From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 332F1E92FF7 for ; Fri, 6 Oct 2023 07:54:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230335AbjJFHx7 (ORCPT ); Fri, 6 Oct 2023 03:53:59 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46464 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230309AbjJFHx6 (ORCPT ); Fri, 6 Oct 2023 03:53:58 -0400 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 241ACE4 for ; Fri, 6 Oct 2023 00:53:57 -0700 (PDT) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 338B9C433C8; Fri, 6 Oct 2023 07:53:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1696578836; bh=ElW+W2AvZV1kCIsDUS+F+6EQHhln8aRI5Xp3IfQYl/0=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=XyDLq64rhqeL2vCNJupkd/4JB/Fgf7EV7sYh+B+DHblo4Y+sHEg3PaVvRP8FGZeFS ZiSHOMO/VmHddzW5q4X0HaG3V4mD2B8V9HXaQ1yUK9y0HJ0OKjusWC821pVwPu979o KBi7A8CtlkEINDLp/Z6hXSoZncrvZFrSqTkdbQ60= Date: Fri, 6 Oct 2023 09:53:54 +0200 From: Greg KH To: Maciej =?utf-8?Q?=C5=BBenczykowski?= Cc: Patrick Rohr , stable@vger.kernel.org, Lorenzo Colitti , Sasha Levin Subject: Re: [PATCH 6.1 0/3] net: add sysctl accept_ra_min_lft Message-ID: <2023100633-bulgur-enslave-d2e7@gregkh> References: <20230925211034.905320-1-prohr@google.com> <2023100653-diffusion-brownnose-4671@gregkh> <2023100618-abdominal-unscathed-8d62@gregkh> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org On Fri, Oct 06, 2023 at 12:06:13AM -0700, Maciej Żenczykowski wrote: > On Thu, Oct 5, 2023 at 11:21 PM Greg KH wrote: > > > > On Fri, Oct 06, 2023 at 07:52:19AM +0200, Greg KH wrote: > > > On Thu, Oct 05, 2023 at 02:37:59PM -0700, Patrick Rohr wrote: > > > > On Mon, Sep 25, 2023 at 2:10 PM Patrick Rohr wrote: > > > > > > > > > > This series adds a new sysctl accept_ra_min_lft which enforces a minimum > > > > > lifetime value for individual RA sections; in particular, router > > > > > lifetime, PIO preferred lifetime, and RIO lifetime. If any of those > > > > > lifetimes are lower than the configured value, the specific RA section > > > > > is ignored. > > > > > > > > > > This fixes a potential denial of service attack vector where rogue WiFi > > > > > routers (or devices) can send RAs with low lifetimes to actively drain a > > > > > mobile device's battery (by preventing sleep). > > > > > > > > > > In addition to this change, Android uses hardware offloads to drop RAs > > > > > for a fraction of the minimum of all lifetimes present in the RA (some > > > > > networks have very frequent RAs (5s) with high lifetimes (2h)). Despite > > > > > this, we have encountered networks that set the router lifetime to 30s > > > > > which results in very frequent CPU wakeups. Instead of disabling IPv6 > > > > > (and dropping IPv6 ethertype in the WiFi firmware) entirely on such > > > > > networks, misconfigured routers must be ignored while still processing > > > > > RAs from other IPv6 routers on the same network (i.e. to support IoT > > > > > applications). > > > > > > > > > > Patches: > > > > > - 1671bcfd76fd ("net: add sysctl accept_ra_min_rtr_lft") > > > > > - 5027d54a9c30 ("net: change accept_ra_min_rtr_lft to affect all RA lifetimes") > > > > > - 5cb249686e67 ("net: release reference to inet6_dev pointer") > > > > > > > > > > Patrick Rohr (3): > > > > > net: add sysctl accept_ra_min_rtr_lft > > > > > net: change accept_ra_min_rtr_lft to affect all RA lifetimes > > > > > net: release reference to inet6_dev pointer > > > > > > > > > > Documentation/networking/ip-sysctl.rst | 8 ++++++++ > > > > > include/linux/ipv6.h | 1 + > > > > > include/uapi/linux/ipv6.h | 1 + > > > > > net/ipv6/addrconf.c | 13 +++++++++++++ > > > > > net/ipv6/ndisc.c | 13 +++++++++++-- > > > > > 5 files changed, 34 insertions(+), 2 deletions(-) > > > > > > > > > > -- > > > > > 2.42.0.515.g380fc7ccd1-goog > > > > > > > > > > > > > Was this rejected? > > > > Any resolution on this (ACK or NAK) would be useful. Thanks! > > > > > > They are in our "to get to" queue, which is very long still due to > > > multiple conferences and travel. > > > > > > But I will note, you didn't put the git id of the patches in the patches > > > themselves, so it will take me extra work to add them there when > > > applying. > > > > > > Also, why just 6.1? What about newer stable kernels? You can't update > > > and have a regression, right? > > > > Note, because of this, we can not take these patches now at all anyway :( > > > > thanks, > > > > greg k-h > > Because without any knowledge of whether these patches would even be > accepted into stable, or whether they would need to go in via ACK, > preparing them for more trees seemed like pointless busywork... At the least, it's needed for 6.5-stable as again, we can't take something for an older stable tree and not a newer one as that would be a regression. Without that backport present, we don't even waste our time in reviewing stuff like this :) thanks, greg k-h