| Message ID | 20230919180411.754981-1-prohr@google.com (mailing list archive) |
|---|---|
| State | Superseded |
| Delegated to: | Netdev Maintainers |
| Headers | show |
| Series | [net-next,v3] net: add sysctl to disable rfc4862 5.5.3e lifetime handling | expand |
Tue, Sep 19, 2023 at 08:04:11PM CEST, prohr@google.com wrote: >This change adds a sysctl to opt-out of RFC4862 section 5.5.3e's valid >lifetime derivation mechanism. > >RFC4862 section 5.5.3e prescribes that the valid lifetime in a Router >Advertisement PIO shall be ignored if it less than 2 hours and to reset >the lifetime of the corresponding address to 2 hours. An in-progress >6man draft (see draft-ietf-6man-slaac-renum-07 section 4.2) is currently >looking to remove this mechanism. While this draft has not been moving >particularly quickly for other reasons, there is widespread consensus on >section 4.2 which updates RFC4862 section 5.5.3e. > >Cc: Maciej Żenczykowski <maze@google.com> >Cc: Lorenzo Colitti <lorenzo@google.com> >Cc: Jen Linkova <furry@google.com> >Cc: Jiri Pirko <jiri@resnulli.us> >Signed-off-by: Patrick Rohr <prohr@google.com> Reviewed-by: Jiri Pirko <jiri@nvidia.com>
On 9/19/23 12:04 PM, Patrick Rohr wrote: > This change adds a sysctl to opt-out of RFC4862 section 5.5.3e's valid > lifetime derivation mechanism. > > RFC4862 section 5.5.3e prescribes that the valid lifetime in a Router > Advertisement PIO shall be ignored if it less than 2 hours and to reset > the lifetime of the corresponding address to 2 hours. An in-progress > 6man draft (see draft-ietf-6man-slaac-renum-07 section 4.2) is currently > looking to remove this mechanism. While this draft has not been moving > particularly quickly for other reasons, there is widespread consensus on > section 4.2 which updates RFC4862 section 5.5.3e. > > Cc: Maciej Żenczykowski <maze@google.com> > Cc: Lorenzo Colitti <lorenzo@google.com> > Cc: Jen Linkova <furry@google.com> > Cc: Jiri Pirko <jiri@resnulli.us> > Signed-off-by: Patrick Rohr <prohr@google.com> > --- > Documentation/networking/ip-sysctl.rst | 11 ++++++++ > include/linux/ipv6.h | 1 + > net/ipv6/addrconf.c | 38 +++++++++++++++++--------- > 3 files changed, 37 insertions(+), 13 deletions(-) > > diff --git a/Documentation/networking/ip-sysctl.rst b/Documentation/networking/ip-sysctl.rst > index a66054d0763a..45d700e04dba 100644 > --- a/Documentation/networking/ip-sysctl.rst > +++ b/Documentation/networking/ip-sysctl.rst > @@ -2304,6 +2304,17 @@ accept_ra_pinfo - BOOLEAN > - enabled if accept_ra is enabled. > - disabled if accept_ra is disabled. > > +ra_honor_pio_life - BOOLEAN > + Whether to use RFC4862 Section 5.5.3e to determine the valid > + lifetime of an address matching a prefix sent in a Router > + Advertisement Prefix Information Option. > + > + - If enabled, the PIO valid lifetime will always be honored. > + - If disabled, RFC4862 section 5.5.3e is used to determine > + the valid lifetime of the address. > + > + Default: 0 (disabled) > + > accept_ra_rt_info_min_plen - INTEGER > Minimum prefix length of Route Information in RA. > > diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h > index 5883551b1ee8..59fcc4fee7b7 100644 > --- a/include/linux/ipv6.h > +++ b/include/linux/ipv6.h > @@ -35,6 +35,7 @@ struct ipv6_devconf { > __s32 accept_ra_min_hop_limit; > __s32 accept_ra_min_lft; > __s32 accept_ra_pinfo; > + __s32 ra_honor_pio_life; Any reason for this to be 4B entry for a boolean? all of these __s32 entries for what are really booleans is pushing devconf size over 256B which means allocations are 512B. Unnecessary waste of memory.
diff --git a/Documentation/networking/ip-sysctl.rst b/Documentation/networking/ip-sysctl.rst index a66054d0763a..45d700e04dba 100644 --- a/Documentation/networking/ip-sysctl.rst +++ b/Documentation/networking/ip-sysctl.rst @@ -2304,6 +2304,17 @@ accept_ra_pinfo - BOOLEAN - enabled if accept_ra is enabled. - disabled if accept_ra is disabled. +ra_honor_pio_life - BOOLEAN + Whether to use RFC4862 Section 5.5.3e to determine the valid + lifetime of an address matching a prefix sent in a Router + Advertisement Prefix Information Option. + + - If enabled, the PIO valid lifetime will always be honored. + - If disabled, RFC4862 section 5.5.3e is used to determine + the valid lifetime of the address. + + Default: 0 (disabled) + accept_ra_rt_info_min_plen - INTEGER Minimum prefix length of Route Information in RA. diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h index 5883551b1ee8..59fcc4fee7b7 100644 --- a/include/linux/ipv6.h +++ b/include/linux/ipv6.h @@ -35,6 +35,7 @@ struct ipv6_devconf { __s32 accept_ra_min_hop_limit; __s32 accept_ra_min_lft; __s32 accept_ra_pinfo; + __s32 ra_honor_pio_life; __s32 ignore_routes_with_linkdown; #ifdef CONFIG_IPV6_ROUTER_PREF __s32 accept_ra_rtr_pref; diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index 47d1dd8501b7..edfb450e5893 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -204,6 +204,7 @@ static struct ipv6_devconf ipv6_devconf __read_mostly = { .accept_ra_min_hop_limit= 1, .accept_ra_min_lft = 0, .accept_ra_pinfo = 1, + .ra_honor_pio_life = 0, #ifdef CONFIG_IPV6_ROUTER_PREF .accept_ra_rtr_pref = 1, .rtr_probe_interval = 60 * HZ, @@ -265,6 +266,7 @@ static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = { .accept_ra_min_hop_limit= 1, .accept_ra_min_lft = 0, .accept_ra_pinfo = 1, + .ra_honor_pio_life = 0, #ifdef CONFIG_IPV6_ROUTER_PREF .accept_ra_rtr_pref = 1, .rtr_probe_interval = 60 * HZ, @@ -2657,22 +2659,23 @@ int addrconf_prefix_rcv_add_addr(struct net *net, struct net_device *dev, stored_lft = ifp->valid_lft - (now - ifp->tstamp) / HZ; else stored_lft = 0; - if (!create && stored_lft) { + + /* RFC4862 Section 5.5.3e: + * "Note that the preferred lifetime of the + * corresponding address is always reset to + * the Preferred Lifetime in the received + * Prefix Information option, regardless of + * whether the valid lifetime is also reset or + * ignored." + * + * So we should always update prefered_lft here. + */ + update_lft = !create && stored_lft; + + if (update_lft && !in6_dev->cnf.ra_honor_pio_life) { const u32 minimum_lft = min_t(u32, stored_lft, MIN_VALID_LIFETIME); valid_lft = max(valid_lft, minimum_lft); - - /* RFC4862 Section 5.5.3e: - * "Note that the preferred lifetime of the - * corresponding address is always reset to - * the Preferred Lifetime in the received - * Prefix Information option, regardless of - * whether the valid lifetime is also reset or - * ignored." - * - * So we should always update prefered_lft here. - */ - update_lft = 1; } if (update_lft) { @@ -6846,6 +6849,15 @@ static const struct ctl_table addrconf_sysctl[] = { .mode = 0644, .proc_handler = proc_dointvec, }, + { + .procname = "ra_honor_pio_life", + .data = &ipv6_devconf.ra_honor_pio_life, + .maxlen = sizeof(int), + .mode = 0644, + .proc_handler = proc_dointvec_minmax, + .extra1 = SYSCTL_ZERO, + .extra2 = SYSCTL_ONE, + }, #ifdef CONFIG_IPV6_ROUTER_PREF { .procname = "accept_ra_rtr_pref",
This change adds a sysctl to opt-out of RFC4862 section 5.5.3e's valid lifetime derivation mechanism. RFC4862 section 5.5.3e prescribes that the valid lifetime in a Router Advertisement PIO shall be ignored if it less than 2 hours and to reset the lifetime of the corresponding address to 2 hours. An in-progress 6man draft (see draft-ietf-6man-slaac-renum-07 section 4.2) is currently looking to remove this mechanism. While this draft has not been moving particularly quickly for other reasons, there is widespread consensus on section 4.2 which updates RFC4862 section 5.5.3e. Cc: Maciej Żenczykowski <maze@google.com> Cc: Lorenzo Colitti <lorenzo@google.com> Cc: Jen Linkova <furry@google.com> Cc: Jiri Pirko <jiri@resnulli.us> Signed-off-by: Patrick Rohr <prohr@google.com> --- Documentation/networking/ip-sysctl.rst | 11 ++++++++ include/linux/ipv6.h | 1 + net/ipv6/addrconf.c | 38 +++++++++++++++++--------- 3 files changed, 37 insertions(+), 13 deletions(-)