Commit e4a2d5c2 authored by Pavel Emelyanov's avatar Pavel Emelyanov Committed by David S. Miller

[NETNS][FRAGS]: Duplicate sysctl tables for new namespaces.

Each namespace has to have own tables to tune their
different parameters, so duplicate the tables and
register them.

All the tables in sub-namespaces are temporarily made
read-only.
Signed-off-by: default avatarPavel Emelyanov <xemul@openvz.org>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 6ddc0822
...@@ -16,6 +16,7 @@ struct sock; ...@@ -16,6 +16,7 @@ struct sock;
struct netns_ipv4 { struct netns_ipv4 {
#ifdef CONFIG_SYSCTL #ifdef CONFIG_SYSCTL
struct ctl_table_header *forw_hdr; struct ctl_table_header *forw_hdr;
struct ctl_table_header *frags_hdr;
#endif #endif
struct ipv4_devconf *devconf_all; struct ipv4_devconf *devconf_all;
struct ipv4_devconf *devconf_dflt; struct ipv4_devconf *devconf_dflt;
......
...@@ -12,6 +12,7 @@ struct ctl_table_header; ...@@ -12,6 +12,7 @@ struct ctl_table_header;
struct netns_sysctl_ipv6 { struct netns_sysctl_ipv6 {
#ifdef CONFIG_SYSCTL #ifdef CONFIG_SYSCTL
struct ctl_table_header *table; struct ctl_table_header *table;
struct ctl_table_header *frags_hdr;
#endif #endif
struct inet_frags_ctl frags; struct inet_frags_ctl frags;
int bindv6only; int bindv6only;
......
...@@ -661,17 +661,53 @@ static struct ctl_table ip4_frags_ctl_table[] = { ...@@ -661,17 +661,53 @@ static struct ctl_table ip4_frags_ctl_table[] = {
static int ip4_frags_ctl_register(struct net *net) static int ip4_frags_ctl_register(struct net *net)
{ {
struct ctl_table *table;
struct ctl_table_header *hdr; struct ctl_table_header *hdr;
hdr = register_net_sysctl_table(net, net_ipv4_ctl_path, table = ip4_frags_ctl_table;
ip4_frags_ctl_table); if (net != &init_net) {
return hdr == NULL ? -ENOMEM : 0; table = kmemdup(table, sizeof(ip4_frags_ctl_table), GFP_KERNEL);
if (table == NULL)
goto err_alloc;
table[0].mode &= ~0222;
table[1].mode &= ~0222;
table[2].mode &= ~0222;
table[3].mode &= ~0222;
table[4].mode &= ~0222;
}
hdr = register_net_sysctl_table(net, net_ipv4_ctl_path, table);
if (hdr == NULL)
goto err_reg;
net->ipv4.frags_hdr = hdr;
return 0;
err_reg:
if (net != &init_net)
kfree(table);
err_alloc:
return -ENOMEM;
}
static void ip4_frags_ctl_unregister(struct net *net)
{
struct ctl_table *table;
table = net->ipv4.frags_hdr->ctl_table_arg;
unregister_net_sysctl_table(net->ipv4.frags_hdr);
kfree(table);
} }
#else #else
static inline int ip4_frags_ctl_register(struct net *net) static inline int ip4_frags_ctl_register(struct net *net)
{ {
return 0; return 0;
} }
static inline void ip4_frags_ctl_unregister(struct net *net)
{
}
#endif #endif
static int ipv4_frags_init_net(struct net *net) static int ipv4_frags_init_net(struct net *net)
......
...@@ -670,17 +670,52 @@ static struct ctl_table ip6_frags_ctl_table[] = { ...@@ -670,17 +670,52 @@ static struct ctl_table ip6_frags_ctl_table[] = {
static int ip6_frags_sysctl_register(struct net *net) static int ip6_frags_sysctl_register(struct net *net)
{ {
struct ctl_table *table;
struct ctl_table_header *hdr; struct ctl_table_header *hdr;
hdr = register_net_sysctl_table(net, net_ipv6_ctl_path, table = ip6_frags_ctl_table;
ip6_frags_ctl_table); if (net != &init_net) {
return hdr == NULL ? -ENOMEM : 0; table = kmemdup(table, sizeof(ip6_frags_ctl_table), GFP_KERNEL);
if (table == NULL)
goto err_alloc;
table[0].mode &= ~0222;
table[1].mode &= ~0222;
table[2].mode &= ~0222;
table[3].mode &= ~0222;
}
hdr = register_net_sysctl_table(net, net_ipv6_ctl_path, table);
if (hdr == NULL)
goto err_reg;
net->ipv6.sysctl.frags_hdr = hdr;
return 0;
err_reg:
if (net != &init_net)
kfree(table);
err_alloc:
return -ENOMEM;
}
static void ip6_frags_sysctl_unregister(struct net *net)
{
struct ctl_table *table;
table = net->ipv6.sysctl.frags_hdr->ctl_table_arg;
unregister_net_sysctl_table(net->ipv6.sysctl.frags_hdr);
kfree(table);
} }
#else #else
static inline int ip6_frags_sysctl_register(struct net *net) static inline int ip6_frags_sysctl_register(struct net *net)
{ {
return 0; return 0;
} }
static inline void ip6_frags_sysctl_unregister(struct net *net)
{
}
#endif #endif
static int ipv6_frags_init_net(struct net *net) static int ipv6_frags_init_net(struct net *net)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment