* Re: [PATCH wireguard] wireguard: prevent ipv6 addrconf via IFF_NO_ADDRCONF flag
2026-03-11 22:59 ` [PATCH wireguard] wireguard: prevent ipv6 addrconf via IFF_NO_ADDRCONF flag Jason A. Donenfeld
@ 2026-03-21 19:20 ` Valentin Spreckels
0 siblings, 0 replies; 2+ messages in thread
From: Valentin Spreckels @ 2026-03-21 19:20 UTC (permalink / raw)
To: Jason A. Donenfeld
Cc: Andrew Lunn, David S. Miller, Eric Dumazet, Jakub Kicinski,
Paolo Abeni, wireguard, netdev, linux-kernel
Hi Jason,
On 11/03/2026 23:59, Jason A. Donenfeld wrote:
> Hi Valentin,
>
> On Sun, Feb 08, 2026 at 06:05:45PM +0100, Valentin Spreckels wrote:
>> Use the flag introduced in commit 8a321cf7becc6 ("net: add
>> IFF_NO_ADDRCONF and use it in bonding to prevent ipv6 addrconf")
>> instead of mangling the addr_gen_mode to prevent ipv6 addrconf.
>
> Can you give some more context here? Why was IFF_NO_ADDRCONF added when
> the IN6_ADDR_GEN_MODE_NONE method has been working fine? What's the
> difference between these approaches? I don't doubt that your patch is
> correct, but I would like to better understand this.
Only wireguard configures addr_gen_mode inside the kernel, otherwise it
is only set by userspace; userspace is also able to overwrite the
IFF_NO_ADDRCONF set by wireguard.
Commit 8a321cf7becc ("net: add IFF_NO_ADDRCONF and use it in bonding to
prevent ipv6 addrconf") introduces the private interface flag
IFF_NO_ADDRCONF, which isn't accessible by userspace.
Thus use the IFF_NO_ADDRCONF flag in wireguard.
Does that answer your questions? If yes, I will submit a v2 with this as
commit message.
Best regards
Valentin
^ permalink raw reply [flat|nested] 2+ messages in thread