[PATCH] ipv6 addrconf: source address selection, Rule 7: Prefer temporary addresses (RFC 6724)

[PATCH] ipv6 addrconf: source address selection, Rule 7: Prefer temporary addresses (RFC 6724)

[fx.lebail]

The RFC 6724 change the default recommendation for source address selection
Rule 7 to prefer temporary addresses rather than public addresses,
while providing an administrative override.

The administrative override is based on the prefer_src_public sysctl.

Signed-off-by: Francois-Xavier Le Bail <fx.lebail@yahoo.com>
---
diff --git a/Documentation/networking/ip-sysctl.txt b/Documentation/networking/ip-sysctl.txt
index 3c12d9a..0f7ecaa 100644
--- a/Documentation/networking/ip-sysctl.txt
+++ b/Documentation/networking/ip-sysctl.txt
@@ -1256,13 +1256,15 @@ router_solicitations - INTEGER
 use_tempaddr - INTEGER
 	Preference for Privacy Extensions (RFC3041).
 	  <= 0 : disable Privacy Extensions
-	  == 1 : enable Privacy Extensions, but prefer public
-	         addresses over temporary addresses.
-	  >  1 : enable Privacy Extensions and prefer temporary
-	         addresses over public addresses.
+	  >= 1 : enable Privacy Extensions and prefer temporary
+	         addresses over public addresses (RFC 6724).
 	Default:  0 (for most devices)
 		 -1 (for point-to-point devices and loopback devices)
 
+prefer_src_public - BOOLEAN
+	Prefer public addresses over temporary addresses.
+	Default: FALSE
+
 temp_valid_lft - INTEGER
 	valid lifetime (in seconds) for temporary addresses.
 	Default: 604800 (7 days)
diff --git a/include/linux/ipv6.h b/include/linux/ipv6.h
index 5d89d1b..c90a1e6 100644
--- a/include/linux/ipv6.h
+++ b/include/linux/ipv6.h
@@ -49,6 +49,7 @@ struct ipv6_devconf {
 	__s32		force_tllao;
 	__s32           ndisc_notify;
 	__s32		suppress_frag_ndisc;
+	__s32		prefer_src_public;
 	void		*sysctl;
 };
 
diff --git a/include/uapi/linux/ipv6.h b/include/uapi/linux/ipv6.h
index 593b0e3..37dabcc 100644
--- a/include/uapi/linux/ipv6.h
+++ b/include/uapi/linux/ipv6.h
@@ -163,6 +163,7 @@ enum {
 	DEVCONF_MLDV1_UNSOLICITED_REPORT_INTERVAL,
 	DEVCONF_MLDV2_UNSOLICITED_REPORT_INTERVAL,
 	DEVCONF_SUPPRESS_FRAG_NDISC,
+	DEVCONF_PREFER_SRC_PUBLIC,
 	DEVCONF_MAX
 };
 
diff --git a/include/uapi/linux/sysctl.h b/include/uapi/linux/sysctl.h
index 6d67213..0034b48 100644
--- a/include/uapi/linux/sysctl.h
+++ b/include/uapi/linux/sysctl.h
@@ -568,6 +568,7 @@ enum {
 	NET_IPV6_ACCEPT_RA_RT_INFO_MAX_PLEN=22,
 	NET_IPV6_PROXY_NDP=23,
 	NET_IPV6_ACCEPT_SOURCE_ROUTE=25,
+	NET_IPV6_PREFER_SRC_PUBLIC = 26,
 	__NET_IPV6_MAX
 };
 
diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index 12c97d8..b0127cd 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -197,6 +197,7 @@ static struct ipv6_devconf ipv6_devconf __read_mostly = {
 	.disable_ipv6		= 0,
 	.accept_dad		= 1,
 	.suppress_frag_ndisc	= 1,
+	.prefer_src_public	= 0,
 };
 
 static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = {
@@ -233,6 +234,7 @@ static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = {
 	.disable_ipv6		= 0,
 	.accept_dad		= 1,
 	.suppress_frag_ndisc	= 1,
+	.prefer_src_public	= 0,
 };
 
 /* Check if a valid qdisc is available */
@@ -1245,12 +1247,14 @@ static int ipv6_get_saddr_eval(struct net *net,
 		break;
 	case IPV6_SADDR_RULE_PRIVACY:
 	    {
-		/* Rule 7: Prefer public address
-		 * Note: prefer temporary address if use_tempaddr >= 2
+		/* Rule 7: Prefer temporary addresses (updated in RFC 6724)
+		 * Note: test on use_tempaddr >= 1 to avoid changing previous
+		 * behaviour using > 1 value for the same purpose
 		 */
 		int preftmp = dst->prefs & (IPV6_PREFER_SRC_PUBLIC|IPV6_PREFER_SRC_TMP) ?
 				!!(dst->prefs & IPV6_PREFER_SRC_TMP) :
-				score->ifa->idev->cnf.use_tempaddr >= 2;
+				score->ifa->idev->cnf.use_tempaddr >= 1 &&
+				!score->ifa->idev->cnf.prefer_src_public;
 		ret = (!(score->ifa->flags & IFA_F_TEMPORARY)) ^ preftmp;
 		break;
 	    }
@@ -4120,6 +4124,7 @@ static inline void ipv6_store_devconf(struct ipv6_devconf *cnf,
 	array[DEVCONF_FORCE_TLLAO] = cnf->force_tllao;
 	array[DEVCONF_NDISC_NOTIFY] = cnf->ndisc_notify;
 	array[DEVCONF_SUPPRESS_FRAG_NDISC] = cnf->suppress_frag_ndisc;
+	array[DEVCONF_PREFER_SRC_PUBLIC] = cnf->prefer_src_public;
 }
 
 static inline size_t inet6_ifla6_size(void)
@@ -4939,6 +4944,13 @@ static struct addrconf_sysctl_table
 			.proc_handler	= proc_dointvec
 		},
 		{
+			.procname	= "prefer_src_public",
+			.data		= &ipv6_devconf.prefer_src_public,
+			.maxlen		= sizeof(int),
+			.mode		= 0644,
+			.proc_handler	= proc_dointvec,
+		},
+		{
 			/* sentinel */
 		}
 	},

Re: [PATCH] ipv6 addrconf: source address selection, Rule 7: Prefer temporary addresses (RFC 6724)

[Hannes Frederic Sowa]

[Added Jiri and Dan]

On Mon, Nov 25, 2013 at 05:16:45PM +0100, fx.lebail@yahoo.com wrote:
> The RFC 6724 change the default recommendation for source address selection
> Rule 7 to prefer temporary addresses rather than public addresses,
> while providing an administrative override.
> 
> The administrative override is based on the prefer_src_public sysctl.

I like the idea and it could be useful in addition to the new
IFA_F_MANAGETEMPADDR flag which should show up any time soon.

With IFA_F_MANAGETEMPADDR iproute/netlink could add a public address
and indicate the kernel it should also generate a new temporary address
without touching the use_tempaddr knob. So there is no possiblity to
change the priority of public and temporary addresses any more. This
patch could restore that.

A netconf API for this would be nice, too.

Jiri, Dan do you agree?

Greetings,

  Hannes

Re: [PATCH] ipv6 addrconf: source address selection, Rule 7: Prefer temporary addresses (RFC 6724)

[Florent Fourcot]

>> The RFC 6724 change the default recommendation for source address selection
>> Rule 7 to prefer temporary addresses rather than public addresses,
>> while providing an administrative override.
>>
>> The administrative override is based on the prefer_src_public sysctl.
> 
> I like the idea and it could be useful in addition to the new
> IFA_F_MANAGETEMPADDR flag which should show up any time soon.
> 

I like the principle of the idea too, but is it acceptable to break the
user space compatibility?
If the patch is accepted, someone with the value "1" in use_tempaddr
will have a big surprise with a newer kernel  (I do not see any use case
to set this option to 1, but maybe...).

Regards,

Florent.

Re: [PATCH] ipv6 addrconf: source address selection, Rule 7: Prefer temporary addresses (RFC 6724)

[Hannes Frederic Sowa]

On Tue, Nov 26, 2013 at 06:58:19PM +0100, Florent Fourcot wrote:
> >> The RFC 6724 change the default recommendation for source address selection
> >> Rule 7 to prefer temporary addresses rather than public addresses,
> >> while providing an administrative override.
> >>
> >> The administrative override is based on the prefer_src_public sysctl.
> > 
> > I like the idea and it could be useful in addition to the new
> > IFA_F_MANAGETEMPADDR flag which should show up any time soon.
> > 
> 
> I like the principle of the idea too, but is it acceptable to break the
> user space compatibility?
> If the patch is accepted, someone with the value "1" in use_tempaddr
> will have a big surprise with a newer kernel  (I do not see any use case
> to set this option to 1, but maybe...).

Yeah, I thought about that, too. But as new kernels would ship with a default
policy of prefer those temporary addresses I thought it would be ok.

Re: [PATCH] ipv6 addrconf: source address selection, Rule 7: Prefer temporary addresses (RFC 6724)

[David Miller]

From: fx.lebail@yahoo.com
Date: Mon, 25 Nov 2013 17:16:45 +0100

> The RFC 6724 change the default recommendation for source address selection
> Rule 7 to prefer temporary addresses rather than public addresses,
> while providing an administrative override.
> 
> The administrative override is based on the prefer_src_public sysctl.
> 
> Signed-off-by: Francois-Xavier Le Bail <fx.lebail@yahoo.com>

I think we need to preserve existing behavior, but this patch does not
do that.

Sorry, I can't apply this.

If someone was depending upon the old preferencing in some way, we will
break communications for them, and that really isn't acceptable.

It's really ill advised for the RFC folks to create situations like
this, where implementations have to choose between following the
updated RFC to the letter and keeping existing setups working.

Re: [PATCH] ipv6 addrconf: source address selection, Rule 7: Prefer temporary addresses (RFC 6724)

[François-Xavier Le Bail]

> On Monday, December 2, 2013 2:25 AM, David Miller <davem@davemloft.net> wrote:

>> From: fx.lebail@yahoo.com
>> Date: Mon, 25 Nov 2013 17:16:45 +0100
>>  The RFC 6724 change the default recommendation for source address selection
>>  Rule 7 to prefer temporary addresses rather than public addresses,
>>  while providing an administrative override.
>>
>>  The administrative override is based on the prefer_src_public sysctl.
>>
>>  Signed-off-by: Francois-Xavier Le Bail <fx.lebail@yahoo.com>
>
> I think we need to preserve existing behavior, but this patch does not
> do that.
>
> Sorry, I can't apply this.
>
> If someone was depending upon the old preferencing in some way, we will
> break communications for them, and that really isn't acceptable.
>
> It's really ill advised for the RFC folks to create situations like
> this, where implementations have to choose between following the
> updated RFC to the letter and keeping existing setups working.

The change is explained here: http://tools.ietf.org/html/rfc6724#appendix-B

“ This change was made because of the increasing
  importance of privacy considerations, as well as the fact that
  widely deployed implementations have preferred temporary
  addresses for many years without major application issues.”