Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e4a2d5c2 authored by Pavel Emelyanov's avatar Pavel Emelyanov Committed by David S. Miller
Browse files

[NETNS][FRAGS]: Duplicate sysctl tables for new namespaces. 



Each namespace has to have own tables to tune their
different parameters, so duplicate the tables and
register them.

All the tables in sub-namespaces are temporarily made
read-only.

Signed-off-by: default avatarPavel Emelyanov <xemul@openvz.org>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 6ddc0822

include/net/netns/ipv4.h

+1 −0
Original line number Diff line number Diff line
@@ -16,6 +16,7 @@ struct sock; 
struct netns_ipv4 {

#ifdef CONFIG_SYSCTL

	struct ctl_table_header	*forw_hdr;

	struct ctl_table_header	*frags_hdr;

#endif

	struct ipv4_devconf	*devconf_all;

	struct ipv4_devconf	*devconf_dflt;

include/net/netns/ipv6.h

+1 −0
Original line number Diff line number Diff line
@@ -12,6 +12,7 @@ struct ctl_table_header; 
struct netns_sysctl_ipv6 {

#ifdef CONFIG_SYSCTL

	struct ctl_table_header *table;

	struct ctl_table_header *frags_hdr;

#endif

	struct inet_frags_ctl frags;

	int bindv6only;

net/ipv4/ip_fragment.c

+39 −3
Original line number Diff line number Diff line
@@ -661,17 +661,53 @@ static struct ctl_table ip4_frags_ctl_table[] = { 


static int ip4_frags_ctl_register(struct net *net)

{

	struct ctl_table *table;

	struct ctl_table_header *hdr;



	hdr = register_net_sysctl_table(net, net_ipv4_ctl_path,

			ip4_frags_ctl_table);

	return hdr == NULL ? -ENOMEM : 0;

	table = ip4_frags_ctl_table;

	if (net != &init_net) {

		table = kmemdup(table, sizeof(ip4_frags_ctl_table), GFP_KERNEL);

		if (table == NULL)

			goto err_alloc;



		table[0].mode &= ~0222;

		table[1].mode &= ~0222;

		table[2].mode &= ~0222;

		table[3].mode &= ~0222;

		table[4].mode &= ~0222;

	}



	hdr = register_net_sysctl_table(net, net_ipv4_ctl_path, table);

	if (hdr == NULL)

		goto err_reg;



	net->ipv4.frags_hdr = hdr;

	return 0;



err_reg:

	if (net != &init_net)

		kfree(table);

err_alloc:

	return -ENOMEM;

}



static void ip4_frags_ctl_unregister(struct net *net)

{

	struct ctl_table *table;



	table = net->ipv4.frags_hdr->ctl_table_arg;

	unregister_net_sysctl_table(net->ipv4.frags_hdr);

	kfree(table);

}

#else

static inline int ip4_frags_ctl_register(struct net *net)

{

	return 0;

}



static inline void ip4_frags_ctl_unregister(struct net *net)

{

}

#endif



static int ipv4_frags_init_net(struct net *net)

net/ipv6/reassembly.c

+38 −3
Original line number Diff line number Diff line
@@ -670,17 +670,52 @@ static struct ctl_table ip6_frags_ctl_table[] = { 


static int ip6_frags_sysctl_register(struct net *net)

{

	struct ctl_table *table;

	struct ctl_table_header *hdr;



	hdr = register_net_sysctl_table(net, net_ipv6_ctl_path,

			ip6_frags_ctl_table);

	return hdr == NULL ? -ENOMEM : 0;

	table = ip6_frags_ctl_table;

	if (net != &init_net) {

		table = kmemdup(table, sizeof(ip6_frags_ctl_table), GFP_KERNEL);

		if (table == NULL)

			goto err_alloc;



		table[0].mode &= ~0222;

		table[1].mode &= ~0222;

		table[2].mode &= ~0222;

		table[3].mode &= ~0222;

	}



	hdr = register_net_sysctl_table(net, net_ipv6_ctl_path, table);

	if (hdr == NULL)

		goto err_reg;



	net->ipv6.sysctl.frags_hdr = hdr;

	return 0;



err_reg:

	if (net != &init_net)

		kfree(table);

err_alloc:

	return -ENOMEM;

}



static void ip6_frags_sysctl_unregister(struct net *net)

{

	struct ctl_table *table;



	table = net->ipv6.sysctl.frags_hdr->ctl_table_arg;

	unregister_net_sysctl_table(net->ipv6.sysctl.frags_hdr);

	kfree(table);

}

#else

static inline int ip6_frags_sysctl_register(struct net *net)

{

	return 0;

}



static inline void ip6_frags_sysctl_unregister(struct net *net)

{

}

#endif



static int ipv6_frags_init_net(struct net *net)