ipv6: Add disable_ipv6 sysctl to disable IPv6 operaion on specific interface. (778d80be) · Commits · e / devices / android_kernel_samsung_universal8895

Documentation/networking/ip-sysctl.txt

+4 −0

Original line number	Original line	Diff line number	Diff line
	@@ -1025,6 +1025,10 @@ max_addresses - INTEGER
	autoconfigured addresses.		autoconfigured addresses.
	Default: 16		Default: 16

			disable_ipv6 - BOOLEAN
			Disable IPv6 operation.
			Default: FALSE (enable IPv6 operation)

	icmp/*:		icmp/*:
	ratelimit - INTEGER		ratelimit - INTEGER
	Limit the maximal rates for sending ICMPv6 packets.		Limit the maximal rates for sending ICMPv6 packets.

include/linux/ipv6.h

+2 −0

Original line number	Original line	Diff line number	Diff line
	@@ -163,6 +163,7 @@ struct ipv6_devconf {
	#ifdef CONFIG_IPV6_MROUTE		#ifdef CONFIG_IPV6_MROUTE
	__s32 mc_forwarding;		__s32 mc_forwarding;
	#endif		#endif
			__s32 disable_ipv6;
	void *sysctl;		void *sysctl;
	};		};

	@@ -194,6 +195,7 @@ enum {
	DEVCONF_OPTIMISTIC_DAD,		DEVCONF_OPTIMISTIC_DAD,
	DEVCONF_ACCEPT_SOURCE_ROUTE,		DEVCONF_ACCEPT_SOURCE_ROUTE,
	DEVCONF_MC_FORWARDING,		DEVCONF_MC_FORWARDING,
			DEVCONF_DISABLE_IPV6,
	DEVCONF_MAX		DEVCONF_MAX
	};		};

net/ipv6/addrconf.c

+11 −0

Original line number	Original line	Diff line number	Diff line
	@@ -183,6 +183,7 @@ struct ipv6_devconf ipv6_devconf __read_mostly = {
	#endif		#endif
	.proxy_ndp = 0,		.proxy_ndp = 0,
	.accept_source_route = 0, /* we do not accept RH0 by default. */		.accept_source_route = 0, /* we do not accept RH0 by default. */
			.disable_ipv6 = 0,
	};		};

	static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = {		static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = {
	@@ -215,6 +216,7 @@ static struct ipv6_devconf ipv6_devconf_dflt __read_mostly = {
	#endif		#endif
	.proxy_ndp = 0,		.proxy_ndp = 0,
	.accept_source_route = 0, /* we do not accept RH0 by default. */		.accept_source_route = 0, /* we do not accept RH0 by default. */
			.disable_ipv6 = 0,
	};		};

	/* IPv6 Wildcard Address and Loopback Address defined by RFC2553 */		/* IPv6 Wildcard Address and Loopback Address defined by RFC2553 */
	@@ -3657,6 +3659,7 @@ static inline void ipv6_store_devconf(struct ipv6_devconf *cnf,
	#ifdef CONFIG_IPV6_MROUTE		#ifdef CONFIG_IPV6_MROUTE
	array[DEVCONF_MC_FORWARDING] = cnf->mc_forwarding;		array[DEVCONF_MC_FORWARDING] = cnf->mc_forwarding;
	#endif		#endif
			array[DEVCONF_DISABLE_IPV6] = cnf->disable_ipv6;
	}		}

	static inline size_t inet6_if_nlmsg_size(void)		static inline size_t inet6_if_nlmsg_size(void)
	@@ -4215,6 +4218,14 @@ static struct addrconf_sysctl_table
	.proc_handler = &proc_dointvec,		.proc_handler = &proc_dointvec,
	},		},
	#endif		#endif
			{
			.ctl_name = CTL_UNNUMBERED,
			.procname = "disable_ipv6",
			.data = &ipv6_devconf.disable_ipv6,
			.maxlen = sizeof(int),
			.mode = 0644,
			.proc_handler = &proc_dointvec,
			},
	{		{
	.ctl_name = 0, /* sentinel */		.ctl_name = 0, /* sentinel */
	}		}

net/ipv6/ip6_input.c

+2 −1

Original line number	Original line	Diff line number	Diff line
	@@ -71,7 +71,8 @@ int ipv6_rcv(struct sk_buff skb, struct net_device dev, struct packet_type *pt

	IP6_INC_STATS_BH(idev, IPSTATS_MIB_INRECEIVES);		IP6_INC_STATS_BH(idev, IPSTATS_MIB_INRECEIVES);

	if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL) {		if ((skb = skb_share_check(skb, GFP_ATOMIC)) == NULL \|\|
			!idev \|\| unlikely(idev->cnf.disable_ipv6)) {
	IP6_INC_STATS_BH(idev, IPSTATS_MIB_INDISCARDS);		IP6_INC_STATS_BH(idev, IPSTATS_MIB_INDISCARDS);
	rcu_read_unlock();		rcu_read_unlock();
	goto out;		goto out;

net/ipv6/ip6_output.c

+7 −0

Original line number	Original line	Diff line number	Diff line
	@@ -173,6 +173,13 @@ static inline int ip6_skb_dst_mtu(struct sk_buff *skb)

	int ip6_output(struct sk_buff *skb)		int ip6_output(struct sk_buff *skb)
	{		{
			struct inet6_dev *idev = ip6_dst_idev(skb->dst);
			if (unlikely(idev->cnf.disable_ipv6)) {
			IP6_INC_STATS(idev, IPSTATS_MIB_OUTDISCARDS);
			kfree_skb(skb);
			return 0;
			}

	if ((skb->len > ip6_skb_dst_mtu(skb) && !skb_is_gso(skb)) \|\|		if ((skb->len > ip6_skb_dst_mtu(skb) && !skb_is_gso(skb)) \|\|
	dst_allfrag(skb->dst))		dst_allfrag(skb->dst))
	return ip6_fragment(skb, ip6_output2);		return ip6_fragment(skb, ip6_output2);