commit ce26d5f3b37dccdf93c5f7bfdf1b30fc8b4c4cf2 Author: overweight <5324761+overweight@user.noreply.gitee.com> Date: Mon Sep 30 11:11:00 2019 -0400 Package init diff --git a/datapath-fix-conntrack-count-related-compiliation-error.patch b/datapath-fix-conntrack-count-related-compiliation-error.patch new file mode 100644 index 0000000..8753e59 --- /dev/null +++ b/datapath-fix-conntrack-count-related-compiliation-error.patch @@ -0,0 +1,71 @@ +From 340aa575edb1c2eb993b0c5f46753a9aed4a02aa Mon Sep 17 00:00:00 2001 +From: Yifeng Sun +Date: Fri, 10 May 2019 12:30:11 -0700 +Subject: [PATCH] datapath: Fix conntrack_count related compilation errors + +This patch fixes the compilation errors of OVS on 4.19+ kernels. + +Tested-by: Greg Rose +Reviewed-by: Greg Rose +Acked-by: Yi-Hung Wei +Signed-off-by: Yifeng Sun +Signed-off-by: Ben Pfaff +--- + datapath/linux/compat/include/net/netfilter/nf_conntrack_count.h | 4 ++-- + datapath/linux/compat/nf_conncount.c | 6 +++++- + 2 files changed, 7 insertions(+), 3 deletions(-) + +diff --git a/datapath/linux/compat/include/net/netfilter/nf_conntrack_count.h b/datapath/linux/compat/include/net/netfilter/nf_conntrack_count.h +index fd536f3..6140173 100644 +--- a/datapath/linux/compat/include/net/netfilter/nf_conntrack_count.h ++++ b/datapath/linux/compat/include/net/netfilter/nf_conntrack_count.h +@@ -2,6 +2,8 @@ + #define _NF_CONNTRACK_COUNT_WRAPPER_H + + #include ++#include ++#include + + #ifdef HAVE_UPSTREAM_NF_CONNCOUNT + #include_next +@@ -16,8 +18,6 @@ static inline void rpl_nf_conncount_modexit(void) + } + + #else +-#include +-#include + #define CONFIG_NETFILTER_CONNCOUNT 1 + struct nf_conncount_data; + +diff --git a/datapath/linux/compat/nf_conncount.c b/datapath/linux/compat/nf_conncount.c +index 0bee962..4338458 100644 +--- a/datapath/linux/compat/nf_conncount.c ++++ b/datapath/linux/compat/nf_conncount.c +@@ -13,6 +13,8 @@ + * only ignore TIME_WAIT or gone connections + * (C) CC Computer Consultants GmbH, 2007 + */ ++ #ifndef HAVE_UPSTREAM_NF_CONNCOUNT ++ + #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt + #include + #include +@@ -138,7 +140,7 @@ static bool conn_free(struct nf_conncount_list *list, + + if (list->count == 0) { + spin_unlock(&list->list_lock); +- return free_entry; ++ return free_entry; + } + + list->count--; +@@ -635,3 +637,5 @@ void rpl_nf_conncount_modexit(void) + kmem_cache_destroy(conncount_conn_cachep); + kmem_cache_destroy(conncount_rb_cachep); + } ++ ++#endif /* HAVE_UPSTREAM_NF_CONNCOUNT */ +\ No newline at end of file +-- +2.14.1 + diff --git a/datapath-handle-removal-of-.h-file-nf-conntrack-l3proto.patch b/datapath-handle-removal-of-.h-file-nf-conntrack-l3proto.patch new file mode 100644 index 0000000..4a2362d --- /dev/null +++ b/datapath-handle-removal-of-.h-file-nf-conntrack-l3proto.patch @@ -0,0 +1,50 @@ +From 945d6d1c119af9e720c28fdfe3e303bfde0b29da Mon Sep 17 00:00:00 2001 +From: Yifeng Sun +Date: Fri, 10 May 2019 12:30:08 -0700 +Subject: [PATCH] datapath: Handle removal of nf_conntrack_l3proto.h + +Upstream kernel commit a0ae2562 ("netfilter: conntrack: remove l3proto +abstraction") removed header file net/netfilter/nf_conntrack_l3proto.h. +This patch detects it and fixes compilation errors of OVS on 4.19+ kernels. + +Tested-by: Greg Rose +Reviewed-by: Greg Rose +Acked-by: Yi-Hung Wei +Signed-off-by: Yifeng Sun +Signed-off-by: Ben Pfaff +--- + acinclude.m4 | 3 +++ + datapath/linux/compat/nf_conntrack_proto.c | 2 ++ + 2 files changed, 5 insertions(+) + +diff --git a/acinclude.m4 b/acinclude.m4 +index 6c8f970..d664450 100644 +--- a/acinclude.m4 ++++ b/acinclude.m4 +@@ -949,6 +949,9 @@ AC_DEFUN([OVS_CHECK_LINUX_COMPAT], [ + OVS_FIND_FIELD_IFELSE([$KSRC/include/net/inet_frag.h], [inet_frags], + [rnd], + [OVS_DEFINE([HAVE_INET_FRAGS_RND])]) ++ OVS_GREP_IFELSE([$KSRC/include/net/netfilter/nf_conntrack_l3proto.h], ++ [nf_conntrack_l3proto], ++ [OVS_DEFINE([HAVE_NF_CONNTRACK_L3PROATO_H])]) + + if cmp -s datapath/linux/kcompat.h.new \ + datapath/linux/kcompat.h >/dev/null 2>&1; then +diff --git a/datapath/linux/compat/nf_conntrack_proto.c b/datapath/linux/compat/nf_conntrack_proto.c +index 4ac66f6..fe291db 100644 +--- a/datapath/linux/compat/nf_conntrack_proto.c ++++ b/datapath/linux/compat/nf_conntrack_proto.c +@@ -1,7 +1,9 @@ + #include + + #include ++#ifdef HAVE_NF_CONNTRACK_L3PROATO_H + #include ++#endif + + /* + * Upstream net-next commmit 7e35ec0e8044 +-- +2.14.1 + diff --git a/datapath-support-kernel-version-4-19-and-4-20.patch b/datapath-support-kernel-version-4-19-and-4-20.patch new file mode 100644 index 0000000..052d7d5 --- /dev/null +++ b/datapath-support-kernel-version-4-19-and-4-20.patch @@ -0,0 +1,74 @@ +From d58b59c17c70137aebdde37d3c01c26a26b28519 Mon Sep 17 00:00:00 2001 +From: Yifeng Sun +Date: Fri, 10 May 2019 12:30:14 -0700 +Subject: [PATCH] datapath: Support kernel version 4.19.x and 4.20.x + +This patch updated acinclude.m4 so that OVS can be compiled on 4.19.x +and 4.20.x kernels. +This patch also updated travis files so that latest kernel versions +are used during travis test builds. + +Tested-by: Greg Rose +Reviewed-by: Greg Rose +Acked-by: Yi-Hung Wei +Signed-off-by: Yifeng Sun +Signed-off-by: Ben Pfaff +--- + .travis.yml | 18 ++++++++++-------- + acinclude.m4 | 4 ++-- + 2 files changed, 12 insertions(+), 10 deletions(-) + +diff --git a/.travis.yml b/.travis.yml +index 15c085d..765692f 100644 +--- a/.travis.yml ++++ b/.travis.yml +@@ -31,19 +31,21 @@ env: + - TESTSUITE=1 KERNEL=3.16.54 + - TESTSUITE=1 OPTS="--enable-shared" + - BUILD_ENV="-m32" OPTS="--disable-ssl" +- - KERNEL=3.16.54 DPDK=1 +- - KERNEL=3.16.54 DPDK=1 OPTS="--enable-shared" +- - KERNEL=3.16.54 DPDK_SHARED=1 +- - KERNEL=3.16.54 DPDK_SHARED=1 OPTS="--enable-shared" ++ - KERNEL=3.16.65 DPDK=1 OPTS="--enable-shared" ++ - KERNEL=3.16.65 TESTSUITE=1 DPDK=1 ++ - KERNEL=3.16.65 DPDK_SHARED=1 ++ - KERNEL=3.16.65 DPDK_SHARED=1 OPTS="--enable-shared" ++ - KERNEL=4.20.17 ++ - KERNEL=4.19.37 + - KERNEL=4.18.20 + - KERNEL=4.17.19 + - KERNEL=4.16.18 + - KERNEL=4.15.18 +- - KERNEL=4.14.63 +- - KERNEL=4.9.149 +- - KERNEL=4.4.148 ++ - KERNEL=4.14.114 ++ - KERNEL=4.9.171 ++ - KERNEL=4.4.179 + - KERNEL=3.19.8 +- - KERNEL=3.16.57 ++ - KERNEL=3.16.65 + - TESTSUITE=1 LIBS=-ljemalloc + + matrix: +diff --git a/acinclude.m4 b/acinclude.m4 +index 9d6b682..6c8f970 100644 +--- a/acinclude.m4 ++++ b/acinclude.m4 +@@ -151,10 +151,10 @@ AC_DEFUN([OVS_CHECK_LINUX], [ + AC_MSG_RESULT([$kversion]) + + if test "$version" -ge 4; then +- if test "$version" = 4 && test "$patchlevel" -le 18; then ++ if test "$version" = 4 && test "$patchlevel" -le 20; then + : # Linux 4.x + else +- AC_ERROR([Linux kernel in $KBUILD is version $kversion, but version newer than 4.18.x is not supported (please refer to the FAQ for advice)]) ++ AC_ERROR([Linux kernel in $KBUILD is version $kversion, but version newer than 4.20.x is not supported (please refer to the FAQ for advice)]) + fi + elif test "$version" = 3 && test "$patchlevel" -ge 10; then + : # Linux 3.x +-- +2.14.1 + diff --git a/datatpath-use-new-header-file-net-ipv6-frag-h.patch b/datatpath-use-new-header-file-net-ipv6-frag-h.patch new file mode 100644 index 0000000..cd944e6 --- /dev/null +++ b/datatpath-use-new-header-file-net-ipv6-frag-h.patch @@ -0,0 +1,103 @@ +From 7857a9b4fcdb2679687b8a1a0e0f666ee3bbba6b Mon Sep 17 00:00:00 2001 +From: Florian Westphal +Date: Fri, 10 May 2019 12:30:10 -0700 +Subject: [PATCH] datapath: Use new header file net/ipv6_frag.h + +Upstream commit: + commit 70b095c84326640eeacfd69a411db8fc36e8ab1a + Author: Florian Westphal + Date: Sat Jul 14 01:14:01 2018 +0200 + + ipv6: remove dependency of nf_defrag_ipv6 on ipv6 module + + IPV6=m + DEFRAG_IPV6=m + CONNTRACK=y yields: + + net/netfilter/nf_conntrack_proto.o: In function `nf_ct_netns_do_get': + net/netfilter/nf_conntrack_proto.c:802: undefined reference to `nf_defrag_ipv6_enable' + net/netfilter/nf_conntrack_proto.o:(.rodata+0x640): undefined reference to `nf_conntrack_l4proto_icmpv6' + + Setting DEFRAG_IPV6=y causes undefined references to ip6_rhash_params + ip6_frag_init and ip6_expire_frag_queue so it would be needed to force + IPV6=y too. + + This patch gets rid of the 'followup linker error' by removing + the dependency of ipv6.ko symbols from netfilter ipv6 defrag. + + Shared code is placed into a header, then used from both. + + Signed-off-by: Florian Westphal + Signed-off-by: Pablo Neira Ayuso + +This patch backports the above upstream patch to OVS. + +Cc: Florian Westphal +Tested-by: Greg Rose +Reviewed-by: Greg Rose +Acked-by: Yi-Hung Wei +Signed-off-by: Yifeng Sun +Signed-off-by: Ben Pfaff +--- + acinclude.m4 | 2 ++ + datapath/conntrack.c | 1 + + datapath/linux/Modules.mk | 1 + + datapath/linux/compat/include/net/ipv6_frag.h | 8 ++++++++ + 4 files changed, 12 insertions(+) + create mode 100644 datapath/linux/compat/include/net/ipv6_frag.h + +diff --git a/acinclude.m4 b/acinclude.m4 +index d664450..f16c1da 100644 +--- a/acinclude.m4 ++++ b/acinclude.m4 +@@ -952,6 +952,8 @@ AC_DEFUN([OVS_CHECK_LINUX_COMPAT], [ + OVS_GREP_IFELSE([$KSRC/include/net/netfilter/nf_conntrack_l3proto.h], + [nf_conntrack_l3proto], + [OVS_DEFINE([HAVE_NF_CONNTRACK_L3PROATO_H])]) ++ OVS_GREP_IFELSE([$KSRC/include/net/ipv6_frag.h], [IP6_DEFRAG_CONNTRACK_IN], ++ [OVS_DEFINE([HAVE_IPV6_FRAG_H])]) + + if cmp -s datapath/linux/kcompat.h.new \ + datapath/linux/kcompat.h >/dev/null 2>&1; then +diff --git a/datapath/conntrack.c b/datapath/conntrack.c +index 0d8f61f..93ca06d 100644 +--- a/datapath/conntrack.c ++++ b/datapath/conntrack.c +@@ -31,6 +31,7 @@ + #include + #include + #include ++#include + + #ifdef CONFIG_NF_NAT_NEEDED + #include +diff --git a/datapath/linux/Modules.mk b/datapath/linux/Modules.mk +index e31d784..642b7fb 100644 +--- a/datapath/linux/Modules.mk ++++ b/datapath/linux/Modules.mk +@@ -86,6 +86,7 @@ openvswitch_headers += \ + linux/compat/include/net/ip6_route.h \ + linux/compat/include/net/ip6_tunnel.h \ + linux/compat/include/net/ipv6.h \ ++ linux/compat/include/net/ipv6_frag.h \ + linux/compat/include/net/mpls.h \ + linux/compat/include/net/net_namespace.h \ + linux/compat/include/net/netlink.h \ +diff --git a/datapath/linux/compat/include/net/ipv6_frag.h b/datapath/linux/compat/include/net/ipv6_frag.h +new file mode 100644 +index 0000000..ba24fd1 +--- /dev/null ++++ b/datapath/linux/compat/include/net/ipv6_frag.h +@@ -0,0 +1,8 @@ ++#ifndef __NET_IPV6_FRAG_WRAPPER_H ++#define __NET_IPV6_FRAG_WRAPPER_H ++ ++#if IS_ENABLED(CONFIG_NF_DEFRAG_IPV6) && defined(HAVE_IPV6_FRAG_H) ++#include_next ++#endif ++ ++#endif /* __NET_IPV6_FRAG_WRAPPER_H */ +\ No newline at end of file +-- +2.14.1.windows.1 + diff --git a/netfilter-remove-useless-parm-helper-of-nf-ct-helper.patch b/netfilter-remove-useless-parm-helper-of-nf-ct-helper.patch new file mode 100644 index 0000000..c615f06 --- /dev/null +++ b/netfilter-remove-useless-parm-helper-of-nf-ct-helper.patch @@ -0,0 +1,68 @@ +From 7685ce31cf5460b086e37690ab1ed99bf5950f36 Mon Sep 17 00:00:00 2001 +From: Gao Feng +Date: Fri, 10 May 2019 12:30:13 -0700 +Subject: [PATCH] netfilter: Remove useless param helper of + nf_ct_helper_ext_add + +Upstream commit: + commit 440534d3c56be04abfb26850ee882d19d223557a + Author: Gao Feng + Date: Mon Jul 9 18:06:33 2018 +0800 + + netfilter: Remove useless param helper of nf_ct_helper_ext_add + + The param helper of nf_ct_helper_ext_add is useless now, then remove + it now. + + Signed-off-by: Gao Feng + Signed-off-by: Pablo Neira Ayuso + +This patch backports the above upstream patch to OVS. + +Cc: Gao Feng +Tested-by: Greg Rose +Reviewed-by: Greg Rose +Acked-by: Yi-Hung Wei +Signed-off-by: Yifeng Sun +Signed-off-by: Ben Pfaff +--- + acinclude.m4 | 3 +++ + .../linux/compat/include/net/netfilter/nf_conntrack_helper.h | 10 ++++++++++ + 2 files changed, 13 insertions(+) + +diff --git a/acinclude.m4 b/acinclude.m4 +index f16c1da..da198f4 100644 +--- a/acinclude.m4 ++++ b/acinclude.m4 +@@ -954,6 +954,9 @@ AC_DEFUN([OVS_CHECK_LINUX_COMPAT], [ + [OVS_DEFINE([HAVE_NF_CONNTRACK_L3PROATO_H])]) + OVS_GREP_IFELSE([$KSRC/include/net/ipv6_frag.h], [IP6_DEFRAG_CONNTRACK_IN], + [OVS_DEFINE([HAVE_IPV6_FRAG_H])]) ++ OVS_FIND_PARAM_IFELSE([$KSRC/include/net/netfilter/nf_conntrack_helper.h], ++ [nf_ct_helper_ext_add], [nf_conntrack_helper], ++ [OVS_DEFINE([HAVE_NF_CT_HELPER_EXT_ADD_TAKES_HELPER])]) + + if cmp -s datapath/linux/kcompat.h.new \ + datapath/linux/kcompat.h >/dev/null 2>&1; then +diff --git a/datapath/linux/compat/include/net/netfilter/nf_conntrack_helper.h b/datapath/linux/compat/include/net/netfilter/nf_conntrack_helper.h +index 19c35cd..b6a3d0b 100644 +--- a/datapath/linux/compat/include/net/netfilter/nf_conntrack_helper.h ++++ b/datapath/linux/compat/include/net/netfilter/nf_conntrack_helper.h +@@ -9,4 +9,14 @@ static inline void nf_conntrack_helper_put(struct nf_conntrack_helper *helper) { + } + #endif + ++#ifndef HAVE_NF_CT_HELPER_EXT_ADD_TAKES_HELPER ++static inline struct nf_conn_help * ++rpl_nf_ct_helper_ext_add(struct nf_conn *ct, ++ struct nf_conntrack_helper *helper, gfp_t gfp) ++{ ++ return nf_ct_helper_ext_add(ct, gfp); ++} ++#define nf_ct_helper_ext_add rpl_nf_ct_helper_ext_add ++#endif /* HAVE_NF_CT_HELPER_EXT_ADD_TAKES_HELPER */ ++ + #endif /* _NF_CONNTRACK_HELPER_WRAPPER_H */ +-- +2.14.1.windows.1 + diff --git a/openvswitch-2.11.1.tar.gz b/openvswitch-2.11.1.tar.gz new file mode 100644 index 0000000..94e7dab Binary files /dev/null and b/openvswitch-2.11.1.tar.gz differ diff --git a/openvswitch-kmod.spec b/openvswitch-kmod.spec new file mode 100644 index 0000000..098854c --- /dev/null +++ b/openvswitch-kmod.spec @@ -0,0 +1,160 @@ +# Generated automatically -- do not modify! -*- buffer-read-only: t -*- +# Spec file for Open vSwitch. + +# Copyright (C) 2009, 2010, 2015, 2018 Nicira Networks, Inc. +# +# Copying and distribution of this file, with or without modification, +# are permitted in any medium without royalty provided the copyright +# notice and this notice are preserved. This file is offered as-is, +# without warranty of any kind. + +%global debug_package %{nil} + +# Use the kversion macro such as +# RPMBUILD_OPT='-D "kversion 3.10.0-693.1.1.el7.x86_64 3.10.0-693.17.1.el7.x86_64"' +# to build package for mulitple kernel versions in the same package +# This only works for kernel 3.10.0 major revision 693 (RHEL 7.4) +# and major revision 327 (RHEL 7.2) +# By default, build against the current running kernel version +#%define kernel 3.1.5-1.fc16.x86_64 +#define kernel %{kernel_source} +%define kversion $(uname -r) +%{?kversion:%define kernel %kversion} + +#needsrootforbuild + +Name: openvswitch-kmod +Summary: Open vSwitch Kernel Modules +Group: System Environment/Daemons +URL: http://www.openvswitch.org/ +Vendor: OpenSource Security Ralf Spenneberg +Version: 2.11.1 + +# The entire source code is ASL 2.0 except datapath/ which is GPLv2 +License: GPLv2 +Release: 1%{?dist} +Source: openvswitch-%{version}.tar.gz +Patch0: datapath-support-kernel-version-4-19-and-4-20.patch +Patch1: datapath-handle-removal-of-.h-file-nf-conntrack-l3proto.patch +Patch2: ovs-use-nf-ct-get-tuplepr-invert-tuplepr.patch +Patch3: datapath-fix-conntrack-count-related-compiliation-error.patch +Patch4: datatpath-use-new-header-file-net-ipv6-frag-h.patch +Patch5: netfilter-remove-useless-parm-helper-of-nf-ct-helper.patch + +#Source1: openvswitch-init +Buildroot: /tmp/openvswitch-xen-rpm +Provides: kmod-openvswitch +Conflicts: kmod-openvswitch + +Requires: logrotate, hostname, python >= 2.7, python-six +BuildRequires: python-six +BuildRequires: openssl-devel +BuildRequires: checkpolicy, selinux-policy-devel +BuildRequires: autoconf, automake, libtool +BuildRequires: python-sphinx +BuildRequires: kernel kernel-devel + +%description +Open vSwitch provides standard network bridging functions augmented with +support for the OpenFlow protocol for remote per-flow control of +traffic. This package contains the kernel modules. + +%prep +%setup -q -n openvswitch-%{version} +%patch0 -p1 +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch5 -p1 + +%build +sh boot.sh +for kv in %{kversion}; do + mkdir -p _$kv + (cd _$kv && /bin/cp -f ../configure . && %configure --srcdir=.. \ + --with-linux=/lib/modules/${kv}/build --enable-ssl %{_ovs_config_extra_flags}) + make %{_smp_mflags} -C _$kv/datapath/linux +done + +%install +export INSTALL_MOD_DIR=extra/openvswitch +rm -rf $RPM_BUILD_ROOT +for kv in %{kversion}; do + make INSTALL_MOD_PATH=$RPM_BUILD_ROOT -C _$kv/datapath/linux modules_install +done +mkdir -p $RPM_BUILD_ROOT/etc/depmod.d +for kv in %{kversion}; do + for module in $RPM_BUILD_ROOT/lib/modules/${kv}/extra/openvswitch/*.ko + do + modname="$(basename ${module})" + grep -qsPo "^\s*override ${modname%.ko} \* extra\/openvwitch" \ + $RPM_BUILD_ROOT/etc/depmod.d/kmod-openvswitch.conf || \ + echo "override ${modname%.ko} * extra/openvswitch" >> \ + $RPM_BUILD_ROOT/etc/depmod.d/kmod-openvswitch.conf + grep -qsPo "^\s*override ${modname%.ko} \* weak-updates\/openvwitch" \ + $RPM_BUILD_ROOT/etc/depmod.d/kmod-openvswitch.conf || \ + echo "override ${modname%.ko} * weak-updates/openvswitch" >> \ + $RPM_BUILD_ROOT/etc/depmod.d/kmod-openvswitch.conf + done +done +install -d -m 0755 $RPM_BUILD_ROOT/usr/share/openvswitch/scripts +install -p -m 0755 rhel/usr_share_openvswitch_scripts_ovs-kmod-manage.sh \ + $RPM_BUILD_ROOT%{_datadir}/openvswitch/scripts/ovs-kmod-manage.sh + +%clean +rm -rf $RPM_BUILD_ROOT + +%post +current_kernel=$(uname -r) +IFS='.\|-' read mainline_major mainline_minor mainline_patch major_rev \ + minor_rev _extra <<<"${current_kernel}" +# echo mainline_major=$mainline_major mainline_minor=$mainline_minor \ +# mainline_patch=$mainline_patch major_rev=$major_rev minor_rev=$minor_rev +if [ "$mainline_major" = "3" ] && [ "$mainline_minor" = "10" ]; then + if [ "$major_rev" = "327" ] || [ "$major_rev" = "693" ]; then + # For RHEL 7.2 and 7.4 + if [ -x "%{_datadir}/openvswitch/scripts/ovs-kmod-manage.sh" ]; then + %{_datadir}/openvswitch/scripts/ovs-kmod-manage.sh + fi + fi +elif [ "$mainline_major" = "4" ] && [ "$mainline_minor" = "4" ] && \ + [ "$mainline_patch" -ge "73" ]; then + # For SLES 12 SP3 + if [ -x "%{_datadir}/openvswitch/scripts/ovs-kmod-manage.sh" ]; then + %{_datadir}/openvswitch/scripts/ovs-kmod-manage.sh + fi +else + # Ensure that modprobe will find our modules. + for k in $(cd /lib/modules && /bin/ls); do + [ -d "/lib/modules/$k/kernel/" ] && /sbin/depmod -a "$k" + done + if [ -x "/sbin/weak-modules" ]; then + for m in openvswitch vport-gre vport-stt vport-geneve \ + vport-lisp vport-vxlan; do + echo "/lib/modules/%{kernel}/extra/openvswitch/$m.ko" + done | /sbin/weak-modules --add-modules + fi +fi + +%postun +if [ "$1" = 0 ]; then # Erase, not upgrade + for kname in `ls -d /lib/modules/*` +do + rm -rf $kname/weak-updates/openvswitch +done +fi +/sbin/depmod -a + +%files +%defattr(0644,root,root) +/lib/modules/*/extra/openvswitch/*.ko +/etc/depmod.d/kmod-openvswitch.conf +%exclude /lib/modules/*/modules.* +%attr(755,root,root) %{_datadir}/openvswitch/scripts/ovs-kmod-manage.sh + +%changelog +* Wed Sep 21 2011 Kyle Mestery +- Updated for F15 +* Wed Jan 12 2011 Ralf Spenneberg +- First build on F14 diff --git a/ovs-use-nf-ct-get-tuplepr-invert-tuplepr.patch b/ovs-use-nf-ct-get-tuplepr-invert-tuplepr.patch new file mode 100644 index 0000000..ba03a84 --- /dev/null +++ b/ovs-use-nf-ct-get-tuplepr-invert-tuplepr.patch @@ -0,0 +1,75 @@ +From d94ae5c5bf9ffa4d405515a1ba194143465e9ac1 Mon Sep 17 00:00:00 2001 +From: Florian Westphal +Date: Fri, 10 May 2019 12:30:12 -0700 +Subject: [PATCH] openvswitch: use nf_ct_get_tuplepr, invert_tuplepr + +Upstream commit: + commit 60e3be94e6a1c5162a0763c9aafb5190b2b1fdce + Author: Florian Westphal + Date: Mon Jun 25 17:55:32 2018 +0200 + + openvswitch: use nf_ct_get_tuplepr, invert_tuplepr + + These versions deal with the l3proto/l4proto details internally. + It removes only caller of nf_ct_get_tuple, so make it static. + + After this, l3proto->get_l4proto() can be removed in a followup patch. + + Signed-off-by: Florian Westphal + Acked-by: Pravin B Shelar + Signed-off-by: Pablo Neira Ayuso + +This patch backports the above upstream kernel patch to OVS. + +Cc: Florian Westphal +Tested-by: Greg Rose +Reviewed-by: Greg Rose +Acked-by: Yi-Hung Wei +Signed-off-by: Yifeng Sun +Signed-off-by: Ben Pfaff +--- + datapath/conntrack.c | 17 +++-------------- + 1 file changed, 3 insertions(+), 14 deletions(-) + +diff --git a/datapath/conntrack.c b/datapath/conntrack.c +index a7dc9e0..0d8f61f 100644 +--- a/datapath/conntrack.c ++++ b/datapath/conntrack.c +@@ -645,23 +645,12 @@ static struct nf_conn * + ovs_ct_find_existing(struct net *net, const struct nf_conntrack_zone *zone, + u8 l3num, struct sk_buff *skb, bool natted) + { +- const struct nf_conntrack_l3proto *l3proto; +- const struct nf_conntrack_l4proto *l4proto; + struct nf_conntrack_tuple tuple; + struct nf_conntrack_tuple_hash *h; + struct nf_conn *ct; +- unsigned int dataoff; +- u8 protonum; + +- l3proto = __nf_ct_l3proto_find(l3num); +- if (l3proto->get_l4proto(skb, skb_network_offset(skb), &dataoff, +- &protonum) <= 0) { +- pr_debug("ovs_ct_find_existing: Can't get protonum\n"); +- return NULL; +- } +- l4proto = __nf_ct_l4proto_find(l3num, protonum); +- if (!nf_ct_get_tuple(skb, skb_network_offset(skb), dataoff, l3num, +- protonum, net, &tuple, l3proto, l4proto)) { ++ if (!nf_ct_get_tuplepr(skb, skb_network_offset(skb), l3num, ++ net, &tuple)) { + pr_debug("ovs_ct_find_existing: Can't get tuple\n"); + return NULL; + } +@@ -670,7 +659,7 @@ ovs_ct_find_existing(struct net *net, const struct nf_conntrack_zone *zone, + if (natted) { + struct nf_conntrack_tuple inverse; + +- if (!nf_ct_invert_tuple(&inverse, &tuple, l3proto, l4proto)) { ++ if (!nf_ct_invert_tuplepr(&inverse, &tuple)) { + pr_debug("ovs_ct_find_existing: Inversion failed!\n"); + return NULL; + } +-- +2.14.1 +