projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/cooloney...
[deliverable/linux.git] / net / ipv4 / sysctl_net_ipv4.c
CommitLineData
1da177e4
LT		 1/*
2 * sysctl_net_ipv4.c: sysctl interface to net IPV4 subsystem.
3 *
1da177e4
LT		 4 * Begun April 1, 1996, Mike Shaver.
5 * Added /proc/sys/net/ipv4 directory entry (empty =) ). [MS]
6 */
7
8#include <linux/mm.h>
9#include <linux/module.h>
10#include <linux/sysctl.h>
20380731 11#include <linux/igmp.h>
14c85021 12#include <linux/inetdevice.h>
227b60f5 13#include <linux/seqlock.h>
3e37c3f9 14#include <linux/init.h>
5a0e3ad6 15#include <linux/slab.h>
c319b4d7 16#include <linux/nsproxy.h>
3dc43e3e 17#include <linux/swap.h>
1da177e4 18#include <net/snmp.h>
20380731 19#include <net/icmp.h>
1da177e4
LT		 20#include <net/ip.h>
21#include <net/route.h>
22#include <net/tcp.h>
95766fff 23#include <net/udp.h>
446fda4f 24#include <net/cipso_ipv4.h>
04128f23 25#include <net/inet_frag.h>
c319b4d7 26#include <net/ping.h>
3aaabe23 27#include <net/tcp_memcontrol.h>
1da177e4 28
89cee8b1 29static int zero;
eed530b6 30static int two = 2;
e905a9ed 31static int tcp_retr1_max = 255;
1da177e4
LT		 32static int ip_local_port_range_min[] = { 1, 1 };
33static int ip_local_port_range_max[] = { 65535, 65535 };
0147fc05
AD		 34static int tcp_adv_win_scale_min = -31;
35static int tcp_adv_win_scale_max = 31;
249fab77
ED		 36static int ip_ttl_min = 1;
37static int ip_ttl_max = 255;
c319b4d7
VK		 38static int ip_ping_group_range_min[] = { 0, 0 };
39static int ip_ping_group_range_max[] = { GID_T_MAX, GID_T_MAX };
1da177e4 40
227b60f5
SH		 41/* Update system visible IP port range */
42static void set_local_port_range(int range[2])
43{
3c689b73
ED		 44 write_seqlock(&sysctl_local_ports.lock);
45 sysctl_local_ports.range[0] = range[0];
46 sysctl_local_ports.range[1] = range[1];
47 write_sequnlock(&sysctl_local_ports.lock);
227b60f5
SH		 48}
49
50/* Validate changes from /proc interface. */
8d65af78 51static int ipv4_local_port_range(ctl_table *table, int write,
227b60f5
SH		 52 void __user *buffer,
53 size_t *lenp, loff_t *ppos)
54{
55 int ret;
3c689b73 56 int range[2];
227b60f5
SH		 57 ctl_table tmp = {
58 .data = &range,
59 .maxlen = sizeof(range),
60 .mode = table->mode,
61 .extra1 = &ip_local_port_range_min,
62 .extra2 = &ip_local_port_range_max,
63 };
64
3c689b73 65 inet_get_local_port_range(range, range + 1);
8d65af78 66 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
227b60f5
SH		 67
68 if (write && ret == 0) {
a25de534 69 if (range[1] < range[0])
227b60f5
SH		 70 ret = -EINVAL;
71 else
72 set_local_port_range(range);
73 }
74
75 return ret;
76}
77
c319b4d7 78
7064d16e 79static void inet_get_ping_group_range_table(struct ctl_table *table, kgid_t *low, kgid_t *high)
c319b4d7 80{
7064d16e 81 kgid_t *data = table->data;
95c96174 82 unsigned int seq;
c319b4d7
VK		 83 do {
84 seq = read_seqbegin(&sysctl_local_ports.lock);
85
86 *low = data[0];
87 *high = data[1];
88 } while (read_seqretry(&sysctl_local_ports.lock, seq));
89}
90
91/* Update system visible IP port range */
7064d16e 92static void set_ping_group_range(struct ctl_table *table, kgid_t low, kgid_t high)
c319b4d7 93{
7064d16e 94 kgid_t *data = table->data;
c319b4d7 95 write_seqlock(&sysctl_local_ports.lock);
7064d16e
EB		 96 data[0] = low;
97 data[1] = high;
c319b4d7
VK		 98 write_sequnlock(&sysctl_local_ports.lock);
99}
100
101/* Validate changes from /proc interface. */
102static int ipv4_ping_group_range(ctl_table *table, int write,
103 void __user *buffer,
104 size_t *lenp, loff_t *ppos)
105{
7064d16e 106 struct user_namespace *user_ns = current_user_ns();
c319b4d7 107 int ret;
7064d16e
EB		 108 gid_t urange[2];
109 kgid_t low, high;
c319b4d7 110 ctl_table tmp = {
7064d16e
EB		 111 .data = &urange,
112 .maxlen = sizeof(urange),
c319b4d7
VK		 113 .mode = table->mode,
114 .extra1 = &ip_ping_group_range_min,
115 .extra2 = &ip_ping_group_range_max,
116 };
117
7064d16e
EB		 118 inet_get_ping_group_range_table(table, &low, &high);
119 urange[0] = from_kgid_munged(user_ns, low);
120 urange[1] = from_kgid_munged(user_ns, high);
c319b4d7
VK		 121 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
122
7064d16e
EB		 123 if (write && ret == 0) {
124 low = make_kgid(user_ns, urange[0]);
125 high = make_kgid(user_ns, urange[1]);
126 if (!gid_valid(low) || !gid_valid(high) ||
127 (urange[1] < urange[0]) || gid_lt(high, low)) {
128 low = make_kgid(&init_user_ns, 1);
129 high = make_kgid(&init_user_ns, 0);
130 }
131 set_ping_group_range(table, low, high);
132 }
c319b4d7
VK		 133
134 return ret;
135}
136
8d65af78 137static int proc_tcp_congestion_control(ctl_table *ctl, int write,
317a76f9
SH		 138 void __user *buffer, size_t *lenp, loff_t *ppos)
139{
140 char val[TCP_CA_NAME_MAX];
141 ctl_table tbl = {
142 .data = val,
143 .maxlen = TCP_CA_NAME_MAX,
144 };
145 int ret;
146
147 tcp_get_default_congestion_control(val);
148
8d65af78 149 ret = proc_dostring(&tbl, write, buffer, lenp, ppos);
317a76f9
SH		 150 if (write && ret == 0)
151 ret = tcp_set_default_congestion_control(val);
152 return ret;
153}
154
3ff825b2 155static int proc_tcp_available_congestion_control(ctl_table *ctl,
8d65af78 156 int write,
3ff825b2
SH		 157 void __user *buffer, size_t *lenp,
158 loff_t *ppos)
159{
160 ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX, };
161 int ret;
162
163 tbl.data = kmalloc(tbl.maxlen, GFP_USER);
164 if (!tbl.data)
165 return -ENOMEM;
166 tcp_get_available_congestion_control(tbl.data, TCP_CA_BUF_MAX);
8d65af78 167 ret = proc_dostring(&tbl, write, buffer, lenp, ppos);
3ff825b2
SH		 168 kfree(tbl.data);
169 return ret;
170}
171
ce7bc3bf 172static int proc_allowed_congestion_control(ctl_table *ctl,
8d65af78 173 int write,
ce7bc3bf
SH		 174 void __user *buffer, size_t *lenp,
175 loff_t *ppos)
176{
177 ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX };
178 int ret;
179
180 tbl.data = kmalloc(tbl.maxlen, GFP_USER);
181 if (!tbl.data)
182 return -ENOMEM;
183
184 tcp_get_allowed_congestion_control(tbl.data, tbl.maxlen);
8d65af78 185 ret = proc_dostring(&tbl, write, buffer, lenp, ppos);
ce7bc3bf
SH		 186 if (write && ret == 0)
187 ret = tcp_set_allowed_congestion_control(tbl.data);
188 kfree(tbl.data);
189 return ret;
190}
191
3dc43e3e
GC		 192static int ipv4_tcp_mem(ctl_table *ctl, int write,
193 void __user *buffer, size_t *lenp,
194 loff_t *ppos)
195{
196 int ret;
197 unsigned long vec[3];
198 struct net *net = current->nsproxy->net_ns;
c255a458 199#ifdef CONFIG_MEMCG_KMEM
3aaabe23
GC		 200 struct mem_cgroup *memcg;
201#endif
3dc43e3e
GC		 202
203 ctl_table tmp = {
204 .data = &vec,
205 .maxlen = sizeof(vec),
206 .mode = ctl->mode,
207 };
208
209 if (!write) {
210 ctl->data = &net->ipv4.sysctl_tcp_mem;
211 return proc_doulongvec_minmax(ctl, write, buffer, lenp, ppos);
212 }
213
214 ret = proc_doulongvec_minmax(&tmp, write, buffer, lenp, ppos);
215 if (ret)
216 return ret;
217
c255a458 218#ifdef CONFIG_MEMCG_KMEM
3aaabe23
GC		 219 rcu_read_lock();
220 memcg = mem_cgroup_from_task(current);
221
222 tcp_prot_mem(memcg, vec[0], 0);
223 tcp_prot_mem(memcg, vec[1], 1);
224 tcp_prot_mem(memcg, vec[2], 2);
225 rcu_read_unlock();
226#endif
227
3dc43e3e
GC		 228 net->ipv4.sysctl_tcp_mem[0] = vec[0];
229 net->ipv4.sysctl_tcp_mem[1] = vec[1];
230 net->ipv4.sysctl_tcp_mem[2] = vec[2];
231
232 return 0;
233}
234
10467163
JC		 235int proc_tcp_fastopen_key(ctl_table *ctl, int write, void __user *buffer,
236 size_t *lenp, loff_t *ppos)
237{
238 ctl_table tbl = { .maxlen = (TCP_FASTOPEN_KEY_LENGTH * 2 + 10) };
239 struct tcp_fastopen_context *ctxt;
240 int ret;
241 u32 user_key[4]; /* 16 bytes, matching TCP_FASTOPEN_KEY_LENGTH */
242
243 tbl.data = kmalloc(tbl.maxlen, GFP_KERNEL);
244 if (!tbl.data)
245 return -ENOMEM;
246
247 rcu_read_lock();
248 ctxt = rcu_dereference(tcp_fastopen_ctx);
249 if (ctxt)
250 memcpy(user_key, ctxt->key, TCP_FASTOPEN_KEY_LENGTH);
251 rcu_read_unlock();
252
253 snprintf(tbl.data, tbl.maxlen, "%08x-%08x-%08x-%08x",
254 user_key[0], user_key[1], user_key[2], user_key[3]);
255 ret = proc_dostring(&tbl, write, buffer, lenp, ppos);
256
257 if (write && ret == 0) {
258 if (sscanf(tbl.data, "%x-%x-%x-%x", user_key, user_key + 1,
259 user_key + 2, user_key + 3) != 4) {
260 ret = -EINVAL;
261 goto bad_key;
262 }
263 tcp_fastopen_reset_cipher(user_key, TCP_FASTOPEN_KEY_LENGTH);
264 }
265
266bad_key:
267 pr_debug("proc FO key set 0x%x-%x-%x-%x <- 0x%s: %u\n",
268 user_key[0], user_key[1], user_key[2], user_key[3],
269 (char *)tbl.data, ret);
270 kfree(tbl.data);
271 return ret;
272}
273
3e37c3f9 274static struct ctl_table ipv4_table[] = {
e905a9ed 275 {
1da177e4
LT		 276 .procname = "tcp_timestamps",
277 .data = &sysctl_tcp_timestamps,
278 .maxlen = sizeof(int),
279 .mode = 0644,
6d9f239a 280 .proc_handler = proc_dointvec
1da177e4 281 },
e905a9ed 282 {
1da177e4
LT		 283 .procname = "tcp_window_scaling",
284 .data = &sysctl_tcp_window_scaling,
285 .maxlen = sizeof(int),
286 .mode = 0644,
6d9f239a 287 .proc_handler = proc_dointvec
1da177e4 288 },
e905a9ed 289 {
1da177e4
LT		 290 .procname = "tcp_sack",
291 .data = &sysctl_tcp_sack,
292 .maxlen = sizeof(int),
293 .mode = 0644,
6d9f239a 294 .proc_handler = proc_dointvec
1da177e4 295 },
e905a9ed 296 {
1da177e4
LT		 297 .procname = "tcp_retrans_collapse",
298 .data = &sysctl_tcp_retrans_collapse,
299 .maxlen = sizeof(int),
300 .mode = 0644,
6d9f239a 301 .proc_handler = proc_dointvec
1da177e4 302 },
e905a9ed 303 {
1da177e4 304 .procname = "ip_default_ttl",
e905a9ed 305 .data = &sysctl_ip_default_ttl,
1da177e4
LT		 306 .maxlen = sizeof(int),
307 .mode = 0644,
249fab77
ED		 308 .proc_handler = proc_dointvec_minmax,
309 .extra1 = &ip_ttl_min,
310 .extra2 = &ip_ttl_max,
1da177e4 311 },
e905a9ed 312 {
1da177e4
LT		 313 .procname = "ip_no_pmtu_disc",
314 .data = &ipv4_config.no_pmtu_disc,
315 .maxlen = sizeof(int),
316 .mode = 0644,
6d9f239a 317 .proc_handler = proc_dointvec
1da177e4
LT		 318 },
319 {
1da177e4
LT		 320 .procname = "ip_nonlocal_bind",
321 .data = &sysctl_ip_nonlocal_bind,
322 .maxlen = sizeof(int),
323 .mode = 0644,
6d9f239a 324 .proc_handler = proc_dointvec
1da177e4
LT		 325 },
326 {
1da177e4
LT		 327 .procname = "tcp_syn_retries",
328 .data = &sysctl_tcp_syn_retries,
329 .maxlen = sizeof(int),
330 .mode = 0644,
6d9f239a 331 .proc_handler = proc_dointvec
1da177e4
LT		 332 },
333 {
1da177e4
LT		 334 .procname = "tcp_synack_retries",
335 .data = &sysctl_tcp_synack_retries,
336 .maxlen = sizeof(int),
337 .mode = 0644,
6d9f239a 338 .proc_handler = proc_dointvec
1da177e4
LT		 339 },
340 {
1da177e4
LT		 341 .procname = "tcp_max_orphans",
342 .data = &sysctl_tcp_max_orphans,
343 .maxlen = sizeof(int),
344 .mode = 0644,
6d9f239a 345 .proc_handler = proc_dointvec
1da177e4
LT		 346 },
347 {
1da177e4 348 .procname = "tcp_max_tw_buckets",
295ff7ed 349 .data = &tcp_death_row.sysctl_max_tw_buckets,
1da177e4
LT		 350 .maxlen = sizeof(int),
351 .mode = 0644,
6d9f239a 352 .proc_handler = proc_dointvec
1da177e4 353 },
6648bd7e
AD		 354 {
355 .procname = "ip_early_demux",
356 .data = &sysctl_ip_early_demux,
357 .maxlen = sizeof(int),
358 .mode = 0644,
359 .proc_handler = proc_dointvec
360 },
1da177e4 361 {
1da177e4
LT		 362 .procname = "ip_dynaddr",
363 .data = &sysctl_ip_dynaddr,
364 .maxlen = sizeof(int),
365 .mode = 0644,
6d9f239a 366 .proc_handler = proc_dointvec
1da177e4 367 },
1da177e4 368 {
1da177e4
LT		 369 .procname = "tcp_keepalive_time",
370 .data = &sysctl_tcp_keepalive_time,
371 .maxlen = sizeof(int),
372 .mode = 0644,
6d9f239a 373 .proc_handler = proc_dointvec_jiffies,
1da177e4
LT		 374 },
375 {
1da177e4
LT		 376 .procname = "tcp_keepalive_probes",
377 .data = &sysctl_tcp_keepalive_probes,
378 .maxlen = sizeof(int),
379 .mode = 0644,
6d9f239a 380 .proc_handler = proc_dointvec
1da177e4
LT		 381 },
382 {
1da177e4
LT		 383 .procname = "tcp_keepalive_intvl",
384 .data = &sysctl_tcp_keepalive_intvl,
385 .maxlen = sizeof(int),
386 .mode = 0644,
6d9f239a 387 .proc_handler = proc_dointvec_jiffies,
1da177e4
LT		 388 },
389 {
1da177e4
LT		 390 .procname = "tcp_retries1",
391 .data = &sysctl_tcp_retries1,
392 .maxlen = sizeof(int),
393 .mode = 0644,
6d9f239a 394 .proc_handler = proc_dointvec_minmax,
1da177e4
LT		 395 .extra2 = &tcp_retr1_max
396 },
397 {
1da177e4
LT		 398 .procname = "tcp_retries2",
399 .data = &sysctl_tcp_retries2,
400 .maxlen = sizeof(int),
401 .mode = 0644,
6d9f239a 402 .proc_handler = proc_dointvec
1da177e4
LT		 403 },
404 {
1da177e4
LT		 405 .procname = "tcp_fin_timeout",
406 .data = &sysctl_tcp_fin_timeout,
407 .maxlen = sizeof(int),
408 .mode = 0644,
6d9f239a 409 .proc_handler = proc_dointvec_jiffies,
1da177e4
LT		 410 },
411#ifdef CONFIG_SYN_COOKIES
412 {
1da177e4
LT		 413 .procname = "tcp_syncookies",
414 .data = &sysctl_tcp_syncookies,
415 .maxlen = sizeof(int),
416 .mode = 0644,
6d9f239a 417 .proc_handler = proc_dointvec
1da177e4
LT		 418 },
419#endif
2100c8d2
YC		 420 {
421 .procname = "tcp_fastopen",
422 .data = &sysctl_tcp_fastopen,
423 .maxlen = sizeof(int),
424 .mode = 0644,
425 .proc_handler = proc_dointvec,
426 },
10467163
JC		 427 {
428 .procname = "tcp_fastopen_key",
429 .mode = 0600,
430 .maxlen = ((TCP_FASTOPEN_KEY_LENGTH * 2) + 10),
431 .proc_handler = proc_tcp_fastopen_key,
432 },
1da177e4 433 {
1da177e4 434 .procname = "tcp_tw_recycle",
295ff7ed 435 .data = &tcp_death_row.sysctl_tw_recycle,
1da177e4
LT		 436 .maxlen = sizeof(int),
437 .mode = 0644,
6d9f239a 438 .proc_handler = proc_dointvec
1da177e4
LT		 439 },
440 {
1da177e4
LT		 441 .procname = "tcp_abort_on_overflow",
442 .data = &sysctl_tcp_abort_on_overflow,
443 .maxlen = sizeof(int),
444 .mode = 0644,
6d9f239a 445 .proc_handler = proc_dointvec
1da177e4
LT		 446 },
447 {
1da177e4
LT		 448 .procname = "tcp_stdurg",
449 .data = &sysctl_tcp_stdurg,
450 .maxlen = sizeof(int),
451 .mode = 0644,
6d9f239a 452 .proc_handler = proc_dointvec
1da177e4
LT		 453 },
454 {
1da177e4
LT		 455 .procname = "tcp_rfc1337",
456 .data = &sysctl_tcp_rfc1337,
457 .maxlen = sizeof(int),
458 .mode = 0644,
6d9f239a 459 .proc_handler = proc_dointvec
1da177e4
LT		 460 },
461 {
1da177e4
LT		 462 .procname = "tcp_max_syn_backlog",
463 .data = &sysctl_max_syn_backlog,
464 .maxlen = sizeof(int),
465 .mode = 0644,
6d9f239a 466 .proc_handler = proc_dointvec
1da177e4
LT		 467 },
468 {
1da177e4 469 .procname = "ip_local_port_range",
3c689b73
ED		 470 .data = &sysctl_local_ports.range,
471 .maxlen = sizeof(sysctl_local_ports.range),
1da177e4 472 .mode = 0644,
6d9f239a 473 .proc_handler = ipv4_local_port_range,
1da177e4 474 },
e3826f1e
AW		 475 {
476 .procname = "ip_local_reserved_ports",
477 .data = NULL, /* initialized in sysctl_ipv4_init */
478 .maxlen = 65536,
479 .mode = 0644,
480 .proc_handler = proc_do_large_bitmap,
481 },
1da177e4 482 {
1da177e4
LT		 483 .procname = "igmp_max_memberships",
484 .data = &sysctl_igmp_max_memberships,
485 .maxlen = sizeof(int),
486 .mode = 0644,
6d9f239a 487 .proc_handler = proc_dointvec
1da177e4 488 },
1da177e4 489 {
1da177e4
LT		 490 .procname = "igmp_max_msf",
491 .data = &sysctl_igmp_max_msf,
492 .maxlen = sizeof(int),
493 .mode = 0644,
6d9f239a 494 .proc_handler = proc_dointvec
1da177e4
LT		 495 },
496 {
1da177e4
LT		 497 .procname = "inet_peer_threshold",
498 .data = &inet_peer_threshold,
499 .maxlen = sizeof(int),
500 .mode = 0644,
6d9f239a 501 .proc_handler = proc_dointvec
1da177e4
LT		 502 },
503 {
1da177e4
LT		 504 .procname = "inet_peer_minttl",
505 .data = &inet_peer_minttl,
506 .maxlen = sizeof(int),
507 .mode = 0644,
6d9f239a 508 .proc_handler = proc_dointvec_jiffies,
1da177e4
LT		 509 },
510 {
1da177e4
LT		 511 .procname = "inet_peer_maxttl",
512 .data = &inet_peer_maxttl,
513 .maxlen = sizeof(int),
514 .mode = 0644,
6d9f239a 515 .proc_handler = proc_dointvec_jiffies,
1da177e4 516 },
1da177e4 517 {
1da177e4
LT		 518 .procname = "tcp_orphan_retries",
519 .data = &sysctl_tcp_orphan_retries,
520 .maxlen = sizeof(int),
521 .mode = 0644,
6d9f239a 522 .proc_handler = proc_dointvec
1da177e4
LT		 523 },
524 {
1da177e4
LT		 525 .procname = "tcp_fack",
526 .data = &sysctl_tcp_fack,
527 .maxlen = sizeof(int),
528 .mode = 0644,
6d9f239a 529 .proc_handler = proc_dointvec
1da177e4
LT		 530 },
531 {
1da177e4
LT		 532 .procname = "tcp_reordering",
533 .data = &sysctl_tcp_reordering,
534 .maxlen = sizeof(int),
535 .mode = 0644,
6d9f239a 536 .proc_handler = proc_dointvec
1da177e4
LT		 537 },
538 {
1da177e4
LT		 539 .procname = "tcp_ecn",
540 .data = &sysctl_tcp_ecn,
541 .maxlen = sizeof(int),
542 .mode = 0644,
6d9f239a 543 .proc_handler = proc_dointvec
1da177e4
LT		 544 },
545 {
1da177e4
LT		 546 .procname = "tcp_dsack",
547 .data = &sysctl_tcp_dsack,
548 .maxlen = sizeof(int),
549 .mode = 0644,
6d9f239a 550 .proc_handler = proc_dointvec
1da177e4 551 },
1da177e4 552 {
1da177e4
LT		 553 .procname = "tcp_wmem",
554 .data = &sysctl_tcp_wmem,
555 .maxlen = sizeof(sysctl_tcp_wmem),
556 .mode = 0644,
6d9f239a 557 .proc_handler = proc_dointvec
1da177e4
LT		 558 },
559 {
1da177e4
LT		 560 .procname = "tcp_rmem",
561 .data = &sysctl_tcp_rmem,
562 .maxlen = sizeof(sysctl_tcp_rmem),
563 .mode = 0644,
6d9f239a 564 .proc_handler = proc_dointvec
1da177e4
LT		 565 },
566 {
1da177e4
LT		 567 .procname = "tcp_app_win",
568 .data = &sysctl_tcp_app_win,
569 .maxlen = sizeof(int),
570 .mode = 0644,
6d9f239a 571 .proc_handler = proc_dointvec
1da177e4
LT		 572 },
573 {
1da177e4
LT		 574 .procname = "tcp_adv_win_scale",
575 .data = &sysctl_tcp_adv_win_scale,
576 .maxlen = sizeof(int),
577 .mode = 0644,
0147fc05
AD		 578 .proc_handler = proc_dointvec_minmax,
579 .extra1 = &tcp_adv_win_scale_min,
580 .extra2 = &tcp_adv_win_scale_max,
1da177e4 581 },
1da177e4 582 {
1da177e4
LT		 583 .procname = "tcp_tw_reuse",
584 .data = &sysctl_tcp_tw_reuse,
585 .maxlen = sizeof(int),
586 .mode = 0644,
6d9f239a 587 .proc_handler = proc_dointvec
1da177e4
LT		 588 },
589 {
1da177e4
LT		 590 .procname = "tcp_frto",
591 .data = &sysctl_tcp_frto,
592 .maxlen = sizeof(int),
593 .mode = 0644,
6d9f239a 594 .proc_handler = proc_dointvec
1da177e4 595 },
3cfe3baa 596 {
3cfe3baa
IJ		 597 .procname = "tcp_frto_response",
598 .data = &sysctl_tcp_frto_response,
599 .maxlen = sizeof(int),
600 .mode = 0644,
6d9f239a 601 .proc_handler = proc_dointvec
3cfe3baa 602 },
1da177e4 603 {
1da177e4
LT		 604 .procname = "tcp_low_latency",
605 .data = &sysctl_tcp_low_latency,
606 .maxlen = sizeof(int),
607 .mode = 0644,
6d9f239a 608 .proc_handler = proc_dointvec
1da177e4 609 },
1da177e4 610 {
1da177e4
LT		 611 .procname = "tcp_no_metrics_save",
612 .data = &sysctl_tcp_nometrics_save,
613 .maxlen = sizeof(int),
614 .mode = 0644,
6d9f239a 615 .proc_handler = proc_dointvec,
1da177e4 616 },
1da177e4 617 {
1da177e4
LT		 618 .procname = "tcp_moderate_rcvbuf",
619 .data = &sysctl_tcp_moderate_rcvbuf,
620 .maxlen = sizeof(int),
621 .mode = 0644,
6d9f239a 622 .proc_handler = proc_dointvec,
1da177e4
LT		 623 },
624 {
1da177e4
LT		 625 .procname = "tcp_tso_win_divisor",
626 .data = &sysctl_tcp_tso_win_divisor,
627 .maxlen = sizeof(int),
628 .mode = 0644,
6d9f239a 629 .proc_handler = proc_dointvec,
1da177e4
LT		 630 },
631 {
317a76f9 632 .procname = "tcp_congestion_control",
1da177e4 633 .mode = 0644,
317a76f9 634 .maxlen = TCP_CA_NAME_MAX,
6d9f239a 635 .proc_handler = proc_tcp_congestion_control,
1da177e4 636 },
9772efb9 637 {
9772efb9
SH		 638 .procname = "tcp_abc",
639 .data = &sysctl_tcp_abc,
640 .maxlen = sizeof(int),
641 .mode = 0644,
6d9f239a 642 .proc_handler = proc_dointvec,
9772efb9 643 },
5d424d5a 644 {
5d424d5a
JH		 645 .procname = "tcp_mtu_probing",
646 .data = &sysctl_tcp_mtu_probing,
647 .maxlen = sizeof(int),
648 .mode = 0644,
6d9f239a 649 .proc_handler = proc_dointvec,
5d424d5a
JH		 650 },
651 {
5d424d5a
JH		 652 .procname = "tcp_base_mss",
653 .data = &sysctl_tcp_base_mss,
654 .maxlen = sizeof(int),
655 .mode = 0644,
6d9f239a 656 .proc_handler = proc_dointvec,
5d424d5a 657 },
e905a9ed 658 {
15d99e02
RJ		 659 .procname = "tcp_workaround_signed_windows",
660 .data = &sysctl_tcp_workaround_signed_windows,
661 .maxlen = sizeof(int),
662 .mode = 0644,
6d9f239a 663 .proc_handler = proc_dointvec
15d99e02 664 },
46d3ceab
ED		 665 {
666 .procname = "tcp_limit_output_bytes",
667 .data = &sysctl_tcp_limit_output_bytes,
668 .maxlen = sizeof(int),
669 .mode = 0644,
670 .proc_handler = proc_dointvec
671 },
282f23c6
ED		 672 {
673 .procname = "tcp_challenge_ack_limit",
674 .data = &sysctl_tcp_challenge_ack_limit,
675 .maxlen = sizeof(int),
676 .mode = 0644,
677 .proc_handler = proc_dointvec
678 },
95937825
CL		 679#ifdef CONFIG_NET_DMA
680 {
95937825
CL		 681 .procname = "tcp_dma_copybreak",
682 .data = &sysctl_tcp_dma_copybreak,
683 .maxlen = sizeof(int),
684 .mode = 0644,
6d9f239a 685 .proc_handler = proc_dointvec
95937825
CL		 686 },
687#endif
35089bb2 688 {
35089bb2
DM		 689 .procname = "tcp_slow_start_after_idle",
690 .data = &sysctl_tcp_slow_start_after_idle,
691 .maxlen = sizeof(int),
692 .mode = 0644,
6d9f239a 693 .proc_handler = proc_dointvec
35089bb2 694 },
446fda4f
PM		 695#ifdef CONFIG_NETLABEL
696 {
446fda4f
PM		 697 .procname = "cipso_cache_enable",
698 .data = &cipso_v4_cache_enabled,
699 .maxlen = sizeof(int),
700 .mode = 0644,
6d9f239a 701 .proc_handler = proc_dointvec,
446fda4f
PM		 702 },
703 {
446fda4f
PM		 704 .procname = "cipso_cache_bucket_size",
705 .data = &cipso_v4_cache_bucketsize,
706 .maxlen = sizeof(int),
707 .mode = 0644,
6d9f239a 708 .proc_handler = proc_dointvec,
446fda4f
PM		 709 },
710 {
446fda4f
PM		 711 .procname = "cipso_rbm_optfmt",
712 .data = &cipso_v4_rbm_optfmt,
713 .maxlen = sizeof(int),
714 .mode = 0644,
6d9f239a 715 .proc_handler = proc_dointvec,
446fda4f
PM		 716 },
717 {
446fda4f
PM		 718 .procname = "cipso_rbm_strictvalid",
719 .data = &cipso_v4_rbm_strictvalid,
720 .maxlen = sizeof(int),
721 .mode = 0644,
6d9f239a 722 .proc_handler = proc_dointvec,
446fda4f
PM		 723 },
724#endif /* CONFIG_NETLABEL */
3ff825b2 725 {
3ff825b2
SH		 726 .procname = "tcp_available_congestion_control",
727 .maxlen = TCP_CA_BUF_MAX,
728 .mode = 0444,
6d9f239a 729 .proc_handler = proc_tcp_available_congestion_control,
3ff825b2 730 },
ce7bc3bf 731 {
ce7bc3bf
SH		 732 .procname = "tcp_allowed_congestion_control",
733 .maxlen = TCP_CA_BUF_MAX,
734 .mode = 0644,
6d9f239a 735 .proc_handler = proc_allowed_congestion_control,
ce7bc3bf 736 },
886236c1 737 {
886236c1
JH		 738 .procname = "tcp_max_ssthresh",
739 .data = &sysctl_tcp_max_ssthresh,
740 .maxlen = sizeof(int),
741 .mode = 0644,
6d9f239a 742 .proc_handler = proc_dointvec,
886236c1 743 },
519855c5 744 {
519855c5
WAS		 745 .procname = "tcp_cookie_size",
746 .data = &sysctl_tcp_cookie_size,
747 .maxlen = sizeof(int),
748 .mode = 0644,
749 .proc_handler = proc_dointvec
750 },
36e31b0a
AP		 751 {
752 .procname = "tcp_thin_linear_timeouts",
753 .data = &sysctl_tcp_thin_linear_timeouts,
754 .maxlen = sizeof(int),
755 .mode = 0644,
756 .proc_handler = proc_dointvec
757 },
7e380175
AP		 758 {
759 .procname = "tcp_thin_dupack",
760 .data = &sysctl_tcp_thin_dupack,
761 .maxlen = sizeof(int),
762 .mode = 0644,
763 .proc_handler = proc_dointvec
764 },
eed530b6
YC		 765 {
766 .procname = "tcp_early_retrans",
767 .data = &sysctl_tcp_early_retrans,
768 .maxlen = sizeof(int),
769 .mode = 0644,
770 .proc_handler = proc_dointvec_minmax,
771 .extra1 = &zero,
772 .extra2 = &two,
773 },
95766fff 774 {
95766fff
HA		 775 .procname = "udp_mem",
776 .data = &sysctl_udp_mem,
777 .maxlen = sizeof(sysctl_udp_mem),
778 .mode = 0644,
8d987e5c 779 .proc_handler = proc_doulongvec_minmax,
95766fff
HA		 780 },
781 {
95766fff
HA		 782 .procname = "udp_rmem_min",
783 .data = &sysctl_udp_rmem_min,
784 .maxlen = sizeof(sysctl_udp_rmem_min),
785 .mode = 0644,
6d9f239a 786 .proc_handler = proc_dointvec_minmax,
95766fff
HA		 787 .extra1 = &zero
788 },
789 {
95766fff
HA		 790 .procname = "udp_wmem_min",
791 .data = &sysctl_udp_wmem_min,
792 .maxlen = sizeof(sysctl_udp_wmem_min),
793 .mode = 0644,
6d9f239a 794 .proc_handler = proc_dointvec_minmax,
95766fff
HA		 795 .extra1 = &zero
796 },
f8572d8f 797 { }
1da177e4 798};
3e37c3f9 799
68528f09
PE		 800static struct ctl_table ipv4_net_table[] = {
801 {
68528f09
PE		 802 .procname = "icmp_echo_ignore_all",
803 .data = &init_net.ipv4.sysctl_icmp_echo_ignore_all,
804 .maxlen = sizeof(int),
805 .mode = 0644,
6d9f239a 806 .proc_handler = proc_dointvec
68528f09
PE		 807 },
808 {
68528f09
PE		 809 .procname = "icmp_echo_ignore_broadcasts",
810 .data = &init_net.ipv4.sysctl_icmp_echo_ignore_broadcasts,
811 .maxlen = sizeof(int),
812 .mode = 0644,
6d9f239a 813 .proc_handler = proc_dointvec
68528f09
PE		 814 },
815 {
68528f09
PE		 816 .procname = "icmp_ignore_bogus_error_responses",
817 .data = &init_net.ipv4.sysctl_icmp_ignore_bogus_error_responses,
818 .maxlen = sizeof(int),
819 .mode = 0644,
6d9f239a 820 .proc_handler = proc_dointvec
68528f09
PE		 821 },
822 {
68528f09
PE		 823 .procname = "icmp_errors_use_inbound_ifaddr",
824 .data = &init_net.ipv4.sysctl_icmp_errors_use_inbound_ifaddr,
825 .maxlen = sizeof(int),
826 .mode = 0644,
6d9f239a 827 .proc_handler = proc_dointvec
68528f09
PE		 828 },
829 {
68528f09
PE		 830 .procname = "icmp_ratelimit",
831 .data = &init_net.ipv4.sysctl_icmp_ratelimit,
832 .maxlen = sizeof(int),
833 .mode = 0644,
6d9f239a 834 .proc_handler = proc_dointvec_ms_jiffies,
68528f09
PE		 835 },
836 {
68528f09
PE		 837 .procname = "icmp_ratemask",
838 .data = &init_net.ipv4.sysctl_icmp_ratemask,
839 .maxlen = sizeof(int),
840 .mode = 0644,
6d9f239a 841 .proc_handler = proc_dointvec
68528f09 842 },
c319b4d7
VK		 843 {
844 .procname = "ping_group_range",
845 .data = &init_net.ipv4.sysctl_ping_group_range,
7064d16e 846 .maxlen = sizeof(gid_t)*2,
c319b4d7
VK		 847 .mode = 0644,
848 .proc_handler = ipv4_ping_group_range,
849 },
3dc43e3e
GC		 850 {
851 .procname = "tcp_mem",
852 .maxlen = sizeof(init_net.ipv4.sysctl_tcp_mem),
853 .mode = 0644,
854 .proc_handler = ipv4_tcp_mem,
855 },
68528f09
PE		 856 { }
857};
858
1577519d
PE		 859static __net_init int ipv4_sysctl_init_net(struct net *net)
860{
68528f09
PE		 861 struct ctl_table *table;
862
863 table = ipv4_net_table;
09ad9bc7 864 if (!net_eq(net, &init_net)) {
68528f09
PE		 865 table = kmemdup(table, sizeof(ipv4_net_table), GFP_KERNEL);
866 if (table == NULL)
867 goto err_alloc;
868
869 table[0].data =
870 &net->ipv4.sysctl_icmp_echo_ignore_all;
871 table[1].data =
872 &net->ipv4.sysctl_icmp_echo_ignore_broadcasts;
873 table[2].data =
874 &net->ipv4.sysctl_icmp_ignore_bogus_error_responses;
875 table[3].data =
876 &net->ipv4.sysctl_icmp_errors_use_inbound_ifaddr;
877 table[4].data =
878 &net->ipv4.sysctl_icmp_ratelimit;
879 table[5].data =
880 &net->ipv4.sysctl_icmp_ratemask;
1080d709 881 table[6].data =
c319b4d7
VK		 882 &net->ipv4.sysctl_ping_group_range;
883
68528f09
PE		 884 }
885
c319b4d7
VK		 886 /*
887 * Sane defaults - nobody may create ping sockets.
888 * Boot scripts should set this to distro-specific group.
889 */
7064d16e
EB		 890 net->ipv4.sysctl_ping_group_range[0] = make_kgid(&init_user_ns, 1);
891 net->ipv4.sysctl_ping_group_range[1] = make_kgid(&init_user_ns, 0);
c319b4d7 892
4acb4190 893 tcp_init_mem(net);
3dc43e3e 894
ec8f23ce 895 net->ipv4.ipv4_hdr = register_net_sysctl(net, "net/ipv4", table);
68528f09
PE		 896 if (net->ipv4.ipv4_hdr == NULL)
897 goto err_reg;
898
1577519d 899 return 0;
68528f09
PE		 900
901err_reg:
09ad9bc7 902 if (!net_eq(net, &init_net))
68528f09
PE		 903 kfree(table);
904err_alloc:
905 return -ENOMEM;
1577519d
PE		 906}
907
908static __net_exit void ipv4_sysctl_exit_net(struct net *net)
909{
68528f09
PE		 910 struct ctl_table *table;
911
912 table = net->ipv4.ipv4_hdr->ctl_table_arg;
913 unregister_net_sysctl_table(net->ipv4.ipv4_hdr);
914 kfree(table);
1577519d
PE		 915}
916
917static __net_initdata struct pernet_operations ipv4_sysctl_ops = {
918 .init = ipv4_sysctl_init_net,
919 .exit = ipv4_sysctl_exit_net,
920};
921
3e37c3f9
PE		 922static __init int sysctl_ipv4_init(void)
923{
924 struct ctl_table_header *hdr;
e3826f1e
AW		 925 struct ctl_table *i;
926
927 for (i = ipv4_table; i->procname; i++) {
928 if (strcmp(i->procname, "ip_local_reserved_ports") == 0) {
929 i->data = sysctl_local_reserved_ports;
930 break;
931 }
932 }
933 if (!i->procname)
934 return -EINVAL;
3e37c3f9 935
ec8f23ce 936 hdr = register_net_sysctl(&init_net, "net/ipv4", ipv4_table);
1577519d
PE		 937 if (hdr == NULL)
938 return -ENOMEM;
939
940 if (register_pernet_subsys(&ipv4_sysctl_ops)) {
5dd3df10 941 unregister_net_sysctl_table(hdr);
1577519d
PE		 942 return -ENOMEM;
943 }
944
945 return 0;
3e37c3f9
PE		 946}
947
948__initcall(sysctl_ipv4_init);
Linux kernel - Deliverables
This page took 0.845484 seconds and 5 git commands to generate.