diff mbox

ipv6: make the net.ipv6.conf.all.use_tempaddr sysctl propagate to interface settings

Message ID 1323879006.3792.16.camel@gaea.(null)
State New
Headers show

Commit Message

Mathieu Trudel-Lapierre Dec. 14, 2011, 4:10 p.m. UTC 
Hi,

We're trying to enable IPv6 privacy extensions by default in Ubuntu, and
I've noticed issues applying the sysctl settings: applying
net.ipv6.conf.all.use_tempaddr which I'd expect, readying docs, to be
propagated to the underlying interface-specific settings (e.g.
net.ipv6.conf.eth0.use_tempaddr) for already-available interfaces; which
does not work.

Ideally at boot-time, one would only need to set the following settings:
net.ipv6.conf.all.use_tempaddr   (to modify already-up/added interfaces)
net.ipv6.conf.default.use_tempaddr (for future new interfaces)

I wrote the attached patch which appears to correctly set the value of
net.ipv6.conf.all.use_tempaddr on the interfaces when changed. I would
be very grateful if I could get some review on that patch before
submitting it upstream.

It seems as though the issue is generally reproduced for most of the
other ipv6 settings, and my reading of
Documentation/networking/ip-sysctls.txt and net/ipv6/Kconfig (the help
entry for IPV6_PRIVACY), but I'm concentrating on just use_tempaddr
which is something we'd really need to make work.

For more information about these issues, I found
https://otrs.menandmice.com/otrs/public.pl?Action=PublicFAQ&ItemID=91
which also links two bugzilla.kernel.org bugs (which I unfortunately
can't reach). It's also been discussed in the past on netdev
(http://markmail.org/thread/pxw4o7p2k3xn5vh3#query:+page:1
+mid:pxw4o7p2k3xn5vh3+state:results ) and on debian-kernel (can't find
the thread again).

Please keep me in CC; I'm not subscribed to this list.

Regards,

--
Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com>
Freenode: cyphermox, Jabber: mathieu.tl@gmail.com
4096R/EE018C93 1967 8F7D 03A1 8F38 732E  FF82 C126 33E1 EE01 8C93

Comments

Tim Gardner Dec. 15, 2011, 5:20 p.m. UTC | #1 
On 12/14/2011 09:10 AM, Mathieu Trudel-Lapierre wrote:
> Hi,
>
> We're trying to enable IPv6 privacy extensions by default in Ubuntu, and
> I've noticed issues applying the sysctl settings: applying
> net.ipv6.conf.all.use_tempaddr which I'd expect, readying docs, to be
> propagated to the underlying interface-specific settings (e.g.
> net.ipv6.conf.eth0.use_tempaddr) for already-available interfaces; which
> does not work.
>
> Ideally at boot-time, one would only need to set the following settings:
> net.ipv6.conf.all.use_tempaddr   (to modify already-up/added interfaces)
> net.ipv6.conf.default.use_tempaddr (for future new interfaces)
>
> I wrote the attached patch which appears to correctly set the value of
> net.ipv6.conf.all.use_tempaddr on the interfaces when changed. I would
> be very grateful if I could get some review on that patch before
> submitting it upstream.
>
> It seems as though the issue is generally reproduced for most of the
> other ipv6 settings, and my reading of
> Documentation/networking/ip-sysctls.txt and net/ipv6/Kconfig (the help
> entry for IPV6_PRIVACY), but I'm concentrating on just use_tempaddr
> which is something we'd really need to make work.
>
> For more information about these issues, I found
> https://otrs.menandmice.com/otrs/public.pl?Action=PublicFAQ&ItemID=91
> which also links two bugzilla.kernel.org bugs (which I unfortunately
> can't reach). It's also been discussed in the past on netdev
> (http://markmail.org/thread/pxw4o7p2k3xn5vh3#query:+page:1
> +mid:pxw4o7p2k3xn5vh3+state:results ) and on debian-kernel (can't find
> the thread again).
>
> Please keep me in CC; I'm not subscribed to this list.
>
> Regards,
>
> --
> Mathieu Trudel-Lapierre<mathieu.trudel-lapierre@canonical.com>
> Freenode: cyphermox, Jabber: mathieu.tl@gmail.com
> 4096R/EE018C93 1967 8F7D 03A1 8F38 732E  FF82 C126 33E1 EE01 8C93
>

What kernel is this supposed to apply to?
Mathieu Trudel-Lapierre Dec. 15, 2011, 7:10 p.m. UTC | #2 
On Thu, Dec 15, 2011 at 12:20 PM, Tim Gardner <tim.gardner@canonical.com> wrote:
> What kernel is this supposed to apply to?

It was made against 3.2.0-4.10 (using ubuntu-precise.git) and tested
against Linus' linux-2.6.git. Turns out the patch was mangled by my
email client, so I've put it on
http://people.ubuntu.com/~mathieu-tl/0001-ipv6-make-the-net.ipv6.conf.all.use_tempaddr-sysctl-.patch
.

Mathieu Trudel-Lapierre <mathieu-tl@ubuntu.com>
Freenode: cyphermox, Jabber: mathieu.tl@gmail.com
4096R/EE018C93 1967 8F7D 03A1 8F38 732E  FF82 C126 33E1 EE01 8C93
Leann Ogasawara Dec. 16, 2011, 4:23 p.m. UTC | #3 
On Wed, 2011-12-14 at 11:10 -0500, Mathieu Trudel-Lapierre wrote:
> Hi,
> 
> We're trying to enable IPv6 privacy extensions by default in Ubuntu, and
> I've noticed issues applying the sysctl settings: applying
> net.ipv6.conf.all.use_tempaddr which I'd expect, readying docs, to be
> propagated to the underlying interface-specific settings (e.g.
> net.ipv6.conf.eth0.use_tempaddr) for already-available interfaces; which
> does not work.
> 
> Ideally at boot-time, one would only need to set the following settings:
> net.ipv6.conf.all.use_tempaddr   (to modify already-up/added interfaces)
> net.ipv6.conf.default.use_tempaddr (for future new interfaces)
> 
> I wrote the attached patch which appears to correctly set the value of
> net.ipv6.conf.all.use_tempaddr on the interfaces when changed. I would
> be very grateful if I could get some review on that patch before
> submitting it upstream.
> 
> It seems as though the issue is generally reproduced for most of the
> other ipv6 settings, and my reading of
> Documentation/networking/ip-sysctls.txt and net/ipv6/Kconfig (the help
> entry for IPV6_PRIVACY), but I'm concentrating on just use_tempaddr
> which is something we'd really need to make work.
> 
> For more information about these issues, I found
> https://otrs.menandmice.com/otrs/public.pl?Action=PublicFAQ&ItemID=91
> which also links two bugzilla.kernel.org bugs (which I unfortunately
> can't reach).

Hi Mathieu,

So I did some investigation and was able to uncover the following
information from one of the bugzilla.kernel.org bugs (11655) you were
unable to reach:

http://kerneltrap.org/mailarchive/linux-netdev/2008/10/3/3495284/thread

Highlights include:

http://kerneltrap.org/mailarchive/linux-netdev/2008/10/13/3628434

From Dave Miller:
"Not a bug.

These "global" setting have to be set to the desired value before the
device is created.  And it is at creation time that these global
values are "inherited" by the device.

Afterwards changes to the global value will not propagate to those
devices again, because that might override a changed setting made
by the user.

It is only newly created devices which get these values."

http://kerneltrap.org/mailarchive/linux-netdev/2008/10/13/3631594

From bug reporter:
"I understand you are talking about /proc/sys/net/ipv6/conf/default/*
controls. If so, it's ok, but I talked
about /proc/sys/net/ipv6/conf/all/*
controls. Documentation/networking/ip-sysctl.txt says:

    conf/default/*:
	    Change the interface-specific default settings.


    conf/all/*:
	    Change all the interface-specific settings.

so what is the difference between default and all in the context of your
statement? In my opinion, it could be understood that default settings
are inherited and those from "all" directory change values for all
current devices.
"

http://kerneltrap.org/mailarchive/linux-netdev/2008/10/13/3639704

From Dave Miller:
"Unfortunately not all "all" knobs are treated universally, only some
of them all.

If you grep for "devconf_all" under net/ipv6 you'll see which ones
get used and in what manner.

Of course, we'll need to tweak either the docs or the implementation
to match :-)"

=======

Reading the above thread I would assume this is intended behavior and
that the documentation needs updating.  However, it can't hurt sending
your patch upstream.  The worst that can happen is it gets Nack'd.  I
would like to see this clarified with upstream before we consider
carrying this in our tree.

Thanks,
Leann

>  It's also been discussed in the past on netdev
> (http://markmail.org/thread/pxw4o7p2k3xn5vh3#query:+page:1
> +mid:pxw4o7p2k3xn5vh3+state:results ) and on debian-kernel (can't find
> the thread again).
> 
> Please keep me in CC; I'm not subscribed to this list.
> 
> Regards,
> 
> --
> Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com>
> Freenode: cyphermox, Jabber: mathieu.tl@gmail.com
> 4096R/EE018C93 1967 8F7D 03A1 8F38 732E  FF82 C126 33E1 EE01 8C93
Stéphane Graber Dec. 16, 2011, 7:22 p.m. UTC | #4 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 12/16/2011 11:23 AM, Leann Ogasawara wrote:
> On Wed, 2011-12-14 at 11:10 -0500, Mathieu Trudel-Lapierre wrote:
>> Hi,
>> 
>> We're trying to enable IPv6 privacy extensions by default in 
>> Ubuntu, and I've noticed issues applying the sysctl settings: 
>> applying net.ipv6.conf.all.use_tempaddr which I'd expect, 
>> readying docs, to be propagated to the underlying 
>> interface-specific settings (e.g. 
>> net.ipv6.conf.eth0.use_tempaddr) for already-available 
>> interfaces; which does not work.
>> 
>> Ideally at boot-time, one would only need to set the following 
>> settings: net.ipv6.conf.all.use_tempaddr   (to modify 
>> already-up/added interfaces) net.ipv6.conf.default.use_tempaddr 
>> (for future new interfaces)
>> 
>> I wrote the attached patch which appears to correctly set the 
>> value of net.ipv6.conf.all.use_tempaddr on the interfaces when 
>> changed. I would be very grateful if I could get some review on 
>> that patch before submitting it upstream.
>> 
>> It seems as though the issue is generally reproduced for most of 
>> the other ipv6 settings, and my reading of 
>> Documentation/networking/ip-sysctls.txt and net/ipv6/Kconfig
>> (the help entry for IPV6_PRIVACY), but I'm concentrating on just 
>> use_tempaddr which is something we'd really need to make work.
>> 
>> For more information about these issues, I found 
>> https://otrs.menandmice.com/otrs/public.pl?Action=PublicFAQ&ItemID=91
>>
>>
>> 
which also links two bugzilla.kernel.org bugs (which I unfortunately
>> can't reach).
> 
> Hi Mathieu,
> 
> So I did some investigation and was able to uncover the following 
> information from one of the bugzilla.kernel.org bugs (11655) you 
> were unable to reach:
> 
> http://kerneltrap.org/mailarchive/linux-netdev/2008/10/3/3495284/thread
>
>
> 
Highlights include:
> 
> http://kerneltrap.org/mailarchive/linux-netdev/2008/10/13/3628434
> 
> From Dave Miller: "Not a bug.
> 
> These "global" setting have to be set to the desired value before 
> the device is created.  And it is at creation time that these 
> global values are "inherited" by the device.
> 
> Afterwards changes to the global value will not propagate to those
>  devices again, because that might override a changed setting made
>  by the user.
> 
> It is only newly created devices which get these values."
> 
> http://kerneltrap.org/mailarchive/linux-netdev/2008/10/13/3631594
> 
> From bug reporter: "I understand you are talking about 
> /proc/sys/net/ipv6/conf/default/* controls. If so, it's ok, but I 
> talked about /proc/sys/net/ipv6/conf/all/* controls. 
> Documentation/networking/ip-sysctl.txt says:
> 
> conf/default/*: Change the interface-specific default settings.
> 
> 
> conf/all/*: Change all the interface-specific settings.
> 
> so what is the difference between default and all in the context
> of your statement? In my opinion, it could be understood that
> default settings are inherited and those from "all" directory
> change values for all current devices. "
> 
> http://kerneltrap.org/mailarchive/linux-netdev/2008/10/13/3639704
> 
> From Dave Miller: "Unfortunately not all "all" knobs are treated 
> universally, only some of them all.
> 
> If you grep for "devconf_all" under net/ipv6 you'll see which ones
>  get used and in what manner.
> 
> Of course, we'll need to tweak either the docs or the 
> implementation to match :-)"
> 
> =======
> 
> Reading the above thread I would assume this is intended behavior 
> and that the documentation needs updating.  However, it can't hurt 
> sending your patch upstream.  The worst that can happen is it gets 
> Nack'd.  I would like to see this clarified with upstream before
> we consider carrying this in our tree.
> 
> Thanks, Leann
> 
>> It's also been discussed in the past on netdev 
>> (http://markmail.org/thread/pxw4o7p2k3xn5vh3#query:+page:1 
>> +mid:pxw4o7p2k3xn5vh3+state:results ) and on debian-kernel
>> (can't find the thread again).
>> 
>> Please keep me in CC; I'm not subscribed to this list.
>> 
>> Regards,
>> 
>> -- Mathieu Trudel-Lapierre 
>> <mathieu.trudel-lapierre@canonical.com> Freenode: cyphermox, 
>> Jabber: mathieu.tl@gmail.com 4096R/EE018C93 1967 8F7D 03A1 8F38 
>> 732E  FF82 C126 33E1 EE01 8C93


Hmm, should Mathieu's patch be rejected upstream, what do you suggest
we do in Ubuntu to change that setting?
Should we propose another kernel patch that'd be Ubuntu-specific and
change the hardcoded default for privacy extensions?

Just saying that /all is basically identical to /default and should be
changed before the interface appears isn't really going to help as our
sysctls are pretty much always applied after the cards appeared (we
even noticed that in some cases we are applying them too early :)).

In all cases, I agree that this should definitely be clarified as
having /all not applying to all interfaces is utterly confusing...


The initial target for privacy extensions by default was alpha-1 as we
wanted to get as much feedback from users as possible.
We currently ship a sysctl config for this but it obviously doesn't
apply to all our users so doesn't quite give us the feedback we
originally wanted.

- -- 
Stéphane Graber
Ubuntu developer
http://www.ubuntu.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCgAGBQJO65qSAAoJEMY4l01keS1nDj0P/A3I+2I00C2vZkNIi5GwPkKj
/feNuoev2TXUUiKDCkK4j3up67VkjRZqHkvgIaohnf7Dj1U31SexlRHDYFREmlIj
TFYtIg/yTbiWD3ipblFxqLYXdD3f262KbjqquIuv+zgunnrGcd1mk1UwZsoS8xPq
EHzngr5ZiYvqftv4r9aF4xjAK/Yrtvo69dYS62q5iaSl/rNzvLJhIbSLHqCpx1Ad
XA/eIkD6s29ShzoJQki2t9gRDpSvqgIy9AW75uRq4ovDMGu9lu3XR1Z7UYsjpXmY
n+hzpDoHhn3iev764Nmg/XrPpIm+O3S/eImCLXpce4eIW65GFMSPdvrif9qfPqo7
id7fXChG9O68jKuGPUgT4BwsUcByw1q+y3Ag4RoGV/J1EMIBeboxG1biz4wBNuBL
CMYA3Gmwt/mjNYfolyGHTJjHVmQ3/n7gOEzdKVpvdvtJRQAwnB3xcfb2cCMy51xG
fj4+aGCVFDcbCV4KWNwo1i+JJztr8g/xiRzD7dbVWgx8tkm1IDL+7dp1Xaui2JYn
FtrCphhwDJIoyd8fqfTpothLMZ/xryv0kV7nOcpR+unctaFsnjWGbFRXc/IstrS3
MtmfFgcqXniJcxMv0xwa+qFW2oGB56jAP+C97WnB4tAaRjWYj7ycJrtIhJ+RHV0Q
JcG9hN3EgSePvUJ8qe/J
=NHyX
-----END PGP SIGNATURE-----
Leann Ogasawara Dec. 16, 2011, 9:03 p.m. UTC | #5 
On Fri, 2011-12-16 at 14:22 -0500, Stéphane Graber wrote:
> On 12/16/2011 11:23 AM, Leann Ogasawara wrote:
> > On Wed, 2011-12-14 at 11:10 -0500, Mathieu Trudel-Lapierre wrote:
> >> Hi,
> >> 
> >> We're trying to enable IPv6 privacy extensions by default in 
> >> Ubuntu, and I've noticed issues applying the sysctl settings: 
> >> applying net.ipv6.conf.all.use_tempaddr which I'd expect, 
> >> readying docs, to be propagated to the underlying 
> >> interface-specific settings (e.g. 
> >> net.ipv6.conf.eth0.use_tempaddr) for already-available 
> >> interfaces; which does not work.
> >> 
> >> Ideally at boot-time, one would only need to set the following 
> >> settings: net.ipv6.conf.all.use_tempaddr   (to modify 
> >> already-up/added interfaces) net.ipv6.conf.default.use_tempaddr 
> >> (for future new interfaces)
> >> 
> >> I wrote the attached patch which appears to correctly set the 
> >> value of net.ipv6.conf.all.use_tempaddr on the interfaces when 
> >> changed. I would be very grateful if I could get some review on 
> >> that patch before submitting it upstream.
> >> 
> >> It seems as though the issue is generally reproduced for most of 
> >> the other ipv6 settings, and my reading of 
> >> Documentation/networking/ip-sysctls.txt and net/ipv6/Kconfig
> >> (the help entry for IPV6_PRIVACY), but I'm concentrating on just 
> >> use_tempaddr which is something we'd really need to make work.
> >> 
> >> For more information about these issues, I found 
> >> https://otrs.menandmice.com/otrs/public.pl?Action=PublicFAQ&ItemID=91
> >>
> >>
> >> 
> which also links two bugzilla.kernel.org bugs (which I unfortunately
> >> can't reach).
> > 
> > Hi Mathieu,
> > 
> > So I did some investigation and was able to uncover the following 
> > information from one of the bugzilla.kernel.org bugs (11655) you 
> > were unable to reach:
> > 
> > http://kerneltrap.org/mailarchive/linux-netdev/2008/10/3/3495284/thread
> >
> >
> > 
> Highlights include:
> > 
> > http://kerneltrap.org/mailarchive/linux-netdev/2008/10/13/3628434
> > 
> > From Dave Miller: "Not a bug.
> > 
> > These "global" setting have to be set to the desired value before 
> > the device is created.  And it is at creation time that these 
> > global values are "inherited" by the device.
> > 
> > Afterwards changes to the global value will not propagate to those
> >  devices again, because that might override a changed setting made
> >  by the user.
> > 
> > It is only newly created devices which get these values."
> > 
> > http://kerneltrap.org/mailarchive/linux-netdev/2008/10/13/3631594
> > 
> > From bug reporter: "I understand you are talking about 
> > /proc/sys/net/ipv6/conf/default/* controls. If so, it's ok, but I 
> > talked about /proc/sys/net/ipv6/conf/all/* controls. 
> > Documentation/networking/ip-sysctl.txt says:
> > 
> > conf/default/*: Change the interface-specific default settings.
> > 
> > 
> > conf/all/*: Change all the interface-specific settings.
> > 
> > so what is the difference between default and all in the context
> > of your statement? In my opinion, it could be understood that
> > default settings are inherited and those from "all" directory
> > change values for all current devices. "
> > 
> > http://kerneltrap.org/mailarchive/linux-netdev/2008/10/13/3639704
> > 
> > From Dave Miller: "Unfortunately not all "all" knobs are treated 
> > universally, only some of them all.
> > 
> > If you grep for "devconf_all" under net/ipv6 you'll see which ones
> >  get used and in what manner.
> > 
> > Of course, we'll need to tweak either the docs or the 
> > implementation to match :-)"
> > 
> > =======
> > 
> > Reading the above thread I would assume this is intended behavior 
> > and that the documentation needs updating.  However, it can't hurt 
> > sending your patch upstream.  The worst that can happen is it gets 
> > Nack'd.  I would like to see this clarified with upstream before
> > we consider carrying this in our tree.
> > 
> > Thanks, Leann
> > 
> >> It's also been discussed in the past on netdev 
> >> (http://markmail.org/thread/pxw4o7p2k3xn5vh3#query:+page:1 
> >> +mid:pxw4o7p2k3xn5vh3+state:results ) and on debian-kernel
> >> (can't find the thread again).
> >> 
> >> Please keep me in CC; I'm not subscribed to this list.
> >> 
> >> Regards,
> >> 
> >> -- Mathieu Trudel-Lapierre 
> >> <mathieu.trudel-lapierre@canonical.com> Freenode: cyphermox, 
> >> Jabber: mathieu.tl@gmail.com 4096R/EE018C93 1967 8F7D 03A1 8F38 
> >> 732E  FF82 C126 33E1 EE01 8C93
> 
> 
> Hmm, should Mathieu's patch be rejected upstream, what do you suggest
> we do in Ubuntu to change that setting?
> Should we propose another kernel patch that'd be Ubuntu-specific and
> change the hardcoded default for privacy extensions?

Lets wait and see what feedback we get from upstream.  That way we can
make an educated decision on how we should proceed.  From our point of
view, we really prefer to not have to deviate from upstream where
possible.

> Just saying that /all is basically identical to /default and should be
> changed before the interface appears isn't really going to help as our
> sysctls are pretty much always applied after the cards appeared (we
> even noticed that in some cases we are applying them too early :)).
> 
> In all cases, I agree that this should definitely be clarified as
> having /all not applying to all interfaces is utterly confusing...

I believe Mathieu has already started this conversation with upstream
[1].  It unfortunately appears he has not received a response.  I
mentioned to him on IRC that he should just send his patch as it's more
likely to get a response and should hopefully provide the clarification
he's looking for.

Thanks,
Leann

[1] http://marc.info/?l=linux-netdev&m=132285083905998&w=2
diff mbox

Patch

From 86c5ce47c44c27f9147e095a448cb56b73453276 Mon Sep 17 00:00:00 2001
From: Mathieu Trudel-Lapierre <mathieu.trudel-lapierre@canonical.com>
Date: Wed, 14 Dec 2011 10:09:13 -0500
Subject: [PATCH] ipv6: make the net.ipv6.conf.all.use_tempaddr sysctl
 propagate to interface settings

The description for IPV6_PRIVACY mentions using .../all/use_tempaddr to enable
IPv6 Privacy Extensions, and IP sysctl documentation mentions 'all' as setting
all interface-specific settings. We make sure at least use_tempaddr actually
works as documented.
---
 net/ipv6/addrconf.c |   77 ++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 files changed, 76 insertions(+), 1 deletions(-)

diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index cf88df8..4a84a05 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -4340,6 +4340,81 @@  int addrconf_sysctl_disable(ctl_table *ctl, int write,
 	return ret;
 }
 
+#ifdef CONFIG_IPV6_PRIVACY
+static void dev_tempaddr_change(struct inet6_dev *idev)
+{
+	if (!idev || !idev->dev)
+		return;
+
+	if (idev->cnf.disable_ipv6)
+		addrconf_notify(NULL, NETDEV_DOWN, idev->dev);
+	else
+		addrconf_notify(NULL, NETDEV_UP, idev->dev);
+}
+
+static void addrconf_tempaddr_change(struct net *net, __s32 newf)
+{
+	struct net_device *dev;
+	struct inet6_dev *idev;
+
+	rcu_read_lock();
+	for_each_netdev_rcu(net, dev) {
+		idev = __in6_dev_get(dev);
+		if (idev) {
+			int changed = (!idev->cnf.use_tempaddr) ^ (!newf);
+			idev->cnf.use_tempaddr = newf;
+			if (changed)
+				dev_tempaddr_change(idev);
+		}
+	}
+	rcu_read_unlock();
+}
+
+static int addrconf_use_tempaddr(struct ctl_table *table, int *p, int old)
+{
+	struct net *net;
+
+	net = (struct net *)table->extra2;
+
+	if (p == &net->ipv6.devconf_dflt->use_tempaddr)
+		return 0;
+
+	if (!rtnl_trylock()) {
+		/* Restore the original values before restarting */
+		*p = old;
+		return restart_syscall();
+	}
+
+	if (p == &net->ipv6.devconf_all->use_tempaddr) {
+		__s32 newf = net->ipv6.devconf_all->use_tempaddr;
+		net->ipv6.devconf_dflt->use_tempaddr = newf;
+		addrconf_tempaddr_change(net, newf);
+	} else if ((!*p) ^ (!old))
+		dev_tempaddr_change((struct inet6_dev *)table->extra1);
+
+	rtnl_unlock();
+	return 0;
+}
+
+static
+int addrconf_sysctl_tempaddr(ctl_table *ctl, int write,
+			     void __user *buffer, size_t *lenp, loff_t *ppos)
+{
+	int *valp = ctl->data;
+	int val = *valp;
+	loff_t pos = *ppos;
+	int ret;
+	
+	ret = proc_dointvec(ctl, write, buffer, lenp, ppos);
+
+	if (write)
+		ret = addrconf_use_tempaddr(ctl, valp, val);
+	if (ret)
+		*ppos = pos;
+	return ret;
+}
+#endif
+
 static struct addrconf_sysctl_table
 {
 	struct ctl_table_header *sysctl_header;
@@ -4431,7 +4506,7 @@  static struct addrconf_sysctl_table
 			.data		= &ipv6_devconf.use_tempaddr,
 			.maxlen		= sizeof(int),
 			.mode		= 0644,
-			.proc_handler	= proc_dointvec,
+			.proc_handler	= addrconf_sysctl_tempaddr,
 		},
 		{
 			.procname	= "temp_valid_lft",
-- 
1.7.7.3