Re: [REGRESSION] net/ipv6/addrconf: Temporary addresses with short lifetimes generating when they shouldn't, causing applications to fail
From: Dan Moulding
Date: Sat Dec 23 2023 - 10:22:50 EST
> Sorry for the unintended consequences, and thank you for the detailed
> explanation. Does this patch fix the problem for you?
Thanks. I think this patch may resolve the application-level issues
I'm seeing.
However, it looks to me like this would still violate the RFC. The
temoporary address' preferred liftime must be lower than /both/ the
preferred lifetime of the public address and TEMP_PREFERRED_LIFETIME -
DESYNC_FACTOR.
These two existing lines ensure that it will meet the requirement:
cfg.preferred_lft = cnf_temp_preferred_lft + age - idev->desync_factor;
cfg.preferred_lft = min_t(__u32, ifp->prefered_lft, cfg.preferred_lft);
Once that has been computed, cfg.preferred_lft is already at its
maximum allowed value. There is no case where the RFC allows
increasing that value after doing that computation.
I think the safest thing to do is revert this change, and try to find
some other way to achieve the goal of preventing the user from
administratively setting a preferred lifetime that prevents temporary
addresses from being generated, when the user wants to use the privacy
extensions. For example, this could be done where administratively
configured values are accepted (wherever that is), and either generate
a warning or reject the change, if the value provided by the user is
lower than REGEN_ADVANCE.
-- Dan