[mirror_ubuntu-bionic-kernel.git] / net / ipv6 / sysctl_net_ipv6.c

// SPDX-License-Identifier: GPL-2.0
/*
 * sysctl_net_ipv6.c: sysctl interface to net IPV6 subsystem.
 *
 * Changes:
 * YOSHIFUJI Hideaki @USAGI:	added icmp sysctl table.
 */

#include <linux/mm.h>
#include <linux/sysctl.h>
#include <linux/in6.h>
#include <linux/ipv6.h>
#include <linux/slab.h>
#include <linux/export.h>
#include <net/ndisc.h>
#include <net/ipv6.h>
#include <net/addrconf.h>
#include <net/inet_frag.h>
#ifdef CONFIG_NETLABEL
#include <net/calipso.h>
#endif

static int one = 1;
static int auto_flowlabels_min;
static int auto_flowlabels_max = IP6_AUTO_FLOW_LABEL_MAX;


static struct ctl_table ipv6_table_template[] = {
	{
		.procname	= "bindv6only",
		.data		= &init_net.ipv6.sysctl.bindv6only,
		.maxlen		= sizeof(int),
		.mode		= 0644,
		.proc_handler	= proc_dointvec
	},
	{
		.procname	= "anycast_src_echo_reply",
		.data		= &init_net.ipv6.sysctl.anycast_src_echo_reply,
		.maxlen		= sizeof(int),
		.mode		= 0644,
		.proc_handler	= proc_dointvec
	},
	{
		.procname	= "flowlabel_consistency",
		.data		= &init_net.ipv6.sysctl.flowlabel_consistency,
		.maxlen		= sizeof(int),
		.mode		= 0644,
		.proc_handler	= proc_dointvec
	},
	{
		.procname	= "auto_flowlabels",
		.data		= &init_net.ipv6.sysctl.auto_flowlabels,
		.maxlen		= sizeof(int),
		.mode		= 0644,
		.proc_handler	= proc_dointvec_minmax,
		.extra1		= &auto_flowlabels_min,
		.extra2		= &auto_flowlabels_max
	},
	{
		.procname	= "fwmark_reflect",
		.data		= &init_net.ipv6.sysctl.fwmark_reflect,
		.maxlen		= sizeof(int),
		.mode		= 0644,
		.proc_handler	= proc_dointvec
	},
	{
		.procname	= "idgen_retries",
		.data		= &init_net.ipv6.sysctl.idgen_retries,
		.maxlen		= sizeof(int),
		.mode		= 0644,
		.proc_handler	= proc_dointvec,
	},
	{
		.procname	= "idgen_delay",
		.data		= &init_net.ipv6.sysctl.idgen_delay,
		.maxlen		= sizeof(int),
		.mode		= 0644,
		.proc_handler	= proc_dointvec_jiffies,
	},
	{
		.procname	= "flowlabel_state_ranges",
		.data		= &init_net.ipv6.sysctl.flowlabel_state_ranges,
		.maxlen		= sizeof(int),
		.mode		= 0644,
		.proc_handler	= proc_dointvec
	},
	{
		.procname	= "ip_nonlocal_bind",
		.data		= &init_net.ipv6.sysctl.ip_nonlocal_bind,
		.maxlen		= sizeof(int),
		.mode		= 0644,
		.proc_handler	= proc_dointvec
	},
	{
		.procname	= "flowlabel_reflect",
		.data		= &init_net.ipv6.sysctl.flowlabel_reflect,
		.maxlen		= sizeof(int),
		.mode		= 0644,
		.proc_handler	= proc_dointvec,
	},
	{
		.procname	= "max_dst_opts_number",
		.data		= &init_net.ipv6.sysctl.max_dst_opts_cnt,
		.maxlen		= sizeof(int),
		.mode		= 0644,
		.proc_handler	= proc_dointvec
	},
	{
		.procname	= "max_hbh_opts_number",
		.data		= &init_net.ipv6.sysctl.max_hbh_opts_cnt,
		.maxlen		= sizeof(int),
		.mode		= 0644,
		.proc_handler	= proc_dointvec
	},
	{
		.procname	= "max_dst_opts_length",
		.data		= &init_net.ipv6.sysctl.max_dst_opts_len,
		.maxlen		= sizeof(int),
		.mode		= 0644,
		.proc_handler	= proc_dointvec
	},
	{
		.procname	= "max_hbh_length",
		.data		= &init_net.ipv6.sysctl.max_hbh_opts_len,
		.maxlen		= sizeof(int),
		.mode		= 0644,
		.proc_handler	= proc_dointvec
	},
	{ }
};

static struct ctl_table ipv6_rotable[] = {
	{
		.procname	= "mld_max_msf",
		.data		= &sysctl_mld_max_msf,
		.maxlen		= sizeof(int),
		.mode		= 0644,
		.proc_handler	= proc_dointvec
	},
	{
		.procname	= "mld_qrv",
		.data		= &sysctl_mld_qrv,
		.maxlen		= sizeof(int),
		.mode		= 0644,
		.proc_handler	= proc_dointvec_minmax,
		.extra1		= &one
	},
#ifdef CONFIG_NETLABEL
	{
		.procname	= "calipso_cache_enable",
		.data		= &calipso_cache_enabled,
		.maxlen		= sizeof(int),
		.mode		= 0644,
		.proc_handler	= proc_dointvec,
	},
	{
		.procname	= "calipso_cache_bucket_size",
		.data		= &calipso_cache_bucketsize,
		.maxlen		= sizeof(int),
		.mode		= 0644,
		.proc_handler	= proc_dointvec,
	},
#endif /* CONFIG_NETLABEL */
	{ }
};

static int __net_init ipv6_sysctl_net_init(struct net *net)
{
	struct ctl_table *ipv6_table;
	struct ctl_table *ipv6_route_table;
	struct ctl_table *ipv6_icmp_table;
	int err;

	err = -ENOMEM;
	ipv6_table = kmemdup(ipv6_table_template, sizeof(ipv6_table_template),
			     GFP_KERNEL);
	if (!ipv6_table)
		goto out;
	ipv6_table[0].data = &net->ipv6.sysctl.bindv6only;
	ipv6_table[1].data = &net->ipv6.sysctl.anycast_src_echo_reply;
	ipv6_table[2].data = &net->ipv6.sysctl.flowlabel_consistency;
	ipv6_table[3].data = &net->ipv6.sysctl.auto_flowlabels;
	ipv6_table[4].data = &net->ipv6.sysctl.fwmark_reflect;
	ipv6_table[5].data = &net->ipv6.sysctl.idgen_retries;
	ipv6_table[6].data = &net->ipv6.sysctl.idgen_delay;
	ipv6_table[7].data = &net->ipv6.sysctl.flowlabel_state_ranges;
	ipv6_table[8].data = &net->ipv6.sysctl.ip_nonlocal_bind;
	ipv6_table[9].data = &net->ipv6.sysctl.flowlabel_reflect;
	ipv6_table[10].data = &net->ipv6.sysctl.max_dst_opts_cnt;
	ipv6_table[11].data = &net->ipv6.sysctl.max_hbh_opts_cnt;
	ipv6_table[12].data = &net->ipv6.sysctl.max_dst_opts_len;
	ipv6_table[13].data = &net->ipv6.sysctl.max_hbh_opts_len;

	ipv6_route_table = ipv6_route_sysctl_init(net);
	if (!ipv6_route_table)
		goto out_ipv6_table;

	ipv6_icmp_table = ipv6_icmp_sysctl_init(net);
	if (!ipv6_icmp_table)
		goto out_ipv6_route_table;

	net->ipv6.sysctl.hdr = register_net_sysctl(net, "net/ipv6", ipv6_table);
	if (!net->ipv6.sysctl.hdr)
		goto out_ipv6_icmp_table;

	net->ipv6.sysctl.route_hdr =
		register_net_sysctl(net, "net/ipv6/route", ipv6_route_table);
	if (!net->ipv6.sysctl.route_hdr)
		goto out_unregister_ipv6_table;

	net->ipv6.sysctl.icmp_hdr =
		register_net_sysctl(net, "net/ipv6/icmp", ipv6_icmp_table);
	if (!net->ipv6.sysctl.icmp_hdr)
		goto out_unregister_route_table;

	err = 0;
out:
	return err;
out_unregister_route_table:
	unregister_net_sysctl_table(net->ipv6.sysctl.route_hdr);
out_unregister_ipv6_table:
	unregister_net_sysctl_table(net->ipv6.sysctl.hdr);
out_ipv6_icmp_table:
	kfree(ipv6_icmp_table);
out_ipv6_route_table:
	kfree(ipv6_route_table);
out_ipv6_table:
	kfree(ipv6_table);
	goto out;
}

static void __net_exit ipv6_sysctl_net_exit(struct net *net)
{
	struct ctl_table *ipv6_table;
	struct ctl_table *ipv6_route_table;
	struct ctl_table *ipv6_icmp_table;

	ipv6_table = net->ipv6.sysctl.hdr->ctl_table_arg;
	ipv6_route_table = net->ipv6.sysctl.route_hdr->ctl_table_arg;
	ipv6_icmp_table = net->ipv6.sysctl.icmp_hdr->ctl_table_arg;

	unregister_net_sysctl_table(net->ipv6.sysctl.icmp_hdr);
	unregister_net_sysctl_table(net->ipv6.sysctl.route_hdr);
	unregister_net_sysctl_table(net->ipv6.sysctl.hdr);

	kfree(ipv6_table);
	kfree(ipv6_route_table);
	kfree(ipv6_icmp_table);
}

static struct pernet_operations ipv6_sysctl_net_ops = {
	.init = ipv6_sysctl_net_init,
	.exit = ipv6_sysctl_net_exit,
};

static struct ctl_table_header *ip6_header;

int ipv6_sysctl_register(void)
{
	int err = -ENOMEM;

	ip6_header = register_net_sysctl(&init_net, "net/ipv6", ipv6_rotable);
	if (!ip6_header)
		goto out;

	err = register_pernet_subsys(&ipv6_sysctl_net_ops);
	if (err)
		goto err_pernet;
out:
	return err;

err_pernet:
	unregister_net_sysctl_table(ip6_header);
	goto out;
}

void ipv6_sysctl_unregister(void)
{
	unregister_net_sysctl_table(ip6_header);
	unregister_pernet_subsys(&ipv6_sysctl_net_ops);
}
Commit	Line	Data
b2441318	1	// SPDX-License-Identifier: GPL-2.0
1da177e4 LT	2	/*
	3	* sysctl_net_ipv6.c: sysctl interface to net IPV6 subsystem.
	4	*
	5	* Changes:
	6	* YOSHIFUJI Hideaki @USAGI: added icmp sysctl table.
	7	*/
	8
	9	#include <linux/mm.h>
	10	#include <linux/sysctl.h>
1da177e4 LT	11	#include <linux/in6.h>
1da177e4 LT	12	#include <linux/ipv6.h>
5a0e3ad6	13	#include <linux/slab.h>
bc3b2d7f	14	#include <linux/export.h>
1da177e4 LT	15	#include <net/ndisc.h>
	16	#include <net/ipv6.h>
	17	#include <net/addrconf.h>
04128f23	18	#include <net/inet_frag.h>
4fee5242 HD	19	#ifdef CONFIG_NETLABEL
	20	#include <net/calipso.h>
	21	#endif
1da177e4	22
2f711939	23	static int one = 1;
42240901 TH	24	static int auto_flowlabels_min;
	25	static int auto_flowlabels_max = IP6_AUTO_FLOW_LABEL_MAX;
	26
2f711939	27
fe2c6338	28	static struct ctl_table ipv6_table_template[] = {
1da177e4	29	{
1da177e4	30	.procname = "bindv6only",
99bc9c4e	31	.data = &init_net.ipv6.sysctl.bindv6only,
1da177e4 LT	32	.maxlen = sizeof(int),
1da177e4 LT	33	.mode = 0644,
6d9f239a	34	.proc_handler = proc_dointvec
1da177e4	35	},
509aba3b FLB	36	{
509aba3b FLB	37	.procname = "anycast_src_echo_reply",
ec35b61e	38	.data = &init_net.ipv6.sysctl.anycast_src_echo_reply,
509aba3b FLB	39	.maxlen = sizeof(int),
	40	.mode = 0644,
	41	.proc_handler = proc_dointvec
	42	},
6444f72b FF	43	{
	44	.procname = "flowlabel_consistency",
	45	.data = &init_net.ipv6.sysctl.flowlabel_consistency,
	46	.maxlen = sizeof(int),
	47	.mode = 0644,
	48	.proc_handler = proc_dointvec
	49	},
cb1ce2ef TH	50	{
	51	.procname = "auto_flowlabels",
	52	.data = &init_net.ipv6.sysctl.auto_flowlabels,
	53	.maxlen = sizeof(int),
	54	.mode = 0644,
42240901 TH	55	.proc_handler = proc_dointvec_minmax,
	56	.extra1 = &auto_flowlabels_min,
	57	.extra2 = &auto_flowlabels_max
cb1ce2ef	58	},
e110861f LC	59	{
	60	.procname = "fwmark_reflect",
	61	.data = &init_net.ipv6.sysctl.fwmark_reflect,
	62	.maxlen = sizeof(int),
	63	.mode = 0644,
	64	.proc_handler = proc_dointvec
	65	},
1855b7c3 HFS	66	{
	67	.procname = "idgen_retries",
	68	.data = &init_net.ipv6.sysctl.idgen_retries,
	69	.maxlen = sizeof(int),
	70	.mode = 0644,
	71	.proc_handler = proc_dointvec,
	72	},
	73	{
	74	.procname = "idgen_delay",
	75	.data = &init_net.ipv6.sysctl.idgen_delay,
	76	.maxlen = sizeof(int),
	77	.mode = 0644,
	78	.proc_handler = proc_dointvec_jiffies,
	79	},
82a584b7 TH	80	{
	81	.procname = "flowlabel_state_ranges",
	82	.data = &init_net.ipv6.sysctl.flowlabel_state_ranges,
	83	.maxlen = sizeof(int),
	84	.mode = 0644,
	85	.proc_handler = proc_dointvec
	86	},
35a256fe TH	87	{
	88	.procname = "ip_nonlocal_bind",
	89	.data = &init_net.ipv6.sysctl.ip_nonlocal_bind,
	90	.maxlen = sizeof(int),
	91	.mode = 0644,
	92	.proc_handler = proc_dointvec
	93	},
22b6722b JS	94	{
	95	.procname = "flowlabel_reflect",
	96	.data = &init_net.ipv6.sysctl.flowlabel_reflect,
	97	.maxlen = sizeof(int),
	98	.mode = 0644,
	99	.proc_handler = proc_dointvec,
	100	},
47d3d7ac TH	101	{
	102	.procname = "max_dst_opts_number",
	103	.data = &init_net.ipv6.sysctl.max_dst_opts_cnt,
	104	.maxlen = sizeof(int),
	105	.mode = 0644,
	106	.proc_handler = proc_dointvec
	107	},
	108	{
	109	.procname = "max_hbh_opts_number",
	110	.data = &init_net.ipv6.sysctl.max_hbh_opts_cnt,
	111	.maxlen = sizeof(int),
	112	.mode = 0644,
	113	.proc_handler = proc_dointvec
	114	},
	115	{
	116	.procname = "max_dst_opts_length",
	117	.data = &init_net.ipv6.sysctl.max_dst_opts_len,
	118	.maxlen = sizeof(int),
	119	.mode = 0644,
	120	.proc_handler = proc_dointvec
	121	},
	122	{
	123	.procname = "max_hbh_length",
	124	.data = &init_net.ipv6.sysctl.max_hbh_opts_len,
	125	.maxlen = sizeof(int),
	126	.mode = 0644,
	127	.proc_handler = proc_dointvec
	128	},
f8572d8f	129	{ }
34ac2573 PE	130	};
34ac2573 PE	131
fe2c6338	132	static struct ctl_table ipv6_rotable[] = {
1da177e4	133	{
1da177e4 LT	134	.procname = "mld_max_msf",
	135	.data = &sysctl_mld_max_msf,
	136	.maxlen = sizeof(int),
	137	.mode = 0644,
6d9f239a	138	.proc_handler = proc_dointvec
1da177e4	139	},
2f711939 HFS	140	{
	141	.procname = "mld_qrv",
	142	.data = &sysctl_mld_qrv,
	143	.maxlen = sizeof(int),
	144	.mode = 0644,
	145	.proc_handler = proc_dointvec_minmax,
	146	.extra1 = &one
	147	},
4fee5242 HD	148	#ifdef CONFIG_NETLABEL
	149	{
	150	.procname = "calipso_cache_enable",
	151	.data = &calipso_cache_enabled,
	152	.maxlen = sizeof(int),
	153	.mode = 0644,
	154	.proc_handler = proc_dointvec,
	155	},
	156	{
	157	.procname = "calipso_cache_bucket_size",
	158	.data = &calipso_cache_bucketsize,
	159	.maxlen = sizeof(int),
	160	.mode = 0644,
	161	.proc_handler = proc_dointvec,
	162	},
	163	#endif /* CONFIG_NETLABEL */
f8572d8f	164	{ }
1da177e4 LT	165	};
1da177e4 LT	166
2c8c1e72	167	static int __net_init ipv6_sysctl_net_init(struct net *net)
1da177e4	168	{
760f2d01 DL	169	struct ctl_table *ipv6_table;
	170	struct ctl_table *ipv6_route_table;
	171	struct ctl_table *ipv6_icmp_table;
	172	int err;
	173
	174	err = -ENOMEM;
	175	ipv6_table = kmemdup(ipv6_table_template, sizeof(ipv6_table_template),
	176	GFP_KERNEL);
	177	if (!ipv6_table)
	178	goto out;
6dceb036	179	ipv6_table[0].data = &net->ipv6.sysctl.bindv6only;
ec35b61e	180	ipv6_table[1].data = &net->ipv6.sysctl.anycast_src_echo_reply;
6444f72b	181	ipv6_table[2].data = &net->ipv6.sysctl.flowlabel_consistency;
cb1ce2ef	182	ipv6_table[3].data = &net->ipv6.sysctl.auto_flowlabels;
d247b6ab	183	ipv6_table[4].data = &net->ipv6.sysctl.fwmark_reflect;
1855b7c3 HFS	184	ipv6_table[5].data = &net->ipv6.sysctl.idgen_retries;
1855b7c3 HFS	185	ipv6_table[6].data = &net->ipv6.sysctl.idgen_delay;
82a584b7	186	ipv6_table[7].data = &net->ipv6.sysctl.flowlabel_state_ranges;
35a256fe	187	ipv6_table[8].data = &net->ipv6.sysctl.ip_nonlocal_bind;
22b6722b	188	ipv6_table[9].data = &net->ipv6.sysctl.flowlabel_reflect;
47d3d7ac TH	189	ipv6_table[10].data = &net->ipv6.sysctl.max_dst_opts_cnt;
	190	ipv6_table[11].data = &net->ipv6.sysctl.max_hbh_opts_cnt;
	191	ipv6_table[12].data = &net->ipv6.sysctl.max_dst_opts_len;
	192	ipv6_table[13].data = &net->ipv6.sysctl.max_hbh_opts_len;
760f2d01 DL	193
	194	ipv6_route_table = ipv6_route_sysctl_init(net);
	195	if (!ipv6_route_table)
	196	goto out_ipv6_table;
	197
	198	ipv6_icmp_table = ipv6_icmp_sysctl_init(net);
	199	if (!ipv6_icmp_table)
	200	goto out_ipv6_route_table;
760f2d01	201
6dceb036 EB	202	net->ipv6.sysctl.hdr = register_net_sysctl(net, "net/ipv6", ipv6_table);
6dceb036 EB	203	if (!net->ipv6.sysctl.hdr)
760f2d01 DL	204	goto out_ipv6_icmp_table;
760f2d01 DL	205
6dceb036 EB	206	net->ipv6.sysctl.route_hdr =
	207	register_net_sysctl(net, "net/ipv6/route", ipv6_route_table);
	208	if (!net->ipv6.sysctl.route_hdr)
	209	goto out_unregister_ipv6_table;
	210
	211	net->ipv6.sysctl.icmp_hdr =
	212	register_net_sysctl(net, "net/ipv6/icmp", ipv6_icmp_table);
	213	if (!net->ipv6.sysctl.icmp_hdr)
	214	goto out_unregister_route_table;
	215
760f2d01 DL	216	err = 0;
	217	out:
	218	return err;
6dceb036 EB	219	out_unregister_route_table:
	220	unregister_net_sysctl_table(net->ipv6.sysctl.route_hdr);
	221	out_unregister_ipv6_table:
	222	unregister_net_sysctl_table(net->ipv6.sysctl.hdr);
760f2d01 DL	223	out_ipv6_icmp_table:
	224	kfree(ipv6_icmp_table);
	225	out_ipv6_route_table:
	226	kfree(ipv6_route_table);
	227	out_ipv6_table:
	228	kfree(ipv6_table);
	229	goto out;
1da177e4 LT	230	}
1da177e4 LT	231
2c8c1e72	232	static void __net_exit ipv6_sysctl_net_exit(struct net *net)
89918fc2	233	{
760f2d01 DL	234	struct ctl_table *ipv6_table;
	235	struct ctl_table *ipv6_route_table;
	236	struct ctl_table *ipv6_icmp_table;
	237
6dceb036 EB	238	ipv6_table = net->ipv6.sysctl.hdr->ctl_table_arg;
	239	ipv6_route_table = net->ipv6.sysctl.route_hdr->ctl_table_arg;
	240	ipv6_icmp_table = net->ipv6.sysctl.icmp_hdr->ctl_table_arg;
760f2d01	241
6dceb036 EB	242	unregister_net_sysctl_table(net->ipv6.sysctl.icmp_hdr);
	243	unregister_net_sysctl_table(net->ipv6.sysctl.route_hdr);
	244	unregister_net_sysctl_table(net->ipv6.sysctl.hdr);
760f2d01 DL	245
	246	kfree(ipv6_table);
	247	kfree(ipv6_route_table);
	248	kfree(ipv6_icmp_table);
89918fc2 DL	249	}
	250
	251	static struct pernet_operations ipv6_sysctl_net_ops = {
	252	.init = ipv6_sysctl_net_init,
	253	.exit = ipv6_sysctl_net_exit,
	254	};
	255
34ac2573 PE	256	static struct ctl_table_header *ip6_header;
34ac2573 PE	257
89918fc2 DL	258	int ipv6_sysctl_register(void)
89918fc2 DL	259	{
c19a28e1	260	int err = -ENOMEM;
34ac2573	261
43444757	262	ip6_header = register_net_sysctl(&init_net, "net/ipv6", ipv6_rotable);
63159f29	263	if (!ip6_header)
34ac2573 PE	264	goto out;
	265
	266	err = register_pernet_subsys(&ipv6_sysctl_net_ops);
	267	if (err)
	268	goto err_pernet;
	269	out:
	270	return err;
	271
	272	err_pernet:
	273	unregister_net_sysctl_table(ip6_header);
	274	goto out;
89918fc2 DL	275	}
89918fc2 DL	276
1da177e4 LT	277	void ipv6_sysctl_unregister(void)
1da177e4 LT	278	{
34ac2573	279	unregister_net_sysctl_table(ip6_header);
89918fc2	280	unregister_pernet_subsys(&ipv6_sysctl_net_ops);
1da177e4	281	}