From 7c07f71957bb5f0b9900e255be1029e3848ffeb9 Mon Sep 17 00:00:00 2001 From: MSVSphere Packaging Team Date: Thu, 26 Dec 2024 03:21:44 +0300 Subject: [PATCH] import NetworkManager-1.48.10-3.el9_5 --- ...v-capability-when-enabled-rhel-58397.patch | 74 ++++++++++ ...tivating-port-connections-rhel-50747.patch | 136 ++++++++++++++++++ ...f-ovs-dpdk-interface-name-rhel-60022.patch | 57 ++++++++ SPECS/NetworkManager.spec | 10 +- 4 files changed, 276 insertions(+), 1 deletion(-) create mode 100644 SOURCES/1003-only-validate-sriov-capability-when-enabled-rhel-58397.patch create mode 100644 SOURCES/1004-fix-bug-when-deactivating-port-connections-rhel-50747.patch create mode 100644 SOURCES/1005-fix-validation-of-ovs-dpdk-interface-name-rhel-60022.patch diff --git a/SOURCES/1003-only-validate-sriov-capability-when-enabled-rhel-58397.patch b/SOURCES/1003-only-validate-sriov-capability-when-enabled-rhel-58397.patch new file mode 100644 index 0000000..4a0a962 --- /dev/null +++ b/SOURCES/1003-only-validate-sriov-capability-when-enabled-rhel-58397.patch @@ -0,0 +1,74 @@ +From d9dd0aeff8ba2e1a0005c2e5751907c453927c5c Mon Sep 17 00:00:00 2001 +From: Gris Ge +Date: Mon, 21 Oct 2024 21:13:29 +0800 +Subject: [PATCH] sriov: only valid sriov capacity when enabled + +NetworkManager current code will refuse to activate a connection if its +interface has no SRIOV capacity but holding a empty SRIOV settings. + +This patch only valid SRIOV capacity when it is enabled(total_vfs > 0). + +Resolves: https://issues.redhat.com/browse/RHEL-58397 + +Signed-off-by: Gris Ge +(cherry picked from commit 421ccf8b4cb85c96db3bf1cb6a860e41a784c950) +(cherry picked from commit c9e31e70cbf62c65cec460dc198712a61351e9f4) +(cherry picked from commit 90a3b014683c3c98c9fb4bbe2add65510e7f1b31) +--- + src/core/devices/nm-device.c | 19 ++++++++++--------- + 1 file changed, 10 insertions(+), 9 deletions(-) + +diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c +index 4780003a0a..e86c32a902 100644 +--- a/src/core/devices/nm-device.c ++++ b/src/core/devices/nm-device.c +@@ -9468,6 +9468,7 @@ check_connection_compatible(NMDevice *self, + NMSettingMatch *s_match; + const GSList *specs; + gboolean has_match = FALSE; ++ NMSettingSriov *s_sriov = NULL; + + klass = NM_DEVICE_GET_CLASS(self); + if (klass->connection_type_check_compatible) { +@@ -9485,12 +9486,14 @@ check_connection_compatible(NMDevice *self, + return FALSE; + } + +- if (!nm_device_has_capability(self, NM_DEVICE_CAP_SRIOV) +- && nm_connection_get_setting(connection, NM_TYPE_SETTING_SRIOV)) { +- nm_utils_error_set_literal(error, +- NM_UTILS_ERROR_CONNECTION_AVAILABLE_TEMPORARY, +- "device does not support SR-IOV"); +- return FALSE; ++ if (!nm_device_has_capability(self, NM_DEVICE_CAP_SRIOV)) { ++ s_sriov = (NMSettingSriov *) nm_connection_get_setting(connection, NM_TYPE_SETTING_SRIOV); ++ if (s_sriov && nm_setting_sriov_get_total_vfs(s_sriov)) { ++ nm_utils_error_set_literal(error, ++ NM_UTILS_ERROR_CONNECTION_AVAILABLE_TEMPORARY, ++ "device does not support SR-IOV"); ++ return FALSE; ++ } + } + + conn_iface = nm_manager_get_connection_iface(NM_MANAGER_GET, connection, NULL, NULL, &local); +@@ -10101,7 +10104,7 @@ activate_stage1_device_prepare(NMDevice *self) + s_sriov = nm_device_get_applied_setting(self, NM_TYPE_SETTING_SRIOV); + } + +- if (s_sriov) { ++ if (s_sriov && nm_device_has_capability(self, NM_DEVICE_CAP_SRIOV)) { + nm_auto_freev NMPlatformVF **plat_vfs = NULL; + gs_free_error GError *error = NULL; + NMSriovVF *vf; +@@ -10109,8 +10112,6 @@ activate_stage1_device_prepare(NMDevice *self) + guint num; + guint i; + +- nm_assert(nm_device_has_capability(self, NM_DEVICE_CAP_SRIOV)); +- + autoprobe = nm_setting_sriov_get_autoprobe_drivers(s_sriov); + if (autoprobe == NM_TERNARY_DEFAULT) { + autoprobe = nm_config_data_get_connection_default_int64( +-- +2.45.2 + diff --git a/SOURCES/1004-fix-bug-when-deactivating-port-connections-rhel-50747.patch b/SOURCES/1004-fix-bug-when-deactivating-port-connections-rhel-50747.patch new file mode 100644 index 0000000..7c5b319 --- /dev/null +++ b/SOURCES/1004-fix-bug-when-deactivating-port-connections-rhel-50747.patch @@ -0,0 +1,136 @@ +From 3b1181dc02172033d8e2bb7fd2336b2ea0355a87 Mon Sep 17 00:00:00 2001 +From: Beniamino Galvani +Date: Mon, 23 Sep 2024 17:28:03 +0200 +Subject: [PATCH] device: fix bug when deactivating port connections + asynchronously + +When the attach_port()/detach_port() methods do not return immediately +(currently, only for OVS ports), the following situation can arise: + + - nm_device_controller_attach_port() starts the attachment by sending + the command to ovsdb. Note that here we don't set + `PortInfo->port_is_attached` to TRUE yet; that happens only after + the asynchronous command returns; + + - the activation of the port gets interrupted because the connection + is deleted; + + - the port device enters the deactivating state, triggering function + port_state_changed() + + - the function calls nm_device_controller_release_port() which checks + whether the port is already attached; since + `PortInfo->port_is_attached` is not set yet, it assumes the port + doesn't need to be detached; + + - in the meantime, the ovsdb operation succeeds. As a consequence, + the kernel link is created even if the connection no longer exists. + +Fix this by turning `port_is_attached` into a tri-state variable that +also tracks when the port is attaching. When it is, we need to perform +an explicit detach during deactivation. + +Fixes: 9fcbc6b37dec ('device: make attach_port() asynchronous') + +https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2043 + +Resolves: https://issues.redhat.com/browse/RHEL-58026 +(cherry picked from commit a8329587c8bdd53e2bc4513a4e82529727cfa5ef) +(cherry picked from commit d809ca6db24b5145fcc1857b962afb7ae17d07a5) +(cherry picked from commit ca6ca684b21235f706b02cee42075f2ee3cb1795) +--- + src/core/devices/nm-device.c | 27 ++++++++++++++++++++++----- + 1 file changed, 22 insertions(+), 5 deletions(-) + +diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c +index e86c32a902..f9a2e7e8fe 100644 +--- a/src/core/devices/nm-device.c ++++ b/src/core/devices/nm-device.c +@@ -126,12 +126,18 @@ typedef enum _nm_packed { + ADDR_METHOD_STATE_FAILED, + } AddrMethodState; + ++typedef enum { ++ PORT_STATE_NOT_ATTACHED, ++ PORT_STATE_ATTACHED, ++ PORT_STATE_ATTACHING, ++} PortState; ++ + typedef struct { + CList lst_port; + NMDevice *port; + GCancellable *cancellable; + gulong watch_id; +- bool port_is_attached; ++ PortState port_state; + bool configure; + } PortInfo; + +@@ -6693,7 +6699,7 @@ attach_port_done(NMDevice *self, NMDevice *port, gboolean success) + if (!info) + return; + +- info->port_is_attached = success; ++ info->port_state = (success ? PORT_STATE_ATTACHED : PORT_STATE_NOT_ATTACHED); + + nm_device_port_notify_attach_as_port(info->port, success); + +@@ -6756,7 +6762,7 @@ nm_device_controller_attach_port(NMDevice *self, NMDevice *port, NMConnection *c + if (!info) + return; + +- if (info->port_is_attached) ++ if (info->port_state == PORT_STATE_ATTACHED) + success = TRUE; + else { + configure = (info->configure && connection != NULL); +@@ -6765,6 +6771,7 @@ nm_device_controller_attach_port(NMDevice *self, NMDevice *port, NMConnection *c + + nm_clear_g_cancellable(&info->cancellable); + info->cancellable = g_cancellable_new(); ++ info->port_state = PORT_STATE_ATTACHING; + success = NM_DEVICE_GET_CLASS(self)->attach_port(self, + port, + connection, +@@ -6819,6 +6826,7 @@ nm_device_controller_release_port(NMDevice *self, + PortInfo *info; + gs_unref_object NMDevice *self_free = NULL; + gs_unref_object NMDevice *port_free = NULL; ++ const char *port_state_str; + + g_return_if_fail(NM_DEVICE(self)); + g_return_if_fail(NM_DEVICE(port)); +@@ -6830,11 +6838,20 @@ nm_device_controller_release_port(NMDevice *self, + + info = find_port_info(self, port); + ++ if (info->port_state == PORT_STATE_ATTACHED) ++ port_state_str = "(attached)"; ++ else if (info->port_state == PORT_STATE_NOT_ATTACHED) ++ port_state_str = "(not attached)"; ++ else { ++ nm_assert(info->port_state == PORT_STATE_ATTACHING); ++ port_state_str = "(attaching)"; ++ } ++ + _LOGT(LOGD_CORE, + "controller: release one port " NM_HASH_OBFUSCATE_PTR_FMT "/%s %s%s", + NM_HASH_OBFUSCATE_PTR(port), + nm_device_get_iface(port), +- !info ? "(not registered)" : (info->port_is_attached ? "(attached)" : "(not attached)"), ++ !info ? "(not registered)" : port_state_str, + release_type == RELEASE_PORT_TYPE_CONFIG_FORCE + ? " (force-configure)" + : (release_type == RELEASE_PORT_TYPE_CONFIG ? " (configure)" : "(no-config)")); +@@ -6850,7 +6867,7 @@ nm_device_controller_release_port(NMDevice *self, + nm_clear_g_cancellable(&info->cancellable); + + /* first, let subclasses handle the release ... */ +- if (info->port_is_attached || nm_device_sys_iface_state_is_external(port) ++ if (info->port_state != PORT_STATE_NOT_ATTACHED || nm_device_sys_iface_state_is_external(port) + || release_type >= RELEASE_PORT_TYPE_CONFIG_FORCE) { + NMTernary ret; + +-- +2.45.2 + diff --git a/SOURCES/1005-fix-validation-of-ovs-dpdk-interface-name-rhel-60022.patch b/SOURCES/1005-fix-validation-of-ovs-dpdk-interface-name-rhel-60022.patch new file mode 100644 index 0000000..34a5b77 --- /dev/null +++ b/SOURCES/1005-fix-validation-of-ovs-dpdk-interface-name-rhel-60022.patch @@ -0,0 +1,57 @@ +From fd2768da4c3f966a215f01f09f8b5d7d534d0193 Mon Sep 17 00:00:00 2001 +From: Beniamino Galvani +Date: Tue, 24 Sep 2024 16:25:03 +0200 +Subject: [PATCH] libnm-core: fix validation of ovs-dpdk interface name + +An ovs-dpdk interface doesn't have a kernel link and doesn't have the +15-character limit on the name. + +Fixes: 3efe070dfc7a ('libnm: validate "connection.interface-name" at one place only') + +Resolves: https://issues.redhat.com/browse/RHEL-60233 + +https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2044 +(cherry picked from commit fda05b0af085d9f7e4cc5691075dae63e7bf02a6) +(cherry picked from commit f6e4e537757a414cc896bc1b402da8c9c9e32eaa) +(cherry picked from commit c7035db5b43beff7ad7e91685ff17982a540d8e2) +--- + src/libnm-core-impl/nm-setting-connection.c | 4 ++-- + src/libnm-core-impl/tests/test-general.c | 2 +- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/libnm-core-impl/nm-setting-connection.c b/src/libnm-core-impl/nm-setting-connection.c +index b51cd46bdd..3298dce60a 100644 +--- a/src/libnm-core-impl/nm-setting-connection.c ++++ b/src/libnm-core-impl/nm-setting-connection.c +@@ -1379,13 +1379,13 @@ verify(NMSetting *setting, NMConnection *connection, GError **error) + if (connection) + goto after_interface_name; + iface_type = NMU_IFACE_ANY; +- } else if (NM_IN_STRSET(ovs_iface_type, "patch")) { ++ } else if (NM_IN_STRSET(ovs_iface_type, "patch", "dpdk")) { + /* this interface type is internal to OVS. */ + iface_type = NMU_IFACE_OVS; + } else { + /* This interface type also requires a netdev. We need to validate + * for both OVS and KERNEL. */ +- nm_assert(NM_IN_STRSET(ovs_iface_type, "internal", "system", "dpdk")); ++ nm_assert(NM_IN_STRSET(ovs_iface_type, "internal", "system")); + iface_type = NMU_IFACE_OVS_AND_KERNEL; + } + } else +diff --git a/src/libnm-core-impl/tests/test-general.c b/src/libnm-core-impl/tests/test-general.c +index 0a39010c11..8d4ea069c5 100644 +--- a/src/libnm-core-impl/tests/test-general.c ++++ b/src/libnm-core-impl/tests/test-general.c +@@ -10832,7 +10832,7 @@ test_connection_ovs_ifname(gconstpointer test_data) + /* good if bridge, port, or patch interface */ + g_object_set(s_con, NM_SETTING_CONNECTION_INTERFACE_NAME, "ovs123123123123130123123", NULL); + +- if (!ovs_iface_type || nm_streq(ovs_iface_type, "patch")) ++ if (!ovs_iface_type || NM_IN_STRSET(ovs_iface_type, "patch", "dpdk")) + nmtst_assert_connection_verifies(con); + else { + nmtst_assert_connection_unnormalizable(con, +-- +2.45.2 + diff --git a/SPECS/NetworkManager.spec b/SPECS/NetworkManager.spec index 22d6445..14ac59e 100644 --- a/SPECS/NetworkManager.spec +++ b/SPECS/NetworkManager.spec @@ -6,7 +6,7 @@ %global epoch_version 1 %global real_version 1.48.10 %global rpm_version %{real_version} -%global release_version 2 +%global release_version 3 %global snapshot %{nil} %global git_sha %{nil} %global bcond_default_debug 0 @@ -213,6 +213,9 @@ Patch0001: 0001-revert-change-default-value-for-ipv4.dad-timeout-from-0-to-200ms # Bugfixes that are only relevant until next rebase of the package. Patch1001: 1001-cloud-setup-allow-bigger-restart-bursts-rhel-56740.patch Patch1002: 1002-cloud-setup-ensure-azure-places-primary-address-first-rhel-56387.patch +Patch1003: 1003-only-validate-sriov-capability-when-enabled-rhel-58397.patch +Patch1004: 1004-fix-bug-when-deactivating-port-connections-rhel-50747.patch +Patch1005: 1005-fix-validation-of-ovs-dpdk-interface-name-rhel-60022.patch Requires(post): systemd %if 0%{?fedora} || 0%{?rhel} >= 8 @@ -1269,6 +1272,11 @@ fi %changelog +* Tue Nov 12 2024 Beniamino Galvani - 1:1.48.10-3 +- Only validate the SR-IOV device capability when SR-IOV is enabled (RHEL-58397) +- Fix bug when deactivating port connections (RHEL-50747) +- Fix validation of ovs-dpdk interface name (RHEL-60022) + * Fri Aug 30 2024 Fernando Fernandez Mancera - 1:1.48.10-2 - cloud-setup: Allow bigger restart bursts (RHEL-56740) - cloud-setup: Fix Azure swap of primary and secondary IP addresses (RHEL-56387)