1. 28 May, 2019 2 commits
  2. 20 May, 2019 5 commits
  3. 19 May, 2019 1 commit
  4. 15 May, 2019 15 commits
    • Thomas Haller's avatar
      device/trivial: add comment about lifetime of "kind" in tc_commit() · 6d9030ac
      Thomas Haller authored
      In general, all fields of public NMPlatform* structs must be
      plain/simple. Meaning: copying the struct must be possible without
      caring about cloning/duplicating memory.
      In other words, if there are fields which lifetime is limited,
      then these fields cannot be inside the public part NMPlatform*.
      
      That is why
      
        - "NMPlatformLink.kind", "NMPlatformQdisc.kind", "NMPlatformTfilter.kind"
          are set by platform code to an interned string (g_intern_string())
          that has a static lifetime.
      
        - the "ingress_qos_map" field is inside the ref-counted struct NMPObjectLnkVlan
          and not NMPlatformLnkVlan. This field requires managing the lifetime
          of the array and NMPlatformLnkVlan cannot provide that.
      
      See also for example NMPClass.cmd_obj_copy() which can deep-copy an object.
      But this is only suitable for fields in NMPObject*. The purpose of this
      rule is that you always can safely copy a NMPlatform* struct without
      worrying about the ownership and lifetime of the fields (the field's
      lifetime is unlimited).
      
      This rule and managing of resource lifetime is the main reason for the
      NMPlatform*/NMPObject* split. NMPlatform* structs simply have no mechanism
      for copying/releasing fields, that is why the NMPObject* counterpart exists
      (which is ref-counted and has a copy and destructor function).
      
      This is violated in tc_commit() for the "kind" strings. The lifetime
      of these strings is tied to the setting instance.
      
      We cannot intern the strings (because these are arbitrary strings
      and interned strings are leaked indefinitely). We also cannot g_strdup()
      the strings, because NMPlatform* is not supposed to own strings.
      
      So, just add comments that warn about this ugliness.
      
      The more correct solution would be to move the "kind" fields inside
      NMPObjectQdisc and NMPObjectTfilter, but that is a lot of extra effort.
      
      (cherry picked from commit f2ae994b)
      6d9030ac
    • Thomas Haller's avatar
      device: don't rely on nm_platform_link_get_ifindex() returning 0 · ea7de52d
      Thomas Haller authored
      While nm_platform_link_get_ifindex() is documented to return 0 if the device
      is not found, don't rely on it. Instead, check that a valid(!) ifindex was
      returned, and only then set the ifindex. Otherwise leave it at zero. There
      is of course no difference in practice, but we generally treat invalid ifindexes
      as <= 0, so it's not immediately clear what nm_platform_link_get_ifindex()
      returns to signal no device.
      
      (cherry picked from commit 9eefe27a)
      ea7de52d
    • Thomas Haller's avatar
      device/trivial: add space between macro name and arguments and vertically align lines · a0161aa9
      Thomas Haller authored
      Also calling macros we commonly put a space between the macro name and
      the parenthesis.
      
      Also align the parameters. Otherwise it's hard to read for me.
      
      (cherry picked from commit 9399297a)
      a0161aa9
    • Thomas Haller's avatar
      platform: merge _add_action(), _add_action_simple() and _add_action_mirred()... · 27341d04
      Thomas Haller authored
      platform: merge _add_action(), _add_action_simple() and _add_action_mirred() into _nl_msg_new_tfilter()
      
      There is only one caller, hence it's simpler to see it all in one place.
      I prefer this, because then I can read the code top to bottom and
      see what's happening, without following helper functions.
      
      Also, this way we can "reuse" the nla_put_failure label and assertion. Previously,
      if the assertion was hit we would not rewind the buffer but continue
      constructing the message (which is already borked). Not that it matters
      too much, because this was on an "failed-assertion" code path.
      
      (cherry picked from commit 04bd404d)
      27341d04
    • Thomas Haller's avatar
      platform: assert for out-of-memory in netlink code · 8b1b398c
      Thomas Haller authored
      These lines can be reached if the allocated buffer is too
      small to hold the netlink message. That is actually a bug
      that we need to fix. Assert.
      
      (cherry picked from commit 3784a2a2)
      8b1b398c
    • Thomas Haller's avatar
      platform: use bool bitfields in NMPlatformActionMirred structure · 79e3b2a8
      Thomas Haller authored
      Arguably, the structure is used inside a union with another (larger)
      struct, hence no memory is saved.
      
      In fact, it may well be slower performance wise to access a boolean bitfield
      than a gboolean (int).
      
      Still, boolean fields in structures should be bool:1 bitfields for
      consistency.
      
      (cherry picked from commit 36d6aa3b)
      79e3b2a8
    • Thomas Haller's avatar
      libnm: rename "memory" parameter of fq_codel QDisc to "memory_limit" · c17fa82b
      Thomas Haller authored
      Kernel calls the netlink attribute TCA_FQ_CODEL_MEMORY_LIMIT. Likewise,
      iproute2 calls this "memory_limit".
      
      Rename because TC parameters are inherrently tied to the kernel
      implementation and we should use the familiar name.
      
      (cherry picked from commit 666d5880)
      c17fa82b
    • Thomas Haller's avatar
      platform: fix handling of default value for TCA_FQ_CODEL_CE_THRESHOLD · 859f8479
      Thomas Haller authored
      iproute2 uses the special value ~0u to indicate not to set
      TCA_FQ_CODEL_CE_THRESHOLD in RTM_NEWQDISC. When not explicitly
      setting the value, kernel treats the threshold as disabled.
      
      However note that 0xFFFFFFFFu is not an invalid threshold (as far as
      kernel is concerned). Thus, we should not use that as value to indicate
      that the value is unset. Note that iproute2 uses the special value ~0u
      only internally thereby making it impossible to set the threshold to
      0xFFFFFFFFu). But kernel does not have this limitation.
      
      Maybe the cleanest way would be to add another field to NMPlatformQDisc:
      
          guint32 ce_threshold;
          bool ce_threshold_set:1;
      
      that indicates whether the threshold is enable or not.
      But note that kernel does:
      
          static void codel_params_init(struct codel_params *params)
          {
          ...
                  params->ce_threshold = CODEL_DISABLED_THRESHOLD;
      
          static int fq_codel_change(struct Qdisc *sch, struct nlattr *opt,
                                     struct netlink_ext_ack *extack)
          {
          ...
                  if (tb[TCA_FQ_CODEL_CE_THRESHOLD]) {
                          u64 val = nla_get_u32(tb[TCA_FQ_CODEL_CE_THRESHOLD]);
      
                          q->cparams.ce_threshold = (val * NSEC_PER_USEC) >> CODEL_SHIFT;
                  }
      
          static int fq_codel_dump(struct Qdisc *sch, struct sk_buff *skb)
          {
          ...
                  if (q->cparams.ce_threshold != CODEL_DISABLED_THRESHOLD &&
                      nla_put_u32(skb, TCA_FQ_CODEL_CE_THRESHOLD,
                                  codel_time_to_us(q->cparams.ce_threshold)))
                          goto nla_put_failure;
      
      This means, kernel internally uses the special value 0x83126E97u to indicate
      that the threshold is disabled (WTF). That is because
      
        (((guint64) 0x83126E97u) * NSEC_PER_USEC) >> CODEL_SHIFT == CODEL_DISABLED_THRESHOLD
      
      So in kernel API this value is reserved (and has a special meaning
      to indicate that the threshold is disabled). So, instead of adding a
      ce_threshold_set flag, use the same value that kernel anyway uses.
      
      (cherry picked from commit 973db2d4)
      859f8479
    • Thomas Haller's avatar
      platform: fix handling of fq_codel's memory limit default value · 509a1bc5
      Thomas Haller authored
      The memory-limit is an unsigned integer. It is ugly (if not wrong) to compare unsigned
      values with "-1". When comparing with the default value we must also use an u32 type.
      Instead add a define NM_PLATFORM_FQ_CODEL_MEMORY_LIMIT_UNSET.
      
      Note that like iproute2 we treat NM_PLATFORM_FQ_CODEL_MEMORY_LIMIT_UNSET
      to indicate to not set TCA_FQ_CODEL_MEMORY_LIMIT in RTM_NEWQDISC. This
      special value is entirely internal to NetworkManager (or iproute2) and
      kernel will then choose a default memory limit (of 32MB). So setting
      NM_PLATFORM_FQ_CODEL_MEMORY_LIMIT_UNSET means to leave it to kernel to
      choose a value (which then chooses 32MB).
      
      See kernel's net/sched/sch_fq_codel.c:
      
          static int fq_codel_init(struct Qdisc *sch, struct nlattr *opt,
                                   struct netlink_ext_ack *extack)
          {
          ...
                  q->memory_limit = 32 << 20; /* 32 MBytes */
      
          static int fq_codel_change(struct Qdisc *sch, struct nlattr *opt,
                                     struct netlink_ext_ack *extack)
          ...
                  if (tb[TCA_FQ_CODEL_MEMORY_LIMIT])
                          q->memory_limit = min(1U << 31, nla_get_u32(tb[TCA_FQ_CODEL_MEMORY_LIMIT]));
      
      Note that not having zero as default value is problematic. In fields like
      "NMPlatformIP4Route.table_coerced" and "NMPlatformRoutingRule.suppress_prefixlen_inverse"
      we avoid this problem by storing a coerced value in the structure so that zero is still
      the default. We don't do that here for memory-limit, so the caller must always explicitly
      set the value.
      
      (cherry picked from commit 46a90438)
      509a1bc5
    • Thomas Haller's avatar
      platform: fix nm_platform_qdisc_to_string() · dd3ca102
      Thomas Haller authored
      When using nm_utils_strbuf_*() API, the buffer gets always moved to the current
      end. We must thus remember and return the original start of the buffer.
      
      (cherry picked from commit b658e3da)
      dd3ca102
    • Thomas Haller's avatar
      platform: use u32 netlink type for TCA_FQ_CODEL_ECN · ef2b660b
      Thomas Haller authored
      In practice, there is no difference when representing 0 or 1 as signed/unsigned 32
      bit integer. But still use the correct type that also kernel uses.
      
      Also, the implicit conversation from uint32 to bool was correct already.
      Still, explicitly convert the uint32 value to boolean in _new_from_nl_qdisc().
      It's no change in behavior.
      
      (cherry picked from commit a1099a1f)
      ef2b660b
    • Thomas Haller's avatar
      platform: use NM_CMP_FIELD_UNSAFE() for comparing bitfield in nm_platform_qdisc_cmp() · 366d3af0
      Thomas Haller authored
      "NM_CMP_FIELD (a, b, fq_codel.ecn == TRUE)" is quite a hack as it relies on
      the implementation of the macro in a particular way. The problem is, that
      NM_CMP_FIELD() uses typeof() which cannot be used with bitfields. So, the
      nicer solution is to use NM_CMP_FIELD_UNSAFE() which exists exactly for bitfields
      (it's "unsafe", because it evaluates arguments more than once as it avoids
      the temporary variable with typeof()).
      
      Same with nm_hash_update_vals() which uses typeof() to avoid evaluating
      arguments more than once. But that again does not work with bitfields.
      The "proper" way is to use NM_HASH_COMBINE_BOOLS().
      
      (cherry picked from commit 47d8bee1)
      366d3af0
    • Thomas Haller's avatar
      device: fix type of loop variable in tc_commit() · 73fdcd38
      Thomas Haller authored
      nqdiscs and ntfilters are unsigned integers. The loop variable must agree in
      range and signedness.
      
      (cherry picked from commit 438855e9)
      73fdcd38
    • Lubomir Rintel's avatar
      tc/tfilter: add mirred action · 4be7cf71
      Lubomir Rintel authored
      (cherry picked from commit 90029214)
      4be7cf71
    • Lubomir Rintel's avatar
      tc/qdisc: add support for fq_codel attributes · 67047a44
      Lubomir Rintel authored
      (cherry picked from commit 1efe982e)
      67047a44
  5. 14 May, 2019 1 commit
    • Thomas Haller's avatar
      core: fix file permissions for "/var/lib/NetworkManager/secret_key" · 2d46247c
      Thomas Haller authored
      Ooherwise, the file has wrong permissions:
      
        # ls -la /var/lib/NetworkManager/secret_key
        ----r-xr-x. 1 root root 50 May 14 13:52 /var/lib/NetworkManager/secret_key
      
      Luckily, /var/lib/NetworkManager should be already
      
        # ls -lad /var/lib/NetworkManager
        drwx------. 2 root root 8192 May 14 13:57 /var/lib/NetworkManager
      
      which mitigates this a bit.
      
      Fixes: dbcb1d6d ('core: let nm_utils_secret_key_read() handle failures internally')
      
      #175
      (cherry picked from commit dc3a2f9b)
      2d46247c
  6. 10 May, 2019 2 commits
    • Thomas Haller's avatar
      settings/d-bus: fix boolean return value of "LoadConnections" · e73a5058
      Thomas Haller authored
      The boolean value is intended to indicate success. It would indicated
      failure due to a bug.
      
      Fixes: 297d4985 ('core/dbus: rework D-Bus implementation to use lower layer GDBusConnection API'):
      (cherry picked from commit 22e830f0)
      e73a5058
    • Thomas Haller's avatar
      settings: avoid assertion for LoadConnections D-Bus method with relative paths · c21171e0
      Thomas Haller authored
        $ busctl call org.freedesktop.NetworkManager /org/freedesktop/NetworkManager/Settings org.freedesktop.NetworkManager.Settings LoadConnections as 1 relative/filename
      
      triggers a g_critical() assertion in nm_utils_file_is_in_path():
      
        ...
        #3  0x00007ffff7a19e7d in g_return_if_fail_warning
            (log_domain=log_domain@entry=0x55555586c333 "NetworkManager", pretty_function=pretty_function@entry=0x55555586c0a0 <__FUNCTION__.38585> "nm_utils_file_is_in_path", expression=expression@entry=0x55555586c010 "abs_filename && abs_filename[0] == '/'") at ../glib/gmessages.c:2767
        #4  0x00005555555f1128 in nm_utils_file_is_in_path (abs_filename=abs_filename@entry=0x555555b56670 "dfd", abs_path=<optimized out>) at src/NetworkManagerUtils.c:1077
        #5  0x00005555555a4779 in load_connection (config=<optimized out>, filename=0x555555b56670 "dfd") at src/settings/plugins/keyfile/nms-keyfile-plugin.c:522
        #6  0x00005555557ce291 in nm_settings_plugin_load_connection (self=0x5555559fd400 [NMSKeyfilePlugin], filename=0x555555b56670 "dfd") at src/settings/nm-settings-plugin.c:70
        #7  0x000055555559ccdf in impl_settings_load_connections
            (obj=<optimized out>, interface_info=<optimized out>, method_info=<optimized out>, connection=<optimized out>, sender=<optimized out>, invocation=0x7fffe0015ed0 [GDBusMethodInvocation], parameters=<optimized out>) at src/settings/nm-settings.c:1439
        #8  0x00005555555a9bf9 in dbus_vtable_method_call
            (connection=0x5555559b91b0 [GDBusConnection], sender=sender@entry=0x555555b5c360 ":1.32283", object_path=object_path@entry=0x7fffe0019070 "/org/freedesktop/NetworkManager/Settings", interface_name=<optimized out>, interface_name@entry=0x7fffe002aa70 "org.freedesktop.NetworkManager.Settings", method_name=<optimized out>,
            method_name@entry=0x7fffe00276b0 "LoadConnections", parameters=parameters@entry=0x555555c4a690, invocation=0x7fffe0015ed0 [GDBusMethodInvocation], user_data=0x5555559a1a00)
            at src/nm-dbus-manager.c:947
        #9  0x00007ffff7c506c4 in call_in_idle_cb (user_data=user_data@entry=0x7fffe0015ed0) at ../gio/gdbusconnection.c:4874
        #10 0x00007ffff7a0e8eb in g_idle_dispatch (source=source@entry=0x7fffe00208a0, callback=0x7ffff7c50590 <call_in_idle_cb>, user_data=0x7fffe0015ed0) at ../glib/gmain.c:5627
        #11 0x00007ffff7a11fd0 in g_main_dispatch (context=0x555555994d00) at ../glib/gmain.c:3189
        #12 0x00007ffff7a11fd0 in g_main_context_dispatch (context=context@entry=0x555555994d00) at ../glib/gmain.c:3854
        #13 0x00007ffff7a12368 in g_main_context_iterate (context=0x555555994d00, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:3927
        #14 0x00007ffff7a126b3 in g_main_loop_run (loop=0x555555995e60) at ../glib/gmain.c:4123
        #15 0x000055555558a741 in main (argc=<optimized out>, argv=<optimized out>) at src/main.c:444
      
      Filter out relative filenames early.
      
      (cherry picked from commit a1b102ea)
      c21171e0
  7. 08 May, 2019 3 commits
  8. 07 May, 2019 2 commits
  9. 06 May, 2019 2 commits
    • Beniamino Galvani's avatar
      device: fix reapply of MTU · e738479b
      Beniamino Galvani authored
      When we set the MTU on the link we remember its previous source
      (ip-config, parent-device or connection profile) and don't change it
      again afterwards to avoid interfering with user's manual changes. The
      only exceptions when we change it again are (1) if the parent device
      MTU changes and (2) if the new MTU has higher priority than the one
      previously set.
      
      To allow a live reapply of the MTU property we also need to clear the
      saved source, or the checks described above will prevent setting the
      new value.
      
      Fixes: 2f891723 ('device: rework mtu priority handling')
      
      https://bugzilla.redhat.com/show_bug.cgi?id=1702657
      (cherry picked from commit 4ed72fa6)
      e738479b
    • Beniamino Galvani's avatar
      settings: fix failed assertion · d80818e6
      Beniamino Galvani authored
      Fix the following assertion failure:
      
        g_object_ref: assertion 'G_IS_OBJECT (object)' failed.
      
      nm_settings_add_connection() can return a NULL connection.
      
      Fixes: f034f17f ('settings: keep the added connection alive for a bit longer')
      (cherry picked from commit 48ce3628)
      d80818e6
  10. 03 May, 2019 2 commits
    • Thomas Haller's avatar
      device/wireguard: fix memleak for NMDeviceWireGuard · 5a1818b6
      Thomas Haller authored
      Fixes: 2148d094 ('core/wireguard: add support for WireGuard peers')
      (cherry picked from commit 56d748eb)
      5a1818b6
    • Thomas Haller's avatar
      platform/tests: workaround routing-rules test failure due to suppress_prefixlen on older kernels · cc438c2a
      Thomas Haller authored
      On Ubuntu 14.04 kernel (4.4.0-146-generic, x86_64) this easily causes
      test failures:
      
          make -j 8 src/platform/tests/test-route-linux \
          && while true; do \
              NMTST_SEED_RANDOM= ./tools/run-nm-test.sh src/platform/tests/test-route-linux -p /route/rule \
              || break; \
          done
      
      outputs:
      
          ...
          /route/rule/1:
          nmtst: initialize nmtst_get_rand() with NMTST_SEED_RAND=22892021
          OK
          /route/rule/2: >>> failing...
          >>> no fuzzy match between: [routing-rule,0x205ab30,1,+alive,+visible; [6] 0: from all suppress_prefixlen 8 none]
          >>>                    and: [routing-rule,0x205c0c0,1,+alive,+visible; [6] 0: from all suppress_prefixlen -1579099242 none]
          **
          test:ERROR:src/platform/tests/test-route.c:1695:test_rule: code should not be reached
      
      (cherry picked from commit d5a2b709)
      cc438c2a
  11. 18 Apr, 2019 5 commits
    • Thomas Haller's avatar
      platform: fix nm_platform_lnk_gre_to_string() for tap links · ed88c71f
      Thomas Haller authored
      Why didn't we get a compiler warning about this bug?
      At least clang (3.8.0-2ubuntu4, Ubuntu 16.04) warns:
      
          CC       src/platform/src_libNetworkManagerBase_la-nm-platform.lo
        ../src/platform/nm-platform.c:5389:14: error: data argument not used by format string [-Werror,-Wformat-extra-args]
                            lnk->remote ? nm_sprintf_buf (str_remote, " remote %s", nm_utils_inet4_ntop (lnk->remote, str_remote1)) : "",
                            ^
      
      Fixes: 4c2862b9 ('platform: add gretap tunnels support')
      (cherry picked from commit dfb899f4)
      ed88c71f
    • Thomas Haller's avatar
      build/meson: rename "nm_core_dep" to "libnm_core_dep" · e7836cd1
      Thomas Haller authored
      The library is called "libnm_core". So the dependency should be called
      "libnm_core_dep", like in all other cases.
      
      (cherry picked from commit c27ad37c)
      e7836cd1
    • Thomas Haller's avatar
      shared: build helper "libnm-libnm-core-{intern|aux}.la" library for libnm-core · 284ac92e
      Thomas Haller authored
      "libnm-core" implements common functionality for "NetworkManager" and
      "libnm".
      
      Note that clients like "nmcli" cannot access the internal API provided
      by "libnm-core". So, if nmcli wants to do something that is also done by
      "libnm-core", , "libnm", or "NetworkManager", the code would have to be
      duplicated.
      
      Instead, such code can be in "libnm-libnm-core-{intern|aux}.la".
      Note that:
      
        0) "libnm-libnm-core-intern.la" is used by libnm-core itsself.
           On the other hand, "libnm-libnm-core-aux.la" is not used by
           libnm-core, but provides utilities on top of it.
      
        1) they both extend "libnm-core" with utlities that are not public
           API of libnm itself. Maybe part of the code should one day become
           public API of libnm. On the other hand, this is code for which
           we may not want to commit to a stable interface or which we
           don't want to provide as part of the API.
      
        2) "libnm-libnm-core-intern.la" is statically linked by "libnm-core"
           and thus directly available to "libnm" and "NetworkManager".
           On the other hand, "libnm-libnm-core-aux.la" may be used by "libnm"
           and "NetworkManager".
           Both libraries may be statically linked by libnm clients (like
           nmcli).
      
        3) it must only use glib, libnm-glib-aux.la, and the public API
           of libnm-core.
           This is important: it must not use "libnm-core/nm-core-internal.h"
           nor "libnm-core/nm-utils-private.h" so the static library is usable
           by nmcli which couldn't access these.
      
      Note that "shared/nm-meta-setting.c" is an entirely different case,
      because it behaves differently depending on whether linking against
      "libnm-core" or the client programs. As such, this file must be compiled
      twice.
      
      (cherry picked from commit af07ed01)
      284ac92e
    • Thomas Haller's avatar
      shared: move "nm-dbus-compat.h" header to "nm-std-aux/nm-dbus-compat.h" · 87f7e684
      Thomas Haller authored
      (cherry picked from commit 81833358)
      87f7e684
    • Thomas Haller's avatar
      shared: move most of "shared/nm-utils" to "shared/nm-glib-aux" · d984b2ce
      Thomas Haller authored
      From the files under "shared/nm-utils" we build an internal library
      that provides glib-based helper utilities.
      
      Move the files of that basic library to a new subdirectory
      "shared/nm-glib-aux" and rename the helper library "libnm-core-base.la"
      to "libnm-glib-aux.la".
      
      Reasons:
      
       - the name "utils" is overused in our code-base. Everything's an
         "utils". Give this thing a more distinct name.
      
       - there were additional files under "shared/nm-utils", which are not
         part of this internal library "libnm-utils-base.la". All the files
         that are part of this library should be together in the same
         directory, but files that are not, should not be there.
      
       - the new name should better convey what this library is and what is isn't:
         it's a set of utilities and helper functions that extend glib with
         funcitonality that we commonly need.
      
      There are still some files left under "shared/nm-utils". They have less
      a unifying propose to be in their own directory, so I leave them there
      for now. But at least they are separate from "shared/nm-glib-aux",
      which has a very clear purpose.
      
      (cherry picked from commit 80db06f7)
      d984b2ce