aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv4
diff options
context:
space:
mode:
authorHaishuang Yan <yanhaishuang@cmss.chinamobile.com>2017-09-26 23:35:40 -0400
committerDavid S. Miller <davem@davemloft.net>2017-10-01 20:55:54 -0400
commite1cfcbe82b4534bd0f99fef92a6d33843fd85e0e (patch)
tree1a9fde5eff8d55d710fcc0631c7bcc8116ce72c6 /net/ipv4
parent506d0a3edbc0bd4eaabe0c4e9c31ce69d6dfd5e5 (diff)
ipv4: Namespaceify tcp_fastopen knob
Different namespace application might require enable TCP Fast Open feature independently of the host. This patch series continues making more of the TCP Fast Open related sysctl knobs be per net-namespace. Reported-by: Luca BRUNO <lucab@debian.org> Signed-off-by: Haishuang Yan <yanhaishuang@cmss.chinamobile.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4')
-rw-r--r--net/ipv4/af_inet.c7
-rw-r--r--net/ipv4/sysctl_net_ipv4.c14
-rw-r--r--net/ipv4/tcp.c4
-rw-r--r--net/ipv4/tcp_fastopen.c11
-rw-r--r--net/ipv4/tcp_ipv4.c2
5 files changed, 20 insertions, 18 deletions
diff --git a/net/ipv4/af_inet.c b/net/ipv4/af_inet.c
index e31108e5ef79..ddd126d120ac 100644
--- a/net/ipv4/af_inet.c
+++ b/net/ipv4/af_inet.c
@@ -195,7 +195,7 @@ int inet_listen(struct socket *sock, int backlog)
195{ 195{
196 struct sock *sk = sock->sk; 196 struct sock *sk = sock->sk;
197 unsigned char old_state; 197 unsigned char old_state;
198 int err; 198 int err, tcp_fastopen;
199 199
200 lock_sock(sk); 200 lock_sock(sk);
201 201
@@ -217,8 +217,9 @@ int inet_listen(struct socket *sock, int backlog)
217 * because the socket was in TCP_LISTEN state previously but 217 * because the socket was in TCP_LISTEN state previously but
218 * was shutdown() rather than close(). 218 * was shutdown() rather than close().
219 */ 219 */
220 if ((sysctl_tcp_fastopen & TFO_SERVER_WO_SOCKOPT1) && 220 tcp_fastopen = sock_net(sk)->ipv4.sysctl_tcp_fastopen;
221 (sysctl_tcp_fastopen & TFO_SERVER_ENABLE) && 221 if ((tcp_fastopen & TFO_SERVER_WO_SOCKOPT1) &&
222 (tcp_fastopen & TFO_SERVER_ENABLE) &&
222 !inet_csk(sk)->icsk_accept_queue.fastopenq.max_qlen) { 223 !inet_csk(sk)->icsk_accept_queue.fastopenq.max_qlen) {
223 fastopen_queue_tune(sk, backlog); 224 fastopen_queue_tune(sk, backlog);
224 tcp_fastopen_init_key_once(true); 225 tcp_fastopen_init_key_once(true);
diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c
index 0d3c038d7b04..e31e853cf486 100644
--- a/net/ipv4/sysctl_net_ipv4.c
+++ b/net/ipv4/sysctl_net_ipv4.c
@@ -401,13 +401,6 @@ static struct ctl_table ipv4_table[] = {
401 .proc_handler = proc_dointvec 401 .proc_handler = proc_dointvec
402 }, 402 },
403 { 403 {
404 .procname = "tcp_fastopen",
405 .data = &sysctl_tcp_fastopen,
406 .maxlen = sizeof(int),
407 .mode = 0644,
408 .proc_handler = proc_dointvec,
409 },
410 {
411 .procname = "tcp_fastopen_key", 404 .procname = "tcp_fastopen_key",
412 .mode = 0600, 405 .mode = 0600,
413 .maxlen = ((TCP_FASTOPEN_KEY_LENGTH * 2) + 10), 406 .maxlen = ((TCP_FASTOPEN_KEY_LENGTH * 2) + 10),
@@ -1085,6 +1078,13 @@ static struct ctl_table ipv4_net_table[] = {
1085 .mode = 0644, 1078 .mode = 0644,
1086 .proc_handler = proc_dointvec 1079 .proc_handler = proc_dointvec
1087 }, 1080 },
1081 {
1082 .procname = "tcp_fastopen",
1083 .data = &init_net.ipv4.sysctl_tcp_fastopen,
1084 .maxlen = sizeof(int),
1085 .mode = 0644,
1086 .proc_handler = proc_dointvec,
1087 },
1088#ifdef CONFIG_IP_ROUTE_MULTIPATH 1088#ifdef CONFIG_IP_ROUTE_MULTIPATH
1089 { 1089 {
1090 .procname = "fib_multipath_use_neigh", 1090 .procname = "fib_multipath_use_neigh",
diff --git a/net/ipv4/tcp.c b/net/ipv4/tcp.c
index 5091402720ab..dac56c4ad357 100644
--- a/net/ipv4/tcp.c
+++ b/net/ipv4/tcp.c
@@ -1126,7 +1126,7 @@ static int tcp_sendmsg_fastopen(struct sock *sk, struct msghdr *msg,
1126 struct sockaddr *uaddr = msg->msg_name; 1126 struct sockaddr *uaddr = msg->msg_name;
1127 int err, flags; 1127 int err, flags;
1128 1128
1129 if (!(sysctl_tcp_fastopen & TFO_CLIENT_ENABLE) || 1129 if (!(sock_net(sk)->ipv4.sysctl_tcp_fastopen & TFO_CLIENT_ENABLE) ||
1130 (uaddr && msg->msg_namelen >= sizeof(uaddr->sa_family) && 1130 (uaddr && msg->msg_namelen >= sizeof(uaddr->sa_family) &&
1131 uaddr->sa_family == AF_UNSPEC)) 1131 uaddr->sa_family == AF_UNSPEC))
1132 return -EOPNOTSUPP; 1132 return -EOPNOTSUPP;
@@ -2759,7 +2759,7 @@ static int do_tcp_setsockopt(struct sock *sk, int level,
2759 case TCP_FASTOPEN_CONNECT: 2759 case TCP_FASTOPEN_CONNECT:
2760 if (val > 1 || val < 0) { 2760 if (val > 1 || val < 0) {
2761 err = -EINVAL; 2761 err = -EINVAL;
2762 } else if (sysctl_tcp_fastopen & TFO_CLIENT_ENABLE) { 2762 } else if (net->ipv4.sysctl_tcp_fastopen & TFO_CLIENT_ENABLE) {
2763 if (sk->sk_state == TCP_CLOSE) 2763 if (sk->sk_state == TCP_CLOSE)
2764 tp->fastopen_connect = val; 2764 tp->fastopen_connect = val;
2765 else 2765 else
diff --git a/net/ipv4/tcp_fastopen.c b/net/ipv4/tcp_fastopen.c
index e3c33220c418..31b08ec38cb8 100644
--- a/net/ipv4/tcp_fastopen.c
+++ b/net/ipv4/tcp_fastopen.c
@@ -9,8 +9,6 @@
9#include <net/inetpeer.h> 9#include <net/inetpeer.h>
10#include <net/tcp.h> 10#include <net/tcp.h>
11 11
12int sysctl_tcp_fastopen __read_mostly = TFO_CLIENT_ENABLE;
13
14struct tcp_fastopen_context __rcu *tcp_fastopen_ctx; 12struct tcp_fastopen_context __rcu *tcp_fastopen_ctx;
15 13
16static DEFINE_SPINLOCK(tcp_fastopen_ctx_lock); 14static DEFINE_SPINLOCK(tcp_fastopen_ctx_lock);
@@ -279,21 +277,22 @@ struct sock *tcp_try_fastopen(struct sock *sk, struct sk_buff *skb,
279 struct request_sock *req, 277 struct request_sock *req,
280 struct tcp_fastopen_cookie *foc) 278 struct tcp_fastopen_cookie *foc)
281{ 279{
282 struct tcp_fastopen_cookie valid_foc = { .len = -1 };
283 bool syn_data = TCP_SKB_CB(skb)->end_seq != TCP_SKB_CB(skb)->seq + 1; 280 bool syn_data = TCP_SKB_CB(skb)->end_seq != TCP_SKB_CB(skb)->seq + 1;
281 int tcp_fastopen = sock_net(sk)->ipv4.sysctl_tcp_fastopen;
282 struct tcp_fastopen_cookie valid_foc = { .len = -1 };
284 struct sock *child; 283 struct sock *child;
285 284
286 if (foc->len == 0) /* Client requests a cookie */ 285 if (foc->len == 0) /* Client requests a cookie */
287 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPFASTOPENCOOKIEREQD); 286 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPFASTOPENCOOKIEREQD);
288 287
289 if (!((sysctl_tcp_fastopen & TFO_SERVER_ENABLE) && 288 if (!((tcp_fastopen & TFO_SERVER_ENABLE) &&
290 (syn_data || foc->len >= 0) && 289 (syn_data || foc->len >= 0) &&
291 tcp_fastopen_queue_check(sk))) { 290 tcp_fastopen_queue_check(sk))) {
292 foc->len = -1; 291 foc->len = -1;
293 return NULL; 292 return NULL;
294 } 293 }
295 294
296 if (syn_data && (sysctl_tcp_fastopen & TFO_SERVER_COOKIE_NOT_REQD)) 295 if (syn_data && (tcp_fastopen & TFO_SERVER_COOKIE_NOT_REQD))
297 goto fastopen; 296 goto fastopen;
298 297
299 if (foc->len >= 0 && /* Client presents or requests a cookie */ 298 if (foc->len >= 0 && /* Client presents or requests a cookie */
@@ -347,7 +346,7 @@ bool tcp_fastopen_cookie_check(struct sock *sk, u16 *mss,
347 return false; 346 return false;
348 } 347 }
349 348
350 if (sysctl_tcp_fastopen & TFO_CLIENT_NO_COOKIE) { 349 if (sock_net(sk)->ipv4.sysctl_tcp_fastopen & TFO_CLIENT_NO_COOKIE) {
351 cookie->len = -1; 350 cookie->len = -1;
352 return true; 351 return true;
353 } 352 }
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index d9416b5162bc..88409b13c9d2 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -2472,6 +2472,8 @@ static int __net_init tcp_sk_init(struct net *net)
2472 net->ipv4.sysctl_tcp_window_scaling = 1; 2472 net->ipv4.sysctl_tcp_window_scaling = 1;
2473 net->ipv4.sysctl_tcp_timestamps = 1; 2473 net->ipv4.sysctl_tcp_timestamps = 1;
2474 2474
2475 net->ipv4.sysctl_tcp_fastopen = TFO_CLIENT_ENABLE;
2476
2475 return 0; 2477 return 0;
2476fail: 2478fail:
2477 tcp_sk_exit(net); 2479 tcp_sk_exit(net);
generated by cgit v1.2.2 (git 2.25.0) at 2025-08-14 17:58:47 -0400