From nobody Fri Jan 13 21:25:16 2023 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Ntvb12TPTz2ql2V; Fri, 13 Jan 2023 21:25:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Ntvb11RGFz4284; Fri, 13 Jan 2023 21:25:17 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1673645117; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=cvWhWEgAz18WSus22LlXbv2AmHJVH5QRz0nSDnJW+78=; b=v19e3ECDMYXkaY0jcon9OR0LXIJC8mzHcQH2J4A9pzEYHm1tuiDs0FgnRkUmTAU0EWA1YY yrPWd1p7Xmfi9nWEjkhSK5cIhH8Grw1QBVuvN+7g8Wx84X7pUEeNWZifREZt/I8QLWxFkT HlKkrOpluK3NxzBMuHEzqWQgNNOgSLv1GboW0fAPET1Ik5xjiJ87yKY6Krrl0xSyGz85V2 iH0YrsfOy0u+H3//nXc98w/8kMLeCFhie37479PfiepkbAVBkn2oi0ihXMlwr2mDaLTGrF SkbNsIfUQ3OAjtCf+f8Zq8BaCO7OifiWVe3cxXwON5vC5goZiUYc56CSRUN0ew== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1673645117; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=cvWhWEgAz18WSus22LlXbv2AmHJVH5QRz0nSDnJW+78=; b=ICofcWz6D1/hxrFPNPkw7SRtYmQ+VbvjZiNIMhMq/DT90L1FPEjMO1Gu/v9XKpDzOTKDVs mjT1tHPOYfk4Zu4zDxHXIPfcS+mMYA3vWb/Levg6iF2RxdfwjXRtlHFuCWoccS+4PkKVpo bFEzgm/oi7WiCBngYNWOQKsvnKSsMHBAZN2T2xJd6/cOPx9Xjmt6p3QMhUdvlvstk6dvtk IMjiwzlDSPMBbeMn0qBXRzfYA97VUsWuxx3V7fc+L62XemyjgSy+26MF2rv6Fo4i03h6ET gwmHLpk1mwuFV8k7MGb7rOK44nRgRM62lXsLI9dQI+IRq9sw+SMRR6yYi6vVXg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1673645117; a=rsa-sha256; cv=none; b=k2ON3yeLuSemG6EOcN0xKWZg2zoyNyliHFna1DKKrayO+8JG4IxMrkd+4kNEMnjszOn6Pp jPRJFm8zHbFdB0uU4VlgNhIZFL4YcBIylTxtC1SJXQmdn3xBPcRdOAMZODVUcftFRfBpXd bMRrUfdB/q1qzprdGtOERPhRymDW+j0b6tNFCywNkoK6Kjelsu27P8nvPKNHzOJMam44jj PqM9yRh4ic7zvMW+HdzbiJ/Qe48SFHn7/4NllbO4tctLT9Rr6egGBQVtVu5gMl6MLBFPtv u1VwZhu+GPjoOdUSj5kbVHOnjhvDk3NOcDtsopLbEMVWFGDdIqYNCAPm51ijfA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Ntvb10LSZzNGb; Fri, 13 Jan 2023 21:25:17 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 30DLPGjv041627; Fri, 13 Jan 2023 21:25:16 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 30DLPG85041626; Fri, 13 Jan 2023 21:25:16 GMT (envelope-from git) Date: Fri, 13 Jan 2023 21:25:16 GMT Message-Id: <202301132125.30DLPG85041626@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: "Alexander V. Chernikov" Subject: git: e05afeef1681 - stable/13 - netinet6: fix SIOCSPFXFLUSH_IN6 by skipping manually-configured prefixes List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: melifaro X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: e05afeef16810a55e67544ff5e6e899c26254035 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch stable/13 has been updated by melifaro: URL: https://cgit.FreeBSD.org/src/commit/?id=e05afeef16810a55e67544ff5e6e899c26254035 commit e05afeef16810a55e67544ff5e6e899c26254035 Author: Alexander V. Chernikov AuthorDate: 2022-08-23 16:19:50 +0000 Commit: Alexander V. Chernikov CommitDate: 2023-01-13 21:24:10 +0000 netinet6: fix SIOCSPFXFLUSH_IN6 by skipping manually-configured prefixes Summary: Currently netinet6/ code allocates IPv6 prefixes (nd_prefix) for both manually-assigned addresses and advertised prefixes. As a result, prefixes from manually-assigned prefixes can be seen in `ndp -p` list and be cleared via `ndp -P`. The latter relies on the SIOCSPFXFLUSH_IN6 ioctl to clear to prefix list. The original intent of the SIOCSPFXFLUSH_IN6 was to clear prefixes originated from the advertising routers: ``` 1998-09-02 JINMEI, Tatuya * nd6.c (nd6_ioctl): added 2 new ioctls; SIOCSRTRFLUSH_IN6 and SIOCSPFXFLUSH_IN6. The former is to flush all default routers in the default router list, and the latter is to flush all the prefixes and the addresses derived from them in the prefix list. ``` Restore the intent by marking prefixes derived from the RA messages with newly-added ndpr_flags.ra_derived flag and skip prefixes not marked with such flag during deletion and listing. Differential Revision: https://reviews.freebsd.org/D36312 MFC after: 2 weeks (cherry picked from commit 8036234c72c9361711e867cc1a0c6a7fe0babd84) --- sys/netinet6/in6_var.h | 4 +++- sys/netinet6/nd6.c | 7 ++++--- sys/netinet6/nd6.h | 1 + sys/netinet6/nd6_rtr.c | 1 + 4 files changed, 9 insertions(+), 4 deletions(-) diff --git a/sys/netinet6/in6_var.h b/sys/netinet6/in6_var.h index 1caa4511a2b1..c3c827c57363 100644 --- a/sys/netinet6/in6_var.h +++ b/sys/netinet6/in6_var.h @@ -326,7 +326,8 @@ struct in6_prflags { struct prf_ra { u_char onlink : 1; u_char autonomous : 1; - u_char reserved : 6; + u_char ra_derived: 1; + u_char reserved : 5; } prf_ra; u_char prf_reserved1; u_short prf_reserved2; @@ -357,6 +358,7 @@ struct in6_prefixreq { #define ipr_raf_onlink ipr_flags.prf_ra.onlink #define ipr_raf_auto ipr_flags.prf_ra.autonomous +#define ipr_raf_ra_derived ipr_flags.prf_ra.ra_derived #define ipr_statef_onlink ipr_flags.prf_state.onlink diff --git a/sys/netinet6/nd6.c b/sys/netinet6/nd6.c index 22f5ed45a094..b772fb74b257 100644 --- a/sys/netinet6/nd6.c +++ b/sys/netinet6/nd6.c @@ -1832,9 +1832,8 @@ nd6_ioctl(u_long cmd, caddr_t data, struct ifnet *ifp) ND6_WLOCK(); LIST_FOREACH_SAFE(pr, &V_nd_prefix, ndpr_entry, next) { - if (IN6_IS_ADDR_LINKLOCAL(&pr->ndpr_prefix.sin6_addr)) - continue; /* XXX */ - nd6_prefix_unlink(pr, &prl); + if (pr->ndpr_raf_ra_derived) + nd6_prefix_unlink(pr, &prl); } ND6_WUNLOCK(); @@ -2739,6 +2738,8 @@ nd6_sysctl_prlist(SYSCTL_HANDLER_ARGS) ND6_RLOCK(); LIST_FOREACH(pr, &V_nd_prefix, ndpr_entry) { + if (!pr->ndpr_raf_ra_derived) + continue; p.prefix = pr->ndpr_prefix; if (sa6_recoverscope(&p.prefix)) { log(LOG_ERR, "scope error in prefix list (%s)\n", diff --git a/sys/netinet6/nd6.h b/sys/netinet6/nd6.h index 3f9f8219b018..d653a432dbe4 100644 --- a/sys/netinet6/nd6.h +++ b/sys/netinet6/nd6.h @@ -243,6 +243,7 @@ struct nd_prefix { #define ndpr_raf ndpr_flags #define ndpr_raf_onlink ndpr_flags.onlink #define ndpr_raf_auto ndpr_flags.autonomous +#define ndpr_raf_ra_derived ndpr_flags.ra_derived #define ndpr_raf_router ndpr_flags.router struct nd_pfxrouter { diff --git a/sys/netinet6/nd6_rtr.c b/sys/netinet6/nd6_rtr.c index 4bef4ac313f7..19eacadb99f7 100644 --- a/sys/netinet6/nd6_rtr.c +++ b/sys/netinet6/nd6_rtr.c @@ -517,6 +517,7 @@ nd6_ra_input(struct mbuf *m, int off, int icmp6len) ND_OPT_PI_FLAG_ONLINK) ? 1 : 0; pr.ndpr_raf_auto = (pi->nd_opt_pi_flags_reserved & ND_OPT_PI_FLAG_AUTO) ? 1 : 0; + pr.ndpr_raf_ra_derived = 1; pr.ndpr_plen = pi->nd_opt_pi_prefix_len; pr.ndpr_vltime = ntohl(pi->nd_opt_pi_valid_time); pr.ndpr_pltime = ntohl(pi->nd_opt_pi_preferred_time);