git.ipfire.org Git - thirdparty/systemd.git/commit

author	Dan Streetman <ddstreet@canonical.com>
	Mon, 6 Jan 2020 21:35:28 +0000 (16:35 -0500)
committer	Dan Streetman <ddstreet@canonical.com>
	Thu, 9 Jan 2020 20:19:19 +0000 (15:19 -0500)
commit	4c64965257637c055a9f12e5d1f820bbc72fcf19
tree	b8286a5d1f043173a1a56f498925963d45f9246c	tree \| snapshot
parent	0917a2717810d3c6b5b91e9fb057b2520e3ad733	commit \| diff

network: drop foreign config after addr_gen_mode has been set

Interfaces may come up at any time, even during our initialization of
them, for various reasons; e.g. the kernel will raise VLAN when its
parent is raised; or we will raise an interface if configured with
BindCarrier and its associated interfaces come up.

When LinkLocalAddressing has been disabled for ipv6, we disable
addr_gen_mode in the kernel, so it will not automatically create a
ipv6ll address when the interface is raised. However, we currently
drop all foreign addresses before disabling addr_gen_mode.

If the link has been up for a long time, then its kernel-created ipv6ll
address will be correctly dropped. If the link is down, and stays
down until we raise it after finishing configuration, the addr_gen_mode
setting will be disabled when the interface is raised and the kernel
will not create any ipv6ll address.

However, if the interface is raised after dropping foreign config,
but before we have disabled addr_gen_mode, the kernel will create a
ipv6ll tentative address that will eventually finish DAD and become a
working ipv6ll address, even though we have been configured to disable
ipv6ll.

Moving our call to drop foreign addresses to after we have successfully
set addr_gen_mode closes this window; after we disable addr_gen_mode,
we can safely remove foreign ipv6ll addresses (including tentative ones)
and be sure that the kernel will not create any more.

Fixes: #13882.