CoCalc -- sysctl_net

GitHub Repository: awilliam/linux-vfio
Path: blob/master/net/ipv4/sysctl_net_ipv4.c
¹⁵¹⁰⁹ views
1
/*
2
 * sysctl_net_ipv4.c: sysctl interface to net IPV4 subsystem.
3
 *
4
 * Begun April 1, 1996, Mike Shaver.
5
 * Added /proc/sys/net/ipv4 directory entry (empty =) ). [MS]
6
 */
7

8
#include <linux/mm.h>
9
#include <linux/module.h>
10
#include <linux/sysctl.h>
11
#include <linux/igmp.h>
12
#include <linux/inetdevice.h>
13
#include <linux/seqlock.h>
14
#include <linux/init.h>
15
#include <linux/slab.h>
16
#include <linux/nsproxy.h>
17
#include <net/snmp.h>
18
#include <net/icmp.h>
19
#include <net/ip.h>
20
#include <net/route.h>
21
#include <net/tcp.h>
22
#include <net/udp.h>
23
#include <net/cipso_ipv4.h>
24
#include <net/inet_frag.h>
25
#include <net/ping.h>
26

27
static int zero;
28
static int tcp_retr1_max = 255;
29
static int ip_local_port_range_min[] = { 1, 1 };
30
static int ip_local_port_range_max[] = { 65535, 65535 };
31
static int tcp_adv_win_scale_min = -31;
32
static int tcp_adv_win_scale_max = 31;
33
static int ip_ttl_min = 1;
34
static int ip_ttl_max = 255;
35
static int ip_ping_group_range_min[] = { 0, 0 };
36
static int ip_ping_group_range_max[] = { GID_T_MAX, GID_T_MAX };
37

38
/* Update system visible IP port range */
39
static void set_local_port_range(int range[2])
40
{
41
	write_seqlock(&sysctl_local_ports.lock);
42
	sysctl_local_ports.range[0] = range[0];
43
	sysctl_local_ports.range[1] = range[1];
44
	write_sequnlock(&sysctl_local_ports.lock);
45
}
46

47
/* Validate changes from /proc interface. */
48
static int ipv4_local_port_range(ctl_table *table, int write,
49
				 void __user *buffer,
50
				 size_t *lenp, loff_t *ppos)
51
{
52
	int ret;
53
	int range[2];
54
	ctl_table tmp = {
55
		.data = &range,
56
		.maxlen = sizeof(range),
57
		.mode = table->mode,
58
		.extra1 = &ip_local_port_range_min,
59
		.extra2 = &ip_local_port_range_max,
60
	};
61

62
	inet_get_local_port_range(range, range + 1);
63
	ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
64

65
	if (write && ret == 0) {
66
		if (range[1] < range[0])
67
			ret = -EINVAL;
68
		else
69
			set_local_port_range(range);
70
	}
71

72
	return ret;
73
}
74

75

76
void inet_get_ping_group_range_table(struct ctl_table *table, gid_t *low, gid_t *high)
77
{
78
	gid_t *data = table->data;
79
	unsigned seq;
80
	do {
81
		seq = read_seqbegin(&sysctl_local_ports.lock);
82

83
		*low = data[0];
84
		*high = data[1];
85
	} while (read_seqretry(&sysctl_local_ports.lock, seq));
86
}
87

88
/* Update system visible IP port range */
89
static void set_ping_group_range(struct ctl_table *table, int range[2])
90
{
91
	gid_t *data = table->data;
92
	write_seqlock(&sysctl_local_ports.lock);
93
	data[0] = range[0];
94
	data[1] = range[1];
95
	write_sequnlock(&sysctl_local_ports.lock);
96
}
97

98
/* Validate changes from /proc interface. */
99
static int ipv4_ping_group_range(ctl_table *table, int write,
100
				 void __user *buffer,
101
				 size_t *lenp, loff_t *ppos)
102
{
103
	int ret;
104
	gid_t range[2];
105
	ctl_table tmp = {
106
		.data = &range,
107
		.maxlen = sizeof(range),
108
		.mode = table->mode,
109
		.extra1 = &ip_ping_group_range_min,
110
		.extra2 = &ip_ping_group_range_max,
111
	};
112

113
	inet_get_ping_group_range_table(table, range, range + 1);
114
	ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
115

116
	if (write && ret == 0)
117
		set_ping_group_range(table, range);
118

119
	return ret;
120
}
121

122
static int proc_tcp_congestion_control(ctl_table *ctl, int write,
123
				       void __user *buffer, size_t *lenp, loff_t *ppos)
124
{
125
	char val[TCP_CA_NAME_MAX];
126
	ctl_table tbl = {
127
		.data = val,
128
		.maxlen = TCP_CA_NAME_MAX,
129
	};
130
	int ret;
131

132
	tcp_get_default_congestion_control(val);
133

134
	ret = proc_dostring(&tbl, write, buffer, lenp, ppos);
135
	if (write && ret == 0)
136
		ret = tcp_set_default_congestion_control(val);
137
	return ret;
138
}
139

140
static int proc_tcp_available_congestion_control(ctl_table *ctl,
141
						 int write,
142
						 void __user *buffer, size_t *lenp,
143
						 loff_t *ppos)
144
{
145
	ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX, };
146
	int ret;
147

148
	tbl.data = kmalloc(tbl.maxlen, GFP_USER);
149
	if (!tbl.data)
150
		return -ENOMEM;
151
	tcp_get_available_congestion_control(tbl.data, TCP_CA_BUF_MAX);
152
	ret = proc_dostring(&tbl, write, buffer, lenp, ppos);
153
	kfree(tbl.data);
154
	return ret;
155
}
156

157
static int proc_allowed_congestion_control(ctl_table *ctl,
158
					   int write,
159
					   void __user *buffer, size_t *lenp,
160
					   loff_t *ppos)
161
{
162
	ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX };
163
	int ret;
164

165
	tbl.data = kmalloc(tbl.maxlen, GFP_USER);
166
	if (!tbl.data)
167
		return -ENOMEM;
168

169
	tcp_get_allowed_congestion_control(tbl.data, tbl.maxlen);
170
	ret = proc_dostring(&tbl, write, buffer, lenp, ppos);
171
	if (write && ret == 0)
172
		ret = tcp_set_allowed_congestion_control(tbl.data);
173
	kfree(tbl.data);
174
	return ret;
175
}
176

177
static struct ctl_table ipv4_table[] = {
178
	{
179
		.procname	= "tcp_timestamps",
180
		.data		= &sysctl_tcp_timestamps,
181
		.maxlen		= sizeof(int),
182
		.mode		= 0644,
183
		.proc_handler	= proc_dointvec
184
	},
185
	{
186
		.procname	= "tcp_window_scaling",
187
		.data		= &sysctl_tcp_window_scaling,
188
		.maxlen		= sizeof(int),
189
		.mode		= 0644,
190
		.proc_handler	= proc_dointvec
191
	},
192
	{
193
		.procname	= "tcp_sack",
194
		.data		= &sysctl_tcp_sack,
195
		.maxlen		= sizeof(int),
196
		.mode		= 0644,
197
		.proc_handler	= proc_dointvec
198
	},
199
	{
200
		.procname	= "tcp_retrans_collapse",
201
		.data		= &sysctl_tcp_retrans_collapse,
202
		.maxlen		= sizeof(int),
203
		.mode		= 0644,
204
		.proc_handler	= proc_dointvec
205
	},
206
	{
207
		.procname	= "ip_default_ttl",
208
		.data		= &sysctl_ip_default_ttl,
209
		.maxlen		= sizeof(int),
210
		.mode		= 0644,
211
		.proc_handler	= proc_dointvec_minmax,
212
		.extra1		= &ip_ttl_min,
213
		.extra2		= &ip_ttl_max,
214
	},
215
	{
216
		.procname	= "ip_no_pmtu_disc",
217
		.data		= &ipv4_config.no_pmtu_disc,
218
		.maxlen		= sizeof(int),
219
		.mode		= 0644,
220
		.proc_handler	= proc_dointvec
221
	},
222
	{
223
		.procname	= "ip_nonlocal_bind",
224
		.data		= &sysctl_ip_nonlocal_bind,
225
		.maxlen		= sizeof(int),
226
		.mode		= 0644,
227
		.proc_handler	= proc_dointvec
228
	},
229
	{
230
		.procname	= "tcp_syn_retries",
231
		.data		= &sysctl_tcp_syn_retries,
232
		.maxlen		= sizeof(int),
233
		.mode		= 0644,
234
		.proc_handler	= proc_dointvec
235
	},
236
	{
237
		.procname	= "tcp_synack_retries",
238
		.data		= &sysctl_tcp_synack_retries,
239
		.maxlen		= sizeof(int),
240
		.mode		= 0644,
241
		.proc_handler	= proc_dointvec
242
	},
243
	{
244
		.procname	= "tcp_max_orphans",
245
		.data		= &sysctl_tcp_max_orphans,
246
		.maxlen		= sizeof(int),
247
		.mode		= 0644,
248
		.proc_handler	= proc_dointvec
249
	},
250
	{
251
		.procname	= "tcp_max_tw_buckets",
252
		.data		= &tcp_death_row.sysctl_max_tw_buckets,
253
		.maxlen		= sizeof(int),
254
		.mode		= 0644,
255
		.proc_handler	= proc_dointvec
256
	},
257
	{
258
		.procname	= "ip_dynaddr",
259
		.data		= &sysctl_ip_dynaddr,
260
		.maxlen		= sizeof(int),
261
		.mode		= 0644,
262
		.proc_handler	= proc_dointvec
263
	},
264
	{
265
		.procname	= "tcp_keepalive_time",
266
		.data		= &sysctl_tcp_keepalive_time,
267
		.maxlen		= sizeof(int),
268
		.mode		= 0644,
269
		.proc_handler	= proc_dointvec_jiffies,
270
	},
271
	{
272
		.procname	= "tcp_keepalive_probes",
273
		.data		= &sysctl_tcp_keepalive_probes,
274
		.maxlen		= sizeof(int),
275
		.mode		= 0644,
276
		.proc_handler	= proc_dointvec
277
	},
278
	{
279
		.procname	= "tcp_keepalive_intvl",
280
		.data		= &sysctl_tcp_keepalive_intvl,
281
		.maxlen		= sizeof(int),
282
		.mode		= 0644,
283
		.proc_handler	= proc_dointvec_jiffies,
284
	},
285
	{
286
		.procname	= "tcp_retries1",
287
		.data		= &sysctl_tcp_retries1,
288
		.maxlen		= sizeof(int),
289
		.mode		= 0644,
290
		.proc_handler	= proc_dointvec_minmax,
291
		.extra2		= &tcp_retr1_max
292
	},
293
	{
294
		.procname	= "tcp_retries2",
295
		.data		= &sysctl_tcp_retries2,
296
		.maxlen		= sizeof(int),
297
		.mode		= 0644,
298
		.proc_handler	= proc_dointvec
299
	},
300
	{
301
		.procname	= "tcp_fin_timeout",
302
		.data		= &sysctl_tcp_fin_timeout,
303
		.maxlen		= sizeof(int),
304
		.mode		= 0644,
305
		.proc_handler	= proc_dointvec_jiffies,
306
	},
307
#ifdef CONFIG_SYN_COOKIES
308
	{
309
		.procname	= "tcp_syncookies",
310
		.data		= &sysctl_tcp_syncookies,
311
		.maxlen		= sizeof(int),
312
		.mode		= 0644,
313
		.proc_handler	= proc_dointvec
314
	},
315
#endif
316
	{
317
		.procname	= "tcp_tw_recycle",
318
		.data		= &tcp_death_row.sysctl_tw_recycle,
319
		.maxlen		= sizeof(int),
320
		.mode		= 0644,
321
		.proc_handler	= proc_dointvec
322
	},
323
	{
324
		.procname	= "tcp_abort_on_overflow",
325
		.data		= &sysctl_tcp_abort_on_overflow,
326
		.maxlen		= sizeof(int),
327
		.mode		= 0644,
328
		.proc_handler	= proc_dointvec
329
	},
330
	{
331
		.procname	= "tcp_stdurg",
332
		.data		= &sysctl_tcp_stdurg,
333
		.maxlen		= sizeof(int),
334
		.mode		= 0644,
335
		.proc_handler	= proc_dointvec
336
	},
337
	{
338
		.procname	= "tcp_rfc1337",
339
		.data		= &sysctl_tcp_rfc1337,
340
		.maxlen		= sizeof(int),
341
		.mode		= 0644,
342
		.proc_handler	= proc_dointvec
343
	},
344
	{
345
		.procname	= "tcp_max_syn_backlog",
346
		.data		= &sysctl_max_syn_backlog,
347
		.maxlen		= sizeof(int),
348
		.mode		= 0644,
349
		.proc_handler	= proc_dointvec
350
	},
351
	{
352
		.procname	= "ip_local_port_range",
353
		.data		= &sysctl_local_ports.range,
354
		.maxlen		= sizeof(sysctl_local_ports.range),
355
		.mode		= 0644,
356
		.proc_handler	= ipv4_local_port_range,
357
	},
358
	{
359
		.procname	= "ip_local_reserved_ports",
360
		.data		= NULL, /* initialized in sysctl_ipv4_init */
361
		.maxlen		= 65536,
362
		.mode		= 0644,
363
		.proc_handler	= proc_do_large_bitmap,
364
	},
365
	{
366
		.procname	= "igmp_max_memberships",
367
		.data		= &sysctl_igmp_max_memberships,
368
		.maxlen		= sizeof(int),
369
		.mode		= 0644,
370
		.proc_handler	= proc_dointvec
371
	},
372
	{
373
		.procname	= "igmp_max_msf",
374
		.data		= &sysctl_igmp_max_msf,
375
		.maxlen		= sizeof(int),
376
		.mode		= 0644,
377
		.proc_handler	= proc_dointvec
378
	},
379
	{
380
		.procname	= "inet_peer_threshold",
381
		.data		= &inet_peer_threshold,
382
		.maxlen		= sizeof(int),
383
		.mode		= 0644,
384
		.proc_handler	= proc_dointvec
385
	},
386
	{
387
		.procname	= "inet_peer_minttl",
388
		.data		= &inet_peer_minttl,
389
		.maxlen		= sizeof(int),
390
		.mode		= 0644,
391
		.proc_handler	= proc_dointvec_jiffies,
392
	},
393
	{
394
		.procname	= "inet_peer_maxttl",
395
		.data		= &inet_peer_maxttl,
396
		.maxlen		= sizeof(int),
397
		.mode		= 0644,
398
		.proc_handler	= proc_dointvec_jiffies,
399
	},
400
	{
401
		.procname	= "inet_peer_gc_mintime",
402
		.data		= &inet_peer_gc_mintime,
403
		.maxlen		= sizeof(int),
404
		.mode		= 0644,
405
		.proc_handler	= proc_dointvec_jiffies,
406
	},
407
	{
408
		.procname	= "inet_peer_gc_maxtime",
409
		.data		= &inet_peer_gc_maxtime,
410
		.maxlen		= sizeof(int),
411
		.mode		= 0644,
412
		.proc_handler	= proc_dointvec_jiffies,
413
	},
414
	{
415
		.procname	= "tcp_orphan_retries",
416
		.data		= &sysctl_tcp_orphan_retries,
417
		.maxlen		= sizeof(int),
418
		.mode		= 0644,
419
		.proc_handler	= proc_dointvec
420
	},
421
	{
422
		.procname	= "tcp_fack",
423
		.data		= &sysctl_tcp_fack,
424
		.maxlen		= sizeof(int),
425
		.mode		= 0644,
426
		.proc_handler	= proc_dointvec
427
	},
428
	{
429
		.procname	= "tcp_reordering",
430
		.data		= &sysctl_tcp_reordering,
431
		.maxlen		= sizeof(int),
432
		.mode		= 0644,
433
		.proc_handler	= proc_dointvec
434
	},
435
	{
436
		.procname	= "tcp_ecn",
437
		.data		= &sysctl_tcp_ecn,
438
		.maxlen		= sizeof(int),
439
		.mode		= 0644,
440
		.proc_handler	= proc_dointvec
441
	},
442
	{
443
		.procname	= "tcp_dsack",
444
		.data		= &sysctl_tcp_dsack,
445
		.maxlen		= sizeof(int),
446
		.mode		= 0644,
447
		.proc_handler	= proc_dointvec
448
	},
449
	{
450
		.procname	= "tcp_mem",
451
		.data		= &sysctl_tcp_mem,
452
		.maxlen		= sizeof(sysctl_tcp_mem),
453
		.mode		= 0644,
454
		.proc_handler	= proc_doulongvec_minmax
455
	},
456
	{
457
		.procname	= "tcp_wmem",
458
		.data		= &sysctl_tcp_wmem,
459
		.maxlen		= sizeof(sysctl_tcp_wmem),
460
		.mode		= 0644,
461
		.proc_handler	= proc_dointvec
462
	},
463
	{
464
		.procname	= "tcp_rmem",
465
		.data		= &sysctl_tcp_rmem,
466
		.maxlen		= sizeof(sysctl_tcp_rmem),
467
		.mode		= 0644,
468
		.proc_handler	= proc_dointvec
469
	},
470
	{
471
		.procname	= "tcp_app_win",
472
		.data		= &sysctl_tcp_app_win,
473
		.maxlen		= sizeof(int),
474
		.mode		= 0644,
475
		.proc_handler	= proc_dointvec
476
	},
477
	{
478
		.procname	= "tcp_adv_win_scale",
479
		.data		= &sysctl_tcp_adv_win_scale,
480
		.maxlen		= sizeof(int),
481
		.mode		= 0644,
482
		.proc_handler	= proc_dointvec_minmax,
483
		.extra1		= &tcp_adv_win_scale_min,
484
		.extra2		= &tcp_adv_win_scale_max,
485
	},
486
	{
487
		.procname	= "tcp_tw_reuse",
488
		.data		= &sysctl_tcp_tw_reuse,
489
		.maxlen		= sizeof(int),
490
		.mode		= 0644,
491
		.proc_handler	= proc_dointvec
492
	},
493
	{
494
		.procname	= "tcp_frto",
495
		.data		= &sysctl_tcp_frto,
496
		.maxlen		= sizeof(int),
497
		.mode		= 0644,
498
		.proc_handler	= proc_dointvec
499
	},
500
	{
501
		.procname	= "tcp_frto_response",
502
		.data		= &sysctl_tcp_frto_response,
503
		.maxlen		= sizeof(int),
504
		.mode		= 0644,
505
		.proc_handler	= proc_dointvec
506
	},
507
	{
508
		.procname	= "tcp_low_latency",
509
		.data		= &sysctl_tcp_low_latency,
510
		.maxlen		= sizeof(int),
511
		.mode		= 0644,
512
		.proc_handler	= proc_dointvec
513
	},
514
	{
515
		.procname	= "tcp_no_metrics_save",
516
		.data		= &sysctl_tcp_nometrics_save,
517
		.maxlen		= sizeof(int),
518
		.mode		= 0644,
519
		.proc_handler	= proc_dointvec,
520
	},
521
	{
522
		.procname	= "tcp_moderate_rcvbuf",
523
		.data		= &sysctl_tcp_moderate_rcvbuf,
524
		.maxlen		= sizeof(int),
525
		.mode		= 0644,
526
		.proc_handler	= proc_dointvec,
527
	},
528
	{
529
		.procname	= "tcp_tso_win_divisor",
530
		.data		= &sysctl_tcp_tso_win_divisor,
531
		.maxlen		= sizeof(int),
532
		.mode		= 0644,
533
		.proc_handler	= proc_dointvec,
534
	},
535
	{
536
		.procname	= "tcp_congestion_control",
537
		.mode		= 0644,
538
		.maxlen		= TCP_CA_NAME_MAX,
539
		.proc_handler	= proc_tcp_congestion_control,
540
	},
541
	{
542
		.procname	= "tcp_abc",
543
		.data		= &sysctl_tcp_abc,
544
		.maxlen		= sizeof(int),
545
		.mode		= 0644,
546
		.proc_handler	= proc_dointvec,
547
	},
548
	{
549
		.procname	= "tcp_mtu_probing",
550
		.data		= &sysctl_tcp_mtu_probing,
551
		.maxlen		= sizeof(int),
552
		.mode		= 0644,
553
		.proc_handler	= proc_dointvec,
554
	},
555
	{
556
		.procname	= "tcp_base_mss",
557
		.data		= &sysctl_tcp_base_mss,
558
		.maxlen		= sizeof(int),
559
		.mode		= 0644,
560
		.proc_handler	= proc_dointvec,
561
	},
562
	{
563
		.procname	= "tcp_workaround_signed_windows",
564
		.data		= &sysctl_tcp_workaround_signed_windows,
565
		.maxlen		= sizeof(int),
566
		.mode		= 0644,
567
		.proc_handler	= proc_dointvec
568
	},
569
#ifdef CONFIG_NET_DMA
570
	{
571
		.procname	= "tcp_dma_copybreak",
572
		.data		= &sysctl_tcp_dma_copybreak,
573
		.maxlen		= sizeof(int),
574
		.mode		= 0644,
575
		.proc_handler	= proc_dointvec
576
	},
577
#endif
578
	{
579
		.procname	= "tcp_slow_start_after_idle",
580
		.data		= &sysctl_tcp_slow_start_after_idle,
581
		.maxlen		= sizeof(int),
582
		.mode		= 0644,
583
		.proc_handler	= proc_dointvec
584
	},
585
#ifdef CONFIG_NETLABEL
586
	{
587
		.procname	= "cipso_cache_enable",
588
		.data		= &cipso_v4_cache_enabled,
589
		.maxlen		= sizeof(int),
590
		.mode		= 0644,
591
		.proc_handler	= proc_dointvec,
592
	},
593
	{
594
		.procname	= "cipso_cache_bucket_size",
595
		.data		= &cipso_v4_cache_bucketsize,
596
		.maxlen		= sizeof(int),
597
		.mode		= 0644,
598
		.proc_handler	= proc_dointvec,
599
	},
600
	{
601
		.procname	= "cipso_rbm_optfmt",
602
		.data		= &cipso_v4_rbm_optfmt,
603
		.maxlen		= sizeof(int),
604
		.mode		= 0644,
605
		.proc_handler	= proc_dointvec,
606
	},
607
	{
608
		.procname	= "cipso_rbm_strictvalid",
609
		.data		= &cipso_v4_rbm_strictvalid,
610
		.maxlen		= sizeof(int),
611
		.mode		= 0644,
612
		.proc_handler	= proc_dointvec,
613
	},
614
#endif /* CONFIG_NETLABEL */
615
	{
616
		.procname	= "tcp_available_congestion_control",
617
		.maxlen		= TCP_CA_BUF_MAX,
618
		.mode		= 0444,
619
		.proc_handler   = proc_tcp_available_congestion_control,
620
	},
621
	{
622
		.procname	= "tcp_allowed_congestion_control",
623
		.maxlen		= TCP_CA_BUF_MAX,
624
		.mode		= 0644,
625
		.proc_handler   = proc_allowed_congestion_control,
626
	},
627
	{
628
		.procname	= "tcp_max_ssthresh",
629
		.data		= &sysctl_tcp_max_ssthresh,
630
		.maxlen		= sizeof(int),
631
		.mode		= 0644,
632
		.proc_handler	= proc_dointvec,
633
	},
634
	{
635
		.procname	= "tcp_cookie_size",
636
		.data		= &sysctl_tcp_cookie_size,
637
		.maxlen		= sizeof(int),
638
		.mode		= 0644,
639
		.proc_handler	= proc_dointvec
640
	},
641
	{
642
		.procname       = "tcp_thin_linear_timeouts",
643
		.data           = &sysctl_tcp_thin_linear_timeouts,
644
		.maxlen         = sizeof(int),
645
		.mode           = 0644,
646
		.proc_handler   = proc_dointvec
647
	},
648
        {
649
		.procname       = "tcp_thin_dupack",
650
		.data           = &sysctl_tcp_thin_dupack,
651
		.maxlen         = sizeof(int),
652
		.mode           = 0644,
653
		.proc_handler   = proc_dointvec
654
	},
655
	{
656
		.procname	= "udp_mem",
657
		.data		= &sysctl_udp_mem,
658
		.maxlen		= sizeof(sysctl_udp_mem),
659
		.mode		= 0644,
660
		.proc_handler	= proc_doulongvec_minmax,
661
	},
662
	{
663
		.procname	= "udp_rmem_min",
664
		.data		= &sysctl_udp_rmem_min,
665
		.maxlen		= sizeof(sysctl_udp_rmem_min),
666
		.mode		= 0644,
667
		.proc_handler	= proc_dointvec_minmax,
668
		.extra1		= &zero
669
	},
670
	{
671
		.procname	= "udp_wmem_min",
672
		.data		= &sysctl_udp_wmem_min,
673
		.maxlen		= sizeof(sysctl_udp_wmem_min),
674
		.mode		= 0644,
675
		.proc_handler	= proc_dointvec_minmax,
676
		.extra1		= &zero
677
	},
678
	{ }
679
};
680

681
static struct ctl_table ipv4_net_table[] = {
682
	{
683
		.procname	= "icmp_echo_ignore_all",
684
		.data		= &init_net.ipv4.sysctl_icmp_echo_ignore_all,
685
		.maxlen		= sizeof(int),
686
		.mode		= 0644,
687
		.proc_handler	= proc_dointvec
688
	},
689
	{
690
		.procname	= "icmp_echo_ignore_broadcasts",
691
		.data		= &init_net.ipv4.sysctl_icmp_echo_ignore_broadcasts,
692
		.maxlen		= sizeof(int),
693
		.mode		= 0644,
694
		.proc_handler	= proc_dointvec
695
	},
696
	{
697
		.procname	= "icmp_ignore_bogus_error_responses",
698
		.data		= &init_net.ipv4.sysctl_icmp_ignore_bogus_error_responses,
699
		.maxlen		= sizeof(int),
700
		.mode		= 0644,
701
		.proc_handler	= proc_dointvec
702
	},
703
	{
704
		.procname	= "icmp_errors_use_inbound_ifaddr",
705
		.data		= &init_net.ipv4.sysctl_icmp_errors_use_inbound_ifaddr,
706
		.maxlen		= sizeof(int),
707
		.mode		= 0644,
708
		.proc_handler	= proc_dointvec
709
	},
710
	{
711
		.procname	= "icmp_ratelimit",
712
		.data		= &init_net.ipv4.sysctl_icmp_ratelimit,
713
		.maxlen		= sizeof(int),
714
		.mode		= 0644,
715
		.proc_handler	= proc_dointvec_ms_jiffies,
716
	},
717
	{
718
		.procname	= "icmp_ratemask",
719
		.data		= &init_net.ipv4.sysctl_icmp_ratemask,
720
		.maxlen		= sizeof(int),
721
		.mode		= 0644,
722
		.proc_handler	= proc_dointvec
723
	},
724
	{
725
		.procname	= "rt_cache_rebuild_count",
726
		.data		= &init_net.ipv4.sysctl_rt_cache_rebuild_count,
727
		.maxlen		= sizeof(int),
728
		.mode		= 0644,
729
		.proc_handler	= proc_dointvec
730
	},
731
	{
732
		.procname	= "ping_group_range",
733
		.data		= &init_net.ipv4.sysctl_ping_group_range,
734
		.maxlen		= sizeof(init_net.ipv4.sysctl_ping_group_range),
735
		.mode		= 0644,
736
		.proc_handler	= ipv4_ping_group_range,
737
	},
738
	{ }
739
};
740

741
struct ctl_path net_ipv4_ctl_path[] = {
742
	{ .procname = "net", },
743
	{ .procname = "ipv4", },
744
	{ },
745
};
746
EXPORT_SYMBOL_GPL(net_ipv4_ctl_path);
747

748
static __net_init int ipv4_sysctl_init_net(struct net *net)
749
{
750
	struct ctl_table *table;
751

752
	table = ipv4_net_table;
753
	if (!net_eq(net, &init_net)) {
754
		table = kmemdup(table, sizeof(ipv4_net_table), GFP_KERNEL);
755
		if (table == NULL)
756
			goto err_alloc;
757

758
		table[0].data =
759
			&net->ipv4.sysctl_icmp_echo_ignore_all;
760
		table[1].data =
761
			&net->ipv4.sysctl_icmp_echo_ignore_broadcasts;
762
		table[2].data =
763
			&net->ipv4.sysctl_icmp_ignore_bogus_error_responses;
764
		table[3].data =
765
			&net->ipv4.sysctl_icmp_errors_use_inbound_ifaddr;
766
		table[4].data =
767
			&net->ipv4.sysctl_icmp_ratelimit;
768
		table[5].data =
769
			&net->ipv4.sysctl_icmp_ratemask;
770
		table[6].data =
771
			&net->ipv4.sysctl_rt_cache_rebuild_count;
772
		table[7].data =
773
			&net->ipv4.sysctl_ping_group_range;
774

775
	}
776

777
	/*
778
	 * Sane defaults - nobody may create ping sockets.
779
	 * Boot scripts should set this to distro-specific group.
780
	 */
781
	net->ipv4.sysctl_ping_group_range[0] = 1;
782
	net->ipv4.sysctl_ping_group_range[1] = 0;
783

784
	net->ipv4.sysctl_rt_cache_rebuild_count = 4;
785

786
	net->ipv4.ipv4_hdr = register_net_sysctl_table(net,
787
			net_ipv4_ctl_path, table);
788
	if (net->ipv4.ipv4_hdr == NULL)
789
		goto err_reg;
790

791
	return 0;
792

793
err_reg:
794
	if (!net_eq(net, &init_net))
795
		kfree(table);
796
err_alloc:
797
	return -ENOMEM;
798
}
799

800
static __net_exit void ipv4_sysctl_exit_net(struct net *net)
801
{
802
	struct ctl_table *table;
803

804
	table = net->ipv4.ipv4_hdr->ctl_table_arg;
805
	unregister_net_sysctl_table(net->ipv4.ipv4_hdr);
806
	kfree(table);
807
}
808

809
static __net_initdata struct pernet_operations ipv4_sysctl_ops = {
810
	.init = ipv4_sysctl_init_net,
811
	.exit = ipv4_sysctl_exit_net,
812
};
813

814
static __init int sysctl_ipv4_init(void)
815
{
816
	struct ctl_table_header *hdr;
817
	struct ctl_table *i;
818

819
	for (i = ipv4_table; i->procname; i++) {
820
		if (strcmp(i->procname, "ip_local_reserved_ports") == 0) {
821
			i->data = sysctl_local_reserved_ports;
822
			break;
823
		}
824
	}
825
	if (!i->procname)
826
		return -EINVAL;
827

828
	hdr = register_sysctl_paths(net_ipv4_ctl_path, ipv4_table);
829
	if (hdr == NULL)
830
		return -ENOMEM;
831

832
	if (register_pernet_subsys(&ipv4_sysctl_ops)) {
833
		unregister_sysctl_table(hdr);
834
		return -ENOMEM;
835
	}
836

837
	return 0;
838
}
839

840
__initcall(sysctl_ipv4_init);
841

842
Product

Resources

Company
