net/xfrm/xfrm_sysctl.c

   1 // SPDX-License-Identifier: GPL-2.0
   2 #include <linux/sysctl.h>
   3 #include <linux/slab.h>
   4 #include <net/net_namespace.h>
   5 #include <net/xfrm.h>
   6
   7 static void __net_init __xfrm_sysctl_init(struct net *net)
   8 {
   9         net->xfrm.sysctl_aevent_etime = XFRM_AE_ETIME;
  10         net->xfrm.sysctl_aevent_rseqth = XFRM_AE_SEQT_SIZE;
  11         net->xfrm.sysctl_larval_drop = 1;
  12         net->xfrm.sysctl_acq_expires = 30;
  13 }
  14
  15 #ifdef CONFIG_SYSCTL
  16 static struct ctl_table xfrm_table[] = {
  17         {
  18                 .procname       = "xfrm_aevent_etime",
  19                 .maxlen         = sizeof(u32),
  20                 .mode           = 0644,
  21                 .proc_handler   = proc_douintvec
  22         },
  23         {
  24                 .procname       = "xfrm_aevent_rseqth",
  25                 .maxlen         = sizeof(u32),
  26                 .mode           = 0644,
  27                 .proc_handler   = proc_douintvec
  28         },
  29         {
  30                 .procname       = "xfrm_larval_drop",
  31                 .maxlen         = sizeof(int),
  32                 .mode           = 0644,
  33                 .proc_handler   = proc_dointvec
  34         },
  35         {
  36                 .procname       = "xfrm_acq_expires",
  37                 .maxlen         = sizeof(int),
  38                 .mode           = 0644,
  39                 .proc_handler   = proc_dointvec
  40         },
  41         {}
  42 };
  43
  44 int __net_init xfrm_sysctl_init(struct net *net)
  45 {
  46         struct ctl_table *table;
  47
  48         __xfrm_sysctl_init(net);
  49
  50         table = kmemdup(xfrm_table, sizeof(xfrm_table), GFP_KERNEL);
  51         if (!table)
  52                 goto out_kmemdup;
  53         table[0].data = &net->xfrm.sysctl_aevent_etime;
  54         table[1].data = &net->xfrm.sysctl_aevent_rseqth;
  55         table[2].data = &net->xfrm.sysctl_larval_drop;
  56         table[3].data = &net->xfrm.sysctl_acq_expires;
  57
  58         /* Don't export sysctls to unprivileged users */
  59         if (net->user_ns != &init_user_ns)
  60                 table[0].procname = NULL;
  61
  62         net->xfrm.sysctl_hdr = register_net_sysctl(net, "net/core", table);
  63         if (!net->xfrm.sysctl_hdr)
  64                 goto out_register;
  65         return 0;
  66
  67 out_register:
  68         kfree(table);
  69 out_kmemdup:
  70         return -ENOMEM;
  71 }
  72
  73 void __net_exit xfrm_sysctl_fini(struct net *net)
  74 {
  75         struct ctl_table *table;
  76
  77         table = net->xfrm.sysctl_hdr->ctl_table_arg;
  78         unregister_net_sysctl_table(net->xfrm.sysctl_hdr);
  79         kfree(table);
  80 }
  81 #else
  82 int __net_init xfrm_sysctl_init(struct net *net)
  83 {
  84         __xfrm_sysctl_init(net);
  85         return 0;
  86 }
  87 #endif