From 9c3915eb8a3148ff3003b32b1d1c272145c26518 Mon Sep 17 00:00:00 2001
From: eabdullin <eabdullin@almalinux.org>
Date: Thu, 21 Sep 2023 17:54:10 +0000
Subject: [PATCH] import CS NetworkManager-1.44.0-3.el9

---
 .NetworkManager.metadata                      |  2 +-
 .gitignore                                    |  2 +-
 ...exported-on-D-Bus-in-aut-rhbz2210271.patch | 54 ++++++++++
 ...gfault-crash-when-rollback-rhel-1526.patch | 67 +++++++++++++
 SPECS/NetworkManager.spec                     | 99 +++++++++++++++++--
 5 files changed, 213 insertions(+), 11 deletions(-)
 create mode 100644 SOURCES/1001-nm-manager-ensure-device-is-exported-on-D-Bus-in-aut-rhbz2210271.patch
 create mode 100644 SOURCES/1002-checkpoint-Fix-segfault-crash-when-rollback-rhel-1526.patch

diff --git a/.NetworkManager.metadata b/.NetworkManager.metadata
index 3d5d32c..dab89c7 100644
--- a/.NetworkManager.metadata
+++ b/.NetworkManager.metadata
@@ -1 +1 @@
-83eaa880bb7d4d8f178e426c30d17895e117fb79 SOURCES/NetworkManager-1.42.2.tar.xz
+b3d857c8fdfae1dd36d6bd833cd84a85fcf71880 SOURCES/NetworkManager-1.44.0.tar.xz
diff --git a/.gitignore b/.gitignore
index b799024..22242f5 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/NetworkManager-1.42.2.tar.xz
+SOURCES/NetworkManager-1.44.0.tar.xz
diff --git a/SOURCES/1001-nm-manager-ensure-device-is-exported-on-D-Bus-in-aut-rhbz2210271.patch b/SOURCES/1001-nm-manager-ensure-device-is-exported-on-D-Bus-in-aut-rhbz2210271.patch
new file mode 100644
index 0000000..1867761
--- /dev/null
+++ b/SOURCES/1001-nm-manager-ensure-device-is-exported-on-D-Bus-in-aut-rhbz2210271.patch
@@ -0,0 +1,54 @@
+From 6302c2ea52c6c28d36b6006b29823c469e171e2a Mon Sep 17 00:00:00 2001
+From: Wen Liang <liangwen12year@gmail.com>
+Date: Thu, 3 Aug 2023 10:16:42 -0400
+Subject: [PATCH] nm-manager: ensure device is exported on D-Bus in
+ authentication request
+
+The device authentication request is an async process, it can not know
+the answer right away, it is not guarantee that device is still
+exported on D-Bus when authentication finishes. Thus, do not return
+SUCCESS and abort the authentication request when device is not alive.
+
+https://bugzilla.redhat.com/show_bug.cgi?id=2210271
+(cherry picked from commit b341161e2a4988403ae4a6ef7653e01567da36a0)
+(cherry picked from commit 0e27e84247ed824b27d105292d7bf42dc0341cbb)
+---
+ src/core/nm-manager.c | 15 +++++++++++++++
+ 1 file changed, 15 insertions(+)
+
+diff --git a/src/core/nm-manager.c b/src/core/nm-manager.c
+index 9c7212202b..937acbba1e 100644
+--- a/src/core/nm-manager.c
++++ b/src/core/nm-manager.c
+@@ -3222,6 +3222,13 @@ device_auth_done_cb(NMAuthChain *chain, GDBusMethodInvocation *context, gpointer
+         nm_assert(error || (result == NM_AUTH_CALL_RESULT_YES));
+     }
+ 
++    if (!error && !nm_dbus_object_is_exported(NM_DBUS_OBJECT(device))) {
++        g_set_error(&error,
++                    NM_MANAGER_ERROR,
++                    NM_MANAGER_ERROR_UNKNOWN_DEVICE,
++                    "device no longer exists");
++    }
++
+     callback(device, context, subject, error, nm_auth_chain_get_data(chain, "user-data"));
+ }
+ 
+@@ -3287,6 +3294,14 @@ nm_manager_device_auth_request(NMManager                     *self,
+                                                 &error))
+         goto fail_on_idle;
+ 
++    if (!nm_dbus_object_is_exported(NM_DBUS_OBJECT(device))) {
++        g_set_error(&error,
++                    NM_MANAGER_ERROR,
++                    NM_MANAGER_ERROR_UNKNOWN_DEVICE,
++                    "device no longer exists");
++        goto fail_on_idle;
++    }
++
+     chain = nm_auth_chain_new_subject(subject, context, device_auth_done_cb, self);
+     if (cancellable)
+         nm_auth_chain_set_cancellable(chain, cancellable);
+-- 
+2.41.0
+
diff --git a/SOURCES/1002-checkpoint-Fix-segfault-crash-when-rollback-rhel-1526.patch b/SOURCES/1002-checkpoint-Fix-segfault-crash-when-rollback-rhel-1526.patch
new file mode 100644
index 0000000..63671a3
--- /dev/null
+++ b/SOURCES/1002-checkpoint-Fix-segfault-crash-when-rollback-rhel-1526.patch
@@ -0,0 +1,67 @@
+From d9b3114b6ef8e0f4d50a8d56d750a698d85fa984 Mon Sep 17 00:00:00 2001
+From: Gris Ge <fge@redhat.com>
+Date: Tue, 29 Aug 2023 08:25:23 +0800
+Subject: [PATCH] checkpoint: Fix segfault crash when rollback
+
+When rolling back a checkpoint, NM will crash due to dereference a NULL
+pointer of `priv->removed_devices->len`.
+
+To fix it, we just place a NULL check before that code block.
+
+Fixes: 1f1b71ad9f8a ('checkpoint: preserve devices that were removed and
+                      readded')
+
+Reference: https://issues.redhat.com/browse/RHEL-1526
+
+Signed-off-by: Gris Ge <fge@redhat.com>
+(cherry picked from commit 3162507d6ca381cfbe02ceba2d80ba0f3ba3e5f7)
+(cherry picked from commit e5600d4c5a33749939b984184f27fbe4159a2b65)
+---
+ src/core/nm-checkpoint.c | 23 +++++++++++++----------
+ 1 file changed, 13 insertions(+), 10 deletions(-)
+
+diff --git a/src/core/nm-checkpoint.c b/src/core/nm-checkpoint.c
+index 5c4d4e53d6..74adf48477 100644
+--- a/src/core/nm-checkpoint.c
++++ b/src/core/nm-checkpoint.c
+@@ -460,24 +460,27 @@ next_dev:
+         NMDeviceState state;
+ 
+         nm_manager_for_each_device (priv->manager, device, tmp_lst) {
+-            gboolean found = FALSE;
+-
+             if (g_hash_table_contains(priv->devices, device))
+                 continue;
+ 
+             /* Also ignore devices that were in the checkpoint initially and
+              * were moved to 'removed_devices' because they got removed from
+              * the system. */
+-            for (i = 0; i < priv->removed_devices->len; i++) {
+-                dev_checkpoint = priv->removed_devices->pdata[i];
+-                if (dev_checkpoint->dev_type == nm_device_get_device_type(device)
+-                    && nm_streq0(dev_checkpoint->original_dev_name, nm_device_get_iface(device))) {
+-                    found = TRUE;
+-                    break;
++            if (priv->removed_devices) {
++                gboolean found = FALSE;
++
++                for (i = 0; i < priv->removed_devices->len; i++) {
++                    dev_checkpoint = priv->removed_devices->pdata[i];
++                    if (dev_checkpoint->dev_type == nm_device_get_device_type(device)
++                        && nm_streq0(dev_checkpoint->original_dev_name,
++                                     nm_device_get_iface(device))) {
++                        found = TRUE;
++                        break;
++                    }
+                 }
++                if (found)
++                    continue;
+             }
+-            if (found)
+-                continue;
+ 
+             state = nm_device_get_state(device);
+             if (state > NM_DEVICE_STATE_DISCONNECTED && state < NM_DEVICE_STATE_DEACTIVATING) {
+-- 
+2.41.0
+
diff --git a/SPECS/NetworkManager.spec b/SPECS/NetworkManager.spec
index 612c571..16f3c36 100644
--- a/SPECS/NetworkManager.spec
+++ b/SPECS/NetworkManager.spec
@@ -1,12 +1,12 @@
 %global wpa_supplicant_version 1:1.1
 
-%global ppp_version %(sed -n 's/^#define\\s*VERSION\\s*"\\([^\\s]*\\)"$/\\1/p' %{_includedir}/pppd/patchlevel.h 2>/dev/null | grep . || echo bad)
+%global ppp_version %(pkg-config --modversion pppd 2>/dev/null || sed -n 's/^#define\\s*VERSION\\s*"\\([^\\s]*\\)"$/\\1/p' %{_includedir}/pppd/patchlevel.h 2>/dev/null | grep . || echo bad)
 %global glib2_version %(pkg-config --modversion glib-2.0 2>/dev/null || echo bad)
 
 %global epoch_version 1
-%global real_version 1.42.2
+%global real_version 1.44.0
 %global rpm_version %{real_version}
-%global release_version 1
+%global release_version 3
 %global snapshot %{nil}
 %global git_sha %{nil}
 %global bcond_default_debug 0
@@ -202,7 +202,8 @@ Source7: readme-ifcfg-rh.txt
 # Patch0001: 0001-some.patch
 
 # Bugfixes that are only relevant until next rebase of the package.
-# Patch1001: 1001-some.patch
+Patch1001: 1001-nm-manager-ensure-device-is-exported-on-D-Bus-in-aut-rhbz2210271.patch
+Patch1002: 1002-checkpoint-Fix-segfault-crash-when-rollback-rhel-1526.patch
 
 Requires(post): systemd
 %if 0%{?fedora} || 0%{?rhel} >= 8
@@ -591,8 +592,8 @@ Requires: %{name}-libnm%{?_isa} = %{epoch}:%{version}-%{release}
 
 %description cloud-setup
 Installs a nm-cloud-setup tool that can automatically configure
-NetworkManager in cloud setups. Currently only EC2 is supported.
-This tool is still experimental.
+NetworkManager in cloud environment. Only certain cloud providers
+like Aliyun, Azure, EC2, GCP are supported.
 %endif
 
 
@@ -725,9 +726,9 @@ Preferably use nmcli instead.
 	-Difcfg_rh=true \
 	-Difupdown=false \
 %if %{with ppp}
-	-Dpppd_plugin_dir="%{_libdir}/pppd/%{ppp_version}" \
-	-Dpppd="%{_sbindir}/pppd" \
 	-Dppp=true \
+	-Dpppd="%{_sbindir}/pppd" \
+	-Dpppd_plugin_dir="%{_libdir}/pppd/%{ppp_version}" \
 %else
 	-Dppp=false \
 %endif
@@ -1239,6 +1240,7 @@ fi
 %{_unitdir}/nm-cloud-setup.timer
 %{nmlibdir}/dispatcher.d/90-nm-cloud-setup.sh
 %{nmlibdir}/dispatcher.d/no-wait.d/90-nm-cloud-setup.sh
+%{nmlibdir}/dispatcher.d/pre-up.d/90-nm-cloud-setup.sh
 %{_mandir}/man8/nm-cloud-setup.8*
 %endif
 
@@ -1251,6 +1253,85 @@ fi
 
 
 %changelog
+* Wed Aug 30 2023 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.44.0-3 
+- checkpoint: Fix segfault crash when rollback (rhel-1526)
+
+* Wed Aug 23 2023 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.44.0-2
+- manager: ensure device is exported on D-Bus in authentication request (rh #2210271)
+
+* Thu Aug 10 2023 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.44.0-1
+- update to 1.44.0 release
+- nmcli: add nmcli version mismatch warning (rh #2173196)
+- checkpoint: preserve devices that were removed and readded (rh #2177590)
+
+* Wed Jul 26 2023 Wen Liang <wenliang@redhat.com> - 1:1.43.90-1
+- update to 1.43.90 release (release candidate)
+- manager: allow controller activation if device is deactivating (rh #2125615)
+- assume: change IPv6 method from "ignore" and "disabled" into "auto" for loopback device (rh #2207878)
+- device: delete software device when lose carrier and is controller (rh #2224479)
+- core: better handle ignore-carrier=no for bond/bridge/team devices (rh #2180363)
+
+* Wed Jul 12 2023 Beniamino Galvani <bgalvani@redhat.com> - 1:1.43.11-1
+- update to 1.43.11 release (development)
+- fix assertion about missing ifindex when resetting MAC (rh #2215022)
+- fix wrong order of entries in resolv.conf after reconnect (rh #2218448)
+- do not fail activation when SR-IOV VF parameters can't be applied (rh #2210164)
+- warn that the ifcfg-rh plugin is deprecated (rh #2190375)
+
+* Wed Jun 14 2023 Thomas Haller <thaller@redhat.com> - 1:1.43.10-1
+- Update to 1.43.10 release (development)
+- fix reading infiniband p-key from ifcfg files (rh #2209974)
+- improve autoconnect when selecting controller (rh #2121451)
+- fix managing devices after network reconnect (rh #2149012)
+- better handle ignore-carrier for bond/bridge/team (rh #2180363)
+- cloud-setup: block wait-online while configuration is ongoing (rh #2151040)
+- cloud-setup: avoid leaving half configured system (rh #2207812)
+- cloud-setup: log warning when no provider detected (rh #2214880)
+- cloud-setup: fix RPM description (rh #2214491)
+
+* Wed May 31 2023 Thomas Haller <thaller@redhat.com> - 1:1.43.9-1
+- Update to 1.43.9 release (development)
+- improve autoconnect logic for port/controller configurations (rh #2121451)
+- fix handling external devices during network off/on (rh #2149012)
+
+* Tue May 16 2023 Beniamino Galvani <bgalvani@redhat.com> - 1:1.43.8-1
+- Update to 1.43.8 release (development)
+- ipv6ll: don't regenerate the address when it's removed externally (rh #2196441)
+
+* Wed May  3 2023 Thomas Haller <thaller@redhat.com> - 1:1.43.7-1
+- Update to 1.43.7 release (development)
+- bond: support port priorities (rh #2152304)
+- ovs: fix autoconnect race (rh #2152864)
+
+* Wed Apr 19 2023 Beniamino Galvani <bgalvani@redhat.com> - 1:1.43.6-1
+- Update to 1.43.6 release (development)
+- fix assertion failure when renewing DHCP lease (rh #2179890)
+- emit the dhcp-change dispatcher script event on lease renewal (rh #2179537)
+- ensure the NetworkManager is restarted when dbus is restarted (rh #2161915)
+- add support for the "no-aaaa" resolv.conf option (rh #2176137)                                                                                                              -
+
+* Wed Apr 05 2023 Lubomir Rintel <lkundrak@v3.sk> - 1:1.43.5-1
+- Update to 1.43.5 release (development)
+- cloud-init/ec2: use right HTTP method for IMDSv2 (rh #2179718)
+- core: request a bus name only when dbus objects are present (rh #2175919)
+- core: fix autoconnect retry count tracking (rh #2174353)
+- core: fix retry on netlink socket buffer exhaustion (rh #2169512)
+- ovs: fix a race condition on port detachment (rh #2054933)
+
+* Wed Mar 22 2023 Thomas Haller <thaller@redhat.com> - 1:1.43.4-1
+- Update to 1.43.4 release (development)
+- core: fix handling of IPv4 prefsrc routes with ACD (rh #2046293)
+- core: don't configure static routes without addresses (rh #2102212)
+- core: fix race activating VLAN devices (rh #2155991)
+
+* Thu Mar 09 2023 Lubomir Rintel <lkundrak@v3.sk> - 1:1.43.3-1
+- Update to an early 1.44 snapshot
+- cloud-setup: add IDMSv2 support (rh #2151986)
+- core: add [link] setting (rh #2158328)
+- dhcp: expose client ID, DUID and IAID that have been used (rh #2169869)
+- ovs: ensure device has a proper MAC address once we start dhcp (rh #2168477)
+- team: fix assumption of team port management (rh #2092215)
+
 * Thu Feb 23 2023 Beniamino Galvani <bgalvani@redhat.com> - 1:1.42.2-1
 - Update to 1.42.2 release
 - fix hostname lookup from IPv6 address (rh #2167816)
@@ -1261,7 +1342,7 @@ fi
 * Fri Feb 10 2023 Thomas Haller <thaller@redhat.com> - 1:1.42.0-1
 - Update to 1.42.0 release
 
-* Thu Jan 26 2023 Lubomir Rintel <lkundrak@v3.sk> - - 1:1.41.91-1
+* Thu Jan 26 2023 Lubomir Rintel <lkundrak@v3.sk> - 1:1.41.91-1
 - Update to 1.41.91 release (release candidate)
 - core: retry if a rtnetlink socket runs out of buffer space (rh #2154350)
 - dns: allow changing resolv.conf options alone via global-dns (rh #2019306)