Bug#896434: vlan interfaces must be created in raw-device ifup post, not during raw-device udev processing

[Dan Streetman]

Package: vlan
Version: 1.9-3.2
Severity: important
Tags: patch
User: ubuntu-de...@lists.ubuntu.com
Usertags: origin-ubuntu bionic ubuntu-patch

Dear Maintainer,

Currently, vlan interfaces are created by /lib/udev/vlan-network-interface 
during
udev detection/processing of the vlan's raw-device.  However this can lead to
a race condition of both the raw-device and its vlan interface(s) being ifup'ed,
and if a vlan interface is brought up before its raw-device, and that raw-device
is taken down during ifup (such as is required for e.g. bonds with certain 
params),
any additional configuration on the vlan(s) will be lost when they are taken 
down.
For example, if a vlan has a gateway set, it will be lost if the vlan is ifup'ed
before its raw-device (bond) is ifup'ed.
See https://bugs.launchpad.net/bugs/1573272 for details.

In Ubuntu, the attached patch was applied to achieve the following:

  * Revert change for lp1573272; instead fix by redesigning when vlan
    interfaces are created; after raw-device ifup, not during raw-device
    udev processing. (LP: #1701023)

There are multiple bugs related to this vlan change, all summarized here:
https://bugs.launchpad.net/bugs/1701023

Thanks for considering the patch.


-- System Information:
Debian Release: buster/sid
  APT prefers bionic
  APT policy: (500, 'bionic')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.15.0-13-generic (SMP w/24 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US 
(charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

diff -u vlan-1.9/debian/control vlan-1.9/debian/control
--- vlan-1.9/debian/control
+++ vlan-1.9/debian/control
@@ -1,8 +1,7 @@
 Source: vlan
 Section: misc
 Priority: extra
-Maintainer: Ubuntu Developers <ubuntu-devel-disc...@lists.ubuntu.com>
-XSBC-Original-Maintainer: Ard van Breemen <a...@kwaak.net>
+Maintainer: Ard van Breemen <a...@kwaak.net>
 Uploaders: Loic Minier <l...@dooz.org>
 Build-Depends: debhelper (>= 5)
 Standards-Version: 3.7.2
diff -u vlan-1.9/debian/network/if-pre-up.d/vlan 
vlan-1.9/debian/network/if-pre-up.d/vlan
--- vlan-1.9/debian/network/if-pre-up.d/vlan
+++ vlan-1.9/debian/network/if-pre-up.d/vlan
@@ -60,9 +60,8 @@
         exit 1
     fi
     if [ ! -e "/sys/class/net/$IFACE" ]; then
-        # Try ifup for the raw device, if it fails then bring it up directly
-        # this is required e.g. there is no configuration for the raw device
-        ifup $IF_VLAN_RAW_DEVICE || ip link set up dev $IF_VLAN_RAW_DEVICE
+        # we cannot call ifup for the raw-device here, see LP: #1701023
+        ip link set up dev $IF_VLAN_RAW_DEVICE
         vconfig add $IF_VLAN_RAW_DEVICE $VLANID
     fi
 fi
diff -u vlan-1.9/debian/vlan-network-interface 
vlan-1.9/debian/vlan-network-interface
--- vlan-1.9/debian/vlan-network-interface
+++ vlan-1.9/debian/vlan-network-interface
@@ -25,10 +25,21 @@
 
-    # Now that the environment is ready, call the pre-up script to create the 
vlan
-    export IFACE IF_VLAN_RAW_DEVICE
-
-    # Create the VLANs related to the interface
-    if [ "$IF_VLAN_RAW_DEVICE" = "$INTERFACE" ] || \
-        echo $IFACE | grep -q $INTERFACE; then
-            /etc/network/if-pre-up.d/vlan
+    # If there is no vlan-raw-device defined, check for vlan-formatted name
+    # for example, eth1.123
+    if [ -z "$IF_VLAN_RAW_DEVICE" ]; then
+        IF_VLAN_RAW_DEVICE=${IFACE%%.*}
+        [ "$IFACE" = "$IF_VLAN_RAW_DEVICE" ] && continue
     fi
+
+    # Check if this (vlan) $IFACE uses raw-device $INTERFACE
+    [ "$IF_VLAN_RAW_DEVICE" != "$INTERFACE" ] && continue
+
+    # If we're being called directly from udev, we only want to create the
+    # vlan interface if there is no associated ifupdown config for the
+    # raw-device; otherwise the ifup for the raw-device will create the
+    # vlan interface(s)
+    [ "$1" = "UDEV" ] && ifquery $IF_VLAN_RAW_DEVICE && continue
+
+    # Create the VLAN interface(s) related to the raw-device interface
+    export IFACE IF_VLAN_RAW_DEVICE
+    /etc/network/if-pre-up.d/vlan
 done
diff -u vlan-1.9/debian/vlan.vlan-network-interface.udev 
vlan-1.9/debian/vlan.vlan-network-interface.udev
--- vlan-1.9/debian/vlan.vlan-network-interface.udev
+++ vlan-1.9/debian/vlan.vlan-network-interface.udev
@@ -1 +1 @@
-ACTION=="add", SUBSYSTEM=="net", RUN+="vlan-network-interface"
+ACTION=="add", SUBSYSTEM=="net", RUN+="vlan-network-interface UDEV"
only in patch2:
unchanged:
--- vlan-1.9.orig/debian/network/if-up.d/vlan
+++ vlan-1.9/debian/network/if-up.d/vlan
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+# after vlan-raw-device interface is ifup'ed, then
+# create any associated vlan interfaces
+# (LP: #1701032)
+if [ -x /lib/udev/vlan-network-interface ]; then
+  env INTERFACE=$IFACE /lib/udev/vlan-network-interface
+fi