From: Hideaki Yoshifuji <hideaki.yoshifuji@miraclelinux.com>
To: Dmytro Shytyi <dmytro@shytyi.net>
Cc: kuba <kuba@kernel.org>, kuznet <kuznet@ms2.inr.ac.ru>,
yoshfuji <yoshfuji@linux-ipv6.org>,
liuhangbin <liuhangbin@gmail.com>, davem <davem@davemloft.net>,
netdev <netdev@vger.kernel.org>,
linux-kernel <linux-kernel@vger.kernel.org>,
Hideaki Yoshifuji <hideaki.yoshifuji@miraclelinux.com>
Subject: Re: [PATCH net-next V4] net: Variable SLAAC: SLAAC with prefixes of arbitrary length in PIO
Date: Fri, 13 Nov 2020 21:38:02 +0900 [thread overview]
Message-ID: <CAPA1RqC+wgi+fQ4A3GiwnLpGZ=5PfDF7kZUKkoYyXA2FN+4oyw@mail.gmail.com> (raw)
In-Reply-To: <175bf515624.c67e02e8130655.7824060160954233592@shytyi.net>
Hi,
2020年11月13日(金) 10:57 Dmytro Shytyi <dmytro@shytyi.net>:
>
> Variable SLAAC: SLAAC with prefixes of arbitrary length in PIO (randomly
> generated hostID or stable privacy + privacy extensions).
> The main problem is that SLAAC RA or PD allocates a /64 by the Wireless
> carrier 4G, 5G to a mobile hotspot, however segmentation of the /64 via
> SLAAC is required so that downstream interfaces can be further subnetted.
> Example: uCPE device (4G + WI-FI enabled) receives /64 via Wireless, and
> assigns /72 to VNF-Firewall, /72 to WIFI, /72 to VNF-Router, /72 to
> Load-Balancer and /72 to wired connected devices.
> IETF document that defines problem statement:
> draft-mishra-v6ops-variable-slaac-problem-stmt
> IETF document that specifies variable slaac:
> draft-mishra-6man-variable-slaac
>
> Signed-off-by: Dmytro Shytyi <dmytro@shytyi.net>
> ---
> diff -rupN net-next-5.10.0-rc2/net/ipv6/addrconf.c net-next-patch-5.10.0-rc2/net/ipv6/addrconf.c
> --- net-next-5.10.0-rc2/net/ipv6/addrconf.c 2020-11-10 08:46:01.075193379 +0100
> +++ net-next-patch-5.10.0-rc2/net/ipv6/addrconf.c 2020-11-13 02:30:25.552724864 +0100
> @@ -1315,10 +1322,14 @@ static int ipv6_create_tempaddr(struct i
> struct ifa6_config cfg;
> long max_desync_factor;
> struct in6_addr addr;
> - int ret = 0;
> + int ret;
> + struct in6_addr net_mask;
> + struct in6_addr temp;
> + struct in6_addr ipv6addr;
> + int i;
>
> write_lock_bh(&idev->lock);
> -
> + ret = 0;
> retry:
> in6_dev_hold(idev);
> if (idev->cnf.use_tempaddr <= 0) {
> @@ -1340,9 +1351,26 @@ retry:
> goto out;
> }
> in6_ifa_hold(ifp);
> - memcpy(addr.s6_addr, ifp->addr.s6_addr, 8);
> - ipv6_gen_rnd_iid(&addr);
>
> + if (ifp->prefix_len == 64) {
> + memcpy(addr.s6_addr, ifp->addr.s6_addr, 8);
> + ipv6_gen_rnd_iid(&addr);
> + } else if (ifp->prefix_len > 0 && ifp->prefix_len <= 128) {
> + memcpy(addr.s6_addr32, ifp->addr.s6_addr, 16);
> + get_random_bytes(temp.s6_addr32, 16);
> +
> + /* tranfrom prefix len into mask */
> + ipv6_plen_to_mask(ifp->prefix_len, &net_mask);
> +
> + for (i = 0; i < 4; i++) {
> + /* network prefix */
> + ipv6addr.s6_addr32[i] = addr.s6_addr32[i] & net_mask.s6_addr32[i];
> + /* host id */
> + ipv6addr.s6_addr32[i] |= temp.s6_addr32[i] & ~net_mask.s6_addr32[i];
> + }
> +
> + memcpy(addr.s6_addr, ipv6addr.s6_addr32, 16);
>
ipv6_addr_copy() and then ipv6_addr_prefix_copy()
+ }
> age = (now - ifp->tstamp) / HZ;
>
> regen_advance = idev->cnf.regen_max_retry *
> @@ -2576,9 +2604,57 @@ int addrconf_prefix_rcv_add_addr(struct
> u32 addr_flags, bool sllao, bool tokenized,
> __u32 valid_lft, u32 prefered_lft)
> {
> - struct inet6_ifaddr *ifp = ipv6_get_ifaddr(net, addr, dev, 1);
> + struct inet6_ifaddr *ifp = NULL;
> int create = 0;
>
> + if ((in6_dev->if_flags & IF_RA_VAR_PLEN) == IF_RA_VAR_PLEN &&
> + in6_dev->cnf.addr_gen_mode != IN6_ADDR_GEN_MODE_STABLE_PRIVACY) {
> + struct inet6_ifaddr *result = NULL;
> + struct inet6_ifaddr *result_base = NULL;
> + struct in6_addr net_mask;
> + struct in6_addr net_prfx;
> + struct in6_addr curr_net_prfx;
> + bool prfxs_equal;
> + int i;
> +
> + result_base = result;
> + rcu_read_lock();
> + list_for_each_entry_rcu(ifp, &in6_dev->addr_list, if_list) {
> + if (!net_eq(dev_net(ifp->idev->dev), net))
> + continue;
> +
> + /* tranfrom prefix len into mask */
> + ipv6_plen_to_mask(pinfo->prefix_len, &net_mask);
> + /* Prepare network prefixes */
> + for (i = 0; i < 4; i++) {
> + /* Received/new network prefix */
> + net_prfx.s6_addr32[i] =
> + pinfo->prefix.s6_addr32[i] & net_mask.s6_addr32[i];
> + /* Configured/old IPv6 prefix */
> + curr_net_prfx.s6_addr32[i] =
> + ifp->addr.s6_addr32[i] & net_mask.s6_addr32[i];
> + }
> + /* Compare network prefixes */
> + prfxs_equal = 1;
> + for (i = 0; i < 4; i++) {
> + if ((net_prfx.s6_addr32[i] ^ curr_net_prfx.s6_addr32[i]) != 0)
> + prfxs_equal = 0;
> + }
ipv6_prefix_equal()
> + if (prfxs_equal && pinfo->prefix_len == ifp->prefix_len) {
> + result = ifp;
> + in6_ifa_hold(ifp);
> + break;
> + }
> + }
> + rcu_read_unlock();
> + if (result_base != result)
> + ifp = result;
> + else
> + ifp = NULL;
> + } else {
> + ifp = ipv6_get_ifaddr(net, addr, dev, 1);
> + }
> +
> if (!ifp && valid_lft) {
> int max_addresses = in6_dev->cnf.max_addresses;
> struct ifa6_config cfg = {
> @@ -2781,9 +2857,35 @@ void addrconf_prefix_rcv(struct net_devi
> dev_addr_generated = true;
> }
> goto ok;
> + goto put;
> + } else if (((in6_dev->if_flags & IF_RA_VAR_PLEN) == IF_RA_VAR_PLEN) &&
> + pinfo->prefix_len > 0 && pinfo->prefix_len <= 128) {
> + /* SLAAC with prefixes of arbitrary length (Variable SLAAC).
> + * draft-mishra-6man-variable-slaac
> + * draft-mishra-v6ops-variable-slaac-problem-stmt
> + * Contact: Dmytro Shytyi.
> + */
> + memcpy(&addr, &pinfo->prefix, 16);
> + if (in6_dev->cnf.addr_gen_mode == IN6_ADDR_GEN_MODE_STABLE_PRIVACY) {
> + if (!ipv6_generate_address_variable_plen(&addr,
> + 0,
> + in6_dev,
> + pinfo->prefix_len,
> + true)) {
> + addr_flags |= IFA_F_STABLE_PRIVACY;
> + goto ok;
> + }
> + } else if (!ipv6_generate_address_variable_plen(&addr,
> + 0,
> + in6_dev,
> + pinfo->prefix_len,
> + false)) {
> + goto ok;
> + }
> + } else {
> + net_dbg_ratelimited("IPv6: Prefix with unexpected length %d\n",
> + pinfo->prefix_len);
> }
> - net_dbg_ratelimited("IPv6 addrconf: prefix with wrong length %d\n",
> - pinfo->prefix_len);
> goto put;
>
> ok:
> @@ -3264,6 +3366,118 @@ retry:
> return 0;
> }
>
> +static void ipv6_plen_to_mask(int plen, struct in6_addr *net_mask)
> +{
> + int i, plen_bytes;
> + char bit_array[7] = {0b10000000,
> + 0b11000000,
> + 0b11100000,
> + 0b11110000,
> + 0b11111000,
> + 0b11111100,
> + 0b11111110};
> +
> + if (plen <= 0 || plen > 128)
> + pr_err("Unexpected plen: %d", plen);
> +
> + memset(net_mask, 0x00, sizeof(*net_mask));
> +
> + /* We set all bits == 1 of s6_addr[i] */
> + plen_bytes = plen / 8;
> + for (i = 0; i < plen_bytes; i++)
> + net_mask->s6_addr[i] = 0xff;
> +
> + /* We add bits from the bit_array to
> + * netmask starting from plen_bytes position
> + */
> + if (plen % 8)
> + net_mask->s6_addr[plen_bytes] = bit_array[(plen % 8) - 1];
> + memcpy(net_mask->s6_addr32, net_mask->s6_addr, 16);
> +}
I don't think we need this function.
If needed, we could introduce ipv6_addr_host() (like ipv6_addr_prefix())
in include/net/ipv6.h.
next prev parent reply other threads:[~2020-11-13 12:38 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <175b25d0c79.f8ce5734515834.1635475016968827598@shytyi.net>
2020-11-10 17:45 ` [PATCH net-next] net: Variable SLAAC: SLAAC with prefixes of arbitrary length in PIO Dmytro Shytyi
2020-11-11 1:34 ` kernel test robot
2020-11-11 20:37 ` [PATCH net-next V2] " Dmytro Shytyi
2020-11-12 15:44 ` [PATCH net-next V3] " Dmytro Shytyi
2020-11-12 16:55 ` Hideaki Yoshifuji
2020-11-13 1:50 ` Dmytro Shytyi
2020-11-13 0:21 ` Jakub Kicinski
2020-11-13 1:50 ` Dmytro Shytyi
2020-11-13 1:56 ` [PATCH net-next V4] " Dmytro Shytyi
2020-11-13 12:38 ` Hideaki Yoshifuji [this message]
2020-11-13 19:09 ` Dmytro Shytyi
2020-11-13 19:36 ` [PATCH net-next V5] " Dmytro Shytyi
2020-11-17 20:43 ` Jakub Kicinski
2020-11-18 13:41 ` Dmytro Shytyi
2020-11-18 15:50 ` Jakub Kicinski
2020-11-18 15:56 ` Dmytro Shytyi
2020-11-19 13:37 ` [PATCH net-next V6] " Dmytro Shytyi
2020-11-19 18:44 ` Jakub Kicinski
2020-11-19 19:31 ` Dmytro Shytyi
2020-11-20 1:20 ` Jakub Kicinski
2020-11-20 9:26 ` [PATCH net-next V7] " Dmytro Shytyi
2020-11-23 13:26 ` Hideaki Yoshifuji
2020-11-27 16:54 ` Dmytro Shytyi
2020-12-09 3:27 ` [PATCH net-next V8] " Dmytro Shytyi
2020-12-16 0:00 ` David Miller
2020-12-16 14:01 ` Dmytro Shytyi
2020-12-16 17:28 ` Jakub Kicinski
2020-12-16 21:56 ` Dmytro Shytyi
2020-12-16 22:01 ` [PATCH net-next V9] " Dmytro Shytyi
2020-12-19 2:03 ` Jakub Kicinski
2020-12-19 2:40 ` Maciej Żenczykowski
2021-07-12 13:39 ` Dmytro Shytyi
2021-07-12 16:42 ` Dmytro Shytyi
2021-07-12 17:51 ` Erik Kline
2021-07-13 18:47 ` Dmytro Shytyi
2021-07-10 19:24 ` Dmytro Shytyi
2021-07-12 13:23 ` Dmytro Shytyi
2021-10-13 23:03 ` [PATCH net-next V10] " Dmytro Shytyi
2021-10-13 23:20 ` Dmytro Shytyi
2021-10-14 18:26 ` Erik Kline
2021-10-14 21:36 ` Dmytro Shytyi
2021-10-14 13:20 ` kernel test robot
2020-11-13 0:24 ` [PATCH net-next] " Jakub Kicinski
2020-11-13 0:32 ` [kbuild-all] " Li, Philip
2020-11-13 0:51 ` Jakub Kicinski
2020-11-13 1:01 ` Li, Philip
2020-11-13 1:43 ` Dave Hansen
2020-11-13 1:53 ` Jakub Kicinski
2020-11-13 2:01 ` Dave Hansen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAPA1RqC+wgi+fQ4A3GiwnLpGZ=5PfDF7kZUKkoYyXA2FN+4oyw@mail.gmail.com' \
--to=hideaki.yoshifuji@miraclelinux.com \
--cc=davem@davemloft.net \
--cc=dmytro@shytyi.net \
--cc=kuba@kernel.org \
--cc=kuznet@ms2.inr.ac.ru \
--cc=linux-kernel@vger.kernel.org \
--cc=liuhangbin@gmail.com \
--cc=netdev@vger.kernel.org \
--cc=yoshfuji@linux-ipv6.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).