Merge git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6
[linux-2.6] / net / ipv4 / sysctl_net_ipv4.c
1 /*
2  * sysctl_net_ipv4.c: sysctl interface to net IPV4 subsystem.
3  *
4  * Begun April 1, 1996, Mike Shaver.
5  * Added /proc/sys/net/ipv4 directory entry (empty =) ). [MS]
6  */
7
8 #include <linux/mm.h>
9 #include <linux/module.h>
10 #include <linux/sysctl.h>
11 #include <linux/igmp.h>
12 #include <linux/inetdevice.h>
13 #include <linux/seqlock.h>
14 #include <linux/init.h>
15 #include <net/snmp.h>
16 #include <net/icmp.h>
17 #include <net/ip.h>
18 #include <net/route.h>
19 #include <net/tcp.h>
20 #include <net/udp.h>
21 #include <net/cipso_ipv4.h>
22 #include <net/inet_frag.h>
23
24 static int zero;
25 static int tcp_retr1_max = 255;
26 static int ip_local_port_range_min[] = { 1, 1 };
27 static int ip_local_port_range_max[] = { 65535, 65535 };
28
29 extern seqlock_t sysctl_port_range_lock;
30 extern int sysctl_local_port_range[2];
31
32 /* Update system visible IP port range */
33 static void set_local_port_range(int range[2])
34 {
35         write_seqlock(&sysctl_port_range_lock);
36         sysctl_local_port_range[0] = range[0];
37         sysctl_local_port_range[1] = range[1];
38         write_sequnlock(&sysctl_port_range_lock);
39 }
40
41 /* Validate changes from /proc interface. */
42 static int ipv4_local_port_range(ctl_table *table, int write, struct file *filp,
43                                  void __user *buffer,
44                                  size_t *lenp, loff_t *ppos)
45 {
46         int ret;
47         int range[2] = { sysctl_local_port_range[0],
48                          sysctl_local_port_range[1] };
49         ctl_table tmp = {
50                 .data = &range,
51                 .maxlen = sizeof(range),
52                 .mode = table->mode,
53                 .extra1 = &ip_local_port_range_min,
54                 .extra2 = &ip_local_port_range_max,
55         };
56
57         ret = proc_dointvec_minmax(&tmp, write, filp, buffer, lenp, ppos);
58
59         if (write && ret == 0) {
60                 if (range[1] < range[0])
61                         ret = -EINVAL;
62                 else
63                         set_local_port_range(range);
64         }
65
66         return ret;
67 }
68
69 /* Validate changes from sysctl interface. */
70 static int ipv4_sysctl_local_port_range(ctl_table *table, int __user *name,
71                                          int nlen, void __user *oldval,
72                                          size_t __user *oldlenp,
73                                         void __user *newval, size_t newlen)
74 {
75         int ret;
76         int range[2] = { sysctl_local_port_range[0],
77                          sysctl_local_port_range[1] };
78         ctl_table tmp = {
79                 .data = &range,
80                 .maxlen = sizeof(range),
81                 .mode = table->mode,
82                 .extra1 = &ip_local_port_range_min,
83                 .extra2 = &ip_local_port_range_max,
84         };
85
86         ret = sysctl_intvec(&tmp, name, nlen, oldval, oldlenp, newval, newlen);
87         if (ret == 0 && newval && newlen) {
88                 if (range[1] < range[0])
89                         ret = -EINVAL;
90                 else
91                         set_local_port_range(range);
92         }
93         return ret;
94 }
95
96
97 static int proc_tcp_congestion_control(ctl_table *ctl, int write, struct file * filp,
98                                        void __user *buffer, size_t *lenp, loff_t *ppos)
99 {
100         char val[TCP_CA_NAME_MAX];
101         ctl_table tbl = {
102                 .data = val,
103                 .maxlen = TCP_CA_NAME_MAX,
104         };
105         int ret;
106
107         tcp_get_default_congestion_control(val);
108
109         ret = proc_dostring(&tbl, write, filp, buffer, lenp, ppos);
110         if (write && ret == 0)
111                 ret = tcp_set_default_congestion_control(val);
112         return ret;
113 }
114
115 static int sysctl_tcp_congestion_control(ctl_table *table, int __user *name,
116                                          int nlen, void __user *oldval,
117                                          size_t __user *oldlenp,
118                                          void __user *newval, size_t newlen)
119 {
120         char val[TCP_CA_NAME_MAX];
121         ctl_table tbl = {
122                 .data = val,
123                 .maxlen = TCP_CA_NAME_MAX,
124         };
125         int ret;
126
127         tcp_get_default_congestion_control(val);
128         ret = sysctl_string(&tbl, name, nlen, oldval, oldlenp, newval, newlen);
129         if (ret == 1 && newval && newlen)
130                 ret = tcp_set_default_congestion_control(val);
131         return ret;
132 }
133
134 static int proc_tcp_available_congestion_control(ctl_table *ctl,
135                                                  int write, struct file * filp,
136                                                  void __user *buffer, size_t *lenp,
137                                                  loff_t *ppos)
138 {
139         ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX, };
140         int ret;
141
142         tbl.data = kmalloc(tbl.maxlen, GFP_USER);
143         if (!tbl.data)
144                 return -ENOMEM;
145         tcp_get_available_congestion_control(tbl.data, TCP_CA_BUF_MAX);
146         ret = proc_dostring(&tbl, write, filp, buffer, lenp, ppos);
147         kfree(tbl.data);
148         return ret;
149 }
150
151 static int proc_allowed_congestion_control(ctl_table *ctl,
152                                            int write, struct file * filp,
153                                            void __user *buffer, size_t *lenp,
154                                            loff_t *ppos)
155 {
156         ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX };
157         int ret;
158
159         tbl.data = kmalloc(tbl.maxlen, GFP_USER);
160         if (!tbl.data)
161                 return -ENOMEM;
162
163         tcp_get_allowed_congestion_control(tbl.data, tbl.maxlen);
164         ret = proc_dostring(&tbl, write, filp, buffer, lenp, ppos);
165         if (write && ret == 0)
166                 ret = tcp_set_allowed_congestion_control(tbl.data);
167         kfree(tbl.data);
168         return ret;
169 }
170
171 static int strategy_allowed_congestion_control(ctl_table *table, int __user *name,
172                                                int nlen, void __user *oldval,
173                                                size_t __user *oldlenp,
174                                                void __user *newval,
175                                                size_t newlen)
176 {
177         ctl_table tbl = { .maxlen = TCP_CA_BUF_MAX };
178         int ret;
179
180         tbl.data = kmalloc(tbl.maxlen, GFP_USER);
181         if (!tbl.data)
182                 return -ENOMEM;
183
184         tcp_get_available_congestion_control(tbl.data, tbl.maxlen);
185         ret = sysctl_string(&tbl, name, nlen, oldval, oldlenp, newval, newlen);
186         if (ret == 1 && newval && newlen)
187                 ret = tcp_set_allowed_congestion_control(tbl.data);
188         kfree(tbl.data);
189
190         return ret;
191
192 }
193
194 static struct ctl_table ipv4_table[] = {
195         {
196                 .ctl_name       = NET_IPV4_TCP_TIMESTAMPS,
197                 .procname       = "tcp_timestamps",
198                 .data           = &sysctl_tcp_timestamps,
199                 .maxlen         = sizeof(int),
200                 .mode           = 0644,
201                 .proc_handler   = &proc_dointvec
202         },
203         {
204                 .ctl_name       = NET_IPV4_TCP_WINDOW_SCALING,
205                 .procname       = "tcp_window_scaling",
206                 .data           = &sysctl_tcp_window_scaling,
207                 .maxlen         = sizeof(int),
208                 .mode           = 0644,
209                 .proc_handler   = &proc_dointvec
210         },
211         {
212                 .ctl_name       = NET_IPV4_TCP_SACK,
213                 .procname       = "tcp_sack",
214                 .data           = &sysctl_tcp_sack,
215                 .maxlen         = sizeof(int),
216                 .mode           = 0644,
217                 .proc_handler   = &proc_dointvec
218         },
219         {
220                 .ctl_name       = NET_IPV4_TCP_RETRANS_COLLAPSE,
221                 .procname       = "tcp_retrans_collapse",
222                 .data           = &sysctl_tcp_retrans_collapse,
223                 .maxlen         = sizeof(int),
224                 .mode           = 0644,
225                 .proc_handler   = &proc_dointvec
226         },
227         {
228                 .ctl_name       = NET_IPV4_DEFAULT_TTL,
229                 .procname       = "ip_default_ttl",
230                 .data           = &sysctl_ip_default_ttl,
231                 .maxlen         = sizeof(int),
232                 .mode           = 0644,
233                 .proc_handler   = &ipv4_doint_and_flush,
234                 .strategy       = &ipv4_doint_and_flush_strategy,
235                 .extra2         = &init_net,
236         },
237         {
238                 .ctl_name       = NET_IPV4_NO_PMTU_DISC,
239                 .procname       = "ip_no_pmtu_disc",
240                 .data           = &ipv4_config.no_pmtu_disc,
241                 .maxlen         = sizeof(int),
242                 .mode           = 0644,
243                 .proc_handler   = &proc_dointvec
244         },
245         {
246                 .ctl_name       = NET_IPV4_NONLOCAL_BIND,
247                 .procname       = "ip_nonlocal_bind",
248                 .data           = &sysctl_ip_nonlocal_bind,
249                 .maxlen         = sizeof(int),
250                 .mode           = 0644,
251                 .proc_handler   = &proc_dointvec
252         },
253         {
254                 .ctl_name       = NET_IPV4_TCP_SYN_RETRIES,
255                 .procname       = "tcp_syn_retries",
256                 .data           = &sysctl_tcp_syn_retries,
257                 .maxlen         = sizeof(int),
258                 .mode           = 0644,
259                 .proc_handler   = &proc_dointvec
260         },
261         {
262                 .ctl_name       = NET_TCP_SYNACK_RETRIES,
263                 .procname       = "tcp_synack_retries",
264                 .data           = &sysctl_tcp_synack_retries,
265                 .maxlen         = sizeof(int),
266                 .mode           = 0644,
267                 .proc_handler   = &proc_dointvec
268         },
269         {
270                 .ctl_name       = NET_TCP_MAX_ORPHANS,
271                 .procname       = "tcp_max_orphans",
272                 .data           = &sysctl_tcp_max_orphans,
273                 .maxlen         = sizeof(int),
274                 .mode           = 0644,
275                 .proc_handler   = &proc_dointvec
276         },
277         {
278                 .ctl_name       = NET_TCP_MAX_TW_BUCKETS,
279                 .procname       = "tcp_max_tw_buckets",
280                 .data           = &tcp_death_row.sysctl_max_tw_buckets,
281                 .maxlen         = sizeof(int),
282                 .mode           = 0644,
283                 .proc_handler   = &proc_dointvec
284         },
285         {
286                 .ctl_name       = NET_IPV4_DYNADDR,
287                 .procname       = "ip_dynaddr",
288                 .data           = &sysctl_ip_dynaddr,
289                 .maxlen         = sizeof(int),
290                 .mode           = 0644,
291                 .proc_handler   = &proc_dointvec
292         },
293         {
294                 .ctl_name       = NET_IPV4_TCP_KEEPALIVE_TIME,
295                 .procname       = "tcp_keepalive_time",
296                 .data           = &sysctl_tcp_keepalive_time,
297                 .maxlen         = sizeof(int),
298                 .mode           = 0644,
299                 .proc_handler   = &proc_dointvec_jiffies,
300                 .strategy       = &sysctl_jiffies
301         },
302         {
303                 .ctl_name       = NET_IPV4_TCP_KEEPALIVE_PROBES,
304                 .procname       = "tcp_keepalive_probes",
305                 .data           = &sysctl_tcp_keepalive_probes,
306                 .maxlen         = sizeof(int),
307                 .mode           = 0644,
308                 .proc_handler   = &proc_dointvec
309         },
310         {
311                 .ctl_name       = NET_IPV4_TCP_KEEPALIVE_INTVL,
312                 .procname       = "tcp_keepalive_intvl",
313                 .data           = &sysctl_tcp_keepalive_intvl,
314                 .maxlen         = sizeof(int),
315                 .mode           = 0644,
316                 .proc_handler   = &proc_dointvec_jiffies,
317                 .strategy       = &sysctl_jiffies
318         },
319         {
320                 .ctl_name       = NET_IPV4_TCP_RETRIES1,
321                 .procname       = "tcp_retries1",
322                 .data           = &sysctl_tcp_retries1,
323                 .maxlen         = sizeof(int),
324                 .mode           = 0644,
325                 .proc_handler   = &proc_dointvec_minmax,
326                 .strategy       = &sysctl_intvec,
327                 .extra2         = &tcp_retr1_max
328         },
329         {
330                 .ctl_name       = NET_IPV4_TCP_RETRIES2,
331                 .procname       = "tcp_retries2",
332                 .data           = &sysctl_tcp_retries2,
333                 .maxlen         = sizeof(int),
334                 .mode           = 0644,
335                 .proc_handler   = &proc_dointvec
336         },
337         {
338                 .ctl_name       = NET_IPV4_TCP_FIN_TIMEOUT,
339                 .procname       = "tcp_fin_timeout",
340                 .data           = &sysctl_tcp_fin_timeout,
341                 .maxlen         = sizeof(int),
342                 .mode           = 0644,
343                 .proc_handler   = &proc_dointvec_jiffies,
344                 .strategy       = &sysctl_jiffies
345         },
346 #ifdef CONFIG_SYN_COOKIES
347         {
348                 .ctl_name       = NET_TCP_SYNCOOKIES,
349                 .procname       = "tcp_syncookies",
350                 .data           = &sysctl_tcp_syncookies,
351                 .maxlen         = sizeof(int),
352                 .mode           = 0644,
353                 .proc_handler   = &proc_dointvec
354         },
355 #endif
356         {
357                 .ctl_name       = NET_TCP_TW_RECYCLE,
358                 .procname       = "tcp_tw_recycle",
359                 .data           = &tcp_death_row.sysctl_tw_recycle,
360                 .maxlen         = sizeof(int),
361                 .mode           = 0644,
362                 .proc_handler   = &proc_dointvec
363         },
364         {
365                 .ctl_name       = NET_TCP_ABORT_ON_OVERFLOW,
366                 .procname       = "tcp_abort_on_overflow",
367                 .data           = &sysctl_tcp_abort_on_overflow,
368                 .maxlen         = sizeof(int),
369                 .mode           = 0644,
370                 .proc_handler   = &proc_dointvec
371         },
372         {
373                 .ctl_name       = NET_TCP_STDURG,
374                 .procname       = "tcp_stdurg",
375                 .data           = &sysctl_tcp_stdurg,
376                 .maxlen         = sizeof(int),
377                 .mode           = 0644,
378                 .proc_handler   = &proc_dointvec
379         },
380         {
381                 .ctl_name       = NET_TCP_RFC1337,
382                 .procname       = "tcp_rfc1337",
383                 .data           = &sysctl_tcp_rfc1337,
384                 .maxlen         = sizeof(int),
385                 .mode           = 0644,
386                 .proc_handler   = &proc_dointvec
387         },
388         {
389                 .ctl_name       = NET_TCP_MAX_SYN_BACKLOG,
390                 .procname       = "tcp_max_syn_backlog",
391                 .data           = &sysctl_max_syn_backlog,
392                 .maxlen         = sizeof(int),
393                 .mode           = 0644,
394                 .proc_handler   = &proc_dointvec
395         },
396         {
397                 .ctl_name       = NET_IPV4_LOCAL_PORT_RANGE,
398                 .procname       = "ip_local_port_range",
399                 .data           = &sysctl_local_port_range,
400                 .maxlen         = sizeof(sysctl_local_port_range),
401                 .mode           = 0644,
402                 .proc_handler   = &ipv4_local_port_range,
403                 .strategy       = &ipv4_sysctl_local_port_range,
404         },
405 #ifdef CONFIG_IP_MULTICAST
406         {
407                 .ctl_name       = NET_IPV4_IGMP_MAX_MEMBERSHIPS,
408                 .procname       = "igmp_max_memberships",
409                 .data           = &sysctl_igmp_max_memberships,
410                 .maxlen         = sizeof(int),
411                 .mode           = 0644,
412                 .proc_handler   = &proc_dointvec
413         },
414
415 #endif
416         {
417                 .ctl_name       = NET_IPV4_IGMP_MAX_MSF,
418                 .procname       = "igmp_max_msf",
419                 .data           = &sysctl_igmp_max_msf,
420                 .maxlen         = sizeof(int),
421                 .mode           = 0644,
422                 .proc_handler   = &proc_dointvec
423         },
424         {
425                 .ctl_name       = NET_IPV4_INET_PEER_THRESHOLD,
426                 .procname       = "inet_peer_threshold",
427                 .data           = &inet_peer_threshold,
428                 .maxlen         = sizeof(int),
429                 .mode           = 0644,
430                 .proc_handler   = &proc_dointvec
431         },
432         {
433                 .ctl_name       = NET_IPV4_INET_PEER_MINTTL,
434                 .procname       = "inet_peer_minttl",
435                 .data           = &inet_peer_minttl,
436                 .maxlen         = sizeof(int),
437                 .mode           = 0644,
438                 .proc_handler   = &proc_dointvec_jiffies,
439                 .strategy       = &sysctl_jiffies
440         },
441         {
442                 .ctl_name       = NET_IPV4_INET_PEER_MAXTTL,
443                 .procname       = "inet_peer_maxttl",
444                 .data           = &inet_peer_maxttl,
445                 .maxlen         = sizeof(int),
446                 .mode           = 0644,
447                 .proc_handler   = &proc_dointvec_jiffies,
448                 .strategy       = &sysctl_jiffies
449         },
450         {
451                 .ctl_name       = NET_IPV4_INET_PEER_GC_MINTIME,
452                 .procname       = "inet_peer_gc_mintime",
453                 .data           = &inet_peer_gc_mintime,
454                 .maxlen         = sizeof(int),
455                 .mode           = 0644,
456                 .proc_handler   = &proc_dointvec_jiffies,
457                 .strategy       = &sysctl_jiffies
458         },
459         {
460                 .ctl_name       = NET_IPV4_INET_PEER_GC_MAXTIME,
461                 .procname       = "inet_peer_gc_maxtime",
462                 .data           = &inet_peer_gc_maxtime,
463                 .maxlen         = sizeof(int),
464                 .mode           = 0644,
465                 .proc_handler   = &proc_dointvec_jiffies,
466                 .strategy       = &sysctl_jiffies
467         },
468         {
469                 .ctl_name       = NET_TCP_ORPHAN_RETRIES,
470                 .procname       = "tcp_orphan_retries",
471                 .data           = &sysctl_tcp_orphan_retries,
472                 .maxlen         = sizeof(int),
473                 .mode           = 0644,
474                 .proc_handler   = &proc_dointvec
475         },
476         {
477                 .ctl_name       = NET_TCP_FACK,
478                 .procname       = "tcp_fack",
479                 .data           = &sysctl_tcp_fack,
480                 .maxlen         = sizeof(int),
481                 .mode           = 0644,
482                 .proc_handler   = &proc_dointvec
483         },
484         {
485                 .ctl_name       = NET_TCP_REORDERING,
486                 .procname       = "tcp_reordering",
487                 .data           = &sysctl_tcp_reordering,
488                 .maxlen         = sizeof(int),
489                 .mode           = 0644,
490                 .proc_handler   = &proc_dointvec
491         },
492         {
493                 .ctl_name       = NET_TCP_ECN,
494                 .procname       = "tcp_ecn",
495                 .data           = &sysctl_tcp_ecn,
496                 .maxlen         = sizeof(int),
497                 .mode           = 0644,
498                 .proc_handler   = &proc_dointvec
499         },
500         {
501                 .ctl_name       = NET_TCP_DSACK,
502                 .procname       = "tcp_dsack",
503                 .data           = &sysctl_tcp_dsack,
504                 .maxlen         = sizeof(int),
505                 .mode           = 0644,
506                 .proc_handler   = &proc_dointvec
507         },
508         {
509                 .ctl_name       = NET_TCP_MEM,
510                 .procname       = "tcp_mem",
511                 .data           = &sysctl_tcp_mem,
512                 .maxlen         = sizeof(sysctl_tcp_mem),
513                 .mode           = 0644,
514                 .proc_handler   = &proc_dointvec
515         },
516         {
517                 .ctl_name       = NET_TCP_WMEM,
518                 .procname       = "tcp_wmem",
519                 .data           = &sysctl_tcp_wmem,
520                 .maxlen         = sizeof(sysctl_tcp_wmem),
521                 .mode           = 0644,
522                 .proc_handler   = &proc_dointvec
523         },
524         {
525                 .ctl_name       = NET_TCP_RMEM,
526                 .procname       = "tcp_rmem",
527                 .data           = &sysctl_tcp_rmem,
528                 .maxlen         = sizeof(sysctl_tcp_rmem),
529                 .mode           = 0644,
530                 .proc_handler   = &proc_dointvec
531         },
532         {
533                 .ctl_name       = NET_TCP_APP_WIN,
534                 .procname       = "tcp_app_win",
535                 .data           = &sysctl_tcp_app_win,
536                 .maxlen         = sizeof(int),
537                 .mode           = 0644,
538                 .proc_handler   = &proc_dointvec
539         },
540         {
541                 .ctl_name       = NET_TCP_ADV_WIN_SCALE,
542                 .procname       = "tcp_adv_win_scale",
543                 .data           = &sysctl_tcp_adv_win_scale,
544                 .maxlen         = sizeof(int),
545                 .mode           = 0644,
546                 .proc_handler   = &proc_dointvec
547         },
548         {
549                 .ctl_name       = NET_TCP_TW_REUSE,
550                 .procname       = "tcp_tw_reuse",
551                 .data           = &sysctl_tcp_tw_reuse,
552                 .maxlen         = sizeof(int),
553                 .mode           = 0644,
554                 .proc_handler   = &proc_dointvec
555         },
556         {
557                 .ctl_name       = NET_TCP_FRTO,
558                 .procname       = "tcp_frto",
559                 .data           = &sysctl_tcp_frto,
560                 .maxlen         = sizeof(int),
561                 .mode           = 0644,
562                 .proc_handler   = &proc_dointvec
563         },
564         {
565                 .ctl_name       = NET_TCP_FRTO_RESPONSE,
566                 .procname       = "tcp_frto_response",
567                 .data           = &sysctl_tcp_frto_response,
568                 .maxlen         = sizeof(int),
569                 .mode           = 0644,
570                 .proc_handler   = &proc_dointvec
571         },
572         {
573                 .ctl_name       = NET_TCP_LOW_LATENCY,
574                 .procname       = "tcp_low_latency",
575                 .data           = &sysctl_tcp_low_latency,
576                 .maxlen         = sizeof(int),
577                 .mode           = 0644,
578                 .proc_handler   = &proc_dointvec
579         },
580         {
581                 .ctl_name       = NET_TCP_NO_METRICS_SAVE,
582                 .procname       = "tcp_no_metrics_save",
583                 .data           = &sysctl_tcp_nometrics_save,
584                 .maxlen         = sizeof(int),
585                 .mode           = 0644,
586                 .proc_handler   = &proc_dointvec,
587         },
588         {
589                 .ctl_name       = NET_TCP_MODERATE_RCVBUF,
590                 .procname       = "tcp_moderate_rcvbuf",
591                 .data           = &sysctl_tcp_moderate_rcvbuf,
592                 .maxlen         = sizeof(int),
593                 .mode           = 0644,
594                 .proc_handler   = &proc_dointvec,
595         },
596         {
597                 .ctl_name       = NET_TCP_TSO_WIN_DIVISOR,
598                 .procname       = "tcp_tso_win_divisor",
599                 .data           = &sysctl_tcp_tso_win_divisor,
600                 .maxlen         = sizeof(int),
601                 .mode           = 0644,
602                 .proc_handler   = &proc_dointvec,
603         },
604         {
605                 .ctl_name       = NET_TCP_CONG_CONTROL,
606                 .procname       = "tcp_congestion_control",
607                 .mode           = 0644,
608                 .maxlen         = TCP_CA_NAME_MAX,
609                 .proc_handler   = &proc_tcp_congestion_control,
610                 .strategy       = &sysctl_tcp_congestion_control,
611         },
612         {
613                 .ctl_name       = NET_TCP_ABC,
614                 .procname       = "tcp_abc",
615                 .data           = &sysctl_tcp_abc,
616                 .maxlen         = sizeof(int),
617                 .mode           = 0644,
618                 .proc_handler   = &proc_dointvec,
619         },
620         {
621                 .ctl_name       = NET_TCP_MTU_PROBING,
622                 .procname       = "tcp_mtu_probing",
623                 .data           = &sysctl_tcp_mtu_probing,
624                 .maxlen         = sizeof(int),
625                 .mode           = 0644,
626                 .proc_handler   = &proc_dointvec,
627         },
628         {
629                 .ctl_name       = NET_TCP_BASE_MSS,
630                 .procname       = "tcp_base_mss",
631                 .data           = &sysctl_tcp_base_mss,
632                 .maxlen         = sizeof(int),
633                 .mode           = 0644,
634                 .proc_handler   = &proc_dointvec,
635         },
636         {
637                 .ctl_name       = NET_IPV4_TCP_WORKAROUND_SIGNED_WINDOWS,
638                 .procname       = "tcp_workaround_signed_windows",
639                 .data           = &sysctl_tcp_workaround_signed_windows,
640                 .maxlen         = sizeof(int),
641                 .mode           = 0644,
642                 .proc_handler   = &proc_dointvec
643         },
644 #ifdef CONFIG_NET_DMA
645         {
646                 .ctl_name       = NET_TCP_DMA_COPYBREAK,
647                 .procname       = "tcp_dma_copybreak",
648                 .data           = &sysctl_tcp_dma_copybreak,
649                 .maxlen         = sizeof(int),
650                 .mode           = 0644,
651                 .proc_handler   = &proc_dointvec
652         },
653 #endif
654         {
655                 .ctl_name       = NET_TCP_SLOW_START_AFTER_IDLE,
656                 .procname       = "tcp_slow_start_after_idle",
657                 .data           = &sysctl_tcp_slow_start_after_idle,
658                 .maxlen         = sizeof(int),
659                 .mode           = 0644,
660                 .proc_handler   = &proc_dointvec
661         },
662 #ifdef CONFIG_NETLABEL
663         {
664                 .ctl_name       = NET_CIPSOV4_CACHE_ENABLE,
665                 .procname       = "cipso_cache_enable",
666                 .data           = &cipso_v4_cache_enabled,
667                 .maxlen         = sizeof(int),
668                 .mode           = 0644,
669                 .proc_handler   = &proc_dointvec,
670         },
671         {
672                 .ctl_name       = NET_CIPSOV4_CACHE_BUCKET_SIZE,
673                 .procname       = "cipso_cache_bucket_size",
674                 .data           = &cipso_v4_cache_bucketsize,
675                 .maxlen         = sizeof(int),
676                 .mode           = 0644,
677                 .proc_handler   = &proc_dointvec,
678         },
679         {
680                 .ctl_name       = NET_CIPSOV4_RBM_OPTFMT,
681                 .procname       = "cipso_rbm_optfmt",
682                 .data           = &cipso_v4_rbm_optfmt,
683                 .maxlen         = sizeof(int),
684                 .mode           = 0644,
685                 .proc_handler   = &proc_dointvec,
686         },
687         {
688                 .ctl_name       = NET_CIPSOV4_RBM_STRICTVALID,
689                 .procname       = "cipso_rbm_strictvalid",
690                 .data           = &cipso_v4_rbm_strictvalid,
691                 .maxlen         = sizeof(int),
692                 .mode           = 0644,
693                 .proc_handler   = &proc_dointvec,
694         },
695 #endif /* CONFIG_NETLABEL */
696         {
697                 .procname       = "tcp_available_congestion_control",
698                 .maxlen         = TCP_CA_BUF_MAX,
699                 .mode           = 0444,
700                 .proc_handler   = &proc_tcp_available_congestion_control,
701         },
702         {
703                 .ctl_name       = NET_TCP_ALLOWED_CONG_CONTROL,
704                 .procname       = "tcp_allowed_congestion_control",
705                 .maxlen         = TCP_CA_BUF_MAX,
706                 .mode           = 0644,
707                 .proc_handler   = &proc_allowed_congestion_control,
708                 .strategy       = &strategy_allowed_congestion_control,
709         },
710         {
711                 .ctl_name       = NET_TCP_MAX_SSTHRESH,
712                 .procname       = "tcp_max_ssthresh",
713                 .data           = &sysctl_tcp_max_ssthresh,
714                 .maxlen         = sizeof(int),
715                 .mode           = 0644,
716                 .proc_handler   = &proc_dointvec,
717         },
718         {
719                 .ctl_name       = CTL_UNNUMBERED,
720                 .procname       = "udp_mem",
721                 .data           = &sysctl_udp_mem,
722                 .maxlen         = sizeof(sysctl_udp_mem),
723                 .mode           = 0644,
724                 .proc_handler   = &proc_dointvec_minmax,
725                 .strategy       = &sysctl_intvec,
726                 .extra1         = &zero
727         },
728         {
729                 .ctl_name       = CTL_UNNUMBERED,
730                 .procname       = "udp_rmem_min",
731                 .data           = &sysctl_udp_rmem_min,
732                 .maxlen         = sizeof(sysctl_udp_rmem_min),
733                 .mode           = 0644,
734                 .proc_handler   = &proc_dointvec_minmax,
735                 .strategy       = &sysctl_intvec,
736                 .extra1         = &zero
737         },
738         {
739                 .ctl_name       = CTL_UNNUMBERED,
740                 .procname       = "udp_wmem_min",
741                 .data           = &sysctl_udp_wmem_min,
742                 .maxlen         = sizeof(sysctl_udp_wmem_min),
743                 .mode           = 0644,
744                 .proc_handler   = &proc_dointvec_minmax,
745                 .strategy       = &sysctl_intvec,
746                 .extra1         = &zero
747         },
748         { .ctl_name = 0 }
749 };
750
751 static struct ctl_table ipv4_net_table[] = {
752         {
753                 .ctl_name       = NET_IPV4_ICMP_ECHO_IGNORE_ALL,
754                 .procname       = "icmp_echo_ignore_all",
755                 .data           = &init_net.ipv4.sysctl_icmp_echo_ignore_all,
756                 .maxlen         = sizeof(int),
757                 .mode           = 0644,
758                 .proc_handler   = &proc_dointvec
759         },
760         {
761                 .ctl_name       = NET_IPV4_ICMP_ECHO_IGNORE_BROADCASTS,
762                 .procname       = "icmp_echo_ignore_broadcasts",
763                 .data           = &init_net.ipv4.sysctl_icmp_echo_ignore_broadcasts,
764                 .maxlen         = sizeof(int),
765                 .mode           = 0644,
766                 .proc_handler   = &proc_dointvec
767         },
768         {
769                 .ctl_name       = NET_IPV4_ICMP_IGNORE_BOGUS_ERROR_RESPONSES,
770                 .procname       = "icmp_ignore_bogus_error_responses",
771                 .data           = &init_net.ipv4.sysctl_icmp_ignore_bogus_error_responses,
772                 .maxlen         = sizeof(int),
773                 .mode           = 0644,
774                 .proc_handler   = &proc_dointvec
775         },
776         {
777                 .ctl_name       = NET_IPV4_ICMP_ERRORS_USE_INBOUND_IFADDR,
778                 .procname       = "icmp_errors_use_inbound_ifaddr",
779                 .data           = &init_net.ipv4.sysctl_icmp_errors_use_inbound_ifaddr,
780                 .maxlen         = sizeof(int),
781                 .mode           = 0644,
782                 .proc_handler   = &proc_dointvec
783         },
784         {
785                 .ctl_name       = NET_IPV4_ICMP_RATELIMIT,
786                 .procname       = "icmp_ratelimit",
787                 .data           = &init_net.ipv4.sysctl_icmp_ratelimit,
788                 .maxlen         = sizeof(int),
789                 .mode           = 0644,
790                 .proc_handler   = &proc_dointvec_ms_jiffies,
791                 .strategy       = &sysctl_ms_jiffies
792         },
793         {
794                 .ctl_name       = NET_IPV4_ICMP_RATEMASK,
795                 .procname       = "icmp_ratemask",
796                 .data           = &init_net.ipv4.sysctl_icmp_ratemask,
797                 .maxlen         = sizeof(int),
798                 .mode           = 0644,
799                 .proc_handler   = &proc_dointvec
800         },
801         { }
802 };
803
804 struct ctl_path net_ipv4_ctl_path[] = {
805         { .procname = "net", .ctl_name = CTL_NET, },
806         { .procname = "ipv4", .ctl_name = NET_IPV4, },
807         { },
808 };
809 EXPORT_SYMBOL_GPL(net_ipv4_ctl_path);
810
811 static __net_init int ipv4_sysctl_init_net(struct net *net)
812 {
813         struct ctl_table *table;
814
815         table = ipv4_net_table;
816         if (net != &init_net) {
817                 table = kmemdup(table, sizeof(ipv4_net_table), GFP_KERNEL);
818                 if (table == NULL)
819                         goto err_alloc;
820
821                 table[0].data =
822                         &net->ipv4.sysctl_icmp_echo_ignore_all;
823                 table[1].data =
824                         &net->ipv4.sysctl_icmp_echo_ignore_broadcasts;
825                 table[2].data =
826                         &net->ipv4.sysctl_icmp_ignore_bogus_error_responses;
827                 table[3].data =
828                         &net->ipv4.sysctl_icmp_errors_use_inbound_ifaddr;
829                 table[4].data =
830                         &net->ipv4.sysctl_icmp_ratelimit;
831                 table[5].data =
832                         &net->ipv4.sysctl_icmp_ratemask;
833         }
834
835         net->ipv4.ipv4_hdr = register_net_sysctl_table(net,
836                         net_ipv4_ctl_path, table);
837         if (net->ipv4.ipv4_hdr == NULL)
838                 goto err_reg;
839
840         return 0;
841
842 err_reg:
843         if (net != &init_net)
844                 kfree(table);
845 err_alloc:
846         return -ENOMEM;
847 }
848
849 static __net_exit void ipv4_sysctl_exit_net(struct net *net)
850 {
851         struct ctl_table *table;
852
853         table = net->ipv4.ipv4_hdr->ctl_table_arg;
854         unregister_net_sysctl_table(net->ipv4.ipv4_hdr);
855         kfree(table);
856 }
857
858 static __net_initdata struct pernet_operations ipv4_sysctl_ops = {
859         .init = ipv4_sysctl_init_net,
860         .exit = ipv4_sysctl_exit_net,
861 };
862
863 static __init int sysctl_ipv4_init(void)
864 {
865         struct ctl_table_header *hdr;
866
867         hdr = register_sysctl_paths(net_ipv4_ctl_path, ipv4_table);
868         if (hdr == NULL)
869                 return -ENOMEM;
870
871         if (register_pernet_subsys(&ipv4_sysctl_ops)) {
872                 unregister_sysctl_table(hdr);
873                 return -ENOMEM;
874         }
875
876         return 0;
877 }
878
879 __initcall(sysctl_ipv4_init);