From: Mike Gilbert Date: Wed, 10 Jul 2019 15:36:54 +0000 (-0400) Subject: sys-apps/systemd: backport networkd fix X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=d5de18bc38a164bac47401cb9fa4a73afba5d49e;p=gentoo.git sys-apps/systemd: backport networkd fix Closes: https://bugs.gentoo.org/689496 Package-Manager: Portage-2.3.68, Repoman-2.3.16_p2 Signed-off-by: Mike Gilbert --- diff --git a/sys-apps/systemd/files/242-networkd-ipv6-token.patch b/sys-apps/systemd/files/242-networkd-ipv6-token.patch new file mode 100644 index 000000000000..87a85f6f6ab0 --- /dev/null +++ b/sys-apps/systemd/files/242-networkd-ipv6-token.patch @@ -0,0 +1,152 @@ +From 4eb086a38712ea98faf41e075b84555b11b54362 Mon Sep 17 00:00:00 2001 +From: Susant Sahani +Date: Thu, 9 May 2019 07:35:35 +0530 +Subject: [PATCH] networkd: fix link_up() (#12505) + +Fillup IFLA_INET6_ADDR_GEN_MODE while we do link_up. + +Fixes the following error: +``` +dummy-test: Could not bring up interface: Invalid argument +``` + +After reading the kernel code when we do a link up +``` +net/core/rtnetlink.c +IFLA_AF_SPEC + af_ops->set_link_af(dev, af); + inet6_set_link_af + if (tb[IFLA_INET6_ADDR_GEN_MODE]) + Here it looks for IFLA_INET6_ADDR_GEN_MODE +``` +Since link up we didn't filling up that it's failing. + +Closes #12504. +--- + src/network/networkd-link.c | 15 +++++++++++++++ + 1 file changed, 15 insertions(+) + +diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c +index 3c8b5c5cb43..4db9f3f980f 100644 +--- a/src/network/networkd-link.c ++++ b/src/network/networkd-link.c +@@ -2031,6 +2031,8 @@ static int link_up(Link *link) { + } + + if (link_ipv6_enabled(link)) { ++ uint8_t ipv6ll_mode; ++ + r = sd_netlink_message_open_container(req, IFLA_AF_SPEC); + if (r < 0) + return log_link_error_errno(link, r, "Could not open IFLA_AF_SPEC container: %m"); +@@ -2046,6 +2048,19 @@ static int link_up(Link *link) { + return log_link_error_errno(link, r, "Could not append IFLA_INET6_TOKEN: %m"); + } + ++ if (!link_ipv6ll_enabled(link)) ++ ipv6ll_mode = IN6_ADDR_GEN_MODE_NONE; ++ else if (sysctl_read_ip_property(AF_INET6, link->ifname, "stable_secret", NULL) < 0) ++ /* The file may not exist. And event if it exists, when stable_secret is unset, ++ * reading the file fails with EIO. */ ++ ipv6ll_mode = IN6_ADDR_GEN_MODE_EUI64; ++ else ++ ipv6ll_mode = IN6_ADDR_GEN_MODE_STABLE_PRIVACY; ++ ++ r = sd_netlink_message_append_u8(req, IFLA_INET6_ADDR_GEN_MODE, ipv6ll_mode); ++ if (r < 0) ++ return log_link_error_errno(link, r, "Could not append IFLA_INET6_ADDR_GEN_MODE: %m"); ++ + r = sd_netlink_message_close_container(req); + if (r < 0) + return log_link_error_errno(link, r, "Could not close AF_INET6 container: %m"); +From 9f6e82e6eb3b6e73d66d00d1d6eee60691fb702f Mon Sep 17 00:00:00 2001 +From: Yu Watanabe +Date: Thu, 9 May 2019 14:39:46 +0900 +Subject: [PATCH] network: do not send ipv6 token to kernel + +We disabled kernel RA support. Then, we should not send +IFLA_INET6_TOKEN. +Thus, we do not need to send IFLA_INET6_ADDR_GEN_MODE twice. + +Follow-up for 0e2fdb83bb5e22047e0c7cc058b415d0e93f02cf and +4eb086a38712ea98faf41e075b84555b11b54362. +--- + src/network/networkd-link.c | 51 +++++-------------------------------- + 1 file changed, 6 insertions(+), 45 deletions(-) + +diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c +index 2b6ff2b6c58..b6da4ea70b7 100644 +--- a/src/network/networkd-link.c ++++ b/src/network/networkd-link.c +@@ -1954,6 +1954,9 @@ static int link_configure_addrgen_mode(Link *link) { + assert(link->manager); + assert(link->manager->rtnl); + ++ if (!socket_ipv6_is_supported()) ++ return 0; ++ + log_link_debug(link, "Setting address genmode for link"); + + r = sd_rtnl_message_new_link(link->manager->rtnl, &req, RTM_SETLINK, link->ifindex); +@@ -2047,46 +2050,6 @@ static int link_up(Link *link) { + return log_link_error_errno(link, r, "Could not set MAC address: %m"); + } + +- if (link_ipv6_enabled(link)) { +- uint8_t ipv6ll_mode; +- +- r = sd_netlink_message_open_container(req, IFLA_AF_SPEC); +- if (r < 0) +- return log_link_error_errno(link, r, "Could not open IFLA_AF_SPEC container: %m"); +- +- /* if the kernel lacks ipv6 support setting IFF_UP fails if any ipv6 options are passed */ +- r = sd_netlink_message_open_container(req, AF_INET6); +- if (r < 0) +- return log_link_error_errno(link, r, "Could not open AF_INET6 container: %m"); +- +- if (!in_addr_is_null(AF_INET6, &link->network->ipv6_token)) { +- r = sd_netlink_message_append_in6_addr(req, IFLA_INET6_TOKEN, &link->network->ipv6_token.in6); +- if (r < 0) +- return log_link_error_errno(link, r, "Could not append IFLA_INET6_TOKEN: %m"); +- } +- +- if (!link_ipv6ll_enabled(link)) +- ipv6ll_mode = IN6_ADDR_GEN_MODE_NONE; +- else if (sysctl_read_ip_property(AF_INET6, link->ifname, "stable_secret", NULL) < 0) +- /* The file may not exist. And event if it exists, when stable_secret is unset, +- * reading the file fails with EIO. */ +- ipv6ll_mode = IN6_ADDR_GEN_MODE_EUI64; +- else +- ipv6ll_mode = IN6_ADDR_GEN_MODE_STABLE_PRIVACY; +- +- r = sd_netlink_message_append_u8(req, IFLA_INET6_ADDR_GEN_MODE, ipv6ll_mode); +- if (r < 0) +- return log_link_error_errno(link, r, "Could not append IFLA_INET6_ADDR_GEN_MODE: %m"); +- +- r = sd_netlink_message_close_container(req); +- if (r < 0) +- return log_link_error_errno(link, r, "Could not close AF_INET6 container: %m"); +- +- r = sd_netlink_message_close_container(req); +- if (r < 0) +- return log_link_error_errno(link, r, "Could not close IFLA_AF_SPEC container: %m"); +- } +- + r = netlink_call_async(link->manager->rtnl, NULL, req, link_up_handler, + link_netlink_destroy_callback, link); + if (r < 0) +@@ -3226,11 +3189,9 @@ static int link_configure(Link *link) { + if (r < 0) + return r; + +- if (socket_ipv6_is_supported()) { +- r = link_configure_addrgen_mode(link); +- if (r < 0) +- return r; +- } ++ r = link_configure_addrgen_mode(link); ++ if (r < 0) ++ return r; + + return link_configure_after_setting_mtu(link); + } diff --git a/sys-apps/systemd/systemd-241-r3.ebuild b/sys-apps/systemd/systemd-241-r4.ebuild similarity index 99% rename from sys-apps/systemd/systemd-241-r3.ebuild rename to sys-apps/systemd/systemd-241-r4.ebuild index bf75f7e6aa15..9ea26e0dc874 100644 --- a/sys-apps/systemd/systemd-241-r3.ebuild +++ b/sys-apps/systemd/systemd-241-r4.ebuild @@ -173,6 +173,7 @@ src_prepare() { "${FILESDIR}"/242-file-max.patch "${FILESDIR}"/241-wrapper-msan-unpoinson.patch "${FILESDIR}"/242-rdrand-ryzen.patch + "${FILESDIR}"/242-networkd-ipv6-token.patch ) if ! use vanilla; then diff --git a/sys-apps/systemd/systemd-242-r4.ebuild b/sys-apps/systemd/systemd-242-r5.ebuild similarity index 99% rename from sys-apps/systemd/systemd-242-r4.ebuild rename to sys-apps/systemd/systemd-242-r5.ebuild index 942547ef0117..50b6ad640b26 100644 --- a/sys-apps/systemd/systemd-242-r4.ebuild +++ b/sys-apps/systemd/systemd-242-r5.ebuild @@ -175,6 +175,7 @@ src_prepare() { "${FILESDIR}"/242-wireguard-listenport.patch "${FILESDIR}"/242-file-max.patch "${FILESDIR}"/242-rdrand-ryzen.patch + "${FILESDIR}"/242-networkd-ipv6-token.patch ) if ! use vanilla; then