| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 30 Sep 2017 05:26:23 +0100 (WEST) From: David Miller <davem@...emloft.net> To: mmanning@...cade.com Cc: netdev@...r.kernel.org Subject: Re: [PATCH net-next] net: ipv6: send NS for DAD when link operationally up From: Mike Manning <mmanning@...cade.com> Date: Mon, 25 Sep 2017 22:01:36 +0100 > The NS for DAD are sent on admin up as long as a valid qdisc is found. > A race condition exists by which these packets will not egress the > interface if the operational state of the lower device is not yet up. > The solution is to delay DAD until the link is operationally up > according to RFC2863. Rather than only doing this, follow the existing > code checks by deferring IPv6 device initialization altogether. The fix > allows DAD on devices like tunnels that are controlled by userspace > control plane. The fix has no impact on regular deployments, but means > that there is no IPv6 connectivity until the port has been opened in > the case of port-based network access control, which should be > desirable. > > Signed-off-by: Mike Manning <mmanning@...cade.com> Applied, thank you.
Powered by blists - more mailing lists