diff options
| author | Eric W. Biederman <ebiederm@xmission.com> | 2012-04-19 13:24:33 +0000 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2012-04-20 21:21:17 -0400 |
| commit | 5dd3df105b9f6cb7dd2472b59e028d0d1c878ecb (patch) | |
| tree | b12606e6e74ee6d07823eb268e09d899946279fd /net/netfilter | |
| parent | 4344475797a16ef948385780943f7a5cf09f0675 (diff) | |
| download | linux-5dd3df105b9f6cb7dd2472b59e028d0d1c878ecb.tar.gz linux-5dd3df105b9f6cb7dd2472b59e028d0d1c878ecb.tar.bz2 linux-5dd3df105b9f6cb7dd2472b59e028d0d1c878ecb.zip | |
net: Move all of the network sysctls without a namespace into init_net.
This makes it clearer which sysctls are relative to your current network
namespace.
This makes it a little less error prone by not exposing sysctls for the
initial network namespace in other namespaces.
This is the same way we handle all of our other network interfaces to
userspace and I can't honestly remember why we didn't do this for
sysctls right from the start.
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Acked-by: Pavel Emelyanov <xemul@parallels.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/netfilter')
| -rw-r--r-- | net/netfilter/nf_conntrack_proto.c | 4 | ||||
| -rw-r--r-- | net/netfilter/nf_conntrack_standalone.c | 6 | ||||
| -rw-r--r-- | net/netfilter/nf_log.c | 2 |
3 files changed, 6 insertions, 6 deletions
diff --git a/net/netfilter/nf_conntrack_proto.c b/net/netfilter/nf_conntrack_proto.c index be3da2c8cdc5..bbc753fd4fe0 100644 --- a/net/netfilter/nf_conntrack_proto.c +++ b/net/netfilter/nf_conntrack_proto.c @@ -40,7 +40,7 @@ nf_ct_register_sysctl(struct ctl_table_header **header, struct ctl_path *path, struct ctl_table *table, unsigned int *users) { if (*header == NULL) { - *header = register_sysctl_paths(path, table); + *header = register_net_sysctl_table(&init_net, path, table); if (*header == NULL) return -ENOMEM; } @@ -56,7 +56,7 @@ nf_ct_unregister_sysctl(struct ctl_table_header **header, if (users != NULL && --*users > 0) return; - unregister_sysctl_table(*header); + unregister_net_sysctl_table(*header); *header = NULL; } #endif diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c index 885f5ab9bc28..0c3888de0f55 100644 --- a/net/netfilter/nf_conntrack_standalone.c +++ b/net/netfilter/nf_conntrack_standalone.c @@ -479,7 +479,7 @@ static int nf_conntrack_standalone_init_sysctl(struct net *net) if (net_eq(net, &init_net)) { nf_ct_netfilter_header = - register_sysctl_paths(nf_ct_path, nf_ct_netfilter_table); + register_net_sysctl_table(&init_net, nf_ct_path, nf_ct_netfilter_table); if (!nf_ct_netfilter_header) goto out; } @@ -505,7 +505,7 @@ out_unregister_netfilter: kfree(table); out_kmemdup: if (net_eq(net, &init_net)) - unregister_sysctl_table(nf_ct_netfilter_header); + unregister_net_sysctl_table(nf_ct_netfilter_header); out: printk(KERN_ERR "nf_conntrack: can't register to sysctl.\n"); return -ENOMEM; @@ -516,7 +516,7 @@ static void nf_conntrack_standalone_fini_sysctl(struct net *net) struct ctl_table *table; if (net_eq(net, &init_net)) - unregister_sysctl_table(nf_ct_netfilter_header); + unregister_net_sysctl_table(nf_ct_netfilter_header); table = net->ct.sysctl_header->ctl_table_arg; unregister_net_sysctl_table(net->ct.sysctl_header); kfree(table); diff --git a/net/netfilter/nf_log.c b/net/netfilter/nf_log.c index 957374a234d4..04fca48d901a 100644 --- a/net/netfilter/nf_log.c +++ b/net/netfilter/nf_log.c @@ -283,7 +283,7 @@ static __init int netfilter_log_sysctl_init(void) nf_log_sysctl_table[i].extra1 = (void *)(unsigned long) i; } - nf_log_dir_header = register_sysctl_paths(nf_log_sysctl_path, + nf_log_dir_header = register_net_sysctl_table(&init_net, nf_log_sysctl_path, nf_log_sysctl_table); if (!nf_log_dir_header) return -ENOMEM; |