diff options
Diffstat (limited to 'include/net/netns')
| -rw-r--r-- | include/net/netns/conntrack.h | 46 | ||||
| -rw-r--r-- | include/net/netns/ieee802154_6lowpan.h | 22 | ||||
| -rw-r--r-- | include/net/netns/ipv4.h | 23 | ||||
| -rw-r--r-- | include/net/netns/ipv6.h | 3 | ||||
| -rw-r--r-- | include/net/netns/nftables.h | 20 | ||||
| -rw-r--r-- | include/net/netns/xfrm.h | 15 |
6 files changed, 106 insertions, 23 deletions
diff --git a/include/net/netns/conntrack.h b/include/net/netns/conntrack.h index c9c0c538b68..773cce308bc 100644 --- a/include/net/netns/conntrack.h +++ b/include/net/netns/conntrack.h @@ -5,6 +5,7 @@ #include <linux/list_nulls.h> #include <linux/atomic.h> #include <linux/netfilter/nf_conntrack_tcp.h> +#include <linux/seqlock.h> struct ctl_table_header; struct nf_conntrack_ecache; @@ -62,27 +63,42 @@ struct nf_ip_net { #endif }; +struct ct_pcpu { + spinlock_t lock; + struct hlist_nulls_head unconfirmed; + struct hlist_nulls_head dying; + struct hlist_nulls_head tmpl; +}; + struct netns_ct { atomic_t count; unsigned int expect_count; +#ifdef CONFIG_SYSCTL + struct ctl_table_header *sysctl_header; + struct ctl_table_header *acct_sysctl_header; + struct ctl_table_header *tstamp_sysctl_header; + struct ctl_table_header *event_sysctl_header; + struct ctl_table_header *helper_sysctl_header; +#endif + char *slabname; + unsigned int sysctl_log_invalid; /* Log invalid packets */ + unsigned int sysctl_events_retry_timeout; + int sysctl_events; + int sysctl_acct; + int sysctl_auto_assign_helper; + bool auto_assign_helper_warned; + int sysctl_tstamp; + int sysctl_checksum; + unsigned int htable_size; + seqcount_t generation; struct kmem_cache *nf_conntrack_cachep; struct hlist_nulls_head *hash; struct hlist_head *expect_hash; - struct hlist_nulls_head unconfirmed; - struct hlist_nulls_head dying; - struct hlist_nulls_head tmpl; + struct ct_pcpu __percpu *pcpu_lists; struct ip_conntrack_stat __percpu *stat; struct nf_ct_event_notifier __rcu *nf_conntrack_event_cb; struct nf_exp_event_notifier __rcu *nf_expect_event_cb; - int sysctl_events; - unsigned int sysctl_events_retry_timeout; - int sysctl_acct; - int sysctl_tstamp; - int sysctl_checksum; - unsigned int sysctl_log_invalid; /* Log invalid packets */ - int sysctl_auto_assign_helper; - bool auto_assign_helper_warned; struct nf_ip_net nf_ct_proto; #if defined(CONFIG_NF_CONNTRACK_LABELS) unsigned int labels_used; @@ -92,13 +108,5 @@ struct netns_ct { struct hlist_head *nat_bysource; unsigned int nat_htable_size; #endif -#ifdef CONFIG_SYSCTL - struct ctl_table_header *sysctl_header; - struct ctl_table_header *acct_sysctl_header; - struct ctl_table_header *tstamp_sysctl_header; - struct ctl_table_header *event_sysctl_header; - struct ctl_table_header *helper_sysctl_header; -#endif - char *slabname; }; #endif diff --git a/include/net/netns/ieee802154_6lowpan.h b/include/net/netns/ieee802154_6lowpan.h new file mode 100644 index 00000000000..e2070960bac --- /dev/null +++ b/include/net/netns/ieee802154_6lowpan.h @@ -0,0 +1,22 @@ +/* + * ieee802154 6lowpan in net namespaces + */ + +#include <net/inet_frag.h> + +#ifndef __NETNS_IEEE802154_6LOWPAN_H__ +#define __NETNS_IEEE802154_6LOWPAN_H__ + +struct netns_sysctl_lowpan { +#ifdef CONFIG_SYSCTL + struct ctl_table_header *frags_hdr; +#endif +}; + +struct netns_ieee802154_lowpan { + struct netns_sysctl_lowpan sysctl; + struct netns_frags frags; + int max_dsize; +}; + +#endif diff --git a/include/net/netns/ipv4.h b/include/net/netns/ipv4.h index bf2ec2202c5..aec5e12f9f1 100644 --- a/include/net/netns/ipv4.h +++ b/include/net/netns/ipv4.h @@ -15,6 +15,15 @@ struct fib_rules_ops; struct hlist_head; struct fib_table; struct sock; +struct local_ports { + seqlock_t lock; + int range[2]; +}; + +struct ping_group_range { + seqlock_t lock; + kgid_t range[2]; +}; struct netns_ipv4 { #ifdef CONFIG_SYSCTL @@ -62,13 +71,23 @@ struct netns_ipv4 { int sysctl_icmp_ratemask; int sysctl_icmp_errors_use_inbound_ifaddr; + struct local_ports ip_local_ports; + int sysctl_tcp_ecn; + int sysctl_ip_no_pmtu_disc; + int sysctl_ip_fwd_use_pmtu; - kgid_t sysctl_ping_group_range[2]; - long sysctl_tcp_mem[3]; + int sysctl_fwmark_reflect; + int sysctl_tcp_fwmark_accept; + + struct ping_group_range ping_group_range; atomic_t dev_addr_genid; +#ifdef CONFIG_SYSCTL + unsigned long *sysctl_local_reserved_ports; +#endif + #ifdef CONFIG_IP_MROUTE #ifndef CONFIG_IP_MROUTE_MULTIPLE_TABLES struct mr_table *mrt; diff --git a/include/net/netns/ipv6.h b/include/net/netns/ipv6.h index 0fb2401197c..19d3446e59d 100644 --- a/include/net/netns/ipv6.h +++ b/include/net/netns/ipv6.h @@ -27,7 +27,10 @@ struct netns_sysctl_ipv6 { int ip6_rt_gc_elasticity; int ip6_rt_mtu_expires; int ip6_rt_min_advmss; + int flowlabel_consistency; int icmpv6_time; + int anycast_src_echo_reply; + int fwmark_reflect; }; struct netns_ipv6 { diff --git a/include/net/netns/nftables.h b/include/net/netns/nftables.h new file mode 100644 index 00000000000..eee608b12cc --- /dev/null +++ b/include/net/netns/nftables.h @@ -0,0 +1,20 @@ +#ifndef _NETNS_NFTABLES_H_ +#define _NETNS_NFTABLES_H_ + +#include <linux/list.h> + +struct nft_af_info; + +struct netns_nftables { + struct list_head af_info; + struct list_head commit_list; + struct nft_af_info *ipv4; + struct nft_af_info *ipv6; + struct nft_af_info *inet; + struct nft_af_info *arp; + struct nft_af_info *bridge; + unsigned int base_seq; + u8 gencursor; +}; + +#endif diff --git a/include/net/netns/xfrm.h b/include/net/netns/xfrm.h index 5299e69a32a..3492434baf8 100644 --- a/include/net/netns/xfrm.h +++ b/include/net/netns/xfrm.h @@ -6,6 +6,7 @@ #include <linux/workqueue.h> #include <linux/xfrm.h> #include <net/dst_ops.h> +#include <net/flowcache.h> struct ctl_table_header; @@ -33,8 +34,6 @@ struct netns_xfrm { struct hlist_head state_gc_list; struct work_struct state_gc_work; - wait_queue_head_t km_waitq; - struct list_head policy_all; struct hlist_head *policy_byidx; unsigned int policy_idx_hmask; @@ -59,6 +58,18 @@ struct netns_xfrm { #if IS_ENABLED(CONFIG_IPV6) struct dst_ops xfrm6_dst_ops; #endif + spinlock_t xfrm_state_lock; + rwlock_t xfrm_policy_lock; + struct mutex xfrm_cfg_mutex; + + /* flow cache part */ + struct flow_cache flow_cache_global; + atomic_t flow_cache_genid; + struct list_head flow_cache_gc_list; + spinlock_t flow_cache_gc_lock; + struct work_struct flow_cache_gc_work; + struct work_struct flow_cache_flush_work; + struct mutex flow_flush_sem; }; #endif |