From fbb75a627d3f50628097c3441eda0c7015712a4b Mon Sep 17 00:00:00 2001 From: eabdullin Date: Thu, 18 Dec 2025 10:58:55 +0000 Subject: [PATCH] import UBI NetworkManager-1.54.0-2.el10_1 --- ...unrelated-external-ports-rhel-121106.patch | 92 +++++++++ ...ort-reapplying-sriov-vfs-rhel-113956.patch | 178 ++++++++++++++++++ NetworkManager.spec | 9 +- 3 files changed, 277 insertions(+), 2 deletions(-) create mode 100644 1001-ovs-don-t-remove-unrelated-external-ports-rhel-121106.patch create mode 100644 1002-support-reapplying-sriov-vfs-rhel-113956.patch diff --git a/1001-ovs-don-t-remove-unrelated-external-ports-rhel-121106.patch b/1001-ovs-don-t-remove-unrelated-external-ports-rhel-121106.patch new file mode 100644 index 0000000..32fae0e --- /dev/null +++ b/1001-ovs-don-t-remove-unrelated-external-ports-rhel-121106.patch @@ -0,0 +1,92 @@ +From bc8e8c4247bceffda6a9b3dcc7803b3ab84158a2 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?=C3=8D=C3=B1igo=20Huguet?= +Date: Thu, 9 Oct 2025 12:24:11 +0200 +Subject: [PATCH] ovs: don't remove unrelated external ports + +The commit linked below introduced a bug that caused that OVS ports +added externally to NM are always deleted when we delete any OVS +interface. It affects to all externally added ports, including those +that are not related to the deleted interface and even those in +different OVS bridges. + +Fix it by only modifying ports and bridges that are ascendants of the +deleted interface, leaving everything else untouched. + +Note that bridges and ports still need to have at least one NM-managed +interface, otherwise they will also be purged. For example, an NM-owned +OVS bridge with 2 ports+iface, one NM-owned and one external: if we +delete the NM-owned iface, both ports and the bridge will be deleted. +For now, this is a known limitation that is not being fixed here. + +Fixes: 476c89b6f2cd ('ovs: only keep bridges and ports with NM interfaces attached') +(cherry picked from commit 93491d76ecf75c202ff82369e3eb72e7e6d37c8a) +(cherry picked from commit 8326cc32d64441dd993b5b1e73ded21d548efa6d) +--- + src/core/devices/ovs/nm-ovsdb.c | 32 +++++++++++++++++--------------- + 1 file changed, 17 insertions(+), 15 deletions(-) + +diff --git a/src/core/devices/ovs/nm-ovsdb.c b/src/core/devices/ovs/nm-ovsdb.c +index 164bfd3565..1c9484c486 100644 +--- a/src/core/devices/ovs/nm-ovsdb.c ++++ b/src/core/devices/ovs/nm-ovsdb.c +@@ -1460,40 +1460,42 @@ _delete_interface(NMOvsdb *self, json_t *params, const char *ifname) + json_array_append_new(new_interfaces, json_pack("[s,s]", "uuid", interface_uuid)); + } + +- if (num_nm_interfaces == 0) { +- /* The port no longer has any NM interface. Don't add it to "new_ports" and set +- * ports_changed=TRUE, so that it will be deleted. */ ++ if (interfaces_changed && num_nm_interfaces == 0) { ++ /* We are deleting the last nm-interface of this port. Don't add it to "new_ports" ++ * and set ports_changed=TRUE, so that it will be deleted. */ + ports_changed = TRUE; + } else { ++ /* Keep this port: it's still alive, or it's unrelated to the deleted interface */ ++ json_array_append_new(new_ports, json_pack("[s,s]", "uuid", port_uuid)); ++ if (ovs_port->connection_uuid) ++ num_nm_ports++; ++ + if (interfaces_changed) { +- /* An interface needs to be deleted from this port */ ++ /* This port is still alive, but an interface needs to be deleted from it */ + _expect_port_interfaces(params, ovs_port->name, interfaces); + _set_port_interfaces(params, ovs_port->name, new_interfaces); + } +- /* The port is still alive */ +- json_array_append_new(new_ports, json_pack("[s,s]", "uuid", port_uuid)); +- if (ovs_port->connection_uuid) +- num_nm_ports++; + } + } + +- if (num_nm_ports == 0) { +- /* The bridge no longer has any NM port. Don't add it to "new_bridges" and set +- * bridges_changed=TRUE, so that it will be deleted. */ ++ if (ports_changed && num_nm_ports == 0) { ++ /* We are deleting the last nm-port of this bridge. Don't add it to "new_bridges" ++ * and set bridges_changed=TRUE, so that it will be deleted. */ + bridges_changed = TRUE; + } else { ++ /* Keep this bridge: it's still alive, or it's unrelated to the deleted interface */ ++ json_array_append_new(new_bridges, json_pack("[s,s]", "uuid", ovs_bridge->bridge_uuid)); ++ + if (ports_changed) { +- /* A port needs to be deleted from this bridge */ ++ /* This bridge is still alive, but a port needs to be deleted from it */ + _expect_bridge_ports(params, ovs_bridge->name, ports); + _set_bridge_ports(params, ovs_bridge->name, new_ports); + } +- /* The bridge is still alive */ +- json_array_append_new(new_bridges, json_pack("[s,s]", "uuid", ovs_bridge->bridge_uuid)); + } + } + + if (bridges_changed) { +- /* A port needs to be deleted from this bridge */ ++ /* A bridge needs to be deleted */ + _expect_ovs_bridges(params, priv->db_uuid, bridges); + _set_ovs_bridges(params, priv->db_uuid, new_bridges); + } +-- +2.50.1 + diff --git a/1002-support-reapplying-sriov-vfs-rhel-113956.patch b/1002-support-reapplying-sriov-vfs-rhel-113956.patch new file mode 100644 index 0000000..02a156b --- /dev/null +++ b/1002-support-reapplying-sriov-vfs-rhel-113956.patch @@ -0,0 +1,178 @@ +From 59a54e8f9431f730b0d99d737be821988d7d867e Mon Sep 17 00:00:00 2001 +From: Jan Vaclav +Date: Thu, 14 Aug 2025 12:52:09 +0200 +Subject: [PATCH 1/2] device: extract sriov platform vf generation to separate + function + +(cherry picked from commit 588a69cd1b0e5bab7371f297c6450d17f5de9ab2) +(cherry picked from commit b2d8f60c4970401b4e981604eceaa37520052fcf) +--- + src/core/devices/nm-device.c | 61 +++++++++++++++++++++++++----------- + 1 file changed, 43 insertions(+), 18 deletions(-) + +diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c +index f6057e529f..d88d785422 100644 +--- a/src/core/devices/nm-device.c ++++ b/src/core/devices/nm-device.c +@@ -10390,6 +10390,43 @@ sriov_params_cb(GError *error, gpointer user_data) + nm_device_activate_schedule_stage1_device_prepare(self, FALSE); + } + ++static gboolean ++sriov_gen_platform_vfs(NMDevice *self, ++ NMSettingSriov *s_sriov, ++ NMPlatformVF ***plat_vfs_out, ++ GError **error) ++{ ++ nm_auto_freev NMPlatformVF **plat_vfs = NULL; ++ guint num; ++ ++ nm_assert(s_sriov); ++ nm_assert(plat_vfs_out && !*plat_vfs_out); ++ ++ num = nm_setting_sriov_get_num_vfs(s_sriov); ++ plat_vfs = g_new0(NMPlatformVF *, num + 1); ++ ++ for (int i = 0; i < num; i++) { ++ NMSriovVF *vf = nm_setting_sriov_get_vf(s_sriov, i); ++ gs_free_error GError *local = NULL; ++ ++ plat_vfs[i] = sriov_vf_config_to_platform(self, vf, &local); ++ ++ if (!plat_vfs[i]) { ++ g_set_error(error, ++ local->domain, ++ local->code, ++ "VF '%s' is invalid: %s", ++ nm_utils_sriov_vf_to_str(vf, FALSE, NULL), ++ local->message); ++ return FALSE; ++ } ++ } ++ ++ *plat_vfs_out = g_steal_pointer(&plat_vfs); ++ ++ return TRUE; ++} ++ + /* + * activate_stage1_device_prepare + * +@@ -10436,10 +10473,7 @@ activate_stage1_device_prepare(NMDevice *self) + if (s_sriov && nm_device_has_capability(self, NM_DEVICE_CAP_SRIOV)) { + nm_auto_freev NMPlatformVF **plat_vfs = NULL; + gs_free_error GError *error = NULL; +- NMSriovVF *vf; + NMTernary autoprobe; +- guint num; +- guint i; + + autoprobe = nm_setting_sriov_get_autoprobe_drivers(s_sriov); + if (autoprobe == NM_TERNARY_DEFAULT) { +@@ -10452,21 +10486,12 @@ activate_stage1_device_prepare(NMDevice *self) + NM_OPTION_BOOL_TRUE); + } + +- num = nm_setting_sriov_get_num_vfs(s_sriov); +- plat_vfs = g_new0(NMPlatformVF *, num + 1); +- for (i = 0; i < num; i++) { +- vf = nm_setting_sriov_get_vf(s_sriov, i); +- plat_vfs[i] = sriov_vf_config_to_platform(self, vf, &error); +- if (!plat_vfs[i]) { +- _LOGE(LOGD_DEVICE, +- "failed to apply SR-IOV VF '%s': %s", +- nm_utils_sriov_vf_to_str(vf, FALSE, NULL), +- error->message); +- nm_device_state_changed(self, +- NM_DEVICE_STATE_FAILED, +- NM_DEVICE_STATE_REASON_SRIOV_CONFIGURATION_FAILED); +- return; +- } ++ if (!sriov_gen_platform_vfs(self, s_sriov, &plat_vfs, &error)) { ++ _LOGE(LOGD_DEVICE, "cannot parse the VF list: %s", error->message); ++ nm_device_state_changed(self, ++ NM_DEVICE_STATE_FAILED, ++ NM_DEVICE_STATE_REASON_SRIOV_CONFIGURATION_FAILED); ++ return; + } + + /* When changing the number of VFs the kernel can block +-- +2.50.1 + + +From 79e494539f6e0abfebb92f099c3c1242f13defec Mon Sep 17 00:00:00 2001 +From: Jan Vaclav +Date: Thu, 14 Aug 2025 13:00:53 +0200 +Subject: [PATCH 2/2] device: add support for reapplying the `sriov.vfs` + property + +Adds support for reapplying the `sriov.vfs` property. Note this +does not include `num_vfs`, as the configuration needs to be reset +and reconfigured from scratch in that case. + +Previously, if an existing VF is modified (e.g. if we change the `trust` +flag), we reset all VF configurations, and started from scratch. But in +some cases, this is unnecessarily disruptive. + +Resolves: https://issues.redhat.com/browse/RHEL-95844 +(cherry picked from commit 4ba3ffee6788e6d8b75aff6c7aa21f92e45d5b9c) +(cherry picked from commit 6f454c98a98818e96ecd4f228f1e42febd2b2b32) +--- + src/core/devices/nm-device.c | 31 +++++++++++++++++++++++++++++-- + 1 file changed, 29 insertions(+), 2 deletions(-) + +diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c +index d88d785422..78301a9698 100644 +--- a/src/core/devices/nm-device.c ++++ b/src/core/devices/nm-device.c +@@ -14087,7 +14087,8 @@ can_reapply_change(NMDevice *self, + return nm_device_hash_check_invalid_keys(diffs, + NM_SETTING_SRIOV_SETTING_NAME, + error, +- NM_SETTING_SRIOV_PRESERVE_ON_DOWN); ++ NM_SETTING_SRIOV_PRESERVE_ON_DOWN, ++ NM_SETTING_SRIOV_VFS); + } + + out_fail: +@@ -14265,9 +14266,35 @@ check_and_reapply_connection(NMDevice *self, + + nm_device_link_properties_set(self, TRUE); + +- if (priv->state >= NM_DEVICE_STATE_CONFIG) ++ if (priv->state >= NM_DEVICE_STATE_CONFIG) { ++ GHashTable *sriov_diff; ++ + lldp_setup(self, NM_TERNARY_DEFAULT); + ++ sriov_diff = nm_g_hash_table_lookup(diffs, NM_SETTING_SRIOV_SETTING_NAME); ++ ++ if (sriov_diff && nm_g_hash_table_lookup(sriov_diff, NM_SETTING_SRIOV_VFS)) { ++ nm_auto_freev NMPlatformVF **plat_vfs = NULL; ++ NMSettingSriov *s_sriov; ++ ++ s_sriov = (NMSettingSriov *) nm_connection_get_setting(applied, NM_TYPE_SETTING_SRIOV); ++ ++ if (s_sriov) { ++ gs_free_error GError *local = NULL; ++ ++ if (!sriov_gen_platform_vfs(self, s_sriov, &plat_vfs, &local) ++ || !nm_platform_link_set_sriov_vfs(nm_device_get_platform(self), ++ priv->ifindex, ++ (const NMPlatformVF *const *) plat_vfs)) { ++ _LOGE(LOGD_DEVICE, ++ "failed to reapply SRIOV VFs%s%s", ++ local ? ": " : "", ++ local ? local->message : ""); ++ } ++ } ++ } ++ } ++ + if (priv->state >= NM_DEVICE_STATE_IP_CONFIG) { + /* Allow reapply of MTU */ + priv->mtu_source = NM_DEVICE_MTU_SOURCE_NONE; +-- +2.50.1 + diff --git a/NetworkManager.spec b/NetworkManager.spec index bc9666a..82663ce 100644 --- a/NetworkManager.spec +++ b/NetworkManager.spec @@ -7,7 +7,7 @@ %global real_version 1.54.0 %global git_tag_version 1.54.0 %global rpm_version %{real_version} -%global release_version 1 +%global release_version 2 %global snapshot %{nil} %global git_sha %{nil} %global bcond_default_debug 0 @@ -188,7 +188,8 @@ Source9: readme-ifcfg-rh-migrated.txt # Patch0001: 0001-some.patch # Bugfixes that are only relevant until next rebase of the package. -# Patch1001: 1001-some.patch +Patch1001: 1001-ovs-don-t-remove-unrelated-external-ports-rhel-121106.patch +Patch1002: 1002-support-reapplying-sriov-vfs-rhel-113956.patch Requires(post): systemd Requires(post): systemd-udev @@ -1086,6 +1087,10 @@ fi %changelog +* Wed Oct 15 2025 Íñigo Huguet - 1:1.54.0-2 +- Support reapplying sriov.vfs (RHEL-113956) +- Fix removing unrelated OVS ports (RHEL-121106) + * Mon Aug 04 2025 Filip Pokryvka - 1:1.54.0-1 - Update to 1.54.0 - Fix reaply on bridge port VLAN (RHEL-102318)