[NETNS][IPV6]: Make ip6_frags per namespace.
authorDaniel Lezcano <dlezcano@fr.ibm.com>
Thu, 10 Jan 2008 10:56:03 +0000 (02:56 -0800)
committerDavid S. Miller <davem@davemloft.net>
Mon, 28 Jan 2008 23:01:18 +0000 (15:01 -0800)
The ip6_frags is moved to the network namespace structure.  Because
there can be multiple instances of the network namespaces, and the
ip6_frags is no longer a global static variable, a helper function has
been added to facilitate the initialization of the variables.

Until the ipv6 protocol is not per namespace, the variables are
accessed relatively from the initial network namespace.

Signed-off-by: Daniel Lezcano <dlezcano@fr.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
include/net/ipv6.h
include/net/netns/ipv6.h
net/ipv6/af_inet6.c
net/ipv6/reassembly.c
net/ipv6/sysctl_net_ipv6.c

index d03a4076e2272dac96ed685fe54fabc01eeb8d40..c8e8cb241090730e32a5a5e0dd4fa31ebf9f68f5 100644 (file)
@@ -572,9 +572,6 @@ extern int inet6_hash_connect(struct inet_timewait_death_row *death_row,
 /*
  * reassembly.c
  */
-struct inet_frags_ctl;
-extern struct inet_frags_ctl ip6_frags_ctl;
-
 extern const struct proto_ops inet6_stream_ops;
 extern const struct proto_ops inet6_dgram_ops;
 
index 42b9b412fb87165fe719a60eb21ba553d4afaed1..ea4a71ac23d49edcb0490f350da3f3d7090e2a47 100644 (file)
@@ -2,6 +2,8 @@
  * ipv6 in net namespaces
  */
 
+#include <net/inet_frag.h>
+
 #ifndef __NETNS_IPV6_H__
 #define __NETNS_IPV6_H__
 
@@ -11,6 +13,7 @@ struct netns_sysctl_ipv6 {
 #ifdef CONFIG_SYSCTL
        struct ctl_table_header *table;
 #endif
+       struct inet_frags_ctl frags;
        int bindv6only;
 };
 
index 70662bf8ab989d8eadb47e18e1717bac782a31e3..c4a1882fa80f929b062a9a0f70050f23c24d7773 100644 (file)
@@ -72,6 +72,8 @@ MODULE_LICENSE("GPL");
 static struct list_head inetsw6[SOCK_MAX];
 static DEFINE_SPINLOCK(inetsw6_lock);
 
+void ipv6_frag_sysctl_init(struct net *net);
+
 static __inline__ struct ipv6_pinfo *inet6_sk_generic(struct sock *sk)
 {
        const int offset = sk->sk_prot->obj_size - sizeof(struct ipv6_pinfo);
@@ -720,6 +722,12 @@ static void cleanup_ipv6_mibs(void)
 static int inet6_net_init(struct net *net)
 {
        net->ipv6.sysctl.bindv6only = 0;
+       net->ipv6.sysctl.frags.high_thresh = 256 * 1024;
+       net->ipv6.sysctl.frags.low_thresh = 192 * 1024;
+       net->ipv6.sysctl.frags.timeout = IPV6_FRAG_TIMEOUT;
+       net->ipv6.sysctl.frags.secret_interval = 10 * 60 * HZ;
+       ipv6_frag_sysctl_init(net);
+
        return 0;
 }
 
index bf4173daecbb21aea838be355fa53a069ecec0c0..5cd0bc693a5fb8bb76ff46b23fd5fbb1a34c278d 100644 (file)
@@ -82,13 +82,6 @@ struct frag_queue
        __u16                   nhoffset;
 };
 
-struct inet_frags_ctl ip6_frags_ctl __read_mostly = {
-       .high_thresh     = 256 * 1024,
-       .low_thresh      = 192 * 1024,
-       .timeout         = IPV6_FRAG_TIMEOUT,
-       .secret_interval = 10 * 60 * HZ,
-};
-
 static struct inet_frags ip6_frags;
 
 int ip6_frag_nqueues(void)
@@ -605,7 +598,7 @@ static int ipv6_frag_rcv(struct sk_buff *skb)
                return 1;
        }
 
-       if (atomic_read(&ip6_frags.mem) > ip6_frags_ctl.high_thresh)
+       if (atomic_read(&ip6_frags.mem) > init_net.ipv6.sysctl.frags.high_thresh)
                ip6_evictor(ip6_dst_idev(skb->dst));
 
        if ((fq = fq_find(fhdr->identification, &hdr->saddr, &hdr->daddr,
@@ -632,6 +625,11 @@ static struct inet6_protocol frag_protocol =
        .flags          =       INET6_PROTO_NOPOLICY,
 };
 
+void ipv6_frag_sysctl_init(struct net *net)
+{
+       ip6_frags.ctl = &net->ipv6.sysctl.frags;
+}
+
 int __init ipv6_frag_init(void)
 {
        int ret;
@@ -639,7 +637,7 @@ int __init ipv6_frag_init(void)
        ret = inet6_add_protocol(&frag_protocol, IPPROTO_FRAGMENT);
        if (ret)
                goto out;
-       ip6_frags.ctl = &ip6_frags_ctl;
+
        ip6_frags.hashfn = ip6_hashfn;
        ip6_frags.constructor = ip6_frag_init;
        ip6_frags.destructor = NULL;
index 13be97a928cbed00da82846682500b4f97a35b7b..ae3cfd1b8e0eddf29b0f3cc8e54f89b977883183 100644 (file)
@@ -43,7 +43,7 @@ static ctl_table ipv6_table_template[] = {
        {
                .ctl_name       = NET_IPV6_IP6FRAG_HIGH_THRESH,
                .procname       = "ip6frag_high_thresh",
-               .data           = &ip6_frags_ctl.high_thresh,
+               .data           = &init_net.ipv6.sysctl.frags.high_thresh,
                .maxlen         = sizeof(int),
                .mode           = 0644,
                .proc_handler   = &proc_dointvec
@@ -51,7 +51,7 @@ static ctl_table ipv6_table_template[] = {
        {
                .ctl_name       = NET_IPV6_IP6FRAG_LOW_THRESH,
                .procname       = "ip6frag_low_thresh",
-               .data           = &ip6_frags_ctl.low_thresh,
+               .data           = &init_net.ipv6.sysctl.frags.low_thresh,
                .maxlen         = sizeof(int),
                .mode           = 0644,
                .proc_handler   = &proc_dointvec
@@ -59,7 +59,7 @@ static ctl_table ipv6_table_template[] = {
        {
                .ctl_name       = NET_IPV6_IP6FRAG_TIME,
                .procname       = "ip6frag_time",
-               .data           = &ip6_frags_ctl.timeout,
+               .data           = &init_net.ipv6.sysctl.frags.timeout,
                .maxlen         = sizeof(int),
                .mode           = 0644,
                .proc_handler   = &proc_dointvec_jiffies,
@@ -68,7 +68,7 @@ static ctl_table ipv6_table_template[] = {
        {
                .ctl_name       = NET_IPV6_IP6FRAG_SECRET_INTERVAL,
                .procname       = "ip6frag_secret_interval",
-               .data           = &ip6_frags_ctl.secret_interval,
+               .data           = &init_net.ipv6.sysctl.frags.secret_interval,
                .maxlen         = sizeof(int),
                .mode           = 0644,
                .proc_handler   = &proc_dointvec_jiffies,
@@ -117,6 +117,10 @@ static int ipv6_sysctl_net_init(struct net *net)
        ipv6_table[1].child = ipv6_icmp_table;
 
        ipv6_table[2].data = &net->ipv6.sysctl.bindv6only;
+       ipv6_table[3].data = &net->ipv6.sysctl.frags.high_thresh;
+       ipv6_table[4].data = &net->ipv6.sysctl.frags.low_thresh;
+       ipv6_table[5].data = &net->ipv6.sysctl.frags.timeout;
+       ipv6_table[6].data = &net->ipv6.sysctl.frags.secret_interval;
 
        net->ipv6.sysctl.table = register_net_sysctl_table(net, net_ipv6_ctl_path,
                                                           ipv6_table);