[ovs-git] [openvswitch/ovs] d5822f: gre: Remove dead ipgre code
GitHub
noreply at github.com
Fri Nov 16 22:14:39 UTC 2018
Branch: refs/heads/dpdk-latest
Home: https://github.com/openvswitch/ovs
Commit: d5822f428814d1224b8d278ebe3ee5e1de16625c
https://github.com/openvswitch/ovs/commit/d5822f428814d1224b8d278ebe3ee5e1de16625c
Author: Greg Rose <gvrose8192 at gmail.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M datapath/linux/compat/ip_gre.c
Log Message:
-----------
gre: Remove dead ipgre code
Open vSwitch uses gretap, not ipgre for gre tunneling. Remove dead
code for ipgre type tunnels.
Acked-by: William Tu <u9012063 at gmail.com>
Signed-off-by: Greg Rose <gvrose8192 at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 0277582178a153384a015855e206b9d613770d42
https://github.com/openvswitch/ovs/commit/0277582178a153384a015855e206b9d613770d42
Author: Greg Rose <gvrose8192 at gmail.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M vswitchd/vswitch.xml
Log Message:
-----------
vswitchd: Update documentation for legacy_l3 type packets
The documentation needs to specify that for GRE tunnels there is no
support for legacy_l3 type packets in the kernel datapath.
Acked-by: William Tu <u9012063 at gmail.com>
Signed-off-by: Greg Rose <gvrose8192 at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: b50268e812d2d7a794a2842811f6a7fc042de73c
https://github.com/openvswitch/ovs/commit/b50268e812d2d7a794a2842811f6a7fc042de73c
Author: Darrell Ball <dlu998 at gmail.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M Documentation/faq/releases.rst
Log Message:
-----------
faq: Specify QoS support is dependent on interface type.
QoS support depends on interface type; document it.
Signed-off-by: Darrell Ball <dlu998 at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: da5b26ad8e970bcd7673ae1bbf8a906646d1a48d
https://github.com/openvswitch/ovs/commit/da5b26ad8e970bcd7673ae1bbf8a906646d1a48d
Author: William Tu <u9012063 at gmail.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M Documentation/faq/releases.rst
Log Message:
-----------
faq: update the ERSPAN/GRE tunnel feature.
Add ERSPAN/GRE tunnel to datapath feature comparison table.
Reviewed-by: Greg Rose <gvrose8192 at gmail.com>
Signed-off-by: William Tu <u9012063 at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: dc4be59890aad3e5bc8b39f9e09406ca74e11768
https://github.com/openvswitch/ovs/commit/dc4be59890aad3e5bc8b39f9e09406ca74e11768
Author: Yifeng Sun <pkusunyifeng at gmail.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M ovn/lib/actions.c
Log Message:
-----------
actions: Enforce a maximum limit for nested action depth
If nested depth of actions is too deep, then the stack will be overflown
and ovs-vswitch crashes. This patch prevents this by adding a depth limit
to nested actions.
Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11237
Signed-off-by: Yifeng Sun <pkusunyifeng at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: ac20d3feb127fe0ed1474ba87935260a18bde67c
https://github.com/openvswitch/ovs/commit/ac20d3feb127fe0ed1474ba87935260a18bde67c
Author: Yifeng Sun <pkusunyifeng at gmail.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M lib/odp-util.c
M tests/odp.at
Log Message:
-----------
odp-util: Set a limit for nested parse_odp_key_mask_attr call
This patch puts a limit on the nested depth in flow key string to avoid
stackoverflow. An example to show this issue is a key string contains
thousands of nested encaps. In addition, a new test is added for this fix.
Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11149
Signed-off-by: Yifeng Sun <pkusunyifeng at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: e29744123207be23c12d942cd3ea8ba11c5d3c0e
https://github.com/openvswitch/ovs/commit/e29744123207be23c12d942cd3ea8ba11c5d3c0e
Author: Yifeng Sun <pkusunyifeng at gmail.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M tests/oss-fuzz/ofctl_parse_target.c
Log Message:
-----------
ofctl_parse_target: Avoid passing invalid ofputil_protocol to ofputil_protocol_to_ofp_version
In this test, the involved ovs functions expect valid ofputil_protocol
values. Therefore, if usable_protocols is invalid, we should return.
Otherwise, ovs will abort.
Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11165
Signed-off-by: Yifeng Sun <pkusunyifeng at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: ba8eb43a073ed49d669a8c78d52baab7362e81fa
https://github.com/openvswitch/ovs/commit/ba8eb43a073ed49d669a8c78d52baab7362e81fa
Author: Yifeng Sun <pkusunyifeng at gmail.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M lib/dns-resolve.c
Log Message:
-----------
dns-resolve: Stop dns resolving if no DNS server configured
DNS resolution should fail if no DNS servers are available. This
patch fixes it.
Suggested-by: Ben Pfaff <blp at ovn.org>
Suggested-by: Mark Michelson <mmichels at redhat.com>
Signed-off-by: Yifeng Sun <pkusunyifeng at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 9ce4aa8ee74642dedb4d2b1e7ece99c086d02c37
https://github.com/openvswitch/ovs/commit/9ce4aa8ee74642dedb4d2b1e7ece99c086d02c37
Author: Yifeng Sun <pkusunyifeng at gmail.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M Documentation/intro/install/general.rst
M NEWS
M lib/dns-resolve.c
Log Message:
-----------
dns-resolve: Improve on handling of system DNS nameserver
This patch enables OVS on windows to read system nameserver configuration.
In addition, a new environment variable OVS_RESOLV_CONF is introduced.
If set, it can be used as DNS server configuration file. This variable
is supposed to be used for sandboxing other things. It is documented
accordingly.
Suggested-by: Ben Pfaff <blp at ovn.org>
Suggested-by: Mark Michelson <mmichels at redhat.com>
Signed-off-by: Yifeng Sun <pkusunyifeng at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: f7fc8a30f9fe5f92a8897bc71f64d7c47d298ee1
https://github.com/openvswitch/ovs/commit/f7fc8a30f9fe5f92a8897bc71f64d7c47d298ee1
Author: Han Zhou <hzhou8 at ebay.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M ofproto/ofproto.c
Log Message:
-----------
ofproto.c: Fix port number leaking.
When there is an error in ofport_install(), the ofp port number is
not deallocated, which leads to port number leak. For example,
when there is an redundant tunnel port added in an OVS bridge,
ovs-vswitchd will try to add the port to ofproto whenever OVSDB
changes, which would trigger the port number leak, and over the
time there won't be any port available for valid requests.
Signed-off-by: Han Zhou <hzhou8 at ebay.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 8fa5a2819c2937849e60cc1f23095a8fb24d6a6f
https://github.com/openvswitch/ovs/commit/8fa5a2819c2937849e60cc1f23095a8fb24d6a6f
Author: Han Zhou <hzhou8 at ebay.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M ofproto/ofproto.c
Log Message:
-----------
ofproto.c: Handle the situation when ofp_port number exhausted.
When ofp_port number is exhausted, OFPP_NONE (65535) will be
returned by alloc_ofp_port(). In this case we should error out
instead of continue using 65535 as port number.
Using the invalid number causes unpredictable consequences:
2018-11-06T01:29:10.042Z|142103|dpif(ovs-vswitchd)|WARN|system at ovs-system: failed to add ovn-aded97-0 as port: Device or resource busy
2018-11-06T01:29:10.045Z|142104|bridge(ovs-vswitchd)|INFO|bridge br-int: added interface ovn-aded97-0 on port 65535
2018-11-06T01:29:11.479Z|142108|ofproto(ovs-vswitchd)|WARN|br-int: cannot configure bfd on nonexistent port 65535
2018-11-06T01:29:11.479Z|142109|ofproto(ovs-vswitchd)|WARN|br-int: cannot configure LLDP on nonexistent port 65535
2018-11-06T01:29:11.479Z|142110|ofproto(ovs-vswitchd)|WARN|br-int: cannot configure datapath on nonexistent port 65535
...
2018-11-06T01:29:18.783Z|142117|bfd(ovs-vswitchd)|INFO|ovn-aded97-0: BFD state change: admin_down->down "No Diagnostic"->"No Diagnostic".
2018-11-06T01:29:18.785Z|00061|bfd(monitor82)|INFO|Interface ovn-aded97-0 remote mult value 0 changed to 3
2018-11-06T01:29:18.785Z|00062|bfd(monitor82)|INFO|ovn-aded97-0: New remote min_rx.
...
2018-11-06T01:29:18.773Z|142111|bridge(ovs-vswitchd)|INFO|bridge br-int: deleted interface ovn-aded97-0 on port 65535
...
2018-11-06T01:29:18.779Z|142115|dpif(ovs-vswitchd)|WARN|system at ovs-system: failed to add ovn-aded97-0 as port: Device or resource busy
2018-11-06T01:29:18.782Z|142116|bridge(ovs-vswitchd)|INFO|bridge br-int: added interface ovn-aded97-0 on port 65535
...
2018-11-06T01:29:18.785Z|00064|bfd(monitor82)|WARN|ovn-aded97-0: Incorrect your_disc.
...
Signed-off-by: Han Zhou <hzhou8 at ebay.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 00b8c48f6c70f55f9d224acf927a3b40d07558b3
https://github.com/openvswitch/ovs/commit/00b8c48f6c70f55f9d224acf927a3b40d07558b3
Author: Aaron Conole <aconole at redhat.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M rhel/openvswitch-fedora.spec.in
Log Message:
-----------
rhel: hugetlbfs group should be added as a system group.
Reported-by: Edgar Hoch <edgar.hoch at ims.uni-stuttgart.de>
Signed-off-by: Aaron Conole <aconole at redhat.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 29f3e6cf65a1d8b6cd71c07a700f03454aa8fc93
https://github.com/openvswitch/ovs/commit/29f3e6cf65a1d8b6cd71c07a700f03454aa8fc93
Author: Ben Pfaff <blp at ovn.org>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M Documentation/faq/qos.rst
Log Message:
-----------
faq: Update information on meters.
Acked-by: Mark Michelson <mmichels at redhat.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: d96d0b019a6557d41d11af48925da840b3a1ecb6
https://github.com/openvswitch/ovs/commit/d96d0b019a6557d41d11af48925da840b3a1ecb6
Author: Qiuyu Xiao <qiuyu.xiao.qyx at gmail.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M datapath/linux/compat/geneve.c
Log Message:
-----------
datapath: add transport ports in route lookup for geneve
This patch adds transport ports information for route lookup so that
IPsec can select geneve tunnel traffic to do encryption.
Signed-off-by: Qiuyu Xiao <qiuyu.xiao.qyx at gmail.com>
Reviewed-by: Greg Rose <gvrose8192 at gmail.com>
Tested-by: Greg Rose <gvrose8192 at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 22c5eafb6efa874014a5234de8ca587b693db4df
https://github.com/openvswitch/ovs/commit/22c5eafb6efa874014a5234de8ca587b693db4df
Author: Qiuyu Xiao <qiuyu.xiao.qyx at gmail.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M Makefile.am
A ipsec/automake.mk
A ipsec/ovs-monitor-ipsec
Log Message:
-----------
ipsec: reintroduce IPsec support for tunneling
This patch reintroduces ovs-monitor-ipsec daemon that
was previously removed by commit 2b02d770 ("openvswitch:
Allow external IPsec tunnel management.")
After this patch, there are no IPsec flavored tunnels anymore.
IPsec is enabled by setting up the right values in:
1. OVSDB:Interface:options column;
2. OVSDB:Open_vSwitch:other_config column;
3. OpenFlow pipeline.
GRE, VXLAN, GENEVE, and STT IPsec tunnels are supported. LibreSwan and
StrongSwan IKE daemons are supported. User can choose pre-shared key,
self-signed peer certificate, or CA-signed certificate as authentication
methods.
Signed-off-by: Qiuyu Xiao <qiuyu.xiao.qyx at gmail.com>
Signed-off-by: Ansis Atteka <aatteka at ovn.org>
Co-authored-by: Ansis Atteka <aatteka at ovn.org>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: bdddc715358e346a5a19365ad59dc8627ebd4e9a
https://github.com/openvswitch/ovs/commit/bdddc715358e346a5a19365ad59dc8627ebd4e9a
Author: Qiuyu Xiao <qiuyu.xiao.qyx at gmail.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M debian/automake.mk
M debian/control
A debian/openvswitch-ipsec.dirs
A debian/openvswitch-ipsec.init
A debian/openvswitch-ipsec.install
M rhel/automake.mk
M rhel/openvswitch-fedora.spec.in
A rhel/usr_lib_systemd_system_openvswitch-ipsec.service
M utilities/ovs-ctl.in
Log Message:
-----------
debian and rhel: Create IPsec package.
Added rules and files to create debian and rpm ovs-ipsec packages.
Signed-off-by: Qiuyu Xiao <qiuyu.xiao.qyx at gmail.com>
Signed-off-by: Ansis Atteka <aatteka at ovn.org>
Co-authored-by: Ansis Atteka <aatteka at ovn.org>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 7b243c308967bec769667c458580caba27b587c8
https://github.com/openvswitch/ovs/commit/7b243c308967bec769667c458580caba27b587c8
Author: Qiuyu Xiao <qiuyu.xiao.qyx at gmail.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M Documentation/automake.mk
M Documentation/howto/index.rst
A Documentation/howto/ipsec.rst
M Documentation/index.rst
M Documentation/tutorials/index.rst
A Documentation/tutorials/ipsec.rst
M vswitchd/vswitch.xml
Log Message:
-----------
Documentation: IPsec tunnel tutorial and documentation.
tutorials/index.rst gives a step-by-setp guide to set up OVS IPsec
tunnel.
tutorials/ipsec.rst gives detailed explanation on the IPsec tunnel
configuration methods and forwarding modes.
Signed-off-by: Qiuyu Xiao <qiuyu.xiao.qyx at gmail.com>
Signed-off-by: Ansis Atteka <aatteka at ovn.org>
Co-authored-by: Ansis Atteka <aatteka at ovn.org>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: b1cc0dbac0ebbc32f5c0da3a27ec67f2a303636a
https://github.com/openvswitch/ovs/commit/b1cc0dbac0ebbc32f5c0da3a27ec67f2a303636a
Author: Qiuyu Xiao <qiuyu.xiao.qyx at gmail.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M ovn/controller/encaps.c
M ovn/controller/encaps.h
M ovn/controller/ovn-controller.c
M ovn/northd/ovn-northd.c
M ovn/ovn-architecture.7.xml
M ovn/ovn-nb.ovsschema
M ovn/ovn-nb.xml
M ovn/ovn-sb.ovsschema
M ovn/ovn-sb.xml
Log Message:
-----------
OVN: native support for tunnel encryption
This patch adds IPsec support for OVN tunnel. Basically, OVN offers a
binary option to its user for encryption configuration. If the IPsec
option is turned on, all tunnels will be encrypted. Otherwise, no tunnel
will be encrypted.
The changes are summarized as below:
1) Added a ipsec column on the NB_Global table and SB_Global table. The
value of ipsec column is propagated by ovn-northd from NB_Global to
SB_Global.
2) ovn-controller monitors the ipsec column in SB_Global. If the ipsec
value is true, ovn-controller sets options of the tunnel interface by
specifying "options:remote_name=<remote_chassis_name>". If the ipsec
value is false, ovn-controller removes these options.
3) ovs-monitor-ipsec daemon
(https://mail.openvswitch.org/pipermail/ovs-dev/2018-June/348701.html)
monitors the tunnel interface options and configures IKE daemon
accordingly for IPsec encryption.
Signed-off-by: Qiuyu Xiao <qiuyu.xiao.qyx at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: fcd8f561b6fb8d58b4a4d0aaef5c8b59a55aa8a3
https://github.com/openvswitch/ovs/commit/fcd8f561b6fb8d58b4a4d0aaef5c8b59a55aa8a3
Author: Qiuyu Xiao <qiuyu.xiao.qyx at gmail.com>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M Documentation/automake.mk
M Documentation/index.rst
M Documentation/tutorials/index.rst
A Documentation/tutorials/ovn-ipsec.rst
A Documentation/tutorials/ovn-rbac.rst
M NEWS
Log Message:
-----------
Documentation: OVN RBAC and IPsec tutorial
This patch adds step-by-step guide for configuring OVN Role-Based Access
Control and IPsec.
Signed-off-by: Qiuyu Xiao <qiuyu.xiao.qyx at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 297a88c28d6d570a60911aeb86e03864fd57fd2a
https://github.com/openvswitch/ovs/commit/297a88c28d6d570a60911aeb86e03864fd57fd2a
Author: Ben Pfaff <blp at ovn.org>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M MAINTAINERS.rst
Log Message:
-----------
MAINTAINERS: Move Ethan to emeritus status.
Requested-by: Ethan J. Jackson <ejj at eecs.berkeley.edu>
Acked-by: Ethan J. Jackson <ejj at eecs.berkeley.edu>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 3d9ebcb153d446026139d17cf7d997199fc3b498
https://github.com/openvswitch/ovs/commit/3d9ebcb153d446026139d17cf7d997199fc3b498
Author: Ben Pfaff <blp at ovn.org>
Date: 2018-11-09 (Fri, 09 Nov 2018)
Changed paths:
M MAINTAINERS.rst
Log Message:
-----------
MAINTAINERS: Add Ian Stokes.
Ian was elected by the Open vSwitch committers on Nov. 9. Welcome to the
team, Ian!
Acked-by: Justin Pettit <jpettit at ovn.org>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: d5cc46e3d185dcd32e2ef099b2ce38e1a7f95eee
https://github.com/openvswitch/ovs/commit/d5cc46e3d185dcd32e2ef099b2ce38e1a7f95eee
Author: Timothy Redaelli <tredaelli at redhat.com>
Date: 2018-11-10 (Sat, 10 Nov 2018)
Changed paths:
M configure.ac
M ipsec/automake.mk
R ipsec/ovs-monitor-ipsec
A ipsec/ovs-monitor-ipsec.in
Log Message:
-----------
ipsec: Use @PYTHON@ directly instead of "/usr/bin/env python"
Using "/usr/bin/env" is against Fedora Packaging Guidelines [1].
Moreover, in this specific case, it also prevent "make rpm-fedora" to
successfully complete on "Fedora Rawhide" since "#!/usr/bin/env python"
must not be used anymore [2].
[1] https://fedoraproject.org/wiki/Packaging:Guidelines#Shebang_lines
[2] https://fedoraproject.org/wiki/Changes/Make_ambiguous_python_shebangs_error
CC: Qiuyu Xiao <qiuyu.xiao.qyx at gmail.com>
Fixes: 22c5eafb6efa ("ipsec: reintroduce IPsec support for tunneling")
Signed-off-by: Timothy Redaelli <tredaelli at redhat.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 00b82d6cc4760f2cc614f3e81f1c8eabcfdf9ef3
https://github.com/openvswitch/ovs/commit/00b82d6cc4760f2cc614f3e81f1c8eabcfdf9ef3
Author: Timothy Redaelli <tredaelli at redhat.com>
Date: 2018-11-10 (Sat, 10 Nov 2018)
Changed paths:
M ofproto/bond.c
Log Message:
-----------
bond: Remove executable bit from bond.c
In commit 90061ea7d1dd ("bond: Fix LACP fallback to active-backup when recirc
is enabled.") the file mode of bond.c accidentaly changed from 0644 to 0755.
This commit restores the previous file mode (0644) on bond.c.
CC: Ben Pfaff <blp at ovn.org>
Fixes: 90061ea7d1dd ("bond: Fix LACP fallback to active-backup when recirc is enabled.")
Acked-by: Flavio Leitner <fbl at sysclose.org>
Signed-off-by: Timothy Redaelli <tredaelli at redhat.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 87c7a35deb15f29ef6aad3e7b83bffd593d2d576
https://github.com/openvswitch/ovs/commit/87c7a35deb15f29ef6aad3e7b83bffd593d2d576
Author: Timothy Redaelli <tredaelli at redhat.com>
Date: 2018-11-10 (Sat, 10 Nov 2018)
Changed paths:
M lib/rtnetlink.h
Log Message:
-----------
rtnetlink: Remove executable bit from rtnetlink.h
In commit 135ee7ef362f ("rtnetlink: extend parser to include kind of master and
slave") the file mode of rtnetlink.h accidentaly changed from 0644 to 0755.
This commit restores the previous file mode (0644) on rtnetlink.h.
CC: John Hurley <john.hurley at netronome.com>
Fixes: 135ee7ef362f ("rtnetlink: extend parser to include kind of master and slave")
Acked-by: Flavio Leitner <fbl at sysclose.org>
Signed-off-by: Timothy Redaelli <tredaelli at redhat.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 2d37de73c11f5df6c933be5b734b812b61c24702
https://github.com/openvswitch/ovs/commit/2d37de73c11f5df6c933be5b734b812b61c24702
Author: Eelco Chaudron <echaudro at redhat.com>
Date: 2018-11-12 (Mon, 12 Nov 2018)
Changed paths:
M lib/netdev-dpdk.c
Log Message:
-----------
netdev-dpdk: Bring link down when NETDEV_UP is not set
When the netdev link flags are changed, !NETDEV_UP, the DPDK ports are not
actually going down. This is causing problems for people trying to bring
down a bond member. The bond link is no longer being used to receive or
transmit traffic, however, the other end keeps sending data as the link
remains up.
With OVS 2.6 the link was brought down, and this was changed with commit
3b1fb0779. In this commit, it's explicitly mentioned that the link down/up
DPDK APIs are not called as not all PMD devices support it.
However, this patch does call the appropriate DPDK APIs and ignoring
errors due to the PMD not supporting it. PMDs not supporting this should
be fixed in DPDK upstream.
I verified this patch is working correctly using the
ovs-appctl netdev-dpdk/set-admin-state <port> {up|down} and
ovs-ofctl mod-port <bridge> <port> {up|down} commands on a XL710
and 82599ES.
Fixes: 3b1fb0779b87 ("netdev-dpdk: Don't call rte_dev_stop() in update_flags().")
Signed-off-by: Eelco Chaudron <echaudro at redhat.com>
Acked-by: Flavio Leitner <fbl at sysclose.org>
Acked-by: Ilya Maximets <i.maximets at samsung.com>
Signed-off-by: Ian Stokes <ian.stokes at intel.com>
Commit: 0f582e4bb1e7f17075a725758c59e2c339d364a2
https://github.com/openvswitch/ovs/commit/0f582e4bb1e7f17075a725758c59e2c339d364a2
Author: Ilya Maximets <i.maximets at samsung.com>
Date: 2018-11-12 (Mon, 12 Nov 2018)
Changed paths:
M ovn/controller/pinctrl.c
Log Message:
-----------
pinctrl: Fix crash on buffered packets hmap double remove.
'destroy_buffered_packets()' removes the hmap node which was
already removed by 'HMAP_FOR_EACH_POP()' producing following
crash log:
Invalid read of size 8
at 0x134EDB: hmap_remove (hmap.h:287)
by 0x134EDB: destroy_buffered_packets (pinctrl.c:237)
by 0x13AB3B: destroy_buffered_packets_map (pinctrl.c:246)
by 0x13AB3B: pinctrl_destroy (pinctrl.c:1804)
by 0x12C0CF: main (ovn-controller.c:916)
Address 0x8 is not stack'd, malloc'd or (recently) free'd
Could be captured by check-valgrind on the following test:
'2720. ovn -- IP packet buffering'
Acked-by: Lorenzo Bianconi <lorenzo.bianconi at redhat.com>
Fixes: d7abfe39cfd2 ("OVN: add buffering support for ip packets")
Signed-off-by: Ilya Maximets <i.maximets at samsung.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 2b20cc51f47b52c9d3ea47868580c16be3938be6
https://github.com/openvswitch/ovs/commit/2b20cc51f47b52c9d3ea47868580c16be3938be6
Author: Ilya Maximets <i.maximets at samsung.com>
Date: 2018-11-12 (Mon, 12 Nov 2018)
Changed paths:
M ovn/controller/pinctrl.c
Log Message:
-----------
pinctrl: Fix dp_packet structure leak.
Buffered packets are always packets created by 'dp_packet_clone_data()'
i.e. they are malloced. It's not enough to free the packet data,
dp_packet structure must be freed too. 'dp_packet_delete()' will take
care of that.
Acked-by: Lorenzo Bianconi <lorenzo.bianconi at redhat.com>
Fixes: d7abfe39cfd2 ("OVN: add buffering support for ip packets")
Signed-off-by: Ilya Maximets <i.maximets at samsung.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 7e0240e0c300cac3ec0bc9bf24237629e13bbd21
https://github.com/openvswitch/ovs/commit/7e0240e0c300cac3ec0bc9bf24237629e13bbd21
Author: Ilya Maximets <i.maximets at samsung.com>
Date: 2018-11-12 (Mon, 12 Nov 2018)
Changed paths:
M ipsec/automake.mk
Log Message:
-----------
build: Clean up ovs-monitor-ipsec.
This fixes travis distcheck:
ERROR: files left in build directory after distclean:
./ipsec/ovs-monitor-ipsec
make[1]: *** [distcleancheck] Error 1
Acked-by: Timothy Redaelli <tredaelli at redhat.com>
Fixes: d5cc46e3d185 ("ipsec: Use @PYTHON@ directly instead of "/usr/bin/env python"")
Signed-off-by: Ilya Maximets <i.maximets at samsung.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 5163902527009ac82204fdadd143c2e86d479de8
https://github.com/openvswitch/ovs/commit/5163902527009ac82204fdadd143c2e86d479de8
Author: Timothy Redaelli <tredaelli at redhat.com>
Date: 2018-11-12 (Mon, 12 Nov 2018)
Changed paths:
M rhel/openvswitch-fedora.spec.in
Log Message:
-----------
rhel: Rename the IPsec package as openvswitch-ipsec
Currently the split package for ipsec is named
openvswitch-openvswitch-ipsec, but it should be named openvswitch-ipsec.
This commit changes the spec file in order to have the IPsec package as
openvswitch-ipsec instead of openvswitch-openvswitch-ipsec.
CC: Qiuyu Xiao <qiuyu.xiao.qyx at gmail.com>
Fixes: bdddc715358e ("debian and rhel: Create IPsec package.")
Signed-off-by: Timothy Redaelli <tredaelli at redhat.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 1d81117d89bf22ae569db64f6f12da0e05d6bb68
https://github.com/openvswitch/ovs/commit/1d81117d89bf22ae569db64f6f12da0e05d6bb68
Author: Timothy Redaelli <tredaelli at redhat.com>
Date: 2018-11-12 (Mon, 12 Nov 2018)
Changed paths:
A ipsec/.gitignore
Log Message:
-----------
gitignore: Ignore ovs-monitor-ipsec
Commit d5cc46e3d185 ("ipsec: Use @PYTHON@ directly instead of "/usr/bin/env
python"") introduced ovs-monitor-ipsec.in that generates
ovs-monitor-ipsec.
This commit adds ovs-monitor-ipsec to ipsec/.gitignore.
Fixes: d5cc46e3d185 ("ipsec: Use @PYTHON@ directly instead of "/usr/bin/env python"")
Signed-off-by: Timothy Redaelli <tredaelli at redhat.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 81b286609543a9feacf58371ba5edf5402281674
https://github.com/openvswitch/ovs/commit/81b286609543a9feacf58371ba5edf5402281674
Author: Timothy Redaelli <tredaelli at redhat.com>
Date: 2018-11-12 (Mon, 12 Nov 2018)
Changed paths:
M ipsec/automake.mk
M rhel/openvswitch-fedora.spec.in
Log Message:
-----------
ipsec: Install ovs-monitor-ipsec in script directory
In commit d5cc46e3d185 ("ipsec: Use @PYTHON@ directly instead of
"/usr/bin/env python"") ovs-monitor-ipsec is installed in bin directory,
but it's supposed to be installed in script directory.
This commit removes also the manual copy of "ovs-monitor-ipsec" in spec file
since it's installed directly in "make install".
Fixes: d5cc46e3d185 ("ipsec: Use @PYTHON@ directly instead of "/usr/bin/env python"")
Signed-off-by: Timothy Redaelli <tredaelli at redhat.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 262a07956fabfd8399a1bcf1d17e1c965013cf28
https://github.com/openvswitch/ovs/commit/262a07956fabfd8399a1bcf1d17e1c965013cf28
Author: Chris Mi <chrism at mellanox.com>
Date: 2018-11-13 (Tue, 13 Nov 2018)
Changed paths:
M lib/netdev-tc-offloads.c
Log Message:
-----------
netdev-tc-offloads: Delete ufid tc mapping in the right place
Currently, the ufid tc mapping is deleted in add_ufid_tc_mapping().
But if tc_replace_flower() failed, the old ufid tc mapping will not
be deleted. If another thread adds the same tc mapping successfully,
then there will be multiple mappings for the same ifindex, handle
and prio.
Fixes: 9116730db ("netdev-tc-offloads: Add ufid to tc/netdev map")
Signed-off-by: Chris Mi <chrism at mellanox.com>
Reviewed-by: Roi Dayan <roid at mellanox.com>
Signed-off-by: Simon Horman <simon.horman at netronome.com>
Commit: 039cf7d4d9b5e9cdf87b2732511f39cd55477bb6
https://github.com/openvswitch/ovs/commit/039cf7d4d9b5e9cdf87b2732511f39cd55477bb6
Author: Alin Gabriel Serdean <aserdean at ovn.org>
Date: 2018-11-15 (Thu, 15 Nov 2018)
Changed paths:
M tests/bridge.at
Log Message:
-----------
Tests: Fix test bridge - add port after stopping controller on Windows
On Windows the file which is used for the named pipe connection (`punix:file`)
is not deleted when the process is closed.
Try to delete the `controller` file and fail if we can't (on Windows you can't
delete a file if there still an opened handle to it).
Also add a check to see if the `ovs-testcontroller` was successfully started.
Signed-off-by: Alin Gabriel Serdean <aserdean at ovn.org>
Acked-by: Sairam Venugopal <vsairam at vmware.com>
Commit: 6e367a2095f1f61d46d55921aae17dced44d78d0
https://github.com/openvswitch/ovs/commit/6e367a2095f1f61d46d55921aae17dced44d78d0
Author: Ilya Maximets <i.maximets at samsung.com>
Date: 2018-11-15 (Thu, 15 Nov 2018)
Changed paths:
M Documentation/internals/contributing/coding-style.rst
Log Message:
-----------
coding-style: Remove redundant symbols from the examples.
Some backslashes was added while converting from .md to .rst.
These symbols are printable in both pdf and html docs and
should be removed.
CC: Stephen Finucane <stephen at that.guru>
Fixes: d124a408a4bc ("doc: Convert CodingStyle to rST")
Signed-off-by: Ilya Maximets <i.maximets at samsung.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 842ffc861bfd3ff880103dcb0ce7929b4b4446b3
https://github.com/openvswitch/ovs/commit/842ffc861bfd3ff880103dcb0ce7929b4b4446b3
Author: chrone <1284195+chrone81 at users.noreply.github.com>
Date: 2018-11-15 (Thu, 15 Nov 2018)
Changed paths:
M Documentation/faq/vlan.rst
Log Message:
-----------
faq: Fix typo in VLAN 9 configuration examples.
Fixed typo on the VLAN 9 configuration example where the device name should
be vlan9 instead of vlan0.
Signed-off-by: Charles Alva <charlesalva at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 308a079ea92dfda7e57b02d1d348fba0f55678da
https://github.com/openvswitch/ovs/commit/308a079ea92dfda7e57b02d1d348fba0f55678da
Author: Sairam Venugopal <vsairam at vmware.com>
Date: 2018-11-15 (Thu, 15 Nov 2018)
Changed paths:
M datapath-windows/ovsext/BufferMgmt.c
Log Message:
-----------
datapath-windows: Fix invalid reference in Buffermgmt.c
OVS_BUFFER_CONTEXT gets cleared as part of NdisFreeNetBufferListContext
function call. This causes an invalid reference error.
Found while testing with driver verifier enabled.
Signed-off-by: Sairam Venugopal <vsairam at vmware.com>
Acked-by: Anand Kumar <kumaranand at vmware.com>
Acked-by: Alin Gabriel Serdean <aserdean at ovn.org>
Signed-off-by: Alin Gabriel Serdean <aserdean at ovn.org>
Commit: 597177a283da64d432fc780cd5761521df0c30db
https://github.com/openvswitch/ovs/commit/597177a283da64d432fc780cd5761521df0c30db
Author: Ben Pfaff <blp at ovn.org>
Date: 2018-11-15 (Thu, 15 Nov 2018)
Changed paths:
M lib/pcap-file.c
Log Message:
-----------
pcap-file: Add support for Linux SLL formatted PCAP files.
Someone sent me one of these and OVS couldn't read it. This fixes the
problem.
Reviewed-by: Yifeng Sun <pkusunyifeng at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 0f3a7416b4b30abb5f7e3005712d4c4e3acc04b3
https://github.com/openvswitch/ovs/commit/0f3a7416b4b30abb5f7e3005712d4c4e3acc04b3
Author: Ben Pfaff <blp at ovn.org>
Date: 2018-11-15 (Thu, 15 Nov 2018)
Changed paths:
M include/openvswitch/meta-flow.h
M ovn/utilities/ovn-sbctl.8.in
M ovn/utilities/ovn-trace.8.xml
M vswitchd/vswitch.xml
Log Message:
-----------
docs: Fix cross-references that referred to discussions that have moved.
Reviewed-by: Yifeng Sun <pkusunyifeng at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 581d3bec7b8c714a98744b0b5f48dd7c7c4db037
https://github.com/openvswitch/ovs/commit/581d3bec7b8c714a98744b0b5f48dd7c7c4db037
Author: Yifeng Sun <pkusunyifeng at gmail.com>
Date: 2018-11-15 (Thu, 15 Nov 2018)
Changed paths:
M tests/oss-fuzz/ofctl_parse_target.c
Log Message:
-----------
oss-fuzz: Fix memory leak in ofctl_parse_flow
If parse_ofp_flow_mod_str returns no error, ofputil_flow_mod.match
contains allocated memory that should be free. This patch fixes it.
Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11343
Signed-off-by: Yifeng Sun <pkusunyifeng at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 33a3ee6b39acd9799301ec6cc0069bc9e4b4428b
https://github.com/openvswitch/ovs/commit/33a3ee6b39acd9799301ec6cc0069bc9e4b4428b
Author: Yifeng Sun <pkusunyifeng at gmail.com>
Date: 2018-11-15 (Thu, 15 Nov 2018)
Changed paths:
M lib/odp-util.c
Log Message:
-----------
odp-util: Add checking to prevent buffer overflow when parsing push_nsh
Previously, the buffer size of 'struct ofpbuf b' is less than the
size of 'char buf[512]', this could cause memory overflow of ofpbuf
when calling ofpbuf_put_hex. This patch fixes it.
Reported-at: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10865
Signed-off-by: Yifeng Sun <pkusunyifeng at gmail.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 713a45dbd55805007baf54ec2ea2978d1ae285fd
https://github.com/openvswitch/ovs/commit/713a45dbd55805007baf54ec2ea2978d1ae285fd
Author: Ben Pfaff <blp at ovn.org>
Date: 2018-11-15 (Thu, 15 Nov 2018)
Changed paths:
M lib/dpif-netlink.c
Log Message:
-----------
dpif-netlink: Fix error behavior in dpif_netlink_port_add__().
Until now, the code here would report an error to its caller as success.
This fixes the problem.
Found by inspection.
Acked-by: Alin Gabriel Serdean <aserdean at ovn.org>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 7f8d02a9ab0b49dced65b3d55a398a173108a1ee
https://github.com/openvswitch/ovs/commit/7f8d02a9ab0b49dced65b3d55a398a173108a1ee
Author: Ben Pfaff <blp at ovn.org>
Date: 2018-11-16 (Fri, 16 Nov 2018)
Changed paths:
M lib/pcap-file.c
Log Message:
-----------
pcap: Fix reading regular old Ethernet pcap files.
This broke the unit tests.
Fixes: 597177a283da ("pcap-file: Add support for Linux SLL formatted PCAP files.")
Acked-by: Alin Gabriel Serdean <aserdean at ovn.org>
Tested-by: Alin Gabriel Serdean <aserdean at ovn.org>
Reported-by: Alin Gabriel Serdean <aserdean at ovn.org>
Tested-by: Timothy Redaelli <tredaelli at redhat.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: b24f1e49b594796f917f282375876f841db8eaeb
https://github.com/openvswitch/ovs/commit/b24f1e49b594796f917f282375876f841db8eaeb
Author: Ilya Maximets <i.maximets at samsung.com>
Date: 2018-11-16 (Fri, 16 Nov 2018)
Changed paths:
M Documentation/internals/contributing/coding-style.rst
Log Message:
-----------
coding-style: Few visual enhancements for the document.
Some keywords and numbers highlighted. Added few spaces to
the examples.
Signed-off-by: Ilya Maximets <i.maximets at samsung.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: d240e46acac3a63c6bdd0ade159d7a556259f855
https://github.com/openvswitch/ovs/commit/d240e46acac3a63c6bdd0ade159d7a556259f855
Author: Alin Gabriel Serdean <aserdean at ovn.org>
Date: 2018-11-16 (Fri, 16 Nov 2018)
Changed paths:
M lib/dpif-netlink.c
Log Message:
-----------
Windows: Fix broken kernel userspace communication
Patch: https://github.com/openvswitch/ovs/commit/69c51582ff786a68fc325c1c50624715482bc460
broke Windows userpace - kernel communication.
On windows we create netlink sockets when the handlers are initiated and
reuse them.
This patch remaps the usage of the netlink socket pool.
Fixes:
https://github.com/openvswitch/ovs-issues/issues/164
Signed-off-by: Alin Gabriel Serdean <aserdean at ovn.org>
Acked-by: Shashank Ram <rams at vmware.com>
Tested-by: Shashank Ram <rams at vmware.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Co-authored-by: Ben Pfaff <blp at ovn.org>
Commit: 9a609f635457b08d641010e83e82327730cefeea
https://github.com/openvswitch/ovs/commit/9a609f635457b08d641010e83e82327730cefeea
Author: Ben Pfaff <blp at ovn.org>
Date: 2018-11-16 (Fri, 16 Nov 2018)
Changed paths:
M lib/pcap-file.c
Log Message:
-----------
pcap-file: Correctly format enum type.
The underlying type for an enum is somewhat unpredictable in that the
compiler and the ABI influence it. The format specifier I used here was
apparently correct for i386 on Linux but wrong for x86-64. It's better to
just use a cast.
Fixes: 597177a283da ("pcap-file: Add support for Linux SLL formatted PCAP files.")
Reported-by: Simon Horman <simon.horman at netronome.com>
Reviewed-by: Simon Horman <simon.horman at netronome.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
Commit: 1d0271ea49cba4147395cdfa4eea1066f6f2c9f7
https://github.com/openvswitch/ovs/commit/1d0271ea49cba4147395cdfa4eea1066f6f2c9f7
Author: Ian Stokes <ian.stokes at intel.com>
Date: 2018-11-16 (Fri, 16 Nov 2018)
Changed paths:
M Documentation/automake.mk
M Documentation/faq/qos.rst
M Documentation/faq/releases.rst
M Documentation/faq/vlan.rst
M Documentation/howto/index.rst
A Documentation/howto/ipsec.rst
M Documentation/index.rst
M Documentation/internals/contributing/coding-style.rst
M Documentation/intro/install/general.rst
M Documentation/tutorials/index.rst
A Documentation/tutorials/ipsec.rst
A Documentation/tutorials/ovn-ipsec.rst
A Documentation/tutorials/ovn-rbac.rst
M MAINTAINERS.rst
M Makefile.am
M NEWS
M configure.ac
M datapath-windows/ovsext/BufferMgmt.c
M datapath/linux/compat/geneve.c
M datapath/linux/compat/ip_gre.c
M debian/automake.mk
M debian/control
A debian/openvswitch-ipsec.dirs
A debian/openvswitch-ipsec.init
A debian/openvswitch-ipsec.install
M include/openvswitch/meta-flow.h
A ipsec/.gitignore
A ipsec/automake.mk
A ipsec/ovs-monitor-ipsec.in
M lib/dns-resolve.c
M lib/dpif-netlink.c
M lib/netdev-dpdk.c
M lib/netdev-tc-offloads.c
M lib/odp-util.c
M lib/pcap-file.c
M lib/rtnetlink.h
M ofproto/bond.c
M ofproto/ofproto.c
M ovn/controller/encaps.c
M ovn/controller/encaps.h
M ovn/controller/ovn-controller.c
M ovn/controller/pinctrl.c
M ovn/lib/actions.c
M ovn/northd/ovn-northd.c
M ovn/ovn-architecture.7.xml
M ovn/ovn-nb.ovsschema
M ovn/ovn-nb.xml
M ovn/ovn-sb.ovsschema
M ovn/ovn-sb.xml
M ovn/utilities/ovn-sbctl.8.in
M ovn/utilities/ovn-trace.8.xml
M rhel/automake.mk
M rhel/openvswitch-fedora.spec.in
A rhel/usr_lib_systemd_system_openvswitch-ipsec.service
M tests/bridge.at
M tests/odp.at
M tests/oss-fuzz/ofctl_parse_target.c
M utilities/ovs-ctl.in
M vswitchd/vswitch.xml
Log Message:
-----------
Merge branch 'master' of https://github.com/openvswitch/ovs into dpdk-latest
Compare: https://github.com/openvswitch/ovs/compare/270d9216f1ed...1d0271ea49cb
**NOTE:** This service has been marked for deprecation: https://developer.github.com/changes/2018-04-25-github-services-deprecation/
Functionality will be removed from GitHub.com on January 31st, 2019.
More information about the git
mailing list