1. 04 8月, 2008 1 次提交
  2. 28 7月, 2008 1 次提交
    • A
      missing bits of net-namespace / sysctl · eeb61f71
      Al Viro 提交于
      Piss-poor sysctl registration API strikes again, film at 11...
      
      What we really need is _pathname_ required to be present in already
      registered table, so that kernel could warn about bad order.  That's the
      next target for sysctl stuff (and generally saner and more explicit
      order of initialization of ipv[46] internals wouldn't hurt either).
      
      For the time being, here are full fixups required by ..._rotable()
      stuff; we make per-net sysctl sets descendents of "ro" one and make sure
      that sufficient skeleton is there before we start registering per-net
      sysctls.
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      Signed-off-by: NLinus Torvalds <torvalds@linux-foundation.org>
      eeb61f71
  3. 27 7月, 2008 2 次提交
    • A
      net: missing bits of net-namespace / sysctl · 6f9f489a
      Al Viro 提交于
      Piss-poor sysctl registration API strikes again, film at 11...
      What we really need is _pathname_ required to be present in
      already registered table, so that kernel could warn about bad
      order.  That's the next target for sysctl stuff (and generally
      saner and more explicit order of initialization of ipv[46]
      internals wouldn't hurt either).
      
      For the time being, here are full fixups required by ..._rotable()
      stuff; we make per-net sysctl sets descendents of "ro" one and
      make sure that sufficient skeleton is there before we start registering
      per-net sysctls.
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      6f9f489a
    • A
      [PATCH] sysctl: make sure that /proc/sys/net/ipv4 appears before per-ns ones · bd7b1533
      Al Viro 提交于
      Massage ipv4 initialization - make sure that net.ipv4 appears as
      non-per-net-namespace before it shows up in per-net-namespace sysctls.
      That's the only change outside of sysctl.c needed to get sane ordering
      rules and data structures for sysctls (esp. for procfs side of that
      mess).
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      bd7b1533
  4. 02 7月, 2008 1 次提交
  5. 12 6月, 2008 1 次提交
  6. 26 3月, 2008 3 次提交
  7. 01 2月, 2008 1 次提交
  8. 29 1月, 2008 6 次提交
  9. 20 11月, 2007 1 次提交
    • S
      [TCP]: Problem bug with sysctl_tcp_congestion_control function · 5487796f
      Sam Jansen 提交于
      From: "Sam Jansen" <sjansen@google.com>
      
      sysctl_tcp_congestion_control seems to have a bug that prevents it
      from actually calling the tcp_set_default_congestion_control
      function. This is not so apparent because it does not return an error
      and generally the /proc interface is used to configure the default TCP
      congestion control algorithm.  This is present in 2.6.18 onwards and
      probably earlier, though I have not inspected 2.6.15--2.6.17.
      
      sysctl_tcp_congestion_control calls sysctl_string and expects a successful
      return code of 0. In such a case it actually sets the congestion control
      algorithm with tcp_set_default_congestion_control. Otherwise, it returns the
      value returned by sysctl_string. This was correct in 2.6.14, as sysctl_string
      returned 0 on success. However, sysctl_string was updated to return 1 on
      success around about 2.6.15 and sysctl_tcp_congestion_control was not updated.
      Even though sysctl_tcp_congestion_control returns 1, do_sysctl_strategy
      converts this return code to '0', so the caller never notices the error.
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      5487796f
  10. 19 10月, 2007 2 次提交
  11. 16 10月, 2007 1 次提交
  12. 11 10月, 2007 1 次提交
  13. 08 6月, 2007 1 次提交
  14. 26 4月, 2007 2 次提交
  15. 11 2月, 2007 1 次提交
  16. 11 12月, 2006 1 次提交
  17. 03 12月, 2006 2 次提交
  18. 02 11月, 2006 1 次提交
  19. 25 9月, 2006 1 次提交
  20. 23 9月, 2006 1 次提交
    • P
      [NetLabel]: CIPSOv4 engine · 446fda4f
      Paul Moore 提交于
      Add support for the Commercial IP Security Option (CIPSO) to the IPv4
      network stack.  CIPSO has become a de-facto standard for
      trusted/labeled networking amongst existing Trusted Operating Systems
      such as Trusted Solaris, HP-UX CMW, etc.  This implementation is
      designed to be used with the NetLabel subsystem to provide explicit
      packet labeling to LSM developers.
      
      The CIPSO/IPv4 packet labeling works by the LSM calling a NetLabel API
      function which attaches a CIPSO label (IPv4 option) to a given socket;
      this in turn attaches the CIPSO label to every packet leaving the
      socket without any extra processing on the outbound side.  On the
      inbound side the individual packet's sk_buff is examined through a
      call to a NetLabel API function to determine if a CIPSO/IPv4 label is
      present and if so the security attributes of the CIPSO label are
      returned to the caller of the NetLabel API function.
      Signed-off-by: NPaul Moore <paul.moore@hp.com>
      Signed-off-by: NDavid S. Miller <davem@davemloft.net>
      446fda4f
  21. 01 7月, 2006 1 次提交
  22. 18 6月, 2006 3 次提交
  23. 21 3月, 2006 2 次提交
  24. 04 1月, 2006 2 次提交
  25. 11 11月, 2005 1 次提交