Disable renaming Xen's eth0 to enX0

There are a couple of issues with this renaming: 1. When enabled, the interface name cannot be prediced until it actually happens. This breaks waiting for the device to appear in qubes-network-uplink.service. 2. Setting SYSTEMD_WANTS on a device that gets renamed seems to not work (is the variable bound to the old device name?). This breaks dynamic network attach (see 99-qubes-network.rules). So, disable it completely for Xen devices, at least for now. This may pose some issues (or rather - rollback fix attempt) for VMs with both physical devices and Xen netfront device(s), but this is extremely rare case that nobody complained about before. Fixes QubesOS/qubes-issues#7284
QubesOS · Mar 19, 2022 · 49ec7d9 · 49ec7d9
1 parent 810b3c7
commit 49ec7d9
Show file tree

Hide file tree

Showing 4 changed files with 17 additions and 1 deletion.
diff --git a/Makefile b/Makefile
@@ -108,12 +108,13 @@ SYSTEMD_NETWORK_SERVICES := vm-systemd/qubes-firewall.service vm-systemd/qubes-i
 SYSTEMD_CORE_SERVICES := $(filter-out $(SYSTEMD_NETWORK_SERVICES), $(SYSTEMD_ALL_SERVICES))
 
 install-systemd: install-init
-	install -d $(DESTDIR)$(SYSLIBDIR)/systemd/system{,-preset} $(DESTDIR)$(LIBDIR)/qubes/init $(DESTDIR)$(SYSLIBDIR)/modules-load.d $(DESTDIR)/etc/systemd/system
+	install -d $(DESTDIR)$(SYSLIBDIR)/systemd/system{,-preset} $(DESTDIR)$(LIBDIR)/qubes/init $(DESTDIR)$(SYSLIBDIR)/modules-load.d $(DESTDIR)/etc/systemd/system $(DESTDIR)$(SYSLIBDIR)/systemd/network
 	install -m 0644 $(SYSTEMD_CORE_SERVICES) $(DESTDIR)$(SYSLIBDIR)/systemd/system/
 	install -m 0644 vm-systemd/qubes-*.timer $(DESTDIR)$(SYSLIBDIR)/systemd/system/
 	install -m 0644 vm-systemd/75-qubes-vm.preset $(DESTDIR)$(SYSLIBDIR)/systemd/system-preset/
 	install -m 0644 vm-systemd/qubes-core.conf $(DESTDIR)$(SYSLIBDIR)/modules-load.d/
 	install -m 0644 vm-systemd/xendriverdomain.service $(DESTDIR)/etc/systemd/system/
+	install -m 0644 vm-systemd/80-qubes-vif.link $(DESTDIR)$(SYSLIBDIR)/systemd/network/
 
 install-sysvinit: install-init
 	install -d $(DESTDIR)/etc/init.d

diff --git a/debian/qubes-core-agent-networking.install b/debian/qubes-core-agent-networking.install
@@ -14,6 +14,7 @@ lib/systemd/system/qubes-network.service
 lib/systemd/system/qubes-network-uplink.service
 lib/systemd/system/[email protected]
 lib/systemd/system/qubes-updates-proxy.service
+lib/systemd/network/80-qubes-vif.link
 usr/lib/qubes/init/network-proxy-setup.sh
 usr/lib/qubes/init/network-proxy-stop.sh
 usr/lib/qubes/init/network-uplink-wait.sh

diff --git a/rpm_spec/core-agent.spec.in b/rpm_spec/core-agent.spec.in
@@ -828,6 +828,7 @@ rm -f %{name}-%{version}
 /usr/lib/systemd/system/qubes-network-uplink.service
 /usr/lib/systemd/system/[email protected]
 /usr/lib/systemd/system/qubes-updates-proxy.service
+/usr/lib/systemd/network/80-qubes-vif.link
 /usr/lib/qubes/init/network-proxy-setup.sh
 /usr/lib/qubes/init/network-proxy-stop.sh
 /usr/lib/qubes/init/network-uplink-wait.sh

diff --git a/vm-systemd/80-qubes-vif.link b/vm-systemd/80-qubes-vif.link
@@ -0,0 +1,13 @@
+# Disable renaming of Xen netfront interfaces, to avoid race conditions during
+# network configuration. systemd / udevd does not provide any way to
+# synchronize against interface rename operation when the device is not
+# detected yet.
+# Furthermore, setting SYSTEMD_WANTS in udev seems to not work when interface
+# is renamed.
+# See https://github.com/QubesOS/qubes-issues/issues/7284 for details.
+
+[Match]
+Driver=vif
+
+[Link]
+NamePolicy=