1
2
3
4
5
6
7
8#include <linux/mm.h>
9#include <linux/module.h>
10#include <linux/sysctl.h>
11#include <linux/igmp.h>
12#include <linux/inetdevice.h>
13#include <linux/seqlock.h>
14#include <linux/init.h>
15#include <net/snmp.h>
16#include <net/icmp.h>
17#include <net/ip.h>
18#include <net/route.h>
19#include <net/tcp.h>
20#include <net/udp.h>
21#include <net/cipso_ipv4.h>
22#include <net/inet_frag.h>
23
24static int zero;
25static int tcp_retr1_max = 255;
26static int ip_local_port_range_min[] = { 1, 1 };
27static int ip_local_port_range_max[] = { 65535, 65535 };
28
29
30static void set_local_port_range(int range[2])
31{
32 write_seqlock(&sysctl_local_ports.lock);
33 sysctl_local_ports.range[0] = range[0];
34 sysctl_local_ports.range[1] = range[1];
35 write_sequnlock(&sysctl_local_ports.lock);
36}
37
38
39static int ipv4_local_port_range(ctl_table *table, int write,
40 void __user *buffer,
41 size_t *lenp, loff_t *ppos)
42{
43 int ret;
44 int range[2];
45 ctl_table tmp = {
46 .data = &range,
47 .maxlen = sizeof(range),
48 .mode = table->mode,
49 .extra1 = &ip_local_port_range_min,
50 .extra2 = &ip_local_port_range_max,
51 };
52
53 inet_get_local_port_range(range, range + 1);
54 ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
55
56 if (write && ret == 0) {
57 if (range[1] < range[0])
58 ret = -EINVAL;
59 else
60 set_local_port_range(range);
61 }
62
63 return ret;
64}
65
66
67static int ipv4_sysctl_local_port_range(ctl_table *table,
68 void __user *oldval,
69 size_t __user *oldlenp,
70 void __user *newval, size_t newlen)
71{
72 int ret;
73 int range[2];
74 ctl_table tmp = {
75 .data = &range,
76 .maxlen = sizeof(range),
77 .mode = table->mode,
78 .extra1 = &ip_local_port_range_min,
79 .extra2 = &ip_local_port_range_max,
80 };
81
82 inet_get_local_port_range(range, range + 1);
83 ret = sysctl_intvec(&tmp, oldval, oldlenp, newval, newlen);
84 if (ret == 0 && newval && newlen) {
85 if (range[1] < range[0])
86 ret = -EINVAL;
87 else
88 set_local_port_range(range);
89 }
90 return ret;
91}
92
93
94static int proc_tcp_congestion_control(ctl_table *ctl, int write,
95 void __user *buffer, size_t *lenp, loff_t *ppos)
96{
97 char val[TCP_CA_NAME_MAX];
98 ctl_table tbl = {
99 .data = val,
100 .maxlen = TCP_CA_NAME_MAX,
101 };
102 int ret;
103
104 tcp_get_default_congestion_control(val);
105
106 ret = proc_dostring(&tbl, write, buffer, lenp, ppos);
107 if (write && ret == 0)
108 ret = tcp_set_default_congestion_control(val);
109 return ret;
110}
111
112static int sysctl_tcp_congestion_control(ctl_table *table,
113 void __user *oldval,
114 size_t __user *oldlenp,
115 void __user *newval, size_t newlen)
116{
117 char val[TCP_CA_NAME_MAX];
118 ctl_table tbl = {
119 .data = val,
120 .maxlen = TCP_CA_NAME_MAX,
121 };
122 int ret;
123
124 tcp_get_default_congestion_control(val);
125 ret = sysctl_string(&tbl, oldval, oldlenp, newval, newlen);
126 if (ret == 1 && newval && newlen)
127 ret = tcp_set_default_congestion_control(val);
128 return ret;
129}
130
131static int proc_tcp_available_congestion_control(ctl_table *ctl,
132 int write,
133 void __user *buffer, size_t *lenp,
134 loff_t *ppos)
135{
136 ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX, };
137 int ret;
138
139 tbl.data = kmalloc(tbl.maxlen, GFP_USER);
140 if (!tbl.data)
141 return -ENOMEM;
142 tcp_get_available_congestion_control(tbl.data, TCP_CA_BUF_MAX);
143 ret = proc_dostring(&tbl, write, buffer, lenp, ppos);
144 kfree(tbl.data);
145 return ret;
146}
147
148static int proc_allowed_congestion_control(ctl_table *ctl,
149 int write,
150 void __user *buffer, size_t *lenp,
151 loff_t *ppos)
152{
153 ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX };
154 int ret;
155
156 tbl.data = kmalloc(tbl.maxlen, GFP_USER);
157 if (!tbl.data)
158 return -ENOMEM;
159
160 tcp_get_allowed_congestion_control(tbl.data, tbl.maxlen);
161 ret = proc_dostring(&tbl, write, buffer, lenp, ppos);
162 if (write && ret == 0)
163 ret = tcp_set_allowed_congestion_control(tbl.data);
164 kfree(tbl.data);
165 return ret;
166}
167
168static int strategy_allowed_congestion_control(ctl_table *table,
169 void __user *oldval,
170 size_t __user *oldlenp,
171 void __user *newval,
172 size_t newlen)
173{
174 ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX };
175 int ret;
176
177 tbl.data = kmalloc(tbl.maxlen, GFP_USER);
178 if (!tbl.data)
179 return -ENOMEM;
180
181 tcp_get_available_congestion_control(tbl.data, tbl.maxlen);
182 ret = sysctl_string(&tbl, oldval, oldlenp, newval, newlen);
183 if (ret == 1 && newval && newlen)
184 ret = tcp_set_allowed_congestion_control(tbl.data);
185 kfree(tbl.data);
186
187 return ret;
188
189}
190
191static struct ctl_table ipv4_table[] = {
192 {
193 .ctl_name = NET_IPV4_TCP_TIMESTAMPS,
194 .procname = "tcp_timestamps",
195 .data = &sysctl_tcp_timestamps,
196 .maxlen = sizeof(int),
197 .mode = 0644,
198 .proc_handler = proc_dointvec
199 },
200 {
201 .ctl_name = NET_IPV4_TCP_WINDOW_SCALING,
202 .procname = "tcp_window_scaling",
203 .data = &sysctl_tcp_window_scaling,
204 .maxlen = sizeof(int),
205 .mode = 0644,
206 .proc_handler = proc_dointvec
207 },
208 {
209 .ctl_name = NET_IPV4_TCP_SACK,
210 .procname = "tcp_sack",
211 .data = &sysctl_tcp_sack,
212 .maxlen = sizeof(int),
213 .mode = 0644,
214 .proc_handler = proc_dointvec
215 },
216 {
217 .ctl_name = NET_IPV4_TCP_RETRANS_COLLAPSE,
218 .procname = "tcp_retrans_collapse",
219 .data = &sysctl_tcp_retrans_collapse,
220 .maxlen = sizeof(int),
221 .mode = 0644,
222 .proc_handler = proc_dointvec
223 },
224 {
225 .ctl_name = NET_IPV4_DEFAULT_TTL,
226 .procname = "ip_default_ttl",
227 .data = &sysctl_ip_default_ttl,
228 .maxlen = sizeof(int),
229 .mode = 0644,
230 .proc_handler = ipv4_doint_and_flush,
231 .strategy = ipv4_doint_and_flush_strategy,
232 .extra2 = &init_net,
233 },
234 {
235 .ctl_name = NET_IPV4_NO_PMTU_DISC,
236 .procname = "ip_no_pmtu_disc",
237 .data = &ipv4_config.no_pmtu_disc,
238 .maxlen = sizeof(int),
239 .mode = 0644,
240 .proc_handler = proc_dointvec
241 },
242 {
243 .ctl_name = NET_IPV4_NONLOCAL_BIND,
244 .procname = "ip_nonlocal_bind",
245 .data = &sysctl_ip_nonlocal_bind,
246 .maxlen = sizeof(int),
247 .mode = 0644,
248 .proc_handler = proc_dointvec
249 },
250 {
251 .ctl_name = NET_IPV4_TCP_SYN_RETRIES,
252 .procname = "tcp_syn_retries",
253 .data = &sysctl_tcp_syn_retries,
254 .maxlen = sizeof(int),
255 .mode = 0644,
256 .proc_handler = proc_dointvec
257 },
258 {
259 .ctl_name = NET_TCP_SYNACK_RETRIES,
260 .procname = "tcp_synack_retries",
261 .data = &sysctl_tcp_synack_retries,
262 .maxlen = sizeof(int),
263 .mode = 0644,
264 .proc_handler = proc_dointvec
265 },
266 {
267 .ctl_name = NET_TCP_MAX_ORPHANS,
268 .procname = "tcp_max_orphans",
269 .data = &sysctl_tcp_max_orphans,
270 .maxlen = sizeof(int),
271 .mode = 0644,
272 .proc_handler = proc_dointvec
273 },
274 {
275 .ctl_name = NET_TCP_MAX_TW_BUCKETS,
276 .procname = "tcp_max_tw_buckets",
277 .data = &tcp_death_row.sysctl_max_tw_buckets,
278 .maxlen = sizeof(int),
279 .mode = 0644,
280 .proc_handler = proc_dointvec
281 },
282 {
283 .ctl_name = NET_IPV4_DYNADDR,
284 .procname = "ip_dynaddr",
285 .data = &sysctl_ip_dynaddr,
286 .maxlen = sizeof(int),
287 .mode = 0644,
288 .proc_handler = proc_dointvec
289 },
290 {
291 .ctl_name = NET_IPV4_TCP_KEEPALIVE_TIME,
292 .procname = "tcp_keepalive_time",
293 .data = &sysctl_tcp_keepalive_time,
294 .maxlen = sizeof(int),
295 .mode = 0644,
296 .proc_handler = proc_dointvec_jiffies,
297 .strategy = sysctl_jiffies
298 },
299 {
300 .ctl_name = NET_IPV4_TCP_KEEPALIVE_PROBES,
301 .procname = "tcp_keepalive_probes",
302 .data = &sysctl_tcp_keepalive_probes,
303 .maxlen = sizeof(int),
304 .mode = 0644,
305 .proc_handler = proc_dointvec
306 },
307 {
308 .ctl_name = NET_IPV4_TCP_KEEPALIVE_INTVL,
309 .procname = "tcp_keepalive_intvl",
310 .data = &sysctl_tcp_keepalive_intvl,
311 .maxlen = sizeof(int),
312 .mode = 0644,
313 .proc_handler = proc_dointvec_jiffies,
314 .strategy = sysctl_jiffies
315 },
316 {
317 .ctl_name = NET_IPV4_TCP_RETRIES1,
318 .procname = "tcp_retries1",
319 .data = &sysctl_tcp_retries1,
320 .maxlen = sizeof(int),
321 .mode = 0644,
322 .proc_handler = proc_dointvec_minmax,
323 .strategy = sysctl_intvec,
324 .extra2 = &tcp_retr1_max
325 },
326 {
327 .ctl_name = NET_IPV4_TCP_RETRIES2,
328 .procname = "tcp_retries2",
329 .data = &sysctl_tcp_retries2,
330 .maxlen = sizeof(int),
331 .mode = 0644,
332 .proc_handler = proc_dointvec
333 },
334 {
335 .ctl_name = NET_IPV4_TCP_FIN_TIMEOUT,
336 .procname = "tcp_fin_timeout",
337 .data = &sysctl_tcp_fin_timeout,
338 .maxlen = sizeof(int),
339 .mode = 0644,
340 .proc_handler = proc_dointvec_jiffies,
341 .strategy = sysctl_jiffies
342 },
343#ifdef CONFIG_SYN_COOKIES
344 {
345 .ctl_name = NET_TCP_SYNCOOKIES,
346 .procname = "tcp_syncookies",
347 .data = &sysctl_tcp_syncookies,
348 .maxlen = sizeof(int),
349 .mode = 0644,
350 .proc_handler = proc_dointvec
351 },
352#endif
353 {
354 .ctl_name = NET_TCP_TW_RECYCLE,
355 .procname = "tcp_tw_recycle",
356 .data = &tcp_death_row.sysctl_tw_recycle,
357 .maxlen = sizeof(int),
358 .mode = 0644,
359 .proc_handler = proc_dointvec
360 },
361 {
362 .ctl_name = NET_TCP_ABORT_ON_OVERFLOW,
363 .procname = "tcp_abort_on_overflow",
364 .data = &sysctl_tcp_abort_on_overflow,
365 .maxlen = sizeof(int),
366 .mode = 0644,
367 .proc_handler = proc_dointvec
368 },
369 {
370 .ctl_name = NET_TCP_STDURG,
371 .procname = "tcp_stdurg",
372 .data = &sysctl_tcp_stdurg,
373 .maxlen = sizeof(int),
374 .mode = 0644,
375 .proc_handler = proc_dointvec
376 },
377 {
378 .ctl_name = NET_TCP_RFC1337,
379 .procname = "tcp_rfc1337",
380 .data = &sysctl_tcp_rfc1337,
381 .maxlen = sizeof(int),
382 .mode = 0644,
383 .proc_handler = proc_dointvec
384 },
385 {
386 .ctl_name = NET_TCP_MAX_SYN_BACKLOG,
387 .procname = "tcp_max_syn_backlog",
388 .data = &sysctl_max_syn_backlog,
389 .maxlen = sizeof(int),
390 .mode = 0644,
391 .proc_handler = proc_dointvec
392 },
393 {
394 .ctl_name = NET_IPV4_LOCAL_PORT_RANGE,
395 .procname = "ip_local_port_range",
396 .data = &sysctl_local_ports.range,
397 .maxlen = sizeof(sysctl_local_ports.range),
398 .mode = 0644,
399 .proc_handler = ipv4_local_port_range,
400 .strategy = ipv4_sysctl_local_port_range,
401 },
402#ifdef CONFIG_IP_MULTICAST
403 {
404 .ctl_name = NET_IPV4_IGMP_MAX_MEMBERSHIPS,
405 .procname = "igmp_max_memberships",
406 .data = &sysctl_igmp_max_memberships,
407 .maxlen = sizeof(int),
408 .mode = 0644,
409 .proc_handler = proc_dointvec
410 },
411
412#endif
413 {
414 .ctl_name = NET_IPV4_IGMP_MAX_MSF,
415 .procname = "igmp_max_msf",
416 .data = &sysctl_igmp_max_msf,
417 .maxlen = sizeof(int),
418 .mode = 0644,
419 .proc_handler = proc_dointvec
420 },
421 {
422 .ctl_name = NET_IPV4_INET_PEER_THRESHOLD,
423 .procname = "inet_peer_threshold",
424 .data = &inet_peer_threshold,
425 .maxlen = sizeof(int),
426 .mode = 0644,
427 .proc_handler = proc_dointvec
428 },
429 {
430 .ctl_name = NET_IPV4_INET_PEER_MINTTL,
431 .procname = "inet_peer_minttl",
432 .data = &inet_peer_minttl,
433 .maxlen = sizeof(int),
434 .mode = 0644,
435 .proc_handler = proc_dointvec_jiffies,
436 .strategy = sysctl_jiffies
437 },
438 {
439 .ctl_name = NET_IPV4_INET_PEER_MAXTTL,
440 .procname = "inet_peer_maxttl",
441 .data = &inet_peer_maxttl,
442 .maxlen = sizeof(int),
443 .mode = 0644,
444 .proc_handler = proc_dointvec_jiffies,
445 .strategy = sysctl_jiffies
446 },
447 {
448 .ctl_name = NET_IPV4_INET_PEER_GC_MINTIME,
449 .procname = "inet_peer_gc_mintime",
450 .data = &inet_peer_gc_mintime,
451 .maxlen = sizeof(int),
452 .mode = 0644,
453 .proc_handler = proc_dointvec_jiffies,
454 .strategy = sysctl_jiffies
455 },
456 {
457 .ctl_name = NET_IPV4_INET_PEER_GC_MAXTIME,
458 .procname = "inet_peer_gc_maxtime",
459 .data = &inet_peer_gc_maxtime,
460 .maxlen = sizeof(int),
461 .mode = 0644,
462 .proc_handler = proc_dointvec_jiffies,
463 .strategy = sysctl_jiffies
464 },
465 {
466 .ctl_name = NET_TCP_ORPHAN_RETRIES,
467 .procname = "tcp_orphan_retries",
468 .data = &sysctl_tcp_orphan_retries,
469 .maxlen = sizeof(int),
470 .mode = 0644,
471 .proc_handler = proc_dointvec
472 },
473 {
474 .ctl_name = NET_TCP_FACK,
475 .procname = "tcp_fack",
476 .data = &sysctl_tcp_fack,
477 .maxlen = sizeof(int),
478 .mode = 0644,
479 .proc_handler = proc_dointvec
480 },
481 {
482 .ctl_name = NET_TCP_REORDERING,
483 .procname = "tcp_reordering",
484 .data = &sysctl_tcp_reordering,
485 .maxlen = sizeof(int),
486 .mode = 0644,
487 .proc_handler = proc_dointvec
488 },
489 {
490 .ctl_name = NET_TCP_ECN,
491 .procname = "tcp_ecn",
492 .data = &sysctl_tcp_ecn,
493 .maxlen = sizeof(int),
494 .mode = 0644,
495 .proc_handler = proc_dointvec
496 },
497 {
498 .ctl_name = NET_TCP_DSACK,
499 .procname = "tcp_dsack",
500 .data = &sysctl_tcp_dsack,
501 .maxlen = sizeof(int),
502 .mode = 0644,
503 .proc_handler = proc_dointvec
504 },
505 {
506 .ctl_name = NET_TCP_MEM,
507 .procname = "tcp_mem",
508 .data = &sysctl_tcp_mem,
509 .maxlen = sizeof(sysctl_tcp_mem),
510 .mode = 0644,
511 .proc_handler = proc_dointvec
512 },
513 {
514 .ctl_name = NET_TCP_WMEM,
515 .procname = "tcp_wmem",
516 .data = &sysctl_tcp_wmem,
517 .maxlen = sizeof(sysctl_tcp_wmem),
518 .mode = 0644,
519 .proc_handler = proc_dointvec
520 },
521 {
522 .ctl_name = NET_TCP_RMEM,
523 .procname = "tcp_rmem",
524 .data = &sysctl_tcp_rmem,
525 .maxlen = sizeof(sysctl_tcp_rmem),
526 .mode = 0644,
527 .proc_handler = proc_dointvec
528 },
529 {
530 .ctl_name = NET_TCP_APP_WIN,
531 .procname = "tcp_app_win",
532 .data = &sysctl_tcp_app_win,
533 .maxlen = sizeof(int),
534 .mode = 0644,
535 .proc_handler = proc_dointvec
536 },
537 {
538 .ctl_name = NET_TCP_ADV_WIN_SCALE,
539 .procname = "tcp_adv_win_scale",
540 .data = &sysctl_tcp_adv_win_scale,
541 .maxlen = sizeof(int),
542 .mode = 0644,
543 .proc_handler = proc_dointvec
544 },
545 {
546 .ctl_name = NET_TCP_TW_REUSE,
547 .procname = "tcp_tw_reuse",
548 .data = &sysctl_tcp_tw_reuse,
549 .maxlen = sizeof(int),
550 .mode = 0644,
551 .proc_handler = proc_dointvec
552 },
553 {
554 .ctl_name = NET_TCP_FRTO,
555 .procname = "tcp_frto",
556 .data = &sysctl_tcp_frto,
557 .maxlen = sizeof(int),
558 .mode = 0644,
559 .proc_handler = proc_dointvec
560 },
561 {
562 .ctl_name = NET_TCP_FRTO_RESPONSE,
563 .procname = "tcp_frto_response",
564 .data = &sysctl_tcp_frto_response,
565 .maxlen = sizeof(int),
566 .mode = 0644,
567 .proc_handler = proc_dointvec
568 },
569 {
570 .ctl_name = NET_TCP_LOW_LATENCY,
571 .procname = "tcp_low_latency",
572 .data = &sysctl_tcp_low_latency,
573 .maxlen = sizeof(int),
574 .mode = 0644,
575 .proc_handler = proc_dointvec
576 },
577 {
578 .ctl_name = NET_TCP_NO_METRICS_SAVE,
579 .procname = "tcp_no_metrics_save",
580 .data = &sysctl_tcp_nometrics_save,
581 .maxlen = sizeof(int),
582 .mode = 0644,
583 .proc_handler = proc_dointvec,
584 },
585 {
586 .ctl_name = NET_TCP_MODERATE_RCVBUF,
587 .procname = "tcp_moderate_rcvbuf",
588 .data = &sysctl_tcp_moderate_rcvbuf,
589 .maxlen = sizeof(int),
590 .mode = 0644,
591 .proc_handler = proc_dointvec,
592 },
593 {
594 .ctl_name = NET_TCP_TSO_WIN_DIVISOR,
595 .procname = "tcp_tso_win_divisor",
596 .data = &sysctl_tcp_tso_win_divisor,
597 .maxlen = sizeof(int),
598 .mode = 0644,
599 .proc_handler = proc_dointvec,
600 },
601 {
602 .ctl_name = NET_TCP_CONG_CONTROL,
603 .procname = "tcp_congestion_control",
604 .mode = 0644,
605 .maxlen = TCP_CA_NAME_MAX,
606 .proc_handler = proc_tcp_congestion_control,
607 .strategy = sysctl_tcp_congestion_control,
608 },
609 {
610 .ctl_name = NET_TCP_ABC,
611 .procname = "tcp_abc",
612 .data = &sysctl_tcp_abc,
613 .maxlen = sizeof(int),
614 .mode = 0644,
615 .proc_handler = proc_dointvec,
616 },
617 {
618 .ctl_name = NET_TCP_MTU_PROBING,
619 .procname = "tcp_mtu_probing",
620 .data = &sysctl_tcp_mtu_probing,
621 .maxlen = sizeof(int),
622 .mode = 0644,
623 .proc_handler = proc_dointvec,
624 },
625 {
626 .ctl_name = NET_TCP_BASE_MSS,
627 .procname = "tcp_base_mss",
628 .data = &sysctl_tcp_base_mss,
629 .maxlen = sizeof(int),
630 .mode = 0644,
631 .proc_handler = proc_dointvec,
632 },
633 {
634 .ctl_name = NET_IPV4_TCP_WORKAROUND_SIGNED_WINDOWS,
635 .procname = "tcp_workaround_signed_windows",
636 .data = &sysctl_tcp_workaround_signed_windows,
637 .maxlen = sizeof(int),
638 .mode = 0644,
639 .proc_handler = proc_dointvec
640 },
641#ifdef CONFIG_NET_DMA
642 {
643 .ctl_name = NET_TCP_DMA_COPYBREAK,
644 .procname = "tcp_dma_copybreak",
645 .data = &sysctl_tcp_dma_copybreak,
646 .maxlen = sizeof(int),
647 .mode = 0644,
648 .proc_handler = proc_dointvec
649 },
650#endif
651 {
652 .ctl_name = NET_TCP_SLOW_START_AFTER_IDLE,
653 .procname = "tcp_slow_start_after_idle",
654 .data = &sysctl_tcp_slow_start_after_idle,
655 .maxlen = sizeof(int),
656 .mode = 0644,
657 .proc_handler = proc_dointvec
658 },
659#ifdef CONFIG_NETLABEL
660 {
661 .ctl_name = NET_CIPSOV4_CACHE_ENABLE,
662 .procname = "cipso_cache_enable",
663 .data = &cipso_v4_cache_enabled,
664 .maxlen = sizeof(int),
665 .mode = 0644,
666 .proc_handler = proc_dointvec,
667 },
668 {
669 .ctl_name = NET_CIPSOV4_CACHE_BUCKET_SIZE,
670 .procname = "cipso_cache_bucket_size",
671 .data = &cipso_v4_cache_bucketsize,
672 .maxlen = sizeof(int),
673 .mode = 0644,
674 .proc_handler = proc_dointvec,
675 },
676 {
677 .ctl_name = NET_CIPSOV4_RBM_OPTFMT,
678 .procname = "cipso_rbm_optfmt",
679 .data = &cipso_v4_rbm_optfmt,
680 .maxlen = sizeof(int),
681 .mode = 0644,
682 .proc_handler = proc_dointvec,
683 },
684 {
685 .ctl_name = NET_CIPSOV4_RBM_STRICTVALID,
686 .procname = "cipso_rbm_strictvalid",
687 .data = &cipso_v4_rbm_strictvalid,
688 .maxlen = sizeof(int),
689 .mode = 0644,
690 .proc_handler = proc_dointvec,
691 },
692#endif
693 {
694 .procname = "tcp_available_congestion_control",
695 .maxlen = TCP_CA_BUF_MAX,
696 .mode = 0444,
697 .proc_handler = proc_tcp_available_congestion_control,
698 },
699 {
700 .ctl_name = NET_TCP_ALLOWED_CONG_CONTROL,
701 .procname = "tcp_allowed_congestion_control",
702 .maxlen = TCP_CA_BUF_MAX,
703 .mode = 0644,
704 .proc_handler = proc_allowed_congestion_control,
705 .strategy = strategy_allowed_congestion_control,
706 },
707 {
708 .ctl_name = NET_TCP_MAX_SSTHRESH,
709 .procname = "tcp_max_ssthresh",
710 .data = &sysctl_tcp_max_ssthresh,
711 .maxlen = sizeof(int),
712 .mode = 0644,
713 .proc_handler = proc_dointvec,
714 },
715 {
716 .ctl_name = CTL_UNNUMBERED,
717 .procname = "udp_mem",
718 .data = &sysctl_udp_mem,
719 .maxlen = sizeof(sysctl_udp_mem),
720 .mode = 0644,
721 .proc_handler = proc_dointvec_minmax,
722 .strategy = sysctl_intvec,
723 .extra1 = &zero
724 },
725 {
726 .ctl_name = CTL_UNNUMBERED,
727 .procname = "udp_rmem_min",
728 .data = &sysctl_udp_rmem_min,
729 .maxlen = sizeof(sysctl_udp_rmem_min),
730 .mode = 0644,
731 .proc_handler = proc_dointvec_minmax,
732 .strategy = sysctl_intvec,
733 .extra1 = &zero
734 },
735 {
736 .ctl_name = CTL_UNNUMBERED,
737 .procname = "udp_wmem_min",
738 .data = &sysctl_udp_wmem_min,
739 .maxlen = sizeof(sysctl_udp_wmem_min),
740 .mode = 0644,
741 .proc_handler = proc_dointvec_minmax,
742 .strategy = sysctl_intvec,
743 .extra1 = &zero
744 },
745 { .ctl_name = 0 }
746};
747
748static struct ctl_table ipv4_net_table[] = {
749 {
750 .ctl_name = NET_IPV4_ICMP_ECHO_IGNORE_ALL,
751 .procname = "icmp_echo_ignore_all",
752 .data = &init_net.ipv4.sysctl_icmp_echo_ignore_all,
753 .maxlen = sizeof(int),
754 .mode = 0644,
755 .proc_handler = proc_dointvec
756 },
757 {
758 .ctl_name = NET_IPV4_ICMP_ECHO_IGNORE_BROADCASTS,
759 .procname = "icmp_echo_ignore_broadcasts",
760 .data = &init_net.ipv4.sysctl_icmp_echo_ignore_broadcasts,
761 .maxlen = sizeof(int),
762 .mode = 0644,
763 .proc_handler = proc_dointvec
764 },
765 {
766 .ctl_name = NET_IPV4_ICMP_IGNORE_BOGUS_ERROR_RESPONSES,
767 .procname = "icmp_ignore_bogus_error_responses",
768 .data = &init_net.ipv4.sysctl_icmp_ignore_bogus_error_responses,
769 .maxlen = sizeof(int),
770 .mode = 0644,
771 .proc_handler = proc_dointvec
772 },
773 {
774 .ctl_name = NET_IPV4_ICMP_ERRORS_USE_INBOUND_IFADDR,
775 .procname = "icmp_errors_use_inbound_ifaddr",
776 .data = &init_net.ipv4.sysctl_icmp_errors_use_inbound_ifaddr,
777 .maxlen = sizeof(int),
778 .mode = 0644,
779 .proc_handler = proc_dointvec
780 },
781 {
782 .ctl_name = NET_IPV4_ICMP_RATELIMIT,
783 .procname = "icmp_ratelimit",
784 .data = &init_net.ipv4.sysctl_icmp_ratelimit,
785 .maxlen = sizeof(int),
786 .mode = 0644,
787 .proc_handler = proc_dointvec_ms_jiffies,
788 .strategy = sysctl_ms_jiffies
789 },
790 {
791 .ctl_name = NET_IPV4_ICMP_RATEMASK,
792 .procname = "icmp_ratemask",
793 .data = &init_net.ipv4.sysctl_icmp_ratemask,
794 .maxlen = sizeof(int),
795 .mode = 0644,
796 .proc_handler = proc_dointvec
797 },
798 {
799 .ctl_name = CTL_UNNUMBERED,
800 .procname = "rt_cache_rebuild_count",
801 .data = &init_net.ipv4.sysctl_rt_cache_rebuild_count,
802 .maxlen = sizeof(int),
803 .mode = 0644,
804 .proc_handler = proc_dointvec
805 },
806 { }
807};
808
809struct ctl_path net_ipv4_ctl_path[] = {
810 { .procname = "net", .ctl_name = CTL_NET, },
811 { .procname = "ipv4", .ctl_name = NET_IPV4, },
812 { },
813};
814EXPORT_SYMBOL_GPL(net_ipv4_ctl_path);
815
816static __net_init int ipv4_sysctl_init_net(struct net *net)
817{
818 struct ctl_table *table;
819
820 table = ipv4_net_table;
821 if (net != &init_net) {
822 table = kmemdup(table, sizeof(ipv4_net_table), GFP_KERNEL);
823 if (table == NULL)
824 goto err_alloc;
825
826 table[0].data =
827 &net->ipv4.sysctl_icmp_echo_ignore_all;
828 table[1].data =
829 &net->ipv4.sysctl_icmp_echo_ignore_broadcasts;
830 table[2].data =
831 &net->ipv4.sysctl_icmp_ignore_bogus_error_responses;
832 table[3].data =
833 &net->ipv4.sysctl_icmp_errors_use_inbound_ifaddr;
834 table[4].data =
835 &net->ipv4.sysctl_icmp_ratelimit;
836 table[5].data =
837 &net->ipv4.sysctl_icmp_ratemask;
838 table[6].data =
839 &net->ipv4.sysctl_rt_cache_rebuild_count;
840 }
841
842 net->ipv4.sysctl_rt_cache_rebuild_count = 4;
843
844 net->ipv4.ipv4_hdr = register_net_sysctl_table(net,
845 net_ipv4_ctl_path, table);
846 if (net->ipv4.ipv4_hdr == NULL)
847 goto err_reg;
848
849 return 0;
850
851err_reg:
852 if (net != &init_net)
853 kfree(table);
854err_alloc:
855 return -ENOMEM;
856}
857
858static __net_exit void ipv4_sysctl_exit_net(struct net *net)
859{
860 struct ctl_table *table;
861
862 table = net->ipv4.ipv4_hdr->ctl_table_arg;
863 unregister_net_sysctl_table(net->ipv4.ipv4_hdr);
864 kfree(table);
865}
866
867static __net_initdata struct pernet_operations ipv4_sysctl_ops = {
868 .init = ipv4_sysctl_init_net,
869 .exit = ipv4_sysctl_exit_net,
870};
871
872static __init int sysctl_ipv4_init(void)
873{
874 struct ctl_table_header *hdr;
875
876 hdr = register_sysctl_paths(net_ipv4_ctl_path, ipv4_table);
877 if (hdr == NULL)
878 return -ENOMEM;
879
880 if (register_pernet_subsys(&ipv4_sysctl_ops)) {
881 unregister_sysctl_table(hdr);
882 return -ENOMEM;
883 }
884
885 return 0;
886}
887
888__initcall(sysctl_ipv4_init);
889
