NetworkManager

Merge ~danilogondolfo/network-manager/+git/network-manager:fix_veth_activation_on_boot into network-manager:ubuntu/jammy

Git
lp:~danilogondolfo/network-manager/+git/network-manager
fix_veth_activation_on_boot
Merge into ubuntu/jammy

Proposed by Danilo Egea Gondolfo on 2023-09-01

Status:

Work in progress

Proposed branch:

~danilogondolfo/network-manager/+git/network-manager:fix_veth_activation_on_boot

Merge into:

network-manager:ubuntu/jammy

Diff against target:

231 lines (+192/-2)

5 files modified

debian/changelog (+7/-2)
debian/patches/lp2032824/0001-veth-fix-veth-activation-on-booting.patch (+56/-0)
debian/patches/lp2032824/0002-veth-drop-iface-peer-check-during-create_and_realize.patch (+42/-0)
debian/patches/lp2032824/0003-veth-fix-detection-of-existing-interfaces-in-create_.patch (+84/-0)
debian/patches/series (+3/-0)

Undecided

New

Link a bug report

Reviewer	Review Type	Date Requested	Status
Network-manager		2023-09-01	Pending
Review via email: mp+450447@code.launchpad.net

Unmerged commits

264a4fc... by Danilo Egea Gondolfo on 2023-08-31

Changelog

41355b8... by Danilo Egea Gondolfo on 2023-08-31

debian/patches/lp2032824 (LP: #2032824)

Fix for VETHs pairs activation on startup.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

Subscribers

People subscribed via source and target branches

to all changes:

Aron Xu

Danilo Egea Gondolfo

Tony Espy

NetworkManager

Merge ~danilogondolfo/network-manager/+git/network-manager:fix_veth_activation_on_boot into network-manager:ubuntu/jammy

Commit message

Description of the change

Unmerged commits

Preview Diff

Subscribers

 diff --git a/debian/changelog b/debian/changelog
 index d62c327..29b5ef4 100644
 --- a/debian/changelog
 +++ b/debian/changelog
@@ -1,8 +1,13 @@
--network-manager (1.36.6-0ubuntu3) UNRELEASED; urgency=medium
++network-manager (1.36.6-0ubuntu3) jammy; urgency=medium
++  [ Jeremy Bicha ]
    * Fix network-manager-config-connectivity-ubuntu.postinst
-- -- Jeremy Bicha <jbicha@ubuntu.com>  Tue, 29 Nov 2022 15:47:37 -0500
++  [ Danilo Egea Gondolfo ]
++  * debian/patches/lp2032824 (LP: #2032824)
++    Fix for VETHs pairs activation on startup.
++
++ -- Danilo Egea Gondolfo <danilo.egea.gondolfo@canonical.com>  Thu, 31 Aug 2023 12:06:20 +0100
  network-manager (1.36.6-0ubuntu2) jammy; urgency=medium
 diff --git a/debian/patches/lp2032824/0001-veth-fix-veth-activation-on-booting.patch b/debian/patches/lp2032824/0001-veth-fix-veth-activation-on-booting.patch
 new file mode 100644
 index 0000000..aaca951
 --- /dev/null
 +++ b/debian/patches/lp2032824/0001-veth-fix-veth-activation-on-booting.patch
@@ -0,0 +1,56 @@
++From 5eaeb69c4050bb41b7467ee037bb7fbd937eec47 Mon Sep 17 00:00:00 2001
++From: Fernando Fernandez Mancera <ffmancera@riseup.net>
++Date: Mon, 11 Jul 2022 13:34:07 +0200
++Subject: [PATCH 1/3] veth: fix veth activation on booting
++
++When creating one profile for each veth during activation the creation
++of the veth could fail. When the link for the first profile is created
++the link for the peer is generated in kernel. Therefore when trying to
++activate the second profile it will fail because the link already
++exists. NetworkManager must check if the link already exists and
++corresponds to the same veth, if so, it should skip the link creation.
++
++https://bugzilla.redhat.com/show_bug.cgi?id=2036023
++https://bugzilla.redhat.com/show_bug.cgi?id=2105956
++
++Origin: https://gitlab.freedesktop.org/piotrdrag/NetworkManager/-/commit/4655b7c308461ae1f86d592ea6d45e00a2820423
++---
++ src/core/devices/nm-device-veth.c | 15 +++++++++++----
++ 1 file changed, 11 insertions(+), 4 deletions(-)
++
++diff --git a/src/core/devices/nm-device-veth.c b/src/core/devices/nm-device-veth.c
++index 8c95a293d4..63dfd8bbc4 100644
++--- a/src/core/devices/nm-device-veth.c
+++++ b/src/core/devices/nm-device-veth.c
++@@ -82,6 +82,8 @@ create_and_realize(NMDevice              *device,
++                    GError               **error)
++ {
++     const char    *iface = nm_device_get_iface(device);
+++    const char    *peer;
+++    NMDevice      *peer_device;
++     NMSettingVeth *s_veth;
++     int            r;
++
++@@ -96,10 +98,15 @@ create_and_realize(NMDevice              *device,
++         return FALSE;
++     }
++
++-    r = nm_platform_link_veth_add(nm_device_get_platform(device),
++-                                  iface,
++-                                  nm_setting_veth_get_peer(s_veth),
++-                                  out_plink);
+++    peer        = nm_setting_veth_get_peer(s_veth);
+++    peer_device = nm_manager_get_device(NM_MANAGER_GET, peer, NM_DEVICE_TYPE_VETH);
+++    if (peer_device) {
+++        /* The veth device and its peer already exist. No need to create it again. */
+++        if (nm_streq0(nm_device_get_iface(nm_device_parent_get_device(peer_device)), iface))
+++            return TRUE;
+++    }
+++
+++    r = nm_platform_link_veth_add(nm_device_get_platform(device), iface, peer, out_plink);
++     if (r < 0) {
++         g_set_error(error,
++                     NM_DEVICE_ERROR,
++--
++2.40.1
++
 diff --git a/debian/patches/lp2032824/0002-veth-drop-iface-peer-check-during-create_and_realize.patch b/debian/patches/lp2032824/0002-veth-drop-iface-peer-check-during-create_and_realize.patch
 new file mode 100644
 index 0000000..0630ada
 --- /dev/null
 +++ b/debian/patches/lp2032824/0002-veth-drop-iface-peer-check-during-create_and_realize.patch
@@ -0,0 +1,42 @@
++From 88d1637c17a0e5f40a3c78b407bd5e84729eec4b Mon Sep 17 00:00:00 2001
++From: Fernando Fernandez Mancera <ffmancera@riseup.net>
++Date: Tue, 27 Sep 2022 12:26:14 +0200
++Subject: [PATCH 2/3] veth: drop iface peer check during create_and_realize()
++
++When fetching the parent device, if the system is slow, NetworkManager
++can hit a race condition where the property is still NULL. In that case,
++NetworkManager should create the veth link.
++
++Checking that the peer device exists, it is type NM_DEVICE_TYPE_VETH and
++it have a parent device is enough to know that we can skip the link
++creation.
++
++https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1399
++
++https://bugzilla.redhat.com/show_bug.cgi?id=2129829
++
++Fixes: 4655b7c30846 ('veth: fix veth activation on booting')
++
++Origin: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/07e0ab48d194b8bd6663a34887c2e753720ae4d3
++---
++ src/core/devices/nm-device-veth.c | 4 ++--
++ 1 file changed, 2 insertions(+), 2 deletions(-)
++
++diff --git a/src/core/devices/nm-device-veth.c b/src/core/devices/nm-device-veth.c
++index 63dfd8bbc4..c3482e7885 100644
++--- a/src/core/devices/nm-device-veth.c
+++++ b/src/core/devices/nm-device-veth.c
++@@ -101,8 +101,8 @@ create_and_realize(NMDevice              *device,
++     peer        = nm_setting_veth_get_peer(s_veth);
++     peer_device = nm_manager_get_device(NM_MANAGER_GET, peer, NM_DEVICE_TYPE_VETH);
++     if (peer_device) {
++-        /* The veth device and its peer already exist. No need to create it again. */
++-        if (nm_streq0(nm_device_get_iface(nm_device_parent_get_device(peer_device)), iface))
+++        if (nm_device_parent_get_device(peer_device))
+++            /* The veth device and its peer already exist. No need to create it again. */
++             return TRUE;
++     }
++
++--
++2.40.1
++
 diff --git a/debian/patches/lp2032824/0003-veth-fix-detection-of-existing-interfaces-in-create_.patch b/debian/patches/lp2032824/0003-veth-fix-detection-of-existing-interfaces-in-create_.patch
 new file mode 100644
 index 0000000..ffe12e6
 --- /dev/null
 +++ b/debian/patches/lp2032824/0003-veth-fix-detection-of-existing-interfaces-in-create_.patch
@@ -0,0 +1,84 @@
++From 55a38b791aa13892fa23e2c52ed4a92fe9e80ae1 Mon Sep 17 00:00:00 2001
++From: Beniamino Galvani <bgalvani@redhat.com>
++Date: Fri, 16 Dec 2022 10:13:18 +0100
++Subject: [PATCH 3/3] veth: fix detection of existing interfaces in
++ create_and_realize()
++
++The current implementation only checks that a device with name equal
++to veth.peer exists and it has a parent device; it doesn't check that
++its parent is actually the device we want to create. So for example,
++if the profile specifies interface-name A and peer B, while in
++platform we have a veth pair {B,C}, we'll skip the interface creation
++and the device will remain without a ifindex, leading to a crash
++later. Fix this by adding the missing check.
++
++While at it, don't implement the check by inspecting NMDevices but
++look directly at the platform cache; that seems more robust because
++devices are often updated from platform events via idle handlers and
++so the information there could be outdated.
++
++Fixes: 07e0ab48d194 ('veth: drop iface peer check during create_and_realize()')
++
++https://bugzilla.redhat.com/show_bug.cgi?id=2129829
++
++Origin: https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/50f738bde5b441b5ca52024c1a0998399b87337b
++---
++ src/core/devices/nm-device-veth.c | 32 ++++++++++++++++++++-----------
++ 1 file changed, 21 insertions(+), 11 deletions(-)
++
++diff --git a/src/core/devices/nm-device-veth.c b/src/core/devices/nm-device-veth.c
++index c3482e7885..17115d3362 100644
++--- a/src/core/devices/nm-device-veth.c
+++++ b/src/core/devices/nm-device-veth.c
++@@ -81,11 +81,13 @@ create_and_realize(NMDevice              *device,
++                    const NMPlatformLink **out_plink,
++                    GError               **error)
++ {
++-    const char    *iface = nm_device_get_iface(device);
++-    const char    *peer;
++-    NMDevice      *peer_device;
++-    NMSettingVeth *s_veth;
++-    int            r;
+++    NMPlatform           *platform = nm_device_get_platform(device);
+++    const char           *iface    = nm_device_get_iface(device);
+++    NMSettingVeth        *s_veth;
+++    const NMPlatformLink *plink;
+++    const NMPlatformLink *peer_plink;
+++    int                   peer_ifindex;
+++    int                   r;
++
++     s_veth = _nm_connection_get_setting(connection, NM_TYPE_SETTING_VETH);
++     if (!s_veth) {
++@@ -98,15 +100,23 @@ create_and_realize(NMDevice              *device,
++         return FALSE;
++     }
++
++-    peer        = nm_setting_veth_get_peer(s_veth);
++-    peer_device = nm_manager_get_device(NM_MANAGER_GET, peer, NM_DEVICE_TYPE_VETH);
++-    if (peer_device) {
++-        if (nm_device_parent_get_device(peer_device))
++-            /* The veth device and its peer already exist. No need to create it again. */
+++    /* For veths, users can define two connection profiles referencing each
+++     * other as 'veth.peer'. Only the first to be activated will actually
+++     * create the veth pair; the other must detect that interfaces already
+++     * exist and proceed. */
+++    plink = nm_platform_link_get_by_ifname(platform, iface);
+++    if (plink && nm_platform_link_veth_get_properties(platform, plink->ifindex, &peer_ifindex)) {
+++        peer_plink = nm_platform_link_get(platform, peer_ifindex);
+++        if (peer_plink && peer_plink->type == NM_LINK_TYPE_VETH
+++            && nm_streq0(peer_plink->name, nm_setting_veth_get_peer(s_veth))) {
++             return TRUE;
+++        }
++     }
++
++-    r = nm_platform_link_veth_add(nm_device_get_platform(device), iface, peer, out_plink);
+++    r = nm_platform_link_veth_add(nm_device_get_platform(device),
+++                                  iface,
+++                                  nm_setting_veth_get_peer(s_veth),
+++                                  out_plink);
++     if (r < 0) {
++         g_set_error(error,
++                     NM_DEVICE_ERROR,
++--
++2.40.1
++
 diff --git a/debian/patches/series b/debian/patches/series
 index ac219c1..58e3655 100644
 --- a/debian/patches/series
 +++ b/debian/patches/series
@@ -4,3 +4,6 @@ Force-online-state-with-unmanaged-devices.patch
  # Ubuntu patches
  Provide-access-to-some-of-NM-s-interfaces-to-whoopsie.patch
  Update-dnsmasq-parameters.patch
++lp2032824/0001-veth-fix-veth-activation-on-booting.patch
++lp2032824/0002-veth-drop-iface-peer-check-during-create_and_realize.patch
++lp2032824/0003-veth-fix-detection-of-existing-interfaces-in-create_.patch