sysctl_net_ipv4.c revision eeb61f719c00c626115852bbc91189dc3011a844 
1/*
2 * sysctl_net_ipv4.c: sysctl interface to net IPV4 subsystem.
3 *
4 * Begun April 1, 1996, Mike Shaver.
5 * Added /proc/sys/net/ipv4 directory entry (empty =) ). [MS]
6 */
7
8#include <linux/mm.h>
9#include <linux/module.h>
10#include <linux/sysctl.h>
11#include <linux/igmp.h>
12#include <linux/inetdevice.h>
13#include <linux/seqlock.h>
14#include <linux/init.h>
15#include <net/snmp.h>
16#include <net/icmp.h>
17#include <net/ip.h>
18#include <net/route.h>
19#include <net/tcp.h>
20#include <net/udp.h>
21#include <net/cipso_ipv4.h>
22#include <net/inet_frag.h>
23
24static int zero;
25static int tcp_retr1_max = 255;
26static int ip_local_port_range_min[] = { 1, 1 };
27static int ip_local_port_range_max[] = { 65535, 65535 };
28
29extern seqlock_t sysctl_port_range_lock;
30extern int sysctl_local_port_range[2];
31
32/* Update system visible IP port range */
33static void set_local_port_range(int range[2])
34{
35	write_seqlock(&sysctl_port_range_lock);
36	sysctl_local_port_range[0] = range[0];
37	sysctl_local_port_range[1] = range[1];
38	write_sequnlock(&sysctl_port_range_lock);
39}
40
41/* Validate changes from /proc interface. */
42static int ipv4_local_port_range(ctl_table *table, int write, struct file *filp,
43				 void __user *buffer,
44				 size_t *lenp, loff_t *ppos)
45{
46	int ret;
47	int range[2] = { sysctl_local_port_range[0],
48			 sysctl_local_port_range[1] };
49	ctl_table tmp = {
50		.data = &range,
51		.maxlen = sizeof(range),
52		.mode = table->mode,
53		.extra1 = &ip_local_port_range_min,
54		.extra2 = &ip_local_port_range_max,
55	};
56
57	ret = proc_dointvec_minmax(&tmp, write, filp, buffer, lenp, ppos);
58
59	if (write && ret == 0) {
60		if (range[1] < range[0])
61			ret = -EINVAL;
62		else
63			set_local_port_range(range);
64	}
65
66	return ret;
67}
68
69/* Validate changes from sysctl interface. */
70static int ipv4_sysctl_local_port_range(ctl_table *table, int __user *name,
71					 int nlen, void __user *oldval,
72					 size_t __user *oldlenp,
73					void __user *newval, size_t newlen)
74{
75	int ret;
76	int range[2] = { sysctl_local_port_range[0],
77			 sysctl_local_port_range[1] };
78	ctl_table tmp = {
79		.data = &range,
80		.maxlen = sizeof(range),
81		.mode = table->mode,
82		.extra1 = &ip_local_port_range_min,
83		.extra2 = &ip_local_port_range_max,
84	};
85
86	ret = sysctl_intvec(&tmp, name, nlen, oldval, oldlenp, newval, newlen);
87	if (ret == 0 && newval && newlen) {
88		if (range[1] < range[0])
89			ret = -EINVAL;
90		else
91			set_local_port_range(range);
92	}
93	return ret;
94}
95
96
97static int proc_tcp_congestion_control(ctl_table *ctl, int write, struct file * filp,
98				       void __user *buffer, size_t *lenp, loff_t *ppos)
99{
100	char val[TCP_CA_NAME_MAX];
101	ctl_table tbl = {
102		.data = val,
103		.maxlen = TCP_CA_NAME_MAX,
104	};
105	int ret;
106
107	tcp_get_default_congestion_control(val);
108
109	ret = proc_dostring(&tbl, write, filp, buffer, lenp, ppos);
110	if (write && ret == 0)
111		ret = tcp_set_default_congestion_control(val);
112	return ret;
113}
114
115static int sysctl_tcp_congestion_control(ctl_table *table, int __user *name,
116					 int nlen, void __user *oldval,
117					 size_t __user *oldlenp,
118					 void __user *newval, size_t newlen)
119{
120	char val[TCP_CA_NAME_MAX];
121	ctl_table tbl = {
122		.data = val,
123		.maxlen = TCP_CA_NAME_MAX,
124	};
125	int ret;
126
127	tcp_get_default_congestion_control(val);
128	ret = sysctl_string(&tbl, name, nlen, oldval, oldlenp, newval, newlen);
129	if (ret == 1 && newval && newlen)
130		ret = tcp_set_default_congestion_control(val);
131	return ret;
132}
133
134static int proc_tcp_available_congestion_control(ctl_table *ctl,
135						 int write, struct file * filp,
136						 void __user *buffer, size_t *lenp,
137						 loff_t *ppos)
138{
139	ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX, };
140	int ret;
141
142	tbl.data = kmalloc(tbl.maxlen, GFP_USER);
143	if (!tbl.data)
144		return -ENOMEM;
145	tcp_get_available_congestion_control(tbl.data, TCP_CA_BUF_MAX);
146	ret = proc_dostring(&tbl, write, filp, buffer, lenp, ppos);
147	kfree(tbl.data);
148	return ret;
149}
150
151static int proc_allowed_congestion_control(ctl_table *ctl,
152					   int write, struct file * filp,
153					   void __user *buffer, size_t *lenp,
154					   loff_t *ppos)
155{
156	ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX };
157	int ret;
158
159	tbl.data = kmalloc(tbl.maxlen, GFP_USER);
160	if (!tbl.data)
161		return -ENOMEM;
162
163	tcp_get_allowed_congestion_control(tbl.data, tbl.maxlen);
164	ret = proc_dostring(&tbl, write, filp, buffer, lenp, ppos);
165	if (write && ret == 0)
166		ret = tcp_set_allowed_congestion_control(tbl.data);
167	kfree(tbl.data);
168	return ret;
169}
170
171static int strategy_allowed_congestion_control(ctl_table *table, int __user *name,
172					       int nlen, void __user *oldval,
173					       size_t __user *oldlenp,
174					       void __user *newval,
175					       size_t newlen)
176{
177	ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX };
178	int ret;
179
180	tbl.data = kmalloc(tbl.maxlen, GFP_USER);
181	if (!tbl.data)
182		return -ENOMEM;
183
184	tcp_get_available_congestion_control(tbl.data, tbl.maxlen);
185	ret = sysctl_string(&tbl, name, nlen, oldval, oldlenp, newval, newlen);
186	if (ret == 1 && newval && newlen)
187		ret = tcp_set_allowed_congestion_control(tbl.data);
188	kfree(tbl.data);
189
190	return ret;
191
192}
193
194static struct ctl_table ipv4_table[] = {
195	{
196		.ctl_name	= NET_IPV4_TCP_TIMESTAMPS,
197		.procname	= "tcp_timestamps",
198		.data		= &sysctl_tcp_timestamps,
199		.maxlen		= sizeof(int),
200		.mode		= 0644,
201		.proc_handler	= &proc_dointvec
202	},
203	{
204		.ctl_name	= NET_IPV4_TCP_WINDOW_SCALING,
205		.procname	= "tcp_window_scaling",
206		.data		= &sysctl_tcp_window_scaling,
207		.maxlen		= sizeof(int),
208		.mode		= 0644,
209		.proc_handler	= &proc_dointvec
210	},
211	{
212		.ctl_name	= NET_IPV4_TCP_SACK,
213		.procname	= "tcp_sack",
214		.data		= &sysctl_tcp_sack,
215		.maxlen		= sizeof(int),
216		.mode		= 0644,
217		.proc_handler	= &proc_dointvec
218	},
219	{
220		.ctl_name	= NET_IPV4_TCP_RETRANS_COLLAPSE,
221		.procname	= "tcp_retrans_collapse",
222		.data		= &sysctl_tcp_retrans_collapse,
223		.maxlen		= sizeof(int),
224		.mode		= 0644,
225		.proc_handler	= &proc_dointvec
226	},
227	{
228		.ctl_name	= NET_IPV4_DEFAULT_TTL,
229		.procname	= "ip_default_ttl",
230		.data		= &sysctl_ip_default_ttl,
231		.maxlen		= sizeof(int),
232		.mode		= 0644,
233		.proc_handler	= &ipv4_doint_and_flush,
234		.strategy	= &ipv4_doint_and_flush_strategy,
235	},
236	{
237		.ctl_name	= NET_IPV4_NO_PMTU_DISC,
238		.procname	= "ip_no_pmtu_disc",
239		.data		= &ipv4_config.no_pmtu_disc,
240		.maxlen		= sizeof(int),
241		.mode		= 0644,
242		.proc_handler	= &proc_dointvec
243	},
244	{
245		.ctl_name	= NET_IPV4_NONLOCAL_BIND,
246		.procname	= "ip_nonlocal_bind",
247		.data		= &sysctl_ip_nonlocal_bind,
248		.maxlen		= sizeof(int),
249		.mode		= 0644,
250		.proc_handler	= &proc_dointvec
251	},
252	{
253		.ctl_name	= NET_IPV4_TCP_SYN_RETRIES,
254		.procname	= "tcp_syn_retries",
255		.data		= &sysctl_tcp_syn_retries,
256		.maxlen		= sizeof(int),
257		.mode		= 0644,
258		.proc_handler	= &proc_dointvec
259	},
260	{
261		.ctl_name	= NET_TCP_SYNACK_RETRIES,
262		.procname	= "tcp_synack_retries",
263		.data		= &sysctl_tcp_synack_retries,
264		.maxlen		= sizeof(int),
265		.mode		= 0644,
266		.proc_handler	= &proc_dointvec
267	},
268	{
269		.ctl_name	= NET_TCP_MAX_ORPHANS,
270		.procname	= "tcp_max_orphans",
271		.data		= &sysctl_tcp_max_orphans,
272		.maxlen		= sizeof(int),
273		.mode		= 0644,
274		.proc_handler	= &proc_dointvec
275	},
276	{
277		.ctl_name	= NET_TCP_MAX_TW_BUCKETS,
278		.procname	= "tcp_max_tw_buckets",
279		.data		= &tcp_death_row.sysctl_max_tw_buckets,
280		.maxlen		= sizeof(int),
281		.mode		= 0644,
282		.proc_handler	= &proc_dointvec
283	},
284	{
285		.ctl_name	= NET_IPV4_DYNADDR,
286		.procname	= "ip_dynaddr",
287		.data		= &sysctl_ip_dynaddr,
288		.maxlen		= sizeof(int),
289		.mode		= 0644,
290		.proc_handler	= &proc_dointvec
291	},
292	{
293		.ctl_name	= NET_IPV4_TCP_KEEPALIVE_TIME,
294		.procname	= "tcp_keepalive_time",
295		.data		= &sysctl_tcp_keepalive_time,
296		.maxlen		= sizeof(int),
297		.mode		= 0644,
298		.proc_handler	= &proc_dointvec_jiffies,
299		.strategy	= &sysctl_jiffies
300	},
301	{
302		.ctl_name	= NET_IPV4_TCP_KEEPALIVE_PROBES,
303		.procname	= "tcp_keepalive_probes",
304		.data		= &sysctl_tcp_keepalive_probes,
305		.maxlen		= sizeof(int),
306		.mode		= 0644,
307		.proc_handler	= &proc_dointvec
308	},
309	{
310		.ctl_name	= NET_IPV4_TCP_KEEPALIVE_INTVL,
311		.procname	= "tcp_keepalive_intvl",
312		.data		= &sysctl_tcp_keepalive_intvl,
313		.maxlen		= sizeof(int),
314		.mode		= 0644,
315		.proc_handler	= &proc_dointvec_jiffies,
316		.strategy	= &sysctl_jiffies
317	},
318	{
319		.ctl_name	= NET_IPV4_TCP_RETRIES1,
320		.procname	= "tcp_retries1",
321		.data		= &sysctl_tcp_retries1,
322		.maxlen		= sizeof(int),
323		.mode		= 0644,
324		.proc_handler	= &proc_dointvec_minmax,
325		.strategy	= &sysctl_intvec,
326		.extra2		= &tcp_retr1_max
327	},
328	{
329		.ctl_name	= NET_IPV4_TCP_RETRIES2,
330		.procname	= "tcp_retries2",
331		.data		= &sysctl_tcp_retries2,
332		.maxlen		= sizeof(int),
333		.mode		= 0644,
334		.proc_handler	= &proc_dointvec
335	},
336	{
337		.ctl_name	= NET_IPV4_TCP_FIN_TIMEOUT,
338		.procname	= "tcp_fin_timeout",
339		.data		= &sysctl_tcp_fin_timeout,
340		.maxlen		= sizeof(int),
341		.mode		= 0644,
342		.proc_handler	= &proc_dointvec_jiffies,
343		.strategy	= &sysctl_jiffies
344	},
345#ifdef CONFIG_SYN_COOKIES
346	{
347		.ctl_name	= NET_TCP_SYNCOOKIES,
348		.procname	= "tcp_syncookies",
349		.data		= &sysctl_tcp_syncookies,
350		.maxlen		= sizeof(int),
351		.mode		= 0644,
352		.proc_handler	= &proc_dointvec
353	},
354#endif
355	{
356		.ctl_name	= NET_TCP_TW_RECYCLE,
357		.procname	= "tcp_tw_recycle",
358		.data		= &tcp_death_row.sysctl_tw_recycle,
359		.maxlen		= sizeof(int),
360		.mode		= 0644,
361		.proc_handler	= &proc_dointvec
362	},
363	{
364		.ctl_name	= NET_TCP_ABORT_ON_OVERFLOW,
365		.procname	= "tcp_abort_on_overflow",
366		.data		= &sysctl_tcp_abort_on_overflow,
367		.maxlen		= sizeof(int),
368		.mode		= 0644,
369		.proc_handler	= &proc_dointvec
370	},
371	{
372		.ctl_name	= NET_TCP_STDURG,
373		.procname	= "tcp_stdurg",
374		.data		= &sysctl_tcp_stdurg,
375		.maxlen		= sizeof(int),
376		.mode		= 0644,
377		.proc_handler	= &proc_dointvec
378	},
379	{
380		.ctl_name	= NET_TCP_RFC1337,
381		.procname	= "tcp_rfc1337",
382		.data		= &sysctl_tcp_rfc1337,
383		.maxlen		= sizeof(int),
384		.mode		= 0644,
385		.proc_handler	= &proc_dointvec
386	},
387	{
388		.ctl_name	= NET_TCP_MAX_SYN_BACKLOG,
389		.procname	= "tcp_max_syn_backlog",
390		.data		= &sysctl_max_syn_backlog,
391		.maxlen		= sizeof(int),
392		.mode		= 0644,
393		.proc_handler	= &proc_dointvec
394	},
395	{
396		.ctl_name	= NET_IPV4_LOCAL_PORT_RANGE,
397		.procname	= "ip_local_port_range",
398		.data		= &sysctl_local_port_range,
399		.maxlen		= sizeof(sysctl_local_port_range),
400		.mode		= 0644,
401		.proc_handler	= &ipv4_local_port_range,
402		.strategy	= &ipv4_sysctl_local_port_range,
403	},
404#ifdef CONFIG_IP_MULTICAST
405	{
406		.ctl_name	= NET_IPV4_IGMP_MAX_MEMBERSHIPS,
407		.procname	= "igmp_max_memberships",
408		.data		= &sysctl_igmp_max_memberships,
409		.maxlen		= sizeof(int),
410		.mode		= 0644,
411		.proc_handler	= &proc_dointvec
412	},
413
414#endif
415	{
416		.ctl_name	= NET_IPV4_IGMP_MAX_MSF,
417		.procname	= "igmp_max_msf",
418		.data		= &sysctl_igmp_max_msf,
419		.maxlen		= sizeof(int),
420		.mode		= 0644,
421		.proc_handler	= &proc_dointvec
422	},
423	{
424		.ctl_name	= NET_IPV4_INET_PEER_THRESHOLD,
425		.procname	= "inet_peer_threshold",
426		.data		= &inet_peer_threshold,
427		.maxlen		= sizeof(int),
428		.mode		= 0644,
429		.proc_handler	= &proc_dointvec
430	},
431	{
432		.ctl_name	= NET_IPV4_INET_PEER_MINTTL,
433		.procname	= "inet_peer_minttl",
434		.data		= &inet_peer_minttl,
435		.maxlen		= sizeof(int),
436		.mode		= 0644,
437		.proc_handler	= &proc_dointvec_jiffies,
438		.strategy	= &sysctl_jiffies
439	},
440	{
441		.ctl_name	= NET_IPV4_INET_PEER_MAXTTL,
442		.procname	= "inet_peer_maxttl",
443		.data		= &inet_peer_maxttl,
444		.maxlen		= sizeof(int),
445		.mode		= 0644,
446		.proc_handler	= &proc_dointvec_jiffies,
447		.strategy	= &sysctl_jiffies
448	},
449	{
450		.ctl_name	= NET_IPV4_INET_PEER_GC_MINTIME,
451		.procname	= "inet_peer_gc_mintime",
452		.data		= &inet_peer_gc_mintime,
453		.maxlen		= sizeof(int),
454		.mode		= 0644,
455		.proc_handler	= &proc_dointvec_jiffies,
456		.strategy	= &sysctl_jiffies
457	},
458	{
459		.ctl_name	= NET_IPV4_INET_PEER_GC_MAXTIME,
460		.procname	= "inet_peer_gc_maxtime",
461		.data		= &inet_peer_gc_maxtime,
462		.maxlen		= sizeof(int),
463		.mode		= 0644,
464		.proc_handler	= &proc_dointvec_jiffies,
465		.strategy	= &sysctl_jiffies
466	},
467	{
468		.ctl_name	= NET_TCP_ORPHAN_RETRIES,
469		.procname	= "tcp_orphan_retries",
470		.data		= &sysctl_tcp_orphan_retries,
471		.maxlen		= sizeof(int),
472		.mode		= 0644,
473		.proc_handler	= &proc_dointvec
474	},
475	{
476		.ctl_name	= NET_TCP_FACK,
477		.procname	= "tcp_fack",
478		.data		= &sysctl_tcp_fack,
479		.maxlen		= sizeof(int),
480		.mode		= 0644,
481		.proc_handler	= &proc_dointvec
482	},
483	{
484		.ctl_name	= NET_TCP_REORDERING,
485		.procname	= "tcp_reordering",
486		.data		= &sysctl_tcp_reordering,
487		.maxlen		= sizeof(int),
488		.mode		= 0644,
489		.proc_handler	= &proc_dointvec
490	},
491	{
492		.ctl_name	= NET_TCP_ECN,
493		.procname	= "tcp_ecn",
494		.data		= &sysctl_tcp_ecn,
495		.maxlen		= sizeof(int),
496		.mode		= 0644,
497		.proc_handler	= &proc_dointvec
498	},
499	{
500		.ctl_name	= NET_TCP_DSACK,
501		.procname	= "tcp_dsack",
502		.data		= &sysctl_tcp_dsack,
503		.maxlen		= sizeof(int),
504		.mode		= 0644,
505		.proc_handler	= &proc_dointvec
506	},
507	{
508		.ctl_name	= NET_TCP_MEM,
509		.procname	= "tcp_mem",
510		.data		= &sysctl_tcp_mem,
511		.maxlen		= sizeof(sysctl_tcp_mem),
512		.mode		= 0644,
513		.proc_handler	= &proc_dointvec
514	},
515	{
516		.ctl_name	= NET_TCP_WMEM,
517		.procname	= "tcp_wmem",
518		.data		= &sysctl_tcp_wmem,
519		.maxlen		= sizeof(sysctl_tcp_wmem),
520		.mode		= 0644,
521		.proc_handler	= &proc_dointvec
522	},
523	{
524		.ctl_name	= NET_TCP_RMEM,
525		.procname	= "tcp_rmem",
526		.data		= &sysctl_tcp_rmem,
527		.maxlen		= sizeof(sysctl_tcp_rmem),
528		.mode		= 0644,
529		.proc_handler	= &proc_dointvec
530	},
531	{
532		.ctl_name	= NET_TCP_APP_WIN,
533		.procname	= "tcp_app_win",
534		.data		= &sysctl_tcp_app_win,
535		.maxlen		= sizeof(int),
536		.mode		= 0644,
537		.proc_handler	= &proc_dointvec
538	},
539	{
540		.ctl_name	= NET_TCP_ADV_WIN_SCALE,
541		.procname	= "tcp_adv_win_scale",
542		.data		= &sysctl_tcp_adv_win_scale,
543		.maxlen		= sizeof(int),
544		.mode		= 0644,
545		.proc_handler	= &proc_dointvec
546	},
547	{
548		.ctl_name	= NET_TCP_TW_REUSE,
549		.procname	= "tcp_tw_reuse",
550		.data		= &sysctl_tcp_tw_reuse,
551		.maxlen		= sizeof(int),
552		.mode		= 0644,
553		.proc_handler	= &proc_dointvec
554	},
555	{
556		.ctl_name	= NET_TCP_FRTO,
557		.procname	= "tcp_frto",
558		.data		= &sysctl_tcp_frto,
559		.maxlen		= sizeof(int),
560		.mode		= 0644,
561		.proc_handler	= &proc_dointvec
562	},
563	{
564		.ctl_name	= NET_TCP_FRTO_RESPONSE,
565		.procname	= "tcp_frto_response",
566		.data		= &sysctl_tcp_frto_response,
567		.maxlen		= sizeof(int),
568		.mode		= 0644,
569		.proc_handler	= &proc_dointvec
570	},
571	{
572		.ctl_name	= NET_TCP_LOW_LATENCY,
573		.procname	= "tcp_low_latency",
574		.data		= &sysctl_tcp_low_latency,
575		.maxlen		= sizeof(int),
576		.mode		= 0644,
577		.proc_handler	= &proc_dointvec
578	},
579	{
580		.ctl_name	= NET_TCP_NO_METRICS_SAVE,
581		.procname	= "tcp_no_metrics_save",
582		.data		= &sysctl_tcp_nometrics_save,
583		.maxlen		= sizeof(int),
584		.mode		= 0644,
585		.proc_handler	= &proc_dointvec,
586	},
587	{
588		.ctl_name	= NET_TCP_MODERATE_RCVBUF,
589		.procname	= "tcp_moderate_rcvbuf",
590		.data		= &sysctl_tcp_moderate_rcvbuf,
591		.maxlen		= sizeof(int),
592		.mode		= 0644,
593		.proc_handler	= &proc_dointvec,
594	},
595	{
596		.ctl_name	= NET_TCP_TSO_WIN_DIVISOR,
597		.procname	= "tcp_tso_win_divisor",
598		.data		= &sysctl_tcp_tso_win_divisor,
599		.maxlen		= sizeof(int),
600		.mode		= 0644,
601		.proc_handler	= &proc_dointvec,
602	},
603	{
604		.ctl_name	= NET_TCP_CONG_CONTROL,
605		.procname	= "tcp_congestion_control",
606		.mode		= 0644,
607		.maxlen		= TCP_CA_NAME_MAX,
608		.proc_handler	= &proc_tcp_congestion_control,
609		.strategy	= &sysctl_tcp_congestion_control,
610	},
611	{
612		.ctl_name	= NET_TCP_ABC,
613		.procname	= "tcp_abc",
614		.data		= &sysctl_tcp_abc,
615		.maxlen		= sizeof(int),
616		.mode		= 0644,
617		.proc_handler	= &proc_dointvec,
618	},
619	{
620		.ctl_name	= NET_TCP_MTU_PROBING,
621		.procname	= "tcp_mtu_probing",
622		.data		= &sysctl_tcp_mtu_probing,
623		.maxlen		= sizeof(int),
624		.mode		= 0644,
625		.proc_handler	= &proc_dointvec,
626	},
627	{
628		.ctl_name	= NET_TCP_BASE_MSS,
629		.procname	= "tcp_base_mss",
630		.data		= &sysctl_tcp_base_mss,
631		.maxlen		= sizeof(int),
632		.mode		= 0644,
633		.proc_handler	= &proc_dointvec,
634	},
635	{
636		.ctl_name	= NET_IPV4_TCP_WORKAROUND_SIGNED_WINDOWS,
637		.procname	= "tcp_workaround_signed_windows",
638		.data		= &sysctl_tcp_workaround_signed_windows,
639		.maxlen		= sizeof(int),
640		.mode		= 0644,
641		.proc_handler	= &proc_dointvec
642	},
643#ifdef CONFIG_NET_DMA
644	{
645		.ctl_name	= NET_TCP_DMA_COPYBREAK,
646		.procname	= "tcp_dma_copybreak",
647		.data		= &sysctl_tcp_dma_copybreak,
648		.maxlen		= sizeof(int),
649		.mode		= 0644,
650		.proc_handler	= &proc_dointvec
651	},
652#endif
653	{
654		.ctl_name	= NET_TCP_SLOW_START_AFTER_IDLE,
655		.procname	= "tcp_slow_start_after_idle",
656		.data		= &sysctl_tcp_slow_start_after_idle,
657		.maxlen		= sizeof(int),
658		.mode		= 0644,
659		.proc_handler	= &proc_dointvec
660	},
661#ifdef CONFIG_NETLABEL
662	{
663		.ctl_name	= NET_CIPSOV4_CACHE_ENABLE,
664		.procname	= "cipso_cache_enable",
665		.data		= &cipso_v4_cache_enabled,
666		.maxlen		= sizeof(int),
667		.mode		= 0644,
668		.proc_handler	= &proc_dointvec,
669	},
670	{
671		.ctl_name	= NET_CIPSOV4_CACHE_BUCKET_SIZE,
672		.procname	= "cipso_cache_bucket_size",
673		.data		= &cipso_v4_cache_bucketsize,
674		.maxlen		= sizeof(int),
675		.mode		= 0644,
676		.proc_handler	= &proc_dointvec,
677	},
678	{
679		.ctl_name	= NET_CIPSOV4_RBM_OPTFMT,
680		.procname	= "cipso_rbm_optfmt",
681		.data		= &cipso_v4_rbm_optfmt,
682		.maxlen		= sizeof(int),
683		.mode		= 0644,
684		.proc_handler	= &proc_dointvec,
685	},
686	{
687		.ctl_name	= NET_CIPSOV4_RBM_STRICTVALID,
688		.procname	= "cipso_rbm_strictvalid",
689		.data		= &cipso_v4_rbm_strictvalid,
690		.maxlen		= sizeof(int),
691		.mode		= 0644,
692		.proc_handler	= &proc_dointvec,
693	},
694#endif /* CONFIG_NETLABEL */
695	{
696		.procname	= "tcp_available_congestion_control",
697		.maxlen		= TCP_CA_BUF_MAX,
698		.mode		= 0444,
699		.proc_handler   = &proc_tcp_available_congestion_control,
700	},
701	{
702		.ctl_name	= NET_TCP_ALLOWED_CONG_CONTROL,
703		.procname	= "tcp_allowed_congestion_control",
704		.maxlen		= TCP_CA_BUF_MAX,
705		.mode		= 0644,
706		.proc_handler   = &proc_allowed_congestion_control,
707		.strategy	= &strategy_allowed_congestion_control,
708	},
709	{
710		.ctl_name	= NET_TCP_MAX_SSTHRESH,
711		.procname	= "tcp_max_ssthresh",
712		.data		= &sysctl_tcp_max_ssthresh,
713		.maxlen		= sizeof(int),
714		.mode		= 0644,
715		.proc_handler	= &proc_dointvec,
716	},
717	{
718		.ctl_name	= CTL_UNNUMBERED,
719		.procname	= "udp_mem",
720		.data		= &sysctl_udp_mem,
721		.maxlen		= sizeof(sysctl_udp_mem),
722		.mode		= 0644,
723		.proc_handler	= &proc_dointvec_minmax,
724		.strategy	= &sysctl_intvec,
725		.extra1		= &zero
726	},
727	{
728		.ctl_name	= CTL_UNNUMBERED,
729		.procname	= "udp_rmem_min",
730		.data		= &sysctl_udp_rmem_min,
731		.maxlen		= sizeof(sysctl_udp_rmem_min),
732		.mode		= 0644,
733		.proc_handler	= &proc_dointvec_minmax,
734		.strategy	= &sysctl_intvec,
735		.extra1		= &zero
736	},
737	{
738		.ctl_name	= CTL_UNNUMBERED,
739		.procname	= "udp_wmem_min",
740		.data		= &sysctl_udp_wmem_min,
741		.maxlen		= sizeof(sysctl_udp_wmem_min),
742		.mode		= 0644,
743		.proc_handler	= &proc_dointvec_minmax,
744		.strategy	= &sysctl_intvec,
745		.extra1		= &zero
746	},
747	{ .ctl_name = 0 }
748};
749
750static struct ctl_table ipv4_net_table[] = {
751	{
752		.ctl_name	= NET_IPV4_ICMP_ECHO_IGNORE_ALL,
753		.procname	= "icmp_echo_ignore_all",
754		.data		= &init_net.ipv4.sysctl_icmp_echo_ignore_all,
755		.maxlen		= sizeof(int),
756		.mode		= 0644,
757		.proc_handler	= &proc_dointvec
758	},
759	{
760		.ctl_name	= NET_IPV4_ICMP_ECHO_IGNORE_BROADCASTS,
761		.procname	= "icmp_echo_ignore_broadcasts",
762		.data		= &init_net.ipv4.sysctl_icmp_echo_ignore_broadcasts,
763		.maxlen		= sizeof(int),
764		.mode		= 0644,
765		.proc_handler	= &proc_dointvec
766	},
767	{
768		.ctl_name	= NET_IPV4_ICMP_IGNORE_BOGUS_ERROR_RESPONSES,
769		.procname	= "icmp_ignore_bogus_error_responses",
770		.data		= &init_net.ipv4.sysctl_icmp_ignore_bogus_error_responses,
771		.maxlen		= sizeof(int),
772		.mode		= 0644,
773		.proc_handler	= &proc_dointvec
774	},
775	{
776		.ctl_name	= NET_IPV4_ICMP_ERRORS_USE_INBOUND_IFADDR,
777		.procname	= "icmp_errors_use_inbound_ifaddr",
778		.data		= &init_net.ipv4.sysctl_icmp_errors_use_inbound_ifaddr,
779		.maxlen		= sizeof(int),
780		.mode		= 0644,
781		.proc_handler	= &proc_dointvec
782	},
783	{
784		.ctl_name	= NET_IPV4_ICMP_RATELIMIT,
785		.procname	= "icmp_ratelimit",
786		.data		= &init_net.ipv4.sysctl_icmp_ratelimit,
787		.maxlen		= sizeof(int),
788		.mode		= 0644,
789		.proc_handler	= &proc_dointvec_ms_jiffies,
790		.strategy	= &sysctl_ms_jiffies
791	},
792	{
793		.ctl_name	= NET_IPV4_ICMP_RATEMASK,
794		.procname	= "icmp_ratemask",
795		.data		= &init_net.ipv4.sysctl_icmp_ratemask,
796		.maxlen		= sizeof(int),
797		.mode		= 0644,
798		.proc_handler	= &proc_dointvec
799	},
800	{ }
801};
802
803struct ctl_path net_ipv4_ctl_path[] = {
804	{ .procname = "net", .ctl_name = CTL_NET, },
805	{ .procname = "ipv4", .ctl_name = NET_IPV4, },
806	{ },
807};
808EXPORT_SYMBOL_GPL(net_ipv4_ctl_path);
809
810static __net_init int ipv4_sysctl_init_net(struct net *net)
811{
812	struct ctl_table *table;
813
814	table = ipv4_net_table;
815	if (net != &init_net) {
816		table = kmemdup(table, sizeof(ipv4_net_table), GFP_KERNEL);
817		if (table == NULL)
818			goto err_alloc;
819
820		table[0].data =
821			&net->ipv4.sysctl_icmp_echo_ignore_all;
822		table[1].data =
823			&net->ipv4.sysctl_icmp_echo_ignore_broadcasts;
824		table[2].data =
825			&net->ipv4.sysctl_icmp_ignore_bogus_error_responses;
826		table[3].data =
827			&net->ipv4.sysctl_icmp_errors_use_inbound_ifaddr;
828		table[4].data =
829			&net->ipv4.sysctl_icmp_ratelimit;
830		table[5].data =
831			&net->ipv4.sysctl_icmp_ratemask;
832	}
833
834	net->ipv4.ipv4_hdr = register_net_sysctl_table(net,
835			net_ipv4_ctl_path, table);
836	if (net->ipv4.ipv4_hdr == NULL)
837		goto err_reg;
838
839	return 0;
840
841err_reg:
842	if (net != &init_net)
843		kfree(table);
844err_alloc:
845	return -ENOMEM;
846}
847
848static __net_exit void ipv4_sysctl_exit_net(struct net *net)
849{
850	struct ctl_table *table;
851
852	table = net->ipv4.ipv4_hdr->ctl_table_arg;
853	unregister_net_sysctl_table(net->ipv4.ipv4_hdr);
854	kfree(table);
855}
856
857static __net_initdata struct pernet_operations ipv4_sysctl_ops = {
858	.init = ipv4_sysctl_init_net,
859	.exit = ipv4_sysctl_exit_net,
860};
861
862static __init int sysctl_ipv4_init(void)
863{
864	struct ctl_table_header *hdr;
865
866	hdr = register_sysctl_paths(net_ipv4_ctl_path, ipv4_table);
867	if (hdr == NULL)
868		return -ENOMEM;
869
870	if (register_pernet_subsys(&ipv4_sysctl_ops)) {
871		unregister_sysctl_table(hdr);
872		return -ENOMEM;
873	}
874
875	return 0;
876}
877
878__initcall(sysctl_ipv4_init);
879