rpms/NetworkManager
7
0
Fork 0
Code Issues Pull Requests Releases Activity

core: avoid infinite autoconnect with multi-connect profiles (rh #2150000)

Browse Source 
Resolves: #2150000
This commit is contained in:
Thomas Haller 2022-12-21 14:03:34 +01:00
parent d8bad37a2a
commit 24813ceb94
No known key found for this signature in database
GPG Key ID: 29C2366E4DFC5728
2 changed files with 345 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

340
1001-Revert-policy-track-the-autoconnect-retries-in-devic.patch Normal file
View File

@ -0,0 +1,340 @@
From bf6cb14a53592bf2f2c51a653d5c82648c6e2386 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Tue, 20 Dec 2022 16:11:16 +0100
Subject: [PATCH 1/1] Revert "policy: track the autoconnect retries in devices
for multi-connect"
With multi-connect enabled, this can cause infinite retries to autoconnect,
see [1].
That has bad consequences for example in initrd, where
nm-wait-online-initrd.service would wait up to one hour before failing
and blocking boot.
This reverts commit 1656d82045343b5af5b86cf129d4f2b12540b277.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=2039734#c5
Fixes: 1656d8204534 ('policy: track the autoconnect retries in devices for multi-connect')
(cherry picked from commit aec7ae8279cc9b3de7e75140b75fe997f43700fc)
---
src/core/devices/nm-device.c | 50 ----------------
src/core/devices/nm-device.h | 5 --
src/core/nm-policy.c | 112 ++++-------------------------------
3 files changed, 10 insertions(+), 157 deletions(-)
diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c
index 921c0103402b..b23a34b2f054 100644
--- a/src/core/devices/nm-device.c
+++ b/src/core/devices/nm-device.c
@@ -97,8 +97,6 @@
#define NM_DEVICE_AUTH_RETRIES_INFINITY -2
#define NM_DEVICE_AUTH_RETRIES_DEFAULT 3
-#define AUTOCONNECT_RESET_RETRIES_TIMER 300
-
/*****************************************************************************/
typedef void (*ActivationHandleFunc)(NMDevice *self);
@@ -764,9 +762,6 @@ typedef struct _NMDevicePrivate {
GVariant *ports_variant; /* Array of port devices D-Bus path */
char *prop_ip_iface; /* IP interface D-Bus property */
-
- int autoconnect_retries;
- gint32 autoconnect_retries_blocked_until;
} NMDevicePrivate;
G_DEFINE_ABSTRACT_TYPE(NMDevice, nm_device, NM_TYPE_DBUS_OBJECT)
@@ -16936,49 +16931,6 @@ nm_device_get_initial_hw_address(NMDevice *self)
return NM_DEVICE_GET_PRIVATE(self)->hw_addr_initial;
}
-void
-nm_device_set_autoconnect_retries(NMDevice *self, int tries)
-{
- NMDevicePrivate *priv = NM_DEVICE_GET_PRIVATE(self);
-
- if (priv->autoconnect_retries != tries) {
- _LOGT(LOGD_DEVICE, "autoconnect: retries set %d", tries);
- priv->autoconnect_retries = tries;
- }
-
- if (tries)
- priv->autoconnect_retries_blocked_until = 0; /* we are not blocked anymore */
- else
- priv->autoconnect_retries_blocked_until =
- nm_utils_get_monotonic_timestamp_sec() + AUTOCONNECT_RESET_RETRIES_TIMER;
-}
-
-int
-nm_device_get_autoconnect_retries(NMDevice *self)
-{
- NMDevicePrivate *priv = NM_DEVICE_GET_PRIVATE(self);
-
- return priv->autoconnect_retries;
-}
-
-gint32
-nm_device_autoconnect_retries_blocked_until(NMDevice *self)
-{
- NMDevicePrivate *priv = NM_DEVICE_GET_PRIVATE(self);
-
- return priv->autoconnect_retries_blocked_until;
-}
-
-void
-nm_device_autoconnect_retries_reset(NMDevice *self)
-{
- NMDevicePrivate *priv = NM_DEVICE_GET_PRIVATE(self);
-
- /* default value, we will sync. with connection value when needed */
- priv->autoconnect_retries = -2;
- priv->autoconnect_retries_blocked_until = 0;
-}
-
/**
* nm_device_spec_match_list:
* @self: an #NMDevice
@@ -17742,8 +17694,6 @@ nm_device_init(NMDevice *self)
priv->sys_iface_state_ = NM_DEVICE_SYS_IFACE_STATE_EXTERNAL;
priv->promisc_reset = NM_OPTION_BOOL_DEFAULT;
-
- priv->autoconnect_retries = -2;
}
static GObject *
diff --git a/src/core/devices/nm-device.h b/src/core/devices/nm-device.h
index 4234788e7eb4..64e484360be3 100644
--- a/src/core/devices/nm-device.h
+++ b/src/core/devices/nm-device.h
@@ -466,11 +466,6 @@ const char *nm_device_get_permanent_hw_address_full(NMDevice *self,
gboolean *out_is_fake);
const char *nm_device_get_initial_hw_address(NMDevice *dev);
-void nm_device_set_autoconnect_retries(NMDevice *self, int tries);
-int nm_device_get_autoconnect_retries(NMDevice *self);
-gint32 nm_device_autoconnect_retries_blocked_until(NMDevice *self);
-void nm_device_autoconnect_retries_reset(NMDevice *self);
-
NMDhcpConfig *nm_device_get_dhcp_config(NMDevice *dev, int addr_family);
NML3Cfg *nm_device_get_l3cfg(NMDevice *self);
diff --git a/src/core/nm-policy.c b/src/core/nm-policy.c
index 09e1ee8a20f1..4192808a7bd3 100644
--- a/src/core/nm-policy.c
+++ b/src/core/nm-policy.c
@@ -1591,7 +1591,6 @@ nm_policy_unblock_failed_ovs_interfaces(NMPolicy *self)
NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE(self);
NMSettingsConnection *const *connections = NULL;
guint i;
- gboolean multiconnect = FALSE;
_LOGT(LOGD_DEVICE, "unblocking failed OVS interfaces");
@@ -1599,13 +1598,6 @@ nm_policy_unblock_failed_ovs_interfaces(NMPolicy *self)
for (i = 0; connections[i]; i++) {
NMSettingsConnection *sett_conn = connections[i];
NMConnection *connection = nm_settings_connection_get_connection(sett_conn);
- NMSettingConnection *s_con = nm_connection_get_setting_connection(connection);
-
- /* Check if any connection is connect multiple */
- if (s_con
- && nm_setting_connection_get_multi_connect(s_con)
- == NM_CONNECTION_MULTI_CONNECT_MULTIPLE)
- multiconnect = TRUE;
if (nm_connection_get_setting_ovs_interface(connection)) {
nm_settings_connection_autoconnect_retries_reset(sett_conn);
@@ -1615,18 +1607,6 @@ nm_policy_unblock_failed_ovs_interfaces(NMPolicy *self)
FALSE);
}
}
-
- /* There is, at least, one multiconnect connection with an OVS setting.
- * Let's check the OVS devices retries */
- if (multiconnect) {
- NMDevice *device;
- GHashTableIter h_iter;
- g_hash_table_iter_init(&h_iter, priv->devices);
- while (g_hash_table_iter_next(&h_iter, (gpointer *) &device, NULL)) {
- if (nm_device_get_device_type(device) == NM_DEVICE_TYPE_OVS_INTERFACE)
- nm_device_autoconnect_retries_reset(device);
- }
- }
}
static gboolean
@@ -1638,8 +1618,7 @@ reset_autoconnect_all(
NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE(self);
NMSettingsConnection *const *connections = NULL;
guint i;
- gboolean changed = FALSE;
- gboolean multiconnect = FALSE;
+ gboolean changed = FALSE;
_LOGD(LOGD_DEVICE,
"re-enabling autoconnect for all connections%s%s%s",
@@ -1650,8 +1629,6 @@ reset_autoconnect_all(
connections = nm_settings_get_connections(priv->settings, NULL);
for (i = 0; connections[i]; i++) {
NMSettingsConnection *sett_conn = connections[i];
- NMSettingConnection *s_con =
- nm_connection_get_setting_connection(nm_settings_connection_get_connection(sett_conn));
if (device
&& !nm_device_check_connection_compatible(
@@ -1660,11 +1637,6 @@ reset_autoconnect_all(
NULL))
continue;
- if (s_con
- && nm_setting_connection_get_multi_connect(s_con)
- == NM_CONNECTION_MULTI_CONNECT_MULTIPLE)
- multiconnect = TRUE;
-
if (only_no_secrets) {
/* we only reset the no-secrets blocked flag. */
if (nm_settings_connection_autoconnect_blocked_reason_set(
@@ -1693,20 +1665,6 @@ reset_autoconnect_all(
}
}
}
-
- /* There is, at least, one multiconnect connection. Let's check the devices retries */
- if (multiconnect) {
- NMDevice *device_iter;
- GHashTableIter h_iter;
- g_hash_table_iter_init(&h_iter, priv->devices);
- while (g_hash_table_iter_next(&h_iter, (gpointer *) &device_iter, NULL)) {
- if (nm_device_get_autoconnect_retries(device_iter) != -2) {
- nm_device_autoconnect_retries_reset(device_iter);
- changed = TRUE;
- }
- }
- }
-
return changed;
}
@@ -1769,8 +1727,7 @@ reset_connections_retries(gpointer user_data)
NMSettingsConnection *const *connections = NULL;
guint i;
gint32 con_stamp, min_stamp, now;
- gboolean changed = FALSE;
- gboolean multiconnect = FALSE;
+ gboolean changed = FALSE;
priv->reset_retries_id = 0;
@@ -1779,14 +1736,6 @@ reset_connections_retries(gpointer user_data)
connections = nm_settings_get_connections(priv->settings, NULL);
for (i = 0; connections[i]; i++) {
NMSettingsConnection *connection = connections[i];
- NMSettingConnection *s_con =
- nm_connection_get_setting_connection(nm_settings_connection_get_connection(connection));
-
- /* Check if any connection is connect multiple */
- if (s_con
- && nm_setting_connection_get_multi_connect(s_con)
- == NM_CONNECTION_MULTI_CONNECT_MULTIPLE)
- multiconnect = TRUE;
con_stamp = nm_settings_connection_autoconnect_retries_blocked_until(connection);
if (con_stamp == 0)
@@ -1799,25 +1748,6 @@ reset_connections_retries(gpointer user_data)
min_stamp = con_stamp;
}
- /* There is, at least, one multiconnect connection. Let's check the devices retries */
- if (multiconnect) {
- NMDevice *device;
- GHashTableIter h_iter;
- g_hash_table_iter_init(&h_iter, priv->devices);
- while (g_hash_table_iter_next(&h_iter, (gpointer *) &device, NULL)) {
- con_stamp = nm_device_autoconnect_retries_blocked_until(device);
-
- /* default value in device is -2, which means, we do not care */
- if (con_stamp <= 0)
- continue;
- if (con_stamp <= now) {
- nm_device_autoconnect_retries_reset(device);
- changed = TRUE;
- } else if (min_stamp == 0 || min_stamp > con_stamp)
- min_stamp = con_stamp;
- }
- }
-
/* Schedule the handler again if there are some stamps left */
if (min_stamp != 0)
priv->reset_retries_id =
@@ -1831,31 +1761,21 @@ reset_connections_retries(gpointer user_data)
}
static void
-_connection_autoconnect_retries_set(NMPolicy *self,
- NMSettingsConnection *connection,
- NMDevice *device,
- int tries)
+_connection_autoconnect_retries_set(NMPolicy *self, NMSettingsConnection *connection, int tries)
{
- NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE(self);
- NMSettingConnection *s_con;
- gint32 retry_time;
+ NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE(self);
nm_assert(NM_IS_SETTINGS_CONNECTION(connection));
nm_assert(tries >= 0);
- s_con = nm_connection_get_setting_connection(nm_settings_connection_get_connection(connection));
- if (s_con
- && nm_setting_connection_get_multi_connect(s_con) == NM_CONNECTION_MULTI_CONNECT_MULTIPLE) {
- nm_device_set_autoconnect_retries(device, tries);
- retry_time = nm_device_autoconnect_retries_blocked_until(device);
- } else {
- nm_settings_connection_autoconnect_retries_set(connection, tries);
- retry_time = nm_settings_connection_autoconnect_retries_blocked_until(connection);
- }
+ nm_settings_connection_autoconnect_retries_set(connection, tries);
if (tries == 0) {
/* Schedule a handler to reset retries count */
if (!priv->reset_retries_id) {
+ gint32 retry_time =
+ nm_settings_connection_autoconnect_retries_blocked_until(connection);
+
g_warn_if_fail(retry_time != 0);
priv->reset_retries_id =
g_timeout_add_seconds(MAX(0, retry_time - nm_utils_get_monotonic_timestamp_sec()),
@@ -2117,25 +2037,13 @@ device_state_changed(NMDevice *device,
}
if (!blocked) {
- s_con = nm_connection_get_setting_connection(
- nm_settings_connection_get_connection(sett_conn));
- if (s_con
- && nm_setting_connection_get_multi_connect(s_con)
- == NM_CONNECTION_MULTI_CONNECT_MULTIPLE) {
- if (nm_device_get_autoconnect_retries(device) == -2)
- nm_device_set_autoconnect_retries(
- device,
- nm_settings_connection_autoconnect_retries_get(sett_conn));
-
- tries = nm_device_get_autoconnect_retries(device);
- } else
- tries = nm_settings_connection_autoconnect_retries_get(sett_conn);
+ tries = nm_settings_connection_autoconnect_retries_get(sett_conn);
if (tries > 0) {
_LOGD(LOGD_DEVICE,
"connection '%s' failed to autoconnect; %d tries left",
nm_settings_connection_get_id(sett_conn),
tries - 1);
- _connection_autoconnect_retries_set(self, sett_conn, device, tries - 1);
+ _connection_autoconnect_retries_set(self, sett_conn, tries - 1);
} else if (tries != 0) {
_LOGD(LOGD_DEVICE,
"connection '%s' failed to autoconnect; infinite tries left",
--
2.38.1

6
NetworkManager.spec
View File

@ -6,7 +6,7 @@
%global epoch_version 1 %global epoch_version 1
%global real_version 1.41.7 %global real_version 1.41.7
%global rpm_version %{real_version} %global rpm_version %{real_version}
%global release_version 1 %global release_version 2
%global snapshot %{nil} %global snapshot %{nil}
%global git_sha %{nil} %global git_sha %{nil}
%global bcond_default_debug 0 %global bcond_default_debug 0
@ -194,6 +194,7 @@ Source7: readme-ifcfg-rh.txt
# Bugfixes that are only relevant until next rebase of the package. # Bugfixes that are only relevant until next rebase of the package.
# Patch1001: 1001-some.patch # Patch1001: 1001-some.patch
Patch1001: 1001-Revert-policy-track-the-autoconnect-retries-in-devic.patch
Requires(post): systemd Requires(post): systemd
%if 0%{?fedora} || 0%{?rhel} >= 8 %if 0%{?fedora} || 0%{?rhel} >= 8
@ -1229,6 +1230,9 @@ fi
%changelog %changelog
* Wed Dec 21 2022 Thomas Haller <thaller@redhat.com> - 1:1.41.7-2
- core: avoid infinite autoconnect with multi-connect profiles (rh #2150000)
* Thu Dec 15 2022 Lubomir Rintel <lkundrak@v3.sk> - 1:1.41.7-1 * Thu Dec 15 2022 Lubomir Rintel <lkundrak@v3.sk> - 1:1.41.7-1
- Update to 1.41.7 release (development) - Update to 1.41.7 release (development)
- macsec: fix tracking of parent ifindex (rh #2122564) - macsec: fix tracking of parent ifindex (rh #2122564)