aboutsummaryrefslogtreecommitdiff
path: root/include/net/netns
diff options
context:
space:
mode:
Diffstat (limited to 'include/net/netns')
-rw-r--r--include/net/netns/conntrack.h49
-rw-r--r--include/net/netns/ieee802154_6lowpan.h22
-rw-r--r--include/net/netns/ipv4.h27
-rw-r--r--include/net/netns/ipv6.h6
-rw-r--r--include/net/netns/netfilter.h18
-rw-r--r--include/net/netns/nftables.h20
-rw-r--r--include/net/netns/sctp.h3
-rw-r--r--include/net/netns/x_tables.h7
-rw-r--r--include/net/netns/xfrm.h15
9 files changed, 145 insertions, 22 deletions
diff --git a/include/net/netns/conntrack.h b/include/net/netns/conntrack.h
index a1d83cc8bf8..773cce308bc 100644
--- a/include/net/netns/conntrack.h
+++ b/include/net/netns/conntrack.h
@@ -5,6 +5,7 @@
#include <linux/list_nulls.h>
#include <linux/atomic.h>
#include <linux/netfilter/nf_conntrack_tcp.h>
+#include <linux/seqlock.h>
struct ctl_table_header;
struct nf_conntrack_ecache;
@@ -62,38 +63,50 @@ struct nf_ip_net {
#endif
};
+struct ct_pcpu {
+ spinlock_t lock;
+ struct hlist_nulls_head unconfirmed;
+ struct hlist_nulls_head dying;
+ struct hlist_nulls_head tmpl;
+};
+
struct netns_ct {
atomic_t count;
unsigned int expect_count;
+#ifdef CONFIG_SYSCTL
+ struct ctl_table_header *sysctl_header;
+ struct ctl_table_header *acct_sysctl_header;
+ struct ctl_table_header *tstamp_sysctl_header;
+ struct ctl_table_header *event_sysctl_header;
+ struct ctl_table_header *helper_sysctl_header;
+#endif
+ char *slabname;
+ unsigned int sysctl_log_invalid; /* Log invalid packets */
+ unsigned int sysctl_events_retry_timeout;
+ int sysctl_events;
+ int sysctl_acct;
+ int sysctl_auto_assign_helper;
+ bool auto_assign_helper_warned;
+ int sysctl_tstamp;
+ int sysctl_checksum;
+
unsigned int htable_size;
+ seqcount_t generation;
struct kmem_cache *nf_conntrack_cachep;
struct hlist_nulls_head *hash;
struct hlist_head *expect_hash;
- struct hlist_nulls_head unconfirmed;
- struct hlist_nulls_head dying;
+ struct ct_pcpu __percpu *pcpu_lists;
struct ip_conntrack_stat __percpu *stat;
struct nf_ct_event_notifier __rcu *nf_conntrack_event_cb;
struct nf_exp_event_notifier __rcu *nf_expect_event_cb;
- int sysctl_events;
- unsigned int sysctl_events_retry_timeout;
- int sysctl_acct;
- int sysctl_tstamp;
- int sysctl_checksum;
- unsigned int sysctl_log_invalid; /* Log invalid packets */
- int sysctl_auto_assign_helper;
- bool auto_assign_helper_warned;
struct nf_ip_net nf_ct_proto;
+#if defined(CONFIG_NF_CONNTRACK_LABELS)
+ unsigned int labels_used;
+ u8 label_words;
+#endif
#ifdef CONFIG_NF_NAT_NEEDED
struct hlist_head *nat_bysource;
unsigned int nat_htable_size;
#endif
-#ifdef CONFIG_SYSCTL
- struct ctl_table_header *sysctl_header;
- struct ctl_table_header *acct_sysctl_header;
- struct ctl_table_header *tstamp_sysctl_header;
- struct ctl_table_header *event_sysctl_header;
- struct ctl_table_header *helper_sysctl_header;
-#endif
- char *slabname;
};
#endif
diff --git a/include/net/netns/ieee802154_6lowpan.h b/include/net/netns/ieee802154_6lowpan.h
new file mode 100644
index 00000000000..e2070960bac
--- /dev/null
+++ b/include/net/netns/ieee802154_6lowpan.h
@@ -0,0 +1,22 @@
+/*
+ * ieee802154 6lowpan in net namespaces
+ */
+
+#include <net/inet_frag.h>
+
+#ifndef __NETNS_IEEE802154_6LOWPAN_H__
+#define __NETNS_IEEE802154_6LOWPAN_H__
+
+struct netns_sysctl_lowpan {
+#ifdef CONFIG_SYSCTL
+ struct ctl_table_header *frags_hdr;
+#endif
+};
+
+struct netns_ieee802154_lowpan {
+ struct netns_sysctl_lowpan sysctl;
+ struct netns_frags frags;
+ int max_dsize;
+};
+
+#endif
diff --git a/include/net/netns/ipv4.h b/include/net/netns/ipv4.h
index 2ae2b8372cf..aec5e12f9f1 100644
--- a/include/net/netns/ipv4.h
+++ b/include/net/netns/ipv4.h
@@ -15,6 +15,15 @@ struct fib_rules_ops;
struct hlist_head;
struct fib_table;
struct sock;
+struct local_ports {
+ seqlock_t lock;
+ int range[2];
+};
+
+struct ping_group_range {
+ seqlock_t lock;
+ kgid_t range[2];
+};
struct netns_ipv4 {
#ifdef CONFIG_SYSCTL
@@ -22,6 +31,7 @@ struct netns_ipv4 {
struct ctl_table_header *frags_hdr;
struct ctl_table_header *ipv4_hdr;
struct ctl_table_header *route_hdr;
+ struct ctl_table_header *xfrm4_hdr;
#endif
struct ipv4_devconf *devconf_all;
struct ipv4_devconf *devconf_dflt;
@@ -61,11 +71,23 @@ struct netns_ipv4 {
int sysctl_icmp_ratemask;
int sysctl_icmp_errors_use_inbound_ifaddr;
- kgid_t sysctl_ping_group_range[2];
- long sysctl_tcp_mem[3];
+ struct local_ports ip_local_ports;
+
+ int sysctl_tcp_ecn;
+ int sysctl_ip_no_pmtu_disc;
+ int sysctl_ip_fwd_use_pmtu;
+
+ int sysctl_fwmark_reflect;
+ int sysctl_tcp_fwmark_accept;
+
+ struct ping_group_range ping_group_range;
atomic_t dev_addr_genid;
+#ifdef CONFIG_SYSCTL
+ unsigned long *sysctl_local_reserved_ports;
+#endif
+
#ifdef CONFIG_IP_MROUTE
#ifndef CONFIG_IP_MROUTE_MULTIPLE_TABLES
struct mr_table *mrt;
@@ -74,5 +96,6 @@ struct netns_ipv4 {
struct fib_rules_ops *mr_rules_ops;
#endif
#endif
+ atomic_t rt_genid;
};
#endif
diff --git a/include/net/netns/ipv6.h b/include/net/netns/ipv6.h
index 214cb0a5335..19d3446e59d 100644
--- a/include/net/netns/ipv6.h
+++ b/include/net/netns/ipv6.h
@@ -16,6 +16,7 @@ struct netns_sysctl_ipv6 {
struct ctl_table_header *route_hdr;
struct ctl_table_header *icmp_hdr;
struct ctl_table_header *frags_hdr;
+ struct ctl_table_header *xfrm6_hdr;
#endif
int bindv6only;
int flush_delay;
@@ -26,7 +27,10 @@ struct netns_sysctl_ipv6 {
int ip6_rt_gc_elasticity;
int ip6_rt_mtu_expires;
int ip6_rt_min_advmss;
+ int flowlabel_consistency;
int icmpv6_time;
+ int anycast_src_echo_reply;
+ int fwmark_reflect;
};
struct netns_ipv6 {
@@ -70,6 +74,8 @@ struct netns_ipv6 {
struct fib_rules_ops *mr6_rules_ops;
#endif
#endif
+ atomic_t dev_addr_genid;
+ atomic_t rt_genid;
};
#if IS_ENABLED(CONFIG_NF_DEFRAG_IPV6)
diff --git a/include/net/netns/netfilter.h b/include/net/netns/netfilter.h
new file mode 100644
index 00000000000..88740024ccf
--- /dev/null
+++ b/include/net/netns/netfilter.h
@@ -0,0 +1,18 @@
+#ifndef __NETNS_NETFILTER_H
+#define __NETNS_NETFILTER_H
+
+#include <linux/proc_fs.h>
+#include <linux/netfilter.h>
+
+struct nf_logger;
+
+struct netns_nf {
+#if defined CONFIG_PROC_FS
+ struct proc_dir_entry *proc_netfilter;
+#endif
+ const struct nf_logger __rcu *nf_loggers[NFPROTO_NUMPROTO];
+#ifdef CONFIG_SYSCTL
+ struct ctl_table_header *nf_log_dir_header;
+#endif
+};
+#endif
diff --git a/include/net/netns/nftables.h b/include/net/netns/nftables.h
new file mode 100644
index 00000000000..eee608b12cc
--- /dev/null
+++ b/include/net/netns/nftables.h
@@ -0,0 +1,20 @@
+#ifndef _NETNS_NFTABLES_H_
+#define _NETNS_NFTABLES_H_
+
+#include <linux/list.h>
+
+struct nft_af_info;
+
+struct netns_nftables {
+ struct list_head af_info;
+ struct list_head commit_list;
+ struct nft_af_info *ipv4;
+ struct nft_af_info *ipv6;
+ struct nft_af_info *inet;
+ struct nft_af_info *arp;
+ struct nft_af_info *bridge;
+ unsigned int base_seq;
+ u8 gencursor;
+};
+
+#endif
diff --git a/include/net/netns/sctp.h b/include/net/netns/sctp.h
index 5e5eb1f9f14..3573a81815a 100644
--- a/include/net/netns/sctp.h
+++ b/include/net/netns/sctp.h
@@ -62,6 +62,9 @@ struct netns_sctp {
/* Whether Cookie Preservative is enabled(1) or not(0) */
int cookie_preserve_enable;
+ /* The namespace default hmac alg */
+ char *sctp_hmac_alg;
+
/* Valid.Cookie.Life - 60 seconds */
unsigned int valid_cookie_life;
diff --git a/include/net/netns/x_tables.h b/include/net/netns/x_tables.h
index 591db7d657a..02fe40f8c8f 100644
--- a/include/net/netns/x_tables.h
+++ b/include/net/netns/x_tables.h
@@ -8,11 +8,18 @@ struct ebt_table;
struct netns_xt {
struct list_head tables[NFPROTO_NUMPROTO];
+ bool notrack_deprecated_warning;
#if defined(CONFIG_BRIDGE_NF_EBTABLES) || \
defined(CONFIG_BRIDGE_NF_EBTABLES_MODULE)
struct ebt_table *broute_table;
struct ebt_table *frame_filter;
struct ebt_table *frame_nat;
#endif
+#if IS_ENABLED(CONFIG_IP_NF_TARGET_ULOG)
+ bool ulog_warn_deprecated;
+#endif
+#if IS_ENABLED(CONFIG_BRIDGE_EBT_ULOG)
+ bool ebt_ulog_warn_deprecated;
+#endif
};
#endif
diff --git a/include/net/netns/xfrm.h b/include/net/netns/xfrm.h
index 5299e69a32a..3492434baf8 100644
--- a/include/net/netns/xfrm.h
+++ b/include/net/netns/xfrm.h
@@ -6,6 +6,7 @@
#include <linux/workqueue.h>
#include <linux/xfrm.h>
#include <net/dst_ops.h>
+#include <net/flowcache.h>
struct ctl_table_header;
@@ -33,8 +34,6 @@ struct netns_xfrm {
struct hlist_head state_gc_list;
struct work_struct state_gc_work;
- wait_queue_head_t km_waitq;
-
struct list_head policy_all;
struct hlist_head *policy_byidx;
unsigned int policy_idx_hmask;
@@ -59,6 +58,18 @@ struct netns_xfrm {
#if IS_ENABLED(CONFIG_IPV6)
struct dst_ops xfrm6_dst_ops;
#endif
+ spinlock_t xfrm_state_lock;
+ rwlock_t xfrm_policy_lock;
+ struct mutex xfrm_cfg_mutex;
+
+ /* flow cache part */
+ struct flow_cache flow_cache_global;
+ atomic_t flow_cache_genid;
+ struct list_head flow_cache_gc_list;
+ spinlock_t flow_cache_gc_lock;
+ struct work_struct flow_cache_gc_work;
+ struct work_struct flow_cache_flush_work;
+ struct mutex flow_flush_sem;
};
#endif
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2025-11-10 06:12:41 +0000