| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 22 Aug 2016 17:00:00 -0700 (PDT) From: David Miller <davem@...emloft.net> To: mmanning@...cade.com Cc: netdev@...r.kernel.org Subject: Re: [PATCH v2] net: ipv6: Remove addresses for failures with strict DAD From: Mike Manning <mmanning@...cade.com> Date: Thu, 18 Aug 2016 14:39:40 +0100 > If DAD fails with accept_dad set to 2, global addresses and host routes > are incorrectly left in place. Even though disable_ipv6 is set, > contrary to documentation, the addresses are not dynamically deleted > from the interface. It is only on a subsequent link down/up that these > are removed. The fix is not only to set the disable_ipv6 flag, but > also to call addrconf_ifdown(), which is the action to carry out when > disabling IPv6. This results in the addresses and routes being deleted > immediately. The DAD failure for the LL addr is determined as before > via netlink, or by the absence of the LL addr (which also previously > would have had to be checked for in case of an intervening link down > and up). As the call to addrconf_ifdown() requires an rtnl lock, the > logic to disable IPv6 when DAD fails is moved to addrconf_dad_work(). ... > Signed-off-by: Mike Manning <mmanning@...cade.com> Applied, thanks.
Powered by blists - more mailing lists