In the migration to NMPlatform, support for ptp/peer addresses was
accidentally dropped. This broke OpenVPN configurations using 'p2p'
topology, which send a different peer address than the local address
for tunX, plus the server may also push routes that use the peer
address as the next hop. NetworkManager was unable to add these
routes, because the kernel had no idea how to talk to the peer,
because the peer's address was not assigned to any interface or
reachable over any routes.
Partly based on a patch from Dan Williams.
These are (most likely) only warnings and not severe bugs.
Some of these changes are mostly made to get a clean run of
Coverity without any warnings.
Error found by running Coverity scan
https://bugzilla.redhat.com/show_bug.cgi?id=1025894
Co-Authored-By: Jiří Klimeš <jklimes@redhat.com>
Signed-off-by: Thomas Haller <thaller@redhat.com>
Slaves should get sorted after their masters so that when generating
connections, the NMManager knows about the masters already.
The convoluted logic here is to ensure that:
1) the kernel doesn't pass bad information that causes NM to crash
or infinite loop
2) that with complicated parent/child relationships (like a VLAN interface
with a parent that is also a slave), children always get sorted after
*all* of their ancestors. The previous code was only sorting children
after their immediate parent/master's ifindex, but not actually after
the parent in the returned list.
The NMPlatformIP[46]Address and NMPlatformIP[46]Route structs have a
field 'dev'. Before this field was always printed in the *_to_string
functions and a missing device was signaled as ' dev -'.
This had the advantage, that the output contained the same fields
regardless whether there was a device set or not.
Change it, not to print the device if it is not set. This has the
advantage, that it looks better in the logfiles.
Signed-off-by: Thomas Haller <thaller@redhat.com>
Use the new kernel physical_port_id interface property to recognize
when two devices are just virtual devices sharing the same physical
port, and refuse to bond/team multiple slaves on the same port.
New functions to compare two instances of NMPlatformIP4Address, NMPlatformIP6Address,
NMPlatformIP4Route, NMPlatformIP6Route, respectively.
These functions return -1, 0 or 1 as result of the comparison. This is similar to
strcmp with the additional restriction, that only one of these 3 values will be
returned.
Signed-off-by: Thomas Haller <thaller@redhat.com>
Add *_to_string functions for address (ip4 and ip6) and
route (ip4 and ip6). Also refactor the previously existing
nm_platform_ip4_route_to_string function.
The to_string function returns a pointer to an internal
buffer. Also update log_* functions to make use of the new
to_string functions.
Signed-off-by: Thomas Haller <thaller@redhat.com>
nm_platform_query_devices() wasn't including the new "reason" argument
in its link-added emissions. (This didn't cause any problems since
NMManager doesn't look at that argument anyway, but it's still
obviously wrong.)
Most places except the tests don't want the default route when asking
the platform for all routes, so make that simpler by just adding a
parameter for including the default route or not.
This is the same we already did for nm-platform addresses in commit
68c3e1153c. It will help to avoid various
issues and is also a step towards support for route lifetimes.
It appears the kernel does not send notifications via netlink if the
default route is removed in some cases. This causes the platform
route cache to become stale, and thus when the default route is
reset by NM the platform thinks the route already exists, and does
not add it. But the route doesn't exist, becuase the kernel silently
removed it without telling anyone.
Fix that with a big hammer by flushing/refilling the route cache when
devices are deactivated (deletion of their addresses causes the default
route to be removed by the kernel) and when the default route is
updated by NM itself.
Pavel: if we find a more granular method, we should probably revert
this as the cache refill can be expensive.
The nm_platform_ip[46]_address_sync() functions no longer use
nm_platform_ip[46]_address_exists() to avoid adding already
existing addresses. That means nm_platform_ip[46]_address_add()
is now called for *all* commited addresses and the lifetimes
are thus always updated.
Because of that, nm_platform_ip[46]_address_add() had to be modified to
accept existing addresses and update their lifetimes when appropriate.
https://bugzilla.gnome.org/show_bug.cgi?id=705102
Addresses in the platform cache will have timestamp/lifetime/preferred set,
but addresses to be added or removed (like new IP config from DHCP renewal
or new RAs) won't have these set, since they only get set when the address
is actually added to the kernel. So when syncing addresses, we can't look
at any of these items or nothing matches, and all existing addresses get
removed.
https://bugzilla.gnome.org/show_bug.cgi?id=705102
The route metric is one of the object's key attributes and therefore
cannot be left to be chosen by the kernel. Instead, it must always be
specified explicitly. This matches the architecture of libnl3 and the
current API provided by nm-platform.
With the move of udev logic into the Linux platform class, the
link-added signals are asynchronous, that is they are not emitted
during the call to nm_platform_*_add(), but after that call has
returned. The Fake implementation still emitted them synchronously,
which broke the testcases. Convert the Fake implementation to emit
link-added signals asynchronously and update the testcases to handle
this.
Add a "parent" field to NMPlatformLink, giving the parent device
ifindex for devices that have a parent.
Make nm_platform_link_get_all() sort the links before returning them,
so that masters appear after all of their slaves, and parent devices
appear before their children.
Remove the second call to nm_platform_query_devices() from NMManager
since it is now guaranteed that an NMDeviceVLAN's parent NMDevice will
have been created before the NMDeviceVLAN.
Merge the net-subsystem-monitoring functionality of NMUdevManager into
NMLinuxPlatform (and kill NMUdevManager). NMLinuxPlatform now only
emits link-added signals after udev processes the device, and uses
udev attributes to further identify the device. NMManager now
identifies devices solely based on the NMLinkType provided by the
platform.
This requires a very recent kernel to even compile, and the kernel
code is still rapidly changing (eg, adding IPv6 support). So take it
out for now, until it stabilizes.
This reverts commit 7f0f04d106.
