git.baikalelectronics.ru Git - kernel.git/commit

author	David Ahern <dsahern@gmail.com>
	Wed, 17 Apr 2019 00:31:43 +0000 (17:31 -0700)
committer	David S. Miller <davem@davemloft.net>
	Thu, 18 Apr 2019 06:19:07 +0000 (23:19 -0700)
commit	555ae4eaea22aa091f7aa1dc4266bdb5f3c6ebcb
tree	a7d8430a9044e9e3203915f401e68abfd6e30c31	tree \| snapshot
parent	0889e2e8cf39c1205bc54d2880d2eb9ef6dd2a64	commit \| diff

net ipv6: Prevent neighbor add if protocol is disabled on device

Disabling IPv6 on an interface removes existing entries but nothing prevents
new entries from being manually added. To that end, add a new neigh_table
operation, allow_add, that is called on RTM_NEWNEIGH to see if neighbor
entries are allowed on a given device. If IPv6 is disabled on the device,
allow_add returns false and passes a message back to the user via extack.

  $ echo 1 > /proc/sys/net/ipv6/conf/eth1/disable_ipv6
  $ ip -6 neigh add fe80::4c88:bff:fe21:2704 dev eth1 lladdr de:ad:be:ef:01:01
  Error: IPv6 is disabled on this device.

Signed-off-by: David Ahern <dsahern@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

include/net/neighbour.h		diff \| blob \| history
net/core/neighbour.c		diff \| blob \| history
net/ipv6/ndisc.c		diff \| blob \| history