lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 13 Aug 2014 19:10:27 +0200 From: Jiri Pirko <jiri@...nulli.us> To: Roy Marples <roy@...ples.name> Cc: Hannes Frederic Sowa <hannes@...hat.com>, netdev@...r.kernel.org Subject: Re: [PATCH] ipv6: do not add link-local address if one already exists Mon, Aug 11, 2014 at 11:22:04PM CEST, roy@...ples.name wrote: >Hi > >On 2014-08-11 01:11, Hannes Frederic Sowa wrote: >>On Mo, 2014-08-11 at 00:05 +0000, Roy Marples wrote: >>>On 2014-08-10 20:37, Hannes Frederic Sowa wrote: >>>> On So, 2014-08-10 at 19:56 +0000, Roy Marples wrote: >>>>> Currently the kernel will always add an IPv6 link-local address >>>>> based on the hardware address when the interface is brought up. >>>>> This is probably based on the assumption that userland would >>>>> never add one before the interface is brought up. >>>>> >>>>> However, one at least one userland application (dhcpcd) does this so >>>>> it can implement RFC7217 which can be used for link-local addresses >>>>> as well. >>>>> >>>>> Attached is a patch which checks to see if a link-local address exists >>>>> before indiscriminately adding one. >>>> >>>> Please have a look at: >>>> https://git.kernel.org/cgit/linux/kernel/git/davem/net-next.git/commit/?id=bc91b0f07ada5535427373a4e2050877bcc12218 >>>> >>>> This was recently implemented just for this specific case. >>> >>>Is that tunable available in /proc or /sys? >>>I'm not overly keen on adding a netlink call just for that in dhcpcd, it >>>would be a lot of bloat compared to the kernel patch. >> >>Can you call iproute via a script? Would that fit your needs? >>https://git.kernel.org/cgit/linux/kernel/git/shemminger/iproute2.git/commit/?h=net-next&id=ff7c20844049be836c10087cb2418b99ff36ca2b > >Not really as there is no guarantee iproute2 is installed on the host. >For now, I've added a netlink call at the expense of around 400 bytes. The iface to idev->addr_gen_mode can be certainly added to sysfs. Feel free to do so. > >Thanks > >Roy >-- >To unsubscribe from this list: send the line "unsubscribe netdev" in >the body of a message to majordomo@...r.kernel.org >More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists