Compare commits

..

No commits in common. 'c9' and 'c10-beta' have entirely different histories.
c9 ... c10-beta

@ -1,61 +0,0 @@
diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c
index 16f8e1f261..036233e668 100644
--- a/src/core/devices/nm-device.c
+++ b/src/core/devices/nm-device.c
@@ -1661,7 +1661,7 @@ _prop_get_ipv4_dad_timeout(NMDevice *self)
self,
0,
NM_SETTING_IP_CONFIG_DAD_TIMEOUT_MAX,
- 200);
+ 0);
}
static guint32
diff --git a/src/libnm-core-impl/nm-setting-ip-config.c b/src/libnm-core-impl/nm-setting-ip-config.c
index bfebe7d13d..de56ed74ea 100644
--- a/src/libnm-core-impl/nm-setting-ip-config.c
+++ b/src/libnm-core-impl/nm-setting-ip-config.c
@@ -6655,7 +6655,7 @@ nm_setting_ip_config_class_init(NMSettingIPConfigClass *klass)
*
* A zero value means that no duplicate address detection is performed, -1 means
* the default value (either the value configured globally in NetworkManger.conf
- * or 200ms). A value greater than zero is a timeout in milliseconds. Note that
+ * or zero). A value greater than zero is a timeout in milliseconds. Note that
* the time intervals are subject to randomization as per RFC 5227 and so the
* actual duration can be between half and the full time specified in this
* property.
diff --git a/src/libnmc-setting/settings-docs.h.in b/src/libnmc-setting/settings-docs.h.in
index 77cde6620e..e42cb74e7f 100644
--- a/src/libnmc-setting/settings-docs.h.in
+++ b/src/libnmc-setting/settings-docs.h.in
@@ -162,7 +162,7 @@
#define DESCRIBE_DOC_NM_SETTING_INFINIBAND_TRANSPORT_MODE N_("The IP-over-InfiniBand transport mode. Either \"datagram\" or \"connected\".")
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_ADDRESSES N_("A list of IPv4 addresses and their prefix length. Multiple addresses can be separated by comma. For example \"192.168.1.5/24, 10.1.0.5/24\". The addresses are listed in decreasing priority, meaning the first address will be the primary address.")
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_AUTO_ROUTE_EXT_GW N_("VPN connections will default to add the route automatically unless this setting is set to FALSE. For other connection types, adding such an automatic route is currently not supported and setting this to TRUE has no effect.")
-#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DAD_TIMEOUT N_("Maximum timeout in milliseconds used to check for the presence of duplicate IP addresses on the network. If an address conflict is detected, the activation will fail. The property is currently implemented only for IPv4. A zero value means that no duplicate address detection is performed, -1 means the default value (either the value configured globally in NetworkManger.conf or 200ms). A value greater than zero is a timeout in milliseconds. Note that the time intervals are subject to randomization as per RFC 5227 and so the actual duration can be between half and the full time specified in this property.")
+#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DAD_TIMEOUT N_("Maximum timeout in milliseconds used to check for the presence of duplicate IP addresses on the network. If an address conflict is detected, the activation will fail. The property is currently implemented only for IPv4. A zero value means that no duplicate address detection is performed, -1 means the default value (either the value configured globally in NetworkManger.conf or zero). A value greater than zero is a timeout in milliseconds. Note that the time intervals are subject to randomization as per RFC 5227 and so the actual duration can be between half and the full time specified in this property.")
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_CLIENT_ID N_("A string sent to the DHCP server to identify the local machine which the DHCP server may use to customize the DHCP lease and options. When the property is a hex string ('aa:bb:cc') it is interpreted as a binary client ID, in which case the first byte is assumed to be the 'type' field as per RFC 2132 section 9.14 and the remaining bytes may be an hardware address (e.g. '01:xx:xx:xx:xx:xx:xx' where 1 is the Ethernet ARP type and the rest is a MAC address). If the property is not a hex string it is considered as a non-hardware-address client ID and the 'type' field is set to 0. The special values \"mac\" and \"perm-mac\" are supported, which use the current or permanent MAC address of the device to generate a client identifier with type ethernet (01). Currently, these options only work for ethernet type of links. The special value \"ipv6-duid\" uses the DUID from \"ipv6.dhcp-duid\" property as an RFC4361-compliant client identifier. As IAID it uses \"ipv4.dhcp-iaid\" and falls back to \"ipv6.dhcp-iaid\" if unset. The special value \"duid\" generates a RFC4361-compliant client identifier based on \"ipv4.dhcp-iaid\" and uses a DUID generated by hashing /etc/machine-id. The special value \"stable\" is supported to generate a type 0 client identifier based on the stable-id (see connection.stable-id) and a per-host key. If you set the stable-id, you may want to include the \"${DEVICE}\" or \"${MAC}\" specifier to get a per-device key. The special value \"none\" prevents any client identifier from being sent. Note that this is normally not recommended. If unset, a globally configured default from NetworkManager.conf is used. If still unset, the default depends on the DHCP plugin. The internal dhcp client will default to \"mac\" and the dhclient plugin will try to use one from its config file if present, or won't sent any client-id otherwise.")
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_DSCP N_("Specifies the value for the DSCP field (traffic class) of the IP header. When empty, the global default value is used; if no global default is specified, it is assumed to be \"CS0\". Allowed values are: \"CS0\", \"CS4\" and \"CS6\". The property is currently valid only for IPv4, and it is supported only by the \"internal\" DHCP plugin.")
#define DESCRIBE_DOC_NM_SETTING_IP4_CONFIG_DHCP_FQDN N_("If the \"dhcp-send-hostname\" property is TRUE, then the specified FQDN will be sent to the DHCP server when acquiring a lease. This property and \"dhcp-hostname\" are mutually exclusive and cannot be set at the same time.")
@@ -192,7 +192,7 @@
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_ADDR_GEN_MODE N_("Configure method for creating the IPv6 interface identifer of addresses with RFC4862 IPv6 Stateless Address Autoconfiguration and Link Local addresses. The permitted values are: \"eui64\" (0), \"stable-privacy\" (1), \"default\" (3) or \"default-or-eui64\" (2). If the property is set to \"eui64\", the addresses will be generated using the interface token derived from hardware address. This makes the host part of the address to stay constant, making it possible to track the host's presence when it changes networks. The address changes when the interface hardware is replaced. If a duplicate address is detected, there is also no fallback to generate another address. When configured, the \"ipv6.token\" is used instead of the MAC address to generate addresses for stateless autoconfiguration. If the property is set to \"stable-privacy\", the interface identifier is generated as specified by RFC7217. This works by hashing a host specific key (see NetworkManager(8) manual), the interface name, the connection's \"connection.stable-id\" property and the address prefix. This improves privacy by making it harder to use the address to track the host's presence and the address is stable when the network interface hardware is replaced. The special values \"default\" and \"default-or-eui64\" will fallback to the global connection default as documented in the NetworkManager.conf(5) manual. If the global default is not specified, the fallback value is \"stable-privacy\" or \"eui64\", respectively. If not specified, when creating a new profile the default is \"default\". Note that this setting is distinct from the Privacy Extensions as configured by \"ip6-privacy\" property and it does not affect the temporary addresses configured with this option.")
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_ADDRESSES N_("A list of IPv6 addresses and their prefix length. Multiple addresses can be separated by comma. For example \"2001:db8:85a3::8a2e:370:7334/64, 2001:db8:85a3::5/64\". The addresses are listed in decreasing priority, meaning the first address will be the primary address. This can make a difference with IPv6 source address selection (RFC 6724, section 5).")
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_AUTO_ROUTE_EXT_GW N_("VPN connections will default to add the route automatically unless this setting is set to FALSE. For other connection types, adding such an automatic route is currently not supported and setting this to TRUE has no effect.")
-#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DAD_TIMEOUT N_("Maximum timeout in milliseconds used to check for the presence of duplicate IP addresses on the network. If an address conflict is detected, the activation will fail. The property is currently implemented only for IPv4. A zero value means that no duplicate address detection is performed, -1 means the default value (either the value configured globally in NetworkManger.conf or 200ms). A value greater than zero is a timeout in milliseconds. Note that the time intervals are subject to randomization as per RFC 5227 and so the actual duration can be between half and the full time specified in this property.")
+#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DAD_TIMEOUT N_("Maximum timeout in milliseconds used to check for the presence of duplicate IP addresses on the network. If an address conflict is detected, the activation will fail. The property is currently implemented only for IPv4. A zero value means that no duplicate address detection is performed, -1 means the default value (either the value configured globally in NetworkManger.conf or zero). A value greater than zero is a timeout in milliseconds. Note that the time intervals are subject to randomization as per RFC 5227 and so the actual duration can be between half and the full time specified in this property.")
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DHCP_DSCP N_("Specifies the value for the DSCP field (traffic class) of the IP header. When empty, the global default value is used; if no global default is specified, it is assumed to be \"CS0\". Allowed values are: \"CS0\", \"CS4\" and \"CS6\". The property is currently valid only for IPv4, and it is supported only by the \"internal\" DHCP plugin.")
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DHCP_DUID N_("A string containing the DHCPv6 Unique Identifier (DUID) used by the dhcp client to identify itself to DHCPv6 servers (RFC 3315). The DUID is carried in the Client Identifier option. If the property is a hex string ('aa:bb:cc') it is interpreted as a binary DUID and filled as an opaque value in the Client Identifier option. The special value \"lease\" will retrieve the DUID previously used from the lease file belonging to the connection. If no DUID is found and \"dhclient\" is the configured dhcp client, the DUID is searched in the system-wide dhclient lease file. If still no DUID is found, or another dhcp client is used, a global and permanent DUID-UUID (RFC 6355) will be generated based on the machine-id. The special values \"llt\" and \"ll\" will generate a DUID of type LLT or LL (see RFC 3315) based on the current MAC address of the device. In order to try providing a stable DUID-LLT, the time field will contain a constant timestamp that is used globally (for all profiles) and persisted to disk. The special values \"stable-llt\", \"stable-ll\" and \"stable-uuid\" will generate a DUID of the corresponding type, derived from the connection's stable-id and a per-host unique key. You may want to include the \"${DEVICE}\" or \"${MAC}\" specifier in the stable-id, in case this profile gets activated on multiple devices. So, the link-layer address of \"stable-ll\" and \"stable-llt\" will be a generated address derived from the stable id. The DUID-LLT time value in the \"stable-llt\" option will be picked among a static timespan of three years (the upper bound of the interval is the same constant timestamp used in \"llt\"). When the property is unset, the global value provided for \"ipv6.dhcp-duid\" is used. If no global value is provided, the default \"lease\" value is assumed.")
#define DESCRIBE_DOC_NM_SETTING_IP6_CONFIG_DHCP_HOSTNAME N_("If the \"dhcp-send-hostname\" property is TRUE, then the specified name will be sent to the DHCP server when acquiring a lease. This property and \"dhcp-fqdn\" are mutually exclusive and cannot be set at the same time.")
diff --git a/src/nmcli/gen-metadata-nm-settings-nmcli.xml.in b/src/nmcli/gen-metadata-nm-settings-nmcli.xml.in
index 8806bf2550..09648f3ff8 100644
--- a/src/nmcli/gen-metadata-nm-settings-nmcli.xml.in
+++ b/src/nmcli/gen-metadata-nm-settings-nmcli.xml.in
@@ -1337,7 +1337,7 @@
values="-1 - 2147483647"
special-values="default (-1), infinity (2147483647)" />
<property name="dad-timeout"
- nmcli-description="Maximum timeout in milliseconds used to check for the presence of duplicate IP addresses on the network. If an address conflict is detected, the activation will fail. The property is currently implemented only for IPv4. A zero value means that no duplicate address detection is performed, -1 means the default value (either the value configured globally in NetworkManger.conf or 200ms). A value greater than zero is a timeout in milliseconds. Note that the time intervals are subject to randomization as per RFC 5227 and so the actual duration can be between half and the full time specified in this property."
+ nmcli-description="Maximum timeout in milliseconds used to check for the presence of duplicate IP addresses on the network. If an address conflict is detected, the activation will fail. The property is currently implemented only for IPv4. A zero value means that no duplicate address detection is performed, -1 means the default value (either the value configured globally in NetworkManger.conf or zero). A value greater than zero is a timeout in milliseconds. Note that the time intervals are subject to randomization as per RFC 5227 and so the actual duration can be between half and the full time specified in this property."
format="integer"
values="-1 - 30000"
special-values="default (-1), off (0)" />

@ -1,45 +0,0 @@
From 065584036f8072c994a8bdab210bcfd0ff483960 Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Tue, 27 Aug 2024 00:29:17 +0200
Subject: [PATCH] cloud-setup: allow bigger restart bursts
On daemon startup, we may end up enqueueing many nm-cloud-setup.service
restarts in very a short time. That is perfectly fine, just bump the
thresholds so that systemd doesn't get in the way too quickly.
100 requests in 1 seconds seem like a fair choice -- little bit on the
conservative side, yet still giving the service manager some room to
interfere on a chance things really go awry.
https://issues.redhat.com/browse/RHEL-49694
(cherry picked from commit 927cff9f178911b2a146259a89bfcc9727cbd8c3)
(cherry picked from commit 4dc35c72744f8820575ab0ea4638c4ddd880547d)
---
src/nm-cloud-setup/nm-cloud-setup.service.in | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/src/nm-cloud-setup/nm-cloud-setup.service.in b/src/nm-cloud-setup/nm-cloud-setup.service.in
index e73654d892..ecb70e1c8e 100644
--- a/src/nm-cloud-setup/nm-cloud-setup.service.in
+++ b/src/nm-cloud-setup/nm-cloud-setup.service.in
@@ -8,6 +8,17 @@ After=NetworkManager.service
Type=oneshot
ExecStart=@libexecdir@/nm-cloud-setup
+# The service restart gets triggered from dispatcher script
+# (pre-up and dhcp4-change actions), possibly ending up with many
+# restart requests at the same time (e.g. on initial daemon startup
+# on a machine with multiple NICs). The systemd handles multiple
+# concurrent restart requests gracefully (the newer requests supersede
+# older, which wait for them to finish), but the default limits are way
+# too low: 5 restarts in 10 seconds. Raise that high enough for us to
+# be on the safe side.
+StartLimitIntervalSec=1
+StartLimitBurst=100
+
#Environment=NM_CLOUD_SETUP_LOG=TRACE
# Cloud providers are disabled by default. You need to
--
2.46.0

@ -1,140 +0,0 @@
From 7183fbf6f35572f9fb0c2eeef5c155a3b9c82a54 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=8D=C3=B1igo=20Huguet?= <ihuguet@redhat.com>
Date: Tue, 27 Aug 2024 12:08:16 +0200
Subject: [PATCH] cloud-setup: azure: ensure that primary address is placed
first
The primary address is that placed at position 0 of all the IP Addresses
of the interface. Sometimes we put it in a different position in the
ipv4s array because we insert them in the order we receive, but it might
happen that the HTTP responses comes back in wrong order.
In order to solve this, we pass the index of the IPv4 address to the
callback and the address is added in the right position directly.
Co-authored-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
(cherry picked from commit 72014db629cff33611ade58190d45a714efa1bbf)
(cherry picked from commit c976e212372da9683a1e2f8618e3bcfdf21d5e25)
---
src/nm-cloud-setup/nmcs-provider-azure.c | 43 ++++++++++++++++--------
1 file changed, 29 insertions(+), 14 deletions(-)
diff --git a/src/nm-cloud-setup/nmcs-provider-azure.c b/src/nm-cloud-setup/nmcs-provider-azure.c
index 771c43d9ad..78eda16cbb 100644
--- a/src/nm-cloud-setup/nmcs-provider-azure.c
+++ b/src/nm-cloud-setup/nmcs-provider-azure.c
@@ -102,6 +102,11 @@ typedef struct {
guint n_iface_data_pending;
} AzureIfaceData;
+typedef struct {
+ AzureIfaceData *iface_data;
+ guint64 ipaddress_idx;
+} AzureIpAddressReqData;
+
static void
_azure_iface_data_destroy(AzureIfaceData *iface_data)
{
@@ -112,7 +117,8 @@ static void
_get_config_fetch_done_cb(NMHttpClient *http_client,
GAsyncResult *result,
AzureIfaceData *iface_data,
- GetConfigFetchType fetch_type)
+ GetConfigFetchType fetch_type,
+ guint64 ipaddress_idx)
{
NMCSProviderGetConfigTaskData *get_config_data;
NMCSProviderGetConfigIfaceData *iface_get_config;
@@ -149,9 +155,7 @@ _get_config_fetch_done_cb(NMHttpClient *http_client,
_LOGD("interface[%" G_GSSIZE_FORMAT "]: received address %s",
iface_data->intern_iface_idx,
nm_inet4_ntop(tmp_addr, tmp_addr_str));
- iface_get_config->ipv4s_arr[iface_get_config->ipv4s_len] = tmp_addr;
- iface_get_config->has_ipv4s = TRUE;
- iface_get_config->ipv4s_len++;
+ iface_get_config->ipv4s_arr[ipaddress_idx] = tmp_addr;
break;
case GET_CONFIG_FETCH_TYPE_IPV4_SUBNET_0_ADDRESS:
@@ -203,10 +207,14 @@ _get_config_fetch_done_cb_ipv4_ipaddress_x_privateipaddress(GObject *source
GAsyncResult *result,
gpointer user_data)
{
+ AzureIpAddressReqData *ipaddress_req_data = user_data;
+
_get_config_fetch_done_cb(NM_HTTP_CLIENT(source),
result,
- user_data,
- GET_CONFIG_FETCH_TYPE_IPV4_IPADDRESS_X_PRIVATEIPADDRESS);
+ ipaddress_req_data->iface_data,
+ GET_CONFIG_FETCH_TYPE_IPV4_IPADDRESS_X_PRIVATEIPADDRESS,
+ ipaddress_req_data->ipaddress_idx);
+ g_free(ipaddress_req_data);
}
static void
@@ -217,7 +225,8 @@ _get_config_fetch_done_cb_ipv4_subnet_0_address(GObject *source,
_get_config_fetch_done_cb(NM_HTTP_CLIENT(source),
result,
user_data,
- GET_CONFIG_FETCH_TYPE_IPV4_SUBNET_0_ADDRESS);
+ GET_CONFIG_FETCH_TYPE_IPV4_SUBNET_0_ADDRESS,
+ 0);
}
static void
@@ -228,7 +237,8 @@ _get_config_fetch_done_cb_ipv4_subnet_0_prefix(GObject *source,
_get_config_fetch_done_cb(NM_HTTP_CLIENT(source),
result,
user_data,
- GET_CONFIG_FETCH_TYPE_IPV4_SUBNET_0_PREFIX);
+ GET_CONFIG_FETCH_TYPE_IPV4_SUBNET_0_PREFIX,
+ 0);
}
static void
@@ -265,9 +275,10 @@ _get_config_ips_prefix_list_cb(GObject *source, GAsyncResult *result, gpointer u
nm_sprintf_buf(iface_idx_str, "%" G_GSSIZE_FORMAT, iface_data->intern_iface_idx);
while (nm_utils_parse_next_line(&response_str, &response_len, &line, &line_len)) {
- gint64 ips_prefix_idx;
- gs_free char *uri = NULL;
- char buf[100];
+ AzureIpAddressReqData *ipaddress_req_data;
+ gint64 ips_prefix_idx;
+ gs_free char *uri = NULL;
+ char buf[100];
if (line_len == 0)
continue;
@@ -284,8 +295,11 @@ _get_config_ips_prefix_list_cb(GObject *source, GAsyncResult *result, gpointer u
if (ips_prefix_idx < 0)
continue;
- iface_data->n_iface_data_pending++;
+ ipaddress_req_data = g_new(AzureIpAddressReqData, 1);
+ ipaddress_req_data->iface_data = iface_data;
+ ipaddress_req_data->ipaddress_idx = ips_prefix_idx;
+ iface_data->n_iface_data_pending++;
nm_http_client_poll_req(
NM_HTTP_CLIENT(source),
(uri = _azure_uri_interfaces(iface_idx_str,
@@ -302,11 +316,12 @@ _get_config_ips_prefix_list_cb(GObject *source, GAsyncResult *result, gpointer u
NULL,
NULL,
_get_config_fetch_done_cb_ipv4_ipaddress_x_privateipaddress,
- iface_data);
+ ipaddress_req_data);
}
- iface_data->iface_get_config->ipv4s_len = 0;
iface_data->iface_get_config->ipv4s_arr = g_new(in_addr_t, iface_data->n_iface_data_pending);
+ iface_data->iface_get_config->has_ipv4s = TRUE;
+ iface_data->iface_get_config->ipv4s_len = iface_data->n_iface_data_pending;
{
gs_free char *uri = NULL;
--
2.46.0

@ -1,74 +0,0 @@
From d9dd0aeff8ba2e1a0005c2e5751907c453927c5c Mon Sep 17 00:00:00 2001
From: Gris Ge <fge@redhat.com>
Date: Mon, 21 Oct 2024 21:13:29 +0800
Subject: [PATCH] sriov: only valid sriov capacity when enabled
NetworkManager current code will refuse to activate a connection if its
interface has no SRIOV capacity but holding a empty SRIOV settings.
This patch only valid SRIOV capacity when it is enabled(total_vfs > 0).
Resolves: https://issues.redhat.com/browse/RHEL-58397
Signed-off-by: Gris Ge <fge@redhat.com>
(cherry picked from commit 421ccf8b4cb85c96db3bf1cb6a860e41a784c950)
(cherry picked from commit c9e31e70cbf62c65cec460dc198712a61351e9f4)
(cherry picked from commit 90a3b014683c3c98c9fb4bbe2add65510e7f1b31)
---
src/core/devices/nm-device.c | 19 ++++++++++---------
1 file changed, 10 insertions(+), 9 deletions(-)
diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c
index 4780003a0a..e86c32a902 100644
--- a/src/core/devices/nm-device.c
+++ b/src/core/devices/nm-device.c
@@ -9468,6 +9468,7 @@ check_connection_compatible(NMDevice *self,
NMSettingMatch *s_match;
const GSList *specs;
gboolean has_match = FALSE;
+ NMSettingSriov *s_sriov = NULL;
klass = NM_DEVICE_GET_CLASS(self);
if (klass->connection_type_check_compatible) {
@@ -9485,12 +9486,14 @@ check_connection_compatible(NMDevice *self,
return FALSE;
}
- if (!nm_device_has_capability(self, NM_DEVICE_CAP_SRIOV)
- && nm_connection_get_setting(connection, NM_TYPE_SETTING_SRIOV)) {
- nm_utils_error_set_literal(error,
- NM_UTILS_ERROR_CONNECTION_AVAILABLE_TEMPORARY,
- "device does not support SR-IOV");
- return FALSE;
+ if (!nm_device_has_capability(self, NM_DEVICE_CAP_SRIOV)) {
+ s_sriov = (NMSettingSriov *) nm_connection_get_setting(connection, NM_TYPE_SETTING_SRIOV);
+ if (s_sriov && nm_setting_sriov_get_total_vfs(s_sriov)) {
+ nm_utils_error_set_literal(error,
+ NM_UTILS_ERROR_CONNECTION_AVAILABLE_TEMPORARY,
+ "device does not support SR-IOV");
+ return FALSE;
+ }
}
conn_iface = nm_manager_get_connection_iface(NM_MANAGER_GET, connection, NULL, NULL, &local);
@@ -10101,7 +10104,7 @@ activate_stage1_device_prepare(NMDevice *self)
s_sriov = nm_device_get_applied_setting(self, NM_TYPE_SETTING_SRIOV);
}
- if (s_sriov) {
+ if (s_sriov && nm_device_has_capability(self, NM_DEVICE_CAP_SRIOV)) {
nm_auto_freev NMPlatformVF **plat_vfs = NULL;
gs_free_error GError *error = NULL;
NMSriovVF *vf;
@@ -10109,8 +10112,6 @@ activate_stage1_device_prepare(NMDevice *self)
guint num;
guint i;
- nm_assert(nm_device_has_capability(self, NM_DEVICE_CAP_SRIOV));
-
autoprobe = nm_setting_sriov_get_autoprobe_drivers(s_sriov);
if (autoprobe == NM_TERNARY_DEFAULT) {
autoprobe = nm_config_data_get_connection_default_int64(
--
2.45.2

@ -1,136 +0,0 @@
From 3b1181dc02172033d8e2bb7fd2336b2ea0355a87 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Mon, 23 Sep 2024 17:28:03 +0200
Subject: [PATCH] device: fix bug when deactivating port connections
asynchronously
When the attach_port()/detach_port() methods do not return immediately
(currently, only for OVS ports), the following situation can arise:
- nm_device_controller_attach_port() starts the attachment by sending
the command to ovsdb. Note that here we don't set
`PortInfo->port_is_attached` to TRUE yet; that happens only after
the asynchronous command returns;
- the activation of the port gets interrupted because the connection
is deleted;
- the port device enters the deactivating state, triggering function
port_state_changed()
- the function calls nm_device_controller_release_port() which checks
whether the port is already attached; since
`PortInfo->port_is_attached` is not set yet, it assumes the port
doesn't need to be detached;
- in the meantime, the ovsdb operation succeeds. As a consequence,
the kernel link is created even if the connection no longer exists.
Fix this by turning `port_is_attached` into a tri-state variable that
also tracks when the port is attaching. When it is, we need to perform
an explicit detach during deactivation.
Fixes: 9fcbc6b37dec ('device: make attach_port() asynchronous')
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2043
Resolves: https://issues.redhat.com/browse/RHEL-58026
(cherry picked from commit a8329587c8bdd53e2bc4513a4e82529727cfa5ef)
(cherry picked from commit d809ca6db24b5145fcc1857b962afb7ae17d07a5)
(cherry picked from commit ca6ca684b21235f706b02cee42075f2ee3cb1795)
---
src/core/devices/nm-device.c | 27 ++++++++++++++++++++++-----
1 file changed, 22 insertions(+), 5 deletions(-)
diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c
index e86c32a902..f9a2e7e8fe 100644
--- a/src/core/devices/nm-device.c
+++ b/src/core/devices/nm-device.c
@@ -126,12 +126,18 @@ typedef enum _nm_packed {
ADDR_METHOD_STATE_FAILED,
} AddrMethodState;
+typedef enum {
+ PORT_STATE_NOT_ATTACHED,
+ PORT_STATE_ATTACHED,
+ PORT_STATE_ATTACHING,
+} PortState;
+
typedef struct {
CList lst_port;
NMDevice *port;
GCancellable *cancellable;
gulong watch_id;
- bool port_is_attached;
+ PortState port_state;
bool configure;
} PortInfo;
@@ -6693,7 +6699,7 @@ attach_port_done(NMDevice *self, NMDevice *port, gboolean success)
if (!info)
return;
- info->port_is_attached = success;
+ info->port_state = (success ? PORT_STATE_ATTACHED : PORT_STATE_NOT_ATTACHED);
nm_device_port_notify_attach_as_port(info->port, success);
@@ -6756,7 +6762,7 @@ nm_device_controller_attach_port(NMDevice *self, NMDevice *port, NMConnection *c
if (!info)
return;
- if (info->port_is_attached)
+ if (info->port_state == PORT_STATE_ATTACHED)
success = TRUE;
else {
configure = (info->configure && connection != NULL);
@@ -6765,6 +6771,7 @@ nm_device_controller_attach_port(NMDevice *self, NMDevice *port, NMConnection *c
nm_clear_g_cancellable(&info->cancellable);
info->cancellable = g_cancellable_new();
+ info->port_state = PORT_STATE_ATTACHING;
success = NM_DEVICE_GET_CLASS(self)->attach_port(self,
port,
connection,
@@ -6819,6 +6826,7 @@ nm_device_controller_release_port(NMDevice *self,
PortInfo *info;
gs_unref_object NMDevice *self_free = NULL;
gs_unref_object NMDevice *port_free = NULL;
+ const char *port_state_str;
g_return_if_fail(NM_DEVICE(self));
g_return_if_fail(NM_DEVICE(port));
@@ -6830,11 +6838,20 @@ nm_device_controller_release_port(NMDevice *self,
info = find_port_info(self, port);
+ if (info->port_state == PORT_STATE_ATTACHED)
+ port_state_str = "(attached)";
+ else if (info->port_state == PORT_STATE_NOT_ATTACHED)
+ port_state_str = "(not attached)";
+ else {
+ nm_assert(info->port_state == PORT_STATE_ATTACHING);
+ port_state_str = "(attaching)";
+ }
+
_LOGT(LOGD_CORE,
"controller: release one port " NM_HASH_OBFUSCATE_PTR_FMT "/%s %s%s",
NM_HASH_OBFUSCATE_PTR(port),
nm_device_get_iface(port),
- !info ? "(not registered)" : (info->port_is_attached ? "(attached)" : "(not attached)"),
+ !info ? "(not registered)" : port_state_str,
release_type == RELEASE_PORT_TYPE_CONFIG_FORCE
? " (force-configure)"
: (release_type == RELEASE_PORT_TYPE_CONFIG ? " (configure)" : "(no-config)"));
@@ -6850,7 +6867,7 @@ nm_device_controller_release_port(NMDevice *self,
nm_clear_g_cancellable(&info->cancellable);
/* first, let subclasses handle the release ... */
- if (info->port_is_attached || nm_device_sys_iface_state_is_external(port)
+ if (info->port_state != PORT_STATE_NOT_ATTACHED || nm_device_sys_iface_state_is_external(port)
|| release_type >= RELEASE_PORT_TYPE_CONFIG_FORCE) {
NMTernary ret;
--
2.45.2

@ -1,57 +0,0 @@
From fd2768da4c3f966a215f01f09f8b5d7d534d0193 Mon Sep 17 00:00:00 2001
From: Beniamino Galvani <bgalvani@redhat.com>
Date: Tue, 24 Sep 2024 16:25:03 +0200
Subject: [PATCH] libnm-core: fix validation of ovs-dpdk interface name
An ovs-dpdk interface doesn't have a kernel link and doesn't have the
15-character limit on the name.
Fixes: 3efe070dfc7a ('libnm: validate "connection.interface-name" at one place only')
Resolves: https://issues.redhat.com/browse/RHEL-60233
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2044
(cherry picked from commit fda05b0af085d9f7e4cc5691075dae63e7bf02a6)
(cherry picked from commit f6e4e537757a414cc896bc1b402da8c9c9e32eaa)
(cherry picked from commit c7035db5b43beff7ad7e91685ff17982a540d8e2)
---
src/libnm-core-impl/nm-setting-connection.c | 4 ++--
src/libnm-core-impl/tests/test-general.c | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/libnm-core-impl/nm-setting-connection.c b/src/libnm-core-impl/nm-setting-connection.c
index b51cd46bdd..3298dce60a 100644
--- a/src/libnm-core-impl/nm-setting-connection.c
+++ b/src/libnm-core-impl/nm-setting-connection.c
@@ -1379,13 +1379,13 @@ verify(NMSetting *setting, NMConnection *connection, GError **error)
if (connection)
goto after_interface_name;
iface_type = NMU_IFACE_ANY;
- } else if (NM_IN_STRSET(ovs_iface_type, "patch")) {
+ } else if (NM_IN_STRSET(ovs_iface_type, "patch", "dpdk")) {
/* this interface type is internal to OVS. */
iface_type = NMU_IFACE_OVS;
} else {
/* This interface type also requires a netdev. We need to validate
* for both OVS and KERNEL. */
- nm_assert(NM_IN_STRSET(ovs_iface_type, "internal", "system", "dpdk"));
+ nm_assert(NM_IN_STRSET(ovs_iface_type, "internal", "system"));
iface_type = NMU_IFACE_OVS_AND_KERNEL;
}
} else
diff --git a/src/libnm-core-impl/tests/test-general.c b/src/libnm-core-impl/tests/test-general.c
index 0a39010c11..8d4ea069c5 100644
--- a/src/libnm-core-impl/tests/test-general.c
+++ b/src/libnm-core-impl/tests/test-general.c
@@ -10832,7 +10832,7 @@ test_connection_ovs_ifname(gconstpointer test_data)
/* good if bridge, port, or patch interface */
g_object_set(s_con, NM_SETTING_CONNECTION_INTERFACE_NAME, "ovs123123123123130123123", NULL);
- if (!ovs_iface_type || nm_streq(ovs_iface_type, "patch"))
+ if (!ovs_iface_type || NM_IN_STRSET(ovs_iface_type, "patch", "dpdk"))
nmtst_assert_connection_verifies(con);
else {
nmtst_assert_connection_unnormalizable(con,
--
2.45.2

@ -1,541 +0,0 @@
From 9628d71b541635047807e3344b871f701bddf77e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=8D=C3=B1igo=20Huguet?= <ihuguet@redhat.com>
Date: Wed, 4 Dec 2024 14:24:38 +0100
Subject: [PATCH 1/4] libnmc: fix bug checking VersionInfo's capabilities
Remove the `+ 31u` that was making that it would search for bit 1 at
array's element 1, instead of element 0. Fixed comparison >len that
shoudl be >=len. Fix a few typos.
Fixes: bc6098d44106 ('libnm: add internal nmc_client_has_{version_info_v,version_info_capability,capability}() helper')
(cherry picked from commit 5a65170b49d38f5195da900f63710c847ce3364e)
---
src/libnm-client-aux-extern/nm-libnm-aux.c | 11 ++++-------
src/libnm-client-impl/nm-client.c | 4 ++--
2 files changed, 6 insertions(+), 9 deletions(-)
diff --git a/src/libnm-client-aux-extern/nm-libnm-aux.c b/src/libnm-client-aux-extern/nm-libnm-aux.c
index 5855bc299b..77f4a19559 100644
--- a/src/libnm-client-aux-extern/nm-libnm-aux.c
+++ b/src/libnm-client-aux-extern/nm-libnm-aux.c
@@ -169,14 +169,11 @@ nmc_client_has_version_info_capability(NMClient *nmc, NMVersionInfoCapability ca
len--;
ver++;
- idx = (gsize) capability;
- if (idx >= G_MAXSIZE - 31u)
- return FALSE;
-
- idx_hi = ((idx + 31u) / 32u);
- idx_lo = (idx % 32u);
+ idx = (gsize) capability;
+ idx_hi = idx / 32u;
+ idx_lo = idx % 32u;
- if (idx_hi > len)
+ if (idx_hi >= len)
return FALSE;
return NM_FLAGS_ANY(ver[idx_hi], (1ull << idx_lo));
diff --git a/src/libnm-client-impl/nm-client.c b/src/libnm-client-impl/nm-client.c
index 4ecc83899c..677f9aacab 100644
--- a/src/libnm-client-impl/nm-client.c
+++ b/src/libnm-client-impl/nm-client.c
@@ -6315,7 +6315,7 @@ nm_client_get_capabilities(NMClient *client, gsize *length)
*
* If available, the first element in the array is NM_VERSION which
* encodes the daemon version as "(major << 16 | minor << 8 | micro)".
- * The following elements are a bitfield of %NMVersionInfoCapabilities
+ * The following elements are a bitfield of %NMVersionInfoCapability
* that indicate that the daemon supports a certain capability.
*
* Returns: (transfer none) (array length=length): the
@@ -8312,7 +8312,7 @@ nm_client_class_init(NMClientClass *client_class)
* Expose version info and capabilities of NetworkManager. If non-empty,
* the first element is NM_VERSION, which encodes the version of the
* daemon as "(major << 16 | minor << 8 | micro)". The following elements
- * is a bitfields of %NMVersionInfoCapabilities. If a bit is set, then
+ * is a bitfields of %NMVersionInfoCapability. If a bit is set, then
* the running NetworkManager has the respective capability.
*
* Since: 1.42
--
2.47.1
From 2498b7aa0b0e654d97c6ded907c20341b866af21 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=8D=C3=B1igo=20Huguet?= <ihuguet@redhat.com>
Date: Wed, 27 Nov 2024 08:48:50 +0100
Subject: [PATCH 2/4] platform: rename NM_IP_ROUTE_TABLE_SYNC_MODE_FULL ->
ALL_EXCEPT_LOCAL
The difference between FULL and ALL was not obvious without reading the
documentation. Moreover, a new mode is going to be introduced so the
confusion could grow. Rename to a more explicit name.
(cherry picked from commit e1840ad5fbe4684cb8fce4a638617729969255e5)
---
src/libnm-platform/nm-platform.c | 4 ++--
src/libnm-platform/nmp-base.h | 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/src/libnm-platform/nm-platform.c b/src/libnm-platform/nm-platform.c
index af04f29fad..ac2ecb421c 100644
--- a/src/libnm-platform/nm-platform.c
+++ b/src/libnm-platform/nm-platform.c
@@ -4890,7 +4890,7 @@ nm_platform_ip_route_get_prune_list(NMPlatform *self,
nm_assert(NM_IN_SET(addr_family, AF_INET, AF_INET6));
nm_assert(NM_IN_SET(route_table_sync,
NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN,
- NM_IP_ROUTE_TABLE_SYNC_MODE_FULL,
+ NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_EXCEPT_LOCAL,
NM_IP_ROUTE_TABLE_SYNC_MODE_ALL,
NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE));
@@ -4915,7 +4915,7 @@ nm_platform_ip_route_get_prune_list(NMPlatform *self,
if (!nm_platform_route_table_is_main(nm_platform_ip_route_get_effective_table(&rt->rx)))
continue;
break;
- case NM_IP_ROUTE_TABLE_SYNC_MODE_FULL:
+ case NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_EXCEPT_LOCAL:
if (nm_platform_ip_route_get_effective_table(&rt->rx) == RT_TABLE_LOCAL)
continue;
break;
diff --git a/src/libnm-platform/nmp-base.h b/src/libnm-platform/nmp-base.h
index c7d487e23c..9e2e1063a1 100644
--- a/src/libnm-platform/nmp-base.h
+++ b/src/libnm-platform/nmp-base.h
@@ -211,8 +211,8 @@ nmp_object_type_to_flags(NMPObjectType obj_type)
* @NM_IP_ROUTE_TABLE_SYNC_MODE_NONE: indicate an invalid setting.
* @NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN: only the main table is synced. For all
* other tables, NM won't delete any extra routes.
- * @NM_IP_ROUTE_TABLE_SYNC_MODE_FULL: NM will sync all tables, except the
- * local table (255).
+ * @NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_EXCEPT_LOCAL: NM will sync all tables, except
+ * the local table (255).
* @NM_IP_ROUTE_TABLE_SYNC_MODE_ALL: NM will sync all tables, including the
* local table (255).
* @NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE: NM will sync all tables (including
@@ -222,7 +222,7 @@ nmp_object_type_to_flags(NMPObjectType obj_type)
typedef enum {
NM_IP_ROUTE_TABLE_SYNC_MODE_NONE,
NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN,
- NM_IP_ROUTE_TABLE_SYNC_MODE_FULL,
+ NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_EXCEPT_LOCAL,
NM_IP_ROUTE_TABLE_SYNC_MODE_ALL,
NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE,
} NMIPRouteTableSyncMode;
--
2.47.1
From f970d505e9f5cfdc6b699105e404cd06c51439ca Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=8D=C3=B1igo=20Huguet?= <ihuguet@redhat.com>
Date: Wed, 27 Nov 2024 13:53:02 +0100
Subject: [PATCH 3/4] l3cfg: remove routes added by NM on reapply
By default, on reapply we were only syncing the main routes table. This
causes that routes added by NM to other tables are not removed on
reapply. This was done to preserve routes added externally, but routes
added by NM itself should be removed.
Add a new route table syncing mode "main + NM routes". This mode
maintains the normal behaviour of syncing completely the main table,
and for other tables removes only routes that were added by us, leaving
the rest untouched. Use this mode by default, as this is what a user
would expect on reapply.
Note: this might not work if NM is restarted between the profile being
modified and the reapply, because NM forgets what routes were added by
itself because of the restart. This is a rare corner case, though.
Use the D-Bus property "VersionInfo" to expose a capability flag
indicating that this bug is fixed. It is the first capability that we
expose in this way. However, it is convenient to do it this way as it's
something that clients like nmstate needs to know, so they can decide
whether a conn down is needed or not. It is not enough to decide that by
version number because it might be fixed via a downstream patch in distros
like RHEL.
https://issues.redhat.com/browse/RHEL-67324
https://issues.redhat.com/browse/RHEL-66262
Fixes: e9c17fcc9b33 ('l3cfg: default to 'main' route table sync mode')
(cherry picked from commit e330eb9c4a721d158641701cb48cd8094246d258)
---
src/core/nm-l3cfg.c | 22 ++++++-
src/core/nm-manager.c | 29 +++++----
src/libnm-core-public/nm-dbus-interface.h | 13 ++--
src/libnm-platform/nm-platform.c | 78 ++++++++++++++++++++++-
src/libnm-platform/nm-platform.h | 5 +-
src/libnm-platform/nmp-base.h | 4 ++
6 files changed, 127 insertions(+), 24 deletions(-)
diff --git a/src/core/nm-l3cfg.c b/src/core/nm-l3cfg.c
index 57baeac25d..9dd8275b1f 100644
--- a/src/core/nm-l3cfg.c
+++ b/src/core/nm-l3cfg.c
@@ -4997,7 +4997,7 @@ _l3_commit_one(NML3Cfg *self,
}
if (route_table_sync == NM_IP_ROUTE_TABLE_SYNC_MODE_NONE)
- route_table_sync = NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN;
+ route_table_sync = NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN_AND_NM_ROUTES;
if (any_dirty)
_obj_states_track_prune_dirty(self, TRUE);
@@ -5026,6 +5026,8 @@ _l3_commit_one(NML3Cfg *self,
}
if (c_list_is_empty(&self->priv.p->blocked_lst_head_x[IS_IPv4])) {
+ gs_unref_ptrarray GPtrArray *routes_old = NULL;
+
addresses_prune =
nm_platform_ip_address_get_prune_list(self->priv.platform,
addr_family,
@@ -5033,10 +5035,26 @@ _l3_commit_one(NML3Cfg *self,
nm_g_array_data(ipv6_temp_addrs_keep),
nm_g_array_len(ipv6_temp_addrs_keep));
+ if (route_table_sync == NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN_AND_NM_ROUTES) {
+ NMDedupMultiIter iter;
+ const NMPObject *rt_obj;
+
+ routes_old = g_ptr_array_new();
+ nm_l3_config_data_iter_obj_for_each (&iter,
+ l3cd_old,
+ &rt_obj,
+ NMP_OBJECT_TYPE_IP_ROUTE(IS_IPv4))
+ g_ptr_array_add(routes_old, (gpointer) rt_obj);
+
+ nm_platform_route_objs_sort(routes_old, NM_PLATFORM_IP_ROUTE_CMP_TYPE_SEMANTICALLY);
+ }
+
routes_prune = nm_platform_ip_route_get_prune_list(self->priv.platform,
addr_family,
self->priv.ifindex,
- route_table_sync);
+ route_table_sync,
+ routes_old);
+
_obj_state_zombie_lst_prune_all(self, addr_family);
}
} else {
diff --git a/src/core/nm-manager.c b/src/core/nm-manager.c
index 0a7e7b2e4a..a673279712 100644
--- a/src/core/nm-manager.c
+++ b/src/core/nm-manager.c
@@ -462,21 +462,24 @@ static GVariant *
_version_info_get(void)
{
const guint32 arr[] = {
+ /* The array contains as first element NM_VERSION, which can be
+ * used to numerically compare the version (see also NM_ENCODE_VERSION,
+ * nm_utils_version(), nm_encode_version() and nm_decode_version(). */
NM_VERSION,
- };
- /* The array contains as first element NM_VERSION, which can be
- * used to numerically compare the version (see also NM_ENCODE_VERSION,
- * nm_utils_version(), nm_encode_version() and nm_decode_version().
- *
- * The following elements of the array are a bitfield of capabilities.
- * These capabilities should only depend on compile-time abilities
- * (unlike NM_MANAGER_CAPABILITIES, NMCapability). The supported values
- * are from NMVersionInfoCapability enum. This way to expose capabilities
- * is more cumbersome but more efficient compared to NM_MANAGER_CAPABILITIES.
- * As such, it is cheap to add capabilities for something, where you would
- * avoid it as NM_MANAGER_CAPABILITIES due to the overhead.
- */
+ /* The following elements of the array are a bitfield of capabilities.
+ * These capabilities should only depend on compile-time abilities
+ * (unlike NM_MANAGER_CAPABILITIES, NMCapability). The supported values
+ * are from NMVersionInfoCapability enum. This way to expose capabilities
+ * is more cumbersome but more efficient compared to NM_MANAGER_CAPABILITIES.
+ * As such, it is cheap to add capabilities for something, where you would
+ * avoid it as NM_MANAGER_CAPABILITIES due to the overhead.
+ *
+ * Each of the array's elements has 32 bits. This means that capabilities
+ * with index 0-31 goes to element #1, with index 32-63 to element #2,
+ * with index 64-95 to element #3 and so on. */
+ 1 << NM_VERSION_INFO_CAPABILITY_SYNC_ROUTE_WITH_TABLE,
+ };
return nm_g_variant_new_au(arr, G_N_ELEMENTS(arr));
}
diff --git a/src/libnm-core-public/nm-dbus-interface.h b/src/libnm-core-public/nm-dbus-interface.h
index 5eedd7da3a..9c737dbea5 100644
--- a/src/libnm-core-public/nm-dbus-interface.h
+++ b/src/libnm-core-public/nm-dbus-interface.h
@@ -93,16 +93,19 @@
/**
* NMVersionInfoCapability:
- * %_NM_VERSION_INFO_CAPABILITY_UNUSED: a dummy capability. It has no meaning,
- * don't use it.
+ * @NM_VERSION_INFO_CAPABILITY_SYNC_ROUTE_WITH_TABLE: Contains the fix to a bug that
+ * caused that routes in table other than main were not removed on reapply nor
+ * on connection down.
+ * https://issues.redhat.com/browse/RHEL-66262
+ * https://issues.redhat.com/browse/RHEL-67324
*
- * Currently no enum values are defined. These capabilities are exposed
- * on D-Bus in the "VersionInfo" bit field.
+ * The numeric values represent the bit index of the capability. These capabilities
+ * can be queried in the "VersionInfo" D-Bus property.
*
* Since: 1.42
*/
typedef enum {
- _NM_VERSION_INFO_CAPABILITY_UNUSED = 0x7FFFFFFFu,
+ NM_VERSION_INFO_CAPABILITY_SYNC_ROUTE_WITH_TABLE = 0,
} NMVersionInfoCapability;
/**
diff --git a/src/libnm-platform/nm-platform.c b/src/libnm-platform/nm-platform.c
index ac2ecb421c..6523fb8a98 100644
--- a/src/libnm-platform/nm-platform.c
+++ b/src/libnm-platform/nm-platform.c
@@ -61,6 +61,8 @@ G_STATIC_ASSERT(sizeof(((NMPlatformLink *) NULL)->l_address.data) == _NM_UTILS_H
G_STATIC_ASSERT(sizeof(((NMPlatformLink *) NULL)->l_perm_address.data) == _NM_UTILS_HWADDR_LEN_MAX);
G_STATIC_ASSERT(sizeof(((NMPlatformLink *) NULL)->l_broadcast.data) == _NM_UTILS_HWADDR_LEN_MAX);
+static int _route_objs_cmp_values(gconstpointer a, gconstpointer b, gpointer user_data);
+
static const char *
_nmp_link_port_data_to_string(NMPortKind port_kind,
const NMPlatformLinkPortData *port_data,
@@ -4872,11 +4874,24 @@ nm_platform_ip_address_get_prune_list(NMPlatform *self,
return result;
}
+static gboolean
+_route_obj_find_bsearch(GPtrArray *sorted_routes_objs, const NMPObject *route_obj)
+{
+ gssize pos =
+ nm_ptrarray_find_bsearch((gconstpointer *) sorted_routes_objs->pdata,
+ sorted_routes_objs->len,
+ route_obj,
+ _route_objs_cmp_values,
+ GINT_TO_POINTER((int) NM_PLATFORM_IP_ROUTE_CMP_TYPE_SEMANTICALLY));
+ return pos >= 0;
+}
+
GPtrArray *
nm_platform_ip_route_get_prune_list(NMPlatform *self,
int addr_family,
int ifindex,
- NMIPRouteTableSyncMode route_table_sync)
+ NMIPRouteTableSyncMode route_table_sync,
+ GPtrArray *sorted_old_routes_objs)
{
NMPLookup lookup;
GPtrArray *routes_prune = NULL;
@@ -4891,9 +4906,20 @@ nm_platform_ip_route_get_prune_list(NMPlatform *self,
nm_assert(NM_IN_SET(route_table_sync,
NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN,
NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_EXCEPT_LOCAL,
+ NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN_AND_NM_ROUTES,
NM_IP_ROUTE_TABLE_SYNC_MODE_ALL,
NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE));
+ if (route_table_sync == NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN_AND_NM_ROUTES) {
+ nm_assert(sorted_old_routes_objs);
+ nm_assert(nm_utils_ptrarray_is_sorted(
+ (gconstpointer *) sorted_old_routes_objs->pdata,
+ sorted_old_routes_objs->len,
+ FALSE,
+ _route_objs_cmp_values,
+ GINT_TO_POINTER((int) NM_PLATFORM_IP_ROUTE_CMP_TYPE_SEMANTICALLY)));
+ }
+
nmp_lookup_init_object_by_ifindex(&lookup,
NMP_OBJECT_TYPE_IP_ROUTE(NM_IS_IPv4(addr_family)),
ifindex);
@@ -4915,6 +4941,11 @@ nm_platform_ip_route_get_prune_list(NMPlatform *self,
if (!nm_platform_route_table_is_main(nm_platform_ip_route_get_effective_table(&rt->rx)))
continue;
break;
+ case NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN_AND_NM_ROUTES:
+ if (!nm_platform_route_table_is_main(nm_platform_ip_route_get_effective_table(&rt->rx))
+ && !_route_obj_find_bsearch(sorted_old_routes_objs, obj))
+ continue;
+ break;
case NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_EXCEPT_LOCAL:
if (nm_platform_ip_route_get_effective_table(&rt->rx) == RT_TABLE_LOCAL)
continue;
@@ -5284,7 +5315,8 @@ nm_platform_ip_route_flush(NMPlatform *self, int addr_family, int ifindex)
routes_prune = nm_platform_ip_route_get_prune_list(self,
AF_INET,
ifindex,
- NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE);
+ NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE,
+ NULL);
success &= nm_platform_ip_route_sync(self, AF_INET, ifindex, NULL, routes_prune, NULL);
}
if (NM_IN_SET(addr_family, AF_UNSPEC, AF_INET6)) {
@@ -5293,7 +5325,8 @@ nm_platform_ip_route_flush(NMPlatform *self, int addr_family, int ifindex)
routes_prune = nm_platform_ip_route_get_prune_list(self,
AF_INET6,
ifindex,
- NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE);
+ NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE,
+ NULL);
success &= nm_platform_ip_route_sync(self, AF_INET6, ifindex, NULL, routes_prune, NULL);
}
return success;
@@ -8767,6 +8800,45 @@ nm_platform_lnk_wireguard_cmp(const NMPlatformLnkWireGuard *a, const NMPlatformL
return 0;
}
+static int
+_route_objs_cmp_values(gconstpointer a, gconstpointer b, gpointer user_data)
+{
+ const NMPObject *a_obj = a;
+ const NMPObject *b_obj = b;
+ NMPlatformIPRouteCmpType cmp_type = GPOINTER_TO_INT(user_data);
+
+ nm_assert(a_obj && b_obj);
+ nm_assert(NMP_OBJECT_CAST_IP_ROUTE(a_obj) && NMP_OBJECT_CAST_IP_ROUTE(b_obj));
+
+ if (NMP_OBJECT_GET_ADDR_FAMILY(a_obj) != NMP_OBJECT_GET_ADDR_FAMILY(b_obj)) {
+ return NMP_OBJECT_GET_ADDR_FAMILY(a_obj) == AF_INET ? 1 : -1;
+ } else if (NMP_OBJECT_GET_ADDR_FAMILY(a_obj) == AF_INET) {
+ return nm_platform_ip4_route_cmp(NMP_OBJECT_CAST_IP4_ROUTE(a_obj),
+ NMP_OBJECT_CAST_IP4_ROUTE(b_obj),
+ cmp_type);
+ } else {
+ return nm_platform_ip6_route_cmp(NMP_OBJECT_CAST_IP6_ROUTE(a_obj),
+ NMP_OBJECT_CAST_IP6_ROUTE(b_obj),
+ cmp_type);
+ }
+}
+
+static int
+_route_objs_cmp(gconstpointer a, gconstpointer b, gpointer user_data)
+{
+ nm_assert(a && b);
+
+ return _route_objs_cmp_values(*((const NMPObject **) a), *((const NMPObject **) b), user_data);
+}
+
+void
+nm_platform_route_objs_sort(GPtrArray *routes_objs, NMPlatformIPRouteCmpType cmp_type)
+{
+ nm_assert(routes_objs);
+
+ g_ptr_array_sort_with_data(routes_objs, _route_objs_cmp, GINT_TO_POINTER((int) cmp_type));
+}
+
void
nm_platform_ip4_rt_nexthop_hash_update(const NMPlatformIP4RtNextHop *obj,
gboolean for_id,
diff --git a/src/libnm-platform/nm-platform.h b/src/libnm-platform/nm-platform.h
index e33be81356..22bf0fdbec 100644
--- a/src/libnm-platform/nm-platform.h
+++ b/src/libnm-platform/nm-platform.h
@@ -2389,7 +2389,8 @@ int nm_platform_ip6_route_add(NMPlatform *self, NMPNlmFlags flags, const NMPlatf
GPtrArray *nm_platform_ip_route_get_prune_list(NMPlatform *self,
int addr_family,
int ifindex,
- NMIPRouteTableSyncMode route_table_sync);
+ NMIPRouteTableSyncMode route_table_sync,
+ GPtrArray *old_routes_objs);
gboolean nm_platform_ip_route_sync(NMPlatform *self,
int addr_family,
@@ -2495,6 +2496,8 @@ int nm_platform_lnk_wireguard_cmp(const NMPlatformLnkWireGuard *a, const NMPlatf
GHashTable *nm_platform_ip4_address_addr_to_hash(NMPlatform *self, int ifindex);
+void nm_platform_route_objs_sort(GPtrArray *routes_objs, NMPlatformIPRouteCmpType cmp_type);
+
int nm_platform_ip4_route_cmp(const NMPlatformIP4Route *a,
const NMPlatformIP4Route *b,
NMPlatformIPRouteCmpType cmp_type);
diff --git a/src/libnm-platform/nmp-base.h b/src/libnm-platform/nmp-base.h
index 9e2e1063a1..3784a78e9d 100644
--- a/src/libnm-platform/nmp-base.h
+++ b/src/libnm-platform/nmp-base.h
@@ -211,6 +211,9 @@ nmp_object_type_to_flags(NMPObjectType obj_type)
* @NM_IP_ROUTE_TABLE_SYNC_MODE_NONE: indicate an invalid setting.
* @NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN: only the main table is synced. For all
* other tables, NM won't delete any extra routes.
+ * @NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN_AND_NM_ROUTES: only the main table is synced,
+ * plus individual routes in other tables added by NM, leaving routes that
+ * were not added by NM untouched.
* @NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_EXCEPT_LOCAL: NM will sync all tables, except
* the local table (255).
* @NM_IP_ROUTE_TABLE_SYNC_MODE_ALL: NM will sync all tables, including the
@@ -222,6 +225,7 @@ nmp_object_type_to_flags(NMPObjectType obj_type)
typedef enum {
NM_IP_ROUTE_TABLE_SYNC_MODE_NONE,
NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN,
+ NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN_AND_NM_ROUTES,
NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_EXCEPT_LOCAL,
NM_IP_ROUTE_TABLE_SYNC_MODE_ALL,
NM_IP_ROUTE_TABLE_SYNC_MODE_ALL_PRUNE,
--
2.47.1
From 2ac691360f265d655b1e2e1caf9344ae0ec6a802 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C3=8D=C3=B1igo=20Huguet?= <ihuguet@redhat.com>
Date: Tue, 10 Dec 2024 10:15:52 +0100
Subject: [PATCH 4/4] l3cfg: get routes to prune from the list of routes
configured by NM
We always sync routes in the main table, but routes in tables other
than main are only pruned if were added by NM, by default. Get the list
of routes to prune from other tables using obj_state->os_nm_configured,
as this tracks what routes were effectively added by NM.
The list should be the same that the one obtained from l3cfg_old. It
could be different if we commited the l3cfg with an NMIPRouteTableSyncMode
of NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN, thus not deleting some routes at
commit time. However, since the previous commit, we never do it.
What all this shows is that starting to use different NMIPRouteTableSyncModes
is probably a bad idea: it will be a source of bugs of routes not being
always synced as users expect, and the use case for them is still to be
known.
(cherry picked from commit c06d130c38a4d4238e18c06f0152f8f1a6bafa7f)
---
src/core/nm-l3cfg.c | 20 +++++++++++---------
1 file changed, 11 insertions(+), 9 deletions(-)
diff --git a/src/core/nm-l3cfg.c b/src/core/nm-l3cfg.c
index 9dd8275b1f..f29cfa1baf 100644
--- a/src/core/nm-l3cfg.c
+++ b/src/core/nm-l3cfg.c
@@ -5036,15 +5036,17 @@ _l3_commit_one(NML3Cfg *self,
nm_g_array_len(ipv6_temp_addrs_keep));
if (route_table_sync == NM_IP_ROUTE_TABLE_SYNC_MODE_MAIN_AND_NM_ROUTES) {
- NMDedupMultiIter iter;
- const NMPObject *rt_obj;
-
- routes_old = g_ptr_array_new();
- nm_l3_config_data_iter_obj_for_each (&iter,
- l3cd_old,
- &rt_obj,
- NMP_OBJECT_TYPE_IP_ROUTE(IS_IPv4))
- g_ptr_array_add(routes_old, (gpointer) rt_obj);
+ GHashTableIter h_iter;
+ ObjStateData *obj_state;
+
+ /* Get list of all the routes that were configured by us */
+ routes_old = g_ptr_array_new_with_free_func((GDestroyNotify) nmp_object_unref);
+ g_hash_table_iter_init(&h_iter, self->priv.p->obj_state_hash);
+ while (g_hash_table_iter_next(&h_iter, (gpointer *) &obj_state, NULL)) {
+ if (NMP_OBJECT_GET_TYPE(obj_state->obj) == NMP_OBJECT_TYPE_IP_ROUTE(IS_IPv4)
+ && obj_state->os_nm_configured)
+ g_ptr_array_add(routes_old, (gpointer) nmp_object_ref(obj_state->obj));
+ }
nm_platform_route_objs_sort(routes_old, NM_PLATFORM_IP_ROUTE_CMP_TYPE_SEMANTICALLY);
}
--
2.47.1

@ -1,60 +0,0 @@
From d9addb0ded2da8b86fa4b6e1cdc4b96f83729afd Mon Sep 17 00:00:00 2001
From: Gris Ge <fge@redhat.com>
Date: Wed, 11 Dec 2024 22:22:59 +0800
Subject: [PATCH 1/1] vpn: Place gateway route to table defined in
ipvx.route-table
Previously, NM create direct route to gateway to main(254) route table
regardless `ipvx.route-table` value.
Fixed by setting `NMPlatformIP4Route.table_any` to `TRUE`.
Resolves: https://issues.redhat.com/browse/RHEL-69901
Signed-off-by: Gris Ge <fge@redhat.com>
(cherry picked from commit 6d06286f1db7421bef1c4dab5fada918c59daf87)
(cherry picked from commit 29f23d3519dbb4dcffc9682fbdfb721cfc0b851c)
(cherry picked from commit 0dc07c5ca4d32b5ea8e104cbad106da9bb5b096d)
---
src/core/vpn/nm-vpn-connection.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/src/core/vpn/nm-vpn-connection.c b/src/core/vpn/nm-vpn-connection.c
index b5a7fc4c29..88c5703a69 100644
--- a/src/core/vpn/nm-vpn-connection.c
+++ b/src/core/vpn/nm-vpn-connection.c
@@ -1242,6 +1242,7 @@ _parent_device_l3cd_add_gateway_route(NML3ConfigData *l3cd,
.gateway = parent_gw.addr4,
.rt_source = NM_IP_CONFIG_SOURCE_VPN,
.metric_any = TRUE,
+ .table_any = TRUE,
};
} else {
route.r6 = (NMPlatformIP6Route){
@@ -1251,6 +1252,7 @@ _parent_device_l3cd_add_gateway_route(NML3ConfigData *l3cd,
.gateway = parent_gw.addr6,
.rt_source = NM_IP_CONFIG_SOURCE_VPN,
.metric_any = TRUE,
+ .table_any = TRUE,
};
}
nm_l3_config_data_add_route(l3cd, addr_family, NULL, &route.rx);
@@ -1267,6 +1269,7 @@ _parent_device_l3cd_add_gateway_route(NML3ConfigData *l3cd,
.plen = 32,
.rt_source = NM_IP_CONFIG_SOURCE_VPN,
.metric_any = TRUE,
+ .table_any = TRUE,
};
} else {
route.r6 = (NMPlatformIP6Route){
@@ -1274,6 +1277,7 @@ _parent_device_l3cd_add_gateway_route(NML3ConfigData *l3cd,
.plen = 128,
.rt_source = NM_IP_CONFIG_SOURCE_VPN,
.metric_any = TRUE,
+ .table_any = TRUE,
};
}
nm_l3_config_data_add_route(l3cd, addr_family, NULL, &route.rx);
--
2.45.0

@ -1,238 +0,0 @@
From 50331402dae72990a268704e4047d6c762572755 Mon Sep 17 00:00:00 2001
From: Wen Liang <wenliang@redhat.com>
Date: Fri, 20 Dec 2024 10:10:25 -0500
Subject: [PATCH 1/1] vpn: fix routing rules support in vpn conenctions
This commit introduces the ability to manage routing rules specifically
for VPN connections. These rules allow finer control over traffic
routing by enabling the specification of policy-based routing for
traffic over the VPN.
- Updated the connection backend to apply rules during VPN activation.
- Ensured proper cleanup of routing rules upon VPN deactivation.
This enhancement improves VPN usability in scenarios requiring advanced
routing configurations, such as split tunneling and traffic
prioritization.
Resolves: https://issues.redhat.com/browse/RHEL-70160
https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/2092
https://gitlab.freedesktop.org/NetworkManager/NetworkManager-ci/-/merge_requests/1842
(cherry picked from commit 308e34a501482d01c1cc6c87c38791ad9f34dc1f)
(cherry picked from commit a24b347e93e37b04aa0f5698efcb462c02517c09)
(cherry picked from commit b5c46f8a8d644e1c5a6dc07e06d5dab3338e9a91)
---
src/core/devices/nm-device.c | 62 +++++++++++++++++++-------------
src/core/devices/nm-device.h | 6 ++++
src/core/vpn/nm-vpn-connection.c | 7 +++-
3 files changed, 50 insertions(+), 25 deletions(-)
diff --git a/src/core/devices/nm-device.c b/src/core/devices/nm-device.c
index f9a2e7e8fe..070ba46495 100644
--- a/src/core/devices/nm-device.c
+++ b/src/core/devices/nm-device.c
@@ -10327,31 +10327,34 @@ lldp_setup(NMDevice *self, NMTernary enabled)
* as externally added ones. Don't restart NetworkManager if
* you care about that.
*/
-static void
-_routing_rules_sync(NMDevice *self, NMTernary set_mode)
+void
+nm_routing_rules_sync(NMConnection *applied_connection,
+ NMTernary set_mode,
+ GPtrArray *(*get_extra_rules)(NMDevice *self),
+ NMDevice *self,
+ NMNetns *netns)
{
- NMDevicePrivate *priv = NM_DEVICE_GET_PRIVATE(self);
- NMPGlobalTracker *global_tracker = nm_netns_get_global_tracker(nm_device_get_netns(self));
- NMDeviceClass *klass = NM_DEVICE_GET_CLASS(self);
+ NMPGlobalTracker *global_tracker = nm_netns_get_global_tracker(netns);
gboolean untrack_only_dirty = FALSE;
gboolean keep_deleted_rules;
gpointer user_tag_1;
gpointer user_tag_2;
- /* take two arbitrary user-tag pointers that belong to @self. */
- user_tag_1 = &priv->v4_route_table;
- user_tag_2 = &priv->v6_route_table;
+ if (self) {
+ user_tag_1 = ((guint32 *) self) + 1;
+ user_tag_2 = ((guint32 *) self) + 2;
+ } else {
+ user_tag_1 = ((guint32 *) applied_connection) + 1;
+ user_tag_2 = ((guint32 *) applied_connection) + 2;
+ }
if (set_mode == NM_TERNARY_TRUE) {
- NMConnection *applied_connection;
NMSettingIPConfig *s_ip;
guint i, num;
int is_ipv4;
untrack_only_dirty = TRUE;
- applied_connection = nm_device_get_applied_connection(self);
-
for (is_ipv4 = 0; applied_connection && is_ipv4 < 2; is_ipv4++) {
int addr_family = is_ipv4 ? AF_INET : AF_INET6;
@@ -10390,10 +10393,10 @@ _routing_rules_sync(NMDevice *self, NMTernary set_mode)
}
}
- if (klass->get_extra_rules) {
+ if (get_extra_rules) {
gs_unref_ptrarray GPtrArray *extra_rules = NULL;
- extra_rules = klass->get_extra_rules(self);
+ extra_rules = get_extra_rules(self);
if (extra_rules) {
for (i = 0; i < extra_rules->len; i++) {
nmp_global_tracker_track_rule(
@@ -10408,7 +10411,7 @@ _routing_rules_sync(NMDevice *self, NMTernary set_mode)
}
nmp_global_tracker_untrack_all(global_tracker, user_tag_1, !untrack_only_dirty, TRUE);
- if (klass->get_extra_rules)
+ if (get_extra_rules)
nmp_global_tracker_untrack_all(global_tracker, user_tag_2, !untrack_only_dirty, TRUE);
keep_deleted_rules = FALSE;
@@ -10468,8 +10471,8 @@ tc_commit(NMDevice *self)
static void
activate_stage2_device_config(NMDevice *self)
{
- NMDevicePrivate *priv = NM_DEVICE_GET_PRIVATE(self);
- NMDeviceClass *klass;
+ NMDevicePrivate *priv = NM_DEVICE_GET_PRIVATE(self);
+ NMDeviceClass *klass = NM_DEVICE_GET_CLASS(self);
NMActStageReturn ret;
NMSettingWired *s_wired;
gboolean no_firmware = FALSE;
@@ -10494,7 +10497,11 @@ activate_stage2_device_config(NMDevice *self)
priv->tc_committed = TRUE;
}
- _routing_rules_sync(self, NM_TERNARY_TRUE);
+ nm_routing_rules_sync(nm_device_get_applied_connection(self),
+ NM_TERNARY_TRUE,
+ klass->get_extra_rules,
+ self,
+ nm_device_get_netns(self));
if (!nm_device_sys_iface_state_is_external_or_assume(self)) {
if (!nm_device_bring_up_full(self, FALSE, TRUE, &no_firmware)) {
@@ -10506,7 +10513,6 @@ activate_stage2_device_config(NMDevice *self)
}
}
- klass = NM_DEVICE_GET_CLASS(self);
if (klass->act_stage2_config_also_for_external_or_assume
|| !nm_device_sys_iface_state_is_external_or_assume(self)) {
NMDeviceStateReason failure_reason = NM_DEVICE_STATE_REASON_NONE;
@@ -13881,7 +13887,11 @@ check_and_reapply_connection(NMDevice *self,
nm_device_activate_schedule_stage3_ip_config(self, FALSE);
- _routing_rules_sync(self, NM_TERNARY_TRUE);
+ nm_routing_rules_sync(nm_device_get_applied_connection(self),
+ NM_TERNARY_TRUE,
+ klass->get_extra_rules,
+ self,
+ nm_device_get_netns(self));
reactivate_proxy_config(self);
@@ -16444,6 +16454,7 @@ static void
nm_device_cleanup(NMDevice *self, NMDeviceStateReason reason, CleanupType cleanup_type)
{
NMDevicePrivate *priv;
+ NMDeviceClass *klass = NM_DEVICE_GET_CLASS(self);
int ifindex;
g_return_if_fail(NM_IS_DEVICE(self));
@@ -16468,8 +16479,8 @@ nm_device_cleanup(NMDevice *self, NMDeviceStateReason reason, CleanupType cleanu
}
/* Call device type-specific deactivation */
- if (NM_DEVICE_GET_CLASS(self)->deactivate)
- NM_DEVICE_GET_CLASS(self)->deactivate(self);
+ if (klass->deactivate)
+ klass->deactivate(self);
ifindex = nm_device_get_ip_ifindex(self);
@@ -16491,8 +16502,11 @@ nm_device_cleanup(NMDevice *self, NMDeviceStateReason reason, CleanupType cleanu
priv->tc_committed = FALSE;
- _routing_rules_sync(self,
- cleanup_type == CLEANUP_TYPE_KEEP ? NM_TERNARY_DEFAULT : NM_TERNARY_FALSE);
+ nm_routing_rules_sync(nm_device_get_applied_connection(self),
+ cleanup_type == CLEANUP_TYPE_KEEP ? NM_TERNARY_DEFAULT : NM_TERNARY_FALSE,
+ klass->get_extra_rules,
+ self,
+ nm_device_get_netns(self));
if (ifindex > 0)
nm_platform_ip4_dev_route_blacklist_set(nm_device_get_platform(self), ifindex, NULL);
@@ -16521,7 +16535,7 @@ nm_device_cleanup(NMDevice *self, NMDeviceStateReason reason, CleanupType cleanu
/* for other device states (UNAVAILABLE, DISCONNECTED), allow the
* device to overwrite the reset behavior, so that Wi-Fi can set
* a randomized MAC address used during scanning. */
- NM_DEVICE_GET_CLASS(self)->deactivate_reset_hw_addr(self);
+ klass->deactivate_reset_hw_addr(self);
}
}
diff --git a/src/core/devices/nm-device.h b/src/core/devices/nm-device.h
index 37eda5c0c8..c3a06c12e6 100644
--- a/src/core/devices/nm-device.h
+++ b/src/core/devices/nm-device.h
@@ -848,4 +848,10 @@ void nm_device_clear_dns_lookup_data(NMDevice *self, const char *reason);
gboolean nm_device_get_allow_autoconnect_on_external(NMDevice *self);
+void nm_routing_rules_sync(NMConnection *applied_connection,
+ NMTernary set_mode,
+ GPtrArray *(*get_extra_rules)(NMDevice *self),
+ NMDevice *self,
+ NMNetns *netns);
+
#endif /* __NETWORKMANAGER_DEVICE_H__ */
diff --git a/src/core/vpn/nm-vpn-connection.c b/src/core/vpn/nm-vpn-connection.c
index 88c5703a69..c14682b8cc 100644
--- a/src/core/vpn/nm-vpn-connection.c
+++ b/src/core/vpn/nm-vpn-connection.c
@@ -905,7 +905,8 @@ fw_call_cleanup(NMVpnConnection *self)
static void
vpn_cleanup(NMVpnConnection *self, NMDevice *parent_dev)
{
- const char *iface;
+ NMVpnConnectionPrivate *priv = NM_VPN_CONNECTION_GET_PRIVATE(self);
+ const char *iface;
/* Remove zone from firewall */
iface = nm_vpn_connection_get_ip_iface(self, FALSE);
@@ -917,6 +918,8 @@ vpn_cleanup(NMVpnConnection *self, NMDevice *parent_dev)
fw_call_cleanup(self);
_l3cfg_l3cd_clear_all(self);
+
+ nm_routing_rules_sync(_get_applied_connection(self), NM_TERNARY_FALSE, NULL, NULL, priv->netns);
}
static void
@@ -2278,6 +2281,8 @@ _dbus_signal_ip_config_cb(NMVpnConnection *self, int addr_family, GVariant *dict
_l3cfg_l3cd_set(self, L3CD_TYPE_IP_X(IS_IPv4), l3cd);
+ nm_routing_rules_sync(_get_applied_connection(self), NM_TERNARY_TRUE, NULL, NULL, priv->netns);
+
_check_complete(self, TRUE);
}
--
2.45.0

@ -29,3 +29,35 @@ Alternatively, to migrate only a specific profile, enter:
For further details, see:
* nm-settings-keyfile(5)
* nmcli(1)
Interface renaming
==================
Connection profiles stored in ifcfg-rh format support the renaming of
interfaces via udev. This is done via a helper tool
/usr/lib/udev/rename_device that is invoked by udev to parse the files
in /etc/sysconfig/network-scripts; when the HWADDR and DEVICE
variables are set, the interface that matches the MAC address in
HWADDR is renamed to the name specified in DEVICE.
Connections in keyfile format don't provide the same integration with
udev. The renaming of interfaces must be configured directly in udev,
for example by creating a file:
/etc/systemd/network/70-rename.link
with content:
[Match]
MACAddress=00:11:22:33:44:56
[Link]
Name=ethernet1
Alternatively, a udev rule can also be used, such as:
/etc/udev/rules.d/70-interface-names.rules
with content:
SUBSYSTEM=="net",ACTION=="add",ATTR{address}=="00:11:22:33:44:56",ATTR{type}=="1",NAME="ethernet1"

@ -6,7 +6,7 @@
%global epoch_version 1
%global real_version 1.48.10
%global rpm_version %{real_version}
%global release_version 5
%global release_version 1
%global snapshot %{nil}
%global git_sha %{nil}
%global bcond_default_debug 0
@ -17,6 +17,9 @@
%global obsoletes_ppp_plugin 1:1.5.3
%global obsoletes_initscripts_updown 1:1.36.0-0.6
%global obsoletes_ifcfg_rh 1:1.36.2
%global obsoletes_team 1:1.47.5-3
%global obsoletes_initscripts_ifcfg_rh 1:1.47.5-3
%global obsoletes_dispatcher_routing_rules 1:1.47.5-3
%global nmlibdir %{_prefix}/lib/%{name}
%global nmplugindir %{_libdir}/%{name}/%{version}-%{release}
@ -39,12 +42,19 @@
%global systemd_units_cloud_setup nm-cloud-setup.service nm-cloud-setup.timer
###############################################################################
%bcond_with meson
%if 0%{?fedora} > 40 || 0%{?rhel} >= 10
%bcond_without meson
%else
%bcond_with meson
%endif
%bcond_without adsl
%bcond_without bluetooth
%bcond_without wwan
%if 0%{?rhel} >= 10
%bcond_with team
%else
%bcond_without team
%endif
%bcond_without wifi
%bcond_without ovs
%bcond_without ppp
@ -149,13 +159,18 @@
%global config_plugins_default_ifcfg_rh 1
%endif
%if 0%{?fedora} >= 36 || 0%{?rhel} >= 10
%if 0%{?rhel} >= 10
%global with_ifcfg_rh 0
%global split_ifcfg_rh 0
%elif 0%{?fedora} >= 36
%global with_ifcfg_rh 1
%global split_ifcfg_rh 1
%else
%global with_ifcfg_rh 1
%global split_ifcfg_rh 0
%endif
%if (0%{?fedora} >= 36 && 0%{?fedora} < 39) || 0%{?rhel} >= 9
%if (0%{?fedora} >= 36 && 0%{?fedora} < 39) || 0%{?rhel} == 9
%global ifcfg_warning 1
%else
%global ifcfg_warning 0
@ -208,17 +223,9 @@ Source9: readme-ifcfg-rh-migrated.txt
# These are not bugfixes, hence they are also relevant after
# the next rebase of the source tarball.
# Patch0001: 0001-some.patch
Patch0001: 0001-revert-change-default-value-for-ipv4.dad-timeout-from-0-to-200ms.patch
# Bugfixes that are only relevant until next rebase of the package.
Patch1001: 1001-cloud-setup-allow-bigger-restart-bursts-rhel-56740.patch
Patch1002: 1002-cloud-setup-ensure-azure-places-primary-address-first-rhel-56387.patch
Patch1003: 1003-only-validate-sriov-capability-when-enabled-rhel-58397.patch
Patch1004: 1004-fix-bug-when-deactivating-port-connections-rhel-50747.patch
Patch1005: 1005-fix-validation-of-ovs-dpdk-interface-name-rhel-60022.patch
Patch1006: 1006-remove-routes-added-by-nm-on-reapply-rhel-73013.patch
Patch1007: 1007-vpn-place-gateway-route-to-table-defined-in-ipvx-route-table-rhel-73166.patch
Patch1008: 1008-vpn-support-routing-rules-in-vpn-conenctions-rhel-73167.patch
# Patch1001: 1001-some.patch
Requires(post): systemd
%if 0%{?fedora} || 0%{?rhel} >= 8
@ -251,11 +258,22 @@ Obsoletes: NetworkManager < %{obsoletes_ifcfg_rh}
Requires: wpa_supplicant >= 1:1.1
%endif
%if 0%{?rhel} && 0%{?rhel} >= 10
Obsoletes: NetworkManager-team < %{obsoletes_team}
Obsoletes: NetworkManager-initscripts-ifcfg-rh < %{obsoletes_initscripts_ifcfg_rh}
Obsoletes: NetworkManager-dispatcher-routing-rules < %{obsoletes_dispatcher_routing_rules}
%endif
Conflicts: NetworkManager-vpnc < 1:0.7.0.99-1
Conflicts: NetworkManager-openvpn < 1:0.7.0.99-1
Conflicts: NetworkManager-pptp < 1:0.7.0.99-1
Conflicts: NetworkManager-openconnect < 0:0.7.0.99-1
Conflicts: kde-plasma-networkmanagement < 1:0.9-0.49.20110527git.nm09
%if 0%{?rhel} && 0%{?rhel} >= 10
Conflicts: NetworkManager-team <= 1:1.47.5-3
Conflicts: NetworkManager-initscripts-ifcfg-rh <= 1:1.47.5-3
Conflicts: NetworkManager-dispatcher-routing-rules <= 1:1.47.5-3
%endif
BuildRequires: make
BuildRequires: gcc
@ -544,13 +562,13 @@ This package is intended to be installed by default for server
deployments.
%if %{?with_ifcfg_rh}
%package dispatcher-routing-rules
Summary: NetworkManager dispatcher file for advanced routing rules
Group: System Environment/Base
%if 0%{?split_ifcfg_rh}
Requires: %{name}-initscripts-ifcfg-rh
%endif
Requires: ipcalc
BuildArch: noarch
Provides: %{name}-config-routing-rules = %{epoch}:%{version}-%{release}
Obsoletes: %{name}-config-routing-rules < 1:1.31.0
@ -559,6 +577,7 @@ Obsoletes: %{name}-config-routing-rules < 1:1.31.0
This adds a NetworkManager dispatcher file to support networking
configurations using "/etc/sysconfig/network-scripts/rule-NAME" files
(eg, to do policy-based routing).
%endif
%if %{with nmtui}
@ -602,6 +621,7 @@ like Aliyun, Azure, EC2, GCP are supported.
%endif
%if %{?with_ifcfg_rh}
%package initscripts-updown
Summary: Legacy ifup/ifdown scripts for NetworkManager that replace initscripts (network-scripts)
Group: System Environment/Base
@ -614,7 +634,7 @@ Obsoletes: NetworkManager < %{obsoletes_initscripts_updown}
Installs alternative ifup/ifdown scripts that talk to NetworkManager.
This is only for backward compatibility with initscripts (network-scripts).
Preferably use nmcli instead.
%endif
%prep
%autosetup -p1 -n NetworkManager-%{real_version}
@ -728,7 +748,11 @@ Preferably use nmcli instead.
-Ddbus_conf_dir=%{dbus_sys_dir} \
-Dtests=yes \
-Dvalgrind=no \
%if %{?with_ifcfg_rh}
-Difcfg_rh=true \
%else
-Difcfg_rh=false \
%endif
-Difupdown=false \
%if %{with ppp}
-Dppp=true \
@ -876,7 +900,11 @@ autoreconf --install --force
--enable-more-warnings=yes \
%endif
--with-valgrind=no \
%if %{?with_ifcfg_rh}
--enable-ifcfg-rh=yes \
%else
--enable-ifcfg-rh=no \
%endif
--enable-ifupdown=no \
%if %{with ppp}
--enable-ppp=yes \
@ -939,9 +967,11 @@ cp %{SOURCE8} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts
cp %{SOURCE9} %{buildroot}%{_sysconfdir}/sysconfig/network-scripts/readme-ifcfg-rh.txt
%endif
%if %{?with_ifcfg_rh}
cp examples/dispatcher/10-ifcfg-rh-routes.sh %{buildroot}%{nmlibdir}/dispatcher.d/
ln -s ../no-wait.d/10-ifcfg-rh-routes.sh %{buildroot}%{nmlibdir}/dispatcher.d/pre-up.d/
ln -s ../10-ifcfg-rh-routes.sh %{buildroot}%{nmlibdir}/dispatcher.d/no-wait.d/
%endif
%find_lang %{name}
@ -957,9 +987,10 @@ mkdir -p %{buildroot}%{_prefix}/src/debug/NetworkManager-%{real_version}
cp valgrind.suppressions %{buildroot}%{_prefix}/src/debug/NetworkManager-%{real_version}
%endif
%if %{?with_ifcfg_rh}
touch %{buildroot}%{_sbindir}/ifup
touch %{buildroot}%{_sbindir}/ifdown
%endif
%check
%if %{with meson}
@ -1002,6 +1033,7 @@ fi
%systemd_post %{systemd_units}
%if %{?with_ifcfg_rh}
%post initscripts-updown
if [ -f %{_sbindir}/ifup -a ! -L %{_sbindir}/ifup ]; then
# initscripts package too old, won't let us set an alternative
@ -1010,6 +1042,7 @@ else
/usr/sbin/update-alternatives --install %{_sbindir}/ifup ifup %{_libexecdir}/nm-ifup 50 \
--slave %{_sbindir}/ifdown ifdown %{_libexecdir}/nm-ifdown
fi
%endif
%if %{with nm_cloud_setup}
@ -1029,10 +1062,12 @@ fi
%systemd_preun NetworkManager-wait-online.service NetworkManager-dispatcher.service nm-priv-helper.service
%if %{?with_ifcfg_rh}
%preun initscripts-updown
if [ $1 -eq 0 ]; then
/usr/sbin/update-alternatives --remove ifup %{_libexecdir}/nm-ifup >/dev/null 2>&1 || :
fi
%endif
%if %{with nm_cloud_setup}
@ -1067,7 +1102,7 @@ fi
%{dbus_sys_dir}/org.freedesktop.NetworkManager.conf
%{dbus_sys_dir}/nm-dispatcher.conf
%{dbus_sys_dir}/nm-priv-helper.conf
%if 0%{?split_ifcfg_rh} == 0
%if %{?with_ifcfg_rh} && 0%{?split_ifcfg_rh} == 0
%{dbus_sys_dir}/nm-ifcfg-rh.conf
%endif
%{_sbindir}/%{name}
@ -1095,7 +1130,7 @@ fi
%{_libexecdir}/nm-priv-helper
%dir %{_libdir}/%{name}
%dir %{nmplugindir}
%if 0%{?split_ifcfg_rh} == 0
%if %{?with_ifcfg_rh} && 0%{?split_ifcfg_rh} == 0
%{nmplugindir}/libnm-settings-plugin-ifcfg-rh.so
%endif
%if %{with nmtui}
@ -1117,7 +1152,9 @@ fi
%{_mandir}/man8/NetworkManager-dispatcher.8*
%{_mandir}/man8/NetworkManager-wait-online.service.8*
%dir %{_localstatedir}/lib/NetworkManager
%if %{?with_ifcfg_rh}
%dir %{_sysconfdir}/sysconfig/network-scripts
%endif
%{_datadir}/dbus-1/system-services/org.freedesktop.nm_dispatcher.service
%{_datadir}/dbus-1/system-services/org.freedesktop.nm_priv_helper.service
%{_datadir}/polkit-1/actions/*.policy
@ -1232,11 +1269,12 @@ fi
%{nmlibdir}/conf.d/00-server.conf
%if %{?with_ifcfg_rh}
%files dispatcher-routing-rules
%{nmlibdir}/dispatcher.d/10-ifcfg-rh-routes.sh
%{nmlibdir}/dispatcher.d/no-wait.d/10-ifcfg-rh-routes.sh
%{nmlibdir}/dispatcher.d/pre-up.d/10-ifcfg-rh-routes.sh
%endif
%if %{with nmtui}
%files tui
@ -1267,45 +1305,24 @@ fi
%endif
%if %{?with_ifcfg_rh}
%files initscripts-updown
%{_libexecdir}/nm-ifup
%ghost %attr(755, root, root) %{_sbindir}/ifup
%{_libexecdir}/nm-ifdown
%ghost %attr(755, root, root) %{_sbindir}/ifdown
%endif
%changelog
* Thu Jan 09 2025 Wen Liang <wenliang@redhat.com> - 1:1.48.10-5
- vpn: Support routing rules in vpn conenctions (RHEL-73167)
- vpn: Place gateway route to table defined in ipvx.route-table (RHEL-73166)
* Wed Jan 08 2025 Íñigo Huguet <ihuguet@redhat.com> - 1:1.48.10-4
- Remove routes added by NetworkManager when doing reapply, also those not in main table (RHEL-73013)
* Tue Nov 12 2024 Beniamino Galvani <bgalvani@redhat.com> - 1:1.48.10-3
- Only validate the SR-IOV device capability when SR-IOV is enabled (RHEL-58397)
- Fix bug when deactivating port connections (RHEL-50747)
- Fix validation of ovs-dpdk interface name (RHEL-60022)
* Fri Aug 30 2024 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.48.10-2
- cloud-setup: Allow bigger restart bursts (RHEL-56740)
- cloud-setup: Fix Azure swap of primary and secondary IP addresses (RHEL-56387)
* Thu Aug 22 2024 Íñigo Huguet <ihuguet@redhat.com> - 1:1.48.10-1
- Unblock the autoconnect for children when parent is available (RHEL-46904)
- Fix crash produced by malformed LLDP package when debug logging (RHEL-46199)
- Support reapplying bridge-port VLANs (RHEL-26750)
- Add small backoff time before resync (RHEL-29902)
* Fri Aug 09 2024 Fernando Fernandez Mancera <ferferna@redha.com> - 1:1.46.8-1
* Fri Aug 09 2024 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.48.8-1
- Stop writing offensive terms into keyfiles (RHEL-52597)
- Remove offensive words (RHEL-33368)
- Fix cloned-mac-address race condition with DHCP on ovs-interfaces (RHEL-49796)
* Fri Jul 26 2024 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.48.6-1
- Wait until link is ready before activating for ovs-interface (RHEL-49796)
- Fix rollback on OVS checkpoint (RHEL-31972)
- Assert that the auto-activate list is empty on dispose (RHEL-44345)
* Fri Jul 05 2024 Stanislas Faye <sfaye@redhat.com> 1:1.48.4-1
- Update to 1.48.4 release
@ -1314,13 +1331,12 @@ fi
addresses configured on interfaces, NetworkManager now takes into
account the content of /etc/hosts (RHEL-33435)
* Thu Jun 27 2024 Íñigo Huguet <ihuguet@redhat.com> 1:1.48.2-2
- Add ipcalc as dependency of NetworkManager-dispatcher-routing-rules (RHEL-36648)
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 1:1.48.2-1.1
- Bump release for June 2024 mass rebuild
* Mon Jun 24 2024 Beniamino Galvani <bgalvani@redhat.com> 1:1.48.2-1
- Update to 1.48.2 release
- Save connection timestamps when shutting down (RHEL-35539)
- Fix regression with OpenVPN dynamic challenge (RHEL-43720)
* Thu May 30 2024 Lubomir Rintel <lkundrak@v3.sk> - 1:1.48.0-1
- Upgrade to 1.48.0 release
@ -1328,210 +1344,96 @@ fi
* Thu May 16 2024 Lubomir Rintel <lkundrak@v3.sk> - 1:1.47.91-1
- Upgrade to 1.47.91 (rc2)
* Mon May 06 2024 Ján Václav <jvaclav@redhat.com> - 1:1.47.90-2
- Use meson to build by default for RHEL 10 (from upstream)
* Fri May 03 2024 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.47.90-1
- Upgrade to 1.47.90 (rc1)
* Fri Apr 19 2024 Íñigo Huguet <ihuguet@redhat.com> - 1:1.47.5-1
- Fix a crash during shutdown (RHEL-29856)
* Fri Apr 05 2024 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.47.4-1
- Fix LLDP support for interfaces attached to OVS bridges. (RHEL-1418)
- Fix NMCI crashes on ovs_mtu and bond tests. (RHEL-30348)
* Wed Apr 03 2024 Fernando Fernandez Mancera <ferferna@redhat.com> - 1.47.3-2
- Rebuild for CI gating
* Tue Mar 26 2024 Gris Ge <fge@redhat.com> - 1.47.3-1
- Upgrade to 1.47.3 release (development)
- Support rollback on global DNS (RHEL-23446)
- Support VLAN over OVS interface which holds the same name as OVS bridge (RHEL-26753)
* Fri Mar 08 2024 Íñigo Huguet <ihuguet@redhat.com>
- Update to 1.47.2 release (development)
- Support sending DHCPRELEASE (RHEL-17310)
* Thu Feb 22 2024 Stanislas FAYE <sfaye@redhat.com>
- Update to 1.46.0 release
- Fix DHCPv4 lease can't be renewed after it expires (RHEL-24127)
- Support the MACsec offload mode (RHEL-24337)
- Support creating generic devices via external "device-handler" dispatcher (RHEL-1567)
- Support changing the eswitch mode (RHEL-1441)
* Fri Feb 09 2024 Íñigo Huguet <ihuguet@redhat.com> - 1.45.91-1
- Update to 1.45.91 release (release candidate)
- Support changing the DSCP header field for DHCP packets, and set the default to CS0 (RHEL-16040)
- Deprecate connection.autoconnect-slaves in favour of autoconnect-ports (RHEL-17621)
- Don't reset bridge's PVID in reapply if it didn't change (RHEL-21576)
* Thu Jan 25 2024 Stanislas FAYE <sfaye@redhat.com> - 1.45.90-1
- Update to 1.45.90 release (release candidate)
- Deprecate and Replace connection.slave-type in libnm-core and libnm (RHEL-17620)
- [RFE] Support assigning IPv4 static route to interface without IPv4 address (RHEL-5098)
* Mon Jan 15 2024 Stanislas FAYE <sfaye@redhat.com> - 1.45.10-1
- Update to 1.45.10 (development)
- Deprecate and Replace connection.master in libnm-core and libnm (RHEL-17619)
* Thu Dec 14 2023 Ján Václav <jvaclav@redhat.com> - 1.45.9-1
- Update to 1.45.9 (development)
- Add support for PRP/HSR interface (RHEL-5852)
- Drop support for the 'slaves-order' option in NetworkManager.conf (RHEL-19437)
- Return error when setting invalid IP addresses or properties via D-Bus (RHEL-19315)
- Fix extra route being created besides ECMP route (RHEL-1682)
* Wed Nov 29 2023 Beniamino Galvani <bgalvani@redhat.com> - 1.45.8-1
- Update to 1.45.8 (development)
- Introduce "stable-ssid" option for wifi.cloned-mac-address property (RHEL-16470)
* Thu Nov 16 2023 Íñigo Huguet <ihuguet@redhat.com> - 1.45.7-1
- Update to 1.45.7 release (development)
- Migrate to SPDX license
* Wed Nov 1 2023 Beniamino Galvani <bgalvani@redhat.com> - 1.45.6-1
- Update to 1.45.6 release (development)
- Fix ovs activation with netdev datapath and cloned MAC (RHEL-5886)
* Wed Oct 18 2023 Íñigo Huguet <ihuguet@redhat.com> - 1.45.5-1
- Update to 1.45.5 release (development)
- Various fixes to Duplicate Address Detection (DAD) (RHEL-1581, RHEL-1411)
- New option to avoid sending the DHCPv4 client-identifier (RHEL-1469)
- Support setting channels in ethtool options (RHEL-1471)
* Wed Oct 04 2023 Íñigo Huguet <ihuguet@redhat.com> - 1.45.4-1
- Update to 1.45.4 release (development)
- Add 'dns-change' dispatcher event (RHEL-1671)
* Fri Sep 22 2023 Beniamino Galvani <bgalvani@redhat.com> - 1.45.3-1
- Update to 1.45.3 release (development)
- Improve explanation of the format and routes properties in keyfile man page (RHEL-1407)
- Improve nm-settings-nmcli manpage to show format and valid values of properties (RHEL-2465)
- Honor the autoactivate priority for port connections (RHEL-2202)
- Properly document valid values for ip-tunnel properties (RHEL-1459)
* Wed Sep 6 2023 Beniamino Galvani <bgalvani@redhat.com> - 1.45.2-1
- update to 1.45.2 release (development)
* Mon Sep 04 2023 Gris Ge <fge@redhat.com> - 1.44.0-4
- Rebuild for RHEL 9.4
* Wed Aug 30 2023 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.44.0-3
- checkpoint: Fix segfault crash when rollback (rhel-1526)
* Wed Aug 23 2023 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.44.0-2
- manager: ensure device is exported on D-Bus in authentication request (rh #2210271)
* Thu Aug 10 2023 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.44.0-1
- update to 1.44.0 release
- nmcli: add nmcli version mismatch warning (rh #2173196)
- checkpoint: preserve devices that were removed and readded (rh #2177590)
* Wed Jul 26 2023 Wen Liang <wenliang@redhat.com> - 1:1.43.90-1
- update to 1.43.90 release (release candidate)
- manager: allow controller activation if device is deactivating (rh #2125615)
- assume: change IPv6 method from "ignore" and "disabled" into "auto" for loopback device (rh #2207878)
- device: delete software device when lose carrier and is controller (rh #2224479)
- core: better handle ignore-carrier=no for bond/bridge/team devices (rh #2180363)
* Wed Jul 12 2023 Beniamino Galvani <bgalvani@redhat.com> - 1:1.43.11-1
- update to 1.43.11 release (development)
- fix assertion about missing ifindex when resetting MAC (rh #2215022)
- fix wrong order of entries in resolv.conf after reconnect (rh #2218448)
- do not fail activation when SR-IOV VF parameters can't be applied (rh #2210164)
- warn that the ifcfg-rh plugin is deprecated (rh #2190375)
* Wed Apr 24 2024 Stanislas Faye <sfaye@redhat.com> - 1:1.47.5-2
- Disable deprecated features (team, ifcfg-rh) on future RHEL versions
* Fri Apr 19 2024 Íñigo Huguet <ihuguet@redhat.com> - 1:1.47.4-1
- Upgrade to 1.47.5 (development)
* Mon Apr 08 2024 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.47.4-1
- Upgrade to 1.47.4 (development)
* Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.45.9-1.2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.45.9-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
* Fri Dec 15 2023 Íñigo Huguet <ihuguet@redhat.com> - 1:1.45.9-1
- Update to 1.45.9 release (development)
- Dropped the support to build with Python 2
* Thu Nov 2 2023 Íñigo Huguet <ihuguet@redhat.com> - 1:1.44.2-2
- migrated to SPDX license
* Tue Oct 3 2023 Beniamino Galvani <bgalvani@redhat.com> - 1:1.44.2-1
- Update to 1.44.2 release
* Thu Aug 10 2023 Beniamino Galvani <bgalvani@redhat.com> - 1:1.44.0-1
- Update to 1.44.0 release
- Enable automatic migration of ifcfg profiles to keyfile:
https://fedoraproject.org/wiki/Changes/MigrateIfcfgToKeyfile
* Fri Jul 28 2023 Beniamino Galvani <bgalvani@redhat.com> - 1:1.43.90-1
- Update to 1.44-rc1 (1.43.90) (release candidate)
* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.43.10-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
* Wed Jun 14 2023 Thomas Haller <thaller@redhat.com> - 1:1.43.10-1
- Update to 1.43.10 release (development)
- fix reading infiniband p-key from ifcfg files (rh #2209974)
- improve autoconnect when selecting controller (rh #2121451)
- fix managing devices after network reconnect (rh #2149012)
- better handle ignore-carrier for bond/bridge/team (rh #2180363)
- cloud-setup: block wait-online while configuration is ongoing (rh #2151040)
- cloud-setup: avoid leaving half configured system (rh #2207812)
- cloud-setup: log warning when no provider detected (rh #2214880)
- cloud-setup: fix RPM description (rh #2214491)
* Wed May 31 2023 Thomas Haller <thaller@redhat.com> - 1:1.43.9-1
- Update to 1.43.9 release (development)
- improve autoconnect logic for port/controller configurations (rh #2121451)
- fix handling external devices during network off/on (rh #2149012)
* Tue May 16 2023 Beniamino Galvani <bgalvani@redhat.com> - 1:1.43.8-1
* Wed May 17 2023 Beniamino Galvani <bgalvani@redhat.com> - 1:1.43.8-1
- Update to 1.43.8 release (development)
- ipv6ll: don't regenerate the address when it's removed externally (rh #2196441)
* Wed May 3 2023 Thomas Haller <thaller@redhat.com> - 1:1.43.7-1
* Thu May 4 2023 Thomas Haller <thaller@redhat.com> - 1:1.43.7-1
- Update to 1.43.7 release (development)
- bond: support port priorities (rh #2152304)
- ovs: fix autoconnect race (rh #2152864)
* Wed Apr 19 2023 Beniamino Galvani <bgalvani@redhat.com> - 1:1.43.6-1
* Thu Apr 20 2023 Beniamino Galvani <bgalvani@redhat.com> - 1:1.43.6-1
- Update to 1.43.6 release (development)
- fix assertion failure when renewing DHCP lease (rh #2179890)
- emit the dhcp-change dispatcher script event on lease renewal (rh #2179537)
- ensure the NetworkManager is restarted when dbus is restarted (rh #2161915)
- add support for the "no-aaaa" resolv.conf option (rh #2176137) -
* Wed Apr 05 2023 Lubomir Rintel <lkundrak@v3.sk> - 1:1.43.5-1
* Tue Apr 18 2023 Adam Williamson <awilliam@redhat.com> - 1:1.43.5-3
- Fix ppp version discovery
* Tue Apr 18 2023 Adam Williamson <awilliam@redhat.com> - 1:1.43.5-2
- Rebuild for ppp 2.5.0
* Wed Apr 5 2023 Lubomir Rintel <lkundrak@v3.sk> - 1:1.43.5-1
- Update to 1.43.5 release (development)
- cloud-init/ec2: use right HTTP method for IMDSv2 (rh #2179718)
- core: request a bus name only when dbus objects are present (rh #2175919)
- core: fix autoconnect retry count tracking (rh #2174353)
- core: fix retry on netlink socket buffer exhaustion (rh #2169512)
- ovs: fix a race condition on port detachment (rh #2054933)
* Wed Mar 22 2023 Thomas Haller <thaller@redhat.com> - 1:1.43.4-1
- Update to 1.43.4 release (development)
- core: fix handling of IPv4 prefsrc routes with ACD (rh #2046293)
- core: don't configure static routes without addresses (rh #2102212)
- core: fix race activating VLAN devices (rh #2155991)
* Thu Mar 09 2023 Lubomir Rintel <lkundrak@v3.sk> - 1:1.43.3-1
* Wed Mar 8 2023 Lubomir Rintel <lkundrak@v3.sk> - 1:1.43.3-1
- Update to an early 1.44 snapshot
- cloud-setup: add IDMSv2 support (rh #2151986)
- core: add [link] setting (rh #2158328)
- dhcp: expose client ID, DUID and IAID that have been used (rh #2169869)
- ovs: ensure device has a proper MAC address once we start dhcp (rh #2168477)
- team: fix assumption of team port management (rh #2092215)
* Thu Feb 23 2023 Beniamino Galvani <bgalvani@redhat.com> - 1:1.42.2-1
- Update to 1.42.2 release
- fix hostname lookup from IPv6 address (rh #2167816)
- add new connection property to remove the autogenerated local route rule (rh #2167805)
- fix race condition while setting the MAC of a OVS interface (rh #2168477)
- expose the DHCP IAID in the lease information (rh #2169869)
* Fri Feb 10 2023 Thomas Haller <thaller@redhat.com> - 1:1.42.0-1
- Update to 1.42.0 release
- Upgrade to 1.42.0 release
* Thu Jan 26 2023 Lubomir Rintel <lkundrak@v3.sk> - 1:1.41.91-1
- Update to 1.41.91 release (release candidate)
- core: retry if a rtnetlink socket runs out of buffer space (rh #2154350)
- dns: allow changing resolv.conf options alone via global-dns (rh #2019306)
* Fri Jan 20 2023 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.41.90-1
- Update to 1.41.90 release (release candidate)
- l3cfg: schedule an update after every commit-type/config-data register/unregister (rh #2158394)
- all: add support for ovs-dpdk n-rxq-desc and n-txq-desc (rh #2156385)
- core: fix consistency for internal cache for IPv6 routes (rh #2060684)
* Fri Jan 20 2023 Fernando Fernandez Mancera <ffmancera@riseup.net> - 1:1.41.90-1
- Update to 1.42-rc1 (1.41.90) (release candidate)
- Upstream sync specfile
* Wed Jan 11 2023 Beniamino Galvani <bgalvani@redhat.com> - 1:1.41.8-1
- Update to 1.41.8 release (development)
- core: add support for equal-cost multi-path (ECMP) routes (rh #2081302)
- device: preserve the DHCP lease during reapply (rh #2117352)
- ovs: add support for 'other_config' settings (rh #2151455)
* Wed Jan 18 2023 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.41.8-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
* Wed Dec 21 2022 Thomas Haller <thaller@redhat.com> - 1:1.41.7-2
- core: avoid infinite autoconnect with multi-connect profiles (rh #2150000)
* Mon Jan 16 2023 Beniamino Galvani <bgalvani@redhat.com> - 1:1.41.8-1
- Update to 1.41.8 release (development)
* Thu Dec 15 2022 Lubomir Rintel <lkundrak@v3.sk> - 1:1.41.7-1
- Update to 1.41.7 release (development)
- macsec: fix tracking of parent ifindex (rh #2122564)
- cloud-setup: set preserve-external-ip flag during reapply (rh #2132754)
* Wed Nov 30 2022 Thomas Haller <thaller@redhat.com> - 1:1.41.6-1
- Update to 1.41.6 release (development)
- add support for loopback interfaces (rh #2073512)
- ovs: support VLAN trunks for OVS port (rh #2111959)
* Fri Nov 18 2022 Thomas Haller <thaller@redhat.com> - 1:1.41.5-1
- Update to 1.41.5 release (development)
@ -1540,210 +1442,133 @@ fi
- fix generating stable UUIDs for keyfile (gitlab#1130)
* Wed Nov 2 2022 Wen Liang <wenliang@redhat.com> - 1:1.41.4-1
- Update to 1.41.4 release (development)
- device: don't emit recheck-assume if there is a queued activation request (rh #2092215)
- device: allow configuration of VLAN on an unmanaged interface (rh #2110307)
- Upgrade to 1.41.4 release
* Fri Oct 14 2022 Beniamino Galvani <bgalvani@redhat.com> - 1:1.41.3-1
- Update to 1.41.3 release (development)
- core: fix reapply of mptcp-flags (rh #2120471)
- core: fix autoconnection for devices with a unrealized parent (rh #2101317)
- device: fix hanging port devices when controller goes down (rh #2130287)
- bond: add "balance-slb" option which implements source load balancing (rh #2128216)
- bond: fix setting primary option when the interface is missing (rh #2126347)
* Tue Oct 18 2022 Beniamino Galvani <bgalvani@redhat.com> - 1:1.41.3-1
- Upgrade to 1.41.3 release
* Fri Aug 26 2022 Ana Cabral <acabral@redhat.com> - 1:1.40.0-1
- Update to 1.40.0 release
* Fri Aug 26 2022 Thomas Haller <thaller@redhat.com> - 1:1.40.0-1
- Upgrade to 1.40.0 release
* Tue Aug 16 2022 Ana Cabral <acabral@redhat.com> - 1:1.39.90-1
- Update to 1.39.90 release (release candidate)
- Add support for MPTCP (rh #2029636)
- nmcli: fix assertion failure (rh #2092323)
- bond: fix arp_ip_target option (rh #2117202)
- nmci: fix test restart_L2_only_lacp (rh #2092361)
* Fri Jul 29 2022 Lubomir Rintel <lkundrak@v3.sk> - 1:1.39.12-1
- Update to 1.39.12 release (development)
- bridge: fix reapply support (rh #2092762)
- Upgrade to 1.40-rc1 (1.39.90) (release candidate)
- Upstream sync
* Thu Jul 28 2022 Beniamino Galvani <bgalvani@redhat.com> - 1:1.39.11-1
- Update to 1.39.11 release (development)
- core: support nm.debug kernel command line option (rh #2102313)
- ovs: don't ever move unactivated devices to failed state (rh #2077950)
- dhclient: fix EXTENDED DHCP event handling (rh #2109285)
- core: make "nmcli net off/on" more robust (rh #2093175)
- bridge: add reapply support (rh #2092762)
- bridge: don't reset vlan filtering on external connections (rh #2107647)
* Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.39.10-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
* Thu Jul 14 2022 Vojtech Bubela <vbubela@redhat.com> - 1:1.39.10-1
- Update to 1.39.10 release (development)
- add support for {rto_min,quickack,advmss} route attributes (rh #2068525)
- fix empty hostname for "SaveHostname" and make setting hostname async (rh #2090946)
* Thu Jun 30 2022 Lubomir Rintel <lkundrak@v3.sk> - 1:1.39.8-1
- Update to 1.39.8 release (development)
- core: make ipv6.addr-gen-mode default configurable (rh #1743161) (rh #2082682)
- dhcpv6: finish DAD before considering a lease to be good (rh #2096386)
- core: add connection.wait-activation-delay property (rh #2008337)
* Thu Jun 16 2022 Thomas Haller <thaller@redhat.com> - 1:1.39.7-2
- fix priority of IPv6 addresses to prefer manual over DHCPv6 over SLAAC (rh #2097293)
- reverse order of priority for static IPv6 addresses in "ipv6.addresses" (rh #2097293)
* Wed Jun 15 2022 Lubomir Rintel <lkundrak@v3.sk> - 1:1.39.7-1
- Update to 1.39.7 release (development)
- core: cancel the IP check on deactivation (rh #2080928)
- core: ensure DHCP is restarted every time the link goes up (rh #2079406)
- core: fix a leak of L3 configuration memory (rh #2083453)
- ppp: fix a race with pppd when removing addresses (rh #2085382)
- wifi: fix a crash when checking WEP supplicant capability (rh #2092782)
* Wed Jun 1 2022 Beniamino Galvani <bgalvani@redhat.com> - 1:1.39.6-1
- Update to 1.39.6 release (development)
- Implement ACD (address conflict detection) for DHCPv4 (rh #1713380)
* Thu May 19 2022 Ana Cabral <acabral@redhat.com> - 1:1.39.5-1
- Update to 1.39.5 release (development)
- dhcp: fix ignoring addresses with DHCPv6 otherconf (O flag) (rh #2083968)
- cloud-setup: reorder addresses to honor "primary_ip_address" (rh #2079849)
* Wed May 4 2022 Wen Liang <wenliang@redhat.com> - 1:1.39.3-1
- Update to 1.39.3 release (development)
- l3cfg: drop NM_L3_CFG_COMMIT_TYPE_ASSUME and assume_config_once (rh #2050216)
* Thu Apr 21 2022 Thomas Haller <thaller@redhat.com> - 1:1.39.2-1
- Update to 1.39.2 release (development)
- dhcp: set "src" attribute for DHCP routes (rh #1995372)
- dhcp: drop internal DHCPv4 client based on systemd code (rh #2073067)
- core: delay startup complete for DNS update (rh #2049421)
- nmcli: support offline mode to create and edit keyfiles (rh #1361145)
* Wed Apr 6 2022 Ana Cabral <acabral@redhat.com> - 1:1.39.0-1
- Upgrade to 1.39.0 release (development)
- Include a migration tool for ifcfg configuration to NM keyfiles
(rh #2059608)
* Mon May 30 2022 Ana Cabral <acabral@redhat.com> - 1:1.38.0-2
- rpm: include an informational file in ifcfg files directory
* Fri May 13 2022 Thomas Haller <thaller@redhat.com> - 1:1.38.0-1
- Upgrade to 1.38.0 release
* Wed May 4 2022 Thomas Haller <thaller@redhat.com> - 1:1.37.92-1
- Upgrade to 1.38-rc3 (1.37.92) (release candidate)
- core: change order in which IPv6 addresses are configured.
* Thu Apr 14 2022 Thomas Haller <thaller@redhat.com> - 1:1.37.91-1
- Upgrade to 1.38-rc2 (1.37.91) (release candidate)
* Wed Apr 6 2022 Ana Cabral <acabral@redhat.com> - 1:1.37.90-1
- Upgrade to 1.38-rc1 (1.37.90) (release candidate)
* Thu Mar 24 2022 Lubomir Rintel <lkundrak@v3.sk> - 1:1.37.3-1
- Upgrade to 1.37.3 release (development)
- core: allow reapply on autoconnect-slaves property change (rh #2065049)
- wifi: do not advertise channels outside regulatory domain (rh #2062785)
- wifi: warn about WEP being phased out (rh #2030997)
- bond: reject reapply when fail_over_mac was changed (rh #2003214)
* Wed Mar 9 2022 Beniamino Galvani <bgalvani@redhat.com> - 1:1.37.2-1
- Upgrade to 1.37.2 release (development)
- core: preserve external ports during checkpoint rollback (rh #2061711)
- core: fix ovs bridge deletion (rh #2061709)
- core: shorten hostname when too long (rh #2033643)
- nm-online: bump the timeout upper limit to 2073600 seconds (rh #2025617)
- cloud-setup: fix crash when handling sigterm (rh #2027674)
* Mon Feb 28 2022 Beniamino Galvani <bgalvani@redhat.com> - 1:1.36.0-2
- core: fix setting DNS from WWAN and PPP (rh #2059138)
* Tue Mar 22 2022 Beniamino Galvani <bgalvani@redhat.com> - 1:1.36.4-1
- Update to 1.36.4 release
* Mon Mar 7 2022 Beniamino Galvani <bgalvani@redhat.com> - 1:1.36.2-1
- Update to 1.36.2 release
- Split ifcfg-rh settings plugin into subpackage NetworkManager-initscripts-ifcfg-rh
* Thu Feb 24 2022 Lubomir Rintel <lkundrak@v3.sk> - 1:1.36.0-1
- Upgrade to 1.36.0 release
- core: avoid losing L3 configuration the second time it's applied (rh #2043514)
- ovs: avoid removing OVSDB entries on daemon shutdown (rh #2055665)
- nmcli: fix defaults for some properties on interactive add (rh #2053603)
* Sat Feb 19 2022 Lubomir Rintel <lkundrak@v3.sk> - 1:1.36.0-0.10
- Upgrade to 1.35.92 (release candidate)
- ppp: increase disconnect timeout (rh #2049596)
- core: finish activation after all objects are committed (rh #2043133)
- ipv6: add support for multipath routes (rh #1837254)
- keyfile: do not write empty string list properties (rh #2022623)
- Update to 1.36.0 release
* Sat Feb 19 2022 Lubomir Rintel <lkundrak@v3.sk> - 1:1.36.0-0.11
- Update to 1.36-rc3 (1.35.92) (release candidate)
* Thu Feb 10 2022 Lubomir Rintel <lkundrak@v3.sk> - 1:1.36.0-0.10
- Update to 1.36-rc2 (1.35.91) (release candidate)
* Fri Feb 04 2022 Lubomir Rintel <lkundrak@v3.sk> - 1:1.36.0-0.9
- Upgrade to 1.35.91 release (release candidate)
- bond: fix duplicate IPv4 address detection (rh #2028751)
- core: add support for blackhole routes (rh #1937823) (rh #2013587)
- core: re-assess IP configuration if one IP family times out (rh #2051904)
* Fri Feb 04 2022 Lubomir Rintel <lkundrak@v3.sk> - 1:1.36.0-0.8
- Upgrade to 1.35.90 release (release candidate)
- ovs: remove ovsdb entry on interface removal (rh #2047302)
- ovs: properly clean up devices on daemon shutdown (rh #2029937)
- core: avoid losing addresses on handover from initrd to ral root (rh #2047302)
- core: fix a possibe assertion failure in ACD (rh #2047788)
* Fri Jan 28 2022 Thomas Haller <thaller@redhat.com> - 1:1.36.0-0.7
- Upgrade to 1.35.7 release (development)
- core: fix crash related to DHCPv6 leases (rh #2028849)
- wifi: fix stale ActiveAccessPoint in D-Bus (rh #1983735)
- libnm: fix dangling pointer in NMObject (rh #2039331)
- Update to 1.36-rc1 (1.35.90) (release candidate)
* Fri Jan 28 2022 Thomas Haller <thaller@redhat.com> - 1:1.36.0-0.8
- update to an early 1.36 snapshot (1.35.7)
* Thu Jan 27 2022 Thomas Haller <thaller@redhat.com> - 1:1.36.0-0.7
- Revert rework of DHCP client that causes crash
* Wed Jan 26 2022 Thomas Haller <thaller@redhat.com> - 1:1.36.0-0.6
- Upgrade to 1.35.6 release (development)
- Move ifup/ifdown scripts to new NetworkManager-initscripts-updown package (rh #2022418)
- wwan: fix assertion failure in modem/ppp code (rh #2028385)
- core: fix performance regression with 500vlans test (rh #2028849)
- core: drop defective BPF filter for netlink sockets that caused hangs (rh #2037411)
- initrd: add support for rd.znet_ifnames (rh #1980387)
* Thu Jan 20 2022 Thomas Haller <thaller@redhat.com> - 1:1.36.0-0.5
- generate docs during build instead of using pre-generated (rh #2042875)
* Wed Jan 12 2022 Wen Liang <wenliang@redhat.com> - 1:1.36.0-0.4
- Upgrade to 1.35.4 release (development)
- core: don't reset assume state if the device is unmanaged by parent (rh #2012182)
- nm-device: clean up IP methods if we lose ifindex (rh #2012934)
- core: log variant properties in connection diff (rh #2034086)
- update to an early 1.36 snapshot (1.35.6)
- Move ifup/ifdown scripts to new NetworkManager-initscripts-updown package
* Wed Jan 19 2022 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.36.0-0.4.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
* Thu Jan 13 2022 Thomas Haller <thaller@redhat.com> - 1:1.36.0-0.4
- update to an early 1.36 snapshot (1.35.4)
* Thu Dec 16 2021 Wen Liang <wenliang@redhat.com> - 1:1.36.0-0.3
- Upgrade to 1.35.3 release (development)
- device: fix update of the ip-iface property (rh #2026024)
- update to an early 1.36 snapshot (1.35.3)
* Wed Dec 1 2021 Wen Liang <wenliang@redhat.com> - 1:1.36.0-0.2
- Upgrade to 1.35.2 release (development)
* Thu Dec 2 2021 Wen Liang <wenliang@redhat.com> - 1:1.36.0-0.2
- update to an early 1.36 snapshot (1.35.2)
* Thu Nov 18 2021 Beniamino Galvani <bgalvani@redhat.com> - 1:1.36.0-0.1
- Upgrade to 1.35.1 release (development)
* Fri Nov 19 2021 Beniamino Galvani <bgalvani@redhat.com> - 1:1.36.0-0.1
- update to an early 1.36 snapshot (1.35.1)
* Fri Sep 24 2021 Ana Cabral <acabral@redhat.com> - 1:1.34.0-0.1
- Upgrade to 1.33.3 release (development) (rh #1996582)
- Add support of queue_id of bond port (rh #1949127)
* Fri Oct 29 2021 Beniamino Galvani <bgalvani@redhat.com> - 1:1.32.12-2
- better handle systemd-resolved errors when resolving hostnames
* Thu Aug 19 2021 Wen Liang <wenliang@redhat.com> - 1:1.32.10-2
- platform: fix capturing IPv4 addresses from platform for assuming after restart
* Wed Sep 22 2021 Beniamino Galvani <bgalvani@redhat.com> - 1:1.32.12-1
- update to 1.32.12 release
* Thu Aug 19 2021 Wen Liang <wenliang@redhat.com> - 1:1.32.10-1
- Upgrade to 1.32.10 release
* Thu Aug 19 2021 Thomas Haller <thaller@redhat.com> - 1:1.32.10-2
- platform: fix capturing IPv4 addresses from platform for assuming after restart
* Tue Aug 10 2021 Fernando Fernandez Mancera <ferferna@redhat.com> - 1:1.32.8-1
- Upgrade to 1.32.8 release
* Thu Aug 19 2021 Wen Liang <liangwen12year@gmail.com> - 1:1.32.10-1
- update to 1.32.10 release
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1:1.32.6-1.1
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Tue Aug 10 2021 Fernando Fernandez Mancera <ffmancera@riseup.net> - 1:1.32.8-1
- update to 1.32.8 release
* Fri Jul 30 2021 Gris Ge <fge@redhat.com> - 1:1.32.6-1
- Upgrade to 1.32.6 release
* Wed Jul 28 2021 Thomas Haller <thaller@redhat.com> - 1:1.32.6-1
- update to 1.32.6 release
* Tue Jul 27 2021 Gris Ge <fge@redhat.com> - 1:1.32.4-1
- Upgrade to 1.32.4 release
- core/wwan: avoid assertion failure in modem_ip{4,6}_config_result() (rh #1916192)
- bond: support the peer_notif_delay option (rh #1963854)
* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1:1.32.4-1.1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
* Thu Jul 1 2021 Wen Liang <wenliang@redhat.com> - 1:1.32.2-1
- update to 1.32.2 release
- dhcp/systemd: ignore FORCERENEW requests for DHCPV4 (rh #1966123, CVE-2020-13529)
* Tue Jul 20 2021 Thomas Haller <thaller@redhat.com> - 1:1.32.4-1
- update to 1.32.4 release
- default to "nftables" firewall-backend for shared mode.
* Fri Jun 18 2021 Wen Liang <wenliang@redhat.com> - 1:1.32.0-1
* Wed Jun 16 2021 Thomas Haller <thaller@redhat.com> - 1:1.32.0-1
- update to 1.32.0 release
- DNS: fix lookup of hostname via DNS (rh #1956319)
- initrd: fix crash parsing empty rd.znet argument (rh #1931284)
- fix the connection unauthenticated via insecure defaults (rh #1910627, CVE-2020-10754)
- fix NetworkManager crash when setting 'match.path' and activating a profile (rh #1944977, CVE-2021-20297)
* Mon Jun 7 2021 Wen Liang <wenliang@redhat.com> - 1:1.32.0-0.1
- Update to 1.31.5 (development)
- build: install D-Bus service files to '/usr' by default (rh #1969428)
- ethtool: introduce PAUSE support (rh #1959261)
- resolve conflicts in NetworkManager-libnm-devel multilib packages (rh #1915254)
* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 1:1.30.2-1.1
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
- default to "iptables" firewall-backend due to SELinux bug rh #1972911.
* Fri Jun 4 2021 Thomas Haller <thaller@redhat.com> - 1:1.32.0-0.4
- update to 1.32-rc1 (1.31.90) (release candidate)
* Wed May 5 2021 Beniamino Galvani <bgalvani@redhat.com> - 1:1.32.0-0.3
- update to an early 1.32 snapshot (1.31.4)
* Fri Apr 23 2021 Beniamino Galvani <bgalvani@redhat.com> - 1:1.32.0-0.2
- update to an early 1.32 snapshot (1.31.3)
* Thu Mar 25 2021 Beniamino Galvani <bgalvani@redhat.com> - 1:1.32.0-0.1
- update to an early 1.32 snapshot (1.31.2)
* Fri Mar 12 2021 Beniamino Galvani <bgalvani@redhat.com> - 1:1.30.2-1
- update to 1.30.2 release

Loading…
Cancel
Save