For IPv6 the lease doesn't necessarily have an address. If the address
is missing or the DHCP client doesn't implement accept(), we don't
need to wait for the address in platform.
From https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1066#note_1233210 :
0 0x00007ffff760f88c in __pthread_kill_implementation () at /lib64/libc.so.6
1 0x00007ffff75c26a6 in raise () at /lib64/libc.so.6
2 0x00007ffff75ac7d3 in abort () at /lib64/libc.so.6
3 0x00007ffff77c5d4c in g_assertion_message (domain=<optimized out>, file=<optimized out>, line=<optimized out>, func=<optimized out>, message=<optimized out>)
at ../glib/gtestutils.c:3223
4 0x00007ffff782645f in g_assertion_message_expr
(domain=domain@entry=0x5555559e7c96 "nm", file=file@entry=0x5555559deac0 "src/core/dhcp/nm-dhcp-client.c", line=line@entry=609, func=func@entry=0x5555559e0090 <__func__.31> "l3_cfg_notify_cb", expr=expr@entry=0x5555559df5cf "lease_address") at ../glib/gtestutils.c:3249
5 0x00005555558b2866 in l3_cfg_notify_cb (l3cfg=0x555555c29790, notify_data=<optimized out>, self=0x555555e9a1b0) at src/core/dhcp/nm-dhcp-client.c:609
9 0x00007ffff791abe3 in <emit signal ??? on instance ???> (instance=instance@entry=0x555555c29790, signal_id=<optimized out>, detail=detail@entry=0) at ../gobject/gsignal.c:3553
6 0x00007ffff78fcc7f in g_closure_invoke (closure=0x555555ca3900, return_value=0x0, n_param_values=2, param_values=0x7fffffffd420, invocation_hint=0x7fffffffd3a0)
at ../gobject/gclosure.c:830
7 0x00007ffff7919106 in signal_emit_unlocked_R
(node=node@entry=0x555555bbadc0, detail=detail@entry=0, instance=instance@entry=0x555555c29790, emission_return=emission_return@entry=0x0, instance_and_params=instance_and_params@entry=0x7fffffffd420) at ../gobject/gsignal.c:3742
8 0x00007ffff791a9ca in g_signal_emit_valist (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>, var_args=var_args@entry=0x7fffffffd5f0)
at ../gobject/gsignal.c:3497
10 0x000055555564c8a6 in _nm_l3cfg_emit_signal_notify (self=self@entry=0x555555c29790, notify_data=notify_data@entry=0x7fffffffdf30) at src/core/nm-l3cfg.c:576
11 0x000055555564ce77 in _nm_l3cfg_emit_signal_notify_simple (self=self@entry=0x555555c29790, notify_type=notify_type@entry=NM_L3_CONFIG_NOTIFY_TYPE_POST_COMMIT)
at src/core/nm-l3cfg.c:585
12 0x0000555555656082 in _l3_commit (self=self@entry=0x555555c29790, commit_type=NM_L3_CFG_COMMIT_TYPE_UPDATE, commit_type@entry=NM_L3_CFG_COMMIT_TYPE_AUTO, is_idle=is_idle@entry=1)
at src/core/nm-l3cfg.c:4201
13 0x0000555555656189 in _l3_commit_on_idle_cb (user_data=user_data@entry=0x555555c29790) at src/core/nm-l3cfg.c:2961
14 0x00007ffff77f847b in g_idle_dispatch (source=0x555555d65680, callback=0x55555565612c <_l3_commit_on_idle_cb>, user_data=0x555555c29790) at ../glib/gmain.c:5897
15 0x00007ffff77fc130 in g_main_dispatch (context=0x555555aa5020) at ../glib/gmain.c:3381
16 g_main_context_dispatch (context=0x555555aa5020) at ../glib/gmain.c:4099
17 0x00007ffff7851208 in g_main_context_iterate.constprop.0 (context=0x555555aa5020, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:4175
18 0x00007ffff77fb853 in g_main_loop_run (loop=0x555555aa5970) at ../glib/gmain.c:4373
19 0x0000555555593c56 in main (argc=<optimized out>, argv=<optimized out>) at src/core/main.c:509
Fixes: e1648d0665 ('core: commit l3cd asynchronously on DHCP bound event')
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1074
Update DNS only when something relevant changes:
- an old l3cd gets removed, without adding a new one
- a new one is added without removing an old one
- an old is removed and it differs (in routes and DNS) from the new
added one
NMPolicy stores the last hostname set in priv->cur_hostname and checks
if it changed before notifying the DNS manager.
_set_hostname() should be called one time early during startup so that
the priv->cur_hostname gets initialized without triggering a DNS
update.
I see a significant performance increase with many parallel
activations if DNS updates are deferred to the SECONDARIES state.
Since there is no guarantee that device_l3cd_changed() is called again
when the device becomes ACTIVATED, we need also to change
device_state_changed().
When a lease is obtained, currently NMDevice performs a synchronous
commit of IP configuration and then accepts the lease.
Instead, let NMDevice only schedule a async commit; when the DHCP
client notices that the new address was committed it will
automatically accept it and emit a new signal so that the device can
succeed the activation.
Sync commits should be avoided because a commit does of things which
are outside the control of the caller (see the comment in
nm_device_l3cfg_commit()). Furthermore, when there are many pending
activations, async commits seem to help in reducing the CPU usage.
While making the commit async, also move the responsibility of the
accept() to NMDhcpClient.
Currently, ip4 new config signal is being emitted twice, due
to the lack of a barrier to a possible situation. This
commit includes this.
This fixes a crash on NMCI tests due to an assertion failure,
now it will not go ahead in the function anymore if it is under the
undesired conditions.
The backtrace of the crashes can be found at
https://bugzilla.redhat.com/show_bug.cgi?id=2028385
If the connection has wfd_ies set, we want to ensure that a WFD
connection is being established so we want to check that the target peer
also supports WFD. For now this in the IWD backend only.
However, WFD peers will send us their WFD IEs in their Probe Responses
only if our own Probe Request contained a WFD IE, or at least that's
when the spec mandates that they include the WFD IE. This implies that
the discovery phase (NM.Device.WifiP2P.StartFind(options) / .StopFind())
needs to know the value of the local WFD IE and include it in the Probe
Requests, which existing clients (gnome-network-displays) doesn't do and
in fact can't do because there's no API for the client to pass the WFD
IE -- that is easy to add in the options parameter though (a
dictionary).
The current situation is that with the wpa_supplicant backend we'll
sometimes see the WFD IE (when the peer is discovered from a Probe
Request that it has sent, rather than from a Probe Response) and
sometimes not, while with the IWD backend we'll never see the WFD
information because IWD assumes that the client (NM) is not interested
in seeing it if it hasn't registered the local WFD information before
starting discovery.
So, for compatibility with this existing situation and with the
wpa_supplicant backend, ignore whether the peer is a WFD peer except in
the PREPARE stage. In PREPARE, if we have a peer compatible with the
connection being activated -- except for the WFD information -- force a
new discovery, this time passing the WFD information from the
NMSettingConnection's wfd_ies, and only progress to CONFIG if the target
peer is re-discovered as a WFD peer within 10 seconds.
We don't actually check the contents of the WFD IEs to match, e.g. we
don't check the sink/source/dual role compatibility between our and the
peer's properties, but IWD will do some of these checks later during
activation.
Similarly as with wpa_supplicant, create NMDeviceIwdP2P objects for P2P
devices based on data from IWD -- not in NMWifiFactory::create_device
because that is only triggered for system netdevs and a P2P-Device
virtual interface has no netdev. Unlike NMDeviceWifiP2P,
NMDeviceIwdP2P's iface property is a unique string that likely doesn't
match any system interface name -- in theory there doesn't need to be
any related netdev on the system (such as an Infrastructure-mode
interface) before a P2P-Device is added.
[thaller@redhat.com: modified original patch]
Since the NM D-Bus API talks to the client using raw WFD IE bytes and
IWD's API wants/provides some of the actual values from the WFD IE
instead (e.g. boolean Source and Sink properties), we need to be able to
parse and build the WFD IE from those property values to do the
translation, add utilities for this. Use one of them to build the WFD IE
property on NMWifiP2PPeer objects.
[thaller@redhat.com: modify original patch to use
nm_g_variant_unref() and add missing #define]
In NMWifiFactory, move the check that prevents NMDevice's from being
created for interfaces in Monitor and other modes, out of the
wpa_supplicant-specific block so that it applies to both IWD and
wpa_supplicant. This check allows P2P device creation to work
differently that Infrastructure, Ad-Hoc and AP modes so it's needed for
P2P support in the IWD backend.
While there change the check to list the modes that are accepted rather
than rely on some of the modes (Monitor, P2P-{Device,Client,GO}) being
bunched together as _NM_802_11_MODE_UNKNOWN.
The interface name has changed in 2019 but the WSC interface has
never been used by NM. Update #define NM_IWD_WSC_INTERFACE in
nm-iwd-manager.h accordingly.
The n-acd instance gets reset in various cases, for example
when the MAC address changes or during errors.
When that happens, we also need to forget all our pending probes,
because they would reference to a now-defunct n-acd instance.
When the address is currently in state NM_L3_ACD_ADDR_STATE_READY,
we possibly have a pending probe. We need to clean that up. Handle
it the same as in the other cases. Yes, this means we forget about
that the address was ready. But a reset of the n-acd state is a dramatic
event. It warrants some drastic start-over.
See-also: https://bugzilla.redhat.com/show_bug.cgi?id=2026288
See-also: https://bugzilla.redhat.com/show_bug.cgi?id=2028422
See-also: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1035
Fixes: 9a76b07f74 ('l3cfg: fix assertion failure')
While NetworkManager is of course (mostly) single threaded,
our static functions really should be thread safe.
"mostly" single threaded because we have GDBus's worker
thread, we use a thread for writing non-blocking SR-IOV sysctl,
in the past (or still?) we used a thread for async glibc resolver.
Anyway, a low-level function like must be thread safe, when it
uses global data.
Granted, the initialize-once pattern with the flag and the
int variable, is probably in many cases good enough. But it
makes me unhappy, the thought of accessing static data without
a synchronized operation.
This partly restores the previous behavior. The point of the
file owner check is to ensure that the file cannot be read
by unpriviledged processes as it may contain secrets. If the
file is owned by root, that is considered secure (even if our
euid is different).
Possibly, if our euid is not root, then we couldn't read the
file, but that is a different problem.
There is a hierarchy of how files include each other. "main-utils.h"
is pretty much at the bottom (one above "main.c"), in the sense that
it only includes other headers, but is not included itself (aside
"main.c").
Move the utils function to a place where its accessible from everywhere
and rename.
The force-commit flag is used to force the commit of an address or a
route from DHCP/RA even when it was removed from platform externally
(for example because it expired). Routes generated from the l3cd
should also have the flag set.
Without this, NM properly re-adds the DHCP address after the lease is
lost and obtained again, but fails to add the prefix-route.
Fixes: 2838b1c5e8 ('core: track force-commit flag for l3cd and platform objects')
https://bugzilla.redhat.com/show_bug.cgi?id=2033991https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1049
Consider externally removed IPv4LL bad, proceed as if a collision was
detected. Otherwise we trip an assert:
<trace> [1641816260.3963] l3cfg[b8bf8cd16ec4732e,ifindex=47]: emit signal (platform-change-on-idle, obj-type-flags=0x14)
**
nm:ERROR:src/core/nm-l3-ipv4ll.c:888:_ipv4ll_state_change: code should not be reached
Aborted (core dumped)
#3 0x00007f41621d020e in g_assertion_message_expr (domain=domain@entry=0x5559cd829140 "nm",
file=file@entry=0x5559cd823e51 "src/core/nm-l3-ipv4ll.c",
line=line@entry=888, func=func@entry=0x5559cd824d30 <__func__.38810> "_ipv4ll_state_change",
expr=expr@entry=0x0) at gtestutils.c:2556
#4 0x00005559cd719686 in _ipv4ll_state_change (self=0x5559cef886c0,
is_on_idle_handler=0) at src/core/nm-l3-ipv4ll.c:888
#8 0x00007f41626a5093 in <emit signal ??? on instance 0x5559ceffaa30 [NML3Cfg]>
(instance=instance@entry=0x5559ceffaa30, signal_id=<optimized out>,
detail=detail@entry=0) at gsignal.c:3448
#9 0x00005559cd511a03 in _nm_l3cfg_emit_signal_notify
(self=self@entry=0x5559ceffaa30 [NML3Cfg], notify_data=notify_data@entry=0x7ffd1caa8640)
at src/core/nm-l3cfg.c:576
#10 0x00005559cd5122dc in _nm_l3cfg_emit_signal_notify_acd_event (self=0x5559ceffaa30 [NML3Cfg],
acd_data=<optimized out>) at src/core/nm-l3cfg.c:2008
#11 0x00005559cd512463 in _nm_l3cfg_emit_signal_notify_acd_event_all
(self=0x5559ceffaa30 [NML3Cfg]) at src/core/nm-l3cfg.c:2041
#12 0x00005559cd5194ef in _l3_acd_nacd_event (fd=<optimized out>, condition=<optimized out>,
user_data=<optimized out>) at src/core/nm-l3cfg.c:1536
#13 0x00007f41621a895d in g_main_dispatch (context=0x5559ceec8bc0) at gmain.c:3193
#14 0x00007f41621a895d in g_main_context_dispatch (context=context@entry=0x5559ceec8bc0)
at gmain.c:3873
#15 0x00007f41621a8d18 in g_main_context_iterate (context=0x5559ceec8bc0, block=block@entry=1,
dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3946
#16 0x00007f41621a9042 in g_main_loop_run (loop=0x5559ceea40f0) at gmain.c:4142
#17 0x00005559cd47c7a4 in main (argc=<optimized out>, argv=<optimized out>)
at src/core/main.c:511
https://bugzilla.redhat.com/show_bug.cgi?id=2028404https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1059
If the ovs interface goes away, the ifindex gets zeroed out and l3cfg is
cleaned. We can't follow up with IP configuration. Bad things happen if
we try to:
#0 0x00007f769734c895 in _g_log_abort (breakpoint=1) at gmessages.c:580
#1 0x00007f769734db98 in g_logv (log_domain=0x55b2472d8840 "nm",
log_level=G_LOG_LEVEL_CRITICAL, format=<optimized out>,
args=args@entry=0x7fff4041b9d0) at gmessages.c:1391
#2 0x00007f769734dd63 in g_log (log_domain=log_domain@entry=0x55b2472d8840 "nm",
log_level=log_level@entry=G_LOG_LEVEL_CRITICAL,
format=format@entry=0x7f769739a620 "%s: assertion '%s' failed") at gmessages.c:1432
#3 0x00007f769734e59d in g_return_if_fail_warning
(log_domain=log_domain@entry=0x55b2472d8840 "nm",
pretty_function=pretty_function@entry=0x55b2472d5fe0 <__func__.39677> "nm_lndp_ndisc_new",
expression=expression@entry=0x55b2472d5fa3 "NM_IS_L3CFG(config->l3cfg)")
at gmessages.c:2809
#4 0x000055b2471ce3fa in nm_lndp_ndisc_new (config=config@entry=0x7fff4041bb30)
at src/core/ndisc/nm-lndp-ndisc.c:680
#5 0x000055b247123b32 in _dev_ipac6_start (self=self@entry=0x55b248078360 [NMDeviceOvsInterface])
at src/core/devices/nm-device.c:11287
#6 0x000055b2471232f8 in _dev_ipac6_start_continue (self=0x55b248078360 [NMDeviceOvsInterface])
at src/core/devices/nm-device.c:11338
#7 0x000055b2471232f8 in _dev_ipll6_set_llstate (self=0x55b248078360 [NMDeviceOvsInterface],
llstate=<optimized out>, lladdr=<optimized out>) at src/core/devices/nm-device.c:10541
#8 0x000055b2471c9e8b in _emit_changed_on_idle_cb (user_data=user_data@entry=0x55b24807bdd0)
at src/core/nm-l3-ipv6ll.c:221
#9 0x00007f769734327b in g_idle_dispatch (source=0x55b248119200,
callback=0x55b2471c9ce0 <_emit_changed_on_idle_cb>,
user_data=0x55b24807bdd0) at gmain.c:5579
#10 0x00007f769734695d in g_main_dispatch (context=0x55b247f56bc0) at gmain.c:3193
#11 0x00007f769734695d in g_main_context_dispatch (context=context@entry=0x55b247f56bc0)
at gmain.c:3873
#12 0x00007f7697346d18 in g_main_context_iterate (context=0x55b247f56bc0,
block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3946
#13 0x00007f7697347042 in g_main_loop_run (loop=0x55b247f320f0) at gmain.c:4142
#14 0x000055b246f26b64 in main (argc=<optimized out>,
argv=<optimized out>) at src/core/main.c:511
https://bugzilla.redhat.com/show_bug.cgi?id=2012934https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1044
Fixes-test: @ovs_cloned_mac_set_on_iface
If the ovs interface goes away, the ifindex gets zeroed out and l3cfg is
cleaned. Avoid starting ac6 in that case -- add checks similar to what
we do for ll6.
Bad things happen otherwise:
#0 0x00007f769734c895 in _g_log_abort (breakpoint=1) at gmessages.c:580
#1 0x00007f769734db98 in g_logv (log_domain=0x55b2472d8840 "nm",
log_level=G_LOG_LEVEL_CRITICAL, format=<optimized out>,
args=args@entry=0x7fff4041b9d0) at gmessages.c:1391
#2 0x00007f769734dd63 in g_log (log_domain=log_domain@entry=0x55b2472d8840 "nm",
log_level=log_level@entry=G_LOG_LEVEL_CRITICAL,
format=format@entry=0x7f769739a620 "%s: assertion '%s' failed") at gmessages.c:1432
#3 0x00007f769734e59d in g_return_if_fail_warning
(log_domain=log_domain@entry=0x55b2472d8840 "nm",
pretty_function=pretty_function@entry=0x55b2472d5fe0 <__func__.39677> "nm_lndp_ndisc_new",
expression=expression@entry=0x55b2472d5fa3 "NM_IS_L3CFG(config->l3cfg)")
at gmessages.c:2809
#4 0x000055b2471ce3fa in nm_lndp_ndisc_new (config=config@entry=0x7fff4041bb30)
at src/core/ndisc/nm-lndp-ndisc.c:680
#5 0x000055b247123b32 in _dev_ipac6_start (self=self@entry=0x55b248078360 [NMDeviceOvsInterface])
at src/core/devices/nm-device.c:11287
#6 0x000055b2471232f8 in _dev_ipac6_start_continue (self=0x55b248078360 [NMDeviceOvsInterface])
at src/core/devices/nm-device.c:11338
#7 0x000055b2471232f8 in _dev_ipll6_set_llstate (self=0x55b248078360 [NMDeviceOvsInterface],
llstate=<optimized out>, lladdr=<optimized out>) at src/core/devices/nm-device.c:10541
#8 0x000055b2471c9e8b in _emit_changed_on_idle_cb (user_data=user_data@entry=0x55b24807bdd0)
at src/core/nm-l3-ipv6ll.c:221
#9 0x00007f769734327b in g_idle_dispatch (source=0x55b248119200,
callback=0x55b2471c9ce0 <_emit_changed_on_idle_cb>,
user_data=0x55b24807bdd0) at gmain.c:5579
#10 0x00007f769734695d in g_main_dispatch (context=0x55b247f56bc0) at gmain.c:3193
#11 0x00007f769734695d in g_main_context_dispatch (context=context@entry=0x55b247f56bc0)
at gmain.c:3873
#12 0x00007f7697346d18 in g_main_context_iterate (context=0x55b247f56bc0,
block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3946
#13 0x00007f7697347042 in g_main_loop_run (loop=0x55b247f320f0) at gmain.c:4142
#14 0x000055b246f26b64 in main (argc=<optimized out>,
argv=<optimized out>) at src/core/main.c:511
We need to first free "priv->bzobjs", which then will unlink all bzobjs
from the lists. The assert needs to go after.
https://bugzilla.redhat.com/show_bug.cgi?id=2028427
Fixes: 4154d9618c ('bluetooth: refactor BlueZ handling and let NMBluezManager cache ObjectManager data')
NMSettingOvsDpdk does not have a verify() implementation that would prevent
the devargs property from being NULL. We must thus anticipate and handle
a NULL value.
Fixes: ae4152120a ('ovs/ovsdb: add support for setting dpdk devargs option')
We get the hostname via D-Bus (from hostnamed) or read it from file.
In the latter case, it is not ensured that it's valid UTF-8.
Non-UTF-8 "strings" are bad, because we might try to expose them
on D-Bus, log them or other bad things.
Sanitize the string by using backslash escaping. Maybe we should
outright reject such binary nonsense, but it's not done here,
for no strong reasons.
We have at least static and transient hostnames. Let's be clear which
one we are talking about.
Note that also NM_SETTINGS_HOSTNAME gets renamed to
NM_SETTINGS_STATIC_HOSTNAME, because it seems clearer.
The only purpose of NM_SETTINGS_STATIC_HOSTNAME is to be the backing
property for the "Hostname" D-Bus property for the NMDBusObject glue.
So, while the new name makes more sense to me, it's now also
inconsistent with it's primary use (the D-Bus property). Still...
When the device gets realized, similar to the situation that the device
is unmanaged by platform-init, if the device is still unmanaged by
parent and we clear the assume state. Then, when the device becomes
managed, NM is not able to properly assume the device using the UUID.
Therefore, we should not clear the assume state if the device has only
the NM_UNMANAGED_PLATFORM_INIT or the NM_UNMANAGED_PARENT flag set
in the unmanaged flags.
The previous commit 3c4450aa4d ('core: don't reset assume state too
early') did something similar for NM_UNMANAGED_PLATFORM_INIT flag only.
This bumps L3_CONFIG_DATA_TYPE_MANUALIP to be the most important address
source; which is what had been the case before NetworkManager/next and
is presumably what the user expects.
It also comes into play for iBFT-booted machines, where iBFT contains a
permanent address (no lifetime data), while DHCP might lease out the
same one. In that case, expiry of the latter could potentially disrupt
connectivity to a vital storage volume.
Fixes: 14962cb414 ('merge: branch 'next''):
https://bugzilla.redhat.com/show_bug.cgi?id=2013921https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1011
