From 068ddeb3d9c0f09a920447857fb1ed665c2af4f2 Mon Sep 17 00:00:00 2001 From: Denis Kirjanov Date: May 10 2023 13:25:44 +0000 Subject: net: ipv6: send NS for DAD when link operationally up (git-fixes). --- diff --git a/patches.suse/net-ipv6-send-NS-for-DAD-when-link-operationally-up.patch b/patches.suse/net-ipv6-send-NS-for-DAD-when-link-operationally-up.patch new file mode 100644 index 0000000..245820a --- /dev/null +++ b/patches.suse/net-ipv6-send-NS-for-DAD-when-link-operationally-up.patch @@ -0,0 +1,75 @@ +From 1ade0662e2dc7c31c701e384a0d6da0971e235a8 Mon Sep 17 00:00:00 2001 +From: Mike Manning +Date: Mon, 25 Sep 2017 22:01:36 +0100 +Subject: [PATCH 1/7] net: ipv6: send NS for DAD when link operationally up +Git-commit: 1f372c7bfb23286d2bf4ce0423ab488e86b74bb2 +Patch-mainline: 4.15-rc1 +References: git-fixes + +The NS for DAD are sent on admin up as long as a valid qdisc is found. +A race condition exists by which these packets will not egress the +interface if the operational state of the lower device is not yet up. +The solution is to delay DAD until the link is operationally up +according to RFC2863. Rather than only doing this, follow the existing +code checks by deferring IPv6 device initialization altogether. The fix +allows DAD on devices like tunnels that are controlled by userspace +control plane. The fix has no impact on regular deployments, but means +that there is no IPv6 connectivity until the port has been opened in +the case of port-based network access control, which should be +desirable. + +Signed-off-by: Mike Manning +Signed-off-by: David S. Miller +Signed-off-by: Denis Kirjanov +--- + net/ipv6/addrconf.c | 12 ++++++------ + 1 file changed, 6 insertions(+), 6 deletions(-) + +diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c +index fc7dae23c492..67ddc0d22609 100644 +--- a/net/ipv6/addrconf.c ++++ b/net/ipv6/addrconf.c +@@ -304,10 +304,10 @@ static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = { + .disable_policy = 0, + }; + +-/* Check if a valid qdisc is available */ +-static inline bool addrconf_qdisc_ok(const struct net_device *dev) ++/* Check if link is ready: is it up and is a valid qdisc available */ ++static inline bool addrconf_link_ready(const struct net_device *dev) + { +- return !qdisc_tx_is_noop(dev); ++ return netif_oper_up(dev) && !qdisc_tx_is_noop(dev); + } + + static void addrconf_del_rs_timer(struct inet6_dev *idev) +@@ -450,7 +450,7 @@ static struct inet6_dev *ipv6_add_dev(struct net_device *dev) + + ndev->token = in6addr_any; + +- if (netif_running(dev) && addrconf_qdisc_ok(dev)) ++ if (netif_running(dev) && addrconf_link_ready(dev)) + ndev->if_flags |= IF_READY; + + ipv6_mc_init_dev(ndev); +@@ -3482,7 +3482,7 @@ static int addrconf_notify(struct notifier_block *this, unsigned long event, + /* restore routes for permanent addresses */ + addrconf_permanent_addr(dev); + +- if (!addrconf_qdisc_ok(dev)) { ++ if (!addrconf_link_ready(dev)) { + /* device is not ready yet. */ + pr_info("ADDRCONF(NETDEV_UP): %s: link is not ready\n", + dev->name); +@@ -3497,7 +3497,7 @@ static int addrconf_notify(struct notifier_block *this, unsigned long event, + run_pending = 1; + } + } else if (event == NETDEV_CHANGE) { +- if (!addrconf_qdisc_ok(dev)) { ++ if (!addrconf_link_ready(dev)) { + /* device is still not ready. */ + break; + } +-- +2.16.4 + diff --git a/series.conf b/series.conf index e72022b..2e5a5db 100644 --- a/series.conf +++ b/series.conf @@ -13442,6 +13442,7 @@ patches.suse/bpf-libbpf-Provide-basic-API-support-to-specify-BPF-.patch patches.suse/bpf-Swap-the-order-of-checking-prog_info-and-map_inf.patch patches.suse/bpf-Test-new-fields-in-bpf_attr-and-bpf_-prog-map-_i.patch + patches.suse/net-ipv6-send-NS-for-DAD-when-link-operationally-up.patch patches.suse/i40e-i40evf-rename-bytes_per_int-to-bytes_per_usec.patch patches.suse/i40e-Fix-unqualified-module-message-while-bringing-l.patch patches.suse/i40e-Fix-link-down-message-when-interface-is-brought.patch