct conn_key inner_key; const char *inner_l4 = NULL; uint16_t orig_l3_ofs = pkt->l3_ofs; @@ -14724,6 +15328,47 @@ index ea9486b735..2d050b627e 100644 ctx->hash = conn_key_hash(&ctx->key, ct->hash_basis); return true; } +diff --git a/lib/dp-packet.h b/lib/dp-packet.h +index c297a8f509..86a8f846ff 100644 +--- a/lib/dp-packet.h ++++ b/lib/dp-packet.h +@@ -65,7 +65,7 @@ struct dp_packet { + + /* All the following elements of this struct are copied in a single call + * of memcpy in dp_packet_clone_with_headroom. */ +- uint8_t l2_pad_size; /* Detected l2 padding size. ++ uint16_t l2_pad_size; /* Detected l2 padding size. + * Padding is non-pullable. */ + uint16_t l2_5_ofs; /* MPLS label stack offset, or UINT16_MAX */ + uint16_t l3_ofs; /* Network-level header offset, +@@ -95,8 +95,8 @@ void *dp_packet_resize_l2(struct dp_packet *, int increment); + void *dp_packet_resize_l2_5(struct dp_packet *, int increment); + static inline void *dp_packet_eth(const struct dp_packet *); + static inline void dp_packet_reset_offsets(struct dp_packet *); +-static inline uint8_t dp_packet_l2_pad_size(const struct dp_packet *); +-static inline void dp_packet_set_l2_pad_size(struct dp_packet *, uint8_t); ++static inline uint16_t dp_packet_l2_pad_size(const struct dp_packet *); ++static inline void dp_packet_set_l2_pad_size(struct dp_packet *, uint16_t); + static inline void *dp_packet_l2_5(const struct dp_packet *); + static inline void dp_packet_set_l2_5(struct dp_packet *, void *); + static inline void *dp_packet_l3(const struct dp_packet *); +@@ -295,14 +295,14 @@ dp_packet_reset_offsets(struct dp_packet *b) + b->l4_ofs = UINT16_MAX; + } + +-static inline uint8_t ++static inline uint16_t + dp_packet_l2_pad_size(const struct dp_packet *b) + { + return b->l2_pad_size; + } + + static inline void +-dp_packet_set_l2_pad_size(struct dp_packet *b, uint8_t pad_size) ++dp_packet_set_l2_pad_size(struct dp_packet *b, uint16_t pad_size) + { + ovs_assert(pad_size <= dp_packet_size(b)); + b->l2_pad_size = pad_size; diff --git a/lib/dpctl.c b/lib/dpctl.c index bea9f87e86..8e37a29b42 100644 --- a/lib/dpctl.c @@ -15050,15 +15695,26 @@ index 475d5a674e..c425042d91 100644 /* Log functions. */ struct vlog_module; diff --git a/lib/flow.c b/lib/flow.c -index 2cf8a020ae..1379efcdf8 100644 +index 2cf8a020ae..4eeb09d426 100644 --- a/lib/flow.c +++ b/lib/flow.c -@@ -685,7 +685,7 @@ ipv6_sanity_check(const struct ovs_16aligned_ip6_hdr *nh, size_t size) +@@ -646,7 +646,7 @@ ipv4_sanity_check(const struct ip_header *nh, size_t size, + + tot_len = ntohs(nh->ip_tot_len); + if (OVS_UNLIKELY(tot_len > size || ip_len > tot_len || +- size - tot_len > UINT8_MAX)) { ++ size - tot_len > UINT16_MAX)) { + return false; + } + +@@ -684,8 +684,8 @@ ipv6_sanity_check(const struct ovs_16aligned_ip6_hdr *nh, size_t size) + if (OVS_UNLIKELY(plen + IPV6_HEADER_LEN > size)) { return false; } - /* Jumbo Payload option not supported yet. */ +- /* Jumbo Payload option not supported yet. */ - if (OVS_UNLIKELY(size - plen > UINT8_MAX)) { -+ if (OVS_UNLIKELY(size - (plen + IPV6_HEADER_LEN) > UINT8_MAX)) { ++ ++ if (OVS_UNLIKELY(size - (plen + IPV6_HEADER_LEN) > UINT16_MAX)) { return false; } @@ -15217,7 +15873,7 @@ index 4c2c1ba84a..c366cf53eb 100644 /* Output. */ diff --git a/lib/lldp/lldp.c b/lib/lldp/lldp.c -index 74f747fcdc..e5755307fb 100644 +index 74f747fcdc..18afbab9a7 100644 --- a/lib/lldp/lldp.c +++ b/lib/lldp/lldp.c @@ -59,7 +59,7 @@ VLOG_DEFINE_THIS_MODULE(lldp); @@ -15328,7 +15984,21 @@ index 74f747fcdc..e5755307fb 100644 CHECK_TLV_SIZE(2, "TTL"); chassis->c_ttl = PEEK_UINT16; ttl_received = true; -@@ -481,6 +530,11 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s, +@@ -464,10 +513,13 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s, + b = xzalloc(tlv_size + 1); + PEEK_BYTES(b, tlv_size); + if (tlv_type == LLDP_TLV_PORT_DESCR) { ++ free(port->p_descr); + port->p_descr = b; + } else if (tlv_type == LLDP_TLV_SYSTEM_NAME) { ++ free(chassis->c_name); + chassis->c_name = b; + } else { ++ free(chassis->c_descr); + chassis->c_descr = b; + } + break; +@@ -481,6 +533,11 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s, case LLDP_TLV_MGMT_ADDR: CHECK_TLV_SIZE(1, "Management address"); addr_str_length = PEEK_UINT8; @@ -15340,7 +16010,7 @@ index 74f747fcdc..e5755307fb 100644 CHECK_TLV_SIZE(1 + addr_str_length, "Management address"); PEEK_BYTES(addr_str_buffer, addr_str_length); addr_length = addr_str_length - 1; -@@ -505,7 +559,7 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s, +@@ -505,7 +562,7 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s, break; case LLDP_TLV_ORG: @@ -15349,7 +16019,7 @@ index 74f747fcdc..e5755307fb 100644 PEEK_BYTES(orgid, sizeof orgid); tlv_subtype = PEEK_UINT8; if (memcmp(dot1, orgid, sizeof orgid) == 0) { -@@ -625,6 +679,7 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s, +@@ -625,6 +682,7 @@ lldp_decode(struct lldpd *cfg OVS_UNUSED, char *frame, int s, VLOG_WARN("unknown tlv (%d) received on %s", tlv_type, hardware->h_ifname); @@ -16826,7 +17496,7 @@ index 3b6890e952..1d33fcbb8d 100644 case OVS_ACTION_ATTR_TUNNEL_PUSH: case OVS_ACTION_ATTR_TUNNEL_POP: diff --git a/lib/odp-util.c b/lib/odp-util.c -index d41c9369f2..311204fa8a 100644 +index d41c9369f2..5b04adf0ed 100644 --- a/lib/odp-util.c +++ b/lib/odp-util.c @@ -131,6 +131,8 @@ odp_action_len(uint16_t type) @@ -16838,7 +17508,17 @@ index d41c9369f2..311204fa8a 100644 case OVS_ACTION_ATTR_UNSPEC: case __OVS_ACTION_ATTR_MAX: -@@ -1042,6 +1044,42 @@ format_odp_set_nsh(struct ds *ds, const struct nlattr *attr) +@@ -378,7 +380,8 @@ format_odp_push_nsh_action(struct ds *ds, + break; + } + default: +- OVS_NOT_REACHED(); ++ ds_put_cstr(ds, ","); ++ break; + } + ds_put_format(ds, ")"); + } +@@ -1042,6 +1045,42 @@ format_odp_set_nsh(struct ds *ds, const struct nlattr *attr) ds_put_cstr(ds, "))"); } @@ -16881,7 +17561,7 @@ index d41c9369f2..311204fa8a 100644 static void format_odp_action(struct ds *ds, const struct nlattr *a, -@@ -1181,6 +1219,12 @@ format_odp_action(struct ds *ds, const struct nlattr *a, +@@ -1181,6 +1220,12 @@ format_odp_action(struct ds *ds, const struct nlattr *a, case OVS_ACTION_ATTR_POP_NSH: ds_put_cstr(ds, "pop_nsh()"); break; @@ -16894,7 +17574,34 @@ index d41c9369f2..311204fa8a 100644 case OVS_ACTION_ATTR_UNSPEC: case __OVS_ACTION_ATTR_MAX: default: -@@ -2397,6 +2441,52 @@ parse_odp_action(const char *s, const struct simap *port_names, +@@ -1380,14 +1425,20 @@ parse_odp_userspace_action(const char *s, struct ofpbuf *actions) + int n1 = -1; + if (ovs_scan(&s[n], ",tunnel_out_port=%"SCNi32")%n", + &tunnel_out_port, &n1)) { +- odp_put_userspace_action(pid, user_data, user_data_size, +- tunnel_out_port, include_actions, actions); +- res = n + n1; ++ res = odp_put_userspace_action(pid, user_data, user_data_size, ++ tunnel_out_port, include_actions, ++ actions, NULL); ++ if (!res) { ++ res = n + n1; ++ } + goto out; + } else if (s[n] == ')') { +- odp_put_userspace_action(pid, user_data, user_data_size, +- ODPP_NONE, include_actions, actions); +- res = n + 1; ++ res = odp_put_userspace_action(pid, user_data, user_data_size, ++ ODPP_NONE, include_actions, ++ actions, NULL); ++ if (!res) { ++ res = n + 1; ++ } + goto out; + } + } +@@ -2397,6 +2448,52 @@ parse_odp_action(const char *s, const struct simap *port_names, } } @@ -16947,7 +17654,7 @@ index d41c9369f2..311204fa8a 100644 { int retval; -@@ -2433,6 +2523,7 @@ odp_actions_from_string(const char *s, const struct simap *port_names, +@@ -2433,6 +2530,7 @@ odp_actions_from_string(const char *s, const struct simap *port_names, size_t old_size; if (!strcasecmp(s, "drop")) { @@ -16955,7 +17662,7 @@ index d41c9369f2..311204fa8a 100644 return 0; } -@@ -5185,13 +5276,16 @@ erspan_to_attr(struct ofpbuf *a, const void *data_) +@@ -5185,13 +5283,16 @@ erspan_to_attr(struct ofpbuf *a, const void *data_) do { \ len = 0; @@ -16979,7 +17686,7 @@ index d41c9369f2..311204fa8a 100644 } #define SCAN_FIELD_NESTED__(NAME, TYPE, SCAN_AS, ATTR, FUNC) \ -@@ -5757,26 +5851,28 @@ odp_flow_key_from_flow__(const struct odp_flow_key_parms *parms, +@@ -5757,26 +5858,28 @@ odp_flow_key_from_flow__(const struct odp_flow_key_parms *parms, if (flow->ct_nw_proto) { if (parms->support.ct_orig_tuple && flow->dl_type == htons(ETH_TYPE_IP)) { @@ -17026,7 +17733,7 @@ index d41c9369f2..311204fa8a 100644 } } if (parms->support.recirc) { -@@ -5986,6 +6082,10 @@ odp_key_from_dp_packet(struct ofpbuf *buf, const struct dp_packet *packet) +@@ -5986,6 +6089,10 @@ odp_key_from_dp_packet(struct ofpbuf *buf, const struct dp_packet *packet) nl_msg_put_u32(buf, OVS_KEY_ATTR_PRIORITY, md->skb_priority); @@ -17037,8 +17744,82 @@ index d41c9369f2..311204fa8a 100644 if (flow_tnl_dst_is_set(&md->tunnel)) { tun_key_to_attr(buf, &md->tunnel, &md->tunnel, NULL, NULL); } +@@ -6957,15 +7064,18 @@ odp_key_fitness_to_string(enum odp_key_fitness fitness) + + /* Appends an OVS_ACTION_ATTR_USERSPACE action to 'odp_actions' that specifies + * Netlink PID 'pid'. If 'userdata' is nonnull, adds a userdata attribute +- * whose contents are the 'userdata_size' bytes at 'userdata' and returns the +- * offset within 'odp_actions' of the start of the cookie. (If 'userdata' is +- * null, then the return value is not meaningful.) */ +-size_t ++ * whose contents are the 'userdata_size' bytes at 'userdata' and sets ++ * 'odp_actions_ofs' if nonnull with the offset within 'odp_actions' of the ++ * start of the cookie. (If 'userdata' is null, then the 'odp_actions_ofs' ++ * value is not meaningful.) ++ * ++ * Returns negative error code on failure. */ ++int + odp_put_userspace_action(uint32_t pid, + const void *userdata, size_t userdata_size, + odp_port_t tunnel_out_port, + bool include_actions, +- struct ofpbuf *odp_actions) ++ struct ofpbuf *odp_actions, size_t *odp_actions_ofs) + { + size_t userdata_ofs; + size_t offset; +@@ -6973,6 +7083,9 @@ odp_put_userspace_action(uint32_t pid, + offset = nl_msg_start_nested(odp_actions, OVS_ACTION_ATTR_USERSPACE); + nl_msg_put_u32(odp_actions, OVS_USERSPACE_ATTR_PID, pid); + if (userdata) { ++ if (nl_attr_oversized(userdata_size)) { ++ return -E2BIG; ++ } + userdata_ofs = odp_actions->size + NLA_HDRLEN; + + /* The OVS kernel module before OVS 1.11 and the upstream Linux kernel +@@ -6998,9 +7111,16 @@ odp_put_userspace_action(uint32_t pid, + if (include_actions) { + nl_msg_put_flag(odp_actions, OVS_USERSPACE_ATTR_ACTIONS); + } ++ if (nl_attr_oversized(odp_actions->size - offset - NLA_HDRLEN)) { ++ return -E2BIG; ++ } + nl_msg_end_nested(odp_actions, offset); + +- return userdata_ofs; ++ if (odp_actions_ofs) { ++ *odp_actions_ofs = userdata_ofs; ++ } ++ ++ return 0; + } + + void +diff --git a/lib/odp-util.h b/lib/odp-util.h +index aa8e6efe37..706fbeb8db 100644 +--- a/lib/odp-util.h ++++ b/lib/odp-util.h +@@ -351,11 +351,12 @@ struct user_action_cookie { + }; + BUILD_ASSERT_DECL(sizeof(struct user_action_cookie) == 48); + +-size_t odp_put_userspace_action(uint32_t pid, +- const void *userdata, size_t userdata_size, +- odp_port_t tunnel_out_port, +- bool include_actions, +- struct ofpbuf *odp_actions); ++int odp_put_userspace_action(uint32_t pid, ++ const void *userdata, size_t userdata_size, ++ odp_port_t tunnel_out_port, ++ bool include_actions, ++ struct ofpbuf *odp_actions, ++ size_t *odp_actions_ofs); + void odp_put_tunnel_action(const struct flow_tnl *tunnel, + struct ofpbuf *odp_actions, + const char *tnl_type); diff --git a/lib/ofp-actions.c b/lib/ofp-actions.c -index 68132c9455..1259c59141 100644 +index 68132c9455..20deed07bd 100644 --- a/lib/ofp-actions.c +++ b/lib/ofp-actions.c @@ -355,6 +355,9 @@ enum ofp_raw_action_type { @@ -17059,7 +17840,23 @@ index 68132c9455..1259c59141 100644 return ofpact_next(ofpact); case OFPACT_CLONE: -@@ -7400,6 +7404,124 @@ check_WRITE_METADATA(const struct ofpact_metadata *a OVS_UNUSED, +@@ -4322,6 +4326,7 @@ decode_NXAST_RAW_ENCAP(const struct nx_action_encap *nae, + { + struct ofpact_encap *encap; + const struct ofp_ed_prop_header *ofp_prop; ++ const size_t encap_ofs = out->size; + size_t props_len; + uint16_t n_props = 0; + int err; +@@ -4349,6 +4354,7 @@ decode_NXAST_RAW_ENCAP(const struct nx_action_encap *nae, + } + n_props++; + } ++ encap = ofpbuf_at_assert(out, encap_ofs, sizeof *encap); + encap->n_props = n_props; + out->header = &encap->ofpact; + ofpact_finish_ENCAP(out, &encap); +@@ -7400,6 +7406,124 @@ check_WRITE_METADATA(const struct ofpact_metadata *a OVS_UNUSED, return 0; } @@ -17184,7 +17981,7 @@ index 68132c9455..1259c59141 100644 /* Goto-Table instruction. */ static void -@@ -7686,6 +7808,7 @@ action_set_classify(const struct ofpact *a) +@@ -7686,6 +7810,7 @@ action_set_classify(const struct ofpact *a) case OFPACT_WRITE_METADATA: case OFPACT_DEBUG_RECIRC: case OFPACT_DEBUG_SLOW: @@ -17192,7 +17989,7 @@ index 68132c9455..1259c59141 100644 return ACTION_SLOT_INVALID; default: -@@ -7885,6 +8008,7 @@ ovs_instruction_type_from_ofpact_type(enum ofpact_type type) +@@ -7885,6 +8010,7 @@ ovs_instruction_type_from_ofpact_type(enum ofpact_type type) case OFPACT_ENCAP: case OFPACT_DECAP: case OFPACT_DEC_NSH_TTL: @@ -17200,7 +17997,7 @@ index 68132c9455..1259c59141 100644 default: return OVSINST_OFPIT11_APPLY_ACTIONS; } -@@ -8755,6 +8879,7 @@ ofpact_outputs_to_port(const struct ofpact *ofpact, ofp_port_t port) +@@ -8755,6 +8881,7 @@ ofpact_outputs_to_port(const struct ofpact *ofpact, ofp_port_t port) case OFPACT_ENCAP: case OFPACT_DECAP: case OFPACT_DEC_NSH_TTL: @@ -17208,7 +18005,7 @@ index 68132c9455..1259c59141 100644 default: return false; } -@@ -8991,7 +9116,6 @@ ofpacts_parse__(char *str, const struct ofpact_parse_params *pp, +@@ -8991,7 +9118,6 @@ ofpacts_parse__(char *str, const struct ofpact_parse_params *pp, enum ofpact_type type; char *error = NULL; ofp_port_t port; @@ -17694,9 +18491,18 @@ index 63b141d1ca..343dced587 100644 static int diff --git a/lib/tc.c b/lib/tc.c -index b19f075f2b..bb2336dab9 100644 +index b19f075f2b..ec3fef5ac2 100644 --- a/lib/tc.c +++ b/lib/tc.c +@@ -380,7 +380,7 @@ nl_parse_flower_mpls(struct nlattr **attrs, struct tc_flower *flower) + if (attrs[TCA_FLOWER_KEY_MPLS_BOS]) { + bos = nl_attr_get_u8(attrs[TCA_FLOWER_KEY_MPLS_BOS]); + set_mpls_lse_bos(&flower->key.mpls_lse, bos); +- set_mpls_lse_ttl(&flower->mask.mpls_lse, 0xff); ++ set_mpls_lse_bos(&flower->mask.mpls_lse, 0xff); + } + + if (attrs[TCA_FLOWER_KEY_MPLS_TC]) { @@ -571,6 +571,7 @@ nl_parse_flower_tunnel(struct nlattr **attrs, struct tc_flower *flower) ovs_be32 id = nl_attr_get_be32(attrs[TCA_FLOWER_KEY_ENC_KEY_ID]); @@ -17922,9 +18728,18 @@ index 7da31753c7..28b04682ea 100644 default: break; diff --git a/ofproto/ofproto-dpif-upcall.c b/ofproto/ofproto-dpif-upcall.c -index 4143bfa29f..ea9efbbae3 100644 +index 4143bfa29f..8c440372fa 100644 --- a/ofproto/ofproto-dpif-upcall.c +++ b/ofproto/ofproto-dpif-upcall.c +@@ -1088,7 +1088,7 @@ compose_slow_path(struct udpif *udpif, struct xlate_out *xout, + } + + odp_put_userspace_action(pid, &cookie, sizeof cookie, +- ODPP_NONE, false, buf); ++ ODPP_NONE, false, buf, NULL); + + if (meter_id != UINT32_MAX) { + nl_msg_end_nested(buf, ac_offset); @@ -1526,6 +1526,7 @@ process_upcall(struct udpif *udpif, struct upcall *upcall, : NULL), am->pin.up.action_set_len = state->action_set_len, @@ -17943,7 +18758,7 @@ index 4143bfa29f..ea9efbbae3 100644 flow->mask, flow->mask_len, flow->ufid_present, &flow->ufid, flow->pmd_id, &actions, diff --git a/ofproto/ofproto-dpif-xlate.c b/ofproto/ofproto-dpif-xlate.c -index 09ad76538f..3f83acd1a9 100644 +index 09ad76538f..d1981769fd 100644 --- a/ofproto/ofproto-dpif-xlate.c +++ b/ofproto/ofproto-dpif-xlate.c @@ -444,6 +444,12 @@ const char *xlate_strerror(enum xlate_error error) @@ -17967,6 +18782,32 @@ index 09ad76538f..3f83acd1a9 100644 } } +@@ -3043,6 +3050,7 @@ xlate_normal(struct xlate_ctx *ctx) + xlate_report(ctx, OFT_DETAIL, "MLD query, flooding"); + xlate_normal_flood(ctx, in_xbundle, &xvlan); + } ++ return; + } else { + if (is_ip_local_multicast(flow, wc)) { + /* RFC4541: section 2.1.2, item 2: Packets with a dst IP +@@ -3158,12 +3166,11 @@ compose_sample_action(struct xlate_ctx *ctx, + odp_port_t odp_port = ofp_port_to_odp_port( + ctx->xbridge, ctx->xin->flow.in_port.ofp_port); + uint32_t pid = dpif_port_get_pid(ctx->xbridge->dpif, odp_port); +- size_t cookie_offset = odp_put_userspace_action(pid, cookie, +- sizeof *cookie, +- tunnel_out_port, +- include_actions, +- ctx->odp_actions); +- ++ size_t cookie_offset; ++ int res = odp_put_userspace_action(pid, cookie, sizeof *cookie, ++ tunnel_out_port, include_actions, ++ ctx->odp_actions, &cookie_offset); ++ ovs_assert(res == 0); + if (is_sample) { + nl_msg_end_nested(ctx->odp_actions, actions_offset); + nl_msg_end_nested(ctx->odp_actions, sample_offset); @@ -4296,6 +4303,7 @@ xlate_table_action(struct xlate_ctx *ctx, ofp_port_t in_port, uint8_t table_id, !is_ip_any(&ctx->xin->flow)) { xlate_report_error(ctx, @@ -17975,6 +18816,15 @@ index 09ad76538f..3f83acd1a9 100644 return; } tuple_swap(&ctx->xin->flow, ctx->wc); +@@ -4709,7 +4717,7 @@ put_controller_user_action(struct xlate_ctx *ctx, + ctx->xin->flow.in_port.ofp_port); + uint32_t pid = dpif_port_get_pid(ctx->xbridge->dpif, odp_port); + odp_put_userspace_action(pid, &cookie, sizeof cookie, ODPP_NONE, +- false, ctx->odp_actions); ++ false, ctx->odp_actions, NULL); + } + + static void @@ -5569,6 +5577,7 @@ reversible_actions(const struct ofpact *ofpacts, size_t ofpacts_len) case OFPACT_UNROLL_XLATE: case OFPACT_WRITE_ACTIONS: @@ -18228,7 +19078,7 @@ index 0a5a52887b..ded81ca0e9 100644 enum xlate_error xlate_actions(struct xlate_in *, struct xlate_out *); diff --git a/ofproto/ofproto-dpif.c b/ofproto/ofproto-dpif.c -index 050ff65773..5f2127e280 100644 +index 050ff65773..eaaa25f615 100644 --- a/ofproto/ofproto-dpif.c +++ b/ofproto/ofproto-dpif.c @@ -827,6 +827,12 @@ ovs_native_tunneling_is_on(struct ofproto_dpif *ofproto) @@ -18409,7 +19259,15 @@ index 050ff65773..5f2127e280 100644 struct flow headers; flow_extract(&packet, &headers); -@@ -6060,6 +6128,7 @@ const struct ofproto_class ofproto_dpif_class = { +@@ -5076,6 +5144,7 @@ nxt_resume(struct ofproto *ofproto_, + /* Clean up. */ + ofpbuf_uninit(&odp_actions); + dp_packet_uninit(&packet); ++ xlate_cache_uninit(&xcache); + + return error; + } +@@ -6060,6 +6129,7 @@ const struct ofproto_class ofproto_dpif_class = { rule_get_stats, packet_xlate, packet_xlate_revert, @@ -18706,6 +19564,28 @@ index cd20bdb7cb..56edc5f000 100644 m->type.value.type = OVSDB_TYPE_VOID; error = ovsdb_datum_from_json(&m->arg, &m->type, array->elems[2], symtab); +diff --git a/ovsdb/ovsdb-client.c b/ovsdb/ovsdb-client.c +index 0215357fee..e823b9823e 100644 +--- a/ovsdb/ovsdb-client.c ++++ b/ovsdb/ovsdb-client.c +@@ -1571,14 +1571,15 @@ static void + do_needs_conversion(struct jsonrpc *rpc, const char *database_ OVS_UNUSED, + int argc OVS_UNUSED, char *argv[]) + { ++ const char *schema_file_name = argv[argc - 1]; + struct ovsdb_schema *schema1; +- check_ovsdb_error(ovsdb_schema_from_file(argv[0], &schema1)); ++ check_ovsdb_error(ovsdb_schema_from_file(schema_file_name, &schema1)); + + char *database = schema1->name; + open_rpc(1, NEED_DATABASE, argc, argv, &rpc, &database); + + if (is_database_clustered(rpc, database)) { +- ovsdb_schema_persist_ephemeral_columns(schema1, argv[0]); ++ ovsdb_schema_persist_ephemeral_columns(schema1, schema_file_name); + } + + struct ovsdb_schema *schema2 = fetch_schema(rpc, schema1->name); diff --git a/ovsdb/ovsdb-idlc.in b/ovsdb/ovsdb-idlc.in index 40fef39edf..96a48d8711 100755 --- a/ovsdb/ovsdb-idlc.in @@ -18931,7 +19811,7 @@ index 65a47a41d3..284ed05519 100644 } diff --git a/ovsdb/ovsdb-tool.c b/ovsdb/ovsdb-tool.c -index 438f975902..45e656d3d3 100644 +index 438f975902..49ba05c88a 100644 --- a/ovsdb/ovsdb-tool.c +++ b/ovsdb/ovsdb-tool.c @@ -559,7 +559,9 @@ do_db_has_magic(struct ovs_cmdl_context *ctx, const char *magic) @@ -18945,6 +19825,14 @@ index 438f975902..45e656d3d3 100644 exit(2); } } +@@ -715,6 +717,7 @@ print_db_changes(struct shash *tables, struct smap *names, + ds_init(&s); + ovsdb_datum_to_string(&datum, type, &s); + value_string = ds_steal_cstr(&s); ++ ovsdb_datum_destroy(&datum, type); + } else { + ovsdb_error_destroy(error); + } diff --git a/ovsdb/raft.c b/ovsdb/raft.c index 68b527c12a..7ba75f6a3f 100644 --- a/ovsdb/raft.c @@ -19358,6 +20246,19 @@ index c15be4b3e5..73aa993da3 100644 if SSL: # Register SSL only if the OpenSSL module is available +diff --git a/python/setup.py b/python/setup.py +index b52657df3a..2cff74eec8 100644 +--- a/python/setup.py ++++ b/python/setup.py +@@ -82,7 +82,7 @@ setup_args = dict( + ext_modules=[setuptools.Extension("ovs._json", sources=["ovs/_json.c"], + libraries=['openvswitch'])], + cmdclass={'build_ext': try_build_ext}, +- install_requires=['sortedcontainers'], ++ install_requires=['six', 'sortedcontainers'], + ) + + try: diff --git a/rhel/openvswitch-fedora.spec.in b/rhel/openvswitch-fedora.spec.in index 4ece47a54d..ba862e25e1 100644 --- a/rhel/openvswitch-fedora.spec.in @@ -19470,7 +20371,7 @@ index 9364454020..c467d02db9 100644 # Uncomment and set the OVS User/Group value diff --git a/tests/automake.mk b/tests/automake.mk -index 92d56b29de..875f23f6a0 100644 +index 92d56b29de..57831e8a6e 100644 --- a/tests/automake.mk +++ b/tests/automake.mk @@ -108,7 +108,8 @@ TESTSUITE_AT = \ @@ -19483,7 +20384,17 @@ index 92d56b29de..875f23f6a0 100644 EXTRA_DIST += $(FUZZ_REGRESSION_TESTS) FUZZ_REGRESSION_TESTS = \ -@@ -150,7 +151,8 @@ SYSTEM_USERSPACE_TESTSUITE_AT = \ +@@ -134,7 +135,8 @@ FUZZ_REGRESSION_TESTS = \ + tests/fuzz-regression/ofp_print_fuzzer-5722747668791296 \ + tests/fuzz-regression/ofp_print_fuzzer-6285128790704128 \ + tests/fuzz-regression/ofp_print_fuzzer-6470117922701312 \ +- tests/fuzz-regression/ofp_print_fuzzer-6502620041576448 ++ tests/fuzz-regression/ofp_print_fuzzer-6502620041576448 \ ++ tests/fuzz-regression/ofp_print_fuzzer-6540965472632832 + $(srcdir)/tests/fuzz-regression-list.at: tests/automake.mk + $(AM_V_GEN)for name in $(FUZZ_REGRESSION_TESTS); do \ + basename=`echo $$name | sed 's,^.*/,,'`; \ +@@ -150,7 +152,8 @@ SYSTEM_USERSPACE_TESTSUITE_AT = \ tests/system-userspace-testsuite.at \ tests/system-ovn.at \ tests/system-userspace-macros.at \ @@ -19493,6 +20404,50 @@ index 92d56b29de..875f23f6a0 100644 SYSTEM_TESTSUITE_AT = \ tests/system-common-macros.at \ +diff --git a/tests/classifier.at b/tests/classifier.at +index 86f872db6b..a63d8c32d7 100644 +--- a/tests/classifier.at ++++ b/tests/classifier.at +@@ -306,3 +306,39 @@ ovs-ofctl: Incorrect instruction ordering + ]) + OVS_VSWITCHD_STOP + AT_CLEANUP ++ ++# Flow classifier a packet with excess of padding. ++AT_SETUP([flow classifier - packet with extra padding]) ++OVS_VSWITCHD_START ++add_of_ports br0 1 2 ++AT_DATA([flows.txt], [dnl ++priority=5,ip,ip_dst=1.1.1.1,actions=1 ++priority=5,ip,ip_dst=1.1.1.2,actions=2 ++priority=0,actions=drop ++]) ++AT_CHECK([ovs-ofctl add-flows br0 flows.txt]) ++packet=00020202020000010101010008004500001c00010000401176cc01010101010101020d6a00350008ee3a ++AT_CHECK([ovs-appctl ofproto/trace br0 in_port=1 $packet] , [0], [stdout]) ++AT_CHECK([tail -2 stdout], [0], ++ [Megaflow: recirc_id=0,eth,ip,in_port=1,nw_dst=1.1.1.2,nw_frag=no ++Datapath actions: 2 ++]) ++# normal packet plus 255 bytes of padding (8bit padding). ++# 255 * 2 = 510 ++padding=$(printf '%*s' 510 | tr ' ' '0') ++AT_CHECK([ovs-appctl ofproto/trace br0 in_port=1 ${packet}${padding}] , [0], [stdout]) ++AT_CHECK([tail -2 stdout], [0], ++ [Megaflow: recirc_id=0,eth,ip,in_port=1,nw_dst=1.1.1.2,nw_frag=no ++Datapath actions: 2 ++]) ++# normal packet plus padding up to 65535 bytes of length (16bit limit). ++# 65535 - 43 = 65492 ++# 65492 * 2 = 130984 ++padding=$(printf '%*s' 130984 | tr ' ' '0') ++AT_CHECK([ovs-appctl ofproto/trace br0 in_port=1 ${packet}${padding}], [0], [stdout]) ++AT_CHECK([tail -2 stdout], [0], ++ [Megaflow: recirc_id=0,eth,ip,in_port=1,nw_dst=1.1.1.2,nw_frag=no ++Datapath actions: 2 ++]) ++OVS_VSWITCHD_STOP ++AT_CLEANUP diff --git a/tests/dpif-netdev.at b/tests/dpif-netdev.at index 6915d43ba1..9295f5a0ec 100644 --- a/tests/dpif-netdev.at @@ -19708,8 +20663,34 @@ index 0000000000..67d1a4aa23 + +OVS_VSWITCHD_STOP(["/|WARN|/d"]) +AT_CLEANUP +diff --git a/tests/fuzz-regression-list.at b/tests/fuzz-regression-list.at +index e3173fb88f..2347c690ef 100644 +--- a/tests/fuzz-regression-list.at ++++ b/tests/fuzz-regression-list.at +@@ -21,3 +21,4 @@ TEST_FUZZ_REGRESSION([ofp_print_fuzzer-5722747668791296]) + TEST_FUZZ_REGRESSION([ofp_print_fuzzer-6285128790704128]) + TEST_FUZZ_REGRESSION([ofp_print_fuzzer-6470117922701312]) + TEST_FUZZ_REGRESSION([ofp_print_fuzzer-6502620041576448]) ++TEST_FUZZ_REGRESSION([ofp_print_fuzzer-6540965472632832]) +diff --git a/tests/fuzz-regression/ofp_print_fuzzer-6540965472632832 b/tests/fuzz-regression/ofp_print_fuzzer-6540965472632832 +new file mode 100644 +index 0000000000..e69de29bb2 +diff --git a/tests/library.at b/tests/library.at +index a30d362e34..49d90f4303 100644 +--- a/tests/library.at ++++ b/tests/library.at +@@ -53,7 +53,8 @@ AT_CHECK([ovstest test-packets]) + AT_CLEANUP + + AT_SETUP([SHA-1]) +-AT_CHECK([ovstest test-sha1], [0], [......... ++AT_KEYWORDS([sha1]) ++AT_CHECK([ovstest test-sha1], [0], [.......... + ]) + AT_CLEANUP + diff --git a/tests/odp.at b/tests/odp.at -index 86a918e662..a172c49fe1 100644 +index 86a918e662..ac17b8525f 100644 --- a/tests/odp.at +++ b/tests/odp.at @@ -377,6 +377,10 @@ clone(1) @@ -19723,6 +20704,50 @@ index 86a918e662..a172c49fe1 100644 ]) AT_CHECK_UNQUOTED([ovstest test-odp parse-actions < actions.txt], [0], [`cat actions.txt` +@@ -391,6 +395,43 @@ odp_actions_from_string: error + ]) + AT_CLEANUP + ++AT_SETUP([OVS datapath actions parsing and formatting - userdata overflow]) ++dnl Userdata should fit in a single netlink message, i.e. should be less than ++dnl UINT16_MAX - NLA_HDRLEN = 65535 - 4 = 65531 bytes. OVS should not accept ++dnl larger userdata. OTOH, userdata is part of a nested netlink message, that ++dnl should not be oversized too. 'pid' takes NLA_HDRLEN + 4 = 8 bytes. ++dnl Plus NLA_HDRLEN for the nested header. 'actions' flag takes NLA_HDRLEN = 4 ++dnl and 'tunnel_out_port' takes NLA_HDRLEN + 4 = 8 bytes. ++dnl So, for the variant with 'actions' maximum length of userdata should be: ++dnl UINT16_MAX - NLA_HDRLEN - (NLA_HDRLEN + 4) - NLA_HDRLEN - NLA_HDRLEN ++dnl total max nested header pid actions userdata ++dnl Result: 65515 bytes for the actual userdata. ++dnl For the case with 'tunnel_out_port': 65511 ++dnl Size of userdata will be rounded up to be multiple of 4, so highest ++dnl acceptable sizes are 65512 and 65508. ++ ++dnl String with length 65512 * 2 = 131024 is valid, while 131026 is not. ++data_valid=$( printf '%*s' 131024 | tr ' ' "a") ++data_invalid=$(printf '%*s' 131026 | tr ' ' "a") ++ ++echo "userspace(pid=1234567,userdata(${data_valid}),actions)" > actions.txt ++echo "userspace(pid=1234567,userdata(${data_invalid}),actions)" >> actions.txt ++ ++dnl String with length 65508 * 2 = 131016 is valid, while 131018 is not. ++data_valid=$( printf '%*s' 131016 | tr ' ' "a") ++data_invalid=$(printf '%*s' 131018 | tr ' ' "a") ++ ++echo "userspace(pid=1234567,userdata(${data_valid}),tunnel_out_port=10)" >> actions.txt ++echo "userspace(pid=1234567,userdata(${data_invalid}),tunnel_out_port=10)" >> actions.txt ++ ++AT_CHECK_UNQUOTED([ovstest test-odp parse-actions < actions.txt], [0], [dnl ++`cat actions.txt | head -1` ++odp_actions_from_string: error ++`cat actions.txt | head -3 | tail -1` ++odp_actions_from_string: error ++]) ++AT_CLEANUP ++ + AT_SETUP([OVS datapath keys parsing and formatting - 33 nested encap ]) + AT_DATA([odp-in.txt], [dnl + encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap(encap())))))))))))))))))))))))))))))))) diff --git a/tests/ofp-actions.at b/tests/ofp-actions.at index e320a92a8f..348117197c 100644 --- a/tests/ofp-actions.at @@ -20106,6 +21131,54 @@ index 6ae3470425..82c89686f0 100644 NXT_FLOW_MOD: ADD table:255 ip actions=ct(commit,zone=5) NXT_FLOW_MOD: ADD table:255 ip actions=ct(commit,exec(load:0x1->NXM_NX_CT_MARK[])) NXT_FLOW_MOD: ADD table:255 ip actions=ct(commit,exec(load:0x1->NXM_NX_CT_LABEL[0..63],load:0->NXM_NX_CT_LABEL[64..127])) +diff --git a/tests/ovsdb-client.at b/tests/ovsdb-client.at +index 8d777a0275..5e3b26aea8 100644 +--- a/tests/ovsdb-client.at ++++ b/tests/ovsdb-client.at +@@ -12,6 +12,30 @@ AT_CHECK([ovsdb-client get-schema-cksum unix:socket ordinals], [0], [12345678 9 + OVSDB_SERVER_SHUTDOWN + AT_CLEANUP + ++AT_SETUP([ovsdb-client needs-conversion (no conversion needed)]) ++AT_KEYWORDS([ovsdb client file positive]) ++ordinal_schema > schema ++touch .db.~lock~ ++AT_CHECK([ovsdb-tool create db schema], [0], [], [ignore]) ++AT_CHECK([ovsdb-server --detach --no-chdir --pidfile --remote=punix:socket db], [0], [ignore], [ignore]) ++AT_CHECK([ovsdb-client needs-conversion unix:socket schema], [0], [no ++]) ++OVSDB_SERVER_SHUTDOWN ++AT_CLEANUP ++ ++AT_SETUP([ovsdb-client needs-conversion (conversion needed)]) ++AT_KEYWORDS([ovsdb client file positive]) ++ordinal_schema > schema ++touch .db.~lock~ ++AT_CHECK([ovsdb-tool create db schema], [0], [], [ignore]) ++AT_CHECK([ovsdb-server --detach --no-chdir --pidfile --remote=punix:socket db], [0], [ignore], [ignore]) ++sed 's/5\.1\.3/5.1.4/' < schema > schema2 ++AT_CHECK([diff schema schema2], [1], [ignore]) ++AT_CHECK([ovsdb-client needs-conversion unix:socket schema2], [0], [yes ++]) ++OVSDB_SERVER_SHUTDOWN ++AT_CLEANUP ++ + AT_SETUP([ovsdb-client backup and restore]) + AT_KEYWORDS([ovsdb client positive]) + +diff --git a/tests/ovsdb-cluster.at b/tests/ovsdb-cluster.at +index c7f1e344c9..115c9f7978 100644 +--- a/tests/ovsdb-cluster.at ++++ b/tests/ovsdb-cluster.at +@@ -152,7 +152,7 @@ ovsdb|WARN|schema: changed 2 columns in 'OVN_Southbound' database from ephemeral + # Use file instead of var because code inside "while" runs in a subshell. + echo 0 > phase + i=0 +- (while :; do echo; sleep 1; done) | while read REPLY; do ++ (while :; do echo || exit 0; sleep 1; done) | while read REPLY; do + printf "t=%2d s:" $i + done=0 + for j in $(seq 0 $(expr $n1 - 1)); do diff --git a/tests/ovsdb-idl.at b/tests/ovsdb-idl.at index 8981b5e2f9..3661816f6d 100644 --- a/tests/ovsdb-idl.at @@ -20575,6 +21648,61 @@ index 187eb28671..c49f084b5f 100644 ovsdb_idl_track_clear(idl); } else { print_idl(idl, step++); +diff --git a/tests/test-sha1.c b/tests/test-sha1.c +index b7279db6aa..cc80888a7d 100644 +--- a/tests/test-sha1.c ++++ b/tests/test-sha1.c +@@ -137,6 +137,42 @@ test_big_vector(void) + free(vec.data); + } + ++static void ++test_huge_vector(void) ++{ ++ enum { SIZE = 1000000000 }; ++ struct test_vector vec = { ++ NULL, SIZE, ++ /* Computed by the sha1sum utility for a file with 10^9 symbols 'a'. */ ++ { 0xD0, 0xF3, 0xE4, 0xF2, 0xF3, 0x1C, 0x66, 0x5A, 0xBB, 0xD8, ++ 0xF5, 0x18, 0xE8, 0x48, 0xD5, 0xCB, 0x80, 0xCA, 0x78, 0xF7 } ++ }; ++ int chunk = random_range(SIZE / 10000); ++ uint8_t md[SHA1_DIGEST_SIZE]; ++ struct sha1_ctx sha1; ++ size_t i, sz; ++ ++ /* It's not user-friendly to allocate 1GB of memory for a unit test, ++ * so we're allocating only a small chunk and re-using it. */ ++ vec.data = xmalloc(chunk); ++ for (i = 0; i < chunk; i++) { ++ vec.data[i] = 'a'; ++ } ++ ++ sha1_init(&sha1); ++ for (sz = 0; sz < SIZE; sz += chunk) { ++ int n = sz + chunk < SIZE ? chunk : SIZE - sz; ++ ++ sha1_update(&sha1, vec.data, n); ++ } ++ sha1_final(&sha1, md); ++ ovs_assert(!memcmp(md, vec.output, SHA1_DIGEST_SIZE)); ++ ++ free(vec.data); ++ putchar('.'); ++ fflush(stdout); ++} ++ + static void + test_shar1_main(int argc OVS_UNUSED, char *argv[] OVS_UNUSED) + { +@@ -147,6 +183,7 @@ test_shar1_main(int argc OVS_UNUSED, char *argv[] OVS_UNUSED) + } + + test_big_vector(); ++ test_huge_vector(); + + putchar('\n'); + } diff --git a/tests/testsuite.at b/tests/testsuite.at index b840dbfa70..922ba48fdf 100644 --- a/tests/testsuite.at diff --git a/SPECS/openvswitch2.11.spec b/SPECS/openvswitch2.11.spec index a85e2ff..6387b95 100644 --- a/SPECS/openvswitch2.11.spec +++ b/SPECS/openvswitch2.11.spec @@ -24,11 +24,8 @@ # FIXME Test "STP - flush the fdb and mdb when topology changed" fails on s390x # FIXME 2 tests fails on ppc64le. They will be hopefully fixed before official 2.11 -# Disable Tests due to https://pagure.io/centos-infra/issue/42, tests failing -# as build is running on CentOS7 builder, once builders are CentOS8 based tests can -# be re enabled. %ifarch %{ix86} x86_64 aarch64 -%bcond_with check +%bcond_without check %else %bcond_with check %endif @@ -69,7 +66,7 @@ Summary: Open vSwitch Group: System Environment/Daemons daemon/database/utilities URL: http://www.openvswitch.org/ Version: 2.11.3 -Release: 74%{?dist} +Release: 86%{?dist} # Nearly all of openvswitch is ASL 2.0. The bugtool is LGPLv2+, and the # lib/sflow*.[ch] files are SISSL @@ -748,6 +745,54 @@ exit 0 %changelog +* Tue Mar 16 2021 Open vSwitch CI - 2.11.3-86 +- Merging upstream branch-2.11 + [67070c0625be3ba1bb178a4003512da416076a84] + +* Wed Feb 10 2021 Open vSwitch CI - 2.11.3-85 +- Merging upstream branch-2.11 + [4351a9b51261d2079765dac654466202a4bd6a16] + +* Fri Feb 05 2021 Open vSwitch CI - 2.11.3-84 +- Merging upstream branch-2.11 + [a4f1272cee605e664aaea91ae28daff5a24857d6] + +* Thu Feb 04 2021 Timothy Redaelli - 2.11.3-83 +- flow: Support extra padding length. + [35a473f35c7227fcf9db3a338c52bc6f8bd4fa97] + +* Wed Feb 03 2021 Open vSwitch CI - 2.11.3-82 +- Merging upstream branch-2.11 + [2e04729b438263639f321cdebb0191e0de668fd9] + +* Tue Feb 02 2021 Open vSwitch CI - 2.11.3-81 +- Merging upstream branch-2.11 + [a6fede58cbbb901bfa9fae88d59f088b005368b5] + +* Thu Jan 21 2021 Open vSwitch CI - 2.11.3-80 +- Merging upstream branch-2.11 + [b8354bd06233b96923cc18f7b8d769f0164d89c3] + +* Thu Jan 14 2021 Open vSwitch CI - 2.11.3-79 +- Merging upstream branch-2.11 + [f41ec7e05b34518090771eafc1ca17f297c5f520] + +* Wed Jan 13 2021 Open vSwitch CI - 2.11.3-78 +- Merging upstream branch-2.11 + [68170d878c052468321f0a6a15b44c1f531abb4f] + +* Thu Jan 07 2021 Open vSwitch CI - 2.11.3-77 +- Merging upstream branch-2.11 + [10478e38029da25e549bf899dde41a6eb948d523] + +* Thu Dec 24 2020 Open vSwitch CI - 2.11.3-76 +- Merging upstream branch-2.11 + [aa80d76b094b7eea8cd651a62ce251f77f179c25] + +* Wed Dec 02 2020 Open vSwitch CI - 2.11.3-75 +- Merging upstream branch-2.11 + [838f461d65b104b814f1f6857710c0221f50ca3f] + * Tue Nov 17 2020 Open vSwitch CI - 2.11.3-74 - Merging upstream branch-2.11 [757d6ce62c7f7fe77533f6d632f515db847c4145]