From 323a557f74bd14db722fc12a40bdb2a028d00339 Mon Sep 17 00:00:00 2001 From: Beniamino Galvani Date: Thu, 20 Feb 2020 14:38:30 +0100 Subject: [PATCH 1/2] ovs: fail port enslavement when the bridge AC is not found The previous code tried to get the bridge active connection and it used the port active connection instead in case of failure. This doesn't seem right, as in nm-ovsdb.c the bridge AC is used to get the bridge settings (including the uuid, interface name, and cloned mac). In case of failure getting the bridge AC we should just fail. Fixes: 830a5a14cb29 ('device: add support for OpenVSwitch devices') (cherry picked from commit c8b5a3f91a1be7c595be4bc176a75d5beb57047a) (cherry picked from commit d8fb95d22b0aaf006eeb6f071a319eb8e2a50ae1) --- src/devices/ovs/nm-device-ovs-port.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/devices/ovs/nm-device-ovs-port.c b/src/devices/ovs/nm-device-ovs-port.c index 39e64b3f16..28096f4d1d 100644 --- a/src/devices/ovs/nm-device-ovs-port.c +++ b/src/devices/ovs/nm-device-ovs-port.c @@ -100,6 +100,7 @@ add_iface_cb (GError *error, gpointer user_data) static gboolean enslave_slave (NMDevice *device, NMDevice *slave, NMConnection *connection, gboolean configure) { + NMDeviceOvsPort *self = NM_DEVICE_OVS_PORT (device); NMActiveConnection *ac_port = NULL; NMActiveConnection *ac_bridge = NULL; NMDevice *bridge_device; @@ -109,8 +110,11 @@ enslave_slave (NMDevice *device, NMDevice *slave, NMConnection *connection, gboo ac_port = NM_ACTIVE_CONNECTION (nm_device_get_act_request (device)); ac_bridge = nm_active_connection_get_master (ac_port); - if (!ac_bridge) - ac_bridge = ac_port; + if (!ac_bridge) { + _LOGW (LOGD_DEVICE, "can't enslave %s: bridge active-connection not found", + nm_device_get_iface (slave)); + return FALSE; + } bridge_device = nm_active_connection_get_device (ac_bridge); From bb7f729eca246e289a9a62444f0f77345fe765f2 Mon Sep 17 00:00:00 2001 From: Beniamino Galvani Date: Thu, 20 Feb 2020 14:44:58 +0100 Subject: [PATCH 2/2] ovs: fail port enslavement when the bridge device is not found Fail the enslavement of the ovs port if the bridge device is not found, instead of generating assertions and potentially crash later. https://bugzilla.redhat.com/show_bug.cgi?id=1797696 Fixes: 101e65d2bb19 ('ovs: allow changing mac address of bridges and interfaces') (cherry picked from commit c5c49995b10baf043fa57a96c9d8ddf2e99267b4) (cherry picked from commit 7494a2e37ab0114d1d3ef93b0dbe47005d3f8741) --- src/devices/ovs/nm-device-ovs-port.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/devices/ovs/nm-device-ovs-port.c b/src/devices/ovs/nm-device-ovs-port.c index 28096f4d1d..0a05747bf8 100644 --- a/src/devices/ovs/nm-device-ovs-port.c +++ b/src/devices/ovs/nm-device-ovs-port.c @@ -117,6 +117,11 @@ enslave_slave (NMDevice *device, NMDevice *slave, NMConnection *connection, gboo } bridge_device = nm_active_connection_get_device (ac_bridge); + if (!bridge_device) { + _LOGW (LOGD_DEVICE, "can't enslave %s: bridge device not found", + nm_device_get_iface (slave)); + return FALSE; + } nm_ovsdb_add_interface (nm_ovsdb_get (), nm_active_connection_get_applied_connection (ac_bridge),