| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20140319224121.GI12291@order.stressinduktion.org> Date: Wed, 19 Mar 2014 23:41:21 +0100 From: Hannes Frederic Sowa <hannes@...essinduktion.org> To: Heiner Kallweit <heiner.kallweit@....de> Cc: "netdev@...r.kernel.org" <netdev@...r.kernel.org> Subject: Re: [PATCH net] ipv6: If a public address is deleted then also delete all temporary addresses still referring to it On Wed, Mar 19, 2014 at 10:17:32PM +0100, Heiner Kallweit wrote: > Am 19.03.2014 21:21, schrieb Hannes Frederic Sowa: > > On Tue, Mar 18, 2014 at 09:46:40PM +0100, Heiner Kallweit wrote: > >> If a public address is deleted by an external trigger (e.g. via inet6_rtm_deladdr) then temporary > >> addresses still referring to it may remain. Happened here when the WiFi link broke and netifd > >> deleted the public address. Once the link was back and prefix_rcv created new public addresses > >> ipv6_create_tempaddr complained that the temporary address already existed. > > Which error was it specifically? > > > >> IMHO no temporary address should live longer than its parent, especially because ifpub of the > >> temporary address still points to the then deleted public address otherwise. > > Reference counting will take care of that. > > > >> Therefore delete all related temporary addresses before a public address is deleted in inet6_addr_del > >> which is called by inet6_rtm_del. > > I am a bit concerend with backward compatibility here. > > > >> Also ensure in ipv6_del_addr that no temporary address lives longer than its parent. > > I currently don't see a problem with that. > > > > Greetings, > > > > Hannes > > > > > > The specific error was "retry temporary address regeneration" caused by ipv6_add_addr returning EEXIST. > > First question is whether it's correct that in case of link loss the public address is deleted but not the temporary addresses. > I don't think it's correct. The kernel doesn't delete any addresses in case of link loss. netifd must have done so. In this case netifd should have flushed all addresses from the prefix. Sure, this is racy and the error therefore looks justified for me. > If it's not correct then the question is who's reponsibility it is to delete temporary addresses if the parent public address is deleted. In my opinion those addresses are simple standalone addresses. The link to the public addresses is just for management purposes and should be hidden from user space. So I would be ok, if we enhance the error case a bit, maybe reparent the old temporary address, drop them and silently generate them anew or only update prefix information from the new received prefix information. This should happen without disturbing TCP connections etc. I think this already works, but I don't know if it is worth the effort. > My solution was to do it in the kernel but this might not be the best / correct approach. > Would you prefer that userspace / netifd take care to also delete the temporary addresses? Yes, I would prefer that. > Last but not least the question is whether the kernel should care in general about the situation that a public address is deleted and orphaned > temporary addresses are left behind. I think that we should think of temporary addresses as stand-alone (IFA_F_MANAGETEMPADDR is a different story). Btw. there was already lots of discussions whether automatically drop addresses of an interface in case of link-loss, you can read the IMHO most relevant here: <http://markmail.org/thread/wcb6f6lcuyfuli7b> Greetings, Hannes -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists