Since commit ab6548c621 ("device: better accept external IP
changes"), ipX_config_merge_and_apply() applies the configuration
static settings to an intermediate, initially empty configuration
(priv->con_ipX_config) instead of the composite configuration, and
thus the handling of ignore-auto-routes and ignore-auto-dns options
done in nm_ipX_config_merge_setting() has no effect.
Fix this by clearing the routes and the DNS information when needed
before merging static settings to the composite configuration.
Fixes: ab6548c621
Without that we can remove addresses from con-ip6-config due to external
changes *before* it is applied and thus manual IPv6 addresses are not applied
together with ipv6.method=auto.
Testcase:
$ nmcli con add type ether con-name AAA ifname eth0 autoconnect no
$ nmcli con mod AAA ipv4.addresses 1.1.1.1/24 ipv6.addresses 99::99/64
$ nmcli con up AAA
Fixes:Beaker:NetworkManager_Test37_run_once_new_connection
Fixes:Beaker:NetworkManager_Test84_ipv6_addresses_no_when_static_switch_asked
https://bugzilla.gnome.org/show_bug.cgi?id=751430
Change nm_platform_link_get() to return the cached NMPlatformLink
instance. Now what all our implementations (fake and linux) have such a
cache internal object, let's just expose it directly.
Note that the lifetime of the exposed link object is possibly quite
short. A caller must copy the returned value if he intends to preserve
it for later.
Also add nm_platform_link_get_by_ifname() and modify nm_platform_link_get_by_address()
to return the instance.
Certain functions, such as nm_platform_link_get_name(),
nm_platform_link_get_ifindex(), etc. are solely implemented based
on looking at the returned NMPlatformLink object. No longer implement
them as virtual functions but instead implement them in the base class
(nm-platform.c).
This removes code and eliminates the redundancy of the exposed
NMPlatformLink instance and the nm_platform_link_get_*() accessors.
Thereby also fix a bug in NMFakePlatform that tracked the link address
in a separate "address" field, instead of using "link.addr". That was
a case where the redundancy actually led to a bug in fake platform.
Also remove some stub implementations in NMFakePlatform that just
bail out. Instead allow for a missing virtual functions and perform
the "default" action in the accessor.
An example for that is nm_platform_link_get_permanent_address().
When inside a state-change, we set for example the device up.
This triggers a link-changed event, which then causes further
state-changes of the devices.
A state-change in process of a device is not reentrant, so we must
delay the handling of the link-changed event.
Unconditionally log a warning if the function fails.
We are about to drop nm_platform_get_error(), it's anyway unclear
why we don't want to log a warning about non-existing interface.
The @udi field is not a static string, so any user of a NMPlatformLink
instance must make sure not to use the field beyond the lifetime of the
NMPlatformLink instance.
As we pass on the platform link instance during platform changed events,
this is hard to ensure for the subscriber of the signal -- because a
call back into platform could invalidate/modify the object.
Just not expose this field as part of the link instance. The few callers
who actually needed it should instead call nm_platform_get_uid(). With
that, the lifetime of the returned 'const char *' pointer is clearly
defined.
The metered property of a NMDevice that reaches the activated state is
copied from the active connection and if its value is 'unknown' some
heuristics are used to guess the actual value.
When the connection is torn down the metered property is reset to
'unknown'.
We already populate the netlink cache in constructed(). No need
to wait with udev devices until nm_platform_query_devices(). Just
do it right away.
Add a hack to keep 'lo' default-unmanaged. Now that we load
udev devices earlier, we end up clearing the default-unmanged
flag on 'lo', which has bad consequences.
We don't want error logging for nm_platform_link_add() which
tries to load the bonding module. Later we will run tests as non-root,
where modprobe will fail. Logging an error would break the tests.
Since introduction for support of ip6-privacy (use_tempaddr,
RFC4941) with commit d376270bfe,
the sysctl value from /etc was always read first.
This is problematic, because an explicit setting in the
connection should not be ignored over a global configuration.
Drop that old behavior. It was also problematic, because we did
not read any files under /etc/sysctl.d (except for sysctl.conf).
Also, we did not honor per-interface configurations.
Now we also use as last fallback the value from
/proc/sys/net/ipv6/conf/default/use_tempaddr
That has the advantage of falling back to the system default value
so that NM doesn't need to have it's own default policy
(Related: https://bugzilla.redhat.com/show_bug.cgi?id=1187525).
This is a change in behavior.
Support default value for setting 'ipv6.ip6-privacy' in
NetworkManager.conf.
If the global value is unset, preserve old behavior of looking into
/etc/sycctl.conf first. That behavior was introduced with commit
d376270bfe, since we support ip6-privacy
setting.
If the global value is set to "unknown", add a new fallback
that instead reads the runtime value from
"/proc/sys/net/ipv6/conf/default/use_tempaddr"
This seems more sensible behavior because we fallback to sysctl,
but instead of looking at static files in /etc, read /proc.
But to preserve the old behavior, we only do that when a global
value is configured at all.
https://bugzilla.gnome.org/show_bug.cgi?id=721200
The route-metric can be configured per connection via the
ipv4.route-metric and ipv6.route-metric fields. When the
value is left at -1 (the default), we would determine the
route-metric based on the device type (nm_device_get_priority()).
Extend that scheme by making the default value overwritable in
NetworkManager.conf.
Add a function to get a concise representation of the
device type.
libnm already has nm_device_get_type_description() for that
and it is shown by
nmcli -f GENERAL.TYPE device show
Reimplement that function for nm-core. Just take care that the
two implementations don't diverge.
Add the new configuration option 'assume-ipv6ll-only' which specifies
the devices for which NM will try to assume an existing IPv6LL-only
configuration.
The new default behavior is to ignore such configurations since IPv6LL
addresses are automatically assigned by the kernel when the device is
brought up and thus the presence of an IPv6LL address doesn't mean
that the device was configured by the administrator.
The previous behavior was to always assume IPv6LL-only configurations
but this often had the unwanted effect of preventing other on-disk
configurations to be activated. To preserve the old behavior the
option must be set to '*'.
https://bugzilla.redhat.com/show_bug.cgi?id=1138426
Previously for assumed connections we would never configure a default route.
That has serious problems for example in the following two scenarios:
- the default-route might have a limited lifetime from a previous
SLAAC/accept_ra setting. In this case, once we assume the connection
we must also ensure that we extend the lifetime of the default
route.
- the gateway could be received via DHCP/RA and it might change.
If we ignore default-routes for assumed connection we miss that
change.
The problem is that the notion of "assumed connection" wrongly combines
two conflicting goals (related bug bgo#746440):
a) have an external device that is entirely unmanged by NM.
b) do a seamless takeover of a previously managed connection at start,
but still fully manage.
This patch changes the handling of default-routes towards meaning b).
https://bugzilla.redhat.com/show_bug.cgi?id=1224291
Since da708059da, we would pickup the
default-route as configured externally, except at those moments when
NM re-applys the IP configuration of the interface, such as during a
DHCP lease.
That allows the user to add/remove the default-route externally (iproute).
But still, at random times (DHCP lease), we will revert those external
changes.
Extend this, that if the connection is explicitly configured as
'never-default=yes', that it tells NM not to interfere with externally
added default-routes on this device. That means, NM will only remove
any preexisting default-routes when configuring the device a first
time.
On any later attempts, NM will assume whatever is configured there.
That makes sense because the user indicated not wanting NM to
manage a default-route on that device, so if something externally
added a default-route, assume that is what the user wants.
This only affects non-assumed connections, with 'never-default=yes'.
https://bugzilla.redhat.com/show_bug.cgi?id=1205405
Also accept a NULL connection in
nm_default_route_manager_ip4_connection_has_default_route() and
nm_default_route_manager_ip6_connection_has_default_route().
We need to know whether we can create interfaces of any given
NMDevice subclass or not. So don't rely on just the NMPlatformLink
for that information, because we won't have a platform link for
software devices before we create them.
When a connection had static IP addresses, an early event
from plaform would clear them from priv->con_ip4_config.
Fix that, by don't initializing priv->con_ip4_config
before we commit the first time.
https://bugzilla.gnome.org/show_bug.cgi?id=749052
Fixes: 557667df12
It could be that the device was removed and the default route manager holds the
last reference:
Breakpoint 1, dispose (object=0x90e710 [NMDeviceTun]) at devices/nm-device.c:8588
8588 NMDevice *self = NM_DEVICE (object);
(gdb) bt
#0 0x000000000045d24e in dispose (object=0x90e710 [NMDeviceTun]) at devices/nm-device.c:8588
#1 0x00007ffff4d29b7c in g_object_unref (_object=0x90e710) at gobject.c:3133
#2 0x00000000004b0a61 in _entry_at_idx_remove (entry=<optimized out>) at nm-default-route-manager.c:192
#3 0x00000000004b0a61 in _entry_at_idx_remove (vtable=<optimized out>, self=<optimized out>, entry_idx=<optimized out>) at nm-default-route-manager.c:638
#4 0x00000000004adb51 in _ipx_update_default_route (vtable=0x7b1850 <vtable_ip6>, self=0x7da610 [NMDefaultRouteManager], source=<optimized out>) at nm-default-route-manager.c:814
#5 0x0000000000459ccb in nm_device_set_ip6_config (self=0x90e710 [NMDeviceTun], new_config=<optimized out>, commit=<optimized out>, reason=<optimized out>) at devices/nm-device.c:6213
#6 0x0000000000450c92 in ip6_config_merge_and_apply (self=0x90e710 [NMDeviceTun], commit=0, out_reason=0x0) at devices/nm-device.c:3670
#7 0x0000000000452d06 in update_ip_config (self=0x90e710 [NMDeviceTun], initial=<optimized out>) at devices/nm-device.c:6915
#8 0x000000000046253e in queued_ip_config_change (user_data=<optimized out>) at devices/nm-device.c:6945
#9 0x00007ffff4a257fb in g_main_context_dispatch (context=0x7ca3e0) at gmain.c:3111
#10 0x00007ffff4a257fb in g_main_context_dispatch (context=context@entry=0x7ca3e0) at gmain.c:3710
#11 0x00007ffff4a25b98 in g_main_context_iterate (context=0x7ca3e0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3781
#12 0x00007ffff4a25ec2 in g_main_loop_run (loop=0x7ca4a0) at gmain.c:3975
#13 0x0000000000444bbe in main (argc=<optimized out>, argv=<optimized out>) at main.c:486
(gdb)
Program received signal SIGTRAP, Trace/breakpoint trap.
g_logv (log_domain=0x7ffff4d4f164 "GLib-GObject", log_level=G_LOG_LEVEL_WARNING, format=<optimized out>, args=args@entry=0x7fffffffd5b0) at gmessages.c:1046
1046 g_private_set (&g_log_depth, GUINT_TO_POINTER (depth));
(gdb) bt
#0 0x00007ffff4a2c970 in g_logv (log_domain=0x7ffff4d4f164 "GLib-GObject", log_level=G_LOG_LEVEL_WARNING, format=<optimized out>, args=args@entry=0x7fffffffd5b0) at gmessages.c:1046
#1 0x00007ffff4a2cbaf in g_log (log_domain=log_domain@entry=0x7ffff4d4f164 "GLib-GObject", log_level=log_level@entry=G_LOG_LEVEL_WARNING, format=format@entry=0x7ffff4d563b0 "invalid unclassed pointer in cast to '%s'") at gmessages.c:1079
#2 0x00007ffff4d481f9 in g_type_check_instance_cast (type_instance=0x90e710, iface_type=<optimized out>) at gtype.c:4030
#3 0x0000000000459ceb in nm_device_set_ip6_config (self=0x90e710, new_config=<optimized out>, commit=<optimized out>, reason=0x0) at devices/nm-device.c:6217
#4 0x0000000000450c92 in ip6_config_merge_and_apply (self=0x90e710, commit=0, out_reason=0x0) at devices/nm-device.c:3670
#5 0x0000000000452d06 in update_ip_config (self=0x90e710, initial=<optimized out>) at devices/nm-device.c:6915
#6 0x000000000046253e in queued_ip_config_change (user_data=<optimized out>) at devices/nm-device.c:6945
#7 0x00007ffff4a257fb in g_main_context_dispatch (context=0x7ca3e0) at gmain.c:3111
#8 0x00007ffff4a257fb in g_main_context_dispatch (context=context@entry=0x7ca3e0) at gmain.c:3710
#9 0x00007ffff4a25b98 in g_main_context_iterate (context=0x7ca3e0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3781
#10 0x00007ffff4a25ec2 in g_main_loop_run (loop=0x7ca4a0) at gmain.c:3975
#11 0x0000000000444bbe in main (argc=<optimized out>, argv=<optimized out>) at main.c:486
(gdb)
https://bugzilla.gnome.org/show_bug.cgi?id=748193
Ethernet, WiFi, and VLAN used the same implementation for initial address.
Ethernet and WiFi used the same implementation (and duplicated code) for
permanent MAC address, plus they both used ethtool in what should be
generic code, which is better done in the platform.
Now on SIGHUP, when reloading NetworkManager configuration, also reload
the ignore-carrier flag.
While a device is activated, the reload is ignored until the device
deactivates.
Maybe it would be simpler just not to cache ignore_carrer and let it
take effect immediately. But not caching ignore_carrer has the
additional downside that every call to is_available must check the
specs -- which in sum is potentially expensive for something that
almost never changes.
https://bugzilla.gnome.org/show_bug.cgi?id=748050
Most nm_platform_*() functions operate on the platform
singleton nm_platform_get(). That made sense because the
NMPlatform instance was mainly to hook fake platform for
testing.
While the implicit argument saved some typing, I think explicit is
better. Especially, because NMPlatform could become a more usable
object then just a hook for testing.
With this change, NMPlatform instances can be used individually, not
only as a singleton instance.
Before this change, the constructor of NMLinuxPlatform could not
call any nm_platform_*() functions because the singleton was not
yet initialized. We could only instantiate an incomplete instance,
register it via nm_platform_setup(), and then complete initialization
via singleton->setup().
With this change, we can create and fully initialize NMPlatform instances
before/without setting them up them as singleton.
Also, currently there is no clear distinction between functions
that operate on the NMPlatform instance, and functions that can
be used stand-alone (e.g. nm_platform_ip4_address_to_string()).
The latter can not be mocked for testing. With this change, the
distinction becomes obvious. That is also useful because it becomes
clearer which functions make use of the platform cache and which not.
Inside nm-linux-platform.c, continue the pattern that the
self instance is named @platform. That makes sense because
its type is NMPlatform, and not NMLinuxPlatform what we
would expect from a paramter named @self.
This is a major diff that causes some pain when rebasing. Try
to rebase to the parent commit of this commit as a first step.
Then rebase on top of this commit using merge-strategy "ours".
