diff --git a/SOURCES/1007-platform-workaround-for-preserving-ipv6-address-rhbz2090280.patch b/SOURCES/1007-platform-workaround-for-preserving-ipv6-address-rhbz2090280.patch index 4ab3065..ef3fb3b 100644 --- a/SOURCES/1007-platform-workaround-for-preserving-ipv6-address-rhbz2090280.patch +++ b/SOURCES/1007-platform-workaround-for-preserving-ipv6-address-rhbz2090280.patch @@ -1,44 +1,32 @@ -From 4c556203d93fdd143630431dded4e0e6ea24824e Mon Sep 17 00:00:00 2001 +From 0214ea3f7df5b05e8852bd101f41eb0a90d2b510 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Thu, 9 Jun 2022 10:00:47 +0200 Subject: [PATCH 1/1] platform: workaround for preserving IPv6 address order https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/ ## 1021 --- - src/libnm-platform/nm-platform.c | 15 +++++++++++++++ - 1 file changed, 15 insertions(+) + src/libnm-platform/nm-platform.c | 25 ++++++++++++++++++++----- + 1 file changed, 20 insertions(+), 5 deletions(-) diff --git a/src/libnm-platform/nm-platform.c b/src/libnm-platform/nm-platform.c -index f264ed7a45b2..120e50b3c772 100644 +index b1ae168f6687..c654bd45254d 100644 --- a/src/libnm-platform/nm-platform.c +++ b/src/libnm-platform/nm-platform.c -@@ -3961,45 +3961,60 @@ nm_platform_ip_address_sync(NMPlatform *self, - for (i = 0; i < addresses_prune->len; i++) { - const NMPObject *prune_obj = addresses_prune->pdata[i]; - - nm_assert(NM_IN_SET(NMP_OBJECT_GET_TYPE(prune_obj), - NMP_OBJECT_TYPE_IP4_ADDRESS, - NMP_OBJECT_TYPE_IP6_ADDRESS)); - - if (nm_g_hash_table_contains(known_addresses_idx, prune_obj)) - continue; - - nm_platform_ip_address_delete(self, - addr_family, - ifindex, - NMP_OBJECT_CAST_IP_ADDRESS(prune_obj)); - } - } - +@@ -3978,11 +3978,26 @@ nm_platform_ip_address_sync(NMPlatform *self, /* @plat_addresses for IPv6 must be sorted in decreasing priority order (highest priority addresses first). * IPv4 are probably unsorted or sorted with lowest priority first, but their order doesn't matter because * we check the "secondary" flag. */ +- plat_addresses = nm_platform_lookup_clone( +- self, +- nmp_lookup_init_object(&lookup, NMP_OBJECT_TYPE_IP_ADDRESS(IS_IPv4), ifindex), +- NULL, +- NULL); + if (IS_IPv4) { - plat_addresses = nm_platform_lookup_clone( - self, - nmp_lookup_init_object(&lookup, NMP_OBJECT_TYPE_IP_ADDRESS(IS_IPv4), ifindex), - NULL, - NULL); ++ plat_addresses = nm_platform_lookup_clone( ++ self, ++ nmp_lookup_init_object(&lookup, NMP_OBJECT_TYPE_IP_ADDRESS(IS_IPv4), ifindex), ++ NULL, ++ NULL); + } else { + /* HACK: early 1.36 versions had a bug of not actually reordering the IPv6 addresses. + * This was fixed by commit cd4601802de5 ('platform: fix address order in @@ -56,22 +44,6 @@ index f264ed7a45b2..120e50b3c772 100644 if (nm_g_ptr_array_len(plat_addresses) > 0) { /* Delete addresses that interfere with our intended order. */ - if (IS_IPv4) { - GHashTable *known_subnets = NULL; - GHashTable *plat_subnets; - gs_free bool *plat_handled_to_free = NULL; - bool *plat_handled = NULL; - - /* For IPv4, we only consider it a conflict for addresses in the same - * subnet. That's where kernel will assign a primary/secondary flag. - * For different subnets, we don't define the order. */ - - plat_subnets = ip4_addr_subnets_build_index(plat_addresses, TRUE, TRUE); - - for (i = 0; i < plat_addresses->len; i++) { - const NMPObject *plat_obj = plat_addresses->pdata[i]; - const NMPObject *known_obj; - const NMPlatformIP4Address *plat_address; - const GPtrArray *addr_list; -- 2.36.1 + diff --git a/SOURCES/1008-n-dhcp4-probe-forget-lease-after-a-NAK-rh2105088.patch b/SOURCES/1008-n-dhcp4-probe-forget-lease-after-a-NAK-rh2105088.patch new file mode 100644 index 0000000..c9c4db1 --- /dev/null +++ b/SOURCES/1008-n-dhcp4-probe-forget-lease-after-a-NAK-rh2105088.patch @@ -0,0 +1,62 @@ +From ecf446c9a2061afb35ff795fec87c04bcb291a3e Mon Sep 17 00:00:00 2001 +From: Beniamino Galvani +Date: Thu, 5 May 2022 17:50:57 +0200 +Subject: [PATCH] n-dhcp4/probe: forget lease after a NAK + +If we have a lease and we get a NAK renewing/rebinding it, the lease +is lost. + +Without this, probe->current_lease remains set and after the next +DISCOVER/OFFER round, any call to n_dhcp4_client_lease_select() will +fail at: + + if (lease->probe->current_lease) + return -ENOTRECOVERABLE; + +As in: + + [5325.1313] dhcp4 (veth0): send REQUEST of 172.25.1.200 to 255.255.255.255 + [5325.1434] dhcp4 (veth0): received NACK from 172.25.1.1 + [5325.1435] dhcp4 (veth0): client event 3 (RETRACTED) + [5325.1436] dhcp4 (veth0): send DISCOVER to 255.255.255.255 + [5325.1641] dhcp4 (veth0): received OFFER of 172.25.1.200 from 172.25.1.1 + [5325.1641] dhcp4 (veth0): client event (OFFER) + [5325.1641] dhcp4 (veth0): selecting lease failed: -131 (ENOTRECOVERABLE) + +Upstream: https://github.com/nettools/n-dhcp4/pull/33 +Upstream: https://github.com/nettools/n-dhcp4/commit/e4af93228e3772bbb443ec1237252e6a2f3e3dd7 + +https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/993 + +Fixes: e43b1791a382 ('Merge commit 'e23b3c9c3ac86b065eef002fa5c4321cc4a87df2' as 'shared/n-dhcp4'') + +(cherry picked from commit e141cd45d610164ec9a041856677b2ad426c2c20) +(cherry picked from commit e056a68d218ad51d801cfaff95afa3f8cbcfa619) +(cherry picked from commit 6636c792bd20a692dd33634864e1f0fc14322d79) +--- + src/n-dhcp4/src/n-dhcp4-c-probe.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/src/n-dhcp4/src/n-dhcp4-c-probe.c b/src/n-dhcp4/src/n-dhcp4-c-probe.c +index 7f20ac0527..283c1693cf 100644 +--- a/src/n-dhcp4/src/n-dhcp4-c-probe.c ++++ b/src/n-dhcp4/src/n-dhcp4-c-probe.c +@@ -995,14 +995,13 @@ static int n_dhcp4_client_probe_transition_nak(NDhcp4ClientProbe *probe) { + case N_DHCP4_CLIENT_PROBE_STATE_RENEWING: + case N_DHCP4_CLIENT_PROBE_STATE_REBINDING: + +- /* XXX */ +- + r = n_dhcp4_client_probe_raise(probe, + NULL, + N_DHCP4_CLIENT_EVENT_RETRACTED); + if (r) + return r; + ++ probe->current_lease = n_dhcp4_client_lease_unref(probe->current_lease); + probe->state = N_DHCP4_CLIENT_PROBE_STATE_INIT; + probe->ns_deferred = n_dhcp4_gettime(CLOCK_BOOTTIME) + probe->ns_nak_restart_delay; + probe->ns_nak_restart_delay = C_CLAMP(probe->ns_nak_restart_delay * 2u, +-- +2.36.1 + diff --git a/SOURCES/1009-device-fix-memory-leak.patch b/SOURCES/1009-device-fix-memory-leak.patch new file mode 100644 index 0000000..01ceac8 --- /dev/null +++ b/SOURCES/1009-device-fix-memory-leak.patch @@ -0,0 +1,88 @@ +From 0312711353b5cc924fccb5b94c34d4da8bf1f391 Mon Sep 17 00:00:00 2001 +From: Beniamino Galvani +Date: Tue, 7 Jun 2022 23:15:47 +0200 +Subject: [PATCH] device: fix memory leak + +l3cd instances must be removed from the old l3cfg before calling +_cleanup_ip_pre(). Otherwise, _cleanup_ip_pre() unregisters them from +the device, and later _dev_l3_register_l3cds(self, l3cfg_old, FALSE, +FALSE) does nothing because the device doesn't have any l3cd. + +Previously the l3cds would linger in the l3cfg, keeping a reference to +it and causing a memory leak; the leak was not detected by valgrind +because the l3cfg was still referenced by the NMNetns. + +Fixes: 58287cbcc0c8 ('core: rework IP configuration in NetworkManager using layer 3 configuration') +Fixes-test: @stable_mem_consumption2 + +https://bugzilla.redhat.com/show_bug.cgi?id=2083453 + +https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1252 +(cherry picked from commit f69a1cc874208a4d76bdfbdb55d223699aaba528) +(cherry picked from commit 83ee0f0779960abf8f609750871fdc05d0dd40bd) +(cherry picked from commit a0f34b3f9201802b8807ed788f00f6367df56778) +--- + src/core/devices/nm-device.c | 16 +++++++--------- + 1 file changed, 7 insertions(+), 9 deletions(-) + +diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c +index 264d75d936..539c0ec052 100644 +--- a/src/core/devices/nm-device.c ++++ b/src/core/devices/nm-device.c +@@ -4018,7 +4018,6 @@ _set_ifindex(NMDevice *self, int ifindex, gboolean is_ip_ifindex) + NMDevicePrivate *priv = NM_DEVICE_GET_PRIVATE(self); + gs_unref_object NML3Cfg *l3cfg_old = NULL; + NML3CfgCommitTypeHandle *l3cfg_commit_type_old = NULL; +- gboolean l3_changed; + int ip_ifindex_new; + int *p_ifindex; + gboolean l3cfg_was_reset = FALSE; +@@ -4059,6 +4058,10 @@ _set_ifindex(NMDevice *self, int ifindex, gboolean is_ip_ifindex) + l3cfg_was_reset = TRUE; + } + } ++ ++ if (!priv->l3cfg && l3cfg_old) ++ _dev_l3_register_l3cds(self, l3cfg_old, FALSE, FALSE); ++ + if (!priv->l3cfg && ip_ifindex_new > 0) { + priv->l3cfg_ = nm_netns_l3cfg_acquire(priv->netns, ip_ifindex_new); + +@@ -4070,6 +4073,7 @@ _set_ifindex(NMDevice *self, int ifindex, gboolean is_ip_ifindex) + _dev_l3_cfg_commit_type_reset(self); + l3cfg_was_reset = TRUE; + } ++ + if (!priv->l3cfg) { + _cleanup_ip_pre(self, AF_INET, CLEANUP_TYPE_KEEP, FALSE); + _cleanup_ip_pre(self, AF_INET6, CLEANUP_TYPE_KEEP, FALSE); +@@ -4110,11 +4114,7 @@ _set_ifindex(NMDevice *self, int ifindex, gboolean is_ip_ifindex) + _notify(self, PROP_IP6_CONFIG); + } + +- if (l3cfg_old != priv->l3cfg) { +- l3_changed = FALSE; +- if (_dev_l3_register_l3cds(self, l3cfg_old, FALSE, FALSE)) +- l3_changed = TRUE; +- ++ if (priv->l3cfg && l3cfg_old != priv->l3cfg) { + /* Now it gets ugly. We changed the ip-ifindex, which determines the NML3Cfg instance. + * But all the NML3ConfigData we currently track are still for the old ifindex. We + * need to update them. +@@ -4123,12 +4123,10 @@ _set_ifindex(NMDevice *self, int ifindex, gboolean is_ip_ifindex) + * associated with one ifindex (and not the ifindex/ip-ifindex split). Or it + * is not at all associated with an ifindex, but only a controlling device for + * a real NMDevice (that has the ifindex). */ ++ + _dev_l3_update_l3cds_ifindex(self); + + if (_dev_l3_register_l3cds(self, priv->l3cfg, TRUE, FALSE)) +- l3_changed = TRUE; +- +- if (l3_changed) + _dev_l3_cfg_commit(self, TRUE); + } + +-- +2.36.1 + diff --git a/SOURCES/1010-core-update-DNS-when-the-device-enters-IP_CONFIG-rh2100456.patch b/SOURCES/1010-core-update-DNS-when-the-device-enters-IP_CONFIG-rh2100456.patch new file mode 100644 index 0000000..c36d231 --- /dev/null +++ b/SOURCES/1010-core-update-DNS-when-the-device-enters-IP_CONFIG-rh2100456.patch @@ -0,0 +1,52 @@ +From 0e0cd7342ae5b2f561e364c3c085d6378e7b24cb Mon Sep 17 00:00:00 2001 +From: Beniamino Galvani +Date: Fri, 1 Jul 2022 13:42:26 +0200 +Subject: [PATCH] core: update DNS when the device enters IP_CONFIG state + +Update DNS information when the device enters the IP_CONFIG state. In +this way, when dispatcher events "dhcp4-change,dhcp6-change" are +emitted resolv.conf already contains the information received from +the DHCP lease. + +https://bugzilla.redhat.com/show_bug.cgi?id=2100456 +https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1283 +(cherry picked from commit 1784fc9fa15391043959ca684569c9cb816f44c5) +(cherry picked from commit 95df70112f513d44fec1ea3f7fe22a03b4f9651e) +(cherry picked from commit ace95e51130b41f39785358bf955b7086bb41c1e) +--- + src/core/nm-policy.c | 17 ++++++----------- + 1 file changed, 6 insertions(+), 11 deletions(-) + +diff --git a/src/core/nm-policy.c b/src/core/nm-policy.c +index d77fc0a025..c8971d4b6d 100644 +--- a/src/core/nm-policy.c ++++ b/src/core/nm-policy.c +@@ -2131,19 +2131,14 @@ device_l3cd_changed(NMDevice *device, + + nm_dns_manager_begin_updates(priv->dns_manager, __func__); + +- /* We catch already all the IP events registering on the device state changes but +- * the ones where the IP changes with a stable state (i.e., activated): +- * ignore IP config changes but when the device is in activated state. +- * Prevents unnecessary changes to DNS information. +- * FIXME(l3cfg): check why ^^^ this is needed and implement it. Note that +- * this function is not always called when the device becomes ACTIVATED. +- * Previously, we would also update the DNS manager's IP config in +- * device_state_change(ACTIVATED). There we would also special-case +- * pseudo-VPNs like wireguard. I don't see the code where this is handled +- * now. ++ /* FIXME(l3cfg): Note that this function is not always called when the ++ * device becomes ACTIVATED. Previously, we would also update the DNS ++ * manager's IP config in device_state_change(ACTIVATED). There we would ++ * also special-case pseudo-VPNs like wireguard. I don't see the code where ++ * this is handled now. + */ + state = nm_device_get_state(device); +- if (l3cd_new && state > NM_DEVICE_STATE_IP_CONFIG && state < NM_DEVICE_STATE_DEACTIVATING) { ++ if (l3cd_new && state >= NM_DEVICE_STATE_IP_CONFIG && state < NM_DEVICE_STATE_DEACTIVATING) { + nm_dns_manager_set_ip_config(priv->dns_manager, + AF_UNSPEC, + device, +-- +2.36.1 + diff --git a/SPECS/NetworkManager.spec b/SPECS/NetworkManager.spec index b27ec22..ec58e43 100644 --- a/SPECS/NetworkManager.spec +++ b/SPECS/NetworkManager.spec @@ -7,7 +7,7 @@ %global epoch_version 1 %global rpm_version 1.36.0 %global real_version 1.36.0 -%global release_version 7 +%global release_version 9 %global snapshot %{nil} %global git_sha %{nil} @@ -201,6 +201,9 @@ Patch1004: 1004-n-dhcp4-discard-NAKs-from-other-servers-rhbz2059673.patch Patch1005: 1005-fix-dhcp-loses-lease-when-restarting-rhbz2090280.patch Patch1006: 1006-dhcp-routes-src-rh2092807.patch Patch1007: 1007-platform-workaround-for-preserving-ipv6-address-rhbz2090280.patch +Patch1008: 1008-n-dhcp4-probe-forget-lease-after-a-NAK-rh2105088.patch +Patch1009: 1009-device-fix-memory-leak.patch +Patch1010: 1010-core-update-DNS-when-the-device-enters-IP_CONFIG-rh2100456.patch # The pregenerated docs contain default values and paths that depend # on the configure options when creating the source tarball. @@ -1202,6 +1205,13 @@ fi %changelog +* Thu Sep 29 2022 Beniamino Galvani - 1:1.36.0-9 +- core: update DNS when the device enters IP_CONFIG state (rh #2100456) + +* Mon Jul 25 2022 Beniamino Galvani - 1:1.36.0-8 +- dhcp: fix "selecting lease failed" problem after receiving a NAK (rh #2105088) +- core: fix memory leak when removing devices (rh #2105974) + * Thu Jun 09 2022 Fernando Fernandez Mancera - 1:1.36.0-7 - platform: workaround for preserving IPv6 address order (rh #2090280)