diff options
| author | Mike Manning <mmanning@vyatta.att-mail.com> | 2018-11-07 10:36:05 -0500 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2018-11-07 19:12:38 -0500 |
| commit | 6897445fb194c8ad046df4a13e1ee9f080a5a21e (patch) | |
| tree | 0064e564646e9066a26230163ba453adb505fe8f /net/ipv4/raw.c | |
| parent | 6da5b0f027a825df2aebc1927a27bda185dc03d4 (diff) | |
net: provide a sysctl raw_l3mdev_accept for raw socket lookup with VRFs
Add a sysctl raw_l3mdev_accept to control raw socket lookup in a manner
similar to use of tcp_l3mdev_accept for stream and of udp_l3mdev_accept
for datagram sockets. Have this default to enabled for reasons of
backwards compatibility. This is so as to specify the output device
with cmsg and IP_PKTINFO, but using a socket not bound to the
corresponding VRF. This allows e.g. older ping implementations to be
run with specifying the device but without executing it in the VRF.
If the option is disabled, packets received in a VRF context are only
handled by a raw socket bound to the VRF, and correspondingly packets
in the default VRF are only handled by a socket not bound to any VRF.
Signed-off-by: Mike Manning <mmanning@vyatta.att-mail.com>
Reviewed-by: David Ahern <dsahern@gmail.com>
Tested-by: David Ahern <dsahern@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4/raw.c')
| -rw-r--r-- | net/ipv4/raw.c | 28 |
1 files changed, 26 insertions, 2 deletions
diff --git a/net/ipv4/raw.c b/net/ipv4/raw.c index 8ca3eb06ba04..1ebd29abe79c 100644 --- a/net/ipv4/raw.c +++ b/net/ipv4/raw.c | |||
| @@ -805,7 +805,7 @@ out: | |||
| 805 | return copied; | 805 | return copied; |
| 806 | } | 806 | } |
| 807 | 807 | ||
| 808 | static int raw_init(struct sock *sk) | 808 | static int raw_sk_init(struct sock *sk) |
| 809 | { | 809 | { |
| 810 | struct raw_sock *rp = raw_sk(sk); | 810 | struct raw_sock *rp = raw_sk(sk); |
| 811 | 811 | ||
| @@ -970,7 +970,7 @@ struct proto raw_prot = { | |||
| 970 | .connect = ip4_datagram_connect, | 970 | .connect = ip4_datagram_connect, |
| 971 | .disconnect = __udp_disconnect, | 971 | .disconnect = __udp_disconnect, |
| 972 | .ioctl = raw_ioctl, | 972 | .ioctl = raw_ioctl, |
| 973 | .init = raw_init, | 973 | .init = raw_sk_init, |
| 974 | .setsockopt = raw_setsockopt, | 974 | .setsockopt = raw_setsockopt, |
| 975 | .getsockopt = raw_getsockopt, | 975 | .getsockopt = raw_getsockopt, |
| 976 | .sendmsg = raw_sendmsg, | 976 | .sendmsg = raw_sendmsg, |
| @@ -1133,4 +1133,28 @@ void __init raw_proc_exit(void) | |||
| 1133 | { | 1133 | { |
| 1134 | unregister_pernet_subsys(&raw_net_ops); | 1134 | unregister_pernet_subsys(&raw_net_ops); |
| 1135 | } | 1135 | } |
| 1136 | |||
| 1137 | static void raw_sysctl_init_net(struct net *net) | ||
| 1138 | { | ||
| 1139 | #ifdef CONFIG_NET_L3_MASTER_DEV | ||
| 1140 | net->ipv4.sysctl_raw_l3mdev_accept = 1; | ||
| 1141 | #endif | ||
| 1142 | } | ||
| 1143 | |||
| 1144 | static int __net_init raw_sysctl_init(struct net *net) | ||
| 1145 | { | ||
| 1146 | raw_sysctl_init_net(net); | ||
| 1147 | return 0; | ||
| 1148 | } | ||
| 1149 | |||
| 1150 | static struct pernet_operations __net_initdata raw_sysctl_ops = { | ||
| 1151 | .init = raw_sysctl_init, | ||
| 1152 | }; | ||
| 1153 | |||
| 1154 | void __init raw_init(void) | ||
| 1155 | { | ||
| 1156 | raw_sysctl_init_net(&init_net); | ||
| 1157 | if (register_pernet_subsys(&raw_sysctl_ops)) | ||
| 1158 | panic("RAW: failed to init sysctl parameters.\n"); | ||
| 1159 | } | ||
| 1136 | #endif /* CONFIG_PROC_FS */ | 1160 | #endif /* CONFIG_PROC_FS */ |