Sync from SUSE:SLFO:Main passt revision c6400eef2467e9a3dbafc9289b411e3c
This commit is contained in:
parent
9933c6e284
commit
6fc7e38c5e
2
_service
2
_service
@ -4,7 +4,7 @@
|
||||
<param name="scm">git</param>
|
||||
<param name="changesgenerate">enable</param>
|
||||
<param name="versionformat">%cs.%h</param>
|
||||
<param name="revision">2024_06_24.1ee2eca</param>
|
||||
<param name="revision">2024_09_06.6b38f07</param>
|
||||
</service>
|
||||
<service mode="manual" name="recompress">
|
||||
<param name="file">*.tar</param>
|
||||
|
@ -1,4 +1,4 @@
|
||||
<servicedata>
|
||||
<service name="tar_scm">
|
||||
<param name="url">https://passt.top/passt</param>
|
||||
<param name="changesrevision">1ee2ecade3f41e2a3e51c1e580b08cba977a7c8d</param></service></servicedata>
|
||||
<param name="changesrevision">6b38f0723949f8b4b2787ee55d4330249a1a4a3e</param></service></servicedata>
|
BIN
passt-20240624.1ee2eca.tar.zst
(Stored with Git LFS)
BIN
passt-20240624.1ee2eca.tar.zst
(Stored with Git LFS)
Binary file not shown.
BIN
passt-20240906.6b38f07.tar.zst
(Stored with Git LFS)
Normal file
BIN
passt-20240906.6b38f07.tar.zst
(Stored with Git LFS)
Normal file
Binary file not shown.
200
passt.changes
200
passt.changes
@ -1,3 +1,203 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Sep 12 11:08:38 UTC 2024 - Cathy Hu <cathy.hu@suse.com>
|
||||
|
||||
- Fix passt-selinux to use selinux macros instead of calling semodule
|
||||
by hand, which leads to unwanted policy reload on Micro (bsc#1229132)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Sep 09 06:57:41 UTC 2024 - dcermak@suse.com
|
||||
|
||||
- Update to version 20240906.6b38f07:
|
||||
* apparmor: Allow read access to /proc/sys/net/ipv4/ip_local_port_range
|
||||
* selinux: Allow read access to /proc/sys/net/ipv4/ip_local_port_range
|
||||
* tap: Don't risk truncating frames on full buffer in tap_pasta_input()
|
||||
* tap: Restructure in tap_pasta_input()
|
||||
* tap: Improve handling of EINTR in tap_passt_input()
|
||||
* tap: Split out handling of EPOLLIN events
|
||||
* util: Fix order of operands and carry of one second in timespec_diff_us()
|
||||
* cppcheck: Work around some cppcheck 2.15.0 redundantInitialization warnings
|
||||
* tcp: Use EPOLLET for any state of not established connections
|
||||
* udp: Handle more error conditions in udp_sock_errs()
|
||||
* udp: Treat errors getting errors as unrecoverable
|
||||
* udp: Split socket error handling out from udp_sock_recv()
|
||||
* flow: Helpers to log details of a flow
|
||||
* udp: Allow UDP flows to be prematurely closed
|
||||
* flow: Fix incorrect hash probe in flowside_lookup()
|
||||
* log: Don't prefix log file messages with time and severity if they're continuations
|
||||
* Makefile: Enable _FORTIFY_SOURCE iff needed
|
||||
* fwd, conf: Probe host's ephemeral ports
|
||||
* conf, fwd: Don't attempt to forward port 0
|
||||
* conf, fwd: Make ephemeral port logic more flexible
|
||||
* seccomp.sh: Try to account for terminal width while formatting list of system calls
|
||||
* udp: Use dual stack sockets for port forwarding when possible
|
||||
* udp: Remove unnnecessary local from udp_sock_init()
|
||||
* udp: Merge udp[46]_mh_recv arrays
|
||||
* test: Look for possible sshd-session paths (if it's there at all) in mbuto's profile
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Aug 22 08:15:06 UTC 2024 - dcermak@suse.com
|
||||
|
||||
- Update to version 20240821.1d6142f:
|
||||
* README: pasta is indeed a supported back-end for rootless Docker
|
||||
* util: Don't stop on unrelated values when looking for --fd in close_open_files()
|
||||
* test: Update list of dependencies in README.md
|
||||
* tcp, udp: Allow timerfd_gettime64() and recvmmsg_time64() on arm (armhf)
|
||||
* util: Provide own version of close_range(), and no-op fallback
|
||||
* udp_flow: Add missing unistd.h include for close()
|
||||
* test: Duplicate existing recvfrom() valgrind suppression for recv()
|
||||
* test/passt.mbuto: Install sshd-session OpenSSH's split process
|
||||
* test/passt.mbuto: Run sshd from vsock proxy with absolute path
|
||||
* test/lib/setup: Transform i686 kernel architecture name into QEMU name (i386)
|
||||
* treewide: Allow additional system calls for i386/i686
|
||||
* fwd, conf: Allow NAT of the guest's assigned address
|
||||
* fwd: Distinguish translatable from untranslatable addresses on inbound
|
||||
* conf: Allow address remapped to host to be configured
|
||||
* test: Reconfigure IPv6 address after changing MTU
|
||||
* conf, fwd: Split notion of gateway/router from guest-visible host address
|
||||
* Don't take "our" MAC address from the host
|
||||
* fwd: Split notion of "our tap address" from gateway for IPv4
|
||||
* fwd: Helpers to clarify what host addresses aren't guest accessible
|
||||
* Initialise our_tap_ll to ip6.gw when suitable
|
||||
* Clarify which addresses in ip[46]_ctx are meaningful where
|
||||
* treewide: Change misleading 'addr_ll' name
|
||||
* util: Correct sock_l4() binding for link local addresses
|
||||
* conf: Remove incorrect initialisation of addr_ll_seen
|
||||
* conf: Treat --dns addresses as guest visible addresses
|
||||
* conf: Correct setting of dns_match address in add_dns6()
|
||||
* conf: Move adding of a nameserver from resolv.conf into subfunction
|
||||
* conf: Move DNS array bounds checks into add_dns[46]
|
||||
* conf: More accurately count entries added in get_dns()
|
||||
* conf: Use array indices rather than pointers for DNS array slots
|
||||
* treewide: Use struct assignment instead of memcpy() for IP addresses
|
||||
* treewide: Rename MAC address fields for clarity
|
||||
* util: Helper for formatting MAC addresses
|
||||
* treewide: Use "our address" instead of "forwarding address"
|
||||
* netlink: Fix typo in function comment for nl_addr_set()
|
||||
* pasta: Disable neighbour solicitations on device up to prevent DAD
|
||||
* netlink, pasta: Fetch link-local address from namespace interface once it's up
|
||||
* netlink, pasta: Disable DAD for link-local addresses on namespace interface
|
||||
* netlink, pasta: Turn nl_link_up() into a generic function to set link flags
|
||||
* netlink, pasta: Split MTU setting functionality out of nl_link_up()
|
||||
* netlink: Fix typo in function comment for nl_addr_get()
|
||||
* test: Speed up by cutting on eye candy and performance test duration
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Aug 15 06:18:55 UTC 2024 - dcermak@suse.com
|
||||
|
||||
- Update to version 20240814.61c0b0d:
|
||||
* flow: Don't crash if guest attempts to connect to port 0
|
||||
* conf: Don't ignore -t and -u options after -D
|
||||
* ndp.c: Turn NDP responder into more declarative implementation
|
||||
* conf: Delay handling -D option until after addresses are configured
|
||||
* Correct inaccurate comments on ip[46]_ctx::addr
|
||||
* log: Don't prefix message with timestamp on --debug if it's a continuation
|
||||
* conf: Stop parsing options at first non-option argument
|
||||
* passt, util: Close any open file that the parent might have leaked
|
||||
* nstool: Propagate SIGTERM to processes executed in the namespace
|
||||
* nstool: Fix some trivial typos
|
||||
* log: Avoid duplicate calls to logtime()
|
||||
* log: Handle errors from clock_gettime()
|
||||
* log: Correct formatting of timestamps
|
||||
* util: Some corrections for timespec_diff_us
|
||||
* conf, pasta: Make -g and -a skip route/addresses copy for matching IP version only
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 06 16:58:22 UTC 2024 - dcermak@suse.com
|
||||
|
||||
- Update to version 20240806.ee36266:
|
||||
* log, passt: Keep printing to stderr when passt is running in foreground
|
||||
* tcp_splice: Fix side in OUT_WAIT flag setting
|
||||
* util: Use unsigned (size_t) value for iov length
|
||||
* udp_flow: move all udp_flow functions to udp_flow.c
|
||||
* udp_flow: Remove udp_meta_t from the parameters of udp_flow_from_sock()
|
||||
* log: Make logfile_write() private
|
||||
* pasta: Save errno on signal handler entry, restore on return when needed
|
||||
* pasta: modify hostname when detaching new namespace
|
||||
* Fix typo in README file
|
||||
* fedora/rpkg: List myself as author for changelog entries
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Aug 01 05:57:09 UTC 2024 - dcermak@suse.com
|
||||
|
||||
- Update to version 20240726.57a21d2:
|
||||
* tap: Improve handling of partially received frames on qemu socket
|
||||
* tap: Correctly handle frames of odd length
|
||||
* tap: Don't use EPOLLET on Qemu sockets
|
||||
* tap: Don't attempt to carry on if we get a bad frame length from qemu
|
||||
* tap: Better report errors receiving from QEMU socket
|
||||
* log: Fetch log times with CLOCK_MONOTONIC, not CLOCK_REALTIME
|
||||
* log: Initialise timestamp for relative log time also if we use a log file
|
||||
* log, util: Fix sub-second part in relative log time calculation
|
||||
* test/lib/perf_report: Fix highlight
|
||||
* test: Fix spurious test failure with systemd-resolved
|
||||
* fwd: Broaden what we consider for DNS specific forwarding rules
|
||||
* fwd: Refactor tests in fwd_nat_from_tap() for clarity
|
||||
* conf: Accept addresses enclosed by square brackets in port forwarding specifiers
|
||||
* tap: Exit if we fail to bind a UNIX domain socket with explicit path
|
||||
* test: iperf3 3.16 introduces multiple threads, drop our own implementation of that
|
||||
* test: Update names of symbols and slabinfo entries
|
||||
* test: Fix memory/passt tests, --netns-only is not a valid option for passt
|
||||
* log: Drop newlines in the middle of the perror()-like messages
|
||||
* tcp: Change SO_PEEK_OFF support message to debug()
|
||||
* tap: Don't quit if pasta gets EIO on writev() to tap, interface might be down
|
||||
* tcp: Correctly update SO_PEEK_OFF when tcp_send_frames() drops frames
|
||||
* tcp: probe for SO_PEEK_OFF both in tcpv4 and tcp6
|
||||
* udp: Rename UDP listening sockets
|
||||
* udp: Remove rdelta port forwarding maps
|
||||
* udp: Remove obsolete socket tracking
|
||||
* udp: Direct datagrams from host to guest via flow table
|
||||
* udp: Find or create flows for datagrams from tap interface
|
||||
* udp: Remove obsolete splice tracking
|
||||
* udp: Handle "spliced" datagrams with per-flow sockets
|
||||
* udp: Create flows for datagrams from originating sockets
|
||||
* fwd: Update flow forwarding logic for UDP
|
||||
* flow, icmp: Use general flow forwarding rules for ICMP
|
||||
* flow, tcp: Flow based NAT and port forwarding for TCP
|
||||
* icmp: Manage outbound socket address via flow table
|
||||
* flow: Helper to create sockets based on flowside
|
||||
* icmp: Eliminate icmp_id_map
|
||||
* icmp: Look up ping flows using flow hash
|
||||
* icmp: Obtain destination addresses from the flowsides
|
||||
* icmp: Remove redundant id field from flow table entry
|
||||
* tcp: Re-use flow hash for initial sequence number generation
|
||||
* flow, tcp: Generalise TCP hash table to general flow hash table
|
||||
* tcp, flow: Replace TCP specific hash function with general flow hash
|
||||
* tcp_splice: Eliminate SPLICE_V6 flag
|
||||
* tcp: Simplify endpoint validation using flowside information
|
||||
* tcp: Manage outbound address via flow table
|
||||
* tcp: Obtain guest address from flowside
|
||||
* tcp, flow: Remove redundant information, repack connection structures
|
||||
* flow: Common address information for target side
|
||||
* flow: Common address information for initiating side
|
||||
* doc: Extend zero-recv test with methods using msghdr
|
||||
* doc: Test behaviour of closing duplicate UDP sockets
|
||||
* tcp_splice: Use parameterised macros for per-side event/flag bits
|
||||
* flow: Introduce flow_foreach_sidei() macro
|
||||
* flow, tcp_splice: Prefer 'sidei' for variables referring to side index
|
||||
* flow, icmp, tcp: Clean up helpers for getting flow from index
|
||||
* udp: Handle errors on UDP sockets
|
||||
* util: Add AF_UNSPEC support to sockaddr_ntop()
|
||||
* udp, tcp: Tweak handling of no_udp and no_tcp flags
|
||||
* udp: Make udp_sock_recv static
|
||||
* conf: Don't configure port forwarding for a disabled protocol
|
||||
* tcp: handle shrunk window advertisements from guest
|
||||
* tcp: leverage support of SO_PEEK_OFF socket option when available
|
||||
* doc: Trivial fix for reuseaddr-priority
|
||||
* doc: Test behaviour of zero length datagram recv()s
|
||||
* doc: Add program to document and test assumptions about SO_REUSEADDR
|
||||
* udp: Consolidate datagram batching
|
||||
* udp: Move some more of sock_handler tasks into sub-functions
|
||||
* udp: Don't repeatedly initialise udp[46]_eth_hdr
|
||||
* udp: Unify udp[46]_l2_iov
|
||||
* udp: Unify udp[46]_mh_splice
|
||||
* udp: Rename IOV and mmsghdr arrays
|
||||
* udp: Pass full epoll reference through more of sock handler path
|
||||
* flow: Add flow_sidx_valid() helper
|
||||
* util: sock_l4() determine protocol from epoll type rather than the reverse
|
||||
* conf: Use the right maximum buffer size for c->sock_path
|
||||
* tcp_splice: Check return value of setsockopt() for SO_RCVLOWAT
|
||||
* conf: Copy up to MAXDNSRCH - 1 bytes, not MAXDNSRCH
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 4 16:34:45 UTC 2024 - Danish Prakash <danish.prakash@suse.com>
|
||||
|
||||
|
23
passt.spec
23
passt.spec
@ -43,8 +43,9 @@
|
||||
%endif
|
||||
%endif
|
||||
|
||||
%global selinuxtype targeted
|
||||
Name: passt
|
||||
Version: 20240624.1ee2eca
|
||||
Version: 20240906.6b38f07
|
||||
Release: 0
|
||||
Summary: User-mode networking daemons for virtual machines and namespaces
|
||||
License: GPL-2.0-or-later AND BSD-3-Clause
|
||||
@ -135,13 +136,21 @@ popd
|
||||
%endif
|
||||
|
||||
%if %{with selinux}
|
||||
%post selinux
|
||||
semodule -i %{_datadir}/selinux/packages/%{name}/passt.pp 2>/dev/null || :
|
||||
semodule -i %{_datadir}/selinux/packages/%{name}/pasta.pp 2>/dev/null || :
|
||||
%pre selinux
|
||||
%selinux_relabel_pre -s %{selinuxtype}
|
||||
|
||||
%preun selinux
|
||||
semodule -r passt 2>/dev/null || :
|
||||
semodule -r pasta 2>/dev/null || :
|
||||
%post selinux
|
||||
%selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{name}/passt.pp
|
||||
%selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{name}/pasta.pp
|
||||
|
||||
%postun selinux
|
||||
if [ $1 -eq 0 ]; then
|
||||
%selinux_modules_uninstall -s %{selinuxtype} passt
|
||||
%selinux_modules_uninstall -s %{selinuxtype} pasta
|
||||
fi
|
||||
|
||||
%posttrans selinux
|
||||
%selinux_relabel_post -s %{selinuxtype}
|
||||
%endif
|
||||
|
||||
%files
|
||||
|
Loading…
Reference in New Issue
Block a user