diff --git a/SOURCES/openvswitch-3.3.0.patch b/SOURCES/openvswitch-3.3.0.patch index c7dfe02..bfa683c 100644 --- a/SOURCES/openvswitch-3.3.0.patch +++ b/SOURCES/openvswitch-3.3.0.patch @@ -2973,6 +2973,19 @@ index cfdf44f854..0858de3746 100644 /* Updates 'bond''s overall configuration to 's'. * +diff --git a/ofproto/ofproto-dpif-mirror.c b/ofproto/ofproto-dpif-mirror.c +index 343b75f0ed..45024580aa 100644 +--- a/ofproto/ofproto-dpif-mirror.c ++++ b/ofproto/ofproto-dpif-mirror.c +@@ -265,7 +265,7 @@ mirror_set(struct mbridge *mbridge, void *aux, const char *name, + { + hmapx_destroy(&srcs_map); + hmapx_destroy(&dsts_map); +- return 0; ++ return ECANCELED; + } + + /* XXX: Not sure if these need to be thread safe. */ diff --git a/ofproto/ofproto-dpif-trace.c b/ofproto/ofproto-dpif-trace.c index b86e7fe07e..e43d9f88c9 100644 --- a/ofproto/ofproto-dpif-trace.c @@ -3273,10 +3286,27 @@ index 1cf4d5f7c9..fec01aea1f 100644 } else { if (ctx->recirc_update_dp_hash) { diff --git a/ofproto/ofproto-dpif.c b/ofproto/ofproto-dpif.c -index f59d69c4d1..fe034f9717 100644 +index f59d69c4d1..7e300c3f97 100644 --- a/ofproto/ofproto-dpif.c +++ b/ofproto/ofproto-dpif.c -@@ -3904,15 +3904,21 @@ port_query_by_name(const struct ofproto *ofproto_, const char *devname, +@@ -3669,6 +3669,16 @@ mirror_set__(struct ofproto *ofproto_, void *aux, + s->n_dsts, s->src_vlans, + bundle_lookup(ofproto, s->out_bundle), + s->snaplen, s->out_vlan); ++ ++ if (!error) { ++ ofproto->backer->need_revalidate = REV_RECONFIGURE; ++ } else if (error == ECANCELED) { ++ /* The user requested a change that is identical to the current state, ++ * the reconfiguration is canceled, but don't log an error message ++ * about that. */ ++ error = 0; ++ } ++ + free(srcs); + free(dsts); + return error; +@@ -3904,15 +3914,21 @@ port_query_by_name(const struct ofproto *ofproto_, const char *devname, int error; if (sset_contains(&ofproto->ghost_ports, devname)) { @@ -4435,6 +4465,32 @@ index 49dc06e38c..558632320c 100644 ${OVS_USER_OPT} \ --no-monitor restart $OPTIONS +TimeoutSec=300 +diff --git a/selinux/openvswitch-custom.te.in b/selinux/openvswitch-custom.te.in +index beb0ab0d66..fe2c5bb61a 100644 +--- a/selinux/openvswitch-custom.te.in ++++ b/selinux/openvswitch-custom.te.in +@@ -49,8 +49,8 @@ require { + class fifo_file { getattr read write append ioctl lock open }; + class filesystem getattr; + class lnk_file { read open }; +- class netlink_audit_socket { create nlmsg_relay audit_write read write }; +- class netlink_netfilter_socket { create nlmsg_relay audit_write read write }; ++ class netlink_audit_socket { create nlmsg_relay read write }; ++ class netlink_netfilter_socket { create read write }; + @begin_dpdk@ + class netlink_rdma_socket { setopt bind create }; + @end_dpdk@ +@@ -79,8 +79,8 @@ domtrans_pattern(openvswitch_t, openvswitch_load_module_exec_t, openvswitch_load + + #============= openvswitch_t ============== + allow openvswitch_t self:capability { dac_override audit_write net_broadcast net_raw }; +-allow openvswitch_t self:netlink_audit_socket { create nlmsg_relay audit_write read write }; +-allow openvswitch_t self:netlink_netfilter_socket { create nlmsg_relay audit_write read write }; ++allow openvswitch_t self:netlink_audit_socket { create nlmsg_relay read write }; ++allow openvswitch_t self:netlink_netfilter_socket { create read write }; + @begin_dpdk@ + allow openvswitch_t self:netlink_rdma_socket { setopt bind create }; + @end_dpdk@ diff --git a/tests/atlocal.in b/tests/atlocal.in index f321bae55f..8565a0bae9 100644 --- a/tests/atlocal.in diff --git a/SPECS/openvswitch3.3.spec b/SPECS/openvswitch3.3.spec index 27ef9c7..f9693d3 100644 --- a/SPECS/openvswitch3.3.spec +++ b/SPECS/openvswitch3.3.spec @@ -57,7 +57,7 @@ Summary: Open vSwitch Group: System Environment/Daemons daemon/database/utilities URL: http://www.openvswitch.org/ Version: 3.3.0 -Release: 50%{?dist} +Release: 51%{?dist} # Nearly all of openvswitch is ASL 2.0. The bugtool is LGPLv2+, and the # lib/sflow*.[ch] files are SISSL @@ -769,6 +769,13 @@ exit 0 %endif %changelog +* Fri Sep 20 2024 Open vSwitch CI - 3.3.0-51 +- Merging upstream branch-3.3 [RH git: 5ab2df5d8f] + Commit list: + 5f5c3d9229 selinux: Update policy file. + 2d14266cb9 ofproto-dpif-mirror: Always revalidate on mirror update. (FDP-788) + + * Fri Sep 20 2024 Open vSwitch CI - 3.3.0-50 - Merging upstream branch-3.3 [RH git: d29ec5b684] Commit list: