[NETNS][IPV6]: Make icmpv6_time sysctl per namespace.

This patch moves the icmpv6_time sysctl to the network namespace structure. Because the ipv6 protocol is not yet per namespace, the variable is accessed relatively to the initial network namespace. Signed-off-by: N Daniel Lezcano <dlezcano@fr.ibm.com> Signed-off-by: N David S. Miller <davem@davemloft.net>

[NETNS][IPV6]: Make icmpv6_time sysctl per namespace.
This patch moves the icmpv6_time sysctl to the network namespace structure. Because the ipv6 protocol is not yet per namespace, the variable is accessed relatively to the initial network namespace. Signed-off-by: N Daniel Lezcano <dlezcano@fr.ibm.com> Signed-off-by: N David S. Miller <davem@davemloft.net>
41a76906 · Daniel Lezcano · David S. Miller · 4990509f · 41a76906 · 41a76906
Showing with 5 addition and 4 deletion

include/net/netns/ipv6.h include/net/netns/ipv6.h +1 -0

net/ipv6/af_inet6.c net/ipv6/af_inet6.c +1 -0

net/ipv6/icmp.c net/ipv6/icmp.c +2 -4

net/ipv6/sysctl_net_ipv6.c net/ipv6/sysctl_net_ipv6.c +1 -0

未找到文件。
--- a/include/net/netns/ipv6.h
+++ b/include/net/netns/ipv6.h
@@ -23,6 +23,7 @@ struct netns_sysctl_ipv6 {
 	int ip6_rt_gc_elasticity;
 	int ip6_rt_mtu_expires;
 	int ip6_rt_min_advmss;
+	int icmpv6_time;
 };
 struct netns_ipv6 {

--- a/net/ipv6/af_inet6.c
+++ b/net/ipv6/af_inet6.c
@@ -734,6 +734,7 @@ static int inet6_net_init(struct net *net)
 	net->ipv6.sysctl.ip6_rt_gc_elasticity = 9;
 	net->ipv6.sysctl.ip6_rt_mtu_expires = 10*60*HZ;
 	net->ipv6.sysctl.ip6_rt_min_advmss = IPV6_MIN_MTU - 20 - 40;
+	net->ipv6.sysctl.icmpv6_time = 1*HZ;
 	ipv6_frag_sysctl_init(net);
 	return 0;

--- a/net/ipv6/icmp.c
+++ b/net/ipv6/icmp.c
@@ -154,8 +154,6 @@ static int is_ineligible(struct sk_buff *skb)
 	return 0;
 }
-static int sysctl_icmpv6_time __read_mostly = 1*HZ;
 /*
 * Check the ICMP output rate limit
 */
@@ -186,7 +184,7 @@ static inline int icmpv6_xrlim_allow(struct sock *sk, int type,
 		res = 1;
 	} else {
 		struct rt6_info *rt = (struct rt6_info *)dst;
-		int tmo = sysctl_icmpv6_time;
+		int tmo = init_net.ipv6.sysctl.icmpv6_time;
 		/* Give more bandwidth to wider prefixes. */
 		if (rt->rt6i_dst.plen < 128)
@@ -911,7 +909,7 @@ ctl_table ipv6_icmp_table_template[] = {
 	{
 		.ctl_name	= NET_IPV6_ICMP_RATELIMIT,
 		.procname	= "ratelimit",
-		.data		= &sysctl_icmpv6_time,
+		.data		= &init_net.ipv6.sysctl.icmpv6_time,
 		.maxlen		= sizeof(int),
 		.mode		= 0644,
 		.proc_handler	= &proc_dointvec

--- a/net/ipv6/sysctl_net_ipv6.c
+++ b/net/ipv6/sysctl_net_ipv6.c
@@ -125,6 +125,7 @@ static int ipv6_sysctl_net_init(struct net *net)
 	ipv6_route_table[8].data = &net->ipv6.sysctl.ip6_rt_min_advmss;
 	ipv6_table[0].child = ipv6_route_table;
+	ipv6_icmp_table[0].data = &net->ipv6.sysctl.icmpv6_time;
 	ipv6_table[1].child = ipv6_icmp_table;
 	ipv6_table[2].data = &net->ipv6.sysctl.bindv6only;