Reapply "net: change accept_ra_min_rtr_lft to affect all RA lifetimes"
This reverts commit 935ac73a69.
Bug: 320243175
Change-Id: If51722d74fe9b326d69c96c0cdfca43db6e33b93
Signed-off-by: Carlos Llamas <cmllamas@google.com>
This commit is contained in:
Carlos Llamas
committed by
Treehugger Robot
Treehugger Robot
parent
d4c4255fb4
commit
a4508eb552
@@ -1902,11 +1902,11 @@ accept_ra_min_hop_limit - INTEGER
|
|||||||
|
|
||||||
Default: 1
|
Default: 1
|
||||||
|
|
||||||
accept_ra_min_rtr_lft - INTEGER
|
accept_ra_min_lft - INTEGER
|
||||||
Minimum acceptable router lifetime in Router Advertisement.
|
Minimum acceptable lifetime value in Router Advertisement.
|
||||||
|
|
||||||
RAs with a router lifetime less than this value shall be
|
RA sections with a lifetime less than this value shall be
|
||||||
ignored. RAs with a router lifetime of 0 are unaffected.
|
ignored. Zero lifetimes stay unaffected.
|
||||||
|
|
||||||
Default: 0
|
Default: 0
|
||||||
|
|
||||||
|
|||||||
@@ -33,7 +33,7 @@ struct ipv6_devconf {
|
|||||||
__s32 max_addresses;
|
__s32 max_addresses;
|
||||||
__s32 accept_ra_defrtr;
|
__s32 accept_ra_defrtr;
|
||||||
__s32 accept_ra_min_hop_limit;
|
__s32 accept_ra_min_hop_limit;
|
||||||
__s32 accept_ra_min_rtr_lft;
|
__s32 accept_ra_min_lft;
|
||||||
__s32 accept_ra_pinfo;
|
__s32 accept_ra_pinfo;
|
||||||
__s32 ignore_routes_with_linkdown;
|
__s32 ignore_routes_with_linkdown;
|
||||||
#ifdef CONFIG_IPV6_ROUTER_PREF
|
#ifdef CONFIG_IPV6_ROUTER_PREF
|
||||||
|
|||||||
@@ -202,7 +202,7 @@ enum {
|
|||||||
DEVCONF_IOAM6_ID_WIDE,
|
DEVCONF_IOAM6_ID_WIDE,
|
||||||
DEVCONF_NDISC_EVICT_NOCARRIER,
|
DEVCONF_NDISC_EVICT_NOCARRIER,
|
||||||
DEVCONF_ACCEPT_UNTRACKED_NA,
|
DEVCONF_ACCEPT_UNTRACKED_NA,
|
||||||
DEVCONF_ACCEPT_RA_MIN_RTR_LFT,
|
DEVCONF_ACCEPT_RA_MIN_LFT,
|
||||||
DEVCONF_MAX
|
DEVCONF_MAX
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|||||||
@@ -209,7 +209,7 @@ static struct ipv6_devconf ipv6_devconf __read_mostly = {
|
|||||||
.accept_ra_defrtr = 1,
|
.accept_ra_defrtr = 1,
|
||||||
.accept_ra_from_local = 0,
|
.accept_ra_from_local = 0,
|
||||||
.accept_ra_min_hop_limit= 1,
|
.accept_ra_min_hop_limit= 1,
|
||||||
.accept_ra_min_rtr_lft = 0,
|
.accept_ra_min_lft = 0,
|
||||||
.accept_ra_pinfo = 1,
|
.accept_ra_pinfo = 1,
|
||||||
#ifdef CONFIG_IPV6_ROUTER_PREF
|
#ifdef CONFIG_IPV6_ROUTER_PREF
|
||||||
.accept_ra_rtr_pref = 1,
|
.accept_ra_rtr_pref = 1,
|
||||||
@@ -266,7 +266,7 @@ static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = {
|
|||||||
.accept_ra_defrtr = 1,
|
.accept_ra_defrtr = 1,
|
||||||
.accept_ra_from_local = 0,
|
.accept_ra_from_local = 0,
|
||||||
.accept_ra_min_hop_limit= 1,
|
.accept_ra_min_hop_limit= 1,
|
||||||
.accept_ra_min_rtr_lft = 0,
|
.accept_ra_min_lft = 0,
|
||||||
.accept_ra_pinfo = 1,
|
.accept_ra_pinfo = 1,
|
||||||
#ifdef CONFIG_IPV6_ROUTER_PREF
|
#ifdef CONFIG_IPV6_ROUTER_PREF
|
||||||
.accept_ra_rtr_pref = 1,
|
.accept_ra_rtr_pref = 1,
|
||||||
@@ -2750,6 +2750,9 @@ void addrconf_prefix_rcv(struct net_device *dev, u8 *opt, int len, bool sllao)
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (valid_lft != 0 && valid_lft < in6_dev->cnf.accept_ra_min_lft)
|
||||||
|
return;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Two things going on here:
|
* Two things going on here:
|
||||||
* 1) Add routes for on-link prefixes
|
* 1) Add routes for on-link prefixes
|
||||||
@@ -5590,7 +5593,7 @@ static inline void ipv6_store_devconf(struct ipv6_devconf *cnf,
|
|||||||
array[DEVCONF_DISABLE_POLICY] = cnf->disable_policy;
|
array[DEVCONF_DISABLE_POLICY] = cnf->disable_policy;
|
||||||
array[DEVCONF_NDISC_TCLASS] = cnf->ndisc_tclass;
|
array[DEVCONF_NDISC_TCLASS] = cnf->ndisc_tclass;
|
||||||
array[DEVCONF_RPL_SEG_ENABLED] = cnf->rpl_seg_enabled;
|
array[DEVCONF_RPL_SEG_ENABLED] = cnf->rpl_seg_enabled;
|
||||||
array[DEVCONF_ACCEPT_RA_MIN_RTR_LFT] = cnf->accept_ra_min_rtr_lft;
|
array[DEVCONF_ACCEPT_RA_MIN_LFT] = cnf->accept_ra_min_lft;
|
||||||
}
|
}
|
||||||
|
|
||||||
static inline size_t inet6_ifla6_size(void)
|
static inline size_t inet6_ifla6_size(void)
|
||||||
@@ -6745,8 +6748,8 @@ static const struct ctl_table addrconf_sysctl[] = {
|
|||||||
.proc_handler = proc_dointvec,
|
.proc_handler = proc_dointvec,
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
.procname = "accept_ra_min_rtr_lft",
|
.procname = "accept_ra_min_lft",
|
||||||
.data = &ipv6_devconf.accept_ra_min_rtr_lft,
|
.data = &ipv6_devconf.accept_ra_min_lft,
|
||||||
.maxlen = sizeof(int),
|
.maxlen = sizeof(int),
|
||||||
.mode = 0644,
|
.mode = 0644,
|
||||||
.proc_handler = proc_dointvec,
|
.proc_handler = proc_dointvec,
|
||||||
|
|||||||
@@ -1222,8 +1222,6 @@ static void ndisc_router_discovery(struct sk_buff *skb)
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
|
|
||||||
|
|
||||||
if (!ipv6_accept_ra(in6_dev)) {
|
if (!ipv6_accept_ra(in6_dev)) {
|
||||||
ND_PRINTK(2, info,
|
ND_PRINTK(2, info,
|
||||||
"RA: %s, did not accept ra for dev: %s\n",
|
"RA: %s, did not accept ra for dev: %s\n",
|
||||||
@@ -1231,13 +1229,6 @@ static void ndisc_router_discovery(struct sk_buff *skb)
|
|||||||
goto skip_linkparms;
|
goto skip_linkparms;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (lifetime != 0 && lifetime < in6_dev->cnf.accept_ra_min_rtr_lft) {
|
|
||||||
ND_PRINTK(2, info,
|
|
||||||
"RA: router lifetime (%ds) is too short: %s\n",
|
|
||||||
lifetime, skb->dev->name);
|
|
||||||
goto skip_linkparms;
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifdef CONFIG_IPV6_NDISC_NODETYPE
|
#ifdef CONFIG_IPV6_NDISC_NODETYPE
|
||||||
/* skip link-specific parameters from interior routers */
|
/* skip link-specific parameters from interior routers */
|
||||||
if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
|
if (skb->ndisc_nodetype == NDISC_NODETYPE_NODEFAULT) {
|
||||||
@@ -1278,6 +1269,14 @@ static void ndisc_router_discovery(struct sk_buff *skb)
|
|||||||
goto skip_defrtr;
|
goto skip_defrtr;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
lifetime = ntohs(ra_msg->icmph.icmp6_rt_lifetime);
|
||||||
|
if (lifetime != 0 && lifetime < in6_dev->cnf.accept_ra_min_lft) {
|
||||||
|
ND_PRINTK(2, info,
|
||||||
|
"RA: router lifetime (%ds) is too short: %s\n",
|
||||||
|
lifetime, skb->dev->name);
|
||||||
|
goto skip_defrtr;
|
||||||
|
}
|
||||||
|
|
||||||
/* Do not accept RA with source-addr found on local machine unless
|
/* Do not accept RA with source-addr found on local machine unless
|
||||||
* accept_ra_from_local is set to true.
|
* accept_ra_from_local is set to true.
|
||||||
*/
|
*/
|
||||||
@@ -1436,13 +1435,6 @@ skip_linkparms:
|
|||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (lifetime != 0 && lifetime < in6_dev->cnf.accept_ra_min_rtr_lft) {
|
|
||||||
ND_PRINTK(2, info,
|
|
||||||
"RA: router lifetime (%ds) is too short: %s\n",
|
|
||||||
lifetime, skb->dev->name);
|
|
||||||
goto out;
|
|
||||||
}
|
|
||||||
|
|
||||||
#ifdef CONFIG_IPV6_ROUTE_INFO
|
#ifdef CONFIG_IPV6_ROUTE_INFO
|
||||||
if (!in6_dev->cnf.accept_ra_from_local &&
|
if (!in6_dev->cnf.accept_ra_from_local &&
|
||||||
ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
|
ipv6_chk_addr(dev_net(in6_dev->dev), &ipv6_hdr(skb)->saddr,
|
||||||
@@ -1467,6 +1459,9 @@ skip_linkparms:
|
|||||||
if (ri->prefix_len == 0 &&
|
if (ri->prefix_len == 0 &&
|
||||||
!in6_dev->cnf.accept_ra_defrtr)
|
!in6_dev->cnf.accept_ra_defrtr)
|
||||||
continue;
|
continue;
|
||||||
|
if (ri->lifetime != 0 &&
|
||||||
|
ntohl(ri->lifetime) < in6_dev->cnf.accept_ra_min_lft)
|
||||||
|
continue;
|
||||||
if (ri->prefix_len < in6_dev->cnf.accept_ra_rt_info_min_plen)
|
if (ri->prefix_len < in6_dev->cnf.accept_ra_rt_info_min_plen)
|
||||||
continue;
|
continue;
|
||||||
if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
|
if (ri->prefix_len > in6_dev->cnf.accept_ra_rt_info_max_plen)
|
||||||
|
|||||||
Reference in New Issue
Block a user