diff mbox series

[net-next] ipv6: don't generate link-local addr in random or privacy mode

Message ID 20211109065526.16772-1-rocco.yue@mediatek.com (mailing list archive)
State Superseded
Delegated to: Netdev Maintainers
Headers show
Series [net-next] ipv6: don't generate link-local addr in random or privacy mode | expand

Checks

Context Check Description
netdev/tree_selection success Clearly marked for net-next
netdev/fixes_present success Fixes tag not required for -next series
netdev/subject_prefix success Link
netdev/cover_letter success Single patches do not need cover letters
netdev/patch_count success Link
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit success Errors and warnings before: 4780 this patch: 4780
netdev/cc_maintainers warning 3 maintainers not CCed: thomas.karlsson@paneda.se jonas@norrbonn.se pbshelar@fb.com
netdev/build_clang success Errors and warnings before: 876 this patch: 876
netdev/module_param success Was 0 now: 0
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/verify_fixes success No Fixes tag
netdev/build_allmodconfig_warn success Errors and warnings before: 4937 this patch: 4937
netdev/checkpatch warning WARNING: line length of 82 exceeds 80 columns
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/source_inline success Was 0 now: 0

Commit Message

Rocco Yue Nov. 9, 2021, 6:55 a.m. UTC 
In the 3GPP TS 29.061, here is a description as follows:
"In order to avoid any conflict between the link-local address
of the MS and that of the GGSN, the Interface-Identifier used by
the MS to build its link-local address shall be assigned by the
GGSN. The GGSN ensures the uniqueness of this Interface-Identifier.
The MT shall then enforce the use of this Interface-Identifier by
the TE"

In other words, in the cellular network, GGSN determines whether
to reply a solicited RA message by identifying the bottom 64 bits
of the source address of the received RS message. Therefore,
cellular network device's ipv6 link-local address should be set
as the format of fe80::(GGSN assigned IID).

To meet the above spec requirement, this patch adds two new
addr_gen_mode:

1) IN6_ADDR_GEN_MODE_STABLE_PRIVACY_NO_LLA, this mode is suitable
for cellular networks that support RFC7217. In this mode, the
kernel doesn't generate a link-local address for the cellular
NIC, and generates an ipv6 stable privacy global address after
receiving the RA message.

2) IN6_ADDR_GEN_MODE_RANDOM_NO_LLA, in this mode, the kernel
doesn't generate a link-local address for the cellular NIC,
and will use the bottom 64 bits of the link-local address(same
as the IID assigned by GGSN) to form an ipv6 global address
after receiveing the RA message.

Signed-off-by: Rocco Yue <rocco.yue@mediatek.com>
---
 include/uapi/linux/if_link.h       |  2 ++
 net/ipv6/addrconf.c                | 22 ++++++++++++++++------
 tools/include/uapi/linux/if_link.h |  2 ++
 3 files changed, 20 insertions(+), 6 deletions(-)

Comments

Rocco Yue Nov. 13, 2021, 8:46 a.m. UTC | #1 
On Tue, 2021-11-09 at 14:55 +0800, Rocco Yue wrote:
> In the 3GPP TS 29.061, here is a description as follows:
> "In order to avoid any conflict between the link-local address
> of the MS and that of the GGSN, the Interface-Identifier used by
> the MS to build its link-local address shall be assigned by the
> GGSN. The GGSN ensures the uniqueness of this Interface-Identifier.
> The MT shall then enforce the use of this Interface-Identifier by
> the TE"
> 
> In other words, in the cellular network, GGSN determines whether
> to reply a solicited RA message by identifying the bottom 64 bits
> of the source address of the received RS message. Therefore,
> cellular network device's ipv6 link-local address should be set
> as the format of fe80::(GGSN assigned IID).
> 
> To meet the above spec requirement, this patch adds two new
> addr_gen_mode:
> 
> 1) IN6_ADDR_GEN_MODE_STABLE_PRIVACY_NO_LLA, this mode is suitable
> for cellular networks that support RFC7217. In this mode, the
> kernel doesn't generate a link-local address for the cellular
> NIC, and generates an ipv6 stable privacy global address after
> receiving the RA message.
> 
> 2) IN6_ADDR_GEN_MODE_RANDOM_NO_LLA, in this mode, the kernel
> doesn't generate a link-local address for the cellular NIC,
> and will use the bottom 64 bits of the link-local address(same
> as the IID assigned by GGSN) to form an ipv6 global address
> after receiveing the RA message.
> 
> Signed-off-by: Rocco Yue <rocco.yue@mediatek.com>
> ---
>  include/uapi/linux/if_link.h       |  2 ++
>  net/ipv6/addrconf.c                | 22 ++++++++++++++++------
>  tools/include/uapi/linux/if_link.h |  2 ++
>  3 files changed, 20 insertions(+), 6 deletions(-)
> 
> diff --git a/include/uapi/linux/if_link.h
> b/include/uapi/linux/if_link.h
> index eebd3894fe89..9c5695744c7d 100644
> --- a/include/uapi/linux/if_link.h
> +++ b/include/uapi/linux/if_link.h
> @@ -428,6 +428,8 @@ enum in6_addr_gen_mode {
>  	IN6_ADDR_GEN_MODE_NONE,
>  	IN6_ADDR_GEN_MODE_STABLE_PRIVACY,
>  	IN6_ADDR_GEN_MODE_RANDOM,
> +	IN6_ADDR_GEN_MODE_STABLE_PRIVACY_NO_LLA,
> +	IN6_ADDR_GEN_MODE_RANDOM_NO_LLA,
>  };
>  
>  /* Bridge section */
> diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
> index 3445f8017430..0045de10f4b5 100644
> --- a/net/ipv6/addrconf.c
> +++ b/net/ipv6/addrconf.c
> @@ -392,7 +392,8 @@ static struct inet6_dev *ipv6_add_dev(struct
> net_device *dev)
>  	timer_setup(&ndev->rs_timer, addrconf_rs_timer, 0);
>  	memcpy(&ndev->cnf, dev_net(dev)->ipv6.devconf_dflt,
> sizeof(ndev->cnf));
>  
> -	if (ndev->cnf.stable_secret.initialized)
> +	if (ndev->cnf.stable_secret.initialized &&
> +	    ndev->cnf.addr_gen_mode !=
> IN6_ADDR_GEN_MODE_STABLE_PRIVACY_NO_LLA)
>  		ndev->cnf.addr_gen_mode =
> IN6_ADDR_GEN_MODE_STABLE_PRIVACY;
>  
>  	ndev->cnf.mtu6 = dev->mtu;
> @@ -2578,7 +2579,8 @@ static void manage_tempaddrs(struct inet6_dev
> *idev,
>  static bool is_addr_mode_generate_stable(struct inet6_dev *idev)
>  {
>  	return idev->cnf.addr_gen_mode ==
> IN6_ADDR_GEN_MODE_STABLE_PRIVACY ||
> -	       idev->cnf.addr_gen_mode == IN6_ADDR_GEN_MODE_RANDOM;
> +	       idev->cnf.addr_gen_mode == IN6_ADDR_GEN_MODE_RANDOM ||
> +	       idev->cnf.addr_gen_mode ==
> IN6_ADDR_GEN_MODE_STABLE_PRIVACY_NO_LLA;
>  }
>  
>  int addrconf_prefix_rcv_add_addr(struct net *net, struct net_device
> *dev,
> @@ -3331,6 +3333,8 @@ static void addrconf_addr_gen(struct inet6_dev
> *idev, bool prefix_route)
>  					      0, 0, GFP_KERNEL);
>  		break;
>  	case IN6_ADDR_GEN_MODE_NONE:
> +	case IN6_ADDR_GEN_MODE_RANDOM_NO_LLA:
> +	case IN6_ADDR_GEN_MODE_STABLE_PRIVACY_NO_LLA:
>  	default:
>  		/* will not add any link local address */
>  		break;
> @@ -5798,7 +5802,9 @@ static int check_addr_gen_mode(int mode)
>  	if (mode != IN6_ADDR_GEN_MODE_EUI64 &&
>  	    mode != IN6_ADDR_GEN_MODE_NONE &&
>  	    mode != IN6_ADDR_GEN_MODE_STABLE_PRIVACY &&
> -	    mode != IN6_ADDR_GEN_MODE_RANDOM)
> +	    mode != IN6_ADDR_GEN_MODE_RANDOM &&
> +	    mode != IN6_ADDR_GEN_MODE_STABLE_PRIVACY_NO_LLA &&
> +	    mode != IN6_ADDR_GEN_MODE_RANDOM_NO_LLA)
>  		return -EINVAL;
>  	return 1;
>  }
> @@ -6428,15 +6434,19 @@ static int
> addrconf_sysctl_stable_secret(struct ctl_table *ctl, int write,
>  		for_each_netdev(net, dev) {
>  			struct inet6_dev *idev = __in6_dev_get(dev);
>  
> -			if (idev) {
> +			if (idev && idev->cnf.addr_gen_mode !=
> +			    IN6_ADDR_GEN_MODE_STABLE_PRIVACY_NO_LLA) {
>  				idev->cnf.addr_gen_mode =
>  					IN6_ADDR_GEN_MODE_STABLE_PRIVAC
> Y;
>  			}
>  		}
>  	} else {
>  		struct inet6_dev *idev = ctl->extra1;
> -
> -		idev->cnf.addr_gen_mode =
> IN6_ADDR_GEN_MODE_STABLE_PRIVACY;
> +		if (idev->cnf.addr_gen_mode !=
> +		    IN6_ADDR_GEN_MODE_STABLE_PRIVACY_NO_LLA) {
> +			idev->cnf.addr_gen_mode =
> +				IN6_ADDR_GEN_MODE_STABLE_PRIVACY;
> +		}
>  	}
>  
>  out:
> diff --git a/tools/include/uapi/linux/if_link.h
> b/tools/include/uapi/linux/if_link.h
> index b3610fdd1fee..fb69137aea89 100644
> --- a/tools/include/uapi/linux/if_link.h
> +++ b/tools/include/uapi/linux/if_link.h
> @@ -241,6 +241,8 @@ enum in6_addr_gen_mode {
>  	IN6_ADDR_GEN_MODE_NONE,
>  	IN6_ADDR_GEN_MODE_STABLE_PRIVACY,
>  	IN6_ADDR_GEN_MODE_RANDOM,
> +	IN6_ADDR_GEN_MODE_STABLE_PRIVACY_NO_LLA,
> +	IN6_ADDR_GEN_MODE_RANDOM_NO_LLA,
>  };
>  
>  /* Bridge section */
> -- 
> 2.18.0
> 

Gentle ping on this patch. :-)

Thanks,

Rocco
David Ahern Nov. 13, 2021, 4:34 p.m. UTC | #2 
On 11/13/21 1:46 AM, Rocco Yue wrote:
> 
> Gentle ping on this patch. :-)
> 

you sent the patch in the merge window; I believe it has been dropped
from patchworks.

Also, you did not add v2 (or whatever version this is) with a summary of
changes between all versions, and you did not cc all the people who
responded to previous versions.
Rocco Yue Nov. 16, 2021, 2:21 a.m. UTC | #3 
> On Sun, 2021-11-14 at 00:34 +0800, David Ahern wrote:
>> On 11/13/21 1:46 AM, Rocco Yue wrote:
>> 
>> Gentle ping on this patch. :-)
>> 
> 
> you sent the patch in the merge window; I believe it has been dropped
> from patchworks.
>

Hi David,

Thanks for your reply.

Due to I can see this patch from the link below, I'm not sure why this
happened, could you kindly tell me what the merge window is, so I can
avoid such problem next time.
  https://lore.kernel.org/netdev/20211113084636.11685-1-rocco.yue@mediatek.com/t/
  https://lore.kernel.org/lkml/20211113084636.11685-1-rocco.yue@mediatek.com/T/

> Also, you did not add v2 (or whatever version this is) with a summary
> of
> changes between all versions, and you did not cc all the people who
> responded to previous versions.
> 

ok, I will resend a patch that meets the above requirements.

Thanks,

Rocco
David Ahern Nov. 16, 2021, 2:40 a.m. UTC | #4 
On 11/15/21 7:21 PM, Rocco Yue wrote:
> 
> Due to I can see this patch from the link below, I'm not sure why this
> happened, could you kindly tell me what the merge window is, so I can
> avoid such problem next time.
>   https://lore.kernel.org/netdev/20211113084636.11685-1-rocco.yue@mediatek.com/t/
>   https://lore.kernel.org/lkml/20211113084636.11685-1-rocco.yue@mediatek.com/T/

check patch status here:
    https://patchwork.kernel.org/project/netdevbpf/list/

check net-next status here:
    http://vger.kernel.org/~davem/net-next.html
diff mbox series

Patch

diff --git a/include/uapi/linux/if_link.h b/include/uapi/linux/if_link.h
index eebd3894fe89..9c5695744c7d 100644
--- a/include/uapi/linux/if_link.h
+++ b/include/uapi/linux/if_link.h
@@ -428,6 +428,8 @@  enum in6_addr_gen_mode {
 	IN6_ADDR_GEN_MODE_NONE,
 	IN6_ADDR_GEN_MODE_STABLE_PRIVACY,
 	IN6_ADDR_GEN_MODE_RANDOM,
+	IN6_ADDR_GEN_MODE_STABLE_PRIVACY_NO_LLA,
+	IN6_ADDR_GEN_MODE_RANDOM_NO_LLA,
 };
 
 /* Bridge section */
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index 3445f8017430..0045de10f4b5 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -392,7 +392,8 @@  static struct inet6_dev *ipv6_add_dev(struct net_device *dev)
 	timer_setup(&ndev->rs_timer, addrconf_rs_timer, 0);
 	memcpy(&ndev->cnf, dev_net(dev)->ipv6.devconf_dflt, sizeof(ndev->cnf));
 
-	if (ndev->cnf.stable_secret.initialized)
+	if (ndev->cnf.stable_secret.initialized &&
+	    ndev->cnf.addr_gen_mode != IN6_ADDR_GEN_MODE_STABLE_PRIVACY_NO_LLA)
 		ndev->cnf.addr_gen_mode = IN6_ADDR_GEN_MODE_STABLE_PRIVACY;
 
 	ndev->cnf.mtu6 = dev->mtu;
@@ -2578,7 +2579,8 @@  static void manage_tempaddrs(struct inet6_dev *idev,
 static bool is_addr_mode_generate_stable(struct inet6_dev *idev)
 {
 	return idev->cnf.addr_gen_mode == IN6_ADDR_GEN_MODE_STABLE_PRIVACY ||
-	       idev->cnf.addr_gen_mode == IN6_ADDR_GEN_MODE_RANDOM;
+	       idev->cnf.addr_gen_mode == IN6_ADDR_GEN_MODE_RANDOM ||
+	       idev->cnf.addr_gen_mode == IN6_ADDR_GEN_MODE_STABLE_PRIVACY_NO_LLA;
 }
 
 int addrconf_prefix_rcv_add_addr(struct net *net, struct net_device *dev,
@@ -3331,6 +3333,8 @@  static void addrconf_addr_gen(struct inet6_dev *idev, bool prefix_route)
 					      0, 0, GFP_KERNEL);
 		break;
 	case IN6_ADDR_GEN_MODE_NONE:
+	case IN6_ADDR_GEN_MODE_RANDOM_NO_LLA:
+	case IN6_ADDR_GEN_MODE_STABLE_PRIVACY_NO_LLA:
 	default:
 		/* will not add any link local address */
 		break;
@@ -5798,7 +5802,9 @@  static int check_addr_gen_mode(int mode)
 	if (mode != IN6_ADDR_GEN_MODE_EUI64 &&
 	    mode != IN6_ADDR_GEN_MODE_NONE &&
 	    mode != IN6_ADDR_GEN_MODE_STABLE_PRIVACY &&
-	    mode != IN6_ADDR_GEN_MODE_RANDOM)
+	    mode != IN6_ADDR_GEN_MODE_RANDOM &&
+	    mode != IN6_ADDR_GEN_MODE_STABLE_PRIVACY_NO_LLA &&
+	    mode != IN6_ADDR_GEN_MODE_RANDOM_NO_LLA)
 		return -EINVAL;
 	return 1;
 }
@@ -6428,15 +6434,19 @@  static int addrconf_sysctl_stable_secret(struct ctl_table *ctl, int write,
 		for_each_netdev(net, dev) {
 			struct inet6_dev *idev = __in6_dev_get(dev);
 
-			if (idev) {
+			if (idev && idev->cnf.addr_gen_mode !=
+			    IN6_ADDR_GEN_MODE_STABLE_PRIVACY_NO_LLA) {
 				idev->cnf.addr_gen_mode =
 					IN6_ADDR_GEN_MODE_STABLE_PRIVACY;
 			}
 		}
 	} else {
 		struct inet6_dev *idev = ctl->extra1;
-
-		idev->cnf.addr_gen_mode = IN6_ADDR_GEN_MODE_STABLE_PRIVACY;
+		if (idev->cnf.addr_gen_mode !=
+		    IN6_ADDR_GEN_MODE_STABLE_PRIVACY_NO_LLA) {
+			idev->cnf.addr_gen_mode =
+				IN6_ADDR_GEN_MODE_STABLE_PRIVACY;
+		}
 	}
 
 out:
diff --git a/tools/include/uapi/linux/if_link.h b/tools/include/uapi/linux/if_link.h
index b3610fdd1fee..fb69137aea89 100644
--- a/tools/include/uapi/linux/if_link.h
+++ b/tools/include/uapi/linux/if_link.h
@@ -241,6 +241,8 @@  enum in6_addr_gen_mode {
 	IN6_ADDR_GEN_MODE_NONE,
 	IN6_ADDR_GEN_MODE_STABLE_PRIVACY,
 	IN6_ADDR_GEN_MODE_RANDOM,
+	IN6_ADDR_GEN_MODE_STABLE_PRIVACY_NO_LLA,
+	IN6_ADDR_GEN_MODE_RANDOM_NO_LLA,
 };
 
 /* Bridge section */