projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
tcp memory pressure controls
[deliverable/linux.git] / net / ipv4 / sysctl_net_ipv4.c
CommitLineData
1da177e4
LT		 1/*
2 * sysctl_net_ipv4.c: sysctl interface to net IPV4 subsystem.
3 *
1da177e4
LT		 4 * Begun April 1, 1996, Mike Shaver.
5 * Added /proc/sys/net/ipv4 directory entry (empty =) ). [MS]
6 */
7
8#include <linux/mm.h>
9#include <linux/module.h>
10#include <linux/sysctl.h>
20380731 11#include <linux/igmp.h>
14c85021 12#include <linux/inetdevice.h>
227b60f5 13#include <linux/seqlock.h>
3e37c3f9 14#include <linux/init.h>
5a0e3ad6 15#include <linux/slab.h>
c319b4d7 16#include <linux/nsproxy.h>
1da177e4 17#include <net/snmp.h>
20380731 18#include <net/icmp.h>
1da177e4
LT		 19#include <net/ip.h>
20#include <net/route.h>
21#include <net/tcp.h>
95766fff 22#include <net/udp.h>
446fda4f 23#include <net/cipso_ipv4.h>
04128f23 24#include <net/inet_frag.h>
c319b4d7 25#include <net/ping.h>
1da177e4 26
89cee8b1 27static int zero;
e905a9ed 28static int tcp_retr1_max = 255;
1da177e4
LT		 29static int ip_local_port_range_min[] = { 1, 1 };
30static int ip_local_port_range_max[] = { 65535, 65535 };
0147fc05
AD		 31static int tcp_adv_win_scale_min = -31;
32static int tcp_adv_win_scale_max = 31;
249fab77
ED		 33static int ip_ttl_min = 1;
34static int ip_ttl_max = 255;
c319b4d7
VK		 35static int ip_ping_group_range_min[] = { 0, 0 };
36static int ip_ping_group_range_max[] = { GID_T_MAX, GID_T_MAX };
1da177e4 37
227b60f5
SH		 38/* Update system visible IP port range */
39static void set_local_port_range(int range[2])
40{
3c689b73
ED		 41 write_seqlock(&sysctl_local_ports.lock);
42 sysctl_local_ports.range[0] = range[0];
43 sysctl_local_ports.range[1] = range[1];
44 write_sequnlock(&sysctl_local_ports.lock);
227b60f5
SH		 45}
46
47/* Validate changes from /proc interface. */
8d65af78 48static int ipv4_local_port_range(ctl_table *table, int write,
227b60f5
SH		 49 void __user *buffer,
50 size_t *lenp, loff_t *ppos)
51{
52 int ret;
3c689b73 53 int range[2];
227b60f5
SH		 54 ctl_table tmp = {
55 .data = &range,
56 .maxlen = sizeof(range),
57 .mode = table->mode,
58 .extra1 = &ip_local_port_range_min,
59 .extra2 = &ip_local_port_range_max,
60 };
61
3c689b73 62 inet_get_local_port_range(range, range + 1);
8d65af78 63 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
227b60f5
SH		 64
65 if (write && ret == 0) {
a25de534 66 if (range[1] < range[0])
227b60f5
SH		 67 ret = -EINVAL;
68 else
69 set_local_port_range(range);
70 }
71
72 return ret;
73}
74
c319b4d7 75
c319b4d7
VK		 76void inet_get_ping_group_range_table(struct ctl_table *table, gid_t *low, gid_t *high)
77{
78 gid_t *data = table->data;
79 unsigned seq;
80 do {
81 seq = read_seqbegin(&sysctl_local_ports.lock);
82
83 *low = data[0];
84 *high = data[1];
85 } while (read_seqretry(&sysctl_local_ports.lock, seq));
86}
87
88/* Update system visible IP port range */
89static void set_ping_group_range(struct ctl_table *table, int range[2])
90{
91 gid_t *data = table->data;
92 write_seqlock(&sysctl_local_ports.lock);
93 data[0] = range[0];
94 data[1] = range[1];
95 write_sequnlock(&sysctl_local_ports.lock);
96}
97
98/* Validate changes from /proc interface. */
99static int ipv4_ping_group_range(ctl_table *table, int write,
100 void __user *buffer,
101 size_t *lenp, loff_t *ppos)
102{
103 int ret;
104 gid_t range[2];
105 ctl_table tmp = {
106 .data = &range,
107 .maxlen = sizeof(range),
108 .mode = table->mode,
109 .extra1 = &ip_ping_group_range_min,
110 .extra2 = &ip_ping_group_range_max,
111 };
112
113 inet_get_ping_group_range_table(table, range, range + 1);
114 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
115
116 if (write && ret == 0)
117 set_ping_group_range(table, range);
118
119 return ret;
120}
121
8d65af78 122static int proc_tcp_congestion_control(ctl_table *ctl, int write,
317a76f9
SH		 123 void __user *buffer, size_t *lenp, loff_t *ppos)
124{
125 char val[TCP_CA_NAME_MAX];
126 ctl_table tbl = {
127 .data = val,
128 .maxlen = TCP_CA_NAME_MAX,
129 };
130 int ret;
131
132 tcp_get_default_congestion_control(val);
133
8d65af78 134 ret = proc_dostring(&tbl, write, buffer, lenp, ppos);
317a76f9
SH		 135 if (write && ret == 0)
136 ret = tcp_set_default_congestion_control(val);
137 return ret;
138}
139
3ff825b2 140static int proc_tcp_available_congestion_control(ctl_table *ctl,
8d65af78 141 int write,
3ff825b2
SH		 142 void __user *buffer, size_t *lenp,
143 loff_t *ppos)
144{
145 ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX, };
146 int ret;
147
148 tbl.data = kmalloc(tbl.maxlen, GFP_USER);
149 if (!tbl.data)
150 return -ENOMEM;
151 tcp_get_available_congestion_control(tbl.data, TCP_CA_BUF_MAX);
8d65af78 152 ret = proc_dostring(&tbl, write, buffer, lenp, ppos);
3ff825b2
SH		 153 kfree(tbl.data);
154 return ret;
155}
156
ce7bc3bf 157static int proc_allowed_congestion_control(ctl_table *ctl,
8d65af78 158 int write,
ce7bc3bf
SH		 159 void __user *buffer, size_t *lenp,
160 loff_t *ppos)
161{
162 ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX };
163 int ret;
164
165 tbl.data = kmalloc(tbl.maxlen, GFP_USER);
166 if (!tbl.data)
167 return -ENOMEM;
168
169 tcp_get_allowed_congestion_control(tbl.data, tbl.maxlen);
8d65af78 170 ret = proc_dostring(&tbl, write, buffer, lenp, ppos);
ce7bc3bf
SH		 171 if (write && ret == 0)
172 ret = tcp_set_allowed_congestion_control(tbl.data);
173 kfree(tbl.data);
174 return ret;
175}
176
3e37c3f9 177static struct ctl_table ipv4_table[] = {
e905a9ed 178 {
1da177e4
LT		 179 .procname = "tcp_timestamps",
180 .data = &sysctl_tcp_timestamps,
181 .maxlen = sizeof(int),
182 .mode = 0644,
6d9f239a 183 .proc_handler = proc_dointvec
1da177e4 184 },
e905a9ed 185 {
1da177e4
LT		 186 .procname = "tcp_window_scaling",
187 .data = &sysctl_tcp_window_scaling,
188 .maxlen = sizeof(int),
189 .mode = 0644,
6d9f239a 190 .proc_handler = proc_dointvec
1da177e4 191 },
e905a9ed 192 {
1da177e4
LT		 193 .procname = "tcp_sack",
194 .data = &sysctl_tcp_sack,
195 .maxlen = sizeof(int),
196 .mode = 0644,
6d9f239a 197 .proc_handler = proc_dointvec
1da177e4 198 },
e905a9ed 199 {
1da177e4
LT		 200 .procname = "tcp_retrans_collapse",
201 .data = &sysctl_tcp_retrans_collapse,
202 .maxlen = sizeof(int),
203 .mode = 0644,
6d9f239a 204 .proc_handler = proc_dointvec
1da177e4 205 },
e905a9ed 206 {
1da177e4 207 .procname = "ip_default_ttl",
e905a9ed 208 .data = &sysctl_ip_default_ttl,
1da177e4
LT		 209 .maxlen = sizeof(int),
210 .mode = 0644,
249fab77
ED		 211 .proc_handler = proc_dointvec_minmax,
212 .extra1 = &ip_ttl_min,
213 .extra2 = &ip_ttl_max,
1da177e4 214 },
e905a9ed 215 {
1da177e4
LT		 216 .procname = "ip_no_pmtu_disc",
217 .data = &ipv4_config.no_pmtu_disc,
218 .maxlen = sizeof(int),
219 .mode = 0644,
6d9f239a 220 .proc_handler = proc_dointvec
1da177e4
LT		 221 },
222 {
1da177e4
LT		 223 .procname = "ip_nonlocal_bind",
224 .data = &sysctl_ip_nonlocal_bind,
225 .maxlen = sizeof(int),
226 .mode = 0644,
6d9f239a 227 .proc_handler = proc_dointvec
1da177e4
LT		 228 },
229 {
1da177e4
LT		 230 .procname = "tcp_syn_retries",
231 .data = &sysctl_tcp_syn_retries,
232 .maxlen = sizeof(int),
233 .mode = 0644,
6d9f239a 234 .proc_handler = proc_dointvec
1da177e4
LT		 235 },
236 {
1da177e4
LT		 237 .procname = "tcp_synack_retries",
238 .data = &sysctl_tcp_synack_retries,
239 .maxlen = sizeof(int),
240 .mode = 0644,
6d9f239a 241 .proc_handler = proc_dointvec
1da177e4
LT		 242 },
243 {
1da177e4
LT		 244 .procname = "tcp_max_orphans",
245 .data = &sysctl_tcp_max_orphans,
246 .maxlen = sizeof(int),
247 .mode = 0644,
6d9f239a 248 .proc_handler = proc_dointvec
1da177e4
LT		 249 },
250 {
1da177e4 251 .procname = "tcp_max_tw_buckets",
295ff7ed 252 .data = &tcp_death_row.sysctl_max_tw_buckets,
1da177e4
LT		 253 .maxlen = sizeof(int),
254 .mode = 0644,
6d9f239a 255 .proc_handler = proc_dointvec
1da177e4 256 },
1da177e4 257 {
1da177e4
LT		 258 .procname = "ip_dynaddr",
259 .data = &sysctl_ip_dynaddr,
260 .maxlen = sizeof(int),
261 .mode = 0644,
6d9f239a 262 .proc_handler = proc_dointvec
1da177e4 263 },
1da177e4 264 {
1da177e4
LT		 265 .procname = "tcp_keepalive_time",
266 .data = &sysctl_tcp_keepalive_time,
267 .maxlen = sizeof(int),
268 .mode = 0644,
6d9f239a 269 .proc_handler = proc_dointvec_jiffies,
1da177e4
LT		 270 },
271 {
1da177e4
LT		 272 .procname = "tcp_keepalive_probes",
273 .data = &sysctl_tcp_keepalive_probes,
274 .maxlen = sizeof(int),
275 .mode = 0644,
6d9f239a 276 .proc_handler = proc_dointvec
1da177e4
LT		 277 },
278 {
1da177e4
LT		 279 .procname = "tcp_keepalive_intvl",
280 .data = &sysctl_tcp_keepalive_intvl,
281 .maxlen = sizeof(int),
282 .mode = 0644,
6d9f239a 283 .proc_handler = proc_dointvec_jiffies,
1da177e4
LT		 284 },
285 {
1da177e4
LT		 286 .procname = "tcp_retries1",
287 .data = &sysctl_tcp_retries1,
288 .maxlen = sizeof(int),
289 .mode = 0644,
6d9f239a 290 .proc_handler = proc_dointvec_minmax,
1da177e4
LT		 291 .extra2 = &tcp_retr1_max
292 },
293 {
1da177e4
LT		 294 .procname = "tcp_retries2",
295 .data = &sysctl_tcp_retries2,
296 .maxlen = sizeof(int),
297 .mode = 0644,
6d9f239a 298 .proc_handler = proc_dointvec
1da177e4
LT		 299 },
300 {
1da177e4
LT		 301 .procname = "tcp_fin_timeout",
302 .data = &sysctl_tcp_fin_timeout,
303 .maxlen = sizeof(int),
304 .mode = 0644,
6d9f239a 305 .proc_handler = proc_dointvec_jiffies,
1da177e4
LT		 306 },
307#ifdef CONFIG_SYN_COOKIES
308 {
1da177e4
LT		 309 .procname = "tcp_syncookies",
310 .data = &sysctl_tcp_syncookies,
311 .maxlen = sizeof(int),
312 .mode = 0644,
6d9f239a 313 .proc_handler = proc_dointvec
1da177e4
LT		 314 },
315#endif
316 {
1da177e4 317 .procname = "tcp_tw_recycle",
295ff7ed 318 .data = &tcp_death_row.sysctl_tw_recycle,
1da177e4
LT		 319 .maxlen = sizeof(int),
320 .mode = 0644,
6d9f239a 321 .proc_handler = proc_dointvec
1da177e4
LT		 322 },
323 {
1da177e4
LT		 324 .procname = "tcp_abort_on_overflow",
325 .data = &sysctl_tcp_abort_on_overflow,
326 .maxlen = sizeof(int),
327 .mode = 0644,
6d9f239a 328 .proc_handler = proc_dointvec
1da177e4
LT		 329 },
330 {
1da177e4
LT		 331 .procname = "tcp_stdurg",
332 .data = &sysctl_tcp_stdurg,
333 .maxlen = sizeof(int),
334 .mode = 0644,
6d9f239a 335 .proc_handler = proc_dointvec
1da177e4
LT		 336 },
337 {
1da177e4
LT		 338 .procname = "tcp_rfc1337",
339 .data = &sysctl_tcp_rfc1337,
340 .maxlen = sizeof(int),
341 .mode = 0644,
6d9f239a 342 .proc_handler = proc_dointvec
1da177e4
LT		 343 },
344 {
1da177e4
LT		 345 .procname = "tcp_max_syn_backlog",
346 .data = &sysctl_max_syn_backlog,
347 .maxlen = sizeof(int),
348 .mode = 0644,
6d9f239a 349 .proc_handler = proc_dointvec
1da177e4
LT		 350 },
351 {
1da177e4 352 .procname = "ip_local_port_range",
3c689b73
ED		 353 .data = &sysctl_local_ports.range,
354 .maxlen = sizeof(sysctl_local_ports.range),
1da177e4 355 .mode = 0644,
6d9f239a 356 .proc_handler = ipv4_local_port_range,
1da177e4 357 },
e3826f1e
AW		 358 {
359 .procname = "ip_local_reserved_ports",
360 .data = NULL, /* initialized in sysctl_ipv4_init */
361 .maxlen = 65536,
362 .mode = 0644,
363 .proc_handler = proc_do_large_bitmap,
364 },
1da177e4 365 {
1da177e4
LT		 366 .procname = "igmp_max_memberships",
367 .data = &sysctl_igmp_max_memberships,
368 .maxlen = sizeof(int),
369 .mode = 0644,
6d9f239a 370 .proc_handler = proc_dointvec
1da177e4 371 },
1da177e4 372 {
1da177e4
LT		 373 .procname = "igmp_max_msf",
374 .data = &sysctl_igmp_max_msf,
375 .maxlen = sizeof(int),
376 .mode = 0644,
6d9f239a 377 .proc_handler = proc_dointvec
1da177e4
LT		 378 },
379 {
1da177e4
LT		 380 .procname = "inet_peer_threshold",
381 .data = &inet_peer_threshold,
382 .maxlen = sizeof(int),
383 .mode = 0644,
6d9f239a 384 .proc_handler = proc_dointvec
1da177e4
LT		 385 },
386 {
1da177e4
LT		 387 .procname = "inet_peer_minttl",
388 .data = &inet_peer_minttl,
389 .maxlen = sizeof(int),
390 .mode = 0644,
6d9f239a 391 .proc_handler = proc_dointvec_jiffies,
1da177e4
LT		 392 },
393 {
1da177e4
LT		 394 .procname = "inet_peer_maxttl",
395 .data = &inet_peer_maxttl,
396 .maxlen = sizeof(int),
397 .mode = 0644,
6d9f239a 398 .proc_handler = proc_dointvec_jiffies,
1da177e4 399 },
1da177e4 400 {
1da177e4
LT		 401 .procname = "tcp_orphan_retries",
402 .data = &sysctl_tcp_orphan_retries,
403 .maxlen = sizeof(int),
404 .mode = 0644,
6d9f239a 405 .proc_handler = proc_dointvec
1da177e4
LT		 406 },
407 {
1da177e4
LT		 408 .procname = "tcp_fack",
409 .data = &sysctl_tcp_fack,
410 .maxlen = sizeof(int),
411 .mode = 0644,
6d9f239a 412 .proc_handler = proc_dointvec
1da177e4
LT		 413 },
414 {
1da177e4
LT		 415 .procname = "tcp_reordering",
416 .data = &sysctl_tcp_reordering,
417 .maxlen = sizeof(int),
418 .mode = 0644,
6d9f239a 419 .proc_handler = proc_dointvec
1da177e4
LT		 420 },
421 {
1da177e4
LT		 422 .procname = "tcp_ecn",
423 .data = &sysctl_tcp_ecn,
424 .maxlen = sizeof(int),
425 .mode = 0644,
6d9f239a 426 .proc_handler = proc_dointvec
1da177e4
LT		 427 },
428 {
1da177e4
LT		 429 .procname = "tcp_dsack",
430 .data = &sysctl_tcp_dsack,
431 .maxlen = sizeof(int),
432 .mode = 0644,
6d9f239a 433 .proc_handler = proc_dointvec
1da177e4
LT		 434 },
435 {
1da177e4
LT		 436 .procname = "tcp_mem",
437 .data = &sysctl_tcp_mem,
438 .maxlen = sizeof(sysctl_tcp_mem),
439 .mode = 0644,
8d987e5c 440 .proc_handler = proc_doulongvec_minmax
1da177e4
LT		 441 },
442 {
1da177e4
LT		 443 .procname = "tcp_wmem",
444 .data = &sysctl_tcp_wmem,
445 .maxlen = sizeof(sysctl_tcp_wmem),
446 .mode = 0644,
6d9f239a 447 .proc_handler = proc_dointvec
1da177e4
LT		 448 },
449 {
1da177e4
LT		 450 .procname = "tcp_rmem",
451 .data = &sysctl_tcp_rmem,
452 .maxlen = sizeof(sysctl_tcp_rmem),
453 .mode = 0644,
6d9f239a 454 .proc_handler = proc_dointvec
1da177e4
LT		 455 },
456 {
1da177e4
LT		 457 .procname = "tcp_app_win",
458 .data = &sysctl_tcp_app_win,
459 .maxlen = sizeof(int),
460 .mode = 0644,
6d9f239a 461 .proc_handler = proc_dointvec
1da177e4
LT		 462 },
463 {
1da177e4
LT		 464 .procname = "tcp_adv_win_scale",
465 .data = &sysctl_tcp_adv_win_scale,
466 .maxlen = sizeof(int),
467 .mode = 0644,
0147fc05
AD		 468 .proc_handler = proc_dointvec_minmax,
469 .extra1 = &tcp_adv_win_scale_min,
470 .extra2 = &tcp_adv_win_scale_max,
1da177e4 471 },
1da177e4 472 {
1da177e4
LT		 473 .procname = "tcp_tw_reuse",
474 .data = &sysctl_tcp_tw_reuse,
475 .maxlen = sizeof(int),
476 .mode = 0644,
6d9f239a 477 .proc_handler = proc_dointvec
1da177e4
LT		 478 },
479 {
1da177e4
LT		 480 .procname = "tcp_frto",
481 .data = &sysctl_tcp_frto,
482 .maxlen = sizeof(int),
483 .mode = 0644,
6d9f239a 484 .proc_handler = proc_dointvec
1da177e4 485 },
3cfe3baa 486 {
3cfe3baa
IJ		 487 .procname = "tcp_frto_response",
488 .data = &sysctl_tcp_frto_response,
489 .maxlen = sizeof(int),
490 .mode = 0644,
6d9f239a 491 .proc_handler = proc_dointvec
3cfe3baa 492 },
1da177e4 493 {
1da177e4
LT		 494 .procname = "tcp_low_latency",
495 .data = &sysctl_tcp_low_latency,
496 .maxlen = sizeof(int),
497 .mode = 0644,
6d9f239a 498 .proc_handler = proc_dointvec
1da177e4 499 },
1da177e4 500 {
1da177e4
LT		 501 .procname = "tcp_no_metrics_save",
502 .data = &sysctl_tcp_nometrics_save,
503 .maxlen = sizeof(int),
504 .mode = 0644,
6d9f239a 505 .proc_handler = proc_dointvec,
1da177e4 506 },
1da177e4 507 {
1da177e4
LT		 508 .procname = "tcp_moderate_rcvbuf",
509 .data = &sysctl_tcp_moderate_rcvbuf,
510 .maxlen = sizeof(int),
511 .mode = 0644,
6d9f239a 512 .proc_handler = proc_dointvec,
1da177e4
LT		 513 },
514 {
1da177e4
LT		 515 .procname = "tcp_tso_win_divisor",
516 .data = &sysctl_tcp_tso_win_divisor,
517 .maxlen = sizeof(int),
518 .mode = 0644,
6d9f239a 519 .proc_handler = proc_dointvec,
1da177e4
LT		 520 },
521 {
317a76f9 522 .procname = "tcp_congestion_control",
1da177e4 523 .mode = 0644,
317a76f9 524 .maxlen = TCP_CA_NAME_MAX,
6d9f239a 525 .proc_handler = proc_tcp_congestion_control,
1da177e4 526 },
9772efb9 527 {
9772efb9
SH		 528 .procname = "tcp_abc",
529 .data = &sysctl_tcp_abc,
530 .maxlen = sizeof(int),
531 .mode = 0644,
6d9f239a 532 .proc_handler = proc_dointvec,
9772efb9 533 },
5d424d5a 534 {
5d424d5a
JH		 535 .procname = "tcp_mtu_probing",
536 .data = &sysctl_tcp_mtu_probing,
537 .maxlen = sizeof(int),
538 .mode = 0644,
6d9f239a 539 .proc_handler = proc_dointvec,
5d424d5a
JH		 540 },
541 {
5d424d5a
JH		 542 .procname = "tcp_base_mss",
543 .data = &sysctl_tcp_base_mss,
544 .maxlen = sizeof(int),
545 .mode = 0644,
6d9f239a 546 .proc_handler = proc_dointvec,
5d424d5a 547 },
e905a9ed 548 {
15d99e02
RJ		 549 .procname = "tcp_workaround_signed_windows",
550 .data = &sysctl_tcp_workaround_signed_windows,
551 .maxlen = sizeof(int),
552 .mode = 0644,
6d9f239a 553 .proc_handler = proc_dointvec
15d99e02 554 },
95937825
CL		 555#ifdef CONFIG_NET_DMA
556 {
95937825
CL		 557 .procname = "tcp_dma_copybreak",
558 .data = &sysctl_tcp_dma_copybreak,
559 .maxlen = sizeof(int),
560 .mode = 0644,
6d9f239a 561 .proc_handler = proc_dointvec
95937825
CL		 562 },
563#endif
35089bb2 564 {
35089bb2
DM		 565 .procname = "tcp_slow_start_after_idle",
566 .data = &sysctl_tcp_slow_start_after_idle,
567 .maxlen = sizeof(int),
568 .mode = 0644,
6d9f239a 569 .proc_handler = proc_dointvec
35089bb2 570 },
446fda4f
PM		 571#ifdef CONFIG_NETLABEL
572 {
446fda4f
PM		 573 .procname = "cipso_cache_enable",
574 .data = &cipso_v4_cache_enabled,
575 .maxlen = sizeof(int),
576 .mode = 0644,
6d9f239a 577 .proc_handler = proc_dointvec,
446fda4f
PM		 578 },
579 {
446fda4f
PM		 580 .procname = "cipso_cache_bucket_size",
581 .data = &cipso_v4_cache_bucketsize,
582 .maxlen = sizeof(int),
583 .mode = 0644,
6d9f239a 584 .proc_handler = proc_dointvec,
446fda4f
PM		 585 },
586 {
446fda4f
PM		 587 .procname = "cipso_rbm_optfmt",
588 .data = &cipso_v4_rbm_optfmt,
589 .maxlen = sizeof(int),
590 .mode = 0644,
6d9f239a 591 .proc_handler = proc_dointvec,
446fda4f
PM		 592 },
593 {
446fda4f
PM		 594 .procname = "cipso_rbm_strictvalid",
595 .data = &cipso_v4_rbm_strictvalid,
596 .maxlen = sizeof(int),
597 .mode = 0644,
6d9f239a 598 .proc_handler = proc_dointvec,
446fda4f
PM		 599 },
600#endif /* CONFIG_NETLABEL */
3ff825b2 601 {
3ff825b2
SH		 602 .procname = "tcp_available_congestion_control",
603 .maxlen = TCP_CA_BUF_MAX,
604 .mode = 0444,
6d9f239a 605 .proc_handler = proc_tcp_available_congestion_control,
3ff825b2 606 },
ce7bc3bf 607 {
ce7bc3bf
SH		 608 .procname = "tcp_allowed_congestion_control",
609 .maxlen = TCP_CA_BUF_MAX,
610 .mode = 0644,
6d9f239a 611 .proc_handler = proc_allowed_congestion_control,
ce7bc3bf 612 },
886236c1 613 {
886236c1
JH		 614 .procname = "tcp_max_ssthresh",
615 .data = &sysctl_tcp_max_ssthresh,
616 .maxlen = sizeof(int),
617 .mode = 0644,
6d9f239a 618 .proc_handler = proc_dointvec,
886236c1 619 },
519855c5 620 {
519855c5
WAS		 621 .procname = "tcp_cookie_size",
622 .data = &sysctl_tcp_cookie_size,
623 .maxlen = sizeof(int),
624 .mode = 0644,
625 .proc_handler = proc_dointvec
626 },
36e31b0a
AP		 627 {
628 .procname = "tcp_thin_linear_timeouts",
629 .data = &sysctl_tcp_thin_linear_timeouts,
630 .maxlen = sizeof(int),
631 .mode = 0644,
632 .proc_handler = proc_dointvec
633 },
7e380175
AP		 634 {
635 .procname = "tcp_thin_dupack",
636 .data = &sysctl_tcp_thin_dupack,
637 .maxlen = sizeof(int),
638 .mode = 0644,
639 .proc_handler = proc_dointvec
640 },
95766fff 641 {
95766fff
HA		 642 .procname = "udp_mem",
643 .data = &sysctl_udp_mem,
644 .maxlen = sizeof(sysctl_udp_mem),
645 .mode = 0644,
8d987e5c 646 .proc_handler = proc_doulongvec_minmax,
95766fff
HA		 647 },
648 {
95766fff
HA		 649 .procname = "udp_rmem_min",
650 .data = &sysctl_udp_rmem_min,
651 .maxlen = sizeof(sysctl_udp_rmem_min),
652 .mode = 0644,
6d9f239a 653 .proc_handler = proc_dointvec_minmax,
95766fff
HA		 654 .extra1 = &zero
655 },
656 {
95766fff
HA		 657 .procname = "udp_wmem_min",
658 .data = &sysctl_udp_wmem_min,
659 .maxlen = sizeof(sysctl_udp_wmem_min),
660 .mode = 0644,
6d9f239a 661 .proc_handler = proc_dointvec_minmax,
95766fff
HA		 662 .extra1 = &zero
663 },
f8572d8f 664 { }
1da177e4 665};
3e37c3f9 666
68528f09
PE		 667static struct ctl_table ipv4_net_table[] = {
668 {
68528f09
PE		 669 .procname = "icmp_echo_ignore_all",
670 .data = &init_net.ipv4.sysctl_icmp_echo_ignore_all,
671 .maxlen = sizeof(int),
672 .mode = 0644,
6d9f239a 673 .proc_handler = proc_dointvec
68528f09
PE		 674 },
675 {
68528f09
PE		 676 .procname = "icmp_echo_ignore_broadcasts",
677 .data = &init_net.ipv4.sysctl_icmp_echo_ignore_broadcasts,
678 .maxlen = sizeof(int),
679 .mode = 0644,
6d9f239a 680 .proc_handler = proc_dointvec
68528f09
PE		 681 },
682 {
68528f09
PE		 683 .procname = "icmp_ignore_bogus_error_responses",
684 .data = &init_net.ipv4.sysctl_icmp_ignore_bogus_error_responses,
685 .maxlen = sizeof(int),
686 .mode = 0644,
6d9f239a 687 .proc_handler = proc_dointvec
68528f09
PE		 688 },
689 {
68528f09
PE		 690 .procname = "icmp_errors_use_inbound_ifaddr",
691 .data = &init_net.ipv4.sysctl_icmp_errors_use_inbound_ifaddr,
692 .maxlen = sizeof(int),
693 .mode = 0644,
6d9f239a 694 .proc_handler = proc_dointvec
68528f09
PE		 695 },
696 {
68528f09
PE		 697 .procname = "icmp_ratelimit",
698 .data = &init_net.ipv4.sysctl_icmp_ratelimit,
699 .maxlen = sizeof(int),
700 .mode = 0644,
6d9f239a 701 .proc_handler = proc_dointvec_ms_jiffies,
68528f09
PE		 702 },
703 {
68528f09
PE		 704 .procname = "icmp_ratemask",
705 .data = &init_net.ipv4.sysctl_icmp_ratemask,
706 .maxlen = sizeof(int),
707 .mode = 0644,
6d9f239a 708 .proc_handler = proc_dointvec
68528f09 709 },
1080d709 710 {
1080d709
NH		 711 .procname = "rt_cache_rebuild_count",
712 .data = &init_net.ipv4.sysctl_rt_cache_rebuild_count,
713 .maxlen = sizeof(int),
714 .mode = 0644,
6d9f239a 715 .proc_handler = proc_dointvec
1080d709 716 },
c319b4d7
VK		 717 {
718 .procname = "ping_group_range",
719 .data = &init_net.ipv4.sysctl_ping_group_range,
720 .maxlen = sizeof(init_net.ipv4.sysctl_ping_group_range),
721 .mode = 0644,
722 .proc_handler = ipv4_ping_group_range,
723 },
68528f09
PE		 724 { }
725};
726
3d7cc2ba 727struct ctl_path net_ipv4_ctl_path[] = {
f8572d8f
EB		 728 { .procname = "net", },
729 { .procname = "ipv4", },
3e37c3f9
PE		 730 { },
731};
3d7cc2ba 732EXPORT_SYMBOL_GPL(net_ipv4_ctl_path);
3e37c3f9 733
1577519d
PE		 734static __net_init int ipv4_sysctl_init_net(struct net *net)
735{
68528f09
PE		 736 struct ctl_table *table;
737
738 table = ipv4_net_table;
09ad9bc7 739 if (!net_eq(net, &init_net)) {
68528f09
PE		 740 table = kmemdup(table, sizeof(ipv4_net_table), GFP_KERNEL);
741 if (table == NULL)
742 goto err_alloc;
743
744 table[0].data =
745 &net->ipv4.sysctl_icmp_echo_ignore_all;
746 table[1].data =
747 &net->ipv4.sysctl_icmp_echo_ignore_broadcasts;
748 table[2].data =
749 &net->ipv4.sysctl_icmp_ignore_bogus_error_responses;
750 table[3].data =
751 &net->ipv4.sysctl_icmp_errors_use_inbound_ifaddr;
752 table[4].data =
753 &net->ipv4.sysctl_icmp_ratelimit;
754 table[5].data =
755 &net->ipv4.sysctl_icmp_ratemask;
1080d709
NH		 756 table[6].data =
757 &net->ipv4.sysctl_rt_cache_rebuild_count;
c319b4d7
VK		 758 table[7].data =
759 &net->ipv4.sysctl_ping_group_range;
760
68528f09
PE		 761 }
762
c319b4d7
VK		 763 /*
764 * Sane defaults - nobody may create ping sockets.
765 * Boot scripts should set this to distro-specific group.
766 */
767 net->ipv4.sysctl_ping_group_range[0] = 1;
768 net->ipv4.sysctl_ping_group_range[1] = 0;
769
1080d709
NH		 770 net->ipv4.sysctl_rt_cache_rebuild_count = 4;
771
68528f09
PE		 772 net->ipv4.ipv4_hdr = register_net_sysctl_table(net,
773 net_ipv4_ctl_path, table);
774 if (net->ipv4.ipv4_hdr == NULL)
775 goto err_reg;
776
1577519d 777 return 0;
68528f09
PE		 778
779err_reg:
09ad9bc7 780 if (!net_eq(net, &init_net))
68528f09
PE		 781 kfree(table);
782err_alloc:
783 return -ENOMEM;
1577519d
PE		 784}
785
786static __net_exit void ipv4_sysctl_exit_net(struct net *net)
787{
68528f09
PE		 788 struct ctl_table *table;
789
790 table = net->ipv4.ipv4_hdr->ctl_table_arg;
791 unregister_net_sysctl_table(net->ipv4.ipv4_hdr);
792 kfree(table);
1577519d
PE		 793}
794
795static __net_initdata struct pernet_operations ipv4_sysctl_ops = {
796 .init = ipv4_sysctl_init_net,
797 .exit = ipv4_sysctl_exit_net,
798};
799
3e37c3f9
PE		 800static __init int sysctl_ipv4_init(void)
801{
802 struct ctl_table_header *hdr;
e3826f1e
AW		 803 struct ctl_table *i;
804
805 for (i = ipv4_table; i->procname; i++) {
806 if (strcmp(i->procname, "ip_local_reserved_ports") == 0) {
807 i->data = sysctl_local_reserved_ports;
808 break;
809 }
810 }
811 if (!i->procname)
812 return -EINVAL;
3e37c3f9 813
3d7cc2ba 814 hdr = register_sysctl_paths(net_ipv4_ctl_path, ipv4_table);
1577519d
PE		 815 if (hdr == NULL)
816 return -ENOMEM;
817
818 if (register_pernet_subsys(&ipv4_sysctl_ops)) {
819 unregister_sysctl_table(hdr);
820 return -ENOMEM;
821 }
822
823 return 0;
3e37c3f9
PE		 824}
825
826__initcall(sysctl_ipv4_init);
Linux kernel - Deliverables
This page took 0.675 seconds and 5 git commands to generate.