aboutsummaryrefslogtreecommitdiff
path: root/net/ipv6/sysctl_net_ipv6.c
diff options
context:
space:
mode:
Diffstat (limited to 'net/ipv6/sysctl_net_ipv6.c')
-rw-r--r--net/ipv6/sysctl_net_ipv6.c163
1 files changed, 97 insertions, 66 deletions
diff --git a/net/ipv6/sysctl_net_ipv6.c b/net/ipv6/sysctl_net_ipv6.c
index 68bb2548e46..408691b777c 100644
--- a/net/ipv6/sysctl_net_ipv6.c
+++ b/net/ipv6/sysctl_net_ipv6.c
@@ -14,66 +14,30 @@
#include <net/addrconf.h>
#include <net/inet_frag.h>
-#ifdef CONFIG_SYSCTL
-
-static ctl_table ipv6_table[] = {
+static ctl_table ipv6_table_template[] = {
{
.ctl_name = NET_IPV6_ROUTE,
.procname = "route",
.maxlen = 0,
.mode = 0555,
- .child = ipv6_route_table
+ .child = ipv6_route_table_template
},
{
.ctl_name = NET_IPV6_ICMP,
.procname = "icmp",
.maxlen = 0,
.mode = 0555,
- .child = ipv6_icmp_table
+ .child = ipv6_icmp_table_template
},
{
.ctl_name = NET_IPV6_BINDV6ONLY,
.procname = "bindv6only",
- .data = &sysctl_ipv6_bindv6only,
+ .data = &init_net.ipv6.sysctl.bindv6only,
.maxlen = sizeof(int),
.mode = 0644,
.proc_handler = &proc_dointvec
},
{
- .ctl_name = NET_IPV6_IP6FRAG_HIGH_THRESH,
- .procname = "ip6frag_high_thresh",
- .data = &ip6_frags_ctl.high_thresh,
- .maxlen = sizeof(int),
- .mode = 0644,
- .proc_handler = &proc_dointvec
- },
- {
- .ctl_name = NET_IPV6_IP6FRAG_LOW_THRESH,
- .procname = "ip6frag_low_thresh",
- .data = &ip6_frags_ctl.low_thresh,
- .maxlen = sizeof(int),
- .mode = 0644,
- .proc_handler = &proc_dointvec
- },
- {
- .ctl_name = NET_IPV6_IP6FRAG_TIME,
- .procname = "ip6frag_time",
- .data = &ip6_frags_ctl.timeout,
- .maxlen = sizeof(int),
- .mode = 0644,
- .proc_handler = &proc_dointvec_jiffies,
- .strategy = &sysctl_jiffies,
- },
- {
- .ctl_name = NET_IPV6_IP6FRAG_SECRET_INTERVAL,
- .procname = "ip6frag_secret_interval",
- .data = &ip6_frags_ctl.secret_interval,
- .maxlen = sizeof(int),
- .mode = 0644,
- .proc_handler = &proc_dointvec_jiffies,
- .strategy = &sysctl_jiffies
- },
- {
.ctl_name = NET_IPV6_MLD_MAX_MSF,
.procname = "mld_max_msf",
.data = &sysctl_mld_max_msf,
@@ -84,39 +48,106 @@ static ctl_table ipv6_table[] = {
{ .ctl_name = 0 }
};
-static struct ctl_table_header *ipv6_sysctl_header;
-
-static ctl_table ipv6_net_table[] = {
- {
- .ctl_name = NET_IPV6,
- .procname = "ipv6",
- .mode = 0555,
- .child = ipv6_table
- },
- { .ctl_name = 0 }
-};
-
-static ctl_table ipv6_root_table[] = {
- {
- .ctl_name = CTL_NET,
- .procname = "net",
- .mode = 0555,
- .child = ipv6_net_table
- },
- { .ctl_name = 0 }
+struct ctl_path net_ipv6_ctl_path[] = {
+ { .procname = "net", .ctl_name = CTL_NET, },
+ { .procname = "ipv6", .ctl_name = NET_IPV6, },
+ { },
};
+EXPORT_SYMBOL_GPL(net_ipv6_ctl_path);
-void ipv6_sysctl_register(void)
+static int ipv6_sysctl_net_init(struct net *net)
{
- ipv6_sysctl_header = register_sysctl_table(ipv6_root_table);
+ struct ctl_table *ipv6_table;
+ struct ctl_table *ipv6_route_table;
+ struct ctl_table *ipv6_icmp_table;
+ int err;
+
+ err = -ENOMEM;
+ ipv6_table = kmemdup(ipv6_table_template, sizeof(ipv6_table_template),
+ GFP_KERNEL);
+ if (!ipv6_table)
+ goto out;
+
+ ipv6_route_table = ipv6_route_sysctl_init(net);
+ if (!ipv6_route_table)
+ goto out_ipv6_table;
+
+ ipv6_icmp_table = ipv6_icmp_sysctl_init(net);
+ if (!ipv6_icmp_table)
+ goto out_ipv6_route_table;
+
+ ipv6_route_table[0].data = &net->ipv6.sysctl.flush_delay;
+ /* ipv6_route_table[1].data will be handled when we have
+ routes per namespace */
+ ipv6_route_table[2].data = &net->ipv6.sysctl.ip6_rt_max_size;
+ ipv6_route_table[3].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
+ ipv6_route_table[4].data = &net->ipv6.sysctl.ip6_rt_gc_timeout;
+ ipv6_route_table[5].data = &net->ipv6.sysctl.ip6_rt_gc_interval;
+ ipv6_route_table[6].data = &net->ipv6.sysctl.ip6_rt_gc_elasticity;
+ ipv6_route_table[7].data = &net->ipv6.sysctl.ip6_rt_mtu_expires;
+ ipv6_route_table[8].data = &net->ipv6.sysctl.ip6_rt_min_advmss;
+ ipv6_table[0].child = ipv6_route_table;
+
+ ipv6_icmp_table[0].data = &net->ipv6.sysctl.icmpv6_time;
+ ipv6_table[1].child = ipv6_icmp_table;
+
+ ipv6_table[2].data = &net->ipv6.sysctl.bindv6only;
+
+ /* We don't want this value to be per namespace, it should be global
+ to all namespaces, so make it read-only when we are not in the
+ init network namespace */
+ if (net != &init_net)
+ ipv6_table[3].mode = 0444;
+
+ net->ipv6.sysctl.table = register_net_sysctl_table(net, net_ipv6_ctl_path,
+ ipv6_table);
+ if (!net->ipv6.sysctl.table)
+ return -ENOMEM;
+
+ if (!net->ipv6.sysctl.table)
+ goto out_ipv6_icmp_table;
+
+ err = 0;
+out:
+ return err;
+
+out_ipv6_icmp_table:
+ kfree(ipv6_icmp_table);
+out_ipv6_route_table:
+ kfree(ipv6_route_table);
+out_ipv6_table:
+ kfree(ipv6_table);
+ goto out;
}
-void ipv6_sysctl_unregister(void)
+static void ipv6_sysctl_net_exit(struct net *net)
{
- unregister_sysctl_table(ipv6_sysctl_header);
-}
+ struct ctl_table *ipv6_table;
+ struct ctl_table *ipv6_route_table;
+ struct ctl_table *ipv6_icmp_table;
-#endif /* CONFIG_SYSCTL */
+ ipv6_table = net->ipv6.sysctl.table->ctl_table_arg;
+ ipv6_route_table = ipv6_table[0].child;
+ ipv6_icmp_table = ipv6_table[1].child;
+ unregister_net_sysctl_table(net->ipv6.sysctl.table);
+ kfree(ipv6_table);
+ kfree(ipv6_route_table);
+ kfree(ipv6_icmp_table);
+}
+
+static struct pernet_operations ipv6_sysctl_net_ops = {
+ .init = ipv6_sysctl_net_init,
+ .exit = ipv6_sysctl_net_exit,
+};
+int ipv6_sysctl_register(void)
+{
+ return register_pernet_subsys(&ipv6_sysctl_net_ops);
+}
+
+void ipv6_sysctl_unregister(void)
+{
+ unregister_pernet_subsys(&ipv6_sysctl_net_ops);
+}