Newer
Older
/* -*- linux-c -*-
* sysctl_net.c: sysctl interface to net subsystem.
*
* Begun April 1, 1996, Mike Shaver.
* Added /proc/sys/net directories for each protocol family. [MS]
*
* Revision 1.2 1996/05/08 20:24:40 shaver
* Added bits for NET_BRIDGE and the NET_IPV4_ARP stuff and
* NET_IPV4_IP_FORWARD.
*
*
*/
#include <linux/mm.h>
#include <linux/sysctl.h>
#include <linux/nsproxy.h>
#include <net/sock.h>
static struct ctl_table_set *
net_ctl_header_lookup(struct ctl_table_root *root, struct nsproxy *namespaces)
{
return &namespaces->net_ns->sysctls;
}
static int is_seen(struct ctl_table_set *set)
{
return ¤t->nsproxy->net_ns->sysctls == set;
}
/* Return standard mode bits for table entry. */
static int net_ctl_permissions(struct ctl_table_root *root,
struct nsproxy *nsproxy,
struct ctl_table *table)
{
/* Allow network administrator to have same access as root. */
if (capable(CAP_NET_ADMIN)) {
int mode = (table->mode >> 6) & 7;
return (mode << 6) | (mode << 3) | mode;
}
return table->mode;
}
static struct ctl_table_root net_sysctl_root = {
.lookup = net_ctl_header_lookup,
.permissions = net_ctl_permissions,
};
static int net_ctl_ro_header_perms(struct ctl_table_root *root,
struct nsproxy *namespaces, struct ctl_table *table)
{
if (net_eq(namespaces->net_ns, &init_net))
return table->mode;
else
return table->mode & ~0222;
}
static struct ctl_table_root net_sysctl_ro_root = {
.permissions = net_ctl_ro_header_perms,
};
static int __net_init sysctl_net_init(struct net *net)
setup_sysctl_set(&net->sysctls,
&net_sysctl_ro_root.default_set,
is_seen);
return 0;
}
static void __net_exit sysctl_net_exit(struct net *net)
WARN_ON(!list_empty(&net->sysctls.list));
}
static struct pernet_operations sysctl_pernet_ops = {
.init = sysctl_net_init,
.exit = sysctl_net_exit,
};
static __init int sysctl_init(void)
{
int ret;
ret = register_pernet_subsys(&sysctl_pernet_ops);
if (ret)
goto out;
register_sysctl_root(&net_sysctl_root);
setup_sysctl_set(&net_sysctl_ro_root.default_set, NULL, NULL);
register_sysctl_root(&net_sysctl_ro_root);
out:
return ret;
}
subsys_initcall(sysctl_init);
struct ctl_table_header *register_net_sysctl_table(struct net *net,
const struct ctl_path *path, struct ctl_table *table)
{
struct nsproxy namespaces;
namespaces = *current->nsproxy;
namespaces.net_ns = net;
return __register_sysctl_paths(&net_sysctl_root,
&namespaces, path, table);
}
EXPORT_SYMBOL_GPL(register_net_sysctl_table);
struct ctl_table_header *register_net_sysctl_rotable(const
struct ctl_path *path, struct ctl_table *table)
{
return __register_sysctl_paths(&net_sysctl_ro_root,
&init_nsproxy, path, table);
}
EXPORT_SYMBOL_GPL(register_net_sysctl_rotable);
void unregister_net_sysctl_table(struct ctl_table_header *header)
{
unregister_sysctl_table(header);
}
EXPORT_SYMBOL_GPL(unregister_net_sysctl_table);