aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPavel Emelyanov <xemul@openvz.org>2008-03-26 04:56:24 -0400
committerDavid S. Miller <davem@davemloft.net>2008-03-26 04:56:24 -0400
commit68528f09980a60c8df046d16336333cac4fc0c32 (patch)
tree88d2f93f5e6ea4a8c7539e3f9a28afc27f71a3d9
parenta24022e1887978decaa28fb11d1ddff63e31497f (diff)
[NETNS][ICMP]: Make ctl tables for ICMP sysctls per-net.
Add some flesh to ipv4_sysctl_init_net and ipv4_sysctl_exit_net, i.e. copy the table, alter .data pointers and register it per-net. Other ipv4_table's sysctls are now global, but this is going to change once sysctl permissions patches migrate from -mm tree to mainline in 2.6.26 merge window :) Signed-off-by: Pavel Emelyanov <xemul@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r--include/net/netns/ipv4.h1
-rw-r--r--net/ipv4/sysctl_net_ipv4.c138
2 files changed, 91 insertions, 48 deletions
diff --git a/include/net/netns/ipv4.h b/include/net/netns/ipv4.h
index e3de0ff8ea4b..af685f71f4b5 100644
--- a/include/net/netns/ipv4.h
+++ b/include/net/netns/ipv4.h
@@ -17,6 +17,7 @@ struct netns_ipv4 {
17#ifdef CONFIG_SYSCTL 17#ifdef CONFIG_SYSCTL
18 struct ctl_table_header *forw_hdr; 18 struct ctl_table_header *forw_hdr;
19 struct ctl_table_header *frags_hdr; 19 struct ctl_table_header *frags_hdr;
20 struct ctl_table_header *ipv4_hdr;
20#endif 21#endif
21 struct ipv4_devconf *devconf_all; 22 struct ipv4_devconf *devconf_all;
22 struct ipv4_devconf *devconf_dflt; 23 struct ipv4_devconf *devconf_dflt;
diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c
index e9585c02f243..c437f804ee38 100644
--- a/net/ipv4/sysctl_net_ipv4.c
+++ b/net/ipv4/sysctl_net_ipv4.c
@@ -404,38 +404,6 @@ static struct ctl_table ipv4_table[] = {
404 .strategy = &ipv4_sysctl_local_port_range, 404 .strategy = &ipv4_sysctl_local_port_range,
405 }, 405 },
406 { 406 {
407 .ctl_name = NET_IPV4_ICMP_ECHO_IGNORE_ALL,
408 .procname = "icmp_echo_ignore_all",
409 .data = &init_net.ipv4.sysctl_icmp_echo_ignore_all,
410 .maxlen = sizeof(int),
411 .mode = 0644,
412 .proc_handler = &proc_dointvec
413 },
414 {
415 .ctl_name = NET_IPV4_ICMP_ECHO_IGNORE_BROADCASTS,
416 .procname = "icmp_echo_ignore_broadcasts",
417 .data = &init_net.ipv4.sysctl_icmp_echo_ignore_broadcasts,
418 .maxlen = sizeof(int),
419 .mode = 0644,
420 .proc_handler = &proc_dointvec
421 },
422 {
423 .ctl_name = NET_IPV4_ICMP_IGNORE_BOGUS_ERROR_RESPONSES,
424 .procname = "icmp_ignore_bogus_error_responses",
425 .data = &init_net.ipv4.sysctl_icmp_ignore_bogus_error_responses,
426 .maxlen = sizeof(int),
427 .mode = 0644,
428 .proc_handler = &proc_dointvec
429 },
430 {
431 .ctl_name = NET_IPV4_ICMP_ERRORS_USE_INBOUND_IFADDR,
432 .procname = "icmp_errors_use_inbound_ifaddr",
433 .data = &init_net.ipv4.sysctl_icmp_errors_use_inbound_ifaddr,
434 .maxlen = sizeof(int),
435 .mode = 0644,
436 .proc_handler = &proc_dointvec
437 },
438 {
439 .ctl_name = NET_IPV4_ROUTE, 407 .ctl_name = NET_IPV4_ROUTE,
440 .procname = "route", 408 .procname = "route",
441 .maxlen = 0, 409 .maxlen = 0,
@@ -586,22 +554,6 @@ static struct ctl_table ipv4_table[] = {
586 .proc_handler = &proc_dointvec 554 .proc_handler = &proc_dointvec
587 }, 555 },
588 { 556 {
589 .ctl_name = NET_IPV4_ICMP_RATELIMIT,
590 .procname = "icmp_ratelimit",
591 .data = &init_net.ipv4.sysctl_icmp_ratelimit,
592 .maxlen = sizeof(int),
593 .mode = 0644,
594 .proc_handler = &proc_dointvec
595 },
596 {
597 .ctl_name = NET_IPV4_ICMP_RATEMASK,
598 .procname = "icmp_ratemask",
599 .data = &init_net.ipv4.sysctl_icmp_ratemask,
600 .maxlen = sizeof(int),
601 .mode = 0644,
602 .proc_handler = &proc_dointvec
603 },
604 {
605 .ctl_name = NET_TCP_TW_REUSE, 557 .ctl_name = NET_TCP_TW_REUSE,
606 .procname = "tcp_tw_reuse", 558 .procname = "tcp_tw_reuse",
607 .data = &sysctl_tcp_tw_reuse, 559 .data = &sysctl_tcp_tw_reuse,
@@ -804,6 +756,58 @@ static struct ctl_table ipv4_table[] = {
804 { .ctl_name = 0 } 756 { .ctl_name = 0 }
805}; 757};
806 758
759static struct ctl_table ipv4_net_table[] = {
760 {
761 .ctl_name = NET_IPV4_ICMP_ECHO_IGNORE_ALL,
762 .procname = "icmp_echo_ignore_all",
763 .data = &init_net.ipv4.sysctl_icmp_echo_ignore_all,
764 .maxlen = sizeof(int),
765 .mode = 0644,
766 .proc_handler = &proc_dointvec
767 },
768 {
769 .ctl_name = NET_IPV4_ICMP_ECHO_IGNORE_BROADCASTS,
770 .procname = "icmp_echo_ignore_broadcasts",
771 .data = &init_net.ipv4.sysctl_icmp_echo_ignore_broadcasts,
772 .maxlen = sizeof(int),
773 .mode = 0644,
774 .proc_handler = &proc_dointvec
775 },
776 {
777 .ctl_name = NET_IPV4_ICMP_IGNORE_BOGUS_ERROR_RESPONSES,
778 .procname = "icmp_ignore_bogus_error_responses",
779 .data = &init_net.ipv4.sysctl_icmp_ignore_bogus_error_responses,
780 .maxlen = sizeof(int),
781 .mode = 0644,
782 .proc_handler = &proc_dointvec
783 },
784 {
785 .ctl_name = NET_IPV4_ICMP_ERRORS_USE_INBOUND_IFADDR,
786 .procname = "icmp_errors_use_inbound_ifaddr",
787 .data = &init_net.ipv4.sysctl_icmp_errors_use_inbound_ifaddr,
788 .maxlen = sizeof(int),
789 .mode = 0644,
790 .proc_handler = &proc_dointvec
791 },
792 {
793 .ctl_name = NET_IPV4_ICMP_RATELIMIT,
794 .procname = "icmp_ratelimit",
795 .data = &init_net.ipv4.sysctl_icmp_ratelimit,
796 .maxlen = sizeof(int),
797 .mode = 0644,
798 .proc_handler = &proc_dointvec
799 },
800 {
801 .ctl_name = NET_IPV4_ICMP_RATEMASK,
802 .procname = "icmp_ratemask",
803 .data = &init_net.ipv4.sysctl_icmp_ratemask,
804 .maxlen = sizeof(int),
805 .mode = 0644,
806 .proc_handler = &proc_dointvec
807 },
808 { }
809};
810
807struct ctl_path net_ipv4_ctl_path[] = { 811struct ctl_path net_ipv4_ctl_path[] = {
808 { .procname = "net", .ctl_name = CTL_NET, }, 812 { .procname = "net", .ctl_name = CTL_NET, },
809 { .procname = "ipv4", .ctl_name = NET_IPV4, }, 813 { .procname = "ipv4", .ctl_name = NET_IPV4, },
@@ -813,11 +817,49 @@ EXPORT_SYMBOL_GPL(net_ipv4_ctl_path);
813 817
814static __net_init int ipv4_sysctl_init_net(struct net *net) 818static __net_init int ipv4_sysctl_init_net(struct net *net)
815{ 819{
820 struct ctl_table *table;
821
822 table = ipv4_net_table;
823 if (net != &init_net) {
824 table = kmemdup(table, sizeof(ipv4_net_table), GFP_KERNEL);
825 if (table == NULL)
826 goto err_alloc;
827
828 table[0].data =
829 &net->ipv4.sysctl_icmp_echo_ignore_all;
830 table[1].data =
831 &net->ipv4.sysctl_icmp_echo_ignore_broadcasts;
832 table[2].data =
833 &net->ipv4.sysctl_icmp_ignore_bogus_error_responses;
834 table[3].data =
835 &net->ipv4.sysctl_icmp_errors_use_inbound_ifaddr;
836 table[4].data =
837 &net->ipv4.sysctl_icmp_ratelimit;
838 table[5].data =
839 &net->ipv4.sysctl_icmp_ratemask;
840 }
841
842 net->ipv4.ipv4_hdr = register_net_sysctl_table(net,
843 net_ipv4_ctl_path, table);
844 if (net->ipv4.ipv4_hdr == NULL)
845 goto err_reg;
846
816 return 0; 847 return 0;
848
849err_reg:
850 if (net != &init_net)
851 kfree(table);
852err_alloc:
853 return -ENOMEM;
817} 854}
818 855
819static __net_exit void ipv4_sysctl_exit_net(struct net *net) 856static __net_exit void ipv4_sysctl_exit_net(struct net *net)
820{ 857{
858 struct ctl_table *table;
859
860 table = net->ipv4.ipv4_hdr->ctl_table_arg;
861 unregister_net_sysctl_table(net->ipv4.ipv4_hdr);
862 kfree(table);
821} 863}
822 864
823static __net_initdata struct pernet_operations ipv4_sysctl_ops = { 865static __net_initdata struct pernet_operations ipv4_sysctl_ops = {