1
2
3
4
5
6
7
8
9#include <linux/mm.h>
10#include <linux/sysctl.h>
11#include <linux/in6.h>
12#include <linux/ipv6.h>
13#include <linux/slab.h>
14#include <linux/export.h>
15#include <net/ndisc.h>
16#include <net/ipv6.h>
17#include <net/addrconf.h>
18#include <net/inet_frag.h>
19#include <net/netevent.h>
20#ifdef CONFIG_NETLABEL
21#include <net/calipso.h>
22#endif
23
24static int zero;
25static int one = 1;
26static int auto_flowlabels_min;
27static int auto_flowlabels_max = IP6_AUTO_FLOW_LABEL_MAX;
28
29static int proc_rt6_multipath_hash_policy(struct ctl_table *table, int write,
30 void __user *buffer, size_t *lenp,
31 loff_t *ppos)
32{
33 struct net *net;
34 int ret;
35
36 net = container_of(table->data, struct net,
37 ipv6.sysctl.multipath_hash_policy);
38 ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
39 if (write && ret == 0)
40 call_netevent_notifiers(NETEVENT_IPV6_MPATH_HASH_UPDATE, net);
41
42 return ret;
43}
44
45static struct ctl_table ipv6_table_template[] = {
46 {
47 .procname = "bindv6only",
48 .data = &init_net.ipv6.sysctl.bindv6only,
49 .maxlen = sizeof(int),
50 .mode = 0644,
51 .proc_handler = proc_dointvec
52 },
53 {
54 .procname = "anycast_src_echo_reply",
55 .data = &init_net.ipv6.sysctl.anycast_src_echo_reply,
56 .maxlen = sizeof(int),
57 .mode = 0644,
58 .proc_handler = proc_dointvec
59 },
60 {
61 .procname = "flowlabel_consistency",
62 .data = &init_net.ipv6.sysctl.flowlabel_consistency,
63 .maxlen = sizeof(int),
64 .mode = 0644,
65 .proc_handler = proc_dointvec
66 },
67 {
68 .procname = "auto_flowlabels",
69 .data = &init_net.ipv6.sysctl.auto_flowlabels,
70 .maxlen = sizeof(int),
71 .mode = 0644,
72 .proc_handler = proc_dointvec_minmax,
73 .extra1 = &auto_flowlabels_min,
74 .extra2 = &auto_flowlabels_max
75 },
76 {
77 .procname = "fwmark_reflect",
78 .data = &init_net.ipv6.sysctl.fwmark_reflect,
79 .maxlen = sizeof(int),
80 .mode = 0644,
81 .proc_handler = proc_dointvec
82 },
83 {
84 .procname = "idgen_retries",
85 .data = &init_net.ipv6.sysctl.idgen_retries,
86 .maxlen = sizeof(int),
87 .mode = 0644,
88 .proc_handler = proc_dointvec,
89 },
90 {
91 .procname = "idgen_delay",
92 .data = &init_net.ipv6.sysctl.idgen_delay,
93 .maxlen = sizeof(int),
94 .mode = 0644,
95 .proc_handler = proc_dointvec_jiffies,
96 },
97 {
98 .procname = "flowlabel_state_ranges",
99 .data = &init_net.ipv6.sysctl.flowlabel_state_ranges,
100 .maxlen = sizeof(int),
101 .mode = 0644,
102 .proc_handler = proc_dointvec
103 },
104 {
105 .procname = "ip_nonlocal_bind",
106 .data = &init_net.ipv6.sysctl.ip_nonlocal_bind,
107 .maxlen = sizeof(int),
108 .mode = 0644,
109 .proc_handler = proc_dointvec
110 },
111 {
112 .procname = "flowlabel_reflect",
113 .data = &init_net.ipv6.sysctl.flowlabel_reflect,
114 .maxlen = sizeof(int),
115 .mode = 0644,
116 .proc_handler = proc_dointvec,
117 },
118 {
119 .procname = "max_dst_opts_number",
120 .data = &init_net.ipv6.sysctl.max_dst_opts_cnt,
121 .maxlen = sizeof(int),
122 .mode = 0644,
123 .proc_handler = proc_dointvec
124 },
125 {
126 .procname = "max_hbh_opts_number",
127 .data = &init_net.ipv6.sysctl.max_hbh_opts_cnt,
128 .maxlen = sizeof(int),
129 .mode = 0644,
130 .proc_handler = proc_dointvec
131 },
132 {
133 .procname = "max_dst_opts_length",
134 .data = &init_net.ipv6.sysctl.max_dst_opts_len,
135 .maxlen = sizeof(int),
136 .mode = 0644,
137 .proc_handler = proc_dointvec
138 },
139 {
140 .procname = "max_hbh_length",
141 .data = &init_net.ipv6.sysctl.max_hbh_opts_len,
142 .maxlen = sizeof(int),
143 .mode = 0644,
144 .proc_handler = proc_dointvec
145 },
146 {
147 .procname = "fib_multipath_hash_policy",
148 .data = &init_net.ipv6.sysctl.multipath_hash_policy,
149 .maxlen = sizeof(int),
150 .mode = 0644,
151 .proc_handler = proc_rt6_multipath_hash_policy,
152 .extra1 = &zero,
153 .extra2 = &one,
154 },
155 { }
156};
157
158static struct ctl_table ipv6_rotable[] = {
159 {
160 .procname = "mld_max_msf",
161 .data = &sysctl_mld_max_msf,
162 .maxlen = sizeof(int),
163 .mode = 0644,
164 .proc_handler = proc_dointvec
165 },
166 {
167 .procname = "mld_qrv",
168 .data = &sysctl_mld_qrv,
169 .maxlen = sizeof(int),
170 .mode = 0644,
171 .proc_handler = proc_dointvec_minmax,
172 .extra1 = &one
173 },
174#ifdef CONFIG_NETLABEL
175 {
176 .procname = "calipso_cache_enable",
177 .data = &calipso_cache_enabled,
178 .maxlen = sizeof(int),
179 .mode = 0644,
180 .proc_handler = proc_dointvec,
181 },
182 {
183 .procname = "calipso_cache_bucket_size",
184 .data = &calipso_cache_bucketsize,
185 .maxlen = sizeof(int),
186 .mode = 0644,
187 .proc_handler = proc_dointvec,
188 },
189#endif
190 { }
191};
192
193static int __net_init ipv6_sysctl_net_init(struct net *net)
194{
195 struct ctl_table *ipv6_table;
196 struct ctl_table *ipv6_route_table;
197 struct ctl_table *ipv6_icmp_table;
198 int err;
199
200 err = -ENOMEM;
201 ipv6_table = kmemdup(ipv6_table_template, sizeof(ipv6_table_template),
202 GFP_KERNEL);
203 if (!ipv6_table)
204 goto out;
205 ipv6_table[0].data = &net->ipv6.sysctl.bindv6only;
206 ipv6_table[1].data = &net->ipv6.sysctl.anycast_src_echo_reply;
207 ipv6_table[2].data = &net->ipv6.sysctl.flowlabel_consistency;
208 ipv6_table[3].data = &net->ipv6.sysctl.auto_flowlabels;
209 ipv6_table[4].data = &net->ipv6.sysctl.fwmark_reflect;
210 ipv6_table[5].data = &net->ipv6.sysctl.idgen_retries;
211 ipv6_table[6].data = &net->ipv6.sysctl.idgen_delay;
212 ipv6_table[7].data = &net->ipv6.sysctl.flowlabel_state_ranges;
213 ipv6_table[8].data = &net->ipv6.sysctl.ip_nonlocal_bind;
214 ipv6_table[9].data = &net->ipv6.sysctl.flowlabel_reflect;
215 ipv6_table[10].data = &net->ipv6.sysctl.max_dst_opts_cnt;
216 ipv6_table[11].data = &net->ipv6.sysctl.max_hbh_opts_cnt;
217 ipv6_table[12].data = &net->ipv6.sysctl.max_dst_opts_len;
218 ipv6_table[13].data = &net->ipv6.sysctl.max_hbh_opts_len;
219 ipv6_table[14].data = &net->ipv6.sysctl.multipath_hash_policy,
220
221 ipv6_route_table = ipv6_route_sysctl_init(net);
222 if (!ipv6_route_table)
223 goto out_ipv6_table;
224
225 ipv6_icmp_table = ipv6_icmp_sysctl_init(net);
226 if (!ipv6_icmp_table)
227 goto out_ipv6_route_table;
228
229 net->ipv6.sysctl.hdr = register_net_sysctl(net, "net/ipv6", ipv6_table);
230 if (!net->ipv6.sysctl.hdr)
231 goto out_ipv6_icmp_table;
232
233 net->ipv6.sysctl.route_hdr =
234 register_net_sysctl(net, "net/ipv6/route", ipv6_route_table);
235 if (!net->ipv6.sysctl.route_hdr)
236 goto out_unregister_ipv6_table;
237
238 net->ipv6.sysctl.icmp_hdr =
239 register_net_sysctl(net, "net/ipv6/icmp", ipv6_icmp_table);
240 if (!net->ipv6.sysctl.icmp_hdr)
241 goto out_unregister_route_table;
242
243 err = 0;
244out:
245 return err;
246out_unregister_route_table:
247 unregister_net_sysctl_table(net->ipv6.sysctl.route_hdr);
248out_unregister_ipv6_table:
249 unregister_net_sysctl_table(net->ipv6.sysctl.hdr);
250out_ipv6_icmp_table:
251 kfree(ipv6_icmp_table);
252out_ipv6_route_table:
253 kfree(ipv6_route_table);
254out_ipv6_table:
255 kfree(ipv6_table);
256 goto out;
257}
258
259static void __net_exit ipv6_sysctl_net_exit(struct net *net)
260{
261 struct ctl_table *ipv6_table;
262 struct ctl_table *ipv6_route_table;
263 struct ctl_table *ipv6_icmp_table;
264
265 ipv6_table = net->ipv6.sysctl.hdr->ctl_table_arg;
266 ipv6_route_table = net->ipv6.sysctl.route_hdr->ctl_table_arg;
267 ipv6_icmp_table = net->ipv6.sysctl.icmp_hdr->ctl_table_arg;
268
269 unregister_net_sysctl_table(net->ipv6.sysctl.icmp_hdr);
270 unregister_net_sysctl_table(net->ipv6.sysctl.route_hdr);
271 unregister_net_sysctl_table(net->ipv6.sysctl.hdr);
272
273 kfree(ipv6_table);
274 kfree(ipv6_route_table);
275 kfree(ipv6_icmp_table);
276}
277
278static struct pernet_operations ipv6_sysctl_net_ops = {
279 .init = ipv6_sysctl_net_init,
280 .exit = ipv6_sysctl_net_exit,
281};
282
283static struct ctl_table_header *ip6_header;
284
285int ipv6_sysctl_register(void)
286{
287 int err = -ENOMEM;
288
289 ip6_header = register_net_sysctl(&init_net, "net/ipv6", ipv6_rotable);
290 if (!ip6_header)
291 goto out;
292
293 err = register_pernet_subsys(&ipv6_sysctl_net_ops);
294 if (err)
295 goto err_pernet;
296out:
297 return err;
298
299err_pernet:
300 unregister_net_sysctl_table(ip6_header);
301 goto out;
302}
303
304void ipv6_sysctl_unregister(void)
305{
306 unregister_net_sysctl_table(ip6_header);
307 unregister_pernet_subsys(&ipv6_sysctl_net_ops);
308}
309
