network: add global setting for IPv6PrivacyExtensions=

Closes #28186.
author: Yu Watanabe <watanabe.yu+github@gmail.com> 2023-06-29 12:09:53 +0200
committer: Yu Watanabe <watanabe.yu+github@gmail.com> 2023-06-29 14:40:47 +0200
commit: 932ef6ecd45662b25bc5ce7f82b64db39289b216 (patch)
tree: b6907379756173af57beb5ab533e0abfd53a201a /src/network
parent: network: introduce IPV6_PRIVACY_EXTENSIONS_KERNEL enum value (diff)
download: systemd-932ef6ecd45662b25bc5ce7f82b64db39289b216.tar.xz
systemd-932ef6ecd45662b25bc5ce7f82b64db39289b216.zip
6 files changed, 16 insertions, 3 deletions
diff --git a/src/network/networkd-gperf.gperf b/src/network/networkd-gperf.gperf
index 8ed90f0e4b..8542ffa6b5 100644
--- a/src/network/networkd-gperf.gperf
+++ b/src/network/networkd-gperf.gperf
@@ -26,6 +26,7 @@ Network.SpeedMeterIntervalSec,           config_parse_sec,
 Network.ManageForeignRoutingPolicyRules, config_parse_bool,                      0,          offsetof(Manager, manage_foreign_rules)
 Network.ManageForeignRoutes,             config_parse_bool,                      0,          offsetof(Manager, manage_foreign_routes)
 Network.RouteTable,                      config_parse_route_table_names,         0,          0
+Network.IPv6PrivacyExtensions,           config_parse_ipv6_privacy_extensions,   0,          offsetof(Manager, ipv6_privacy_extensions)
 DHCPv4.DUIDType,                         config_parse_duid_type,                 0,          offsetof(Manager, dhcp_duid)
 DHCPv4.DUIDRawData,                      config_parse_duid_rawdata,              0,          offsetof(Manager, dhcp_duid)
 DHCPv6.DUIDType,                         config_parse_duid_type,                 0,          offsetof(Manager, dhcp6_duid)
diff --git a/src/network/networkd-manager.c b/src/network/networkd-manager.c
index 303b76c0c6..b6ba216eee 100644
--- a/src/network/networkd-manager.c
+++ b/src/network/networkd-manager.c
@@ -589,6 +589,7 @@ int manager_new(Manager **ret, bool test_mode) {
 
         *m = (Manager) {
                 .keep_configuration = _KEEP_CONFIGURATION_INVALID,
+                .ipv6_privacy_extensions = IPV6_PRIVACY_EXTENSIONS_NO,
                 .test_mode = test_mode,
                 .speed_meter_interval_usec = SPEED_METER_DEFAULT_TIME_INTERVAL,
                 .online_state = _LINK_ONLINE_STATE_INVALID,
diff --git a/src/network/networkd-manager.h b/src/network/networkd-manager.h
index c9cbcf9289..a27137a845 100644
--- a/src/network/networkd-manager.h
+++ b/src/network/networkd-manager.h
@@ -13,6 +13,7 @@
 #include "hashmap.h"
 #include "networkd-link.h"
 #include "networkd-network.h"
+#include "networkd-sysctl.h"
 #include "ordered-set.h"
 #include "set.h"
 #include "time-util.h"
@@ -29,6 +30,7 @@ struct Manager {
         int ethtool_fd;
 
         KeepConfiguration keep_configuration;
+        IPv6PrivacyExtensions ipv6_privacy_extensions;
 
         bool test_mode;
         bool enumerating;
diff --git a/src/network/networkd-network.c b/src/network/networkd-network.c
index 9a0511eeef..7eef3d5b52 100644
--- a/src/network/networkd-network.c
+++ b/src/network/networkd-network.c
@@ -467,7 +467,7 @@ int network_load_one(Manager *manager, OrderedHashmap **networks, const char *fi
 
                 .ipv4_accept_local = -1,
                 .ipv4_route_localnet = -1,
-                .ipv6_privacy_extensions = IPV6_PRIVACY_EXTENSIONS_NO,
+                .ipv6_privacy_extensions = _IPV6_PRIVACY_EXTENSIONS_INVALID,
                 .ipv6_dad_transmits = -1,
                 .ipv6_hop_limit = -1,
                 .ipv6_proxy_ndp = -1,
diff --git a/src/network/networkd-sysctl.c b/src/network/networkd-sysctl.c
index 729bd68dab..7c9a83ba57 100644
--- a/src/network/networkd-sysctl.c
+++ b/src/network/networkd-sysctl.c
@@ -5,6 +5,7 @@
 
 #include "missing_network.h"
 #include "networkd-link.h"
+#include "networkd-manager.h"
 #include "networkd-network.h"
 #include "networkd-sysctl.h"
 #include "socket-util.h"
@@ -89,7 +90,10 @@ static int link_set_ipv6_forward(Link *link) {
 }
 
 static int link_set_ipv6_privacy_extensions(Link *link) {
+        IPv6PrivacyExtensions val;
+
         assert(link);
+        assert(link->manager);
 
         if (!socket_ipv6_is_supported())
                 return 0;
@@ -100,11 +104,15 @@ static int link_set_ipv6_privacy_extensions(Link *link) {
         if (!link->network)
                 return 0;
 
+        val = link->network->ipv6_privacy_extensions;
+        if (val < 0) /* If not specified, then use the global setting. */
+                val = link->manager->ipv6_privacy_extensions;
+
         /* When "kernel", do not update the setting. */
-        if (link->network->ipv6_privacy_extensions == IPV6_PRIVACY_EXTENSIONS_KERNEL)
+        if (val == IPV6_PRIVACY_EXTENSIONS_KERNEL)
                 return 0;
 
-        return sysctl_write_ip_property_int(AF_INET6, link->ifname, "use_tempaddr", (int) link->network->ipv6_privacy_extensions);
+        return sysctl_write_ip_property_int(AF_INET6, link->ifname, "use_tempaddr", (int) val);
 }
 
 static int link_set_ipv6_accept_ra(Link *link) {
diff --git a/src/network/networkd.conf b/src/network/networkd.conf
index 38dc9f1f79..f2c0790d87 100644
--- a/src/network/networkd.conf
+++ b/src/network/networkd.conf
@@ -18,6 +18,7 @@
 #ManageForeignRoutingPolicyRules=yes
 #ManageForeignRoutes=yes
 #RouteTable=
+#IPv6PrivacyExtensions=no
 
 [DHCPv4]
 #DUIDType=vendor
author	Yu Watanabe <watanabe.yu+github@gmail.com>	2023-06-29 12:09:53 +0200
committer	Yu Watanabe <watanabe.yu+github@gmail.com>	2023-06-29 14:40:47 +0200
commit	932ef6ecd45662b25bc5ce7f82b64db39289b216 (patch)
tree	b6907379756173af57beb5ab533e0abfd53a201a /src/network
parent	network: introduce IPV6_PRIVACY_EXTENSIONS_KERNEL enum value (diff)
download	systemd-932ef6ecd45662b25bc5ce7f82b64db39289b216.tar.xz systemd-932ef6ecd45662b25bc5ce7f82b64db39289b216.zip