Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 06fcb3b6 authored by David S. Miller's avatar David S. Miller
Browse files

Merge branch 'tcp-Namespaceify-3-sysctls' 



Eric Dumazet says:

====================
tcp: Namespaceify 3 sysctls

Move tcp_sack, tcp_window_scaling and tcp_timestamps
sysctls to network namespaces.
====================

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents a5fcf8a6 5d2ed052

drivers/infiniband/hw/cxgb4/cm.c

+1 −1
Original line number Diff line number Diff line
@@ -3756,7 +3756,7 @@ static void build_cpl_pass_accept_req(struct sk_buff *skb, int stid , u8 tos) 
	 */

	memset(&tmp_opt, 0, sizeof(tmp_opt));

	tcp_clear_options(&tmp_opt);

	tcp_parse_options(skb, &tmp_opt, 0, NULL);

	tcp_parse_options(&init_net, skb, &tmp_opt, 0, NULL);



	req = (struct cpl_pass_accept_req *)__skb_push(skb, sizeof(*req));

	memset(req, 0, sizeof(*req));

include/net/netns/ipv4.h

+3 −0
Original line number Diff line number Diff line
@@ -122,6 +122,9 @@ struct netns_ipv4 { 
	int sysctl_tcp_fin_timeout;

	unsigned int sysctl_tcp_notsent_lowat;

	int sysctl_tcp_tw_reuse;

	int sysctl_tcp_sack;

	int sysctl_tcp_window_scaling;

	int sysctl_tcp_timestamps;

	struct inet_timewait_death_row tcp_death_row;

	int sysctl_max_syn_backlog;

include/net/secure_seq.h

+3 −2
Original line number Diff line number Diff line
@@ -8,10 +8,11 @@ u32 secure_ipv6_port_ephemeral(const __be32 *saddr, const __be32 *daddr, 
			       __be16 dport);

u32 secure_tcp_seq(__be32 saddr, __be32 daddr,

		   __be16 sport, __be16 dport);

u32 secure_tcp_ts_off(__be32 saddr, __be32 daddr);

u32 secure_tcp_ts_off(const struct net *net, __be32 saddr, __be32 daddr);

u32 secure_tcpv6_seq(const __be32 *saddr, const __be32 *daddr,

		     __be16 sport, __be16 dport);

u32 secure_tcpv6_ts_off(const __be32 *saddr, const __be32 *daddr);

u32 secure_tcpv6_ts_off(const struct net *net,

			const __be32 *saddr, const __be32 *daddr);

u64 secure_dccp_sequence_number(__be32 saddr, __be32 daddr,

				__be16 sport, __be16 dport);

u64 secure_dccpv6_sequence_number(__be32 *saddr, __be32 *daddr,

include/net/tcp.h

+4 −6
Original line number Diff line number Diff line
@@ -237,9 +237,6 @@ void tcp_time_wait(struct sock *sk, int state, int timeo); 




/* sysctl variables for tcp */

extern int sysctl_tcp_timestamps;

extern int sysctl_tcp_window_scaling;

extern int sysctl_tcp_sack;

extern int sysctl_tcp_fastopen;

extern int sysctl_tcp_retrans_collapse;

extern int sysctl_tcp_stdurg;
@@ -427,7 +424,7 @@ void tcp_set_keepalive(struct sock *sk, int val); 
void tcp_syn_ack_timeout(const struct request_sock *req);

int tcp_recvmsg(struct sock *sk, struct msghdr *msg, size_t len, int nonblock,

		int flags, int *addr_len);

void tcp_parse_options(const struct sk_buff *skb,

void tcp_parse_options(const struct net *net, const struct sk_buff *skb,

		       struct tcp_options_received *opt_rx,

		       int estab, struct tcp_fastopen_cookie *foc);

const u8 *tcp_parse_md5sig_option(const struct tcphdr *th);
@@ -520,7 +517,8 @@ u32 __cookie_v4_init_sequence(const struct iphdr *iph, const struct tcphdr *th, 
			      u16 *mssp);

__u32 cookie_v4_init_sequence(const struct sk_buff *skb, __u16 *mss);

u64 cookie_init_timestamp(struct request_sock *req);

bool cookie_timestamp_decode(struct tcp_options_received *opt);

bool cookie_timestamp_decode(const struct net *net,

			     struct tcp_options_received *opt);

bool cookie_ecn_ok(const struct tcp_options_received *opt,

		   const struct net *net, const struct dst_entry *dst);
@@ -1870,7 +1868,7 @@ struct tcp_request_sock_ops { 
	struct dst_entry *(*route_req)(const struct sock *sk, struct flowi *fl,

				       const struct request_sock *req);

	u32 (*init_seq)(const struct sk_buff *skb);

	u32 (*init_ts_off)(const struct sk_buff *skb);

	u32 (*init_ts_off)(const struct net *net, const struct sk_buff *skb);

	int (*send_synack)(const struct sock *sk, struct dst_entry *dst,

			   struct flowi *fl, struct request_sock *req,

			   struct tcp_fastopen_cookie *foc,

net/core/secure_seq.c

+5 −4
Original line number Diff line number Diff line
@@ -51,7 +51,8 @@ static u32 seq_scale(u32 seq) 
#endif



#if IS_ENABLED(CONFIG_IPV6)

u32 secure_tcpv6_ts_off(const __be32 *saddr, const __be32 *daddr)

u32 secure_tcpv6_ts_off(const struct net *net,

			const __be32 *saddr, const __be32 *daddr)

{

	const struct {

		struct in6_addr saddr;
@@ -61,7 +62,7 @@ u32 secure_tcpv6_ts_off(const __be32 *saddr, const __be32 *daddr) 
		.daddr = *(struct in6_addr *)daddr,

	};



	if (sysctl_tcp_timestamps != 1)

	if (net->ipv4.sysctl_tcp_timestamps != 1)

		return 0;



	ts_secret_init();
@@ -113,9 +114,9 @@ EXPORT_SYMBOL(secure_ipv6_port_ephemeral); 
#endif



#ifdef CONFIG_INET

u32 secure_tcp_ts_off(__be32 saddr, __be32 daddr)

u32 secure_tcp_ts_off(const struct net *net, __be32 saddr, __be32 daddr)

{

	if (sysctl_tcp_timestamps != 1)

	if (net->ipv4.sysctl_tcp_timestamps != 1)

		return 0;



	ts_secret_init();