[ovs-git] [openvswitch/ovs] faf665: rhel: Fix logrotate group when dpdk is enabled.
Ilya Maximets
noreply at github.com
Wed Sep 16 12:27:05 UTC 2020
Branch: refs/heads/branch-2.13
Home: https://github.com/openvswitch/ovs
Commit: faf6651357678bc04fc8ad7f2e916ad4d3e9aa34
https://github.com/openvswitch/ovs/commit/faf6651357678bc04fc8ad7f2e916ad4d3e9aa34
Author: Jaime Caamaño Ruiz <jcaamano at suse.com>
Date: 2020-09-15 (Tue, 15 Sep 2020)
Changed paths:
M rhel/openvswitch-fedora.spec.in
Log Message:
-----------
rhel: Fix logrotate group when dpdk is enabled.
Otherwise logrotate will fail to generate the rotated log files.
Signed-off-by: Jaime Caamaño Ruiz <jcaamano at suse.com>
Acked-by: Flavio Leitner <fbl at sysclose.org>
Signed-off-by: Ilya Maximets <i.maximets at ovn.org>
Commit: c38ebe8164089184f00594751d4240ab050b02d9
https://github.com/openvswitch/ovs/commit/c38ebe8164089184f00594751d4240ab050b02d9
Author: Flavio Leitner <fbl at sysclose.org>
Date: 2020-09-15 (Tue, 15 Sep 2020)
Changed paths:
M Documentation/topics/userspace-tso.rst
Log Message:
-----------
userspace-tso: Document the minimum kernel version.
The kernel needs to be at least 4.19-rc7 to include the commit
9d2f67e43b73 ("net/packet: fix packet drop as of virtio gso")
otherwise the TSO packets are dropped when using raw sockets.
Fixes: 29cf9c1b3b9c ("userspace: Add TCP Segmentation Offload support")
Reported-by: Yi Yang <yangyi01 at inspur.com>
Signed-off-by: Flavio Leitner <fbl at sysclose.org>
Signed-off-by: Ilya Maximets <i.maximets at ovn.org>
Commit: 90443bc5c61a07907a08ef97469e30dc4d290cec
https://github.com/openvswitch/ovs/commit/90443bc5c61a07907a08ef97469e30dc4d290cec
Author: William Tu <u9012063 at gmail.com>
Date: 2020-09-15 (Tue, 15 Sep 2020)
Changed paths:
M lib/classifier.c
Log Message:
-----------
classifier: Fix use of uninitialized value.
Coverity reports use of uninitialized value of cursor.
This happens in cls_cursor_start(), when rule is false,
cursor.subtable is uninitialized. CID 279324.
Signed-off-by: William Tu <u9012063 at gmail.com>
Reviewed-by: Greg Rose <gvrose8192 at gmail.com>
Signed-off-by: Ilya Maximets <i.maximets at ovn.org>
Commit: 183be08223d12284de122151e5b6ee8b73881503
https://github.com/openvswitch/ovs/commit/183be08223d12284de122151e5b6ee8b73881503
Author: Jaime Caamaño Ruiz <jcaamano at suse.com>
Date: 2020-09-15 (Tue, 15 Sep 2020)
Changed paths:
M rhel/usr_lib_systemd_system_ovsdb-server.service
Log Message:
-----------
rhel: Fix reload of OVS_USER_ID on startup.
OVS_USER_ID was being picked up from a previously existing
openvswitch.useropts rendering innefective any configuration change
through sysconfig.
There is no ordering between Exec* and Environment* stanzas of systemd,
full Enviroment* is always loaded before each Exec*. We make
sure that openvswitch.useropts is removed in a first Exec so that a
fresh OVS_USER_ID can be picked up from config in successive Exec*.
Fixes: 94e1e8b ("rhel: run ovn with the same user as ovs")
Signed-off-by: Jaime Caamaño Ruiz <jcaamano at suse.com>
Acked-by: Greg Rose <gvrose8192 at gmail.com>
Acked-by: Aaron Conole <aconole at redhat.com>
Signed-off-by: Ilya Maximets <i.maximets at ovn.org>
Commit: 9a6d26ea3037af3976cd8cbec6d5f269427d983b
https://github.com/openvswitch/ovs/commit/9a6d26ea3037af3976cd8cbec6d5f269427d983b
Author: Jaime Caamaño Ruiz <jcaamano at suse.com>
Date: 2020-09-16 (Wed, 16 Sep 2020)
Changed paths:
M NEWS
M lib/netdev-dpdk.c
Log Message:
-----------
netdev-dpdk: Don't set rx mq mode for net_virtio.
Since DPDK 19.11 [1], it is not allowed to set any RX mq mode for virtio
driver.
[1] https://github.com/DPDK/dpdk/commit/13b3137f3b7c8f866947a9b34e06a8aec0d084f7
Signed-off-by: Jaime Caamaño Ruiz <jcaamano at suse.com>
Acked-by: Flavio Leitner <fbl at sysclose.org>
Signed-off-by: Ilya Maximets <i.maximets at ovn.org>
Commit: 0cb432954ac6e36bc89376ce9af8d6a287a2e971
https://github.com/openvswitch/ovs/commit/0cb432954ac6e36bc89376ce9af8d6a287a2e971
Author: Yi-Hung Wei <yihung.wei at gmail.com>
Date: 2020-09-16 (Wed, 16 Sep 2020)
Changed paths:
M selinux/openvswitch-custom.te.in
Log Message:
-----------
selinux: Add missing permissions for ovs-kmod-ctl.
On RHEL 8, a SELinux policy is missing when ovs-kmod-ctl use modprobe
to load kernel modules. This patch adds the missing permissions based
on /var/log/audit/audit.log
Example log of the AVC violations:
type=AVC msg=audit(1599075387.136:65): avc: denied { read } for
pid=1472 comm="modprobe" name="modules.alias.bin" dev="dm-0" ino=586629
scontext=system_u:system_r:openvswitch_load_module_t:s0
tcontext=system_u:object_r:modules_dep_t:s0 tclass=file permissive=0
type=AVC msg=audit(1599085253.148:45): avc: denied { open } for pid=1355
comm="modprobe" path="/usr/lib/modules/4.18.0-193.el8.x86_64/modules.dep.bin"
dev="dm-0" ino=624258 scontext=system_u:system_r:openvswitch_load_module_t:s0
tcontext=unconfined_u:object_r:modules_dep_t:s0 tclass=file permissive=0
VMWare-BZ: #2633569
Signed-off-by: Yi-Hung Wei <yihung.wei at gmail.com>
Acked-by: Greg Rose <gvrose8192 at gmail.com>
Acked-by: Ansis Atteka <aatteka at ovn.org>
Signed-off-by: Ilya Maximets <i.maximets at ovn.org>
Commit: 610dfdc63d5b6a07227cd78341eb1dcd2be3ec63
https://github.com/openvswitch/ovs/commit/610dfdc63d5b6a07227cd78341eb1dcd2be3ec63
Author: Ilya Maximets <i.maximets at ovn.org>
Date: 2020-09-16 (Wed, 16 Sep 2020)
Changed paths:
M .cirrus.yml
Log Message:
-----------
cirrus: Use FreeBSD 11.4.
Support cycle of 11.3 ends in the end of September 2020,
so we need to upgrade.
Signed-off-by: Ilya Maximets <i.maximets at ovn.org>
Acked-by: Aaron Conole <aconole at redhat.com>
Commit: 3c2b1915d21c809e93f3557b8c86b47e7a53c304
https://github.com/openvswitch/ovs/commit/3c2b1915d21c809e93f3557b8c86b47e7a53c304
Author: Boleslaw Tokarski <boleslaw.tokarski at jollamobile.com>
Date: 2020-09-16 (Wed, 16 Sep 2020)
Changed paths:
M NEWS
M ipsec/ovs-monitor-ipsec.in
Log Message:
-----------
ipsec: Fix Strongswan configuration syntax.
Strongswan seems to have .opt files in the source tree with the dotted
option syntax. It seems that up until version 5.6, the syntax was also
accepted by Strongswan.
However, the .opt files are converted to .conf files during Strongswan
build, and the dotted syntax is no longer accepted by Strongswan (tested
on 5.8.2).
The effect was that the ovs ipsec monitor fails to start Strongswan,
since that complains with:
/etc/strongswan.d/ovs.conf:4: syntax error, unexpected ., expecting : or '{' or '=' [.]
This commit fixes the configuration file provided to Strongswan to .conf
syntax.
Signed-off-by: Boleslaw Tokarski <boleslaw.tokarski at jollamobile.com>
Signed-off-by: Ilya Maximets <i.maximets at ovn.org>
Compare: https://github.com/openvswitch/ovs/compare/4d6846d4d8f6...3c2b1915d21c
More information about the git
mailing list