1 files changed, 70 insertions, 6 deletions
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index 16fc6f454a31..cca921ea8550 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -2914,6 +2914,68 @@ static int ipv4_sysctl_rtcache_flush_strategy(ctl_table *table,
        return 0;
 }
+static void rt_secret_reschedule(int old)
+{
+        struct net *net;
+        int new = ip_rt_secret_interval;
+        int diff = new - old;
+        if (!diff)
+                return;
+        rtnl_lock();
+        for_each_net(net) {
+                int deleted = del_timer_sync(&net->ipv4.rt_secret_timer);
+                if (!new)
+                        continue;
+                if (deleted) {
+                        long time = net->ipv4.rt_secret_timer.expires - jiffies;
+                        if (time <= 0 || (time += diff) <= 0)
+                                time = 0;
+                        net->ipv4.rt_secret_timer.expires = time;
+                } else
+                        net->ipv4.rt_secret_timer.expires = new;
+                net->ipv4.rt_secret_timer.expires += jiffies;
+                add_timer(&net->ipv4.rt_secret_timer);
+        }
+        rtnl_unlock();
+}
+static int ipv4_sysctl_rt_secret_interval(ctl_table *ctl, int write,
+                                          struct file *filp,
+                                          void __user *buffer, size_t *lenp,
+                                          loff_t *ppos)
+{
+        int old = ip_rt_secret_interval;
+        int ret = proc_dointvec_jiffies(ctl, write, filp, buffer, lenp, ppos);
+        rt_secret_reschedule(old);
+        return ret;
+}
+static int ipv4_sysctl_rt_secret_interval_strategy(ctl_table *table,
+                                                   int __user *name,
+                                                   int nlen,
+                                                   void __user *oldval,
+                                                   size_t __user *oldlenp,
+                                                   void __user *newval,
+                                                   size_t newlen)
+{
+        int old = ip_rt_secret_interval;
+        int ret = sysctl_jiffies(table, name, nlen, oldval, oldlenp, newval,
+                                 newlen);
+        rt_secret_reschedule(old);
+        return ret;
+}
 static ctl_table ipv4_route_table[] = {
        {
                .ctl_name       = NET_IPV4_ROUTE_GC_THRESH,
@@ -3048,8 +3110,8 @@ static ctl_table ipv4_route_table[] = {
                .data           = &ip_rt_secret_interval,
                .maxlen         = sizeof(int),
                .mode           = 0644,
-                .proc_handler   = &proc_dointvec_jiffies,
+                .proc_handler   = &ipv4_sysctl_rt_secret_interval,
-                .strategy       = &sysctl_jiffies,
+                .strategy       = &ipv4_sysctl_rt_secret_interval_strategy,
        },
        { .ctl_name = 0 }
 };
@@ -3126,10 +3188,12 @@ static __net_init int rt_secret_timer_init(struct net *net)
        net->ipv4.rt_secret_timer.data = (unsigned long)net;
        init_timer_deferrable(&net->ipv4.rt_secret_timer);
-        net->ipv4.rt_secret_timer.expires =
+        if (ip_rt_secret_interval) {
-                jiffies + net_random() % ip_rt_secret_interval +
+                net->ipv4.rt_secret_timer.expires =
-                ip_rt_secret_interval;
+                        jiffies + net_random() % ip_rt_secret_interval +
-        add_timer(&net->ipv4.rt_secret_timer);
+                        ip_rt_secret_interval;
+                add_timer(&net->ipv4.rt_secret_timer);
+        }
        return 0;
 }

diff --git a/net/ipv4/route.c b/net/ipv4/route.c index 16fc6f454a31..cca921ea8550 100644 --- a/net/ipv4/route.c +++ b/net/ipv4/route.c
@@ -2914,6 +2914,68 @@ static int ipv4_sysctl_rtcache_flush_strategy(ctl_table *table,
2914	return 0;	2914	return 0;
2915	}	2915	}
2916		2916
		2917	static void rt_secret_reschedule(int old)
		2918	{
		2919	struct net *net;
		2920	int new = ip_rt_secret_interval;
		2921	int diff = new - old;
		2922
		2923	if (!diff)
		2924	return;
		2925
		2926	rtnl_lock();
		2927	for_each_net(net) {
		2928	int deleted = del_timer_sync(&net->ipv4.rt_secret_timer);
		2929
		2930	if (!new)
		2931	continue;
		2932
		2933	if (deleted) {
		2934	long time = net->ipv4.rt_secret_timer.expires - jiffies;
		2935
		2936	if (time <= 0 \|\| (time += diff) <= 0)
		2937	time = 0;
		2938
		2939	net->ipv4.rt_secret_timer.expires = time;
		2940	} else
		2941	net->ipv4.rt_secret_timer.expires = new;
		2942
		2943	net->ipv4.rt_secret_timer.expires += jiffies;
		2944	add_timer(&net->ipv4.rt_secret_timer);
		2945	}
		2946	rtnl_unlock();
		2947	}
		2948
		2949	static int ipv4_sysctl_rt_secret_interval(ctl_table *ctl, int write,
		2950	struct file *filp,
		2951	void __user buffer, size_t lenp,
		2952	loff_t *ppos)
		2953	{
		2954	int old = ip_rt_secret_interval;
		2955	int ret = proc_dointvec_jiffies(ctl, write, filp, buffer, lenp, ppos);
		2956
		2957	rt_secret_reschedule(old);
		2958
		2959	return ret;
		2960	}
		2961
		2962	static int ipv4_sysctl_rt_secret_interval_strategy(ctl_table *table,
		2963	int __user *name,
		2964	int nlen,
		2965	void __user *oldval,
		2966	size_t __user *oldlenp,
		2967	void __user *newval,
		2968	size_t newlen)
		2969	{
		2970	int old = ip_rt_secret_interval;
		2971	int ret = sysctl_jiffies(table, name, nlen, oldval, oldlenp, newval,
		2972	newlen);
		2973
		2974	rt_secret_reschedule(old);
		2975
		2976	return ret;
		2977	}
		2978
2917	static ctl_table ipv4_route_table[] = {	2979	static ctl_table ipv4_route_table[] = {
2918	{	2980	{
2919	.ctl_name = NET_IPV4_ROUTE_GC_THRESH,	2981	.ctl_name = NET_IPV4_ROUTE_GC_THRESH,
@@ -3048,8 +3110,8 @@ static ctl_table ipv4_route_table[] = {
3048	.data = &ip_rt_secret_interval,	3110	.data = &ip_rt_secret_interval,
3049	.maxlen = sizeof(int),	3111	.maxlen = sizeof(int),
3050	.mode = 0644,	3112	.mode = 0644,
3051	.proc_handler = &proc_dointvec_jiffies,	3113	.proc_handler = &ipv4_sysctl_rt_secret_interval,
3052	.strategy = &sysctl_jiffies,	3114	.strategy = &ipv4_sysctl_rt_secret_interval_strategy,
3053	},	3115	},
3054	{ .ctl_name = 0 }	3116	{ .ctl_name = 0 }
3055	};	3117	};
@@ -3126,10 +3188,12 @@ static __net_init int rt_secret_timer_init(struct net *net)
3126	net->ipv4.rt_secret_timer.data = (unsigned long)net;	3188	net->ipv4.rt_secret_timer.data = (unsigned long)net;
3127	init_timer_deferrable(&net->ipv4.rt_secret_timer);	3189	init_timer_deferrable(&net->ipv4.rt_secret_timer);
3128		3190
3129	net->ipv4.rt_secret_timer.expires =	3191	if (ip_rt_secret_interval) {
3130	jiffies + net_random() % ip_rt_secret_interval +	3192	net->ipv4.rt_secret_timer.expires =
3131	ip_rt_secret_interval;	3193	jiffies + net_random() % ip_rt_secret_interval +
3132	add_timer(&net->ipv4.rt_secret_timer);	3194	ip_rt_secret_interval;
		3195	add_timer(&net->ipv4.rt_secret_timer);
		3196	}
3133	return 0;	3197	return 0;
3134	}	3198	}
3135		3199