rpms
/
NetworkManager
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import NetworkManager-1.30.0-9.el8_4

This commit is contained in:
CentOS Sources 2021-06-29 09:46:32 -04:00 committed by Andrew Lukoshko
parent c1bb40bd44
commit 1ab209fba1
5 changed files with 937 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

176
SOURCES/1008-manager-fix-active_connection_find.patch Normal file
View File

@ -0,0 +1,176 @@
From 602f73a2e838ea1055ef5e6913aec3d8a87ed610 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Thu, 13 May 2021 10:49:39 +0200
Subject: [PATCH 1/2] manager: fix active_connection_find()
Commit 33b9fa3a3caf ("manager: Keep volatile/external connections
while referenced by async_op_lst") changed active_connection_find() to
also return active connections that are not yet activating but are
waiting authorization.
This has side effect for other callers of the function. In particular,
_get_activatable_connections_filter() should exclude only ACs that are
really active, not those waiting for authorization.
Otherwise, in ensure_master_active_connection() all the ACs waiting
authorization are missed and we might fail to find the right master
AC.
Add an argument to active_connection_find to select whether include
ACs waiting authorization.
Fixes: 33b9fa3a3caf ('manager: Keep volatile/external connections while referenced by async_op_lst')
https://bugzilla.redhat.com/show_bug.cgi?id=1955101
(cherry picked from commit e694f2cec1a0e7bc188776c8573e07a4d57851dc)
(cherry picked from commit fc611f60470160fe98512c405d6785f2b24b98a1)
---
src/core/nm-manager.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/src/core/nm-manager.c b/src/core/nm-manager.c
index 5a6e05a934..c751b2db50 100644
--- a/src/core/nm-manager.c
+++ b/src/core/nm-manager.c
@@ -363,6 +363,7 @@ static NMActiveConnection *active_connection_find(NMManager * self,
NMSettingsConnection * sett_conn,
const char * uuid,
NMActiveConnectionState max_state,
+ gboolean also_waiting_auth,
GPtrArray ** out_all_matching);
static NMConnectivity *concheck_get_mgr(NMManager *self);
@@ -833,6 +834,7 @@ _delete_volatile_connection_do(NMManager *self, NMSettingsConnection *connection
connection,
NULL,
NM_ACTIVE_CONNECTION_STATE_DEACTIVATED,
+ TRUE,
NULL))
return;
@@ -978,6 +980,7 @@ active_connection_find(
NMSettingsConnection * sett_conn,
const char * uuid,
NMActiveConnectionState max_state /* candidates in state @max_state will be found */,
+ gboolean also_waiting_auth /* return also ACs waiting authorization */,
GPtrArray ** out_all_matching)
{
NMManagerPrivate * priv = NM_MANAGER_GET_PRIVATE(self);
@@ -1017,6 +1020,9 @@ active_connection_find(
if (!best_ac) {
AsyncOpData *async_op_data;
+ if (!also_waiting_auth)
+ return NULL;
+
c_list_for_each_entry (async_op_data, &priv->async_op_lst_head, async_op_lst) {
NMSettingsConnection *ac_conn;
@@ -1078,6 +1084,7 @@ active_connection_find_by_connection(NMManager * self,
sett_conn,
sett_conn ? NULL : nm_connection_get_uuid(connection),
max_state,
+ FALSE,
out_all_matching);
}
@@ -1112,6 +1119,7 @@ _get_activatable_connections_filter(NMSettings * settings,
sett_conn,
NULL,
NM_ACTIVE_CONNECTION_STATE_ACTIVATED,
+ FALSE,
NULL);
}
@@ -2245,6 +2253,7 @@ connection_flags_changed(NMSettings *settings, NMSettingsConnection *connection,
connection,
NULL,
NM_ACTIVE_CONNECTION_STATE_DEACTIVATED,
+ FALSE,
NULL)) {
/* the connection still has an active-connection. It will be purged
* when the active connection(s) get(s) removed. */
@@ -2564,6 +2573,7 @@ new_activation_allowed_for_connection(NMManager *self, NMSettingsConnection *con
connection,
NULL,
NM_ACTIVE_CONNECTION_STATE_ACTIVATED,
+ FALSE,
NULL);
}
@@ -4134,6 +4144,7 @@ find_master(NMManager * self,
master_connection,
NULL,
NM_ACTIVE_CONNECTION_STATE_DEACTIVATING,
+ FALSE,
NULL);
}
@@ -4985,6 +4996,7 @@ _internal_activate_device(NMManager *self, NMActiveConnection *active, GError **
sett_conn,
NULL,
NM_ACTIVE_CONNECTION_STATE_ACTIVATED,
+ FALSE,
&all_ac_arr);
if (ac) {
n_all = all_ac_arr ? all_ac_arr->len : ((guint) 1);
--
2.26.3
From cf2f0e5a5180d2333ce33b925d54c8b7b925e094 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Fri, 30 Apr 2021 22:35:20 +0200
Subject: [PATCH 2/2] manager: fix assertion failure in
active_connection_find()
Active-connections in the async_op_lst are not guaranteed to have a
settings-connection. In particular, the settings-connection for an
AddAndActivate() AC is set only after the authorization succeeds. Use
the non-asserting variant of the function to fix the following
failure:
nm_active_connection_get_settings_connection: assertion 'sett_conn' failed
1 _g_log_abort()
2 g_logv()
3 g_log()
4 _nm_g_return_if_fail_warning.constprop.14()
5 nm_active_connection_get_settings_connection()
6 active_connection_find()
7 _get_activatable_connections_filter()
8 nm_settings_get_connections_clone()
9 nm_manager_get_activatable_connections()
10 auto_activate_device_cb()
11 g_idle_dispatch()
12 g_main_context_dispatch()
13 g_main_context_iterate.isra.21()
14 g_main_loop_run()
15 main()
Fixes: 33b9fa3a3caf ('manager: Keep volatile/external connections while referenced by async_op_lst')
https://bugzilla.redhat.com/show_bug.cgi?id=1933719
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/834
(cherry picked from commit 23cc0bf3353ea43d95a906e27c9881b1b68e2bbe)
(cherry picked from commit d0b0c65905ae19145d1c1f2912aa580a3b0a36e0)
---
src/core/nm-manager.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/nm-manager.c b/src/core/nm-manager.c
index c751b2db50..3405de86ee 100644
--- a/src/core/nm-manager.c
+++ b/src/core/nm-manager.c
@@ -1027,7 +1027,7 @@ active_connection_find(
NMSettingsConnection *ac_conn;
ac = async_op_data->ac_auth.active;
- ac_conn = nm_active_connection_get_settings_connection(ac);
+ ac_conn = _nm_active_connection_get_settings_connection(ac);
if (sett_conn && sett_conn != ac_conn)
continue;
if (uuid && !nm_streq0(uuid, nm_settings_connection_get_uuid(ac_conn)))
--
2.26.3

53
SOURCES/1009-bond-support-tlb_dynamic_lb-in-balance-alb-mode.patch Normal file
View File

@ -0,0 +1,53 @@
From ba9dbfa4e5aaef9aa646a7718f302433ecf1a001 Mon Sep 17 00:00:00 2001
From: Wen Liang <liangwen12year@gmail.com>
Date: Tue, 25 May 2021 08:45:46 -0400
Subject: [PATCH] bond: support `tlb_dynamic_lb` in `balance-alb` mode
In kernel, `tlb_dynamic_lb` is supported to configure in bonding mode
`balance-alb`. Therefore, add the support in NetworkManager to avoid
undesirable limitation.
Kernel previously had such limitation and it was removed in
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e79c1055749e3183a2beee04a24da378623329c5.
Signed-off-by: Wen Liang <liangwen12year@gmail.com>
https://bugzilla.redhat.com/show_bug.cgi?id=1959934
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/868
(cherry picked from commit 18839361aca42d5c9f470268c28063a6e7578851)
(cherry picked from commit 2f42c781edebac329c8031561c4b210118c0b3ab)
---
libnm-core/nm-setting-bond.c | 2 +-
libnm-core/tests/test-setting.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/libnm-core/nm-setting-bond.c b/libnm-core/nm-setting-bond.c
index 68d4ca88f6..ea82d838c7 100644
--- a/libnm-core/nm-setting-bond.c
+++ b/libnm-core/nm-setting-bond.c
@@ -225,7 +225,7 @@ static NM_UTILS_STRING_TABLE_LOOKUP_DEFINE(
{NM_SETTING_BOND_OPTION_PACKETS_PER_SLAVE, ~(BIT(NM_BOND_MODE_ROUNDROBIN))},
{NM_SETTING_BOND_OPTION_PRIMARY,
~(BIT(NM_BOND_MODE_ACTIVEBACKUP) | BIT(NM_BOND_MODE_TLB) | BIT(NM_BOND_MODE_ALB))},
- {NM_SETTING_BOND_OPTION_TLB_DYNAMIC_LB, ~(BIT(NM_BOND_MODE_TLB))}, );
+ {NM_SETTING_BOND_OPTION_TLB_DYNAMIC_LB, ~(BIT(NM_BOND_MODE_TLB) | BIT(NM_BOND_MODE_ALB))}, );
gboolean
_nm_setting_bond_option_supported(const char *option, NMBondMode mode)
diff --git a/libnm-core/tests/test-setting.c b/libnm-core/tests/test-setting.c
index 01cdb41cb2..56ba31541a 100644
--- a/libnm-core/tests/test-setting.c
+++ b/libnm-core/tests/test-setting.c
@@ -687,7 +687,7 @@ test_bond_normalize(void)
((const char *[]){"mode", "active-backup", "miimon", "1", NULL}));
test_bond_normalize_options(
((const char *[]){"mode", "balance-alb", "tlb_dynamic_lb", "1", NULL}),
- ((const char *[]){"mode", "balance-alb", NULL}));
+ ((const char *[]){"mode", "balance-alb", "tlb_dynamic_lb", "1", NULL}));
test_bond_normalize_options(
((const char *[]){"mode", "balance-tlb", "tlb_dynamic_lb", "1", NULL}),
((const char *[]){"mode", "balance-tlb", "tlb_dynamic_lb", "1", NULL}));
--
2.26.3

213
SOURCES/1010-manager-delete-default-connection-when-veth-removed.patch Normal file
View File

@ -0,0 +1,213 @@
From a2cd778f7d54de1cf9f173fff5f09fededf5f49e Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Wed, 21 Apr 2021 13:42:45 +0200
Subject: [PATCH 1/2] device: take reference to device object before
'delete_on_deactivate'
It's not clear why currently a weak reference is needed.
(cherry picked from commit a42682d44fe2220412574fb13128814e643ed775)
(cherry picked from commit 8cfbb73294e9eaa475d28a6eada2c5ab14f1d74a)
---
src/core/devices/nm-device.c | 44 ++++++++++++------------------------
1 file changed, 15 insertions(+), 29 deletions(-)
diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c
index 5eaf8c23e7..7c2a6d3250 100644
--- a/src/core/devices/nm-device.c
+++ b/src/core/devices/nm-device.c
@@ -125,7 +125,6 @@ typedef struct {
typedef struct {
NMDevice *device;
guint idle_add_id;
- int ifindex;
} DeleteOnDeactivateData;
typedef struct {
@@ -12141,28 +12140,19 @@ nm_device_is_nm_owned(NMDevice *self)
static gboolean
delete_on_deactivate_link_delete(gpointer user_data)
{
- DeleteOnDeactivateData *data = user_data;
- NMDevice * self = data->device;
+ DeleteOnDeactivateData *data = user_data;
+ nm_auto_unref_object NMDevice *self = data->device;
+ NMDevicePrivate * priv = NM_DEVICE_GET_PRIVATE(self);
+ gs_free_error GError *error = NULL;
_LOGD(LOGD_DEVICE,
- "delete_on_deactivate: cleanup and delete virtual link #%d (id=%u)",
- data->ifindex,
+ "delete_on_deactivate: cleanup and delete virtual link (id=%u)",
data->idle_add_id);
- if (data->device) {
- NMDevicePrivate *priv = NM_DEVICE_GET_PRIVATE(data->device);
- gs_free_error GError *error = NULL;
+ priv->delete_on_deactivate_data = NULL;
- g_object_remove_weak_pointer(G_OBJECT(data->device), (void **) &data->device);
- priv->delete_on_deactivate_data = NULL;
-
- if (!nm_device_unrealize(data->device, TRUE, &error))
- _LOGD(LOGD_DEVICE,
- "delete_on_deactivate: unrealizing %d failed (%s)",
- data->ifindex,
- error->message);
- } else if (data->ifindex > 0)
- nm_platform_link_delete(nm_device_get_platform(self), data->ifindex);
+ if (!nm_device_unrealize(self, TRUE, &error))
+ _LOGD(LOGD_DEVICE, "delete_on_deactivate: unrealizing failed (%s)", error->message);
nm_device_emit_recheck_auto_activate(self);
@@ -12181,17 +12171,16 @@ delete_on_deactivate_unschedule(NMDevice *self)
priv->delete_on_deactivate_data = NULL;
g_source_remove(data->idle_add_id);
- g_object_remove_weak_pointer(G_OBJECT(self), (void **) &data->device);
_LOGD(LOGD_DEVICE,
- "delete_on_deactivate: cancel cleanup and delete virtual link #%d (id=%u)",
- data->ifindex,
+ "delete_on_deactivate: cancel cleanup and delete virtual link (id=%u)",
data->idle_add_id);
+ g_object_unref(data->device);
g_free(data);
}
}
static void
-delete_on_deactivate_check_and_schedule(NMDevice *self, int ifindex)
+delete_on_deactivate_check_and_schedule(NMDevice *self)
{
NMDevicePrivate * priv = NM_DEVICE_GET_PRIVATE(self);
DeleteOnDeactivateData *data;
@@ -12208,16 +12197,13 @@ delete_on_deactivate_check_and_schedule(NMDevice *self, int ifindex)
return;
delete_on_deactivate_unschedule(self); /* always cancel and reschedule */
- data = g_new(DeleteOnDeactivateData, 1);
- g_object_add_weak_pointer(G_OBJECT(self), (void **) &data->device);
- data->device = self;
- data->ifindex = ifindex;
+ data = g_new(DeleteOnDeactivateData, 1);
+ data->device = g_object_ref(self);
data->idle_add_id = g_idle_add(delete_on_deactivate_link_delete, data);
priv->delete_on_deactivate_data = data;
_LOGD(LOGD_DEVICE,
- "delete_on_deactivate: schedule cleanup and delete virtual link #%d (id=%u)",
- ifindex,
+ "delete_on_deactivate: schedule cleanup and delete virtual link (id=%u)",
data->idle_add_id);
}
@@ -15854,7 +15840,7 @@ _cleanup_generic_post(NMDevice *self, CleanupType cleanup_type)
/* Check if the device was deactivated, and if so, delete_link.
* Don't call delete_link synchronously because we are currently
* handling a state change -- which is not reentrant. */
- delete_on_deactivate_check_and_schedule(self, nm_device_get_ip_ifindex(self));
+ delete_on_deactivate_check_and_schedule(self);
}
/* ip_iface should be cleared after flushing all routes and addresses, since
--
2.26.3
From a8eac46cc6a0579cd1b17634c50d9a54518cb53e Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Wed, 31 Mar 2021 21:32:43 +0200
Subject: [PATCH 2/2] manager: ensure auto default connection is deleted when a
veth goes away
When the link goes away the manager keeps software devices alive as
unrealized because there is still a connection for them.
If the device is software and has a NM-generated connection, keeping
the device alive means that also the generated connection stays
alive. The result is that both stick around forever even if there is
no longer a kernel link.
Add a check to avoid this situation.
https://bugzilla.redhat.com/show_bug.cgi?id=1945282
Fixes: cd0cf9229d49 ('veth: add support to configure veth interfaces')
(cherry picked from commit d19773ecd4bee36f11749085a15d70a49168c0b7)
(cherry picked from commit 5279b85e02341d24a18fc8dd9238f9f68b733bff)
---
src/core/nm-manager.c | 45 +++++++++++++++++++++++++++++++++++++++++--
1 file changed, 43 insertions(+), 2 deletions(-)
diff --git a/src/core/nm-manager.c b/src/core/nm-manager.c
index c751b2db50..804e8db0f0 100644
--- a/src/core/nm-manager.c
+++ b/src/core/nm-manager.c
@@ -3519,6 +3519,45 @@ typedef struct {
guint idle_id;
} PlatformLinkCbData;
+static gboolean
+_check_remove_dev_on_link_deleted(NMManager *self, NMDevice *device)
+{
+ NMManagerPrivate * priv = NM_MANAGER_GET_PRIVATE(self);
+ NMSettingsConnection *const *scons = NULL;
+ NMConnection * con;
+ guint i;
+
+ nm_assert(nm_device_is_software(device));
+
+ /* In general, software devices stick around as unrealized
+ * until their connection is removed. However, we don't want
+ * that a NM-generated connection keeps the device alive.
+ * If there are no other compatible connections, the device
+ * should be also removed.
+ */
+
+ scons = nm_settings_get_connections(priv->settings, NULL);
+
+ for (i = 0; scons[i]; i++) {
+ con = nm_settings_connection_get_connection(scons[i]);
+ if (!nm_connection_is_virtual(con))
+ continue;
+
+ if (NM_FLAGS_HAS(nm_settings_connection_get_flags(scons[i]),
+ NM_SETTINGS_CONNECTION_INT_FLAGS_NM_GENERATED))
+ continue;
+
+ if (!nm_device_check_connection_compatible(device, con, NULL))
+ continue;
+
+ /* Found a virtual connection compatible, the device must
+ * stay around unrealized. */
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
static gboolean
_platform_link_cb_idle(PlatformLinkCbData *data)
{
@@ -3544,13 +3583,15 @@ _platform_link_cb_idle(PlatformLinkCbData *data)
if (device) {
if (nm_device_is_software(device)) {
nm_device_sys_iface_state_set(device, NM_DEVICE_SYS_IFACE_STATE_REMOVED);
- /* Our software devices stick around until their connection is removed */
if (!nm_device_unrealize(device, FALSE, &error)) {
_LOG2W(LOGD_DEVICE, device, "failed to unrealize: %s", error->message);
g_clear_error(&error);
remove_device(self, device, FALSE);
} else {
- nm_device_update_from_platform_link(device, NULL);
+ if (_check_remove_dev_on_link_deleted(self, device))
+ remove_device(self, device, FALSE);
+ else
+ nm_device_update_from_platform_link(device, NULL);
}
} else {
/* Hardware and external devices always get removed when their kernel link is gone */
--
2.26.3

482
SOURCES/1011-don-t-touch-device-tc-config-by-default-rh1928078.patch Normal file
View File

@ -0,0 +1,482 @@
From 78e4c3d3d06b411a1bc9e60ee8bf0c460d4453b2 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Tue, 25 May 2021 16:58:28 +0200
Subject: [PATCH 1/2] core,libnm: don't touch device TC configuration by
default
NetworkManager supports a very limited set of qdiscs. If users want to
configure a unsupported qdisc, they need to do it outside of
NetworkManager using tc.
The problem is that NM also removes all qdiscs and filters during
activation if the connection doesn't contain a TC setting. Therefore,
setting TC configuration outside of NM is hard because users need to
do it *after* the connection is up (for example through a dispatcher
script).
Let NM consider the presence (or absence) of a TC setting in the
connection to determine whether NM should configure (or not) qdiscs
and filters on the interface. We already do something similar for
SR-IOV configuration.
Since new connections don't have the TC setting, the new behavior
(ignore existing configuration) will be the default. The impact of
this change in different scenarios is:
- the user previously configured TC settings via NM. This continues
to work as before;
- the user didn't set any qdiscs or filters in the connection, and
expected NM to clear them from the interface during activation.
Here there is a change in behavior, but it seems unlikely that
anybody relied on the old one;
- the user didn't care about qdiscs and filters; NM removed all
qdiscs upon activation, and so the default qdisc from kernel was
used. After this change, NM will not touch qdiscs and the default
qdisc will be used, as before;
- the user set a different qdisc via tc and NM cleared it during
activation. Now this will work as expected.
So, the new default behavior seems better than the previous one.
https://bugzilla.redhat.com/show_bug.cgi?id=1928078
(cherry picked from commit a48edd0410c878d65fc5adcd5192b116ab6f8afc)
(cherry picked from commit 2a8181bcd78d055b7cb9e6c0e026bc3b08231b5a)
---
.../generate-docs-nm-settings-nmcli.xml.in | 4 +--
clients/common/settings-docs.h.in | 4 +--
libnm-core/nm-setting-tc-config.c | 16 ++++++++++++
src/core/devices/nm-device.c | 26 +++++++++----------
4 files changed, 33 insertions(+), 17 deletions(-)
diff --git a/clients/cli/generate-docs-nm-settings-nmcli.xml.in b/clients/cli/generate-docs-nm-settings-nmcli.xml.in
index 1044ae0d38..0a75a0e681 100644
--- a/clients/cli/generate-docs-nm-settings-nmcli.xml.in
+++ b/clients/cli/generate-docs-nm-settings-nmcli.xml.in
@@ -914,9 +914,9 @@
</setting>
<setting name="tc" >
<property name="qdiscs"
- description="Array of TC queueing disciplines." />
+ description="Array of TC queueing disciplines. When the &quot;tc&quot; setting is present, qdiscs from this property are applied upon activation. If the property is empty, all qdiscs are removed and the device will only have the default qdisc assigned by kernel according to the &quot;net.core.default_qdisc&quot; sysctl. If the &quot;tc&quot; setting is not present, NetworkManager doesn&apos;t touch the qdiscs present on the interface." />
<property name="tfilters"
- description="Array of TC traffic filters." />
+ description="Array of TC traffic filters. When the &quot;tc&quot; setting is present, filters from this property are applied upon activation. If the property is empty, NetworkManager removes all the filters. If the &quot;tc&quot; setting is not present, NetworkManager doesn&apos;t touch the filters present on the interface." />
</setting>
<setting name="team" >
<property name="config"
diff --git a/clients/common/settings-docs.h.in b/clients/common/settings-docs.h.in
index 2c275a99c8..7c3ff25fe3 100644
--- a/clients/common/settings-docs.h.in
+++ b/clients/common/settings-docs.h.in
@@ -342,8 +342,8 @@
#define DESCRIBE_DOC_NM_SETTING_SRIOV_AUTOPROBE_DRIVERS N_("Whether to autoprobe virtual functions by a compatible driver. If set to NM_TERNARY_TRUE (1), the kernel will try to bind VFs to a compatible driver and if this succeeds a new network interface will be instantiated for each VF. If set to NM_TERNARY_FALSE (0), VFs will not be claimed and no network interfaces will be created for them. When set to NM_TERNARY_DEFAULT (-1), the global default is used; in case the global default is unspecified it is assumed to be NM_TERNARY_TRUE (1).")
#define DESCRIBE_DOC_NM_SETTING_SRIOV_TOTAL_VFS N_("The total number of virtual functions to create. Note that when the sriov setting is present NetworkManager enforces the number of virtual functions on the interface (also when it is zero) during activation and resets it upon deactivation. To prevent any changes to SR-IOV parameters don't add a sriov setting to the connection.")
#define DESCRIBE_DOC_NM_SETTING_SRIOV_VFS N_("Array of virtual function descriptors. Each VF descriptor is a dictionary mapping attribute names to GVariant values. The 'index' entry is mandatory for each VF. When represented as string a VF is in the form: \"INDEX [ATTR=VALUE[ ATTR=VALUE]...]\". for example: \"2 mac=00:11:22:33:44:55 spoof-check=true\". Multiple VFs can be specified using a comma as separator. Currently, the following attributes are supported: mac, spoof-check, trust, min-tx-rate, max-tx-rate, vlans. The \"vlans\" attribute is represented as a semicolon-separated list of VLAN descriptors, where each descriptor has the form \"ID[.PRIORITY[.PROTO]]\". PROTO can be either 'q' for 802.1Q (the default) or 'ad' for 802.1ad.")
-#define DESCRIBE_DOC_NM_SETTING_TC_CONFIG_QDISCS N_("Array of TC queueing disciplines.")
-#define DESCRIBE_DOC_NM_SETTING_TC_CONFIG_TFILTERS N_("Array of TC traffic filters.")
+#define DESCRIBE_DOC_NM_SETTING_TC_CONFIG_QDISCS N_("Array of TC queueing disciplines. When the \"tc\" setting is present, qdiscs from this property are applied upon activation. If the property is empty, all qdiscs are removed and the device will only have the default qdisc assigned by kernel according to the \"net.core.default_qdisc\" sysctl. If the \"tc\" setting is not present, NetworkManager doesn't touch the qdiscs present on the interface.")
+#define DESCRIBE_DOC_NM_SETTING_TC_CONFIG_TFILTERS N_("Array of TC traffic filters. When the \"tc\" setting is present, filters from this property are applied upon activation. If the property is empty, NetworkManager removes all the filters. If the \"tc\" setting is not present, NetworkManager doesn't touch the filters present on the interface.")
#define DESCRIBE_DOC_NM_SETTING_TEAM_CONFIG N_("The JSON configuration for the team network interface. The property should contain raw JSON configuration data suitable for teamd, because the value is passed directly to teamd. If not specified, the default configuration is used. See man teamd.conf for the format details.")
#define DESCRIBE_DOC_NM_SETTING_TEAM_LINK_WATCHERS N_("Link watchers configuration for the connection: each link watcher is defined by a dictionary, whose keys depend upon the selected link watcher. Available link watchers are 'ethtool', 'nsna_ping' and 'arp_ping' and it is specified in the dictionary with the key 'name'. Available keys are: ethtool: 'delay-up', 'delay-down', 'init-wait'; nsna_ping: 'init-wait', 'interval', 'missed-max', 'target-host'; arp_ping: all the ones in nsna_ping and 'source-host', 'validate-active', 'validate-inactive', 'send-always'. See teamd.conf man for more details.")
#define DESCRIBE_DOC_NM_SETTING_TEAM_MCAST_REJOIN_COUNT N_("Corresponds to the teamd mcast_rejoin.count.")
diff --git a/libnm-core/nm-setting-tc-config.c b/libnm-core/nm-setting-tc-config.c
index 33df6d34e5..2fad98b1e8 100644
--- a/libnm-core/nm-setting-tc-config.c
+++ b/libnm-core/nm-setting-tc-config.c
@@ -1810,6 +1810,15 @@ nm_setting_tc_config_class_init(NMSettingTCConfigClass *klass)
* NMSettingTCConfig:qdiscs: (type GPtrArray(NMTCQdisc))
*
* Array of TC queueing disciplines.
+ *
+ * When the #NMSettingTCConfig setting is present, qdiscs from this
+ * property are applied upon activation. If the property is empty,
+ * all qdiscs are removed and the device will only
+ * have the default qdisc assigned by kernel according to the
+ * "net.core.default_qdisc" sysctl.
+ *
+ * If the #NMSettingTCConfig setting is not present, NetworkManager
+ * doesn't touch the qdiscs present on the interface.
**/
/* ---ifcfg-rh---
* property: qdiscs
@@ -1834,6 +1843,13 @@ nm_setting_tc_config_class_init(NMSettingTCConfigClass *klass)
* NMSettingTCConfig:tfilters: (type GPtrArray(NMTCTfilter))
*
* Array of TC traffic filters.
+ *
+ * When the #NMSettingTCConfig setting is present, filters from this
+ * property are applied upon activation. If the property is empty,
+ * NetworkManager removes all the filters.
+ *
+ * If the #NMSettingTCConfig setting is not present, NetworkManager
+ * doesn't touch the filters present on the interface.
**/
/* ---ifcfg-rh---
* property: qdiscs
diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c
index 7c2a6d3250..901d309c59 100644
--- a/src/core/devices/nm-device.c
+++ b/src/core/devices/nm-device.c
@@ -8361,26 +8361,23 @@ _routing_rules_sync(NMDevice *self, NMTernary set_mode)
static gboolean
tc_commit(NMDevice *self)
{
- NMConnection * connection = NULL;
gs_unref_ptrarray GPtrArray *qdiscs = NULL;
gs_unref_ptrarray GPtrArray *tfilters = NULL;
- NMSettingTCConfig * s_tc = NULL;
+ NMSettingTCConfig * s_tc;
NMPlatform * platform;
int ip_ifindex;
- platform = nm_device_get_platform(self);
- connection = nm_device_get_applied_connection(self);
- if (connection)
- s_tc = nm_connection_get_setting_tc_config(connection);
+ s_tc = nm_device_get_applied_setting(self, NM_TYPE_SETTING_TC_CONFIG);
+ if (!s_tc)
+ return TRUE;
ip_ifindex = nm_device_get_ip_ifindex(self);
if (!ip_ifindex)
- return s_tc == NULL;
+ return FALSE;
- if (s_tc) {
- qdiscs = nm_utils_qdiscs_from_tc_setting(platform, s_tc, ip_ifindex);
- tfilters = nm_utils_tfilters_from_tc_setting(platform, s_tc, ip_ifindex);
- }
+ platform = nm_device_get_platform(self);
+ qdiscs = nm_utils_qdiscs_from_tc_setting(platform, s_tc, ip_ifindex);
+ tfilters = nm_utils_tfilters_from_tc_setting(platform, s_tc, ip_ifindex);
if (!nm_platform_qdisc_sync(platform, ip_ifindex, qdiscs))
return FALSE;
@@ -15900,9 +15897,12 @@ nm_device_cleanup(NMDevice *self, NMDeviceStateReason reason, CleanupType cleanu
nm_platform_ip_route_flush(platform, AF_UNSPEC, ifindex);
nm_platform_ip_address_flush(platform, AF_UNSPEC, ifindex);
- nm_platform_tfilter_sync(platform, ifindex, NULL);
- nm_platform_qdisc_sync(platform, ifindex, NULL);
set_ipv6_token(self, iid, "::");
+
+ if (nm_device_get_applied_setting(self, NM_TYPE_SETTING_TC_CONFIG)) {
+ nm_platform_tfilter_sync(platform, ifindex, NULL);
+ nm_platform_qdisc_sync(platform, ifindex, NULL);
+ }
}
}
--
2.31.1
From 450b6aab2ba4221a08e8ce529ec7c16dfb97458b Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Tue, 25 May 2021 18:00:27 +0200
Subject: [PATCH 2/2] ifcfg-rh: preserve an empty tc configuration
If the TC setting contains no qdiscs and filters, it is lost after a
write-read cycle. Fix this by adding a new property to indicate the
presence of the (empty) setting.
(cherry picked from commit 6a88d4e55cf031da2b5a8458d21487a011357da4)
(cherry picked from commit acf0c4df2b0fb0dc332aa929131953390998828f)
---
Makefile.am | 1 +
libnm-core/nm-setting-tc-config.c | 14 +++-
.../plugins/ifcfg-rh/nms-ifcfg-rh-reader.c | 3 +-
.../plugins/ifcfg-rh/nms-ifcfg-rh-utils.c | 1 +
.../plugins/ifcfg-rh/nms-ifcfg-rh-utils.h | 2 +-
.../plugins/ifcfg-rh/nms-ifcfg-rh-writer.c | 38 +++++----
.../ifcfg-test-tc-write-empty.cexpected | 15 ++++
.../plugins/ifcfg-rh/tests/test-ifcfg-rh.c | 80 +++++++++++++++++++
8 files changed, 128 insertions(+), 26 deletions(-)
create mode 100644 src/core/settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-test-tc-write-empty.cexpected
diff --git a/Makefile.am b/Makefile.am
index 9279672c1f..c8e417729b 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -3300,6 +3300,7 @@ EXTRA_DIST += \
src/core/settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-test-static-routes-legacy.cexpected \
src/core/settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-test-tc \
src/core/settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-test-tc-write.cexpected \
+ src/core/settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-test-tc-write-empty.cexpected \
src/core/settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-test-team-master-1 \
src/core/settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-test-team-master-2 \
src/core/settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-test-team-master-invalid \
diff --git a/libnm-core/nm-setting-tc-config.c b/libnm-core/nm-setting-tc-config.c
index 2fad98b1e8..31e829c1d2 100644
--- a/libnm-core/nm-setting-tc-config.c
+++ b/libnm-core/nm-setting-tc-config.c
@@ -1822,8 +1822,11 @@ nm_setting_tc_config_class_init(NMSettingTCConfigClass *klass)
**/
/* ---ifcfg-rh---
* property: qdiscs
- * variable: QDISC1(+), QDISC2(+), ...
- * description: Queueing disciplines
+ * variable: QDISC1(+), QDISC2(+), ..., TC_COMMIT(+)
+ * description: Queueing disciplines to set on the interface. When no
+ * QDISC1, QDISC2, ..., FILTER1, FILTER2, ... keys are present,
+ * NetworkManager doesn't touch qdiscs and filters present on the
+ * interface, unless TC_COMMIT is set to 'yes'.
* example: QDISC1=ingress, QDISC2="root handle 1234: fq_codel"
* ---end---
*/
@@ -1853,8 +1856,11 @@ nm_setting_tc_config_class_init(NMSettingTCConfigClass *klass)
**/
/* ---ifcfg-rh---
* property: qdiscs
- * variable: FILTER1(+), FILTER2(+), ...
- * description: Traffic filters
+ * variable: FILTER1(+), FILTER2(+), ..., TC_COMMIT(+)
+ * description: Traffic filters to set on the interface. When no
+ * QDISC1, QDISC2, ..., FILTER1, FILTER2, ... keys are present,
+ * NetworkManager doesn't touch qdiscs and filters present on the
+ * interface, unless TC_COMMIT is set to 'yes'.
* example: FILTER1="parent ffff: matchall action simple sdata Input", ...
* ---end---
*/
diff --git a/src/core/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c b/src/core/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c
index 209957d9b8..a42c418884 100644
--- a/src/core/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c
+++ b/src/core/settings/plugins/ifcfg-rh/nms-ifcfg-rh-reader.c
@@ -2707,7 +2707,8 @@ make_tc_setting(shvarFile *ifcfg)
}
if (nm_setting_tc_config_get_num_qdiscs(s_tc) > 0
- || nm_setting_tc_config_get_num_tfilters(s_tc) > 0)
+ || nm_setting_tc_config_get_num_tfilters(s_tc) > 0
+ || svGetValueBoolean(ifcfg, "TC_COMMIT", FALSE))
return NM_SETTING(s_tc);
g_object_unref(s_tc);
diff --git a/src/core/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c b/src/core/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c
index 8da5de473b..ada1942acb 100644
--- a/src/core/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c
+++ b/src/core/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.c
@@ -1026,6 +1026,7 @@ const NMSIfcfgKeyTypeInfo nms_ifcfg_well_known_keys[] = {
_KEY_TYPE("STABLE_ID", NMS_IFCFG_KEY_TYPE_IS_PLAIN),
_KEY_TYPE("STP", NMS_IFCFG_KEY_TYPE_IS_PLAIN),
_KEY_TYPE("SUBCHANNELS", NMS_IFCFG_KEY_TYPE_IS_PLAIN),
+ _KEY_TYPE("TC_COMMIT", NMS_IFCFG_KEY_TYPE_IS_PLAIN),
_KEY_TYPE("TEAM_CONFIG", NMS_IFCFG_KEY_TYPE_IS_PLAIN),
_KEY_TYPE("TEAM_MASTER", NMS_IFCFG_KEY_TYPE_IS_PLAIN),
_KEY_TYPE("TEAM_MASTER_UUID", NMS_IFCFG_KEY_TYPE_IS_PLAIN),
diff --git a/src/core/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.h b/src/core/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.h
index 36ec922514..04a1b63d3e 100644
--- a/src/core/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.h
+++ b/src/core/settings/plugins/ifcfg-rh/nms-ifcfg-rh-utils.h
@@ -33,7 +33,7 @@ typedef struct {
NMSIfcfgKeyTypeFlags key_flags;
} NMSIfcfgKeyTypeInfo;
-extern const NMSIfcfgKeyTypeInfo nms_ifcfg_well_known_keys[247];
+extern const NMSIfcfgKeyTypeInfo nms_ifcfg_well_known_keys[248];
const NMSIfcfgKeyTypeInfo *nms_ifcfg_well_known_key_find_info(const char *key, gssize *out_idx);
diff --git a/src/core/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c b/src/core/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
index a968fce0ba..65bacb293a 100644
--- a/src/core/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
+++ b/src/core/settings/plugins/ifcfg-rh/nms-ifcfg-rh-writer.c
@@ -2511,46 +2511,46 @@ write_sriov_setting(NMConnection *connection, shvarFile *ifcfg)
}
}
-static gboolean
-write_tc_setting(NMConnection *connection, shvarFile *ifcfg, GError **error)
+static void
+write_tc_setting(NMConnection *connection, shvarFile *ifcfg)
{
NMSettingTCConfig *s_tc;
- guint i, num, n;
+ guint num_qdiscs;
+ guint num_filters;
+ guint i;
+ guint n;
char tag[64];
s_tc = nm_connection_get_setting_tc_config(connection);
if (!s_tc)
- return TRUE;
+ return;
- num = nm_setting_tc_config_get_num_qdiscs(s_tc);
- for (n = 1, i = 0; i < num; i++) {
+ num_qdiscs = nm_setting_tc_config_get_num_qdiscs(s_tc);
+ for (n = 1, i = 0; i < num_qdiscs; i++) {
NMTCQdisc * qdisc;
gs_free char *str = NULL;
qdisc = nm_setting_tc_config_get_qdisc(s_tc, i);
- str = nm_utils_tc_qdisc_to_str(qdisc, error);
- if (!str)
- return FALSE;
-
+ str = nm_utils_tc_qdisc_to_str(qdisc, NULL);
+ nm_assert(str);
svSetValueStr(ifcfg, numbered_tag(tag, "QDISC", n), str);
n++;
}
- num = nm_setting_tc_config_get_num_tfilters(s_tc);
- for (n = 1, i = 0; i < num; i++) {
+ num_filters = nm_setting_tc_config_get_num_tfilters(s_tc);
+ for (n = 1, i = 0; i < num_filters; i++) {
NMTCTfilter * tfilter;
gs_free char *str = NULL;
tfilter = nm_setting_tc_config_get_tfilter(s_tc, i);
- str = nm_utils_tc_tfilter_to_str(tfilter, error);
- if (!str)
- return FALSE;
-
+ str = nm_utils_tc_tfilter_to_str(tfilter, NULL);
+ nm_assert(str);
svSetValueStr(ifcfg, numbered_tag(tag, "FILTER", n), str);
n++;
}
- return TRUE;
+ if (num_qdiscs == 0 && num_filters == 0)
+ svSetValueBoolean(ifcfg, "TC_COMMIT", TRUE);
}
static void
@@ -3373,9 +3373,7 @@ do_write_construct(NMConnection * connection,
write_match_setting(connection, ifcfg);
write_hostname_setting(connection, ifcfg);
write_sriov_setting(connection, ifcfg);
-
- if (!write_tc_setting(connection, ifcfg, error))
- return FALSE;
+ write_tc_setting(connection, ifcfg);
route_path_is_svformat = utils_has_route_file_new_syntax(route_path);
diff --git a/src/core/settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-test-tc-write-empty.cexpected b/src/core/settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-test-tc-write-empty.cexpected
new file mode 100644
index 0000000000..4df768b463
--- /dev/null
+++ b/src/core/settings/plugins/ifcfg-rh/tests/network-scripts/ifcfg-test-tc-write-empty.cexpected
@@ -0,0 +1,15 @@
+TYPE=Ethernet
+PROXY_METHOD=none
+BROWSER_ONLY=no
+TC_COMMIT=yes
+BOOTPROTO=none
+IPADDR=1.1.1.3
+PREFIX=24
+GATEWAY=1.1.1.1
+DEFROUTE=yes
+IPV4_FAILURE_FATAL=no
+IPV6INIT=no
+NAME="Test Write TC config"
+UUID=${UUID}
+DEVICE=eth0
+ONBOOT=yes
diff --git a/src/core/settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c b/src/core/settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c
index 59127d0103..9d9ed62653 100644
--- a/src/core/settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c
+++ b/src/core/settings/plugins/ifcfg-rh/tests/test-ifcfg-rh.c
@@ -11108,6 +11108,85 @@ test_tc_read(void)
g_object_unref(connection);
}
+static void
+test_tc_write_empty(void)
+{
+ nmtst_auto_unlinkfile char *testfile = NULL;
+ gs_unref_object NMConnection *connection = NULL;
+ gs_unref_object NMConnection *reread = NULL;
+ NMSettingConnection * s_con;
+ NMSettingIPConfig * s_ip4;
+ NMSettingIPConfig * s_ip6;
+ NMSettingWired * s_wired;
+ NMSettingTCConfig * s_tc;
+ NMIPAddress * addr;
+ GError * error = NULL;
+
+ connection = nm_simple_connection_new();
+
+ /* Connection setting */
+ s_con = (NMSettingConnection *) nm_setting_connection_new();
+ nm_connection_add_setting(connection, NM_SETTING(s_con));
+
+ g_object_set(s_con,
+ NM_SETTING_CONNECTION_ID,
+ "Test Write TC config",
+ NM_SETTING_CONNECTION_UUID,
+ nm_utils_uuid_generate_a(),
+ NM_SETTING_CONNECTION_AUTOCONNECT,
+ TRUE,
+ NM_SETTING_CONNECTION_INTERFACE_NAME,
+ "eth0",
+ NM_SETTING_CONNECTION_TYPE,
+ NM_SETTING_WIRED_SETTING_NAME,
+ NULL);
+
+ /* Wired setting */
+ s_wired = (NMSettingWired *) nm_setting_wired_new();
+ nm_connection_add_setting(connection, NM_SETTING(s_wired));
+
+ /* IP4 setting */
+ s_ip4 = (NMSettingIPConfig *) nm_setting_ip4_config_new();
+ nm_connection_add_setting(connection, NM_SETTING(s_ip4));
+
+ g_object_set(s_ip4,
+ NM_SETTING_IP_CONFIG_METHOD,
+ NM_SETTING_IP4_CONFIG_METHOD_MANUAL,
+ NM_SETTING_IP_CONFIG_GATEWAY,
+ "1.1.1.1",
+ NM_SETTING_IP_CONFIG_MAY_FAIL,
+ TRUE,
+ NULL);
+
+ addr = nm_ip_address_new(AF_INET, "1.1.1.3", 24, &error);
+ g_assert_no_error(error);
+ nm_setting_ip_config_add_address(s_ip4, addr);
+ nm_ip_address_unref(addr);
+
+ /* IP6 setting */
+ s_ip6 = (NMSettingIPConfig *) nm_setting_ip6_config_new();
+ nm_connection_add_setting(connection, NM_SETTING(s_ip6));
+
+ g_object_set(s_ip6, NM_SETTING_IP_CONFIG_METHOD, NM_SETTING_IP6_CONFIG_METHOD_IGNORE, NULL);
+
+ /* TC setting */
+ s_tc = (NMSettingTCConfig *) nm_setting_tc_config_new();
+ nm_connection_add_setting(connection, NM_SETTING(s_tc));
+
+ nm_connection_add_setting(connection, nm_setting_proxy_new());
+
+ nmtst_assert_connection_verifies_without_normalization(connection);
+
+ _writer_new_connec_exp(connection,
+ TEST_SCRATCH_DIR,
+ TEST_IFCFG_DIR "/ifcfg-test-tc-write-empty.cexpected",
+ &testfile);
+
+ reread = _connection_from_file(testfile, NULL, TYPE_BOND, NULL);
+
+ nmtst_assert_connection_equals(connection, FALSE, reread, FALSE);
+}
+
static void
test_tc_write(void)
{
@@ -11848,6 +11927,7 @@ main(int argc, char **argv)
g_test_add_func(TPATH "tc/read", test_tc_read);
g_test_add_func(TPATH "tc/write", test_tc_write);
+ g_test_add_func(TPATH "tc/write_empty", test_tc_write_empty);
g_test_add_func(TPATH "utils/test_well_known_keys", test_well_known_keys);
g_test_add_func(TPATH "utils/test_utils_has_route_file_new_syntax",
test_utils_has_route_file_new_syntax);
--
2.31.1

14
SPECS/NetworkManager.spec
View File

@ -7,7 +7,7 @@
%global epoch_version 1
%global rpm_version 1.30.0
%global real_version 1.30.0
%global release_version 7
%global release_version 9
%global snapshot %{nil}
%global git_sha %{nil}
@ -194,6 +194,10 @@ Patch1004: 1004-fix-handling-generated-local-routes-rh1907661.patch
Patch1005: 1005-initrd-fix-crash-parsing-empty-rd.znet-argument.patch
Patch1006: 1006-core-fix-crash-in-nm_wildcard_match_check.patch
Patch1007: 1007-initrd-multiconnect-single-for-manual-ip-rh1915493.patch
Patch1008: 1008-manager-fix-active_connection_find.patch
Patch1009: 1009-bond-support-tlb_dynamic_lb-in-balance-alb-mode.patch
Patch1010: 1010-manager-delete-default-connection-when-veth-removed.patch
Patch1011: 1011-don-t-touch-device-tc-config-by-default-rh1928078.patch
# The pregenerated docs contain default values and paths that depend
# on the configure options when creating the source tarball.
@ -1158,6 +1162,14 @@ fi
%changelog
* Fri Jun 18 2021 Beniamino Galvani <bgalvani@redhat.com> - 1:1.30.0-9
- core: don't touch device traffic control (TC) configuration by default (rh #1928078)
* Fri Jun 4 2021 Wen Liang <wenliang@redhat.com> - 1:1.30.0-8
- core: fix finding active connection for controller (rh #1965337)
- bond: support 'tlb_dynamic_lb' in 'balance-alb' mode (rh #1965948)
- manager: delete default connection when veth removed (rh #1965336)
* Fri Mar 26 2021 Beniamino Galvani <bgalvani@redhat.com> - 1:1.30.0-7
- initrd: set multi-connect=single for connections with static IP (rh #1915493)