提交 c2943f14 编写于 作者: H Harout Hedeshian 提交者: David S. Miller

net: ipv6: Add sysctl entry to disable MTU updates from RA

The kernel forcefully applies MTU values received in router
advertisements provided the new MTU is less than the current. This
behavior is undesirable when the user space is managing the MTU. Instead
a sysctl flag 'accept_ra_mtu' is introduced such that the user space
can control whether or not RA provided MTU updates should be applied. The
default behavior is unchanged; user space must explicitly set this flag
to 0 for RA MTUs to be ignored.
Signed-off-by: NHarout Hedeshian <harouth@codeaurora.org>
Signed-off-by: NDavid S. Miller <davem@davemloft.net>
上级 46a93af2
...@@ -1287,6 +1287,13 @@ accept_ra_rtr_pref - BOOLEAN ...@@ -1287,6 +1287,13 @@ accept_ra_rtr_pref - BOOLEAN
Functional default: enabled if accept_ra is enabled. Functional default: enabled if accept_ra is enabled.
disabled if accept_ra is disabled. disabled if accept_ra is disabled.
accept_ra_mtu - BOOLEAN
Apply the MTU value specified in RA option 5 (RFC4861). If
disabled, the MTU specified in the RA will be ignored.
Functional default: enabled if accept_ra is enabled.
disabled if accept_ra is disabled.
accept_redirects - BOOLEAN accept_redirects - BOOLEAN
Accept Redirects. Accept Redirects.
......
...@@ -52,6 +52,7 @@ struct ipv6_devconf { ...@@ -52,6 +52,7 @@ struct ipv6_devconf {
__s32 force_tllao; __s32 force_tllao;
__s32 ndisc_notify; __s32 ndisc_notify;
__s32 suppress_frag_ndisc; __s32 suppress_frag_ndisc;
__s32 accept_ra_mtu;
void *sysctl; void *sysctl;
}; };
......
...@@ -169,6 +169,7 @@ enum { ...@@ -169,6 +169,7 @@ enum {
DEVCONF_SUPPRESS_FRAG_NDISC, DEVCONF_SUPPRESS_FRAG_NDISC,
DEVCONF_ACCEPT_RA_FROM_LOCAL, DEVCONF_ACCEPT_RA_FROM_LOCAL,
DEVCONF_USE_OPTIMISTIC, DEVCONF_USE_OPTIMISTIC,
DEVCONF_ACCEPT_RA_MTU,
DEVCONF_MAX DEVCONF_MAX
}; };
......
...@@ -201,6 +201,7 @@ static struct ipv6_devconf ipv6_devconf __read_mostly = { ...@@ -201,6 +201,7 @@ static struct ipv6_devconf ipv6_devconf __read_mostly = {
.disable_ipv6 = 0, .disable_ipv6 = 0,
.accept_dad = 1, .accept_dad = 1,
.suppress_frag_ndisc = 1, .suppress_frag_ndisc = 1,
.accept_ra_mtu = 1,
}; };
static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = { static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = {
...@@ -238,6 +239,7 @@ static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = { ...@@ -238,6 +239,7 @@ static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = {
.disable_ipv6 = 0, .disable_ipv6 = 0,
.accept_dad = 1, .accept_dad = 1,
.suppress_frag_ndisc = 1, .suppress_frag_ndisc = 1,
.accept_ra_mtu = 1,
}; };
/* Check if a valid qdisc is available */ /* Check if a valid qdisc is available */
...@@ -4380,6 +4382,7 @@ static inline void ipv6_store_devconf(struct ipv6_devconf *cnf, ...@@ -4380,6 +4382,7 @@ static inline void ipv6_store_devconf(struct ipv6_devconf *cnf,
array[DEVCONF_NDISC_NOTIFY] = cnf->ndisc_notify; array[DEVCONF_NDISC_NOTIFY] = cnf->ndisc_notify;
array[DEVCONF_SUPPRESS_FRAG_NDISC] = cnf->suppress_frag_ndisc; array[DEVCONF_SUPPRESS_FRAG_NDISC] = cnf->suppress_frag_ndisc;
array[DEVCONF_ACCEPT_RA_FROM_LOCAL] = cnf->accept_ra_from_local; array[DEVCONF_ACCEPT_RA_FROM_LOCAL] = cnf->accept_ra_from_local;
array[DEVCONF_ACCEPT_RA_MTU] = cnf->accept_ra_mtu;
} }
static inline size_t inet6_ifla6_size(void) static inline size_t inet6_ifla6_size(void)
...@@ -5258,6 +5261,13 @@ static struct addrconf_sysctl_table ...@@ -5258,6 +5261,13 @@ static struct addrconf_sysctl_table
.mode = 0644, .mode = 0644,
.proc_handler = proc_dointvec, .proc_handler = proc_dointvec,
}, },
{
.procname = "accept_ra_mtu",
.data = &ipv6_devconf.accept_ra_mtu,
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = proc_dointvec,
},
{ {
/* sentinel */ /* sentinel */
} }
......
...@@ -1348,7 +1348,7 @@ static void ndisc_router_discovery(struct sk_buff *skb) ...@@ -1348,7 +1348,7 @@ static void ndisc_router_discovery(struct sk_buff *skb)
} }
} }
if (ndopts.nd_opts_mtu) { if (ndopts.nd_opts_mtu && in6_dev->cnf.accept_ra_mtu) {
__be32 n; __be32 n;
u32 mtu; u32 mtu;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册