Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp875997ybb; Wed, 1 Apr 2020 11:15:28 -0700 (PDT) X-Google-Smtp-Source: APiQypJ69iO3VpGDQ68tJLobg/zTGmvInYZkQw45E6UOxWEG28Xu4UjCsOcP6yijBVFdH31TDVCq X-Received: by 2002:a9d:775a:: with SMTP id t26mr2243885otl.178.1585764928768; Wed, 01 Apr 2020 11:15:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1585764928; cv=none; d=google.com; s=arc-20160816; b=MZ35wN7DvxuYKN7+nzMoCsCHDS6J8M3XgOfitgHMVeroAZfVDbi1nsl4MSof5Y3XNf GWwwt9LMBO2awUKGWO+w/3zvePCC5zdiI4ZOTgUmHMfTxF6VhBsGeqwwDaIlgSOjyOIP ZMsFw/tnM/IDX2Se0G8e4Cxx/w1dlcuwBe9qJLB9fKmZnB8jPTAWQj0jd+GJlsJKfQy6 QygFF0hYihMhZLwcdAcrM3F6JH0MOajCF4BaMIFQkmq3pNbz5Yc38BOh6PYfpdMePHe6 1nIgptaygENQxigje9d/3xcngHk4DphDza4RVeMHrbq64zttl+AJXABvFoW15XikWNbz WqZA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:from:subject:cc:to:message-id:date; bh=pIv4mFXaWxskGACYpMG5tle4HPG4Zxdm+D7U6/hWrzk=; b=LD8SplROUV4f2bmyvobF7456wAn/OzLyKj08vRlLwW7iXnAPAVjB3wXNJfdwqZ+nUP yTpkGLVoGdhGVN1uN7rj/nXr0w0Qp7Dzn6QXuxhaaNRMVbxS0uvtJa7biHOVG0UBG1hg HJvR+FBVd8gq2CagNATp0vFYFFWLLQZAFoSAmFxOwMSM9lP2p8sR/x6XZWVYg5Dv9rOQ 6EE0H5qWcYLO5UiHyZNRxiemFV6ExPtoZgeCAJz1QdVY1iDmtGCsm5zkBoYgcwPHh8tY NPlI5TwC4LsGLSAjzDGW6tpsjcxc26LfZ1AV/owIL95VCKqAYwii3zEFR+AE/CRc0Mz8 8cIQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a128si1230141oif.202.2020.04.01.11.15.11; Wed, 01 Apr 2020 11:15:28 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732677AbgDASO3 (ORCPT + 99 others); Wed, 1 Apr 2020 14:14:29 -0400 Received: from shards.monkeyblade.net ([23.128.96.9]:37464 "EHLO shards.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727723AbgDASO3 (ORCPT ); Wed, 1 Apr 2020 14:14:29 -0400 Received: from localhost (unknown [IPv6:2601:601:9f00:477::3d5]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) (Authenticated sender: davem-davemloft) by shards.monkeyblade.net (Postfix) with ESMTPSA id 7991C11D69C3E; Wed, 1 Apr 2020 11:14:28 -0700 (PDT) Date: Wed, 01 Apr 2020 11:14:27 -0700 (PDT) Message-Id: <20200401.111427.789296252666544265.davem@davemloft.net> To: jarod@redhat.com Cc: linux-kernel@vger.kernel.org, moshele@mellanox.com, stephen@networkplumber.org, mleitner@redhat.com, netdev@vger.kernel.org Subject: Re: [PATCH net v2] ipv6: don't auto-add link-local address to lag ports From: David Miller In-Reply-To: <20200330152219.58296-1-jarod@redhat.com> References: <20200330152219.58296-1-jarod@redhat.com> X-Mailer: Mew version 6.8 on Emacs 26.1 Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.5.12 (shards.monkeyblade.net [149.20.54.216]); Wed, 01 Apr 2020 11:14:28 -0700 (PDT) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Jarod Wilson Date: Mon, 30 Mar 2020 11:22:19 -0400 > Bonding slave and team port devices should not have link-local addresses > automatically added to them, as it can interfere with openvswitch being > able to properly add tc ingress. > > Basic reproducer, courtesy of Marcelo: ... > (above trimmed to relevant entries, obviously) > > $ sysctl net.ipv6.conf.ens2f0np0.addr_gen_mode=0 > net.ipv6.conf.ens2f0np0.addr_gen_mode = 0 > $ sysctl net.ipv6.conf.ens2f1np2.addr_gen_mode=0 > net.ipv6.conf.ens2f1np2.addr_gen_mode = 0 > > $ ip a l ens2f0np0 > 2: ens2f0np0: mtu 1500 qdisc > mq master bond0 state UP group default qlen 1000 > link/ether 00:0f:53:2f:ea:40 brd ff:ff:ff:ff:ff:ff > inet6 fe80::20f:53ff:fe2f:ea40/64 scope link tentative > valid_lft forever preferred_lft forever > $ ip a l ens2f1np2 > 5: ens2f1np2: mtu 1500 qdisc > mq master bond0 state DOWN group default qlen 1000 > link/ether 00:0f:53:2f:ea:40 brd ff:ff:ff:ff:ff:ff > inet6 fe80::20f:53ff:fe2f:ea40/64 scope link tentative > valid_lft forever preferred_lft forever > > Looks like addrconf_sysctl_addr_gen_mode() bypasses the original "is > this a slave interface?" check added by commit c2edacf80e15, and > results in an address getting added, while w/the proposed patch added, > no address gets added. This simply adds the same gating check to another > code path, and thus should prevent the same devices from erroneously > obtaining an ipv6 link-local address. > > Fixes: d35a00b8e33d ("net/ipv6: allow sysctl to change link-local address generation mode") > Reported-by: Moshe Levi > CC: Stephen Hemminger > CC: Marcelo Ricardo Leitner > CC: netdev@vger.kernel.org > Signed-off-by: Jarod Wilson Applied and queued up for -stable, thanks.