[PATCH net] ipv6: If a public address is deleted then also delete all temporary addresses still referring to it

[PATCH net] ipv6: If a public address is deleted then also delete all temporary addresses still referring to it

[Heiner Kallweit]

If a public address is deleted by an external trigger (e.g. via inet6_rtm_deladdr) then temporary
addresses still referring to it may remain. Happened here when the WiFi link broke and netifd
deleted the public address. Once the link was back and prefix_rcv created new public addresses
ipv6_create_tempaddr complained that the temporary address already existed.
IMHO no temporary address should live longer than its parent, especially because ifpub of the
temporary address still points to the then deleted public address otherwise.

Therefore delete all related temporary addresses before a public address is deleted in inet6_addr_del
which is called by inet6_rtm_del.

Also ensure in ipv6_del_addr that no temporary address lives longer than its parent.
However in addrconf_verify it might not be predetermined in which order a public address and the related
temporary address are deleted if they expire at the same time. Not sure about that ..

Signed-off-by: Heiner Kallweit <heiner.kallweit@web.de>
---
 net/ipv6/addrconf.c | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index 344e972..e5fd81d 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -126,6 +126,7 @@ static void ipv6_regen_rndid(unsigned long data);
 
 static int ipv6_generate_eui64(u8 *eui, struct net_device *dev);
 static int ipv6_count_addresses(struct inet6_dev *idev);
+static void ipv6_del_addr(struct inet6_ifaddr *ifp);
 
 /*
  *	Configured unicast address hash table
@@ -308,6 +309,31 @@ err_ip:
 	return -ENOMEM;
 }
 
+/* delete all temporary addresses referring to ifp
+   returns true if there have been addresses to be deleted */
+static int ifa_del_tempaddrs(struct inet6_ifaddr *ifp)
+{
+        struct inet6_dev *idev = ifp->idev;
+        struct inet6_ifaddr *ift;
+        int deleted = 0;
+
+        if(!(ifp->flags & IFA_F_MANAGETEMPADDR))
+                return 0;
+restart:
+        read_lock_bh(&idev->lock);
+        list_for_each_entry(ift, &idev->tempaddr_list, tmp_list) {
+                if (ifp != ift->ifpub)
+                        continue;
+                in6_ifa_hold(ift);
+                read_unlock_bh(&idev->lock);
+                deleted = 1;
+                ipv6_del_addr(ift);
+                goto restart;
+        }
+        read_unlock_bh(&idev->lock);
+        return deleted;
+}
+
 static struct inet6_dev *ipv6_add_dev(struct net_device *dev)
 {
 	struct inet6_dev *ndev;
@@ -990,6 +1016,10 @@ static void ipv6_del_addr(struct inet6_ifaddr *ifp)
 	enum cleanup_prefix_rt_t action = CLEANUP_PREFIX_RT_NOP;
 	unsigned long expires;
 
+	/* there should be no temporary address still referring to ifp */
+        if(ifa_del_tempaddrs(ifp))
+                pr_info("%s: stale temporary address(es) deleted\n", __func__);
+
 	spin_lock_bh(&ifp->state_lock);
 	state = ifp->state;
 	ifp->state = INET6_IFADDR_STATE_DEAD;
@@ -2506,6 +2536,7 @@ static int inet6_addr_del(struct net *net, int ifindex, const struct in6_addr *p
 			in6_ifa_hold(ifp);
 			read_unlock_bh(&idev->lock);
 
+			ifa_del_tempaddrs(ifp);
 			ipv6_del_addr(ifp);
 			return 0;
 		}
-- 
1.9.0.258.g00eda23.dirty

Re: [PATCH net] ipv6: If a public address is deleted then also delete all temporary addresses still referring to it

[Hannes Frederic Sowa]

On Tue, Mar 18, 2014 at 09:46:40PM +0100, Heiner Kallweit wrote:
> If a public address is deleted by an external trigger (e.g. via inet6_rtm_deladdr) then temporary
> addresses still referring to it may remain. Happened here when the WiFi link broke and netifd
> deleted the public address. Once the link was back and prefix_rcv created new public addresses
> ipv6_create_tempaddr complained that the temporary address already existed.

Which error was it specifically?

> IMHO no temporary address should live longer than its parent, especially because ifpub of the
> temporary address still points to the then deleted public address otherwise.

Reference counting will take care of that.

> Therefore delete all related temporary addresses before a public address is deleted in inet6_addr_del
> which is called by inet6_rtm_del.

I am a bit concerend with backward compatibility here.

> Also ensure in ipv6_del_addr that no temporary address lives longer than its parent.

I currently don't see a problem with that.

Greetings,

  Hannes

Re: [PATCH net] ipv6: If a public address is deleted then also delete all temporary addresses still referring to it

[Heiner Kallweit]

Am 19.03.2014 21:21, schrieb Hannes Frederic Sowa:
> On Tue, Mar 18, 2014 at 09:46:40PM +0100, Heiner Kallweit wrote:
>> If a public address is deleted by an external trigger (e.g. via inet6_rtm_deladdr) then temporary
>> addresses still referring to it may remain. Happened here when the WiFi link broke and netifd
>> deleted the public address. Once the link was back and prefix_rcv created new public addresses
>> ipv6_create_tempaddr complained that the temporary address already existed.
> Which error was it specifically?
>
>> IMHO no temporary address should live longer than its parent, especially because ifpub of the
>> temporary address still points to the then deleted public address otherwise.
> Reference counting will take care of that.
>
>> Therefore delete all related temporary addresses before a public address is deleted in inet6_addr_del
>> which is called by inet6_rtm_del.
> I am a bit concerend with backward compatibility here.
>
>> Also ensure in ipv6_del_addr that no temporary address lives longer than its parent.
> I currently don't see a problem with that.
>
> Greetings,
>
>   Hannes
>
>

The specific error was "retry temporary address regeneration" caused by ipv6_add_addr returning EEXIST.

First question is whether it's correct that in case of link loss the public address is deleted but not the temporary addresses.
I don't think it's correct.
If it's not correct then the question is who's reponsibility it is to delete temporary addresses if the parent public address is deleted.
My solution was to do it in the kernel but this might not be the best / correct approach.
Would you prefer that userspace / netifd take care to also delete the temporary addresses?

Last but not least the question is whether the kernel should care in general about the situation that a public address is deleted and orphaned
temporary addresses are left behind.

Rgds, Heiner

Re: [PATCH net] ipv6: If a public address is deleted then also delete all temporary addresses still referring to it

[Hannes Frederic Sowa]

On Wed, Mar 19, 2014 at 10:17:32PM +0100, Heiner Kallweit wrote:
> Am 19.03.2014 21:21, schrieb Hannes Frederic Sowa:
> > On Tue, Mar 18, 2014 at 09:46:40PM +0100, Heiner Kallweit wrote:
> >> If a public address is deleted by an external trigger (e.g. via inet6_rtm_deladdr) then temporary
> >> addresses still referring to it may remain. Happened here when the WiFi link broke and netifd
> >> deleted the public address. Once the link was back and prefix_rcv created new public addresses
> >> ipv6_create_tempaddr complained that the temporary address already existed.
> > Which error was it specifically?
> >
> >> IMHO no temporary address should live longer than its parent, especially because ifpub of the
> >> temporary address still points to the then deleted public address otherwise.
> > Reference counting will take care of that.
> >
> >> Therefore delete all related temporary addresses before a public address is deleted in inet6_addr_del
> >> which is called by inet6_rtm_del.
> > I am a bit concerend with backward compatibility here.
> >
> >> Also ensure in ipv6_del_addr that no temporary address lives longer than its parent.
> > I currently don't see a problem with that.
> >
> > Greetings,
> >
> >   Hannes
> >
> >
> 
> The specific error was "retry temporary address regeneration" caused by ipv6_add_addr returning EEXIST.
> 
> First question is whether it's correct that in case of link loss the public address is deleted but not the temporary addresses.
> I don't think it's correct.

The kernel doesn't delete any addresses in case of link loss. netifd must
have done so. In this case netifd should have flushed all addresses from
the prefix.

Sure, this is racy and the error therefore looks justified for me.

> If it's not correct then the question is who's reponsibility it is to delete temporary addresses if the parent public address is deleted.

In my opinion those addresses are simple standalone addresses. The link
to the public addresses is just for management purposes and should be
hidden from user space.

So I would be ok, if we enhance the error case a bit, maybe reparent the
old temporary address, drop them and silently generate them anew or only
update prefix information from the new received prefix information. This
should happen without disturbing TCP connections etc. I think this
already works, but I don't know if it is worth the effort.

> My solution was to do it in the kernel but this might not be the best / correct approach.
> Would you prefer that userspace / netifd take care to also delete the temporary addresses?

Yes, I would prefer that.

> Last but not least the question is whether the kernel should care in general about the situation that a public address is deleted and orphaned
> temporary addresses are left behind.

I think that we should think of temporary addresses as stand-alone
(IFA_F_MANAGETEMPADDR is a different story).

Btw. there was already lots of discussions whether automatically drop addresses
of an interface in case of link-loss, you can read the IMHO most relevant here:
<http://markmail.org/thread/wcb6f6lcuyfuli7b>

Greetings,

  Hannes

Re: [PATCH net] ipv6: If a public address is deleted then also delete all temporary addresses still referring to it

[Heiner Kallweit]

Am 19.03.2014 23:41, schrieb Hannes Frederic Sowa:
> On Wed, Mar 19, 2014 at 10:17:32PM +0100, Heiner Kallweit wrote:
>> Am 19.03.2014 21:21, schrieb Hannes Frederic Sowa:
>>> On Tue, Mar 18, 2014 at 09:46:40PM +0100, Heiner Kallweit wrote:
>>>> If a public address is deleted by an external trigger (e.g. via inet6_rtm_deladdr) then temporary
>>>> addresses still referring to it may remain. Happened here when the WiFi link broke and netifd
>>>> deleted the public address. Once the link was back and prefix_rcv created new public addresses
>>>> ipv6_create_tempaddr complained that the temporary address already existed.
>>> Which error was it specifically?
>>>
>>>> IMHO no temporary address should live longer than its parent, especially because ifpub of the
>>>> temporary address still points to the then deleted public address otherwise.
>>> Reference counting will take care of that.
>>>
>>>> Therefore delete all related temporary addresses before a public address is deleted in inet6_addr_del
>>>> which is called by inet6_rtm_del.
>>> I am a bit concerend with backward compatibility here.
>>>
>>>> Also ensure in ipv6_del_addr that no temporary address lives longer than its parent.
>>> I currently don't see a problem with that.
>>>
>>> Greetings,
>>>
>>>   Hannes
>>>
>>>
>> The specific error was "retry temporary address regeneration" caused by ipv6_add_addr returning EEXIST.
>>
>> First question is whether it's correct that in case of link loss the public address is deleted but not the temporary addresses.
>> I don't think it's correct.
> The kernel doesn't delete any addresses in case of link loss. netifd must
> have done so. In this case netifd should have flushed all addresses from
> the prefix.
>
> Sure, this is racy and the error therefore looks justified for me.
>
>> If it's not correct then the question is who's reponsibility it is to delete temporary addresses if the parent public address is deleted.
> In my opinion those addresses are simple standalone addresses. The link
> to the public addresses is just for management purposes and should be
> hidden from user space.
>
> So I would be ok, if we enhance the error case a bit, maybe reparent the
> old temporary address, drop them and silently generate them anew or only
> update prefix information from the new received prefix information. This
> should happen without disturbing TCP connections etc. I think this
> already works, but I don't know if it is worth the effort.
>
>> My solution was to do it in the kernel but this might not be the best / correct approach.
>> Would you prefer that userspace / netifd take care to also delete the temporary addresses?
> Yes, I would prefer that.
>
>> Last but not least the question is whether the kernel should care in general about the situation that a public address is deleted and orphaned
>> temporary addresses are left behind.
> I think that we should think of temporary addresses as stand-alone
> (IFA_F_MANAGETEMPADDR is a different story).
>
> Btw. there was already lots of discussions whether automatically drop addresses
> of an interface in case of link-loss, you can read the IMHO most relevant here:
> <http://markmail.org/thread/wcb6f6lcuyfuli7b>
>
> Greetings,
>
>   Hannes
>
>
Thanks for the link, Hannes. Interesting read .. The discussion somehow stopped in the middle but they also tended to handle such issues in user space.
Will think about it again, check the netifd sources and maybe follow-up on this with the OpenWRT guys.

Rgds, Heiner

Re: [PATCH net] ipv6: If a public address is deleted then also delete all temporary addresses still referring to it

[Heiner Kallweit]

Am 19.03.2014 23:41, schrieb Hannes Frederic Sowa:
> On Wed, Mar 19, 2014 at 10:17:32PM +0100, Heiner Kallweit wrote:
>> Am 19.03.2014 21:21, schrieb Hannes Frederic Sowa:
>>> On Tue, Mar 18, 2014 at 09:46:40PM +0100, Heiner Kallweit wrote:
>>>> If a public address is deleted by an external trigger (e.g. via inet6_rtm_deladdr) then temporary
>>>> addresses still referring to it may remain. Happened here when the WiFi link broke and netifd
>>>> deleted the public address. Once the link was back and prefix_rcv created new public addresses
>>>> ipv6_create_tempaddr complained that the temporary address already existed.
>>> Which error was it specifically?
>>>
>>>> IMHO no temporary address should live longer than its parent, especially because ifpub of the
>>>> temporary address still points to the then deleted public address otherwise.
>>> Reference counting will take care of that.
>>>
>>>> Therefore delete all related temporary addresses before a public address is deleted in inet6_addr_del
>>>> which is called by inet6_rtm_del.
>>> I am a bit concerend with backward compatibility here.
>>>
>>>> Also ensure in ipv6_del_addr that no temporary address lives longer than its parent.
>>> I currently don't see a problem with that.
>>>
>>> Greetings,
>>>
>>>   Hannes
>>>
>>>
>> The specific error was "retry temporary address regeneration" caused by ipv6_add_addr returning EEXIST.
>>
>> First question is whether it's correct that in case of link loss the public address is deleted but not the temporary addresses.
>> I don't think it's correct.
> The kernel doesn't delete any addresses in case of link loss. netifd must
> have done so. In this case netifd should have flushed all addresses from
> the prefix.
>
> Sure, this is racy and the error therefore looks justified for me.
>
>> If it's not correct then the question is who's reponsibility it is to delete temporary addresses if the parent public address is deleted.
> In my opinion those addresses are simple standalone addresses. The link
> to the public addresses is just for management purposes and should be
> hidden from user space.
>
> So I would be ok, if we enhance the error case a bit, maybe reparent the
> old temporary address, drop them and silently generate them anew or only
> update prefix information from the new received prefix information. This
> should happen without disturbing TCP connections etc. I think this
> already works, but I don't know if it is worth the effort.
>
>> My solution was to do it in the kernel but this might not be the best / correct approach.
>> Would you prefer that userspace / netifd take care to also delete the temporary addresses?
> Yes, I would prefer that.
>
>> Last but not least the question is whether the kernel should care in general about the situation that a public address is deleted and orphaned
>> temporary addresses are left behind.
> I think that we should think of temporary addresses as stand-alone
> (IFA_F_MANAGETEMPADDR is a different story).
>
> Btw. there was already lots of discussions whether automatically drop addresses
> of an interface in case of link-loss, you can read the IMHO most relevant here:
> <http://markmail.org/thread/wcb6f6lcuyfuli7b>
>
> Greetings,
>
>   Hannes

I spent some thoughts on this topic and it seems to me that deleting a temporary address from user space will break TCP connections most of the time
as the newly created temporary address will be different from the old one.
Setting a temporary address to deprecated is also not possible from user space currently as netlink RTM_NEWADDR doesn't allow to modify the IFA_F_DEPRECATED flag:

/* We ignore other flags so far. */
	ifa_flags &= IFA_F_NODAD | IFA_F_HOMEADDRESS | IFA_F_MANAGETEMPADDR |
		     IFA_F_NOPREFIXROUTE;

Having said that your suggestion seems to be the most appropriate way to tackle the issue:

"So I would be ok, if we enhance the error case a bit, maybe reparent the
old temporary address, drop them and silently generate them anew or only
update prefix information from the new received prefix information. This
should happen without disturbing TCP connections etc. I think this
already works, but I don't know if it is worth the effort."

The following patch works fine for me, I'd appreciate if you could have a look at it.

Rgds, Heiner

diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index 344e972..7cc3dae 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -2063,8 +2063,23 @@ static void manage_tempaddrs(struct inet6_dev *idev,
     list_for_each_entry(ift, &idev->tempaddr_list, tmp_list) {
         int age, max_valid, max_prefered;
 
-        if (ifp != ift->ifpub)
-            continue;
+        spin_lock(&ift->lock);
+        if (ifp != ift->ifpub) {
+            /* reparent if orphaned temporary addresses with same prefix is found */
+            if(ift->prefix_len == ifp->prefix_len && ipv6_prefix_equal(&ift->addr,&ifp->addr,ift->prefix_len)) {
+                in6_ifa_hold(ifp);
+                in6_ifa_put(ift->ifpub);
+                ift->ifpub = ifp;
+                spin_unlock(&ift->lock);
+                create = false;
+                pr_info("%s: reparent orphaned temporary address\n", __func__);
+            } else {
+                spin_unlock(&ift->lock);
+                continue;
+            }
+        } else {
+            spin_unlock(&ift->lock);
+        }
 
         /* RFC 4941 section 3.3:
          * If a received option will extend the lifetime of a public

Re: [PATCH net] ipv6: If a public address is deleted then also delete all temporary addresses still referring to it

[Heiner Kallweit]

Am 26.03.2014 21:27, schrieb Heiner Kallweit:
> Am 19.03.2014 23:41, schrieb Hannes Frederic Sowa:
>> On Wed, Mar 19, 2014 at 10:17:32PM +0100, Heiner Kallweit wrote:
>>> Am 19.03.2014 21:21, schrieb Hannes Frederic Sowa:
>>>> On Tue, Mar 18, 2014 at 09:46:40PM +0100, Heiner Kallweit wrote:
>>>>> If a public address is deleted by an external trigger (e.g. via inet6_rtm_deladdr) then temporary
>>>>> addresses still referring to it may remain. Happened here when the WiFi link broke and netifd
>>>>> deleted the public address. Once the link was back and prefix_rcv created new public addresses
>>>>> ipv6_create_tempaddr complained that the temporary address already existed.
>>>> Which error was it specifically?
>>>>
>>>>> IMHO no temporary address should live longer than its parent, especially because ifpub of the
>>>>> temporary address still points to the then deleted public address otherwise.
>>>> Reference counting will take care of that.
>>>>
>>>>> Therefore delete all related temporary addresses before a public address is deleted in inet6_addr_del
>>>>> which is called by inet6_rtm_del.
>>>> I am a bit concerend with backward compatibility here.
>>>>
>>>>> Also ensure in ipv6_del_addr that no temporary address lives longer than its parent.
>>>> I currently don't see a problem with that.
>>>>
>>>> Greetings,
>>>>
>>>>   Hannes
>>>>
>>>>
>>> The specific error was "retry temporary address regeneration" caused by ipv6_add_addr returning EEXIST.
>>>
>>> First question is whether it's correct that in case of link loss the public address is deleted but not the temporary addresses.
>>> I don't think it's correct.
>> The kernel doesn't delete any addresses in case of link loss. netifd must
>> have done so. In this case netifd should have flushed all addresses from
>> the prefix.
>>
>> Sure, this is racy and the error therefore looks justified for me.
>>
>>> If it's not correct then the question is who's reponsibility it is to delete temporary addresses if the parent public address is deleted.
>> In my opinion those addresses are simple standalone addresses. The link
>> to the public addresses is just for management purposes and should be
>> hidden from user space.
>>
>> So I would be ok, if we enhance the error case a bit, maybe reparent the
>> old temporary address, drop them and silently generate them anew or only
>> update prefix information from the new received prefix information. This
>> should happen without disturbing TCP connections etc. I think this
>> already works, but I don't know if it is worth the effort.
>>
>>> My solution was to do it in the kernel but this might not be the best / correct approach.
>>> Would you prefer that userspace / netifd take care to also delete the temporary addresses?
>> Yes, I would prefer that.
>>
>>> Last but not least the question is whether the kernel should care in general about the situation that a public address is deleted and orphaned
>>> temporary addresses are left behind.
>> I think that we should think of temporary addresses as stand-alone
>> (IFA_F_MANAGETEMPADDR is a different story).
>>
>> Btw. there was already lots of discussions whether automatically drop addresses
>> of an interface in case of link-loss, you can read the IMHO most relevant here:
>> <http://markmail.org/thread/wcb6f6lcuyfuli7b>
>>
>> Greetings,
>>
>>   Hannes
> I spent some thoughts on this topic and it seems to me that deleting a temporary address from user space will break TCP connections most of the time
> as the newly created temporary address will be different from the old one.
> Setting a temporary address to deprecated is also not possible from user space currently as netlink RTM_NEWADDR doesn't allow to modify the IFA_F_DEPRECATED flag:
>
> /* We ignore other flags so far. */
> 	ifa_flags &= IFA_F_NODAD | IFA_F_HOMEADDRESS | IFA_F_MANAGETEMPADDR |
> 		     IFA_F_NOPREFIXROUTE;
>
> Having said that your suggestion seems to be the most appropriate way to tackle the issue:
>
> "So I would be ok, if we enhance the error case a bit, maybe reparent the
> old temporary address, drop them and silently generate them anew or only
> update prefix information from the new received prefix information. This
> should happen without disturbing TCP connections etc. I think this
> already works, but I don't know if it is worth the effort."
>
> The following patch works fine for me, I'd appreciate if you could have a look at it.
>
> Rgds, Heiner
>
> diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
> index 344e972..7cc3dae 100644
> --- a/net/ipv6/addrconf.c
> +++ b/net/ipv6/addrconf.c
> @@ -2063,8 +2063,23 @@ static void manage_tempaddrs(struct inet6_dev *idev,
>      list_for_each_entry(ift, &idev->tempaddr_list, tmp_list) {
>          int age, max_valid, max_prefered;
>  
> -        if (ifp != ift->ifpub)
> -            continue;
> +        spin_lock(&ift->lock);
> +        if (ifp != ift->ifpub) {
> +            /* reparent if orphaned temporary addresses with same prefix is found */
> +            if(ift->prefix_len == ifp->prefix_len && ipv6_prefix_equal(&ift->addr,&ifp->addr,ift->prefix_len)) {
> +                in6_ifa_hold(ifp);
> +                in6_ifa_put(ift->ifpub);
> +                ift->ifpub = ifp;
> +                spin_unlock(&ift->lock);
> +                create = false;
> +                pr_info("%s: reparent orphaned temporary address\n", __func__);
> +            } else {
> +                spin_unlock(&ift->lock);
> +                continue;
> +            }
> +        } else {
> +            spin_unlock(&ift->lock);
> +        }
>  
>          /* RFC 4941 section 3.3:
>           * If a received option will extend the lifetime of a public
>
After further checking it seems like the timer of the reparented temporary address was deleted. When the reparented address expires no new address is generated.
Have to dig deeper into it ..

Rgds, Heiner

Re: [PATCH net] ipv6: If a public address is deleted then also delete all temporary addresses still referring to it

[Hannes Frederic Sowa]

On Wed, Mar 26, 2014 at 10:50:06PM +0100, Heiner Kallweit wrote:
> > I spent some thoughts on this topic and it seems to me that deleting a temporary address from user space will break TCP connections most of the time
> > as the newly created temporary address will be different from the old one.

Yes, I can confirm that we will generate new rndid and thus will generate a
new address.

> > Setting a temporary address to deprecated is also not possible from user space currently as netlink RTM_NEWADDR doesn't allow to modify the IFA_F_DEPRECATED flag:
> >
> > /* We ignore other flags so far. */
> > 	ifa_flags &= IFA_F_NODAD | IFA_F_HOMEADDRESS | IFA_F_MANAGETEMPADDR |
> > 		     IFA_F_NOPREFIXROUTE;
> >
> > Having said that your suggestion seems to be the most appropriate way to tackle the issue:
> >
> > "So I would be ok, if we enhance the error case a bit, maybe reparent the
> > old temporary address, drop them and silently generate them anew or only
> > update prefix information from the new received prefix information. This
> > should happen without disturbing TCP connections etc. I think this
> > already works, but I don't know if it is worth the effort."
> >
> > The following patch works fine for me, I'd appreciate if you could have a look at it.
> >
> > Rgds, Heiner
> >
> > diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
> > index 344e972..7cc3dae 100644
> > --- a/net/ipv6/addrconf.c
> > +++ b/net/ipv6/addrconf.c
> > @@ -2063,8 +2063,23 @@ static void manage_tempaddrs(struct inet6_dev *idev,
> >      list_for_each_entry(ift, &idev->tempaddr_list, tmp_list) {
> >          int age, max_valid, max_prefered;
> >  
> > -        if (ifp != ift->ifpub)
> > -            continue;
> > +        spin_lock(&ift->lock);
> > +        if (ifp != ift->ifpub) {
> > +            /* reparent if orphaned temporary addresses with same prefix is found */
> > +            if(ift->prefix_len == ifp->prefix_len && ipv6_prefix_equal(&ift->addr,&ifp->addr,ift->prefix_len)) {
> > +                in6_ifa_hold(ifp);
> > +                in6_ifa_put(ift->ifpub);
> > +                ift->ifpub = ifp;
> > +                spin_unlock(&ift->lock);
> > +                create = false;
> > +                pr_info("%s: reparent orphaned temporary address\n", __func__);
> > +            } else {
> > +                spin_unlock(&ift->lock);
> > +                continue;
> > +            }
> > +        } else {
> > +            spin_unlock(&ift->lock);
> > +        }
> >  
> >          /* RFC 4941 section 3.3:
> >           * If a received option will extend the lifetime of a public
> >
> After further checking it seems like the timer of the reparented temporary address was deleted. When the reparented address expires no new address is generated.
> Have to dig deeper into it ..

You need to reset ift->regen_count=0 to avoid that I guess.

The approach seems reasonable to me.

Thanks,

  Hannes

Re: [PATCH net] ipv6: If a public address is deleted then also delete all temporary addresses still referring to it

[Heiner Kallweit]

Am 27.03.2014 03:53, schrieb Hannes Frederic Sowa:
> On Wed, Mar 26, 2014 at 10:50:06PM +0100, Heiner Kallweit wrote:
>>> I spent some thoughts on this topic and it seems to me that deleting a temporary address from user space will break TCP connections most of the time
>>> as the newly created temporary address will be different from the old one.
> Yes, I can confirm that we will generate new rndid and thus will generate a
> new address.
>
>>> Setting a temporary address to deprecated is also not possible from user space currently as netlink RTM_NEWADDR doesn't allow to modify the IFA_F_DEPRECATED flag:
>>>
>>> /* We ignore other flags so far. */
>>> 	ifa_flags &= IFA_F_NODAD | IFA_F_HOMEADDRESS | IFA_F_MANAGETEMPADDR |
>>> 		     IFA_F_NOPREFIXROUTE;
>>>
>>> Having said that your suggestion seems to be the most appropriate way to tackle the issue:
>>>
>>> "So I would be ok, if we enhance the error case a bit, maybe reparent the
>>> old temporary address, drop them and silently generate them anew or only
>>> update prefix information from the new received prefix information. This
>>> should happen without disturbing TCP connections etc. I think this
>>> already works, but I don't know if it is worth the effort."
>>>
>>> The following patch works fine for me, I'd appreciate if you could have a look at it.
>>>
>>> Rgds, Heiner
>>>
>>> diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
>>> index 344e972..7cc3dae 100644
>>> --- a/net/ipv6/addrconf.c
>>> +++ b/net/ipv6/addrconf.c
>>> @@ -2063,8 +2063,23 @@ static void manage_tempaddrs(struct inet6_dev *idev,
>>>      list_for_each_entry(ift, &idev->tempaddr_list, tmp_list) {
>>>          int age, max_valid, max_prefered;
>>>  
>>> -        if (ifp != ift->ifpub)
>>> -            continue;
>>> +        spin_lock(&ift->lock);
>>> +        if (ifp != ift->ifpub) {
>>> +            /* reparent if orphaned temporary addresses with same prefix is found */
>>> +            if(ift->prefix_len == ifp->prefix_len && ipv6_prefix_equal(&ift->addr,&ifp->addr,ift->prefix_len)) {
>>> +                in6_ifa_hold(ifp);
>>> +                in6_ifa_put(ift->ifpub);
>>> +                ift->ifpub = ifp;
>>> +                spin_unlock(&ift->lock);
>>> +                create = false;
>>> +                pr_info("%s: reparent orphaned temporary address\n", __func__);
>>> +            } else {
>>> +                spin_unlock(&ift->lock);
>>> +                continue;
>>> +            }
>>> +        } else {
>>> +            spin_unlock(&ift->lock);
>>> +        }
>>>  
>>>          /* RFC 4941 section 3.3:
>>>           * If a received option will extend the lifetime of a public
>>>
>> After further checking it seems like the timer of the reparented temporary address was deleted. When the reparented address expires no new address is generated.
>> Have to dig deeper into it ..
> You need to reset ift->regen_count=0 to avoid that I guess.
>
> The approach seems reasonable to me.
>
> Thanks,
>
>   Hannes
>
Last problem I mentioned was caused by another issue. The decribed patch has been working fine in the meantime so I'll submit it to the list.

Rgds, Heiner