| From bc0b40b266731be60d95214c11e8cb25ff72fa5d Mon Sep 17 00:00:00 2001 |
| From: Romain Francoise <romain@orebokech.com> |
| Date: Mon, 17 Jan 2011 07:59:18 +0000 |
| Subject: [PATCH] ipv6: Silence privacy extensions initialization |
| |
| commit 2fdc1c8093255f9da877d7b9ce3f46c2098377dc upstream. |
| |
| When a network namespace is created (via CLONE_NEWNET), the loopback |
| interface is automatically added to the new namespace, triggering a |
| printk in ipv6_add_dev() if CONFIG_IPV6_PRIVACY is set. |
| |
| This is problematic for applications which use CLONE_NEWNET as |
| part of a sandbox, like Chromium's suid sandbox or recent versions of |
| vsftpd. On a busy machine, it can lead to thousands of useless |
| "lo: Disabled Privacy Extensions" messages appearing in dmesg. |
| |
| It's easy enough to check the status of privacy extensions via the |
| use_tempaddr sysctl, so just removing the printk seems like the most |
| sensible solution. |
| |
| Signed-off-by: Romain Francoise <romain@orebokech.com> |
| Signed-off-by: David S. Miller <davem@davemloft.net> |
| Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com> |
| |
| diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c |
| index 844ffc5..34ad669 100644 |
| --- a/net/ipv6/addrconf.c |
| +++ b/net/ipv6/addrconf.c |
| @@ -408,9 +408,6 @@ static struct inet6_dev * ipv6_add_dev(struct net_device *dev) |
| dev->type == ARPHRD_TUNNEL6 || |
| dev->type == ARPHRD_SIT || |
| dev->type == ARPHRD_NONE) { |
| - printk(KERN_INFO |
| - "%s: Disabled Privacy Extensions\n", |
| - dev->name); |
| ndev->cnf.use_tempaddr = -1; |
| } else { |
| in6_dev_hold(ndev); |
| -- |
| 1.7.7 |
| |
