lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20180226154132.GA7083@bistromath.localdomain>
Date:   Mon, 26 Feb 2018 16:41:32 +0100
From:   Sabrina Dubroca <sd@...asysnail.net>
To:     David Miller <davem@...emloft.net>
Cc:     dsahern@...il.com, netdev@...r.kernel.org
Subject: Re: [PATCH net-next] ipv6: allow userspace to add IFA_F_OPTIMISTIC
 addresses

2018-02-21, 15:34:21 -0500, David Miller wrote:
> From: Sabrina Dubroca <sd@...asysnail.net>
> Date: Tue, 20 Feb 2018 19:17:17 +0100
> 
> > 2018-02-20, 10:25:41 -0700, David Ahern wrote:
> >> On 2/20/18 9:43 AM, Sabrina Dubroca wrote:
> >> > According to RFC 4429 (section 3.1), adding new IPv6 addresses as
> >> > optimistic addresses is acceptable, as long as the implementation
> >> > follows some rules:
> >> > 
> >> >    * Optimistic DAD SHOULD only be used when the implementation is aware
> >> >         that the address is based on a most likely unique interface
> >> >         identifier (such as in [RFC2464]), generated randomly [RFC3041],
> >> >         or by a well-distributed hash function [RFC3972] or assigned by
> >> >         Dynamic Host Configuration Protocol for IPv6 (DHCPv6) [RFC3315].
> >> >         Optimistic DAD SHOULD NOT be used for manually entered
> >> >         addresses.
> >> 
> >> That last line suggests this patch should not be allowed.
> > 
> > I think it should. Some tools perform autoconfiguration in userspace,
> > why should the kernel prevent them from requesting optimistic DAD?
> > 
> > If the administrator decides to enable optimistic DAD on
> > poorly-choosen addresses, or to disable DAD entirely, that's their
> > problem.
> 
> See, this is the slippery slope we go down once we have allowed
> userspace to engage in the ipv6 autoconfiguration process.
> 
> Whether the kernel is in control or not, or enforcing the rules
> properly, is always going to be ambiguous and hard to determine.
> 
> I somewhat regret allowing us to go down this path...

It's not just autoconf (slaac), but DHCPv6 as well. This would happen
in userspace and produce addresses expected to be unique as well.

What are you concerned about, if we let userspace set this flag?

-- 
Sabrina

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ