rpms/NetworkManager
6
0
Fork 0
Code Issues Pull Requests Releases Activity

import UBI NetworkManager-1.48.10-8.el9_5

Browse Source
This commit is contained in:
eabdullin 2025-03-18 02:40:01 +00:00
parent b870157c4b
commit 33c9aa78b2
5 changed files with 566 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

120
SOURCES/1009-core-prevent-the-activation-of-unavailable-devices-rhel-78745.patch Normal file
View File

@ -0,0 +1,120 @@
From a12b1dfdb0393687ae0fc505c57c76de2907209c Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Mon, 10 Feb 2025 15:15:18 +0100
Subject: [PATCH 1/2] core: cleanup nm_manager_get_best_device_for_connection()
Rename "unavailable_devices" to "exclude_devices", as the
"unavailable" term has a specific, different meaning in NetworkManager
(i.e. the device is in the UNAVAILABLE state). Also, use
nm_g_hash_table_contains() when needed.
(cherry picked from commit 6c1eb99d3258ac8cf969cb648a988565c205a205)
(cherry picked from commit da866c4cda996b14d5ea8c3540c8ba0d5d798e9a)
(cherry picked from commit 0045a0240cb64814126dc0f7adbcbaee9aca3b54)
---
src/core/nm-manager.c | 10 ++++------
1 file changed, 4 insertions(+), 6 deletions(-)
diff --git a/src/core/nm-manager.c b/src/core/nm-manager.c
index a673279712..cd79653078 100644
--- a/src/core/nm-manager.c
+++ b/src/core/nm-manager.c
@@ -4536,7 +4536,7 @@ nm_manager_get_best_device_for_connection(NMManager *self,
NMSettingsConnection *sett_conn,
NMConnection *connection,
gboolean for_user_request,
- GHashTable *unavailable_devices,
+ GHashTable *exclude_devices,
GError **error)
{
NMManagerPrivate *priv = NM_MANAGER_GET_PRIVATE(self);
@@ -4619,7 +4619,7 @@ nm_manager_get_best_device_for_connection(NMManager *self,
ac_device = nm_active_connection_get_device(ac);
if (ac_device
- && ((unavailable_devices && g_hash_table_contains(unavailable_devices, ac_device))
+ && (nm_g_hash_table_contains(exclude_devices, ac_device)
|| !nm_device_check_connection_available(ac_device, connection, flags, NULL, NULL)))
ac_device = NULL;
@@ -4635,9 +4635,7 @@ nm_manager_get_best_device_for_connection(NMManager *self,
NMDevice *ac_device2 = nm_active_connection_get_device(ac2);
NMActiveConnectionState ac_state2;
- if (!ac_device2
- || (unavailable_devices
- && g_hash_table_contains(unavailable_devices, ac_device2))
+ if (!ac_device2 || nm_g_hash_table_contains(exclude_devices, ac_device2)
|| !nm_device_check_connection_available(ac_device2,
connection,
flags,
@@ -4698,7 +4696,7 @@ found_better:
GError *local = NULL;
DeviceActivationPrio prio;
- if (unavailable_devices && g_hash_table_contains(unavailable_devices, device))
+ if (nm_g_hash_table_contains(exclude_devices, device))
continue;
/* determine the priority of this device. Currently, this priority is independent
--
2.48.1
From 00a4e1cc0495e13ac72d0df82792654168e92781 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Mon, 10 Feb 2025 15:27:43 +0100
Subject: [PATCH 2/2] core: prevent the activation of unavailable devices
When autoconnecting ports of a controller, we look for all candidate
(device,connection) tuples through the following call trace:
-> autoconnect_ports()
-> find_ports()
-> nm_manager_get_best_device_for_connection()
-> nm_device_check_connection_available()
-> _nm_device_check_connection_available()
The last function checks that a specific device is available to be
activated with the given connection. For virtual devices, it only
checks that the device is compatible with the connection based on the
device type and characteristics, without considering any live network
information.
For OVS interfaces, this doesn't work as expected. During startup, NM
performs a cleanup of the ovsdb to remove entries that were previously
added by NM. When the cleanup is terminated, NMOvsdb sets the "ready"
flag and is ready to start the activation of new OVS interfaces. With
the current mechanism, it is possible that a OVS-interface connection
gets activated via the autoconnect-ports mechanism without checking
the "ready" flag.
Fix that by also checking that the device is available for activation.
(cherry picked from commit 774badb1519a76fb3b7c0f60cf46ee5ea25bce69)
(cherry picked from commit f459c7fecce8445515d052b5b48f10d808e97fff)
(cherry picked from commit b495d6bd55f4068596d380ce81614eb3d86943a3)
---
src/core/nm-manager.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/core/nm-manager.c b/src/core/nm-manager.c
index cd79653078..36b8bda0f5 100644
--- a/src/core/nm-manager.c
+++ b/src/core/nm-manager.c
@@ -4699,6 +4699,12 @@ found_better:
if (nm_g_hash_table_contains(exclude_devices, device))
continue;
+ if (!nm_device_is_available(device,
+ for_user_request
+ ? NM_DEVICE_CHECK_DEV_AVAILABLE_FOR_USER_REQUEST
+ : NM_DEVICE_CHECK_DEV_AVAILABLE_NONE))
+ continue;
+
/* determine the priority of this device. Currently, this priority is independent
* of the profile (connection) and the device's details (aside the state).
*
--
2.48.1

242
SOURCES/1010-fix-nmtui-segfault-adding-veth-rhel-75763.patch Normal file
View File

@ -0,0 +1,242 @@
From dd50a5199f1661c9d2226d8d5c01b0b485a9bc86 Mon Sep 17 00:00:00 2001
From: Jan Vaclav <jvaclav@redhat.com>
Date: Wed, 15 May 2024 12:57:41 +0200
Subject: [PATCH 1/2] nmtui: add veth page
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1943
(cherry picked from commit 187ff4c73b9ae1c3c020bd999633306b09eabead)
---
Makefile.am | 2 +
src/nmtui/meson.build | 1 +
src/nmtui/nmt-editor.c | 3 ++
src/nmtui/nmt-page-veth.c | 92 +++++++++++++++++++++++++++++++++++++++
src/nmtui/nmt-page-veth.h | 32 ++++++++++++++
5 files changed, 130 insertions(+)
create mode 100644 src/nmtui/nmt-page-veth.c
create mode 100644 src/nmtui/nmt-page-veth.h
diff --git a/Makefile.am b/Makefile.am
index a0daa95314..ee92a1de53 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -5304,6 +5304,8 @@ src_nmtui_nmtui_SOURCES = \
src/nmtui/nmt-page-team-port.h \
src/nmtui/nmt-page-team.c \
src/nmtui/nmt-page-team.h \
+ src/nmtui/nmt-page-veth.c \
+ src/nmtui/nmt-page-veth.h \
src/nmtui/nmt-page-vlan.c \
src/nmtui/nmt-page-vlan.h \
src/nmtui/nmt-page-wifi.c \
diff --git a/src/nmtui/meson.build b/src/nmtui/meson.build
index 13aa864750..eecfaa9927 100644
--- a/src/nmtui/meson.build
+++ b/src/nmtui/meson.build
@@ -32,6 +32,7 @@ executable(
'nmt-page-ppp.c',
'nmt-page-team.c',
'nmt-page-team-port.c',
+ 'nmt-page-veth.c',
'nmt-page-vlan.c',
'nmt-page-wifi.c',
'nmt-page-wireguard.c',
diff --git a/src/nmtui/nmt-editor.c b/src/nmtui/nmt-editor.c
index 6e502778d1..6205736a78 100644
--- a/src/nmtui/nmt-editor.c
+++ b/src/nmtui/nmt-editor.c
@@ -39,6 +39,7 @@
#include "nmt-page-ppp.h"
#include "nmt-page-team.h"
#include "nmt-page-team-port.h"
+#include "nmt-page-veth.h"
#include "nmt-page-vlan.h"
#include "nmt-page-wifi.h"
#include "nmt-page-wireguard.h"
@@ -369,6 +370,8 @@ nmt_editor_constructed(GObject *object)
page = nmt_page_dsl_new(priv->edit_connection, deventry);
else if (nm_connection_is_type(priv->edit_connection, NM_SETTING_TEAM_SETTING_NAME))
page = nmt_page_team_new(priv->edit_connection, deventry);
+ else if (nm_connection_is_type(priv->edit_connection, NM_SETTING_VETH_SETTING_NAME))
+ page = nmt_page_veth_new(priv->edit_connection, deventry);
else if (nm_connection_is_type(priv->edit_connection, NM_SETTING_VLAN_SETTING_NAME))
page = nmt_page_vlan_new(priv->edit_connection, deventry);
else if (nm_connection_is_type(priv->edit_connection, NM_SETTING_WIRED_SETTING_NAME))
diff --git a/src/nmtui/nmt-page-veth.c b/src/nmtui/nmt-page-veth.c
new file mode 100644
index 0000000000..35d0d78d58
--- /dev/null
+++ b/src/nmtui/nmt-page-veth.c
@@ -0,0 +1,92 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+/*
+ * Copyright (C) 2024 Red Hat, Inc.
+ */
+/**
+ * SECTION:nmt-page-veth
+ * @short_description: The editor page for veth connections
+ */
+
+#include "libnm-client-aux-extern/nm-default-client.h"
+
+#include <linux/if_ether.h>
+
+#include "nmt-page-veth.h"
+
+#include "libnm-core-aux-intern/nm-libnm-core-utils.h"
+#include "nmt-device-entry.h"
+#include "nmt-mac-entry.h"
+#include "nmt-mtu-entry.h"
+
+G_DEFINE_TYPE(NmtPageVeth, nmt_page_veth, NMT_TYPE_EDITOR_PAGE_DEVICE)
+
+#define NMT_PAGE_VETH_GET_PRIVATE(o) _NM_GET_PRIVATE(self, NmtPageVeth, NMT_IS_PAGE_VETH)
+
+static void
+nmt_page_veth_init(NmtPageVeth *veth)
+{}
+
+NmtEditorPage *
+nmt_page_veth_new(NMConnection *conn, NmtDeviceEntry *deventry)
+{
+ return g_object_new(NMT_TYPE_PAGE_VETH, "connection", conn, "device-entry", deventry, NULL);
+}
+
+static void
+nmt_page_veth_constructed(GObject *object)
+{
+ NmtPageVeth *veth = NMT_PAGE_VETH(object);
+ NmtEditorSection *section;
+ NmtEditorGrid *grid;
+ NMSettingVeth *s_veth;
+ NMSettingWired *s_wired;
+ NmtNewtWidget *widget;
+ NMConnection *conn;
+
+ conn = nmt_editor_page_get_connection(NMT_EDITOR_PAGE(veth));
+ s_veth = _nm_connection_ensure_setting(conn, NM_TYPE_SETTING_VETH);
+ s_wired = _nm_connection_ensure_setting(conn, NM_TYPE_SETTING_WIRED);
+
+ section = nmt_editor_section_new(_("VETH"), NULL, TRUE);
+ grid = nmt_editor_section_get_body(section);
+
+ widget = nmt_newt_entry_new(40, 0);
+ nmt_editor_grid_append(grid, _("Peer"), widget, NULL);
+ g_object_bind_property(s_veth,
+ NM_SETTING_VETH_PEER,
+ widget,
+ "text",
+ G_BINDING_SYNC_CREATE | G_BINDING_BIDIRECTIONAL);
+
+ nmt_editor_page_add_section(NMT_EDITOR_PAGE(veth), section);
+
+ section = nmt_editor_section_new(_("ETHERNET"), NULL, FALSE);
+ grid = nmt_editor_section_get_body(section);
+
+ widget = nmt_mac_entry_new(40, ETH_ALEN, NMT_MAC_ENTRY_TYPE_CLONED_ETHERNET);
+ g_object_bind_property(s_wired,
+ NM_SETTING_WIRED_CLONED_MAC_ADDRESS,
+ widget,
+ "mac-address",
+ G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
+ nmt_editor_grid_append(grid, _("Cloned MAC address"), widget, NULL);
+
+ widget = nmt_mtu_entry_new();
+ g_object_bind_property(s_wired,
+ NM_SETTING_WIRED_MTU,
+ widget,
+ "mtu",
+ G_BINDING_BIDIRECTIONAL | G_BINDING_SYNC_CREATE);
+ nmt_editor_grid_append(grid, _("MTU"), widget, NULL);
+
+ nmt_editor_page_add_section(NMT_EDITOR_PAGE(veth), section);
+
+ G_OBJECT_CLASS(nmt_page_veth_parent_class)->constructed(object);
+}
+
+static void
+nmt_page_veth_class_init(NmtPageVethClass *veth_class)
+{
+ GObjectClass *object_class = G_OBJECT_CLASS(veth_class);
+ object_class->constructed = nmt_page_veth_constructed;
+}
diff --git a/src/nmtui/nmt-page-veth.h b/src/nmtui/nmt-page-veth.h
new file mode 100644
index 0000000000..8822f3a27d
--- /dev/null
+++ b/src/nmtui/nmt-page-veth.h
@@ -0,0 +1,32 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+/*
+ * Copyright (C) 2024 Red Hat, Inc.
+ */
+
+#ifndef NMT_PAGE_VETH_H
+#define NMT_PAGE_VETH_H
+
+#include "nmt-editor-page-device.h"
+
+#define NMT_TYPE_PAGE_VETH (nmt_page_veth_get_type())
+#define NMT_PAGE_VETH(obj) (_NM_G_TYPE_CHECK_INSTANCE_CAST((obj), NMT_TYPE_PAGE_VETH, NmtPageVeth))
+#define NMT_PAGE_VETH_CLASS(klass) \
+ (G_TYPE_CHECK_CLASS_CAST((klass), NMT_TYPE_PAGE_VETH, NmtPageVethClass))
+#define NMT_IS_PAGE_VETH(obj) (G_TYPE_CHECK_INSTANCE_TYPE((obj), NMT_TYPE_PAGE_VETH))
+#define NMT_IS_PAGE_VETH_CLASS(klass) (G_TYPE_CHECK_CLASS_TYPE((klass), NMT_TYPE_PAGE_VETH))
+#define NMT_PAGE_VETH_GET_CLASS(obj) \
+ (G_TYPE_INSTANCE_GET_CLASS((obj), NMT_TYPE_PAGE_VETH, NmtPageVethClass))
+
+typedef struct {
+ NmtEditorPageDevice parent;
+} NmtPageVeth;
+
+typedef struct {
+ NmtEditorPageDeviceClass parent;
+} NmtPageVethClass;
+
+GType nmt_page_veth_get_type(void);
+
+NmtEditorPage *nmt_page_veth_new(NMConnection *conn, NmtDeviceEntry *deventry);
+
+#endif /* NMT_PAGE_VETH_H */
--
2.47.1
From 7d9ed27897d90e6dbd97aef6e7bbb0a181c961df Mon Sep 17 00:00:00 2001
From: Jan Vaclav <jvaclav@redhat.com>
Date: Mon, 20 May 2024 14:04:18 +0200
Subject: [PATCH 2/2] nmtui: include veth devices in activation dialog
(cherry picked from commit e74f506b81595112893997f08cbad8482e7777aa)
---
src/libnm-core-impl/nm-connection.c | 2 ++
src/nmtui/nmt-connect-connection-list.c | 1 +
2 files changed, 3 insertions(+)
diff --git a/src/libnm-core-impl/nm-connection.c b/src/libnm-core-impl/nm-connection.c
index 95fe89a87c..6dace2b73c 100644
--- a/src/libnm-core-impl/nm-connection.c
+++ b/src/libnm-core-impl/nm-connection.c
@@ -3258,6 +3258,8 @@ nm_connection_get_virtual_device_description(NMConnection *connection)
display_type = _("WireGuard");
else if (nm_streq(type, NM_SETTING_TUN_SETTING_NAME))
display_type = _("TUN/TAP");
+ else if (nm_streq(type, NM_SETTING_VETH_SETTING_NAME))
+ display_type = _("Veth");
if (!iface || !display_type)
return NULL;
diff --git a/src/nmtui/nmt-connect-connection-list.c b/src/nmtui/nmt-connect-connection-list.c
index 70264d3ec2..1fd44b2957 100644
--- a/src/nmtui/nmt-connect-connection-list.c
+++ b/src/nmtui/nmt-connect-connection-list.c
@@ -96,6 +96,7 @@ static const char *device_sort_order[] = {"NMDeviceEthernet",
"NMDeviceInfiniband",
"NMDeviceWifi",
NM_SETTING_VLAN_SETTING_NAME,
+ NM_SETTING_VETH_SETTING_NAME,
NM_SETTING_BOND_SETTING_NAME,
NM_SETTING_TEAM_SETTING_NAME,
NM_SETTING_BRIDGE_SETTING_NAME,
--
2.47.1

136
SOURCES/1011-policy-always-reset-retries-when-unblocking-children-or-ports-rhel-78748.patch Normal file
View File

@ -0,0 +1,136 @@
From d1545823e467aec816ed0073c4eec1bec669e98f Mon Sep 17 00:00:00 2001
From: Fernando Fernandez Mancera <ffmancera@riseup.net>
Date: Wed, 12 Feb 2025 10:58:39 +0100
Subject: [PATCH] policy: always reset retries when unblocking children or
ports
When calling activate_port_or_children_connections() we are unblocking
the ports and children but we are not resetting the number of retries if
it is an internal activation.
This is wrong as even if it's an internal activation the number of
retries should be reset. It won't interferfe with other blocking reasons
like USER_REQUESTED or MISSING_SECRETS.
(cherry picked from commit 7acc66699af9a1546c602082b6994b98cfea7c80)
(cherry picked from commit 2daeef668d7d1e31d6165b89ef4222ce51ddeb89)
(cherry picked from commit 52ed8567e2084a21727ac89c26dcd110be19c35a)
(cherry picked from commit b870c94a4c319d1927f01107e01590c6ccc8342a)
---
src/core/nm-policy.c | 33 +++++++++------------------------
1 file changed, 9 insertions(+), 24 deletions(-)
diff --git a/src/core/nm-policy.c b/src/core/nm-policy.c
index 93b52526a2..e01a13fb8b 100644
--- a/src/core/nm-policy.c
+++ b/src/core/nm-policy.c
@@ -1873,8 +1873,7 @@ unblock_autoconnect_for_children(NMPolicy *self,
const char *parent_device,
const char *parent_uuid_settings,
const char *parent_uuid_applied,
- const char *parent_mac_addr,
- gboolean reset_devcon_autoconnect)
+ const char *parent_mac_addr)
{
NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE(self);
NMSettingsConnection *const *connections;
@@ -1915,10 +1914,8 @@ unblock_autoconnect_for_children(NMPolicy *self,
parent_mac_addr))
continue;
- if (reset_devcon_autoconnect) {
- if (nm_manager_devcon_autoconnect_retries_reset(priv->manager, NULL, sett_conn))
- changed = TRUE;
- }
+ if (nm_manager_devcon_autoconnect_retries_reset(priv->manager, NULL, sett_conn))
+ changed = TRUE;
/* unblock the devices associated with that connection */
if (nm_manager_devcon_autoconnect_blocked_reason_set(
@@ -1940,8 +1937,7 @@ static void
unblock_autoconnect_for_ports(NMPolicy *self,
const char *controller_device,
const char *controller_uuid_settings,
- const char *controller_uuid_applied,
- gboolean reset_devcon_autoconnect)
+ const char *controller_uuid_applied)
{
NMPolicyPrivate *priv = NM_POLICY_GET_PRIVATE(self);
NMSettingsConnection *const *connections;
@@ -1959,7 +1955,6 @@ unblock_autoconnect_for_ports(NMPolicy *self,
"\"",
""));
- changed = FALSE;
connections = nm_settings_get_connections(priv->settings, NULL);
for (i = 0; connections[i]; i++) {
NMSettingsConnection *sett_conn = connections[i];
@@ -1977,10 +1972,8 @@ unblock_autoconnect_for_ports(NMPolicy *self,
controller_uuid_settings))
continue;
- if (reset_devcon_autoconnect) {
- if (nm_manager_devcon_autoconnect_retries_reset(priv->manager, NULL, sett_conn))
- changed = TRUE;
- }
+ if (nm_manager_devcon_autoconnect_retries_reset(priv->manager, NULL, sett_conn))
+ changed = TRUE;
/* unblock the devices associated with that connection */
if (nm_manager_devcon_autoconnect_blocked_reason_set(
@@ -2015,7 +2008,7 @@ unblock_autoconnect_for_ports_for_sett_conn(NMPolicy *self, NMSettingsConnection
controller_uuid_settings = nm_setting_connection_get_uuid(s_con);
controller_device = nm_setting_connection_get_interface_name(s_con);
- unblock_autoconnect_for_ports(self, controller_device, controller_uuid_settings, NULL, TRUE);
+ unblock_autoconnect_for_ports(self, controller_device, controller_uuid_settings, NULL);
}
static void
@@ -2028,7 +2021,6 @@ activate_port_or_children_connections(NMPolicy *self,
const char *controller_uuid_applied = NULL;
const char *parent_mac_addr = NULL;
NMActRequest *req;
- gboolean internal_activation = FALSE;
controller_device = nm_device_get_iface(device);
nm_assert(controller_device);
@@ -2039,7 +2031,6 @@ activate_port_or_children_connections(NMPolicy *self,
if (req) {
NMConnection *connection;
NMSettingsConnection *sett_conn;
- NMAuthSubject *subject;
sett_conn = nm_active_connection_get_settings_connection(NM_ACTIVE_CONNECTION(req));
if (sett_conn)
@@ -2051,25 +2042,19 @@ activate_port_or_children_connections(NMPolicy *self,
if (nm_streq0(controller_uuid_settings, controller_uuid_applied))
controller_uuid_applied = NULL;
-
- subject = nm_active_connection_get_subject(NM_ACTIVE_CONNECTION(req));
- internal_activation =
- subject && (nm_auth_subject_get_subject_type(subject) == NM_AUTH_SUBJECT_TYPE_INTERNAL);
}
if (!activate_children_connections_only) {
unblock_autoconnect_for_ports(self,
controller_device,
controller_uuid_settings,
- controller_uuid_applied,
- !internal_activation);
+ controller_uuid_applied);
}
unblock_autoconnect_for_children(self,
controller_device,
controller_uuid_settings,
controller_uuid_applied,
- parent_mac_addr,
- !internal_activation);
+ parent_mac_addr);
}
static gboolean
--
2.48.1

53
SOURCES/1012-core-prevent-the-activation-of-unavailable-ovs-interfaces-only-rhel-79995.patch Normal file
View File

@ -0,0 +1,53 @@
From 11d2ec5d62fe061bb25db2343a51d9aa4239fb53 Mon Sep 17 00:00:00 2001
From: Fernando Fernandez Mancera <ffmancera@riseup.net>
Date: Mon, 17 Feb 2025 23:10:53 +0100
Subject: [PATCH] core: prevent the activation of unavailable OVS interfaces
only
Preventing the activation of unavailable devices for all device types is
too aggresive and leads to race conditions, e.g when a non-virtual bond
port gets a carrier, preventing the device to be a good candidate for
the connection.
Instead, enforce this check only on OVS interfaces as NetworkManager
just makes sure that ovsdb->ready is set to TRUE.
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2139
Fixes: 774badb1519a ('core: prevent the activation of unavailable devices')
(cherry picked from commit a1c05d2ce6f115c900ef21b69c3ee7e98ef4ddaf)
(cherry picked from commit b8ef2a551e505b5ffb02cc5d4e3ab29e78ea1fac)
(cherry picked from commit 8b39a79621435e0ea3c7b4caaa69640f268409ae)
(cherry picked from commit 67e71a9d7f110607838c5633db81eb2ed0ea6992)
---
src/core/nm-manager.c | 14 ++++++++++----
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/src/core/nm-manager.c b/src/core/nm-manager.c
index 36b8bda0f5..cae3dff613 100644
--- a/src/core/nm-manager.c
+++ b/src/core/nm-manager.c
@@ -4699,10 +4699,16 @@ found_better:
if (nm_g_hash_table_contains(exclude_devices, device))
continue;
- if (!nm_device_is_available(device,
- for_user_request
- ? NM_DEVICE_CHECK_DEV_AVAILABLE_FOR_USER_REQUEST
- : NM_DEVICE_CHECK_DEV_AVAILABLE_NONE))
+ /* During startup, NM performs a cleanup of the ovsdb to remove previous entries.
+ * Before the device is suitable for the connection, it must have ovsdb->ready set
+ * to TRUE. Performing this check in all kind of interfaces is too agressive and leads
+ * to race conditions, e.g when a non-virtual bond port gets a carrier, preventing the
+ * device to be a good candidate for the connection. */
+ if (nm_device_get_device_type(device) == NM_DEVICE_TYPE_OVS_INTERFACE
+ && !nm_device_is_available(device,
+ for_user_request
+ ? NM_DEVICE_CHECK_DEV_AVAILABLE_FOR_USER_REQUEST
+ : NM_DEVICE_CHECK_DEV_AVAILABLE_NONE))
continue;
/* determine the priority of this device. Currently, this priority is independent
--
2.48.1

16
SPECS/NetworkManager.spec
View File

@ -6,7 +6,7 @@
%global epoch_version 1 %global epoch_version 1
%global real_version 1.48.10 %global real_version 1.48.10
%global rpm_version %{real_version} %global rpm_version %{real_version}
%global release_version 5 %global release_version 8
%global snapshot %{nil} %global snapshot %{nil}
%global git_sha %{nil} %global git_sha %{nil}
%global bcond_default_debug 0 %global bcond_default_debug 0
@ -219,6 +219,10 @@ Patch1005: 1005-fix-validation-of-ovs-dpdk-interface-name-rhel-60022.patch
Patch1006: 1006-remove-routes-added-by-nm-on-reapply-rhel-73013.patch Patch1006: 1006-remove-routes-added-by-nm-on-reapply-rhel-73013.patch
Patch1007: 1007-vpn-place-gateway-route-to-table-defined-in-ipvx-route-table-rhel-73166.patch Patch1007: 1007-vpn-place-gateway-route-to-table-defined-in-ipvx-route-table-rhel-73166.patch
Patch1008: 1008-vpn-support-routing-rules-in-vpn-conenctions-rhel-73167.patch Patch1008: 1008-vpn-support-routing-rules-in-vpn-conenctions-rhel-73167.patch
Patch1009: 1009-core-prevent-the-activation-of-unavailable-devices-rhel-78745.patch
Patch1010: 1010-fix-nmtui-segfault-adding-veth-rhel-75763.patch
Patch1011: 1011-policy-always-reset-retries-when-unblocking-children-or-ports-rhel-78748.patch
Patch1012: 1012-core-prevent-the-activation-of-unavailable-ovs-interfaces-only-rhel-79995.patch
Requires(post): systemd Requires(post): systemd
%if 0%{?fedora} || 0%{?rhel} >= 8 %if 0%{?fedora} || 0%{?rhel} >= 8
@ -1275,6 +1279,16 @@ fi
%changelog %changelog
* Tue Feb 18 2025 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.48.10-8
- policy: always reset retries when unblocking children or ports (RHEL-78748)
- core: prevent the activation of unavailable OVS interfaces only (RHEL-79995)
* Thu Feb 13 2025 Íñigo Huguet <ihuguet@redhat.com> - 1:1.48.10-7
- nmtui: fix segfault when adding veth interface (RHEL-75763)
* Wed Feb 12 2025 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.48.10-6
- core: prevent the activation of unavailable devices (RHEL-77167)
* Thu Jan 09 2025 Wen Liang <wenliang@redhat.com> - 1:1.48.10-5 * Thu Jan 09 2025 Wen Liang <wenliang@redhat.com> - 1:1.48.10-5
- vpn: Support routing rules in vpn conenctions (RHEL-73167) - vpn: Support routing rules in vpn conenctions (RHEL-73167)
- vpn: Place gateway route to table defined in ipvx.route-table (RHEL-73166) - vpn: Place gateway route to table defined in ipvx.route-table (RHEL-73166)