There are now three places we need delayed state transitions:
1) unavailable to disconnected
2) failed to disconnected
3) bond unavailable to disconnected
(3) wasn't doing a delayed transition, but we can't change
state from inside a state-change handler otherwise we may not
end up fully processing the current state chagne. So it needs a
delayed transition too; add some generic code to make that
easier to do.
The carrier of a bonding device is the sum of the carrier state of
all its slaves. The carrier is always off if no slaves have been
attached to the master yet.
Therefore the carrier state is of no interest when making a bonding
connection available but we still want to use carrier detection to
move the connection out of ACTIVATED if the carrier of all slaves
are off.
A neat solution is to always put the bonding master directly into
DISCONNECTED whenever its state is changed to UNAVAILABLE.
This will make a bonding master available for activation immediately
and move it to DISCONNECTED whenever all slaves have been without
a carrier for 4 seconds.
In the future, the move from UNAVAILABLE to DISCONNECTED may be made
dependant on the availability of at least one configured slave.
Signed-off-by: Thomas Graf <tgraf@redhat.com>
Moves all code to match an ethernet connection into a single function
match_ethernet_connection() and use it from everywhere within
NMDeviceEthernet.
Use of match_ethernet_connection() in connection_match_config() enables
bondig connections to be successfully matched with configurations with
matching interface names.
Signed-off-by: Thomas Graf <tgraf@redhat.com>
When matching an ethernet device with connection settings, check if
the connection needs to be bound to a specific virtual kernel interface.
Signed-off-by: Thomas Graf <tgraf@redhat.com>
Some connection types such as bonding, bridging and VLAN require
specific virtual kernel interfaces identified by name to be auto
connected to the connection.
The function nm_connection_get_virtual_iface_name() returns the name
of the kernel interface if the connection type requires this
functionatlity.
Each connection base type settings class can implement the function
get_virtual_iface_name() if the connection needs to be auto connected
to a specific kernel interface.
Signed-off-by: Thomas Graf <tgraf@redhat.com>
Shortcut to access the connection linked to the activation
request of a device.
The patch only replaces usage with nm_device_get_connection()
if the existing code assumes that an activation request must
be available.
Signed-off-by: Thomas Graf <tgraf@redhat.com>
nm_utils_hwaddr_ntoa() and nm_utils_hwaddr_aton() are like
ether_ntoa()/ether_aton(), but handle IPoIB too.
nm_utils_hwaddr_atoba() is like _aton() but returns a GByteArray,
since that's what's wanted in many places.
Also remove nm_ether_ntop() and replace uses of it with
nm_utils_hwaddr_ntoa().
A bonding device is like a virtual ethernet device. We therefore reuse
nm-device-ethernet and add some special handling to detect bonding
connections.
Changes v2:
- Fixed memory leak
Signed-off-by: Thomas Graf <tgraf@redhat.com>
Initial IP configuration can happen during ACTIVATED state if both
v4 and v6 are enabled, but one takes longer than the other. Thus
various checks throughout the code for IP_CONFIG were incorrect
since they depended on IP configuration only happening during the
IP_CONFIG state. Fix that by using a separate state for IP config
and using that state for various checks instead of the overall
device state.
It was somewhat pointless since the IP config is always known when
stage4 gets scheduled, so why not just pass the config to stage5
immediately? Also helps consolidate the v4/v6 failure handling
logic and makes the operational flow clearer where both v4 and
v6 are active and proceeding in parallel.
"mac-address-blacklist" property is added to the ethernet and WiFi connections.
It is the MAC addresses list of devices on which the connection won't be
activated.
Original patch (NM_0_8 branch) from Thomas Bechtold <thomasbechtold@jpberlin.de>
deactivate_quickly is misnamed these days; it was originally used
for quickly tearing down a device for sleep and such. But these
days it's used for the bulk of device deactivation. Only the wifi
class used the actual deactivate method. So combine the two and
make device implementations less complicated.
It's the thing that owns the secrets anyway, and it simplifies things to
have the secrets handling there instead of half in NMActRequest and
half in NMManager. It also means we can get rid of the ugly signals
that NMSettingsConnection had to emit to get agent's secrets, and
we can consolidate the requests for the persistent secrets that the
NMSettingsConnection owned into NMSettingsConnection itself instead
of also in NMAgentManager.
Since the NMActRequest and the NMVPNConnection classes already tracked
the underlying NMSettingsConnection representing the activation, its
trivial to just have them ask the NMSettingsConnection for secrets
instead of talking to the NMAgentManager. Thus, only the
NMSettingsConnection now has to know about the agent manager, and it
presents a cleaner interface to other objects further up the chain,
instead of having bits of the secrets request splattered around the
activation request, the VPN connection, the NMManager, etc.
When a user makes an explicit request for secrets via GetSecrets
or activates a device, don't ask other users' agents for secrets.
Restrict secrets request to agents owned by the user that made the
initial activate or GetSecrets request.
Automatic activations still request secrets from any available agent.
If NM asks for secrets, and then a client calls ActivateDevice on
that same connection, the secrets tries counter doesn't get reset
and NM then thinks we need completely new secrets when we really
don't since the old secrets request isn't valid anymore.
Also ensure the secrets tries gets reset on success and failure
to match behavior of wifi.
Given connection details, complete the connection as well as possible
using the given specific object and device, add it to system
settings, and activate it all in one method.
Instead of a bizare mechanism of signals back to the manager
object that used to be required because of the user/system settings
split, let each place that needs secrets request those secrets
itself. This flattens the secrets request process a ton and
the code flow significantly.
Previously the get secrets flow was something like this:
nm_act_request_get_secrets ()
nm_secrets_provider_interface_get_secrets ()
emits manager-get-secrets signal
provider_get_secerts ()
system_get_secrets ()
system_get_secrets_idle_cb ()
nm_sysconfig_connection_get_secrets ()
system_get_secrets_reply_cb ()
nm_secrets_provider_interface_get_secrets_result ()
signal failure or success
now instead we do something like this:
nm_agent_manager_get_secrets ()
nm_agent_manager_get_secrets ()
request_start_secrets ()
nm_sysconfig_connection_get_secrets ()
return failure or success to callback
We only really need one state for the supplicant interface which
simplifies handling in the Wifi and Wired device classes quite a
bit. It also simplifies the supplicant interface class too.
One behavioral change in the device classes is not running the
supplicant interface state changes from an idle; we'll have to
see if that causes problems. ISTR long ago that processing the
state change signals directly caused some issues, but we've
significantly reworked somethings since then so we may be able
to get away with this now.
Previously, NM reset permanent MAC to an interface while disconnecting. That
basically ignored MAC addresses set before NM started managing the interface.
Now, the initial MAC address is remembered and set back to the interface when
disconnecting.
The autoactivation code wasn't excluding subchannel-locked connections
when matching for devices that don't have subchannels. This only
produced a warning message though as the connection activation would
be failed by the check_connection_compatible hook.
Not all drivers will return errors when even when they don't provide
the GPERMADDR ethtool call; sometimes you'll get 00:00:00:00:00:00
which is clearly not right. In this case, fall back to the current
HW address just like if the ethtool GPERMADDR call failed.
- Just use a byte array to old MAC addresses so we don't need to
use .ether_addr_octet everywhere
- Consolidate setting the current MAC address into one location
- Make sure that if the GPERMADDR call fails we use the current MAC
(this wasn't done for wired devices)
- Make log messages consistent
