Fixes: 5e71f01605 ('device: merge stage3 and stage4 ip-config function for IPv4 and IPv6')
(cherry picked from commit a017936223)
(cherry picked from commit 0adfcadc9d)
First I wanted to fix
test:ERROR:../src/ndisc/tests/test-ndisc-fake.c:373:test_preference_changed_cb: assertion failed (_a->timestamp == (data->timestamp1 + 3)): (9 == 10)
but that leads to a different failure:
test:ERROR:../src/ndisc/tests/test-ndisc-fake.c:375:test_preference_changed_cb: assertion failed (_a->lifetime == (9)): (10 == 9)
Instead, the start and end times must match exact (in their duration),
we only allow them to be shifted by up to one second.
Fixes: 8209095ee1 ('ndisc/tests: relax the assertion in "test-ndisc-fake.c"')
(cherry picked from commit b2f03544a7)
(cherry picked from commit 838777a891)
By having it a function, the assertion failure does not show the line
number of the origin. Make them a macro, so that we see where exactly it
failed.
(cherry picked from commit 3b896cc642)
(cherry picked from commit b1a7eda71d)
On Fedora rawhide (34), valgrind gives a lot of warnings like:
./src/platform/tests/test-cleanup-linux.valgrind-log:--48279-- WARNING: unhandled amd64-linux syscall: 439
./src/platform/tests/test-cleanup-linux.valgrind-log:--48279-- You may be able to write your own handler.
./src/platform/tests/test-cleanup-linux.valgrind-log:--48279-- Read the file README_MISSING_SYSCALL_OR_IOCTL.
./src/platform/tests/test-cleanup-linux.valgrind-log:--48279-- Nevertheless we consider this a bug. Please report
./src/platform/tests/test-cleanup-linux.valgrind-log:--48279-- it at http://valgrind.org/support/bug_reports.html.
Ignore them.
(cherry picked from commit 2cb40f6e36)
(cherry picked from commit 561bd7bba6)
Otherwise, the test generates an "messages.mo" file.
Fixes: 97c1bed37e ('build: add test for valid po files (msgfmt -vc)')
(cherry picked from commit ad55cf86e8)
(cherry picked from commit 9b5ef3aaea)
When a virtual device fails, its state goes to FAIL and then
DISCONNECTED. In DISCONNECTED we call schedule_activate_check() to
schedule an auto-activation if needed. We also schudule the deletion
of the link through delete_on_deactivate_check_and_schedule(). The
auto-activation attempt fails because the link deletion unmanages the
device; as a result, the device doesn't try to auto-activate again.
To fix this:
- don't allow the device to auto-activate if the device deletion is
pending;
- check again if the device can be auto-activated after its deletion.
https://bugzilla.redhat.com/show_bug.cgi?id=1818697https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/613
(cherry picked from commit e404585e60)
(cherry picked from commit dac89c0727)
On Ubuntu 20.10, we build against ModemManager 1.14.0 and get a compiler warning:
../src/devices/wwan/nm-modem-broadband.c: In function 'try_create_connect_properties':
../src/devices/wwan/nm-modem-broadband.c:492:2: error: 'MMModemCapabilityDeprecated' is deprecated [-Werror=deprecated-declarations]
492 | if (MODEM_CAPS_3GPP (ctx->caps)) {
| ^~
Suppress it.
An alternative would be to drop the flag entirely. It seems the flag
was never used (and never will be used). But if that's true, there is
little harm done checking it. If it's not true, we better keep checking
for older versions.
0cd76bf1c4
(cherry picked from commit 03dc759026)
(cherry picked from commit 12e4a4a5df)
The detection for Ubuntu 16.04 was broken. By now /etc/os-release
contains
VERSION="16.04.7 LTS (Xenial Xerus)"
(cherry picked from commit 12e8557476)
(cherry picked from commit 9f7736ea8e)
Avoids a compiler warning:
../src/devices/nm-device.c:16079:26: error: cast to smaller integer type 'NMDeviceStateReason' from 'gpointer' (aka 'void *') [-Werror,-Wvoid-pointer-to-enum-cast]
deactivate_ready (self, (NMDeviceStateReason) reason);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~
Fixes: 121c58f0c4 ('core: set number of SR-IOV VFs asynchronously')
(cherry picked from commit 918ebd600a)
(cherry picked from commit 32641b9fca)
On master this code was refactored and thereby the leak was
fixed. Instead of backporting that, do an original patch for
nm-1-24 to fix only the leak.
Fixes: 121c58f0c4 ('core: set number of SR-IOV VFs asynchronously')
g_steal_pointer() is marked as GLIB_AVAILABLE_STATIC_INLINE_IN_2_44,
that means we get a deprecated warning. Avoid that. We anyway
re-implement the macro so that we can use it before 2.44 and so
that it always does the typeof() cast.
(cherry picked from commit edfe9fa9a2)
On Debian sid, pygobject no longer builds "python-gobject" for
python2. Still, python2 may be installed and detected preferably
by AM_PATH_PYTHON(). Add workaround.
(cherry picked from commit 54a1cfa973)
(cherry picked from commit 043bf59602)
The matchfilecon API is deprecated for a very long time. Since selinux 3.1
the functions are also marked as deprecated in the header, which causes
compiler warnings and build failures.
Update the code to use selabel API instead.
(cherry picked from commit 173533c3b2)
(cherry picked from commit f5aafb9da4)
can_reapply_change() would wrongly return true for
unsupported reapply values because it used 'nm_setting_bond_get_option_default()'
that is ill-named because it returns the overriden option other than
its default value.
https://bugzilla.redhat.com/show_bug.cgi?id=1847814
Fixes: 9bd07336ef ('bond: bond options logic rework')
(cherry picked from commit 04d6ca1fb8)
(cherry picked from commit 63b5274dda)
There is a bug when parsing a BOOTIF= without any existing
connection. The generated connection doesn't have wired setting and
later we try to access it:
# nm-initrd-generator --stdout -- BOOTIF=01-50-50-00-9f-21-21
(nm-initrd-generator:1546): libnm-CRITICAL **: ((libnm-core/nm-setting-wired.c:205)): assertion '<dropped>' failed
(nm-initrd-generator:1546): GLib-GObject-CRITICAL **: g_object_set: assertion 'G_IS_OBJECT (object)' failed
Fix this.
https://bugzilla.redhat.com/show_bug.cgi?id=1853277
Fixes: 25a2b6e14f ('initrd: rework command line parsing')
(cherry picked from commit 3023c70e4e)
(cherry picked from commit b8246ea367)
This does not match kernel behavior. You seem to be able to configure
multicast_snooping=auto,enabled with multicast_snooping off just fine.
Possibly this constrained was inspired by `ip link`, which says:
mcast_router MULTICAST_ROUTER - set bridge's multicast router if IGMP
snooping is enabled.
But kernel doesn't enforce this:
ip link delete br0 2>/dev/null; \
ip link add br0 type bridge mcast_router 1 mcast_snooping 0; \
grep ^ /sys/devices/virtual/net/br0/bridge/{multicast_router,multicast_snooping}
gives:
/sys/devices/virtual/net/br0/bridge/multicast_router:1
/sys/devices/virtual/net/br0/bridge/multicast_snooping:0
We probably should not implement additional constrains on top of what
kernel does, if the conditions are that obscure.
Fixes: e01d3b4c2b ('nm-setting-bridge: add 'multicast-router' bridge option')
(cherry picked from commit f9721385ce)
This is a serious issue, because this is not guaranteed to be UTF-8
data.
Fixes: 07a9364d9c ('device: export list of LLDP neighbors through D-Bus')
(cherry picked from commit 8cd9b87c91)
libcurl's documentation for CURLMOPT_TIMERFUNCTION requires the
application to install a non-repeating timer.
https://curl.haxx.se/libcurl/c/CURLMOPT_TIMERFUNCTION.html
So let's remove the GSource once expired.
Fixes: 69f048bf0c ('cloud-setup: add tool for automatic IP configuration in cloud')
(cherry picked from commit e09bd2339a)
(cherry picked from commit b7d53f0d3a)
Since just a single pointer is used to store the socket's GSource
if more than 1 consecutive request was done through the same
HTTP provider the 2nd request would clear the GSource associated to
the second request causing the 1st HTTP request to never complete
and end up in a expired timeout.
Use a hashtable instead so we can correctly track all requests.
https://bugzilla.redhat.com/show_bug.cgi?id=1821787
Fixes: 69f048bf0c ('cloud-setup: add tool for automatic IP configuration in cloud')
(cherry picked from commit 427fbc85f0)
(cherry picked from commit f5487645d8)
The connection is automatically unreferenced when the function
returns.
Fixes: 9c5ea0917d ('devices: reuse the hotspot connection if we find appropriate one'):
(cherry picked from commit 3ecfd13ded)
(cherry picked from commit 26f1074d9d)
Without this, `nmcli device modify "$DEVICE"` leads to a crash. At least
since commit c5d45848dd ('cli: mark argv argument for command line
parsing as const'), when this happens.
That is, because it passes a NULL strv array with argc being set to
zero. nmc_process_connection_properties() is not supposed to access
the array, if there are no elements there.
Fixes: c5d45848dd ('cli: mark argv argument for command line parsing as const')
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/492
(cherry picked from commit 09c94bc24f)
(cherry picked from commit fd9e7d6167)
In this case, GetAll failed with "Timeout was reached". We still
create a dummy BSS info, because we kept track of the object to
start with. That way, we don't simply want to ignore the failure,
because NMDeviceWifi might track this NMWifiAP already, and we may
need an update (even if we failed to fetch the requested information).
However, that later leads to a crash, because NMDeviceWifi expect the BSSID
present then.
Avoid that, by don't processing such APs.
#0 g_logv (log_domain=0x7f2ac10a60a9 "NetworkManager", log_level=G_LOG_LEVEL_CRITICAL, format=<optimized out>, args=<optimized out>) at ../glib/gmessages.c:1377
#1 0x00007f2acf152233 in g_log
(log_domain=log_domain@entry=0x7f2ac10a60a9 "NetworkManager", log_level=log_level@entry=G_LOG_LEVEL_CRITICAL, format=format@entry=0x7f2acf1a46ff "%s: assertion '%s' failed")
at ../glib/gmessages.c:1415
#2 0x00007f2acf152a2d in g_return_if_fail_warning
(log_domain=log_domain@entry=0x7f2ac10a60a9 "NetworkManager", pretty_function=pretty_function@entry=0x7f2ac10a9e70 <__func__.50> "try_fill_ssid_for_hidden_ap", expression=expression@entry=0x7f2ac10a86d0 "bssid") at ../glib/gmessages.c:2771
#3 0x00007f2ac108a402 in try_fill_ssid_for_hidden_ap (ap=0x5569978b61c0 [NMWifiAP], self=0x55699786ea00 [NMDeviceWifi]) at src/devices/wifi/nm-device-wifi.c:1883
#4 supplicant_iface_bss_changed_cb (iface=0x556997777260 [NMSupplicantInterface], bss_info=0x7f2ab4028f00, is_present=1, self=0x55699786ea00 [NMDeviceWifi])
at src/devices/wifi/nm-device-wifi.c:1946
#5 0x00007f2ace246af0 in ffi_call_unix64 () at ../src/x86/unix64.S:76
#6 0x00007f2ace2462ab in ffi_call (cif=cif@entry=0x7ffd9c107c90, fn=fn@entry=0x7f2ac1089e80 <supplicant_iface_bss_changed_cb>, rvalue=<optimized out>, avalue=avalue@entry=0x7ffd9c107ba0)
at ../src/x86/ffi64.c:525
#7 0x00007f2acf23e87a in g_cclosure_marshal_generic_va
(closure=<optimized out>, return_value=<optimized out>, instance=<optimized out>, args_list=<optimized out>, marshal_data=<optimized out>, n_params=<optimized out>, param_types=<optimized out>) at ../gobject/gclosure.c:1614
#8 0x00007f2acf23dae6 in _g_closure_invoke_va
(closure=closure@entry=0x5569978a0cc0, return_value=return_value@entry=0x0, instance=instance@entry=0x556997777260, args=args@entry=0x7ffd9c107f00, n_params=2, param_types=0x55699775b990) at ../gobject/gclosure.c:873
#9 0x00007f2acf2566e9 in g_signal_emit_valist (instance=0x556997777260, signal_id=<optimized out>, detail=0, var_args=var_args@entry=0x7ffd9c107f00) at ../gobject/gsignal.c:3407
#10 0x00007f2acf256c63 in g_signal_emit (instance=instance@entry=0x556997777260, signal_id=<optimized out>, detail=detail@entry=0) at ../gobject/gsignal.c:3554
#11 0x00005569972ece61 in _bss_info_changed_emit (self=self@entry=0x556997777260 [NMSupplicantInterface], bss_info=bss_info@entry=0x7f2ab4028f00, is_present=is_present@entry=1)
at src/supplicant/nm-supplicant-interface.c:555
#12 0x00005569972ed3a0 in _bss_info_properties_changed (self=0x556997777260 [NMSupplicantInterface], bss_info=0x7f2ab4028f00, properties=<optimized out>, initial=<optimized out>)
at src/supplicant/nm-supplicant-interface.c:758
#13 0x00005569972f756b in _bss_info_get_all_cb (result=0x0, error=<optimized out>, user_data=0x7f2ab4028f00) at src/supplicant/nm-supplicant-interface.c:784
#14 0x0000556997217bc1 in _nm_dbus_connection_call_default_cb (source=0x5569977480c0 [GDBusConnection], res=<optimized out>, user_data=user_data@entry=0x556997855d50)
at shared/nm-glib-aux/nm-dbus-aux.c:74
#15 0x00007f2acf339e4a in g_task_return_now (task=task@entry=0x7f2ab4003f00 [GTask]) at ../gio/gtask.c:1214
#16 0x00007f2acf33aa3d in g_task_return (task=0x7f2ab4003f00 [GTask], type=<optimized out>) at ../gio/gtask.c:1283
#17 0x00007f2acf33b4fe in g_task_return (type=G_TASK_RETURN_ERROR, task=<optimized out>) at ../gio/gtask.c:1861
#18 g_task_return_error (task=<optimized out>, error=<optimized out>) at ../gio/gtask.c:1867
#19 0x0000556997893f40 in ()
#20 0x3a85d39adfae7f00 in ()
#21 0x00007f2ab4003cc0 in ()
#22 0x00007f2acf396460 in g_dbus_connection_call_done () at ../gio/gdbusconnection.c:2059
#23 0x00007f2ab4003f00 in ()
#24 0x0000000000000086 in ()
#25 0x0000000000000018 in ()
#26 0x00007f2acf339e4a in g_task_return_now (task=0x7f2ab4003f00 [GTask], task@entry=0x7f2ab4003cc0 [GTask]) at ../gio/gtask.c:1214
#27 0x00007f2acf33aa3d in g_task_return (task=0x7f2ab4003cc0 [GTask], type=<optimized out>) at ../gio/gtask.c:1283
#28 0x00007f2acf33b4fe in g_task_return (type=G_TASK_RETURN_ERROR, task=<optimized out>) at ../gio/gtask.c:1861
#29 g_task_return_error (task=<optimized out>, error=<optimized out>) at ../gio/gtask.c:1867
#30 0x0000003000000028 in ()
#31 0x00007ffd9c108290 in ()
Fixes: b83f07916a ('supplicant: large rework of wpa_supplicant handling')
(cherry picked from commit 4d878d7012)
(cherry picked from commit 029d07b019)
It's not a severe issue, because the GetConfigMetadataData struct is
larger than GetConfigMetadataMac.
Fixes: 69f048bf0c ('cloud-setup: add tool for automatic IP configuration in cloud')
(cherry picked from commit 460afe6d50)
(cherry picked from commit 181fd5c611)
The BPF filter takes the byte containing IP Flags and performs a
bitwise AND with "ntohs(IP_MF | IP_OFFMASK)".
On little-endian architectures the IP_MF flag (0x20) is ANDed with
0xFF3F and so the presence of the flag is correctly detected ignoring
other flags as IP_DF (0x40) or IP_RF (0x80).
On big-endian, "ntohs(IP_MF | IP_OFFMASK)" is 0x3FFF and so the filter
wrongly checks the presence of *any* flags. Therefore, a packet with
the DF flag set is dropped.
Instead, take the two bytes containing flags and offset:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Version| IHL |Type of Service| Total Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Identification |Flags| Fragment Offset |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
and verify that IP_MF and the offset are zero.
Fixes: e43b1791a3 ('Merge commit 'e23b3c9c3ac86b065eef002fa5c4321cc4a87df2' as 'shared/n-dhcp4'')
https://bugzilla.redhat.com/show_bug.cgi?id=1861488https://github.com/nettools/n-dhcp4/pull/19
(cherry picked from commit 03d38e83e558802a82cb0e4847cb1f1ef75ccd16)
(cherry picked from commit 0024cef238)
(cherry picked from commit 80835f8f89)
The systemd DHCPv6 client requires a hardware address only to
determine the IAID; NM always overrides the IAID with its own and
therefore the hwaddr is not used.
Removing such requirement allows DHCPv6 to run over PPP, which is
useful with DHCPv6-PD to get a prefix from the ISP.
To test this, I set up a server with pppoe-server, radvd and the Wide
DHCPv6 server providing an address and a prefix. On the client, NM was
able to obtain a prefix using both dhcp=dhclient and dhcp=systemd.
Note that if there is no hardware address and you specify
ipv6.dhcp-duid=ll or ipv6.dhcp-iaid=mac, a warning will be emitted and
NM will use a random DUID/IAID.
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/478
(cherry picked from commit 76a6a30577)
(cherry picked from commit 905d4eb36e)
If IPv6 is disabled, changing the IPv6 MTU fails and NM complains with
a warning. Since this error is expected and doesn't do any harm,
downgrade the logging level to DEBUG.
Since IPv6 kernel support can be built as a module, we have to check
the existence of /proc/sys/net/ipv6 every time. Instead of checking it
and then setting the MTU (adding one /proc access for everyone), just try
to set the MTU; in case of failure, determine the reason for the error.
https://bugzilla.redhat.com/show_bug.cgi?id=1840989https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/585
(cherry picked from commit 9c09dcedaf)
(cherry picked from commit ce3dffd24e)
nm_device_cleanup() can be called when the device no longer has an
ifindex. In such case, don't try to reset the MAC address as that
would lead to an assertion failure.
(cherry picked from commit 77b6ce7d04)
(cherry picked from commit 791a888cad)
We already set the MAC of OVS interfaces in the ovsdb. Unfortunately,
vswitchd doesn't create the interface with the given MAC from the
beginning, but first creates it with a random MAC and then changes it.
This causes a race condition: as soon as NM sees the new link, it
starts IP configuration on it and (possibly later) vswitchd will
change the MAC.
To avoid this, also set the desired MAC via netlink before starting IP
configuration.
https://bugzilla.redhat.com/show_bug.cgi?id=1852106https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/483
(cherry picked from commit 47ec3d14d4)
(cherry picked from commit 60d10b146d)
When a user creates a ovs-interface with the same name of the parent
ovs-bridge, openvswitch considers the interface as the "local
interface" [1] and assigns the MAC address of the bridge to the
interface [2].
This is confusing for users, as the cloned MAC property is ignored in
some cases, depending on the ovs-interface name.
Instead, detect when the interface is local and set the MAC from the
ovs-interface connection in the bridge table.
[1] https://github.com/openvswitch/ovs/blob/v2.13.0/vswitchd/vswitch.xml#L2546
[2] https://github.com/openvswitch/ovs/blob/v2.13.0/vswitchd/bridge.c#L4744
(cherry picked from commit 5d4c8521a3)
(cherry picked from commit 7548c29a89)
A connection that fails due to dependency-failed is not able to
reconnect until the master connection activates again; when this
happens, the master clears the blocked reason for all its slaves in
activate_slave_connections() and tries to reconnect them. For this to
work, the slave should be marked as blocked when it fails with
dependency-failed.
(cherry picked from commit 725fed01cf)
(cherry picked from commit e1755048e3)
If the device state change (to disconnected or unmanaged) triggered by
a sleep event happens after the wake, the devices becomes wrongly
unmanaged and it's necessary to manually manage it again, or restart
NM.
During the wake event we should disconnect the device_sleep_cb()
callback for all devices because we don't want to react to state
changes anymore; in particular we don't need to detect when the device
becomes disconnected to unmanage it.
(cherry picked from commit fe2d93980b)
(cherry picked from commit 971897195a)
