1 /* 2 * sysctl_net_ipv4.c: sysctl interface to net IPV4 subsystem. 3 * 4 * $Id: sysctl_net_ipv4.c,v 1.50 2001/10/20 00:00:11 davem Exp $ 5 * 6 * Begun April 1, 1996, Mike Shaver. 7 * Added /proc/sys/net/ipv4 directory entry (empty =) ). [MS] 8 */ 9 10 #include <linux/mm.h> 11 #include <linux/module.h> 12 #include <linux/sysctl.h> 13 #include <linux/igmp.h> 14 #include <linux/inetdevice.h> 15 #include <linux/seqlock.h> 16 #include <linux/init.h> 17 #include <net/snmp.h> 18 #include <net/icmp.h> 19 #include <net/ip.h> 20 #include <net/route.h> 21 #include <net/tcp.h> 22 #include <net/udp.h> 23 #include <net/cipso_ipv4.h> 24 #include <net/inet_frag.h> 25 26 static int zero; 27 static int tcp_retr1_max = 255; 28 static int ip_local_port_range_min[] = { 1, 1 }; 29 static int ip_local_port_range_max[] = { 65535, 65535 }; 30 31 extern seqlock_t sysctl_port_range_lock; 32 extern int sysctl_local_port_range[2]; 33 34 /* Update system visible IP port range */ 35 static void set_local_port_range(int range[2]) 36 { 37 write_seqlock(&sysctl_port_range_lock); 38 sysctl_local_port_range[0] = range[0]; 39 sysctl_local_port_range[1] = range[1]; 40 write_sequnlock(&sysctl_port_range_lock); 41 } 42 43 /* Validate changes from /proc interface. */ 44 static int ipv4_local_port_range(ctl_table *table, int write, struct file *filp, 45 void __user *buffer, 46 size_t *lenp, loff_t *ppos) 47 { 48 int ret; 49 int range[2] = { sysctl_local_port_range[0], 50 sysctl_local_port_range[1] }; 51 ctl_table tmp = { 52 .data = &range, 53 .maxlen = sizeof(range), 54 .mode = table->mode, 55 .extra1 = &ip_local_port_range_min, 56 .extra2 = &ip_local_port_range_max, 57 }; 58 59 ret = proc_dointvec_minmax(&tmp, write, filp, buffer, lenp, ppos); 60 61 if (write && ret == 0) { 62 if (range[1] < range[0]) 63 ret = -EINVAL; 64 else 65 set_local_port_range(range); 66 } 67 68 return ret; 69 } 70 71 /* Validate changes from sysctl interface. */ 72 static int ipv4_sysctl_local_port_range(ctl_table *table, int __user *name, 73 int nlen, void __user *oldval, 74 size_t __user *oldlenp, 75 void __user *newval, size_t newlen) 76 { 77 int ret; 78 int range[2] = { sysctl_local_port_range[0], 79 sysctl_local_port_range[1] }; 80 ctl_table tmp = { 81 .data = &range, 82 .maxlen = sizeof(range), 83 .mode = table->mode, 84 .extra1 = &ip_local_port_range_min, 85 .extra2 = &ip_local_port_range_max, 86 }; 87 88 ret = sysctl_intvec(&tmp, name, nlen, oldval, oldlenp, newval, newlen); 89 if (ret == 0 && newval && newlen) { 90 if (range[1] < range[0]) 91 ret = -EINVAL; 92 else 93 set_local_port_range(range); 94 } 95 return ret; 96 } 97 98 99 static int proc_tcp_congestion_control(ctl_table *ctl, int write, struct file * filp, 100 void __user *buffer, size_t *lenp, loff_t *ppos) 101 { 102 char val[TCP_CA_NAME_MAX]; 103 ctl_table tbl = { 104 .data = val, 105 .maxlen = TCP_CA_NAME_MAX, 106 }; 107 int ret; 108 109 tcp_get_default_congestion_control(val); 110 111 ret = proc_dostring(&tbl, write, filp, buffer, lenp, ppos); 112 if (write && ret == 0) 113 ret = tcp_set_default_congestion_control(val); 114 return ret; 115 } 116 117 static int sysctl_tcp_congestion_control(ctl_table *table, int __user *name, 118 int nlen, void __user *oldval, 119 size_t __user *oldlenp, 120 void __user *newval, size_t newlen) 121 { 122 char val[TCP_CA_NAME_MAX]; 123 ctl_table tbl = { 124 .data = val, 125 .maxlen = TCP_CA_NAME_MAX, 126 }; 127 int ret; 128 129 tcp_get_default_congestion_control(val); 130 ret = sysctl_string(&tbl, name, nlen, oldval, oldlenp, newval, newlen); 131 if (ret == 1 && newval && newlen) 132 ret = tcp_set_default_congestion_control(val); 133 return ret; 134 } 135 136 static int proc_tcp_available_congestion_control(ctl_table *ctl, 137 int write, struct file * filp, 138 void __user *buffer, size_t *lenp, 139 loff_t *ppos) 140 { 141 ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX, }; 142 int ret; 143 144 tbl.data = kmalloc(tbl.maxlen, GFP_USER); 145 if (!tbl.data) 146 return -ENOMEM; 147 tcp_get_available_congestion_control(tbl.data, TCP_CA_BUF_MAX); 148 ret = proc_dostring(&tbl, write, filp, buffer, lenp, ppos); 149 kfree(tbl.data); 150 return ret; 151 } 152 153 static int proc_allowed_congestion_control(ctl_table *ctl, 154 int write, struct file * filp, 155 void __user *buffer, size_t *lenp, 156 loff_t *ppos) 157 { 158 ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX }; 159 int ret; 160 161 tbl.data = kmalloc(tbl.maxlen, GFP_USER); 162 if (!tbl.data) 163 return -ENOMEM; 164 165 tcp_get_allowed_congestion_control(tbl.data, tbl.maxlen); 166 ret = proc_dostring(&tbl, write, filp, buffer, lenp, ppos); 167 if (write && ret == 0) 168 ret = tcp_set_allowed_congestion_control(tbl.data); 169 kfree(tbl.data); 170 return ret; 171 } 172 173 static int strategy_allowed_congestion_control(ctl_table *table, int __user *name, 174 int nlen, void __user *oldval, 175 size_t __user *oldlenp, 176 void __user *newval, 177 size_t newlen) 178 { 179 ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX }; 180 int ret; 181 182 tbl.data = kmalloc(tbl.maxlen, GFP_USER); 183 if (!tbl.data) 184 return -ENOMEM; 185 186 tcp_get_available_congestion_control(tbl.data, tbl.maxlen); 187 ret = sysctl_string(&tbl, name, nlen, oldval, oldlenp, newval, newlen); 188 if (ret == 1 && newval && newlen) 189 ret = tcp_set_allowed_congestion_control(tbl.data); 190 kfree(tbl.data); 191 192 return ret; 193 194 } 195 196 static struct ctl_table ipv4_table[] = { 197 { 198 .ctl_name = NET_IPV4_TCP_TIMESTAMPS, 199 .procname = "tcp_timestamps", 200 .data = &sysctl_tcp_timestamps, 201 .maxlen = sizeof(int), 202 .mode = 0644, 203 .proc_handler = &proc_dointvec 204 }, 205 { 206 .ctl_name = NET_IPV4_TCP_WINDOW_SCALING, 207 .procname = "tcp_window_scaling", 208 .data = &sysctl_tcp_window_scaling, 209 .maxlen = sizeof(int), 210 .mode = 0644, 211 .proc_handler = &proc_dointvec 212 }, 213 { 214 .ctl_name = NET_IPV4_TCP_SACK, 215 .procname = "tcp_sack", 216 .data = &sysctl_tcp_sack, 217 .maxlen = sizeof(int), 218 .mode = 0644, 219 .proc_handler = &proc_dointvec 220 }, 221 { 222 .ctl_name = NET_IPV4_TCP_RETRANS_COLLAPSE, 223 .procname = "tcp_retrans_collapse", 224 .data = &sysctl_tcp_retrans_collapse, 225 .maxlen = sizeof(int), 226 .mode = 0644, 227 .proc_handler = &proc_dointvec 228 }, 229 { 230 .ctl_name = NET_IPV4_DEFAULT_TTL, 231 .procname = "ip_default_ttl", 232 .data = &sysctl_ip_default_ttl, 233 .maxlen = sizeof(int), 234 .mode = 0644, 235 .proc_handler = &ipv4_doint_and_flush, 236 .strategy = &ipv4_doint_and_flush_strategy, 237 }, 238 { 239 .ctl_name = NET_IPV4_NO_PMTU_DISC, 240 .procname = "ip_no_pmtu_disc", 241 .data = &ipv4_config.no_pmtu_disc, 242 .maxlen = sizeof(int), 243 .mode = 0644, 244 .proc_handler = &proc_dointvec 245 }, 246 { 247 .ctl_name = NET_IPV4_NONLOCAL_BIND, 248 .procname = "ip_nonlocal_bind", 249 .data = &sysctl_ip_nonlocal_bind, 250 .maxlen = sizeof(int), 251 .mode = 0644, 252 .proc_handler = &proc_dointvec 253 }, 254 { 255 .ctl_name = NET_IPV4_TCP_SYN_RETRIES, 256 .procname = "tcp_syn_retries", 257 .data = &sysctl_tcp_syn_retries, 258 .maxlen = sizeof(int), 259 .mode = 0644, 260 .proc_handler = &proc_dointvec 261 }, 262 { 263 .ctl_name = NET_TCP_SYNACK_RETRIES, 264 .procname = "tcp_synack_retries", 265 .data = &sysctl_tcp_synack_retries, 266 .maxlen = sizeof(int), 267 .mode = 0644, 268 .proc_handler = &proc_dointvec 269 }, 270 { 271 .ctl_name = NET_TCP_MAX_ORPHANS, 272 .procname = "tcp_max_orphans", 273 .data = &sysctl_tcp_max_orphans, 274 .maxlen = sizeof(int), 275 .mode = 0644, 276 .proc_handler = &proc_dointvec 277 }, 278 { 279 .ctl_name = NET_TCP_MAX_TW_BUCKETS, 280 .procname = "tcp_max_tw_buckets", 281 .data = &tcp_death_row.sysctl_max_tw_buckets, 282 .maxlen = sizeof(int), 283 .mode = 0644, 284 .proc_handler = &proc_dointvec 285 }, 286 { 287 .ctl_name = NET_IPV4_DYNADDR, 288 .procname = "ip_dynaddr", 289 .data = &sysctl_ip_dynaddr, 290 .maxlen = sizeof(int), 291 .mode = 0644, 292 .proc_handler = &proc_dointvec 293 }, 294 { 295 .ctl_name = NET_IPV4_TCP_KEEPALIVE_TIME, 296 .procname = "tcp_keepalive_time", 297 .data = &sysctl_tcp_keepalive_time, 298 .maxlen = sizeof(int), 299 .mode = 0644, 300 .proc_handler = &proc_dointvec_jiffies, 301 .strategy = &sysctl_jiffies 302 }, 303 { 304 .ctl_name = NET_IPV4_TCP_KEEPALIVE_PROBES, 305 .procname = "tcp_keepalive_probes", 306 .data = &sysctl_tcp_keepalive_probes, 307 .maxlen = sizeof(int), 308 .mode = 0644, 309 .proc_handler = &proc_dointvec 310 }, 311 { 312 .ctl_name = NET_IPV4_TCP_KEEPALIVE_INTVL, 313 .procname = "tcp_keepalive_intvl", 314 .data = &sysctl_tcp_keepalive_intvl, 315 .maxlen = sizeof(int), 316 .mode = 0644, 317 .proc_handler = &proc_dointvec_jiffies, 318 .strategy = &sysctl_jiffies 319 }, 320 { 321 .ctl_name = NET_IPV4_TCP_RETRIES1, 322 .procname = "tcp_retries1", 323 .data = &sysctl_tcp_retries1, 324 .maxlen = sizeof(int), 325 .mode = 0644, 326 .proc_handler = &proc_dointvec_minmax, 327 .strategy = &sysctl_intvec, 328 .extra2 = &tcp_retr1_max 329 }, 330 { 331 .ctl_name = NET_IPV4_TCP_RETRIES2, 332 .procname = "tcp_retries2", 333 .data = &sysctl_tcp_retries2, 334 .maxlen = sizeof(int), 335 .mode = 0644, 336 .proc_handler = &proc_dointvec 337 }, 338 { 339 .ctl_name = NET_IPV4_TCP_FIN_TIMEOUT, 340 .procname = "tcp_fin_timeout", 341 .data = &sysctl_tcp_fin_timeout, 342 .maxlen = sizeof(int), 343 .mode = 0644, 344 .proc_handler = &proc_dointvec_jiffies, 345 .strategy = &sysctl_jiffies 346 }, 347 #ifdef CONFIG_SYN_COOKIES 348 { 349 .ctl_name = NET_TCP_SYNCOOKIES, 350 .procname = "tcp_syncookies", 351 .data = &sysctl_tcp_syncookies, 352 .maxlen = sizeof(int), 353 .mode = 0644, 354 .proc_handler = &proc_dointvec 355 }, 356 #endif 357 { 358 .ctl_name = NET_TCP_TW_RECYCLE, 359 .procname = "tcp_tw_recycle", 360 .data = &tcp_death_row.sysctl_tw_recycle, 361 .maxlen = sizeof(int), 362 .mode = 0644, 363 .proc_handler = &proc_dointvec 364 }, 365 { 366 .ctl_name = NET_TCP_ABORT_ON_OVERFLOW, 367 .procname = "tcp_abort_on_overflow", 368 .data = &sysctl_tcp_abort_on_overflow, 369 .maxlen = sizeof(int), 370 .mode = 0644, 371 .proc_handler = &proc_dointvec 372 }, 373 { 374 .ctl_name = NET_TCP_STDURG, 375 .procname = "tcp_stdurg", 376 .data = &sysctl_tcp_stdurg, 377 .maxlen = sizeof(int), 378 .mode = 0644, 379 .proc_handler = &proc_dointvec 380 }, 381 { 382 .ctl_name = NET_TCP_RFC1337, 383 .procname = "tcp_rfc1337", 384 .data = &sysctl_tcp_rfc1337, 385 .maxlen = sizeof(int), 386 .mode = 0644, 387 .proc_handler = &proc_dointvec 388 }, 389 { 390 .ctl_name = NET_TCP_MAX_SYN_BACKLOG, 391 .procname = "tcp_max_syn_backlog", 392 .data = &sysctl_max_syn_backlog, 393 .maxlen = sizeof(int), 394 .mode = 0644, 395 .proc_handler = &proc_dointvec 396 }, 397 { 398 .ctl_name = NET_IPV4_LOCAL_PORT_RANGE, 399 .procname = "ip_local_port_range", 400 .data = &sysctl_local_port_range, 401 .maxlen = sizeof(sysctl_local_port_range), 402 .mode = 0644, 403 .proc_handler = &ipv4_local_port_range, 404 .strategy = &ipv4_sysctl_local_port_range, 405 }, 406 { 407 .ctl_name = NET_IPV4_ROUTE, 408 .procname = "route", 409 .maxlen = 0, 410 .mode = 0555, 411 .child = ipv4_route_table 412 }, 413 #ifdef CONFIG_IP_MULTICAST 414 { 415 .ctl_name = NET_IPV4_IGMP_MAX_MEMBERSHIPS, 416 .procname = "igmp_max_memberships", 417 .data = &sysctl_igmp_max_memberships, 418 .maxlen = sizeof(int), 419 .mode = 0644, 420 .proc_handler = &proc_dointvec 421 }, 422 423 #endif 424 { 425 .ctl_name = NET_IPV4_IGMP_MAX_MSF, 426 .procname = "igmp_max_msf", 427 .data = &sysctl_igmp_max_msf, 428 .maxlen = sizeof(int), 429 .mode = 0644, 430 .proc_handler = &proc_dointvec 431 }, 432 { 433 .ctl_name = NET_IPV4_INET_PEER_THRESHOLD, 434 .procname = "inet_peer_threshold", 435 .data = &inet_peer_threshold, 436 .maxlen = sizeof(int), 437 .mode = 0644, 438 .proc_handler = &proc_dointvec 439 }, 440 { 441 .ctl_name = NET_IPV4_INET_PEER_MINTTL, 442 .procname = "inet_peer_minttl", 443 .data = &inet_peer_minttl, 444 .maxlen = sizeof(int), 445 .mode = 0644, 446 .proc_handler = &proc_dointvec_jiffies, 447 .strategy = &sysctl_jiffies 448 }, 449 { 450 .ctl_name = NET_IPV4_INET_PEER_MAXTTL, 451 .procname = "inet_peer_maxttl", 452 .data = &inet_peer_maxttl, 453 .maxlen = sizeof(int), 454 .mode = 0644, 455 .proc_handler = &proc_dointvec_jiffies, 456 .strategy = &sysctl_jiffies 457 }, 458 { 459 .ctl_name = NET_IPV4_INET_PEER_GC_MINTIME, 460 .procname = "inet_peer_gc_mintime", 461 .data = &inet_peer_gc_mintime, 462 .maxlen = sizeof(int), 463 .mode = 0644, 464 .proc_handler = &proc_dointvec_jiffies, 465 .strategy = &sysctl_jiffies 466 }, 467 { 468 .ctl_name = NET_IPV4_INET_PEER_GC_MAXTIME, 469 .procname = "inet_peer_gc_maxtime", 470 .data = &inet_peer_gc_maxtime, 471 .maxlen = sizeof(int), 472 .mode = 0644, 473 .proc_handler = &proc_dointvec_jiffies, 474 .strategy = &sysctl_jiffies 475 }, 476 { 477 .ctl_name = NET_TCP_ORPHAN_RETRIES, 478 .procname = "tcp_orphan_retries", 479 .data = &sysctl_tcp_orphan_retries, 480 .maxlen = sizeof(int), 481 .mode = 0644, 482 .proc_handler = &proc_dointvec 483 }, 484 { 485 .ctl_name = NET_TCP_FACK, 486 .procname = "tcp_fack", 487 .data = &sysctl_tcp_fack, 488 .maxlen = sizeof(int), 489 .mode = 0644, 490 .proc_handler = &proc_dointvec 491 }, 492 { 493 .ctl_name = NET_TCP_REORDERING, 494 .procname = "tcp_reordering", 495 .data = &sysctl_tcp_reordering, 496 .maxlen = sizeof(int), 497 .mode = 0644, 498 .proc_handler = &proc_dointvec 499 }, 500 { 501 .ctl_name = NET_TCP_ECN, 502 .procname = "tcp_ecn", 503 .data = &sysctl_tcp_ecn, 504 .maxlen = sizeof(int), 505 .mode = 0644, 506 .proc_handler = &proc_dointvec 507 }, 508 { 509 .ctl_name = NET_TCP_DSACK, 510 .procname = "tcp_dsack", 511 .data = &sysctl_tcp_dsack, 512 .maxlen = sizeof(int), 513 .mode = 0644, 514 .proc_handler = &proc_dointvec 515 }, 516 { 517 .ctl_name = NET_TCP_MEM, 518 .procname = "tcp_mem", 519 .data = &sysctl_tcp_mem, 520 .maxlen = sizeof(sysctl_tcp_mem), 521 .mode = 0644, 522 .proc_handler = &proc_dointvec 523 }, 524 { 525 .ctl_name = NET_TCP_WMEM, 526 .procname = "tcp_wmem", 527 .data = &sysctl_tcp_wmem, 528 .maxlen = sizeof(sysctl_tcp_wmem), 529 .mode = 0644, 530 .proc_handler = &proc_dointvec 531 }, 532 { 533 .ctl_name = NET_TCP_RMEM, 534 .procname = "tcp_rmem", 535 .data = &sysctl_tcp_rmem, 536 .maxlen = sizeof(sysctl_tcp_rmem), 537 .mode = 0644, 538 .proc_handler = &proc_dointvec 539 }, 540 { 541 .ctl_name = NET_TCP_APP_WIN, 542 .procname = "tcp_app_win", 543 .data = &sysctl_tcp_app_win, 544 .maxlen = sizeof(int), 545 .mode = 0644, 546 .proc_handler = &proc_dointvec 547 }, 548 { 549 .ctl_name = NET_TCP_ADV_WIN_SCALE, 550 .procname = "tcp_adv_win_scale", 551 .data = &sysctl_tcp_adv_win_scale, 552 .maxlen = sizeof(int), 553 .mode = 0644, 554 .proc_handler = &proc_dointvec 555 }, 556 { 557 .ctl_name = NET_TCP_TW_REUSE, 558 .procname = "tcp_tw_reuse", 559 .data = &sysctl_tcp_tw_reuse, 560 .maxlen = sizeof(int), 561 .mode = 0644, 562 .proc_handler = &proc_dointvec 563 }, 564 { 565 .ctl_name = NET_TCP_FRTO, 566 .procname = "tcp_frto", 567 .data = &sysctl_tcp_frto, 568 .maxlen = sizeof(int), 569 .mode = 0644, 570 .proc_handler = &proc_dointvec 571 }, 572 { 573 .ctl_name = NET_TCP_FRTO_RESPONSE, 574 .procname = "tcp_frto_response", 575 .data = &sysctl_tcp_frto_response, 576 .maxlen = sizeof(int), 577 .mode = 0644, 578 .proc_handler = &proc_dointvec 579 }, 580 { 581 .ctl_name = NET_TCP_LOW_LATENCY, 582 .procname = "tcp_low_latency", 583 .data = &sysctl_tcp_low_latency, 584 .maxlen = sizeof(int), 585 .mode = 0644, 586 .proc_handler = &proc_dointvec 587 }, 588 { 589 .ctl_name = NET_TCP_NO_METRICS_SAVE, 590 .procname = "tcp_no_metrics_save", 591 .data = &sysctl_tcp_nometrics_save, 592 .maxlen = sizeof(int), 593 .mode = 0644, 594 .proc_handler = &proc_dointvec, 595 }, 596 { 597 .ctl_name = NET_TCP_MODERATE_RCVBUF, 598 .procname = "tcp_moderate_rcvbuf", 599 .data = &sysctl_tcp_moderate_rcvbuf, 600 .maxlen = sizeof(int), 601 .mode = 0644, 602 .proc_handler = &proc_dointvec, 603 }, 604 { 605 .ctl_name = NET_TCP_TSO_WIN_DIVISOR, 606 .procname = "tcp_tso_win_divisor", 607 .data = &sysctl_tcp_tso_win_divisor, 608 .maxlen = sizeof(int), 609 .mode = 0644, 610 .proc_handler = &proc_dointvec, 611 }, 612 { 613 .ctl_name = NET_TCP_CONG_CONTROL, 614 .procname = "tcp_congestion_control", 615 .mode = 0644, 616 .maxlen = TCP_CA_NAME_MAX, 617 .proc_handler = &proc_tcp_congestion_control, 618 .strategy = &sysctl_tcp_congestion_control, 619 }, 620 { 621 .ctl_name = NET_TCP_ABC, 622 .procname = "tcp_abc", 623 .data = &sysctl_tcp_abc, 624 .maxlen = sizeof(int), 625 .mode = 0644, 626 .proc_handler = &proc_dointvec, 627 }, 628 { 629 .ctl_name = NET_TCP_MTU_PROBING, 630 .procname = "tcp_mtu_probing", 631 .data = &sysctl_tcp_mtu_probing, 632 .maxlen = sizeof(int), 633 .mode = 0644, 634 .proc_handler = &proc_dointvec, 635 }, 636 { 637 .ctl_name = NET_TCP_BASE_MSS, 638 .procname = "tcp_base_mss", 639 .data = &sysctl_tcp_base_mss, 640 .maxlen = sizeof(int), 641 .mode = 0644, 642 .proc_handler = &proc_dointvec, 643 }, 644 { 645 .ctl_name = NET_IPV4_TCP_WORKAROUND_SIGNED_WINDOWS, 646 .procname = "tcp_workaround_signed_windows", 647 .data = &sysctl_tcp_workaround_signed_windows, 648 .maxlen = sizeof(int), 649 .mode = 0644, 650 .proc_handler = &proc_dointvec 651 }, 652 #ifdef CONFIG_NET_DMA 653 { 654 .ctl_name = NET_TCP_DMA_COPYBREAK, 655 .procname = "tcp_dma_copybreak", 656 .data = &sysctl_tcp_dma_copybreak, 657 .maxlen = sizeof(int), 658 .mode = 0644, 659 .proc_handler = &proc_dointvec 660 }, 661 #endif 662 { 663 .ctl_name = NET_TCP_SLOW_START_AFTER_IDLE, 664 .procname = "tcp_slow_start_after_idle", 665 .data = &sysctl_tcp_slow_start_after_idle, 666 .maxlen = sizeof(int), 667 .mode = 0644, 668 .proc_handler = &proc_dointvec 669 }, 670 #ifdef CONFIG_NETLABEL 671 { 672 .ctl_name = NET_CIPSOV4_CACHE_ENABLE, 673 .procname = "cipso_cache_enable", 674 .data = &cipso_v4_cache_enabled, 675 .maxlen = sizeof(int), 676 .mode = 0644, 677 .proc_handler = &proc_dointvec, 678 }, 679 { 680 .ctl_name = NET_CIPSOV4_CACHE_BUCKET_SIZE, 681 .procname = "cipso_cache_bucket_size", 682 .data = &cipso_v4_cache_bucketsize, 683 .maxlen = sizeof(int), 684 .mode = 0644, 685 .proc_handler = &proc_dointvec, 686 }, 687 { 688 .ctl_name = NET_CIPSOV4_RBM_OPTFMT, 689 .procname = "cipso_rbm_optfmt", 690 .data = &cipso_v4_rbm_optfmt, 691 .maxlen = sizeof(int), 692 .mode = 0644, 693 .proc_handler = &proc_dointvec, 694 }, 695 { 696 .ctl_name = NET_CIPSOV4_RBM_STRICTVALID, 697 .procname = "cipso_rbm_strictvalid", 698 .data = &cipso_v4_rbm_strictvalid, 699 .maxlen = sizeof(int), 700 .mode = 0644, 701 .proc_handler = &proc_dointvec, 702 }, 703 #endif /* CONFIG_NETLABEL */ 704 { 705 .procname = "tcp_available_congestion_control", 706 .maxlen = TCP_CA_BUF_MAX, 707 .mode = 0444, 708 .proc_handler = &proc_tcp_available_congestion_control, 709 }, 710 { 711 .ctl_name = NET_TCP_ALLOWED_CONG_CONTROL, 712 .procname = "tcp_allowed_congestion_control", 713 .maxlen = TCP_CA_BUF_MAX, 714 .mode = 0644, 715 .proc_handler = &proc_allowed_congestion_control, 716 .strategy = &strategy_allowed_congestion_control, 717 }, 718 { 719 .ctl_name = NET_TCP_MAX_SSTHRESH, 720 .procname = "tcp_max_ssthresh", 721 .data = &sysctl_tcp_max_ssthresh, 722 .maxlen = sizeof(int), 723 .mode = 0644, 724 .proc_handler = &proc_dointvec, 725 }, 726 { 727 .ctl_name = CTL_UNNUMBERED, 728 .procname = "udp_mem", 729 .data = &sysctl_udp_mem, 730 .maxlen = sizeof(sysctl_udp_mem), 731 .mode = 0644, 732 .proc_handler = &proc_dointvec_minmax, 733 .strategy = &sysctl_intvec, 734 .extra1 = &zero 735 }, 736 { 737 .ctl_name = CTL_UNNUMBERED, 738 .procname = "udp_rmem_min", 739 .data = &sysctl_udp_rmem_min, 740 .maxlen = sizeof(sysctl_udp_rmem_min), 741 .mode = 0644, 742 .proc_handler = &proc_dointvec_minmax, 743 .strategy = &sysctl_intvec, 744 .extra1 = &zero 745 }, 746 { 747 .ctl_name = CTL_UNNUMBERED, 748 .procname = "udp_wmem_min", 749 .data = &sysctl_udp_wmem_min, 750 .maxlen = sizeof(sysctl_udp_wmem_min), 751 .mode = 0644, 752 .proc_handler = &proc_dointvec_minmax, 753 .strategy = &sysctl_intvec, 754 .extra1 = &zero 755 }, 756 { .ctl_name = 0 } 757 }; 758 759 static struct ctl_table ipv4_net_table[] = { 760 { 761 .ctl_name = NET_IPV4_ICMP_ECHO_IGNORE_ALL, 762 .procname = "icmp_echo_ignore_all", 763 .data = &init_net.ipv4.sysctl_icmp_echo_ignore_all, 764 .maxlen = sizeof(int), 765 .mode = 0644, 766 .proc_handler = &proc_dointvec 767 }, 768 { 769 .ctl_name = NET_IPV4_ICMP_ECHO_IGNORE_BROADCASTS, 770 .procname = "icmp_echo_ignore_broadcasts", 771 .data = &init_net.ipv4.sysctl_icmp_echo_ignore_broadcasts, 772 .maxlen = sizeof(int), 773 .mode = 0644, 774 .proc_handler = &proc_dointvec 775 }, 776 { 777 .ctl_name = NET_IPV4_ICMP_IGNORE_BOGUS_ERROR_RESPONSES, 778 .procname = "icmp_ignore_bogus_error_responses", 779 .data = &init_net.ipv4.sysctl_icmp_ignore_bogus_error_responses, 780 .maxlen = sizeof(int), 781 .mode = 0644, 782 .proc_handler = &proc_dointvec 783 }, 784 { 785 .ctl_name = NET_IPV4_ICMP_ERRORS_USE_INBOUND_IFADDR, 786 .procname = "icmp_errors_use_inbound_ifaddr", 787 .data = &init_net.ipv4.sysctl_icmp_errors_use_inbound_ifaddr, 788 .maxlen = sizeof(int), 789 .mode = 0644, 790 .proc_handler = &proc_dointvec 791 }, 792 { 793 .ctl_name = NET_IPV4_ICMP_RATELIMIT, 794 .procname = "icmp_ratelimit", 795 .data = &init_net.ipv4.sysctl_icmp_ratelimit, 796 .maxlen = sizeof(int), 797 .mode = 0644, 798 .proc_handler = &proc_dointvec 799 }, 800 { 801 .ctl_name = NET_IPV4_ICMP_RATEMASK, 802 .procname = "icmp_ratemask", 803 .data = &init_net.ipv4.sysctl_icmp_ratemask, 804 .maxlen = sizeof(int), 805 .mode = 0644, 806 .proc_handler = &proc_dointvec 807 }, 808 { } 809 }; 810 811 struct ctl_path net_ipv4_ctl_path[] = { 812 { .procname = "net", .ctl_name = CTL_NET, }, 813 { .procname = "ipv4", .ctl_name = NET_IPV4, }, 814 { }, 815 }; 816 EXPORT_SYMBOL_GPL(net_ipv4_ctl_path); 817 818 static __net_init int ipv4_sysctl_init_net(struct net *net) 819 { 820 struct ctl_table *table; 821 822 table = ipv4_net_table; 823 if (net != &init_net) { 824 table = kmemdup(table, sizeof(ipv4_net_table), GFP_KERNEL); 825 if (table == NULL) 826 goto err_alloc; 827 828 table[0].data = 829 &net->ipv4.sysctl_icmp_echo_ignore_all; 830 table[1].data = 831 &net->ipv4.sysctl_icmp_echo_ignore_broadcasts; 832 table[2].data = 833 &net->ipv4.sysctl_icmp_ignore_bogus_error_responses; 834 table[3].data = 835 &net->ipv4.sysctl_icmp_errors_use_inbound_ifaddr; 836 table[4].data = 837 &net->ipv4.sysctl_icmp_ratelimit; 838 table[5].data = 839 &net->ipv4.sysctl_icmp_ratemask; 840 } 841 842 net->ipv4.ipv4_hdr = register_net_sysctl_table(net, 843 net_ipv4_ctl_path, table); 844 if (net->ipv4.ipv4_hdr == NULL) 845 goto err_reg; 846 847 return 0; 848 849 err_reg: 850 if (net != &init_net) 851 kfree(table); 852 err_alloc: 853 return -ENOMEM; 854 } 855 856 static __net_exit void ipv4_sysctl_exit_net(struct net *net) 857 { 858 struct ctl_table *table; 859 860 table = net->ipv4.ipv4_hdr->ctl_table_arg; 861 unregister_net_sysctl_table(net->ipv4.ipv4_hdr); 862 kfree(table); 863 } 864 865 static __net_initdata struct pernet_operations ipv4_sysctl_ops = { 866 .init = ipv4_sysctl_init_net, 867 .exit = ipv4_sysctl_exit_net, 868 }; 869 870 static __init int sysctl_ipv4_init(void) 871 { 872 struct ctl_table_header *hdr; 873 874 hdr = register_sysctl_paths(net_ipv4_ctl_path, ipv4_table); 875 if (hdr == NULL) 876 return -ENOMEM; 877 878 if (register_pernet_subsys(&ipv4_sysctl_ops)) { 879 unregister_sysctl_table(hdr); 880 return -ENOMEM; 881 } 882 883 return 0; 884 } 885 886 __initcall(sysctl_ipv4_init); 887