Commit 76f793e3 authored by Lorenzo Colitti's avatar Lorenzo Colitti Committed by David S. Miller

ipv6: updates to privacy addresses per RFC 4941.

Update the code to handle some of the differences between
RFC 3041 and RFC 4941, which obsoletes it. Also a couple
of janitorial fixes.

- Allow router advertisements to increase the lifetime of
  temporary addresses. This was not allowed by RFC 3041,
  but is specified by RFC 4941. It is useful when RA
  lifetimes are lower than TEMP_{VALID,PREFERRED}_LIFETIME:
  in this case, the previous code would delete or deprecate
  addresses prematurely.

- Change the default of MAX_RETRY to 3 per RFC 4941.

- Add a comment to clarify that the preferred and valid
  lifetimes in inet6_ifaddr are relative to the timestamp.

- Shorten lines to 80 characters in a couple of places.
Signed-off-by: default avatarLorenzo Colitti <lorenzo@google.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 79f88ee9
...@@ -8,7 +8,7 @@ ...@@ -8,7 +8,7 @@
#define TEMP_VALID_LIFETIME (7*86400) #define TEMP_VALID_LIFETIME (7*86400)
#define TEMP_PREFERRED_LIFETIME (86400) #define TEMP_PREFERRED_LIFETIME (86400)
#define REGEN_MAX_RETRY (5) #define REGEN_MAX_RETRY (3)
#define MAX_DESYNC_FACTOR (600) #define MAX_DESYNC_FACTOR (600)
#define ADDR_CHECK_FREQUENCY (120*HZ) #define ADDR_CHECK_FREQUENCY (120*HZ)
......
...@@ -41,6 +41,7 @@ struct inet6_ifaddr { ...@@ -41,6 +41,7 @@ struct inet6_ifaddr {
struct in6_addr addr; struct in6_addr addr;
__u32 prefix_len; __u32 prefix_len;
/* In seconds, relative to tstamp. Expiry is at tstamp + HZ * lft. */
__u32 valid_lft; __u32 valid_lft;
__u32 prefered_lft; __u32 prefered_lft;
atomic_t refcnt; atomic_t refcnt;
......
...@@ -824,12 +824,13 @@ static int ipv6_create_tempaddr(struct inet6_ifaddr *ifp, struct inet6_ifaddr *i ...@@ -824,12 +824,13 @@ static int ipv6_create_tempaddr(struct inet6_ifaddr *ifp, struct inet6_ifaddr *i
{ {
struct inet6_dev *idev = ifp->idev; struct inet6_dev *idev = ifp->idev;
struct in6_addr addr, *tmpaddr; struct in6_addr addr, *tmpaddr;
unsigned long tmp_prefered_lft, tmp_valid_lft, tmp_cstamp, tmp_tstamp, age; unsigned long tmp_prefered_lft, tmp_valid_lft, tmp_tstamp, age;
unsigned long regen_advance; unsigned long regen_advance;
int tmp_plen; int tmp_plen;
int ret = 0; int ret = 0;
int max_addresses; int max_addresses;
u32 addr_flags; u32 addr_flags;
unsigned long now = jiffies;
write_lock(&idev->lock); write_lock(&idev->lock);
if (ift) { if (ift) {
...@@ -874,7 +875,7 @@ static int ipv6_create_tempaddr(struct inet6_ifaddr *ifp, struct inet6_ifaddr *i ...@@ -874,7 +875,7 @@ static int ipv6_create_tempaddr(struct inet6_ifaddr *ifp, struct inet6_ifaddr *i
goto out; goto out;
} }
memcpy(&addr.s6_addr[8], idev->rndid, 8); memcpy(&addr.s6_addr[8], idev->rndid, 8);
age = (jiffies - ifp->tstamp) / HZ; age = (now - ifp->tstamp) / HZ;
tmp_valid_lft = min_t(__u32, tmp_valid_lft = min_t(__u32,
ifp->valid_lft, ifp->valid_lft,
idev->cnf.temp_valid_lft + age); idev->cnf.temp_valid_lft + age);
...@@ -884,7 +885,6 @@ static int ipv6_create_tempaddr(struct inet6_ifaddr *ifp, struct inet6_ifaddr *i ...@@ -884,7 +885,6 @@ static int ipv6_create_tempaddr(struct inet6_ifaddr *ifp, struct inet6_ifaddr *i
idev->cnf.max_desync_factor); idev->cnf.max_desync_factor);
tmp_plen = ifp->prefix_len; tmp_plen = ifp->prefix_len;
max_addresses = idev->cnf.max_addresses; max_addresses = idev->cnf.max_addresses;
tmp_cstamp = ifp->cstamp;
tmp_tstamp = ifp->tstamp; tmp_tstamp = ifp->tstamp;
spin_unlock_bh(&ifp->lock); spin_unlock_bh(&ifp->lock);
...@@ -929,7 +929,7 @@ static int ipv6_create_tempaddr(struct inet6_ifaddr *ifp, struct inet6_ifaddr *i ...@@ -929,7 +929,7 @@ static int ipv6_create_tempaddr(struct inet6_ifaddr *ifp, struct inet6_ifaddr *i
ift->ifpub = ifp; ift->ifpub = ifp;
ift->valid_lft = tmp_valid_lft; ift->valid_lft = tmp_valid_lft;
ift->prefered_lft = tmp_prefered_lft; ift->prefered_lft = tmp_prefered_lft;
ift->cstamp = tmp_cstamp; ift->cstamp = now;
ift->tstamp = tmp_tstamp; ift->tstamp = tmp_tstamp;
spin_unlock_bh(&ift->lock); spin_unlock_bh(&ift->lock);
...@@ -1999,25 +1999,50 @@ void addrconf_prefix_rcv(struct net_device *dev, u8 *opt, int len) ...@@ -1999,25 +1999,50 @@ void addrconf_prefix_rcv(struct net_device *dev, u8 *opt, int len)
#ifdef CONFIG_IPV6_PRIVACY #ifdef CONFIG_IPV6_PRIVACY
read_lock_bh(&in6_dev->lock); read_lock_bh(&in6_dev->lock);
/* update all temporary addresses in the list */ /* update all temporary addresses in the list */
list_for_each_entry(ift, &in6_dev->tempaddr_list, tmp_list) { list_for_each_entry(ift, &in6_dev->tempaddr_list,
/* tmp_list) {
* When adjusting the lifetimes of an existing int age, max_valid, max_prefered;
* temporary address, only lower the lifetimes.
* Implementations must not increase the
* lifetimes of an existing temporary address
* when processing a Prefix Information Option.
*/
if (ifp != ift->ifpub) if (ifp != ift->ifpub)
continue; continue;
/*
* RFC 4941 section 3.3:
* If a received option will extend the lifetime
* of a public address, the lifetimes of
* temporary addresses should be extended,
* subject to the overall constraint that no
* temporary addresses should ever remain
* "valid" or "preferred" for a time longer than
* (TEMP_VALID_LIFETIME) or
* (TEMP_PREFERRED_LIFETIME - DESYNC_FACTOR),
* respectively.
*/
age = (now - ift->cstamp) / HZ;
max_valid = in6_dev->cnf.temp_valid_lft - age;
if (max_valid < 0)
max_valid = 0;
max_prefered = in6_dev->cnf.temp_prefered_lft -
in6_dev->cnf.max_desync_factor -
age;
if (max_prefered < 0)
max_prefered = 0;
if (valid_lft > max_valid)
valid_lft = max_valid;
if (prefered_lft > max_prefered)
prefered_lft = max_prefered;
spin_lock(&ift->lock); spin_lock(&ift->lock);
flags = ift->flags; flags = ift->flags;
if (ift->valid_lft > valid_lft && ift->valid_lft = valid_lft;
ift->valid_lft - valid_lft > (jiffies - ift->tstamp) / HZ) ift->prefered_lft = prefered_lft;
ift->valid_lft = valid_lft + (jiffies - ift->tstamp) / HZ; ift->tstamp = now;
if (ift->prefered_lft > prefered_lft && if (prefered_lft > 0)
ift->prefered_lft - prefered_lft > (jiffies - ift->tstamp) / HZ) ift->flags &= ~IFA_F_DEPRECATED;
ift->prefered_lft = prefered_lft + (jiffies - ift->tstamp) / HZ;
spin_unlock(&ift->lock); spin_unlock(&ift->lock);
if (!(flags&IFA_F_TENTATIVE)) if (!(flags&IFA_F_TENTATIVE))
ipv6_ifa_notify(0, ift); ipv6_ifa_notify(0, ift);
...@@ -2025,9 +2050,11 @@ void addrconf_prefix_rcv(struct net_device *dev, u8 *opt, int len) ...@@ -2025,9 +2050,11 @@ void addrconf_prefix_rcv(struct net_device *dev, u8 *opt, int len)
if ((create || list_empty(&in6_dev->tempaddr_list)) && in6_dev->cnf.use_tempaddr > 0) { if ((create || list_empty(&in6_dev->tempaddr_list)) && in6_dev->cnf.use_tempaddr > 0) {
/* /*
* When a new public address is created as described in [ADDRCONF], * When a new public address is created as
* also create a new temporary address. Also create a temporary * described in [ADDRCONF], also create a new
* address if it's enabled but no temporary address currently exists. * temporary address. Also create a temporary
* address if it's enabled but no temporary
* address currently exists.
*/ */
read_unlock_bh(&in6_dev->lock); read_unlock_bh(&in6_dev->lock);
ipv6_create_tempaddr(ifp, NULL); ipv6_create_tempaddr(ifp, NULL);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment