From d5b23c4aa904ba352f3693721f6d998433a8c721 Mon Sep 17 00:00:00 2001 From: Antonio Cardace Date: Thu, 8 Oct 2020 22:19:12 +0200 Subject: [PATCH 1/2] initrd: disable ipv6 when 'off|none' is set in the 'ip' option This is potentially a breaking change, formerly speciyfing 'none|off' in the kernel cmdline option 'ip' was understood by the dracut network-module as doing 'ipv6.method=auto' which is clearly incosistent with the 'off' naming, thus 'off|none' now means to actually disable both ipv6 and ipv4 (unless a static ip is provided). Unit test added. https://bugzilla.redhat.com/show_bug.cgi?id=1883958 Reverts: 440a0b4078c6 ('initrd: set ipv6.method=auto when the autoconfiguration field is 'none'') Signed-off-by: Antonio Cardace (cherry picked from commit fc7c83cbdd629f2c3573c471573577277b16e9c7) (cherry picked from commit ad3088f63f5050af1bcbac65630e29f412ffd77e) --- src/initrd/nmi-cmdline-reader.c | 2 +- src/initrd/tests/test-cmdline-reader.c | 48 ++++++++++++++++++++++++-- 2 files changed, 47 insertions(+), 3 deletions(-) diff --git a/src/initrd/nmi-cmdline-reader.c b/src/initrd/nmi-cmdline-reader.c index 257ba3d7ae..316d7930fd 100644 --- a/src/initrd/nmi-cmdline-reader.c +++ b/src/initrd/nmi-cmdline-reader.c @@ -507,7 +507,7 @@ reader_parse_ip (Reader *reader, const char *sysfs_dir, char *argument) if (NM_IN_STRSET (kind, "none", "off")) { if (nm_setting_ip_config_get_num_addresses (s_ip6) == 0) { g_object_set (s_ip6, - NM_SETTING_IP_CONFIG_METHOD, NM_SETTING_IP6_CONFIG_METHOD_AUTO, + NM_SETTING_IP_CONFIG_METHOD, NM_SETTING_IP6_CONFIG_METHOD_DISABLED, NULL); } if (nm_setting_ip_config_get_num_addresses (s_ip4) == 0) { diff --git a/src/initrd/tests/test-cmdline-reader.c b/src/initrd/tests/test-cmdline-reader.c index d6966023a9..540b7bca8b 100644 --- a/src/initrd/tests/test-cmdline-reader.c +++ b/src/initrd/tests/test-cmdline-reader.c @@ -228,7 +228,7 @@ test_if_ip4_manual (void) s_ip6 = nm_connection_get_setting_ip6_config (connection); g_assert (s_ip6); - g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip6), ==, NM_SETTING_IP6_CONFIG_METHOD_AUTO); + g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip6), ==, NM_SETTING_IP6_CONFIG_METHOD_DISABLED); g_assert (nm_setting_ip_config_get_may_fail (s_ip6)); connection = g_hash_table_lookup (connections, "eth4"); @@ -293,6 +293,49 @@ test_if_ip6_manual (void) g_assert_cmpstr (nm_setting_ip_config_get_dhcp_hostname (s_ip6), ==, "hostname0.example.com"); } +static void +test_if_off (void) +{ + gs_unref_hashtable GHashTable *connections = NULL; + const char *const *ARGV = NM_MAKE_STRV ("ip=off", + "ip=ens3:off", + "ip=10.0.0.8:::::ens4:off", + "ip=[2001:DB8::8]:::::ens5:off"); + NMConnection *connection; + NMSettingIPConfig *s_ip4; + NMSettingIPConfig *s_ip6; + gs_free char *hostname = NULL; + struct { + const char name[32]; + const char ipv4_method[32]; + const char ipv6_method[32]; + } conn_expected[] = { + {"default_connection", NM_SETTING_IP4_CONFIG_METHOD_DISABLED, NM_SETTING_IP6_CONFIG_METHOD_DISABLED}, + {"ens3", NM_SETTING_IP4_CONFIG_METHOD_DISABLED, NM_SETTING_IP6_CONFIG_METHOD_DISABLED}, + {"ens4", NM_SETTING_IP4_CONFIG_METHOD_MANUAL, NM_SETTING_IP6_CONFIG_METHOD_DISABLED}, + {"ens5", NM_SETTING_IP4_CONFIG_METHOD_DISABLED, NM_SETTING_IP6_CONFIG_METHOD_MANUAL}, + }; + + connections = nmi_cmdline_reader_parse (TEST_INITRD_DIR "/sysfs", ARGV, &hostname); + g_assert (connections); + g_assert_cmpint (g_hash_table_size (connections), ==, G_N_ELEMENTS (conn_expected)); + g_assert_cmpstr (hostname, ==, NULL); + + for (int i = 0; i < G_N_ELEMENTS (conn_expected); ++i) { + connection = g_hash_table_lookup (connections, conn_expected[i].name); + g_assert (connection); + nmtst_assert_connection_verifies_without_normalization (connection); + + s_ip4 = nm_connection_get_setting_ip4_config (connection); + g_assert (s_ip4); + g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip4), ==, conn_expected[i].ipv4_method); + + s_ip6 = nm_connection_get_setting_ip6_config (connection); + g_assert (s_ip6); + g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip6), ==, conn_expected[i].ipv6_method); + } +} + static void test_if_mac_ifname (void) { @@ -681,7 +724,7 @@ test_bond_ip (void) s_ip6 = nm_connection_get_setting_ip6_config (connection); g_assert (s_ip6); - g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip6), ==, NM_SETTING_IP6_CONFIG_METHOD_AUTO); + g_assert_cmpstr (nm_setting_ip_config_get_method (s_ip6), ==, NM_SETTING_IP6_CONFIG_METHOD_DISABLED); g_assert (!nm_setting_ip_config_get_ignore_auto_dns (s_ip6)); g_assert_cmpint (nm_setting_ip_config_get_num_dns (s_ip6), ==, 0); g_assert (!nm_setting_ip_config_get_gateway (s_ip6)); @@ -1665,6 +1708,7 @@ int main (int argc, char **argv) g_test_add_func ("/initrd/cmdline/if_ip4_manual", test_if_ip4_manual); g_test_add_func ("/initrd/cmdline/if_ip6_manual", test_if_ip6_manual); g_test_add_func ("/initrd/cmdline/if_mac_ifname", test_if_mac_ifname); + g_test_add_func ("/initrd/cmdline/if_off", test_if_off); g_test_add_func ("/initrd/cmdline/multiple/merge", test_multiple_merge); g_test_add_func ("/initrd/cmdline/multiple/bootdev", test_multiple_bootdev); g_test_add_func ("/initrd/cmdline/nameserver", test_nameserver); From e69c17b399ebd2fdd7268baf1cf761d7d8d2cc17 Mon Sep 17 00:00:00 2001 From: Antonio Cardace Date: Fri, 9 Oct 2020 16:04:54 +0200 Subject: [PATCH 2/2] NEWS: update Signed-off-by: Antonio Cardace (cherry picked from commit 8764d47af68bea9708c3a46019fe1b863b90aa32) (cherry picked from commit 23364aa8f3bd6b11e2ac9e30117eaabfe1f3a9f2) --- NEWS | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/NEWS b/NEWS index 078496f77b..e4e1a90ba2 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,12 @@ +=============================================== +NetworkManager-1.26.6 +Overview of changes since NetworkManager-1.26.4 +=============================================== +* Change the behavior of nm-initrd-generator so that the 'ip=off|none' kernel + cmdline argument actually generates a connection which disables both + ipv4 and ipv6. Previously the generated connection would disable ipv4 + but ipv6 would be set to the 'auto' method. + =============================================== NetworkManager-1.26.4 Overview of changes since NetworkManager-1.26.2