Received: by 2002:a05:7412:b995:b0:f9:9502:5bb8 with SMTP id it21csp471435rdb;
        Thu, 21 Dec 2023 15:12:44 -0800 (PST)
X-Google-Smtp-Source: AGHT+IFJZUSnPC0vfqYoMb+GzGJDi5OSUGMgzzPU5AyPABnaZdc0VfH57/yoYaTDy8XRs6srk1fP
X-Received: by 2002:a05:6e02:19c5:b0:35f:b06b:2f7b with SMTP id r5-20020a056e0219c500b0035fb06b2f7bmr654277ill.34.1703200363749;
        Thu, 21 Dec 2023 15:12:43 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1703200363; cv=none;
        d=google.com; s=arc-20160816;
        b=AB+Zw4UUFIiTJ78bqowE+JizCKooWDMp/jUTo/zCh3ikqH6benSrJBQvMaZotA7WJV
         eVg+KZfDRSM2v5fcypIP0U+BnyQwaJtMxSYc53pnURGmPZ+nJ4PUEJ6ib59pSgYDQKTp
         m0euUoaeDo67cGiDGCZiw4WUFU2xHL8thNci5M39ofDZ4rbbOJ7IKSdDoFsex0+50l4/
         gCw8Rq6BTsersLZz4UE7GLyDyAi0KK/PVTRFg83ixoE9JBMO+3C4/udjzcGOXHsxT9Ma
         0y71Jdp4bAVdQ/Abp9iwQsm77shfo+leqXcvJqY043kqOBTnXY3ilCDSUJMTVfa1jmTr
         FrVg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=DCyDcGB+njyvZgduAOSYZ57kEuruZLX4DxL5rDhZZEc=;
        fh=Ug9/6Qg50X5vTrAIW681VFlKg/lenwOOFkeWIt28l7c=;
        b=N6LZ0OWeThsehlMADorcL28l2rhaTxqu8fgx7QDzHD18nl8FIn39g8dKqQSgFqm1o3
         gIi+KY5jSg9AREQ/UdgWvalhMsEIcY64t8wRrwX+OlnbYOKLk84p9nCG/Td1uMJUwdVI
         fQU++5/Giu7AAlpl/u7Uv5umGAwaRG4UnPusDzGO0tIF8iqrsC7YuCzW5u/yIStQkfae
         W2XzPXt4S/iw7k2llm23u+79jBDvTOQwUcYH4DE+qX1+M3w9Fbral80uDicuiY/a1qMW
         xDM9kEGvBhxvNJnFKWnMkaTNt+fdQPuJOFn2cfi8iRQZ0ym5AmgtumuySnLA/OevDdjZ
         OowQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@danm.net header.s=sig1 header.b=cXXV+fkJ;
       spf=pass (google.com: domain of linux-kernel+bounces-9152-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-9152-linux.lists.archive=gmail.com@vger.kernel.org"
Return-Path: <linux-kernel+bounces-9152-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161])
        by mx.google.com with ESMTPS id a71-20020a63904a000000b005be03f0da68si2301997pge.13.2023.12.21.15.12.43
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 21 Dec 2023 15:12:43 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-9152-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) client-ip=147.75.48.161;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@danm.net header.s=sig1 header.b=cXXV+fkJ;
       spf=pass (google.com: domain of linux-kernel+bounces-9152-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.48.161 as permitted sender) smtp.mailfrom="linux-kernel+bounces-9152-linux.lists.archive=gmail.com@vger.kernel.org"
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sy.mirrors.kernel.org (Postfix) with ESMTPS id 914A4B25548
	for <linux.lists.archive@gmail.com>; Thu, 21 Dec 2023 23:12:41 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id C4C6F79478;
	Thu, 21 Dec 2023 23:12:30 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=danm.net header.i=@danm.net header.b="cXXV+fkJ"
X-Original-To: linux-kernel@vger.kernel.org
Received: from mr85p00im-zteg06022001.me.com (mr85p00im-zteg06022001.me.com [17.58.23.193])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2794C77620
	for <linux-kernel@vger.kernel.org>; Thu, 21 Dec 2023 23:12:27 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=danm.net
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=danm.net
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=danm.net; s=sig1;
	t=1703200347; bh=DCyDcGB+njyvZgduAOSYZ57kEuruZLX4DxL5rDhZZEc=;
	h=From:To:Subject:Date:Message-ID:MIME-Version;
	b=cXXV+fkJVcexXshAtBA9kqoVzxZi82it4LAoVoRl4eliL18HhCFsbd8RyT/tzi1Ks
	 m7aaW3XhS8S+TqeuoeNyJ7IcQTl1s4KDvYUu07QGPU/Z6Pem/dO33pLm7xZ35AtckL
	 FcNdEAmrnYLHV8jJgahIucatEc0iQgtfQLGeipUJeL0KtQLPx1eUKBDE5G/DyNc3k0
	 9dwLiRv2OwdHFU3jW3zQlhkrcX1agIKHQBMw4loHfRMDhWzIBy6kM8DZumG+tyBtqP
	 dLuyeGgN5vb5Mb/+WL40zWSOBvIqMB24o1Rsx8uBodbrBJ1uYD+X2W2Fpc7oi8NNXZ
	 A3hlQld2axaNw==
Received: from hitch.danm.net (mr38p00im-dlb-asmtp-mailmevip.me.com [17.57.152.18])
	by mr85p00im-zteg06022001.me.com (Postfix) with ESMTPSA id A7BD2800127;
	Thu, 21 Dec 2023 23:12:26 +0000 (UTC)
From: Dan Moulding <dan@danm.net>
To: dan@danm.net
Cc: Alex Henrie <alexhenrie24@gmail.com>,
	"David S. Miller" <davem@davemloft.net>,
	David Ahern <dsahern@kernel.org>,
	Eric Dumazet <edumazet@google.com>,
	Jakub Kicinski <kuba@kernel.org>,
	Paolo Abeni <pabeni@redhat.com>,
	netdev@vger.kernel.org,
	linux-kernel@vger.kernel.org
Subject: [REGRESSION] net/ipv6/addrconf: Temporary addresses with short lifetimes generating when they shouldn't, causing applications to fail
Date: Thu, 21 Dec 2023 16:10:57 -0700
Message-ID: <20231221231115.12402-1-dan@danm.net>
X-Mailer: git-send-email 2.41.0
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Proofpoint-ORIG-GUID: 2x4J6n-3fdC5FS1JBV_-vkus0m_RhcGg
X-Proofpoint-GUID: 2x4J6n-3fdC5FS1JBV_-vkus0m_RhcGg
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.272,Aquarius:18.0.997,Hydra:6.0.619,FMLib:17.11.176.26
 definitions=2023-12-21_11,2023-12-21_02,2023-05-22_02
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 bulkscore=0 malwarescore=0 spamscore=0
 phishscore=0 clxscore=1030 mlxlogscore=528 adultscore=0 suspectscore=0
 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.19.0-2308100000 definitions=main-2312210177

I started running v6.7-rc5 on a desktop and began having problems
where Chromium would frequently fail to load pages and give an
"ERR_NETWORK_CHANGED" message instead. I also noticed instability in
avahi-daemon (it would stop resolving local names and/or consume 100%
CPU). Eventually I discovered that what is happening is that new
temporary IPv6 addresses for a ULA address are being generated once
every second, with very short preferred lifetimes (and I had an
interface with thousands of such temporary addresses). I also found
that it seems to be triggered when one of the devices on the network
sends a router advertisement with a prefix that has a preferred
lifetime of 0 (presumably it's sending that because it wants to
deprecate that prefix).

I bisected it to commit 629df6701c8a ("net: ipv6/addrconf: clamp
preferred_lft to the minimum required"). Upon reviewing that change, I
see that it has changed when generation of temporary addresses will be
allowed. I believe that change might have inadvertently caused the
kernel to violate RFC 4941 and might need to be reverted.

In particular RFC 4941 specifies that the preferred lifetime of a
temporary address must not be greater than the preferred lifetime of
the public address it is derived from. However, this change allows a
temporary address to be generated with a preferred lifetime greater
than the public address' preferred lifetime.

From RFC 4941:

    4.  When creating a temporary address, the lifetime values MUST be
        derived from the corresponding prefix as follows:

        *  Its Valid Lifetime is the lower of the Valid Lifetime of the
           public address or TEMP_VALID_LIFETIME.

        *  Its Preferred Lifetime is the lower of the Preferred Lifetime
           of the public address or TEMP_PREFERRED_LIFETIME -
           DESYNC_FACTOR.

Previously temporary addresses would not be generated for an interface
if the administratively configured preferred lifetime on that
interface was too short. This change tries to avoid that, and allow
generating temporary addresses even on interfaces with very short
configured lifetimes, by simply increasing the preferred lifetime of
the generated address. However, doing so runs afoul of the above
requirement. It allows the preferred lifetime of the temporary address
to be increased to a value that is larger than the public address'
preferred lifetime. For example, in my case where the router
advertisement causes the public address' preferred lifetime to be set
to 0, the current code allows a temporary address to be generated with
a preferred lifetime of (regen_advance + age + 1), which is obviously
greater than 0. It also, in my case, leads to new temporary addresses
with very short lifetimes being generated, about once every second,
leading to the application-level issues I described above.

Cheers,

-- Dan