1 /* 2 * sysctl_net_ipv4.c: sysctl interface to net IPV4 subsystem. 3 * 4 * Begun April 1, 1996, Mike Shaver. 5 * Added /proc/sys/net/ipv4 directory entry (empty =) ). [MS] 6 */ 7 8 #include <linux/mm.h> 9 #include <linux/module.h> 10 #include <linux/sysctl.h> 11 #include <linux/igmp.h> 12 #include <linux/inetdevice.h> 13 #include <linux/seqlock.h> 14 #include <linux/init.h> 15 #include <net/snmp.h> 16 #include <net/icmp.h> 17 #include <net/ip.h> 18 #include <net/route.h> 19 #include <net/tcp.h> 20 #include <net/udp.h> 21 #include <net/cipso_ipv4.h> 22 #include <net/inet_frag.h> 23 24 static int zero; 25 static int tcp_retr1_max = 255; 26 static int ip_local_port_range_min[] = { 1, 1 }; 27 static int ip_local_port_range_max[] = { 65535, 65535 }; 28 29 /* Update system visible IP port range */ 30 static void set_local_port_range(int range[2]) 31 { 32 write_seqlock(&sysctl_local_ports.lock); 33 sysctl_local_ports.range[0] = range[0]; 34 sysctl_local_ports.range[1] = range[1]; 35 write_sequnlock(&sysctl_local_ports.lock); 36 } 37 38 /* Validate changes from /proc interface. */ 39 static int ipv4_local_port_range(ctl_table *table, int write, struct file *filp, 40 void __user *buffer, 41 size_t *lenp, loff_t *ppos) 42 { 43 int ret; 44 int range[2]; 45 ctl_table tmp = { 46 .data = &range, 47 .maxlen = sizeof(range), 48 .mode = table->mode, 49 .extra1 = &ip_local_port_range_min, 50 .extra2 = &ip_local_port_range_max, 51 }; 52 53 inet_get_local_port_range(range, range + 1); 54 ret = proc_dointvec_minmax(&tmp, write, filp, buffer, lenp, ppos); 55 56 if (write && ret == 0) { 57 if (range[1] < range[0]) 58 ret = -EINVAL; 59 else 60 set_local_port_range(range); 61 } 62 63 return ret; 64 } 65 66 /* Validate changes from sysctl interface. */ 67 static int ipv4_sysctl_local_port_range(ctl_table *table, 68 void __user *oldval, 69 size_t __user *oldlenp, 70 void __user *newval, size_t newlen) 71 { 72 int ret; 73 int range[2]; 74 ctl_table tmp = { 75 .data = &range, 76 .maxlen = sizeof(range), 77 .mode = table->mode, 78 .extra1 = &ip_local_port_range_min, 79 .extra2 = &ip_local_port_range_max, 80 }; 81 82 inet_get_local_port_range(range, range + 1); 83 ret = sysctl_intvec(&tmp, oldval, oldlenp, newval, newlen); 84 if (ret == 0 && newval && newlen) { 85 if (range[1] < range[0]) 86 ret = -EINVAL; 87 else 88 set_local_port_range(range); 89 } 90 return ret; 91 } 92 93 94 static int proc_tcp_congestion_control(ctl_table *ctl, int write, struct file * filp, 95 void __user *buffer, size_t *lenp, loff_t *ppos) 96 { 97 char val[TCP_CA_NAME_MAX]; 98 ctl_table tbl = { 99 .data = val, 100 .maxlen = TCP_CA_NAME_MAX, 101 }; 102 int ret; 103 104 tcp_get_default_congestion_control(val); 105 106 ret = proc_dostring(&tbl, write, filp, buffer, lenp, ppos); 107 if (write && ret == 0) 108 ret = tcp_set_default_congestion_control(val); 109 return ret; 110 } 111 112 static int sysctl_tcp_congestion_control(ctl_table *table, 113 void __user *oldval, 114 size_t __user *oldlenp, 115 void __user *newval, size_t newlen) 116 { 117 char val[TCP_CA_NAME_MAX]; 118 ctl_table tbl = { 119 .data = val, 120 .maxlen = TCP_CA_NAME_MAX, 121 }; 122 int ret; 123 124 tcp_get_default_congestion_control(val); 125 ret = sysctl_string(&tbl, oldval, oldlenp, newval, newlen); 126 if (ret == 1 && newval && newlen) 127 ret = tcp_set_default_congestion_control(val); 128 return ret; 129 } 130 131 static int proc_tcp_available_congestion_control(ctl_table *ctl, 132 int write, struct file * filp, 133 void __user *buffer, size_t *lenp, 134 loff_t *ppos) 135 { 136 ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX, }; 137 int ret; 138 139 tbl.data = kmalloc(tbl.maxlen, GFP_USER); 140 if (!tbl.data) 141 return -ENOMEM; 142 tcp_get_available_congestion_control(tbl.data, TCP_CA_BUF_MAX); 143 ret = proc_dostring(&tbl, write, filp, buffer, lenp, ppos); 144 kfree(tbl.data); 145 return ret; 146 } 147 148 static int proc_allowed_congestion_control(ctl_table *ctl, 149 int write, struct file * filp, 150 void __user *buffer, size_t *lenp, 151 loff_t *ppos) 152 { 153 ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX }; 154 int ret; 155 156 tbl.data = kmalloc(tbl.maxlen, GFP_USER); 157 if (!tbl.data) 158 return -ENOMEM; 159 160 tcp_get_allowed_congestion_control(tbl.data, tbl.maxlen); 161 ret = proc_dostring(&tbl, write, filp, buffer, lenp, ppos); 162 if (write && ret == 0) 163 ret = tcp_set_allowed_congestion_control(tbl.data); 164 kfree(tbl.data); 165 return ret; 166 } 167 168 static int strategy_allowed_congestion_control(ctl_table *table, 169 void __user *oldval, 170 size_t __user *oldlenp, 171 void __user *newval, 172 size_t newlen) 173 { 174 ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX }; 175 int ret; 176 177 tbl.data = kmalloc(tbl.maxlen, GFP_USER); 178 if (!tbl.data) 179 return -ENOMEM; 180 181 tcp_get_available_congestion_control(tbl.data, tbl.maxlen); 182 ret = sysctl_string(&tbl, oldval, oldlenp, newval, newlen); 183 if (ret == 1 && newval && newlen) 184 ret = tcp_set_allowed_congestion_control(tbl.data); 185 kfree(tbl.data); 186 187 return ret; 188 189 } 190 191 static struct ctl_table ipv4_table[] = { 192 { 193 .ctl_name = NET_IPV4_TCP_TIMESTAMPS, 194 .procname = "tcp_timestamps", 195 .data = &sysctl_tcp_timestamps, 196 .maxlen = sizeof(int), 197 .mode = 0644, 198 .proc_handler = proc_dointvec 199 }, 200 { 201 .ctl_name = NET_IPV4_TCP_WINDOW_SCALING, 202 .procname = "tcp_window_scaling", 203 .data = &sysctl_tcp_window_scaling, 204 .maxlen = sizeof(int), 205 .mode = 0644, 206 .proc_handler = proc_dointvec 207 }, 208 { 209 .ctl_name = NET_IPV4_TCP_SACK, 210 .procname = "tcp_sack", 211 .data = &sysctl_tcp_sack, 212 .maxlen = sizeof(int), 213 .mode = 0644, 214 .proc_handler = proc_dointvec 215 }, 216 { 217 .ctl_name = NET_IPV4_TCP_RETRANS_COLLAPSE, 218 .procname = "tcp_retrans_collapse", 219 .data = &sysctl_tcp_retrans_collapse, 220 .maxlen = sizeof(int), 221 .mode = 0644, 222 .proc_handler = proc_dointvec 223 }, 224 { 225 .ctl_name = NET_IPV4_DEFAULT_TTL, 226 .procname = "ip_default_ttl", 227 .data = &sysctl_ip_default_ttl, 228 .maxlen = sizeof(int), 229 .mode = 0644, 230 .proc_handler = ipv4_doint_and_flush, 231 .strategy = ipv4_doint_and_flush_strategy, 232 .extra2 = &init_net, 233 }, 234 { 235 .ctl_name = NET_IPV4_NO_PMTU_DISC, 236 .procname = "ip_no_pmtu_disc", 237 .data = &ipv4_config.no_pmtu_disc, 238 .maxlen = sizeof(int), 239 .mode = 0644, 240 .proc_handler = proc_dointvec 241 }, 242 { 243 .ctl_name = NET_IPV4_NONLOCAL_BIND, 244 .procname = "ip_nonlocal_bind", 245 .data = &sysctl_ip_nonlocal_bind, 246 .maxlen = sizeof(int), 247 .mode = 0644, 248 .proc_handler = proc_dointvec 249 }, 250 { 251 .ctl_name = NET_IPV4_TCP_SYN_RETRIES, 252 .procname = "tcp_syn_retries", 253 .data = &sysctl_tcp_syn_retries, 254 .maxlen = sizeof(int), 255 .mode = 0644, 256 .proc_handler = proc_dointvec 257 }, 258 { 259 .ctl_name = NET_TCP_SYNACK_RETRIES, 260 .procname = "tcp_synack_retries", 261 .data = &sysctl_tcp_synack_retries, 262 .maxlen = sizeof(int), 263 .mode = 0644, 264 .proc_handler = proc_dointvec 265 }, 266 { 267 .ctl_name = NET_TCP_MAX_ORPHANS, 268 .procname = "tcp_max_orphans", 269 .data = &sysctl_tcp_max_orphans, 270 .maxlen = sizeof(int), 271 .mode = 0644, 272 .proc_handler = proc_dointvec 273 }, 274 { 275 .ctl_name = NET_TCP_MAX_TW_BUCKETS, 276 .procname = "tcp_max_tw_buckets", 277 .data = &tcp_death_row.sysctl_max_tw_buckets, 278 .maxlen = sizeof(int), 279 .mode = 0644, 280 .proc_handler = proc_dointvec 281 }, 282 { 283 .ctl_name = NET_IPV4_DYNADDR, 284 .procname = "ip_dynaddr", 285 .data = &sysctl_ip_dynaddr, 286 .maxlen = sizeof(int), 287 .mode = 0644, 288 .proc_handler = proc_dointvec 289 }, 290 { 291 .ctl_name = NET_IPV4_TCP_KEEPALIVE_TIME, 292 .procname = "tcp_keepalive_time", 293 .data = &sysctl_tcp_keepalive_time, 294 .maxlen = sizeof(int), 295 .mode = 0644, 296 .proc_handler = proc_dointvec_jiffies, 297 .strategy = sysctl_jiffies 298 }, 299 { 300 .ctl_name = NET_IPV4_TCP_KEEPALIVE_PROBES, 301 .procname = "tcp_keepalive_probes", 302 .data = &sysctl_tcp_keepalive_probes, 303 .maxlen = sizeof(int), 304 .mode = 0644, 305 .proc_handler = proc_dointvec 306 }, 307 { 308 .ctl_name = NET_IPV4_TCP_KEEPALIVE_INTVL, 309 .procname = "tcp_keepalive_intvl", 310 .data = &sysctl_tcp_keepalive_intvl, 311 .maxlen = sizeof(int), 312 .mode = 0644, 313 .proc_handler = proc_dointvec_jiffies, 314 .strategy = sysctl_jiffies 315 }, 316 { 317 .ctl_name = NET_IPV4_TCP_RETRIES1, 318 .procname = "tcp_retries1", 319 .data = &sysctl_tcp_retries1, 320 .maxlen = sizeof(int), 321 .mode = 0644, 322 .proc_handler = proc_dointvec_minmax, 323 .strategy = sysctl_intvec, 324 .extra2 = &tcp_retr1_max 325 }, 326 { 327 .ctl_name = NET_IPV4_TCP_RETRIES2, 328 .procname = "tcp_retries2", 329 .data = &sysctl_tcp_retries2, 330 .maxlen = sizeof(int), 331 .mode = 0644, 332 .proc_handler = proc_dointvec 333 }, 334 { 335 .ctl_name = NET_IPV4_TCP_FIN_TIMEOUT, 336 .procname = "tcp_fin_timeout", 337 .data = &sysctl_tcp_fin_timeout, 338 .maxlen = sizeof(int), 339 .mode = 0644, 340 .proc_handler = proc_dointvec_jiffies, 341 .strategy = sysctl_jiffies 342 }, 343 #ifdef CONFIG_SYN_COOKIES 344 { 345 .ctl_name = NET_TCP_SYNCOOKIES, 346 .procname = "tcp_syncookies", 347 .data = &sysctl_tcp_syncookies, 348 .maxlen = sizeof(int), 349 .mode = 0644, 350 .proc_handler = proc_dointvec 351 }, 352 #endif 353 { 354 .ctl_name = NET_TCP_TW_RECYCLE, 355 .procname = "tcp_tw_recycle", 356 .data = &tcp_death_row.sysctl_tw_recycle, 357 .maxlen = sizeof(int), 358 .mode = 0644, 359 .proc_handler = proc_dointvec 360 }, 361 { 362 .ctl_name = NET_TCP_ABORT_ON_OVERFLOW, 363 .procname = "tcp_abort_on_overflow", 364 .data = &sysctl_tcp_abort_on_overflow, 365 .maxlen = sizeof(int), 366 .mode = 0644, 367 .proc_handler = proc_dointvec 368 }, 369 { 370 .ctl_name = NET_TCP_STDURG, 371 .procname = "tcp_stdurg", 372 .data = &sysctl_tcp_stdurg, 373 .maxlen = sizeof(int), 374 .mode = 0644, 375 .proc_handler = proc_dointvec 376 }, 377 { 378 .ctl_name = NET_TCP_RFC1337, 379 .procname = "tcp_rfc1337", 380 .data = &sysctl_tcp_rfc1337, 381 .maxlen = sizeof(int), 382 .mode = 0644, 383 .proc_handler = proc_dointvec 384 }, 385 { 386 .ctl_name = NET_TCP_MAX_SYN_BACKLOG, 387 .procname = "tcp_max_syn_backlog", 388 .data = &sysctl_max_syn_backlog, 389 .maxlen = sizeof(int), 390 .mode = 0644, 391 .proc_handler = proc_dointvec 392 }, 393 { 394 .ctl_name = NET_IPV4_LOCAL_PORT_RANGE, 395 .procname = "ip_local_port_range", 396 .data = &sysctl_local_ports.range, 397 .maxlen = sizeof(sysctl_local_ports.range), 398 .mode = 0644, 399 .proc_handler = ipv4_local_port_range, 400 .strategy = ipv4_sysctl_local_port_range, 401 }, 402 #ifdef CONFIG_IP_MULTICAST 403 { 404 .ctl_name = NET_IPV4_IGMP_MAX_MEMBERSHIPS, 405 .procname = "igmp_max_memberships", 406 .data = &sysctl_igmp_max_memberships, 407 .maxlen = sizeof(int), 408 .mode = 0644, 409 .proc_handler = proc_dointvec 410 }, 411 412 #endif 413 { 414 .ctl_name = NET_IPV4_IGMP_MAX_MSF, 415 .procname = "igmp_max_msf", 416 .data = &sysctl_igmp_max_msf, 417 .maxlen = sizeof(int), 418 .mode = 0644, 419 .proc_handler = proc_dointvec 420 }, 421 { 422 .ctl_name = NET_IPV4_INET_PEER_THRESHOLD, 423 .procname = "inet_peer_threshold", 424 .data = &inet_peer_threshold, 425 .maxlen = sizeof(int), 426 .mode = 0644, 427 .proc_handler = proc_dointvec 428 }, 429 { 430 .ctl_name = NET_IPV4_INET_PEER_MINTTL, 431 .procname = "inet_peer_minttl", 432 .data = &inet_peer_minttl, 433 .maxlen = sizeof(int), 434 .mode = 0644, 435 .proc_handler = proc_dointvec_jiffies, 436 .strategy = sysctl_jiffies 437 }, 438 { 439 .ctl_name = NET_IPV4_INET_PEER_MAXTTL, 440 .procname = "inet_peer_maxttl", 441 .data = &inet_peer_maxttl, 442 .maxlen = sizeof(int), 443 .mode = 0644, 444 .proc_handler = proc_dointvec_jiffies, 445 .strategy = sysctl_jiffies 446 }, 447 { 448 .ctl_name = NET_IPV4_INET_PEER_GC_MINTIME, 449 .procname = "inet_peer_gc_mintime", 450 .data = &inet_peer_gc_mintime, 451 .maxlen = sizeof(int), 452 .mode = 0644, 453 .proc_handler = proc_dointvec_jiffies, 454 .strategy = sysctl_jiffies 455 }, 456 { 457 .ctl_name = NET_IPV4_INET_PEER_GC_MAXTIME, 458 .procname = "inet_peer_gc_maxtime", 459 .data = &inet_peer_gc_maxtime, 460 .maxlen = sizeof(int), 461 .mode = 0644, 462 .proc_handler = proc_dointvec_jiffies, 463 .strategy = sysctl_jiffies 464 }, 465 { 466 .ctl_name = NET_TCP_ORPHAN_RETRIES, 467 .procname = "tcp_orphan_retries", 468 .data = &sysctl_tcp_orphan_retries, 469 .maxlen = sizeof(int), 470 .mode = 0644, 471 .proc_handler = proc_dointvec 472 }, 473 { 474 .ctl_name = NET_TCP_FACK, 475 .procname = "tcp_fack", 476 .data = &sysctl_tcp_fack, 477 .maxlen = sizeof(int), 478 .mode = 0644, 479 .proc_handler = proc_dointvec 480 }, 481 { 482 .ctl_name = NET_TCP_REORDERING, 483 .procname = "tcp_reordering", 484 .data = &sysctl_tcp_reordering, 485 .maxlen = sizeof(int), 486 .mode = 0644, 487 .proc_handler = proc_dointvec 488 }, 489 { 490 .ctl_name = NET_TCP_ECN, 491 .procname = "tcp_ecn", 492 .data = &sysctl_tcp_ecn, 493 .maxlen = sizeof(int), 494 .mode = 0644, 495 .proc_handler = proc_dointvec 496 }, 497 { 498 .ctl_name = NET_TCP_DSACK, 499 .procname = "tcp_dsack", 500 .data = &sysctl_tcp_dsack, 501 .maxlen = sizeof(int), 502 .mode = 0644, 503 .proc_handler = proc_dointvec 504 }, 505 { 506 .ctl_name = NET_TCP_MEM, 507 .procname = "tcp_mem", 508 .data = &sysctl_tcp_mem, 509 .maxlen = sizeof(sysctl_tcp_mem), 510 .mode = 0644, 511 .proc_handler = proc_dointvec 512 }, 513 { 514 .ctl_name = NET_TCP_WMEM, 515 .procname = "tcp_wmem", 516 .data = &sysctl_tcp_wmem, 517 .maxlen = sizeof(sysctl_tcp_wmem), 518 .mode = 0644, 519 .proc_handler = proc_dointvec 520 }, 521 { 522 .ctl_name = NET_TCP_RMEM, 523 .procname = "tcp_rmem", 524 .data = &sysctl_tcp_rmem, 525 .maxlen = sizeof(sysctl_tcp_rmem), 526 .mode = 0644, 527 .proc_handler = proc_dointvec 528 }, 529 { 530 .ctl_name = NET_TCP_APP_WIN, 531 .procname = "tcp_app_win", 532 .data = &sysctl_tcp_app_win, 533 .maxlen = sizeof(int), 534 .mode = 0644, 535 .proc_handler = proc_dointvec 536 }, 537 { 538 .ctl_name = NET_TCP_ADV_WIN_SCALE, 539 .procname = "tcp_adv_win_scale", 540 .data = &sysctl_tcp_adv_win_scale, 541 .maxlen = sizeof(int), 542 .mode = 0644, 543 .proc_handler = proc_dointvec 544 }, 545 { 546 .ctl_name = NET_TCP_TW_REUSE, 547 .procname = "tcp_tw_reuse", 548 .data = &sysctl_tcp_tw_reuse, 549 .maxlen = sizeof(int), 550 .mode = 0644, 551 .proc_handler = proc_dointvec 552 }, 553 { 554 .ctl_name = NET_TCP_FRTO, 555 .procname = "tcp_frto", 556 .data = &sysctl_tcp_frto, 557 .maxlen = sizeof(int), 558 .mode = 0644, 559 .proc_handler = proc_dointvec 560 }, 561 { 562 .ctl_name = NET_TCP_FRTO_RESPONSE, 563 .procname = "tcp_frto_response", 564 .data = &sysctl_tcp_frto_response, 565 .maxlen = sizeof(int), 566 .mode = 0644, 567 .proc_handler = proc_dointvec 568 }, 569 { 570 .ctl_name = NET_TCP_LOW_LATENCY, 571 .procname = "tcp_low_latency", 572 .data = &sysctl_tcp_low_latency, 573 .maxlen = sizeof(int), 574 .mode = 0644, 575 .proc_handler = proc_dointvec 576 }, 577 { 578 .ctl_name = NET_TCP_NO_METRICS_SAVE, 579 .procname = "tcp_no_metrics_save", 580 .data = &sysctl_tcp_nometrics_save, 581 .maxlen = sizeof(int), 582 .mode = 0644, 583 .proc_handler = proc_dointvec, 584 }, 585 { 586 .ctl_name = NET_TCP_MODERATE_RCVBUF, 587 .procname = "tcp_moderate_rcvbuf", 588 .data = &sysctl_tcp_moderate_rcvbuf, 589 .maxlen = sizeof(int), 590 .mode = 0644, 591 .proc_handler = proc_dointvec, 592 }, 593 { 594 .ctl_name = NET_TCP_TSO_WIN_DIVISOR, 595 .procname = "tcp_tso_win_divisor", 596 .data = &sysctl_tcp_tso_win_divisor, 597 .maxlen = sizeof(int), 598 .mode = 0644, 599 .proc_handler = proc_dointvec, 600 }, 601 { 602 .ctl_name = NET_TCP_CONG_CONTROL, 603 .procname = "tcp_congestion_control", 604 .mode = 0644, 605 .maxlen = TCP_CA_NAME_MAX, 606 .proc_handler = proc_tcp_congestion_control, 607 .strategy = sysctl_tcp_congestion_control, 608 }, 609 { 610 .ctl_name = NET_TCP_ABC, 611 .procname = "tcp_abc", 612 .data = &sysctl_tcp_abc, 613 .maxlen = sizeof(int), 614 .mode = 0644, 615 .proc_handler = proc_dointvec, 616 }, 617 { 618 .ctl_name = NET_TCP_MTU_PROBING, 619 .procname = "tcp_mtu_probing", 620 .data = &sysctl_tcp_mtu_probing, 621 .maxlen = sizeof(int), 622 .mode = 0644, 623 .proc_handler = proc_dointvec, 624 }, 625 { 626 .ctl_name = NET_TCP_BASE_MSS, 627 .procname = "tcp_base_mss", 628 .data = &sysctl_tcp_base_mss, 629 .maxlen = sizeof(int), 630 .mode = 0644, 631 .proc_handler = proc_dointvec, 632 }, 633 { 634 .ctl_name = NET_IPV4_TCP_WORKAROUND_SIGNED_WINDOWS, 635 .procname = "tcp_workaround_signed_windows", 636 .data = &sysctl_tcp_workaround_signed_windows, 637 .maxlen = sizeof(int), 638 .mode = 0644, 639 .proc_handler = proc_dointvec 640 }, 641 #ifdef CONFIG_NET_DMA 642 { 643 .ctl_name = NET_TCP_DMA_COPYBREAK, 644 .procname = "tcp_dma_copybreak", 645 .data = &sysctl_tcp_dma_copybreak, 646 .maxlen = sizeof(int), 647 .mode = 0644, 648 .proc_handler = proc_dointvec 649 }, 650 #endif 651 { 652 .ctl_name = NET_TCP_SLOW_START_AFTER_IDLE, 653 .procname = "tcp_slow_start_after_idle", 654 .data = &sysctl_tcp_slow_start_after_idle, 655 .maxlen = sizeof(int), 656 .mode = 0644, 657 .proc_handler = proc_dointvec 658 }, 659 #ifdef CONFIG_NETLABEL 660 { 661 .ctl_name = NET_CIPSOV4_CACHE_ENABLE, 662 .procname = "cipso_cache_enable", 663 .data = &cipso_v4_cache_enabled, 664 .maxlen = sizeof(int), 665 .mode = 0644, 666 .proc_handler = proc_dointvec, 667 }, 668 { 669 .ctl_name = NET_CIPSOV4_CACHE_BUCKET_SIZE, 670 .procname = "cipso_cache_bucket_size", 671 .data = &cipso_v4_cache_bucketsize, 672 .maxlen = sizeof(int), 673 .mode = 0644, 674 .proc_handler = proc_dointvec, 675 }, 676 { 677 .ctl_name = NET_CIPSOV4_RBM_OPTFMT, 678 .procname = "cipso_rbm_optfmt", 679 .data = &cipso_v4_rbm_optfmt, 680 .maxlen = sizeof(int), 681 .mode = 0644, 682 .proc_handler = proc_dointvec, 683 }, 684 { 685 .ctl_name = NET_CIPSOV4_RBM_STRICTVALID, 686 .procname = "cipso_rbm_strictvalid", 687 .data = &cipso_v4_rbm_strictvalid, 688 .maxlen = sizeof(int), 689 .mode = 0644, 690 .proc_handler = proc_dointvec, 691 }, 692 #endif /* CONFIG_NETLABEL */ 693 { 694 .procname = "tcp_available_congestion_control", 695 .maxlen = TCP_CA_BUF_MAX, 696 .mode = 0444, 697 .proc_handler = proc_tcp_available_congestion_control, 698 }, 699 { 700 .ctl_name = NET_TCP_ALLOWED_CONG_CONTROL, 701 .procname = "tcp_allowed_congestion_control", 702 .maxlen = TCP_CA_BUF_MAX, 703 .mode = 0644, 704 .proc_handler = proc_allowed_congestion_control, 705 .strategy = strategy_allowed_congestion_control, 706 }, 707 { 708 .ctl_name = NET_TCP_MAX_SSTHRESH, 709 .procname = "tcp_max_ssthresh", 710 .data = &sysctl_tcp_max_ssthresh, 711 .maxlen = sizeof(int), 712 .mode = 0644, 713 .proc_handler = proc_dointvec, 714 }, 715 { 716 .ctl_name = CTL_UNNUMBERED, 717 .procname = "udp_mem", 718 .data = &sysctl_udp_mem, 719 .maxlen = sizeof(sysctl_udp_mem), 720 .mode = 0644, 721 .proc_handler = proc_dointvec_minmax, 722 .strategy = sysctl_intvec, 723 .extra1 = &zero 724 }, 725 { 726 .ctl_name = CTL_UNNUMBERED, 727 .procname = "udp_rmem_min", 728 .data = &sysctl_udp_rmem_min, 729 .maxlen = sizeof(sysctl_udp_rmem_min), 730 .mode = 0644, 731 .proc_handler = proc_dointvec_minmax, 732 .strategy = sysctl_intvec, 733 .extra1 = &zero 734 }, 735 { 736 .ctl_name = CTL_UNNUMBERED, 737 .procname = "udp_wmem_min", 738 .data = &sysctl_udp_wmem_min, 739 .maxlen = sizeof(sysctl_udp_wmem_min), 740 .mode = 0644, 741 .proc_handler = proc_dointvec_minmax, 742 .strategy = sysctl_intvec, 743 .extra1 = &zero 744 }, 745 { .ctl_name = 0 } 746 }; 747 748 static struct ctl_table ipv4_net_table[] = { 749 { 750 .ctl_name = NET_IPV4_ICMP_ECHO_IGNORE_ALL, 751 .procname = "icmp_echo_ignore_all", 752 .data = &init_net.ipv4.sysctl_icmp_echo_ignore_all, 753 .maxlen = sizeof(int), 754 .mode = 0644, 755 .proc_handler = proc_dointvec 756 }, 757 { 758 .ctl_name = NET_IPV4_ICMP_ECHO_IGNORE_BROADCASTS, 759 .procname = "icmp_echo_ignore_broadcasts", 760 .data = &init_net.ipv4.sysctl_icmp_echo_ignore_broadcasts, 761 .maxlen = sizeof(int), 762 .mode = 0644, 763 .proc_handler = proc_dointvec 764 }, 765 { 766 .ctl_name = NET_IPV4_ICMP_IGNORE_BOGUS_ERROR_RESPONSES, 767 .procname = "icmp_ignore_bogus_error_responses", 768 .data = &init_net.ipv4.sysctl_icmp_ignore_bogus_error_responses, 769 .maxlen = sizeof(int), 770 .mode = 0644, 771 .proc_handler = proc_dointvec 772 }, 773 { 774 .ctl_name = NET_IPV4_ICMP_ERRORS_USE_INBOUND_IFADDR, 775 .procname = "icmp_errors_use_inbound_ifaddr", 776 .data = &init_net.ipv4.sysctl_icmp_errors_use_inbound_ifaddr, 777 .maxlen = sizeof(int), 778 .mode = 0644, 779 .proc_handler = proc_dointvec 780 }, 781 { 782 .ctl_name = NET_IPV4_ICMP_RATELIMIT, 783 .procname = "icmp_ratelimit", 784 .data = &init_net.ipv4.sysctl_icmp_ratelimit, 785 .maxlen = sizeof(int), 786 .mode = 0644, 787 .proc_handler = proc_dointvec_ms_jiffies, 788 .strategy = sysctl_ms_jiffies 789 }, 790 { 791 .ctl_name = NET_IPV4_ICMP_RATEMASK, 792 .procname = "icmp_ratemask", 793 .data = &init_net.ipv4.sysctl_icmp_ratemask, 794 .maxlen = sizeof(int), 795 .mode = 0644, 796 .proc_handler = proc_dointvec 797 }, 798 { 799 .ctl_name = CTL_UNNUMBERED, 800 .procname = "rt_cache_rebuild_count", 801 .data = &init_net.ipv4.sysctl_rt_cache_rebuild_count, 802 .maxlen = sizeof(int), 803 .mode = 0644, 804 .proc_handler = proc_dointvec 805 }, 806 { } 807 }; 808 809 struct ctl_path net_ipv4_ctl_path[] = { 810 { .procname = "net", .ctl_name = CTL_NET, }, 811 { .procname = "ipv4", .ctl_name = NET_IPV4, }, 812 { }, 813 }; 814 EXPORT_SYMBOL_GPL(net_ipv4_ctl_path); 815 816 static __net_init int ipv4_sysctl_init_net(struct net *net) 817 { 818 struct ctl_table *table; 819 820 table = ipv4_net_table; 821 if (net != &init_net) { 822 table = kmemdup(table, sizeof(ipv4_net_table), GFP_KERNEL); 823 if (table == NULL) 824 goto err_alloc; 825 826 table[0].data = 827 &net->ipv4.sysctl_icmp_echo_ignore_all; 828 table[1].data = 829 &net->ipv4.sysctl_icmp_echo_ignore_broadcasts; 830 table[2].data = 831 &net->ipv4.sysctl_icmp_ignore_bogus_error_responses; 832 table[3].data = 833 &net->ipv4.sysctl_icmp_errors_use_inbound_ifaddr; 834 table[4].data = 835 &net->ipv4.sysctl_icmp_ratelimit; 836 table[5].data = 837 &net->ipv4.sysctl_icmp_ratemask; 838 table[6].data = 839 &net->ipv4.sysctl_rt_cache_rebuild_count; 840 } 841 842 net->ipv4.sysctl_rt_cache_rebuild_count = 4; 843 844 net->ipv4.ipv4_hdr = register_net_sysctl_table(net, 845 net_ipv4_ctl_path, table); 846 if (net->ipv4.ipv4_hdr == NULL) 847 goto err_reg; 848 849 return 0; 850 851 err_reg: 852 if (net != &init_net) 853 kfree(table); 854 err_alloc: 855 return -ENOMEM; 856 } 857 858 static __net_exit void ipv4_sysctl_exit_net(struct net *net) 859 { 860 struct ctl_table *table; 861 862 table = net->ipv4.ipv4_hdr->ctl_table_arg; 863 unregister_net_sysctl_table(net->ipv4.ipv4_hdr); 864 kfree(table); 865 } 866 867 static __net_initdata struct pernet_operations ipv4_sysctl_ops = { 868 .init = ipv4_sysctl_init_net, 869 .exit = ipv4_sysctl_exit_net, 870 }; 871 872 static __init int sysctl_ipv4_init(void) 873 { 874 struct ctl_table_header *hdr; 875 876 hdr = register_sysctl_paths(net_ipv4_ctl_path, ipv4_table); 877 if (hdr == NULL) 878 return -ENOMEM; 879 880 if (register_pernet_subsys(&ipv4_sysctl_ops)) { 881 unregister_sysctl_table(hdr); 882 return -ENOMEM; 883 } 884 885 return 0; 886 } 887 888 __initcall(sysctl_ipv4_init); 889