1b2441318SGreg Kroah-Hartman // SPDX-License-Identifier: GPL-2.0
21da177e4SLinus Torvalds /*
31da177e4SLinus Torvalds * sysctl_net_ipv4.c: sysctl interface to net IPV4 subsystem.
41da177e4SLinus Torvalds *
51da177e4SLinus Torvalds * Begun April 1, 1996, Mike Shaver.
61da177e4SLinus Torvalds * Added /proc/sys/net/ipv4 directory entry (empty =) ). [MS]
71da177e4SLinus Torvalds */
81da177e4SLinus Torvalds
91da177e4SLinus Torvalds #include <linux/sysctl.h>
10227b60f5SStephen Hemminger #include <linux/seqlock.h>
113e37c3f9SPavel Emelyanov #include <linux/init.h>
125a0e3ad6STejun Heo #include <linux/slab.h>
1320380731SArnaldo Carvalho de Melo #include <net/icmp.h>
141da177e4SLinus Torvalds #include <net/ip.h>
15ce5c9c20SIdo Schimmel #include <net/ip_fib.h>
161da177e4SLinus Torvalds #include <net/tcp.h>
1795766fffSHideo Aoki #include <net/udp.h>
18446fda4fSPaul Moore #include <net/cipso_ipv4.h>
19c319b4d7SVasiliy Kulikov #include <net/ping.h>
20dddb64bcSsubashab@codeaurora.org #include <net/protocol.h>
213ae6ec08SIdo Schimmel #include <net/netevent.h>
221da177e4SLinus Torvalds
231da177e4SLinus Torvalds static int tcp_retr1_max = 255;
241da177e4SLinus Torvalds static int ip_local_port_range_min[] = { 1, 1 };
251da177e4SLinus Torvalds static int ip_local_port_range_max[] = { 65535, 65535 };
260147fc05SAlexey Dobriyan static int tcp_adv_win_scale_min = -31;
270147fc05SAlexey Dobriyan static int tcp_adv_win_scale_max = 31;
28dc5110c2SYueHaibing static int tcp_app_win_max = 31;
295f3e2bf0SEric Dumazet static int tcp_min_snd_mss_min = TCP_MIN_SND_MSS;
305f3e2bf0SEric Dumazet static int tcp_min_snd_mss_max = 65535;
314548b683SKrister Johansen static int ip_privileged_port_min;
324548b683SKrister Johansen static int ip_privileged_port_max = 65535;
33249fab77SEric Dumazet static int ip_ttl_min = 1;
34249fab77SEric Dumazet static int ip_ttl_max = 255;
35651e9271SMichal Tesar static int tcp_syn_retries_min = 1;
36651e9271SMichal Tesar static int tcp_syn_retries_max = MAX_TCP_SYNCNT;
37ccce324dSDavid Morley static int tcp_syn_linear_timeouts_max = MAX_TCP_SYNCNT;
38e209fee4SAkihiro Suda static unsigned long ip_ping_group_range_min[] = { 0, 0 };
39e209fee4SAkihiro Suda static unsigned long ip_ping_group_range_max[] = { GID_T_MAX, GID_T_MAX };
40d4ce5808SMaciej Żenczykowski static u32 u32_max_div_HZ = UINT_MAX / HZ;
4119fad20dSZhangXiaoxu static int one_day_secs = 24 * 3600;
42ce5c9c20SIdo Schimmel static u32 fib_multipath_hash_fields_all_mask __maybe_unused =
43ce5c9c20SIdo Schimmel FIB_MULTIPATH_HASH_FIELD_ALL_MASK;
44d1e5e640SKuniyuki Iwashima static unsigned int tcp_child_ehash_entries_max = 16 * 1024 * 1024;
459804985bSKuniyuki Iwashima static unsigned int udp_child_hash_entries_max = UDP_HTABLE_SIZE_MAX;
46bd456f28SMubashir Adnan Qureshi static int tcp_plb_max_rounds = 31;
47bd456f28SMubashir Adnan Qureshi static int tcp_plb_max_cong_thresh = 256;
481da177e4SLinus Torvalds
49b6690b14SFlorian Westphal /* obsolete */
50b6690b14SFlorian Westphal static int sysctl_tcp_low_latency __read_mostly;
51b6690b14SFlorian Westphal
52227b60f5SStephen Hemminger /* Update system visible IP port range */
set_local_port_range(struct net * net,int range[2])530bbf87d8SEric W. Biederman static void set_local_port_range(struct net *net, int range[2])
54227b60f5SStephen Hemminger {
55ed2dfd90SEric Dumazet bool same_parity = !((range[0] ^ range[1]) & 1);
56ed2dfd90SEric Dumazet
574ee3bd4aSWANG Cong write_seqlock_bh(&net->ipv4.ip_local_ports.lock);
58ed2dfd90SEric Dumazet if (same_parity && !net->ipv4.ip_local_ports.warned) {
59ed2dfd90SEric Dumazet net->ipv4.ip_local_ports.warned = true;
60ed2dfd90SEric Dumazet pr_err_ratelimited("ip_local_port_range: prefer different parity for start/end values.\n");
61ed2dfd90SEric Dumazet }
62c9d8f1a6SCong Wang net->ipv4.ip_local_ports.range[0] = range[0];
63c9d8f1a6SCong Wang net->ipv4.ip_local_ports.range[1] = range[1];
644ee3bd4aSWANG Cong write_sequnlock_bh(&net->ipv4.ip_local_ports.lock);
65227b60f5SStephen Hemminger }
66227b60f5SStephen Hemminger
67227b60f5SStephen Hemminger /* Validate changes from /proc interface. */
ipv4_local_port_range(struct ctl_table * table,int write,void * buffer,size_t * lenp,loff_t * ppos)68fe2c6338SJoe Perches static int ipv4_local_port_range(struct ctl_table *table, int write,
6932927393SChristoph Hellwig void *buffer, size_t *lenp, loff_t *ppos)
70227b60f5SStephen Hemminger {
710bbf87d8SEric W. Biederman struct net *net =
72c9d8f1a6SCong Wang container_of(table->data, struct net, ipv4.ip_local_ports.range);
73227b60f5SStephen Hemminger int ret;
743c689b73SEric Dumazet int range[2];
75fe2c6338SJoe Perches struct ctl_table tmp = {
76227b60f5SStephen Hemminger .data = &range,
77227b60f5SStephen Hemminger .maxlen = sizeof(range),
78227b60f5SStephen Hemminger .mode = table->mode,
79227b60f5SStephen Hemminger .extra1 = &ip_local_port_range_min,
80227b60f5SStephen Hemminger .extra2 = &ip_local_port_range_max,
81227b60f5SStephen Hemminger };
82227b60f5SStephen Hemminger
830bbf87d8SEric W. Biederman inet_get_local_port_range(net, &range[0], &range[1]);
840bbf87d8SEric W. Biederman
858d65af78SAlexey Dobriyan ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
86227b60f5SStephen Hemminger
87227b60f5SStephen Hemminger if (write && ret == 0) {
884548b683SKrister Johansen /* Ensure that the upper limit is not smaller than the lower,
894548b683SKrister Johansen * and that the lower does not encroach upon the privileged
904548b683SKrister Johansen * port limit.
914548b683SKrister Johansen */
924548b683SKrister Johansen if ((range[1] < range[0]) ||
939b55c20fSKuniyuki Iwashima (range[0] < READ_ONCE(net->ipv4.sysctl_ip_prot_sock)))
94227b60f5SStephen Hemminger ret = -EINVAL;
95227b60f5SStephen Hemminger else
960bbf87d8SEric W. Biederman set_local_port_range(net, range);
97227b60f5SStephen Hemminger }
98227b60f5SStephen Hemminger
99227b60f5SStephen Hemminger return ret;
100227b60f5SStephen Hemminger }
101227b60f5SStephen Hemminger
1024548b683SKrister Johansen /* Validate changes from /proc interface. */
ipv4_privileged_ports(struct ctl_table * table,int write,void * buffer,size_t * lenp,loff_t * ppos)1034548b683SKrister Johansen static int ipv4_privileged_ports(struct ctl_table *table, int write,
10432927393SChristoph Hellwig void *buffer, size_t *lenp, loff_t *ppos)
1054548b683SKrister Johansen {
1064548b683SKrister Johansen struct net *net = container_of(table->data, struct net,
1074548b683SKrister Johansen ipv4.sysctl_ip_prot_sock);
1084548b683SKrister Johansen int ret;
1094548b683SKrister Johansen int pports;
1104548b683SKrister Johansen int range[2];
1114548b683SKrister Johansen struct ctl_table tmp = {
1124548b683SKrister Johansen .data = &pports,
1134548b683SKrister Johansen .maxlen = sizeof(pports),
1144548b683SKrister Johansen .mode = table->mode,
1154548b683SKrister Johansen .extra1 = &ip_privileged_port_min,
1164548b683SKrister Johansen .extra2 = &ip_privileged_port_max,
1174548b683SKrister Johansen };
1184548b683SKrister Johansen
1199b55c20fSKuniyuki Iwashima pports = READ_ONCE(net->ipv4.sysctl_ip_prot_sock);
1204548b683SKrister Johansen
1214548b683SKrister Johansen ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
1224548b683SKrister Johansen
1234548b683SKrister Johansen if (write && ret == 0) {
1244548b683SKrister Johansen inet_get_local_port_range(net, &range[0], &range[1]);
1254548b683SKrister Johansen /* Ensure that the local port range doesn't overlap with the
1264548b683SKrister Johansen * privileged port range.
1274548b683SKrister Johansen */
1284548b683SKrister Johansen if (range[0] < pports)
1294548b683SKrister Johansen ret = -EINVAL;
1304548b683SKrister Johansen else
1319b55c20fSKuniyuki Iwashima WRITE_ONCE(net->ipv4.sysctl_ip_prot_sock, pports);
1324548b683SKrister Johansen }
1334548b683SKrister Johansen
1344548b683SKrister Johansen return ret;
1354548b683SKrister Johansen }
136c319b4d7SVasiliy Kulikov
inet_get_ping_group_range_table(struct ctl_table * table,kgid_t * low,kgid_t * high)1377064d16eSEric W. Biederman static void inet_get_ping_group_range_table(struct ctl_table *table, kgid_t *low, kgid_t *high)
138c319b4d7SVasiliy Kulikov {
1397064d16eSEric W. Biederman kgid_t *data = table->data;
1400bbf87d8SEric W. Biederman struct net *net =
141ba6b918aSCong Wang container_of(table->data, struct net, ipv4.ping_group_range.range);
14295c96174SEric Dumazet unsigned int seq;
143c319b4d7SVasiliy Kulikov do {
144396a30ccSWANG Cong seq = read_seqbegin(&net->ipv4.ping_group_range.lock);
145c319b4d7SVasiliy Kulikov
146c319b4d7SVasiliy Kulikov *low = data[0];
147c319b4d7SVasiliy Kulikov *high = data[1];
148396a30ccSWANG Cong } while (read_seqretry(&net->ipv4.ping_group_range.lock, seq));
149c319b4d7SVasiliy Kulikov }
150c319b4d7SVasiliy Kulikov
151c319b4d7SVasiliy Kulikov /* Update system visible IP port range */
set_ping_group_range(struct ctl_table * table,kgid_t low,kgid_t high)1527064d16eSEric W. Biederman static void set_ping_group_range(struct ctl_table *table, kgid_t low, kgid_t high)
153c319b4d7SVasiliy Kulikov {
1547064d16eSEric W. Biederman kgid_t *data = table->data;
1550bbf87d8SEric W. Biederman struct net *net =
156ba6b918aSCong Wang container_of(table->data, struct net, ipv4.ping_group_range.range);
157396a30ccSWANG Cong write_seqlock(&net->ipv4.ping_group_range.lock);
1587064d16eSEric W. Biederman data[0] = low;
1597064d16eSEric W. Biederman data[1] = high;
160396a30ccSWANG Cong write_sequnlock(&net->ipv4.ping_group_range.lock);
161c319b4d7SVasiliy Kulikov }
162c319b4d7SVasiliy Kulikov
163c319b4d7SVasiliy Kulikov /* Validate changes from /proc interface. */
ipv4_ping_group_range(struct ctl_table * table,int write,void * buffer,size_t * lenp,loff_t * ppos)164fe2c6338SJoe Perches static int ipv4_ping_group_range(struct ctl_table *table, int write,
16532927393SChristoph Hellwig void *buffer, size_t *lenp, loff_t *ppos)
166c319b4d7SVasiliy Kulikov {
1677064d16eSEric W. Biederman struct user_namespace *user_ns = current_user_ns();
168c319b4d7SVasiliy Kulikov int ret;
169e209fee4SAkihiro Suda unsigned long urange[2];
1707064d16eSEric W. Biederman kgid_t low, high;
171fe2c6338SJoe Perches struct ctl_table tmp = {
1727064d16eSEric W. Biederman .data = &urange,
1737064d16eSEric W. Biederman .maxlen = sizeof(urange),
174c319b4d7SVasiliy Kulikov .mode = table->mode,
175c319b4d7SVasiliy Kulikov .extra1 = &ip_ping_group_range_min,
176c319b4d7SVasiliy Kulikov .extra2 = &ip_ping_group_range_max,
177c319b4d7SVasiliy Kulikov };
178c319b4d7SVasiliy Kulikov
1797064d16eSEric W. Biederman inet_get_ping_group_range_table(table, &low, &high);
1807064d16eSEric W. Biederman urange[0] = from_kgid_munged(user_ns, low);
1817064d16eSEric W. Biederman urange[1] = from_kgid_munged(user_ns, high);
182e209fee4SAkihiro Suda ret = proc_doulongvec_minmax(&tmp, write, buffer, lenp, ppos);
183c319b4d7SVasiliy Kulikov
1847064d16eSEric W. Biederman if (write && ret == 0) {
1857064d16eSEric W. Biederman low = make_kgid(user_ns, urange[0]);
1867064d16eSEric W. Biederman high = make_kgid(user_ns, urange[1]);
18770ba5b6dSTyler Hicks if (!gid_valid(low) || !gid_valid(high))
18870ba5b6dSTyler Hicks return -EINVAL;
18970ba5b6dSTyler Hicks if (urange[1] < urange[0] || gid_lt(high, low)) {
1907064d16eSEric W. Biederman low = make_kgid(&init_user_ns, 1);
1917064d16eSEric W. Biederman high = make_kgid(&init_user_ns, 0);
1927064d16eSEric W. Biederman }
1937064d16eSEric W. Biederman set_ping_group_range(table, low, high);
1947064d16eSEric W. Biederman }
195c319b4d7SVasiliy Kulikov
196c319b4d7SVasiliy Kulikov return ret;
197c319b4d7SVasiliy Kulikov }
198c319b4d7SVasiliy Kulikov
ipv4_fwd_update_priority(struct ctl_table * table,int write,void * buffer,size_t * lenp,loff_t * ppos)199d18c5d19SPetr Machata static int ipv4_fwd_update_priority(struct ctl_table *table, int write,
20032927393SChristoph Hellwig void *buffer, size_t *lenp, loff_t *ppos)
201d18c5d19SPetr Machata {
202d18c5d19SPetr Machata struct net *net;
203d18c5d19SPetr Machata int ret;
204d18c5d19SPetr Machata
205d18c5d19SPetr Machata net = container_of(table->data, struct net,
206d18c5d19SPetr Machata ipv4.sysctl_ip_fwd_update_priority);
2071c69dedcSEric Dumazet ret = proc_dou8vec_minmax(table, write, buffer, lenp, ppos);
208d18c5d19SPetr Machata if (write && ret == 0)
209d18c5d19SPetr Machata call_netevent_notifiers(NETEVENT_IPV4_FWD_UPDATE_PRIORITY_UPDATE,
210d18c5d19SPetr Machata net);
211d18c5d19SPetr Machata
212d18c5d19SPetr Machata return ret;
213d18c5d19SPetr Machata }
214d18c5d19SPetr Machata
proc_tcp_congestion_control(struct ctl_table * ctl,int write,void * buffer,size_t * lenp,loff_t * ppos)215fe2c6338SJoe Perches static int proc_tcp_congestion_control(struct ctl_table *ctl, int write,
21632927393SChristoph Hellwig void *buffer, size_t *lenp, loff_t *ppos)
217317a76f9SStephen Hemminger {
2186670e152SStephen Hemminger struct net *net = container_of(ctl->data, struct net,
2196670e152SStephen Hemminger ipv4.tcp_congestion_control);
220317a76f9SStephen Hemminger char val[TCP_CA_NAME_MAX];
221fe2c6338SJoe Perches struct ctl_table tbl = {
222317a76f9SStephen Hemminger .data = val,
223317a76f9SStephen Hemminger .maxlen = TCP_CA_NAME_MAX,
224317a76f9SStephen Hemminger };
225317a76f9SStephen Hemminger int ret;
226317a76f9SStephen Hemminger
2276670e152SStephen Hemminger tcp_get_default_congestion_control(net, val);
228317a76f9SStephen Hemminger
2298d65af78SAlexey Dobriyan ret = proc_dostring(&tbl, write, buffer, lenp, ppos);
230317a76f9SStephen Hemminger if (write && ret == 0)
2316670e152SStephen Hemminger ret = tcp_set_default_congestion_control(net, val);
232317a76f9SStephen Hemminger return ret;
233317a76f9SStephen Hemminger }
234317a76f9SStephen Hemminger
proc_tcp_available_congestion_control(struct ctl_table * ctl,int write,void * buffer,size_t * lenp,loff_t * ppos)235fe2c6338SJoe Perches static int proc_tcp_available_congestion_control(struct ctl_table *ctl,
23632927393SChristoph Hellwig int write, void *buffer,
23732927393SChristoph Hellwig size_t *lenp, loff_t *ppos)
2383ff825b2SStephen Hemminger {
239fe2c6338SJoe Perches struct ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX, };
2403ff825b2SStephen Hemminger int ret;
2413ff825b2SStephen Hemminger
2423ff825b2SStephen Hemminger tbl.data = kmalloc(tbl.maxlen, GFP_USER);
2433ff825b2SStephen Hemminger if (!tbl.data)
2443ff825b2SStephen Hemminger return -ENOMEM;
2453ff825b2SStephen Hemminger tcp_get_available_congestion_control(tbl.data, TCP_CA_BUF_MAX);
2468d65af78SAlexey Dobriyan ret = proc_dostring(&tbl, write, buffer, lenp, ppos);
2473ff825b2SStephen Hemminger kfree(tbl.data);
2483ff825b2SStephen Hemminger return ret;
2493ff825b2SStephen Hemminger }
2503ff825b2SStephen Hemminger
proc_allowed_congestion_control(struct ctl_table * ctl,int write,void * buffer,size_t * lenp,loff_t * ppos)251fe2c6338SJoe Perches static int proc_allowed_congestion_control(struct ctl_table *ctl,
25232927393SChristoph Hellwig int write, void *buffer,
25332927393SChristoph Hellwig size_t *lenp, loff_t *ppos)
254ce7bc3bfSStephen Hemminger {
255fe2c6338SJoe Perches struct ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX };
256ce7bc3bfSStephen Hemminger int ret;
257ce7bc3bfSStephen Hemminger
258ce7bc3bfSStephen Hemminger tbl.data = kmalloc(tbl.maxlen, GFP_USER);
259ce7bc3bfSStephen Hemminger if (!tbl.data)
260ce7bc3bfSStephen Hemminger return -ENOMEM;
261ce7bc3bfSStephen Hemminger
262ce7bc3bfSStephen Hemminger tcp_get_allowed_congestion_control(tbl.data, tbl.maxlen);
2638d65af78SAlexey Dobriyan ret = proc_dostring(&tbl, write, buffer, lenp, ppos);
264ce7bc3bfSStephen Hemminger if (write && ret == 0)
265ce7bc3bfSStephen Hemminger ret = tcp_set_allowed_congestion_control(tbl.data);
266ce7bc3bfSStephen Hemminger kfree(tbl.data);
267ce7bc3bfSStephen Hemminger return ret;
268ce7bc3bfSStephen Hemminger }
269ce7bc3bfSStephen Hemminger
sscanf_key(char * buf,__le32 * key)270aa1236cdSJason Baron static int sscanf_key(char *buf, __le32 *key)
271aa1236cdSJason Baron {
272aa1236cdSJason Baron u32 user_key[4];
273aa1236cdSJason Baron int i, ret = 0;
274aa1236cdSJason Baron
275aa1236cdSJason Baron if (sscanf(buf, "%x-%x-%x-%x", user_key, user_key + 1,
276aa1236cdSJason Baron user_key + 2, user_key + 3) != 4) {
277aa1236cdSJason Baron ret = -EINVAL;
278aa1236cdSJason Baron } else {
279aa1236cdSJason Baron for (i = 0; i < ARRAY_SIZE(user_key); i++)
280aa1236cdSJason Baron key[i] = cpu_to_le32(user_key[i]);
281aa1236cdSJason Baron }
282aa1236cdSJason Baron pr_debug("proc TFO key set 0x%x-%x-%x-%x <- 0x%s: %u\n",
283aa1236cdSJason Baron user_key[0], user_key[1], user_key[2], user_key[3], buf, ret);
284aa1236cdSJason Baron
285aa1236cdSJason Baron return ret;
286aa1236cdSJason Baron }
287aa1236cdSJason Baron
proc_tcp_fastopen_key(struct ctl_table * table,int write,void * buffer,size_t * lenp,loff_t * ppos)28843713848SHaishuang Yan static int proc_tcp_fastopen_key(struct ctl_table *table, int write,
28932927393SChristoph Hellwig void *buffer, size_t *lenp, loff_t *ppos)
29010467163SJerry Chu {
29143713848SHaishuang Yan struct net *net = container_of(table->data, struct net,
29243713848SHaishuang Yan ipv4.sysctl_tcp_fastopen);
293aa1236cdSJason Baron /* maxlen to print the list of keys in hex (*2), with dashes
294aa1236cdSJason Baron * separating doublewords and a comma in between keys.
295aa1236cdSJason Baron */
296aa1236cdSJason Baron struct ctl_table tbl = { .maxlen = ((TCP_FASTOPEN_KEY_LENGTH *
297aa1236cdSJason Baron 2 * TCP_FASTOPEN_KEY_MAX) +
298aa1236cdSJason Baron (TCP_FASTOPEN_KEY_MAX * 5)) };
299f19008e6SJason Baron u32 user_key[TCP_FASTOPEN_KEY_BUF_LENGTH / sizeof(u32)];
300f19008e6SJason Baron __le32 key[TCP_FASTOPEN_KEY_BUF_LENGTH / sizeof(__le32)];
301aa1236cdSJason Baron char *backup_data;
302f19008e6SJason Baron int ret, i = 0, off = 0, n_keys;
30310467163SJerry Chu
30410467163SJerry Chu tbl.data = kmalloc(tbl.maxlen, GFP_KERNEL);
30510467163SJerry Chu if (!tbl.data)
30610467163SJerry Chu return -ENOMEM;
30710467163SJerry Chu
308f19008e6SJason Baron n_keys = tcp_fastopen_get_cipher(net, NULL, (u64 *)key);
309aa1236cdSJason Baron if (!n_keys) {
310aa1236cdSJason Baron memset(&key[0], 0, TCP_FASTOPEN_KEY_LENGTH);
311aa1236cdSJason Baron n_keys = 1;
312aa1236cdSJason Baron }
313aa1236cdSJason Baron
314aa1236cdSJason Baron for (i = 0; i < n_keys * 4; i++)
315c860e997SYuchung Cheng user_key[i] = le32_to_cpu(key[i]);
316c860e997SYuchung Cheng
317aa1236cdSJason Baron for (i = 0; i < n_keys; i++) {
318aa1236cdSJason Baron off += snprintf(tbl.data + off, tbl.maxlen - off,
319aa1236cdSJason Baron "%08x-%08x-%08x-%08x",
320aa1236cdSJason Baron user_key[i * 4],
321aa1236cdSJason Baron user_key[i * 4 + 1],
322aa1236cdSJason Baron user_key[i * 4 + 2],
323aa1236cdSJason Baron user_key[i * 4 + 3]);
3249bb59a21SHangbin Liu
3259bb59a21SHangbin Liu if (WARN_ON_ONCE(off >= tbl.maxlen - 1))
3269bb59a21SHangbin Liu break;
3279bb59a21SHangbin Liu
328aa1236cdSJason Baron if (i + 1 < n_keys)
329aa1236cdSJason Baron off += snprintf(tbl.data + off, tbl.maxlen - off, ",");
330aa1236cdSJason Baron }
331aa1236cdSJason Baron
33210467163SJerry Chu ret = proc_dostring(&tbl, write, buffer, lenp, ppos);
33310467163SJerry Chu
33410467163SJerry Chu if (write && ret == 0) {
335aa1236cdSJason Baron backup_data = strchr(tbl.data, ',');
336aa1236cdSJason Baron if (backup_data) {
337aa1236cdSJason Baron *backup_data = '\0';
338aa1236cdSJason Baron backup_data++;
339aa1236cdSJason Baron }
340aa1236cdSJason Baron if (sscanf_key(tbl.data, key)) {
34110467163SJerry Chu ret = -EINVAL;
34210467163SJerry Chu goto bad_key;
34310467163SJerry Chu }
344aa1236cdSJason Baron if (backup_data) {
345aa1236cdSJason Baron if (sscanf_key(backup_data, key + 4)) {
346aa1236cdSJason Baron ret = -EINVAL;
347aa1236cdSJason Baron goto bad_key;
348aa1236cdSJason Baron }
349aa1236cdSJason Baron }
350aa1236cdSJason Baron tcp_fastopen_reset_cipher(net, NULL, key,
351438ac880SArd Biesheuvel backup_data ? key + 4 : NULL);
35210467163SJerry Chu }
35310467163SJerry Chu
35410467163SJerry Chu bad_key:
35510467163SJerry Chu kfree(tbl.data);
35610467163SJerry Chu return ret;
35710467163SJerry Chu }
35810467163SJerry Chu
proc_tfo_blackhole_detect_timeout(struct ctl_table * table,int write,void * buffer,size_t * lenp,loff_t * ppos)359cf1ef3f0SWei Wang static int proc_tfo_blackhole_detect_timeout(struct ctl_table *table,
36032927393SChristoph Hellwig int write, void *buffer,
361cf1ef3f0SWei Wang size_t *lenp, loff_t *ppos)
362cf1ef3f0SWei Wang {
3633733be14SHaishuang Yan struct net *net = container_of(table->data, struct net,
3643733be14SHaishuang Yan ipv4.sysctl_tcp_fastopen_blackhole_timeout);
365cf1ef3f0SWei Wang int ret;
366cf1ef3f0SWei Wang
367cf1ef3f0SWei Wang ret = proc_dointvec_minmax(table, write, buffer, lenp, ppos);
368cf1ef3f0SWei Wang if (write && ret == 0)
3693733be14SHaishuang Yan atomic_set(&net->ipv4.tfo_active_disable_times, 0);
370734942ccSDave Watson
371734942ccSDave Watson return ret;
372734942ccSDave Watson }
373734942ccSDave Watson
proc_tcp_available_ulp(struct ctl_table * ctl,int write,void * buffer,size_t * lenp,loff_t * ppos)374734942ccSDave Watson static int proc_tcp_available_ulp(struct ctl_table *ctl,
37532927393SChristoph Hellwig int write, void *buffer, size_t *lenp,
376734942ccSDave Watson loff_t *ppos)
377734942ccSDave Watson {
378734942ccSDave Watson struct ctl_table tbl = { .maxlen = TCP_ULP_BUF_MAX, };
379734942ccSDave Watson int ret;
380734942ccSDave Watson
381734942ccSDave Watson tbl.data = kmalloc(tbl.maxlen, GFP_USER);
382734942ccSDave Watson if (!tbl.data)
383734942ccSDave Watson return -ENOMEM;
384734942ccSDave Watson tcp_get_available_ulp(tbl.data, TCP_ULP_BUF_MAX);
385734942ccSDave Watson ret = proc_dostring(&tbl, write, buffer, lenp, ppos);
386734942ccSDave Watson kfree(tbl.data);
387734942ccSDave Watson
388cf1ef3f0SWei Wang return ret;
389cf1ef3f0SWei Wang }
390cf1ef3f0SWei Wang
proc_tcp_ehash_entries(struct ctl_table * table,int write,void * buffer,size_t * lenp,loff_t * ppos)391d1e5e640SKuniyuki Iwashima static int proc_tcp_ehash_entries(struct ctl_table *table, int write,
392d1e5e640SKuniyuki Iwashima void *buffer, size_t *lenp, loff_t *ppos)
393d1e5e640SKuniyuki Iwashima {
394d1e5e640SKuniyuki Iwashima struct net *net = container_of(table->data, struct net,
395d1e5e640SKuniyuki Iwashima ipv4.sysctl_tcp_child_ehash_entries);
396d1e5e640SKuniyuki Iwashima struct inet_hashinfo *hinfo = net->ipv4.tcp_death_row.hashinfo;
397d1e5e640SKuniyuki Iwashima int tcp_ehash_entries;
398d1e5e640SKuniyuki Iwashima struct ctl_table tbl;
399d1e5e640SKuniyuki Iwashima
400d1e5e640SKuniyuki Iwashima tcp_ehash_entries = hinfo->ehash_mask + 1;
401d1e5e640SKuniyuki Iwashima
402d1e5e640SKuniyuki Iwashima /* A negative number indicates that the child netns
403d1e5e640SKuniyuki Iwashima * shares the global ehash.
404d1e5e640SKuniyuki Iwashima */
405d1e5e640SKuniyuki Iwashima if (!net_eq(net, &init_net) && !hinfo->pernet)
406d1e5e640SKuniyuki Iwashima tcp_ehash_entries *= -1;
407d1e5e640SKuniyuki Iwashima
4089804985bSKuniyuki Iwashima memset(&tbl, 0, sizeof(tbl));
409d1e5e640SKuniyuki Iwashima tbl.data = &tcp_ehash_entries;
410d1e5e640SKuniyuki Iwashima tbl.maxlen = sizeof(int);
411d1e5e640SKuniyuki Iwashima
412d1e5e640SKuniyuki Iwashima return proc_dointvec(&tbl, write, buffer, lenp, ppos);
413d1e5e640SKuniyuki Iwashima }
414d1e5e640SKuniyuki Iwashima
proc_udp_hash_entries(struct ctl_table * table,int write,void * buffer,size_t * lenp,loff_t * ppos)4159804985bSKuniyuki Iwashima static int proc_udp_hash_entries(struct ctl_table *table, int write,
4169804985bSKuniyuki Iwashima void *buffer, size_t *lenp, loff_t *ppos)
4179804985bSKuniyuki Iwashima {
4189804985bSKuniyuki Iwashima struct net *net = container_of(table->data, struct net,
4199804985bSKuniyuki Iwashima ipv4.sysctl_udp_child_hash_entries);
4209804985bSKuniyuki Iwashima int udp_hash_entries;
4219804985bSKuniyuki Iwashima struct ctl_table tbl;
4229804985bSKuniyuki Iwashima
4239804985bSKuniyuki Iwashima udp_hash_entries = net->ipv4.udp_table->mask + 1;
4249804985bSKuniyuki Iwashima
4259804985bSKuniyuki Iwashima /* A negative number indicates that the child netns
4269804985bSKuniyuki Iwashima * shares the global udp_table.
4279804985bSKuniyuki Iwashima */
4289804985bSKuniyuki Iwashima if (!net_eq(net, &init_net) && net->ipv4.udp_table == &udp_table)
4299804985bSKuniyuki Iwashima udp_hash_entries *= -1;
4309804985bSKuniyuki Iwashima
4319804985bSKuniyuki Iwashima memset(&tbl, 0, sizeof(tbl));
4329804985bSKuniyuki Iwashima tbl.data = &udp_hash_entries;
4339804985bSKuniyuki Iwashima tbl.maxlen = sizeof(int);
4349804985bSKuniyuki Iwashima
4359804985bSKuniyuki Iwashima return proc_dointvec(&tbl, write, buffer, lenp, ppos);
4369804985bSKuniyuki Iwashima }
4379804985bSKuniyuki Iwashima
4383ae6ec08SIdo Schimmel #ifdef CONFIG_IP_ROUTE_MULTIPATH
proc_fib_multipath_hash_policy(struct ctl_table * table,int write,void * buffer,size_t * lenp,loff_t * ppos)4393ae6ec08SIdo Schimmel static int proc_fib_multipath_hash_policy(struct ctl_table *table, int write,
44032927393SChristoph Hellwig void *buffer, size_t *lenp,
4413ae6ec08SIdo Schimmel loff_t *ppos)
4423ae6ec08SIdo Schimmel {
4433ae6ec08SIdo Schimmel struct net *net = container_of(table->data, struct net,
4443ae6ec08SIdo Schimmel ipv4.sysctl_fib_multipath_hash_policy);
4453ae6ec08SIdo Schimmel int ret;
4463ae6ec08SIdo Schimmel
447be205fe6SEric Dumazet ret = proc_dou8vec_minmax(table, write, buffer, lenp, ppos);
4483ae6ec08SIdo Schimmel if (write && ret == 0)
4493192dac6SDavid Ahern call_netevent_notifiers(NETEVENT_IPV4_MPATH_HASH_UPDATE, net);
4503ae6ec08SIdo Schimmel
4513ae6ec08SIdo Schimmel return ret;
4523ae6ec08SIdo Schimmel }
453eb0e4d59SIdo Schimmel
proc_fib_multipath_hash_fields(struct ctl_table * table,int write,void * buffer,size_t * lenp,loff_t * ppos)454eb0e4d59SIdo Schimmel static int proc_fib_multipath_hash_fields(struct ctl_table *table, int write,
455eb0e4d59SIdo Schimmel void *buffer, size_t *lenp,
456eb0e4d59SIdo Schimmel loff_t *ppos)
457eb0e4d59SIdo Schimmel {
458eb0e4d59SIdo Schimmel struct net *net;
459eb0e4d59SIdo Schimmel int ret;
460eb0e4d59SIdo Schimmel
461eb0e4d59SIdo Schimmel net = container_of(table->data, struct net,
462eb0e4d59SIdo Schimmel ipv4.sysctl_fib_multipath_hash_fields);
463eb0e4d59SIdo Schimmel ret = proc_douintvec_minmax(table, write, buffer, lenp, ppos);
464eb0e4d59SIdo Schimmel if (write && ret == 0)
465eb0e4d59SIdo Schimmel call_netevent_notifiers(NETEVENT_IPV4_MPATH_HASH_UPDATE, net);
466eb0e4d59SIdo Schimmel
467eb0e4d59SIdo Schimmel return ret;
468eb0e4d59SIdo Schimmel }
4693ae6ec08SIdo Schimmel #endif
4703ae6ec08SIdo Schimmel
4713e37c3f9SPavel Emelyanov static struct ctl_table ipv4_table[] = {
4721da177e4SLinus Torvalds {
4731da177e4SLinus Torvalds .procname = "tcp_max_orphans",
4741da177e4SLinus Torvalds .data = &sysctl_tcp_max_orphans,
4751da177e4SLinus Torvalds .maxlen = sizeof(int),
4761da177e4SLinus Torvalds .mode = 0644,
4776d9f239aSAlexey Dobriyan .proc_handler = proc_dointvec
4781da177e4SLinus Torvalds },
4791da177e4SLinus Torvalds {
4801da177e4SLinus Torvalds .procname = "inet_peer_threshold",
4811da177e4SLinus Torvalds .data = &inet_peer_threshold,
4821da177e4SLinus Torvalds .maxlen = sizeof(int),
4831da177e4SLinus Torvalds .mode = 0644,
4846d9f239aSAlexey Dobriyan .proc_handler = proc_dointvec
4851da177e4SLinus Torvalds },
4861da177e4SLinus Torvalds {
4871da177e4SLinus Torvalds .procname = "inet_peer_minttl",
4881da177e4SLinus Torvalds .data = &inet_peer_minttl,
4891da177e4SLinus Torvalds .maxlen = sizeof(int),
4901da177e4SLinus Torvalds .mode = 0644,
4916d9f239aSAlexey Dobriyan .proc_handler = proc_dointvec_jiffies,
4921da177e4SLinus Torvalds },
4931da177e4SLinus Torvalds {
4941da177e4SLinus Torvalds .procname = "inet_peer_maxttl",
4951da177e4SLinus Torvalds .data = &inet_peer_maxttl,
4961da177e4SLinus Torvalds .maxlen = sizeof(int),
4971da177e4SLinus Torvalds .mode = 0644,
4986d9f239aSAlexey Dobriyan .proc_handler = proc_dointvec_jiffies,
4991da177e4SLinus Torvalds },
5001da177e4SLinus Torvalds {
501a4fe34bfSEric W. Biederman .procname = "tcp_mem",
502a4fe34bfSEric W. Biederman .maxlen = sizeof(sysctl_tcp_mem),
503a4fe34bfSEric W. Biederman .data = &sysctl_tcp_mem,
504a4fe34bfSEric W. Biederman .mode = 0644,
505a4fe34bfSEric W. Biederman .proc_handler = proc_doulongvec_minmax,
506a4fe34bfSEric W. Biederman },
507a4fe34bfSEric W. Biederman {
5081da177e4SLinus Torvalds .procname = "tcp_low_latency",
5091da177e4SLinus Torvalds .data = &sysctl_tcp_low_latency,
5101da177e4SLinus Torvalds .maxlen = sizeof(int),
5111da177e4SLinus Torvalds .mode = 0644,
5126d9f239aSAlexey Dobriyan .proc_handler = proc_dointvec
5131da177e4SLinus Torvalds },
514446fda4fSPaul Moore #ifdef CONFIG_NETLABEL
515446fda4fSPaul Moore {
516446fda4fSPaul Moore .procname = "cipso_cache_enable",
517446fda4fSPaul Moore .data = &cipso_v4_cache_enabled,
518446fda4fSPaul Moore .maxlen = sizeof(int),
519446fda4fSPaul Moore .mode = 0644,
5206d9f239aSAlexey Dobriyan .proc_handler = proc_dointvec,
521446fda4fSPaul Moore },
522446fda4fSPaul Moore {
523446fda4fSPaul Moore .procname = "cipso_cache_bucket_size",
524446fda4fSPaul Moore .data = &cipso_v4_cache_bucketsize,
525446fda4fSPaul Moore .maxlen = sizeof(int),
526446fda4fSPaul Moore .mode = 0644,
5276d9f239aSAlexey Dobriyan .proc_handler = proc_dointvec,
528446fda4fSPaul Moore },
529446fda4fSPaul Moore {
530446fda4fSPaul Moore .procname = "cipso_rbm_optfmt",
531446fda4fSPaul Moore .data = &cipso_v4_rbm_optfmt,
532446fda4fSPaul Moore .maxlen = sizeof(int),
533446fda4fSPaul Moore .mode = 0644,
5346d9f239aSAlexey Dobriyan .proc_handler = proc_dointvec,
535446fda4fSPaul Moore },
536446fda4fSPaul Moore {
537446fda4fSPaul Moore .procname = "cipso_rbm_strictvalid",
538446fda4fSPaul Moore .data = &cipso_v4_rbm_strictvalid,
539446fda4fSPaul Moore .maxlen = sizeof(int),
540446fda4fSPaul Moore .mode = 0644,
5416d9f239aSAlexey Dobriyan .proc_handler = proc_dointvec,
542446fda4fSPaul Moore },
543446fda4fSPaul Moore #endif /* CONFIG_NETLABEL */
5443ff825b2SStephen Hemminger {
545734942ccSDave Watson .procname = "tcp_available_ulp",
546734942ccSDave Watson .maxlen = TCP_ULP_BUF_MAX,
547734942ccSDave Watson .mode = 0444,
548734942ccSDave Watson .proc_handler = proc_tcp_available_ulp,
549734942ccSDave Watson },
550734942ccSDave Watson {
5514cdf507dSEric Dumazet .procname = "icmp_msgs_per_sec",
5524cdf507dSEric Dumazet .data = &sysctl_icmp_msgs_per_sec,
5534cdf507dSEric Dumazet .maxlen = sizeof(int),
5544cdf507dSEric Dumazet .mode = 0644,
5554cdf507dSEric Dumazet .proc_handler = proc_dointvec_minmax,
556eec4844fSMatteo Croce .extra1 = SYSCTL_ZERO,
5574cdf507dSEric Dumazet },
5584cdf507dSEric Dumazet {
5594cdf507dSEric Dumazet .procname = "icmp_msgs_burst",
5604cdf507dSEric Dumazet .data = &sysctl_icmp_msgs_burst,
5614cdf507dSEric Dumazet .maxlen = sizeof(int),
5624cdf507dSEric Dumazet .mode = 0644,
5634cdf507dSEric Dumazet .proc_handler = proc_dointvec_minmax,
564eec4844fSMatteo Croce .extra1 = SYSCTL_ZERO,
5654cdf507dSEric Dumazet },
5664cdf507dSEric Dumazet {
56795766fffSHideo Aoki .procname = "udp_mem",
56895766fffSHideo Aoki .data = &sysctl_udp_mem,
56995766fffSHideo Aoki .maxlen = sizeof(sysctl_udp_mem),
57095766fffSHideo Aoki .mode = 0644,
5718d987e5cSEric Dumazet .proc_handler = proc_doulongvec_minmax,
57295766fffSHideo Aoki },
5739ab948a9SDavid Ahern {
5749ab948a9SDavid Ahern .procname = "fib_sync_mem",
5759ab948a9SDavid Ahern .data = &sysctl_fib_sync_mem,
5769ab948a9SDavid Ahern .maxlen = sizeof(sysctl_fib_sync_mem),
5779ab948a9SDavid Ahern .mode = 0644,
5789ab948a9SDavid Ahern .proc_handler = proc_douintvec_minmax,
5799ab948a9SDavid Ahern .extra1 = &sysctl_fib_sync_mem_min,
5809ab948a9SDavid Ahern .extra2 = &sysctl_fib_sync_mem_max,
5819ab948a9SDavid Ahern },
582f8572d8fSEric W. Biederman { }
5831da177e4SLinus Torvalds };
5843e37c3f9SPavel Emelyanov
58568528f09SPavel Emelyanov static struct ctl_table ipv4_net_table[] = {
586fbb82952SEric Dumazet {
587fbb82952SEric Dumazet .procname = "tcp_max_tw_buckets",
588e9bd0ccaSKuniyuki Iwashima .data = &init_net.ipv4.tcp_death_row.sysctl_max_tw_buckets,
589fbb82952SEric Dumazet .maxlen = sizeof(int),
590fbb82952SEric Dumazet .mode = 0644,
591fbb82952SEric Dumazet .proc_handler = proc_dointvec
592fbb82952SEric Dumazet },
59368528f09SPavel Emelyanov {
59468528f09SPavel Emelyanov .procname = "icmp_echo_ignore_all",
59568528f09SPavel Emelyanov .data = &init_net.ipv4.sysctl_icmp_echo_ignore_all,
5964b6bbf17SEric Dumazet .maxlen = sizeof(u8),
59768528f09SPavel Emelyanov .mode = 0644,
5984b6bbf17SEric Dumazet .proc_handler = proc_dou8vec_minmax,
599bb7bb35aSKuniyuki Iwashima .extra1 = SYSCTL_ZERO,
600bb7bb35aSKuniyuki Iwashima .extra2 = SYSCTL_ONE
60168528f09SPavel Emelyanov },
60268528f09SPavel Emelyanov {
603f1b8fa9fSAndreas Roeseler .procname = "icmp_echo_enable_probe",
604f1b8fa9fSAndreas Roeseler .data = &init_net.ipv4.sysctl_icmp_echo_enable_probe,
605b8128656SEric Dumazet .maxlen = sizeof(u8),
606f1b8fa9fSAndreas Roeseler .mode = 0644,
607b8128656SEric Dumazet .proc_handler = proc_dou8vec_minmax,
608f1b8fa9fSAndreas Roeseler .extra1 = SYSCTL_ZERO,
609f1b8fa9fSAndreas Roeseler .extra2 = SYSCTL_ONE
610f1b8fa9fSAndreas Roeseler },
611f1b8fa9fSAndreas Roeseler {
61268528f09SPavel Emelyanov .procname = "icmp_echo_ignore_broadcasts",
61368528f09SPavel Emelyanov .data = &init_net.ipv4.sysctl_icmp_echo_ignore_broadcasts,
6144b6bbf17SEric Dumazet .maxlen = sizeof(u8),
61568528f09SPavel Emelyanov .mode = 0644,
6164b6bbf17SEric Dumazet .proc_handler = proc_dou8vec_minmax,
61766484bb9SKuniyuki Iwashima .extra1 = SYSCTL_ZERO,
61866484bb9SKuniyuki Iwashima .extra2 = SYSCTL_ONE
61968528f09SPavel Emelyanov },
62068528f09SPavel Emelyanov {
62168528f09SPavel Emelyanov .procname = "icmp_ignore_bogus_error_responses",
62268528f09SPavel Emelyanov .data = &init_net.ipv4.sysctl_icmp_ignore_bogus_error_responses,
6234b6bbf17SEric Dumazet .maxlen = sizeof(u8),
62468528f09SPavel Emelyanov .mode = 0644,
6254b6bbf17SEric Dumazet .proc_handler = proc_dou8vec_minmax,
626b04f9b7eSKuniyuki Iwashima .extra1 = SYSCTL_ZERO,
627b04f9b7eSKuniyuki Iwashima .extra2 = SYSCTL_ONE
62868528f09SPavel Emelyanov },
62968528f09SPavel Emelyanov {
63068528f09SPavel Emelyanov .procname = "icmp_errors_use_inbound_ifaddr",
63168528f09SPavel Emelyanov .data = &init_net.ipv4.sysctl_icmp_errors_use_inbound_ifaddr,
6324b6bbf17SEric Dumazet .maxlen = sizeof(u8),
63368528f09SPavel Emelyanov .mode = 0644,
6344b6bbf17SEric Dumazet .proc_handler = proc_dou8vec_minmax,
635d2efabceSKuniyuki Iwashima .extra1 = SYSCTL_ZERO,
636d2efabceSKuniyuki Iwashima .extra2 = SYSCTL_ONE
63768528f09SPavel Emelyanov },
63868528f09SPavel Emelyanov {
63968528f09SPavel Emelyanov .procname = "icmp_ratelimit",
64068528f09SPavel Emelyanov .data = &init_net.ipv4.sysctl_icmp_ratelimit,
64168528f09SPavel Emelyanov .maxlen = sizeof(int),
64268528f09SPavel Emelyanov .mode = 0644,
6436d9f239aSAlexey Dobriyan .proc_handler = proc_dointvec_ms_jiffies,
64468528f09SPavel Emelyanov },
64568528f09SPavel Emelyanov {
64668528f09SPavel Emelyanov .procname = "icmp_ratemask",
64768528f09SPavel Emelyanov .data = &init_net.ipv4.sysctl_icmp_ratemask,
64868528f09SPavel Emelyanov .maxlen = sizeof(int),
64968528f09SPavel Emelyanov .mode = 0644,
6506d9f239aSAlexey Dobriyan .proc_handler = proc_dointvec
65168528f09SPavel Emelyanov },
6521080d709SNeil Horman {
653c319b4d7SVasiliy Kulikov .procname = "ping_group_range",
654ba6b918aSCong Wang .data = &init_net.ipv4.ping_group_range.range,
6557064d16eSEric W. Biederman .maxlen = sizeof(gid_t)*2,
656c319b4d7SVasiliy Kulikov .mode = 0644,
657c319b4d7SVasiliy Kulikov .proc_handler = ipv4_ping_group_range,
658c319b4d7SVasiliy Kulikov },
6596897445fSMike Manning #ifdef CONFIG_NET_L3_MASTER_DEV
6606897445fSMike Manning {
6616897445fSMike Manning .procname = "raw_l3mdev_accept",
6626897445fSMike Manning .data = &init_net.ipv4.sysctl_raw_l3mdev_accept,
6634b6bbf17SEric Dumazet .maxlen = sizeof(u8),
6646897445fSMike Manning .mode = 0644,
6654b6bbf17SEric Dumazet .proc_handler = proc_dou8vec_minmax,
666eec4844fSMatteo Croce .extra1 = SYSCTL_ZERO,
667eec4844fSMatteo Croce .extra2 = SYSCTL_ONE,
6686897445fSMike Manning },
6696897445fSMike Manning #endif
6703dc43e3eSGlauber Costa {
6715d134f1cSHannes Frederic Sowa .procname = "tcp_ecn",
6725d134f1cSHannes Frederic Sowa .data = &init_net.ipv4.sysctl_tcp_ecn,
6734b6bbf17SEric Dumazet .maxlen = sizeof(u8),
6745d134f1cSHannes Frederic Sowa .mode = 0644,
6754b6bbf17SEric Dumazet .proc_handler = proc_dou8vec_minmax,
6764785a667SKuniyuki Iwashima .extra1 = SYSCTL_ZERO,
6774785a667SKuniyuki Iwashima .extra2 = SYSCTL_TWO,
6785d134f1cSHannes Frederic Sowa },
6795d134f1cSHannes Frederic Sowa {
68049213555SDaniel Borkmann .procname = "tcp_ecn_fallback",
68149213555SDaniel Borkmann .data = &init_net.ipv4.sysctl_tcp_ecn_fallback,
6824b6bbf17SEric Dumazet .maxlen = sizeof(u8),
68349213555SDaniel Borkmann .mode = 0644,
6844b6bbf17SEric Dumazet .proc_handler = proc_dou8vec_minmax,
68512b8d9caSKuniyuki Iwashima .extra1 = SYSCTL_ZERO,
68612b8d9caSKuniyuki Iwashima .extra2 = SYSCTL_ONE,
68749213555SDaniel Borkmann },
68849213555SDaniel Borkmann {
689287b7f38SNikolay Borisov .procname = "ip_dynaddr",
690287b7f38SNikolay Borisov .data = &init_net.ipv4.sysctl_ip_dynaddr,
6914b6bbf17SEric Dumazet .maxlen = sizeof(u8),
692287b7f38SNikolay Borisov .mode = 0644,
6934b6bbf17SEric Dumazet .proc_handler = proc_dou8vec_minmax,
694287b7f38SNikolay Borisov },
695287b7f38SNikolay Borisov {
696e21145a9SNikolay Borisov .procname = "ip_early_demux",
697e21145a9SNikolay Borisov .data = &init_net.ipv4.sysctl_ip_early_demux,
6984b6bbf17SEric Dumazet .maxlen = sizeof(u8),
699e21145a9SNikolay Borisov .mode = 0644,
7004b6bbf17SEric Dumazet .proc_handler = proc_dou8vec_minmax,
701e21145a9SNikolay Borisov },
702e21145a9SNikolay Borisov {
703dddb64bcSsubashab@codeaurora.org .procname = "udp_early_demux",
704dddb64bcSsubashab@codeaurora.org .data = &init_net.ipv4.sysctl_udp_early_demux,
7052932bcdaSEric Dumazet .maxlen = sizeof(u8),
706dddb64bcSsubashab@codeaurora.org .mode = 0644,
70711052589SKuniyuki Iwashima .proc_handler = proc_dou8vec_minmax,
708dddb64bcSsubashab@codeaurora.org },
709dddb64bcSsubashab@codeaurora.org {
710dddb64bcSsubashab@codeaurora.org .procname = "tcp_early_demux",
711dddb64bcSsubashab@codeaurora.org .data = &init_net.ipv4.sysctl_tcp_early_demux,
7122932bcdaSEric Dumazet .maxlen = sizeof(u8),
713dddb64bcSsubashab@codeaurora.org .mode = 0644,
71411052589SKuniyuki Iwashima .proc_handler = proc_dou8vec_minmax,
715dddb64bcSsubashab@codeaurora.org },
716dddb64bcSsubashab@codeaurora.org {
7174f80116dSRoopa Prabhu .procname = "nexthop_compat_mode",
7184f80116dSRoopa Prabhu .data = &init_net.ipv4.sysctl_nexthop_compat_mode,
7194b6bbf17SEric Dumazet .maxlen = sizeof(u8),
7204f80116dSRoopa Prabhu .mode = 0644,
7214b6bbf17SEric Dumazet .proc_handler = proc_dou8vec_minmax,
7224f80116dSRoopa Prabhu .extra1 = SYSCTL_ZERO,
7234f80116dSRoopa Prabhu .extra2 = SYSCTL_ONE,
7244f80116dSRoopa Prabhu },
7254f80116dSRoopa Prabhu {
726fa50d974SNikolay Borisov .procname = "ip_default_ttl",
727fa50d974SNikolay Borisov .data = &init_net.ipv4.sysctl_ip_default_ttl,
7284b6bbf17SEric Dumazet .maxlen = sizeof(u8),
729fa50d974SNikolay Borisov .mode = 0644,
7304b6bbf17SEric Dumazet .proc_handler = proc_dou8vec_minmax,
731fa50d974SNikolay Borisov .extra1 = &ip_ttl_min,
732fa50d974SNikolay Borisov .extra2 = &ip_ttl_max,
733fa50d974SNikolay Borisov },
734fa50d974SNikolay Borisov {
7350bbf87d8SEric W. Biederman .procname = "ip_local_port_range",
736c9d8f1a6SCong Wang .maxlen = sizeof(init_net.ipv4.ip_local_ports.range),
737c9d8f1a6SCong Wang .data = &init_net.ipv4.ip_local_ports.range,
7380bbf87d8SEric W. Biederman .mode = 0644,
7390bbf87d8SEric W. Biederman .proc_handler = ipv4_local_port_range,
7400bbf87d8SEric W. Biederman },
741974eda11SHannes Frederic Sowa {
742122ff243SWANG Cong .procname = "ip_local_reserved_ports",
743122ff243SWANG Cong .data = &init_net.ipv4.sysctl_local_reserved_ports,
744122ff243SWANG Cong .maxlen = 65536,
745122ff243SWANG Cong .mode = 0644,
746122ff243SWANG Cong .proc_handler = proc_do_large_bitmap,
747122ff243SWANG Cong },
748122ff243SWANG Cong {
749974eda11SHannes Frederic Sowa .procname = "ip_no_pmtu_disc",
750974eda11SHannes Frederic Sowa .data = &init_net.ipv4.sysctl_ip_no_pmtu_disc,
7514b6bbf17SEric Dumazet .maxlen = sizeof(u8),
752974eda11SHannes Frederic Sowa .mode = 0644,
7534b6bbf17SEric Dumazet .proc_handler = proc_dou8vec_minmax,
754974eda11SHannes Frederic Sowa },
755f87c10a8SHannes Frederic Sowa {
756f87c10a8SHannes Frederic Sowa .procname = "ip_forward_use_pmtu",
757f87c10a8SHannes Frederic Sowa .data = &init_net.ipv4.sysctl_ip_fwd_use_pmtu,
7584b6bbf17SEric Dumazet .maxlen = sizeof(u8),
759f87c10a8SHannes Frederic Sowa .mode = 0644,
7604b6bbf17SEric Dumazet .proc_handler = proc_dou8vec_minmax,
761f87c10a8SHannes Frederic Sowa },
762e110861fSLorenzo Colitti {
763432e05d3SPetr Machata .procname = "ip_forward_update_priority",
764432e05d3SPetr Machata .data = &init_net.ipv4.sysctl_ip_fwd_update_priority,
7651c69dedcSEric Dumazet .maxlen = sizeof(u8),
766432e05d3SPetr Machata .mode = 0644,
767d18c5d19SPetr Machata .proc_handler = ipv4_fwd_update_priority,
768eec4844fSMatteo Croce .extra1 = SYSCTL_ZERO,
769eec4844fSMatteo Croce .extra2 = SYSCTL_ONE,
770432e05d3SPetr Machata },
771432e05d3SPetr Machata {
77249a60158SVincent Bernat .procname = "ip_nonlocal_bind",
77349a60158SVincent Bernat .data = &init_net.ipv4.sysctl_ip_nonlocal_bind,
7744b6bbf17SEric Dumazet .maxlen = sizeof(u8),
77549a60158SVincent Bernat .mode = 0644,
7764b6bbf17SEric Dumazet .proc_handler = proc_dou8vec_minmax,
77749a60158SVincent Bernat },
77849a60158SVincent Bernat {
7794b01a967SKuniyuki Iwashima .procname = "ip_autobind_reuse",
7804b01a967SKuniyuki Iwashima .data = &init_net.ipv4.sysctl_ip_autobind_reuse,
7814b6bbf17SEric Dumazet .maxlen = sizeof(u8),
7824b01a967SKuniyuki Iwashima .mode = 0644,
7834b6bbf17SEric Dumazet .proc_handler = proc_dou8vec_minmax,
7844b01a967SKuniyuki Iwashima .extra1 = SYSCTL_ZERO,
7854b01a967SKuniyuki Iwashima .extra2 = SYSCTL_ONE,
7864b01a967SKuniyuki Iwashima },
7874b01a967SKuniyuki Iwashima {
788e110861fSLorenzo Colitti .procname = "fwmark_reflect",
789e110861fSLorenzo Colitti .data = &init_net.ipv4.sysctl_fwmark_reflect,
7904b6bbf17SEric Dumazet .maxlen = sizeof(u8),
791e110861fSLorenzo Colitti .mode = 0644,
7924b6bbf17SEric Dumazet .proc_handler = proc_dou8vec_minmax,
793e110861fSLorenzo Colitti },
79484f39b08SLorenzo Colitti {
79584f39b08SLorenzo Colitti .procname = "tcp_fwmark_accept",
79684f39b08SLorenzo Colitti .data = &init_net.ipv4.sysctl_tcp_fwmark_accept,
7974ecc1bafSEric Dumazet .maxlen = sizeof(u8),
79884f39b08SLorenzo Colitti .mode = 0644,
7994ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
80084f39b08SLorenzo Colitti },
8016dd9a14eSDavid Ahern #ifdef CONFIG_NET_L3_MASTER_DEV
8026dd9a14eSDavid Ahern {
8036dd9a14eSDavid Ahern .procname = "tcp_l3mdev_accept",
8046dd9a14eSDavid Ahern .data = &init_net.ipv4.sysctl_tcp_l3mdev_accept,
8054ecc1bafSEric Dumazet .maxlen = sizeof(u8),
8066dd9a14eSDavid Ahern .mode = 0644,
8074ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
808eec4844fSMatteo Croce .extra1 = SYSCTL_ZERO,
809eec4844fSMatteo Croce .extra2 = SYSCTL_ONE,
8106dd9a14eSDavid Ahern },
8116dd9a14eSDavid Ahern #endif
812b0f9ca53SFan Du {
813b0f9ca53SFan Du .procname = "tcp_mtu_probing",
814b0f9ca53SFan Du .data = &init_net.ipv4.sysctl_tcp_mtu_probing,
8154ecc1bafSEric Dumazet .maxlen = sizeof(u8),
816b0f9ca53SFan Du .mode = 0644,
8174ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
818b0f9ca53SFan Du },
819b0f9ca53SFan Du {
820b0f9ca53SFan Du .procname = "tcp_base_mss",
821b0f9ca53SFan Du .data = &init_net.ipv4.sysctl_tcp_base_mss,
822b0f9ca53SFan Du .maxlen = sizeof(int),
823b0f9ca53SFan Du .mode = 0644,
824b0f9ca53SFan Du .proc_handler = proc_dointvec,
825b0f9ca53SFan Du },
8266b58e0a5SFan Du {
8275f3e2bf0SEric Dumazet .procname = "tcp_min_snd_mss",
8285f3e2bf0SEric Dumazet .data = &init_net.ipv4.sysctl_tcp_min_snd_mss,
8295f3e2bf0SEric Dumazet .maxlen = sizeof(int),
8305f3e2bf0SEric Dumazet .mode = 0644,
8315f3e2bf0SEric Dumazet .proc_handler = proc_dointvec_minmax,
8325f3e2bf0SEric Dumazet .extra1 = &tcp_min_snd_mss_min,
8335f3e2bf0SEric Dumazet .extra2 = &tcp_min_snd_mss_max,
8345f3e2bf0SEric Dumazet },
8355f3e2bf0SEric Dumazet {
836c04b79b6SJosh Hunt .procname = "tcp_mtu_probe_floor",
837c04b79b6SJosh Hunt .data = &init_net.ipv4.sysctl_tcp_mtu_probe_floor,
838c04b79b6SJosh Hunt .maxlen = sizeof(int),
839c04b79b6SJosh Hunt .mode = 0644,
840c04b79b6SJosh Hunt .proc_handler = proc_dointvec_minmax,
841c04b79b6SJosh Hunt .extra1 = &tcp_min_snd_mss_min,
842c04b79b6SJosh Hunt .extra2 = &tcp_min_snd_mss_max,
843c04b79b6SJosh Hunt },
844c04b79b6SJosh Hunt {
8456b58e0a5SFan Du .procname = "tcp_probe_threshold",
8466b58e0a5SFan Du .data = &init_net.ipv4.sysctl_tcp_probe_threshold,
8476b58e0a5SFan Du .maxlen = sizeof(int),
8486b58e0a5SFan Du .mode = 0644,
8496b58e0a5SFan Du .proc_handler = proc_dointvec,
8506b58e0a5SFan Du },
85105cbc0dbSFan Du {
85205cbc0dbSFan Du .procname = "tcp_probe_interval",
85305cbc0dbSFan Du .data = &init_net.ipv4.sysctl_tcp_probe_interval,
854d4ce5808SMaciej Żenczykowski .maxlen = sizeof(u32),
85505cbc0dbSFan Du .mode = 0644,
856d4ce5808SMaciej Żenczykowski .proc_handler = proc_douintvec_minmax,
857d4ce5808SMaciej Żenczykowski .extra2 = &u32_max_div_HZ,
85805cbc0dbSFan Du },
859df2cf4a7SPhilip Downey {
860df2cf4a7SPhilip Downey .procname = "igmp_link_local_mcast_reports",
86187a8a2aeSNikolay Borisov .data = &init_net.ipv4.sysctl_igmp_llm_reports,
8627d4b37ebSEric Dumazet .maxlen = sizeof(u8),
863df2cf4a7SPhilip Downey .mode = 0644,
8647d4b37ebSEric Dumazet .proc_handler = proc_dou8vec_minmax,
865df2cf4a7SPhilip Downey },
86613b287e8SNikolay Borisov {
867815c5270SNikolay Borisov .procname = "igmp_max_memberships",
868815c5270SNikolay Borisov .data = &init_net.ipv4.sysctl_igmp_max_memberships,
869815c5270SNikolay Borisov .maxlen = sizeof(int),
870815c5270SNikolay Borisov .mode = 0644,
871815c5270SNikolay Borisov .proc_handler = proc_dointvec
872815c5270SNikolay Borisov },
873815c5270SNikolay Borisov {
874166b6b2dSNikolay Borisov .procname = "igmp_max_msf",
875166b6b2dSNikolay Borisov .data = &init_net.ipv4.sysctl_igmp_max_msf,
876166b6b2dSNikolay Borisov .maxlen = sizeof(int),
877166b6b2dSNikolay Borisov .mode = 0644,
878166b6b2dSNikolay Borisov .proc_handler = proc_dointvec
879166b6b2dSNikolay Borisov },
880165094afSNikolay Borisov #ifdef CONFIG_IP_MULTICAST
881165094afSNikolay Borisov {
882165094afSNikolay Borisov .procname = "igmp_qrv",
883165094afSNikolay Borisov .data = &init_net.ipv4.sysctl_igmp_qrv,
884165094afSNikolay Borisov .maxlen = sizeof(int),
885165094afSNikolay Borisov .mode = 0644,
886165094afSNikolay Borisov .proc_handler = proc_dointvec_minmax,
887eec4844fSMatteo Croce .extra1 = SYSCTL_ONE
888165094afSNikolay Borisov },
889165094afSNikolay Borisov #endif
890166b6b2dSNikolay Borisov {
8916670e152SStephen Hemminger .procname = "tcp_congestion_control",
8926670e152SStephen Hemminger .data = &init_net.ipv4.tcp_congestion_control,
8936670e152SStephen Hemminger .mode = 0644,
8946670e152SStephen Hemminger .maxlen = TCP_CA_NAME_MAX,
8956670e152SStephen Hemminger .proc_handler = proc_tcp_congestion_control,
8966670e152SStephen Hemminger },
8976670e152SStephen Hemminger {
8989cb8e048SChristian Brauner .procname = "tcp_available_congestion_control",
8999cb8e048SChristian Brauner .maxlen = TCP_CA_BUF_MAX,
9009cb8e048SChristian Brauner .mode = 0444,
9019cb8e048SChristian Brauner .proc_handler = proc_tcp_available_congestion_control,
9029cb8e048SChristian Brauner },
9039cb8e048SChristian Brauner {
9049cb8e048SChristian Brauner .procname = "tcp_allowed_congestion_control",
9059cb8e048SChristian Brauner .maxlen = TCP_CA_BUF_MAX,
9069cb8e048SChristian Brauner .mode = 0644,
9079cb8e048SChristian Brauner .proc_handler = proc_allowed_congestion_control,
9089cb8e048SChristian Brauner },
9099cb8e048SChristian Brauner {
91013b287e8SNikolay Borisov .procname = "tcp_keepalive_time",
91113b287e8SNikolay Borisov .data = &init_net.ipv4.sysctl_tcp_keepalive_time,
91213b287e8SNikolay Borisov .maxlen = sizeof(int),
91313b287e8SNikolay Borisov .mode = 0644,
91413b287e8SNikolay Borisov .proc_handler = proc_dointvec_jiffies,
91513b287e8SNikolay Borisov },
9169bd6861bSNikolay Borisov {
9179bd6861bSNikolay Borisov .procname = "tcp_keepalive_probes",
9189bd6861bSNikolay Borisov .data = &init_net.ipv4.sysctl_tcp_keepalive_probes,
9194ecc1bafSEric Dumazet .maxlen = sizeof(u8),
9209bd6861bSNikolay Borisov .mode = 0644,
9214ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
9229bd6861bSNikolay Borisov },
923b840d15dSNikolay Borisov {
924b840d15dSNikolay Borisov .procname = "tcp_keepalive_intvl",
925b840d15dSNikolay Borisov .data = &init_net.ipv4.sysctl_tcp_keepalive_intvl,
926b840d15dSNikolay Borisov .maxlen = sizeof(int),
927b840d15dSNikolay Borisov .mode = 0644,
928b840d15dSNikolay Borisov .proc_handler = proc_dointvec_jiffies,
929b840d15dSNikolay Borisov },
9306fa25166SNikolay Borisov {
9316fa25166SNikolay Borisov .procname = "tcp_syn_retries",
9326fa25166SNikolay Borisov .data = &init_net.ipv4.sysctl_tcp_syn_retries,
9334ecc1bafSEric Dumazet .maxlen = sizeof(u8),
9346fa25166SNikolay Borisov .mode = 0644,
9354ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
9366fa25166SNikolay Borisov .extra1 = &tcp_syn_retries_min,
9376fa25166SNikolay Borisov .extra2 = &tcp_syn_retries_max
9386fa25166SNikolay Borisov },
9397c083ecbSNikolay Borisov {
9407c083ecbSNikolay Borisov .procname = "tcp_synack_retries",
9417c083ecbSNikolay Borisov .data = &init_net.ipv4.sysctl_tcp_synack_retries,
9424ecc1bafSEric Dumazet .maxlen = sizeof(u8),
9437c083ecbSNikolay Borisov .mode = 0644,
9444ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
9457c083ecbSNikolay Borisov },
94612ed8244SNikolay Borisov #ifdef CONFIG_SYN_COOKIES
94712ed8244SNikolay Borisov {
94812ed8244SNikolay Borisov .procname = "tcp_syncookies",
94912ed8244SNikolay Borisov .data = &init_net.ipv4.sysctl_tcp_syncookies,
9504ecc1bafSEric Dumazet .maxlen = sizeof(u8),
95112ed8244SNikolay Borisov .mode = 0644,
9524ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
95312ed8244SNikolay Borisov },
95412ed8244SNikolay Borisov #endif
9551043e25fSNikolay Borisov {
956f9ac779fSKuniyuki Iwashima .procname = "tcp_migrate_req",
957f9ac779fSKuniyuki Iwashima .data = &init_net.ipv4.sysctl_tcp_migrate_req,
958f9ac779fSKuniyuki Iwashima .maxlen = sizeof(u8),
959f9ac779fSKuniyuki Iwashima .mode = 0644,
960f9ac779fSKuniyuki Iwashima .proc_handler = proc_dou8vec_minmax,
961f9ac779fSKuniyuki Iwashima .extra1 = SYSCTL_ZERO,
962f9ac779fSKuniyuki Iwashima .extra2 = SYSCTL_ONE
963f9ac779fSKuniyuki Iwashima },
964f9ac779fSKuniyuki Iwashima {
9651043e25fSNikolay Borisov .procname = "tcp_reordering",
9661043e25fSNikolay Borisov .data = &init_net.ipv4.sysctl_tcp_reordering,
9671043e25fSNikolay Borisov .maxlen = sizeof(int),
9681043e25fSNikolay Borisov .mode = 0644,
9691043e25fSNikolay Borisov .proc_handler = proc_dointvec
9701043e25fSNikolay Borisov },
971ae5c3f40SNikolay Borisov {
972ae5c3f40SNikolay Borisov .procname = "tcp_retries1",
973ae5c3f40SNikolay Borisov .data = &init_net.ipv4.sysctl_tcp_retries1,
9744ecc1bafSEric Dumazet .maxlen = sizeof(u8),
975ae5c3f40SNikolay Borisov .mode = 0644,
9764ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
977ae5c3f40SNikolay Borisov .extra2 = &tcp_retr1_max
978ae5c3f40SNikolay Borisov },
979c6214a97SNikolay Borisov {
980c6214a97SNikolay Borisov .procname = "tcp_retries2",
981c6214a97SNikolay Borisov .data = &init_net.ipv4.sysctl_tcp_retries2,
9824ecc1bafSEric Dumazet .maxlen = sizeof(u8),
983c6214a97SNikolay Borisov .mode = 0644,
9844ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
985c6214a97SNikolay Borisov },
986c402d9beSNikolay Borisov {
987c402d9beSNikolay Borisov .procname = "tcp_orphan_retries",
988c402d9beSNikolay Borisov .data = &init_net.ipv4.sysctl_tcp_orphan_retries,
9894ecc1bafSEric Dumazet .maxlen = sizeof(u8),
990c402d9beSNikolay Borisov .mode = 0644,
9914ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
992c402d9beSNikolay Borisov },
9931e579caaSNikolay Borisov {
9941e579caaSNikolay Borisov .procname = "tcp_fin_timeout",
9951e579caaSNikolay Borisov .data = &init_net.ipv4.sysctl_tcp_fin_timeout,
9961e579caaSNikolay Borisov .maxlen = sizeof(int),
9971e579caaSNikolay Borisov .mode = 0644,
9981e579caaSNikolay Borisov .proc_handler = proc_dointvec_jiffies,
9991e579caaSNikolay Borisov },
10004979f2d9SNikolay Borisov {
10014979f2d9SNikolay Borisov .procname = "tcp_notsent_lowat",
10024979f2d9SNikolay Borisov .data = &init_net.ipv4.sysctl_tcp_notsent_lowat,
10034979f2d9SNikolay Borisov .maxlen = sizeof(unsigned int),
10044979f2d9SNikolay Borisov .mode = 0644,
1005b007f090SPavel Tikhomirov .proc_handler = proc_douintvec,
10064979f2d9SNikolay Borisov },
100756ab6b93SHaishuang Yan {
100856ab6b93SHaishuang Yan .procname = "tcp_tw_reuse",
100956ab6b93SHaishuang Yan .data = &init_net.ipv4.sysctl_tcp_tw_reuse,
10104ecc1bafSEric Dumazet .maxlen = sizeof(u8),
101156ab6b93SHaishuang Yan .mode = 0644,
10124ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
1013eec4844fSMatteo Croce .extra1 = SYSCTL_ZERO,
1014bd8a5367STonghao Zhang .extra2 = SYSCTL_TWO,
101556ab6b93SHaishuang Yan },
10161946e672SHaishuang Yan {
1017fee83d09SHaishuang Yan .procname = "tcp_max_syn_backlog",
1018fee83d09SHaishuang Yan .data = &init_net.ipv4.sysctl_max_syn_backlog,
1019fee83d09SHaishuang Yan .maxlen = sizeof(int),
1020fee83d09SHaishuang Yan .mode = 0644,
1021fee83d09SHaishuang Yan .proc_handler = proc_dointvec
1022fee83d09SHaishuang Yan },
1023e1cfcbe8SHaishuang Yan {
1024e1cfcbe8SHaishuang Yan .procname = "tcp_fastopen",
1025e1cfcbe8SHaishuang Yan .data = &init_net.ipv4.sysctl_tcp_fastopen,
1026e1cfcbe8SHaishuang Yan .maxlen = sizeof(int),
1027e1cfcbe8SHaishuang Yan .mode = 0644,
1028e1cfcbe8SHaishuang Yan .proc_handler = proc_dointvec,
1029e1cfcbe8SHaishuang Yan },
103043713848SHaishuang Yan {
103143713848SHaishuang Yan .procname = "tcp_fastopen_key",
103243713848SHaishuang Yan .mode = 0600,
103343713848SHaishuang Yan .data = &init_net.ipv4.sysctl_tcp_fastopen,
1034aa1236cdSJason Baron /* maxlen to print the list of keys in hex (*2), with dashes
1035aa1236cdSJason Baron * separating doublewords and a comma in between keys.
1036aa1236cdSJason Baron */
1037aa1236cdSJason Baron .maxlen = ((TCP_FASTOPEN_KEY_LENGTH *
1038aa1236cdSJason Baron 2 * TCP_FASTOPEN_KEY_MAX) +
1039aa1236cdSJason Baron (TCP_FASTOPEN_KEY_MAX * 5)),
104043713848SHaishuang Yan .proc_handler = proc_tcp_fastopen_key,
104143713848SHaishuang Yan },
10423733be14SHaishuang Yan {
10433733be14SHaishuang Yan .procname = "tcp_fastopen_blackhole_timeout_sec",
10443733be14SHaishuang Yan .data = &init_net.ipv4.sysctl_tcp_fastopen_blackhole_timeout,
10453733be14SHaishuang Yan .maxlen = sizeof(int),
10463733be14SHaishuang Yan .mode = 0644,
10473733be14SHaishuang Yan .proc_handler = proc_tfo_blackhole_detect_timeout,
1048eec4844fSMatteo Croce .extra1 = SYSCTL_ZERO,
10493733be14SHaishuang Yan },
1050a6db4494SDavid Ahern #ifdef CONFIG_IP_ROUTE_MULTIPATH
1051a6db4494SDavid Ahern {
1052a6db4494SDavid Ahern .procname = "fib_multipath_use_neigh",
1053a6db4494SDavid Ahern .data = &init_net.ipv4.sysctl_fib_multipath_use_neigh,
1054be205fe6SEric Dumazet .maxlen = sizeof(u8),
1055a6db4494SDavid Ahern .mode = 0644,
1056be205fe6SEric Dumazet .proc_handler = proc_dou8vec_minmax,
1057eec4844fSMatteo Croce .extra1 = SYSCTL_ZERO,
1058eec4844fSMatteo Croce .extra2 = SYSCTL_ONE,
1059a6db4494SDavid Ahern },
1060bf4e0a3dSNikolay Aleksandrov {
1061bf4e0a3dSNikolay Aleksandrov .procname = "fib_multipath_hash_policy",
1062bf4e0a3dSNikolay Aleksandrov .data = &init_net.ipv4.sysctl_fib_multipath_hash_policy,
1063be205fe6SEric Dumazet .maxlen = sizeof(u8),
1064bf4e0a3dSNikolay Aleksandrov .mode = 0644,
10653ae6ec08SIdo Schimmel .proc_handler = proc_fib_multipath_hash_policy,
1066eec4844fSMatteo Croce .extra1 = SYSCTL_ZERO,
10674c7f24f8STonghao Zhang .extra2 = SYSCTL_THREE,
1068bf4e0a3dSNikolay Aleksandrov },
1069ce5c9c20SIdo Schimmel {
1070ce5c9c20SIdo Schimmel .procname = "fib_multipath_hash_fields",
1071ce5c9c20SIdo Schimmel .data = &init_net.ipv4.sysctl_fib_multipath_hash_fields,
1072ce5c9c20SIdo Schimmel .maxlen = sizeof(u32),
1073ce5c9c20SIdo Schimmel .mode = 0644,
1074eb0e4d59SIdo Schimmel .proc_handler = proc_fib_multipath_hash_fields,
1075ce5c9c20SIdo Schimmel .extra1 = SYSCTL_ONE,
1076ce5c9c20SIdo Schimmel .extra2 = &fib_multipath_hash_fields_all_mask,
1077ce5c9c20SIdo Schimmel },
1078a6db4494SDavid Ahern #endif
10794548b683SKrister Johansen {
10804548b683SKrister Johansen .procname = "ip_unprivileged_port_start",
10814548b683SKrister Johansen .maxlen = sizeof(int),
10824548b683SKrister Johansen .data = &init_net.ipv4.sysctl_ip_prot_sock,
10834548b683SKrister Johansen .mode = 0644,
10844548b683SKrister Johansen .proc_handler = ipv4_privileged_ports,
10854548b683SKrister Johansen },
108663a6fff3SRobert Shearman #ifdef CONFIG_NET_L3_MASTER_DEV
108763a6fff3SRobert Shearman {
108863a6fff3SRobert Shearman .procname = "udp_l3mdev_accept",
108963a6fff3SRobert Shearman .data = &init_net.ipv4.sysctl_udp_l3mdev_accept,
1090cd04bd02SEric Dumazet .maxlen = sizeof(u8),
109163a6fff3SRobert Shearman .mode = 0644,
1092cd04bd02SEric Dumazet .proc_handler = proc_dou8vec_minmax,
1093eec4844fSMatteo Croce .extra1 = SYSCTL_ZERO,
1094eec4844fSMatteo Croce .extra2 = SYSCTL_ONE,
109563a6fff3SRobert Shearman },
109663a6fff3SRobert Shearman #endif
1097f9301034SEric Dumazet {
1098f9301034SEric Dumazet .procname = "tcp_sack",
1099f9301034SEric Dumazet .data = &init_net.ipv4.sysctl_tcp_sack,
11004ecc1bafSEric Dumazet .maxlen = sizeof(u8),
1101f9301034SEric Dumazet .mode = 0644,
11024ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
1103f9301034SEric Dumazet },
11049bb37ef0SEric Dumazet {
11059bb37ef0SEric Dumazet .procname = "tcp_window_scaling",
11069bb37ef0SEric Dumazet .data = &init_net.ipv4.sysctl_tcp_window_scaling,
11074ecc1bafSEric Dumazet .maxlen = sizeof(u8),
11089bb37ef0SEric Dumazet .mode = 0644,
11094ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
11109bb37ef0SEric Dumazet },
11115d2ed052SEric Dumazet {
11125d2ed052SEric Dumazet .procname = "tcp_timestamps",
11135d2ed052SEric Dumazet .data = &init_net.ipv4.sysctl_tcp_timestamps,
11144ecc1bafSEric Dumazet .maxlen = sizeof(u8),
11155d2ed052SEric Dumazet .mode = 0644,
11164ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
11175d2ed052SEric Dumazet },
11182ae21cf5SEric Dumazet {
11192ae21cf5SEric Dumazet .procname = "tcp_early_retrans",
11202ae21cf5SEric Dumazet .data = &init_net.ipv4.sysctl_tcp_early_retrans,
11214ecc1bafSEric Dumazet .maxlen = sizeof(u8),
11222ae21cf5SEric Dumazet .mode = 0644,
11234ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
1124eec4844fSMatteo Croce .extra1 = SYSCTL_ZERO,
1125bd8a5367STonghao Zhang .extra2 = SYSCTL_FOUR,
11262ae21cf5SEric Dumazet },
1127e20223f1SEric Dumazet {
1128e20223f1SEric Dumazet .procname = "tcp_recovery",
1129e20223f1SEric Dumazet .data = &init_net.ipv4.sysctl_tcp_recovery,
11304ecc1bafSEric Dumazet .maxlen = sizeof(u8),
1131e20223f1SEric Dumazet .mode = 0644,
11324ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
1133e20223f1SEric Dumazet },
11342c04ac8aSEric Dumazet {
11352c04ac8aSEric Dumazet .procname = "tcp_thin_linear_timeouts",
11362c04ac8aSEric Dumazet .data = &init_net.ipv4.sysctl_tcp_thin_linear_timeouts,
11374ecc1bafSEric Dumazet .maxlen = sizeof(u8),
11382c04ac8aSEric Dumazet .mode = 0644,
11394ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
11402c04ac8aSEric Dumazet },
1141b510f0d2SEric Dumazet {
1142b510f0d2SEric Dumazet .procname = "tcp_slow_start_after_idle",
1143b510f0d2SEric Dumazet .data = &init_net.ipv4.sysctl_tcp_slow_start_after_idle,
11444ecc1bafSEric Dumazet .maxlen = sizeof(u8),
1145b510f0d2SEric Dumazet .mode = 0644,
11464ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
1147b510f0d2SEric Dumazet },
1148e0a1e5b5SEric Dumazet {
1149e0a1e5b5SEric Dumazet .procname = "tcp_retrans_collapse",
1150e0a1e5b5SEric Dumazet .data = &init_net.ipv4.sysctl_tcp_retrans_collapse,
11514ecc1bafSEric Dumazet .maxlen = sizeof(u8),
1152e0a1e5b5SEric Dumazet .mode = 0644,
11534ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
1154e0a1e5b5SEric Dumazet },
11553f4c7c6fSEric Dumazet {
11563f4c7c6fSEric Dumazet .procname = "tcp_stdurg",
11573f4c7c6fSEric Dumazet .data = &init_net.ipv4.sysctl_tcp_stdurg,
11584ecc1bafSEric Dumazet .maxlen = sizeof(u8),
11593f4c7c6fSEric Dumazet .mode = 0644,
11604ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
11613f4c7c6fSEric Dumazet },
1162625357aaSEric Dumazet {
1163625357aaSEric Dumazet .procname = "tcp_rfc1337",
1164625357aaSEric Dumazet .data = &init_net.ipv4.sysctl_tcp_rfc1337,
11654ecc1bafSEric Dumazet .maxlen = sizeof(u8),
1166625357aaSEric Dumazet .mode = 0644,
11674ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
1168625357aaSEric Dumazet },
116965c9410cSEric Dumazet {
117065c9410cSEric Dumazet .procname = "tcp_abort_on_overflow",
117165c9410cSEric Dumazet .data = &init_net.ipv4.sysctl_tcp_abort_on_overflow,
11724ecc1bafSEric Dumazet .maxlen = sizeof(u8),
117365c9410cSEric Dumazet .mode = 0644,
11744ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
117565c9410cSEric Dumazet },
11760bc65a28SEric Dumazet {
11770bc65a28SEric Dumazet .procname = "tcp_fack",
11780bc65a28SEric Dumazet .data = &init_net.ipv4.sysctl_tcp_fack,
11794ecc1bafSEric Dumazet .maxlen = sizeof(u8),
11800bc65a28SEric Dumazet .mode = 0644,
11814ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
11820bc65a28SEric Dumazet },
1183c6e21803SEric Dumazet {
1184c6e21803SEric Dumazet .procname = "tcp_max_reordering",
1185c6e21803SEric Dumazet .data = &init_net.ipv4.sysctl_tcp_max_reordering,
1186c6e21803SEric Dumazet .maxlen = sizeof(int),
1187c6e21803SEric Dumazet .mode = 0644,
1188c6e21803SEric Dumazet .proc_handler = proc_dointvec
1189c6e21803SEric Dumazet },
11906496f6bdSEric Dumazet {
11916496f6bdSEric Dumazet .procname = "tcp_dsack",
11926496f6bdSEric Dumazet .data = &init_net.ipv4.sysctl_tcp_dsack,
11934ecc1bafSEric Dumazet .maxlen = sizeof(u8),
11946496f6bdSEric Dumazet .mode = 0644,
11954ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
11966496f6bdSEric Dumazet },
11970c12654aSEric Dumazet {
11980c12654aSEric Dumazet .procname = "tcp_app_win",
11990c12654aSEric Dumazet .data = &init_net.ipv4.sysctl_tcp_app_win,
12004ecc1bafSEric Dumazet .maxlen = sizeof(u8),
12010c12654aSEric Dumazet .mode = 0644,
12024ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
1203dc5110c2SYueHaibing .extra1 = SYSCTL_ZERO,
1204dc5110c2SYueHaibing .extra2 = &tcp_app_win_max,
12050c12654aSEric Dumazet },
120694f0893eSEric Dumazet {
120794f0893eSEric Dumazet .procname = "tcp_adv_win_scale",
120894f0893eSEric Dumazet .data = &init_net.ipv4.sysctl_tcp_adv_win_scale,
120994f0893eSEric Dumazet .maxlen = sizeof(int),
121094f0893eSEric Dumazet .mode = 0644,
121194f0893eSEric Dumazet .proc_handler = proc_dointvec_minmax,
121294f0893eSEric Dumazet .extra1 = &tcp_adv_win_scale_min,
121394f0893eSEric Dumazet .extra2 = &tcp_adv_win_scale_max,
121494f0893eSEric Dumazet },
1215af9b69a7SEric Dumazet {
1216af9b69a7SEric Dumazet .procname = "tcp_frto",
1217af9b69a7SEric Dumazet .data = &init_net.ipv4.sysctl_tcp_frto,
12184ecc1bafSEric Dumazet .maxlen = sizeof(u8),
1219af9b69a7SEric Dumazet .mode = 0644,
12204ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
1221af9b69a7SEric Dumazet },
1222ec36e416SEric Dumazet {
1223ec36e416SEric Dumazet .procname = "tcp_no_metrics_save",
1224ec36e416SEric Dumazet .data = &init_net.ipv4.sysctl_tcp_nometrics_save,
12254ecc1bafSEric Dumazet .maxlen = sizeof(u8),
1226ec36e416SEric Dumazet .mode = 0644,
12274ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
1228ec36e416SEric Dumazet },
12294540c0cfSEric Dumazet {
123065e6d901SKevin(Yudong) Yang .procname = "tcp_no_ssthresh_metrics_save",
123165e6d901SKevin(Yudong) Yang .data = &init_net.ipv4.sysctl_tcp_no_ssthresh_metrics_save,
12324ecc1bafSEric Dumazet .maxlen = sizeof(u8),
123365e6d901SKevin(Yudong) Yang .mode = 0644,
12344ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
123565e6d901SKevin(Yudong) Yang .extra1 = SYSCTL_ZERO,
123665e6d901SKevin(Yudong) Yang .extra2 = SYSCTL_ONE,
123765e6d901SKevin(Yudong) Yang },
123865e6d901SKevin(Yudong) Yang {
12394540c0cfSEric Dumazet .procname = "tcp_moderate_rcvbuf",
12404540c0cfSEric Dumazet .data = &init_net.ipv4.sysctl_tcp_moderate_rcvbuf,
12414ecc1bafSEric Dumazet .maxlen = sizeof(u8),
12424540c0cfSEric Dumazet .mode = 0644,
12434ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
12444540c0cfSEric Dumazet },
1245d06a9904SEric Dumazet {
1246d06a9904SEric Dumazet .procname = "tcp_tso_win_divisor",
1247d06a9904SEric Dumazet .data = &init_net.ipv4.sysctl_tcp_tso_win_divisor,
12484ecc1bafSEric Dumazet .maxlen = sizeof(u8),
1249d06a9904SEric Dumazet .mode = 0644,
12504ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
1251d06a9904SEric Dumazet },
1252ceef9ab6SEric Dumazet {
1253ceef9ab6SEric Dumazet .procname = "tcp_workaround_signed_windows",
1254ceef9ab6SEric Dumazet .data = &init_net.ipv4.sysctl_tcp_workaround_signed_windows,
12554ecc1bafSEric Dumazet .maxlen = sizeof(u8),
1256ceef9ab6SEric Dumazet .mode = 0644,
12574ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
1258ceef9ab6SEric Dumazet },
12599184d8bbSEric Dumazet {
12609184d8bbSEric Dumazet .procname = "tcp_limit_output_bytes",
12619184d8bbSEric Dumazet .data = &init_net.ipv4.sysctl_tcp_limit_output_bytes,
12629184d8bbSEric Dumazet .maxlen = sizeof(int),
12639184d8bbSEric Dumazet .mode = 0644,
12649184d8bbSEric Dumazet .proc_handler = proc_dointvec
12659184d8bbSEric Dumazet },
1266b530b681SEric Dumazet {
1267b530b681SEric Dumazet .procname = "tcp_challenge_ack_limit",
1268b530b681SEric Dumazet .data = &init_net.ipv4.sysctl_tcp_challenge_ack_limit,
1269b530b681SEric Dumazet .maxlen = sizeof(int),
1270b530b681SEric Dumazet .mode = 0644,
1271b530b681SEric Dumazet .proc_handler = proc_dointvec
1272b530b681SEric Dumazet },
127326e9596eSEric Dumazet {
127426e9596eSEric Dumazet .procname = "tcp_min_tso_segs",
127526e9596eSEric Dumazet .data = &init_net.ipv4.sysctl_tcp_min_tso_segs,
12764ecc1bafSEric Dumazet .maxlen = sizeof(u8),
127726e9596eSEric Dumazet .mode = 0644,
12784ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
1279eec4844fSMatteo Croce .extra1 = SYSCTL_ONE,
128026e9596eSEric Dumazet },
1281bd239704SEric Dumazet {
128265466904SEric Dumazet .procname = "tcp_tso_rtt_log",
128365466904SEric Dumazet .data = &init_net.ipv4.sysctl_tcp_tso_rtt_log,
128465466904SEric Dumazet .maxlen = sizeof(u8),
128565466904SEric Dumazet .mode = 0644,
128665466904SEric Dumazet .proc_handler = proc_dou8vec_minmax,
128765466904SEric Dumazet },
128865466904SEric Dumazet {
1289bd239704SEric Dumazet .procname = "tcp_min_rtt_wlen",
1290bd239704SEric Dumazet .data = &init_net.ipv4.sysctl_tcp_min_rtt_wlen,
1291bd239704SEric Dumazet .maxlen = sizeof(int),
1292bd239704SEric Dumazet .mode = 0644,
129319fad20dSZhangXiaoxu .proc_handler = proc_dointvec_minmax,
1294eec4844fSMatteo Croce .extra1 = SYSCTL_ZERO,
129519fad20dSZhangXiaoxu .extra2 = &one_day_secs
1296bd239704SEric Dumazet },
1297790f00e1SEric Dumazet {
1298790f00e1SEric Dumazet .procname = "tcp_autocorking",
1299790f00e1SEric Dumazet .data = &init_net.ipv4.sysctl_tcp_autocorking,
13004ecc1bafSEric Dumazet .maxlen = sizeof(u8),
1301790f00e1SEric Dumazet .mode = 0644,
13024ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
1303eec4844fSMatteo Croce .extra1 = SYSCTL_ZERO,
1304eec4844fSMatteo Croce .extra2 = SYSCTL_ONE,
1305790f00e1SEric Dumazet },
13064170ba6bSEric Dumazet {
13074170ba6bSEric Dumazet .procname = "tcp_invalid_ratelimit",
13084170ba6bSEric Dumazet .data = &init_net.ipv4.sysctl_tcp_invalid_ratelimit,
13094170ba6bSEric Dumazet .maxlen = sizeof(int),
13104170ba6bSEric Dumazet .mode = 0644,
13114170ba6bSEric Dumazet .proc_handler = proc_dointvec_ms_jiffies,
13124170ba6bSEric Dumazet },
131323a7102aSEric Dumazet {
131423a7102aSEric Dumazet .procname = "tcp_pacing_ss_ratio",
131523a7102aSEric Dumazet .data = &init_net.ipv4.sysctl_tcp_pacing_ss_ratio,
131623a7102aSEric Dumazet .maxlen = sizeof(int),
131723a7102aSEric Dumazet .mode = 0644,
131823a7102aSEric Dumazet .proc_handler = proc_dointvec_minmax,
1319eec4844fSMatteo Croce .extra1 = SYSCTL_ZERO,
1320bd8a5367STonghao Zhang .extra2 = SYSCTL_ONE_THOUSAND,
132123a7102aSEric Dumazet },
1322c26e91f8SEric Dumazet {
1323c26e91f8SEric Dumazet .procname = "tcp_pacing_ca_ratio",
1324c26e91f8SEric Dumazet .data = &init_net.ipv4.sysctl_tcp_pacing_ca_ratio,
1325c26e91f8SEric Dumazet .maxlen = sizeof(int),
1326c26e91f8SEric Dumazet .mode = 0644,
1327c26e91f8SEric Dumazet .proc_handler = proc_dointvec_minmax,
1328eec4844fSMatteo Croce .extra1 = SYSCTL_ZERO,
1329bd8a5367STonghao Zhang .extra2 = SYSCTL_ONE_THOUSAND,
1330c26e91f8SEric Dumazet },
1331356d1833SEric Dumazet {
1332356d1833SEric Dumazet .procname = "tcp_wmem",
1333356d1833SEric Dumazet .data = &init_net.ipv4.sysctl_tcp_wmem,
1334356d1833SEric Dumazet .maxlen = sizeof(init_net.ipv4.sysctl_tcp_wmem),
1335356d1833SEric Dumazet .mode = 0644,
1336356d1833SEric Dumazet .proc_handler = proc_dointvec_minmax,
1337eec4844fSMatteo Croce .extra1 = SYSCTL_ONE,
1338356d1833SEric Dumazet },
1339356d1833SEric Dumazet {
1340356d1833SEric Dumazet .procname = "tcp_rmem",
1341356d1833SEric Dumazet .data = &init_net.ipv4.sysctl_tcp_rmem,
1342356d1833SEric Dumazet .maxlen = sizeof(init_net.ipv4.sysctl_tcp_rmem),
1343356d1833SEric Dumazet .mode = 0644,
1344356d1833SEric Dumazet .proc_handler = proc_dointvec_minmax,
1345eec4844fSMatteo Croce .extra1 = SYSCTL_ONE,
1346356d1833SEric Dumazet },
13471e802951STonghao Zhang {
13486d82aa24SEric Dumazet .procname = "tcp_comp_sack_delay_ns",
13496d82aa24SEric Dumazet .data = &init_net.ipv4.sysctl_tcp_comp_sack_delay_ns,
13506d82aa24SEric Dumazet .maxlen = sizeof(unsigned long),
13516d82aa24SEric Dumazet .mode = 0644,
13526d82aa24SEric Dumazet .proc_handler = proc_doulongvec_minmax,
13536d82aa24SEric Dumazet },
13546d82aa24SEric Dumazet {
1355a70437ccSEric Dumazet .procname = "tcp_comp_sack_slack_ns",
1356a70437ccSEric Dumazet .data = &init_net.ipv4.sysctl_tcp_comp_sack_slack_ns,
1357a70437ccSEric Dumazet .maxlen = sizeof(unsigned long),
1358a70437ccSEric Dumazet .mode = 0644,
1359a70437ccSEric Dumazet .proc_handler = proc_doulongvec_minmax,
1360a70437ccSEric Dumazet },
1361a70437ccSEric Dumazet {
13629c21d2fcSEric Dumazet .procname = "tcp_comp_sack_nr",
13639c21d2fcSEric Dumazet .data = &init_net.ipv4.sysctl_tcp_comp_sack_nr,
13641c3289c9SEric Dumazet .maxlen = sizeof(u8),
13659c21d2fcSEric Dumazet .mode = 0644,
13661c3289c9SEric Dumazet .proc_handler = proc_dou8vec_minmax,
1367eec4844fSMatteo Croce .extra1 = SYSCTL_ZERO,
13689c21d2fcSEric Dumazet },
13699c21d2fcSEric Dumazet {
1370ac8f1710SWei Wang .procname = "tcp_reflect_tos",
1371ac8f1710SWei Wang .data = &init_net.ipv4.sysctl_tcp_reflect_tos,
13724ecc1bafSEric Dumazet .maxlen = sizeof(u8),
1373ac8f1710SWei Wang .mode = 0644,
13744ecc1bafSEric Dumazet .proc_handler = proc_dou8vec_minmax,
1375ac8f1710SWei Wang .extra1 = SYSCTL_ZERO,
1376ac8f1710SWei Wang .extra2 = SYSCTL_ONE,
1377ac8f1710SWei Wang },
1378ac8f1710SWei Wang {
1379d1e5e640SKuniyuki Iwashima .procname = "tcp_ehash_entries",
1380d1e5e640SKuniyuki Iwashima .data = &init_net.ipv4.sysctl_tcp_child_ehash_entries,
1381d1e5e640SKuniyuki Iwashima .mode = 0444,
1382d1e5e640SKuniyuki Iwashima .proc_handler = proc_tcp_ehash_entries,
1383d1e5e640SKuniyuki Iwashima },
1384d1e5e640SKuniyuki Iwashima {
1385d1e5e640SKuniyuki Iwashima .procname = "tcp_child_ehash_entries",
1386d1e5e640SKuniyuki Iwashima .data = &init_net.ipv4.sysctl_tcp_child_ehash_entries,
1387d1e5e640SKuniyuki Iwashima .maxlen = sizeof(unsigned int),
1388d1e5e640SKuniyuki Iwashima .mode = 0644,
1389d1e5e640SKuniyuki Iwashima .proc_handler = proc_douintvec_minmax,
1390d1e5e640SKuniyuki Iwashima .extra1 = SYSCTL_ZERO,
1391d1e5e640SKuniyuki Iwashima .extra2 = &tcp_child_ehash_entries_max,
1392d1e5e640SKuniyuki Iwashima },
1393d1e5e640SKuniyuki Iwashima {
13949804985bSKuniyuki Iwashima .procname = "udp_hash_entries",
13959804985bSKuniyuki Iwashima .data = &init_net.ipv4.sysctl_udp_child_hash_entries,
13969804985bSKuniyuki Iwashima .mode = 0444,
13979804985bSKuniyuki Iwashima .proc_handler = proc_udp_hash_entries,
13989804985bSKuniyuki Iwashima },
13999804985bSKuniyuki Iwashima {
14009804985bSKuniyuki Iwashima .procname = "udp_child_hash_entries",
14019804985bSKuniyuki Iwashima .data = &init_net.ipv4.sysctl_udp_child_hash_entries,
14029804985bSKuniyuki Iwashima .maxlen = sizeof(unsigned int),
14039804985bSKuniyuki Iwashima .mode = 0644,
14049804985bSKuniyuki Iwashima .proc_handler = proc_douintvec_minmax,
14059804985bSKuniyuki Iwashima .extra1 = SYSCTL_ZERO,
14069804985bSKuniyuki Iwashima .extra2 = &udp_child_hash_entries_max,
14079804985bSKuniyuki Iwashima },
14089804985bSKuniyuki Iwashima {
14091e802951STonghao Zhang .procname = "udp_rmem_min",
14101e802951STonghao Zhang .data = &init_net.ipv4.sysctl_udp_rmem_min,
14111e802951STonghao Zhang .maxlen = sizeof(init_net.ipv4.sysctl_udp_rmem_min),
14121e802951STonghao Zhang .mode = 0644,
14131e802951STonghao Zhang .proc_handler = proc_dointvec_minmax,
1414eec4844fSMatteo Croce .extra1 = SYSCTL_ONE
14151e802951STonghao Zhang },
14161e802951STonghao Zhang {
14171e802951STonghao Zhang .procname = "udp_wmem_min",
14181e802951STonghao Zhang .data = &init_net.ipv4.sysctl_udp_wmem_min,
14191e802951STonghao Zhang .maxlen = sizeof(init_net.ipv4.sysctl_udp_wmem_min),
14201e802951STonghao Zhang .mode = 0644,
14211e802951STonghao Zhang .proc_handler = proc_dointvec_minmax,
1422eec4844fSMatteo Croce .extra1 = SYSCTL_ONE
14231e802951STonghao Zhang },
1424680aea08SAmit Cohen {
1425680aea08SAmit Cohen .procname = "fib_notify_on_flag_change",
1426680aea08SAmit Cohen .data = &init_net.ipv4.sysctl_fib_notify_on_flag_change,
1427b2908facSEric Dumazet .maxlen = sizeof(u8),
1428680aea08SAmit Cohen .mode = 0644,
1429b2908facSEric Dumazet .proc_handler = proc_dou8vec_minmax,
1430680aea08SAmit Cohen .extra1 = SYSCTL_ZERO,
1431bd8a5367STonghao Zhang .extra2 = SYSCTL_TWO,
1432680aea08SAmit Cohen },
1433bd456f28SMubashir Adnan Qureshi {
1434bd456f28SMubashir Adnan Qureshi .procname = "tcp_plb_enabled",
1435bd456f28SMubashir Adnan Qureshi .data = &init_net.ipv4.sysctl_tcp_plb_enabled,
1436bd456f28SMubashir Adnan Qureshi .maxlen = sizeof(u8),
1437bd456f28SMubashir Adnan Qureshi .mode = 0644,
1438bd456f28SMubashir Adnan Qureshi .proc_handler = proc_dou8vec_minmax,
1439bd456f28SMubashir Adnan Qureshi .extra1 = SYSCTL_ZERO,
1440bd456f28SMubashir Adnan Qureshi .extra2 = SYSCTL_ONE,
1441bd456f28SMubashir Adnan Qureshi },
1442bd456f28SMubashir Adnan Qureshi {
1443bd456f28SMubashir Adnan Qureshi .procname = "tcp_plb_idle_rehash_rounds",
1444bd456f28SMubashir Adnan Qureshi .data = &init_net.ipv4.sysctl_tcp_plb_idle_rehash_rounds,
1445bd456f28SMubashir Adnan Qureshi .maxlen = sizeof(u8),
1446bd456f28SMubashir Adnan Qureshi .mode = 0644,
1447bd456f28SMubashir Adnan Qureshi .proc_handler = proc_dou8vec_minmax,
1448bd456f28SMubashir Adnan Qureshi .extra2 = &tcp_plb_max_rounds,
1449bd456f28SMubashir Adnan Qureshi },
1450bd456f28SMubashir Adnan Qureshi {
1451bd456f28SMubashir Adnan Qureshi .procname = "tcp_plb_rehash_rounds",
1452bd456f28SMubashir Adnan Qureshi .data = &init_net.ipv4.sysctl_tcp_plb_rehash_rounds,
1453bd456f28SMubashir Adnan Qureshi .maxlen = sizeof(u8),
1454bd456f28SMubashir Adnan Qureshi .mode = 0644,
1455bd456f28SMubashir Adnan Qureshi .proc_handler = proc_dou8vec_minmax,
1456bd456f28SMubashir Adnan Qureshi .extra2 = &tcp_plb_max_rounds,
1457bd456f28SMubashir Adnan Qureshi },
1458bd456f28SMubashir Adnan Qureshi {
1459bd456f28SMubashir Adnan Qureshi .procname = "tcp_plb_suspend_rto_sec",
1460bd456f28SMubashir Adnan Qureshi .data = &init_net.ipv4.sysctl_tcp_plb_suspend_rto_sec,
1461bd456f28SMubashir Adnan Qureshi .maxlen = sizeof(u8),
1462bd456f28SMubashir Adnan Qureshi .mode = 0644,
1463bd456f28SMubashir Adnan Qureshi .proc_handler = proc_dou8vec_minmax,
1464bd456f28SMubashir Adnan Qureshi },
1465bd456f28SMubashir Adnan Qureshi {
1466bd456f28SMubashir Adnan Qureshi .procname = "tcp_plb_cong_thresh",
1467bd456f28SMubashir Adnan Qureshi .data = &init_net.ipv4.sysctl_tcp_plb_cong_thresh,
1468bd456f28SMubashir Adnan Qureshi .maxlen = sizeof(int),
1469bd456f28SMubashir Adnan Qureshi .mode = 0644,
1470bd456f28SMubashir Adnan Qureshi .proc_handler = proc_dointvec_minmax,
1471bd456f28SMubashir Adnan Qureshi .extra1 = SYSCTL_ZERO,
1472bd456f28SMubashir Adnan Qureshi .extra2 = &tcp_plb_max_cong_thresh,
1473bd456f28SMubashir Adnan Qureshi },
1474ccce324dSDavid Morley {
1475ccce324dSDavid Morley .procname = "tcp_syn_linear_timeouts",
1476ccce324dSDavid Morley .data = &init_net.ipv4.sysctl_tcp_syn_linear_timeouts,
1477ccce324dSDavid Morley .maxlen = sizeof(u8),
1478ccce324dSDavid Morley .mode = 0644,
1479ccce324dSDavid Morley .proc_handler = proc_dou8vec_minmax,
1480ccce324dSDavid Morley .extra1 = SYSCTL_ZERO,
1481ccce324dSDavid Morley .extra2 = &tcp_syn_linear_timeouts_max,
1482ccce324dSDavid Morley },
1483b650d953Smfreemon@cloudflare.com {
1484b650d953Smfreemon@cloudflare.com .procname = "tcp_shrink_window",
1485b650d953Smfreemon@cloudflare.com .data = &init_net.ipv4.sysctl_tcp_shrink_window,
1486b650d953Smfreemon@cloudflare.com .maxlen = sizeof(u8),
1487b650d953Smfreemon@cloudflare.com .mode = 0644,
1488b650d953Smfreemon@cloudflare.com .proc_handler = proc_dou8vec_minmax,
1489b650d953Smfreemon@cloudflare.com .extra1 = SYSCTL_ZERO,
1490b650d953Smfreemon@cloudflare.com .extra2 = SYSCTL_ONE,
1491b650d953Smfreemon@cloudflare.com },
149268528f09SPavel Emelyanov { }
149368528f09SPavel Emelyanov };
149468528f09SPavel Emelyanov
ipv4_sysctl_init_net(struct net * net)14951577519dSPavel Emelyanov static __net_init int ipv4_sysctl_init_net(struct net *net)
14961577519dSPavel Emelyanov {
149768528f09SPavel Emelyanov struct ctl_table *table;
149868528f09SPavel Emelyanov
149968528f09SPavel Emelyanov table = ipv4_net_table;
150009ad9bc7SOctavian Purdila if (!net_eq(net, &init_net)) {
15010a6fa23dSEric W. Biederman int i;
15020a6fa23dSEric W. Biederman
150368528f09SPavel Emelyanov table = kmemdup(table, sizeof(ipv4_net_table), GFP_KERNEL);
150451456b29SIan Morris if (!table)
150568528f09SPavel Emelyanov goto err_alloc;
150668528f09SPavel Emelyanov
1507e9bd0ccaSKuniyuki Iwashima for (i = 0; i < ARRAY_SIZE(ipv4_net_table) - 1; i++) {
150897684f09SJonathon Reinhart if (table[i].data) {
150997684f09SJonathon Reinhart /* Update the variables to point into
151097684f09SJonathon Reinhart * the current struct net
151197684f09SJonathon Reinhart */
15120a6fa23dSEric W. Biederman table[i].data += (void *)net - (void *)&init_net;
151397684f09SJonathon Reinhart } else {
151497684f09SJonathon Reinhart /* Entries without data pointer are global;
151597684f09SJonathon Reinhart * Make them read-only in non-init_net ns
151697684f09SJonathon Reinhart */
151797684f09SJonathon Reinhart table[i].mode &= ~0222;
151897684f09SJonathon Reinhart }
151997684f09SJonathon Reinhart }
152068528f09SPavel Emelyanov }
152168528f09SPavel Emelyanov
1522*c899710fSJoel Granados net->ipv4.ipv4_hdr = register_net_sysctl_sz(net, "net/ipv4", table,
1523*c899710fSJoel Granados ARRAY_SIZE(ipv4_net_table));
152451456b29SIan Morris if (!net->ipv4.ipv4_hdr)
152568528f09SPavel Emelyanov goto err_reg;
152668528f09SPavel Emelyanov
1527122ff243SWANG Cong net->ipv4.sysctl_local_reserved_ports = kzalloc(65536 / 8, GFP_KERNEL);
1528122ff243SWANG Cong if (!net->ipv4.sysctl_local_reserved_ports)
1529122ff243SWANG Cong goto err_ports;
1530122ff243SWANG Cong
15311577519dSPavel Emelyanov return 0;
153268528f09SPavel Emelyanov
1533122ff243SWANG Cong err_ports:
1534122ff243SWANG Cong unregister_net_sysctl_table(net->ipv4.ipv4_hdr);
153568528f09SPavel Emelyanov err_reg:
153609ad9bc7SOctavian Purdila if (!net_eq(net, &init_net))
153768528f09SPavel Emelyanov kfree(table);
153868528f09SPavel Emelyanov err_alloc:
153968528f09SPavel Emelyanov return -ENOMEM;
15401577519dSPavel Emelyanov }
15411577519dSPavel Emelyanov
ipv4_sysctl_exit_net(struct net * net)15421577519dSPavel Emelyanov static __net_exit void ipv4_sysctl_exit_net(struct net *net)
15431577519dSPavel Emelyanov {
154468528f09SPavel Emelyanov struct ctl_table *table;
154568528f09SPavel Emelyanov
1546122ff243SWANG Cong kfree(net->ipv4.sysctl_local_reserved_ports);
154768528f09SPavel Emelyanov table = net->ipv4.ipv4_hdr->ctl_table_arg;
154868528f09SPavel Emelyanov unregister_net_sysctl_table(net->ipv4.ipv4_hdr);
154968528f09SPavel Emelyanov kfree(table);
15501577519dSPavel Emelyanov }
15511577519dSPavel Emelyanov
15521577519dSPavel Emelyanov static __net_initdata struct pernet_operations ipv4_sysctl_ops = {
15531577519dSPavel Emelyanov .init = ipv4_sysctl_init_net,
15541577519dSPavel Emelyanov .exit = ipv4_sysctl_exit_net,
15551577519dSPavel Emelyanov };
15561577519dSPavel Emelyanov
sysctl_ipv4_init(void)15573e37c3f9SPavel Emelyanov static __init int sysctl_ipv4_init(void)
15583e37c3f9SPavel Emelyanov {
15593e37c3f9SPavel Emelyanov struct ctl_table_header *hdr;
15603e37c3f9SPavel Emelyanov
1561ec8f23ceSEric W. Biederman hdr = register_net_sysctl(&init_net, "net/ipv4", ipv4_table);
156251456b29SIan Morris if (!hdr)
15631577519dSPavel Emelyanov return -ENOMEM;
15641577519dSPavel Emelyanov
15651577519dSPavel Emelyanov if (register_pernet_subsys(&ipv4_sysctl_ops)) {
15665dd3df10SEric W. Biederman unregister_net_sysctl_table(hdr);
15671577519dSPavel Emelyanov return -ENOMEM;
15681577519dSPavel Emelyanov }
15691577519dSPavel Emelyanov
15701577519dSPavel Emelyanov return 0;
15713e37c3f9SPavel Emelyanov }
15723e37c3f9SPavel Emelyanov
15733e37c3f9SPavel Emelyanov __initcall(sysctl_ipv4_init);
1574