lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Thu, 03 Dec 2015 20:29:53 +0100
From:	Bjørn Mork <bjorn@...k.no>
To:	Hannes Frederic Sowa <hannes@...essinduktion.org>
Cc:	netdev@...r.kernel.org
Subject: Re: [RFC] ipv6: use a random ifid for headerless devices

Hannes Frederic Sowa <hannes@...essinduktion.org> writes:

> I see no problem with the patch as it eases operating those devices. I
> would also suggest storing the ifid in the inet6_dev so it does only
> change during device creation and destruction. Otherwise I would
> recommend to use stable privacy addresses to generate the link local
> addresses. EUI-48 based LL creation should hopefully not be used anymore
> soon.

Thanks for commenting on this. Yes, the stable privacy addresses looks
like they will solve this and other problems.  But enabling them require
an adminstrator action.

After looking more at addrconf, I started wondering if we couldn't abuse
ipv6_generate_stable_address() for this purpose?  We could add a new
addr_gen_mode which would trigger automatic generation of a secret if
stable_secret is uninitialized.  This would be good enough to ensure
stability until the interface is destroyed.  And it would still allow
the adminstrator to select IN6_ADDR_GEN_MODE_STABLE_PRIVACY by entering
a new secret.


Bjørn
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists