[ovs-dev] Bug#863228: openvswtich: CVE-2017-9214

Package: openvswitch Version: 2.6.2~pre+git20161223-3 Severity: important Tags: patch upstream security Hi the following vulnerability was published for openvswitch.

[ovs-dev] debian /etc/init.d/openvswitch status

Using a Debian Stretch daily snapshot from a few days ago, systemd looks to be interfering with /etc/init.d/openvswitch. These are the packages installed: # dpkg -l | grep openvsw ii openvswitch-common2.6.2~pre+git20161223-3 amd64Open vSwitch common components ii

[ovs-dev] [PATCHv2] checkpatch: Check for stdlib usage.

Many standard library functions are wrapped in OVS, so check for usage of the original versions and suggest that authors replace them with the OVS versions. Signed-off-by: Joe Stringer --- v2: Drop checks for functions that don't replace library functions Fix naming of

[ovs-dev] [PATCH 5/5] test-hash: Reuse structs/functions in 256B check.

The prior patch introduced a definition for the 32-bit offset u128, and introduced a function for setting bits in this structure so refactor the 256B hash test to reuse this code. Signed-off-by: Joe Stringer --- tests/test-hash.c | 25 +++-- 1 file changed, 11

[ovs-dev] [PATCH 4/5] test-hash: Fix unaligned pointers.

Clang 4.0 complains: ../tests/test-hash.c:160:16: error: taking address of packed member 'b' of class or structure 'offset_ovs_u128' may result in an unaligned pointer value [-Werror,-Waddress-of-packed-member] in0 = _data.b; Rework the 128-bit hash test to have a separate function

[ovs-dev] [PATCH 3/5] test-hash: Don't check bit 2048.

When running 256B hash check, we currently iterate from 0 up to and including bit 2048, which is beyond the range of bits that 256B holds. For bit 2048, set_bit128() doesn't set a bit due to the range check. Simplify the code by dropping the handling of bit 2048. Signed-off-by: Joe Stringer

[ovs-dev] [PATCH 1/5] odp-execute: Fix unaligned eth_addr pointers.

Clang 4.0 complains: ../lib/odp-execute.c:61:37: error: taking address of packed member 'eth_dst' of class or structure 'eth_header' may result in an unaligned pointer value [-Werror,-Waddress-of-packed-member] ether_addr_copy_masked(>eth_src, key->eth_src, mask->eth_src);

[ovs-dev] [PATCH 2/5] ofproto-dpif: Fix unaligned eth_addr pointers.

Clang 4.0 complains: ../ofproto/ofproto-dpif.c:2291:46: error: taking address of packed member 'eth_src' of class or structure 'eth_header' may result in an unaligned pointer value [-Werror,-Waddress-of-packed-member] netdev_get_etheraddr(ofport->up.netdev, >eth_src);

[ovs-dev] [PATCH 0/5] Fix unaligned pointer values reported by clang 4.0.

Clang 4.0 has added some new warnings around taking the address of packed members of structures which may result in unaligned pointer values. This series addresses the resulting compilation failures (reported via -Werror). Joe Stringer (5): odp-execute: Fix unaligned eth_addr access.

Re: [ovs-dev] [PATCH 3/3] dpif-netlink-rtnl: Use OVS_NOT_REACHED in verify.

On 22 May 2017 at 10:42, Eric Garver wrote: > On Fri, May 19, 2017 at 01:27:36PM -0700, Joe Stringer wrote: >> The vport_type_to_kind() call at the top of dpif_netlink_rtnl_verify() >> ensures that these cases can never be hit, so use OVS_NOT_REACHED() >> instead of setting the err

Re: [ovs-dev] [PATCH 2/3] dpif-netlink-rtnl: Use getlink() in common verify path.

On 22 May 2017 at 10:40, Eric Garver wrote: > On Fri, May 19, 2017 at 01:27:35PM -0700, Joe Stringer wrote: >> The calls here were duplicated across each tunnel protocol. >> >> Signed-off-by: Joe Stringer >> --- >> lib/dpif-netlink-rtnl.c | 100 >>

Re: [ovs-dev] [PATCH 1/3] dpif-netlink-rtnl: Tidy up some code.

On 22 May 2017 at 10:36, Eric Garver wrote: > On Fri, May 19, 2017 at 01:27:34PM -0700, Joe Stringer wrote: >> Simplify and refactor a couple of bits of code for improved readability. >> >> Signed-off-by: Joe Stringer >> --- >> lib/dpif-netlink-rtnl.c | 20

Re: [ovs-dev] [PATCH] datapath-windows: Fix possible null dereference in ipfragment

On 17 May 2017 at 06:54, Alin Serdean wrote: > Found using static analysis tools. > > Signed-off-by: Alin Gabriel Serdean > Applied, thanks! > --- > datapath-windows/ovsext/IpFragment.c | 2 +- > 1 file changed, 1

Re: [ovs-dev] [PATCH] datapath-windows: Report success for conntrack actions over frags

On 17 May 2017 at 06:43, Alin Serdean wrote: > When a conntrack action is applied over an IP fragment we pend the fragment > which will be consumed later. This should be transparent to the userspace. > > Report that the action was applied successfully so it does

Re: [ovs-dev] [PATCH] datapath-windows: Fix alignment in actions

On 17 May 2017 at 05:57, Alin Serdean wrote: > Found by inspection. > > Signed-off-by: Alin Gabriel Serdean > Thanks, applied! > --- > datapath-windows/ovsext/Actions.c | 24 > 1 file changed, 12

Re: [ovs-dev] [PATCH v2] tests: fix hanging test on windows

On Tue, May 23, 2017 at 7:05 AM, Alin Serdean wrote: > From: Alin Serdean > > 'multiple bridges share a controller' hangs on windows because it is > lacking the exit information (it will hang when the test has finished) > >

Re: [ovs-dev] [PATCH v2] python ovs: Fix SSL exceptions with pyOpenSSL v0.13

On May 23, 2017 11:04 PM, "Russell Bryant" wrote: On Mon, May 15, 2017 at 11:39 AM, wrote: > From: Numan Siddique > > Centos provides pyOpenSSL version pyOpenSSL-0.13.1-3.el7.x86_64. > There are 2 issues using this version, which this

Re: [ovs-dev] [PATCH 1/2] ovn pacemaker: Fix return code errors in start/stop action

On Mon, May 22, 2017 at 9:12 PM, Numan Siddique wrote: > > > On Tue, May 23, 2017 at 5:21 AM, Andy Zhou wrote: >> >> On Sun, May 21, 2017 at 6:35 PM, wrote: >> > From: Numan Siddique >> > >> > start action returns

[ovs-dev] [PATCH 2/3] datapath-windows: add two new build targets for code analysis

Add two new build targets: 'Win8Analyze' and 'Win8.1Analyze'. The new build targets have the static code analyzer (built in Visual Studio feature). This patch also introduces a new make target ('datapath_windows_analyze') this can be added to the CI jobs to get a list warnings/errors issued by

[ovs-dev] [PATCH 3/3] appveyor: Add new make target

This patch adds the new make target 'datapath_windows_analyze' (static analysis over the windows datapath code) to the appveyor build. Signed-off-by: Alin Gabriel Serdean --- appveyor.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/appveyor.yml

[ovs-dev] [PATCH 1/3] datapath-windows: Remove Strsafe usage from datapath

The removal is mandatory to use the VStudio 2013 static code analyzer. The only function that was used from the include is: 'StringCbLengthA'. We were not checking the result of that function, nor will the 'vportGet->name' exceed the 'OVS_MAX_PORT_NAME_LENGTH' limitation. Signed-off-by: Alin

Re: [ovs-dev] [PATCH] Supporting ovn-northd service HA depend on OVNDB-HA

On Tue, May 23, 2017 at 9:56 AM, Numan Siddique wrote: > On Tue, May 23, 2017 at 9:44 AM, multi_t...@163.com > wrote: > >> Hi Numan, >> >> Thank you very much, I had pushed the patch new version >> https://github.com/openvswitch/ovs/pull/178 >> > >

Re: [ovs-dev] [PATCH v2] python ovs: Fix SSL exceptions with pyOpenSSL v0.13

On Mon, May 15, 2017 at 11:39 AM, wrote: > From: Numan Siddique > > Centos provides pyOpenSSL version pyOpenSSL-0.13.1-3.el7.x86_64. > There are 2 issues using this version, which this patch fixes > > - The test case "simple idl verify notify - SSL" is

Re: [ovs-dev] Nice To Meet you

Hi, can we discuss something very important? Yours Love Sara Patrick ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] Netapp users' contact list

Hi, Want to increase your sales? All you need is a reliable data source. Get accurate data and reach your target easily. we have updated Netapp users' contact list and thought you would be interested in it. We can also provide you with: *

Re: [ovs-dev] [PATCH v7 3/4] datapath-windows: NAT integration with conntrack

Hi Yin, Sorry it took a while to review the patch. I just have a few inlined comments. I am stripping the code a bit to be more readable. I will run some tests tonight over the current series to see that everything is ok from a functionality perspective. Thanks, Alin. > > This patch

Re: [ovs-dev] [PATCH v7 2/4] datapath-windows: Add NAT module in conntrack

Just one small nit on this one > datapath-windows/ovsext/Conntrack-icmp.c \ > datapath-windows/ovsext/Conntrack-other.c \ > datapath-windows/ovsext/Conntrack-related.c \ > +datapath-windows/ovsext/Conntrack-nat.c \ [Alin Serdean] tab instead of 4 space >

[ovs-dev] [PATCH v2] tests: fix hanging test on windows

From: Alin Serdean 'multiple bridges share a controller' hangs on windows because it is lacking the exit information (it will hang when the test has finished) Introduce a pidfile to 'ovs-testcontroller' and end it on exit based on the pidfile. Signed-off-by:

Re: [ovs-dev] [PATCH] tests: fix hanging test on windows

> -Original Message- > From: Joe Stringer [mailto:j...@ovn.org] > Sent: Tuesday, May 23, 2017 2:39 AM > To: Alin Serdean > Cc: d...@openvswitch.org > Subject: Re: [ovs-dev] [PATCH] tests: fix hanging test on windows > > On 22 May 2017 at 05:18, Alin

Re: [ovs-dev] [PATCH] Supporting ovn-northd service HA depend on OVNDB-HA

On Tue, May 23, 2017 at 9:44 AM, multi_t...@163.com wrote: > Hi Numan, > > Thank you very much, I had pushed the patch new version > https://github.com/openvswitch/ovs/pull/178 > Thanks. I tested it. Acked-by: Numan Siddique Tested-by: Numan Siddique

Re: [ovs-dev] [PATCH v4] OVN localport type support

On Tue, May 23, 2017 at 10:01 AM, Miguel Angel Ajo Pelayo < majop...@redhat.com> wrote: > If we forsee use cases with several local ports by logical switch/chassis > could one option be to allocate a bit in REG10 to mark local ports, > and then have a single rule that matches reg10 to drop

Re: [ovs-dev] [PATCH v4] OVN localport type support

If we forsee use cases with several local ports by logical switch/chassis could one option be to allocate a bit in REG10 to mark local ports, and then have a single rule that matches reg10 to drop output/forwarding of packets? Best, Miguel Ángel Ajo On Fri, May 19, 2017 at 4:26 PM, Daniel