import NetworkManager-1.30.0-7.el8

This commit is contained in:
CentOS Sources 2021-05-18 02:33:22 -04:00 committed by Andrew Lukoshko
parent 30ef5f744c
commit c1bb40bd44
39 changed files with 1308 additions and 61838 deletions

View File

@ -1 +1 @@
4f0745b84feefa57ca83d43310860bffa666e0d4 SOURCES/NetworkManager-1.26.0.tar.xz 550918f97f1614532a317465220d6b5cab08d47a SOURCES/NetworkManager-1.30.0.tar.xz

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/NetworkManager-1.26.0.tar.xz SOURCES/NetworkManager-1.30.0.tar.xz

View File

@ -0,0 +1,91 @@
From 9f90c590d73eb86e357bf4a854af41b73039342c Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Tue, 23 Feb 2021 13:28:10 +0100
Subject: [PATCH 1/1] bond: avoid logging warning to set
"ad_actor_system=00:00:00:00:00:00"
The bond option ad_actor_system only matters (and is available) with
mode=802.3ad.
When you create a new bond, the sysctl value will be set to "00:00:00:00:00:00".
So this seems to be a valid value, and in fact the default value for
this option. However, kernel will fail with EINVAL to set the sysctl to
"00:00:00:00:00:00". Kernel fails both if the value is already
"00:00:00:00:00:00" (i.e. setting the same value results in an error) and
it also fails otherwise (i.e. we cannot ever reset the value to
"00:00:00:00:00:00", at least not via sysfs).
Avoid the warning in the common case, where the value is already as
expected.
Otherwise, we still get the warning and won't be able to set the right
value. But this is really a limitation of the kernel API where we cannot
do anything about it (in NetworkManager).
https://bugzilla.redhat.com/show_bug.cgi?id=1923999
(cherry picked from commit 9e7af314546d7912ee23b3850230008902aca4d3)
(cherry picked from commit 199ac9b146b0d7b1d6679a8d703822447abc3ce7)
---
libnm-core/nm-core-internal.h | 2 ++
libnm-core/nm-setting-bond.c | 2 +-
src/core/devices/nm-device-bond.c | 18 ++++++++++++++++++
3 files changed, 21 insertions(+), 1 deletion(-)
diff --git a/libnm-core/nm-core-internal.h b/libnm-core/nm-core-internal.h
index d9374fe5a7a8..e386d5e9d074 100644
--- a/libnm-core/nm-core-internal.h
+++ b/libnm-core/nm-core-internal.h
@@ -586,6 +586,8 @@ NMBondOptionType _nm_setting_bond_get_option_type(NMSettingBond *setting, const
const char *nm_setting_bond_get_option_or_default(NMSettingBond *self, const char *option);
+#define NM_BOND_AD_ACTOR_SYSTEM_DEFAULT "00:00:00:00:00:00"
+
/*****************************************************************************/
/* nm_connection_get_uuid() asserts against NULL, which is the right thing to
diff --git a/libnm-core/nm-setting-bond.c b/libnm-core/nm-setting-bond.c
index 2d64ef02b48c..68d4ca88f678 100644
--- a/libnm-core/nm-setting-bond.c
+++ b/libnm-core/nm-setting-bond.c
@@ -337,7 +337,7 @@ _bond_get_option_normalized(NMSettingBond *self, const char *option, gboolean ge
if (nm_streq(option, NM_SETTING_BOND_OPTION_AD_ACTOR_SYSTEM)) {
/* The default value depends on the current mode */
if (mode == NM_BOND_MODE_8023AD)
- return "00:00:00:00:00:00";
+ return NM_BOND_AD_ACTOR_SYSTEM_DEFAULT;
return "";
}
diff --git a/src/core/devices/nm-device-bond.c b/src/core/devices/nm-device-bond.c
index f68c080b1839..5814aef4518f 100644
--- a/src/core/devices/nm-device-bond.c
+++ b/src/core/devices/nm-device-bond.c
@@ -109,6 +109,24 @@ _set_bond_attr(NMDevice *device, const char *attr, const char *value)
int ifindex = nm_device_get_ifindex(device);
gboolean ret;
+ nm_assert(attr && attr[0]);
+ nm_assert(value);
+
+ if (nm_streq(value, NM_BOND_AD_ACTOR_SYSTEM_DEFAULT)
+ && nm_streq(attr, NM_SETTING_BOND_OPTION_AD_ACTOR_SYSTEM)) {
+ gs_free char *cur_val = NULL;
+
+ /* kernel does not allow setting ad_actor_system to "00:00:00:00:00:00". We would thus
+ * log an EINVAL error. Avoid that... at least, if the value is already "00:00:00:00:00:00". */
+ cur_val =
+ nm_platform_sysctl_master_get_option(nm_device_get_platform(device), ifindex, attr);
+ if (nm_streq0(cur_val, NM_BOND_AD_ACTOR_SYSTEM_DEFAULT))
+ return TRUE;
+
+ /* OK, the current value is different, and we will proceed setting "00:00:00:00:00:00".
+ * That will fail, and we will log a warning. There is nothing else to do. */
+ }
+
ret =
nm_platform_sysctl_master_set_option(nm_device_get_platform(device), ifindex, attr, value);
if (!ret)
--
2.29.2

View File

@ -1,37 +0,0 @@
From a1198f4f6d95682bc4126fe4f13d8c549394d8b6 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Tue, 14 Jul 2020 22:52:56 +0200
Subject: [PATCH] team: perform cleanup immediately when connecting to teamd
fails
When NM fails to connect to teamd during an activation, it sets the
device state to FAILED. Eventually the device will become DISCONNECTED
and will call the ->deactivate() method that will perform the cleanup
of timers, teamd process and teamdctl instance.
However, in this way, when the device is DISCONNECTED timers are still
armed and can be triggered in the wrong state. Instead, perform the
cleanup immediately on failure.
https://bugzilla.redhat.com/show_bug.cgi?id=1856723
(cherry picked from commit 26e97fcd0d4a70e32a484d3bfc57c1802da10554)
(cherry picked from commit 680c0b88122077101cbfd878a70d54fb7a4afcea)
---
src/devices/team/nm-device-team.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/devices/team/nm-device-team.c b/src/devices/team/nm-device-team.c
index 217c4bdd7c..7ba3034212 100644
--- a/src/devices/team/nm-device-team.c
+++ b/src/devices/team/nm-device-team.c
@@ -371,6 +371,7 @@ teamd_ready (NMDeviceTeam *self)
success = teamd_read_config (self);
if (!success) {
+ teamd_cleanup (self, TRUE);
nm_device_state_changed (device, NM_DEVICE_STATE_FAILED, NM_DEVICE_STATE_REASON_TEAMD_CONTROL_FAILED);
return;
}
--
2.26.2

View File

@ -1,291 +0,0 @@
From 7fadadb8f33675d0a12c94f5c0f5c6ecef4a98cf Mon Sep 17 00:00:00 2001
From: Antonio Cardace <acardace@redhat.com>
Date: Tue, 14 Jul 2020 11:35:35 +0200
Subject: [PATCH] core: fix generation of dependent local routes for VRFs
When using VRF devices we must pre-generate dependent local
routes in the VRF's table otherwise they will be incorrectly added
to the local table instead.
https://bugzilla.redhat.com/show_bug.cgi?id=1857133
Fixes: a199cd2a7d92 ('core: add dependent local routes configured by kernel')
(cherry picked from commit d342af1925223cf8d117750c91f35f3041f05570)
(cherry picked from commit ad64da5e85757eeb729fea377bb92ac41c8b92bd)
---
src/devices/nm-device.c | 9 ++++++++-
src/nm-iface-helper.c | 11 ++++++++++-
src/nm-ip4-config.c | 19 +++++++++++--------
src/nm-ip4-config.h | 7 ++++---
src/nm-ip6-config.c | 17 +++++++++++------
src/nm-ip6-config.h | 5 +++--
src/vpn/nm-vpn-connection.c | 19 ++++++++++++++++---
7 files changed, 63 insertions(+), 24 deletions(-)
diff --git a/src/devices/nm-device.c b/src/devices/nm-device.c
index de09e4807..57c32cef8 100644
--- a/src/devices/nm-device.c
+++ b/src/devices/nm-device.c
@@ -68,6 +68,7 @@
#include "nm-device-generic.h"
#include "nm-device-vlan.h"
+#include "nm-device-vrf.h"
#include "nm-device-wireguard.h"
#include "nm-device-logging.h"
@@ -8097,15 +8098,21 @@ ip_config_merge_and_apply (NMDevice *self,
}
if (commit) {
+ gboolean is_vrf;
+
+ is_vrf = priv->master && nm_device_get_device_type (priv->master) == NM_DEVICE_TYPE_VRF;
+
if (IS_IPv4) {
nm_ip4_config_add_dependent_routes (NM_IP4_CONFIG (composite),
nm_device_get_route_table (self, addr_family),
nm_device_get_route_metric (self, addr_family),
+ is_vrf,
&ip4_dev_route_blacklist);
} else {
nm_ip6_config_add_dependent_routes (NM_IP6_CONFIG (composite),
nm_device_get_route_table (self, addr_family),
- nm_device_get_route_metric (self, addr_family));
+ nm_device_get_route_metric (self, addr_family),
+ is_vrf);
}
}
diff --git a/src/nm-iface-helper.c b/src/nm-iface-helper.c
index 6320e722c..c7d65d2a6 100644
--- a/src/nm-iface-helper.c
+++ b/src/nm-iface-helper.c
@@ -41,11 +41,13 @@
static struct {
GMainLoop *main_loop;
int ifindex;
+ gboolean is_vrf_device;
guint dad_failed_id;
CList dad_failed_lst_head;
} gl/*obal*/ = {
.ifindex = -1,
+ .is_vrf_device = FALSE,
};
static struct {
@@ -120,6 +122,7 @@ dhcp4_state_changed (NMDhcpClient *client,
nm_ip4_config_add_dependent_routes (existing,
RT_TABLE_MAIN,
global_opt.priority_v4,
+ gl.is_vrf_device,
&ip4_dev_route_blacklist);
if (!nm_ip4_config_commit (existing,
NM_PLATFORM_GET,
@@ -236,7 +239,8 @@ ndisc_config_changed (NMNDisc *ndisc, const NMNDiscData *rdata, guint changed_in
nm_ip6_config_merge (existing, ndisc_config, NM_IP_CONFIG_MERGE_DEFAULT, 0);
nm_ip6_config_add_dependent_routes (existing,
RT_TABLE_MAIN,
- global_opt.priority_v6);
+ global_opt.priority_v6,
+ gl.is_vrf_device);
if (!nm_ip6_config_commit (existing,
NM_PLATFORM_GET,
NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN,
@@ -480,6 +484,11 @@ main (int argc, char *argv[])
if (pllink) {
hwaddr = nmp_link_address_get_as_bytes (&pllink->l_address);
bcast_hwaddr = nmp_link_address_get_as_bytes (&pllink->l_broadcast);
+
+ if (pllink->master > 0) {
+ gl.is_vrf_device
+ = nm_platform_link_get_type (NM_PLATFORM_GET, pllink->master) == NM_LINK_TYPE_VRF;
+ }
}
if (global_opt.iid_str) {
diff --git a/src/nm-ip4-config.c b/src/nm-ip4-config.c
index 490296c8d..f017a3e80 100644
--- a/src/nm-ip4-config.c
+++ b/src/nm-ip4-config.c
@@ -672,9 +672,11 @@ nm_ip4_config_update_routes_metric (NMIP4Config *self, gint64 metric)
}
static void
-_add_local_route_from_addr4 (NMIP4Config *self,
- const NMPlatformIP4Address *addr,
- int ifindex)
+_add_local_route_from_addr4 (NMIP4Config * self,
+ const NMPlatformIP4Address *addr,
+ int ifindex,
+ guint32 route_table,
+ gboolean is_vrf)
{
nm_auto_nmpobj NMPObject *r = NULL;
NMPlatformIP4Route *route;
@@ -686,18 +688,19 @@ _add_local_route_from_addr4 (NMIP4Config *self,
route->network = addr->address;
route->plen = 32;
route->pref_src = addr->address;
- route->table_coerced = nm_platform_route_table_coerce (RT_TABLE_LOCAL);
route->type_coerced = nm_platform_route_type_coerce (RTN_LOCAL);
route->scope_inv = nm_platform_route_scope_inv (RT_SCOPE_HOST);
+ route->table_coerced = nm_platform_route_table_coerce (is_vrf ? route_table : RT_TABLE_LOCAL);
_add_route (self, r, NULL, NULL);
}
void
nm_ip4_config_add_dependent_routes (NMIP4Config *self,
- guint32 route_table,
- guint32 route_metric,
- GPtrArray **out_ip4_dev_route_blacklist)
+ guint32 route_table,
+ guint32 route_metric,
+ gboolean is_vrf,
+ GPtrArray ** out_ip4_dev_route_blacklist)
{
GPtrArray *ip4_dev_route_blacklist = NULL;
const NMPlatformIP4Address *my_addr;
@@ -729,7 +732,7 @@ nm_ip4_config_add_dependent_routes (NMIP4Config *self,
if (my_addr->external)
continue;
- _add_local_route_from_addr4 (self, my_addr, ifindex);
+ _add_local_route_from_addr4 (self, my_addr, ifindex, route_table, is_vrf);
if (_ipv4_is_zeronet (network)) {
/* Kernel doesn't add device-routes for destinations that
diff --git a/src/nm-ip4-config.h b/src/nm-ip4-config.h
index d4694d936..dc8222fd5 100644
--- a/src/nm-ip4-config.h
+++ b/src/nm-ip4-config.h
@@ -157,9 +157,10 @@ NMDedupMultiIndex *nm_ip4_config_get_multi_idx (const NMIP4Config *self);
NMIP4Config *nm_ip4_config_capture (NMDedupMultiIndex *multi_idx, NMPlatform *platform, int ifindex);
void nm_ip4_config_add_dependent_routes (NMIP4Config *self,
- guint32 route_table,
- guint32 route_metric,
- GPtrArray **out_ip4_dev_route_blacklist);
+ guint32 route_table,
+ guint32 route_metric,
+ gboolean is_vrf,
+ GPtrArray ** out_ip4_dev_route_blacklist);
gboolean nm_ip4_config_commit (const NMIP4Config *self,
NMPlatform *platform,
diff --git a/src/nm-ip6-config.c b/src/nm-ip6-config.c
index 4911ec1d1..1589cad00 100644
--- a/src/nm-ip6-config.c
+++ b/src/nm-ip6-config.c
@@ -475,27 +475,32 @@ _add_multicast_route6 (NMIP6Config *self, int ifindex)
}
static void
-_add_local_route_from_addr6 (NMIP6Config *self, const NMPlatformIP6Address *addr, int ifindex)
+_add_local_route_from_addr6 (NMIP6Config * self,
+ const NMPlatformIP6Address *addr,
+ int ifindex,
+ guint32 route_table,
+ gboolean is_vrf)
{
nm_auto_nmpobj NMPObject *r = NULL;
- NMPlatformIP6Route *route;
+ NMPlatformIP6Route * route;
r = nmp_object_new (NMP_OBJECT_TYPE_IP6_ROUTE, NULL);
route = NMP_OBJECT_CAST_IP6_ROUTE (r);
route->ifindex = ifindex;
route->network = addr->address;
route->plen = 128;
- route->table_coerced = nm_platform_route_table_coerce (RT_TABLE_LOCAL);
route->type_coerced = nm_platform_route_type_coerce (RTN_LOCAL);
route->metric = 0;
+ route->table_coerced = nm_platform_route_table_coerce (is_vrf ? route_table : RT_TABLE_LOCAL);
_add_route (self, r, NULL, NULL);
}
void
nm_ip6_config_add_dependent_routes (NMIP6Config *self,
- guint32 route_table,
- guint32 route_metric)
+ guint32 route_table,
+ guint32 route_metric,
+ gboolean is_vrf)
{
const NMPlatformIP6Address *my_addr;
const NMPlatformIP6Route *my_route;
@@ -524,7 +529,7 @@ nm_ip6_config_add_dependent_routes (NMIP6Config *self,
continue;
/* Pre-generate local route added by kernel */
- _add_local_route_from_addr6 (self, my_addr, ifindex);
+ _add_local_route_from_addr6 (self, my_addr, ifindex, route_table, is_vrf);
if (NM_FLAGS_HAS (my_addr->n_ifa_flags, IFA_F_NOPREFIXROUTE))
continue;
diff --git a/src/nm-ip6-config.h b/src/nm-ip6-config.h
index 36e8518a8..b6f461b29 100644
--- a/src/nm-ip6-config.h
+++ b/src/nm-ip6-config.h
@@ -93,8 +93,9 @@ NMIP6Config *nm_ip6_config_capture (struct _NMDedupMultiIndex *multi_idx, NMPlat
NMSettingIP6ConfigPrivacy use_temporary);
void nm_ip6_config_add_dependent_routes (NMIP6Config *self,
- guint32 route_table,
- guint32 route_metric);
+ guint32 route_table,
+ guint32 route_metric,
+ gboolean is_vrf);
gboolean nm_ip6_config_commit (const NMIP6Config *self,
NMPlatform *platform,
diff --git a/src/vpn/nm-vpn-connection.c b/src/vpn/nm-vpn-connection.c
index 6d995dc48..ff6b8e00c 100644
--- a/src/vpn/nm-vpn-connection.c
+++ b/src/vpn/nm-vpn-connection.c
@@ -1447,6 +1447,20 @@ get_route_table (NMVpnConnection *self,
return route_table ?: (fallback_main ? RT_TABLE_MAIN : 0);
}
+static gboolean
+_is_device_vrf (NMVpnConnection *self)
+{
+ NMDevice *parent;
+ NMDevice *master;
+
+ parent = nm_active_connection_get_device (NM_ACTIVE_CONNECTION (self));
+ if (!parent)
+ return FALSE;
+
+ master = nm_device_get_master (parent);
+ return master && nm_device_get_link_type (master) == NM_LINK_TYPE_VRF;
+}
+
static void
nm_vpn_connection_ip4_config_get (NMVpnConnection *self, GVariant *dict)
{
@@ -1646,6 +1660,7 @@ nm_vpn_connection_ip4_config_get (NMVpnConnection *self, GVariant *dict)
nm_ip4_config_add_dependent_routes (config,
route_table,
nm_vpn_connection_get_ip4_route_metric (self),
+ _is_device_vrf (self),
&priv->ip4_dev_route_blacklist);
if (priv->ip4_config) {
@@ -1840,9 +1855,7 @@ next:
nm_ip6_config_add_route (config, &r, NULL);
}
- nm_ip6_config_add_dependent_routes (config,
- route_table,
- route_metric);
+ nm_ip6_config_add_dependent_routes (config, route_table, route_metric, _is_device_vrf (self));
if (priv->ip6_config) {
nm_ip6_config_replace (priv->ip6_config, config, NULL);
--
2.26.2

View File

@ -0,0 +1,41 @@
From a5eb2f55d79b9023fbda6945da09f9bcecea8560 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Sun, 28 Feb 2021 11:18:16 +0100
Subject: [PATCH 1/1] core: increase limit of open file descriptors for
NetworkManager.service
Note that POSIX select() can only handle up to 1024 descriptors. That
means, our code (and the libraries that we use) must not use select().
Note that libndp uses select(), which means NetworkManager will crash
when using file descriptors larger than 1023. On the other hand,
depriving NetworkManager of file descriptors will also crash it.
So libndp must be fixed ([1]).
[1] https://listman.redhat.com/archives/libndp-list/2021-February/msg00000.html
https://bugzilla.redhat.com/show_bug.cgi?id=1926599
(cherry picked from commit a708a172a6a289d5399897e7da3a0e38721b1b7e)
(cherry picked from commit 2ca405fa9bd047593cd299691b74af7f44184c71)
---
data/NetworkManager.service.in | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/data/NetworkManager.service.in b/data/NetworkManager.service.in
index 91ebd9a36e65..9cf1c3d28f47 100644
--- a/data/NetworkManager.service.in
+++ b/data/NetworkManager.service.in
@@ -19,6 +19,10 @@ CapabilityBoundingSet=CAP_NET_ADMIN CAP_DAC_OVERRIDE CAP_NET_RAW CAP_NET_BIND_SE
ProtectSystem=true
ProtectHome=read-only
+# We require file descriptors for DHCP etc. When activating many interfaces,
+# the default limit of 1024 is easily reached.
+LimitNOFILE=65536
+
[Install]
WantedBy=multi-user.target
Also=NetworkManager-dispatcher.service
--
2.29.2

View File

@ -1,46 +0,0 @@
From 39e365733bd3c79c5801d4e6c7a32f133b9af678 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Mon, 6 Jul 2020 17:30:05 +0200
Subject: [PATCH] core: fix check on master active-connection failure
The previous check was never satisfied, as the device is assigned to
the active-connection and realized early. Instead, check the
master_ready flag, which tells if the master is ready and, therefore,
if the slave has already been added to the master.
Before this commit, in some cases a device didn't detect that the
master failed and kept waiting forever.
https://bugzilla.redhat.com/show_bug.cgi?id=1845018
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/568
(cherry picked from commit 0911d2a4ee1c317f455c01cbad048b994f69844d)
(cherry picked from commit 223f741810db9e457ec512c7626bf9e65d82a6cb)
---
src/nm-active-connection.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/nm-active-connection.c b/src/nm-active-connection.c
index 08037ebe71..151fb4d939 100644
--- a/src/nm-active-connection.c
+++ b/src/nm-active-connection.c
@@ -810,14 +810,14 @@ master_state_cb (NMActiveConnection *master,
gpointer user_data)
{
NMActiveConnection *self = NM_ACTIVE_CONNECTION (user_data);
+ NMActiveConnectionPrivate *priv = NM_ACTIVE_CONNECTION_GET_PRIVATE (self);
NMActiveConnectionState master_state = nm_active_connection_get_state (master);
- NMDevice *master_device = nm_active_connection_get_device (master);
check_master_ready (self);
if ( master_state == NM_ACTIVE_CONNECTION_STATE_DEACTIVATING
- && (!master_device || !nm_device_is_real (master_device))) {
- /* Master failed without ever creating or realizing its device */
+ && !priv->master_ready) {
+ /* Master disconnected before the slave was added */
if (NM_ACTIVE_CONNECTION_GET_CLASS (self)->master_failed)
NM_ACTIVE_CONNECTION_GET_CLASS (self)->master_failed (self);
}
--
2.26.2

View File

@ -0,0 +1,81 @@
From 9ab6906ea1c2ddd23a3926b35ed75128dd302d13 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Mon, 1 Mar 2021 21:16:08 +0100
Subject: [PATCH] initrd: apply the MTU from bond= argument to the bond
connection
Currently the MTU specified in:
bond=<bondname>[:<bondslaves>:[:<options>[:<mtu>]]]
gets applied to the bond ports. Instead it should be applied to the
bond itself.
Fixes: ecc074b2f8a6 ('initrd: add command line parser')
https://bugzilla.redhat.com/show_bug.cgi?id=1932502
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/767
(cherry picked from commit 8df3ef5063cf0f8ee904f8fd39e9e64cc60836eb)
(cherry picked from commit 43d16d2cd63a3443704ca7bb539ba5cb673ba183)
---
src/core/initrd/nmi-cmdline-reader.c | 5 +++--
src/core/initrd/tests/test-cmdline-reader.c | 7 ++++++-
2 files changed, 9 insertions(+), 3 deletions(-)
diff --git a/src/core/initrd/nmi-cmdline-reader.c b/src/core/initrd/nmi-cmdline-reader.c
index 508ef2b25c..5f40f63ef2 100644
--- a/src/core/initrd/nmi-cmdline-reader.c
+++ b/src/core/initrd/nmi-cmdline-reader.c
@@ -764,6 +764,9 @@ reader_parse_master(Reader *reader, char *argument, const char *type_name, const
mtu = get_word(&argument, ':');
}
+ if (mtu)
+ connection_set(connection, NM_SETTING_WIRED_SETTING_NAME, NM_SETTING_WIRED_MTU, mtu);
+
do {
slave = get_word(&slaves, ',');
if (slave == NULL)
@@ -777,8 +780,6 @@ reader_parse_master(Reader *reader, char *argument, const char *type_name, const
NM_SETTING_CONNECTION_MASTER,
master,
NULL);
- if (mtu)
- connection_set(connection, NM_SETTING_WIRED_SETTING_NAME, NM_SETTING_WIRED_MTU, mtu);
} while (slaves && *slaves != '\0');
if (argument && *argument)
diff --git a/src/core/initrd/tests/test-cmdline-reader.c b/src/core/initrd/tests/test-cmdline-reader.c
index 33fb22d364..4b450aae0f 100644
--- a/src/core/initrd/tests/test-cmdline-reader.c
+++ b/src/core/initrd/tests/test-cmdline-reader.c
@@ -825,13 +825,14 @@ test_bond(void)
{
gs_unref_hashtable GHashTable *connections = NULL;
const char *const * ARGV = NM_MAKE_STRV("rd.route=192.0.2.53::bong0",
- "bond=bong0:eth0,eth1:mode=balance-rr",
+ "bond=bong0:eth0,eth1:mode=balance-rr:9000",
"nameserver=203.0.113.53");
NMConnection * connection;
NMSettingConnection * s_con;
NMSettingIPConfig * s_ip4;
NMSettingIPConfig * s_ip6;
NMSettingBond * s_bond;
+ NMSettingWired * s_wired;
NMIPRoute * ip_route;
const char * master_uuid;
@@ -847,6 +848,10 @@ test_bond(void)
master_uuid = nm_connection_get_uuid(connection);
g_assert(master_uuid);
+ s_wired = nm_connection_get_setting_wired(connection);
+ g_assert(s_wired);
+ g_assert_cmpint(nm_setting_wired_get_mtu(s_wired), ==, 9000);
+
s_ip4 = nm_connection_get_setting_ip4_config(connection);
g_assert(s_ip4);
g_assert_cmpstr(nm_setting_ip_config_get_method(s_ip4), ==, NM_SETTING_IP4_CONFIG_METHOD_AUTO);
--
2.29.2

View File

@ -0,0 +1,68 @@
From ccc66f603d5fac8748d2271d051bbd1c42eeb682 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Sat, 6 Mar 2021 11:35:12 +0100
Subject: [PATCH] bond: restore MAC on release only when there is a cloned MAC
address
Currently we unconditionally reset the MAC to the previous value after
releasing ports. This has some disadvantages:
- by default, after the last port is removed the bond will have one
of the previous port's address, which could conflict with the port;
- in some cases, changing the bond MAC is not possible. For example
when the bond is active-backup and has fail_over_mac=1|2. In such
case the netlink call succeeds, but the address doesn't
change; then NM would keep waiting for some time.
Don't try to restore the MAC unless the bond connection has a cloned
MAC set.
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/775
(cherry picked from commit 190fd9aa9f3fbf5705c2b80b9fc64c89d22b7593)
(cherry picked from commit 4c1e60549a5be170185a77439379cc170d6b3631)
---
src/core/devices/nm-device-bond.c | 20 ++++++++++++++------
1 file changed, 14 insertions(+), 6 deletions(-)
diff --git a/src/core/devices/nm-device-bond.c b/src/core/devices/nm-device-bond.c
index 5814aef451..247ce41c07 100644
--- a/src/core/devices/nm-device-bond.c
+++ b/src/core/devices/nm-device-bond.c
@@ -444,9 +444,10 @@ release_slave(NMDevice *device, NMDevice *slave, gboolean configure)
_LOGD(LOGD_BOND, "bond slave %s is already released", nm_device_get_ip_iface(slave));
if (configure) {
- /* When the last slave is released the bond MAC will be set to a random
- * value by kernel; remember the current one and restore it afterwards.
- */
+ NMConnection * applied;
+ NMSettingWired *s_wired;
+ const char * cloned_mac;
+
address = g_strdup(nm_device_get_hw_address(device));
if (ifindex_slave > 0) {
@@ -461,9 +462,16 @@ release_slave(NMDevice *device, NMDevice *slave, gboolean configure)
}
}
- nm_platform_process_events(nm_device_get_platform(device));
- if (nm_device_update_hw_address(device))
- nm_device_hw_addr_set(device, address, "restore", FALSE);
+ if ((applied = nm_device_get_applied_connection(device))
+ && ((s_wired = nm_connection_get_setting_wired(applied)))
+ && ((cloned_mac = nm_setting_wired_get_cloned_mac_address(s_wired)))) {
+ /* When the last slave is released the bond MAC will be set to a random
+ * value by kernel; if we have set a cloned-mac-address, we need to
+ * restore it to the previous value. */
+ nm_platform_process_events(nm_device_get_platform(device));
+ if (nm_device_update_hw_address(device))
+ nm_device_hw_addr_set(device, address, "restore", FALSE);
+ }
/* Kernel bonding code "closes" the slave when releasing it, (which clears
* IFF_UP), so we must bring it back up here to ensure carrier changes and
--
2.29.2

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,570 @@
From 549687f0202469289cef3ac322f81a04677873b6 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Tue, 23 Mar 2021 17:48:43 +0100
Subject: [PATCH 1/6] core: avoid logging pointer value in
nm_device_set_ip_config()
(cherry picked from commit 5da8c073efd67f12292c1c5c67ada64b9c9f5a6c)
(cherry picked from commit c0e937c8b9a1077d1e77c3fe1f480b6e5b54c55b)
---
src/core/devices/nm-device.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c
index 040dd0b4d367..44b87490c17e 100644
--- a/src/core/devices/nm-device.c
+++ b/src/core/devices/nm-device.c
@@ -13496,10 +13496,10 @@ nm_device_set_ip_config(NMDevice * self,
nm_assert(IS_IPv4 || !ip4_dev_route_blacklist);
_LOGD(LOGD_IPX(IS_IPv4),
- "ip%c-config: update (commit=%d, new-config=%p)",
+ "ip%c-config: update (commit=%d, new-config=" NM_HASH_OBFUSCATE_PTR_FMT")",
nm_utils_addr_family_to_char(addr_family),
commit,
- new_config);
+ NM_HASH_OBFUSCATE_PTR(new_config));
/* Always commit to nm-platform to update lifetimes */
if (commit && new_config) {
--
2.30.2
From a633a7855bb08afc9709a8dbed01fb5e4278d540 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Tue, 23 Mar 2021 17:56:37 +0100
Subject: [PATCH 2/6] core: log route-table-sync-mode in
nm_device_set_ip_config()
(cherry picked from commit f6db2c6261b560ec34b56eeeb3766c9165f5619b)
(cherry picked from commit 2fb1a22e2be6d9e83bfc9e9873f93976286a55b0)
---
src/core/devices/nm-device.c | 28 ++++++++++++++++++----------
1 file changed, 18 insertions(+), 10 deletions(-)
diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c
index 44b87490c17e..5eaf8c23e7da 100644
--- a/src/core/devices/nm-device.c
+++ b/src/core/devices/nm-device.c
@@ -13478,12 +13478,13 @@ nm_device_set_ip_config(NMDevice * self,
gboolean commit,
GPtrArray * ip4_dev_route_blacklist)
{
- NMDevicePrivate * priv = NM_DEVICE_GET_PRIVATE(self);
- const int IS_IPv4 = NM_IS_IPv4(addr_family);
- NMIPConfig * old_config;
- gboolean has_changes = FALSE;
- gboolean success = TRUE;
- NMSettingsConnection *settings_connection;
+ NMDevicePrivate * priv = NM_DEVICE_GET_PRIVATE(self);
+ const int IS_IPv4 = NM_IS_IPv4(addr_family);
+ NMIPConfig * old_config;
+ gboolean has_changes = FALSE;
+ gboolean success = TRUE;
+ NMSettingsConnection * settings_connection;
+ NMIPRouteTableSyncMode route_table_sync_mode;
nm_assert_addr_family(addr_family);
nm_assert(!new_config || nm_ip_config_get_addr_family(new_config) == addr_family);
@@ -13495,11 +13496,18 @@ nm_device_set_ip_config(NMDevice * self,
})));
nm_assert(IS_IPv4 || !ip4_dev_route_blacklist);
+ if (commit && new_config)
+ route_table_sync_mode = _get_route_table_sync_mode_stateful(self, addr_family);
+ else
+ route_table_sync_mode = NM_IP_ROUTE_TABLE_SYNC_MODE_NONE;
+
_LOGD(LOGD_IPX(IS_IPv4),
- "ip%c-config: update (commit=%d, new-config=" NM_HASH_OBFUSCATE_PTR_FMT")",
+ "ip%c-config: update (commit=%d, new-config=" NM_HASH_OBFUSCATE_PTR_FMT
+ ", route-table-sync-mode=%d)",
nm_utils_addr_family_to_char(addr_family),
commit,
- NM_HASH_OBFUSCATE_PTR(new_config));
+ NM_HASH_OBFUSCATE_PTR(new_config),
+ (int) route_table_sync_mode);
/* Always commit to nm-platform to update lifetimes */
if (commit && new_config) {
@@ -13508,7 +13516,7 @@ nm_device_set_ip_config(NMDevice * self,
if (IS_IPv4) {
success = nm_ip4_config_commit(NM_IP4_CONFIG(new_config),
nm_device_get_platform(self),
- _get_route_table_sync_mode_stateful(self, AF_INET));
+ route_table_sync_mode);
nm_platform_ip4_dev_route_blacklist_set(nm_device_get_platform(self),
nm_ip_config_get_ifindex(new_config),
ip4_dev_route_blacklist);
@@ -13517,7 +13525,7 @@ nm_device_set_ip_config(NMDevice * self,
success = nm_ip6_config_commit(NM_IP6_CONFIG(new_config),
nm_device_get_platform(self),
- _get_route_table_sync_mode_stateful(self, AF_INET6),
+ route_table_sync_mode,
&temporary_not_available);
if (!_rt6_temporary_not_available_set(self, temporary_not_available))
--
2.30.2
From a9aead98e4c2d5ce73ab6388360139489f677320 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Mon, 22 Mar 2021 17:31:35 +0100
Subject: [PATCH 3/6] core: add NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE mode
When we deactivate a device, we flush all IP addresses and
routes. Thus, have yet another sync mode for that. It will sync more
than "ALL".
(cherry picked from commit e226b5eb829e5e8c623948e35d406e815cd05089)
(cherry picked from commit b263454f241ea944d87e13f935530d0539343bce)
---
src/core/nm-types.h | 12 ++++++++----
src/core/platform/nm-platform.c | 29 +++++++++++++++++++----------
2 files changed, 27 insertions(+), 14 deletions(-)
diff --git a/src/core/nm-types.h b/src/core/nm-types.h
index ab2314594d4a..8a32b7d20459 100644
--- a/src/core/nm-types.h
+++ b/src/core/nm-types.h
@@ -245,12 +245,16 @@ typedef enum {
* local table (255).
* @NM_IP_ROUTE_TABLE_SYNC_MODE_ALL: NM will sync all tables, including the
* local table (255).
+ * @NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE: NM will sync all tables (including
+ * the local table). It will thereby remove all addresses, that is during
+ * deactivation.
*/
typedef enum {
- NM_IP_ROUTE_TABLE_SYNC_MODE_NONE = 0,
- NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN = 1,
- NM_IP_ROUTE_TABLE_SYNC_MODE_FULL = 2,
- NM_IP_ROUTE_TABLE_SYNC_MODE_ALL = 3,
+ NM_IP_ROUTE_TABLE_SYNC_MODE_NONE,
+ NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN,
+ NM_IP_ROUTE_TABLE_SYNC_MODE_FULL,
+ NM_IP_ROUTE_TABLE_SYNC_MODE_ALL,
+ NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE,
} NMIPRouteTableSyncMode;
/* settings */
diff --git a/src/core/platform/nm-platform.c b/src/core/platform/nm-platform.c
index 0e5f8ab54806..8cfcf8bc6654 100644
--- a/src/core/platform/nm-platform.c
+++ b/src/core/platform/nm-platform.c
@@ -4363,7 +4363,8 @@ nm_platform_ip_route_get_prune_list(NMPlatform * self,
nm_assert(NM_IN_SET(route_table_sync,
NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN,
NM_IP_ROUTE_TABLE_SYNC_MODE_FULL,
- NM_IP_ROUTE_TABLE_SYNC_MODE_ALL));
+ NM_IP_ROUTE_TABLE_SYNC_MODE_ALL,
+ NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE));
nmp_lookup_init_object(&lookup, NMP_OBJECT_TYPE_IP_ROUTE(NM_IS_IPv4(addr_family)), ifindex);
head_entry = nm_platform_lookup(self, &lookup);
@@ -4375,16 +4376,24 @@ nm_platform_ip_route_get_prune_list(NMPlatform * self,
c_list_for_each (iter, &head_entry->lst_entries_head) {
const NMPObject *obj = c_list_entry(iter, NMDedupMultiEntry, lst_entries)->obj;
- if (route_table_sync == NM_IP_ROUTE_TABLE_SYNC_MODE_FULL) {
- if (nm_platform_ip_route_get_effective_table(NMP_OBJECT_CAST_IP_ROUTE(obj))
- == RT_TABLE_LOCAL)
- continue;
- } else if (route_table_sync == NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN) {
+ switch (route_table_sync) {
+ case NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN:
if (!nm_platform_route_table_is_main(
nm_platform_ip_route_get_effective_table(NMP_OBJECT_CAST_IP_ROUTE(obj))))
continue;
- } else
- nm_assert(route_table_sync == NM_IP_ROUTE_TABLE_SYNC_MODE_ALL);
+ break;
+ case NM_IP_ROUTE_TABLE_SYNC_MODE_FULL:
+ if (nm_platform_ip_route_get_effective_table(NMP_OBJECT_CAST_IP_ROUTE(obj))
+ == RT_TABLE_LOCAL)
+ continue;
+ break;
+ case NM_IP_ROUTE_TABLE_SYNC_MODE_ALL:
+ case NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE:
+ break;
+ default:
+ nm_assert_not_reached();
+ break;
+ }
g_ptr_array_add(routes_prune, (gpointer) nmp_object_ref(obj));
}
@@ -4679,7 +4688,7 @@ nm_platform_ip_route_flush(NMPlatform *self, int addr_family, int ifindex)
routes_prune = nm_platform_ip_route_get_prune_list(self,
AF_INET,
ifindex,
- NM_IP_ROUTE_TABLE_SYNC_MODE_ALL);
+ NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE);
success &= nm_platform_ip_route_sync(self, AF_INET, ifindex, NULL, routes_prune, NULL);
}
if (NM_IN_SET(addr_family, AF_UNSPEC, AF_INET6)) {
@@ -4688,7 +4697,7 @@ nm_platform_ip_route_flush(NMPlatform *self, int addr_family, int ifindex)
routes_prune = nm_platform_ip_route_get_prune_list(self,
AF_INET6,
ifindex,
- NM_IP_ROUTE_TABLE_SYNC_MODE_ALL);
+ NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE);
success &= nm_platform_ip_route_sync(self, AF_INET6, ifindex, NULL, routes_prune, NULL);
}
return success;
--
2.30.2
From 7e6bf896b89c6c51f3524fa26f1214f65e748843 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Mon, 22 Mar 2021 21:43:47 +0100
Subject: [PATCH 4/6] core: don't add ff00::/8 unicast route to
nm_ip6_config_add_dependent_routes()
This effectively reverts commit cd89026c5f4f ('core: add dependent
multicast route configured by kernel for IPv6').
It's not clear to me why this was done or why it would be correct.
True, kernel automatically adds multicast route like
multicast ff00::/8 dev $IFACE table local proto kernel metric 256 pref medium
But NetworkManager ignores all multicast routes for now. So the dependent
routes cannot contain multicast routes as they are not handled. Also,
the code added a unicast route, so I don't understand why the comment
is talking about multicast.
This seems just wrong. Drop it.
(cherry picked from commit c29d995000a147cecbe1dbaa9607936c1844ba10)
(cherry picked from commit 40bc834176fbe8c17a22c7ea77f3cb8aa6c407b6)
---
src/core/nm-ip6-config.c | 17 -----------------
1 file changed, 17 deletions(-)
diff --git a/src/core/nm-ip6-config.c b/src/core/nm-ip6-config.c
index 1f7def346510..f498fc796a44 100644
--- a/src/core/nm-ip6-config.c
+++ b/src/core/nm-ip6-config.c
@@ -396,23 +396,6 @@ nm_ip6_config_add_dependent_routes(NMIP6Config *self,
*
* For manually added IPv6 routes, add the device routes explicitly. */
- /* Pre-generate multicast route */
- {
- nm_auto_nmpobj NMPObject *r = NULL;
- NMPlatformIP6Route * route;
-
- r = nmp_object_new(NMP_OBJECT_TYPE_IP6_ROUTE, NULL);
- route = NMP_OBJECT_CAST_IP6_ROUTE(r);
- route->ifindex = ifindex;
- route->network.s6_addr[0] = 0xffu;
- route->plen = 8;
- route->table_coerced = nm_platform_route_table_coerce(RT_TABLE_LOCAL);
- route->type_coerced = nm_platform_route_type_coerce(RTN_UNICAST);
- route->metric = 256;
-
- _add_route(self, r, NULL, NULL);
- }
-
nm_ip_config_iter_ip6_address_for_each (&iter, self, &my_addr) {
NMPlatformIP6Route *route;
gboolean has_peer;
--
2.30.2
From 542388d6b508981656eb96e6940fdf3359ac1353 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Tue, 23 Mar 2021 10:05:30 +0100
Subject: [PATCH 5/6] core: minor cleanup in
nm_platform_ip_route_get_prune_list()
(cherry picked from commit fe1bf4c907c29997cbc6a28bc0781bfc419cb07f)
(cherry picked from commit 087c7f394cbffcf4bc786a8e92825059d340dfc9)
---
src/core/platform/nm-platform.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/src/core/platform/nm-platform.c b/src/core/platform/nm-platform.c
index 8cfcf8bc6654..45636ea85ed3 100644
--- a/src/core/platform/nm-platform.c
+++ b/src/core/platform/nm-platform.c
@@ -4374,22 +4374,22 @@ nm_platform_ip_route_get_prune_list(NMPlatform * self,
routes_prune = g_ptr_array_new_full(head_entry->len, (GDestroyNotify) nm_dedup_multi_obj_unref);
c_list_for_each (iter, &head_entry->lst_entries_head) {
- const NMPObject *obj = c_list_entry(iter, NMDedupMultiEntry, lst_entries)->obj;
+ const NMPObject * obj = c_list_entry(iter, NMDedupMultiEntry, lst_entries)->obj;
+ const NMPlatformIPXRoute *rt = NMP_OBJECT_CAST_IPX_ROUTE(obj);
switch (route_table_sync) {
case NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN:
- if (!nm_platform_route_table_is_main(
- nm_platform_ip_route_get_effective_table(NMP_OBJECT_CAST_IP_ROUTE(obj))))
+ if (!nm_platform_route_table_is_main(nm_platform_ip_route_get_effective_table(&rt->rx)))
continue;
break;
case NM_IP_ROUTE_TABLE_SYNC_MODE_FULL:
- if (nm_platform_ip_route_get_effective_table(NMP_OBJECT_CAST_IP_ROUTE(obj))
- == RT_TABLE_LOCAL)
+ if (nm_platform_ip_route_get_effective_table(&rt->rx) == RT_TABLE_LOCAL)
continue;
break;
case NM_IP_ROUTE_TABLE_SYNC_MODE_ALL:
case NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE:
break;
+
default:
nm_assert_not_reached();
break;
--
2.30.2
From 0a331bb0f4646e3590e30660ed5c4bf599275a8b Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Fri, 19 Mar 2021 21:20:52 +0100
Subject: [PATCH 6/6] core: don't add dependent local route for addresses
When adding an IPv4 address, kernel automatically adds a local route.
This is done by fib_add_ifaddr(). Note that if the address is
IFA_F_SECONDARY, then the "src" is the primary address. That means, with
nmcli connection add con-name t type ethernet ifname t autoconnect no \
ipv4.method manual ipv6.method disabled \
ipv4.addresses '192.168.77.10/24, 192.168.77.11/24'
we get two routes:
"local 192.168.77.10 dev t table local proto kernel scope host src 192.168.77.10"
"local 192.168.77.11 dev t table local proto kernel scope host src 192.168.77.10"
Our code would only generate instead:
"local 192.168.77.10 dev t table local proto kernel scope host src 192.168.77.10"
"local 192.168.77.11 dev t table local proto kernel scope host src 192.168.77.11"
Afterwards, this artificial route will be leaked:
#!/bin/bash
set -vx
nmcli connection delete t || :
ip link delete t || :
ip link add name t type veth peer t-veth
nmcli connection add con-name t type ethernet ifname t autoconnect no ipv4.method manual ipv4.addresses '192.168.77.10/24, 192.168.77.11/24' ipv6.method disabled
nmcli connection up t
ip route show table all dev t | grep --color '^\|192.168.77.11'
sleep 1
nmcli device modify t -ipv4.addresses 192.168.77.11/24
ip route show table all dev t | grep --color '^\|192.168.77.11'
ip route show table all dev t | grep -q 192.168.77.11 && echo "the local route 192.168.77.11 is still there, because NM adds a local route with wrong pref-src"
It will also be leaked because in the example above ipv4.route-table is
unset, so we are not in full route sync mode and the local table is not
synced.
This was introduced by commit 3e5fc04df320 ('core: add dependent local
routes configured by kernel'), but it's unclear to me why we really need
this. Drop it again and effectively revert commit 3e5fc04df320 ('core:
add dependent local routes configured by kernel').
I think this "solution" is still bad. We need to improve our route sync
approach with L3Cfg rework. For now, it's probably good enough.
https://bugzilla.redhat.com/show_bug.cgi?id=1907661
(cherry picked from commit 557644f5e03a77b3ebe09ceba672217959cf3bdc)
(cherry picked from commit eb1c607c7054ff6b60209ef3afb10db74e19305e)
---
src/core/nm-ip4-config.c | 15 ------
src/core/nm-ip6-config.c | 16 ------
src/core/platform/nm-platform.c | 91 +++++++++++++++++++++++++++++++++
3 files changed, 91 insertions(+), 31 deletions(-)
diff --git a/src/core/nm-ip4-config.c b/src/core/nm-ip4-config.c
index c49dfb4c34b8..608b7fc8b70c 100644
--- a/src/core/nm-ip4-config.c
+++ b/src/core/nm-ip4-config.c
@@ -649,21 +649,6 @@ nm_ip4_config_add_dependent_routes(NMIP4Config *self,
if (my_addr->external)
continue;
- /* Pre-generate local route added by kernel */
- r = nmp_object_new(NMP_OBJECT_TYPE_IP4_ROUTE, NULL);
- route = NMP_OBJECT_CAST_IP4_ROUTE(r);
- route->ifindex = ifindex;
- route->rt_source = NM_IP_CONFIG_SOURCE_KERNEL;
- route->network = my_addr->address;
- route->plen = 32;
- route->pref_src = my_addr->address;
- route->type_coerced = nm_platform_route_type_coerce(RTN_LOCAL);
- route->scope_inv = nm_platform_route_scope_inv(RT_SCOPE_HOST);
- route->table_coerced =
- nm_platform_route_table_coerce(is_vrf ? route_table : RT_TABLE_LOCAL);
- _add_route(self, r, NULL, NULL);
- nm_clear_pointer(&r, nmp_object_unref);
-
if (nm_utils_ip4_address_is_zeronet(network)) {
/* Kernel doesn't add device-routes for destinations that
* start with 0.x.y.z. Skip them. */
diff --git a/src/core/nm-ip6-config.c b/src/core/nm-ip6-config.c
index f498fc796a44..1e36050d9bff 100644
--- a/src/core/nm-ip6-config.c
+++ b/src/core/nm-ip6-config.c
@@ -404,22 +404,6 @@ nm_ip6_config_add_dependent_routes(NMIP6Config *self,
if (my_addr->external)
continue;
- {
- nm_auto_nmpobj NMPObject *r = NULL;
-
- /* Pre-generate local route added by kernel */
- r = nmp_object_new(NMP_OBJECT_TYPE_IP6_ROUTE, NULL);
- route = NMP_OBJECT_CAST_IP6_ROUTE(r);
- route->ifindex = ifindex;
- route->network = my_addr->address;
- route->plen = 128;
- route->type_coerced = nm_platform_route_type_coerce(RTN_LOCAL);
- route->metric = 0;
- route->table_coerced =
- nm_platform_route_table_coerce(is_vrf ? route_table : RT_TABLE_LOCAL);
- _add_route(self, r, NULL, NULL);
- }
-
if (NM_FLAGS_HAS(my_addr->n_ifa_flags, IFA_F_NOPREFIXROUTE))
continue;
if (my_addr->plen == 0)
diff --git a/src/core/platform/nm-platform.c b/src/core/platform/nm-platform.c
index 45636ea85ed3..459a33071700 100644
--- a/src/core/platform/nm-platform.c
+++ b/src/core/platform/nm-platform.c
@@ -4357,6 +4357,11 @@ nm_platform_ip_route_get_prune_list(NMPlatform * self,
GPtrArray * routes_prune;
const NMDedupMultiHeadEntry *head_entry;
CList * iter;
+ NMPlatformIP4Route rt_local4;
+ NMPlatformIP6Route rt_local6;
+ const NMPlatformLink * pllink;
+ const NMPlatformLnkVrf * lnk_vrf;
+ guint32 local_table;
nm_assert(NM_IS_PLATFORM(self));
nm_assert(NM_IN_SET(addr_family, AF_INET, AF_INET6));
@@ -4371,6 +4376,14 @@ nm_platform_ip_route_get_prune_list(NMPlatform * self,
if (!head_entry)
return NULL;
+ lnk_vrf = nm_platform_link_get_lnk_vrf(self, ifindex, &pllink);
+ if (!lnk_vrf && pllink && pllink->master > 0)
+ lnk_vrf = nm_platform_link_get_lnk_vrf(self, pllink->master, NULL);
+ local_table = lnk_vrf ? lnk_vrf->table : RT_TABLE_LOCAL;
+
+ rt_local4.plen = 0;
+ rt_local6.plen = 0;
+
routes_prune = g_ptr_array_new_full(head_entry->len, (GDestroyNotify) nm_dedup_multi_obj_unref);
c_list_for_each (iter, &head_entry->lst_entries_head) {
@@ -4387,6 +4400,84 @@ nm_platform_ip_route_get_prune_list(NMPlatform * self,
continue;
break;
case NM_IP_ROUTE_TABLE_SYNC_MODE_ALL:
+
+ /* FIXME: we should better handle routes that are automatically added by kernel.
+ *
+ * For now, make a good guess which are those routes and exclude them from
+ * pruning them. */
+
+ if (NM_IS_IPv4(addr_family)) {
+ /* for each IPv4 address kernel adds a route like
+ *
+ * local $ADDR dev $IFACE table local proto kernel scope host src $PRIMARY_ADDR
+ *
+ * Check whether route could be of that kind. */
+ if (nm_platform_ip_route_get_effective_table(&rt->rx) == local_table
+ && rt->rx.plen == 32 && rt->rx.rt_source == NM_IP_CONFIG_SOURCE_RTPROT_KERNEL
+ && rt->rx.metric == 0
+ && rt->r4.scope_inv == nm_platform_route_scope_inv(RT_SCOPE_HOST)
+ && rt->r4.gateway == INADDR_ANY) {
+ if (rt_local4.plen == 0) {
+ rt_local4 = (NMPlatformIP4Route){
+ .ifindex = ifindex,
+ .type_coerced = nm_platform_route_type_coerce(RTN_LOCAL),
+ .plen = 32,
+ .rt_source = NM_IP_CONFIG_SOURCE_RTPROT_KERNEL,
+ .metric = 0,
+ .table_coerced = nm_platform_route_table_coerce(local_table),
+ .scope_inv = nm_platform_route_scope_inv(RT_SCOPE_HOST),
+ .gateway = INADDR_ANY,
+ };
+ }
+
+ /* the possible "network" depends on the addresses we have. We don't check that
+ * carefully. If the other parameters match, we assume that this route is the one
+ * generated by kernel. */
+ rt_local4.network = rt->r4.network;
+ rt_local4.pref_src = rt->r4.pref_src;
+
+ /* to be more confident about comparing the value, use our nm_platform_ip4_route_cmp()
+ * implementation. That will also consider parameters that we leave unspecified here. */
+ if (nm_platform_ip4_route_cmp(&rt->r4,
+ &rt_local4,
+ NM_PLATFORM_IP_ROUTE_CMP_TYPE_SEMANTICALLY)
+ == 0)
+ continue;
+ }
+ } else {
+ /* for each IPv6 address (that is no longer tentative) kernel adds a route like
+ *
+ * local $ADDR dev $IFACE table local proto kernel metric 0 pref medium
+ *
+ * Same as for the IPv4 case. */
+ if (nm_platform_ip_route_get_effective_table(&rt->rx) == local_table
+ && rt->rx.plen == 128 && rt->rx.rt_source == NM_IP_CONFIG_SOURCE_RTPROT_KERNEL
+ && rt->rx.metric == 0 && rt->r6.rt_pref == NM_ICMPV6_ROUTER_PREF_MEDIUM
+ && IN6_IS_ADDR_UNSPECIFIED(&rt->r6.gateway)) {
+ if (rt_local6.plen == 0) {
+ rt_local6 = (NMPlatformIP6Route){
+ .ifindex = ifindex,
+ .type_coerced = nm_platform_route_type_coerce(RTN_LOCAL),
+ .plen = 128,
+ .rt_source = NM_IP_CONFIG_SOURCE_RTPROT_KERNEL,
+ .metric = 0,
+ .table_coerced = nm_platform_route_table_coerce(local_table),
+ .rt_pref = NM_ICMPV6_ROUTER_PREF_MEDIUM,
+ .gateway = IN6ADDR_ANY_INIT,
+ };
+ }
+
+ rt_local6.network = rt->r6.network;
+
+ if (nm_platform_ip6_route_cmp(&rt->r6,
+ &rt_local6,
+ NM_PLATFORM_IP_ROUTE_CMP_TYPE_SEMANTICALLY)
+ == 0)
+ continue;
+ }
+ }
+ break;
+
case NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE:
break;
--
2.30.2

View File

@ -1,112 +0,0 @@
From cb125986922b6e0bd33d68306f1602b19ea1a3de Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Tue, 14 Jul 2020 09:16:51 +0200
Subject: [PATCH 1/1] bond: avoid setting "active_slave" option without
interface enslaved
Kernel will reject setting "active_slave", if the interface is not enslaved or not
up. We already handle that by setting the option whenever we enslave an interface.
However, we also must not set it initially, otherwise we get an ugly error log message:
NetworkManager[939]: <debug> [1594709143.7459] platform-linux: sysctl: setting net:/sys/class/net/bond99/bonding/active_slave to eth1 (current value is )
NetworkManager[939]: <error> [1594709143.7459] platform-linux: sysctl: failed to set bonding/active_slave to eth1: (22) Invalid argument
NetworkManager[939]: <warn> [1594709143.7460] device (bond99): failed to set bonding attribute active_slave to eth1
...
kernel: bond99: (slave eth1): Device is not bonding slave
kernel: bond99: option active_slave: invalid value (eth1)
See-also: https://bugzilla.redhat.com/show_bug.cgi?id=1856640
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/577
(cherry picked from commit f0a39b517e06470c4b176ef0bbd49c2eef1d7ad7)
(cherry picked from commit e48c908e8cb5e0b426a4bf8d99608f73cd7890e4)
---
src/devices/nm-device-bond.c | 43 +++++++++++++++++++++++++++++++-----
1 file changed, 38 insertions(+), 5 deletions(-)
diff --git a/src/devices/nm-device-bond.c b/src/devices/nm-device-bond.c
index 2fedc753f350..e36eba61b0b2 100644
--- a/src/devices/nm-device-bond.c
+++ b/src/devices/nm-device-bond.c
@@ -8,6 +8,7 @@
#include "nm-device-bond.h"
#include <stdlib.h>
+#include <net/if.h>
#include "NetworkManagerUtils.h"
#include "nm-device-private.h"
@@ -261,6 +262,40 @@ set_bond_attr_or_default (NMDevice *device,
_set_bond_attr (device, opt, value);
}
+static void
+set_bond_attr_active_slave (NMDevice *device, NMSettingBond *s_bond)
+{
+ NMDeviceBond *self = NM_DEVICE_BOND (device);
+ const NMPlatformLink *plink;
+ const char *value;
+ const char *error_reason;
+ int ifindex;
+
+ value = nm_setting_bond_get_option_or_default (s_bond, NM_SETTING_BOND_OPTION_ACTIVE_SLAVE);
+ if (!value)
+ return;
+
+ if (!nm_str_is_empty (value)) {
+ ifindex = nm_device_get_ifindex (device);
+ plink = nm_platform_link_get_by_ifname (nm_device_get_platform (device), value);
+ if (!plink)
+ error_reason = "does not exist";
+ else if (plink->master != ifindex)
+ error_reason = "is not yet enslaved";
+ else if (!NM_FLAGS_HAS (plink->n_ifi_flags, IFF_UP))
+ error_reason = "is not up";
+ else
+ error_reason = NULL;
+
+ if (error_reason) {
+ _LOGT (LOGD_BOND, "bond option 'active_slave' not set as device \"%s\" %s", value, error_reason);
+ return;
+ }
+ }
+
+ _set_bond_attr (device, NM_SETTING_BOND_OPTION_ACTIVE_SLAVE, value);
+}
+
static gboolean
apply_bonding_config (NMDeviceBond *self)
{
@@ -300,7 +335,7 @@ apply_bonding_config (NMDeviceBond *self)
nm_setting_bond_get_option_or_default (s_bond, NM_SETTING_BOND_OPTION_ARP_IP_TARGET));
set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_AD_ACTOR_SYSTEM);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_ACTIVE_SLAVE);
+ set_bond_attr_active_slave (device, s_bond);
set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_AD_ACTOR_SYS_PRIO);
set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_AD_SELECT);
set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_AD_USER_PORT_KEY);
@@ -378,7 +413,7 @@ enslave_slave (NMDevice *device,
if (nm_streq0 (active, nm_device_get_iface (slave))) {
nm_platform_sysctl_master_set_option (nm_device_get_platform (device),
nm_device_get_ifindex (device),
- "active_slave",
+ NM_SETTING_BOND_OPTION_ACTIVE_SLAVE,
active);
_LOGD (LOGD_BOND, "setting slave %s as active one for master %s",
active, nm_device_get_iface (device));
@@ -577,10 +612,8 @@ reapply_connection (NMDevice *device, NMConnection *con_old, NMConnection *con_n
mode = _nm_setting_bond_mode_from_string (value);
g_return_if_fail (mode != NM_BOND_MODE_UNKNOWN);
- /* Primary */
set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_PRIMARY);
- /* Active slave */
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_ACTIVE_SLAVE);
+ set_bond_attr_active_slave (device, s_bond);
}
/*****************************************************************************/
--
2.26.2

View File

@ -1,114 +0,0 @@
From 66df6ba15a4b394a71c352011eb0915b381b821a Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Thu, 16 Jul 2020 11:57:14 +0200
Subject: [PATCH 1/2] manager: fix race condition when resuming from sleep
If the device state change (to disconnected or unmanaged) triggered by
a sleep event happens after the wake, the devices becomes wrongly
unmanaged and it's necessary to manually manage it again, or restart
NM.
During the wake event we should disconnect the device_sleep_cb()
callback for all devices because we don't want to react to state
changes anymore; in particular we don't need to detect when the device
becomes disconnected to unmanage it.
(cherry picked from commit fe2d93980bd5b61c55a8b65a55f7aad35042e691)
(cherry picked from commit 971897195a8218cb0ec08ae95a7210fce73f0b03)
---
src/nm-manager.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/nm-manager.c b/src/nm-manager.c
index 921125329e..d687fcd7f2 100644
--- a/src/nm-manager.c
+++ b/src/nm-manager.c
@@ -6048,8 +6048,9 @@ do_sleep_wake (NMManager *self, gboolean sleeping_changed)
} else {
_LOGD (LOGD_SUSPEND, "sleep: %s...", waking_from_suspend ? "waking up" : "re-enabling");
+ sleep_devices_clear (self);
+
if (waking_from_suspend) {
- sleep_devices_clear (self);
c_list_for_each_entry (device, &priv->devices_lst_head, devices_lst) {
if (nm_device_is_software (device))
continue;
--
2.26.2
From 29958141b98cd0abba614b15e6f24611382f8f99 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Thu, 16 Jul 2020 11:58:20 +0200
Subject: [PATCH 2/2] policy: block connection from autoconnect in case of
failed dependency
A connection that fails due to dependency-failed is not able to
reconnect until the master connection activates again; when this
happens, the master clears the blocked reason for all its slaves in
activate_slave_connections() and tries to reconnect them. For this to
work, the slave should be marked as blocked when it fails with
dependency-failed.
(cherry picked from commit 725fed01cf7c8508cf426897340b2a4113406aab)
(cherry picked from commit e1755048e35aca682c7d0d233122d4ddaf3bb089)
---
src/nm-policy.c | 33 +++++++++++++++++++++++++--------
1 file changed, 25 insertions(+), 8 deletions(-)
diff --git a/src/nm-policy.c b/src/nm-policy.c
index 62ead24253..e571034bc3 100644
--- a/src/nm-policy.c
+++ b/src/nm-policy.c
@@ -1787,7 +1787,7 @@ device_state_changed (NMDevice *device,
if ( sett_conn
&& old_state >= NM_DEVICE_STATE_PREPARE
&& old_state <= NM_DEVICE_STATE_ACTIVATED) {
- gboolean block_no_secrets = FALSE;
+ gboolean blocked = FALSE;
int tries;
guint64 con_v;
@@ -1807,15 +1807,32 @@ device_state_changed (NMDevice *device,
*/
con_v = nm_settings_connection_get_last_secret_agent_version_id (sett_conn);
if ( con_v == 0
- || con_v == nm_agent_manager_get_agent_version_id (priv->agent_mgr))
- block_no_secrets = TRUE;
+ || con_v == nm_agent_manager_get_agent_version_id (priv->agent_mgr)) {
+ _LOGD (LOGD_DEVICE, "connection '%s' now blocked from autoconnect due to no secrets",
+ nm_settings_connection_get_id (sett_conn));
+ nm_settings_connection_autoconnect_blocked_reason_set (sett_conn,
+ NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NO_SECRETS,
+ TRUE);
+ blocked = TRUE;
+ }
+ } else if (nm_device_state_reason_check (reason) == NM_DEVICE_STATE_REASON_DEPENDENCY_FAILED) {
+ /* A connection that fails due to dependency-failed is not
+ * able to reconnect until the master connection activates
+ * again; when this happens, the master clears the blocked
+ * reason for all its slaves in activate_slave_connections()
+ * and tries to reconnect them. For this to work, the slave
+ * should be marked as blocked when it fails with
+ * dependency-failed.
+ */
+ _LOGD (LOGD_DEVICE, "connection '%s' now blocked from autoconnect due to failed dependency",
+ nm_settings_connection_get_id (sett_conn));
+ nm_settings_connection_autoconnect_blocked_reason_set (sett_conn,
+ NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_FAILED,
+ TRUE);
+ blocked = TRUE;
}
- if (block_no_secrets) {
- _LOGD (LOGD_DEVICE, "connection '%s' now blocked from autoconnect due to no secrets",
- nm_settings_connection_get_id (sett_conn));
- nm_settings_connection_autoconnect_blocked_reason_set (sett_conn, NM_SETTINGS_AUTO_CONNECT_BLOCKED_REASON_NO_SECRETS, TRUE);
- } else {
+ if (!blocked) {
tries = nm_settings_connection_autoconnect_retries_get (sett_conn);
if (tries > 0) {
_LOGD (LOGD_DEVICE, "connection '%s' failed to autoconnect; %d tries left",
--
2.26.2

View File

@ -0,0 +1,79 @@
From 31e882a46229c74649216ddc80fdb2ecbf75ab9e Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Tue, 16 Mar 2021 10:00:44 +0100
Subject: [PATCH 1/1] initrd: fix crash parsing empty rd.znet argument
Ignore a rd.znet argument without subchannels. When using net.ifnames
(the default), subchannels are used to build the interface name, which
is required to match the right connection.
With net.ifnames=0 the interface name is build using a prefix and a
global counter and therefore in theory it is possible to omit
subchannels. However, without subchannels there won't be a udev rule
that renames the interface and so it can't work.
https://bugzilla.redhat.com/show_bug.cgi?id=1931284
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/783
(cherry picked from commit 0f8fe3c76b9ecdf52c1690295f7dcc7b7ade16b6)
(cherry picked from commit d0d2d97ca51444bc7013943748ede334cc79a33f)
---
src/core/initrd/nmi-cmdline-reader.c | 5 +++++
src/core/initrd/tests/test-cmdline-reader.c | 19 +++++++++++++++++++
2 files changed, 24 insertions(+)
diff --git a/src/core/initrd/nmi-cmdline-reader.c b/src/core/initrd/nmi-cmdline-reader.c
index 5f40f63ef269..e3ecc7d969bb 100644
--- a/src/core/initrd/nmi-cmdline-reader.c
+++ b/src/core/initrd/nmi-cmdline-reader.c
@@ -917,6 +917,11 @@ reader_parse_rd_znet(Reader *reader, char *argument, gboolean net_ifnames)
subchannels[0] = get_word(&argument, ',');
subchannels[1] = get_word(&argument, ',');
+ /* Without subchannels we can't univocally match
+ * a device. */
+ if (!subchannels[0] || !subchannels[1])
+ return;
+
if (nm_streq0(nettype, "ctc")) {
if (net_ifnames == TRUE) {
prefix = "sl";
diff --git a/src/core/initrd/tests/test-cmdline-reader.c b/src/core/initrd/tests/test-cmdline-reader.c
index 4b450aae0fa4..ba072e7933dc 100644
--- a/src/core/initrd/tests/test-cmdline-reader.c
+++ b/src/core/initrd/tests/test-cmdline-reader.c
@@ -1815,6 +1815,24 @@ test_rd_znet_no_ip(void)
g_assert_cmpint(g_hash_table_size(connections), ==, 0);
}
+static void
+test_rd_znet_malformed(void)
+{
+ const char *const *const ARGV0 = NM_MAKE_STRV("rd.znet=");
+ const char *const *const ARGV1 = NM_MAKE_STRV("rd.znet=,");
+ const char *const *const ARGV2 = NM_MAKE_STRV("rd.znet=foobar");
+ const char *const *const ARGV3 = NM_MAKE_STRV("rd.znet=qeth,0.0.0800,,,layer2=0,portno=1");
+ const char *const *const ARGV[] = {ARGV0, ARGV1, ARGV2, ARGV3};
+ guint i;
+
+ for (i = 0; i < G_N_ELEMENTS(ARGV); i++) {
+ gs_unref_hashtable GHashTable *connections = NULL;
+
+ connections = _parse_cons(ARGV[i]);
+ g_assert_cmpint(g_hash_table_size(connections), ==, 0);
+ }
+}
+
static void
test_bootif_ip(void)
{
@@ -2173,6 +2191,7 @@ main(int argc, char **argv)
g_test_add_func("/initrd/cmdline/rd_znet", test_rd_znet);
g_test_add_func("/initrd/cmdline/rd_znet/legacy", test_rd_znet_legacy);
g_test_add_func("/initrd/cmdline/rd_znet/no_ip", test_rd_znet_no_ip);
+ g_test_add_func("/initrd/cmdline/rd_znet/empty", test_rd_znet_malformed);
g_test_add_func("/initrd/cmdline/bootif/ip", test_bootif_ip);
g_test_add_func("/initrd/cmdline/bootif/no_ip", test_bootif_no_ip);
g_test_add_func("/initrd/cmdline/bootif/hwtype", test_bootif_hwtype);
--
2.30.2

View File

@ -0,0 +1,79 @@
From 0bd46e9042970cdf82d2cc9dcf8d491f3237b408 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Wed, 24 Mar 2021 21:05:19 +0100
Subject: [PATCH 1/1] core: fix crash in nm_wildcard_match_check()
It's not entirely clear how to treat %NULL.
Clearly "match.interface-name=eth0" should not
match with an interface %NULL. But what about
"match.interface-name=!eth0"? It's now implemented
that negative matches still succeed against %NULL.
What about "match.interface-name=*"? That probably
should also match with %NULL. So we treat %NULL really
like "".
Against commit 11cd443448bc ('iwd: Don't call IWD methods when device
unmanaged'), we got this backtrace:
#0 0x00007f1c164069f1 in __strnlen_avx2 () at ../sysdeps/x86_64/multiarch/strlen-avx2.S:62
#1 0x00007f1c1637ac9e in __fnmatch (pattern=<optimized out>, string=<optimized out>, string@entry=0x0, flags=flags@entry=0) at fnmatch.c:379
p = 0x0
res = <optimized out>
orig_pattern = <optimized out>
n = <optimized out>
wpattern = 0x7fff8d860730 L"pci-0000:03:00.0"
ps = {__count = 0, __value = {__wch = 0, __wchb = "\000\000\000"}}
wpattern_malloc = 0x0
wstring_malloc = 0x0
wstring = <optimized out>
alloca_used = 80
__PRETTY_FUNCTION__ = "__fnmatch"
#2 0x0000564484a978bf in nm_wildcard_match_check (str=0x0, patterns=<optimized out>, num_patterns=<optimized out>) at src/core/nm-core-utils.c:1959
is_inverted = 0
is_mandatory = 0
match = <optimized out>
p = 0x564486c43fa0 "pci-0000:03:00.0"
has_optional = 0
has_any_optional = 0
i = <optimized out>
#3 0x0000564484bf4797 in check_connection_compatible (self=<optimized out>, connection=<optimized out>, error=0x0) at src/core/devices/nm-device.c:7499
patterns = <optimized out>
device_driver = 0x564486c76bd0 "veth"
num_patterns = 1
priv = 0x564486cbe0b0
__func__ = "check_connection_compatible"
device_iface = <optimized out>
local = 0x564486c99a60
conn_iface = 0x0
klass = <optimized out>
s_match = 0x564486c63df0 [NMSettingMatch]
#4 0x0000564484c38491 in check_connection_compatible (device=0x564486cbe590 [NMDeviceVeth], connection=0x564486c6b160, error=0x0) at src/core/devices/nm-device-ethernet.c:348
self = 0x564486cbe590 [NMDeviceVeth]
s_wired = <optimized out>
Fixes: 3ced486f4162 ('libnm/match: extend syntax for match patterns with '|', '&', '!' and '\\'')
https://bugzilla.redhat.com/show_bug.cgi?id=1942741
(cherry picked from commit 420784e342da4883f6debdfe10cde68507b10d27)
(cherry picked from commit eaba0b48458a34494d91dc85e6eb5bd7e2b9b2d0)
---
src/core/nm-core-utils.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/core/nm-core-utils.c b/src/core/nm-core-utils.c
index 9075c30dd0c5..eed8cd7ec157 100644
--- a/src/core/nm-core-utils.c
+++ b/src/core/nm-core-utils.c
@@ -1956,7 +1956,8 @@ nm_wildcard_match_check(const char *str, const char *const *patterns, guint num_
_pattern_parse(patterns[i], &p, &is_inverted, &is_mandatory);
- match = (fnmatch(p, str, 0) == 0);
+ match = (fnmatch(p, str ?: "", 0) == 0);
+
if (is_inverted)
match = !match;
--
2.30.2

View File

@ -1,57 +0,0 @@
From ab260205b54bf3ae4862c11a2d47b84ff6cebe24 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Mon, 3 Aug 2020 18:02:08 +0200
Subject: [PATCH 1/1] n-dhcp4: fix BPF filter endianness issue
The BPF filter takes the byte containing IP Flags and performs a
bitwise AND with "ntohs(IP_MF | IP_OFFMASK)".
On little-endian architectures the IP_MF flag (0x20) is ANDed with
0xFF3F and so the presence of the flag is correctly detected ignoring
other flags as IP_DF (0x40) or IP_RF (0x80).
On big-endian, "ntohs(IP_MF | IP_OFFMASK)" is 0x3FFF and so the filter
wrongly checks the presence of *any* flags. Therefore, a packet with
the DF flag set is dropped.
Instead, take the two bytes containing flags and offset:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version| IHL |Type of Service| Total Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Identification |Flags| Fragment Offset |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
and verify that IP_MF and the offset are zero.
Fixes: e43b1791a382 ('Merge commit 'e23b3c9c3ac86b065eef002fa5c4321cc4a87df2' as 'shared/n-dhcp4'')
https://bugzilla.redhat.com/show_bug.cgi?id=1861488
https://github.com/nettools/n-dhcp4/pull/19
(cherry picked from commit 03d38e83e558802a82cb0e4847cb1f1ef75ccd16)
(cherry picked from commit 0024cef23850e6141a15cb02d92551adef3cf4dd)
(cherry picked from commit 80835f8f8991ae8292790826afa3a5fc88b44d1a)
---
shared/n-dhcp4/src/n-dhcp4-socket.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/shared/n-dhcp4/src/n-dhcp4-socket.c b/shared/n-dhcp4/src/n-dhcp4-socket.c
index c7e897726ef8..7291c78036bc 100644
--- a/shared/n-dhcp4/src/n-dhcp4-socket.c
+++ b/shared/n-dhcp4/src/n-dhcp4-socket.c
@@ -50,8 +50,8 @@ int n_dhcp4_c_socket_packet_new(int *sockfdp, int ifindex) {
BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, IPPROTO_UDP, 1, 0), /* IP protocol == UDP ? */
BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
- BPF_STMT(BPF_LD + BPF_B + BPF_ABS, offsetof(struct iphdr, frag_off)), /* A <- Flags */
- BPF_STMT(BPF_ALU + BPF_AND + BPF_K, ntohs(IP_MF | IP_OFFMASK)), /* A <- A & (IP_MF | IP_OFFMASK) */
+ BPF_STMT(BPF_LD + BPF_H + BPF_ABS, offsetof(struct iphdr, frag_off)), /* A <- Flags + Fragment offset */
+ BPF_STMT(BPF_ALU + BPF_AND + BPF_K, IP_MF | IP_OFFMASK), /* A <- A & (IP_MF | IP_OFFMASK) */
BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, 0, 1, 0), /* fragmented packet ? */
BPF_STMT(BPF_RET + BPF_K, 0), /* ignore */
--
2.26.2

View File

@ -1,62 +0,0 @@
From 7aa3b439df293b16597df3a0a2baa6caf3bb1322 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Thu, 23 Jul 2020 17:18:56 +0200
Subject: [PATCH 1/1] device: downgrade warning about IPv6 MTU if IPv6 is
disabled
If IPv6 is disabled, changing the IPv6 MTU fails and NM complains with
a warning. Since this error is expected and doesn't do any harm,
downgrade the logging level to DEBUG.
Since IPv6 kernel support can be built as a module, we have to check
the existence of /proc/sys/net/ipv6 every time. Instead of checking it
and then setting the MTU (adding one /proc access for everyone), just try
to set the MTU; in case of failure, determine the reason for the error.
https://bugzilla.redhat.com/show_bug.cgi?id=1840989
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/585
(cherry picked from commit 9c09dcedafd51da65c04669b830bc9652000d462)
(cherry picked from commit ce3dffd24eb21924a332794bc66705dbd6c052a2)
---
src/devices/nm-device.c | 23 +++++++++++++++++------
1 file changed, 17 insertions(+), 6 deletions(-)
diff --git a/src/devices/nm-device.c b/src/devices/nm-device.c
index 57c32cef8f09..24209c8614f1 100644
--- a/src/devices/nm-device.c
+++ b/src/devices/nm-device.c
@@ -10268,14 +10268,25 @@ _commit_mtu (NMDevice *self, const NMIP4Config *config)
if (!nm_device_sysctl_ip_conf_set (self, AF_INET6, "mtu",
nm_sprintf_buf (sbuf, "%u", (unsigned) ip6_mtu))) {
int errsv = errno;
+ NMLogLevel level = LOGL_WARN;
+ const char *msg = NULL;
- _NMLOG (anticipated_failure && errsv == EINVAL ? LOGL_DEBUG : LOGL_WARN,
- LOGD_DEVICE,
- "mtu: failure to set IPv6 MTU%s",
- anticipated_failure && errsv == EINVAL
- ? ": Is the underlying MTU value successfully set?"
- : "");
success = FALSE;
+
+ if (anticipated_failure && errsv == EINVAL) {
+ level = LOGL_DEBUG;
+ msg = "Is the underlying MTU value successfully set?";
+ } else if (!g_file_test ("/proc/sys/net/ipv6", G_FILE_TEST_IS_DIR)) {
+ level = LOGL_DEBUG;
+ msg = "IPv6 is disabled";
+ success = TRUE;
+ }
+
+ _NMLOG (level,
+ LOGD_DEVICE,
+ "mtu: failure to set IPv6 MTU%s%s",
+ msg ? ": " : "",
+ msg ?: "");
}
priv->carrier_wait_until_ms = nm_utils_get_monotonic_timestamp_msec () + CARRIER_WAIT_TIME_AFTER_MTU_MS;
}
--
2.26.2

View File

@ -0,0 +1,144 @@
From eba6e2d5f34bea51064cb6f0303255acf3196abf Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Wed, 10 Mar 2021 09:18:59 +0100
Subject: [PATCH 1/2] initrd: fix may-fail for IPv6
(cherry picked from commit 5f736465249fd16115120f022aa0eb5ddf0b2bfc)
(cherry picked from commit 1bf1a902beea3a1b9505cf8c9177d74cfea859b3)
---
src/core/initrd/nmi-cmdline-reader.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/initrd/nmi-cmdline-reader.c b/src/core/initrd/nmi-cmdline-reader.c
index e3ecc7d969..6d3b2b7dda 100644
--- a/src/core/initrd/nmi-cmdline-reader.c
+++ b/src/core/initrd/nmi-cmdline-reader.c
@@ -599,7 +599,7 @@ reader_parse_ip(Reader *reader, const char *sysfs_dir, char *argument)
NULL);
}
} else if (NM_IN_STRSET(kind, "auto6", "dhcp6")) {
- g_object_set(s_ip4, NM_SETTING_IP_CONFIG_MAY_FAIL, FALSE, NULL);
+ g_object_set(s_ip6, NM_SETTING_IP_CONFIG_MAY_FAIL, FALSE, NULL);
if (nm_setting_ip_config_get_num_addresses(s_ip4) == 0) {
g_object_set(s_ip4,
NM_SETTING_IP_CONFIG_METHOD,
--
2.29.2
From 118d46a3122ac35b0e4447c976f77a4ccdbdea33 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Thu, 11 Mar 2021 09:15:37 +0100
Subject: [PATCH 2/2] initrd: set multi-connect=single for connections with
static IP
We don't want to have multiple devices up with the same static IP. Set
multi-connect=single.
https://bugzilla.redhat.com/show_bug.cgi?id=1915493
(cherry picked from commit c27626a0ce4da8438503d764815542927def6dce)
(cherry picked from commit fafefc71f826643ce8279f6a88f97d03f92e8422)
---
src/core/initrd/nmi-cmdline-reader.c | 12 +++++-
src/core/initrd/tests/test-cmdline-reader.c | 42 +++++++++++++++++++++
2 files changed, 52 insertions(+), 2 deletions(-)
diff --git a/src/core/initrd/nmi-cmdline-reader.c b/src/core/initrd/nmi-cmdline-reader.c
index 6d3b2b7dda..eae75847ee 100644
--- a/src/core/initrd/nmi-cmdline-reader.c
+++ b/src/core/initrd/nmi-cmdline-reader.c
@@ -393,8 +393,9 @@ reader_read_all_connections_from_fw(Reader *reader, const char *sysfs_dir)
static void
reader_parse_ip(Reader *reader, const char *sysfs_dir, char *argument)
{
- NMConnection * connection;
- NMSettingIPConfig *s_ip4 = NULL, *s_ip6 = NULL;
+ NMConnection * connection;
+ NMSettingConnection *s_con;
+ NMSettingIPConfig * s_ip4 = NULL, *s_ip6 = NULL;
gs_unref_hashtable GHashTable *ibft = NULL;
const char * tmp;
const char * tmp2;
@@ -495,6 +496,7 @@ reader_parse_ip(Reader *reader, const char *sysfs_dir, char *argument)
g_hash_table_add(reader->explicit_ip_connections, g_object_ref(connection));
+ s_con = nm_connection_get_setting_connection(connection);
s_ip4 = nm_connection_get_setting_ip4_config(connection);
s_ip6 = nm_connection_get_setting_ip6_config(connection);
@@ -544,6 +546,12 @@ reader_parse_ip(Reader *reader, const char *sysfs_dir, char *argument)
nm_assert_not_reached();
if (address) {
+ /* We don't want to have multiple devices up with the
+ * same static address. */
+ g_object_set(s_con,
+ NM_SETTING_CONNECTION_MULTI_CONNECT,
+ NM_CONNECTION_MULTI_CONNECT_SINGLE,
+ NULL);
switch (client_ip_family) {
case AF_INET:
g_object_set(s_ip4,
diff --git a/src/core/initrd/tests/test-cmdline-reader.c b/src/core/initrd/tests/test-cmdline-reader.c
index ba072e7933..187d61c9dc 100644
--- a/src/core/initrd/tests/test-cmdline-reader.c
+++ b/src/core/initrd/tests/test-cmdline-reader.c
@@ -455,6 +455,47 @@ test_if_ip4_manual(void)
g_assert(nm_setting_ip_config_get_may_fail(s_ip6));
}
+static void
+test_if_ip4_manual_no_dev(void)
+{
+ gs_unref_hashtable GHashTable *connections = NULL;
+ const char *const * ARGV = NM_MAKE_STRV("ip=192.0.2.2::192.0.2.1:24:::");
+ NMConnection * connection;
+ NMSettingConnection * s_con;
+ NMSettingIPConfig * s_ip4;
+ NMSettingIPConfig * s_ip6;
+ NMIPAddress * ip_addr;
+
+ connection = _parse_con(ARGV, "default_connection");
+ g_assert_cmpstr(nm_connection_get_id(connection), ==, "Wired Connection");
+
+ s_con = nm_connection_get_setting_connection(connection);
+ g_assert(s_con);
+ g_assert_cmpint(nm_setting_connection_get_wait_device_timeout(s_con), ==, -1);
+ g_assert_cmpint(nm_setting_connection_get_multi_connect(s_con),
+ ==,
+ NM_CONNECTION_MULTI_CONNECT_SINGLE);
+
+ s_ip4 = nm_connection_get_setting_ip4_config(connection);
+ g_assert(s_ip4);
+ g_assert_cmpstr(nm_setting_ip_config_get_method(s_ip4),
+ ==,
+ NM_SETTING_IP4_CONFIG_METHOD_MANUAL);
+ g_assert(!nm_setting_ip_config_get_ignore_auto_dns(s_ip4));
+ g_assert_cmpint(nm_setting_ip_config_get_num_routes(s_ip4), ==, 0);
+ g_assert_cmpint(nm_setting_ip_config_get_num_addresses(s_ip4), ==, 1);
+ ip_addr = nm_setting_ip_config_get_address(s_ip4, 0);
+ g_assert(ip_addr);
+ g_assert_cmpstr(nm_ip_address_get_address(ip_addr), ==, "192.0.2.2");
+ g_assert_cmpint(nm_ip_address_get_prefix(ip_addr), ==, 24);
+ g_assert_cmpstr(nm_setting_ip_config_get_gateway(s_ip4), ==, "192.0.2.1");
+
+ s_ip6 = nm_connection_get_setting_ip6_config(connection);
+ g_assert(s_ip6);
+ g_assert_cmpstr(nm_setting_ip_config_get_method(s_ip6), ==, NM_SETTING_IP6_CONFIG_METHOD_AUTO);
+ g_assert(nm_setting_ip_config_get_may_fail(s_ip6));
+}
+
static void
test_if_ip6_manual(void)
{
@@ -2165,6 +2206,7 @@ main(int argc, char **argv)
g_test_add_func("/initrd/cmdline/if_dhcp6", test_if_dhcp6);
g_test_add_func("/initrd/cmdline/if_auto_with_mtu_and_mac", test_if_auto_with_mtu_and_mac);
g_test_add_func("/initrd/cmdline/if_ip4_manual", test_if_ip4_manual);
+ g_test_add_func("/initrd/cmdline/if_ip4_manual_no_dev", test_if_ip4_manual_no_dev);
g_test_add_func("/initrd/cmdline/if_ip6_manual", test_if_ip6_manual);
g_test_add_func("/initrd/cmdline/if_mac_ifname", test_if_mac_ifname);
g_test_add_func("/initrd/cmdline/if_off", test_if_off);
--
2.29.2

View File

@ -1,87 +0,0 @@
From c71d29b3dbe13d6ce456200d9e8ce9d0739eb368 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Mon, 3 Aug 2020 09:54:04 +0200
Subject: [PATCH 1/1] wifi: avoid crash due to incomplete Wi-Fi API info
In this case, GetAll failed with "Timeout was reached". We still
create a dummy BSS info, because we kept track of the object to
start with. That way, we don't simply want to ignore the failure,
because NMDeviceWifi might track this NMWifiAP already, and we may
need an update (even if we failed to fetch the requested information).
However, that later leads to a crash, because NMDeviceWifi expect the BSSID
present then.
Avoid that, by don't processing such APs.
#0 g_logv (log_domain=0x7f2ac10a60a9 "NetworkManager", log_level=G_LOG_LEVEL_CRITICAL, format=<optimized out>, args=<optimized out>) at ../glib/gmessages.c:1377
#1 0x00007f2acf152233 in g_log
(log_domain=log_domain@entry=0x7f2ac10a60a9 "NetworkManager", log_level=log_level@entry=G_LOG_LEVEL_CRITICAL, format=format@entry=0x7f2acf1a46ff "%s: assertion '%s' failed")
at ../glib/gmessages.c:1415
#2 0x00007f2acf152a2d in g_return_if_fail_warning
(log_domain=log_domain@entry=0x7f2ac10a60a9 "NetworkManager", pretty_function=pretty_function@entry=0x7f2ac10a9e70 <__func__.50> "try_fill_ssid_for_hidden_ap", expression=expression@entry=0x7f2ac10a86d0 "bssid") at ../glib/gmessages.c:2771
#3 0x00007f2ac108a402 in try_fill_ssid_for_hidden_ap (ap=0x5569978b61c0 [NMWifiAP], self=0x55699786ea00 [NMDeviceWifi]) at src/devices/wifi/nm-device-wifi.c:1883
#4 supplicant_iface_bss_changed_cb (iface=0x556997777260 [NMSupplicantInterface], bss_info=0x7f2ab4028f00, is_present=1, self=0x55699786ea00 [NMDeviceWifi])
at src/devices/wifi/nm-device-wifi.c:1946
#5 0x00007f2ace246af0 in ffi_call_unix64 () at ../src/x86/unix64.S:76
#6 0x00007f2ace2462ab in ffi_call (cif=cif@entry=0x7ffd9c107c90, fn=fn@entry=0x7f2ac1089e80 <supplicant_iface_bss_changed_cb>, rvalue=<optimized out>, avalue=avalue@entry=0x7ffd9c107ba0)
at ../src/x86/ffi64.c:525
#7 0x00007f2acf23e87a in g_cclosure_marshal_generic_va
(closure=<optimized out>, return_value=<optimized out>, instance=<optimized out>, args_list=<optimized out>, marshal_data=<optimized out>, n_params=<optimized out>, param_types=<optimized out>) at ../gobject/gclosure.c:1614
#8 0x00007f2acf23dae6 in _g_closure_invoke_va
(closure=closure@entry=0x5569978a0cc0, return_value=return_value@entry=0x0, instance=instance@entry=0x556997777260, args=args@entry=0x7ffd9c107f00, n_params=2, param_types=0x55699775b990) at ../gobject/gclosure.c:873
#9 0x00007f2acf2566e9 in g_signal_emit_valist (instance=0x556997777260, signal_id=<optimized out>, detail=0, var_args=var_args@entry=0x7ffd9c107f00) at ../gobject/gsignal.c:3407
#10 0x00007f2acf256c63 in g_signal_emit (instance=instance@entry=0x556997777260, signal_id=<optimized out>, detail=detail@entry=0) at ../gobject/gsignal.c:3554
#11 0x00005569972ece61 in _bss_info_changed_emit (self=self@entry=0x556997777260 [NMSupplicantInterface], bss_info=bss_info@entry=0x7f2ab4028f00, is_present=is_present@entry=1)
at src/supplicant/nm-supplicant-interface.c:555
#12 0x00005569972ed3a0 in _bss_info_properties_changed (self=0x556997777260 [NMSupplicantInterface], bss_info=0x7f2ab4028f00, properties=<optimized out>, initial=<optimized out>)
at src/supplicant/nm-supplicant-interface.c:758
#13 0x00005569972f756b in _bss_info_get_all_cb (result=0x0, error=<optimized out>, user_data=0x7f2ab4028f00) at src/supplicant/nm-supplicant-interface.c:784
#14 0x0000556997217bc1 in _nm_dbus_connection_call_default_cb (source=0x5569977480c0 [GDBusConnection], res=<optimized out>, user_data=user_data@entry=0x556997855d50)
at shared/nm-glib-aux/nm-dbus-aux.c:74
#15 0x00007f2acf339e4a in g_task_return_now (task=task@entry=0x7f2ab4003f00 [GTask]) at ../gio/gtask.c:1214
#16 0x00007f2acf33aa3d in g_task_return (task=0x7f2ab4003f00 [GTask], type=<optimized out>) at ../gio/gtask.c:1283
#17 0x00007f2acf33b4fe in g_task_return (type=G_TASK_RETURN_ERROR, task=<optimized out>) at ../gio/gtask.c:1861
#18 g_task_return_error (task=<optimized out>, error=<optimized out>) at ../gio/gtask.c:1867
#19 0x0000556997893f40 in ()
#20 0x3a85d39adfae7f00 in ()
#21 0x00007f2ab4003cc0 in ()
#22 0x00007f2acf396460 in g_dbus_connection_call_done () at ../gio/gdbusconnection.c:2059
#23 0x00007f2ab4003f00 in ()
#24 0x0000000000000086 in ()
#25 0x0000000000000018 in ()
#26 0x00007f2acf339e4a in g_task_return_now (task=0x7f2ab4003f00 [GTask], task@entry=0x7f2ab4003cc0 [GTask]) at ../gio/gtask.c:1214
#27 0x00007f2acf33aa3d in g_task_return (task=0x7f2ab4003cc0 [GTask], type=<optimized out>) at ../gio/gtask.c:1283
#28 0x00007f2acf33b4fe in g_task_return (type=G_TASK_RETURN_ERROR, task=<optimized out>) at ../gio/gtask.c:1861
#29 g_task_return_error (task=<optimized out>, error=<optimized out>) at ../gio/gtask.c:1867
#30 0x0000003000000028 in ()
#31 0x00007ffd9c108290 in ()
Fixes: b83f07916a54 ('supplicant: large rework of wpa_supplicant handling')
(cherry picked from commit 4d878d7012cd9dc031682ef5e5b025081427325b)
(cherry picked from commit 029d07b019ea6532fbf6f8db03efb648f0931625)
---
src/devices/wifi/nm-device-wifi.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/devices/wifi/nm-device-wifi.c b/src/devices/wifi/nm-device-wifi.c
index 2d97f9b117a2..2a3428861737 100644
--- a/src/devices/wifi/nm-device-wifi.c
+++ b/src/devices/wifi/nm-device-wifi.c
@@ -1937,6 +1937,13 @@ supplicant_iface_bss_changed_cb (NMSupplicantInterface *iface,
} else {
gs_unref_object NMWifiAP *ap = NULL;
+ if (!bss_info->bssid_valid) {
+ /* We failed to initialize the info about the AP. This can
+ * happen due to an error in the D-Bus communication. In this case
+ * we ignore the info. */
+ return;
+ }
+
ap = nm_wifi_ap_new_from_properties (bss_info);
/* Let the manager try to fill in the SSID from seen-bssids lists */
--
2.26.2

View File

@ -1,32 +0,0 @@
From e8e245f0ce414bbe9b8ef6c13404b73b12dd34ad Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Mon, 29 Jun 2020 09:52:18 +0200
Subject: [PATCH 1/1] cloud-setup: fix allocating buffer for
GetConfigMetadataMac in _get_config_metadata_ready_check()
It's not a severe issue, because the GetConfigMetadataData struct is
larger than GetConfigMetadataMac.
Fixes: 69f048bf0ca3 ('cloud-setup: add tool for automatic IP configuration in cloud')
(cherry picked from commit 460afe6d502f2a8f158739c176302fd7fa072913)
(cherry picked from commit 181fd5c611e070c0563ec2659c8642ffe567e738)
---
clients/cloud-setup/nmcs-provider-ec2.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/clients/cloud-setup/nmcs-provider-ec2.c b/clients/cloud-setup/nmcs-provider-ec2.c
index c8db31f97f67..3b5f6d36a82e 100644
--- a/clients/cloud-setup/nmcs-provider-ec2.c
+++ b/clients/cloud-setup/nmcs-provider-ec2.c
@@ -487,7 +487,7 @@ _get_config_metadata_ready_check (long response_code,
if (!response_parsed)
response_parsed = g_hash_table_new_full (nm_str_hash, g_str_equal, g_free, g_free);
- mac_data = g_malloc (sizeof (GetConfigMetadataData) + 1 + p_start_l);
+ mac_data = g_malloc (sizeof (GetConfigMetadataMac) + 1 + p_start_l);
mac_data->iface_idx = iface_idx_counter++;
memcpy (mac_data->path, p_start, p_start_l);
mac_data->path[p_start_l] = '\0';
--
2.26.2

View File

@ -1,42 +0,0 @@
From 4468cfce13bdbc0ac865ee59722ed0e4f1b537a1 Mon Sep 17 00:00:00 2001
From: Antonio Cardace <acardace@redhat.com>
Date: Tue, 4 Aug 2020 18:36:39 +0200
Subject: [PATCH] shared: extend NM_IN_STRSET and NM_IN_SET to support up to 20
args
https://bugzilla.redhat.com/show_bug.cgi?id=1847814
(cherry picked from commit 2e70391033b5b3414491edcd8656499512342619)
(cherry picked from commit 908d1f6cb79739f3307bfcfd64b338e215f9e4a6)
---
shared/nm-glib-aux/nm-macros-internal.h | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/shared/nm-glib-aux/nm-macros-internal.h b/shared/nm-glib-aux/nm-macros-internal.h
index f56ed8569..15bcd7e58 100644
--- a/shared/nm-glib-aux/nm-macros-internal.h
+++ b/shared/nm-glib-aux/nm-macros-internal.h
@@ -732,6 +732,10 @@ NM_G_ERROR_MSG (GError *error)
#define _NM_IN_SET_EVAL_14(op, _x, y, ...) (_x == (y)) op _NM_IN_SET_EVAL_13 (op, _x, __VA_ARGS__)
#define _NM_IN_SET_EVAL_15(op, _x, y, ...) (_x == (y)) op _NM_IN_SET_EVAL_14 (op, _x, __VA_ARGS__)
#define _NM_IN_SET_EVAL_16(op, _x, y, ...) (_x == (y)) op _NM_IN_SET_EVAL_15 (op, _x, __VA_ARGS__)
+#define _NM_IN_SET_EVAL_17(op, _x, y, ...) (_x == (y)) op _NM_IN_SET_EVAL_16 (op, _x, __VA_ARGS__)
+#define _NM_IN_SET_EVAL_18(op, _x, y, ...) (_x == (y)) op _NM_IN_SET_EVAL_17 (op, _x, __VA_ARGS__)
+#define _NM_IN_SET_EVAL_19(op, _x, y, ...) (_x == (y)) op _NM_IN_SET_EVAL_18 (op, _x, __VA_ARGS__)
+#define _NM_IN_SET_EVAL_20(op, _x, y, ...) (_x == (y)) op _NM_IN_SET_EVAL_19 (op, _x, __VA_ARGS__)
#define _NM_IN_SET_EVAL_N2(op, _x, n, ...) (_NM_IN_SET_EVAL_##n(op, _x, __VA_ARGS__))
#define _NM_IN_SET_EVAL_N(op, type, x, n, ...) \
@@ -798,6 +802,10 @@ _NM_IN_STRSET_streq (const char *x, const char *s)
#define _NM_IN_STRSET_EVAL_14(op, _x, y, ...) _NM_IN_STRSET_streq (_x, y) op _NM_IN_STRSET_EVAL_13 (op, _x, __VA_ARGS__)
#define _NM_IN_STRSET_EVAL_15(op, _x, y, ...) _NM_IN_STRSET_streq (_x, y) op _NM_IN_STRSET_EVAL_14 (op, _x, __VA_ARGS__)
#define _NM_IN_STRSET_EVAL_16(op, _x, y, ...) _NM_IN_STRSET_streq (_x, y) op _NM_IN_STRSET_EVAL_15 (op, _x, __VA_ARGS__)
+#define _NM_IN_STRSET_EVAL_17(op, _x, y, ...) _NM_IN_STRSET_streq (_x, y) op _NM_IN_STRSET_EVAL_16 (op, _x, __VA_ARGS__)
+#define _NM_IN_STRSET_EVAL_18(op, _x, y, ...) _NM_IN_STRSET_streq (_x, y) op _NM_IN_STRSET_EVAL_17 (op, _x, __VA_ARGS__)
+#define _NM_IN_STRSET_EVAL_19(op, _x, y, ...) _NM_IN_STRSET_streq (_x, y) op _NM_IN_STRSET_EVAL_18 (op, _x, __VA_ARGS__)
+#define _NM_IN_STRSET_EVAL_20(op, _x, y, ...) _NM_IN_STRSET_streq (_x, y) op _NM_IN_STRSET_EVAL_19 (op, _x, __VA_ARGS__)
#define _NM_IN_STRSET_EVAL_N2(op, _x, n, ...) (_NM_IN_STRSET_EVAL_##n(op, _x, __VA_ARGS__))
#define _NM_IN_STRSET_EVAL_N(op, x, n, ...) \
--
2.26.2

View File

@ -1,88 +0,0 @@
From 957e8465acdb9aaca0fbc797ac6df1efc2270f57 Mon Sep 17 00:00:00 2001
From: Antonio Cardace <acardace@redhat.com>
Date: Tue, 4 Aug 2020 18:19:47 +0200
Subject: [PATCH] bond: fix can_reapply_change() false positives
can_reapply_change() would wrongly return true for
unsupported reapply values because it used 'nm_setting_bond_get_option_default()'
that is ill-named because it returns the overriden option other than
its default value.
https://bugzilla.redhat.com/show_bug.cgi?id=1847814
Fixes: 9bd07336ef16 ('bond: bond options logic rework')
(cherry picked from commit 04d6ca1fb8bdbfffd70a257424f9e8c29fcb8037)
(cherry picked from commit 63b5274dda0c52148ec8e8ca41e94e47b1e7d653)
---
src/devices/nm-device-bond.c | 31 +++++++------------------------
1 file changed, 7 insertions(+), 24 deletions(-)
diff --git a/src/devices/nm-device-bond.c b/src/devices/nm-device-bond.c
index e36eba61b..164f6aaa7 100644
--- a/src/devices/nm-device-bond.c
+++ b/src/devices/nm-device-bond.c
@@ -516,14 +516,12 @@ create_and_realize (NMDevice *device,
static gboolean
check_changed_options (NMSettingBond *s_a, NMSettingBond *s_b, GError **error)
{
- guint i, num;
- const char *name = NULL, *value_a = NULL, *value_b = NULL;
+ const char **option_list;
- /* Check that options in @s_a have compatible changes in @s_b */
+ option_list = nm_setting_bond_get_valid_options (NULL);
- num = nm_setting_bond_get_num_options (s_a);
- for (i = 0; i < num; i++) {
- nm_setting_bond_get_option (s_a, i, &name, &value_a);
+ for (; *option_list; ++option_list) {
+ const char *name = *option_list;
/* We support changes to these */
if (NM_IN_STRSET (name,
@@ -532,15 +530,9 @@ check_changed_options (NMSettingBond *s_a, NMSettingBond *s_b, GError **error)
continue;
}
- /* Missing in @s_b, but has a default value in @s_a */
- value_b = nm_setting_bond_get_option_by_name (s_b, name);
- if ( !value_b
- && nm_streq0 (value_a, nm_setting_bond_get_option_default (s_a, name))) {
- continue;
- }
-
/* Reject any other changes */
- if (!nm_streq0 (value_a, value_b)) {
+ if (!nm_streq0 (nm_setting_bond_get_option_normalized (s_a, name),
+ nm_setting_bond_get_option_normalized (s_b, name))) {
g_set_error (error,
NM_DEVICE_ERROR,
NM_DEVICE_ERROR_INCOMPATIBLE_CONNECTION,
@@ -562,7 +554,6 @@ can_reapply_change (NMDevice *device,
GError **error)
{
NMDeviceClass *device_class;
- NMSettingBond *s_bond_old, *s_bond_new;
/* Only handle bond setting here, delegate other settings to parent class */
if (nm_streq (setting_name, NM_SETTING_BOND_SETTING_NAME)) {
@@ -572,15 +563,7 @@ can_reapply_change (NMDevice *device,
NM_SETTING_BOND_OPTIONS))
return FALSE;
- s_bond_old = NM_SETTING_BOND (s_old);
- s_bond_new = NM_SETTING_BOND (s_new);
-
- if ( !check_changed_options (s_bond_old, s_bond_new, error)
- || !check_changed_options (s_bond_new, s_bond_old, error)) {
- return FALSE;
- }
-
- return TRUE;
+ return check_changed_options (NM_SETTING_BOND (s_old), NM_SETTING_BOND (s_new), error);
}
device_class = NM_DEVICE_CLASS (nm_device_bond_parent_class);
--
2.26.2

View File

@ -1,216 +0,0 @@
From ff509fd95afb6f5d183eeafcc1ef467d8102181f Mon Sep 17 00:00:00 2001
From: Antonio Cardace <acardace@redhat.com>
Date: Tue, 4 Aug 2020 17:49:04 +0200
Subject: [PATCH] bond: let 'reapply()' reapply all supported options
Reapply now handles all the options supported by kernel and NM, meaning
that some options are simply not allowed to be set while keeping the
bond up, one of those options is the mode for instance.
https://bugzilla.redhat.com/show_bug.cgi?id=1847814
(cherry picked from commit 746dc119a6bceb6a08b4dc9f3798d0b59a4b8575)
(cherry picked from commit 88a399637a5279f43fd8fc7c511547fa1d179295)
---
src/devices/nm-device-bond.c | 141 +++++++++++++++++++++++++----------
1 file changed, 101 insertions(+), 40 deletions(-)
diff --git a/src/devices/nm-device-bond.c b/src/devices/nm-device-bond.c
index 164f6aaa7..71332ba39 100644
--- a/src/devices/nm-device-bond.c
+++ b/src/devices/nm-device-bond.c
@@ -183,7 +183,6 @@ master_update_slave_connection (NMDevice *self,
static void
set_arp_targets (NMDevice *device,
- NMBondMode mode,
const char *cur_arp_ip_target,
const char *new_arp_ip_target)
{
@@ -296,15 +295,39 @@ set_bond_attr_active_slave (NMDevice *device, NMSettingBond *s_bond)
_set_bond_attr (device, NM_SETTING_BOND_OPTION_ACTIVE_SLAVE, value);
}
+static void
+set_bond_attrs_or_default (NMDevice *device, NMSettingBond *s_bond, const char *const *attr_v)
+{
+ nm_assert (NM_IS_DEVICE (device));
+ nm_assert (s_bond);
+ nm_assert (attr_v);
+
+ for ( ; *attr_v ; ++attr_v)
+ set_bond_attr_or_default (device, s_bond, *attr_v);
+}
+
+static void
+set_bond_arp_ip_targets (NMDevice *device, NMSettingBond *s_bond)
+{
+ int ifindex = nm_device_get_ifindex (device);
+ gs_free char *cur_arp_ip_target = NULL;
+
+ /* ARP targets: clear and initialize the list */
+ cur_arp_ip_target = nm_platform_sysctl_master_get_option (nm_device_get_platform (device),
+ ifindex,
+ NM_SETTING_BOND_OPTION_ARP_IP_TARGET);
+ set_arp_targets (device,
+ cur_arp_ip_target,
+ nm_setting_bond_get_option_or_default (s_bond, NM_SETTING_BOND_OPTION_ARP_IP_TARGET));
+}
+
static gboolean
apply_bonding_config (NMDeviceBond *self)
{
NMDevice *device = NM_DEVICE (self);
- int ifindex = nm_device_get_ifindex (device);
NMSettingBond *s_bond;
NMBondMode mode;
const char *mode_str;
- gs_free char *cur_arp_ip_target = NULL;
s_bond = nm_device_get_applied_setting (device, NM_TYPE_SETTING_BOND);
g_return_val_if_fail (s_bond, FALSE);
@@ -318,40 +341,34 @@ apply_bonding_config (NMDeviceBond *self)
*/
set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_MODE);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_MIIMON);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_UPDELAY);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_DOWNDELAY);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_ARP_INTERVAL);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_ARP_VALIDATE);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_PRIMARY);
-
- /* ARP targets: clear and initialize the list */
- cur_arp_ip_target = nm_platform_sysctl_master_get_option (nm_device_get_platform (device),
- ifindex,
- NM_SETTING_BOND_OPTION_ARP_IP_TARGET);
- set_arp_targets (device,
- mode,
- cur_arp_ip_target,
- nm_setting_bond_get_option_or_default (s_bond, NM_SETTING_BOND_OPTION_ARP_IP_TARGET));
-
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_AD_ACTOR_SYSTEM);
+ set_bond_arp_ip_targets (device, s_bond);
set_bond_attr_active_slave (device, s_bond);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_AD_ACTOR_SYS_PRIO);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_AD_SELECT);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_AD_USER_PORT_KEY);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_ALL_SLAVES_ACTIVE);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_ARP_ALL_TARGETS);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_FAIL_OVER_MAC);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_LACP_RATE);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_LP_INTERVAL);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_MIN_LINKS);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_PACKETS_PER_SLAVE);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_PRIMARY_RESELECT);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_RESEND_IGMP);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_TLB_DYNAMIC_LB);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_USE_CARRIER);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_XMIT_HASH_POLICY);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_NUM_GRAT_ARP);
+
+ set_bond_attrs_or_default (device,
+ s_bond,
+ NM_MAKE_STRV (NM_SETTING_BOND_OPTION_MIIMON,
+ NM_SETTING_BOND_OPTION_UPDELAY,
+ NM_SETTING_BOND_OPTION_DOWNDELAY,
+ NM_SETTING_BOND_OPTION_ARP_INTERVAL,
+ NM_SETTING_BOND_OPTION_ARP_VALIDATE,
+ NM_SETTING_BOND_OPTION_PRIMARY,
+ NM_SETTING_BOND_OPTION_AD_ACTOR_SYSTEM,
+ NM_SETTING_BOND_OPTION_AD_ACTOR_SYS_PRIO,
+ NM_SETTING_BOND_OPTION_AD_SELECT,
+ NM_SETTING_BOND_OPTION_AD_USER_PORT_KEY,
+ NM_SETTING_BOND_OPTION_ALL_SLAVES_ACTIVE,
+ NM_SETTING_BOND_OPTION_ARP_ALL_TARGETS,
+ NM_SETTING_BOND_OPTION_FAIL_OVER_MAC,
+ NM_SETTING_BOND_OPTION_LACP_RATE,
+ NM_SETTING_BOND_OPTION_LP_INTERVAL,
+ NM_SETTING_BOND_OPTION_MIN_LINKS,
+ NM_SETTING_BOND_OPTION_PACKETS_PER_SLAVE,
+ NM_SETTING_BOND_OPTION_PRIMARY_RESELECT,
+ NM_SETTING_BOND_OPTION_RESEND_IGMP,
+ NM_SETTING_BOND_OPTION_TLB_DYNAMIC_LB,
+ NM_SETTING_BOND_OPTION_USE_CARRIER,
+ NM_SETTING_BOND_OPTION_XMIT_HASH_POLICY,
+ NM_SETTING_BOND_OPTION_NUM_GRAT_ARP));
return TRUE;
}
@@ -525,8 +542,26 @@ check_changed_options (NMSettingBond *s_a, NMSettingBond *s_b, GError **error)
/* We support changes to these */
if (NM_IN_STRSET (name,
- NM_SETTING_BOND_OPTION_ACTIVE_SLAVE,
- NM_SETTING_BOND_OPTION_PRIMARY)) {
+ NM_SETTING_BOND_OPTION_PRIMARY,
+ NM_SETTING_BOND_OPTION_MIIMON,
+ NM_SETTING_BOND_OPTION_UPDELAY,
+ NM_SETTING_BOND_OPTION_DOWNDELAY,
+ NM_SETTING_BOND_OPTION_ARP_INTERVAL,
+ NM_SETTING_BOND_OPTION_ARP_VALIDATE,
+ NM_SETTING_BOND_OPTION_PRIMARY,
+ NM_SETTING_BOND_OPTION_AD_ACTOR_SYSTEM,
+ NM_SETTING_BOND_OPTION_AD_ACTOR_SYS_PRIO,
+ NM_SETTING_BOND_OPTION_ALL_SLAVES_ACTIVE,
+ NM_SETTING_BOND_OPTION_ARP_ALL_TARGETS,
+ NM_SETTING_BOND_OPTION_FAIL_OVER_MAC,
+ NM_SETTING_BOND_OPTION_LP_INTERVAL,
+ NM_SETTING_BOND_OPTION_MIN_LINKS,
+ NM_SETTING_BOND_OPTION_PACKETS_PER_SLAVE,
+ NM_SETTING_BOND_OPTION_PRIMARY_RESELECT,
+ NM_SETTING_BOND_OPTION_RESEND_IGMP,
+ NM_SETTING_BOND_OPTION_USE_CARRIER,
+ NM_SETTING_BOND_OPTION_XMIT_HASH_POLICY,
+ NM_SETTING_BOND_OPTION_NUM_GRAT_ARP)) {
continue;
}
@@ -579,8 +614,8 @@ static void
reapply_connection (NMDevice *device, NMConnection *con_old, NMConnection *con_new)
{
NMDeviceBond *self = NM_DEVICE_BOND (device);
- const char *value;
NMSettingBond *s_bond;
+ const char *value;
NMBondMode mode;
NM_DEVICE_CLASS (nm_device_bond_parent_class)->reapply_connection (device,
@@ -595,8 +630,34 @@ reapply_connection (NMDevice *device, NMConnection *con_old, NMConnection *con_n
mode = _nm_setting_bond_mode_from_string (value);
g_return_if_fail (mode != NM_BOND_MODE_UNKNOWN);
- set_bond_attr_or_default (device, s_bond, NM_SETTING_BOND_OPTION_PRIMARY);
+ /* Below we set only the bond options that kernel allows to modify
+ * while keeping the bond interface up */
+
set_bond_attr_active_slave (device, s_bond);
+ set_bond_arp_ip_targets (device, s_bond);
+
+ set_bond_attrs_or_default (device,
+ s_bond,
+ NM_MAKE_STRV (NM_SETTING_BOND_OPTION_PRIMARY,
+ NM_SETTING_BOND_OPTION_MIIMON,
+ NM_SETTING_BOND_OPTION_UPDELAY,
+ NM_SETTING_BOND_OPTION_DOWNDELAY,
+ NM_SETTING_BOND_OPTION_ARP_INTERVAL,
+ NM_SETTING_BOND_OPTION_ARP_VALIDATE,
+ NM_SETTING_BOND_OPTION_PRIMARY,
+ NM_SETTING_BOND_OPTION_AD_ACTOR_SYSTEM,
+ NM_SETTING_BOND_OPTION_AD_ACTOR_SYS_PRIO,
+ NM_SETTING_BOND_OPTION_ALL_SLAVES_ACTIVE,
+ NM_SETTING_BOND_OPTION_ARP_ALL_TARGETS,
+ NM_SETTING_BOND_OPTION_FAIL_OVER_MAC,
+ NM_SETTING_BOND_OPTION_LP_INTERVAL,
+ NM_SETTING_BOND_OPTION_MIN_LINKS,
+ NM_SETTING_BOND_OPTION_PACKETS_PER_SLAVE,
+ NM_SETTING_BOND_OPTION_PRIMARY_RESELECT,
+ NM_SETTING_BOND_OPTION_RESEND_IGMP,
+ NM_SETTING_BOND_OPTION_USE_CARRIER,
+ NM_SETTING_BOND_OPTION_XMIT_HASH_POLICY,
+ NM_SETTING_BOND_OPTION_NUM_GRAT_ARP));
}
/*****************************************************************************/
--
2.26.2

View File

@ -1,444 +0,0 @@
From 40422ede3f44f4018377a81db1056fb3439107b2 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Wed, 22 Jul 2020 05:03:47 +0200
Subject: [PATCH 1/4] systemd: dhcp6: remove assertions in
dhcp6_option_parse_domainname()
Assertions are for programming errors; here the input comes directly
from the DHCP response packet.
https://github.com/systemd/systemd/commit/af710b535b4ceacd0aecec6748a4f8ee57742e99
(cherry picked from commit e2248143af0d4ec61e571c4f358d5d7f1044289c)
---
src/systemd/src/libsystemd-network/dhcp6-option.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/systemd/src/libsystemd-network/dhcp6-option.c b/src/systemd/src/libsystemd-network/dhcp6-option.c
index d596752b3b91..717fcdffb815 100644
--- a/src/systemd/src/libsystemd-network/dhcp6-option.c
+++ b/src/systemd/src/libsystemd-network/dhcp6-option.c
@@ -649,8 +649,10 @@ int dhcp6_option_parse_domainname(const uint8_t *optval, uint16_t optlen, char *
_cleanup_strv_free_ char **names = NULL;
int r;
- assert_return(optlen > 1, -ENODATA);
- assert_return(optval[optlen - 1] == '\0', -EINVAL);
+ if (optlen <= 1)
+ return -ENODATA;
+ if (optval[optlen - 1] != '\0')
+ return -EINVAL;
while (pos < optlen) {
_cleanup_free_ char *ret = NULL;
--
2.26.2
From ab72f05d16d641bccaa1b4870bfb91c03661f1c5 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Thu, 6 Aug 2020 10:49:07 +0200
Subject: [PATCH 2/4] systemd: dhcp6: parse the FQDN option
Parse option 39 (Client Fully Qualified Domain Name, RFC 4704) from the DHCP
reply, which specifies the FQDN assigned by the server to the client.
https://github.com/systemd/systemd/commit/c43eea9f2effbb066901a61eafef473558d37b0f
(cherry picked from commit 813fb7d64ee4cb0f935a3a15b9f5b8f5771655da)
---
.../src/libsystemd-network/dhcp6-internal.h | 5 +-
.../libsystemd-network/dhcp6-lease-internal.h | 2 +
.../src/libsystemd-network/dhcp6-option.c | 118 ++++++++++++------
.../src/libsystemd-network/sd-dhcp6-client.c | 7 ++
.../src/libsystemd-network/sd-dhcp6-lease.c | 39 +++++-
src/systemd/src/systemd/sd-dhcp6-lease.h | 1 +
6 files changed, 129 insertions(+), 43 deletions(-)
diff --git a/src/systemd/src/libsystemd-network/dhcp6-internal.h b/src/systemd/src/libsystemd-network/dhcp6-internal.h
index b0d1216eed84..068dcade0583 100644
--- a/src/systemd/src/libsystemd-network/dhcp6-internal.h
+++ b/src/systemd/src/libsystemd-network/dhcp6-internal.h
@@ -109,8 +109,9 @@ int dhcp6_option_parse_ia(DHCP6Option *iaoption, DHCP6IA *ia, uint16_t *ret_stat
int dhcp6_option_parse_ip6addrs(uint8_t *optval, uint16_t optlen,
struct in6_addr **addrs, size_t count,
size_t *allocated);
-int dhcp6_option_parse_domainname(const uint8_t *optval, uint16_t optlen,
- char ***str_arr);
+int dhcp6_option_parse_domainname_list(const uint8_t *optval, uint16_t optlen,
+ char ***str_arr);
+int dhcp6_option_parse_domainname(const uint8_t *optval, uint16_t optlen, char **str);
int dhcp6_network_bind_udp_socket(int index, struct in6_addr *address);
int dhcp6_network_send_udp_socket(int s, struct in6_addr *address,
diff --git a/src/systemd/src/libsystemd-network/dhcp6-lease-internal.h b/src/systemd/src/libsystemd-network/dhcp6-lease-internal.h
index e004f48b4e24..df6c95e0b360 100644
--- a/src/systemd/src/libsystemd-network/dhcp6-lease-internal.h
+++ b/src/systemd/src/libsystemd-network/dhcp6-lease-internal.h
@@ -35,6 +35,7 @@ struct sd_dhcp6_lease {
size_t ntp_allocated;
char **ntp_fqdn;
size_t ntp_fqdn_count;
+ char *fqdn;
};
int dhcp6_lease_ia_rebind_expire(const DHCP6IA *ia, uint32_t *expire);
@@ -57,5 +58,6 @@ int dhcp6_lease_set_domains(sd_dhcp6_lease *lease, uint8_t *optval,
int dhcp6_lease_set_ntp(sd_dhcp6_lease *lease, uint8_t *optval, size_t optlen);
int dhcp6_lease_set_sntp(sd_dhcp6_lease *lease, uint8_t *optval,
size_t optlen) ;
+int dhcp6_lease_set_fqdn(sd_dhcp6_lease *lease, const uint8_t *optval, size_t optlen);
int dhcp6_lease_new(sd_dhcp6_lease **ret);
diff --git a/src/systemd/src/libsystemd-network/dhcp6-option.c b/src/systemd/src/libsystemd-network/dhcp6-option.c
index 717fcdffb815..a6dad9340643 100644
--- a/src/systemd/src/libsystemd-network/dhcp6-option.c
+++ b/src/systemd/src/libsystemd-network/dhcp6-option.c
@@ -644,61 +644,103 @@ int dhcp6_option_parse_ip6addrs(uint8_t *optval, uint16_t optlen,
return count;
}
-int dhcp6_option_parse_domainname(const uint8_t *optval, uint16_t optlen, char ***str_arr) {
- size_t pos = 0, idx = 0;
- _cleanup_strv_free_ char **names = NULL;
+static int parse_domain(const uint8_t **data, uint16_t *len, char **out_domain) {
+ _cleanup_free_ char *ret = NULL;
+ size_t n = 0, allocated = 0;
+ const uint8_t *optval = *data;
+ uint16_t optlen = *len;
+ bool first = true;
int r;
if (optlen <= 1)
return -ENODATA;
- if (optval[optlen - 1] != '\0')
- return -EINVAL;
- while (pos < optlen) {
- _cleanup_free_ char *ret = NULL;
- size_t n = 0, allocated = 0;
- bool first = true;
-
- for (;;) {
- const char *label;
- uint8_t c;
+ for (;;) {
+ const char *label;
+ uint8_t c;
- c = optval[pos++];
+ if (optlen == 0)
+ break;
- if (c == 0)
- /* End of name */
- break;
- if (c > 63)
- return -EBADMSG;
+ c = *optval;
+ optval++;
+ optlen--;
- /* Literal label */
- label = (const char *)&optval[pos];
- pos += c;
- if (pos >= optlen)
- return -EMSGSIZE;
+ if (c == 0)
+ /* End label */
+ break;
+ if (c > 63)
+ return -EBADMSG;
+ if (c > optlen)
+ return -EMSGSIZE;
- if (!GREEDY_REALLOC(ret, allocated, n + !first + DNS_LABEL_ESCAPED_MAX))
- return -ENOMEM;
+ /* Literal label */
+ label = (const char *)optval;
+ optval += c;
+ optlen -= c;
- if (first)
- first = false;
- else
- ret[n++] = '.';
+ if (!GREEDY_REALLOC(ret, allocated, n + !first + DNS_LABEL_ESCAPED_MAX))
+ return -ENOMEM;
- r = dns_label_escape(label, c, ret + n, DNS_LABEL_ESCAPED_MAX);
- if (r < 0)
- return r;
+ if (first)
+ first = false;
+ else
+ ret[n++] = '.';
- n += r;
- }
+ r = dns_label_escape(label, c, ret + n, DNS_LABEL_ESCAPED_MAX);
+ if (r < 0)
+ return r;
- if (n == 0)
- continue;
+ n += r;
+ }
+ if (n) {
if (!GREEDY_REALLOC(ret, allocated, n + 1))
return -ENOMEM;
-
ret[n] = 0;
+ }
+
+ *out_domain = TAKE_PTR(ret);
+ *data = optval;
+ *len = optlen;
+
+ return n;
+}
+
+int dhcp6_option_parse_domainname(const uint8_t *optval, uint16_t optlen, char **str) {
+ _cleanup_free_ char *domain = NULL;
+ int r;
+
+ r = parse_domain(&optval, &optlen, &domain);
+ if (r < 0)
+ return r;
+ if (r == 0)
+ return -ENODATA;
+ if (optlen != 0)
+ return -EINVAL;
+
+ *str = TAKE_PTR(domain);
+ return 0;
+}
+
+int dhcp6_option_parse_domainname_list(const uint8_t *optval, uint16_t optlen, char ***str_arr) {
+ size_t idx = 0;
+ _cleanup_strv_free_ char **names = NULL;
+ int r;
+
+ if (optlen <= 1)
+ return -ENODATA;
+ if (optval[optlen - 1] != '\0')
+ return -EINVAL;
+
+ while (optlen > 0) {
+ _cleanup_free_ char *ret = NULL;
+
+ r = parse_domain(&optval, &optlen, &ret);
+ if (r < 0)
+ return r;
+ if (r == 0)
+ continue;
r = strv_extend(&names, ret);
if (r < 0)
diff --git a/src/systemd/src/libsystemd-network/sd-dhcp6-client.c b/src/systemd/src/libsystemd-network/sd-dhcp6-client.c
index d653b2571c00..b80e4e5406d9 100644
--- a/src/systemd/src/libsystemd-network/sd-dhcp6-client.c
+++ b/src/systemd/src/libsystemd-network/sd-dhcp6-client.c
@@ -1288,6 +1288,13 @@ static int client_parse_message(
break;
+ case SD_DHCP6_OPTION_FQDN:
+ r = dhcp6_lease_set_fqdn(lease, optval, optlen);
+ if (r < 0)
+ return r;
+
+ break;
+
case SD_DHCP6_OPTION_INFORMATION_REFRESH_TIME:
if (optlen != 4)
return -EINVAL;
diff --git a/src/systemd/src/libsystemd-network/sd-dhcp6-lease.c b/src/systemd/src/libsystemd-network/sd-dhcp6-lease.c
index b6dc02791504..5f5a7fe616fa 100644
--- a/src/systemd/src/libsystemd-network/sd-dhcp6-lease.c
+++ b/src/systemd/src/libsystemd-network/sd-dhcp6-lease.c
@@ -238,7 +238,7 @@ int dhcp6_lease_set_domains(sd_dhcp6_lease *lease, uint8_t *optval,
if (!optlen)
return 0;
- r = dhcp6_option_parse_domainname(optval, optlen, &domains);
+ r = dhcp6_option_parse_domainname_list(optval, optlen, &domains);
if (r < 0)
return 0;
@@ -296,8 +296,8 @@ int dhcp6_lease_set_ntp(sd_dhcp6_lease *lease, uint8_t *optval, size_t optlen) {
break;
case DHCP6_NTP_SUBOPTION_SRV_FQDN:
- r = dhcp6_option_parse_domainname(subval, sublen,
- &servers);
+ r = dhcp6_option_parse_domainname_list(subval, sublen,
+ &servers);
if (r < 0)
return 0;
@@ -367,6 +367,38 @@ int sd_dhcp6_lease_get_ntp_fqdn(sd_dhcp6_lease *lease, char ***ntp_fqdn) {
return -ENOENT;
}
+int dhcp6_lease_set_fqdn(sd_dhcp6_lease *lease, const uint8_t *optval,
+ size_t optlen) {
+ int r;
+ char *fqdn;
+
+ assert_return(lease, -EINVAL);
+ assert_return(optval, -EINVAL);
+
+ if (optlen < 2)
+ return -ENODATA;
+
+ /* Ignore the flags field, it doesn't carry any useful
+ information for clients. */
+ r = dhcp6_option_parse_domainname(optval + 1, optlen - 1, &fqdn);
+ if (r < 0)
+ return r;
+
+ return free_and_replace(lease->fqdn, fqdn);
+}
+
+int sd_dhcp6_lease_get_fqdn(sd_dhcp6_lease *lease, const char **fqdn) {
+ assert_return(lease, -EINVAL);
+ assert_return(fqdn, -EINVAL);
+
+ if (lease->fqdn) {
+ *fqdn = lease->fqdn;
+ return 0;
+ }
+
+ return -ENOENT;
+}
+
static sd_dhcp6_lease *dhcp6_lease_free(sd_dhcp6_lease *lease) {
assert(lease);
@@ -375,6 +407,7 @@ static sd_dhcp6_lease *dhcp6_lease_free(sd_dhcp6_lease *lease) {
dhcp6_lease_free_ia(&lease->pd);
free(lease->dns);
+ free(lease->fqdn);
lease->domains = strv_free(lease->domains);
diff --git a/src/systemd/src/systemd/sd-dhcp6-lease.h b/src/systemd/src/systemd/sd-dhcp6-lease.h
index 4301c6db878b..240df74af8c5 100644
--- a/src/systemd/src/systemd/sd-dhcp6-lease.h
+++ b/src/systemd/src/systemd/sd-dhcp6-lease.h
@@ -43,6 +43,7 @@ int sd_dhcp6_lease_get_dns(sd_dhcp6_lease *lease, const struct in6_addr **addrs)
int sd_dhcp6_lease_get_domains(sd_dhcp6_lease *lease, char ***domains);
int sd_dhcp6_lease_get_ntp_addrs(sd_dhcp6_lease *lease, const struct in6_addr **addrs);
int sd_dhcp6_lease_get_ntp_fqdn(sd_dhcp6_lease *lease, char ***ntp_fqdn);
+int sd_dhcp6_lease_get_fqdn(sd_dhcp6_lease *lease, const char **fqdn);
sd_dhcp6_lease *sd_dhcp6_lease_ref(sd_dhcp6_lease *lease);
sd_dhcp6_lease *sd_dhcp6_lease_unref(sd_dhcp6_lease *lease);
--
2.26.2
From 98d88e272c9d49876ad2c2b1507a4fda9456531e Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Wed, 22 Jul 2020 13:56:39 +0200
Subject: [PATCH 3/4] dhcp: export the DHCPv6 FQDN option
The dhclient backend already exports all the option passed by
dhclient, including the FDQN. Export it also for the systemd backend.
(cherry picked from commit 1621a6ddb1b3f5c51ad774012150bd56cf65fcea)
(cherry picked from commit c6a7618f2be4236997362db43cf44a3fdee2d9c9)
---
src/dhcp/nm-dhcp-options.c | 1 +
src/dhcp/nm-dhcp-options.h | 2 ++
src/dhcp/nm-dhcp-systemd.c | 8 ++++++++
3 files changed, 11 insertions(+)
diff --git a/src/dhcp/nm-dhcp-options.c b/src/dhcp/nm-dhcp-options.c
index b10635fc674a..d902c77c8c21 100644
--- a/src/dhcp/nm-dhcp-options.c
+++ b/src/dhcp/nm-dhcp-options.c
@@ -183,6 +183,7 @@ const NMDhcpOption _nm_dhcp_option_dhcp6_options[] = {
REQ (NM_DHCP_OPTION_DHCP6_DNS_SERVERS, "dhcp6_name_servers", TRUE ),
REQ (NM_DHCP_OPTION_DHCP6_DOMAIN_LIST, "dhcp6_domain_search", TRUE ),
REQ (NM_DHCP_OPTION_DHCP6_SNTP_SERVERS, "dhcp6_sntp_servers", TRUE ),
+ REQ (NM_DHCP_OPTION_DHCP6_FQDN, "fqdn_fqdn", FALSE ),
REQ (NM_DHCP_OPTION_DHCP6_MUD_URL, "dhcp6_mud_url", FALSE ),
/* Internal values */
diff --git a/src/dhcp/nm-dhcp-options.h b/src/dhcp/nm-dhcp-options.h
index 7c0121702dad..bc3df5acd330 100644
--- a/src/dhcp/nm-dhcp-options.h
+++ b/src/dhcp/nm-dhcp-options.h
@@ -160,7 +160,9 @@ typedef enum {
NM_DHCP_OPTION_DHCP6_DNS_SERVERS = 23,
NM_DHCP_OPTION_DHCP6_DOMAIN_LIST = 24,
NM_DHCP_OPTION_DHCP6_SNTP_SERVERS = 31,
+ NM_DHCP_OPTION_DHCP6_FQDN = 39,
NM_DHCP_OPTION_DHCP6_MUD_URL = 112,
+
/* Internal values */
NM_DHCP_OPTION_DHCP6_NM_IP_ADDRESS = 1026,
NM_DHCP_OPTION_DHCP6_NM_PREFIXLEN = 1027,
diff --git a/src/dhcp/nm-dhcp-systemd.c b/src/dhcp/nm-dhcp-systemd.c
index f65937d8e035..7ee101128b43 100644
--- a/src/dhcp/nm-dhcp-systemd.c
+++ b/src/dhcp/nm-dhcp-systemd.c
@@ -740,6 +740,7 @@ lease_to_ip6_config (NMDedupMultiIndex *multi_idx,
uint32_t lft_pref, lft_valid;
char addr_str[NM_UTILS_INET_ADDRSTRLEN];
char **domains;
+ const char *s;
nm_auto_free_gstring GString *str = NULL;
int num, i;
@@ -808,6 +809,13 @@ lease_to_ip6_config (NMDedupMultiIndex *multi_idx,
str->str);
}
+ if (sd_dhcp6_lease_get_fqdn (lease, &s) >= 0) {
+ nm_dhcp_option_add_option (options,
+ _nm_dhcp_option_dhcp6_options,
+ NM_DHCP_OPTION_DHCP6_FQDN,
+ s);
+ }
+
NM_SET_OUT (out_options, g_steal_pointer (&options));
return g_steal_pointer (&ip6_config);
}
--
2.26.2
From bce988af55e0444a23a4c3881a075ff2387b798a Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Wed, 22 Jul 2020 13:49:42 +0200
Subject: [PATCH 4/4] policy: get the DHCPv6 hostname from the FQDN option
There isn't any 'host-name' option for DHCPv6. Read instead the
'fqdn-fqdn' option that carries the FQDN assigned by the server to the
client.
(cherry picked from commit 1f74ea52f5818c6e7d5cacd1dffdb2e1f5ee1913)
(cherry picked from commit 4e1da002a920888daf5bb3aa4bd21a2d61e3214b)
---
src/nm-policy.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/nm-policy.c b/src/nm-policy.c
index e571034bc345..04cbace6019a 100644
--- a/src/nm-policy.c
+++ b/src/nm-policy.c
@@ -764,7 +764,7 @@ update_system_hostname (NMPolicy *self, const char *msg)
/* Grab a hostname out of the device's DHCP6 config */
dhcp_config = nm_device_get_dhcp_config (get_default_device (self, AF_INET6), AF_INET6);
if (dhcp_config) {
- dhcp_hostname = nm_dhcp_config_get_option (dhcp_config, "host_name");
+ dhcp_hostname = nm_dhcp_config_get_option (dhcp_config, "fqdn_fqdn");
if (dhcp_hostname && dhcp_hostname[0]) {
p = nm_str_skip_leading_spaces (dhcp_hostname);
if (p[0]) {
--
2.26.2

File diff suppressed because it is too large Load Diff

View File

@ -1,80 +0,0 @@
From 09c7c911d702fbe906c5c97435551416d27a2bf9 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Tue, 21 Jul 2020 13:51:17 +0200
Subject: [PATCH 1/2] core: only expose "type unicast" routes on D-Bus
Currently, we would not mark non-unicast routes with their type, so they
would wrongly appear as unicast routes in the D-Bus API.
That is wrong. For now, just hide them.
Fixes: 5d0d13f57010 ('platform: add support for local routes')
(cherry picked from commit 5035687a7be4c67e32b4e08319f2e66c76b42212)
(cherry picked from commit cf3cff4f12e78615c18fd829b1f32eac4f607c0b)
---
src/nm-ip4-config.c | 3 +++
src/nm-ip6-config.c | 3 +++
2 files changed, 6 insertions(+)
diff --git a/src/nm-ip4-config.c b/src/nm-ip4-config.c
index f017a3e809f4..9ad811642317 100644
--- a/src/nm-ip4-config.c
+++ b/src/nm-ip4-config.c
@@ -3227,6 +3227,9 @@ out_addresses_cached:
nm_assert (_route_valid (route));
+ if (route->type_coerced != nm_platform_route_type_coerce (RTN_UNICAST))
+ continue;
+
g_variant_builder_init (&route_builder, G_VARIANT_TYPE ("a{sv}"));
g_variant_builder_add (&route_builder, "{sv}",
"dest",
diff --git a/src/nm-ip6-config.c b/src/nm-ip6-config.c
index 1589cad004af..deb30e77d757 100644
--- a/src/nm-ip6-config.c
+++ b/src/nm-ip6-config.c
@@ -2682,6 +2682,9 @@ out_addresses_cached:
nm_assert (_route_valid (route));
+ if (route->type_coerced != nm_platform_route_type_coerce (RTN_UNICAST))
+ continue;
+
g_variant_builder_init (&route_builder, G_VARIANT_TYPE ("a{sv}"));
g_variant_builder_add (&route_builder, "{sv}",
"dest",
--
2.26.2
From 52fe9dec97eb7d57594141732694453ce2db08d5 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Tue, 21 Jul 2020 18:06:21 +0200
Subject: [PATCH 2/2] core: fix selecting of best-default-route to consider
only unicast routes
Fixes: 5d0d13f57010 ('platform: add support for local routes')
(cherry picked from commit 2a1bac6b8a7d107f33bbdb9d91eaf924fa67b64a)
(cherry picked from commit 99b362c9443591b2b643aa09980f1a5dd42b1f6b)
---
src/nm-ip4-config.h | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/nm-ip4-config.h b/src/nm-ip4-config.h
index dc8222fd5a7b..ea0617497607 100644
--- a/src/nm-ip4-config.h
+++ b/src/nm-ip4-config.h
@@ -83,7 +83,8 @@ nm_ip_config_best_default_route_is (const NMPObject *obj)
* Note that this only considers the main routing table. */
return r
&& NM_PLATFORM_IP_ROUTE_IS_DEFAULT (r)
- && nm_platform_route_table_is_main (r->table_coerced);
+ && nm_platform_route_table_is_main (r->table_coerced)
+ && r->type_coerced == nm_platform_route_type_coerce (1 /*RTN_UNICAST*/);
}
const NMPObject *_nm_ip_config_best_default_route_find_better (const NMPObject *obj_cur, const NMPObject *obj_cmp);
--
2.26.2

View File

@ -1,432 +0,0 @@
From d15b8c6c561258eb0e0b92d6176a16ccc8c23be3 Mon Sep 17 00:00:00 2001
From: Antonio Cardace <acardace@redhat.com>
Date: Thu, 27 Aug 2020 18:18:31 +0200
Subject: [PATCH 1/4] core: add 'dhcp-vendor-class-identifier' validation
function
So that it can be reused.
Signed-off-by: Antonio Cardace <acardace@redhat.com>
(cherry picked from commit 5cca669ff39c6909be906e8974e424ffd2ea42c2)
(cherry picked from commit 847488cb2f9f0ba8017938e0876677180c0c91a0)
---
.../nm-libnm-core-utils.c | 55 +++++++++++++++++++
.../nm-libnm-core-utils.h | 2 +
libnm-core/nm-setting-ip4-config.c | 48 +---------------
po/POTFILES.in | 1 +
src/devices/nm-device.c | 11 ++--
5 files changed, 65 insertions(+), 52 deletions(-)
diff --git a/libnm-core/nm-libnm-core-intern/nm-libnm-core-utils.c b/libnm-core/nm-libnm-core-intern/nm-libnm-core-utils.c
index f2c85cc60..8be7d913f 100644
--- a/libnm-core/nm-libnm-core-intern/nm-libnm-core-utils.c
+++ b/libnm-core/nm-libnm-core-intern/nm-libnm-core-utils.c
@@ -6,6 +6,8 @@
#include "nm-common-macros.h"
+#include "nm-errors.h"
+
#include <linux/rtnetlink.h>
/*****************************************************************************/
@@ -257,3 +259,56 @@ NM_UTILS_ENUM2STR_DEFINE (nm_utils_route_type2str, guint8,
NM_UTILS_ENUM2STR (RTN_UNREACHABLE, "unreachable"),
NM_UTILS_ENUM2STR (RTN_UNSPEC, "unspecified"),
);
+
+gboolean
+nm_utils_validate_dhcp4_vendor_class_id (const char *vci, GError **error)
+{
+ const char * bin;
+ gsize unescaped_len;
+ gs_free char *to_free = NULL;
+
+ g_return_val_if_fail (!error || !(*error), FALSE);
+ g_return_val_if_fail (vci, FALSE);
+
+ if (vci[0] == '\0') {
+ g_set_error_literal (error,
+ NM_CONNECTION_ERROR,
+ NM_CONNECTION_ERROR_INVALID_PROPERTY,
+ _ ("property cannot be an empty string"));
+ g_prefix_error (error,
+ "%s.%s: ",
+ NM_SETTING_IP4_CONFIG_SETTING_NAME,
+ NM_SETTING_IP4_CONFIG_DHCP_VENDOR_CLASS_IDENTIFIER);
+ return FALSE;
+ }
+
+ bin = nm_utils_buf_utf8safe_unescape (vci,
+ NM_UTILS_STR_UTF8_SAFE_FLAG_NONE,
+ &unescaped_len,
+ (gpointer *) &to_free);
+ /* a DHCP option cannot be longer than 255 bytes */
+ if (unescaped_len > 255) {
+ g_set_error_literal (error,
+ NM_CONNECTION_ERROR,
+ NM_CONNECTION_ERROR_INVALID_PROPERTY,
+ _ ("property cannot be longer than 255 bytes"));
+ g_prefix_error (error,
+ "%s.%s: ",
+ NM_SETTING_IP4_CONFIG_SETTING_NAME,
+ NM_SETTING_IP4_CONFIG_DHCP_VENDOR_CLASS_IDENTIFIER);
+ return FALSE;
+ }
+ if (strlen (bin) != unescaped_len) {
+ g_set_error_literal (error,
+ NM_CONNECTION_ERROR,
+ NM_CONNECTION_ERROR_INVALID_PROPERTY,
+ _ ("property cannot contain any nul bytes"));
+ g_prefix_error (error,
+ "%s.%s: ",
+ NM_SETTING_IP4_CONFIG_SETTING_NAME,
+ NM_SETTING_IP4_CONFIG_DHCP_VENDOR_CLASS_IDENTIFIER);
+ return FALSE;
+ }
+
+ return TRUE;
+}
diff --git a/libnm-core/nm-libnm-core-intern/nm-libnm-core-utils.h b/libnm-core/nm-libnm-core-intern/nm-libnm-core-utils.h
index bb3fa5fcf..6c1337d88 100644
--- a/libnm-core/nm-libnm-core-intern/nm-libnm-core-utils.h
+++ b/libnm-core/nm-libnm-core-intern/nm-libnm-core-utils.h
@@ -140,4 +140,6 @@ guint8 nm_utils_route_type_by_name (const char *name);
const char *nm_utils_route_type2str (guint8 val, char *buf, gsize len);
+gboolean nm_utils_validate_dhcp4_vendor_class_id (const char *vci, GError **error);
+
#endif /* __NM_LIBNM_SHARED_UTILS_H__ */
diff --git a/libnm-core/nm-setting-ip4-config.c b/libnm-core/nm-setting-ip4-config.c
index 0b8dc89b3..7ffefc25b 100644
--- a/libnm-core/nm-setting-ip4-config.c
+++ b/libnm-core/nm-setting-ip4-config.c
@@ -227,51 +227,9 @@ verify (NMSetting *setting, NMConnection *connection, GError **error)
return FALSE;
}
- if (priv->dhcp_vendor_class_identifier) {
- const char * bin;
- gsize unescaped_len;
- gs_free char *to_free = NULL;
-
- if (priv->dhcp_vendor_class_identifier[0] == '\0') {
- g_set_error_literal (error,
- NM_CONNECTION_ERROR,
- NM_CONNECTION_ERROR_INVALID_PROPERTY,
- _ ("property cannot be an empty string"));
- g_prefix_error (error,
- "%s.%s: ",
- NM_SETTING_IP4_CONFIG_SETTING_NAME,
- NM_SETTING_IP4_CONFIG_DHCP_VENDOR_CLASS_IDENTIFIER);
- return FALSE;
- }
-
- bin = nm_utils_buf_utf8safe_unescape (priv->dhcp_vendor_class_identifier,
- NM_UTILS_STR_UTF8_SAFE_FLAG_NONE,
- &unescaped_len,
- (gpointer *) &to_free);
- /* a DHCP option cannot be longer than 255 bytes */
- if (unescaped_len > 255) {
- g_set_error_literal (error,
- NM_CONNECTION_ERROR,
- NM_CONNECTION_ERROR_INVALID_PROPERTY,
- _ ("property cannot be longer than 255 bytes"));
- g_prefix_error (error,
- "%s.%s: ",
- NM_SETTING_IP4_CONFIG_SETTING_NAME,
- NM_SETTING_IP4_CONFIG_DHCP_VENDOR_CLASS_IDENTIFIER);
- return FALSE;
- }
- if (strlen (bin) != unescaped_len) {
- g_set_error_literal (error,
- NM_CONNECTION_ERROR,
- NM_CONNECTION_ERROR_INVALID_PROPERTY,
- _ ("property cannot contain any nul bytes"));
- g_prefix_error (error,
- "%s.%s: ",
- NM_SETTING_IP4_CONFIG_SETTING_NAME,
- NM_SETTING_IP4_CONFIG_DHCP_VENDOR_CLASS_IDENTIFIER);
- return FALSE;
- }
- }
+ if ( priv->dhcp_vendor_class_identifier
+ && !nm_utils_validate_dhcp4_vendor_class_id (priv->dhcp_vendor_class_identifier, error))
+ return FALSE;
/* Failures from here on are NORMALIZABLE_ERROR... */
diff --git a/po/POTFILES.in b/po/POTFILES.in
index 25cb5c4a6..ea2eafa3f 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -59,6 +59,7 @@ libnm-core/nm-dbus-utils.c
libnm-core/nm-keyfile/nm-keyfile-utils.c
libnm-core/nm-keyfile/nm-keyfile.c
libnm-core/nm-libnm-core-aux/nm-libnm-core-aux.c
+libnm-core/nm-libnm-core-intern/nm-libnm-core-utils.c
libnm-core/nm-setting-6lowpan.c
libnm-core/nm-setting-8021x.c
libnm-core/nm-setting-adsl.c
diff --git a/src/devices/nm-device.c b/src/devices/nm-device.c
index 72a2b1008..012af4d9a 100644
--- a/src/devices/nm-device.c
+++ b/src/devices/nm-device.c
@@ -8754,7 +8754,6 @@ dhcp4_get_vendor_class_identifier (NMDevice *self, NMSettingIP4Config *s_ip4)
{
gs_free char *config_data_prop = NULL;
gs_free char *to_free = NULL;
- gboolean validate = FALSE;
const char *conn_prop;
GBytes *bytes = NULL;
const char *bin;
@@ -8764,12 +8763,14 @@ dhcp4_get_vendor_class_identifier (NMDevice *self, NMSettingIP4Config *s_ip4)
if (!conn_prop) {
/* set in NetworkManager.conf ? */
- validate = TRUE;
config_data_prop = nm_config_data_get_connection_default (
NM_CONFIG_GET_DATA,
NM_CON_DEFAULT ("ipv4.dhcp-vendor-class-identifier"),
self);
- conn_prop = config_data_prop;
+
+ if ( config_data_prop
+ && nm_utils_validate_dhcp4_vendor_class_id (config_data_prop, NULL))
+ conn_prop = config_data_prop;
}
if (conn_prop) {
@@ -8777,10 +8778,6 @@ dhcp4_get_vendor_class_identifier (NMDevice *self, NMSettingIP4Config *s_ip4)
NM_UTILS_STR_UTF8_SAFE_FLAG_NONE,
&len,
(gpointer *) &to_free);
-
- if (validate && (bin[0] == '\0' || len > 255 || strlen (bin) != len))
- return NULL;
-
if (to_free)
bytes = g_bytes_new_take (g_steal_pointer (&to_free), len);
else
--
2.26.2
From a491bad06f7c29b257fd948f2149ef80b179da22 Mon Sep 17 00:00:00 2001
From: Antonio Cardace <acardace@redhat.com>
Date: Thu, 27 Aug 2020 17:43:54 +0200
Subject: [PATCH 2/4] initrd: parse 'rd.net.dhcp.vendor-class' kernel cmdline
arg
This arguments makes NM set the ipv4.dhcp-vendor-class-identifier
property for all connections.
https://bugzilla.redhat.com/show_bug.cgi?id=1872299
Signed-off-by: Antonio Cardace <acardace@redhat.com>
(cherry picked from commit c056cb9306be29a2c194a308b3b6cc639980abe2)
(cherry picked from commit 15856a4fa20feaae6bd073fc2874180b2a1a335d)
---
src/initrd/nmi-cmdline-reader.c | 6 ++++
src/initrd/tests/test-cmdline-reader.c | 47 ++++++++++++++++++++++++++
2 files changed, 53 insertions(+)
diff --git a/src/initrd/nmi-cmdline-reader.c b/src/initrd/nmi-cmdline-reader.c
index be39ef896..ba747b30a 100644
--- a/src/initrd/nmi-cmdline-reader.c
+++ b/src/initrd/nmi-cmdline-reader.c
@@ -28,6 +28,7 @@ typedef struct {
/* Parameters to be set for all connections */
gboolean ignore_auto_dns;
int dhcp_timeout;
+ char *dhcp4_vci;
} Reader;
static Reader *
@@ -52,6 +53,7 @@ reader_destroy (Reader *reader, gboolean free_hash)
g_ptr_array_unref (reader->array);
hash = g_steal_pointer (&reader->hash);
nm_clear_g_free (&reader->hostname);
+ nm_clear_g_free (&reader->dhcp4_vci);
nm_g_slice_free (reader);
if (!free_hash)
return g_steal_pointer (&hash);
@@ -95,6 +97,7 @@ reader_create_connection (Reader *reader,
NM_SETTING_IP_CONFIG_MAY_FAIL, TRUE,
NM_SETTING_IP_CONFIG_IGNORE_AUTO_DNS, reader->ignore_auto_dns,
NM_SETTING_IP_CONFIG_DHCP_TIMEOUT, reader->dhcp_timeout,
+ NM_SETTING_IP4_CONFIG_DHCP_VENDOR_CLASS_IDENTIFIER, reader->dhcp4_vci,
NULL);
setting = nm_setting_ip6_config_new ();
@@ -927,6 +930,9 @@ nmi_cmdline_reader_parse (const char *sysfs_dir, const char *const*argv, char **
else if (nm_streq (tag, "rd.net.timeout.dhcp")) {
reader->dhcp_timeout = _nm_utils_ascii_str_to_int64 (argument,
10, 0, G_MAXINT32, 0);
+ } else if (nm_streq (tag, "rd.net.dhcp.vendor-class")) {
+ if (nm_utils_validate_dhcp4_vendor_class_id (argument, NULL))
+ nm_utils_strdup_reset (&reader->dhcp4_vci, argument);
}
}
diff --git a/src/initrd/tests/test-cmdline-reader.c b/src/initrd/tests/test-cmdline-reader.c
index 7787cf5ea..a909bc380 100644
--- a/src/initrd/tests/test-cmdline-reader.c
+++ b/src/initrd/tests/test-cmdline-reader.c
@@ -1485,6 +1485,52 @@ test_bootif_off (void)
g_assert_cmpstr (hostname, ==, NULL);
}
+static void
+test_dhcp_vendor_class_id (void)
+{
+ gs_unref_hashtable GHashTable *connections = NULL;
+ const char *const*ARGV = NM_MAKE_STRV ("rd.net.dhcp.vendor-class=testvci",
+ "ip=eno1:dhcp");
+ NMConnection *connection;
+ NMSettingIP4Config *s_ip4;
+ gs_free char *hostname = NULL;
+ gs_free char *vci_long = NULL;
+ char vci_arg_long[512] = {0};
+
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ g_assert (connections);
+ g_assert_cmpint (g_hash_table_size (connections), ==, 1);
+ g_assert_cmpstr (hostname, ==, NULL);
+
+ connection = g_hash_table_lookup (connections, "eno1");
+ g_assert (connection);
+ nmtst_assert_connection_verifies_without_normalization (connection);
+ s_ip4 = NM_SETTING_IP4_CONFIG (nm_connection_get_setting_ip4_config (connection));
+ g_assert_cmpstr (nm_setting_ip4_config_get_dhcp_vendor_class_identifier (s_ip4), ==, "testvci");
+
+ ARGV = NM_MAKE_STRV ("rd.net.dhcp.vendor-class",
+ "ip=eno1:dhcp");
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connection = g_hash_table_lookup (connections, "eno1");
+ g_assert (connection);
+ nmtst_assert_connection_verifies_without_normalization (connection);
+ s_ip4 = NM_SETTING_IP4_CONFIG (nm_connection_get_setting_ip4_config (connection));
+ g_assert (nm_setting_ip4_config_get_dhcp_vendor_class_identifier (s_ip4) == NULL);
+
+
+
+ memset (vci_arg_long, 'A', 400);
+ vci_long = g_strdup_printf ("rd.net.dhcp.vendor-class=%s", vci_arg_long);
+ ARGV = NM_MAKE_STRV (vci_long,
+ "ip=eno1:dhcp");
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connection = g_hash_table_lookup (connections, "eno1");
+ g_assert (connection);
+ nmtst_assert_connection_verifies_without_normalization (connection);
+ s_ip4 = NM_SETTING_IP4_CONFIG (nm_connection_get_setting_ip4_config (connection));
+ g_assert (nm_setting_ip4_config_get_dhcp_vendor_class_identifier (s_ip4) == NULL);
+}
+
NMTST_DEFINE ();
int main (int argc, char **argv)
@@ -1521,6 +1567,7 @@ int main (int argc, char **argv)
g_test_add_func ("/initrd/cmdline/bootif/hwtype", test_bootif_hwtype);
g_test_add_func ("/initrd/cmdline/bootif/off", test_bootif_off);
g_test_add_func ("/initrd/cmdline/neednet", test_neednet);
+ g_test_add_func ("/initrd/cmdline/dhcp/vendor_class_id", test_dhcp_vendor_class_id);
return g_test_run ();
}
--
2.26.2
From bbd77df8ae1cc2510b1ff2c1c27ddf3d907faec3 Mon Sep 17 00:00:00 2001
From: Antonio Cardace <acardace@redhat.com>
Date: Tue, 1 Sep 2020 18:38:45 +0200
Subject: [PATCH 3/4] initrd: fix memory leak
Signed-off-by: Antonio Cardace <acardace@redhat.com>
Fixes: 9f9609555d1c ('initrd: add configuration generator')
(cherry picked from commit d5c05d07c7aff317284d2d5197d75e0f605b4364)
(cherry picked from commit bba54613eb4255166c921844e8b6d2a2bd0000a1)
---
shared/nm-glib-aux/nm-macros-internal.h | 8 ++++++++
src/initrd/nm-initrd-generator.c | 2 +-
2 files changed, 9 insertions(+), 1 deletion(-)
diff --git a/shared/nm-glib-aux/nm-macros-internal.h b/shared/nm-glib-aux/nm-macros-internal.h
index 15bcd7e58..57ddee050 100644
--- a/shared/nm-glib-aux/nm-macros-internal.h
+++ b/shared/nm-glib-aux/nm-macros-internal.h
@@ -216,6 +216,14 @@ NM_AUTO_DEFINE_FCN0 (GError *, gs_local_free_error, g_error_free)
#define gs_unref_keyfile nm_auto(gs_local_keyfile_unref)
NM_AUTO_DEFINE_FCN0 (GKeyFile *, gs_local_keyfile_unref, g_key_file_unref)
+/**
+ * gs_free_option_context:
+ *
+ * Call g_option_context_free() on a variable location when it goes out of scope.
+ */
+#define gs_free_option_context nm_auto(gs_local_option_context)
+NM_AUTO_DEFINE_FCN0 (GOptionContext *, gs_local_option_context, g_option_context_free);
+
/*****************************************************************************/
#include "nm-glib.h"
diff --git a/src/initrd/nm-initrd-generator.c b/src/initrd/nm-initrd-generator.c
index f984ed739..5a93480bf 100644
--- a/src/initrd/nm-initrd-generator.c
+++ b/src/initrd/nm-initrd-generator.c
@@ -83,7 +83,7 @@ main (int argc, char *argv[])
{ G_OPTION_REMAINING, '\0', 0, G_OPTION_ARG_STRING_ARRAY, &remaining, NULL, NULL },
{ NULL }
};
- GOptionContext *option_context;
+ gs_free_option_context GOptionContext *option_context = NULL;
gs_free_error GError *error = NULL;
gs_free char *hostname = NULL;
int errsv;
--
2.26.2
From 3dec958f413a4566e97183a522afb27b47a9146e Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Thu, 3 Sep 2020 11:35:40 +0200
Subject: [PATCH 4/4] initrd/tests: fix memleak in test_dhcp_vendor_class_id()
Having leaks in the tests, breaks running the test under valgrind. There
must be no leaks.
Fixes: c056cb9306be ('initrd: parse 'rd.net.dhcp.vendor-class' kernel cmdline arg')
(cherry picked from commit bff23d15d41a42c7b5f43cb3d18d66e7cd289823)
(cherry picked from commit 5bea8db7ca8fd7520fe605b59e29b974e04b4721)
Signed-off-by: Antonio Cardace <acardace@redhat.com>
---
src/initrd/tests/test-cmdline-reader.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/initrd/tests/test-cmdline-reader.c b/src/initrd/tests/test-cmdline-reader.c
index a909bc380..a11b76e01 100644
--- a/src/initrd/tests/test-cmdline-reader.c
+++ b/src/initrd/tests/test-cmdline-reader.c
@@ -1508,6 +1508,8 @@ test_dhcp_vendor_class_id (void)
s_ip4 = NM_SETTING_IP4_CONFIG (nm_connection_get_setting_ip4_config (connection));
g_assert_cmpstr (nm_setting_ip4_config_get_dhcp_vendor_class_identifier (s_ip4), ==, "testvci");
+ nm_clear_pointer (&connections, g_hash_table_unref);
+
ARGV = NM_MAKE_STRV ("rd.net.dhcp.vendor-class",
"ip=eno1:dhcp");
connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
@@ -1517,7 +1519,7 @@ test_dhcp_vendor_class_id (void)
s_ip4 = NM_SETTING_IP4_CONFIG (nm_connection_get_setting_ip4_config (connection));
g_assert (nm_setting_ip4_config_get_dhcp_vendor_class_identifier (s_ip4) == NULL);
-
+ nm_clear_pointer (&connections, g_hash_table_unref);
memset (vci_arg_long, 'A', 400);
vci_long = g_strdup_printf ("rd.net.dhcp.vendor-class=%s", vci_arg_long);
--
2.26.2

View File

@ -1,374 +0,0 @@
From c3b47a965a9b073527e7b71f88de4887fc88ecc9 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Tue, 22 Sep 2020 17:54:18 +0200
Subject: [PATCH 1/2] initrd: accept mac address as interface specifier
The interface can be specified either by name or MAC address:
ip=192.0.2.2:::::eth0
ip=192.0.2.2:::::00-11-22-33-44-55
https://bugzilla.redhat.com/show_bug.cgi?id=1879795
(cherry picked from commit f22364429135f55094fb89879f1fa7bad066727f)
(cherry picked from commit eeef91aa6e8d3eb1510563c413dda19b578a8a6a)
---
src/initrd/nmi-cmdline-reader.c | 85 ++++++++++++++++++--------
src/initrd/tests/test-cmdline-reader.c | 68 +++++++++++++++++++++
2 files changed, 128 insertions(+), 25 deletions(-)
diff --git a/src/initrd/nmi-cmdline-reader.c b/src/initrd/nmi-cmdline-reader.c
index ba747b30ad..8196e9fb78 100644
--- a/src/initrd/nmi-cmdline-reader.c
+++ b/src/initrd/nmi-cmdline-reader.c
@@ -78,6 +78,7 @@ reader_create_connection (Reader *reader,
const char *basename,
const char *id,
const char *ifname,
+ const char *mac,
const char *type_name,
NMConnectionMultiConnect multi_connect)
{
@@ -120,6 +121,14 @@ reader_create_connection (Reader *reader,
NM_SETTING_CONNECTION_MULTI_CONNECT, multi_connect,
NULL);
+ if (mac) {
+ setting = nm_setting_wired_new ();
+ nm_connection_add_setting (connection, setting);
+ g_object_set (setting,
+ NM_SETTING_WIRED_MAC_ADDRESS, mac,
+ NULL);
+ }
+
return connection;
}
@@ -133,6 +142,7 @@ reader_get_default_connection (Reader *reader)
"default_connection",
"Wired Connection",
NULL,
+ NULL,
NM_SETTING_WIRED_SETTING_NAME,
NM_CONNECTION_MULTI_CONNECT_MULTIPLE);
nm_connection_add_setting (con, nm_setting_wired_new ());
@@ -143,14 +153,26 @@ reader_get_default_connection (Reader *reader)
static NMConnection *
reader_get_connection (Reader *reader,
- const char *ifname,
+ const char *iface_spec,
const char *type_name,
gboolean create_if_missing)
{
NMConnection *connection = NULL;
NMSetting *setting;
+ const char *ifname = NULL;
+ gs_free char *mac = NULL;
+
+ if (iface_spec) {
+ if (nm_utils_is_valid_iface_name (iface_spec, NULL))
+ ifname = iface_spec;
+ else {
+ mac = nm_utils_hwaddr_canonical (iface_spec, ETH_ALEN);
+ if (!mac)
+ _LOGW (LOGD_CORE, "invalid interface '%s'", iface_spec);
+ }
+ }
- if (!ifname) {
+ if (!ifname && !mac) {
NMConnection *candidate;
NMSettingConnection *s_con;
guint i;
@@ -178,7 +200,7 @@ reader_get_connection (Reader *reader,
}
}
} else
- connection = g_hash_table_lookup (reader->hash, (gpointer) ifname);
+ connection = g_hash_table_lookup (reader->hash, (gpointer) ifname ?: mac);
if (!connection) {
if (!create_if_missing)
@@ -187,9 +209,9 @@ reader_get_connection (Reader *reader,
if (!type_name)
type_name = NM_SETTING_WIRED_SETTING_NAME;
- connection = reader_create_connection (reader, ifname,
- ifname ?: "Wired Connection",
- ifname, type_name,
+ connection = reader_create_connection (reader, ifname ?: mac,
+ ifname ?: (mac ?: "Wired Connection"),
+ ifname, mac, type_name,
NM_CONNECTION_MULTI_CONNECT_SINGLE);
}
setting = (NMSetting *) nm_connection_get_setting_connection (connection);
@@ -331,7 +353,7 @@ reader_parse_ip (Reader *reader, const char *sysfs_dir, char *argument)
const char *gateway_ip = NULL;
const char *netmask = NULL;
const char *client_hostname = NULL;
- const char *ifname = NULL;
+ const char *iface_spec = NULL;
const char *mtu = NULL;
const char *macaddr = NULL;
int client_ip_family = AF_UNSPEC;
@@ -357,9 +379,9 @@ reader_parse_ip (Reader *reader, const char *sysfs_dir, char *argument)
gateway_ip = get_word (&argument, ':');
netmask = get_word (&argument, ':');
client_hostname = get_word (&argument, ':');
- ifname = get_word (&argument, ':');
+ iface_spec = get_word (&argument, ':');
} else {
- ifname = tmp;
+ iface_spec = tmp;
}
if (client_hostname && !nm_sd_hostname_is_valid (client_hostname, FALSE))
@@ -388,15 +410,15 @@ reader_parse_ip (Reader *reader, const char *sysfs_dir, char *argument)
}
}
- if ( ifname == NULL
+ if ( iface_spec == NULL
&& NM_IN_STRSET (kind, "fw", "ibft")) {
reader_read_all_connections_from_fw (reader, sysfs_dir);
return;
}
/* Parsing done, construct the NMConnection. */
- if (ifname)
- connection = reader_get_connection (reader, ifname, NULL, TRUE);
+ if (iface_spec)
+ connection = reader_get_connection (reader, iface_spec, NULL, TRUE);
else
connection = reader_get_default_connection (reader);
@@ -498,22 +520,36 @@ reader_parse_ip (Reader *reader, const char *sysfs_dir, char *argument)
NULL);
}
} else if (nm_streq0 (kind, "ibft")) {
- gs_free char *address_path = g_build_filename (sysfs_dir, "class", "net", ifname, "address", NULL);
- gs_free char *mac, *mac_up = NULL;
+ NMSettingWired *s_wired;
+ const char *mac = NULL;
+ const char *ifname;
+ gs_free char *mac_free = NULL;
+ gs_free char *address_path = NULL;
GHashTable *nic = NULL;
- if (!g_file_get_contents (address_path, &mac, NULL, &error)) {
- _LOGW (LOGD_CORE, "Can't get a MAC address for %s: %s", ifname, error->message);
- g_clear_error (&error);
+ if ( (s_wired = nm_connection_get_setting_wired (connection))
+ && (mac = nm_setting_wired_get_mac_address (s_wired))) {
+ /* got mac from the connection */
+ } else if ((ifname = nm_connection_get_interface_name (connection))) {
+ /* read it from sysfs */
+ address_path = g_build_filename (sysfs_dir, "class", "net", ifname, "address", NULL);
+ if (g_file_get_contents (address_path, &mac_free, NULL, &error)) {
+ g_strchomp (mac_free);
+ mac = mac_free;
+ } else {
+ _LOGW (LOGD_CORE, "Can't get a MAC address for %s: %s", ifname, error->message);
+ g_clear_error (&error);
+ }
}
if (mac) {
- g_strchomp (mac);
+ gs_free char *mac_up = NULL;
+
mac_up = g_ascii_strup (mac, -1);
ibft = nmi_ibft_read (sysfs_dir);
nic = g_hash_table_lookup (ibft, mac_up);
if (!nic)
- _LOGW (LOGD_CORE, "No iBFT NIC for %s (%s)", ifname, mac_up);
+ _LOGW (LOGD_CORE, "No iBFT NIC for %s (%s)", iface_spec, mac_up);
}
if (nic) {
@@ -1018,15 +1054,14 @@ nmi_cmdline_reader_parse (const char *sysfs_dir, const char *const*argv, char **
"bootif_connection",
"BOOTIF Connection",
NULL,
+ bootif,
NM_SETTING_WIRED_SETTING_NAME,
NM_CONNECTION_MULTI_CONNECT_SINGLE);
- s_wired = (NMSettingWired *) nm_setting_wired_new ();
- nm_connection_add_setting (connection, (NMSetting *) s_wired);
+ } else {
+ g_object_set (s_wired,
+ NM_SETTING_WIRED_MAC_ADDRESS, bootif,
+ NULL);
}
-
- g_object_set (s_wired,
- NM_SETTING_WIRED_MAC_ADDRESS, bootif,
- NULL);
}
if (bootdev) {
diff --git a/src/initrd/tests/test-cmdline-reader.c b/src/initrd/tests/test-cmdline-reader.c
index a11b76e015..4a2f33fc02 100644
--- a/src/initrd/tests/test-cmdline-reader.c
+++ b/src/initrd/tests/test-cmdline-reader.c
@@ -293,6 +293,49 @@ test_if_ip6_manual (void)
g_assert_cmpstr (nm_setting_ip_config_get_dhcp_hostname (s_ip6), ==, "hostname0.example.com");
}
+static void
+test_if_mac_ifname (void)
+{
+ gs_unref_hashtable GHashTable *connections = NULL;
+ const char *const*ARGV = NM_MAKE_STRV ("ip=[2001:0db8::42]/64::[2001:0db8::01]::"
+ "hostname0:00-11-22-33-44-55::[2001:0db8::53]");
+ NMConnection *connection;
+ NMSettingIPConfig *s_ip6;
+ NMSettingWired *s_wired;
+ NMIPAddress *ip_addr;
+ gs_free char *hostname = NULL;
+
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ g_assert (connections);
+ g_assert_cmpint (g_hash_table_size (connections), ==, 1);
+ g_assert_cmpstr (hostname, ==, "hostname0");
+
+ connection = g_hash_table_lookup (connections, "00:11:22:33:44:55");
+ g_assert (connection);
+ nmtst_assert_connection_verifies_without_normalization (connection);
+ g_assert_cmpstr (nm_connection_get_id (connection), ==, "00:11:22:33:44:55");
+ g_assert_cmpstr (nm_connection_get_interface_name (connection), ==, NULL);
+
+ s_wired = nm_connection_get_setting_wired (connection);
+ g_assert (s_wired);
+ g_assert_cmpstr (nm_setting_wired_get_mac_address(s_wired), ==, "00:11:22:33:44:55");
+
+ s_ip6 = nm_connection_get_setting_ip6_config (connection);
+ g_assert (s_ip6);
+ g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip6), ==, NM_SETTING_IP6_CONFIG_METHOD_MANUAL);
+ g_assert (!nm_setting_ip_config_get_ignore_auto_dns (s_ip6));
+ g_assert_cmpint (nm_setting_ip_config_get_num_dns (s_ip6), ==, 1);
+ g_assert_cmpstr (nm_setting_ip_config_get_dns (s_ip6, 0), ==, "2001:db8::53");
+ g_assert_cmpint (nm_setting_ip_config_get_num_routes (s_ip6), ==, 0);
+ g_assert_cmpint (nm_setting_ip_config_get_num_addresses (s_ip6), ==, 1);
+ ip_addr = nm_setting_ip_config_get_address (s_ip6, 0);
+ g_assert (ip_addr);
+ g_assert_cmpstr (nm_ip_address_get_address (ip_addr), ==, "2001:db8::42");
+ g_assert_cmpint (nm_ip_address_get_prefix (ip_addr), ==, 64);
+ g_assert_cmpstr (nm_setting_ip_config_get_gateway (s_ip6), ==, "2001:db8::1");
+ g_assert_cmpstr (nm_setting_ip_config_get_dhcp_hostname (s_ip6), ==, "hostname0");
+}
+
static void
test_multiple_merge (void)
{
@@ -1042,6 +1085,29 @@ test_ibft_ip_dev (void)
g_assert_cmpstr (nm_setting_connection_get_interface_name (s_con), ==, NULL);
}
+static void
+test_ibft_ip_dev_mac (void)
+{
+ const char *const*ARGV = NM_MAKE_STRV ("ip=00-53-06-66-ab-01:ibft");
+ gs_unref_hashtable GHashTable *connections = NULL;
+ NMSettingConnection *s_con;
+ NMConnection *connection;
+ gs_free char *hostname = NULL;
+
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ g_assert (connections);
+ g_assert_cmpint (g_hash_table_size (connections), ==, 1);
+ g_assert_cmpstr (hostname, ==, NULL);
+
+ connection = g_hash_table_lookup (connections, "00:53:06:66:AB:01");
+ g_assert (connection);
+
+ s_con = nm_connection_get_setting_connection (connection);
+ g_assert (s_con);
+ g_assert_cmpstr (nm_setting_connection_get_connection_type (s_con), ==, NM_SETTING_WIRED_SETTING_NAME);
+ g_assert_cmpstr (nm_setting_connection_get_interface_name (s_con), ==, NULL);
+}
+
static void
_test_ibft_ip (const char *const*ARGV)
{
@@ -1545,6 +1611,7 @@ int main (int argc, char **argv)
g_test_add_func ("/initrd/cmdline/if_auto_with_mtu_and_mac", test_if_auto_with_mtu_and_mac);
g_test_add_func ("/initrd/cmdline/if_ip4_manual", test_if_ip4_manual);
g_test_add_func ("/initrd/cmdline/if_ip6_manual", test_if_ip6_manual);
+ g_test_add_func ("/initrd/cmdline/if_mac_ifname", test_if_mac_ifname);
g_test_add_func ("/initrd/cmdline/multiple/merge", test_multiple_merge);
g_test_add_func ("/initrd/cmdline/multiple/bootdev", test_multiple_bootdev);
g_test_add_func ("/initrd/cmdline/nameserver", test_nameserver);
@@ -1558,6 +1625,7 @@ int main (int argc, char **argv)
g_test_add_func ("/initrd/cmdline/bridge/default", test_bridge_default);
g_test_add_func ("/initrd/cmdline/bridge/ip", test_bridge_ip);
g_test_add_func ("/initrd/cmdline/ibft/ip_dev", test_ibft_ip_dev);
+ g_test_add_func ("/initrd/cmdline/ibft/ip_dev_mac", test_ibft_ip_dev_mac);
g_test_add_func ("/initrd/cmdline/ibft/ip", test_ibft_ip);
g_test_add_func ("/initrd/cmdline/ibft/rd_iscsi_ibft", test_ibft_rd_iscsi_ibft);
g_test_add_func ("/initrd/cmdline/ignore_extra", test_ignore_extra);
--
2.26.2
From a65c364d2cfe7a36f5207f652ec77bb42b532f88 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Wed, 23 Sep 2020 10:58:03 +0200
Subject: [PATCH 2/2] initrd: fix parsing IPv6 prefix length
The generator didn't accept prefix lengths > 32 for IPv6:
$ src/initrd/nm-initrd-generator --stdout -- ip=[fd01::1]:::40::ens0
<warn> [1600851580.7875] cmdline-reader: Invalid IP mask: 40
https://bugzilla.redhat.com/show_bug.cgi?id=1879795
(cherry picked from commit 364c7c278a19959c6e880329533937dbcf7b19a4)
(cherry picked from commit 09804cac6ef2016cfa70d3e63c7d73f2dfc3cf91)
---
src/initrd/nmi-cmdline-reader.c | 5 +++--
src/initrd/tests/test-cmdline-reader.c | 3 ++-
2 files changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/initrd/nmi-cmdline-reader.c b/src/initrd/nmi-cmdline-reader.c
index 8196e9fb78..ee3dab2574 100644
--- a/src/initrd/nmi-cmdline-reader.c
+++ b/src/initrd/nmi-cmdline-reader.c
@@ -426,12 +426,13 @@ reader_parse_ip (Reader *reader, const char *sysfs_dir, char *argument)
s_ip6 = nm_connection_get_setting_ip6_config (connection);
if (netmask && *netmask) {
+ gboolean is_ipv4 = client_ip_family == AF_INET;
NMIPAddr addr;
- if (nm_utils_parse_inaddr_bin (AF_INET, netmask, NULL, &addr))
+ if (is_ipv4 && nm_utils_parse_inaddr_bin (AF_INET, netmask, NULL, &addr))
client_ip_prefix = nm_utils_ip4_netmask_to_prefix (addr.addr4);
else
- client_ip_prefix = _nm_utils_ascii_str_to_int64 (netmask, 10, 0, 32, -1);
+ client_ip_prefix = _nm_utils_ascii_str_to_int64 (netmask, 10, 0, is_ipv4 ? 32 : 128, -1);
if (client_ip_prefix == -1)
_LOGW (LOGD_CORE, "Invalid IP mask: %s", netmask);
diff --git a/src/initrd/tests/test-cmdline-reader.c b/src/initrd/tests/test-cmdline-reader.c
index 4a2f33fc02..d67f599337 100644
--- a/src/initrd/tests/test-cmdline-reader.c
+++ b/src/initrd/tests/test-cmdline-reader.c
@@ -341,7 +341,7 @@ test_multiple_merge (void)
{
gs_unref_hashtable GHashTable *connections = NULL;
const char *const*ARGV = NM_MAKE_STRV ("ip=192.0.2.2:::::eth0",
- "ip=[2001:db8::2]:::::eth0");
+ "ip=[2001:db8::2]:::56::eth0");
NMConnection *connection;
NMSettingConnection *s_con;
NMSettingWired *s_wired;
@@ -384,6 +384,7 @@ test_multiple_merge (void)
ip_addr = nm_setting_ip_config_get_address (s_ip6, 0);
g_assert (ip_addr);
g_assert_cmpstr (nm_ip_address_get_address (ip_addr), ==, "2001:db8::2");
+ g_assert_cmpint (nm_ip_address_get_prefix (ip_addr), ==, 56);
}
static void
--
2.26.2

View File

@ -1,148 +0,0 @@
From 566ef706015f01481f9e559c74ea89fc47d9cb6e Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Thu, 15 Oct 2020 09:44:52 +0200
Subject: [PATCH] initrd: generate infiniband connections
Generate infiniband connections based on the interface name or MAC
address length.
https://bugzilla.redhat.com/show_bug.cgi?id=1883173
(cherry picked from commit 317171ed6ed4560bb54191a13f71e1daec7f1ea4)
(cherry picked from commit f091730ebc98342036615176738030cbcd4b3d73)
(cherry picked from commit 7665d9b29e1d977e23d3f9b5016cb385938592f2)
---
src/initrd/nmi-cmdline-reader.c | 30 ++++++++++----
src/initrd/tests/test-cmdline-reader.c | 54 ++++++++++++++++++++++++++
2 files changed, 76 insertions(+), 8 deletions(-)
diff --git a/src/initrd/nmi-cmdline-reader.c b/src/initrd/nmi-cmdline-reader.c
index ee3dab2574..257ba3d7ae 100644
--- a/src/initrd/nmi-cmdline-reader.c
+++ b/src/initrd/nmi-cmdline-reader.c
@@ -121,12 +121,21 @@ reader_create_connection (Reader *reader,
NM_SETTING_CONNECTION_MULTI_CONNECT, multi_connect,
NULL);
- if (mac) {
- setting = nm_setting_wired_new ();
+ if (nm_streq0 (type_name, NM_SETTING_INFINIBAND_SETTING_NAME)) {
+ setting = nm_setting_infiniband_new ();
nm_connection_add_setting (connection, setting);
- g_object_set (setting,
- NM_SETTING_WIRED_MAC_ADDRESS, mac,
- NULL);
+ g_object_set (setting, NM_SETTING_INFINIBAND_TRANSPORT_MODE, "datagram", NULL);
+ }
+
+ if (mac) {
+ if (nm_streq0 (type_name, NM_SETTING_INFINIBAND_SETTING_NAME)) {
+ setting = (NMSetting *) nm_connection_get_setting_infiniband (connection);
+ g_object_set (setting, NM_SETTING_INFINIBAND_MAC_ADDRESS, mac, NULL);
+ } else {
+ setting = nm_setting_wired_new ();
+ nm_connection_add_setting (connection, setting);
+ g_object_set (setting, NM_SETTING_WIRED_MAC_ADDRESS, mac, NULL);
+ }
}
return connection;
@@ -166,7 +175,7 @@ reader_get_connection (Reader *reader,
if (nm_utils_is_valid_iface_name (iface_spec, NULL))
ifname = iface_spec;
else {
- mac = nm_utils_hwaddr_canonical (iface_spec, ETH_ALEN);
+ mac = nm_utils_hwaddr_canonical (iface_spec, -1);
if (!mac)
_LOGW (LOGD_CORE, "invalid interface '%s'", iface_spec);
}
@@ -206,8 +215,13 @@ reader_get_connection (Reader *reader,
if (!create_if_missing)
return NULL;
- if (!type_name)
- type_name = NM_SETTING_WIRED_SETTING_NAME;
+ if (!type_name) {
+ if ( NM_STR_HAS_PREFIX (ifname, "ib")
+ || (mac && nm_utils_hwaddr_valid (mac, INFINIBAND_ALEN)))
+ type_name = NM_SETTING_INFINIBAND_SETTING_NAME;
+ else
+ type_name = NM_SETTING_WIRED_SETTING_NAME;
+ }
connection = reader_create_connection (reader, ifname ?: mac,
ifname ?: (mac ?: "Wired Connection"),
diff --git a/src/initrd/tests/test-cmdline-reader.c b/src/initrd/tests/test-cmdline-reader.c
index d67f599337..d6966023a9 100644
--- a/src/initrd/tests/test-cmdline-reader.c
+++ b/src/initrd/tests/test-cmdline-reader.c
@@ -1600,6 +1600,58 @@ test_dhcp_vendor_class_id (void)
g_assert (nm_setting_ip4_config_get_dhcp_vendor_class_identifier (s_ip4) == NULL);
}
+static void
+test_infiniband_iface (void)
+{
+ gs_unref_hashtable GHashTable *connections = NULL;
+ const char *const *ARGV = NM_MAKE_STRV ("ip=ib1:dhcp");
+ NMConnection *connection;
+ NMSettingInfiniband *s_ib;
+ gs_free char *hostname = NULL;
+
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ g_assert (connections);
+ g_assert_cmpint (g_hash_table_size (connections), ==, 1);
+ g_assert_cmpstr (hostname, ==, NULL);
+
+ connection = g_hash_table_lookup (connections, "ib1");
+ g_assert (connection);
+ nmtst_assert_connection_verifies_without_normalization (connection);
+ g_assert_cmpstr (nm_connection_get_connection_type (connection),
+ ==,
+ NM_SETTING_INFINIBAND_SETTING_NAME);
+ s_ib = nm_connection_get_setting_infiniband (connection);
+ g_assert (s_ib);
+}
+
+static void
+test_infiniband_mac (void)
+{
+ gs_unref_hashtable GHashTable *connections = NULL;
+ const char *const *ARGV = NM_MAKE_STRV("ip=00-11-22-33-44-55-66-77-88-99-aa-bb-cc-dd-ee-ff-00-11-22-33:dhcp");
+ NMConnection *connection;
+ NMSettingInfiniband *s_ib;
+ gs_free char *hostname = NULL;
+
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ g_assert (connections);
+ g_assert_cmpint (g_hash_table_size (connections), ==, 1);
+ g_assert_cmpstr (hostname, ==, NULL);
+
+ connection = g_hash_table_lookup (connections, "00:11:22:33:44:55:66:77:88:99:AA:BB:CC:DD:EE:FF:00:11:22:33");
+ g_assert (connection);
+ nmtst_assert_connection_verifies_without_normalization (connection);
+ g_assert_cmpstr (nm_connection_get_connection_type (connection),
+ ==,
+ NM_SETTING_INFINIBAND_SETTING_NAME);
+ g_assert_cmpstr (nm_connection_get_interface_name (connection), ==, NULL);
+ s_ib = nm_connection_get_setting_infiniband (connection);
+ g_assert (s_ib);
+ g_assert_cmpstr (nm_setting_infiniband_get_mac_address (s_ib),
+ ==,
+ "00:11:22:33:44:55:66:77:88:99:AA:BB:CC:DD:EE:FF:00:11:22:33");
+}
+
NMTST_DEFINE ();
int main (int argc, char **argv)
@@ -1639,6 +1691,8 @@ int main (int argc, char **argv)
g_test_add_func ("/initrd/cmdline/bootif/off", test_bootif_off);
g_test_add_func ("/initrd/cmdline/neednet", test_neednet);
g_test_add_func ("/initrd/cmdline/dhcp/vendor_class_id", test_dhcp_vendor_class_id);
+ g_test_add_func("/initrd/cmdline/infiniband/iface", test_infiniband_iface);
+ g_test_add_func("/initrd/cmdline/infiniband/mac", test_infiniband_mac);
return g_test_run ();
}
--
2.26.2

View File

@ -1,42 +0,0 @@
From 62536f5ebddfca3e57f8771c8480a52fc4d558d1 Mon Sep 17 00:00:00 2001
From: Antonio Cardace <acardace@redhat.com>
Date: Thu, 22 Oct 2020 14:40:15 +0200
Subject: [PATCH 1/1] manager: fix very bad usage of
'nm_utils_user_data_unpack'
This results in the args of 'nm_utils_user_data_unpack'
containing random data potentially also from the
previous stack-frame which is really really bad.
Signed-off-by: Antonio Cardace <acardace@redhat.com>
Fixes: b50702775f1b ('device: implement auth-request as async operation nm_manager_device_auth_request()')
(cherry picked from commit b6a18e059302117157971e7c5f551fc40d864e89)
(cherry picked from commit 50adaf7414a62f08a309f11941453eae75c9e0e9)
(cherry picked from commit 72a2e34b42e9f6e38ba2fc5b5db96015930827a2)
---
src/nm-manager.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/src/nm-manager.c b/src/nm-manager.c
index 778e3b946..57f3e8dd9 100644
--- a/src/nm-manager.c
+++ b/src/nm-manager.c
@@ -2453,7 +2453,14 @@ _device_auth_done_fail_on_idle (gpointer user_data, GCancellable *cancellable)
NMManagerDeviceAuthRequestFunc callback;
gpointer callback_user_data;
- nm_utils_user_data_unpack (&self, &device, &context, &subject, &error_original, &callback, &callback_user_data);
+ nm_utils_user_data_unpack (user_data,
+ &self,
+ &device,
+ &context,
+ &subject,
+ &error_original,
+ &callback,
+ &callback_user_data);
g_cancellable_set_error_if_cancelled (cancellable, &error_cancelled);
--
2.28.0

View File

@ -1,706 +0,0 @@
From 61636ae740e7de1ad75202cd1d2adfd506f7d5c0 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Wed, 22 Jul 2020 12:24:59 +0200
Subject: [PATCH 1/4] shared: add nm_strv_ptrarray_ensure() and
nm_strv_ptrarray_find_first() helpers
(cherry picked from commit 99296d4c6caee60065286210f1f5fb4d653861bd)
(cherry picked from commit 0ae9e9ec5eddbfd34f073a60819e02aa648e312c)
Signed-off-by: Antonio Cardace <acardace@redhat.com>
---
shared/nm-glib-aux/nm-shared-utils.h | 27 +++++++++++++++++++++++++++
1 file changed, 27 insertions(+)
diff --git a/shared/nm-glib-aux/nm-shared-utils.h b/shared/nm-glib-aux/nm-shared-utils.h
index b17c8d1a0..f33949e61 100644
--- a/shared/nm-glib-aux/nm-shared-utils.h
+++ b/shared/nm-glib-aux/nm-shared-utils.h
@@ -1771,6 +1771,17 @@ GSource *nm_utils_g_main_context_create_integrate_source (GMainContext *internal
/*****************************************************************************/
+static inline GPtrArray *
+nm_strv_ptrarray_ensure (GPtrArray **p_arr)
+{
+ nm_assert (p_arr);
+
+ if (G_UNLIKELY (!*p_arr))
+ *p_arr = g_ptr_array_new_with_free_func (g_free);
+
+ return *p_arr;
+}
+
static inline void
nm_strv_ptrarray_add_string_take (GPtrArray *cmd,
char *str)
@@ -1809,6 +1820,22 @@ nm_strv_ptrarray_take_gstring (GPtrArray *cmd,
FALSE));
}
+static inline gssize
+nm_strv_ptrarray_find_first (const GPtrArray *strv,
+ const char *str)
+{
+ if (!strv)
+ return -1;
+ return nm_utils_strv_find_first ((char **) strv->pdata, strv->len, str);
+}
+
+static inline gboolean
+nm_strv_ptrarray_contains (const GPtrArray *strv,
+ const char *str)
+{
+ return nm_strv_ptrarray_find_first (strv, str) >= 0;
+}
+
/*****************************************************************************/
int nm_utils_getpagesize (void);
--
2.28.0
From 2d5322ba201152f41010a4629a659c424520e2be Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Thu, 19 Nov 2020 11:06:04 +0100
Subject: [PATCH 2/4] initrd: add test for prefixed address in ip= argument
(cherry picked from commit 584e9048b3dd7e8c550e56d2da5398516398be0f)
(cherry picked from commit 58a6697e96b19707b0bd07e11c2c646982739e95)
(cherry picked from commit d7361496a207b3476c0da34e7dcc08394914b9a7)
Signed-off-by: Antonio Cardace <acardace@redhat.com>
---
src/initrd/tests/test-cmdline-reader.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/initrd/tests/test-cmdline-reader.c b/src/initrd/tests/test-cmdline-reader.c
index d6966023a..565bb9e8f 100644
--- a/src/initrd/tests/test-cmdline-reader.c
+++ b/src/initrd/tests/test-cmdline-reader.c
@@ -340,7 +340,7 @@ static void
test_multiple_merge (void)
{
gs_unref_hashtable GHashTable *connections = NULL;
- const char *const*ARGV = NM_MAKE_STRV ("ip=192.0.2.2:::::eth0",
+ const char *const*ARGV = NM_MAKE_STRV ("ip=192.0.2.2/16:::::eth0",
"ip=[2001:db8::2]:::56::eth0");
NMConnection *connection;
NMSettingConnection *s_con;
@@ -375,6 +375,7 @@ test_multiple_merge (void)
ip_addr = nm_setting_ip_config_get_address (s_ip4, 0);
g_assert (ip_addr);
g_assert_cmpstr (nm_ip_address_get_address (ip_addr), ==, "192.0.2.2");
+ g_assert_cmpint (nm_ip_address_get_prefix (ip_addr), ==, 16);
s_ip6 = nm_connection_get_setting_ip6_config (connection);
g_assert (s_ip6);
--
2.28.0
From c6668afd87b53521ad574a7876f25a34f6a9b3f5 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Tue, 17 Nov 2020 11:10:54 +0100
Subject: [PATCH 3/4] initrd: fix parsing of ip= argument with dotted interface
name
The command line parser looks for a dot or a colon to determine
whether the first token in a ip= argument is a IPv4 address (dot), an
IPv6 address (colon) or an interface name (none). This strategy
doesn't work for interface names containing a dot (typically VLANs).
Instead, try to parse the IPv4/IPv6 address in the token; if this
fails then consider the token as an interface name.
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/581
(cherry picked from commit 4aa902ecf537fbf14fd483a336b83b2139025681)
(cherry picked from commit f766b3cbae0db7e3b7421bfdffc1d6182717e05c)
(cherry picked from commit a2ce810b87981f586e4acb993f7658c1da06b67e)
Signed-off-by: Antonio Cardace <acardace@redhat.com>
---
src/initrd/nm-initrd-generator.h | 24 ++++++++-----
src/initrd/nmi-cmdline-reader.c | 39 +++++++++-----------
src/initrd/nmi-ibft-reader.c | 4 +--
src/initrd/tests/test-cmdline-reader.c | 49 ++++++++++++++++++++++++++
4 files changed, 82 insertions(+), 34 deletions(-)
diff --git a/src/initrd/nm-initrd-generator.h b/src/initrd/nm-initrd-generator.h
index 8e17f0455..e7647edd7 100644
--- a/src/initrd/nm-initrd-generator.h
+++ b/src/initrd/nm-initrd-generator.h
@@ -11,17 +11,23 @@
#define NMI_WAIT_DEVICE_TIMEOUT_MS 60000
-static inline gboolean
-guess_ip_address_family (const char *str)
+static inline int
+get_ip_address_family (const char *str, gboolean with_prefix)
{
- if (str == NULL)
- return AF_UNSPEC;
- else if (strchr (str, '.'))
- return AF_INET;
- else if (strchr (str, ':'))
- return AF_INET6;
- else
+ int addr_family;
+
+ if (!str)
return AF_UNSPEC;
+
+ if (with_prefix) {
+ if (nm_utils_parse_inaddr_prefix_bin (AF_UNSPEC, str, &addr_family, NULL, NULL))
+ return addr_family;
+ } else {
+ if (nm_utils_parse_inaddr_bin (AF_UNSPEC, str, &addr_family, NULL))
+ return addr_family;
+ }
+
+ return AF_UNSPEC;
}
GHashTable *nmi_ibft_read (const char *sysfs_dir);
diff --git a/src/initrd/nmi-cmdline-reader.c b/src/initrd/nmi-cmdline-reader.c
index 257ba3d7a..1b693758f 100644
--- a/src/initrd/nmi-cmdline-reader.c
+++ b/src/initrd/nmi-cmdline-reader.c
@@ -385,7 +385,7 @@ reader_parse_ip (Reader *reader, const char *sysfs_dir, char *argument)
/* ip={dhcp|on|any|dhcp6|auto6|ibft} */
kind = tmp;
} else {
- client_ip_family = guess_ip_address_family (tmp);
+ client_ip_family = get_ip_address_family (tmp, TRUE);
if (client_ip_family != AF_UNSPEC) {
/* <client-IP>:[<peer>]:<gateway-IP>:<netmask>:<client_hostname>: */
client_ip = tmp;
@@ -411,11 +411,11 @@ reader_parse_ip (Reader *reader, const char *sysfs_dir, char *argument)
kind = get_word (&argument, ':');
tmp = get_word (&argument, ':');
- dns_addr_family[0] = guess_ip_address_family (tmp);
+ dns_addr_family[0] = get_ip_address_family (tmp, FALSE);
if (dns_addr_family[0] != AF_UNSPEC) {
dns[0] = tmp;
dns[1] = get_word (&argument, ':');
- dns_addr_family[1] = guess_ip_address_family (dns[1]);
+ dns_addr_family[1] = get_ip_address_family (dns[1], FALSE);
if (*argument)
_LOGW (LOGD_CORE, "Ignoring extra: '%s'.", argument);
} else {
@@ -475,9 +475,8 @@ reader_parse_ip (Reader *reader, const char *sysfs_dir, char *argument)
_LOGW (LOGD_CORE, "Invalid address '%s': %s", client_ip, error->message);
g_clear_error (&error);
}
- } else {
- _LOGW (LOGD_CORE, "Unrecognized address: %s", client_ip);
- }
+ } else
+ nm_assert_not_reached ();
if (address) {
switch (client_ip_family) {
@@ -496,7 +495,7 @@ reader_parse_ip (Reader *reader, const char *sysfs_dir, char *argument)
nm_setting_ip_config_add_address (s_ip6, address);
break;
default:
- _LOGW (LOGD_CORE, "Unknown address family: %s", client_ip);
+ nm_assert_not_reached ();
break;
}
nm_ip_address_unref (address);
@@ -579,22 +578,16 @@ reader_parse_ip (Reader *reader, const char *sysfs_dir, char *argument)
_LOGW (LOGD_CORE, "Ignoring peer: %s (not implemented)\n", peer);
if (gateway_ip && *gateway_ip) {
- int addr_family = guess_ip_address_family (gateway_ip);
-
- if (nm_utils_ipaddr_is_valid (addr_family, gateway_ip)) {
- switch (addr_family) {
- case AF_INET:
- g_object_set (s_ip4, NM_SETTING_IP_CONFIG_GATEWAY, gateway_ip, NULL);
- break;
- case AF_INET6:
- g_object_set (s_ip6, NM_SETTING_IP_CONFIG_GATEWAY, gateway_ip, NULL);
- break;
- default:
- _LOGW (LOGD_CORE, "Unknown address family: %s", gateway_ip);
- break;
- }
- } else {
+ switch (get_ip_address_family (gateway_ip, FALSE)) {
+ case AF_INET:
+ g_object_set (s_ip4, NM_SETTING_IP_CONFIG_GATEWAY, gateway_ip, NULL);
+ break;
+ case AF_INET6:
+ g_object_set (s_ip6, NM_SETTING_IP_CONFIG_GATEWAY, gateway_ip, NULL);
+ break;
+ default:
_LOGW (LOGD_CORE, "Invalid gateway: %s", gateway_ip);
+ break;
}
}
@@ -893,7 +886,7 @@ reader_add_nameservers (Reader *reader, GPtrArray *nameservers)
for (i = 0; i < nameservers->len; i++) {
ns = nameservers->pdata[i];
- addr_family = guess_ip_address_family (ns);
+ addr_family = get_ip_address_family (ns, FALSE);
if (addr_family == AF_UNSPEC) {
_LOGW (LOGD_CORE, "Unknown address family: %s", ns);
continue;
diff --git a/src/initrd/nmi-ibft-reader.c b/src/initrd/nmi-ibft-reader.c
index fe6f6432a..bdb99e67e 100644
--- a/src/initrd/nmi-ibft-reader.c
+++ b/src/initrd/nmi-ibft-reader.c
@@ -162,9 +162,9 @@ ip_setting_add_from_block (GHashTable *nic,
NULL);
}
- family = guess_ip_address_family (s_ipaddr);
+ family = get_ip_address_family (s_ipaddr, FALSE);
if (family == AF_UNSPEC)
- family = guess_ip_address_family (s_gateway);
+ family = get_ip_address_family (s_gateway, FALSE);
switch (family) {
case AF_INET:
diff --git a/src/initrd/tests/test-cmdline-reader.c b/src/initrd/tests/test-cmdline-reader.c
index 565bb9e8f..53ddccc27 100644
--- a/src/initrd/tests/test-cmdline-reader.c
+++ b/src/initrd/tests/test-cmdline-reader.c
@@ -1064,6 +1064,54 @@ test_team (void)
g_assert_cmpint (nm_setting_connection_get_multi_connect (s_con), ==, NM_CONNECTION_MULTI_CONNECT_SINGLE);
}
+static void
+test_vlan (void)
+{
+ const char *const *ARGV0 = NM_MAKE_STRV ("ip=eth0.100:dhcp", "vlan=eth0.100:eth0");
+ const char *const *ARGV1 = NM_MAKE_STRV ("vlan=eth0.100:eth0", "ip=eth0.100:dhcp");
+ const char *const *ARGV[] = {ARGV0, ARGV1};
+ guint i;
+
+ for (i = 0; i < G_N_ELEMENTS (ARGV); i++) {
+ gs_unref_hashtable GHashTable *connections = NULL;
+ NMConnection *connection;
+ NMSettingIPConfig *s_ip4;
+ NMSettingIPConfig *s_ip6;
+ NMSettingVlan *s_vlan;
+ gs_free char *hostname = NULL;
+
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV[i], &hostname);
+ g_assert (connections);
+ g_assert_cmpint (g_hash_table_size (connections), ==, 1);
+ g_assert_cmpstr (hostname, ==, NULL);
+
+ connection = g_hash_table_lookup (connections, "eth0.100");
+ g_assert (connection);
+ nmtst_assert_connection_verifies_without_normalization (connection);
+ g_assert_cmpstr (nm_connection_get_connection_type (connection),
+ ==,
+ NM_SETTING_VLAN_SETTING_NAME);
+ g_assert_cmpstr (nm_connection_get_id (connection), ==, "eth0.100");
+
+ s_vlan = nm_connection_get_setting_vlan (connection);
+ g_assert (s_vlan);
+ g_assert_cmpstr (nm_setting_vlan_get_parent (s_vlan), ==, "eth0");
+ g_assert_cmpint (nm_setting_vlan_get_id (s_vlan), ==, 100);
+
+ s_ip4 = nm_connection_get_setting_ip4_config (connection);
+ g_assert (s_ip4);
+ g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip4),
+ ==,
+ NM_SETTING_IP4_CONFIG_METHOD_AUTO);
+
+ s_ip6 = nm_connection_get_setting_ip6_config (connection);
+ g_assert (s_ip6);
+ g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip6),
+ ==,
+ NM_SETTING_IP6_CONFIG_METHOD_AUTO);
+ }
+}
+
static void
test_ibft_ip_dev (void)
{
@@ -1675,6 +1723,7 @@ int main (int argc, char **argv)
g_test_add_func ("/initrd/cmdline/bond/ip", test_bond_ip);
g_test_add_func ("/initrd/cmdline/bond/default", test_bond_default);
g_test_add_func ("/initrd/cmdline/team", test_team);
+ g_test_add_func ("/initrd/cmdline/vlan", test_vlan);
g_test_add_func ("/initrd/cmdline/bridge", test_bridge);
g_test_add_func ("/initrd/cmdline/bridge/default", test_bridge_default);
g_test_add_func ("/initrd/cmdline/bridge/ip", test_bridge_ip);
--
2.28.0
From d7d342fb3c112513dcd5645603b524700d8e208e Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Wed, 18 Nov 2020 14:27:19 +0100
Subject: [PATCH 4/4] initrd: disable ipv4 and ipv6 by default for vlan parent
connection
Change the generator to disable by default IP configuration for the
parent connection of a VLAN, because that is what a user would expect
and what the legacy module does. Of course if the user explicitly
configures DHCP or an address for the parent interface, that overrides
the default.
Note that now the generator always creates a connection for the parent
interface. Before this commit, it did only when there was an explicit
ip= argument for the parent interface.
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/509
(cherry picked from commit f2e51ace6815bd1bd264101694b8dc65226ddd90)
(cherry picked from commit 4b0007b0370badc2fcefe529a6e680e8ffe2d9e7)
(cherry picked from commit 6e4345baac776a1b715a4173539171d4ecdd07af)
Signed-off-by: Antonio Cardace <acardace@redhat.com>
---
src/initrd/nmi-cmdline-reader.c | 40 ++++-
src/initrd/tests/test-cmdline-reader.c | 196 ++++++++++++++++++++++++-
2 files changed, 231 insertions(+), 5 deletions(-)
diff --git a/src/initrd/nmi-cmdline-reader.c b/src/initrd/nmi-cmdline-reader.c
index 1b693758f..f94cc7db8 100644
--- a/src/initrd/nmi-cmdline-reader.c
+++ b/src/initrd/nmi-cmdline-reader.c
@@ -21,6 +21,8 @@
typedef struct {
GHashTable *hash;
GPtrArray *array;
+ GPtrArray *vlan_parents;
+ GHashTable *explicit_ip_connections;
NMConnection *bootdev_connection; /* connection for bootdev=$ifname */
NMConnection *default_connection; /* connection not bound to any ifname */
char *hostname;
@@ -38,7 +40,9 @@ reader_new (void)
reader = g_slice_new (Reader);
*reader = (Reader) {
- .hash = g_hash_table_new_full (nm_str_hash, g_str_equal, g_free, g_object_unref),
+ .hash = g_hash_table_new_full (nm_str_hash, g_str_equal, g_free, g_object_unref),
+ .explicit_ip_connections = g_hash_table_new_full (nm_direct_hash, NULL, g_object_unref, NULL),
+ .vlan_parents = g_ptr_array_new_with_free_func (g_free),
.array = g_ptr_array_new (),
};
@@ -51,6 +55,8 @@ reader_destroy (Reader *reader, gboolean free_hash)
gs_unref_hashtable GHashTable *hash = NULL;
g_ptr_array_unref (reader->array);
+ g_ptr_array_unref (reader->vlan_parents);
+ g_hash_table_unref (reader->explicit_ip_connections);
hash = g_steal_pointer (&reader->hash);
nm_clear_g_free (&reader->hostname);
nm_clear_g_free (&reader->dhcp4_vci);
@@ -436,6 +442,8 @@ reader_parse_ip (Reader *reader, const char *sysfs_dir, char *argument)
else
connection = reader_get_default_connection (reader);
+ g_hash_table_add (reader->explicit_ip_connections, g_object_ref (connection));
+
s_ip4 = nm_connection_get_setting_ip4_config (connection);
s_ip6 = nm_connection_get_setting_ip6_config (connection);
@@ -789,6 +797,9 @@ reader_parse_vlan (Reader *reader, char *argument)
if (argument && *argument)
_LOGW (LOGD_CORE, "Ignoring extra: '%s'.", argument);
+
+ if (!nm_strv_ptrarray_contains (reader->vlan_parents, phy))
+ g_ptr_array_add (reader->vlan_parents, g_strdup (phy));
}
static void
@@ -1031,6 +1042,33 @@ nmi_cmdline_reader_parse (const char *sysfs_dir, const char *const*argv, char **
}
}
+ for (i = 0; i < reader->vlan_parents->len; i++) {
+ NMConnection *connection;
+ NMSettingIPConfig *s_ip;
+
+ /* Disable IP configuration for parent connections of VLANs,
+ * unless those interfaces were explicitly configured otherwise. */
+
+ connection = reader_get_connection (reader, reader->vlan_parents->pdata[i], NULL, TRUE);
+ if (!g_hash_table_contains (reader->explicit_ip_connections, connection)) {
+ s_ip = nm_connection_get_setting_ip4_config (connection);
+ if (s_ip) {
+ g_object_set (s_ip,
+ NM_SETTING_IP_CONFIG_METHOD,
+ NM_SETTING_IP4_CONFIG_METHOD_DISABLED,
+ NULL);
+ }
+
+ s_ip = nm_connection_get_setting_ip6_config (connection);
+ if (s_ip) {
+ g_object_set (s_ip,
+ NM_SETTING_IP_CONFIG_METHOD,
+ NM_SETTING_IP6_CONFIG_METHOD_DISABLED,
+ NULL);
+ }
+ }
+ }
+
if (ignore_bootif)
nm_clear_g_free (&bootif_val);
if (bootif_val) {
diff --git a/src/initrd/tests/test-cmdline-reader.c b/src/initrd/tests/test-cmdline-reader.c
index 53ddccc27..b9d2acf41 100644
--- a/src/initrd/tests/test-cmdline-reader.c
+++ b/src/initrd/tests/test-cmdline-reader.c
@@ -439,7 +439,7 @@ test_bootdev (void)
connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
g_assert (connections);
- g_assert_cmpint (g_hash_table_size (connections), ==, 2);
+ g_assert_cmpint (g_hash_table_size (connections), ==, 3);
g_assert_cmpstr (hostname, ==, NULL);
connection = g_hash_table_lookup (connections, "ens3");
@@ -462,6 +462,18 @@ test_bootdev (void)
g_assert_cmpstr (nm_setting_connection_get_connection_type (s_con), ==, NM_SETTING_VLAN_SETTING_NAME);
g_assert_cmpstr (nm_setting_connection_get_id (s_con), ==, "vlan2");
g_assert_cmpstr (nm_setting_connection_get_interface_name (s_con), ==, "vlan2");
+
+ connection = g_hash_table_lookup (connections, "ens5");
+ g_assert (connection);
+ nmtst_assert_connection_verifies_without_normalization (connection);
+
+ s_con = nm_connection_get_setting_connection (connection);
+ g_assert (s_con);
+ g_assert_cmpstr (nm_setting_connection_get_connection_type (s_con),
+ ==,
+ NM_SETTING_WIRED_SETTING_NAME);
+ g_assert_cmpstr (nm_setting_connection_get_id (s_con), ==, "ens5");
+ g_assert_cmpstr (nm_setting_connection_get_interface_name (s_con), ==, "ens5");
}
static void
@@ -1082,9 +1094,80 @@ test_vlan (void)
connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV[i], &hostname);
g_assert (connections);
- g_assert_cmpint (g_hash_table_size (connections), ==, 1);
+ g_assert_cmpint (g_hash_table_size (connections), ==, 2);
g_assert_cmpstr (hostname, ==, NULL);
+ /* VLAN eth0.100 */
+ connection = g_hash_table_lookup (connections, "eth0.100");
+ g_assert (connection);
+ nmtst_assert_connection_verifies_without_normalization (connection);
+ g_assert_cmpstr (nm_connection_get_connection_type(connection),
+ ==,
+ NM_SETTING_VLAN_SETTING_NAME);
+ g_assert_cmpstr (nm_connection_get_id (connection), ==, "eth0.100");
+
+ s_vlan = nm_connection_get_setting_vlan (connection);
+ g_assert (s_vlan);
+ g_assert_cmpstr (nm_setting_vlan_get_parent (s_vlan), ==, "eth0");
+ g_assert_cmpint (nm_setting_vlan_get_id (s_vlan), ==, 100);
+
+ s_ip4 = nm_connection_get_setting_ip4_config (connection);
+ g_assert (s_ip4);
+ g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip4),
+ ==,
+ NM_SETTING_IP4_CONFIG_METHOD_AUTO);
+
+ s_ip6 = nm_connection_get_setting_ip6_config (connection);
+ g_assert (s_ip6);
+ g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip6),
+ ==,
+ NM_SETTING_IP6_CONFIG_METHOD_AUTO);
+
+ /* Ethernet eth0 */
+ connection = g_hash_table_lookup (connections, "eth0");
+ g_assert (connection);
+ nmtst_assert_connection_verifies_without_normalization (connection);
+ g_assert_cmpstr (nm_connection_get_connection_type (connection),
+ ==,
+ NM_SETTING_WIRED_SETTING_NAME);
+ g_assert_cmpstr (nm_connection_get_id (connection), ==, "eth0");
+
+ s_ip4 = nm_connection_get_setting_ip4_config (connection);
+ g_assert (s_ip4);
+ g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip4),
+ ==,
+ NM_SETTING_IP4_CONFIG_METHOD_DISABLED);
+
+ s_ip6 = nm_connection_get_setting_ip6_config (connection);
+ g_assert (s_ip6);
+ g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip6),
+ ==,
+ NM_SETTING_IP6_CONFIG_METHOD_DISABLED);
+ }
+}
+
+static void
+test_vlan_with_dhcp_on_parent (void)
+{
+ const char *const *ARGV0 = NM_MAKE_STRV ("vlan=eth0.100:eth0", "ip=eth0:dhcp");
+ const char *const *ARGV1 = NM_MAKE_STRV ("ip=eth0:dhcp", "vlan=eth0.100:eth0");
+ const char *const *ARGV[] = {ARGV0, ARGV1};
+ guint i;
+
+ for (i = 0; i < G_N_ELEMENTS (ARGV); i++) {
+ gs_unref_hashtable GHashTable *connections = NULL;
+ NMConnection *connection;
+ NMSettingIPConfig *s_ip4;
+ NMSettingIPConfig *s_ip6;
+ NMSettingVlan *s_vlan;
+ gs_free char *hostname = NULL;
+
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV[i], &hostname);
+ g_assert (connections);
+ g_assert_cmpint (g_hash_table_size (connections), ==, 2);
+ g_assert_cmpstr (hostname, ==, NULL);
+
+ /* VLAN eth0.100 */
connection = g_hash_table_lookup (connections, "eth0.100");
g_assert (connection);
nmtst_assert_connection_verifies_without_normalization (connection);
@@ -1093,16 +1176,37 @@ test_vlan (void)
NM_SETTING_VLAN_SETTING_NAME);
g_assert_cmpstr (nm_connection_get_id (connection), ==, "eth0.100");
+ s_ip4 = nm_connection_get_setting_ip4_config (connection);
+ g_assert (s_ip4);
+ g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip4),
+ ==,
+ NM_SETTING_IP4_CONFIG_METHOD_AUTO);
+
+ s_ip6 = nm_connection_get_setting_ip6_config (connection);
+ g_assert (s_ip6);
+ g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip6),
+ ==,
+ NM_SETTING_IP6_CONFIG_METHOD_AUTO);
+
s_vlan = nm_connection_get_setting_vlan (connection);
g_assert (s_vlan);
g_assert_cmpstr (nm_setting_vlan_get_parent (s_vlan), ==, "eth0");
g_assert_cmpint (nm_setting_vlan_get_id (s_vlan), ==, 100);
+ /* Ethernet eth0 */
+ connection = g_hash_table_lookup (connections, "eth0");
+ g_assert (connection);
+ nmtst_assert_connection_verifies_without_normalization (connection);
+ g_assert_cmpstr (nm_connection_get_connection_type (connection),
+ ==,
+ NM_SETTING_WIRED_SETTING_NAME);
+ g_assert_cmpstr (nm_connection_get_id (connection), ==, "eth0");
+
s_ip4 = nm_connection_get_setting_ip4_config (connection);
g_assert (s_ip4);
g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip4),
- ==,
- NM_SETTING_IP4_CONFIG_METHOD_AUTO);
+ ==,
+ NM_SETTING_IP4_CONFIG_METHOD_AUTO);
s_ip6 = nm_connection_get_setting_ip6_config (connection);
g_assert (s_ip6);
@@ -1112,6 +1216,88 @@ test_vlan (void)
}
}
+static void
+test_vlan_over_bond (void)
+{
+ const char *const *ARGV0 = NM_MAKE_STRV ("ip=1.2.3.4:::24::vlan1:none",
+ "bond=bond2:ens3,ens4:mode=active-backup",
+ "vlan=vlan1:bond2");
+ const char *const *ARGV1 = NM_MAKE_STRV ("vlan=vlan1:bond2",
+ "ip=1.2.3.4:::24::vlan1:none",
+ "bond=bond2:ens3,ens4:mode=active-backup");
+ const char *const *ARGV2 = NM_MAKE_STRV ("bond=bond2:ens3,ens4:mode=active-backup",
+ "ip=1.2.3.4:::24::vlan1:none",
+ "vlan=vlan1:bond2");
+ const char *const *ARGV[] = {ARGV0, ARGV1, ARGV2};
+ guint i;
+
+ for (i = 0; i < G_N_ELEMENTS (ARGV); i++) {
+ gs_unref_hashtable GHashTable *connections = NULL;
+ NMConnection *connection;
+ NMSettingIPConfig *s_ip4;
+ NMSettingIPConfig *s_ip6;
+ NMSettingVlan *s_vlan;
+ gs_free char *hostname = NULL;
+
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV[i], &hostname);
+ g_assert (connections);
+ g_assert_cmpint (g_hash_table_size (connections), ==, 4);
+ g_assert_cmpstr (hostname, ==, NULL);
+
+ /* VLAN vlan1 */
+ connection = g_hash_table_lookup (connections, "vlan1");
+ g_assert (connection);
+ nmtst_assert_connection_verifies_without_normalization (connection);
+ g_assert_cmpstr (nm_connection_get_connection_type (connection),
+ ==,
+ NM_SETTING_VLAN_SETTING_NAME);
+ g_assert_cmpstr (nm_connection_get_id (connection), ==, "vlan1");
+
+ s_ip4 = nm_connection_get_setting_ip4_config(connection);
+ g_assert (s_ip4);
+ g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip4),
+ ==,
+ NM_SETTING_IP4_CONFIG_METHOD_MANUAL);
+
+ s_ip6 = nm_connection_get_setting_ip6_config (connection);
+ g_assert (s_ip6);
+ g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip6),
+ ==,
+ NM_SETTING_IP6_CONFIG_METHOD_DISABLED);
+ s_vlan = nm_connection_get_setting_vlan (connection);
+ g_assert (s_vlan);
+ g_assert_cmpstr(nm_setting_vlan_get_parent (s_vlan), ==, "bond2");
+ g_assert_cmpint(nm_setting_vlan_get_id (s_vlan), ==, 1);
+
+ /* Bond bond2 */
+ connection = g_hash_table_lookup (connections, "bond2");
+ g_assert (connection);
+ nmtst_assert_connection_verifies_without_normalization (connection);
+ g_assert_cmpstr (nm_connection_get_connection_type (connection),
+ ==,
+ NM_SETTING_BOND_SETTING_NAME);
+ g_assert_cmpstr(nm_connection_get_id (connection), ==, "bond2");
+
+ s_ip4 = nm_connection_get_setting_ip4_config (connection);
+ g_assert (s_ip4);
+ g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip4),
+ ==,
+ NM_SETTING_IP4_CONFIG_METHOD_DISABLED);
+
+ s_ip6 = nm_connection_get_setting_ip6_config (connection);
+ g_assert (s_ip6);
+ g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip6),
+ ==,
+ NM_SETTING_IP6_CONFIG_METHOD_DISABLED);
+
+ /* Ethernet ens3 and ens4 */
+ connection = g_hash_table_lookup (connections, "ens3");
+ g_assert (connection);
+ connection = g_hash_table_lookup (connections, "ens4");
+ g_assert (connection);
+ }
+}
+
static void
test_ibft_ip_dev (void)
{
@@ -1724,6 +1910,8 @@ int main (int argc, char **argv)
g_test_add_func ("/initrd/cmdline/bond/default", test_bond_default);
g_test_add_func ("/initrd/cmdline/team", test_team);
g_test_add_func ("/initrd/cmdline/vlan", test_vlan);
+ g_test_add_func ("/initrd/cmdline/vlan/dhcp-on-parent", test_vlan_with_dhcp_on_parent);
+ g_test_add_func ("/initrd/cmdline/vlan/over-bond", test_vlan_over_bond);
g_test_add_func ("/initrd/cmdline/bridge", test_bridge);
g_test_add_func ("/initrd/cmdline/bridge/default", test_bridge_default);
g_test_add_func ("/initrd/cmdline/bridge/ip", test_bridge_ip);
--
2.28.0

View File

@ -1,232 +0,0 @@
From aaf22cfa2ac38f786faab16d027c29616c9f9385 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Wed, 25 Nov 2020 17:39:48 +0100
Subject: [PATCH 1/1] initrd: fix parsing of ip= arguments with empty first
token
The parser checks if the first token of an ip= argument is an IP
address to determine which of the two possible syntaxes is used:
ip=<interface>:{dhcp|on|any|dhcp6|auto6}[:[<mtu>][:<macaddr>]]
ip=<client-IP>:[<peer>]:<gateway-IP>:<netmask>:<client_hostname>:<interface>:{none|off|dhcp|on|any|dhcp6|auto6|ibft}[:[<mtu>][:<macaddr>]]
This works as long as the first token is not empty, which - according
to the dracut.cmdline man page - seems to be guaranteed.
However, the network-legacy dracut plugin accepts an empty interface
or client IP. Also, if a user needs DHCP and wants to specify a
hostname, the only possible syntax is:
ip=::::<hostname>::dhcp
Change the parser to check the second token instead, similarly to what
the network-legacy module does [1].
[1] https://github.com/dracutdevs/dracut/blob/050/modules.d/40network/net-lib.sh#L490
https://bugzilla.redhat.com/show_bug.cgi?id=1900260
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/693
(cherry picked from commit b0c018830e7884e7457b8ea44553946ff680eb89)
(cherry picked from commit 435d662669cf487abe91c31b94ac71239073ce98)
(cherry picked from commit d67d0a34950fb44d66aea9e45c1d09b82fcaa18b)
Signed-off-by: Antonio Cardace <acardace@redhat.com>
---
src/initrd/nmi-cmdline-reader.c | 37 ++++++---
src/initrd/tests/test-cmdline-reader.c | 100 ++++++++++++++++++++++++-
2 files changed, 126 insertions(+), 11 deletions(-)
diff --git a/src/initrd/nmi-cmdline-reader.c b/src/initrd/nmi-cmdline-reader.c
index f94cc7db8..17e0ce5d4 100644
--- a/src/initrd/nmi-cmdline-reader.c
+++ b/src/initrd/nmi-cmdline-reader.c
@@ -367,6 +367,7 @@ reader_parse_ip (Reader *reader, const char *sysfs_dir, char *argument)
NMSettingIPConfig *s_ip4 = NULL, *s_ip6 = NULL;
gs_unref_hashtable GHashTable *ibft = NULL;
const char *tmp;
+ const char *tmp2;
const char *kind = NULL;
const char *client_ip = NULL;
const char *peer = NULL;
@@ -391,17 +392,37 @@ reader_parse_ip (Reader *reader, const char *sysfs_dir, char *argument)
/* ip={dhcp|on|any|dhcp6|auto6|ibft} */
kind = tmp;
} else {
- client_ip_family = get_ip_address_family (tmp, TRUE);
- if (client_ip_family != AF_UNSPEC) {
- /* <client-IP>:[<peer>]:<gateway-IP>:<netmask>:<client_hostname>: */
+ tmp2 = get_word (&argument, ':');
+ if (NM_IN_STRSET (tmp2,
+ "none",
+ "off",
+ "dhcp",
+ "on"
+ "any",
+ "dhcp6",
+ "auto",
+ "auto6",
+ "ibft")) {
+ /* <ifname>:{none|off|dhcp|on|any|dhcp6|auto|auto6|ibft} */
+ iface_spec = tmp;
+ kind = tmp2;
+ } else {
+ /* <client-IP>:[<peer>]:<gateway-IP>:<netmask>:<client_hostname>:<kind> */
client_ip = tmp;
- peer = get_word (&argument, ':');
+ if (client_ip) {
+ client_ip_family = get_ip_address_family (client_ip, TRUE);
+ if (client_ip_family == AF_UNSPEC) {
+ _LOGW (LOGD_CORE, "Invalid IP address '%s'.", client_ip);
+ return;
+ }
+ }
+
+ peer = tmp2;
gateway_ip = get_word (&argument, ':');
netmask = get_word (&argument, ':');
client_hostname = get_word (&argument, ':');
iface_spec = get_word (&argument, ':');
- } else {
- iface_spec = tmp;
+ kind = get_word (&argument, ':');
}
if (client_hostname && !nm_sd_hostname_is_valid (client_hostname, FALSE))
@@ -412,10 +433,6 @@ reader_parse_ip (Reader *reader, const char *sysfs_dir, char *argument)
reader->hostname = g_strdup (client_hostname);
}
- /* <ifname>:{none|off|dhcp|on|any|dhcp6|auto6|ibft} */
-
- kind = get_word (&argument, ':');
-
tmp = get_word (&argument, ':');
dns_addr_family[0] = get_ip_address_family (tmp, FALSE);
if (dns_addr_family[0] != AF_UNSPEC) {
diff --git a/src/initrd/tests/test-cmdline-reader.c b/src/initrd/tests/test-cmdline-reader.c
index b9d2acf41..f5c1a1422 100644
--- a/src/initrd/tests/test-cmdline-reader.c
+++ b/src/initrd/tests/test-cmdline-reader.c
@@ -75,6 +75,103 @@ test_auto (void)
g_assert (!nm_setting_ip_config_get_gateway (s_ip6));
}
+static void
+test_dhcp_with_hostname (void)
+{
+ gs_unref_hashtable GHashTable *connections = NULL;
+ const char *const *ARGV = NM_MAKE_STRV ("ip=::::host1::dhcp");
+ NMConnection *connection;
+ NMSettingConnection *s_con;
+ NMSettingWired *s_wired;
+ NMSettingIPConfig *s_ip4;
+ NMSettingIPConfig *s_ip6;
+ gs_free char *hostname = NULL;
+
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ g_assert (connections);
+ g_assert_cmpint (g_hash_table_size (connections), ==, 1);
+ g_assert_cmpstr (hostname, ==, "host1");
+
+ connection = g_hash_table_lookup (connections, "default_connection");
+ g_assert (connection);
+ nmtst_assert_connection_verifies_without_normalization (connection);
+
+ g_assert (!nm_connection_get_setting_vlan (connection));
+
+ s_con = nm_connection_get_setting_connection (connection);
+ g_assert (s_con);
+ g_assert_cmpstr (nm_setting_connection_get_connection_type (s_con), ==, NM_SETTING_WIRED_SETTING_NAME);
+ g_assert_cmpstr (nm_setting_connection_get_id (s_con), ==, "Wired Connection");
+ g_assert_cmpint (nm_setting_connection_get_timestamp (s_con), ==, 0);
+ g_assert_cmpint (nm_setting_connection_get_multi_connect (s_con), ==, NM_CONNECTION_MULTI_CONNECT_MULTIPLE);
+ g_assert_cmpint (nm_setting_connection_get_wait_device_timeout (s_con), ==, -1);
+
+ g_assert (nm_setting_connection_get_autoconnect (s_con));
+
+ s_wired = nm_connection_get_setting_wired (connection);
+ g_assert (s_wired);
+ g_assert (!nm_setting_wired_get_mac_address (s_wired));
+ g_assert_cmpint (nm_setting_wired_get_mtu (s_wired), ==, 0);
+
+ s_ip4 = nm_connection_get_setting_ip4_config (connection);
+ g_assert (s_ip4);
+ g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip4), ==, NM_SETTING_IP4_CONFIG_METHOD_AUTO);
+
+ s_ip6 = nm_connection_get_setting_ip6_config (connection);
+ g_assert (s_ip6);
+ g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip6), ==, NM_SETTING_IP6_CONFIG_METHOD_AUTO);
+}
+
+static void
+test_dhcp_with_mtu (void)
+{
+ const char *const *ARGV0 = NM_MAKE_STRV ("ip=:dhcp:1499");
+ const char *const *ARGV1 = NM_MAKE_STRV ("ip=::::::dhcp:1499");
+ const char *const *ARGV[] = {ARGV0, ARGV1};
+ guint i;
+
+ for (i = 0; i < G_N_ELEMENTS (ARGV); i++) {
+ gs_unref_hashtable GHashTable *connections = NULL;
+ NMConnection *connection;
+ NMSettingConnection *s_con;
+ NMSettingWired *s_wired;
+ NMSettingIPConfig *s_ip4;
+ NMSettingIPConfig *s_ip6;
+ gs_free char *hostname = NULL;
+
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV[i], &hostname);
+ g_assert (connections);
+ g_assert_cmpint (g_hash_table_size (connections), ==, 1);
+ g_assert_cmpstr (hostname, ==, NULL);
+
+ connection = g_hash_table_lookup (connections, "default_connection");
+ g_assert (connection);
+ nmtst_assert_connection_verifies_without_normalization (connection);
+
+ s_con = nm_connection_get_setting_connection (connection);
+ g_assert (s_con);
+ g_assert_cmpstr (nm_setting_connection_get_connection_type (s_con), ==, NM_SETTING_WIRED_SETTING_NAME);
+ g_assert_cmpstr (nm_setting_connection_get_id (s_con), ==, "Wired Connection");
+ g_assert_cmpint (nm_setting_connection_get_timestamp (s_con), ==, 0);
+ g_assert_cmpint (nm_setting_connection_get_multi_connect (s_con), ==, NM_CONNECTION_MULTI_CONNECT_MULTIPLE);
+ g_assert_cmpint (nm_setting_connection_get_wait_device_timeout (s_con), ==, -1);
+
+ g_assert (nm_setting_connection_get_autoconnect (s_con));
+
+ s_wired = nm_connection_get_setting_wired (connection);
+ g_assert (s_wired);
+ g_assert (!nm_setting_wired_get_mac_address (s_wired));
+ g_assert_cmpint (nm_setting_wired_get_mtu (s_wired), ==, 1499);
+
+ s_ip4 = nm_connection_get_setting_ip4_config (connection);
+ g_assert (s_ip4);
+ g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip4), ==, NM_SETTING_IP4_CONFIG_METHOD_AUTO);
+ s_ip6 = nm_connection_get_setting_ip6_config (connection);
+ g_assert (s_ip6);
+ g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip6), ==, NM_SETTING_IP6_CONFIG_METHOD_AUTO);
+ }
+}
+
static void
test_if_auto_with_mtu (void)
{
@@ -111,7 +208,6 @@ test_if_auto_with_mtu (void)
g_assert (!nm_setting_ip_config_get_ignore_auto_dns (s_ip6));
}
-
static void
test_if_dhcp6 (void)
{
@@ -1894,6 +1990,8 @@ int main (int argc, char **argv)
nmtst_init_assert_logging (&argc, &argv, "INFO", "DEFAULT");
g_test_add_func ("/initrd/cmdline/auto", test_auto);
+ g_test_add_func ("/initrd/cmdline/dhcp_with_hostname", test_dhcp_with_hostname);
+ g_test_add_func ("/initrd/cmdline/dhcp_with_mtu", test_dhcp_with_mtu);
g_test_add_func ("/initrd/cmdline/if_auto_with_mtu", test_if_auto_with_mtu);
g_test_add_func ("/initrd/cmdline/if_dhcp6", test_if_dhcp6);
g_test_add_func ("/initrd/cmdline/if_auto_with_mtu_and_mac", test_if_auto_with_mtu_and_mac);
--
2.28.0

View File

@ -1,30 +0,0 @@
From a3564a34043550b1cd176b87cdaa47c739f38341 Mon Sep 17 00:00:00 2001
From: Antonio Cardace <acardace@redhat.com>
Date: Fri, 4 Dec 2020 12:55:32 +0100
Subject: [PATCH] initrd: fix failing unit test
In RHEL 8.3 commit fc7c83cbdd has not been backported as it's a
breaking change thus this test needs adjusting as it assumed the new
behaviour.
Signed-off-by: Antonio Cardace <acardace@redhat.com>
---
src/initrd/tests/test-cmdline-reader.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/initrd/tests/test-cmdline-reader.c b/src/initrd/tests/test-cmdline-reader.c
index f5c1a1422..c4c5c7483 100644
--- a/src/initrd/tests/test-cmdline-reader.c
+++ b/src/initrd/tests/test-cmdline-reader.c
@@ -1359,7 +1359,7 @@ test_vlan_over_bond (void)
g_assert (s_ip6);
g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip6),
==,
- NM_SETTING_IP6_CONFIG_METHOD_DISABLED);
+ NM_SETTING_IP6_CONFIG_METHOD_AUTO);
s_vlan = nm_connection_get_setting_vlan (connection);
g_assert (s_vlan);
g_assert_cmpstr(nm_setting_vlan_get_parent (s_vlan), ==, "bond2");
--
2.28.0

View File

@ -1,33 +0,0 @@
From bb35124e97fbe524b65bcaac2af649d9d37f3a2a Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Mon, 11 Jan 2021 16:40:21 +0100
Subject: [PATCH] device: clean up dispatcher calls when canceling an
activation
Ensure the callback for dispatcher calls is not executed, or it will
resume the activation chain we want to interrupt.
https://bugzilla.redhat.com/show_bug.cgi?id=1888348
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/723
(cherry picked from commit 8180b0180beba0c492bf172a32069c77e501f884)
(cherry picked from commit 88eb0beb5277da7973bf0f22bfd547abb4396988)
(cherry picked from commit cdbd6bd9e139d11aacd2447994599763ab3624cd)
---
src/devices/nm-device.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/devices/nm-device.c b/src/devices/nm-device.c
index 012af4d9a5..0fd3fe2adb 100644
--- a/src/devices/nm-device.c
+++ b/src/devices/nm-device.c
@@ -15527,6 +15527,7 @@ _cancel_activation (NMDevice *self)
priv->fw_state = FIREWALL_STATE_INITIALIZED;
}
+ dispatcher_cleanup (self);
ip_check_gw_ping_cleanup (self);
/* Break the activation chain */
--
2.26.2

View File

@ -1,941 +0,0 @@
From b55e04fe76fac7e17c7f5cbc8f60435892f4c0c7 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Fri, 12 Mar 2021 17:05:42 +0100
Subject: [PATCH 1/2] shared: add nm_auto_unref_keyfile macro
(cherry picked from commit 4b58ecb592d5394fd426462eaa48a3e2ac26c774)
---
shared/nm-glib-aux/nm-macros-internal.h | 3 +++
1 file changed, 3 insertions(+)
diff --git a/shared/nm-glib-aux/nm-macros-internal.h b/shared/nm-glib-aux/nm-macros-internal.h
index 57ddee0501e8..63ae67be1e48 100644
--- a/shared/nm-glib-aux/nm-macros-internal.h
+++ b/shared/nm-glib-aux/nm-macros-internal.h
@@ -253,6 +253,9 @@ static inline int nm_close (int fd);
NM_AUTO_DEFINE_FCN_VOID0 (void *, _nm_auto_free_impl, free)
#define nm_auto_free nm_auto(_nm_auto_free_impl)
+NM_AUTO_DEFINE_FCN0 (GKeyFile *, _nm_auto_unref_keyfile, g_key_file_unref);
+#define nm_auto_unref_keyfile nm_auto(_nm_auto_unref_keyfile)
+
NM_AUTO_DEFINE_FCN0 (GVariantIter *, _nm_auto_free_variant_iter, g_variant_iter_free)
#define nm_auto_free_variant_iter nm_auto(_nm_auto_free_variant_iter)
--
2.29.2
From c970c5c4809517334fcce99d567fcc71f5ba441a Mon Sep 17 00:00:00 2001
From: Adarsh J <adarshaj@gmail.com>
Date: Mon, 18 Jan 2021 03:15:14 +0900
Subject: [PATCH 2/2] initrd: add support for rd.net.timeout.carrier
Add support for `carrier-wait-timeout` setting from kernel cmdline.
This will create a new `15-carrier-timeout.conf` file in
/run/NetworkManager/conf.d with the parameter value as specified.
The setting also inserts `match-device` to `*`, matching all devices.
NB: The parameter on kernel cmdline is specified in seconds. This is
done to be backwards compatible with with network-legacy module. However
the generated setting will automatically multiply specified value by
1000 and store timeout value in ms.
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/626
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/730
(cherry picked from commit e300138892ee0fc3824d38b527b60103a01758ab)
(cherry picked from commit f55eeff70a6639e5ec8abbde9b574d46e8f0b6f7)
(cherry picked from commit 7a91960989fc564e25e1a9be0fd5f7c4886b2c33)
---
man/nm-initrd-generator.xml | 15 ++
src/initrd/nm-initrd-generator.c | 68 +++++++--
src/initrd/nm-initrd-generator.h | 5 +-
src/initrd/nmi-cmdline-reader.c | 12 +-
src/initrd/tests/test-cmdline-reader.c | 182 +++++++++++++++++++------
5 files changed, 223 insertions(+), 59 deletions(-)
diff --git a/man/nm-initrd-generator.xml b/man/nm-initrd-generator.xml
index 37f5ffdf4b17..fcfb54fe50d9 100644
--- a/man/nm-initrd-generator.xml
+++ b/man/nm-initrd-generator.xml
@@ -102,6 +102,20 @@
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>
+ <group choice='plain'>
+ <arg choice='plain'><option>-r</option></arg>
+ <arg choice='plain'><option>--run-config-dir</option></arg>
+ </group>
+ <arg choice='plain'><replaceable>path</replaceable></arg>
+ </term>
+
+ <listitem>
+ <para>Output directory for config files.</para>
+ </listitem>
+ </varlistentry>
+
<varlistentry>
<term>
<group choice='plain'>
@@ -133,6 +147,7 @@
<member><option>rd.peerdns</option></member>
<member><option>rd.bootif</option></member>
<member><option>rd.net.timeout.dhcp</option></member>
+ <member><option>rd.net.timeout.carrier</option></member>
<member><option>BOOTIF</option></member>
</simplelist>
diff --git a/src/initrd/nm-initrd-generator.c b/src/initrd/nm-initrd-generator.c
index 5a93480bf2bc..5b92763cb320 100644
--- a/src/initrd/nm-initrd-generator.c
+++ b/src/initrd/nm-initrd-generator.c
@@ -9,6 +9,7 @@
#include "nm-keyfile/nm-keyfile-internal.h"
#include "nm-initrd-generator.h"
#include "nm-glib-aux/nm-io-utils.h"
+#include "nm-config.h"
/*****************************************************************************/
@@ -65,6 +66,7 @@ err_out:
#define DEFAULT_SYSFS_DIR "/sys"
#define DEFAULT_INITRD_DATA_DIR NMRUNDIR "/initrd"
+#define DEFAULT_RUN_CONFIG_DIR NMRUNDIR "/conf.d"
int
main (int argc, char *argv[])
@@ -73,12 +75,14 @@ main (int argc, char *argv[])
gs_free char *connections_dir = NULL;
gs_free char *initrd_dir = NULL;
gs_free char *sysfs_dir = NULL;
+ gs_free char *run_config_dir = NULL;
gboolean dump_to_stdout = FALSE;
gs_strfreev char **remaining = NULL;
GOptionEntry option_entries[] = {
{ "connections-dir", 'c', 0, G_OPTION_ARG_FILENAME, &connections_dir, "Output connection directory", NM_KEYFILE_PATH_NAME_RUN },
{ "initrd-data-dir", 'i', 0, G_OPTION_ARG_FILENAME, &initrd_dir, "Output initrd data directory", DEFAULT_INITRD_DATA_DIR },
{ "sysfs-dir", 'd', 0, G_OPTION_ARG_FILENAME, &sysfs_dir, "The sysfs mount point", DEFAULT_SYSFS_DIR },
+ { "run-config-dir", 'r', 0, G_OPTION_ARG_FILENAME, &run_config_dir, "Output config directory", DEFAULT_RUN_CONFIG_DIR },
{ "stdout", 's', 0, G_OPTION_ARG_NONE, &dump_to_stdout, "Dump connections to standard output", NULL },
{ G_OPTION_REMAINING, '\0', 0, G_OPTION_ARG_STRING_ARRAY, &remaining, NULL, NULL },
{ NULL }
@@ -87,9 +91,11 @@ main (int argc, char *argv[])
gs_free_error GError *error = NULL;
gs_free char *hostname = NULL;
int errsv;
+ gint64 carrier_timeout_sec = 0;
option_context = g_option_context_new ("-- [ip=...] [rd.route=...] [bridge=...] [bond=...] [team=...] [vlan=...] "
- "[bootdev=...] [nameserver=...] [rd.peerdns=...] [rd.bootif=...] [BOOTIF=...] [rd.znet=...] ... ");
+ "[bootdev=...] [nameserver=...] [rd.peerdns=...] [rd.bootif=...] [BOOTIF=...] "
+ "[rd.znet=...] [rd.net.timeout.carrier=...] ... ");
g_option_context_set_summary (option_context, "Generate early NetworkManager configuration.");
g_option_context_set_description (option_context,
@@ -114,31 +120,40 @@ main (int argc, char *argv[])
sysfs_dir = g_strdup (DEFAULT_SYSFS_DIR);
if (!initrd_dir)
initrd_dir = g_strdup (DEFAULT_INITRD_DATA_DIR);
- if (dump_to_stdout)
- nm_clear_g_free (&connections_dir);
-
- if (connections_dir && g_mkdir_with_parents (connections_dir, 0755) != 0) {
- errsv = errno;
- _LOGW (LOGD_CORE, "%s: %s", connections_dir, nm_strerror_native (errsv));
- return 1;
- }
+ if (!run_config_dir)
+ run_config_dir = g_strdup (DEFAULT_RUN_CONFIG_DIR);
connections = nmi_cmdline_reader_parse (sysfs_dir,
- (const char *const*) remaining,
- &hostname);
-
- g_hash_table_foreach (connections, output_conn, connections_dir);
- g_hash_table_destroy (connections);
+ (const char *const *) remaining,
+ &hostname,
+ &carrier_timeout_sec);
if (dump_to_stdout) {
+ nm_clear_g_free (&connections_dir);
+ nm_clear_g_free (&initrd_dir);
+ nm_clear_g_free (&run_config_dir);
if (hostname)
g_print ("\n*** Hostname '%s' ***\n", hostname);
+ if (carrier_timeout_sec != 0) {
+ g_print ("\n*** Carrier Wait Timeout %" G_GINT64_FORMAT " sec ***\n",
+ carrier_timeout_sec);
+ }
} else {
+ if (g_mkdir_with_parents (connections_dir, 0755) != 0) {
+ errsv = errno;
+ _LOGW (LOGD_CORE, "%s: %s", connections_dir, nm_strerror_native (errsv));
+ return 1;
+ }
if (g_mkdir_with_parents (initrd_dir, 0755) != 0) {
errsv = errno;
_LOGW (LOGD_CORE, "%s: %s", initrd_dir, nm_strerror_native (errsv));
return 1;
}
+ if (g_mkdir_with_parents (run_config_dir, 0755) != 0) {
+ errsv = errno;
+ _LOGW (LOGD_CORE, "%s: %s", run_config_dir, nm_strerror_native (errsv));
+ return 1;
+ }
if (hostname) {
gs_free char *hostname_file = NULL;
@@ -152,7 +167,32 @@ main (int argc, char *argv[])
return 1;
}
}
+ if (carrier_timeout_sec != 0) {
+ nm_auto_unref_keyfile GKeyFile *keyfile = NULL;
+ gs_free char *filename = NULL;
+
+ keyfile = g_key_file_new ();
+ g_key_file_set_list_separator (keyfile, NM_CONFIG_KEYFILE_LIST_SEPARATOR);
+ filename = g_strdup_printf ("%s/15-carrier-timeout.conf", run_config_dir);
+
+ g_key_file_set_value (keyfile,
+ NM_CONFIG_KEYFILE_GROUPPREFIX_DEVICE "-15-carrier-timeout",
+ NM_CONFIG_KEYFILE_KEY_MATCH_DEVICE,
+ "*");
+ g_key_file_set_int64 (keyfile,
+ NM_CONFIG_KEYFILE_GROUPPREFIX_DEVICE "-15-carrier-timeout",
+ NM_CONFIG_KEYFILE_KEY_DEVICE_CARRIER_WAIT_TIMEOUT,
+ carrier_timeout_sec * 1000);
+
+ if (!g_key_file_save_to_file (keyfile, filename, &error)) {
+ _LOGW (LOGD_CORE, "%s: %s", filename, error->message);
+ return 1;
+ }
+ }
}
+ g_hash_table_foreach (connections, output_conn, connections_dir);
+ g_hash_table_destroy (connections);
+
return 0;
}
diff --git a/src/initrd/nm-initrd-generator.h b/src/initrd/nm-initrd-generator.h
index e7647edd7fab..9a2068b16228 100644
--- a/src/initrd/nm-initrd-generator.h
+++ b/src/initrd/nm-initrd-generator.h
@@ -36,6 +36,9 @@ gboolean nmi_ibft_update_connection_from_nic (NMConnection *connection, GHashTab
NMConnection *nmi_dt_reader_parse (const char *sysfs_dir);
-GHashTable *nmi_cmdline_reader_parse (const char *sysfs_dir, const char *const*argv, char **hostname);
+GHashTable *nmi_cmdline_reader_parse (const char *sysfs_dir,
+ const char *const *argv,
+ char **hostname,
+ gint64 *carrier_timeout_sec);
#endif /* __NM_INITRD_GENERATOR_H__ */
diff --git a/src/initrd/nmi-cmdline-reader.c b/src/initrd/nmi-cmdline-reader.c
index 17e0ce5d4a05..b114079381b7 100644
--- a/src/initrd/nmi-cmdline-reader.c
+++ b/src/initrd/nmi-cmdline-reader.c
@@ -31,6 +31,8 @@ typedef struct {
gboolean ignore_auto_dns;
int dhcp_timeout;
char *dhcp4_vci;
+
+ gint64 carrier_timeout_sec;
} Reader;
static Reader *
@@ -970,7 +972,10 @@ connection_set_needed_cb (gpointer key, gpointer value, gpointer user_data)
}
GHashTable *
-nmi_cmdline_reader_parse (const char *sysfs_dir, const char *const*argv, char **hostname)
+nmi_cmdline_reader_parse (const char *sysfs_dir,
+ const char *const*argv,
+ char **hostname,
+ gint64 *carrier_timeout_sec)
{
Reader *reader;
const char *tag;
@@ -1005,6 +1010,9 @@ nmi_cmdline_reader_parse (const char *sysfs_dir, const char *const*argv, char **
} else if (nm_streq (tag, "rd.net.dhcp.vendor-class")) {
if (nm_utils_validate_dhcp4_vendor_class_id (argument, NULL))
nm_utils_strdup_reset (&reader->dhcp4_vci, argument);
+ } else if (nm_streq (tag, "rd.net.timeout.carrier")) {
+ reader->carrier_timeout_sec = _nm_utils_ascii_str_to_int64 (argument,
+ 10, 0, G_MAXINT32, 0);
}
}
@@ -1159,5 +1167,7 @@ nmi_cmdline_reader_parse (const char *sysfs_dir, const char *const*argv, char **
NM_SET_OUT (hostname, g_steal_pointer (&reader->hostname));
+ NM_SET_OUT (carrier_timeout_sec, reader->carrier_timeout_sec);
+
return reader_destroy (reader, FALSE);
}
diff --git a/src/initrd/tests/test-cmdline-reader.c b/src/initrd/tests/test-cmdline-reader.c
index c4c5c7483ab6..259b1c4476a3 100644
--- a/src/initrd/tests/test-cmdline-reader.c
+++ b/src/initrd/tests/test-cmdline-reader.c
@@ -31,11 +31,13 @@ test_auto (void)
NMSettingIPConfig *s_ip4;
NMSettingIPConfig *s_ip6;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 1);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "default_connection");
g_assert (connection);
@@ -86,11 +88,13 @@ test_dhcp_with_hostname (void)
NMSettingIPConfig *s_ip4;
NMSettingIPConfig *s_ip6;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 1);
g_assert_cmpstr (hostname, ==, "host1");
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "default_connection");
g_assert (connection);
@@ -138,11 +142,13 @@ test_dhcp_with_mtu (void)
NMSettingIPConfig *s_ip4;
NMSettingIPConfig *s_ip6;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV[i], &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV[i], &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 1);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "default_connection");
g_assert (connection);
@@ -182,11 +188,13 @@ test_if_auto_with_mtu (void)
NMSettingIPConfig *s_ip4;
NMSettingIPConfig *s_ip6;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 1);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "eth0");
g_assert (connection);
@@ -217,11 +225,13 @@ test_if_dhcp6 (void)
NMSettingIPConfig *s_ip4;
NMSettingIPConfig *s_ip6;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 1);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "eth1");
g_assert (connection);
@@ -250,11 +260,13 @@ test_if_auto_with_mtu_and_mac (void)
NMSettingIPConfig *s_ip4;
NMSettingIPConfig *s_ip6;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 1);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "eth2");
g_assert (connection);
@@ -292,11 +304,13 @@ test_if_ip4_manual (void)
NMSettingIPConfig *s_ip6;
NMIPAddress *ip_addr;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 2);
g_assert_cmpstr (hostname, ==, "hostname1.example.com");
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "eth3");
g_assert (connection);
@@ -362,11 +376,13 @@ test_if_ip6_manual (void)
NMSettingIPConfig *s_ip6;
NMIPAddress *ip_addr;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 1);
g_assert_cmpstr (hostname, ==, "hostname0.example.com");
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "eth4");
g_assert (connection);
@@ -400,11 +416,13 @@ test_if_mac_ifname (void)
NMSettingWired *s_wired;
NMIPAddress *ip_addr;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 1);
g_assert_cmpstr (hostname, ==, "hostname0");
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "00:11:22:33:44:55");
g_assert (connection);
@@ -445,11 +463,13 @@ test_multiple_merge (void)
NMSettingIPConfig *s_ip6;
NMIPAddress *ip_addr;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 1);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "eth0");
g_assert (connection);
@@ -497,11 +517,13 @@ test_multiple_bootdev (void)
NMSettingIPConfig *s_ip4;
NMSettingIPConfig *s_ip6;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 2);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "eth3");
g_assert (connection);
@@ -532,11 +554,13 @@ test_bootdev (void)
NMConnection *connection;
NMSettingConnection *s_con;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 3);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "ens3");
g_assert (connection);
@@ -587,11 +611,13 @@ test_some_more (void)
NMSettingIPConfig *s_ip6;
NMIPRoute *ip_route;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 2);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "eth1");
g_assert (connection);
@@ -671,11 +697,13 @@ test_bond (void)
NMIPRoute *ip_route;
const char *master_uuid;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 3);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "bong0");
g_assert (connection);
@@ -756,11 +784,13 @@ test_bond_ip (void)
NMIPAddress *ip_addr;
const char *master_uuid;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 3);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "bond0");
g_assert (connection);
@@ -840,11 +870,13 @@ test_bond_default (void)
NMSettingBond *s_bond;
const char *master_uuid;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 2);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "bond0");
@@ -905,11 +937,13 @@ test_bridge (void)
NMIPRoute *ip_route;
const char *master_uuid;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 3);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "bridge0");
g_assert (connection);
@@ -987,11 +1021,13 @@ test_bridge_default (void)
NMSettingBridge *s_bridge;
const char *master_uuid;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 2);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "br0");
@@ -1050,11 +1086,13 @@ test_bridge_ip (void)
const char *master_uuid;
gs_free char *hostname = NULL;
guint i;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 11);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "bridge123");
g_assert (connection);
@@ -1112,11 +1150,13 @@ test_team (void)
NMSettingTeam *s_team;
const char *master_uuid;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 3);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "team0");
g_assert (connection);
@@ -1187,11 +1227,13 @@ test_vlan (void)
NMSettingIPConfig *s_ip6;
NMSettingVlan *s_vlan;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV[i], &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV[i], &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 2);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
/* VLAN eth0.100 */
connection = g_hash_table_lookup (connections, "eth0.100");
@@ -1257,11 +1299,13 @@ test_vlan_with_dhcp_on_parent (void)
NMSettingIPConfig *s_ip6;
NMSettingVlan *s_vlan;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV[i], &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV[i], &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 2);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
/* VLAN eth0.100 */
connection = g_hash_table_lookup (connections, "eth0.100");
@@ -1334,11 +1378,13 @@ test_vlan_over_bond (void)
NMSettingIPConfig *s_ip6;
NMSettingVlan *s_vlan;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV[i], &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV[i], &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 4);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
/* VLAN vlan1 */
connection = g_hash_table_lookup (connections, "vlan1");
@@ -1402,11 +1448,13 @@ test_ibft_ip_dev (void)
NMSettingConnection *s_con;
NMConnection *connection;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 1);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "eth0");
g_assert (connection);
@@ -1425,11 +1473,13 @@ test_ibft_ip_dev_mac (void)
NMSettingConnection *s_con;
NMConnection *connection;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 1);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "00:53:06:66:AB:01");
g_assert (connection);
@@ -1446,11 +1496,13 @@ _test_ibft_ip (const char *const*ARGV)
gs_unref_hashtable GHashTable *connections = NULL;
NMConnection *connection;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 2);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "ibft0");
g_assert (connection);
@@ -1487,11 +1539,13 @@ test_ignore_extra (void)
gs_unref_hashtable GHashTable *connections = NULL;
const char *const*ARGV = NM_MAKE_STRV ("blabla", "extra", "lalala");
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 0);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
}
static void
@@ -1512,11 +1566,13 @@ test_rd_znet (void)
};
int i_s390_options_keys;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 2);
g_assert_cmpstr (hostname, ==, "foo.example.com");
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "enc800");
g_assert (NM_IS_CONNECTION (connection));
@@ -1592,11 +1648,13 @@ test_rd_znet_legacy (void)
NMConnection *connection;
NMSettingConnection *s_con;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 2);
g_assert_cmpstr (hostname, ==, "foo.example.com");
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "eth0");
g_assert (NM_IS_CONNECTION (connection));
@@ -1627,11 +1685,13 @@ test_rd_znet_no_ip (void)
gs_unref_hashtable GHashTable *connections = NULL;
const char *const*const ARGV = NM_MAKE_STRV ("rd.znet=qeth,0.0.0800,0.0.0801,0.0.0802,layer2=0,portno=1");
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 0);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
}
static void
@@ -1645,11 +1705,13 @@ test_bootif_ip (void)
NMSettingIPConfig *s_ip4;
NMSettingIPConfig *s_ip6;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 1);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "default_connection");
g_assert (connection);
@@ -1683,11 +1745,13 @@ test_neednet (void)
NMConnection *connection;
NMSettingConnection *s_con;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 4);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "eno1");
g_assert (connection);
@@ -1732,11 +1796,13 @@ test_bootif_no_ip (void)
NMSettingIPConfig *s_ip4;
NMSettingIPConfig *s_ip6;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 1);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "default_connection");
g_assert (connection);
@@ -1769,11 +1835,13 @@ test_bootif_hwtype (void)
NMSettingIPConfig *s_ip4;
NMSettingIPConfig *s_ip6;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 2);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "eth0");
g_assert (connection);
@@ -1834,11 +1902,13 @@ test_nameserver (void)
NMConnection *connection;
NMSettingIPConfig *s_ip;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 3);
g_assert_cmpstr (hostname, ==, "foo.example.com");
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "eth0");
g_assert (connection);
@@ -1876,11 +1946,13 @@ test_bootif_off (void)
gs_unref_hashtable GHashTable *connections = NULL;
const char *const*ARGV = NM_MAKE_STRV ("BOOTIF=01-00-53-AB-cd-02-03", "rd.bootif=0");
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 0);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
}
static void
@@ -1894,11 +1966,13 @@ test_dhcp_vendor_class_id (void)
gs_free char *hostname = NULL;
gs_free char *vci_long = NULL;
char vci_arg_long[512] = {0};
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 1);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "eno1");
g_assert (connection);
@@ -1910,12 +1984,13 @@ test_dhcp_vendor_class_id (void)
ARGV = NM_MAKE_STRV ("rd.net.dhcp.vendor-class",
"ip=eno1:dhcp");
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
connection = g_hash_table_lookup (connections, "eno1");
g_assert (connection);
nmtst_assert_connection_verifies_without_normalization (connection);
s_ip4 = NM_SETTING_IP4_CONFIG (nm_connection_get_setting_ip4_config (connection));
g_assert (nm_setting_ip4_config_get_dhcp_vendor_class_identifier (s_ip4) == NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
nm_clear_pointer (&connections, g_hash_table_unref);
@@ -1923,12 +1998,13 @@ test_dhcp_vendor_class_id (void)
vci_long = g_strdup_printf ("rd.net.dhcp.vendor-class=%s", vci_arg_long);
ARGV = NM_MAKE_STRV (vci_long,
"ip=eno1:dhcp");
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
connection = g_hash_table_lookup (connections, "eno1");
g_assert (connection);
nmtst_assert_connection_verifies_without_normalization (connection);
s_ip4 = NM_SETTING_IP4_CONFIG (nm_connection_get_setting_ip4_config (connection));
g_assert (nm_setting_ip4_config_get_dhcp_vendor_class_identifier (s_ip4) == NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
}
static void
@@ -1939,11 +2015,13 @@ test_infiniband_iface (void)
NMConnection *connection;
NMSettingInfiniband *s_ib;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 1);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "ib1");
g_assert (connection);
@@ -1963,11 +2041,13 @@ test_infiniband_mac (void)
NMConnection *connection;
NMSettingInfiniband *s_ib;
gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
- connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname);
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
g_assert (connections);
g_assert_cmpint (g_hash_table_size (connections), ==, 1);
g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 0);
connection = g_hash_table_lookup (connections, "00:11:22:33:44:55:66:77:88:99:AA:BB:CC:DD:EE:FF:00:11:22:33");
g_assert (connection);
@@ -1983,6 +2063,21 @@ test_infiniband_mac (void)
"00:11:22:33:44:55:66:77:88:99:AA:BB:CC:DD:EE:FF:00:11:22:33");
}
+static void
+test_carrier_timeout (void)
+{
+ gs_unref_hashtable GHashTable *connections = NULL;
+ const char *const *ARGV = NM_MAKE_STRV ("rd.net.timeout.carrier=20");
+ gs_free char *hostname = NULL;
+ gint64 carrier_timeout_sec = 0;
+
+ connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname, &carrier_timeout_sec);
+ g_assert (connections);
+ g_assert_cmpint (g_hash_table_size (connections), ==, 0);
+ g_assert_cmpstr (hostname, ==, NULL);
+ g_assert_cmpint (carrier_timeout_sec, ==, 20);
+}
+
NMTST_DEFINE ();
int main (int argc, char **argv)
@@ -2027,8 +2122,9 @@ int main (int argc, char **argv)
g_test_add_func ("/initrd/cmdline/bootif/off", test_bootif_off);
g_test_add_func ("/initrd/cmdline/neednet", test_neednet);
g_test_add_func ("/initrd/cmdline/dhcp/vendor_class_id", test_dhcp_vendor_class_id);
- g_test_add_func("/initrd/cmdline/infiniband/iface", test_infiniband_iface);
- g_test_add_func("/initrd/cmdline/infiniband/mac", test_infiniband_mac);
+ g_test_add_func ("/initrd/cmdline/infiniband/iface", test_infiniband_iface);
+ g_test_add_func ("/initrd/cmdline/infiniband/mac", test_infiniband_mac);
+ g_test_add_func ("/initrd/cmdline/carrier_timeout", test_carrier_timeout);
return g_test_run ();
}
--
2.29.2

View File

@ -4,6 +4,7 @@
# Note that connectivity checking works badly with rp_filter set to # Note that connectivity checking works badly with rp_filter set to
# strict. Check "/proc/sys/net/ipv4/conf/*/rp_filter". # strict. Check "/proc/sys/net/ipv4/conf/*/rp_filter".
[connectivity] [connectivity]
enabled=true
uri=http://fedoraproject.org/static/hotspot.txt uri=http://fedoraproject.org/static/hotspot.txt
response=OK response=OK
interval=300 interval=300

View File

@ -4,6 +4,7 @@
# Note that connectivity checking works badly with rp_filter set to # Note that connectivity checking works badly with rp_filter set to
# strict. Check "/proc/sys/net/ipv4/conf/*/rp_filter". # strict. Check "/proc/sys/net/ipv4/conf/*/rp_filter".
[connectivity] [connectivity]
enabled=true
uri=http://static.redhat.com/test/rhel-networkmanager.txt uri=http://static.redhat.com/test/rhel-networkmanager.txt
response=OK response=OK
interval=300 interval=300

View File

@ -5,9 +5,9 @@
%global glib2_version %(pkg-config --modversion glib-2.0 2>/dev/null || echo bad) %global glib2_version %(pkg-config --modversion glib-2.0 2>/dev/null || echo bad)
%global epoch_version 1 %global epoch_version 1
%global rpm_version 1.26.0 %global rpm_version 1.30.0
%global real_version 1.26.0 %global real_version 1.30.0
%global release_version 14 %global release_version 7
%global snapshot %{nil} %global snapshot %{nil}
%global git_sha %{nil} %global git_sha %{nil}
@ -38,6 +38,18 @@
############################################################################### ###############################################################################
%if "x__BCOND_DEFAULT_DEBUG__" == "x1" || "x__BCOND_DEFAULT_DEBUG__" == "x0"
%global bcond_default_debug __BCOND_DEFAULT_DEBUG__
%else
%global bcond_default_debug 0
%endif
%if "x__BCOND_DEFAULT_TEST__" == "x1" || "x__BCOND_DEFAULT_TEST__" == "x0"
%global bcond_default_test __BCOND_DEFAULT_TEST__
%else
%global bcond_default_test 0
%endif
%bcond_with meson %bcond_with meson
%bcond_without adsl %bcond_without adsl
%bcond_without bluetooth %bcond_without bluetooth
@ -52,9 +64,21 @@
# on RHEL we don't regenerate the documentation # on RHEL we don't regenerate the documentation
%bcond_with regen_docs %bcond_with regen_docs
%if %{bcond_default_debug}
%bcond_without debug
%else
%bcond_with debug %bcond_with debug
%endif
%if %{bcond_default_test}
%bcond_without test
%else
%bcond_with test %bcond_with test
%endif
%if 0%{?fedora} >= 33 || 0%{?rhel} >= 9
%bcond_without lto
%else
%bcond_with lto %bcond_with lto
%endif
%bcond_with sanitizer %bcond_with sanitizer
%if 0%{?fedora} %if 0%{?fedora}
%bcond_without connectivity_fedora %bcond_without connectivity_fedora
@ -106,13 +130,21 @@
%if 0%{?fedora} || 0%{?rhel} > 7 %if 0%{?fedora} || 0%{?rhel} > 7
%global logging_backend_default journal %global logging_backend_default journal
%if 0%{?fedora} || 0%{?rhel} > 8
%global dns_rc_manager_default auto
%else
%global dns_rc_manager_default symlink %global dns_rc_manager_default symlink
%endif
%else %else
%global logging_backend_default syslog %global logging_backend_default syslog
%global dns_rc_manager_default file %global dns_rc_manager_default file
%endif %endif
%if 0%{?rhel} > 8 || 0%{?fedora} > 32
%global config_plugins_default keyfile,ifcfg-rh
%else
%global config_plugins_default ifcfg-rh %global config_plugins_default ifcfg-rh
%endif
%if 0%{?fedora} %if 0%{?fedora}
# Although eBPF would be available on Fedora's kernel, it seems # Although eBPF would be available on Fedora's kernel, it seems
@ -125,6 +157,11 @@
%global ebpf_enabled "no" %global ebpf_enabled "no"
%endif %endif
# Fedora 33 enables LTO by default by setting CFLAGS="-flto -ffat-lto-objects".
# However, we also require "-flto -flto-partition=none", so disable Fedora's
# default and use our configure option --with-lto instead.
%define _lto_cflags %{nil}
############################################################################### ###############################################################################
Name: NetworkManager Name: NetworkManager
@ -134,7 +171,7 @@ Version: %{rpm_version}
Release: %{release_version}%{?snap}%{?dist} Release: %{release_version}%{?snap}%{?dist}
Group: System Environment/Base Group: System Environment/Base
License: GPLv2+ and LGPLv2+ License: GPLv2+ and LGPLv2+
URL: http://www.gnome.org/projects/NetworkManager/ URL: https://networkmanager.dev/
Source: https://download.gnome.org/sources/NetworkManager/%{real_version_major}/%{name}-%{real_version}.tar.xz Source: https://download.gnome.org/sources/NetworkManager/%{real_version_major}/%{name}-%{real_version}.tar.xz
Source1: NetworkManager.conf Source1: NetworkManager.conf
@ -149,32 +186,14 @@ Source6: 70-nm-connectivity.conf
Patch1: 0001-cloud-setup-systemd-unit-rh1791758.patch Patch1: 0001-cloud-setup-systemd-unit-rh1791758.patch
# Bugfixes that are only relevant until next rebase of the package. # Bugfixes that are only relevant until next rebase of the package.
Patch1000: 1000-team-fix-crash-rh1856723.patch Patch1000: 1000-bond-avoid-logging-warning-to-set-ad_actor_system-00.patch
Patch1001: 1001-core-fix-generation-of-dependent-rh1857133.patch Patch1001: 1001-core-increase-limit-of-open-file-descriptors-for-Net.patch
Patch1002: 1002-fix-check-on-master-ac-failure-rh1845018.patch Patch1002: 1002-initrd-apply-mtu-to-bond-connection.patch
Patch1003: 1003-translations-rh1820552.patch Patch1003: 1003-bond-only-restore-mac-if-cloned.patch
Patch1004: 1004-fix-warning-setting-bond-active-slave-rh1858326.patch Patch1004: 1004-fix-handling-generated-local-routes-rh1907661.patch
Patch1005: 1005-fix-managing-devices-after-sleep-rh1855563.patch Patch1005: 1005-initrd-fix-crash-parsing-empty-rd.znet-argument.patch
Patch1006: 1006-n-dhcp4-fix-bpf-for-big-endian-arch-rh1861488.patch Patch1006: 1006-core-fix-crash-in-nm_wildcard_match_check.patch
Patch1007: 1007-core-no-warn-setting-mtu-with-ipv6-disabled-rh1840989.patch Patch1007: 1007-initrd-multiconnect-single-for-manual-ip-rh1915493.patch
Patch1008: 1008-wifi-avoid-crash-due-to-incomplete-Wi-Fi-API-info-rh1866395.patch
Patch1009: 1009-cloud-setup-fix-allocating-buffer-for-GetConfigMetad-rh1866395.patch
Patch1010: 1010-shared-extend-NM_IN_STRSET-and-NM_IN_SET-rh1847814.patch
Patch1011: 1011-bond-fix-can_reapply_change-rh1847814.patch
Patch1012: 1012-bond-let-reapply-reapply-rh1847814.patch
Patch1013: 1013-dhcp6-hostname-rh1858344.patch
Patch1014: 1014-settings-fix-wait-device-timeout-rh1853348.patch
Patch1015: 1015-local-route-fixes-rh1868982.patch
Patch1016: 1016-dhcp-implement-dhcp-vendor-class-identifier-option-rh1871042.patch
Patch1017: 1017-initrd-parse-rd.net.dhcp.vendor-class-rh1870692.patch
Patch1018: 1018-initrd-accept-mac-ifaces-rh1879795.patch
Patch1019: 1019-initrd-generate-infiniband-connections-rh1883173.patch
Patch1020: 1020-fix-unauth-user-can-make-nm-crash-rh1890887.patch
Patch1021: 1021-initrd-vlan-fixes-rh1903695-rh1903698.patch
Patch1022: 1022-initrd-fix-parsing-with-empty-token-rh1902791.patch
Patch1023: 1023-initrd-fix-failing-unit-test-rh1903698.patch
Patch1024: 1024-device-clean-up-dispatcher-calls-rh1888348.patch
Patch1025: 1025-initrd-timeout-carrier-rh1917773.patch
# The pregenerated docs contain default values and paths that depend # The pregenerated docs contain default values and paths that depend
# on the configure options when creating the source tarball. # on the configure options when creating the source tarball.
@ -191,6 +210,7 @@ Requires(postun): systemd
Requires: dbus >= %{dbus_version} Requires: dbus >= %{dbus_version}
Requires: glib2 >= %{glib2_version} Requires: glib2 >= %{glib2_version}
Requires: %{name}-libnm%{?_isa} = %{epoch}:%{version}-%{release} Requires: %{name}-libnm%{?_isa} = %{epoch}:%{version}-%{release}
Requires: libndp >= 1.7-4
Obsoletes: dhcdbd Obsoletes: dhcdbd
Obsoletes: NetworkManager < %{obsoletes_device_plugins} Obsoletes: NetworkManager < %{obsoletes_device_plugins}
Obsoletes: NetworkManager < %{obsoletes_ppp_plugin} Obsoletes: NetworkManager < %{obsoletes_ppp_plugin}
@ -207,6 +227,7 @@ Conflicts: NetworkManager-pptp < 1:0.7.0.99-1
Conflicts: NetworkManager-openconnect < 0:0.7.0.99-1 Conflicts: NetworkManager-openconnect < 0:0.7.0.99-1
Conflicts: kde-plasma-networkmanagement < 1:0.9-0.49.20110527git.nm09 Conflicts: kde-plasma-networkmanagement < 1:0.9-0.49.20110527git.nm09
BuildRequires: make
BuildRequires: gcc BuildRequires: gcc
BuildRequires: libtool BuildRequires: libtool
BuildRequires: pkgconfig BuildRequires: pkgconfig
@ -367,6 +388,12 @@ Summary: Wifi plugin for NetworkManager
Group: System Environment/Base Group: System Environment/Base
Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release} Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release}
%if 0%{?fedora} >= 29 || 0%{?rhel} >= 9
Requires: wireless-regdb
%else
Requires: crda
%endif
%if %{with iwd} && (0%{?fedora} > 24 || 0%{?rhel} > 7) %if %{with iwd} && (0%{?fedora} > 24 || 0%{?rhel} > 7)
Requires: (wpa_supplicant >= %{wpa_supplicant_version} or iwd) Requires: (wpa_supplicant >= %{wpa_supplicant_version} or iwd)
Suggests: wpa_supplicant Suggests: wpa_supplicant
@ -659,6 +686,8 @@ This tool is still experimental.
%endif %endif
-Ddist_version=%{version}-%{release} \ -Ddist_version=%{version}-%{release} \
-Dconfig_plugins_default=%{config_plugins_default} \ -Dconfig_plugins_default=%{config_plugins_default} \
-Dresolvconf=no \
-Dnetconfig=no \
-Dconfig_dns_rc_manager_default=%{dns_rc_manager_default} \ -Dconfig_dns_rc_manager_default=%{dns_rc_manager_default} \
-Dconfig_logging_backend_default=%{logging_backend_default} \ -Dconfig_logging_backend_default=%{logging_backend_default} \
-Djson_validation=true -Djson_validation=true
@ -797,11 +826,12 @@ intltoolize --automake --copy --force
%endif %endif
--with-dist-version=%{version}-%{release} \ --with-dist-version=%{version}-%{release} \
--with-config-plugins-default=%{config_plugins_default} \ --with-config-plugins-default=%{config_plugins_default} \
--with-resolvconf=no \
--with-netconfig=no \
--with-config-dns-rc-manager-default=%{dns_rc_manager_default} \ --with-config-dns-rc-manager-default=%{dns_rc_manager_default} \
--with-config-logging-backend-default=%{logging_backend_default} \ --with-config-logging-backend-default=%{logging_backend_default}
--enable-json-validation
make %{?_smp_mflags} %make_build
%endif %endif
@ -809,7 +839,7 @@ make %{?_smp_mflags}
%if %{with meson} %if %{with meson}
%meson_install %meson_install
%else %else
make install DESTDIR=%{buildroot} %make_install
%endif %endif
cp %{SOURCE1} %{buildroot}%{_sysconfdir}/%{name}/ cp %{SOURCE1} %{buildroot}%{_sysconfdir}/%{name}/
@ -875,8 +905,12 @@ fi
%post %post
# skip triggering if udevd isn't even accessible, e.g. containers or
# rpm-ostree-based systems
if [ -S /run/udev/control ]; then
/usr/bin/udevadm control --reload-rules || : /usr/bin/udevadm control --reload-rules || :
/usr/bin/udevadm trigger --subsystem-match=net || : /usr/bin/udevadm trigger --subsystem-match=net || :
fi
%if %{with firewalld_zone} %if %{with firewalld_zone}
%firewalld_reload %firewalld_reload
%endif %endif
@ -983,7 +1017,8 @@ fi
%{_mandir}/man1/* %{_mandir}/man1/*
%{_mandir}/man5/* %{_mandir}/man5/*
%{_mandir}/man7/nmcli-examples.7* %{_mandir}/man7/nmcli-examples.7*
%{_mandir}/man8/* %{_mandir}/man8/nm-initrd-generator.8.gz
%{_mandir}/man8/NetworkManager.8.gz
%dir %{_localstatedir}/lib/NetworkManager %dir %{_localstatedir}/lib/NetworkManager
%dir %{_sysconfdir}/sysconfig/network-scripts %dir %{_sysconfdir}/sysconfig/network-scripts
%{_datadir}/dbus-1/system-services/org.freedesktop.nm_dispatcher.service %{_datadir}/dbus-1/system-services/org.freedesktop.nm_dispatcher.service
@ -1118,33 +1153,95 @@ fi
%{systemd_dir}/nm-cloud-setup.timer %{systemd_dir}/nm-cloud-setup.timer
%{nmlibdir}/dispatcher.d/90-nm-cloud-setup.sh %{nmlibdir}/dispatcher.d/90-nm-cloud-setup.sh
%{nmlibdir}/dispatcher.d/no-wait.d/90-nm-cloud-setup.sh %{nmlibdir}/dispatcher.d/no-wait.d/90-nm-cloud-setup.sh
%{_mandir}/man8/nm-cloud-setup.8*
%endif %endif
%changelog %changelog
* Wed Mar 17 2021 Beniamino Galvani <bgalvani@redhat.com> - 1:1.26.0-14 * Fri Mar 26 2021 Beniamino Galvani <bgalvani@redhat.com> - 1:1.30.0-7
- initrd: support rd.net.timeout.carrier command line option (rh #1917773) - initrd: set multi-connect=single for connections with static IP (rh #1915493)
* Wed Jan 20 2021 Beniamino Galvani <bgalvani@redhat.com> - 1:1.26.0-13 * Thu Mar 25 2021 Thomas Haller <thaller@redhat.com> - 1:1.30.0-6
- device: clean up dispatcher calls when canceling an activation (rh #1888348) - core: fix handling local routes generated by kernel (rh #1907661)
- initrd: fix crash with rd.znet= argument (rh #1941106)
- core: fix crash handling path match (rh #1942741)
* Fri Dec 4 2020 Antonio Cardace <acardace@redhat.com> - 1:1.26.0-12 * Tue Mar 23 2021 Beniamino Galvani <bgalvani@redhat.com> - 1:1.30.0-5
- initrd: fix failing unit test 'test_vlan_over_bond' (rh #1903698) - bond: restore MAC on release only when there is a cloned MAC address (rh #1933292)
* Wed Dec 2 2020 Antonio Cardace <acardace@redhat.com> - 1:1.26.0-11 * Fri Mar 12 2021 Beniamino Galvani <bgalvani@redhat.com> - 1:1.30.0-4
- initrd: disable ipv4 and ipv6 by default for vlan parent connection (rh #1903698) - initrd: apply the MTU from bond= argument to the bond connection (rh #1936610)
- initrd: fix parsing of ip= argument with dotted interface name (rh #1903695)
- initrd: fix parsing with empty token (rh #1902791)
* Wed Oct 28 2020 Antonio Cardace <acardace@redhat.com> - 1:1.26.0-10 * Fri Mar 12 2021 Thomas Haller <thaller@redhat.com> - 1:1.30.0-3
- nm-manager: fix crash that can be caused by an anauthorized user (rh #1890887) - Increase LimitNOFILE to allow more than 1024 file descriptors (rh #1926599).
This requires a suitable libndp version that can handle many file descriptors (rh #1933041).
* Tue Oct 20 2020 Beniamino Galvani <bgalvani@redhat.com> - 1:1.26.0-9 * Tue Feb 23 2021 Thomas Haller <thaller@redhat.com> - 1:1.30.0-2
- initrd: generate infiniband connections (rh #1890262) - Avoid logging warning setting bond ad_actor_system (rh #1923999)
* Thu Sep 24 2020 Beniamino Galvani <bgalvani@redhat.com> - 1:1.26.0-8 * Thu Feb 18 2021 Thomas Haller <thaller@redhat.com> - 1:1.30.0-1
- initrd: accept mac address as interface specifier (rh #1879795) - Update to 1.30.0 release
- initrd: fix parsing IPv6 prefix length (rh #1879795)
* Thu Feb 11 2021 Thomas Haller <thaller@redhat.com> - 1:1.30.0-0.10
- Update to 1.30-rc1 (1.29.90-dev) (development)
- cloud-setup: fix removing IPv4 address (rh #1920838)
* Mon Feb 8 2021 Antonio Cardace <acardace@redhat.com> - 1:1.30.0-0.9
- Update to 1.29.11 (development)
- bond: fix changing mode when the device is created externally (rh #1870691)
- ovs: fix firewalld configuration for ovs-ports (rh #1921107)
- ovs: avoid race condition when system interface is removed from ovsdb (rh #1923248)
- doc: mention NETMASK as alternative to PREFIX for addresses in `man nm-settings-ifcfg-rh` (rh #1925123)
* Wed Jan 27 2021 Beniamino Galvani <bgalvani@redhat.com> - 1:1.30.0-0.8
- Update to 1.29.10 (development)
- bond: introduce new 'vlan+srcmac' xmit_hash_policy option (rh #1915457)
- ovs: clean up interfaces from ovsdb at startup (rh #1861296)
* Tue Jan 19 2021 Thomas Haller <thaller@redhat.com> - 1:1.30.0-0.7
- Update to 1.29.9 (development)
- By default check all devices for hostname reverse DNS lookup (rh #1766944)
* Thu Jan 14 2021 Thomas Haller <thaller@redhat.com> - 1:1.30.0-0.6
- Update to 1.29.8 (development)
- initrd: accept zero-byte prefix for BOOTIF MAC address (rh #1904099)
- core: fix bond port wrongly detached by dispather call (rh #1888348)
- cloud-setup: add manual page (rh #1867997)
- core: fix handling timeout for IPv6 RDNSS,DNSSL option in RA (rh #1874743)
* Wed Dec 23 2020 Beniamino Galvani <bgalvani@redhat.com> - 1:1.30.0-0.5
- Update to 1.29.7 (development)
- Add WPA3-Enterprise support (rh #1883024)
* Mon Dec 14 2020 Beniamino Galvani <bgalvani@redhat.com> - 1:1.30.0-0.4
- Update to 1.29.6 (development)
- initrd: disable ipv4 and ipv6 by default for vlan parent connection (rh #1903175)
- initrd: fix parsing of ip= argument with dotted interface name (rh #1898294)
* Fri Nov 27 2020 Beniamino Galvani <bgalvani@redhat.com> - 1:1.30.0-0.3
- Update to 1.29.3 (development)
- Support changing external-ids of OVS bridges and interfaces (rh #1866227)
- Add a hostname setting (rh #1766944)
- Support creating veth interfaces (rh #1901523)
- initrd: fix parsing of ip= arguments with empty first token (rh #1900260)
* Mon Nov 9 2020 Beniamino Galvani <bgalvani@redhat.com> - 1:1.30.0-0.2
- device: fix crash in nm_device_reactivate_ip_config()
- dns: fix crash in systemd-resolved DNS plugin (rh #1894839)
* Mon Nov 2 2020 Antonio Cardace <acardace@redhat.com> - 1:1.30.0-0.1
- Update to 1.29.1 (development)
- add library for handling profiles in keyfile format (rh #1813334)
- initrd: allow disabling NICs during boot (rh #1883958)
- allow `NM.Device.get_applied_connection_async()` to run by non-privilege user (rh #1882380)
- nmcli ignores /etc/terminal-colors.d/nmcli.scheme (rh #1886336)
- pass bridge master to wpa_supplicant when Wlan is part of bridge (rh #1888051)
- add infiniband support in initrd (rh #1883173)
* Fri Sep 18 2020 Beniamino Galvani <bgalvani@redhat.com> - 1:1.28.0-0.1
- Update to 1.27.3 (development)
- device: enforce the absence of a master during activation (rh #1869079)
- bond: fix race condition setting the "active_slave" option (rh #1856640)
* Tue Sep 1 2020 Antonio Cardace <acardace@redhat.com> - 1:1.26.0-7 * Tue Sep 1 2020 Antonio Cardace <acardace@redhat.com> - 1:1.26.0-7
- dhcp: add dhcp-vendor-class-identifier option (rh #1871042) - dhcp: add dhcp-vendor-class-identifier option (rh #1871042)