diff mbox series

[net-next] net: ipv6: addrconf: Add accept_ra_prefix_route.

Message ID 1615402193-12122-1-git-send-email-subashab@codeaurora.org (mailing list archive)
State Changes Requested
Delegated to: Netdev Maintainers
Headers show
Series [net-next] net: ipv6: addrconf: Add accept_ra_prefix_route. | expand

Checks

Context Check Description
netdev/cover_letter success Link
netdev/fixes_present success Link
netdev/patch_count success Link
netdev/tree_selection success Clearly marked for net-next
netdev/subject_prefix success Link
netdev/cc_maintainers warning 9 maintainers not CCed: linux-api@vger.kernel.org linmiaohe@huawei.com linux-doc@vger.kernel.org alex.aring@gmail.com willemb@google.com rdunlap@infradead.org corbet@lwn.net praveen5582@gmail.com edumazet@google.com
netdev/source_inline success Was 0 now: 0
netdev/verify_signedoff success Link
netdev/module_param success Was 0 now: 0
netdev/build_32bit fail Errors and warnings before: 3107 this patch: 3108
netdev/kdoc success Errors and warnings before: 38 this patch: 38
netdev/verify_fixes success Link
netdev/checkpatch warning WARNING: line length of 88 exceeds 80 columns WARNING: line length of 90 exceeds 80 columns
netdev/build_allmodconfig_warn fail Errors and warnings before: 3338 this patch: 3339
netdev/header_inline success Link

Commit Message

Subash Abhinov Kasiviswanathan March 10, 2021, 6:49 p.m. UTC
Added new procfs flag to toggle the automatic addition of prefix
routes on a per device basis. The new flag is accept_ra_prefix_route.

A value of 0 for the flag maybe used in some forwarding scenarios
when a userspace daemon is managing the routing.
Manual deletion of the kernel installed route was not sufficient as
kernel was adding back the route.

Defaults to 1 as to not break existing behavior.

Signed-off-by: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org>
---
 Documentation/networking/ip-sysctl.rst | 10 ++++++++++
 include/linux/ipv6.h                   |  1 +
 include/uapi/linux/ipv6.h              |  1 +
 net/ipv6/addrconf.c                    | 16 +++++++++++++---
 4 files changed, 25 insertions(+), 3 deletions(-)

Comments

David Ahern March 10, 2021, 7:28 p.m. UTC | #1
On 3/10/21 11:49 AM, Subash Abhinov Kasiviswanathan wrote:
> Added new procfs flag to toggle the automatic addition of prefix
> routes on a per device basis. The new flag is accept_ra_prefix_route.
> 
> A value of 0 for the flag maybe used in some forwarding scenarios
> when a userspace daemon is managing the routing.
> Manual deletion of the kernel installed route was not sufficient as
> kernel was adding back the route.
> 
> Defaults to 1 as to not break existing behavior.
> 
> Signed-off-by: Subash Abhinov Kasiviswanathan <subashab@codeaurora.org>
> ---
>  Documentation/networking/ip-sysctl.rst | 10 ++++++++++
>  include/linux/ipv6.h                   |  1 +
>  include/uapi/linux/ipv6.h              |  1 +
>  net/ipv6/addrconf.c                    | 16 +++++++++++++---
>  4 files changed, 25 insertions(+), 3 deletions(-)
> 
> diff --git a/Documentation/networking/ip-sysctl.rst b/Documentation/networking/ip-sysctl.rst
> index c7952ac..9f0d92d 100644
> --- a/Documentation/networking/ip-sysctl.rst
> +++ b/Documentation/networking/ip-sysctl.rst
> @@ -2022,6 +2022,16 @@ accept_ra_mtu - BOOLEAN
>  		- enabled if accept_ra is enabled.
>  		- disabled if accept_ra is disabled.
>  
> +accept_ra_prefix_route - BOOLEAN
> +	Apply the prefix route based on the RA. If disabled, kernel
> +	does not install the route. This can be used if a userspace
> +	daemon is managing the routing.
> +
> +	Functional default:
> +
> +		- enabled if accept_ra_prefix_route is enabled
> +		- disabled if accept_ra_prefix_route is disabled
> +
>  accept_redirects - BOOLEAN
>  	Accept Redirects.
>  

this seems to duplicate accept_ra_pinfo
Subash Abhinov Kasiviswanathan March 10, 2021, 9:33 p.m. UTC | #2
On 2021-03-10 12:28, David Ahern wrote:
> On 3/10/21 11:49 AM, Subash Abhinov Kasiviswanathan wrote:
>> Added new procfs flag to toggle the automatic addition of prefix
>> routes on a per device basis. The new flag is accept_ra_prefix_route.
>> 
>> A value of 0 for the flag maybe used in some forwarding scenarios
>> when a userspace daemon is managing the routing.
>> Manual deletion of the kernel installed route was not sufficient as
>> kernel was adding back the route.
>> 
>> Defaults to 1 as to not break existing behavior.
>> 
>> Signed-off-by: Subash Abhinov Kasiviswanathan 
>> <subashab@codeaurora.org>
>> ---
>>  Documentation/networking/ip-sysctl.rst | 10 ++++++++++
>>  include/linux/ipv6.h                   |  1 +
>>  include/uapi/linux/ipv6.h              |  1 +
>>  net/ipv6/addrconf.c                    | 16 +++++++++++++---
>>  4 files changed, 25 insertions(+), 3 deletions(-)
>> 
>> diff --git a/Documentation/networking/ip-sysctl.rst
>> b/Documentation/networking/ip-sysctl.rst
>> index c7952ac..9f0d92d 100644
>> --- a/Documentation/networking/ip-sysctl.rst
>> +++ b/Documentation/networking/ip-sysctl.rst
>> @@ -2022,6 +2022,16 @@ accept_ra_mtu - BOOLEAN
>>  		- enabled if accept_ra is enabled.
>>  		- disabled if accept_ra is disabled.
>> 
>> +accept_ra_prefix_route - BOOLEAN
>> +	Apply the prefix route based on the RA. If disabled, kernel
>> +	does not install the route. This can be used if a userspace
>> +	daemon is managing the routing.
>> +
>> +	Functional default:
>> +
>> +		- enabled if accept_ra_prefix_route is enabled
>> +		- disabled if accept_ra_prefix_route is disabled
>> +
>>  accept_redirects - BOOLEAN
>>  	Accept Redirects.
>> 
> 
> this seems to duplicate accept_ra_pinfo

Thanks David. We will try out that entry instead and check.
Subash Abhinov Kasiviswanathan March 12, 2021, 2:22 a.m. UTC | #3
On 2021-03-10 14:33, subashab@codeaurora.org wrote:
> On 2021-03-10 12:28, David Ahern wrote:
>> On 3/10/21 11:49 AM, Subash Abhinov Kasiviswanathan wrote:
>>> Added new procfs flag to toggle the automatic addition of prefix
>>> routes on a per device basis. The new flag is accept_ra_prefix_route.
>>> 
>>> A value of 0 for the flag maybe used in some forwarding scenarios
>>> when a userspace daemon is managing the routing.
>>> Manual deletion of the kernel installed route was not sufficient as
>>> kernel was adding back the route.
>>> 
>>> Defaults to 1 as to not break existing behavior.
>>> 
>>> Signed-off-by: Subash Abhinov Kasiviswanathan 
>>> <subashab@codeaurora.org>
>>> ---
>>>  Documentation/networking/ip-sysctl.rst | 10 ++++++++++
>>>  include/linux/ipv6.h                   |  1 +
>>>  include/uapi/linux/ipv6.h              |  1 +
>>>  net/ipv6/addrconf.c                    | 16 +++++++++++++---
>>>  4 files changed, 25 insertions(+), 3 deletions(-)
>>> 
>>> diff --git a/Documentation/networking/ip-sysctl.rst
>>> b/Documentation/networking/ip-sysctl.rst
>>> index c7952ac..9f0d92d 100644
>>> --- a/Documentation/networking/ip-sysctl.rst
>>> +++ b/Documentation/networking/ip-sysctl.rst
>>> @@ -2022,6 +2022,16 @@ accept_ra_mtu - BOOLEAN
>>>  		- enabled if accept_ra is enabled.
>>>  		- disabled if accept_ra is disabled.
>>> 
>>> +accept_ra_prefix_route - BOOLEAN
>>> +	Apply the prefix route based on the RA. If disabled, kernel
>>> +	does not install the route. This can be used if a userspace
>>> +	daemon is managing the routing.
>>> +
>>> +	Functional default:
>>> +
>>> +		- enabled if accept_ra_prefix_route is enabled
>>> +		- disabled if accept_ra_prefix_route is disabled
>>> +
>>>  accept_redirects - BOOLEAN
>>>  	Accept Redirects.
>>> 
>> 
>> this seems to duplicate accept_ra_pinfo
> 
> Thanks David. We will try out that entry instead and check.

We are seeing that the interface itself doesn't get the address assigned
via RA when setting accept_ra_pinfo = 0.

We would like to have the interface address assigned via SLAAC
here while the route management would be handled via the userspace 
daemon.
In that case, we do not want the kernel installed route to be present
(behavior controlled via this proc entry).
David Ahern March 12, 2021, 4:41 p.m. UTC | #4
On 3/11/21 7:22 PM, subashab@codeaurora.org wrote:
> 
> We are seeing that the interface itself doesn't get the address assigned
> via RA when setting accept_ra_pinfo = 0.
> 
> We would like to have the interface address assigned via SLAAC
> here while the route management would be handled via the userspace daemon.
> In that case, we do not want the kernel installed route to be present
> (behavior controlled via this proc entry).

sysctl's are not free and in this case you want to add a second one to
pick and choose which data in the message you want the kernel to act on.

Why can't the userspace daemon remove the route and add the one it
prefers? Or add another route with a metric that makes it the preferred
route making the kernel one effectively moot?
Subash Abhinov Kasiviswanathan March 12, 2021, 11:30 p.m. UTC | #5
> sysctl's are not free and in this case you want to add a second one to
> pick and choose which data in the message you want the kernel to act 
> on.
> 
> Why can't the userspace daemon remove the route and add the one it
> prefers? Or add another route with a metric that makes it the preferred
> route making the kernel one effectively moot?

As I recall, kernel was adding back the prefix based route when it is
deleted by userspace. I'll check this again to confirm the behavior
and also try installing the routes with lower metric.
diff mbox series

Patch

diff --git a/Documentation/networking/ip-sysctl.rst b/Documentation/networking/ip-sysctl.rst
index c7952ac..9f0d92d 100644
--- a/Documentation/networking/ip-sysctl.rst
+++ b/Documentation/networking/ip-sysctl.rst
@@ -2022,6 +2022,16 @@  accept_ra_mtu - BOOLEAN
 		- enabled if accept_ra is enabled.
 		- disabled if accept_ra is disabled.
 
+accept_ra_prefix_route - BOOLEAN
+	Apply the prefix route based on the RA. If disabled, kernel
+	does not install the route. This can be used if a userspace
+	daemon is managing the routing.
+
+	Functional default:
+
+		- enabled if accept_ra_prefix_route is enabled
+		- disabled if accept_ra_prefix_route is disabled
+
 accept_redirects - BOOLEAN
 	Accept Redirects.
 
diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h
index 70b2ad3..ae81f7d 100644
--- a/include/linux/ipv6.h
+++ b/include/linux/ipv6.h
@@ -76,6 +76,7 @@  struct ipv6_devconf {
 	__s32		disable_policy;
 	__s32           ndisc_tclass;
 	__s32		rpl_seg_enabled;
+	__s32		accept_ra_prefix_route;
 
 	struct ctl_table_header *sysctl_header;
 };
diff --git a/include/uapi/linux/ipv6.h b/include/uapi/linux/ipv6.h
index 70603775..194b272 100644
--- a/include/uapi/linux/ipv6.h
+++ b/include/uapi/linux/ipv6.h
@@ -190,6 +190,7 @@  enum {
 	DEVCONF_NDISC_TCLASS,
 	DEVCONF_RPL_SEG_ENABLED,
 	DEVCONF_RA_DEFRTR_METRIC,
+	DEVCONF_ACCEPT_RA_PREFIX_ROUTE,
 	DEVCONF_MAX
 };
 
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index f2337fb..5ddef05 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -237,6 +237,7 @@  static struct ipv6_devconf ipv6_devconf __read_mostly = {
 	.addr_gen_mode		= IN6_ADDR_GEN_MODE_EUI64,
 	.disable_policy		= 0,
 	.rpl_seg_enabled	= 0,
+	.accept_ra_prefix_route = 1,
 };
 
 static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = {
@@ -293,6 +294,7 @@  static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = {
 	.addr_gen_mode		= IN6_ADDR_GEN_MODE_EUI64,
 	.disable_policy		= 0,
 	.rpl_seg_enabled	= 0,
+	.accept_ra_prefix_route = 1,
 };
 
 /* Check if link is ready: is it up and is a valid qdisc available */
@@ -2750,9 +2752,10 @@  void addrconf_prefix_rcv(struct net_device *dev, u8 *opt, int len, bool sllao)
 				flags |= RTF_EXPIRES;
 				expires = jiffies_to_clock_t(rt_expires);
 			}
-			addrconf_prefix_route(&pinfo->prefix, pinfo->prefix_len,
-					      0, dev, expires, flags,
-					      GFP_ATOMIC);
+			if (dev->ip6_ptr->cnf.accept_ra_prefix_route) {
+				addrconf_prefix_route(&pinfo->prefix, pinfo->prefix_len,
+						      0, dev, expires, flags, GFP_ATOMIC);
+			}
 		}
 		fib6_info_release(rt);
 	}
@@ -6859,6 +6862,13 @@  static const struct ctl_table addrconf_sysctl[] = {
 	{
 		.procname	= "seg6_enabled",
 		.data		= &ipv6_devconf.seg6_enabled,
+		.maxlen         = sizeof(int),
+		.mode           = 0644,
+		.proc_handler   = proc_dointvec,
+	},
+	{
+		.procname	= "accept_ra_prefix_route",
+		.data		= &ipv6_devconf.accept_ra_prefix_route,
 		.maxlen		= sizeof(int),
 		.mode		= 0644,
 		.proc_handler	= proc_dointvec,