diff --git a/NEWS b/NEWS
index 9a248c7024..f95849ad60 100644
--- a/NEWS
+++ b/NEWS
@@ -9,6 +9,10 @@ the later release.
USE AT YOUR OWN RISK. NOT RECOMMENDED FOR PRODUCTION USE!
* nmcli now supports viewing and managing WireGuard peers.
+* Add a new "sriov.preserve-on-down" property that controls whether
+ NetworkManager preserves the SR-IOV parameters set on the device
+ when the connection is deactivated, or whether it resets them to
+ their default value.
=============================================
NetworkManager-1.54
diff --git a/man/NetworkManager.conf.xml b/man/NetworkManager.conf.xml
index 93e7b016cf..2b42755971 100644
--- a/man/NetworkManager.conf.xml
+++ b/man/NetworkManager.conf.xml
@@ -1093,6 +1093,12 @@ ipv6.ip6-privacy=0
sriov.autoprobe-drivers
If left unspecified, drivers are autoprobed when the SR-IOV VF gets created.
+
+ sriov.preserve-on-down
+ Set to 0 or 1 to select whether the SR-IOV parameters are
+ preserved when the connection is deactivated. If left unspecified, default
+ to 0 (parameters are not preserved).
+
vpn.timeout
If left unspecified, default value of 60 seconds is used.
diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c
index 1f68551f1d..2994961556 100644
--- a/src/core/devices/nm-device.c
+++ b/src/core/devices/nm-device.c
@@ -1416,6 +1416,26 @@ _prop_get_connection_mdns(NMDevice *self)
NM_SETTING_CONNECTION_MDNS_DEFAULT);
}
+static gboolean
+_prop_get_sriov_preserve_on_down(NMDevice *self, NMSettingSriov *s_sriov)
+{
+ NMSriovPreserveOnDown preserve;
+
+ g_return_val_if_fail(NM_IS_DEVICE(self), FALSE);
+ g_return_val_if_fail(NM_IS_SETTING_SRIOV(s_sriov), FALSE);
+
+ preserve = nm_setting_sriov_get_preserve_on_down(s_sriov);
+ if (NM_IN_SET(preserve, NM_SRIOV_PRESERVE_ON_DOWN_NO, NM_SRIOV_PRESERVE_ON_DOWN_YES))
+ return preserve;
+
+ return nm_config_data_get_connection_default_int64(NM_CONFIG_GET_DATA,
+ NM_CON_DEFAULT("sriov.preserve-on-down"),
+ self,
+ NM_SRIOV_PRESERVE_ON_DOWN_NO,
+ NM_SRIOV_PRESERVE_ON_DOWN_YES,
+ NM_SRIOV_PRESERVE_ON_DOWN_NO);
+}
+
static NMSettingConnectionLlmnr
_prop_get_connection_llmnr(NMDevice *self)
{
@@ -14030,6 +14050,13 @@ can_reapply_change(NMDevice *self,
goto out_fail;
}
+ if (nm_streq(setting_name, NM_SETTING_SRIOV_SETTING_NAME)) {
+ return nm_device_hash_check_invalid_keys(diffs,
+ NM_SETTING_SRIOV_SETTING_NAME,
+ error,
+ NM_SETTING_SRIOV_PRESERVE_ON_DOWN);
+ }
+
out_fail:
g_set_error(error,
NM_DEVICE_ERROR,
@@ -17478,7 +17505,8 @@ _set_state_full(NMDevice *self, NMDeviceState state, NMDeviceStateReason reason,
}
if (priv->ifindex > 0
- && (s_sriov = nm_device_get_applied_setting(self, NM_TYPE_SETTING_SRIOV))) {
+ && (s_sriov = nm_device_get_applied_setting(self, NM_TYPE_SETTING_SRIOV))
+ && (!_prop_get_sriov_preserve_on_down(self, s_sriov))) {
priv->sriov_reset_pending++;
sriov_op_queue(self,
0,
@@ -17533,7 +17561,8 @@ _set_state_full(NMDevice *self, NMDeviceState state, NMDeviceStateReason reason,
nm_settings_connection_update_timestamp(sett_conn, (guint64) 0);
if (priv->ifindex > 0
- && (s_sriov = nm_device_get_applied_setting(self, NM_TYPE_SETTING_SRIOV))) {
+ && (s_sriov = nm_device_get_applied_setting(self, NM_TYPE_SETTING_SRIOV))
+ && (!_prop_get_sriov_preserve_on_down(self, s_sriov))) {
priv->sriov_reset_pending++;
sriov_op_queue(self,
0,
diff --git a/src/libnm-client-impl/libnm.ver b/src/libnm-client-impl/libnm.ver
index 6a093a0658..e7ca51da88 100644
--- a/src/libnm-client-impl/libnm.ver
+++ b/src/libnm-client-impl/libnm.ver
@@ -2074,3 +2074,9 @@ global:
nm_setting_prefix_delegation_get_type;
nm_setting_prefix_delegation_new;
} libnm_1_52_0;
+
+libnm_1_56_0 {
+global:
+ nm_setting_sriov_get_preserve_on_down;
+ nm_sriov_preserve_on_down_get_type;
+} libnm_1_54_0;
diff --git a/src/libnm-core-impl/gen-metadata-nm-settings-libnm-core.xml.in b/src/libnm-core-impl/gen-metadata-nm-settings-libnm-core.xml.in
index d165957179..c764f53568 100644
--- a/src/libnm-core-impl/gen-metadata-nm-settings-libnm-core.xml.in
+++ b/src/libnm-core-impl/gen-metadata-nm-settings-libnm-core.xml.in
@@ -2386,6 +2386,10 @@
dbus-type="i"
gprop-type="gint"
/>
+
preserve_on_down;
+}
+
/**
* nm_setting_sriov_get_autoprobe_drivers:
* @setting: the #NMSettingSriov
@@ -1462,6 +1480,35 @@ nm_setting_sriov_class_init(NMSettingSriovClass *klass)
NMSettingSriov,
eswitch_encap_mode);
+ /**
+ * NMSettingSriov:preserve-on-down
+ *
+ * This controls whether NetworkManager preserves the SR-IOV parameters set on
+ * the device when the connection is deactivated, or whether it resets them to
+ * their default value. The SR-IOV parameters are those specified in this setting
+ * (the "sriov" setting), like the number of VFs to create, the eswitch
+ * configuration, etc.
+ *
+ * If set to %NM_SRIOV_PRESERVE_ON_DOWN_NO, NetworkManager resets the SR-IOV
+ * parameters when the connection is deactivated. When set to
+ * %NM_SRIOV_PRESERVE_ON_DOWN_YES, NetworkManager preserves those parameters
+ * on the device. If the value is %NM_SRIOV_PRESERVE_ON_DOWN_DEFAULT, NetworkManager
+ * looks up a global default value in the configuration; in case no such value is
+ * defined, it uses %NM_SRIOV_PRESERVE_ON_DOWN_NO as fallback.
+ *
+ * Since: 1.56
+ */
+ _nm_setting_property_define_direct_enum(properties_override,
+ obj_properties,
+ NM_SETTING_SRIOV_PRESERVE_ON_DOWN,
+ PROP_PRESERVE_ON_DOWN,
+ NM_TYPE_SRIOV_PRESERVE_ON_DOWN,
+ NM_SRIOV_PRESERVE_ON_DOWN_DEFAULT,
+ NM_SETTING_PARAM_FUZZY_IGNORE,
+ NULL,
+ NMSettingSriov,
+ preserve_on_down);
+
g_object_class_install_properties(object_class, _PROPERTY_ENUMS_LAST, obj_properties);
_nm_setting_class_commit(setting_class,
diff --git a/src/libnm-core-public/nm-setting-sriov.h b/src/libnm-core-public/nm-setting-sriov.h
index affccc4892..e45620fe8a 100644
--- a/src/libnm-core-public/nm-setting-sriov.h
+++ b/src/libnm-core-public/nm-setting-sriov.h
@@ -28,6 +28,7 @@ G_BEGIN_DECLS
#define NM_SETTING_SRIOV_TOTAL_VFS "total-vfs"
#define NM_SETTING_SRIOV_VFS "vfs"
+#define NM_SETTING_SRIOV_PRESERVE_ON_DOWN "preserve-on-down"
#define NM_SETTING_SRIOV_AUTOPROBE_DRIVERS "autoprobe-drivers"
#define NM_SETTING_SRIOV_ESWITCH_MODE "eswitch-mode"
#define NM_SETTING_SRIOV_ESWITCH_INLINE_MODE "eswitch-inline-mode"
@@ -56,6 +57,22 @@ typedef enum {
NM_SRIOV_VF_VLAN_PROTOCOL_802_1AD = 1,
} NMSriovVFVlanProtocol;
+/**
+ * NMSriovPreserveOnDown:
+ * @NM_SRIOV_PRESERVE_ON_DOWN_DEFAULT: use the default value
+ * @NM_SRIOV_PRESERVE_ON_DOWN_NO: reset the SR-IOV parameters when the
+ * connection is deactivated
+ * @NM_SRIOV_PRESERVE_ON_DOWN_YES: preserve the SR-IOV parameters set on
+ * the device when the connection is deactivated
+ *
+ * Since: 1.56
+ */
+typedef enum {
+ NM_SRIOV_PRESERVE_ON_DOWN_DEFAULT = -1,
+ NM_SRIOV_PRESERVE_ON_DOWN_NO = 0,
+ NM_SRIOV_PRESERVE_ON_DOWN_YES = 1,
+} NMSriovPreserveOnDown;
+
/**
* NMSriovEswitchMode:
* @NM_SRIOV_ESWITCH_MODE_PRESERVE: don't modify current eswitch mode
@@ -123,6 +140,8 @@ NM_AVAILABLE_IN_1_14
gboolean nm_setting_sriov_remove_vf_by_index(NMSettingSriov *setting, guint index);
NM_AVAILABLE_IN_1_14
void nm_setting_sriov_clear_vfs(NMSettingSriov *setting);
+NM_AVAILABLE_IN_1_56
+NMSriovPreserveOnDown nm_setting_sriov_get_preserve_on_down(NMSettingSriov *setting);
NM_AVAILABLE_IN_1_14
NMTernary nm_setting_sriov_get_autoprobe_drivers(NMSettingSriov *setting);
NM_AVAILABLE_IN_1_46
diff --git a/src/libnm-core-public/nm-version-macros.h.in b/src/libnm-core-public/nm-version-macros.h.in
index 4c4772d293..49f283f6ea 100644
--- a/src/libnm-core-public/nm-version-macros.h.in
+++ b/src/libnm-core-public/nm-version-macros.h.in
@@ -78,6 +78,7 @@
#define NM_VERSION_1_50 (NM_ENCODE_VERSION(1, 50, 0))
#define NM_VERSION_1_52 (NM_ENCODE_VERSION(1, 52, 0))
#define NM_VERSION_1_54 (NM_ENCODE_VERSION(1, 54, 0))
+#define NM_VERSION_1_56 (NM_ENCODE_VERSION(1, 56, 0))
/* For releases, NM_API_VERSION is equal to NM_VERSION.
*
diff --git a/src/libnm-core-public/nm-version.h b/src/libnm-core-public/nm-version.h
index 33daf65f15..775ed62747 100644
--- a/src/libnm-core-public/nm-version.h
+++ b/src/libnm-core-public/nm-version.h
@@ -439,6 +439,20 @@
#define NM_AVAILABLE_IN_1_54
#endif
+#if NM_VERSION_MIN_REQUIRED >= NM_VERSION_1_56
+#define NM_DEPRECATED_IN_1_56 G_DEPRECATED
+#define NM_DEPRECATED_IN_1_56_FOR(f) G_DEPRECATED_FOR(f)
+#else
+#define NM_DEPRECATED_IN_1_56
+#define NM_DEPRECATED_IN_1_56_FOR(f)
+#endif
+
+#if NM_VERSION_MAX_ALLOWED < NM_VERSION_1_56
+#define NM_AVAILABLE_IN_1_56 G_UNAVAILABLE(1, 56)
+#else
+#define NM_AVAILABLE_IN_1_56
+#endif
+
/*
* Synchronous API for calling D-Bus in libnm is deprecated. See
* https://networkmanager.dev/docs/libnm/latest/usage.html#sync-api
diff --git a/src/libnmc-setting/nm-meta-setting-desc.c b/src/libnmc-setting/nm-meta-setting-desc.c
index b025093ada..f62830312f 100644
--- a/src/libnmc-setting/nm-meta-setting-desc.c
+++ b/src/libnmc-setting/nm-meta-setting-desc.c
@@ -7674,6 +7674,9 @@ static const NMMetaPropertyInfo *const property_infos_SRIOV[] = {
PROPERTY_INFO_WITH_DESC (NM_SETTING_SRIOV_ESWITCH_ENCAP_MODE,
.property_type = &_pt_gobject_enum,
),
+ PROPERTY_INFO_WITH_DESC (NM_SETTING_SRIOV_PRESERVE_ON_DOWN,
+ .property_type = &_pt_gobject_enum,
+ ),
NULL
};
diff --git a/src/libnmc-setting/settings-docs.h.in b/src/libnmc-setting/settings-docs.h.in
index 8678dc64eb..8f7ae31d4e 100644
--- a/src/libnmc-setting/settings-docs.h.in
+++ b/src/libnmc-setting/settings-docs.h.in
@@ -353,6 +353,7 @@
#define DESCRIBE_DOC_NM_SETTING_SRIOV_ESWITCH_ENCAP_MODE N_("Select the eswitch encapsulation support. Currently it's only supported for PCI PF devices, and only if the eswitch device is managed from the same PCI address than the PF. If set to \"preserve\" (-1) (default) the eswitch encap-mode won't be modified by NetworkManager.")
#define DESCRIBE_DOC_NM_SETTING_SRIOV_ESWITCH_INLINE_MODE N_("Select the eswitch inline-mode of the device. Some HWs need the VF driver to put part of the packet headers on the TX descriptor so the e-switch can do proper matching and steering. Currently it's only supported for PCI PF devices, and only if the eswitch device is managed from the same PCI address than the PF. If set to \"preserve\" (-1) (default) the eswitch inline-mode won't be modified by NetworkManager.")
#define DESCRIBE_DOC_NM_SETTING_SRIOV_ESWITCH_MODE N_("Select the eswitch mode of the device. Currently it's only supported for PCI PF devices, and only if the eswitch device is managed from the same PCI address than the PF. If set to \"preserve\" (-1) (default) the eswitch mode won't be modified by NetworkManager.")
+#define DESCRIBE_DOC_NM_SETTING_SRIOV_PRESERVE_ON_DOWN N_("This controls whether NetworkManager preserves the SR-IOV parameters set on the device when the connection is deactivated, or whether it resets them to their default value. The SR-IOV parameters are those specified in this setting (the \"sriov\" setting), like the number of VFs to create, the eswitch configuration, etc. If set to \"no\" (0), NetworkManager resets the SR-IOV parameters when the connection is deactivated. When set to \"yes\" (1), NetworkManager preserves those parameters on the device. If the value is \"default\" (-1), NetworkManager looks up a global default value in the configuration; in case no such value is defined, it uses \"no\" (0) as fallback.")
#define DESCRIBE_DOC_NM_SETTING_SRIOV_TOTAL_VFS N_("The total number of virtual functions to create. Note that when the sriov setting is present NetworkManager enforces the number of virtual functions on the interface (also when it is zero) during activation and resets it upon deactivation. To prevent any changes to SR-IOV parameters don't add a sriov setting to the connection.")
#define DESCRIBE_DOC_NM_SETTING_SRIOV_VFS N_("Array of virtual function descriptors. Each VF descriptor is a dictionary mapping attribute names to GVariant values. The 'index' entry is mandatory for each VF. When represented as string a VF is in the form: \"INDEX [ATTR=VALUE[ ATTR=VALUE]...]\". for example: \"2 mac=00:11:22:33:44:55 spoof-check=true\". Multiple VFs can be specified using a comma as separator. Currently, the following attributes are supported: mac, spoof-check, trust, min-tx-rate, max-tx-rate, vlans. The \"vlans\" attribute is represented as a semicolon-separated list of VLAN descriptors, where each descriptor has the form \"ID[.PRIORITY[.PROTO]]\". PROTO can be either 'q' for 802.1Q (the default) or 'ad' for 802.1ad.")
#define DESCRIBE_DOC_NM_SETTING_TC_CONFIG_QDISCS N_("Array of TC queueing disciplines. When the \"tc\" setting is present, qdiscs from this property are applied upon activation. If the property is empty, all qdiscs are removed and the device will only have the default qdisc assigned by kernel according to the \"net.core.default_qdisc\" sysctl. If the \"tc\" setting is not present, NetworkManager doesn't touch the qdiscs present on the interface.")
diff --git a/src/nmcli/gen-metadata-nm-settings-nmcli.xml.in b/src/nmcli/gen-metadata-nm-settings-nmcli.xml.in
index 957480aea2..c57366d817 100644
--- a/src/nmcli/gen-metadata-nm-settings-nmcli.xml.in
+++ b/src/nmcli/gen-metadata-nm-settings-nmcli.xml.in
@@ -1984,6 +1984,10 @@
nmcli-description="Select the eswitch encapsulation support. Currently it's only supported for PCI PF devices, and only if the eswitch device is managed from the same PCI address than the PF. If set to "preserve" (-1) (default) the eswitch encap-mode won't be modified by NetworkManager."
format="choice (NMSriovEswitchEncapMode)"
values="preserve (-1), none (0), basic (1)" />
+