diff options
| author | Pavel Emelyanov <xemul@openvz.org> | 2008-01-22 08:58:31 -0500 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2008-01-28 18:10:34 -0500 |
| commit | 8d8354d2fb9277f165715a6e1cb92bcc89259975 (patch) | |
| tree | 465fd866b6f5b4ab9c05a5441697c07502d0f0ed /net/ipv6 | |
| parent | 9d5c824399dea881779d78a6c147288bf2dccb6b (diff) | |
[NETNS][FRAGS]: Move ctl tables around.
This is a preparation for sysctl netns-ization.
Move the ctl tables to the files, where the tuning
variables reside. Plus make the helpers to register
the tables.
This will simplify the later patches and will keep
similar things closer to each other.
ipv4, ipv6 and conntrack_reasm are patched differently,
but the result is all the tables are in appropriate files.
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv6')
| -rw-r--r-- | net/ipv6/af_inet6.c | 5 | ||||
| -rw-r--r-- | net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c | 29 | ||||
| -rw-r--r-- | net/ipv6/netfilter/nf_conntrack_reasm.c | 31 | ||||
| -rw-r--r-- | net/ipv6/reassembly.c | 66 | ||||
| -rw-r--r-- | net/ipv6/sysctl_net_ipv6.c | 40 |
5 files changed, 94 insertions, 77 deletions
diff --git a/net/ipv6/af_inet6.c b/net/ipv6/af_inet6.c index 6738a7b0e67f..bddac0e8780f 100644 --- a/net/ipv6/af_inet6.c +++ b/net/ipv6/af_inet6.c | |||
| @@ -721,10 +721,6 @@ static void cleanup_ipv6_mibs(void) | |||
| 721 | static int inet6_net_init(struct net *net) | 721 | static int inet6_net_init(struct net *net) |
| 722 | { | 722 | { |
| 723 | net->ipv6.sysctl.bindv6only = 0; | 723 | net->ipv6.sysctl.bindv6only = 0; |
| 724 | net->ipv6.sysctl.frags.high_thresh = 256 * 1024; | ||
| 725 | net->ipv6.sysctl.frags.low_thresh = 192 * 1024; | ||
| 726 | net->ipv6.sysctl.frags.timeout = IPV6_FRAG_TIMEOUT; | ||
| 727 | net->ipv6.sysctl.frags.secret_interval = 10 * 60 * HZ; | ||
| 728 | net->ipv6.sysctl.flush_delay = 0; | 724 | net->ipv6.sysctl.flush_delay = 0; |
| 729 | net->ipv6.sysctl.ip6_rt_max_size = 4096; | 725 | net->ipv6.sysctl.ip6_rt_max_size = 4096; |
| 730 | net->ipv6.sysctl.ip6_rt_gc_min_interval = HZ / 2; | 726 | net->ipv6.sysctl.ip6_rt_gc_min_interval = HZ / 2; |
| @@ -734,7 +730,6 @@ static int inet6_net_init(struct net *net) | |||
| 734 | net->ipv6.sysctl.ip6_rt_mtu_expires = 10*60*HZ; | 730 | net->ipv6.sysctl.ip6_rt_mtu_expires = 10*60*HZ; |
| 735 | net->ipv6.sysctl.ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40; | 731 | net->ipv6.sysctl.ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40; |
| 736 | net->ipv6.sysctl.icmpv6_time = 1*HZ; | 732 | net->ipv6.sysctl.icmpv6_time = 1*HZ; |
| 737 | ipv6_frag_sysctl_init(net); | ||
| 738 | 733 | ||
| 739 | return 0; | 734 | return 0; |
| 740 | } | 735 | } |
diff --git a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c index cf42f5cfc338..2d7b0246475d 100644 --- a/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c +++ b/net/ipv6/netfilter/nf_conntrack_l3proto_ipv6.c | |||
| @@ -297,35 +297,6 @@ static struct nf_hook_ops ipv6_conntrack_ops[] __read_mostly = { | |||
| 297 | }, | 297 | }, |
| 298 | }; | 298 | }; |
| 299 | 299 | ||
| 300 | #ifdef CONFIG_SYSCTL | ||
| 301 | static ctl_table nf_ct_ipv6_sysctl_table[] = { | ||
| 302 | { | ||
| 303 | .procname = "nf_conntrack_frag6_timeout", | ||
| 304 | .data = &nf_frags_ctl.timeout, | ||
| 305 | .maxlen = sizeof(unsigned int), | ||
| 306 | .mode = 0644, | ||
| 307 | .proc_handler = &proc_dointvec_jiffies, | ||
| 308 | }, | ||
| 309 | { | ||
| 310 | .ctl_name = NET_NF_CONNTRACK_FRAG6_LOW_THRESH, | ||
| 311 | .procname = "nf_conntrack_frag6_low_thresh", | ||
| 312 | .data = &nf_frags_ctl.low_thresh, | ||
| 313 | .maxlen = sizeof(unsigned int), | ||
| 314 | .mode = 0644, | ||
| 315 | .proc_handler = &proc_dointvec, | ||
| 316 | }, | ||
| 317 | { | ||
| 318 | .ctl_name = NET_NF_CONNTRACK_FRAG6_HIGH_THRESH, | ||
| 319 | .procname = "nf_conntrack_frag6_high_thresh", | ||
| 320 | .data = &nf_frags_ctl.high_thresh, | ||
| 321 | .maxlen = sizeof(unsigned int), | ||
| 322 | .mode = 0644, | ||
| 323 | .proc_handler = &proc_dointvec, | ||
| 324 | }, | ||
| 325 | { .ctl_name = 0 } | ||
| 326 | }; | ||
| 327 | #endif | ||
| 328 | |||
| 329 | #if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) | 300 | #if defined(CONFIG_NF_CT_NETLINK) || defined(CONFIG_NF_CT_NETLINK_MODULE) |
| 330 | 301 | ||
| 331 | #include <linux/netfilter/nfnetlink.h> | 302 | #include <linux/netfilter/nfnetlink.h> |
diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c index e170c67c47a5..d631631189b6 100644 --- a/net/ipv6/netfilter/nf_conntrack_reasm.c +++ b/net/ipv6/netfilter/nf_conntrack_reasm.c | |||
| @@ -70,7 +70,7 @@ struct nf_ct_frag6_queue | |||
| 70 | __u16 nhoffset; | 70 | __u16 nhoffset; |
| 71 | }; | 71 | }; |
| 72 | 72 | ||
| 73 | struct inet_frags_ctl nf_frags_ctl __read_mostly = { | 73 | static struct inet_frags_ctl nf_frags_ctl __read_mostly = { |
| 74 | .high_thresh = 256 * 1024, | 74 | .high_thresh = 256 * 1024, |
| 75 | .low_thresh = 192 * 1024, | 75 | .low_thresh = 192 * 1024, |
| 76 | .timeout = IPV6_FRAG_TIMEOUT, | 76 | .timeout = IPV6_FRAG_TIMEOUT, |
| @@ -79,6 +79,35 @@ struct inet_frags_ctl nf_frags_ctl __read_mostly = { | |||
| 79 | 79 | ||
| 80 | static struct inet_frags nf_frags; | 80 | static struct inet_frags nf_frags; |
| 81 | 81 | ||
| 82 | #ifdef CONFIG_SYSCTL | ||
| 83 | struct ctl_table nf_ct_ipv6_sysctl_table[] = { | ||
| 84 | { | ||
| 85 | .procname = "nf_conntrack_frag6_timeout", | ||
| 86 | .data = &nf_frags_ctl.timeout, | ||
| 87 | .maxlen = sizeof(unsigned int), | ||
| 88 | .mode = 0644, | ||
| 89 | .proc_handler = &proc_dointvec_jiffies, | ||
| 90 | }, | ||
| 91 | { | ||
| 92 | .ctl_name = NET_NF_CONNTRACK_FRAG6_LOW_THRESH, | ||
| 93 | .procname = "nf_conntrack_frag6_low_thresh", | ||
| 94 | .data = &nf_frags_ctl.low_thresh, | ||
| 95 | .maxlen = sizeof(unsigned int), | ||
| 96 | .mode = 0644, | ||
| 97 | .proc_handler = &proc_dointvec, | ||
| 98 | }, | ||
| 99 | { | ||
| 100 | .ctl_name = NET_NF_CONNTRACK_FRAG6_HIGH_THRESH, | ||
| 101 | .procname = "nf_conntrack_frag6_high_thresh", | ||
| 102 | .data = &nf_frags_ctl.high_thresh, | ||
| 103 | .maxlen = sizeof(unsigned int), | ||
| 104 | .mode = 0644, | ||
| 105 | .proc_handler = &proc_dointvec, | ||
| 106 | }, | ||
| 107 | { .ctl_name = 0 } | ||
| 108 | }; | ||
| 109 | #endif | ||
| 110 | |||
| 82 | static unsigned int ip6qhashfn(__be32 id, struct in6_addr *saddr, | 111 | static unsigned int ip6qhashfn(__be32 id, struct in6_addr *saddr, |
| 83 | struct in6_addr *daddr) | 112 | struct in6_addr *daddr) |
| 84 | { | 113 | { |
diff --git a/net/ipv6/reassembly.c b/net/ipv6/reassembly.c index 4dfcddc871ce..1815ff0cf628 100644 --- a/net/ipv6/reassembly.c +++ b/net/ipv6/reassembly.c | |||
| @@ -625,12 +625,70 @@ static struct inet6_protocol frag_protocol = | |||
| 625 | .flags = INET6_PROTO_NOPOLICY, | 625 | .flags = INET6_PROTO_NOPOLICY, |
| 626 | }; | 626 | }; |
| 627 | 627 | ||
| 628 | void ipv6_frag_sysctl_init(struct net *net) | 628 | #ifdef CONFIG_SYSCTL |
| 629 | static struct ctl_table ip6_frags_ctl_table[] = { | ||
| 630 | { | ||
| 631 | .ctl_name = NET_IPV6_IP6FRAG_HIGH_THRESH, | ||
| 632 | .procname = "ip6frag_high_thresh", | ||
| 633 | .data = &init_net.ipv6.sysctl.frags.high_thresh, | ||
| 634 | .maxlen = sizeof(int), | ||
| 635 | .mode = 0644, | ||
| 636 | .proc_handler = &proc_dointvec | ||
| 637 | }, | ||
| 638 | { | ||
| 639 | .ctl_name = NET_IPV6_IP6FRAG_LOW_THRESH, | ||
| 640 | .procname = "ip6frag_low_thresh", | ||
| 641 | .data = &init_net.ipv6.sysctl.frags.low_thresh, | ||
| 642 | .maxlen = sizeof(int), | ||
| 643 | .mode = 0644, | ||
| 644 | .proc_handler = &proc_dointvec | ||
| 645 | }, | ||
| 646 | { | ||
| 647 | .ctl_name = NET_IPV6_IP6FRAG_TIME, | ||
| 648 | .procname = "ip6frag_time", | ||
| 649 | .data = &init_net.ipv6.sysctl.frags.timeout, | ||
| 650 | .maxlen = sizeof(int), | ||
| 651 | .mode = 0644, | ||
| 652 | .proc_handler = &proc_dointvec_jiffies, | ||
| 653 | .strategy = &sysctl_jiffies, | ||
| 654 | }, | ||
| 655 | { | ||
| 656 | .ctl_name = NET_IPV6_IP6FRAG_SECRET_INTERVAL, | ||
| 657 | .procname = "ip6frag_secret_interval", | ||
| 658 | .data = &init_net.ipv6.sysctl.frags.secret_interval, | ||
| 659 | .maxlen = sizeof(int), | ||
| 660 | .mode = 0644, | ||
| 661 | .proc_handler = &proc_dointvec_jiffies, | ||
| 662 | .strategy = &sysctl_jiffies | ||
| 663 | }, | ||
| 664 | { } | ||
| 665 | }; | ||
| 666 | |||
| 667 | static int ip6_frags_sysctl_register(struct net *net) | ||
| 668 | { | ||
| 669 | struct ctl_table_header *hdr; | ||
| 670 | |||
| 671 | hdr = register_net_sysctl_table(net, net_ipv6_ctl_path, | ||
| 672 | ip6_frags_ctl_table); | ||
| 673 | return hdr == NULL ? -ENOMEM : 0; | ||
| 674 | } | ||
| 675 | #else | ||
| 676 | static inline int ip6_frags_sysctl_register(struct net *net) | ||
| 629 | { | 677 | { |
| 630 | if (net != &init_net) | 678 | return 0; |
| 631 | return; | 679 | } |
| 680 | #endif | ||
| 632 | 681 | ||
| 682 | static int ipv6_frags_init_net(struct net *net) | ||
| 683 | { | ||
| 633 | ip6_frags.ctl = &net->ipv6.sysctl.frags; | 684 | ip6_frags.ctl = &net->ipv6.sysctl.frags; |
| 685 | |||
| 686 | net->ipv6.sysctl.frags.high_thresh = 256 * 1024; | ||
| 687 | net->ipv6.sysctl.frags.low_thresh = 192 * 1024; | ||
| 688 | net->ipv6.sysctl.frags.timeout = IPV6_FRAG_TIMEOUT; | ||
| 689 | net->ipv6.sysctl.frags.secret_interval = 10 * 60 * HZ; | ||
| 690 | |||
| 691 | return ip6_frags_sysctl_register(net); | ||
| 634 | } | 692 | } |
| 635 | 693 | ||
| 636 | int __init ipv6_frag_init(void) | 694 | int __init ipv6_frag_init(void) |
| @@ -641,6 +699,8 @@ int __init ipv6_frag_init(void) | |||
| 641 | if (ret) | 699 | if (ret) |
| 642 | goto out; | 700 | goto out; |
| 643 | 701 | ||
| 702 | ipv6_frags_init_net(&init_net); | ||
| 703 | |||
| 644 | ip6_frags.hashfn = ip6_hashfn; | 704 | ip6_frags.hashfn = ip6_hashfn; |
| 645 | ip6_frags.constructor = ip6_frag_init; | 705 | ip6_frags.constructor = ip6_frag_init; |
| 646 | ip6_frags.destructor = NULL; | 706 | ip6_frags.destructor = NULL; |
diff --git a/net/ipv6/sysctl_net_ipv6.c b/net/ipv6/sysctl_net_ipv6.c index 7197eb74a755..408691b777c2 100644 --- a/net/ipv6/sysctl_net_ipv6.c +++ b/net/ipv6/sysctl_net_ipv6.c | |||
| @@ -38,40 +38,6 @@ static ctl_table ipv6_table_template[] = { | |||
| 38 | .proc_handler = &proc_dointvec | 38 | .proc_handler = &proc_dointvec |
| 39 | }, | 39 | }, |
| 40 | { | 40 | { |
| 41 | .ctl_name = NET_IPV6_IP6FRAG_HIGH_THRESH, | ||
| 42 | .procname = "ip6frag_high_thresh", | ||
| 43 | .data = &init_net.ipv6.sysctl.frags.high_thresh, | ||
| 44 | .maxlen = sizeof(int), | ||
| 45 | .mode = 0644, | ||
| 46 | .proc_handler = &proc_dointvec | ||
| 47 | }, | ||
| 48 | { | ||
| 49 | .ctl_name = NET_IPV6_IP6FRAG_LOW_THRESH, | ||
| 50 | .procname = "ip6frag_low_thresh", | ||
| 51 | .data = &init_net.ipv6.sysctl.frags.low_thresh, | ||
| 52 | .maxlen = sizeof(int), | ||
| 53 | .mode = 0644, | ||
| 54 | .proc_handler = &proc_dointvec | ||
| 55 | }, | ||
| 56 | { | ||
| 57 | .ctl_name = NET_IPV6_IP6FRAG_TIME, | ||
| 58 | .procname = "ip6frag_time", | ||
| 59 | .data = &init_net.ipv6.sysctl.frags.timeout, | ||
| 60 | .maxlen = sizeof(int), | ||
| 61 | .mode = 0644, | ||
| 62 | .proc_handler = &proc_dointvec_jiffies, | ||
| 63 | .strategy = &sysctl_jiffies, | ||
| 64 | }, | ||
| 65 | { | ||
| 66 | .ctl_name = NET_IPV6_IP6FRAG_SECRET_INTERVAL, | ||
| 67 | .procname = "ip6frag_secret_interval", | ||
| 68 | .data = &init_net.ipv6.sysctl.frags.secret_interval, | ||
| 69 | .maxlen = sizeof(int), | ||
| 70 | .mode = 0644, | ||
| 71 | .proc_handler = &proc_dointvec_jiffies, | ||
| 72 | .strategy = &sysctl_jiffies | ||
| 73 | }, | ||
| 74 | { | ||
| 75 | .ctl_name = NET_IPV6_MLD_MAX_MSF, | 41 | .ctl_name = NET_IPV6_MLD_MAX_MSF, |
| 76 | .procname = "mld_max_msf", | 42 | .procname = "mld_max_msf", |
| 77 | .data = &sysctl_mld_max_msf, | 43 | .data = &sysctl_mld_max_msf, |
| @@ -126,16 +92,12 @@ static int ipv6_sysctl_net_init(struct net *net) | |||
| 126 | ipv6_table[1].child = ipv6_icmp_table; | 92 | ipv6_table[1].child = ipv6_icmp_table; |
| 127 | 93 | ||
| 128 | ipv6_table[2].data = &net->ipv6.sysctl.bindv6only; | 94 | ipv6_table[2].data = &net->ipv6.sysctl.bindv6only; |
| 129 | ipv6_table[3].data = &net->ipv6.sysctl.frags.high_thresh; | ||
| 130 | ipv6_table[4].data = &net->ipv6.sysctl.frags.low_thresh; | ||
| 131 | ipv6_table[5].data = &net->ipv6.sysctl.frags.timeout; | ||
| 132 | ipv6_table[6].data = &net->ipv6.sysctl.frags.secret_interval; | ||
| 133 | 95 | ||
| 134 | /* We don't want this value to be per namespace, it should be global | 96 | /* We don't want this value to be per namespace, it should be global |
| 135 | to all namespaces, so make it read-only when we are not in the | 97 | to all namespaces, so make it read-only when we are not in the |
| 136 | init network namespace */ | 98 | init network namespace */ |
| 137 | if (net != &init_net) | 99 | if (net != &init_net) |
| 138 | ipv6_table[7].mode = 0444; | 100 | ipv6_table[3].mode = 0444; |
| 139 | 101 | ||
| 140 | net->ipv6.sysctl.table = register_net_sysctl_table(net, net_ipv6_ctl_path, | 102 | net->ipv6.sysctl.table = register_net_sysctl_table(net, net_ipv6_ctl_path, |
| 141 | ipv6_table); | 103 | ipv6_table); |