<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/meta-virtualization.git/recipes-networking/openvswitch, branch master-nxt</title>
<subtitle>Mirror of git.yoctoproject.org/meta-virtualization</subtitle>
<id>https://git.enea.com/cgit/linux/meta-virtualization.git/atom?h=master-nxt</id>
<link rel='self' href='https://git.enea.com/cgit/linux/meta-virtualization.git/atom?h=master-nxt'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-virtualization.git/'/>
<updated>2021-11-02T13:57:03+00:00</updated>
<entry>
<title>global: convert github SRC_URIs to use https protocol</title>
<updated>2021-11-02T13:57:03+00:00</updated>
<author>
<name>Bruce Ashfield</name>
<email>bruce.ashfield@gmail.com</email>
</author>
<published>2021-11-02T13:24:33+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-virtualization.git/commit/?id=0a7ae8bc50208a7409198a8e92c4ce4afb2b5ed3'/>
<id>urn:sha1:0a7ae8bc50208a7409198a8e92c4ce4afb2b5ed3</id>
<content type='text'>
github is removing git:// access, and fetches will start experiencing
interruptions in service, and eventually will fail completely.

bitbake will also begin to warn on github src_uri's that don't use
https. So we convert the meta-virt instances to use protocol=https
(done using the oe-core contrib conversion script)

Signed-off-by: Bruce Ashfield &lt;bruce.ashfield@gmail.com&gt;
</content>
</entry>
<entry>
<title>ovs: update to 2.15.1</title>
<updated>2021-10-01T02:39:24+00:00</updated>
<author>
<name>Bruce Ashfield</name>
<email>bruce.ashfield@gmail.com</email>
</author>
<published>2021-10-01T02:34:03+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-virtualization.git/commit/?id=d5c5ad4fe8c2ca48fbcde317d1e63bdb7b27a14b'/>
<id>urn:sha1:d5c5ad4fe8c2ca48fbcde317d1e63bdb7b27a14b</id>
<content type='text'>
We drop a previously backported patch, and bump to version v2.15.1-30-gf8274b78c, which comprises the following commits:

    f8274b78c datapath-windows:adjust Offset when processing packet in POP_VLAN action
    a2f860aa2 cirrus: Reduce memory requirements for FreeBSD VMs.
    7788f1579 netdev-linux: Fix a null pointer dereference in netdev_linux_notify_sock().
    dd32deba6 pcap-file: Fix memory leak in ovs_pcap_open().
    9f2f66c8e odp-util: Fix a null pointer dereference in odp_flow_format().
    02b0c265c odp-util: Fix a null pointer dereference in odp_nsh_key_from_attr__().
    031eff456 netdev-dpdk: Fix RSS configuration for virtio.
    09cd9570d ipf: Fix only nat the first fragment in the reass process.
    ef8ca3e19 dpif-netdev: Fix crash when PACKET_OUT is metered.
    d3ff41d60 tc: Set action flags for tunnel_key release.
    079a4de72 netlink-socket: Replace error with txn-&gt;error when logging nacked transactions.
    f8cc5aa35 dynamic-string: Fix a crash in ds_clone().
    64d1bba91 dpif-netdev: fix memory leak in dpcls subtable set command
    90b219275 dpif-netdev: Do not flush PMD offloads on reload.
    b29b04f85 dpif-netdev: Fix offloads of modified flows.
    1d0b89ea7 dpif-netdev: Fix flow modification after failure.
    8d84a4b16 netdev-offload-dpdk: Fix IPv6 rewrite cast-align warning.
    f3f7849cb daemon-unix: Fix leak of a fork error message.
    8aa0f0374 ovsdb-cs: Perform forced reconnects without a backoff.
    ee4e034dc datapath-windows:Correct checksum for DNAT action
    72132a940 bond: Fix broken rebalancing after link state changes.
    aa84cfe25 dpif-netlink: Fix report_loss() message.
    aec05f7cd ovsdb-server: Fix memleak when failing to read storage.
    05bdf11fc conntrack: Init hash basis first at creation.
    94e3b9d9c netdev-linux: Ignore TSO packets when TSO is not enabled for userspace.
    842bfb899 conntrack: Handle already natted packets.
    ab873c1af conntrack: Document all-zero IP SNAT behavior and add a test case.
    86d6a9ee1 python: Fix Idl.run change_seqno update.
    1ba0c8365 bridge: Use correct (legacy) role names in database.
    7e5293ea5 Prepare for 2.15.2.
    b855bbc32 Set release date for 2.15.1.
    007a4f48f dpif-netdev: Apply subtable-lookup-prio-set on any datapath.
    c93358a56 netlink: removed incorrect optimization
    31626579f ovs-actions.xml: Add missing bracket.
    30596ec27 netdev-offload-tc: Use nl_msg_put_flag for OVS_TUNNEL_KEY_ATTR_CSUM.
    728980291 conntrack: Increment coverage counter for all bad checksum cases.
    881d71ea2 datapath-windows: Specify external include paths
    934668c29 Remove Python 2 leftovers.
    aaa596705 ipf: Fix a use-after-free error, and remove the 'do_not_steal' flag.
    bc0aa785a ovsdb-idl: Fix the database update signaling if it has never been connected.
    559426d2b ofproto: Fix potential NULL dereference in ofproto_ct_*_zone_timeout_policy().
    f31070e27 ofproto: Fix potential NULL dereference in ofproto_get_datapath_cap().
    8995d5311 dpif-netlink: Fix send of uninitialized memory in ct limit requests.
    0c056891c ofproto-dpif: Fix use of uninitialized attributes of timeout policy.
    121a67cad netdev-linux: Fix use of uninitialized LAG master name.
    5f27ff1cf ofp_actions: Fix set_mpls_tc formatting.
    e87adce83 dpif-netdev: Remove meter rate from the bucket size calculation.
    a3ee3258e ovs-ofctl: Fix coredump when using "add-groups" command.
    c5d2a6275 raft: Transfer leadership before creating snapshots.
    553d52392 ovsdb-cs: Consider all tables when computing expected cond seqno.
    8d0aebcc4 dpdk: Use DPDK 20.11.1 release.
    21452722b github: Fix up malformed /etc/hosts.
    90d1984b9 doc: automake: Add support for sphinx 4.0.
    38a8bed70 cirrus: Look up existing versions of python dependencies.
    255c38c74 ofp-group: Use big-enough buffer in ofputil_format_group().
    f2c0744d2 ofproto/ofproto-dpif-sflow: Check sflow agent in case of race
    ab157ef34 dpif: Fix use of uninitialized execute hash.
    b1fded020 odp-util: Fix use of uninitialized erspan metadata.
    f473ee568 dpif-netlink: Fix using uninitialized info.tc_modify_flow_deleted in out label.
    2721606bd netdev-offload-tc: Probe for support for any of the ct_state flags.
    091bc48d9 compat: Add ct_state flags definitions.
    1307e90e3 Add test cases for ingress_policing parameters
    d184c6ce6 netdev-linux: correct unit of burst parameter
    cab998e50 ipsec: Fix IPv6 default route support for Libreswan.
    b9ab7827e ovsdb-idl: Mark arc sources as updated when destination is deleted.
    c82d2e3fb ovsdb-idl: Preserve references for deleted rows.
    9a24ecbc2 ovsdb-idl.at: Make test outputs more predictable.
    8d71feb1b ovs-ofctl: Fix segfault due to bad meter n_bands.
    3a716b1d9 dpif-netdev: Refactor and fix the buckets calculation.
    73ece9c87 dpif-netdev: Fix the meter buckets overflow.
    d5dc16670 python: Send notifications after the transaction ends.
    556e65e17 ovs-ctl: Allow recording hostname separately.
    3982aee45 dpif-netdev: Fix crash when add dp flow without in_port field.
    02096f1b3 Documentation: Fix DPDK qos example.
    8f1dda316 raft: Report disconnected in cluster/status if candidate retries election.
    79e9749da raft: Reintroduce jsonrpc inactivity probes.
    2e84a4adb ovsdb-cs: Fix use-after-free for the request id.
    d2c311dce connmgr: Check nullptr inside ofmonitor_report().
    7307af690 ovsdb-client: Fix needs-conversion when SERVER is explicitly specified.
    2a7a63571 windows, tests: Modify service test.
    9b48549c6 netdev-linux: Fix indentation.
    861a9f3b4 ofproto-dpif-upcall: Fix ukey leak on udpif destroy.
    339044c3c ci: Use parallel build for distcheck.
    38744b1bc ofp-actions: Fix use-after-free while decoding RAW_ENCAP.
    33abe6c05 Prepare for 2.15.1.
    8dc1733ea Set release date for 2.15.0.

Signed-off-by: Bruce Ashfield &lt;bruce.ashfield@gmail.com&gt;
</content>
</entry>
<entry>
<title>ovs: add upstream-status to CVE patch</title>
<updated>2021-09-16T22:05:13+00:00</updated>
<author>
<name>Bruce Ashfield</name>
<email>bruce.ashfield@gmail.com</email>
</author>
<published>2021-09-16T22:05:13+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-virtualization.git/commit/?id=e250a8940a6f088287019fb89a82784844241e8b'/>
<id>urn:sha1:e250a8940a6f088287019fb89a82784844241e8b</id>
<content type='text'>
The patch file itself is missing an upstream-status, so we add it here.

Signed-off-by: Bruce Ashfield &lt;bruce.ashfield@gmail.com&gt;
</content>
</entry>
<entry>
<title>openvswitch: fix CVE-2021-36980</title>
<updated>2021-09-16T22:04:28+00:00</updated>
<author>
<name>Zqiang</name>
<email>qiang.zhang@windriver.com</email>
</author>
<published>2021-09-10T03:21:04+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-virtualization.git/commit/?id=15388c440d6792592f7d0cdeea1a3f15bda414e5'/>
<id>urn:sha1:15388c440d6792592f7d0cdeea1a3f15bda414e5</id>
<content type='text'>
Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has
a use-after-free in decode_NXAST_RAW_ENCAP (called from
ofpact_decode and ofpacts_decode) during the decoding of
a RAW_ENCAP action.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2021-36980

Patches from:
https://github.com/openvswitch/ovs/commit/65c61b0c23a0d474696d7b1cea522a5016a8aeb3

Signed-off-by: Zqiang &lt;qiang.zhang@windriver.com&gt;
Signed-off-by: Bruce Ashfield &lt;bruce.ashfield@gmail.com&gt;
</content>
</entry>
<entry>
<title>global: overrides syntax conversion</title>
<updated>2021-08-02T21:17:53+00:00</updated>
<author>
<name>Bruce Ashfield</name>
<email>bruce.ashfield@gmail.com</email>
</author>
<published>2021-07-28T18:22:43+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-virtualization.git/commit/?id=d876cfc5bfafa516dee55d04b50b319a22165640'/>
<id>urn:sha1:d876cfc5bfafa516dee55d04b50b319a22165640</id>
<content type='text'>
OEcore/bitbake are moving to use the clearer ":" as an overrides
separator.

This is pass one of updating the meta-virt recipes to use that
syntax.

This has only been minimally build/runtime tested, more changes
will be required for missed overrides, or incorrect conversions

Note: A recent bitbake is required:

    commit 75fad23fc06c008a03414a1fc288a8614c6af9ca
    Author: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
    Date:   Sun Jul 18 12:59:15 2021 +0100

        bitbake: data_smart/parse: Allow ':' characters in variable/function names

        It is becomming increasingly clear we need to find a way to show what
        is/is not an override in our syntax. We need to do this in a way which
        is clear to users, readable and in a way we can transition to.

        The most effective way I've found to this is to use the ":" charater
        to directly replace "_" where an override is being specified. This
        includes "append", "prepend" and "remove" which are effectively special
        override directives.

        This patch simply adds the character to the parser so bitbake accepts
        the value but maps it back to "_" internally so there is no behaviour
        change.

        This change is simple enough it could potentially be backported to older
        version of bitbake meaning layers using the new syntax/markup could
        work with older releases. Even if other no other changes are accepted
        at this time and we don't backport, it does set us on a path where at
        some point in future we could
        require a more explict syntax.

        I've tested this patch by converting oe-core/meta-yocto to the new
        syntax for overrides (9000+ changes) and then seeing that builds
        continue to work with this patch.

        (Bitbake rev: 0dbbb4547cb2570d2ce607e9a53459df3c0ac284)

        Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;

Signed-off-by: Bruce Ashfield &lt;bruce.ashfield@gmail.com&gt;
</content>
</entry>
<entry>
<title>openvswitch: fix clobbered SRC_URI</title>
<updated>2021-04-09T13:47:14+00:00</updated>
<author>
<name>Bruce Ashfield</name>
<email>bruce.ashfield@gmail.com</email>
</author>
<published>2021-04-09T13:47:14+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-virtualization.git/commit/?id=3124f23254045209974337a20e8f51aadbc5c403'/>
<id>urn:sha1:3124f23254045209974337a20e8f51aadbc5c403</id>
<content type='text'>
commit 1b83c21436b2 [openvswitch: Fix build with musl libc] mistakenly
copies common files and then clobbers the SRC_URI.

While we could drop the SRC_URI components from the .inc now that we
only have one active version in master (_git), we avoid that for now,
since it is possible that a LTS version will be introduced in future
cycles.

So to fix the oddity, we drop the common components from the _git
SRC_URI and append versus clobber.

Signed-off-by: Bruce Ashfield &lt;bruce.ashfield@gmail.com&gt;
</content>
</entry>
<entry>
<title>openvswitch: uprev from 2.13 to 2.15</title>
<updated>2021-03-12T03:33:29+00:00</updated>
<author>
<name>Zqiang</name>
<email>qiang.zhang@windriver.com</email>
</author>
<published>2021-03-11T08:50:50+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-virtualization.git/commit/?id=415fd5eb2c5556a3ff21993c7857e11bcec3f237'/>
<id>urn:sha1:415fd5eb2c5556a3ff21993c7857e11bcec3f237</id>
<content type='text'>
- OVSDB:
     * Changed format in which ovsdb transactions are stored in database files.
       Now each transaction contains diff of data instead of the whole new
       value of a column.
       New ovsdb-server process will be able to read old database format, but
       old processes will *fail* to read database created by the new one.
       For cluster and active-backup service models follow upgrade instructions
       in 'Upgrading from version 2.14 and earlier to 2.15 and later' section
       of ovsdb(7).
     * New unixctl command 'ovsdb-server/get-db-storage-status' to show the
       status of the storage that's backing a database.
     * New unixctl command 'ovsdb-server/memory-trim-on-compaction on|off'.
       If turned on, ovsdb-server will try to reclaim all the unused memory
       after every DB compaction back to OS.  Disabled by default.
     * Maximum backlog on RAFT connections limited to 500 messages or 4GB.
       Once threshold reached, connection is dropped (and re-established).
       Use the 'cluster/set-backlog-threshold' command to change limits.
- DPDK:
     * Removed support for vhost-user dequeue zero-copy.
     * Add support for DPDK 20.11.
- Userspace datapath:
     * Add the 'pmd' option to "ovs-appctl dpctl/dump-flows", which
       restricts a flow dump to a single PMD thread if set.
     * New 'options:dpdk-vf-mac' field for DPDK interface of VF ports,
       that allows configuring the MAC address of a VF representor.
     * Add generic IP protocol support to conntrack. With this change, all
       none UDP, TCP, and ICMP traffic will be treated as general L3
       traffic, i.e. using 3 tupples.
     * Add parameters 'pmd-auto-lb-load-threshold' and
       'pmd-auto-lb-improvement-threshold' to configure PMD auto load balance
        behaviour.
- The environment variable OVS_UNBOUND_CONF, if set, is now used
     as the DNS resolver's (unbound) configuration file.
- Linux datapath:
     * Support for kernel versions up to 5.8.x.
- Terminology:
     * The terms "master" and "slave" have been replaced by "primary" and
       "secondary", respectively, for OpenFlow connection roles.
     * The term "slave" has been replaced by "member", for bonds, LACP, and
       OpenFlow bundle actions.
- Support for GitHub Actions based continuous integration builds has been
     added.
- Bareudp Tunnel
     * Bareudp device support is present in linux kernel from version 5.7
     * Kernel bareudp device is not backported to ovs tree.
     * Userspace datapath support is not added
- ovs-dpctl and 'ovs-appctl dpctl/':
     * New commands '{add,mod,del}-flows' where added, which allow adding,
       deleting, or modifying flows based on information read from a file.
- IPsec:
     * Add option '--no-cleanup' to allow ovs-monitor-ipsec to stop without
       tearing down IPsec tunnels.
     * Add option '--no-restart-ike-daemon' to allow ovs-monitor-ipsec to start
       without restarting ipsec daemon.
- Building the Linux kernel module from the OVS source tree is deprecated
     * Support for the Linux kernel is capped at version 5.8
     * Only bug fixes for the Linux OOT kernel module will be accepted.
     * The Linux kernel module will be fully removed from the OVS source tree
       in OVS branch 2.18

fix some do_patch error about local patch.

Signed-off-by: Zqiang &lt;qiang.zhang@windriver.com&gt;
Signed-off-by: Bruce Ashfield &lt;bruce.ashfield@gmail.com&gt;
</content>
</entry>
<entry>
<title>openvswitch: set CVE_VERSION</title>
<updated>2021-03-05T03:45:17+00:00</updated>
<author>
<name>Chen Qi</name>
<email>Qi.Chen@windriver.com</email>
</author>
<published>2021-02-26T01:43:56+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-virtualization.git/commit/?id=c9e13cce13f817641f6938a85c4609c30741db2d'/>
<id>urn:sha1:c9e13cce13f817641f6938a85c4609c30741db2d</id>
<content type='text'>
CVE entries are using version 2.xx.xx, our PV is 2.13+xxx, this causes
problem for CVE detection. So we need to set a CVE_VERSION for better
CVE scanning.

Signed-off-by: Chen Qi &lt;Qi.Chen@windriver.com&gt;
Signed-off-by: Bruce Ashfield &lt;bruce.ashfield@gmail.com&gt;
</content>
</entry>
<entry>
<title>openvswitch: use /run instead of /var/run in systemd service file</title>
<updated>2020-10-28T03:24:47+00:00</updated>
<author>
<name>Chen Qi</name>
<email>Qi.Chen@windriver.com</email>
</author>
<published>2020-10-20T06:59:28+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-virtualization.git/commit/?id=28cca9a78e91adc800e079588797df4cf82a378b'/>
<id>urn:sha1:28cca9a78e91adc800e079588797df4cf82a378b</id>
<content type='text'>
/var/run has been deprecated by systemd, so use /run instead,
as suggested by systemd.

Signed-off-by: Chen Qi &lt;Qi.Chen@windriver.com&gt;
Signed-off-by: Bruce Ashfield &lt;bruce.ashfield@gmail.com&gt;
</content>
</entry>
<entry>
<title>openvswitch-git: refresh patch to fix patch-fuzz warning</title>
<updated>2020-03-02T20:05:18+00:00</updated>
<author>
<name>Changqing Li</name>
<email>changqing.li@windriver.com</email>
</author>
<published>2020-03-02T03:32:26+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/meta-virtualization.git/commit/?id=51033bce0121dacf592078efa6d1e43c129c1d93'/>
<id>urn:sha1:51033bce0121dacf592078efa6d1e43c129c1d93</id>
<content type='text'>
Signed-off-by: Changqing Li &lt;changqing.li@windriver.com&gt;
Signed-off-by: Bruce Ashfield &lt;bruce.ashfield@gmail.com&gt;
</content>
</entry>
</feed>
