From nobody Sat Sep 20 22:17:59 2025 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4cTkKj4j6rz68ThL; Sat, 20 Sep 2025 22:18:33 +0000 (UTC) (envelope-from herbert@gojira.at) Received: from mout-p-202.mailbox.org (mout-p-202.mailbox.org [80.241.56.172]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4cTkKj2KP1z3VxC; Sat, 20 Sep 2025 22:18:33 +0000 (UTC) (envelope-from herbert@gojira.at) Authentication-Results: mx1.freebsd.org; none Received: from smtp102.mailbox.org (smtp102.mailbox.org [IPv6:2001:67c:2050:b231:465::102]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-202.mailbox.org (Postfix) with ESMTPS id 4cTkKd0rd1z9scN; Sun, 21 Sep 2025 00:18:29 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gojira.at; s=MBO0001; t=1758406709; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=nRoAN8r6/wV9CPW8BsZ+HK8PZjjubLWGKfcTzVVO2yo=; b=v1NYLLuQfnmZEnEzSV7LOAwuk3DGteaGmRjvZfj7jMGK+mLR56YOJ17mvETymwHpa8HHa+ 8GEUVCGJ4Jd1hiZytTGih8d9Nhin7iOTqbK0oYsa0gVkvivyxb3kJHtkSOyVzouHUdyOlt qy/gqyKRnHpDFF0QZ5ekGMlT1zqhgkq645/SLvYq0bIHW7aJ2tj2i3Yfnrgrm8x6aKL5tH ySYXKd3f3/yYxuH7YqaHK59uUwag+f6lh7q6bGCsIE4hRgrF1iyBz4YU7dYVk3c8wMmAdL voVp/5W8vSWeTd74Oa/SVX9LdZuHpuCmzUrlFWGHIr7QNq5mCUFHyW1IvzGjAw== Date: Sun, 21 Sep 2025 00:17:59 +0200 Message-ID: <874iswhip4.wl-herbert@gojira.at> From: "Herbert J. Skuhra" To: Guido Falsi Cc: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: Re: git: 31ec8b6407fd - main - sys/netinet6: Implement RFC 7217 In-Reply-To: <202509201231.58KCVqBC047480@gitrepo.freebsd.org> References: <202509201231.58KCVqBC047480@gitrepo.freebsd.org> List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-all@freebsd.org Sender: owner-dev-commits-src-all@FreeBSD.org MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:199118, ipnet:80.241.56.0/21, country:DE] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Rspamd-Queue-Id: 4cTkKj2KP1z3VxC On Sat, 20 Sep 2025 14:31:52 +0200, Guido Falsi wrote: > > The branch main has been updated by madpilot: > > URL: https://cgit.FreeBSD.org/src/commit/?id=31ec8b6407fdd5a87d70265762457c67ce618283 > > commit 31ec8b6407fdd5a87d70265762457c67ce618283 > Author: Guido Falsi > AuthorDate: 2025-09-20 12:26:41 +0000 > Commit: Guido Falsi > CommitDate: 2025-09-20 12:31:44 +0000 > > sys/netinet6: Implement RFC 7217 > > Implement RFC 7217 (A Method for Generating Semantically Opaque > Interface Identifiers with IPv6 Stateless Address Autoconfiguration > (SLAAC)) in our IPv6 stack. > > A new ifconfig `stableaddr` flag is added to enable the feature on > interfaces, which defaults to on or off for new interfaces based > on the sysctl `net.inet6.ip6.use_stableaddr` (off by default, so > this commit causes no change in behavior with default settings). > > The algorithm follows the RFC in its logic, using SHA256-HMAC as > the algorithm to derive addresses so as to provide code that can > be leveraged by future implentations of RFC 8981, leveraging the > `hostuuid` as the secret. > > The source of the hostidentifier can be configured using the sysctl > `net.inet6.ip6.stableaddr_netifsource`, while the number of retries > generating a new address in case of collision can be configured > using the `net.inet6.ip6.stableaddr_maxretries` sysctl (default 3). > > Documentation about all these flags is added to the ifconfig(8) man > page. > > Reviewed by: cognet, glebius, hrs > Tested by: zarychtam@plan-b.pwste.edu.pl > Approved by: cognet, glebius > Relnotes: yes > Differential Revision: https://reviews.freebsd.org/D49681 > --- > sbin/ifconfig/af_inet6.c | 2 + > sbin/ifconfig/af_nd6.c | 1 + > sbin/ifconfig/ifconfig.8 | 30 +++++ > sys/netinet6/in6.h | 3 + > sys/netinet6/in6_ifattach.c | 275 +++++++++++++++++++++++++++++++++++++------- > sys/netinet6/in6_ifattach.h | 2 + > sys/netinet6/in6_proto.c | 10 ++ > sys/netinet6/ip6_input.c | 1 + > sys/netinet6/ip6_var.h | 12 ++ > sys/netinet6/nd6.c | 9 ++ > sys/netinet6/nd6.h | 2 + > sys/netinet6/nd6_nbr.c | 35 +++++- > sys/netinet6/nd6_rtr.c | 128 +++++++++++++-------- > usr.sbin/ndp/ndp.c | 7 ++ > 14 files changed, 423 insertions(+), 94 deletions(-) This commit breaks security/netbird: Management: Disconnected, reason: create wg interface: error creating tun device: unable to get nd6 flags for tun0: invalid argument Signal: Disconnected, reason: create wg interface: error creating tun device: unable to get nd6 flags for tun0: invalid argument