Normalizing can be complicated, as settings depend on each other and possibly
conflict.
That is, because verify() must exactly anticipate whether normalization will
succeed and how the result will look like. That is because we only want to
modify the connection, if we are sure that the result will verify.
Hence, verify() and normalize() are strongly related. The implementation
should not be spread out between NMSettingOvsInterface:verify(),
NMSettingOvsPatch:verify() and _normalize_ovs_interface_type().
Also, add some unit-tests.
There is no API to get all settings. You can only ask for
settings explicitly, but that requires you to probe for them
and know which ones may exist.
The alternative API might be nm_connection_for_each_setting_value(),
but that only iterates over settings' properties. If a setting has no
properties, it is ignored.
For a while now, all NMPObject instances are not modified after
being cached. They are immutable, and can be passed around by keeping
a reference to them.
No longer copy the NMPlatformLink data to a @info variable. Instead,
take a reference (which ensures that the instance stays alive). It
won't change, as it's immutable.
The advantage is, that whenever you see a NMPlatformLink pointer,
for exmple in device_recheck_slave_status(), you can be sure that
it's actually a NMPObect, and NMP_OBJECT_UP_CAST() will work.
We now can be enslaved and have L3 configuration at the same time.
This also reduces some unnecessary complexity, because the decision to
progress to IP_CHECK or SECONDARIES now happens in a single place, in
the check_ip_state() routine.
The OpenVSwitch interfaces come into existence by their enslavement to a port.
They can also bear an IP4 or IP6 configuration -- waiting on a carrier would
deadlock the acitvation.
That one is special. All interfaces that are attached to OpenVSwitch
ports appear as slaves to that one even for our purposes we like to
pretend they're slaves to the actual OpenVSwitch bridges.
For some software devices, the platform link appears only after they've been
realized. Update their properties and let them know that the link has changed
so they can eventually proceed with activation.
Also, reset the properties (udi, iface, driver) that are set from the platform
link when the link goes away. At that point they don't reflect reality anymore.
Removes some code duplication too.
2. NetworkManager-1.9.2/src/devices/nm-device-factory.c:312:
returned_pointer: Assigning value from "g_slist_append(list,
g_object_ref(factory))" to "list" here, but that stored value is
overwritten before it can be used.
Fixes: 98afc76184
Fixes: 449940af1d
Coverity doesn't like this. Refactor a bit, hoping that it fares better.
1. Defect type: ASSERT_SIDE_EFFECT
1. NetworkManager-1.9.2/src/devices/nm-device.c:10226: assignment_where_comparison_intended: Assignment "ip_ifindex = nm_device_get_ip_ifindex(self)" has a side effect. This code will work differently in a non-debug build.
2. NetworkManager-1.9.2/src/devices/nm-device.c:10226: remediation: Did you intend to use a comparison ("==") instead?
2. NetworkManager-1.9.2/src/devices/nm-device-factory.c:312:
returned_pointer: Assigning value from "g_slist_append(list,
g_object_ref(factory))" to "list" here, but that stored value is
overwritten before it can be used.
Fixes: 98afc76184
nmcli typically doesn't run setuid, nor uses file capabilities or is labelled
for a SELinux domain trainsition upon execution.
But in case anyone has any reason to do that, we should follow good
security practices and not exec whatever is set in the environment.
2. NetworkManager-1.9.2/src/devices/nm-device-factory.c:312:
returned_pointer: Assigning value from "g_slist_append(list,
g_object_ref(factory))" to "list" here, but that stored value is
overwritten before it can be used.
Coverity claims:
1. NetworkManager-1.9.2/src/devices/team/nm-device-team.c:303:
unsigned_compare: This greater-than-or-equal-to-zero comparison of an
unsigned value is always true. "0U <= LOGL_DEBUG".
If @ifname is set, we above lookup by name (nmp_lookup_init_link_by_ifname)
and set ifname to NULL. Hence, inside the loop, the check for ifname is
never true.
Coverity is unhappy about comparing the literal LOG_DEBUG value:
1. Defect type: CONSTANT_EXPRESSION_RESULT
1. NetworkManager-1.9.2/src/systemd/src/libsystemd/sd-event/sd-event.c:2652:
result_independent_of_operands: "7 >= (_level & 7)" is always true regardless
of the values of its operands. This occurs as the logical first operand of "?:".
Work around by instead using an inline function.
