From owner-svn-src-stable@freebsd.org  Sun Sep 13 02:09:08 2015
Return-Path: <owner-svn-src-stable@freebsd.org>
Delivered-To: svn-src-stable@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 142CFA0362F;
 Sun, 13 Sep 2015 02:09:08 +0000 (UTC) (envelope-from hrs@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id EC3481A2B;
 Sun, 13 Sep 2015 02:09:07 +0000 (UTC) (envelope-from hrs@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.70])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id t8D297SK071040;
 Sun, 13 Sep 2015 02:09:07 GMT (envelope-from hrs@FreeBSD.org)
Received: (from hrs@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id t8D296ow071033;
 Sun, 13 Sep 2015 02:09:06 GMT (envelope-from hrs@FreeBSD.org)
Message-Id: <201509130209.t8D296ow071033@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: hrs set sender to hrs@FreeBSD.org
 using -f
From: Hiroki Sato <hrs@FreeBSD.org>
Date: Sun, 13 Sep 2015 02:09:06 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org
Subject: svn commit: r287734 - stable/10/sys/netinet6
X-SVN-Group: stable-10
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-stable@freebsd.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: SVN commit messages for all the -stable branches of the src tree
 <svn-src-stable.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-stable>, 
 <mailto:svn-src-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-stable/>
List-Post: <mailto:svn-src-stable@freebsd.org>
List-Help: <mailto:svn-src-stable-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-stable>,
 <mailto:svn-src-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 13 Sep 2015 02:09:08 -0000

Author: hrs
Date: Sun Sep 13 02:09:06 2015
New Revision: 287734
URL: https://svnweb.freebsd.org/changeset/base/287734

Log:
  MFC 287094:
  
  - Deprecate IN6_IFF_NODAD.  It was used to prevent DAD on a loopback
    interface but in6if_do_dad() already had a check for IFF_LOOPBACK.
  
  - Remove in6if_do_dad() check in in6_broadcast_ifa().  An address
    which needs DAD always has IN6_IFF_TENTATIVE there.
  
  - in6if_do_dad() now returns EAGAIN when the interface is not ready
    since DAD callout handler ignores such an interface.
  
  - In DAD callout handler, mark an address as IN6_IFF_TENTATIVE
    when the interface has ND6_IFF_IFDISABLED.  And Do IFF_UP and
    IFF_DRV_RUNNING check consistently when DAD is required.
  
  - draft-ietf-6man-enhanced-dad is now published as RFC 7527.
  
  - Fix some typos.

Modified:
  stable/10/sys/netinet6/in6.c
  stable/10/sys/netinet6/in6_ifattach.c
  stable/10/sys/netinet6/in6_var.h
  stable/10/sys/netinet6/nd6_nbr.c
Directory Properties:
  stable/10/   (props changed)

Modified: stable/10/sys/netinet6/in6.c
==============================================================================
--- stable/10/sys/netinet6/in6.c	Sun Sep 13 01:59:50 2015	(r287733)
+++ stable/10/sys/netinet6/in6.c	Sun Sep 13 02:09:06 2015	(r287734)
@@ -1280,13 +1280,8 @@ in6_update_ifa(struct ifnet *ifp, struct
 			goto cleanup;
 	}
 
-	/*
-	 * Perform DAD, if needed.
-	 * XXX It may be of use, if we can administratively disable DAD.
-	 */
-	if (in6if_do_dad(ifp) && ((ifra->ifra_flags & IN6_IFF_NODAD) == 0) &&
-	    (ia->ia6_flags & IN6_IFF_TENTATIVE))
-	{
+	/* Perform DAD, if the address is TENTATIVE. */
+	if ((ia->ia6_flags & IN6_IFF_TENTATIVE)) {
 		int mindelay, maxdelay;
 
 		delay = 0;
@@ -1619,6 +1614,10 @@ in6_purgeif(struct ifnet *ifp)
  * in the future.
  * RFC2373 defines interface id to be 64bit, but it allows non-RFC2374
  * address encoding scheme. (see figure on page 8)
+ * Notifies other subsystems about address change/arrival:
+ * 1) Notifies device handler on the first IPv6 address assignment
+ * 2) Handle routing table changes for P2P links and route
+ * 3) Handle routing table changes for address host route
  */
 static int
 in6_lifaddr_ioctl(struct socket *so, u_long cmd, caddr_t data,
@@ -2389,13 +2388,13 @@ in6if_do_dad(struct ifnet *ifp)
 		 * However, some interfaces can be up before the RUNNING
 		 * status.  Additionaly, users may try to assign addresses
 		 * before the interface becomes up (or running).
-		 * We simply skip DAD in such a case as a work around.
-		 * XXX: we should rather mark "tentative" on such addresses,
-		 * and do DAD after the interface becomes ready.
+	 	 * This function returns EAGAIN in that case.
+		 * The caller should mark "tentative" on the address instead of
+		 * performing DAD immediately.
 		 */
 		if (!((ifp->if_flags & IFF_UP) &&
 		    (ifp->if_drv_flags & IFF_DRV_RUNNING)))
-			return (0);
+			return (EAGAIN);
 
 		return (1);
 	}

Modified: stable/10/sys/netinet6/in6_ifattach.c
==============================================================================
--- stable/10/sys/netinet6/in6_ifattach.c	Sun Sep 13 01:59:50 2015	(r287733)
+++ stable/10/sys/netinet6/in6_ifattach.c	Sun Sep 13 02:09:06 2015	(r287734)
@@ -595,9 +595,6 @@ in6_ifattach_loopback(struct ifnet *ifp)
 	ifra.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME;
 	ifra.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME;
 
-	/* we don't need to perform DAD on loopback interfaces. */
-	ifra.ifra_flags |= IN6_IFF_NODAD;
-
 	/*
 	 * We are sure that this is a newly assigned address, so we can set
 	 * NULL to the 3rd arg.

Modified: stable/10/sys/netinet6/in6_var.h
==============================================================================
--- stable/10/sys/netinet6/in6_var.h	Sun Sep 13 01:59:50 2015	(r287733)
+++ stable/10/sys/netinet6/in6_var.h	Sun Sep 13 02:09:06 2015	(r287734)
@@ -494,7 +494,7 @@ struct	in6_rrenumreq {
 #define IN6_IFF_DETACHED	0x08	/* may be detached from the link */
 #define IN6_IFF_DEPRECATED	0x10	/* deprecated address */
 #define IN6_IFF_NODAD		0x20	/* don't perform DAD on this address
-					 * (used only at first SIOC* call)
+					 * (obsolete)
 					 */
 #define IN6_IFF_AUTOCONF	0x40	/* autoconfigurable address. */
 #define IN6_IFF_TEMPORARY	0x80	/* temporary (anonymous) address. */

Modified: stable/10/sys/netinet6/nd6_nbr.c
==============================================================================
--- stable/10/sys/netinet6/nd6_nbr.c	Sun Sep 13 01:59:50 2015	(r287733)
+++ stable/10/sys/netinet6/nd6_nbr.c	Sun Sep 13 02:09:06 2015	(r287734)
@@ -576,7 +576,7 @@ nd6_ns_output_fib(struct ifnet *ifp, con
 	/*
 	 * Add a Nonce option (RFC 3971) to detect looped back NS messages.
 	 * This behavior is documented as Enhanced Duplicate Address
-	 * Detection in draft-ietf-6man-enhanced-dad-13.
+	 * Detection in RFC 7527.
 	 * net.inet6.ip6.dad_enhanced=0 disables this.
 	 */
 	if (V_dad_enhanced != 0 && nonce != NULL) {
@@ -1308,11 +1308,16 @@ nd6_dad_start(struct ifaddr *ifa, int de
 	}
 	if (ifa->ifa_ifp == NULL)
 		panic("nd6_dad_start: ifa->ifa_ifp == NULL");
-	if (!(ifa->ifa_ifp->if_flags & IFF_UP)) {
+	if (ND_IFINFO(ifa->ifa_ifp)->flags & ND6_IFF_NO_DAD) {
+		ia->ia6_flags &= ~IN6_IFF_TENTATIVE;
 		return;
 	}
-	if (ND_IFINFO(ifa->ifa_ifp)->flags & ND6_IFF_IFDISABLED)
+	if (!(ifa->ifa_ifp->if_flags & IFF_UP) ||
+	    !(ifa->ifa_ifp->if_drv_flags & IFF_DRV_RUNNING) ||
+	    (ND_IFINFO(ifa->ifa_ifp)->flags & ND6_IFF_IFDISABLED)) {
+		ia->ia6_flags |= IN6_IFF_TENTATIVE;
 		return;
+	}
 	if ((dp = nd6_dad_find(ifa, NULL)) != NULL) {
 		/* DAD already in progress */
 		nd6_dad_rele(dp);