[PATCH 3.16 016/305] ipv6, token: allow for clearing the current device token

From: Ben Hutchings
Date: Sun Aug 14 2016 - 07:28:39 EST

Next message: Ben Hutchings: "[PATCH 3.16 011/305] Bluetooth: vhci: purge unhandled skbs"
Previous message: Ben Hutchings: "[PATCH 3.16 288/305] netfilter: x_tables: don't move to non-existent next rule"
In reply to: Ben Hutchings: "[PATCH 3.16 288/305] netfilter: x_tables: don't move to non-existent next rule"
Next in thread: Ben Hutchings: "[PATCH 3.16 011/305] Bluetooth: vhci: purge unhandled skbs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

3.16.37-rc1 review patch. If anyone has any objections, please let me know.

------------------

From: Daniel Borkmann <daniel@xxxxxxxxxxxxx>

commit 47e27d5e92c46a3a62d4dfd8895b1ddb8613f531 upstream.

The original tokenized iid support implemented via f53adae4eae5 ("net: ipv6:
add tokenized interface identifier support") didn't allow for clearing a
device token as it was intended that this addressing mode was the only one
active for globally scoped IPv6 addresses. Later we relaxed that restriction
via 617fe29d45bd ("net: ipv6: only invalidate previously tokenized addresses"),
and we should also allow for clearing tokens as there's no good reason why
it shouldn't be allowed.

Fixes: 617fe29d45bd ("net: ipv6: only invalidate previously tokenized addresses")
Reported-by: Robin H. Johnson <robbat2@xxxxxxxxxx>
Signed-off-by: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
Cc: Hannes Frederic Sowa <hannes@xxxxxxxxxxxxxxxxxxx>
Acked-by: Hannes Frederic Sowa <hannes@xxxxxxxxxxxxxxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
[bwh: Backported to 3.16: adjust context]
Signed-off-by: Ben Hutchings <ben@xxxxxxxxxxxxxxx>
---
net/ipv6/addrconf.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)

--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -4453,15 +4453,13 @@ static int inet6_set_iftoken(struct inet
{
struct inet6_ifaddr *ifp;
struct net_device *dev = idev->dev;
- bool update_rs = false;
+ bool clear_token, update_rs = false;
struct in6_addr ll_addr;

ASSERT_RTNL();

if (token == NULL)
return -EINVAL;
- if (ipv6_addr_any(token))
- return -EINVAL;
if (dev->flags & (IFF_LOOPBACK | IFF_NOARP))
return -EINVAL;
if (!ipv6_accept_ra(idev))
@@ -4476,10 +4474,13 @@ static int inet6_set_iftoken(struct inet

write_unlock_bh(&idev->lock);

+ clear_token = ipv6_addr_any(token);
+ if (clear_token)
+ goto update_lft;
+
if (!idev->dead && (idev->if_flags & IF_READY) &&
!ipv6_get_lladdr(dev, &ll_addr, IFA_F_TENTATIVE |
IFA_F_OPTIMISTIC)) {
-
/* If we're not ready, then normal ifup will take care
* of this. Otherwise, we need to request our rs here.
*/
@@ -4487,6 +4488,7 @@ static int inet6_set_iftoken(struct inet
update_rs = true;
}

+update_lft:
write_lock_bh(&idev->lock);

if (update_rs) {

Next message: Ben Hutchings: "[PATCH 3.16 011/305] Bluetooth: vhci: purge unhandled skbs"
Previous message: Ben Hutchings: "[PATCH 3.16 288/305] netfilter: x_tables: don't move to non-existent next rule"
In reply to: Ben Hutchings: "[PATCH 3.16 288/305] netfilter: x_tables: don't move to non-existent next rule"
Next in thread: Ben Hutchings: "[PATCH 3.16 011/305] Bluetooth: vhci: purge unhandled skbs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]