Debian Patches
Status for openvswitch/3.7.0-1
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| tests-Make-routing-rules-checks-more-resilient.patch | tests: Make routing rules checks more resilient. The "ovs-route - unsupported rules" test routing rule checks were failing on systems having non-standard routing rules. . These failures occurred because the test performed exact output matching on the full output of 'ovs-appctl ovs/route/rule/show', which includes both user-added and system-cached rules. . When the system has additional routing rules that meet certain criteria (FR_ACT_TO_TBL action without unsupported selectors like fwmark, dport, sport, iif, ipproto, or tun_id), OVS caches them, as expected, causing them to appear in the "Cached:" section of the output. . "ovs-route - unsupported rules" was modified in order to take this situation into account. It now captures the full initial cache state before adding test rules and verifies that the cache state remains unchanged after adding unsupported rules (keeping the intent of the test intact). diff --git a/tests/system-route.at b/tests/system-route.at index 0b4b4b7e9..a074c51f9 100644 |
Matteo Perin <matteo.perin@canonical.com> | no | upstream, https://github.com/openvswitch/ovs/commit/cd7b495e2dd586113d64a699fe4856cffd97b64c | 2026-03-02 | |
| ovs-router-Fix-disable-system-route-rules-filter.patch | ovs-router: Fix --disable-system-route rules filter. Even with --disable-system-route set, non-standard system routing rules were still being cached at startup via route_table_reset() calling ovs_router_rule_add() from rule_handle_msg() in route-table.c. . The use_system_routing_table flag was only checked in ovs_router_insert() and ovs_router_lookup_fallback(), but not in ovs_router_rule_add(), allowing non-standard system rules to pollute the routing cache. . Fix this by splitting ovs_router_rule_add() into an internal static ovs_router_rule_add__() function and a public ovs_router_rule_add() wrapper that checks the use_system_routing_table flag before adding rules. Internal callers (init_standard_rules, ovs_router_rule_add_cmd) use the internal version directly, while external callers like route-table.c go through the public API which respects the flag. . ovs_router_rules_flush(false) removes all non-user rules, including the standard routing rules (local, main, default). These standard rules are needed for proper route lookup even when system routing is disabled. . Re-add the standard rules after a non-full flush by calling init_standard_rules() within ovs_router_rules_flush(). diff --git a/lib/ovs-router.c b/lib/ovs-router.c index 496690b46..861c912d0 100644 |
Matteo Perin <matteo.perin@canonical.com> | no | upstream, https://github.com/openvswitch/ovs/commit/dd4d9983a1066aff9b8f451ca508de5f7ed9c76b | 2026-03-02 | |
| ovs-router-Fix-locking-in-ovs_router_rule_add.patch | ovs-router: Fix locking in ovs_router_rule_add(). ovs_router_rule_add() is annotated with OVS_REQUIRES(mutex) but its external caller rule_handle_msg() in route-table.c does not hold the mutex. This could lead to data races on the rules pvector. . Fix this by changing the annotation to OVS_EXCLUDED(mutex) and acquiring the mutex inside ovs_router_rule_add() around the call to the internal ovs_router_rule_add__() function. diff --git a/lib/ovs-router.c b/lib/ovs-router.c index 861c912d0..2566386ea 100644 |
Matteo Perin <matteo.perin@canonical.com> | no | upstream, https://github.com/openvswitch/ovs/commit/920eb244e96b0c43d02dd717f48e7c008bd308a4 | 2026-03-02 |
All known versions for source package 'openvswitch'
- 3.7.0-1 (forky, sid)
- 3.5.0-1 (trixie)
- 3.1.0-2+deb12u1 (bookworm, bookworm-security)