Skip to content

Commit 4990509

Browse files
Daniel Lezcanodavem330
Daniel Lezcano
authored and
davem330
committed
[NETNS][IPV6]: Make sysctls route per namespace.
All the sysctl concerning the routes are moved to the network namespace structure. A helper function is called to initialize the variables. Because the ipv6 protocol is not yet per namespace, the variables are accessed relatively from the network namespace. Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net>
1 parent 7c76509 commit 4990509

File tree

6 files changed

+56
-36
lines changed

6 files changed

+56
-36
lines changed

include/net/ip6_route.h

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -43,8 +43,6 @@ extern struct rt6_info ip6_prohibit_entry;
4343
extern struct rt6_info ip6_blk_hole_entry;
4444
#endif
4545

46-
extern int ip6_rt_gc_interval;
47-
4846
extern void ip6_route_input(struct sk_buff *skb);
4947

5048
extern struct dst_entry * ip6_route_output(struct sock *sk,

include/net/netns/ipv6.h

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,14 @@ struct netns_sysctl_ipv6 {
1515
#endif
1616
struct inet_frags_ctl frags;
1717
int bindv6only;
18+
int flush_delay;
19+
int ip6_rt_max_size;
20+
int ip6_rt_gc_min_interval;
21+
int ip6_rt_gc_timeout;
22+
int ip6_rt_gc_interval;
23+
int ip6_rt_gc_elasticity;
24+
int ip6_rt_mtu_expires;
25+
int ip6_rt_min_advmss;
1826
};
1927

2028
struct netns_ipv6 {

net/ipv6/af_inet6.c

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -726,6 +726,14 @@ static int inet6_net_init(struct net *net)
726726
net->ipv6.sysctl.frags.low_thresh = 192 * 1024;
727727
net->ipv6.sysctl.frags.timeout = IPV6_FRAG_TIMEOUT;
728728
net->ipv6.sysctl.frags.secret_interval = 10 * 60 * HZ;
729+
net->ipv6.sysctl.flush_delay = 0;
730+
net->ipv6.sysctl.ip6_rt_max_size = 4096;
731+
net->ipv6.sysctl.ip6_rt_gc_min_interval = HZ / 2;
732+
net->ipv6.sysctl.ip6_rt_gc_timeout = 60*HZ;
733+
net->ipv6.sysctl.ip6_rt_gc_interval = 30*HZ;
734+
net->ipv6.sysctl.ip6_rt_gc_elasticity = 9;
735+
net->ipv6.sysctl.ip6_rt_mtu_expires = 10*60*HZ;
736+
net->ipv6.sysctl.ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40;
729737
ipv6_frag_sysctl_init(net);
730738

731739
return 0;

net/ipv6/ip6_fib.c

Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -681,13 +681,15 @@ static __inline__ void fib6_start_gc(struct rt6_info *rt)
681681
{
682682
if (ip6_fib_timer.expires == 0 &&
683683
(rt->rt6i_flags & (RTF_EXPIRES|RTF_CACHE)))
684-
mod_timer(&ip6_fib_timer, jiffies + ip6_rt_gc_interval);
684+
mod_timer(&ip6_fib_timer, jiffies +
685+
init_net.ipv6.sysctl.ip6_rt_gc_interval);
685686
}
686687

687688
void fib6_force_start_gc(void)
688689
{
689690
if (ip6_fib_timer.expires == 0)
690-
mod_timer(&ip6_fib_timer, jiffies + ip6_rt_gc_interval);
691+
mod_timer(&ip6_fib_timer, jiffies +
692+
init_net.ipv6.sysctl.ip6_rt_gc_interval);
691693
}
692694

693695
/*
@@ -1447,23 +1449,25 @@ void fib6_run_gc(unsigned long dummy)
14471449
{
14481450
if (dummy != ~0UL) {
14491451
spin_lock_bh(&fib6_gc_lock);
1450-
gc_args.timeout = dummy ? (int)dummy : ip6_rt_gc_interval;
1452+
gc_args.timeout = dummy ? (int)dummy :
1453+
init_net.ipv6.sysctl.ip6_rt_gc_interval;
14511454
} else {
14521455
local_bh_disable();
14531456
if (!spin_trylock(&fib6_gc_lock)) {
14541457
mod_timer(&ip6_fib_timer, jiffies + HZ);
14551458
local_bh_enable();
14561459
return;
14571460
}
1458-
gc_args.timeout = ip6_rt_gc_interval;
1461+
gc_args.timeout = init_net.ipv6.sysctl.ip6_rt_gc_interval;
14591462
}
14601463
gc_args.more = 0;
14611464

14621465
ndisc_dst_gc(&gc_args.more);
14631466
fib6_clean_all(fib6_age, 0, NULL);
14641467

14651468
if (gc_args.more)
1466-
mod_timer(&ip6_fib_timer, jiffies + ip6_rt_gc_interval);
1469+
mod_timer(&ip6_fib_timer, jiffies +
1470+
init_net.ipv6.sysctl.ip6_rt_gc_interval);
14671471
else {
14681472
del_timer(&ip6_fib_timer);
14691473
ip6_fib_timer.expires = 0;

net/ipv6/route.c

Lines changed: 20 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -73,14 +73,6 @@
7373

7474
#define CLONE_OFFLINK_ROUTE 0
7575

76-
static int ip6_rt_max_size = 4096;
77-
static int ip6_rt_gc_min_interval = HZ / 2;
78-
static int ip6_rt_gc_timeout = 60*HZ;
79-
int ip6_rt_gc_interval = 30*HZ;
80-
static int ip6_rt_gc_elasticity = 9;
81-
static int ip6_rt_mtu_expires = 10*60*HZ;
82-
static int ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40;
83-
8476
static struct rt6_info * ip6_rt_copy(struct rt6_info *ort);
8577
static struct dst_entry *ip6_dst_check(struct dst_entry *dst, u32 cookie);
8678
static struct dst_entry *ip6_negative_advice(struct dst_entry *);
@@ -894,8 +886,8 @@ static inline unsigned int ipv6_advmss(unsigned int mtu)
894886
{
895887
mtu -= sizeof(struct ipv6hdr) + sizeof(struct tcphdr);
896888

897-
if (mtu < ip6_rt_min_advmss)
898-
mtu = ip6_rt_min_advmss;
889+
if (mtu < init_net.ipv6.sysctl.ip6_rt_min_advmss)
890+
mtu = init_net.ipv6.sysctl.ip6_rt_min_advmss;
899891

900892
/*
901893
* Maximal non-jumbo IPv6 payload is IPV6_MAXPLEN and
@@ -995,19 +987,19 @@ static int ip6_dst_gc(void)
995987
static unsigned long last_gc;
996988
unsigned long now = jiffies;
997989

998-
if (time_after(last_gc + ip6_rt_gc_min_interval, now) &&
999-
atomic_read(&ip6_dst_ops.entries) <= ip6_rt_max_size)
990+
if (time_after(last_gc + init_net.ipv6.sysctl.ip6_rt_gc_min_interval, now) &&
991+
atomic_read(&ip6_dst_ops.entries) <= init_net.ipv6.sysctl.ip6_rt_max_size)
1000992
goto out;
1001993

1002994
expire++;
1003995
fib6_run_gc(expire);
1004996
last_gc = now;
1005997
if (atomic_read(&ip6_dst_ops.entries) < ip6_dst_ops.gc_thresh)
1006-
expire = ip6_rt_gc_timeout>>1;
998+
expire = init_net.ipv6.sysctl.ip6_rt_gc_timeout>>1;
1007999

10081000
out:
1009-
expire -= expire>>ip6_rt_gc_elasticity;
1010-
return (atomic_read(&ip6_dst_ops.entries) > ip6_rt_max_size);
1001+
expire -= expire>>init_net.ipv6.sysctl.ip6_rt_gc_elasticity;
1002+
return (atomic_read(&ip6_dst_ops.entries) > init_net.ipv6.sysctl.ip6_rt_max_size);
10111003
}
10121004

10131005
/* Clean host part of a prefix. Not necessary in radix tree,
@@ -1513,7 +1505,7 @@ void rt6_pmtu_discovery(struct in6_addr *daddr, struct in6_addr *saddr,
15131505
rt->u.dst.metrics[RTAX_MTU-1] = pmtu;
15141506
if (allfrag)
15151507
rt->u.dst.metrics[RTAX_FEATURES-1] |= RTAX_FEATURE_ALLFRAG;
1516-
dst_set_expires(&rt->u.dst, ip6_rt_mtu_expires);
1508+
dst_set_expires(&rt->u.dst, init_net.ipv6.sysctl.ip6_rt_mtu_expires);
15171509
rt->rt6i_flags |= RTF_MODIFIED|RTF_EXPIRES;
15181510
goto out;
15191511
}
@@ -1539,7 +1531,7 @@ void rt6_pmtu_discovery(struct in6_addr *daddr, struct in6_addr *saddr,
15391531
* which is 10 mins. After 10 mins the decreased pmtu is expired
15401532
* and detecting PMTU increase will be automatically happened.
15411533
*/
1542-
dst_set_expires(&nrt->u.dst, ip6_rt_mtu_expires);
1534+
dst_set_expires(&nrt->u.dst, init_net.ipv6.sysctl.ip6_rt_mtu_expires);
15431535
nrt->rt6i_flags |= RTF_DYNAMIC|RTF_EXPIRES;
15441536

15451537
ip6_ins_rt(nrt);
@@ -2395,15 +2387,14 @@ static inline void ipv6_route_proc_fini(struct net *net)
23952387

23962388
#ifdef CONFIG_SYSCTL
23972389

2398-
static int flush_delay;
2399-
24002390
static
24012391
int ipv6_sysctl_rtcache_flush(ctl_table *ctl, int write, struct file * filp,
24022392
void __user *buffer, size_t *lenp, loff_t *ppos)
24032393
{
2394+
int delay = init_net.ipv6.sysctl.flush_delay;
24042395
if (write) {
24052396
proc_dointvec(ctl, write, filp, buffer, lenp, ppos);
2406-
fib6_run_gc(flush_delay <= 0 ? ~0UL : (unsigned long)flush_delay);
2397+
fib6_run_gc(delay <= 0 ? ~0UL : (unsigned long)delay);
24072398
return 0;
24082399
} else
24092400
return -EINVAL;
@@ -2412,7 +2403,7 @@ int ipv6_sysctl_rtcache_flush(ctl_table *ctl, int write, struct file * filp,
24122403
ctl_table ipv6_route_table_template[] = {
24132404
{
24142405
.procname = "flush",
2415-
.data = &flush_delay,
2406+
.data = &init_net.ipv6.sysctl.flush_delay,
24162407
.maxlen = sizeof(int),
24172408
.mode = 0200,
24182409
.proc_handler = &ipv6_sysctl_rtcache_flush
@@ -2428,15 +2419,15 @@ ctl_table ipv6_route_table_template[] = {
24282419
{
24292420
.ctl_name = NET_IPV6_ROUTE_MAX_SIZE,
24302421
.procname = "max_size",
2431-
.data = &ip6_rt_max_size,
2422+
.data = &init_net.ipv6.sysctl.ip6_rt_max_size,
24322423
.maxlen = sizeof(int),
24332424
.mode = 0644,
24342425
.proc_handler = &proc_dointvec,
24352426
},
24362427
{
24372428
.ctl_name = NET_IPV6_ROUTE_GC_MIN_INTERVAL,
24382429
.procname = "gc_min_interval",
2439-
.data = &ip6_rt_gc_min_interval,
2430+
.data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
24402431
.maxlen = sizeof(int),
24412432
.mode = 0644,
24422433
.proc_handler = &proc_dointvec_jiffies,
@@ -2445,7 +2436,7 @@ ctl_table ipv6_route_table_template[] = {
24452436
{
24462437
.ctl_name = NET_IPV6_ROUTE_GC_TIMEOUT,
24472438
.procname = "gc_timeout",
2448-
.data = &ip6_rt_gc_timeout,
2439+
.data = &init_net.ipv6.sysctl.ip6_rt_gc_timeout,
24492440
.maxlen = sizeof(int),
24502441
.mode = 0644,
24512442
.proc_handler = &proc_dointvec_jiffies,
@@ -2454,7 +2445,7 @@ ctl_table ipv6_route_table_template[] = {
24542445
{
24552446
.ctl_name = NET_IPV6_ROUTE_GC_INTERVAL,
24562447
.procname = "gc_interval",
2457-
.data = &ip6_rt_gc_interval,
2448+
.data = &init_net.ipv6.sysctl.ip6_rt_gc_interval,
24582449
.maxlen = sizeof(int),
24592450
.mode = 0644,
24602451
.proc_handler = &proc_dointvec_jiffies,
@@ -2463,7 +2454,7 @@ ctl_table ipv6_route_table_template[] = {
24632454
{
24642455
.ctl_name = NET_IPV6_ROUTE_GC_ELASTICITY,
24652456
.procname = "gc_elasticity",
2466-
.data = &ip6_rt_gc_elasticity,
2457+
.data = &init_net.ipv6.sysctl.ip6_rt_gc_elasticity,
24672458
.maxlen = sizeof(int),
24682459
.mode = 0644,
24692460
.proc_handler = &proc_dointvec_jiffies,
@@ -2472,7 +2463,7 @@ ctl_table ipv6_route_table_template[] = {
24722463
{
24732464
.ctl_name = NET_IPV6_ROUTE_MTU_EXPIRES,
24742465
.procname = "mtu_expires",
2475-
.data = &ip6_rt_mtu_expires,
2466+
.data = &init_net.ipv6.sysctl.ip6_rt_mtu_expires,
24762467
.maxlen = sizeof(int),
24772468
.mode = 0644,
24782469
.proc_handler = &proc_dointvec_jiffies,
@@ -2481,7 +2472,7 @@ ctl_table ipv6_route_table_template[] = {
24812472
{
24822473
.ctl_name = NET_IPV6_ROUTE_MIN_ADVMSS,
24832474
.procname = "min_adv_mss",
2484-
.data = &ip6_rt_min_advmss,
2475+
.data = &init_net.ipv6.sysctl.ip6_rt_min_advmss,
24852476
.maxlen = sizeof(int),
24862477
.mode = 0644,
24872478
.proc_handler = &proc_dointvec_jiffies,
@@ -2490,7 +2481,7 @@ ctl_table ipv6_route_table_template[] = {
24902481
{
24912482
.ctl_name = NET_IPV6_ROUTE_GC_MIN_INTERVAL_MS,
24922483
.procname = "gc_min_interval_ms",
2493-
.data = &ip6_rt_gc_min_interval,
2484+
.data = &init_net.ipv6.sysctl.ip6_rt_gc_min_interval,
24942485
.maxlen = sizeof(int),
24952486
.mode = 0644,
24962487
.proc_handler = &proc_dointvec_ms_jiffies,

net/ipv6/sysctl_net_ipv6.c

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -113,7 +113,18 @@ static int ipv6_sysctl_net_init(struct net *net)
113113
if (!ipv6_icmp_table)
114114
goto out_ipv6_route_table;
115115

116+
ipv6_route_table[0].data = &net->ipv6.sysctl.flush_delay;
117+
/* ipv6_route_table[1].data will be handled when we have
118+
routes per namespace */
119+
ipv6_route_table[2].data = &net->ipv6.sysctl.ip6_rt_max_size;
120+
ipv6_route_table[3].data = &net->ipv6.sysctl.ip6_rt_gc_min_interval;
121+
ipv6_route_table[4].data = &net->ipv6.sysctl.ip6_rt_gc_timeout;
122+
ipv6_route_table[5].data = &net->ipv6.sysctl.ip6_rt_gc_interval;
123+
ipv6_route_table[6].data = &net->ipv6.sysctl.ip6_rt_gc_elasticity;
124+
ipv6_route_table[7].data = &net->ipv6.sysctl.ip6_rt_mtu_expires;
125+
ipv6_route_table[8].data = &net->ipv6.sysctl.ip6_rt_min_advmss;
116126
ipv6_table[0].child = ipv6_route_table;
127+
117128
ipv6_table[1].child = ipv6_icmp_table;
118129

119130
ipv6_table[2].data = &net->ipv6.sysctl.bindv6only;

0 commit comments

Comments
 (0)