Commit 47e27d5e authored by Daniel Borkmann's avatar Daniel Borkmann Committed by David S. Miller

ipv6, token: allow for clearing the current device token

The original tokenized iid support implemented via f53adae4 ("net: ipv6:
add tokenized interface identifier support") didn't allow for clearing a
device token as it was intended that this addressing mode was the only one
active for globally scoped IPv6 addresses. Later we relaxed that restriction
via 617fe29d ("net: ipv6: only invalidate previously tokenized addresses"),
and we should also allow for clearing tokens as there's no good reason why
it shouldn't be allowed.

Fixes: 617fe29d ("net: ipv6: only invalidate previously tokenized addresses")
Reported-by: default avatarRobin H. Johnson <robbat2@gentoo.org>
Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
Cc: Hannes Frederic Sowa <hannes@stressinduktion.org>
Acked-by: default avatarHannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent fafc4e1e
...@@ -4995,15 +4995,13 @@ static int inet6_set_iftoken(struct inet6_dev *idev, struct in6_addr *token) ...@@ -4995,15 +4995,13 @@ static int inet6_set_iftoken(struct inet6_dev *idev, struct in6_addr *token)
{ {
struct inet6_ifaddr *ifp; struct inet6_ifaddr *ifp;
struct net_device *dev = idev->dev; struct net_device *dev = idev->dev;
bool update_rs = false; bool clear_token, update_rs = false;
struct in6_addr ll_addr; struct in6_addr ll_addr;
ASSERT_RTNL(); ASSERT_RTNL();
if (!token) if (!token)
return -EINVAL; return -EINVAL;
if (ipv6_addr_any(token))
return -EINVAL;
if (dev->flags & (IFF_LOOPBACK | IFF_NOARP)) if (dev->flags & (IFF_LOOPBACK | IFF_NOARP))
return -EINVAL; return -EINVAL;
if (!ipv6_accept_ra(idev)) if (!ipv6_accept_ra(idev))
...@@ -5018,10 +5016,13 @@ static int inet6_set_iftoken(struct inet6_dev *idev, struct in6_addr *token) ...@@ -5018,10 +5016,13 @@ static int inet6_set_iftoken(struct inet6_dev *idev, struct in6_addr *token)
write_unlock_bh(&idev->lock); write_unlock_bh(&idev->lock);
clear_token = ipv6_addr_any(token);
if (clear_token)
goto update_lft;
if (!idev->dead && (idev->if_flags & IF_READY) && if (!idev->dead && (idev->if_flags & IF_READY) &&
!ipv6_get_lladdr(dev, &ll_addr, IFA_F_TENTATIVE | !ipv6_get_lladdr(dev, &ll_addr, IFA_F_TENTATIVE |
IFA_F_OPTIMISTIC)) { IFA_F_OPTIMISTIC)) {
/* If we're not ready, then normal ifup will take care /* If we're not ready, then normal ifup will take care
* of this. Otherwise, we need to request our rs here. * of this. Otherwise, we need to request our rs here.
*/ */
...@@ -5029,6 +5030,7 @@ static int inet6_set_iftoken(struct inet6_dev *idev, struct in6_addr *token) ...@@ -5029,6 +5030,7 @@ static int inet6_set_iftoken(struct inet6_dev *idev, struct in6_addr *token)
update_rs = true; update_rs = true;
} }
update_lft:
write_lock_bh(&idev->lock); write_lock_bh(&idev->lock);
if (update_rs) { if (update_rs) {
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment