The nm_ip_addr_*() APIs are supposed to work with unaligned input,
so we could use them while parsing binary data (where the field
may not be properly aligned). For that reason, it used to first
copy the argument to a local (properly aligned) variable.
Rework that a bit, and use unaligned_read_ne32() for IPv4.
NMIPAddr is a union, so you always need to know the right addr_family.
Often we track the addr_family separately or know it implicitly. Then we
don't need to glue them together.
But also often we need to associate the address_family with the address
union. Add a struct that bundles the NMIPAddr with the addr_family,
making it a tagged union. The benefit is that we now also have one
implementation for equal, cmp and hash-update, instead of reimplementing
them.
For each connection that corresponds to a software device, we create a
"unrealized" device that then becomes realized just before the
connection starts activating. Currently, in certain conditions NM
creates two devices with the same name and type, one realized and one
not; this is not expected and can lead to other issues especially when
a software device is reactivated.
Avoid that by relaxing the check in system_create_virtual_device(): if
a device exists with the same name and type, we don't want to create
another even if the type-specific parameters differ.
The idea is to have useful and correct helper functions, that are
generic and reusable.
nmcs_utils_poll() was done with that intent, and it is a generally
useful function. As the implementation shows, it's not entirely trivial
to get all the parameters right, when it comes to glib-integration
(GMainContext and GTask) and polling.
Whether something like a generic poll helper is a useful thing at all,
may be a valid question. E.g. you need several hooks, and the usage is
still not trivial. Regardless of that, "nm-cloud-setup-utils.c" already
had such a helper. This is only about moving it to a place where it is
actually accessible to others.
And, if it turns out to be a good idea after all, then somebody else
could use it.
nmcs_utils_poll() calls nmcs_wait_for_objects_register(), which is
specific to nm-cloud-setup.
nmcs_utils_poll() should move to libnm-glib-aux, so it should not have a
direct dependency on nm-cloud-setup code. Add instead a hook that the
caller can use for registering the object.
nmcs_utils_poll() accepts two different user-data. One is passed to the
probe callbacks (and returned by nmcs_utils_poll_finish()). The other
one is passed to the callback.
Having separate user data might be useful. It's not useful for
nm_http_client_poll_req(), which both passes the same.
It's confusing to pass the same data as different user-data. Don't do
that. Use only one way.
In practice, this does not cause an issue, because NMEtherAddr quite
quite obviously only contains uint8 values and has alignment 1.
It's still ugly to case nm_ip_addr_zero to NMEtherAddr if they are
entirely unrelated types.
Fixes: 58e2ba0535 ('glib-aux: drop ethernet fields from NMIPAddr union')
It is slightly confusing to be required to be aware whether something is
a union or a struct. Hence, the union was wrapped in a struct.
However, we anyway almost always use the typedef NMIPAddr. The single
place where we forward declare the type, we can correctly use the union
specifier.
It's not really used anyway.
The idea was, that the ethernet MAC address would fit from the size, and
we might at a few places use that for convenience. But it's more
confusing. Also, because there is already NMEtherAddr and `struct
ether_addr`.
Having a list with only one element is often interesting to know. For
example, if you are about to unlink an element, you may want to check
whether afterwards the list is empty.
Add c_list_is_empty_or_single() for that. It is probably more efficient than
plain c_list_length_is(list, 1) and also a better name.
When creating a parent dependent device it can have software device as
parent without an ifindex. In that case, it will fail on an ssertion on
parent being missing.
In order to avoid this, we are handling the situation similar to what we
do for VLAN devices. NetworkManager will raise different error and block
the autoconnection instead of asserting.
This solves the assert error for the following commands:
```
nmcli connection add type macvlan ifname mv1 con-name mv1+ macvlan.parent dummy0 mode vepa
nmcli connection add type dummy ifname dummy0 con-name dummy0+ autoconnect no
```
There were a few places where we did already this but there was one
place where we missed it, in nm-manager.c:do_sleep_wake(). Therefore,
the device end in DISCONNECTED state and did not assume the connection.
When the state is DISCONNECTED is being set from a
configuring/configured state we might want to always DECONFIGURE the
interface (ifindex, ip addresses, routes..) except if the
sys-iface-state is REMOVED in that case we would like to remove it.
Apparently, the pager being able to execute commands takes some people
by surprpise, making their poor configuration choices have consequences.
Let's pray for some mercy on their souls with the LESSECURE variable,
which makes less less likely to conduct evil deeds.
Systemd also deals with this, but being systemd they make it as
complicated as possible. We just set it unconditionally, hoping nobody
wanted the extra functionality and they're in only for the scrolling.
If anyone minds they can just set LESSSECURE=0 and we'll leave it alone.
See also: SYSTEMD_PAGERSECURE in systemctl(1) manual.
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1559
The present version of the EC2 metadata API (IMDSv2) requires a header
with a token to be present in all requests. The token is essentially a
cookie that's not actually a cookie that's obtained with a PUT call that
doesn't put anything. Apparently it's too easy to trick someone into
calling a GET method.
EC2 now supports IMDSv2 everywhere with IMDSv1 being optional, so let's
just use IMDSv2 unconditionally. Also, the presence of a token API can
be used to detect the AWS EC2 cloud.
https://bugzilla.redhat.com/show_bug.cgi?id=2151986
Clarify that detect() needs to succeed before get_config().
I thought it's sort of common sense, but it's better to be explicit as
we're going to rely on that.
This is the IPv6 equivalent of arp_ip_target option. It requires
arp_interval set and allow the user to specify up to 16 IPv6 addresses
as targets. By default, the list is empty.
The valid values for this option are 0 (off) and 1 (on). By default the
value is 1 (on). Please notice that this option is only compatible with
802.3AD mode.
The new arp_missed_max option valid range is 0-255 where value 0 means
not set. Please notice that this option is not compatible with 802.3AD,
balance-tlb and balance-alb modes.
We must first check whether a->arp_ip_targets_num and
b->arp_ip_targets_num are identical. Otherwise, this accesses
potentially uninitialized values.
Fixes: f900f7bc2c ('platform: add netlink support for bond link')
When reloading the configuration and there is a global DNS
configuration without domains, NM crashes in global_dns_equal()
because `old->domains` and `new->domains` are both NULL. Fix that.
Thread 1 "NetworkManager" received signal SIGTRAP, Trace/breakpoint trap.
0 g_logv (log_domain=0x7fe81a2110be "GLib", log_level=G_LOG_LEVEL_CRITICAL, format=<optimized out>, args=<optimized out>) at ../glib/gmessages.c:1433
1 g_log (log_domain=<optimized out>, log_level=<optimized out>, format=<optimized out>) at ../glib/gmessages.c:1471
2 g_hash_table_size (hash_table=<optimized out>) at ../glib/ghash.c:2183
3 g_hash_table_size (hash_table=<optimized out>) at ../glib/ghash.c:2181
4 global_dns_equal (new=0xecc540, old=0xe618e0) at ../src/core/nm-config-data.c:1466
5 nm_config_data_diff (old_data=old_data@entry=0xe60020, new_data=new_data@entry=0xe606a0) at ../src/core/nm-config-data.c:1946
6 _set_config_data (self=0xe45810, new_data=0xe606a0, reload_flags=NM_CONFIG_CHANGE_CAUSE_SIGHUP) at ../src/core/nm-config.c:2923
7 nm_config_reload (self=0xe45810, reload_flags=NM_CONFIG_CHANGE_CAUSE_SIGHUP, emit_warnings=emit_warnings@entry=1) at ../src/core/nm-config.c:2875
8 nm_main_config_reload (signal=<optimized out>) at ../src/core/main.c:141
9 sighup_handler (user_data=<optimized out>) at ../src/core/main-utils.c:26
10 g_main_dispatch (context=0xe619e0) at ../glib/gmain.c:3444
11 g_main_context_dispatch (context=0xe619e0) at ../glib/gmain.c:4162
12 g_main_context_iterate.constprop.0 (context=0xe619e0, block=1, dispatch=1, self=<optimized out>) at ../glib/gmain.c:4238
13 g_main_loop_run (loop=0xe5e310) at ../glib/gmain.c:4438
14 main (argc=<optimized out>, argv=<optimized out>) at ../src/core/main.c:515
Fixes: 1f0d1d78d2 ('dns-manager: always apply options from [global-dns]')
In file included from ./src/libnm-std-aux/nm-default-std.h:102,
from ./src/libnm-glib-aux/nm-default-glib.h:11,
from ./src/libnm-glib-aux/nm-default-glib-i18n-prog.h:13,
from ./src/core/nm-default-daemon.h:11,
from src/core/nm-connectivity.c:8:
src/core/nm-connectivity.c: In function ‘nm_connectivity_check_start’:
./src/libnm-std-aux/nm-std-aux.h:180:12: error: ‘reason’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
if (expr) \
^
src/core/nm-connectivity.c:1055:29: note: ‘reason’ was declared here
const char *reason;
^~~~~~
