From: Daniel Lezcano <dlezcano@fr.ibm.com>
To: davem@davemloft.net
Cc: netdev@vger.kernel.org
Subject: [patch 4/9][NETNS][IPV6] make multiple instance of sysctl tables
Date: Wed, 02 Jan 2008 13:25:52 +0100 [thread overview]
Message-ID: <20080102122813.238340323@localhost.localdomain> (raw)
In-Reply-To: 20080102122548.629622062@localhost.localdomain
[-- Attachment #1: make-ipv6-sysctl-per-namespace.patch --]
[-- Type: text/plain, Size: 5934 bytes --]
Each network namespace wants its own set of sysctl value, eg. we should
not be able from a namespace to set a sysctl value for another namespace
, especially for the initial network namespace.
This patch duplicates the sysctl table when we register a new network
namespace for ipv6. The duplicated table are postfixed with the "template"
word to notify the developper the table is cloned.
Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
---
include/net/ipv6.h | 4 +-
include/net/netns/ipv6.h | 9 ++++++
net/ipv6/icmp.c | 12 +++++++-
net/ipv6/route.c | 11 ++++++-
net/ipv6/sysctl_net_ipv6.c | 67 +++++++++++++++++++++++++++++++++++++--------
5 files changed, 88 insertions(+), 15 deletions(-)
Index: net-2.6.25/net/ipv6/sysctl_net_ipv6.c
===================================================================
--- net-2.6.25.orig/net/ipv6/sysctl_net_ipv6.c
+++ net-2.6.25/net/ipv6/sysctl_net_ipv6.c
@@ -14,20 +14,23 @@
#include <net/addrconf.h>
#include <net/inet_frag.h>
-static ctl_table ipv6_table[] = {
+extern struct ctl_table *ipv6_route_sysctl_init(struct net *net);
+extern struct ctl_table *ipv6_icmp_sysctl_init(struct net *net);
+
+static ctl_table ipv6_table_template[] = {
{
.ctl_name = NET_IPV6_ROUTE,
.procname = "route",
.maxlen = 0,
.mode = 0555,
- .child = ipv6_route_table
+ .child = ipv6_route_table_template
},
{
.ctl_name = NET_IPV6_ICMP,
.procname = "icmp",
.maxlen = 0,
.mode = 0555,
- .child = ipv6_icmp_table
+ .child = ipv6_icmp_table_template
},
{
.ctl_name = NET_IPV6_BINDV6ONLY,
@@ -88,20 +91,62 @@ static struct ctl_path ipv6_ctl_path[] =
{ },
};
-static struct ctl_table_header *ipv6_sysctl_header;
-
static int ipv6_sysctl_net_init(struct net *net)
{
- ipv6_sysctl_header = register_net_sysctl_table(net, ipv6_ctl_path, ipv6_table);
- if (!ipv6_sysctl_header)
- return -ENOMEM;
-
- return 0;
+ struct ctl_table *ipv6_table;
+ struct ctl_table *ipv6_route_table;
+ struct ctl_table *ipv6_icmp_table;
+ int err;
+
+ err = -ENOMEM;
+ ipv6_table = kmemdup(ipv6_table_template, sizeof(ipv6_table_template),
+ GFP_KERNEL);
+ if (!ipv6_table)
+ goto out;
+
+ ipv6_route_table = ipv6_route_sysctl_init(net);
+ if (!ipv6_route_table)
+ goto out_ipv6_table;
+
+ ipv6_icmp_table = ipv6_icmp_sysctl_init(net);
+ if (!ipv6_icmp_table)
+ goto out_ipv6_route_table;
+
+ ipv6_table[0].child = ipv6_route_table;
+ ipv6_table[1].child = ipv6_icmp_table;
+
+ net->ipv6.sysctl.table = register_net_sysctl_table(net, ipv6_ctl_path, ipv6_table);
+ if (!net->ipv6.sysctl.table)
+ goto out_ipv6_icmp_table;
+
+ err = 0;
+out:
+ return err;
+
+out_ipv6_icmp_table:
+ kfree(ipv6_icmp_table);
+out_ipv6_route_table:
+ kfree(ipv6_route_table);
+out_ipv6_table:
+ kfree(ipv6_table);
+ goto out;
}
static void ipv6_sysctl_net_exit(struct net *net)
{
- unregister_net_sysctl_table(ipv6_sysctl_header);
+ struct ctl_table *ipv6_table;
+ struct ctl_table *ipv6_route_table;
+ struct ctl_table *ipv6_icmp_table;
+
+ ipv6_table = net->ipv6.sysctl.table->ctl_table_arg;
+ ipv6_route_table = ipv6_table[0].child;
+ ipv6_icmp_table = ipv6_table[1].child;
+
+ unregister_net_sysctl_table(net->ipv6.sysctl.table);
+
+ kfree(ipv6_table);
+ kfree(ipv6_route_table);
+ kfree(ipv6_icmp_table);
}
static struct pernet_operations ipv6_sysctl_net_ops = {
Index: net-2.6.25/include/net/netns/ipv6.h
===================================================================
--- net-2.6.25.orig/include/net/netns/ipv6.h
+++ net-2.6.25/include/net/netns/ipv6.h
@@ -5,6 +5,15 @@
#ifndef __NETNS_IPV6_H__
#define __NETNS_IPV6_H__
+struct ctl_table_header;
+
+struct netns_sysctl_ipv6 {
+ struct ctl_table_header *table;
+};
+
struct netns_ipv6 {
+#ifdef CONFIG_SYSCTL
+ struct netns_sysctl_ipv6 sysctl;
+#endif
};
#endif
Index: net-2.6.25/include/net/ipv6.h
===================================================================
--- net-2.6.25.orig/include/net/ipv6.h
+++ net-2.6.25/include/net/ipv6.h
@@ -617,8 +617,8 @@ static inline int snmp6_unregister_dev(s
#endif
#ifdef CONFIG_SYSCTL
-extern ctl_table ipv6_route_table[];
-extern ctl_table ipv6_icmp_table[];
+extern ctl_table ipv6_route_table_template[];
+extern ctl_table ipv6_icmp_table_template[];
extern int ipv6_sysctl_register(void);
extern void ipv6_sysctl_unregister(void);
Index: net-2.6.25/net/ipv6/icmp.c
===================================================================
--- net-2.6.25.orig/net/ipv6/icmp.c
+++ net-2.6.25/net/ipv6/icmp.c
@@ -909,7 +909,7 @@ int icmpv6_err_convert(int type, int cod
EXPORT_SYMBOL(icmpv6_err_convert);
#ifdef CONFIG_SYSCTL
-ctl_table ipv6_icmp_table[] = {
+ctl_table ipv6_icmp_table_template[] = {
{
.ctl_name = NET_IPV6_ICMP_RATELIMIT,
.procname = "ratelimit",
@@ -920,5 +920,15 @@ ctl_table ipv6_icmp_table[] = {
},
{ .ctl_name = 0 },
};
+
+struct ctl_table *ipv6_icmp_sysctl_init(struct net *net)
+{
+ struct ctl_table *table;
+
+ table = kmemdup(ipv6_icmp_table_template,
+ sizeof(ipv6_icmp_table_template),
+ GFP_KERNEL);
+ return table;
+}
#endif
Index: net-2.6.25/net/ipv6/route.c
===================================================================
--- net-2.6.25.orig/net/ipv6/route.c
+++ net-2.6.25/net/ipv6/route.c
@@ -2404,7 +2404,7 @@ int ipv6_sysctl_rtcache_flush(ctl_table
return -EINVAL;
}
-ctl_table ipv6_route_table[] = {
+ctl_table ipv6_route_table_template[] = {
{
.procname = "flush",
.data = &flush_delay,
@@ -2494,6 +2494,15 @@ ctl_table ipv6_route_table[] = {
{ .ctl_name = 0 }
};
+struct ctl_table *ipv6_route_sysctl_init(struct net *net)
+{
+ struct ctl_table *table;
+
+ table = kmemdup(ipv6_route_table_template,
+ sizeof(ipv6_route_table_template),
+ GFP_KERNEL);
+ return table;
+}
#endif
int __init ip6_route_init(void)
--
next prev parent reply other threads:[~2008-01-02 12:36 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-01-02 12:25 [patch 0/9][NETNS][IPV6] make sysctl per namespace Daniel Lezcano
2008-01-02 12:25 ` [patch 1/9][NETNS][IPV6] make ipv6_sysctl_register to return a value Daniel Lezcano
2008-01-02 12:25 ` [patch 2/9][NETNS][IPV6] make the ipv6 sysctl to be a netns subsystem Daniel Lezcano
2008-01-02 12:25 ` [patch 3/9][NETNS][IPV6] make ipv6 structure for netns Daniel Lezcano
2008-01-02 12:25 ` Daniel Lezcano [this message]
2008-01-02 12:25 ` [patch 5/9][NETNS][IPV6] make bindv6only sysctl per namespace Daniel Lezcano
2008-01-02 12:25 ` [patch 6/9][NETNS][IPV6] make ip6_frags " Daniel Lezcano
2008-01-02 12:25 ` [patch 7/9][NETNS][IPV6] make mld_max_msf " Daniel Lezcano
2008-01-02 23:31 ` David Stevens
2008-01-03 11:00 ` Daniel Lezcano
2008-01-03 17:05 ` David Stevens
2008-01-02 12:25 ` [patch 8/9][NETNS][IPV6] make sysctls route " Daniel Lezcano
2008-01-02 12:25 ` [patch 9/9][NETNS][IPV6] make icmpv6_time sysctl " Daniel Lezcano
2008-01-02 13:54 ` [patch 0/9][NETNS][IPV6] make " Eric Dumazet
2008-01-02 14:05 ` Daniel Lezcano
-- strict thread matches above, loose matches on Subject: below --
2008-01-04 11:12 Daniel Lezcano
2008-01-04 11:12 ` [patch 4/9][NETNS][IPV6] make multiple instance of sysctl tables Daniel Lezcano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080102122813.238340323@localhost.localdomain \
--to=dlezcano@fr.ibm.com \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.