Bug 1127718

Summary: Backport upstream patches 'dcbw/inet6_addr_gen' to support setting/getting IPv6 link local address generation mode
Product: Red Hat Enterprise Linux 7 Reporter: Thomas Haller <thaller>
Component: libnl3Assignee: Thomas Haller <thaller>
Status: CLOSED ERRATA QA Contact: Desktop QE <desktop-qa-list>
Severity: urgent Docs Contact:
Priority: urgent    
Version: 7.0CC: dcbw, kdube, lmiksik, vbenes, vhumpa
Target Milestone: rcKeywords: FutureFeature, ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: libnl3-3.2.21-7.el7 Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
: 1138087 (view as bug list) Environment:
Last Closed: 2015-03-05 09:24:28 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1107369, 1144144    
Bug Blocks: 1083133, 1133587, 1138087    
Attachments:
Description Flags
[patch] backport to dist-git rhel-7.1
none
[patch v2] backport to dist-git rhel-7.1
none
[patch v3] backport to dist-git rhel-7.1 none

Description Thomas Haller 2014-08-07 12:02:45 UTC 
Backport upstream commit https://github.com/thom311/libnl/commit/000dd945b6bc9e53e234901cf42ed40450981f96


This adds support to libnl3 to access the "IPv6 link local address generation mode" of a link.


This is needed by NetworkManager.

NetworkManager always sets IFF_UP of its interfaces to get carrier detection. However, this normally would also add an IPv6 link local address, which is a security issue. Therefore NM sets disable_ipv6=1 to disable IPv6 altogether. ... which however brings other problems (bug 1083133, bug 1098319).


Kernel adds a new mode to disable IPv6 link local addresses selectively (bug 1107369).

NetworkManager needs the libnl3 patches to make use of the new kernel functionality. This will allow NetworkManager to IFF_UP the device, without need to disable_ipv6 entirely (but kernel still not creating a link local address).
Comment 2 Thomas Haller 2014-08-20 16:16:47 UTC 
Created attachment 928879 [details]
[patch] backport to dist-git rhel-7.1

patch for dist-git, rhel-7.1 branch

Scratch build here:
https://brewweb.devel.redhat.com/taskinfo?taskID=7862245
Comment 3 Dan Williams 2014-08-20 18:17:51 UTC 
(In reply to Thomas Haller from comment #2)
> Created attachment 928879 [details]
> [patch] backport to dist-git rhel-7.1
> 
> patch for dist-git, rhel-7.1 branch
> 
> Scratch build here:
> https://brewweb.devel.redhat.com/taskinfo?taskID=7862245

The patch itself looks good, but you'll need:

+BuildRequires: autoconf

 %prep
+autoreconf -i --force
 %configure --disable-static

since we're building from a tarball, it's already got Makefile.in generated, but we've just modified Makefile.am in the patch, so we need to regenerate Makefile.in, which requires the autoreconf.
Comment 5 Thomas Haller 2014-08-20 18:34:36 UTC 
Created attachment 928904 [details]
[patch v2] backport to dist-git rhel-7.1

Fix previous patch, now calling `autoreconf`

New scratch build: http://brewweb.devel.redhat.com/brew/taskinfo?taskID=7864161
Comment 7 Thomas Haller 2014-08-20 18:55:27 UTC 
Created attachment 928905 [details]
[patch v3] backport to dist-git rhel-7.1

Previous patch still had an issue.

New scratch build: https://brewweb.devel.redhat.com/taskinfo?taskID=7864220
Comment 8 Dan Williams 2014-08-20 20:38:20 UTC 
Ok, so fast? got declined and the PM + QE flags got cleared.  Need them again...
Comment 17 errata-xmlrpc 2015-03-05 09:24:28 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHBA-2015-0403.html