Received: by 2002:ad5:4acb:0:0:0:0:0 with SMTP id n11csp1262161imw; Wed, 13 Jul 2022 16:58:04 -0700 (PDT) X-Google-Smtp-Source: AGRyM1tYJC8T7f9DwH4kZOJ1rKkGJ4NiE2cCf5Wmfkaiz2qu5dZlRUcTsMczJf0W/Z0uPpMYb5fl X-Received: by 2002:a17:902:e5d0:b0:16c:40bc:cfeb with SMTP id u16-20020a170902e5d000b0016c40bccfebmr5507133plf.115.1657756683858; Wed, 13 Jul 2022 16:58:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1657756683; cv=none; d=google.com; s=arc-20160816; b=wBct6ECnqtBaYhIBu7ZQO2m9ZmZuu5AgulNjl5gaRiWA63tTQCOHh2jpnTTVJDH4Z+ 09ruhu76I8l8//lj0+DU/8SV+l3FqhaotqGHnAOEQW5TBFhzlRO02mrWVUwQ0RAQZ8/c jNC6q2rDBZkeSeuN5vIqk1/6mk5SRNyebVD3BRkq+WYhq/gKy2lPH7BloQDlbTo4RIYB ijLZpaJj/OWH+Ed05kwVLJCH0YYCeUhK5WqWHC4V1exScC88J998bOosNmTznNYJ+txg sgamDFUmZs2XJ9pubNH0FWQAgYZJx5gQLc0bnxvdPmOMMtKBxdQdxRxDZ9odfvi3+io1 xATQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=hIeO3opyZf6HnkUX87feyv18m3Q65HBILavBjNxjfqs=; b=E6/nI6YBTxCeplgwPWq+hKc+FD4/FwQTJalcrMquxixBtBZoKqB37EZmJuCfyNo9DD jct52Zzh6iRh5tm/TriXeDAFtpVafQPoOkSmQufFlIgNJBITDf16O3XvD7jqhom3NkKx ttOME9hIUBunc+d5uKZJlrSwOHi75jlDIw0obOb6FAtJP98MiObWIA4SjHjTPSzmrfcT lK3vxtNM3DasISgElF1/7F34b1QxhrnFLMo/rwr6Z1X//yyOQlIKxfMdS84uSobDeFrX plshTJIFDBx4Bw16tAP0dlDcvV4hv8aKu8X8kSxjR7tkRQIZ6ysKxspZhPdlR3nVplMk OWUQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b="IC/WcfcE"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id d6-20020a631d46000000b004149e1d6c33si17028475pgm.72.2022.07.13.16.57.52; Wed, 13 Jul 2022 16:58:03 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20210112 header.b="IC/WcfcE"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231452AbiGMXkr (ORCPT + 99 others); Wed, 13 Jul 2022 19:40:47 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50900 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229624AbiGMXkq (ORCPT ); Wed, 13 Jul 2022 19:40:46 -0400 Received: from mail-pg1-x52e.google.com (mail-pg1-x52e.google.com [IPv6:2607:f8b0:4864:20::52e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7680C509C1; Wed, 13 Jul 2022 16:40:45 -0700 (PDT) Received: by mail-pg1-x52e.google.com with SMTP id bh13so8283pgb.4; Wed, 13 Jul 2022 16:40:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=hIeO3opyZf6HnkUX87feyv18m3Q65HBILavBjNxjfqs=; b=IC/WcfcEC1Cz9/45QmOtWZTVoia7SSaR15G2ZJnNjlWwDU8Q89WiDCJbIykAmQzT4s kOWbIUY61FfQSZwgffJ0V8PSB3DHtw7gDYkSwFxMGlju2W1v6jQjAaeKNCZBeEaI27Nj BUdRKm5yjCGPuoBCd+W0v4ITlxlYzbkp8FZP9F4IZ/mgjRftqLgTSwD78NRN5BkSMYe6 bobLo/grzjSwHsbs5IOD8+hse9czjalVrC1xJMrmUalkBqthYA7HqMbCje0Ff8Zr56Jx kzacYQ+0Gr1WpKxvETWwX4wI+OuF2dDxck7Rn+f83mwBmR0lHtMGBZjsoQNHCzYgKD+u zEKw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=hIeO3opyZf6HnkUX87feyv18m3Q65HBILavBjNxjfqs=; b=F7TWnzvXKYrJ0hzOmo9Ep5gu4I6UzflyFnjAPMC1U43WiuSUlYu5+CeAp6+FX0xGSD LBj1IFv43cLLd26edzqbZfWJ71mbuk1aGSyfjdRrLaioaF2qLCTQrW+LkrKN/qD8a/+0 SffQNPBSRhsoj81/wjCG/y9KxDxmNq3Qr3ujm2ETcjdAwRMl2Yqjb4foyMX9HOP5tljK nUPdrRtMGfeDzq4qIZ8IPHC33yEj+0hKNIVde1bgAbpgJAlwI7e+UNb+430jg4H+ZoeC qme7ltHveAOTTngqaR+BOEZOmnV1QCDcRKaahMfPrfK0xVocEuncqeGyxhV8hgYAU1es XbLw== X-Gm-Message-State: AJIora+a3N9AnRR8xxaiInivD+hbnxJb9WgWlAeERSLBRMsVniGgR2ns X5YPgMUkG/I8HYGujjPTUlbC8DVSiYq2tAvmD5I= X-Received: by 2002:a63:84c8:0:b0:415:b761:efa1 with SMTP id k191-20020a6384c8000000b00415b761efa1mr4895898pgd.89.1657755644732; Wed, 13 Jul 2022 16:40:44 -0700 (PDT) Received: from localhost.localdomain ([64.141.80.140]) by smtp.gmail.com with ESMTPSA id 188-20020a6216c5000000b005286a4ca9c8sm87653pfw.211.2022.07.13.16.40.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 13 Jul 2022 16:40:43 -0700 (PDT) From: Jaehee Park To: netdev@vger.kernel.org Cc: davem@davemloft.net, yoshfuji@linux-ipv6.org, dsahern@kernel.org, dsahern@gmail.com, edumazet@google.com, kuba@kernel.org, pabeni@redhat.com, shuah@kernel.org, linux-kernel@vger.kernel.org, aajith@arista.com, roopa@nvidia.com, roopa.prabhu@gmail.com, aroulin@nvidia.com, sbrivio@redhat.com, jhpark1013@gmail.com Subject: [PATCH v3 net-next 0/3] net: ipv4/ipv6: new option to accept garp/untracked na only if in-network Date: Wed, 13 Jul 2022 16:40:46 -0700 Message-Id: X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_ENVFROM_END_DIGIT, FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The first patch adds an option to learn a neighbor from garp only if the source ip is in the same subnet as an address configured on the interface that received the garp message. The option has been added to arp_accept in ipv4. The same feature has been added to ndisc (patch 2). For ipv6, the subnet filtering knob is an extension of the accept_untracked_na option introduced in these patches: https://lore.kernel.org/all/642672cb-8b11-c78f-8975-f287ece9e89e@gmail.com/t/ https://lore.kernel.org/netdev/20220530101414.65439-1-aajith@arista.com/T/ The third patch contains selftests for testing the different options for accepting arp and neighbor advertisements. v3 - fixed tabs in the selftest v2 - reworded documentation and commit messages - cleanup selftest Jaehee Park (3): net: ipv4: new arp_accept option to accept garp only if in-network net: ipv6: new accept_untracked_na option to accept na only if in-network selftests: net: arp_ndisc_untracked_subnets: test for arp_accept and accept_untracked_na Documentation/networking/ip-sysctl.rst | 52 +-- include/linux/inetdevice.h | 2 +- net/ipv4/arp.c | 24 +- net/ipv6/addrconf.c | 2 +- net/ipv6/ndisc.c | 29 +- tools/testing/selftests/net/Makefile | 1 + .../net/arp_ndisc_untracked_subnets.sh | 308 ++++++++++++++++++ 7 files changed, 389 insertions(+), 29 deletions(-) create mode 100755 tools/testing/selftests/net/arp_ndisc_untracked_subnets.sh -- 2.30.2