Backport upstream commit https://github.com/thom311/libnl/commit/000dd945b6bc9e53e234901cf42ed40450981f96
This adds support to libnl3 to access the "IPv6 link local address generation mode" of a link.
This is needed by NetworkManager.
NetworkManager always sets IFF_UP of its interfaces to get carrier detection. However, this normally would also add an IPv6 link local address, which is a security issue. Therefore NM sets disable_ipv6=1 to disable IPv6 altogether. ... which however brings other problems (bug 1083133, bug 1098319).
Kernel adds a new mode to disable IPv6 link local addresses selectively (bug 1107369).
NetworkManager needs the libnl3 patches to make use of the new kernel functionality. This will allow NetworkManager to IFF_UP the device, without need to disable_ipv6 entirely (but kernel still not creating a link local address).
Created attachment 928879 [details]
[patch] backport to dist-git rhel-7.1
patch for dist-git, rhel-7.1 branch
Scratch build here:
(In reply to Thomas Haller from comment #2)
> Created attachment 928879 [details]
> [patch] backport to dist-git rhel-7.1
> patch for dist-git, rhel-7.1 branch
> Scratch build here:
The patch itself looks good, but you'll need:
+autoreconf -i --force
since we're building from a tarball, it's already got Makefile.in generated, but we've just modified Makefile.am in the patch, so we need to regenerate Makefile.in, which requires the autoreconf.
Created attachment 928904 [details]
[patch v2] backport to dist-git rhel-7.1
Fix previous patch, now calling `autoreconf`
New scratch build: http://brewweb.devel.redhat.com/brew/taskinfo?taskID=7864161
Created attachment 928905 [details]
[patch v3] backport to dist-git rhel-7.1
Previous patch still had an issue.
New scratch build: https://brewweb.devel.redhat.com/taskinfo?taskID=7864220
Ok, so fast? got declined and the PM + QE flags got cleared. Need them again...
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.