| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87vb8fjpou.fsf@nemi.mork.no> Date: Thu, 03 Dec 2015 20:29:53 +0100 From: Bjørn Mork <bjorn@...k.no> To: Hannes Frederic Sowa <hannes@...essinduktion.org> Cc: netdev@...r.kernel.org Subject: Re: [RFC] ipv6: use a random ifid for headerless devices Hannes Frederic Sowa <hannes@...essinduktion.org> writes: > I see no problem with the patch as it eases operating those devices. I > would also suggest storing the ifid in the inet6_dev so it does only > change during device creation and destruction. Otherwise I would > recommend to use stable privacy addresses to generate the link local > addresses. EUI-48 based LL creation should hopefully not be used anymore > soon. Thanks for commenting on this. Yes, the stable privacy addresses looks like they will solve this and other problems. But enabling them require an adminstrator action. After looking more at addrconf, I started wondering if we couldn't abuse ipv6_generate_stable_address() for this purpose? We could add a new addr_gen_mode which would trigger automatic generation of a secret if stable_secret is uninitialized. This would be good enough to ensure stability until the interface is destroyed. And it would still allow the adminstrator to select IN6_ADDR_GEN_MODE_STABLE_PRIVACY by entering a new secret. Bjørn -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists