Bug 1566410

Summary: cannot remove macsec module
Product: [Fedora] Fedora Reporter: Vladimir Benes <vbenes>
Component: kernelAssignee: Kernel Maintainer List <kernel-maint>
Status: CLOSED ERRATA QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: high Docs Contact:
Priority: unspecified    
Version: 28CC: airlied, bskeggs, ewk, hdegoede, ichavero, itamar, jarodwilson, jglisse, john.j5live, jonathan, josef, kernel-maint, labbott, linville, mchehab, mjg59, steved
Target Milestone: ---Keywords: Regression
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: kernel-4.16.3-300.fc28 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1578839 (view as bug list) Environment:
Last Closed: 2018-04-27 04:09:51 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1578839    

Description Vladimir Benes 2018-04-12 09:15:56 UTC 
Description of problem:
I am runnign some NetworkManager tests for macsec..

reproducer:

# Setup
modprobe macsec
ip netns add macsec_ns
ip link add macsec_veth type veth peer name macsec_vethp
ip link set macsec_vethp netns macsec_ns
ip link set macsec_veth up
ip netns exec macsec_ns ip link set macsec_vethp up


echo 'eapol_version=3' > /tmp/wpa_supplicant.conf
echo 'ap_scan=0' >> /tmp/wpa_supplicant.conf
echo 'network={' >> /tmp/wpa_supplicant.conf
echo '  key_mgmt=NONE' >> /tmp/wpa_supplicant.conf
echo '  eapol_flags=0' >> /tmp/wpa_supplicant.conf
echo '  macsec_policy=1' >> /tmp/wpa_supplicant.conf
echo '  mka_cak=00112233445566778899001122334455' >> /tmp/wpa_supplicant.conf
echo '  mka_ckn=5544332211009988776655443322110055443322110099887766554433221100' >> /tmp/wpa_supplicant.conf
echo '}' >> /tmp/wpa_supplicant.conf
ip netns exec macsec_ns wpa_supplicant  -c /tmp/wpa_supplicant.conf \
                                        -i macsec_vethp \
                                        -B \
                                        -D macsec_linux \
                                        -P /tmp/wpa_supplicant_ms.pid

sleep 6
ip netns exec macsec_ns ip link show macsec0
ip netns exec macsec_ns ip link set macsec0 up
ip netns exec macsec_ns ip addr add 172.16.10.1/24 dev macsec0
ip netns exec macsec_ns dnsmasq --pid-file=/tmp/dnsmasq_ms.pid \
                                --dhcp-range=172.16.10.10,172.16.10.254,60m  \
                                --interface=macsec0 \
                                --bind-interfaces

# Test
nmcli con add type ethernet con-name test-macsec-base ifname macsec_veth ipv4.method disabled ipv6.method ignore
nmcli con add type macsec con-name test-macsec ifname macsec0 autoconnect no macsec.parent macsec_veth macsec.mode psk macsec.mka-cak 00112233445566778899001122334455 macsec.mka-ckn 5544332211009988776655443322110055443322110099887766554433221100
nmcli con up test-macsec-base
nmcli con up test-macsec

ping -c 2 172.16.10.1

# Clean up
kill $(cat /tmp/wpa_supplicant_ms.pid)
kill $(cat /tmp/dnsmasq_ms.pid)
ip link del macsec_vethp
ip netns delete macsec_ns
nmcli connection delete test-macsec test-macsec-base
modprobe -r macsec


if I run just first phase:
modprobe macsec
ip netns add macsec_ns
ip link add macsec_veth type veth peer name macsec_vethp
ip link set macsec_vethp netns macsec_ns
ip link set macsec_veth up
ip netns exec macsec_ns ip link set macsec_vethp up
ip link del macsec_vethp
ip netns delete macsec_ns
nmcli connection delete test-macsec test-macsec-base
modprobe -r macsec

everything works well

Version-Release number of selected component (if applicable):
kernel-4.16.0-300
NetworkManager-1.10.6-1.fc28.x86_64
wpa_supplicant-2.6-4.el7.x86_64
dnsmasq-2.76-2.el7.x86_64


How reproducible:
always

Steps to Reproduce:
1. see above



Actual results:
stalled modprobe, error in logs, unusable modprobe from this point forward

Expected results:
should clean after correctly

Additional info:
Comment 1 Vladimir Benes 2018-04-12 09:17:18 UTC 
it all works on F27
Comment 2 Laura Abbott 2018-04-12 15:01:42 UTC 
If you boot an older 4.15.x kernel does it work?
Comment 3 Vladimir Benes 2018-04-13 14:49:42 UTC 
(In reply to Laura Abbott from comment #2)
> If you boot an older 4.15.x kernel does it work?

it works with Linux 4.15.0-1.fc28.x86_64 #1 SMP Mon Jan 29 10:12:16 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Comment 4 Laura Abbott 2018-04-16 17:18:06 UTC 
Bisected and reported upstream, reverted a bad patch. I'll pull the revert into appropriate branches.
Comment 5 Fedora Update System 2018-04-20 13:31:19 UTC 
kernel-4.16.3-300.fc28 has been submitted as an update to Fedora 28. https://bodhi.fedoraproject.org/updates/FEDORA-2018-7b851cd56d
Comment 6 Fedora Update System 2018-04-21 18:37:46 UTC 
kernel-4.16.3-300.fc28 has been pushed to the Fedora 28 testing repository. If problems still persist, please make note of it in this bug report.
See https://fedoraproject.org/wiki/QA:Updates_Testing for
instructions on how to install test updates.
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2018-7b851cd56d
Comment 7 Fedora Update System 2018-04-27 04:09:51 UTC 
kernel-4.16.3-300.fc28 has been pushed to the Fedora 28 stable repository. If problems still persist, please make note of it in this bug report.