3 files changed, 8 insertions, 102 deletions
diff --git a/include/net/netns/ipv4.h b/include/net/netns/ipv4.h
index ae07feec6446..d68c3f121774 100644
--- a/include/net/netns/ipv4.h
+++ b/include/net/netns/ipv4.h
@@ -55,7 +55,6 @@ struct netns_ipv4 {
        int sysctl_rt_cache_rebuild_count;
        int current_rt_cache_rebuild_count;
-        struct timer_list rt_secret_timer;
        atomic_t rt_genid;
 #ifdef CONFIG_IP_MROUTE
diff --git a/kernel/sysctl_binary.c b/kernel/sysctl_binary.c
index 59030570f5ca..937d31dc8566 100644
--- a/kernel/sysctl_binary.c
+++ b/kernel/sysctl_binary.c
@@ -224,7 +224,6 @@ static const struct bin_table bin_net_ipv4_route_table[] = {
        { CTL_INT,      NET_IPV4_ROUTE_MTU_EXPIRES,             "mtu_expires" },
        { CTL_INT,      NET_IPV4_ROUTE_MIN_PMTU,                "min_pmtu" },
        { CTL_INT,      NET_IPV4_ROUTE_MIN_ADVMSS,              "min_adv_mss" },
-        { CTL_INT,      NET_IPV4_ROUTE_SECRET_INTERVAL,         "secret_interval" },
        {}
 };
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index a947428ef0ae..dea3f9264250 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -129,7 +129,6 @@ static int ip_rt_gc_elasticity __read_mostly	= 8;
 static int ip_rt_mtu_expires __read_mostly      = 10 * 60 * HZ;
 static int ip_rt_min_pmtu __read_mostly         = 512 + 20 + 20;
 static int ip_rt_min_advmss __read_mostly       = 256;
-static int ip_rt_secret_interval __read_mostly  = 10 * 60 * HZ;
 static int rt_chain_length_max __read_mostly    = 20;
 static struct delayed_work expires_work;
@@ -918,32 +917,11 @@ void rt_cache_flush_batch(void)
        rt_do_flush(!in_softirq());
 }
-/*
- * We change rt_genid and let gc do the cleanup
- */
-static void rt_secret_rebuild(unsigned long __net)
-{
-        struct net *net = (struct net *)__net;
-        rt_cache_invalidate(net);
-        mod_timer(&net->ipv4.rt_secret_timer, jiffies + ip_rt_secret_interval);
-}
-static void rt_secret_rebuild_oneshot(struct net *net)
-{
-        del_timer_sync(&net->ipv4.rt_secret_timer);
-        rt_cache_invalidate(net);
-        if (ip_rt_secret_interval)
-                mod_timer(&net->ipv4.rt_secret_timer, jiffies + ip_rt_secret_interval);
-}
 static void rt_emergency_hash_rebuild(struct net *net)
 {
-        if (net_ratelimit()) {
+        if (net_ratelimit())
                printk(KERN_WARNING "Route hash chain too long!\n");
-                printk(KERN_WARNING "Adjust your secret_interval!\n");
+        rt_cache_invalidate(net);
-        }
-        rt_secret_rebuild_oneshot(net);
 }
 /*
@@ -3101,48 +3079,6 @@ static int ipv4_sysctl_rtcache_flush(ctl_table *__ctl, int write,
        return -EINVAL;
 }
-static void rt_secret_reschedule(int old)
-{
-        struct net *net;
-        int new = ip_rt_secret_interval;
-        int diff = new - old;
-        if (!diff)
-                return;
-        rtnl_lock();
-        for_each_net(net) {
-                int deleted = del_timer_sync(&net->ipv4.rt_secret_timer);
-                long time;
-                if (!new)
-                        continue;
-                if (deleted) {
-                        time = net->ipv4.rt_secret_timer.expires - jiffies;
-                        if (time <= 0 || (time += diff) <= 0)
-                                time = 0;
-                } else
-                        time = new;
-                mod_timer(&net->ipv4.rt_secret_timer, jiffies + time);
-        }
-        rtnl_unlock();
-}
-static int ipv4_sysctl_rt_secret_interval(ctl_table *ctl, int write,
-                                          void __user *buffer, size_t *lenp,
-                                          loff_t *ppos)
-{
-        int old = ip_rt_secret_interval;
-        int ret = proc_dointvec_jiffies(ctl, write, buffer, lenp, ppos);
-        rt_secret_reschedule(old);
-        return ret;
-}
 static ctl_table ipv4_route_table[] = {
        {
                .procname       = "gc_thresh",
@@ -3251,13 +3187,6 @@ static ctl_table ipv4_route_table[] = {
                .mode           = 0644,
                .proc_handler   = proc_dointvec,
        },
-        {
-                .procname       = "secret_interval",
-                .data           = &ip_rt_secret_interval,
-                .maxlen         = sizeof(int),
-                .mode           = 0644,
-                .proc_handler   = ipv4_sysctl_rt_secret_interval,
-        },
        { }
 };
@@ -3336,34 +3265,15 @@ static __net_initdata struct pernet_operations sysctl_route_ops = {
 };
 #endif
+static __net_init int rt_genid_init(struct net *net)
-static __net_init int rt_secret_timer_init(struct net *net)
 {
-        atomic_set(&net->ipv4.rt_genid,
+        get_random_bytes(&net->ipv4.rt_genid,
-                        (int) ((num_physpages ^ (num_physpages>>8)) ^
+                         sizeof(net->ipv4.rt_genid));
-                        (jiffies ^ (jiffies >> 7))));
-        net->ipv4.rt_secret_timer.function = rt_secret_rebuild;
-        net->ipv4.rt_secret_timer.data = (unsigned long)net;
-        init_timer_deferrable(&net->ipv4.rt_secret_timer);
-        if (ip_rt_secret_interval) {
-                net->ipv4.rt_secret_timer.expires =
-                        jiffies + net_random() % ip_rt_secret_interval +
-                        ip_rt_secret_interval;
-                add_timer(&net->ipv4.rt_secret_timer);
-        }
        return 0;
 }
-static __net_exit void rt_secret_timer_exit(struct net *net)
+static __net_initdata struct pernet_operations rt_genid_ops = {
-{
+        .init = rt_genid_init,
-        del_timer_sync(&net->ipv4.rt_secret_timer);
-}
-static __net_initdata struct pernet_operations rt_secret_timer_ops = {
-        .init = rt_secret_timer_init,
-        .exit = rt_secret_timer_exit,
 };
@@ -3424,9 +3334,6 @@ int __init ip_rt_init(void)
        schedule_delayed_work(&expires_work,
                net_random() % ip_rt_gc_interval + ip_rt_gc_interval);
-        if (register_pernet_subsys(&rt_secret_timer_ops))
-                printk(KERN_ERR "Unable to setup rt_secret_timer\n");
        if (ip_rt_proc_init())
                printk(KERN_ERR "Unable to create route proc files\n");
 #ifdef CONFIG_XFRM
@@ -3438,6 +3345,7 @@ int __init ip_rt_init(void)
 #ifdef CONFIG_SYSCTL
        register_pernet_subsys(&sysctl_route_ops);
 #endif
+        register_pernet_subsys(&rt_genid_ops);
        return rc;
 }

diff --git a/include/net/netns/ipv4.h b/include/net/netns/ipv4.h index ae07feec6446..d68c3f121774 100644 --- a/include/net/netns/ipv4.h +++ b/include/net/netns/ipv4.h
@@ -55,7 +55,6 @@ struct netns_ipv4 {
55	int sysctl_rt_cache_rebuild_count;	55	int sysctl_rt_cache_rebuild_count;
56	int current_rt_cache_rebuild_count;	56	int current_rt_cache_rebuild_count;
57		57
58	struct timer_list rt_secret_timer;
59	atomic_t rt_genid;	58	atomic_t rt_genid;
60		59
61	#ifdef CONFIG_IP_MROUTE	60	#ifdef CONFIG_IP_MROUTE


diff --git a/kernel/sysctl_binary.c b/kernel/sysctl_binary.c index 59030570f5ca..937d31dc8566 100644 --- a/kernel/sysctl_binary.c +++ b/kernel/sysctl_binary.c
@@ -224,7 +224,6 @@ static const struct bin_table bin_net_ipv4_route_table[] = {
224	{ CTL_INT, NET_IPV4_ROUTE_MTU_EXPIRES, "mtu_expires" },	224	{ CTL_INT, NET_IPV4_ROUTE_MTU_EXPIRES, "mtu_expires" },
225	{ CTL_INT, NET_IPV4_ROUTE_MIN_PMTU, "min_pmtu" },	225	{ CTL_INT, NET_IPV4_ROUTE_MIN_PMTU, "min_pmtu" },
226	{ CTL_INT, NET_IPV4_ROUTE_MIN_ADVMSS, "min_adv_mss" },	226	{ CTL_INT, NET_IPV4_ROUTE_MIN_ADVMSS, "min_adv_mss" },
227	{ CTL_INT, NET_IPV4_ROUTE_SECRET_INTERVAL, "secret_interval" },
228	{}	227	{}
229	};	228	};
230		229


diff --git a/net/ipv4/route.c b/net/ipv4/route.c index a947428ef0ae..dea3f9264250 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c
@@ -129,7 +129,6 @@ static int ip_rt_gc_elasticity __read_mostly = 8;
129	static int ip_rt_mtu_expires __read_mostly = 10 * 60 * HZ;	129	static int ip_rt_mtu_expires __read_mostly = 10 * 60 * HZ;
130	static int ip_rt_min_pmtu __read_mostly = 512 + 20 + 20;	130	static int ip_rt_min_pmtu __read_mostly = 512 + 20 + 20;
131	static int ip_rt_min_advmss __read_mostly = 256;	131	static int ip_rt_min_advmss __read_mostly = 256;
132	static int ip_rt_secret_interval __read_mostly = 10 * 60 * HZ;
133	static int rt_chain_length_max __read_mostly = 20;	132	static int rt_chain_length_max __read_mostly = 20;
134		133
135	static struct delayed_work expires_work;	134	static struct delayed_work expires_work;
@@ -918,32 +917,11 @@ void rt_cache_flush_batch(void)
918	rt_do_flush(!in_softirq());	917	rt_do_flush(!in_softirq());
919	}	918	}
920		919
921	/*
922	* We change rt_genid and let gc do the cleanup
923	*/
924	static void rt_secret_rebuild(unsigned long __net)
925	{
926	struct net net = (struct net )__net;
927	rt_cache_invalidate(net);
928	mod_timer(&net->ipv4.rt_secret_timer, jiffies + ip_rt_secret_interval);
929	}
930
931	static void rt_secret_rebuild_oneshot(struct net *net)
932	{
933	del_timer_sync(&net->ipv4.rt_secret_timer);
934	rt_cache_invalidate(net);
935	if (ip_rt_secret_interval)
936	mod_timer(&net->ipv4.rt_secret_timer, jiffies + ip_rt_secret_interval);
937	}
938
939	static void rt_emergency_hash_rebuild(struct net *net)	920	static void rt_emergency_hash_rebuild(struct net *net)
940	{	921	{
941	if (net_ratelimit()) {	922	if (net_ratelimit())
942	printk(KERN_WARNING "Route hash chain too long!\n");	923	printk(KERN_WARNING "Route hash chain too long!\n");
943	printk(KERN_WARNING "Adjust your secret_interval!\n");	924	rt_cache_invalidate(net);
944	}
945
946	rt_secret_rebuild_oneshot(net);
947	}	925	}
948		926
949	/*	927	/*
@@ -3101,48 +3079,6 @@ static int ipv4_sysctl_rtcache_flush(ctl_table *__ctl, int write,
3101	return -EINVAL;	3079	return -EINVAL;
3102	}	3080	}
3103		3081
3104	static void rt_secret_reschedule(int old)
3105	{
3106	struct net *net;
3107	int new = ip_rt_secret_interval;
3108	int diff = new - old;
3109
3110	if (!diff)
3111	return;
3112
3113	rtnl_lock();
3114	for_each_net(net) {
3115	int deleted = del_timer_sync(&net->ipv4.rt_secret_timer);
3116	long time;
3117
3118	if (!new)
3119	continue;
3120
3121	if (deleted) {
3122	time = net->ipv4.rt_secret_timer.expires - jiffies;
3123
3124	if (time <= 0 \|\| (time += diff) <= 0)
3125	time = 0;
3126	} else
3127	time = new;
3128
3129	mod_timer(&net->ipv4.rt_secret_timer, jiffies + time);
3130	}
3131	rtnl_unlock();
3132	}
3133
3134	static int ipv4_sysctl_rt_secret_interval(ctl_table *ctl, int write,
3135	void __user buffer, size_t lenp,
3136	loff_t *ppos)
3137	{
3138	int old = ip_rt_secret_interval;
3139	int ret = proc_dointvec_jiffies(ctl, write, buffer, lenp, ppos);
3140
3141	rt_secret_reschedule(old);
3142
3143	return ret;
3144	}
3145
3146	static ctl_table ipv4_route_table[] = {	3082	static ctl_table ipv4_route_table[] = {
3147	{	3083	{
3148	.procname = "gc_thresh",	3084	.procname = "gc_thresh",
@@ -3251,13 +3187,6 @@ static ctl_table ipv4_route_table[] = {
3251	.mode = 0644,	3187	.mode = 0644,
3252	.proc_handler = proc_dointvec,	3188	.proc_handler = proc_dointvec,
3253	},	3189	},
3254	{
3255	.procname = "secret_interval",
3256	.data = &ip_rt_secret_interval,
3257	.maxlen = sizeof(int),
3258	.mode = 0644,
3259	.proc_handler = ipv4_sysctl_rt_secret_interval,
3260	},
3261	{ }	3190	{ }
3262	};	3191	};
3263		3192
@@ -3336,34 +3265,15 @@ static __net_initdata struct pernet_operations sysctl_route_ops = {
3336	};	3265	};
3337	#endif	3266	#endif
3338		3267
3339		3268	static __net_init int rt_genid_init(struct net *net)
3340	static __net_init int rt_secret_timer_init(struct net *net)
3341	{	3269	{
3342	atomic_set(&net->ipv4.rt_genid,	3270	get_random_bytes(&net->ipv4.rt_genid,
3343	(int) ((num_physpages ^ (num_physpages>>8)) ^	3271	sizeof(net->ipv4.rt_genid));
3344	(jiffies ^ (jiffies >> 7))));
3345
3346	net->ipv4.rt_secret_timer.function = rt_secret_rebuild;
3347	net->ipv4.rt_secret_timer.data = (unsigned long)net;
3348	init_timer_deferrable(&net->ipv4.rt_secret_timer);
3349
3350	if (ip_rt_secret_interval) {
3351	net->ipv4.rt_secret_timer.expires =
3352	jiffies + net_random() % ip_rt_secret_interval +
3353	ip_rt_secret_interval;
3354	add_timer(&net->ipv4.rt_secret_timer);
3355	}
3356	return 0;	3272	return 0;
3357	}	3273	}
3358		3274
3359	static __net_exit void rt_secret_timer_exit(struct net *net)	3275	static __net_initdata struct pernet_operations rt_genid_ops = {
3360	{	3276	.init = rt_genid_init,
3361	del_timer_sync(&net->ipv4.rt_secret_timer);
3362	}
3363
3364	static __net_initdata struct pernet_operations rt_secret_timer_ops = {
3365	.init = rt_secret_timer_init,
3366	.exit = rt_secret_timer_exit,
3367	};	3277	};
3368		3278
3369		3279
@@ -3424,9 +3334,6 @@ int __init ip_rt_init(void)
3424	schedule_delayed_work(&expires_work,	3334	schedule_delayed_work(&expires_work,
3425	net_random() % ip_rt_gc_interval + ip_rt_gc_interval);	3335	net_random() % ip_rt_gc_interval + ip_rt_gc_interval);
3426		3336
3427	if (register_pernet_subsys(&rt_secret_timer_ops))
3428	printk(KERN_ERR "Unable to setup rt_secret_timer\n");
3429
3430	if (ip_rt_proc_init())	3337	if (ip_rt_proc_init())
3431	printk(KERN_ERR "Unable to create route proc files\n");	3338	printk(KERN_ERR "Unable to create route proc files\n");
3432	#ifdef CONFIG_XFRM	3339	#ifdef CONFIG_XFRM
@@ -3438,6 +3345,7 @@ int __init ip_rt_init(void)
3438	#ifdef CONFIG_SYSCTL	3345	#ifdef CONFIG_SYSCTL
3439	register_pernet_subsys(&sysctl_route_ops);	3346	register_pernet_subsys(&sysctl_route_ops);
3440	#endif	3347	#endif
		3348	register_pernet_subsys(&rt_genid_ops);
3441	return rc;	3349	return rc;
3442	}	3350	}
3443		3351