From 324029c7e40060c74c9ca139afd3920bacb4490a Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Mon, 15 Jun 2020 15:56:30 +0200 Subject: [PATCH 1/6] glib: always re-implement g_steal_pointer() g_steal_pointer() is marked as GLIB_AVAILABLE_STATIC_INLINE_IN_2_44, that means we get a deprecated warning. Avoid that. We anyway re-implement the macro so that we can use it before 2.44 and so that it always does the typeof() cast. (cherry picked from commit edfe9fa9a23422b54438c49588562b0838d80908) (cherry picked from commit 6936a0613cdd0d850238e1ebe5260de9332a9198) (cherry picked from commit e333a28b976f4d7936f69da4a6109d47bb470ea9) (cherry picked from commit 2283cd98f94cafbab679afa5bc1d499578b0d120) --- shared/nm-glib-aux/nm-glib.h | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/shared/nm-glib-aux/nm-glib.h b/shared/nm-glib-aux/nm-glib.h index e5a4766b30..3be708943b 100644 --- a/shared/nm-glib-aux/nm-glib.h +++ b/shared/nm-glib-aux/nm-glib.h @@ -412,9 +412,8 @@ _nm_g_hash_table_get_keys_as_array (GHashTable *hash_table, /*****************************************************************************/ -#if !GLIB_CHECK_VERSION(2, 44, 0) static inline gpointer -g_steal_pointer (gpointer pp) +_nm_g_steal_pointer (gpointer pp) { gpointer *ptr = (gpointer *) pp; gpointer ref; @@ -424,13 +423,20 @@ g_steal_pointer (gpointer pp) return ref; } + +#if !GLIB_CHECK_VERSION(2, 44, 0) +static inline gpointer +g_steal_pointer (gpointer pp) +{ + return _nm_g_steal_pointer (pp); +} #endif #ifdef g_steal_pointer #undef g_steal_pointer #endif #define g_steal_pointer(pp) \ - ((typeof (*(pp))) g_steal_pointer (pp)) + ((typeof (*(pp))) _nm_g_steal_pointer (pp)) /*****************************************************************************/ From 3bef60c3704d3f28986d9a7057554f28efa994bb Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Mon, 7 Sep 2020 16:20:43 +0200 Subject: [PATCH 2/6] tests: ignore valgrind warning about unhandled syscalls On Fedora rawhide (34), valgrind gives a lot of warnings like: ./src/platform/tests/test-cleanup-linux.valgrind-log:--48279-- WARNING: unhandled amd64-linux syscall: 439 ./src/platform/tests/test-cleanup-linux.valgrind-log:--48279-- You may be able to write your own handler. ./src/platform/tests/test-cleanup-linux.valgrind-log:--48279-- Read the file README_MISSING_SYSCALL_OR_IOCTL. ./src/platform/tests/test-cleanup-linux.valgrind-log:--48279-- Nevertheless we consider this a bug. Please report ./src/platform/tests/test-cleanup-linux.valgrind-log:--48279-- it at http://valgrind.org/support/bug_reports.html. Ignore them. (cherry picked from commit 2cb40f6e36ce8db8257b07e15fe1bb9a47ce64f3) (cherry picked from commit 561bd7bba6eea54706100d0044e6f47620a08755) (cherry picked from commit 09b5a72b0f108f0a77be116a90786f2486c3a4f1) (cherry picked from commit e81559291989eecfe0453e7ed25e3a28099570de) (cherry picked from commit 8fb90c00d06b4f757cdb226a8353c36c5396b4f7) --- tools/run-nm-test.sh | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/tools/run-nm-test.sh b/tools/run-nm-test.sh index 09c735c129..be35590c48 100755 --- a/tools/run-nm-test.sh +++ b/tools/run-nm-test.sh @@ -297,16 +297,21 @@ if [ $HAS_ERRORS -eq 0 ]; then # valgrind doesn't support setns syscall and spams the logfile. # hack around it... case "$TEST_NAME" in + 'libnm-test-nm-client' | \ + 'libnm-test-remote-settings-client' | \ + 'libnm-test-secret-agent' | \ + 'test-acd' | \ + 'test-address-linux' | \ + 'test-cleanup-linux' | \ 'test-config' | \ 'test-link-linux' | \ - 'test-acd' | \ - 'test-service-providers' | \ - 'test-remote-settings-client' | \ - 'test-secret-agent' | \ + 'test-lldp' | \ 'test-nm-client' | \ - 'libnm-test-remote-settings-client' | \ - 'libnm-test-nm-client' | \ - 'libnm-test-secret-agent' ) + 'test-platform-general' | \ + 'test-remote-settings-client' | \ + 'test-route-linux' | \ + 'test-secret-agent' | \ + 'test-service-providers' ) if [ -z "$(sed -e '/^--[0-9]\+-- WARNING: unhandled .* syscall: /,/^--[0-9]\+-- it at http.*\.$/d' "$LOGFILE")" ]; then HAS_ERRORS=1 fi From 3f589f9cefc279468ac1d925da53f19f91e6abff Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Tue, 8 Sep 2020 13:20:51 +0200 Subject: [PATCH 3/6] contrib/rpm: opt out of LTO build for Fedora 33+ (cherry picked from commit 176996fccb109d064f7cf1648b7b8ede1fd5914d) (cherry picked from commit 279998167aedf4503334e8f4c4d10fdc4de6d339) (cherry picked from commit 790a3a213a146d2cd9d781640448f5aa5791295e) --- contrib/fedora/rpm/NetworkManager.spec | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/contrib/fedora/rpm/NetworkManager.spec b/contrib/fedora/rpm/NetworkManager.spec index 30ea6a1d78..aea7472235 100644 --- a/contrib/fedora/rpm/NetworkManager.spec +++ b/contrib/fedora/rpm/NetworkManager.spec @@ -130,6 +130,10 @@ %global ebpf_enabled "no" %endif +# On Fedora 33+, LTO is enabled by default. Newer branches of NetworkManager +# fix build with LTO, but for this branch we simply disable it. +%define _lto_cflags %{nil} + ############################################################################### Name: NetworkManager From 7d7347397814c4be2423c893e15d2891e740ec4e Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Wed, 12 Aug 2020 13:31:31 +0200 Subject: [PATCH 4/6] core: avoid deprecated matchfilecon SELinux API instead of selabel The matchfilecon API is deprecated for a very long time. Since selinux 3.1 the functions are also marked as deprecated in the header, which causes compiler warnings and build failures. Update the code to use selabel API instead. (cherry picked from commit 173533c3b2db15d71dc1f75790b53b8f30c169e2) (cherry picked from commit f5aafb9da4afe140a00b76c6adce68efdc6224fa) (cherry picked from commit bde9f1023feaee5103cb3df109d7e6016cd2a3aa) (cherry picked from commit 67135e64c92b7dd4558ffdf49dd5eb178a414e78) (cherry picked from commit 2014626b1e3d881e1f22d85eb14e7dc71069b5a9) --- src/nm-hostname-manager.c | 47 ++++++++++++++++++++++++++------------- 1 file changed, 32 insertions(+), 15 deletions(-) diff --git a/src/nm-hostname-manager.c b/src/nm-hostname-manager.c index db56111600..c10d31fcb9 100644 --- a/src/nm-hostname-manager.c +++ b/src/nm-hostname-manager.c @@ -26,6 +26,7 @@ #if HAVE_SELINUX #include +#include #endif #include "nm-libnm-core-intern/nm-common-macros.h" @@ -360,8 +361,8 @@ nm_hostname_manager_write_hostname (NMHostnameManager *self, const char *hostnam gs_unref_variant GVariant *var = NULL; struct stat file_stat; #if HAVE_SELINUX - security_context_t se_ctx_prev = NULL, se_ctx = NULL; - mode_t st_mode = 0; + gboolean fcon_was_set = FALSE; + char *fcon_prev = NULL; #endif g_return_val_if_fail (NM_IS_HOSTNAME_MANAGER (self), FALSE); @@ -391,16 +392,6 @@ nm_hostname_manager_write_hostname (NMHostnameManager *self, const char *hostnam && (link_path = nm_utils_read_link_absolute (file, NULL))) file = link_path; -#if HAVE_SELINUX - /* Get default context for hostname file and set it for fscreate */ - if (stat (file, &file_stat) == 0) - st_mode = file_stat.st_mode; - matchpathcon (file, st_mode, &se_ctx); - matchpathcon_fini (); - getfscreatecon (&se_ctx_prev); - setfscreatecon (se_ctx); -#endif - #if defined (HOSTNAME_PERSIST_GENTOO) hostname_eol = g_strdup_printf ("#Generated by NetworkManager\n" "hostname=\"%s\"\n", hostname); @@ -408,13 +399,39 @@ nm_hostname_manager_write_hostname (NMHostnameManager *self, const char *hostnam hostname_eol = g_strdup_printf ("%s\n", hostname); #endif +#if HAVE_SELINUX + /* Get default context for hostname file and set it for fscreate */ + { + struct selabel_handle *handle; + + handle = selabel_open (SELABEL_CTX_FILE, NULL, 0); + if (handle) { + mode_t st_mode = 0; + char *fcon = NULL; + + if (stat (file, &file_stat) == 0) + st_mode = file_stat.st_mode; + + if ( (selabel_lookup (handle, &fcon, file, st_mode) == 0) + && (getfscreatecon (&fcon_prev) == 0)) { + setfscreatecon (fcon); + fcon_was_set = TRUE; + } + + selabel_close (handle); + freecon (fcon); + } + } +#endif + ret = g_file_set_contents (file, hostname_eol, -1, &error); #if HAVE_SELINUX /* Restore previous context and cleanup */ - setfscreatecon (se_ctx_prev); - freecon (se_ctx); - freecon (se_ctx_prev); + if (fcon_was_set) + setfscreatecon (fcon_prev); + if (fcon_prev) + freecon (fcon_prev); #endif g_free (hostname_eol); From 35bffef0518ca7b2f40279abf056563c432cb17b Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Tue, 30 Jun 2020 17:34:05 +0200 Subject: [PATCH 5/6] modem: suppress deprecated warning from libmm for MM_MODEM_CAPABILITY_LTE_ADVANCED On Ubuntu 20.10, we build against ModemManager 1.14.0 and get a compiler warning: ../src/devices/wwan/nm-modem-broadband.c: In function 'try_create_connect_properties': ../src/devices/wwan/nm-modem-broadband.c:492:2: error: 'MMModemCapabilityDeprecated' is deprecated [-Werror=deprecated-declarations] 492 | if (MODEM_CAPS_3GPP (ctx->caps)) { | ^~ Suppress it. An alternative would be to drop the flag entirely. It seems the flag was never used (and never will be used). But if that's true, there is little harm done checking it. If it's not true, we better keep checking for older versions. https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/commit/0cd76bf1c411707b6ba1c4222d791e2115ef6840 (cherry picked from commit 03dc75902662eecb3deee5a3dfc77e132def26cf) (cherry picked from commit 12e4a4a5df056fdf70d8a6156bcfe558c2d5ed3b) (cherry picked from commit b6729446032e4c1c72c9c2b60306e3a81a313191) (cherry picked from commit fb93ca2851dc918fa388ffcf16e750273f67cd9a) (cherry picked from commit e3e0a2624ba8a9f777f6f8cddafa808943fbbee5) --- src/devices/wwan/nm-modem-broadband.c | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/src/devices/wwan/nm-modem-broadband.c b/src/devices/wwan/nm-modem-broadband.c index 949d9bff67..66b2b4668b 100644 --- a/src/devices/wwan/nm-modem-broadband.c +++ b/src/devices/wwan/nm-modem-broadband.c @@ -34,9 +34,22 @@ #define NM_MODEM_BROADBAND_MODEM "modem" -#define MODEM_CAPS_3GPP(caps) (caps & (MM_MODEM_CAPABILITY_GSM_UMTS | \ - MM_MODEM_CAPABILITY_LTE | \ - MM_MODEM_CAPABILITY_LTE_ADVANCED)) +static gboolean +MODEM_CAPS_3GPP (MMModemCapability caps) +{ + G_GNUC_BEGIN_IGNORE_DEPRECATIONS + /* MM_MODEM_CAPABILITY_LTE_ADVANCED is marked as deprecated since ModemManager 1.14.0. + * + * The flag probably was never used, it certainly isn't used since 1.14.0. + * + * Still, just to be sure, there is no harm in checking it here. Suppress the + * warning, it should have no bad effect. + */ + return NM_FLAGS_ANY (caps, ( MM_MODEM_CAPABILITY_GSM_UMTS + | MM_MODEM_CAPABILITY_LTE + | MM_MODEM_CAPABILITY_LTE_ADVANCED)); + G_GNUC_END_IGNORE_DEPRECATIONS +} #define MODEM_CAPS_3GPP2(caps) (caps & (MM_MODEM_CAPABILITY_CDMA_EVDO)) From 62f384bcdd80f49e9f104682b5f3e0e3d2641a3c Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Fri, 28 Aug 2020 14:24:32 +0200 Subject: [PATCH 6/6] gitlab-ci: fix workarounds for Ubuntu 16.04 in tests The detection for Ubuntu 16.04 was broken. By now /etc/os-release contains VERSION="16.04.7 LTS (Xenial Xerus)" (cherry picked from commit 12e8557476174b8aeefba1e0a189b4d4896a8374) (cherry picked from commit 9f7736ea8e88199cfe15e9aec40d147d64f204c8) (cherry picked from commit 89e01a19362f025d4907fae70cbf416db0071411) (cherry picked from commit deb53ff5a2a53506c44af6006f2cede39b199bb9) (cherry picked from commit 7921d3fb4ccb09a536e38f6eaf9c7f97829ed274) --- .gitlab-ci.yml | 4 ++-- contrib/scripts/nm-ci-install-valgrind-in-ubuntu1604.sh | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 402d5c48bb..784b851cf8 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -40,8 +40,8 @@ stages: - date '+%Y%m%d-%H%M%S'; dbus-uuidgen --ensure - date '+%Y%m%d-%H%M%S'; sed -i 's/^# \(pl_PL.UTF-8 .*\)$/\1/p' /etc/locale.gen ; true - date '+%Y%m%d-%H%M%S'; locale-gen pl_PL.UTF-8 - - date '+%Y%m%d-%H%M%S'; grep -q "VERSION=.16.04.6 LTS" /etc/os-release && pip3 install meson==0.53.2 - - date '+%Y%m%d-%H%M%S'; grep -q "VERSION=.16.04.6 LTS" /etc/os-release || pip3 install meson + - date '+%Y%m%d-%H%M%S'; grep -q "VERSION=.16.04.[0-9]\+ LTS" /etc/os-release && pip3 install meson==0.53.2 + - date '+%Y%m%d-%H%M%S'; grep -q "VERSION=.16.04.[0-9]\+ LTS" /etc/os-release || pip3 install meson - date '+%Y%m%d-%H%M%S'; contrib/scripts/nm-ci-install-valgrind-in-ubuntu1604.sh # iproute2 5.2.0 on debian:sid causes our unit tests to fail. diff --git a/contrib/scripts/nm-ci-install-valgrind-in-ubuntu1604.sh b/contrib/scripts/nm-ci-install-valgrind-in-ubuntu1604.sh index 1fd88d052b..864cce04be 100755 --- a/contrib/scripts/nm-ci-install-valgrind-in-ubuntu1604.sh +++ b/contrib/scripts/nm-ci-install-valgrind-in-ubuntu1604.sh @@ -13,7 +13,7 @@ set -exv # # Work around that by installing valgrind from bionic. -grep -q 'PRETTY_NAME="Ubuntu 16.04.6 LTS"' /etc/os-release || exit 0 +grep -q 'PRETTY_NAME="Ubuntu 16.04.[0-9]\+ LTS"' /etc/os-release || exit 0 dpkg -s valgrind | grep -q 'Version: 1:3.11.0-1ubuntu4.2$' || exit 0