All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH net-next 00/19] net: Sysctl simplifications and enhancements
@ 2012-04-19 23:17 Eric W. Biederman
  2012-04-19 23:18 ` [PATCH net-next 01/19] net: Implement register_net_sysctl Eric W. Biederman
                   ` (19 more replies)
  0 siblings, 20 replies; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-19 23:17 UTC (permalink / raw)
  To: David Miller
  Cc: netdev, Serge E. Hallyn, Gao feng, pablo, Stephen Hemminger,
	Pavel Emelyanov


Summary:
- Kill approximately 400 lines of code
- Allow all networking sysctls with just CAP_NET_ADMIN
- Hide all networking sysctls that don't apply to your current network namespace.
- Uniformly register flat sysctl tables not sysctl tables with .child entries
- Readable string paths for registering sysctls

Eric W. Biederman (19):
      net: Implement register_net_sysctl.
      net sysctl:  Register an empty /proc/sys/net
      net sysctl: Initialize the network sysctls sooner to avoid problems.
      net: Kill register_sysctl_rotable
      net: Move all of the network sysctls without a namespace into init_net.
      net core: Remove unneded creation of an empty  net/core sysctl directory
      net ipv6: Remove unneded registration of an empty net/ipv6/neigh
      net ipv4: Remove the unneeded registration of an empty net/ipv4/neigh
      net ax25: Simplify and cleanup the ax25 sysctl handling.
      net llc: Don't use sysctl tables with .child entries.
      net ipv6: Don't use sysctl tables with .child entries.
      net neighbour:  Convert to use register_net_sysctl
      net decnet:  Convert to use register_net_sysctl
      net ipv6:  Convert addrconf to use register_net_sysctl
      net ipv4:  Convert devinet to use register_net_sysctl
      net: Convert nf_conntrack_proto to use register_net_sysctl
      net: Convert all sysctl registrations to register_net_sysctl
      net: Delete all remaining instances of ctl_path
      net: Remove register_net_sysctl_table

 drivers/infiniband/core/ucma.c                 |   10 +--
 include/linux/netfilter.h                      |    6 --
 include/net/ax25.h                             |   10 ++--
 include/net/ip.h                               |    3 -
 include/net/ip_vs.h                            |    2 -
 include/net/ipv6.h                             |    3 -
 include/net/net_namespace.h                    |   12 ++--
 include/net/netfilter/nf_conntrack_l3proto.h   |    2 +-
 include/net/netns/ipv6.h                       |    4 +-
 net/802/tr.c                                   |    8 +--
 net/appletalk/sysctl_net_atalk.c               |   10 +--
 net/ax25/af_ax25.c                             |    2 -
 net/ax25/ax25_dev.c                            |   10 +--
 net/ax25/sysctl_net_ax25.c                     |   82 ++++++++---------------
 net/bridge/br_netfilter.c                      |   10 +--
 net/core/neighbour.c                           |   35 ++--------
 net/core/sysctl_net_core.c                     |   14 +----
 net/dccp/sysctl.c                              |   11 +---
 net/decnet/dn_dev.c                            |   21 ++-----
 net/decnet/sysctl_net_decnet.c                 |   10 +--
 net/ipv4/devinet.c                             |   39 ++----------
 net/ipv4/ip_fragment.c                         |    4 +-
 net/ipv4/netfilter.c                           |   10 ---
 net/ipv4/netfilter/ip_queue.c                  |    6 +-
 net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c |    2 +-
 net/ipv4/route.c                               |   29 +--------
 net/ipv4/sysctl_net_ipv4.c                     |   14 +---
 net/ipv4/xfrm4_policy.c                        |    4 +-
 net/ipv6/addrconf.c                            |   32 +--------
 net/ipv6/af_inet6.c                            |   15 ----
 net/ipv6/netfilter/ip6_queue.c                 |    6 +-
 net/ipv6/netfilter/nf_conntrack_reasm.c        |    6 +-
 net/ipv6/reassembly.c                          |    4 +-
 net/ipv6/sysctl_net_ipv6.c                     |   83 +++++++-----------------
 net/ipv6/xfrm6_policy.c                        |    4 +-
 net/ipx/sysctl_net_ipx.c                       |   11 +--
 net/irda/irsysctl.c                            |   10 +--
 net/llc/sysctl_net_llc.c                       |   52 +++++----------
 net/netfilter/core.c                           |    9 ---
 net/netfilter/ipvs/ip_vs_ctl.c                 |   10 +---
 net/netfilter/ipvs/ip_vs_lblc.c                |    3 +-
 net/netfilter/ipvs/ip_vs_lblcr.c               |    3 +-
 net/netfilter/nf_conntrack_acct.c              |    4 +-
 net/netfilter/nf_conntrack_ecache.c            |    3 +-
 net/netfilter/nf_conntrack_proto.c             |   10 ++--
 net/netfilter/nf_conntrack_proto_dccp.c        |    4 +-
 net/netfilter/nf_conntrack_standalone.c        |   14 +---
 net/netfilter/nf_conntrack_timestamp.c         |    4 +-
 net/netfilter/nf_log.c                         |    9 +--
 net/netrom/sysctl_net_netrom.c                 |   10 +--
 net/phonet/sysctl.c                            |   10 +--
 net/rds/ib_sysctl.c                            |   11 +---
 net/rds/iw_sysctl.c                            |   11 +---
 net/rds/sysctl.c                               |   11 +---
 net/rose/sysctl_net_rose.c                     |   10 +--
 net/sctp/sysctl.c                              |   10 +--
 net/socket.c                                   |    6 ++
 net/sysctl_net.c                               |   45 ++++---------
 net/unix/sysctl_net_unix.c                     |   10 +--
 net/x25/sysctl_net_x25.c                       |   10 +--
 net/xfrm/xfrm_sysctl.c                         |    2 +-
 61 files changed, 209 insertions(+), 606 deletions(-)

^ permalink raw reply	[flat|nested] 33+ messages in thread

* [PATCH net-next 01/19] net: Implement register_net_sysctl.
  2012-04-19 23:17 [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Eric W. Biederman
@ 2012-04-19 23:18 ` Eric W. Biederman
  2012-04-20  5:27   ` Pavel Emelyanov
  2012-04-19 23:19 ` [PATCH net-next 02/19] net sysctl: Register an empty /proc/sys/net Eric W. Biederman
                   ` (18 subsequent siblings)
  19 siblings, 1 reply; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-19 23:18 UTC (permalink / raw)
  To: David Miller
  Cc: netdev, Serge E. Hallyn, Gao feng, pablo, Stephen Hemminger,
	Pavel Emelyanov


Right now all of the networking sysctl registrations are running in a
compatibiity mode.  The natvie sysctl registration api takes a cstring
for a path and a simple ctl_table.  Implement register_net_sysctl so
that we can register network sysctls without needing to use
compatiblity code in the sysctl core.

Switching from a ctl_path to a cstring results in less boiler plate
and denser code that is a little easier to read.

I would simply have changed the arguments to register_net_sysctl_table
instead of keeping two functions in parallel but gcc will allow a
ctl_path pointer to be passed to a char * pointer with only issuing a
warning resulting in completely incorrect code can be built.  Since I
have to change the function name I am taking advantage of the situation
to let both register_net_sysctl and register_net_sysctl_table live for a
short time in parallel which makes clean conversion patches a bit easier
to read and write.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
---
 include/net/net_namespace.h |    2 ++
 net/sysctl_net.c            |    7 +++++++
 2 files changed, 9 insertions(+), 0 deletions(-)

diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h
index ee547c1..446245e 100644
--- a/include/net/net_namespace.h
+++ b/include/net/net_namespace.h
@@ -287,6 +287,8 @@ extern struct ctl_table_header *register_net_sysctl_table(struct net *net,
 	const struct ctl_path *path, struct ctl_table *table);
 extern struct ctl_table_header *register_net_sysctl_rotable(
 	const struct ctl_path *path, struct ctl_table *table);
+extern struct ctl_table_header *register_net_sysctl(struct net *net,
+	const char *path, struct ctl_table *table);
 extern void unregister_net_sysctl_table(struct ctl_table_header *header);
 
 #endif /* __NET_NET_NAMESPACE_H */
diff --git a/net/sysctl_net.c b/net/sysctl_net.c
index c3e65ae..3865c4f 100644
--- a/net/sysctl_net.c
+++ b/net/sysctl_net.c
@@ -117,6 +117,13 @@ struct ctl_table_header *register_net_sysctl_rotable(const
 }
 EXPORT_SYMBOL_GPL(register_net_sysctl_rotable);
 
+struct ctl_table_header *register_net_sysctl(struct net *net,
+	const char *path, struct ctl_table *table)
+{
+	return __register_sysctl_table(&net->sysctls, path, table);
+}
+EXPORT_SYMBOL_GPL(register_net_sysctl);
+
 void unregister_net_sysctl_table(struct ctl_table_header *header)
 {
 	unregister_sysctl_table(header);
-- 
1.7.2.5

^ permalink raw reply related	[flat|nested] 33+ messages in thread

* [PATCH net-next 02/19] net sysctl:  Register an empty /proc/sys/net
  2012-04-19 23:17 [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Eric W. Biederman
  2012-04-19 23:18 ` [PATCH net-next 01/19] net: Implement register_net_sysctl Eric W. Biederman
@ 2012-04-19 23:19 ` Eric W. Biederman
  2012-04-19 23:20 ` [PATCH net-next 03/19] net sysctl: Initialize the network sysctls sooner to avoid problems Eric W. Biederman
                   ` (17 subsequent siblings)
  19 siblings, 0 replies; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-19 23:19 UTC (permalink / raw)
  To: David Miller
  Cc: netdev, Serge E. Hallyn, Gao feng, pablo, Stephen Hemminger,
	Pavel Emelyanov


Implementation limitations of the sysctl core won't let /proc/sys/net
reside in a network namespace.  /proc/sys/net at least must be registered
as a normal sysctl.  So register /proc/sys/net early as an empty directory
to guarantee we don't violate this constraint and hit bugs in the sysctl
implementation.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
---
 net/sysctl_net.c |   11 ++++++++++-
 1 files changed, 10 insertions(+), 1 deletions(-)

diff --git a/net/sysctl_net.c b/net/sysctl_net.c
index 3865c4f..2b2986d 100644
--- a/net/sysctl_net.c
+++ b/net/sysctl_net.c
@@ -88,9 +88,18 @@ static struct pernet_operations sysctl_pernet_ops = {
 	.exit = sysctl_net_exit,
 };
 
+static struct ctl_table_header *net_header;
 static __init int net_sysctl_init(void)
 {
-	int ret;
+	static struct ctl_table empty[1];
+	int ret = -ENOMEM;
+	/* Avoid limitations in the sysctl implementation by
+	 * registering "/proc/sys/net" as an empty directory not in a
+	 * network namespace.
+	 */
+	net_header = register_sysctl("net", empty);
+	if (!net_header)
+		goto out;
 	ret = register_pernet_subsys(&sysctl_pernet_ops);
 	if (ret)
 		goto out;
-- 
1.7.2.5

^ permalink raw reply related	[flat|nested] 33+ messages in thread

* [PATCH net-next 03/19] net sysctl: Initialize the network sysctls sooner to avoid problems.
  2012-04-19 23:17 [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Eric W. Biederman
  2012-04-19 23:18 ` [PATCH net-next 01/19] net: Implement register_net_sysctl Eric W. Biederman
  2012-04-19 23:19 ` [PATCH net-next 02/19] net sysctl: Register an empty /proc/sys/net Eric W. Biederman
@ 2012-04-19 23:20 ` Eric W. Biederman
  2012-04-19 23:22 ` [PATCH net-next 04/19] net: Kill register_sysctl_rotable Eric W. Biederman
                   ` (16 subsequent siblings)
  19 siblings, 0 replies; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-19 23:20 UTC (permalink / raw)
  To: David Miller
  Cc: netdev, Serge E. Hallyn, Gao feng, pablo, Stephen Hemminger,
	Pavel Emelyanov


If the netfilter code is modified to use register_net_sysctl_table the
kernel fails to boot because the per net sysctl infrasturce is not setup
soon enough.  So to avoid races call net_sysctl_init from sock_init().

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
---
 include/net/net_namespace.h |    5 +++++
 net/socket.c                |    6 ++++++
 net/sysctl_net.c            |    3 +--
 3 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h
index 446245e..767dcd40 100644
--- a/include/net/net_namespace.h
+++ b/include/net/net_namespace.h
@@ -283,6 +283,11 @@ struct ctl_path;
 struct ctl_table;
 struct ctl_table_header;
 
+#ifdef CONFIG_SYSCTL
+extern int net_sysctl_init(void);
+#else
+static inline int net_sysctl_init(void) { return 0; }
+#endif
 extern struct ctl_table_header *register_net_sysctl_table(struct net *net,
 	const struct ctl_path *path, struct ctl_table *table);
 extern struct ctl_table_header *register_net_sysctl_rotable(
diff --git a/net/socket.c b/net/socket.c
index d6c1af9..e345109 100644
--- a/net/socket.c
+++ b/net/socket.c
@@ -2524,6 +2524,12 @@ EXPORT_SYMBOL(sock_unregister);
 static int __init sock_init(void)
 {
 	int err;
+	/*
+	 *      Initialize the network sysctl infrastructure.
+	 */
+	err = net_sysctl_init();
+	if (err)
+		goto out;
 
 	/*
 	 *      Initialize sock SLAB cache.
diff --git a/net/sysctl_net.c b/net/sysctl_net.c
index 2b2986d..ce97237 100644
--- a/net/sysctl_net.c
+++ b/net/sysctl_net.c
@@ -89,7 +89,7 @@ static struct pernet_operations sysctl_pernet_ops = {
 };
 
 static struct ctl_table_header *net_header;
-static __init int net_sysctl_init(void)
+__init int net_sysctl_init(void)
 {
 	static struct ctl_table empty[1];
 	int ret = -ENOMEM;
@@ -109,7 +109,6 @@ static __init int net_sysctl_init(void)
 out:
 	return ret;
 }
-subsys_initcall(net_sysctl_init);
 
 struct ctl_table_header *register_net_sysctl_table(struct net *net,
 	const struct ctl_path *path, struct ctl_table *table)
-- 
1.7.2.5

^ permalink raw reply related	[flat|nested] 33+ messages in thread

* [PATCH net-next 04/19] net: Kill register_sysctl_rotable
  2012-04-19 23:17 [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Eric W. Biederman
                   ` (2 preceding siblings ...)
  2012-04-19 23:20 ` [PATCH net-next 03/19] net sysctl: Initialize the network sysctls sooner to avoid problems Eric W. Biederman
@ 2012-04-19 23:22 ` Eric W. Biederman
  2012-04-20 13:53   ` Serge E. Hallyn
  2012-04-19 23:24 ` [PATCH net-next 05/19] net: Move all of the network sysctls without a namespace into init_net Eric W. Biederman
                   ` (15 subsequent siblings)
  19 siblings, 1 reply; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-19 23:22 UTC (permalink / raw)
  To: David Miller
  Cc: netdev, Serge E. Hallyn, Gao feng, pablo, Stephen Hemminger,
	Pavel Emelyanov


register_sysctl_rotable never caught on as an interesting way to
register sysctls.  My take on the situation is that what we want are
sysctls that we can only see in the initial network namespace.  What we
have implemented with register_sysctl_rotable are sysctls that we can
see in all of the network namespaces and can only change in the initial
network namespace.

That is a very silly way to go.  Just register the network sysctls
in the initial network namespace and we don't have any weird special
cases to deal with.

The sysctls affected are:
/proc/sys/net/ipv4/ipfrag_secret_interval
/proc/sys/net/ipv4/ipfrag_max_dist
/proc/sys/net/ipv6/ip6frag_secret_interval
/proc/sys/net/ipv6/mld_max_msf

I really don't expect anyone will miss them if they can't read them in a
child user namespace.

CC: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
---
 include/net/net_namespace.h |    2 --
 net/core/sysctl_net_core.c  |    2 +-
 net/ipv4/ip_fragment.c      |    2 +-
 net/ipv6/reassembly.c       |    2 +-
 net/ipv6/sysctl_net_ipv6.c  |    2 +-
 net/sysctl_net.c            |   23 -----------------------
 6 files changed, 4 insertions(+), 29 deletions(-)

diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h
index 767dcd40..6413fcb 100644
--- a/include/net/net_namespace.h
+++ b/include/net/net_namespace.h
@@ -290,8 +290,6 @@ static inline int net_sysctl_init(void) { return 0; }
 #endif
 extern struct ctl_table_header *register_net_sysctl_table(struct net *net,
 	const struct ctl_path *path, struct ctl_table *table);
-extern struct ctl_table_header *register_net_sysctl_rotable(
-	const struct ctl_path *path, struct ctl_table *table);
 extern struct ctl_table_header *register_net_sysctl(struct net *net,
 	const char *path, struct ctl_table *table);
 extern void unregister_net_sysctl_table(struct ctl_table_header *header);
diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c
index cee5991..9504086 100644
--- a/net/core/sysctl_net_core.c
+++ b/net/core/sysctl_net_core.c
@@ -257,7 +257,7 @@ static __init int sysctl_core_init(void)
 	static struct ctl_table empty[1];
 
 	kmemleak_not_leak(register_sysctl_paths(net_core_path, empty));
-	register_net_sysctl_rotable(net_core_path, net_core_table);
+	register_net_sysctl(&init_net, "net/core", net_core_table);
 	return register_pernet_subsys(&sysctl_core_ops);
 }
 
diff --git a/net/ipv4/ip_fragment.c b/net/ipv4/ip_fragment.c
index 3727e23..a746cca 100644
--- a/net/ipv4/ip_fragment.c
+++ b/net/ipv4/ip_fragment.c
@@ -807,7 +807,7 @@ static void __net_exit ip4_frags_ns_ctl_unregister(struct net *net)
 
 static void ip4_frags_ctl_register(void)
 {
-	register_net_sysctl_rotable(net_ipv4_ctl_path, ip4_frags_ctl_table);
+	register_net_sysctl(&init_net, "net/ipv4", ip4_frags_ctl_table);
 }
 #else
 static inline int ip4_frags_ns_ctl_register(struct net *net)
diff --git a/net/ipv6/reassembly.c b/net/ipv6/reassembly.c
index 9447bd6..42f4f7c 100644
--- a/net/ipv6/reassembly.c
+++ b/net/ipv6/reassembly.c
@@ -674,7 +674,7 @@ static struct ctl_table_header *ip6_ctl_header;
 
 static int ip6_frags_sysctl_register(void)
 {
-	ip6_ctl_header = register_net_sysctl_rotable(net_ipv6_ctl_path,
+	ip6_ctl_header = register_net_sysctl(&init_net, "net/ipv6",
 			ip6_frags_ctl_table);
 	return ip6_ctl_header == NULL ? -ENOMEM : 0;
 }
diff --git a/net/ipv6/sysctl_net_ipv6.c b/net/ipv6/sysctl_net_ipv6.c
index 166a57c..06f21e5 100644
--- a/net/ipv6/sysctl_net_ipv6.c
+++ b/net/ipv6/sysctl_net_ipv6.c
@@ -140,7 +140,7 @@ int ipv6_sysctl_register(void)
 {
 	int err = -ENOMEM;
 
-	ip6_header = register_net_sysctl_rotable(net_ipv6_ctl_path, ipv6_rotable);
+	ip6_header = register_net_sysctl(&init_net, "net/ipv6", ipv6_rotable);
 	if (ip6_header == NULL)
 		goto out;
 
diff --git a/net/sysctl_net.c b/net/sysctl_net.c
index ce97237..2b8d1d9 100644
--- a/net/sysctl_net.c
+++ b/net/sysctl_net.c
@@ -59,19 +59,6 @@ static struct ctl_table_root net_sysctl_root = {
 	.permissions = net_ctl_permissions,
 };
 
-static int net_ctl_ro_header_perms(struct ctl_table_root *root,
-		struct nsproxy *namespaces, struct ctl_table *table)
-{
-	if (net_eq(namespaces->net_ns, &init_net))
-		return table->mode;
-	else
-		return table->mode & ~0222;
-}
-
-static struct ctl_table_root net_sysctl_ro_root = {
-	.permissions = net_ctl_ro_header_perms,
-};
-
 static int __net_init sysctl_net_init(struct net *net)
 {
 	setup_sysctl_set(&net->sysctls, &net_sysctl_root, is_seen);
@@ -103,8 +90,6 @@ __init int net_sysctl_init(void)
 	ret = register_pernet_subsys(&sysctl_pernet_ops);
 	if (ret)
 		goto out;
-	setup_sysctl_set(&net_sysctl_ro_root.default_set, &net_sysctl_ro_root, NULL);
-	register_sysctl_root(&net_sysctl_ro_root);
 	register_sysctl_root(&net_sysctl_root);
 out:
 	return ret;
@@ -117,14 +102,6 @@ struct ctl_table_header *register_net_sysctl_table(struct net *net,
 }
 EXPORT_SYMBOL_GPL(register_net_sysctl_table);
 
-struct ctl_table_header *register_net_sysctl_rotable(const
-		struct ctl_path *path, struct ctl_table *table)
-{
-	return __register_sysctl_paths(&net_sysctl_ro_root.default_set,
-					path, table);
-}
-EXPORT_SYMBOL_GPL(register_net_sysctl_rotable);
-
 struct ctl_table_header *register_net_sysctl(struct net *net,
 	const char *path, struct ctl_table *table)
 {
-- 
1.7.2.5

^ permalink raw reply related	[flat|nested] 33+ messages in thread

* [PATCH net-next 05/19] net: Move all of the network sysctls without a namespace into init_net.
  2012-04-19 23:17 [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Eric W. Biederman
                   ` (3 preceding siblings ...)
  2012-04-19 23:22 ` [PATCH net-next 04/19] net: Kill register_sysctl_rotable Eric W. Biederman
@ 2012-04-19 23:24 ` Eric W. Biederman
  2012-04-23  0:38   ` Gao feng
  2012-04-19 23:25 ` [PATCH net-next 06/19] net core: Remove unneded creation of an empty net/core sysctl directory Eric W. Biederman
                   ` (14 subsequent siblings)
  19 siblings, 1 reply; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-19 23:24 UTC (permalink / raw)
  To: David Miller
  Cc: netdev, Serge E. Hallyn, Gao feng, pablo, Stephen Hemminger,
	Pavel Emelyanov


This makes it clearer which sysctls are relative to your current network
namespace.

This makes it a little less error prone by not exposing sysctls for the
initial network namespace in other namespaces.

This is the same way we handle all of our other network interfaces to
userspace and I can't honestly remember why we didn't do this for
sysctls right from the start.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
---
 drivers/infiniband/core/ucma.c          |    4 ++--
 net/802/tr.c                            |    2 +-
 net/appletalk/sysctl_net_atalk.c        |    4 ++--
 net/ax25/sysctl_net_ax25.c              |    4 ++--
 net/bridge/br_netfilter.c               |    4 ++--
 net/core/neighbour.c                    |    2 +-
 net/core/sysctl_net_core.c              |    2 +-
 net/dccp/sysctl.c                       |    4 ++--
 net/decnet/dn_dev.c                     |    4 ++--
 net/decnet/sysctl_net_decnet.c          |    4 ++--
 net/ipv4/netfilter/ip_queue.c           |    6 +++---
 net/ipv4/route.c                        |    2 +-
 net/ipv4/sysctl_net_ipv4.c              |    4 ++--
 net/ipv6/netfilter/ip6_queue.c          |    6 +++---
 net/ipv6/netfilter/nf_conntrack_reasm.c |    4 ++--
 net/ipv6/sysctl_net_ipv6.c              |    2 +-
 net/ipx/sysctl_net_ipx.c                |    5 +++--
 net/irda/irsysctl.c                     |    4 ++--
 net/llc/sysctl_net_llc.c                |    5 +++--
 net/netfilter/nf_conntrack_proto.c      |    4 ++--
 net/netfilter/nf_conntrack_standalone.c |    6 +++---
 net/netfilter/nf_log.c                  |    2 +-
 net/netrom/sysctl_net_netrom.c          |    4 ++--
 net/phonet/sysctl.c                     |    4 ++--
 net/rds/ib_sysctl.c                     |    4 ++--
 net/rds/iw_sysctl.c                     |    4 ++--
 net/rds/sysctl.c                        |    4 ++--
 net/rose/sysctl_net_rose.c              |    4 ++--
 net/sctp/sysctl.c                       |    4 ++--
 net/unix/sysctl_net_unix.c              |    2 +-
 net/x25/sysctl_net_x25.c                |    4 ++--
 31 files changed, 60 insertions(+), 58 deletions(-)

diff --git a/drivers/infiniband/core/ucma.c b/drivers/infiniband/core/ucma.c
index 5861cdb..9f3e2be 100644
--- a/drivers/infiniband/core/ucma.c
+++ b/drivers/infiniband/core/ucma.c
@@ -1392,7 +1392,7 @@ static int __init ucma_init(void)
 		goto err1;
 	}
 
-	ucma_ctl_table_hdr = register_sysctl_paths(ucma_ctl_path, ucma_ctl_table);
+	ucma_ctl_table_hdr = register_net_sysctl_table(&init_net, ucma_ctl_path, ucma_ctl_table);
 	if (!ucma_ctl_table_hdr) {
 		printk(KERN_ERR "rdma_ucm: couldn't register sysctl paths\n");
 		ret = -ENOMEM;
@@ -1408,7 +1408,7 @@ err1:
 
 static void __exit ucma_cleanup(void)
 {
-	unregister_sysctl_table(ucma_ctl_table_hdr);
+	unregister_net_sysctl_table(ucma_ctl_table_hdr);
 	device_remove_file(ucma_misc.this_device, &dev_attr_abi_version);
 	misc_deregister(&ucma_misc);
 	idr_destroy(&ctx_idr);
diff --git a/net/802/tr.c b/net/802/tr.c
index e65f0b8..103e020 100644
--- a/net/802/tr.c
+++ b/net/802/tr.c
@@ -662,7 +662,7 @@ static int __init rif_init(void)
 	setup_timer(&rif_timer, rif_check_expire, 0);
 	add_timer(&rif_timer);
 #ifdef CONFIG_SYSCTL
-	register_sysctl_paths(tr_path, tr_table);
+	register_net_sysctl_table(&init_net, tr_path, tr_table);
 #endif
 	proc_net_fops_create(&init_net, "tr_rif", S_IRUGO, &rif_seq_fops);
 	return 0;
diff --git a/net/appletalk/sysctl_net_atalk.c b/net/appletalk/sysctl_net_atalk.c
index 04e9c0d..5edce8f 100644
--- a/net/appletalk/sysctl_net_atalk.c
+++ b/net/appletalk/sysctl_net_atalk.c
@@ -52,10 +52,10 @@ static struct ctl_table_header *atalk_table_header;
 
 void atalk_register_sysctl(void)
 {
-	atalk_table_header = register_sysctl_paths(atalk_path, atalk_table);
+	atalk_table_header = register_net_sysctl_table(&init_net, atalk_path, atalk_table);
 }
 
 void atalk_unregister_sysctl(void)
 {
-	unregister_sysctl_table(atalk_table_header);
+	unregister_net_sysctl_table(atalk_table_header);
 }
diff --git a/net/ax25/sysctl_net_ax25.c b/net/ax25/sysctl_net_ax25.c
index ebe0ef3..7ba381b 100644
--- a/net/ax25/sysctl_net_ax25.c
+++ b/net/ax25/sysctl_net_ax25.c
@@ -196,13 +196,13 @@ void ax25_register_sysctl(void)
 	}
 	spin_unlock_bh(&ax25_dev_lock);
 
-	ax25_table_header = register_sysctl_paths(ax25_path, ax25_table);
+	ax25_table_header = register_net_sysctl_table(&init_net, ax25_path, ax25_table);
 }
 
 void ax25_unregister_sysctl(void)
 {
 	ctl_table *p;
-	unregister_sysctl_table(ax25_table_header);
+	unregister_net_sysctl_table(ax25_table_header);
 
 	for (p = ax25_table; p->procname; p++)
 		kfree(p->child);
diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c
index dec4f38..4f4c4a6 100644
--- a/net/bridge/br_netfilter.c
+++ b/net/bridge/br_netfilter.c
@@ -1030,7 +1030,7 @@ int __init br_netfilter_init(void)
 		return ret;
 	}
 #ifdef CONFIG_SYSCTL
-	brnf_sysctl_header = register_sysctl_paths(brnf_path, brnf_table);
+	brnf_sysctl_header = register_net_sysctl_table(&init_net, brnf_path, brnf_table);
 	if (brnf_sysctl_header == NULL) {
 		printk(KERN_WARNING
 		       "br_netfilter: can't register to sysctl.\n");
@@ -1047,7 +1047,7 @@ void br_netfilter_fini(void)
 {
 	nf_unregister_hooks(br_nf_ops, ARRAY_SIZE(br_nf_ops));
 #ifdef CONFIG_SYSCTL
-	unregister_sysctl_table(brnf_sysctl_header);
+	unregister_net_sysctl_table(brnf_sysctl_header);
 #endif
 	dst_entries_destroy(&fake_dst_ops);
 }
diff --git a/net/core/neighbour.c b/net/core/neighbour.c
index 434eed8..0c2df3d 100644
--- a/net/core/neighbour.c
+++ b/net/core/neighbour.c
@@ -3017,7 +3017,7 @@ void neigh_sysctl_unregister(struct neigh_parms *p)
 	if (p->sysctl_table) {
 		struct neigh_sysctl_table *t = p->sysctl_table;
 		p->sysctl_table = NULL;
-		unregister_sysctl_table(t->sysctl_header);
+		unregister_net_sysctl_table(t->sysctl_header);
 		kfree(t->dev_name);
 		kfree(t);
 	}
diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c
index 9504086..dfe2885 100644
--- a/net/core/sysctl_net_core.c
+++ b/net/core/sysctl_net_core.c
@@ -256,7 +256,7 @@ static __init int sysctl_core_init(void)
 {
 	static struct ctl_table empty[1];
 
-	kmemleak_not_leak(register_sysctl_paths(net_core_path, empty));
+	kmemleak_not_leak(register_net_sysctl_table(&init_net, net_core_path, empty));
 	register_net_sysctl(&init_net, "net/core", net_core_table);
 	return register_pernet_subsys(&sysctl_core_ops);
 }
diff --git a/net/dccp/sysctl.c b/net/dccp/sysctl.c
index 4234882..329e139 100644
--- a/net/dccp/sysctl.c
+++ b/net/dccp/sysctl.c
@@ -109,7 +109,7 @@ static struct ctl_table_header *dccp_table_header;
 
 int __init dccp_sysctl_init(void)
 {
-	dccp_table_header = register_sysctl_paths(dccp_path,
+	dccp_table_header = register_net_sysctl_table(&init_net, dccp_path,
 			dccp_default_table);
 
 	return dccp_table_header != NULL ? 0 : -ENOMEM;
@@ -118,7 +118,7 @@ int __init dccp_sysctl_init(void)
 void dccp_sysctl_exit(void)
 {
 	if (dccp_table_header != NULL) {
-		unregister_sysctl_table(dccp_table_header);
+		unregister_net_sysctl_table(dccp_table_header);
 		dccp_table_header = NULL;
 	}
 }
diff --git a/net/decnet/dn_dev.c b/net/decnet/dn_dev.c
index a4aecb0..ce8a184 100644
--- a/net/decnet/dn_dev.c
+++ b/net/decnet/dn_dev.c
@@ -236,7 +236,7 @@ static void dn_dev_sysctl_register(struct net_device *dev, struct dn_dev_parms *
 
 	t->dn_dev_vars[0].extra1 = (void *)dev;
 
-	t->sysctl_header = register_sysctl_paths(dn_ctl_path, t->dn_dev_vars);
+	t->sysctl_header = register_net_sysctl_table(&init_net, dn_ctl_path, t->dn_dev_vars);
 	if (t->sysctl_header == NULL)
 		kfree(t);
 	else
@@ -248,7 +248,7 @@ static void dn_dev_sysctl_unregister(struct dn_dev_parms *parms)
 	if (parms->sysctl) {
 		struct dn_dev_sysctl_table *t = parms->sysctl;
 		parms->sysctl = NULL;
-		unregister_sysctl_table(t->sysctl_header);
+		unregister_net_sysctl_table(t->sysctl_header);
 		kfree(t);
 	}
 }
diff --git a/net/decnet/sysctl_net_decnet.c b/net/decnet/sysctl_net_decnet.c
index 02e75d1..4380b8e 100644
--- a/net/decnet/sysctl_net_decnet.c
+++ b/net/decnet/sysctl_net_decnet.c
@@ -359,12 +359,12 @@ static struct ctl_path dn_path[] = {
 
 void dn_register_sysctl(void)
 {
-	dn_table_header = register_sysctl_paths(dn_path, dn_table);
+	dn_table_header = register_net_sysctl_table(&init_net, dn_path, dn_table);
 }
 
 void dn_unregister_sysctl(void)
 {
-	unregister_sysctl_table(dn_table_header);
+	unregister_net_sysctl_table(dn_table_header);
 }
 
 #else  /* CONFIG_SYSCTL */
diff --git a/net/ipv4/netfilter/ip_queue.c b/net/ipv4/netfilter/ip_queue.c
index 94d45e1..766485d 100644
--- a/net/ipv4/netfilter/ip_queue.c
+++ b/net/ipv4/netfilter/ip_queue.c
@@ -586,7 +586,7 @@ static int __init ip_queue_init(void)
 #endif
 	register_netdevice_notifier(&ipq_dev_notifier);
 #ifdef CONFIG_SYSCTL
-	ipq_sysctl_header = register_sysctl_paths(net_ipv4_ctl_path, ipq_table);
+	ipq_sysctl_header = register_net_sysctl_table(&init_net, net_ipv4_ctl_path, ipq_table);
 #endif
 	status = nf_register_queue_handler(NFPROTO_IPV4, &nfqh);
 	if (status < 0) {
@@ -597,7 +597,7 @@ static int __init ip_queue_init(void)
 
 cleanup_sysctl:
 #ifdef CONFIG_SYSCTL
-	unregister_sysctl_table(ipq_sysctl_header);
+	unregister_net_sysctl_table(ipq_sysctl_header);
 #endif
 	unregister_netdevice_notifier(&ipq_dev_notifier);
 	proc_net_remove(&init_net, IPQ_PROC_FS_NAME);
@@ -618,7 +618,7 @@ static void __exit ip_queue_fini(void)
 	ipq_flush(NULL, 0);
 
 #ifdef CONFIG_SYSCTL
-	unregister_sysctl_table(ipq_sysctl_header);
+	unregister_net_sysctl_table(ipq_sysctl_header);
 #endif
 	unregister_netdevice_notifier(&ipq_dev_notifier);
 	proc_net_remove(&init_net, IPQ_PROC_FS_NAME);
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index bcd4744..f9c474e 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -3514,6 +3514,6 @@ int __init ip_rt_init(void)
  */
 void __init ip_static_sysctl_init(void)
 {
-	kmemleak_not_leak(register_sysctl_paths(ipv4_path, ipv4_skeleton));
+	kmemleak_not_leak(register_net_sysctl_table(&init_net, ipv4_path, ipv4_skeleton));
 }
 #endif
diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c
index 34a6286..e7a6fa3 100644
--- a/net/ipv4/sysctl_net_ipv4.c
+++ b/net/ipv4/sysctl_net_ipv4.c
@@ -857,12 +857,12 @@ static __init int sysctl_ipv4_init(void)
 	if (!i->procname)
 		return -EINVAL;
 
-	hdr = register_sysctl_paths(net_ipv4_ctl_path, ipv4_table);
+	hdr = register_net_sysctl_table(&init_net, net_ipv4_ctl_path, ipv4_table);
 	if (hdr == NULL)
 		return -ENOMEM;
 
 	if (register_pernet_subsys(&ipv4_sysctl_ops)) {
-		unregister_sysctl_table(hdr);
+		unregister_net_sysctl_table(hdr);
 		return -ENOMEM;
 	}
 
diff --git a/net/ipv6/netfilter/ip6_queue.c b/net/ipv6/netfilter/ip6_queue.c
index a34c9e4..6785f50 100644
--- a/net/ipv6/netfilter/ip6_queue.c
+++ b/net/ipv6/netfilter/ip6_queue.c
@@ -588,7 +588,7 @@ static int __init ip6_queue_init(void)
 #endif
 	register_netdevice_notifier(&ipq_dev_notifier);
 #ifdef CONFIG_SYSCTL
-	ipq_sysctl_header = register_sysctl_paths(net_ipv6_ctl_path, ipq_table);
+	ipq_sysctl_header = register_net_sysctl_table(&init_net, net_ipv6_ctl_path, ipq_table);
 #endif
 	status = nf_register_queue_handler(NFPROTO_IPV6, &nfqh);
 	if (status < 0) {
@@ -599,7 +599,7 @@ static int __init ip6_queue_init(void)
 
 cleanup_sysctl:
 #ifdef CONFIG_SYSCTL
-	unregister_sysctl_table(ipq_sysctl_header);
+	unregister_net_sysctl_table(ipq_sysctl_header);
 #endif
 	unregister_netdevice_notifier(&ipq_dev_notifier);
 	proc_net_remove(&init_net, IPQ_PROC_FS_NAME);
@@ -621,7 +621,7 @@ static void __exit ip6_queue_fini(void)
 	ipq_flush(NULL, 0);
 
 #ifdef CONFIG_SYSCTL
-	unregister_sysctl_table(ipq_sysctl_header);
+	unregister_net_sysctl_table(ipq_sysctl_header);
 #endif
 	unregister_netdevice_notifier(&ipq_dev_notifier);
 	proc_net_remove(&init_net, IPQ_PROC_FS_NAME);
diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c
index 38f00b0..7548144 100644
--- a/net/ipv6/netfilter/nf_conntrack_reasm.c
+++ b/net/ipv6/netfilter/nf_conntrack_reasm.c
@@ -626,7 +626,7 @@ int nf_ct_frag6_init(void)
 	inet_frags_init(&nf_frags);
 
 #ifdef CONFIG_SYSCTL
-	nf_ct_frag6_sysctl_header = register_sysctl_paths(nf_net_netfilter_sysctl_path,
+	nf_ct_frag6_sysctl_header = register_net_sysctl_table(&init_net, nf_net_netfilter_sysctl_path,
 							  nf_ct_frag6_sysctl_table);
 	if (!nf_ct_frag6_sysctl_header) {
 		inet_frags_fini(&nf_frags);
@@ -640,7 +640,7 @@ int nf_ct_frag6_init(void)
 void nf_ct_frag6_cleanup(void)
 {
 #ifdef CONFIG_SYSCTL
-	unregister_sysctl_table(nf_ct_frag6_sysctl_header);
+	unregister_net_sysctl_table(nf_ct_frag6_sysctl_header);
 	nf_ct_frag6_sysctl_header = NULL;
 #endif
 	inet_frags_fini(&nf_frags);
diff --git a/net/ipv6/sysctl_net_ipv6.c b/net/ipv6/sysctl_net_ipv6.c
index 06f21e5..99279c8 100644
--- a/net/ipv6/sysctl_net_ipv6.c
+++ b/net/ipv6/sysctl_net_ipv6.c
@@ -165,7 +165,7 @@ static struct ctl_table_header *ip6_base;
 
 int ipv6_static_sysctl_register(void)
 {
-	ip6_base = register_sysctl_paths(net_ipv6_ctl_path, ipv6_static_skeleton);
+	ip6_base = register_net_sysctl_table(&init_net, net_ipv6_ctl_path, ipv6_static_skeleton);
 	if (ip6_base == NULL)
 		return -ENOMEM;
 	return 0;
diff --git a/net/ipx/sysctl_net_ipx.c b/net/ipx/sysctl_net_ipx.c
index bd6dca0..0358807 100644
--- a/net/ipx/sysctl_net_ipx.c
+++ b/net/ipx/sysctl_net_ipx.c
@@ -8,6 +8,7 @@
 
 #include <linux/mm.h>
 #include <linux/sysctl.h>
+#include <net/net_namespace.h>
 
 #ifndef CONFIG_SYSCTL
 #error This file should not be compiled without CONFIG_SYSCTL defined
@@ -37,10 +38,10 @@ static struct ctl_table_header *ipx_table_header;
 
 void ipx_register_sysctl(void)
 {
-	ipx_table_header = register_sysctl_paths(ipx_path, ipx_table);
+	ipx_table_header = register_net_sysctl_table(&init_net, ipx_path, ipx_table);
 }
 
 void ipx_unregister_sysctl(void)
 {
-	unregister_sysctl_table(ipx_table_header);
+	unregister_net_sysctl_table(ipx_table_header);
 }
diff --git a/net/irda/irsysctl.c b/net/irda/irsysctl.c
index 2615ffc..20ced38 100644
--- a/net/irda/irsysctl.c
+++ b/net/irda/irsysctl.c
@@ -251,7 +251,7 @@ static struct ctl_table_header *irda_table_header;
  */
 int __init irda_sysctl_register(void)
 {
-	irda_table_header = register_sysctl_paths(irda_path, irda_table);
+	irda_table_header = register_net_sysctl_table(&init_net, irda_path, irda_table);
 	if (!irda_table_header)
 		return -ENOMEM;
 
@@ -266,7 +266,7 @@ int __init irda_sysctl_register(void)
  */
 void irda_sysctl_unregister(void)
 {
-	unregister_sysctl_table(irda_table_header);
+	unregister_net_sysctl_table(irda_table_header);
 }
 
 
diff --git a/net/llc/sysctl_net_llc.c b/net/llc/sysctl_net_llc.c
index e2ebe35..9a6a65f 100644
--- a/net/llc/sysctl_net_llc.c
+++ b/net/llc/sysctl_net_llc.c
@@ -7,6 +7,7 @@
 #include <linux/mm.h>
 #include <linux/init.h>
 #include <linux/sysctl.h>
+#include <net/net_namespace.h>
 #include <net/llc.h>
 
 #ifndef CONFIG_SYSCTL
@@ -89,7 +90,7 @@ static struct ctl_table_header *llc_table_header;
 
 int __init llc_sysctl_init(void)
 {
-	llc_table_header = register_sysctl_paths(llc_path, llc_table);
+	llc_table_header = register_net_sysctl_table(&init_net, llc_path, llc_table);
 
 	return llc_table_header ? 0 : -ENOMEM;
 }
@@ -97,7 +98,7 @@ int __init llc_sysctl_init(void)
 void llc_sysctl_exit(void)
 {
 	if (llc_table_header) {
-		unregister_sysctl_table(llc_table_header);
+		unregister_net_sysctl_table(llc_table_header);
 		llc_table_header = NULL;
 	}
 }
diff --git a/net/netfilter/nf_conntrack_proto.c b/net/netfilter/nf_conntrack_proto.c
index be3da2c..bbc753f 100644
--- a/net/netfilter/nf_conntrack_proto.c
+++ b/net/netfilter/nf_conntrack_proto.c
@@ -40,7 +40,7 @@ nf_ct_register_sysctl(struct ctl_table_header **header, struct ctl_path *path,
 		      struct ctl_table *table, unsigned int *users)
 {
 	if (*header == NULL) {
-		*header = register_sysctl_paths(path, table);
+		*header = register_net_sysctl_table(&init_net, path, table);
 		if (*header == NULL)
 			return -ENOMEM;
 	}
@@ -56,7 +56,7 @@ nf_ct_unregister_sysctl(struct ctl_table_header **header,
 	if (users != NULL && --*users > 0)
 		return;
 
-	unregister_sysctl_table(*header);
+	unregister_net_sysctl_table(*header);
 	*header = NULL;
 }
 #endif
diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c
index 885f5ab..0c3888d 100644
--- a/net/netfilter/nf_conntrack_standalone.c
+++ b/net/netfilter/nf_conntrack_standalone.c
@@ -479,7 +479,7 @@ static int nf_conntrack_standalone_init_sysctl(struct net *net)
 
 	if (net_eq(net, &init_net)) {
 		nf_ct_netfilter_header =
-		       register_sysctl_paths(nf_ct_path, nf_ct_netfilter_table);
+		       register_net_sysctl_table(&init_net, nf_ct_path, nf_ct_netfilter_table);
 		if (!nf_ct_netfilter_header)
 			goto out;
 	}
@@ -505,7 +505,7 @@ out_unregister_netfilter:
 	kfree(table);
 out_kmemdup:
 	if (net_eq(net, &init_net))
-		unregister_sysctl_table(nf_ct_netfilter_header);
+		unregister_net_sysctl_table(nf_ct_netfilter_header);
 out:
 	printk(KERN_ERR "nf_conntrack: can't register to sysctl.\n");
 	return -ENOMEM;
@@ -516,7 +516,7 @@ static void nf_conntrack_standalone_fini_sysctl(struct net *net)
 	struct ctl_table *table;
 
 	if (net_eq(net, &init_net))
-		unregister_sysctl_table(nf_ct_netfilter_header);
+		unregister_net_sysctl_table(nf_ct_netfilter_header);
 	table = net->ct.sysctl_header->ctl_table_arg;
 	unregister_net_sysctl_table(net->ct.sysctl_header);
 	kfree(table);
diff --git a/net/netfilter/nf_log.c b/net/netfilter/nf_log.c
index 957374a..04fca48 100644
--- a/net/netfilter/nf_log.c
+++ b/net/netfilter/nf_log.c
@@ -283,7 +283,7 @@ static __init int netfilter_log_sysctl_init(void)
 		nf_log_sysctl_table[i].extra1 = (void *)(unsigned long) i;
 	}
 
-	nf_log_dir_header = register_sysctl_paths(nf_log_sysctl_path,
+	nf_log_dir_header = register_net_sysctl_table(&init_net, nf_log_sysctl_path,
 				       nf_log_sysctl_table);
 	if (!nf_log_dir_header)
 		return -ENOMEM;
diff --git a/net/netrom/sysctl_net_netrom.c b/net/netrom/sysctl_net_netrom.c
index 1e0fa9e5..4ed149e 100644
--- a/net/netrom/sysctl_net_netrom.c
+++ b/net/netrom/sysctl_net_netrom.c
@@ -154,10 +154,10 @@ static struct ctl_path nr_path[] = {
 
 void __init nr_register_sysctl(void)
 {
-	nr_table_header = register_sysctl_paths(nr_path, nr_table);
+	nr_table_header = register_net_sysctl_table(&init_net, nr_path, nr_table);
 }
 
 void nr_unregister_sysctl(void)
 {
-	unregister_sysctl_table(nr_table_header);
+	unregister_net_sysctl_table(nr_table_header);
 }
diff --git a/net/phonet/sysctl.c b/net/phonet/sysctl.c
index 8bed767..aa55db5 100644
--- a/net/phonet/sysctl.c
+++ b/net/phonet/sysctl.c
@@ -106,11 +106,11 @@ static struct ctl_path phonet_ctl_path[] = {
 
 int __init phonet_sysctl_init(void)
 {
-	phonet_table_hrd = register_sysctl_paths(phonet_ctl_path, phonet_table);
+	phonet_table_hrd = register_net_sysctl_table(&init_net, phonet_ctl_path, phonet_table);
 	return phonet_table_hrd == NULL ? -ENOMEM : 0;
 }
 
 void phonet_sysctl_exit(void)
 {
-	unregister_sysctl_table(phonet_table_hrd);
+	unregister_net_sysctl_table(phonet_table_hrd);
 }
diff --git a/net/rds/ib_sysctl.c b/net/rds/ib_sysctl.c
index 1253b00..0fef3e1 100644
--- a/net/rds/ib_sysctl.c
+++ b/net/rds/ib_sysctl.c
@@ -116,12 +116,12 @@ static struct ctl_path rds_ib_sysctl_path[] = {
 void rds_ib_sysctl_exit(void)
 {
 	if (rds_ib_sysctl_hdr)
-		unregister_sysctl_table(rds_ib_sysctl_hdr);
+		unregister_net_sysctl_table(rds_ib_sysctl_hdr);
 }
 
 int rds_ib_sysctl_init(void)
 {
-	rds_ib_sysctl_hdr = register_sysctl_paths(rds_ib_sysctl_path, rds_ib_sysctl_table);
+	rds_ib_sysctl_hdr = register_net_sysctl_table(&init_net, rds_ib_sysctl_path, rds_ib_sysctl_table);
 	if (!rds_ib_sysctl_hdr)
 		return -ENOMEM;
 	return 0;
diff --git a/net/rds/iw_sysctl.c b/net/rds/iw_sysctl.c
index e2e4717..bcfe36d 100644
--- a/net/rds/iw_sysctl.c
+++ b/net/rds/iw_sysctl.c
@@ -119,12 +119,12 @@ static struct ctl_path rds_iw_sysctl_path[] = {
 void rds_iw_sysctl_exit(void)
 {
 	if (rds_iw_sysctl_hdr)
-		unregister_sysctl_table(rds_iw_sysctl_hdr);
+		unregister_net_sysctl_table(rds_iw_sysctl_hdr);
 }
 
 int rds_iw_sysctl_init(void)
 {
-	rds_iw_sysctl_hdr = register_sysctl_paths(rds_iw_sysctl_path, rds_iw_sysctl_table);
+	rds_iw_sysctl_hdr = register_net_sysctl_table(&init_net, rds_iw_sysctl_path, rds_iw_sysctl_table);
 	if (!rds_iw_sysctl_hdr)
 		return -ENOMEM;
 	return 0;
diff --git a/net/rds/sysctl.c b/net/rds/sysctl.c
index 25ad0c7..30354b8 100644
--- a/net/rds/sysctl.c
+++ b/net/rds/sysctl.c
@@ -102,7 +102,7 @@ static struct ctl_path rds_sysctl_path[] = {
 void rds_sysctl_exit(void)
 {
 	if (rds_sysctl_reg_table)
-		unregister_sysctl_table(rds_sysctl_reg_table);
+		unregister_net_sysctl_table(rds_sysctl_reg_table);
 }
 
 int rds_sysctl_init(void)
@@ -110,7 +110,7 @@ int rds_sysctl_init(void)
 	rds_sysctl_reconnect_min = msecs_to_jiffies(1);
 	rds_sysctl_reconnect_min_jiffies = rds_sysctl_reconnect_min;
 
-	rds_sysctl_reg_table = register_sysctl_paths(rds_sysctl_path, rds_sysctl_rds_table);
+	rds_sysctl_reg_table = register_net_sysctl_table(&init_net, rds_sysctl_path, rds_sysctl_rds_table);
 	if (!rds_sysctl_reg_table)
 		return -ENOMEM;
 	return 0;
diff --git a/net/rose/sysctl_net_rose.c b/net/rose/sysctl_net_rose.c
index df6d9da..02b7397 100644
--- a/net/rose/sysctl_net_rose.c
+++ b/net/rose/sysctl_net_rose.c
@@ -126,10 +126,10 @@ static struct ctl_path rose_path[] = {
 
 void __init rose_register_sysctl(void)
 {
-	rose_table_header = register_sysctl_paths(rose_path, rose_table);
+	rose_table_header = register_net_sysctl_table(&init_net, rose_path, rose_table);
 }
 
 void rose_unregister_sysctl(void)
 {
-	unregister_sysctl_table(rose_table_header);
+	unregister_net_sysctl_table(rose_table_header);
 }
diff --git a/net/sctp/sysctl.c b/net/sctp/sysctl.c
index 60ffbd0..1e385b4 100644
--- a/net/sctp/sysctl.c
+++ b/net/sctp/sysctl.c
@@ -286,11 +286,11 @@ static struct ctl_table_header * sctp_sysctl_header;
 /* Sysctl registration.  */
 void sctp_sysctl_register(void)
 {
-	sctp_sysctl_header = register_sysctl_paths(sctp_path, sctp_table);
+	sctp_sysctl_header = register_net_sysctl_table(&init_net, sctp_path, sctp_table);
 }
 
 /* Sysctl deregistration.  */
 void sctp_sysctl_unregister(void)
 {
-	unregister_sysctl_table(sctp_sysctl_header);
+	unregister_net_sysctl_table(sctp_sysctl_header);
 }
diff --git a/net/unix/sysctl_net_unix.c b/net/unix/sysctl_net_unix.c
index 397cffe..4f6979c 100644
--- a/net/unix/sysctl_net_unix.c
+++ b/net/unix/sysctl_net_unix.c
@@ -58,6 +58,6 @@ void unix_sysctl_unregister(struct net *net)
 	struct ctl_table *table;
 
 	table = net->unx.ctl->ctl_table_arg;
-	unregister_sysctl_table(net->unx.ctl);
+	unregister_net_sysctl_table(net->unx.ctl);
 	kfree(table);
 }
diff --git a/net/x25/sysctl_net_x25.c b/net/x25/sysctl_net_x25.c
index d2efd29..08337cb 100644
--- a/net/x25/sysctl_net_x25.c
+++ b/net/x25/sysctl_net_x25.c
@@ -81,10 +81,10 @@ static struct ctl_path x25_path[] = {
 
 void __init x25_register_sysctl(void)
 {
-	x25_table_header = register_sysctl_paths(x25_path, x25_table);
+	x25_table_header = register_net_sysctl_table(&init_net, x25_path, x25_table);
 }
 
 void x25_unregister_sysctl(void)
 {
-	unregister_sysctl_table(x25_table_header);
+	unregister_net_sysctl_table(x25_table_header);
 }
-- 
1.7.2.5

^ permalink raw reply related	[flat|nested] 33+ messages in thread

* [PATCH net-next 06/19] net core: Remove unneded creation of an empty  net/core sysctl directory
  2012-04-19 23:17 [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Eric W. Biederman
                   ` (4 preceding siblings ...)
  2012-04-19 23:24 ` [PATCH net-next 05/19] net: Move all of the network sysctls without a namespace into init_net Eric W. Biederman
@ 2012-04-19 23:25 ` Eric W. Biederman
  2012-04-19 23:26 ` [PATCH net-next 07/19] net ipv6: Remove unneded registration of an empty net/ipv6/neigh Eric W. Biederman
                   ` (13 subsequent siblings)
  19 siblings, 0 replies; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-19 23:25 UTC (permalink / raw)
  To: David Miller
  Cc: netdev, Serge E. Hallyn, Gao feng, pablo, Stephen Hemminger,
	Pavel Emelyanov


On the next line we register the net_core_table in net/core which
creates the directory and ensures it exists.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
---
 net/core/sysctl_net_core.c |    3 ---
 1 files changed, 0 insertions(+), 3 deletions(-)

diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c
index dfe2885..4a9472d 100644
--- a/net/core/sysctl_net_core.c
+++ b/net/core/sysctl_net_core.c
@@ -254,9 +254,6 @@ static __net_initdata struct pernet_operations sysctl_core_ops = {
 
 static __init int sysctl_core_init(void)
 {
-	static struct ctl_table empty[1];
-
-	kmemleak_not_leak(register_net_sysctl_table(&init_net, net_core_path, empty));
 	register_net_sysctl(&init_net, "net/core", net_core_table);
 	return register_pernet_subsys(&sysctl_core_ops);
 }
-- 
1.7.2.5

^ permalink raw reply related	[flat|nested] 33+ messages in thread

* [PATCH net-next 07/19] net ipv6: Remove unneded registration of an empty net/ipv6/neigh
  2012-04-19 23:17 [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Eric W. Biederman
                   ` (5 preceding siblings ...)
  2012-04-19 23:25 ` [PATCH net-next 06/19] net core: Remove unneded creation of an empty net/core sysctl directory Eric W. Biederman
@ 2012-04-19 23:26 ` Eric W. Biederman
  2012-04-19 23:32 ` [PATCH net-next 08/19] net ipv4: Remove the unneeded registration of an empty net/ipv4/neigh Eric W. Biederman
                   ` (12 subsequent siblings)
  19 siblings, 0 replies; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-19 23:26 UTC (permalink / raw)
  To: David Miller
  Cc: netdev, Serge E. Hallyn, Gao feng, pablo, Stephen Hemminger,
	Pavel Emelyanov


sysctl no longer requires explicit creation of directories.  The neigh
directory is always populated with at least a default entry so this
should cause no user visible changes.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
---
 net/ipv6/af_inet6.c        |   15 ---------------
 net/ipv6/sysctl_net_ipv6.c |   27 ---------------------------
 2 files changed, 0 insertions(+), 42 deletions(-)

diff --git a/net/ipv6/af_inet6.c b/net/ipv6/af_inet6.c
index 8ed1b93..461e789 100644
--- a/net/ipv6/af_inet6.c
+++ b/net/ipv6/af_inet6.c
@@ -1111,11 +1111,6 @@ static int __init inet6_init(void)
 	if (err)
 		goto out_sock_register_fail;
 
-#ifdef CONFIG_SYSCTL
-	err = ipv6_static_sysctl_register();
-	if (err)
-		goto static_sysctl_fail;
-#endif
 	tcpv6_prot.sysctl_mem = init_net.ipv4.sysctl_tcp_mem;
 
 	/*
@@ -1242,10 +1237,6 @@ ipmr_fail:
 icmp_fail:
 	unregister_pernet_subsys(&inet6_net_ops);
 register_pernet_fail:
-#ifdef CONFIG_SYSCTL
-	ipv6_static_sysctl_unregister();
-static_sysctl_fail:
-#endif
 	sock_unregister(PF_INET6);
 	rtnl_unregister_all(PF_INET6);
 out_sock_register_fail:
@@ -1272,9 +1263,6 @@ static void __exit inet6_exit(void)
 	/* Disallow any further netlink messages */
 	rtnl_unregister_all(PF_INET6);
 
-#ifdef CONFIG_SYSCTL
-	ipv6_sysctl_unregister();
-#endif
 	udpv6_exit();
 	udplitev6_exit();
 	tcpv6_exit();
@@ -1302,9 +1290,6 @@ static void __exit inet6_exit(void)
 	rawv6_exit();
 
 	unregister_pernet_subsys(&inet6_net_ops);
-#ifdef CONFIG_SYSCTL
-	ipv6_static_sysctl_unregister();
-#endif
 	proto_unregister(&rawv6_prot);
 	proto_unregister(&udplitev6_prot);
 	proto_unregister(&udpv6_prot);
diff --git a/net/ipv6/sysctl_net_ipv6.c b/net/ipv6/sysctl_net_ipv6.c
index 99279c8..cf1e96a 100644
--- a/net/ipv6/sysctl_net_ipv6.c
+++ b/net/ipv6/sysctl_net_ipv6.c
@@ -16,18 +16,6 @@
 #include <net/addrconf.h>
 #include <net/inet_frag.h>
 
-static struct ctl_table empty[1];
-
-static ctl_table ipv6_static_skeleton[] = {
-	{
-		.procname	= "neigh",
-		.maxlen		= 0,
-		.mode		= 0555,
-		.child		= empty,
-	},
-	{ }
-};
-
 static ctl_table ipv6_table_template[] = {
 	{
 		.procname	= "route",
@@ -160,18 +148,3 @@ void ipv6_sysctl_unregister(void)
 	unregister_net_sysctl_table(ip6_header);
 	unregister_pernet_subsys(&ipv6_sysctl_net_ops);
 }
-
-static struct ctl_table_header *ip6_base;
-
-int ipv6_static_sysctl_register(void)
-{
-	ip6_base = register_net_sysctl_table(&init_net, net_ipv6_ctl_path, ipv6_static_skeleton);
-	if (ip6_base == NULL)
-		return -ENOMEM;
-	return 0;
-}
-
-void ipv6_static_sysctl_unregister(void)
-{
-	unregister_net_sysctl_table(ip6_base);
-}
-- 
1.7.2.5

^ permalink raw reply related	[flat|nested] 33+ messages in thread

* [PATCH net-next 08/19] net ipv4: Remove the unneeded registration of an empty net/ipv4/neigh
  2012-04-19 23:17 [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Eric W. Biederman
                   ` (6 preceding siblings ...)
  2012-04-19 23:26 ` [PATCH net-next 07/19] net ipv6: Remove unneded registration of an empty net/ipv6/neigh Eric W. Biederman
@ 2012-04-19 23:32 ` Eric W. Biederman
  2012-04-19 23:34 ` [PATCH net-next 09/19] net ax25: Simplify and cleanup the ax25 sysctl handling Eric W. Biederman
                   ` (11 subsequent siblings)
  19 siblings, 0 replies; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-19 23:32 UTC (permalink / raw)
  To: David Miller
  Cc: netdev, Serge E. Hallyn, Gao feng, pablo, Stephen Hemminger,
	Pavel Emelyanov


sysctl no longer requires explicit creation of directories.  The neigh
directory is always populated with at least a default entry so this
won't cause any user visible changes.

Delete the ipv4_path and the ipv4_skeleton these are no longer needed.

Directly register the ipv4_route_table.

And since I am an idiot remove the header definitions that I should
have removed in the previous patch.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
---
 include/net/ipv6.h |    2 --
 net/ipv4/route.c   |   19 +------------------
 2 files changed, 1 insertions(+), 20 deletions(-)

diff --git a/include/net/ipv6.h b/include/net/ipv6.h
index 2d3fca37..e1a85ad 100644
--- a/include/net/ipv6.h
+++ b/include/net/ipv6.h
@@ -661,8 +661,6 @@ extern struct ctl_table *ipv6_icmp_sysctl_init(struct net *net);
 extern struct ctl_table *ipv6_route_sysctl_init(struct net *net);
 extern int ipv6_sysctl_register(void);
 extern void ipv6_sysctl_unregister(void);
-extern int ipv6_static_sysctl_register(void);
-extern void ipv6_static_sysctl_unregister(void);
 #endif
 
 #endif /* _NET_IPV6_H */
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index f9c474e..4dd8027 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -3343,23 +3343,6 @@ static ctl_table ipv4_route_table[] = {
 	{ }
 };
 
-static struct ctl_table empty[1];
-
-static struct ctl_table ipv4_skeleton[] =
-{
-	{ .procname = "route", 
-	  .mode = 0555, .child = ipv4_route_table},
-	{ .procname = "neigh", 
-	  .mode = 0555, .child = empty},
-	{ }
-};
-
-static __net_initdata struct ctl_path ipv4_path[] = {
-	{ .procname = "net", },
-	{ .procname = "ipv4", },
-	{ },
-};
-
 static struct ctl_table ipv4_route_flush_table[] = {
 	{
 		.procname	= "flush",
@@ -3514,6 +3497,6 @@ int __init ip_rt_init(void)
  */
 void __init ip_static_sysctl_init(void)
 {
-	kmemleak_not_leak(register_net_sysctl_table(&init_net, ipv4_path, ipv4_skeleton));
+	register_net_sysctl(&init_net, "net/ipv4/route", ipv4_route_table);
 }
 #endif
-- 
1.7.2.5

^ permalink raw reply related	[flat|nested] 33+ messages in thread

* [PATCH net-next 09/19] net ax25: Simplify and cleanup the ax25 sysctl handling.
  2012-04-19 23:17 [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Eric W. Biederman
                   ` (7 preceding siblings ...)
  2012-04-19 23:32 ` [PATCH net-next 08/19] net ipv4: Remove the unneeded registration of an empty net/ipv4/neigh Eric W. Biederman
@ 2012-04-19 23:34 ` Eric W. Biederman
  2012-04-19 23:35 ` [PATCH net-next 10/19] net llc: Don't use sysctl tables with .child entries Eric W. Biederman
                   ` (10 subsequent siblings)
  19 siblings, 0 replies; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-19 23:34 UTC (permalink / raw)
  To: David Miller
  Cc: netdev, Serge E. Hallyn, Gao feng, pablo, Stephen Hemminger,
	Pavel Emelyanov


Don't register/unregister every ax25 table in a batch.  Instead register
and unregister per device ax25 sysctls as ax25 devices come and go.

This moves ax25 to be a completely modern sysctl user.  Registering the
sysctls in just the initial network namespace, removing the use of
.child entries that are no longer natively supported by the sysctl core
and taking advantage of the fact that there are no longer any ordering
constraints between registering and unregistering different sysctl
tables.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
---
 include/net/ax25.h         |   10 +++---
 net/ax25/af_ax25.c         |    2 -
 net/ax25/ax25_dev.c        |   10 +----
 net/ax25/sysctl_net_ax25.c |   82 +++++++++++++++-----------------------------
 4 files changed, 35 insertions(+), 69 deletions(-)

diff --git a/include/net/ax25.h b/include/net/ax25.h
index 94e09d3..8a7a122 100644
--- a/include/net/ax25.h
+++ b/include/net/ax25.h
@@ -215,7 +215,7 @@ typedef struct ax25_dev {
 	struct ax25_dev		*next;
 	struct net_device	*dev;
 	struct net_device	*forward;
-	struct ctl_table	*systable;
+	struct ctl_table_header *sysheader;
 	int			values[AX25_MAX_VALUES];
 #if defined(CONFIG_AX25_DAMA_SLAVE) || defined(CONFIG_AX25_DAMA_MASTER)
 	ax25_dama_info		dama;
@@ -441,11 +441,11 @@ extern void ax25_uid_free(void);
 
 /* sysctl_net_ax25.c */
 #ifdef CONFIG_SYSCTL
-extern void ax25_register_sysctl(void);
-extern void ax25_unregister_sysctl(void);
+extern int ax25_register_dev_sysctl(ax25_dev *ax25_dev);
+extern void ax25_unregister_dev_sysctl(ax25_dev *ax25_dev);
 #else
-static inline void ax25_register_sysctl(void) {};
-static inline void ax25_unregister_sysctl(void) {};
+static inline int ax25_register_dev_sysctl(ax25_dev *ax25_dev) { return 0 };
+static inline void ax25_unregister_dev_sysctl(ax25_dev *ax25_dev) {};
 #endif /* CONFIG_SYSCTL */
 
 #endif
diff --git a/net/ax25/af_ax25.c b/net/ax25/af_ax25.c
index 9d9a6a3..051f7ab 100644
--- a/net/ax25/af_ax25.c
+++ b/net/ax25/af_ax25.c
@@ -1990,7 +1990,6 @@ static int __init ax25_init(void)
 	sock_register(&ax25_family_ops);
 	dev_add_pack(&ax25_packet_type);
 	register_netdevice_notifier(&ax25_dev_notifier);
-	ax25_register_sysctl();
 
 	proc_net_fops_create(&init_net, "ax25_route", S_IRUGO, &ax25_route_fops);
 	proc_net_fops_create(&init_net, "ax25", S_IRUGO, &ax25_info_fops);
@@ -2013,7 +2012,6 @@ static void __exit ax25_exit(void)
 	proc_net_remove(&init_net, "ax25_calls");
 
 	unregister_netdevice_notifier(&ax25_dev_notifier);
-	ax25_unregister_sysctl();
 
 	dev_remove_pack(&ax25_packet_type);
 
diff --git a/net/ax25/ax25_dev.c b/net/ax25/ax25_dev.c
index d0de30e..3d10676 100644
--- a/net/ax25/ax25_dev.c
+++ b/net/ax25/ax25_dev.c
@@ -59,8 +59,6 @@ void ax25_dev_device_up(struct net_device *dev)
 		return;
 	}
 
-	ax25_unregister_sysctl();
-
 	dev->ax25_ptr     = ax25_dev;
 	ax25_dev->dev     = dev;
 	dev_hold(dev);
@@ -90,7 +88,7 @@ void ax25_dev_device_up(struct net_device *dev)
 	ax25_dev_list  = ax25_dev;
 	spin_unlock_bh(&ax25_dev_lock);
 
-	ax25_register_sysctl();
+	ax25_register_dev_sysctl(ax25_dev);
 }
 
 void ax25_dev_device_down(struct net_device *dev)
@@ -100,7 +98,7 @@ void ax25_dev_device_down(struct net_device *dev)
 	if ((ax25_dev = ax25_dev_ax25dev(dev)) == NULL)
 		return;
 
-	ax25_unregister_sysctl();
+	ax25_unregister_dev_sysctl(ax25_dev);
 
 	spin_lock_bh(&ax25_dev_lock);
 
@@ -120,7 +118,6 @@ void ax25_dev_device_down(struct net_device *dev)
 		spin_unlock_bh(&ax25_dev_lock);
 		dev_put(dev);
 		kfree(ax25_dev);
-		ax25_register_sysctl();
 		return;
 	}
 
@@ -130,7 +127,6 @@ void ax25_dev_device_down(struct net_device *dev)
 			spin_unlock_bh(&ax25_dev_lock);
 			dev_put(dev);
 			kfree(ax25_dev);
-			ax25_register_sysctl();
 			return;
 		}
 
@@ -138,8 +134,6 @@ void ax25_dev_device_down(struct net_device *dev)
 	}
 	spin_unlock_bh(&ax25_dev_lock);
 	dev->ax25_ptr = NULL;
-
-	ax25_register_sysctl();
 }
 
 int ax25_fwd_ioctl(unsigned int cmd, struct ax25_fwd_struct *fwd)
diff --git a/net/ax25/sysctl_net_ax25.c b/net/ax25/sysctl_net_ax25.c
index 7ba381b..d5744b7 100644
--- a/net/ax25/sysctl_net_ax25.c
+++ b/net/ax25/sysctl_net_ax25.c
@@ -29,17 +29,6 @@ static int min_proto[1],		max_proto[] = { AX25_PROTO_MAX };
 static int min_ds_timeout[1],		max_ds_timeout[] = {65535000};
 #endif
 
-static struct ctl_table_header *ax25_table_header;
-
-static ctl_table *ax25_table;
-static int ax25_table_size;
-
-static struct ctl_path ax25_path[] = {
-	{ .procname = "net", },
-	{ .procname = "ax25", },
-	{ }
-};
-
 static const ctl_table ax25_param_table[] = {
 	{
 		.procname	= "ip_default_mode",
@@ -159,52 +148,37 @@ static const ctl_table ax25_param_table[] = {
 	{ }	/* that's all, folks! */
 };
 
-void ax25_register_sysctl(void)
+int ax25_register_dev_sysctl(ax25_dev *ax25_dev)
 {
-	ax25_dev *ax25_dev;
-	int n, k;
-
-	spin_lock_bh(&ax25_dev_lock);
-	for (ax25_table_size = sizeof(ctl_table), ax25_dev = ax25_dev_list; ax25_dev != NULL; ax25_dev = ax25_dev->next)
-		ax25_table_size += sizeof(ctl_table);
-
-	if ((ax25_table = kzalloc(ax25_table_size, GFP_ATOMIC)) == NULL) {
-		spin_unlock_bh(&ax25_dev_lock);
-		return;
-	}
-
-	for (n = 0, ax25_dev = ax25_dev_list; ax25_dev != NULL; ax25_dev = ax25_dev->next) {
-		struct ctl_table *child = kmemdup(ax25_param_table,
-						  sizeof(ax25_param_table),
-						  GFP_ATOMIC);
-		if (!child) {
-			while (n--)
-				kfree(ax25_table[n].child);
-			kfree(ax25_table);
-			spin_unlock_bh(&ax25_dev_lock);
-			return;
-		}
-		ax25_table[n].child = ax25_dev->systable = child;
-		ax25_table[n].procname     = ax25_dev->dev->name;
-		ax25_table[n].mode         = 0555;
-
-
-		for (k = 0; k < AX25_MAX_VALUES; k++)
-			child[k].data = &ax25_dev->values[k];
-
-		n++;
+	char path[sizeof("net/ax25/") + IFNAMSIZ];
+	int k;
+	struct ctl_table *table;
+
+	table = kmemdup(ax25_param_table, sizeof(ax25_param_table), GFP_KERNEL);
+	if (!table)
+		return -ENOMEM;
+
+	for (k = 0; k < AX25_MAX_VALUES; k++)
+		table[k].data = &ax25_dev->values[k];
+
+	snprintf(path, sizeof(path), "net/ax25/%s", ax25_dev->dev->name);
+	ax25_dev->sysheader = register_net_sysctl(&init_net, path, table);
+	if (!ax25_dev->sysheader) {
+		kfree(table);
+		return -ENOMEM;
 	}
-	spin_unlock_bh(&ax25_dev_lock);
-
-	ax25_table_header = register_net_sysctl_table(&init_net, ax25_path, ax25_table);
+	return 0;
 }
 
-void ax25_unregister_sysctl(void)
+void ax25_unregister_dev_sysctl(ax25_dev *ax25_dev)
 {
-	ctl_table *p;
-	unregister_net_sysctl_table(ax25_table_header);
-
-	for (p = ax25_table; p->procname; p++)
-		kfree(p->child);
-	kfree(ax25_table);
+	struct ctl_table_header *header = ax25_dev->sysheader;
+	struct ctl_table *table;
+
+	if (header) {
+		ax25_dev->sysheader = NULL;
+		table = header->ctl_table_arg;
+		unregister_net_sysctl_table(header);
+		kfree(table);
+	}
 }
-- 
1.7.2.5

^ permalink raw reply related	[flat|nested] 33+ messages in thread

* [PATCH net-next 10/19] net llc: Don't use sysctl tables with .child entries.
  2012-04-19 23:17 [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Eric W. Biederman
                   ` (8 preceding siblings ...)
  2012-04-19 23:34 ` [PATCH net-next 09/19] net ax25: Simplify and cleanup the ax25 sysctl handling Eric W. Biederman
@ 2012-04-19 23:35 ` Eric W. Biederman
  2012-04-19 23:37 ` [PATCH net-next 11/19] net ipv6: " Eric W. Biederman
                   ` (9 subsequent siblings)
  19 siblings, 0 replies; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-19 23:35 UTC (permalink / raw)
  To: David Miller
  Cc: netdev, Serge E. Hallyn, Gao feng, pablo, Stephen Hemminger,
	Pavel Emelyanov


The sysctl core no longer natively understands sysctl tables with .child
entries.

Kill the intermediate tables and use register_net_sysctl directly to
remove the need for compatibility code.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
---
 net/llc/sysctl_net_llc.c |   51 ++++++++++++++-------------------------------
 1 files changed, 16 insertions(+), 35 deletions(-)

diff --git a/net/llc/sysctl_net_llc.c b/net/llc/sysctl_net_llc.c
index 9a6a65f..d75306b 100644
--- a/net/llc/sysctl_net_llc.c
+++ b/net/llc/sysctl_net_llc.c
@@ -57,48 +57,29 @@ static struct ctl_table llc_station_table[] = {
 	{ },
 };
 
-static struct ctl_table llc2_dir_timeout_table[] = {
-	{
-		.procname	= "timeout",
-		.mode		= 0555,
-		.child		= llc2_timeout_table,
-	},
-	{ },
-};
-
-static struct ctl_table llc_table[] = {
-	{
-		.procname	= "llc2",
-		.mode		= 0555,
-		.child		= llc2_dir_timeout_table,
-	},
-	{
-		.procname       = "station",
-		.mode           = 0555,
-		.child          = llc_station_table,
-	},
-	{ },
-};
-
-static struct ctl_path llc_path[] = {
-	{ .procname = "net", },
-	{ .procname = "llc", },
-	{ }
-};
-
-static struct ctl_table_header *llc_table_header;
+static struct ctl_table_header *llc2_timeout_header;
+static struct ctl_table_header *llc_station_header;
 
 int __init llc_sysctl_init(void)
 {
-	llc_table_header = register_net_sysctl_table(&init_net, llc_path, llc_table);
+	llc2_timeout_header = register_net_sysctl(&init_net, "net/llc/llc2/timeout", llc2_timeout_table);
+	llc_station_header = register_net_sysctl(&init_net, "net/llc/station", llc_station_table);
 
-	return llc_table_header ? 0 : -ENOMEM;
+	if (!llc2_timeout_header || !llc_station_header) {
+		llc_sysctl_exit();
+		return -ENOMEM;
+	}
+	return 0;
 }
 
 void llc_sysctl_exit(void)
 {
-	if (llc_table_header) {
-		unregister_net_sysctl_table(llc_table_header);
-		llc_table_header = NULL;
+	if (llc2_timeout_header) {
+		unregister_net_sysctl_table(llc2_timeout_header);
+		llc2_timeout_header = NULL;
+	}
+	if (llc_station_header) {
+		unregister_net_sysctl_table(llc_station_header);
+		llc_station_header = NULL;
 	}
 }
-- 
1.7.2.5

^ permalink raw reply related	[flat|nested] 33+ messages in thread

* [PATCH net-next 11/19] net ipv6: Don't use sysctl tables with .child entries.
  2012-04-19 23:17 [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Eric W. Biederman
                   ` (9 preceding siblings ...)
  2012-04-19 23:35 ` [PATCH net-next 10/19] net llc: Don't use sysctl tables with .child entries Eric W. Biederman
@ 2012-04-19 23:37 ` Eric W. Biederman
  2012-04-19 23:38 ` [PATCH net-next 12/19] net neighbour: Convert to use register_net_sysctl Eric W. Biederman
                   ` (8 subsequent siblings)
  19 siblings, 0 replies; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-19 23:37 UTC (permalink / raw)
  To: David Miller
  Cc: netdev, Serge E. Hallyn, Gao feng, pablo, Stephen Hemminger,
	Pavel Emelyanov


The sysctl core no longer natively understands sysctl tables
with .child entries.

Split the ipv6_table to remove the .child entries.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
---
 include/net/netns/ipv6.h   |    4 ++-
 net/ipv6/sysctl_net_ipv6.c |   47 +++++++++++++++++++++----------------------
 2 files changed, 26 insertions(+), 25 deletions(-)

diff --git a/include/net/netns/ipv6.h b/include/net/netns/ipv6.h
index 81abfcb..b42be53 100644
--- a/include/net/netns/ipv6.h
+++ b/include/net/netns/ipv6.h
@@ -12,7 +12,9 @@ struct ctl_table_header;
 
 struct netns_sysctl_ipv6 {
 #ifdef CONFIG_SYSCTL
-	struct ctl_table_header *table;
+	struct ctl_table_header *hdr;
+	struct ctl_table_header *route_hdr;
+	struct ctl_table_header *icmp_hdr;
 	struct ctl_table_header *frags_hdr;
 #endif
 	int bindv6only;
diff --git a/net/ipv6/sysctl_net_ipv6.c b/net/ipv6/sysctl_net_ipv6.c
index cf1e96a..a52d820 100644
--- a/net/ipv6/sysctl_net_ipv6.c
+++ b/net/ipv6/sysctl_net_ipv6.c
@@ -18,18 +18,6 @@
 
 static ctl_table ipv6_table_template[] = {
 	{
-		.procname	= "route",
-		.maxlen		= 0,
-		.mode		= 0555,
-		.child		= ipv6_route_table_template
-	},
-	{
-		.procname	= "icmp",
-		.maxlen		= 0,
-		.mode		= 0555,
-		.child		= ipv6_icmp_table_template
-	},
-	{
 		.procname	= "bindv6only",
 		.data		= &init_net.ipv6.sysctl.bindv6only,
 		.maxlen		= sizeof(int),
@@ -69,28 +57,37 @@ static int __net_init ipv6_sysctl_net_init(struct net *net)
 			     GFP_KERNEL);
 	if (!ipv6_table)
 		goto out;
+	ipv6_table[0].data = &net->ipv6.sysctl.bindv6only;
 
 	ipv6_route_table = ipv6_route_sysctl_init(net);
 	if (!ipv6_route_table)
 		goto out_ipv6_table;
-	ipv6_table[0].child = ipv6_route_table;
 
 	ipv6_icmp_table = ipv6_icmp_sysctl_init(net);
 	if (!ipv6_icmp_table)
 		goto out_ipv6_route_table;
-	ipv6_table[1].child = ipv6_icmp_table;
 
-	ipv6_table[2].data = &net->ipv6.sysctl.bindv6only;
-
-	net->ipv6.sysctl.table = register_net_sysctl_table(net, net_ipv6_ctl_path,
-							   ipv6_table);
-	if (!net->ipv6.sysctl.table)
+	net->ipv6.sysctl.hdr = register_net_sysctl(net, "net/ipv6", ipv6_table);
+	if (!net->ipv6.sysctl.hdr)
 		goto out_ipv6_icmp_table;
 
+	net->ipv6.sysctl.route_hdr =
+		register_net_sysctl(net, "net/ipv6/route", ipv6_route_table);
+	if (!net->ipv6.sysctl.route_hdr)
+		goto out_unregister_ipv6_table;
+
+	net->ipv6.sysctl.icmp_hdr =
+		register_net_sysctl(net, "net/ipv6/icmp", ipv6_icmp_table);
+	if (!net->ipv6.sysctl.icmp_hdr)
+		goto out_unregister_route_table;
+
 	err = 0;
 out:
 	return err;
-
+out_unregister_route_table:
+	unregister_net_sysctl_table(net->ipv6.sysctl.route_hdr);
+out_unregister_ipv6_table:
+	unregister_net_sysctl_table(net->ipv6.sysctl.hdr);
 out_ipv6_icmp_table:
 	kfree(ipv6_icmp_table);
 out_ipv6_route_table:
@@ -106,11 +103,13 @@ static void __net_exit ipv6_sysctl_net_exit(struct net *net)
 	struct ctl_table *ipv6_route_table;
 	struct ctl_table *ipv6_icmp_table;
 
-	ipv6_table = net->ipv6.sysctl.table->ctl_table_arg;
-	ipv6_route_table = ipv6_table[0].child;
-	ipv6_icmp_table = ipv6_table[1].child;
+	ipv6_table = net->ipv6.sysctl.hdr->ctl_table_arg;
+	ipv6_route_table = net->ipv6.sysctl.route_hdr->ctl_table_arg;
+	ipv6_icmp_table = net->ipv6.sysctl.icmp_hdr->ctl_table_arg;
 
-	unregister_net_sysctl_table(net->ipv6.sysctl.table);
+	unregister_net_sysctl_table(net->ipv6.sysctl.icmp_hdr);
+	unregister_net_sysctl_table(net->ipv6.sysctl.route_hdr);
+	unregister_net_sysctl_table(net->ipv6.sysctl.hdr);
 
 	kfree(ipv6_table);
 	kfree(ipv6_route_table);
-- 
1.7.2.5

^ permalink raw reply related	[flat|nested] 33+ messages in thread

* [PATCH net-next 12/19] net neighbour:  Convert to use register_net_sysctl
  2012-04-19 23:17 [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Eric W. Biederman
                   ` (10 preceding siblings ...)
  2012-04-19 23:37 ` [PATCH net-next 11/19] net ipv6: " Eric W. Biederman
@ 2012-04-19 23:38 ` Eric W. Biederman
  2012-04-20  5:21   ` Pavel Emelyanov
  2012-04-19 23:40 ` [PATCH net-next 13/19] net decnet: " Eric W. Biederman
                   ` (7 subsequent siblings)
  19 siblings, 1 reply; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-19 23:38 UTC (permalink / raw)
  To: David Miller
  Cc: netdev, Serge E. Hallyn, Gao feng, pablo, Stephen Hemminger,
	Pavel Emelyanov


Using an ascii path to register_net_sysctl as opposed to the slightly
awkward ctl_path allows for much simpler code.

We no longer need to malloc dev_name to keep it alive the length of our
sysctl register instead we can use a small temporary buffer on the
stack.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
---
 net/core/neighbour.c |   33 ++++++---------------------------
 1 files changed, 6 insertions(+), 27 deletions(-)

diff --git a/net/core/neighbour.c b/net/core/neighbour.c
index 0c2df3d..fadaa81 100644
--- a/net/core/neighbour.c
+++ b/net/core/neighbour.c
@@ -2799,7 +2799,6 @@ enum {
 static struct neigh_sysctl_table {
 	struct ctl_table_header *sysctl_header;
 	struct ctl_table neigh_vars[NEIGH_VAR_MAX + 1];
-	char *dev_name;
 } neigh_sysctl_template __read_mostly = {
 	.neigh_vars = {
 		[NEIGH_VAR_MCAST_PROBE] = {
@@ -2925,19 +2924,7 @@ int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p,
 {
 	struct neigh_sysctl_table *t;
 	const char *dev_name_source = NULL;
-
-#define NEIGH_CTL_PATH_ROOT	0
-#define NEIGH_CTL_PATH_PROTO	1
-#define NEIGH_CTL_PATH_NEIGH	2
-#define NEIGH_CTL_PATH_DEV	3
-
-	struct ctl_path neigh_path[] = {
-		{ .procname = "net",	 },
-		{ .procname = "proto",	 },
-		{ .procname = "neigh",	 },
-		{ .procname = "default", },
-		{ },
-	};
+	char neigh_path[ sizeof("net//neigh/") + IFNAMSIZ + IFNAMSIZ ];
 
 	t = kmemdup(&neigh_sysctl_template, sizeof(*t), GFP_KERNEL);
 	if (!t)
@@ -2965,7 +2952,7 @@ int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p,
 		memset(&t->neigh_vars[NEIGH_VAR_GC_INTERVAL], 0,
 		       sizeof(t->neigh_vars[NEIGH_VAR_GC_INTERVAL]));
 	} else {
-		dev_name_source = neigh_path[NEIGH_CTL_PATH_DEV].procname;
+		dev_name_source = "default";
 		t->neigh_vars[NEIGH_VAR_GC_INTERVAL].data = (int *)(p + 1);
 		t->neigh_vars[NEIGH_VAR_GC_THRESH1].data = (int *)(p + 1) + 1;
 		t->neigh_vars[NEIGH_VAR_GC_THRESH2].data = (int *)(p + 1) + 2;
@@ -2988,23 +2975,16 @@ int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p,
 		t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME_MS].extra1 = dev;
 	}
 
-	t->dev_name = kstrdup(dev_name_source, GFP_KERNEL);
-	if (!t->dev_name)
-		goto free;
-
-	neigh_path[NEIGH_CTL_PATH_DEV].procname = t->dev_name;
-	neigh_path[NEIGH_CTL_PATH_PROTO].procname = p_name;
-
+	snprintf(neigh_path, sizeof(neigh_path), "net/%s/neigh/%s",
+		p_name, dev_name_source);
 	t->sysctl_header =
-		register_net_sysctl_table(neigh_parms_net(p), neigh_path, t->neigh_vars);
+		register_net_sysctl(neigh_parms_net(p), neigh_path, t->neigh_vars);
 	if (!t->sysctl_header)
-		goto free_procname;
+		goto free;
 
 	p->sysctl_table = t;
 	return 0;
 
-free_procname:
-	kfree(t->dev_name);
 free:
 	kfree(t);
 err:
@@ -3018,7 +2998,6 @@ void neigh_sysctl_unregister(struct neigh_parms *p)
 		struct neigh_sysctl_table *t = p->sysctl_table;
 		p->sysctl_table = NULL;
 		unregister_net_sysctl_table(t->sysctl_header);
-		kfree(t->dev_name);
 		kfree(t);
 	}
 }
-- 
1.7.2.5

^ permalink raw reply related	[flat|nested] 33+ messages in thread

* [PATCH net-next 13/19] net decnet:  Convert to use register_net_sysctl
  2012-04-19 23:17 [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Eric W. Biederman
                   ` (11 preceding siblings ...)
  2012-04-19 23:38 ` [PATCH net-next 12/19] net neighbour: Convert to use register_net_sysctl Eric W. Biederman
@ 2012-04-19 23:40 ` Eric W. Biederman
  2012-04-19 23:41 ` [PATCH net-next 14/19] net ipv6: Convert addrconf " Eric W. Biederman
                   ` (6 subsequent siblings)
  19 siblings, 0 replies; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-19 23:40 UTC (permalink / raw)
  To: David Miller
  Cc: netdev, Serge E. Hallyn, Gao feng, pablo, Stephen Hemminger,
	Pavel Emelyanov


Using an ascii path to register_net_sysctl as opposed to the slightly
awkward ctl_path allows for much simpler code.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
---
 net/decnet/dn_dev.c            |   19 ++++---------------
 net/decnet/sysctl_net_decnet.c |    8 +-------
 2 files changed, 5 insertions(+), 22 deletions(-)

diff --git a/net/decnet/dn_dev.c b/net/decnet/dn_dev.c
index ce8a184..f3924ab 100644
--- a/net/decnet/dn_dev.c
+++ b/net/decnet/dn_dev.c
@@ -209,15 +209,7 @@ static void dn_dev_sysctl_register(struct net_device *dev, struct dn_dev_parms *
 	struct dn_dev_sysctl_table *t;
 	int i;
 
-#define DN_CTL_PATH_DEV	3
-
-	struct ctl_path dn_ctl_path[] = {
-		{ .procname = "net",  },
-		{ .procname = "decnet",  },
-		{ .procname = "conf",  },
-		{ /* to be set */ },
-		{ },
-	};
+	char path[sizeof("net/decnet/conf/") + IFNAMSIZ];
 
 	t = kmemdup(&dn_dev_sysctl, sizeof(*t), GFP_KERNEL);
 	if (t == NULL)
@@ -228,15 +220,12 @@ static void dn_dev_sysctl_register(struct net_device *dev, struct dn_dev_parms *
 		t->dn_dev_vars[i].data = ((char *)parms) + offset;
 	}
 
-	if (dev) {
-		dn_ctl_path[DN_CTL_PATH_DEV].procname = dev->name;
-	} else {
-		dn_ctl_path[DN_CTL_PATH_DEV].procname = parms->name;
-	}
+	snprintf(path, sizeof(path), "net/decnet/conf/%s",
+		dev? dev->name : parms->name);
 
 	t->dn_dev_vars[0].extra1 = (void *)dev;
 
-	t->sysctl_header = register_net_sysctl_table(&init_net, dn_ctl_path, t->dn_dev_vars);
+	t->sysctl_header = register_net_sysctl(&init_net, path, t->dn_dev_vars);
 	if (t->sysctl_header == NULL)
 		kfree(t);
 	else
diff --git a/net/decnet/sysctl_net_decnet.c b/net/decnet/sysctl_net_decnet.c
index 4380b8e..a55eecc 100644
--- a/net/decnet/sysctl_net_decnet.c
+++ b/net/decnet/sysctl_net_decnet.c
@@ -351,15 +351,9 @@ static ctl_table dn_table[] = {
 	{ }
 };
 
-static struct ctl_path dn_path[] = {
-	{ .procname = "net", },
-	{ .procname = "decnet", },
-	{ }
-};
-
 void dn_register_sysctl(void)
 {
-	dn_table_header = register_net_sysctl_table(&init_net, dn_path, dn_table);
+	dn_table_header = register_net_sysctl(&init_net, "net/decnet", dn_table);
 }
 
 void dn_unregister_sysctl(void)
-- 
1.7.2.5

^ permalink raw reply related	[flat|nested] 33+ messages in thread

* [PATCH net-next 14/19] net ipv6:  Convert addrconf to use register_net_sysctl
  2012-04-19 23:17 [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Eric W. Biederman
                   ` (12 preceding siblings ...)
  2012-04-19 23:40 ` [PATCH net-next 13/19] net decnet: " Eric W. Biederman
@ 2012-04-19 23:41 ` Eric W. Biederman
  2012-04-19 23:42 ` [PATCH net-next 15/19] net ipv4: Convert devinet " Eric W. Biederman
                   ` (5 subsequent siblings)
  19 siblings, 0 replies; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-19 23:41 UTC (permalink / raw)
  To: David Miller
  Cc: netdev, Serge E. Hallyn, Gao feng, pablo, Stephen Hemminger,
	Pavel Emelyanov


Using an ascii path to register_net_sysctl as opposed to the slightly
awkward ctl_path allows for much simpler code.

We no longer need to malloc dev_name to keep it alive the length of our
sysctl register instead we can use a small temporary buffer on the
stack.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
---
 net/ipv6/addrconf.c |   32 ++++----------------------------
 1 files changed, 4 insertions(+), 28 deletions(-)

diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
index 4a83983..e3b3421 100644
--- a/net/ipv6/addrconf.c
+++ b/net/ipv6/addrconf.c
@@ -4365,7 +4365,6 @@ static struct addrconf_sysctl_table
 {
 	struct ctl_table_header *sysctl_header;
 	ctl_table addrconf_vars[DEVCONF_MAX+1];
-	char *dev_name;
 } addrconf_sysctl __read_mostly = {
 	.sysctl_header = NULL,
 	.addrconf_vars = {
@@ -4594,17 +4593,7 @@ static int __addrconf_sysctl_register(struct net *net, char *dev_name,
 {
 	int i;
 	struct addrconf_sysctl_table *t;
-
-#define ADDRCONF_CTL_PATH_DEV	3
-
-	struct ctl_path addrconf_ctl_path[] = {
-		{ .procname = "net", },
-		{ .procname = "ipv6", },
-		{ .procname = "conf", },
-		{ /* to be set */ },
-		{ },
-	};
-
+	char path[sizeof("net/ipv6/conf/") + IFNAMSIZ];
 
 	t = kmemdup(&addrconf_sysctl, sizeof(*t), GFP_KERNEL);
 	if (t == NULL)
@@ -4616,27 +4605,15 @@ static int __addrconf_sysctl_register(struct net *net, char *dev_name,
 		t->addrconf_vars[i].extra2 = net;
 	}
 
-	/*
-	 * Make a copy of dev_name, because '.procname' is regarded as const
-	 * by sysctl and we wouldn't want anyone to change it under our feet
-	 * (see SIOCSIFNAME).
-	 */
-	t->dev_name = kstrdup(dev_name, GFP_KERNEL);
-	if (!t->dev_name)
-		goto free;
+	snprintf(path, sizeof(path), "net/ipv6/conf/%s", dev_name);
 
-	addrconf_ctl_path[ADDRCONF_CTL_PATH_DEV].procname = t->dev_name;
-
-	t->sysctl_header = register_net_sysctl_table(net, addrconf_ctl_path,
-			t->addrconf_vars);
+	t->sysctl_header = register_net_sysctl(net, path, t->addrconf_vars);
 	if (t->sysctl_header == NULL)
-		goto free_procname;
+		goto free;
 
 	p->sysctl = t;
 	return 0;
 
-free_procname:
-	kfree(t->dev_name);
 free:
 	kfree(t);
 out:
@@ -4653,7 +4630,6 @@ static void __addrconf_sysctl_unregister(struct ipv6_devconf *p)
 	t = p->sysctl;
 	p->sysctl = NULL;
 	unregister_net_sysctl_table(t->sysctl_header);
-	kfree(t->dev_name);
 	kfree(t);
 }
 
-- 
1.7.2.5

^ permalink raw reply related	[flat|nested] 33+ messages in thread

* [PATCH net-next 15/19] net ipv4: Convert devinet to use register_net_sysctl
  2012-04-19 23:17 [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Eric W. Biederman
                   ` (13 preceding siblings ...)
  2012-04-19 23:41 ` [PATCH net-next 14/19] net ipv6: Convert addrconf " Eric W. Biederman
@ 2012-04-19 23:42 ` Eric W. Biederman
  2012-04-19 23:43 ` [PATCH net-next 16/19] net: Convert nf_conntrack_proto " Eric W. Biederman
                   ` (4 subsequent siblings)
  19 siblings, 0 replies; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-19 23:42 UTC (permalink / raw)
  To: David Miller
  Cc: netdev, Serge E. Hallyn, Gao feng, pablo, Stephen Hemminger,
	Pavel Emelyanov


Using an ascii path to register_net_sysctl as opposed to the slightly
awkward ctl_path allows for much simpler code.

We no longer need to malloc dev_name to keep it alive the length of our
sysctl register instead we can use a small temporary buffer on the
stack.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
---
 net/ipv4/devinet.c |   39 +++++----------------------------------
 1 files changed, 5 insertions(+), 34 deletions(-)

diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c
index 8a01bfb..88c9e3f 100644
--- a/net/ipv4/devinet.c
+++ b/net/ipv4/devinet.c
@@ -1585,7 +1585,6 @@ static int ipv4_doint_and_flush(ctl_table *ctl, int write,
 static struct devinet_sysctl_table {
 	struct ctl_table_header *sysctl_header;
 	struct ctl_table devinet_vars[__IPV4_DEVCONF_MAX];
-	char *dev_name;
 } devinet_sysctl = {
 	.devinet_vars = {
 		DEVINET_SYSCTL_COMPLEX_ENTRY(FORWARDING, "forwarding",
@@ -1627,16 +1626,7 @@ static int __devinet_sysctl_register(struct net *net, char *dev_name,
 {
 	int i;
 	struct devinet_sysctl_table *t;
-
-#define DEVINET_CTL_PATH_DEV	3
-
-	struct ctl_path devinet_ctl_path[] = {
-		{ .procname = "net",  },
-		{ .procname = "ipv4", },
-		{ .procname = "conf", },
-		{ /* to be set */ },
-		{ },
-	};
+	char path[sizeof("net/ipv4/conf/") + IFNAMSIZ];
 
 	t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL);
 	if (!t)
@@ -1648,27 +1638,15 @@ static int __devinet_sysctl_register(struct net *net, char *dev_name,
 		t->devinet_vars[i].extra2 = net;
 	}
 
-	/*
-	 * Make a copy of dev_name, because '.procname' is regarded as const
-	 * by sysctl and we wouldn't want anyone to change it under our feet
-	 * (see SIOCSIFNAME).
-	 */
-	t->dev_name = kstrdup(dev_name, GFP_KERNEL);
-	if (!t->dev_name)
-		goto free;
-
-	devinet_ctl_path[DEVINET_CTL_PATH_DEV].procname = t->dev_name;
+	snprintf(path, sizeof(path), "net/ipv4/conf/%s", dev_name);
 
-	t->sysctl_header = register_net_sysctl_table(net, devinet_ctl_path,
-			t->devinet_vars);
+	t->sysctl_header = register_net_sysctl(net, path, t->devinet_vars);
 	if (!t->sysctl_header)
-		goto free_procname;
+		goto free;
 
 	p->sysctl = t;
 	return 0;
 
-free_procname:
-	kfree(t->dev_name);
 free:
 	kfree(t);
 out:
@@ -1684,7 +1662,6 @@ static void __devinet_sysctl_unregister(struct ipv4_devconf *cnf)
 
 	cnf->sysctl = NULL;
 	unregister_net_sysctl_table(t->sysctl_header);
-	kfree(t->dev_name);
 	kfree(t);
 }
 
@@ -1714,12 +1691,6 @@ static struct ctl_table ctl_forward_entry[] = {
 	},
 	{ },
 };
-
-static __net_initdata struct ctl_path net_ipv4_path[] = {
-	{ .procname = "net", },
-	{ .procname = "ipv4", },
-	{ },
-};
 #endif
 
 static __net_init int devinet_init_net(struct net *net)
@@ -1765,7 +1736,7 @@ static __net_init int devinet_init_net(struct net *net)
 		goto err_reg_dflt;
 
 	err = -ENOMEM;
-	forw_hdr = register_net_sysctl_table(net, net_ipv4_path, tbl);
+	forw_hdr = register_net_sysctl(net, "net/ipv4", tbl);
 	if (forw_hdr == NULL)
 		goto err_reg_ctl;
 	net->ipv4.forw_hdr = forw_hdr;
-- 
1.7.2.5

^ permalink raw reply related	[flat|nested] 33+ messages in thread

* [PATCH net-next 16/19] net:  Convert nf_conntrack_proto to use register_net_sysctl
  2012-04-19 23:17 [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Eric W. Biederman
                   ` (14 preceding siblings ...)
  2012-04-19 23:42 ` [PATCH net-next 15/19] net ipv4: Convert devinet " Eric W. Biederman
@ 2012-04-19 23:43 ` Eric W. Biederman
  2012-04-19 23:44 ` [PATCH net-next 17/19] net: Convert all sysctl registrations to register_net_sysctl Eric W. Biederman
                   ` (3 subsequent siblings)
  19 siblings, 0 replies; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-19 23:43 UTC (permalink / raw)
  To: David Miller
  Cc: netdev, Serge E. Hallyn, Gao feng, pablo, Stephen Hemminger,
	Pavel Emelyanov


There isn't much advantage here except that strings paths are a bit
easier to read, and converting everything to them allows me to kill off
ctl_path.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
---
 include/net/netfilter/nf_conntrack_l3proto.h   |    2 +-
 net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c |    2 +-
 net/netfilter/nf_conntrack_proto.c             |    8 ++++----
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/include/net/netfilter/nf_conntrack_l3proto.h b/include/net/netfilter/nf_conntrack_l3proto.h
index e8010f4..9699c02 100644
--- a/include/net/netfilter/nf_conntrack_l3proto.h
+++ b/include/net/netfilter/nf_conntrack_l3proto.h
@@ -65,7 +65,7 @@ struct nf_conntrack_l3proto {
 
 #ifdef CONFIG_SYSCTL
 	struct ctl_table_header	*ctl_table_header;
-	struct ctl_path		*ctl_table_path;
+	const char		*ctl_table_path;
 	struct ctl_table	*ctl_table;
 #endif /* CONFIG_SYSCTL */
 
diff --git a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
index 345c7dc..91747d4 100644
--- a/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
+++ b/net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c
@@ -365,7 +365,7 @@ struct nf_conntrack_l3proto nf_conntrack_l3proto_ipv4 __read_mostly = {
 	.nla_policy	 = ipv4_nla_policy,
 #endif
 #if defined(CONFIG_SYSCTL) && defined(CONFIG_NF_CONNTRACK_PROC_COMPAT)
-	.ctl_table_path  = nf_net_ipv4_netfilter_sysctl_path,
+	.ctl_table_path  = "net/ipv4/netfilter",
 	.ctl_table	 = ip_ct_sysctl_table,
 #endif
 	.me		 = THIS_MODULE,
diff --git a/net/netfilter/nf_conntrack_proto.c b/net/netfilter/nf_conntrack_proto.c
index bbc753f..8b631b0 100644
--- a/net/netfilter/nf_conntrack_proto.c
+++ b/net/netfilter/nf_conntrack_proto.c
@@ -36,11 +36,11 @@ static DEFINE_MUTEX(nf_ct_proto_mutex);
 
 #ifdef CONFIG_SYSCTL
 static int
-nf_ct_register_sysctl(struct ctl_table_header **header, struct ctl_path *path,
+nf_ct_register_sysctl(struct ctl_table_header **header, const char *path,
 		      struct ctl_table *table, unsigned int *users)
 {
 	if (*header == NULL) {
-		*header = register_net_sysctl_table(&init_net, path, table);
+		*header = register_net_sysctl(&init_net, path, table);
 		if (*header == NULL)
 			return -ENOMEM;
 	}
@@ -250,7 +250,7 @@ static int nf_ct_l4proto_register_sysctl(struct nf_conntrack_l4proto *l4proto)
 #ifdef CONFIG_SYSCTL
 	if (l4proto->ctl_table != NULL) {
 		err = nf_ct_register_sysctl(l4proto->ctl_table_header,
-					    nf_net_netfilter_sysctl_path,
+					    "net/netfilter",
 					    l4proto->ctl_table,
 					    l4proto->ctl_table_users);
 		if (err < 0)
@@ -259,7 +259,7 @@ static int nf_ct_l4proto_register_sysctl(struct nf_conntrack_l4proto *l4proto)
 #ifdef CONFIG_NF_CONNTRACK_PROC_COMPAT
 	if (l4proto->ctl_compat_table != NULL) {
 		err = nf_ct_register_sysctl(&l4proto->ctl_compat_table_header,
-					    nf_net_ipv4_netfilter_sysctl_path,
+					    "net/ipv4/netfilter",
 					    l4proto->ctl_compat_table, NULL);
 		if (err == 0)
 			goto out;
-- 
1.7.2.5

^ permalink raw reply related	[flat|nested] 33+ messages in thread

* [PATCH net-next 17/19] net: Convert all sysctl registrations to register_net_sysctl
  2012-04-19 23:17 [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Eric W. Biederman
                   ` (15 preceding siblings ...)
  2012-04-19 23:43 ` [PATCH net-next 16/19] net: Convert nf_conntrack_proto " Eric W. Biederman
@ 2012-04-19 23:44 ` Eric W. Biederman
  2012-04-19 23:45 ` [PATCH net-next 18/19] net: Delete all remaining instances of ctl_path Eric W. Biederman
                   ` (2 subsequent siblings)
  19 siblings, 0 replies; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-19 23:44 UTC (permalink / raw)
  To: David Miller
  Cc: netdev, Serge E. Hallyn, Gao feng, pablo, Stephen Hemminger,
	Pavel Emelyanov


This results in code with less boiler plate that is a bit easier
to read.

Additionally stops us from using compatibility code in the sysctl
core, hastening the day when the compatibility code can be removed.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
---
 drivers/infiniband/core/ucma.c          |    8 +-------
 net/802/tr.c                            |    8 +-------
 net/appletalk/sysctl_net_atalk.c        |    8 +-------
 net/bridge/br_netfilter.c               |    8 +-------
 net/core/sysctl_net_core.c              |    3 +--
 net/dccp/sysctl.c                       |    9 +--------
 net/ipv4/ip_fragment.c                  |    2 +-
 net/ipv4/netfilter/ip_queue.c           |    2 +-
 net/ipv4/route.c                        |   10 +---------
 net/ipv4/sysctl_net_ipv4.c              |    5 ++---
 net/ipv4/xfrm4_policy.c                 |    4 ++--
 net/ipv6/netfilter/ip6_queue.c          |    2 +-
 net/ipv6/netfilter/nf_conntrack_reasm.c |    4 ++--
 net/ipv6/reassembly.c                   |    2 +-
 net/ipv6/xfrm6_policy.c                 |    4 ++--
 net/ipx/sysctl_net_ipx.c                |    8 +-------
 net/irda/irsysctl.c                     |    8 +-------
 net/netfilter/ipvs/ip_vs_ctl.c          |    3 +--
 net/netfilter/ipvs/ip_vs_lblc.c         |    3 +--
 net/netfilter/ipvs/ip_vs_lblcr.c        |    3 +--
 net/netfilter/nf_conntrack_acct.c       |    4 ++--
 net/netfilter/nf_conntrack_ecache.c     |    3 +--
 net/netfilter/nf_conntrack_proto_dccp.c |    4 ++--
 net/netfilter/nf_conntrack_standalone.c |   10 ++--------
 net/netfilter/nf_conntrack_timestamp.c  |    4 ++--
 net/netfilter/nf_log.c                  |    9 +--------
 net/netrom/sysctl_net_netrom.c          |    8 +-------
 net/phonet/sysctl.c                     |    8 +-------
 net/rds/ib_sysctl.c                     |    9 +--------
 net/rds/iw_sysctl.c                     |    9 +--------
 net/rds/sysctl.c                        |    9 +--------
 net/rose/sysctl_net_rose.c              |    8 +-------
 net/sctp/sysctl.c                       |    8 +-------
 net/unix/sysctl_net_unix.c              |    8 +-------
 net/x25/sysctl_net_x25.c                |    8 +-------
 net/xfrm/xfrm_sysctl.c                  |    2 +-
 36 files changed, 44 insertions(+), 171 deletions(-)

diff --git a/drivers/infiniband/core/ucma.c b/drivers/infiniband/core/ucma.c
index 9f3e2be..8002ae6 100644
--- a/drivers/infiniband/core/ucma.c
+++ b/drivers/infiniband/core/ucma.c
@@ -66,12 +66,6 @@ static ctl_table ucma_ctl_table[] = {
 	{ }
 };
 
-static struct ctl_path ucma_ctl_path[] = {
-	{ .procname = "net" },
-	{ .procname = "rdma_ucm" },
-	{ }
-};
-
 struct ucma_file {
 	struct mutex		mut;
 	struct file		*filp;
@@ -1392,7 +1386,7 @@ static int __init ucma_init(void)
 		goto err1;
 	}
 
-	ucma_ctl_table_hdr = register_net_sysctl_table(&init_net, ucma_ctl_path, ucma_ctl_table);
+	ucma_ctl_table_hdr = register_net_sysctl(&init_net, "net/rdma_ucm", ucma_ctl_table);
 	if (!ucma_ctl_table_hdr) {
 		printk(KERN_ERR "rdma_ucm: couldn't register sysctl paths\n");
 		ret = -ENOMEM;
diff --git a/net/802/tr.c b/net/802/tr.c
index 103e020..30a352e 100644
--- a/net/802/tr.c
+++ b/net/802/tr.c
@@ -643,12 +643,6 @@ static struct ctl_table tr_table[] = {
 	},
 	{ },
 };
-
-static __initdata struct ctl_path tr_path[] = {
-	{ .procname = "net", },
-	{ .procname = "token-ring", },
-	{ }
-};
 #endif
 
 /*
@@ -662,7 +656,7 @@ static int __init rif_init(void)
 	setup_timer(&rif_timer, rif_check_expire, 0);
 	add_timer(&rif_timer);
 #ifdef CONFIG_SYSCTL
-	register_net_sysctl_table(&init_net, tr_path, tr_table);
+	register_net_sysctl(&init_net, "net/token-ring", tr_table);
 #endif
 	proc_net_fops_create(&init_net, "tr_rif", S_IRUGO, &rif_seq_fops);
 	return 0;
diff --git a/net/appletalk/sysctl_net_atalk.c b/net/appletalk/sysctl_net_atalk.c
index 5edce8f..ebb8643 100644
--- a/net/appletalk/sysctl_net_atalk.c
+++ b/net/appletalk/sysctl_net_atalk.c
@@ -42,17 +42,11 @@ static struct ctl_table atalk_table[] = {
 	{ },
 };
 
-static struct ctl_path atalk_path[] = {
-	{ .procname = "net", },
-	{ .procname = "appletalk", },
-	{ }
-};
-
 static struct ctl_table_header *atalk_table_header;
 
 void atalk_register_sysctl(void)
 {
-	atalk_table_header = register_net_sysctl_table(&init_net, atalk_path, atalk_table);
+	atalk_table_header = register_net_sysctl(&init_net, "net/appletalk", atalk_table);
 }
 
 void atalk_unregister_sysctl(void)
diff --git a/net/bridge/br_netfilter.c b/net/bridge/br_netfilter.c
index 4f4c4a6..9d4f09c 100644
--- a/net/bridge/br_netfilter.c
+++ b/net/bridge/br_netfilter.c
@@ -1008,12 +1008,6 @@ static ctl_table brnf_table[] = {
 	},
 	{ }
 };
-
-static struct ctl_path brnf_path[] = {
-	{ .procname = "net", },
-	{ .procname = "bridge", },
-	{ }
-};
 #endif
 
 int __init br_netfilter_init(void)
@@ -1030,7 +1024,7 @@ int __init br_netfilter_init(void)
 		return ret;
 	}
 #ifdef CONFIG_SYSCTL
-	brnf_sysctl_header = register_net_sysctl_table(&init_net, brnf_path, brnf_table);
+	brnf_sysctl_header = register_net_sysctl(&init_net, "net/bridge", brnf_table);
 	if (brnf_sysctl_header == NULL) {
 		printk(KERN_WARNING
 		       "br_netfilter: can't register to sysctl.\n");
diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c
index 4a9472d..286d739 100644
--- a/net/core/sysctl_net_core.c
+++ b/net/core/sysctl_net_core.c
@@ -223,8 +223,7 @@ static __net_init int sysctl_core_net_init(struct net *net)
 		tbl[0].data = &net->core.sysctl_somaxconn;
 	}
 
-	net->core.sysctl_hdr = register_net_sysctl_table(net,
-			net_core_path, tbl);
+	net->core.sysctl_hdr = register_net_sysctl(net, "net/core", tbl);
 	if (net->core.sysctl_hdr == NULL)
 		goto err_reg;
 
diff --git a/net/dccp/sysctl.c b/net/dccp/sysctl.c
index 329e139..607ab71 100644
--- a/net/dccp/sysctl.c
+++ b/net/dccp/sysctl.c
@@ -98,18 +98,11 @@ static struct ctl_table dccp_default_table[] = {
 	{ }
 };
 
-static struct ctl_path dccp_path[] = {
-	{ .procname = "net", },
-	{ .procname = "dccp", },
-	{ .procname = "default", },
-	{ }
-};
-
 static struct ctl_table_header *dccp_table_header;
 
 int __init dccp_sysctl_init(void)
 {
-	dccp_table_header = register_net_sysctl_table(&init_net, dccp_path,
+	dccp_table_header = register_net_sysctl(&init_net, "net/dccp/default",
 			dccp_default_table);
 
 	return dccp_table_header != NULL ? 0 : -ENOMEM;
diff --git a/net/ipv4/ip_fragment.c b/net/ipv4/ip_fragment.c
index a746cca..fd81203 100644
--- a/net/ipv4/ip_fragment.c
+++ b/net/ipv4/ip_fragment.c
@@ -782,7 +782,7 @@ static int __net_init ip4_frags_ns_ctl_register(struct net *net)
 		table[2].data = &net->ipv4.frags.timeout;
 	}
 
-	hdr = register_net_sysctl_table(net, net_ipv4_ctl_path, table);
+	hdr = register_net_sysctl(net, "net/ipv4", table);
 	if (hdr == NULL)
 		goto err_reg;
 
diff --git a/net/ipv4/netfilter/ip_queue.c b/net/ipv4/netfilter/ip_queue.c
index 766485d..09775a1 100644
--- a/net/ipv4/netfilter/ip_queue.c
+++ b/net/ipv4/netfilter/ip_queue.c
@@ -586,7 +586,7 @@ static int __init ip_queue_init(void)
 #endif
 	register_netdevice_notifier(&ipq_dev_notifier);
 #ifdef CONFIG_SYSCTL
-	ipq_sysctl_header = register_net_sysctl_table(&init_net, net_ipv4_ctl_path, ipq_table);
+	ipq_sysctl_header = register_net_sysctl(&init_net, "net/ipv4", ipq_table);
 #endif
 	status = nf_register_queue_handler(NFPROTO_IPV4, &nfqh);
 	if (status < 0) {
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index 4dd8027..01cd527 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -3353,13 +3353,6 @@ static struct ctl_table ipv4_route_flush_table[] = {
 	{ },
 };
 
-static __net_initdata struct ctl_path ipv4_route_path[] = {
-	{ .procname = "net", },
-	{ .procname = "ipv4", },
-	{ .procname = "route", },
-	{ },
-};
-
 static __net_init int sysctl_route_net_init(struct net *net)
 {
 	struct ctl_table *tbl;
@@ -3372,8 +3365,7 @@ static __net_init int sysctl_route_net_init(struct net *net)
 	}
 	tbl[0].extra1 = net;
 
-	net->ipv4.route_hdr =
-		register_net_sysctl_table(net, ipv4_route_path, tbl);
+	net->ipv4.route_hdr = register_net_sysctl(net, "net/ipv4/route", tbl);
 	if (net->ipv4.route_hdr == NULL)
 		goto err_reg;
 	return 0;
diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c
index e7a6fa3..56e64f7 100644
--- a/net/ipv4/sysctl_net_ipv4.c
+++ b/net/ipv4/sysctl_net_ipv4.c
@@ -815,8 +815,7 @@ static __net_init int ipv4_sysctl_init_net(struct net *net)
 
 	tcp_init_mem(net);
 
-	net->ipv4.ipv4_hdr = register_net_sysctl_table(net,
-			net_ipv4_ctl_path, table);
+	net->ipv4.ipv4_hdr = register_net_sysctl(net, "net/ipv4", table);
 	if (net->ipv4.ipv4_hdr == NULL)
 		goto err_reg;
 
@@ -857,7 +856,7 @@ static __init int sysctl_ipv4_init(void)
 	if (!i->procname)
 		return -EINVAL;
 
-	hdr = register_net_sysctl_table(&init_net, net_ipv4_ctl_path, ipv4_table);
+	hdr = register_net_sysctl(&init_net, "net/ipv4", ipv4_table);
 	if (hdr == NULL)
 		return -ENOMEM;
 
diff --git a/net/ipv4/xfrm4_policy.c b/net/ipv4/xfrm4_policy.c
index 8ef24e1..0d3426c 100644
--- a/net/ipv4/xfrm4_policy.c
+++ b/net/ipv4/xfrm4_policy.c
@@ -298,8 +298,8 @@ void __init xfrm4_init(int rt_max_size)
 	xfrm4_state_init();
 	xfrm4_policy_init();
 #ifdef CONFIG_SYSCTL
-	sysctl_hdr = register_net_sysctl_table(&init_net, net_ipv4_ctl_path,
-						xfrm4_policy_table);
+	sysctl_hdr = register_net_sysctl(&init_net, "net/ipv4",
+					 xfrm4_policy_table);
 #endif
 }
 
diff --git a/net/ipv6/netfilter/ip6_queue.c b/net/ipv6/netfilter/ip6_queue.c
index 6785f50..3ca9303 100644
--- a/net/ipv6/netfilter/ip6_queue.c
+++ b/net/ipv6/netfilter/ip6_queue.c
@@ -588,7 +588,7 @@ static int __init ip6_queue_init(void)
 #endif
 	register_netdevice_notifier(&ipq_dev_notifier);
 #ifdef CONFIG_SYSCTL
-	ipq_sysctl_header = register_net_sysctl_table(&init_net, net_ipv6_ctl_path, ipq_table);
+	ipq_sysctl_header = register_net_sysctl(&init_net, "net/ipv6", ipq_table);
 #endif
 	status = nf_register_queue_handler(NFPROTO_IPV6, &nfqh);
 	if (status < 0) {
diff --git a/net/ipv6/netfilter/nf_conntrack_reasm.c b/net/ipv6/netfilter/nf_conntrack_reasm.c
index 7548144..48a2be1 100644
--- a/net/ipv6/netfilter/nf_conntrack_reasm.c
+++ b/net/ipv6/netfilter/nf_conntrack_reasm.c
@@ -626,8 +626,8 @@ int nf_ct_frag6_init(void)
 	inet_frags_init(&nf_frags);
 
 #ifdef CONFIG_SYSCTL
-	nf_ct_frag6_sysctl_header = register_net_sysctl_table(&init_net, nf_net_netfilter_sysctl_path,
-							  nf_ct_frag6_sysctl_table);
+	nf_ct_frag6_sysctl_header = register_net_sysctl(&init_net, "net/netfilter",
+							nf_ct_frag6_sysctl_table);
 	if (!nf_ct_frag6_sysctl_header) {
 		inet_frags_fini(&nf_frags);
 		return -ENOMEM;
diff --git a/net/ipv6/reassembly.c b/net/ipv6/reassembly.c
index 42f4f7c..36e04cf 100644
--- a/net/ipv6/reassembly.c
+++ b/net/ipv6/reassembly.c
@@ -646,7 +646,7 @@ static int __net_init ip6_frags_ns_sysctl_register(struct net *net)
 		table[2].data = &net->ipv6.frags.timeout;
 	}
 
-	hdr = register_net_sysctl_table(net, net_ipv6_ctl_path, table);
+	hdr = register_net_sysctl(net, "net/ipv6", table);
 	if (hdr == NULL)
 		goto err_reg;
 
diff --git a/net/ipv6/xfrm6_policy.c b/net/ipv6/xfrm6_policy.c
index 8ea65e0..8625fba 100644
--- a/net/ipv6/xfrm6_policy.c
+++ b/net/ipv6/xfrm6_policy.c
@@ -334,8 +334,8 @@ int __init xfrm6_init(void)
 		goto out_policy;
 
 #ifdef CONFIG_SYSCTL
-	sysctl_hdr = register_net_sysctl_table(&init_net, net_ipv6_ctl_path,
-						xfrm6_policy_table);
+	sysctl_hdr = register_net_sysctl(&init_net, "net/ipv6",
+					 xfrm6_policy_table);
 #endif
 out:
 	return ret;
diff --git a/net/ipx/sysctl_net_ipx.c b/net/ipx/sysctl_net_ipx.c
index 0358807..ad7c03d 100644
--- a/net/ipx/sysctl_net_ipx.c
+++ b/net/ipx/sysctl_net_ipx.c
@@ -28,17 +28,11 @@ static struct ctl_table ipx_table[] = {
 	{ },
 };
 
-static struct ctl_path ipx_path[] = {
-	{ .procname = "net", },
-	{ .procname = "ipx", },
-	{ }
-};
-
 static struct ctl_table_header *ipx_table_header;
 
 void ipx_register_sysctl(void)
 {
-	ipx_table_header = register_net_sysctl_table(&init_net, ipx_path, ipx_table);
+	ipx_table_header = register_net_sysctl(&init_net, "net/ipx", ipx_table);
 }
 
 void ipx_unregister_sysctl(void)
diff --git a/net/irda/irsysctl.c b/net/irda/irsysctl.c
index 20ced38..de73f64 100644
--- a/net/irda/irsysctl.c
+++ b/net/irda/irsysctl.c
@@ -235,12 +235,6 @@ static ctl_table irda_table[] = {
 	{ }
 };
 
-static struct ctl_path irda_path[] = {
-	{ .procname = "net", },
-	{ .procname = "irda", },
-	{ }
-};
-
 static struct ctl_table_header *irda_table_header;
 
 /*
@@ -251,7 +245,7 @@ static struct ctl_table_header *irda_table_header;
  */
 int __init irda_sysctl_register(void)
 {
-	irda_table_header = register_net_sysctl_table(&init_net, irda_path, irda_table);
+	irda_table_header = register_net_sysctl(&init_net, "net/irda", irda_table);
 	if (!irda_table_header)
 		return -ENOMEM;
 
diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
index b8d0df7..a606d6b 100644
--- a/net/netfilter/ipvs/ip_vs_ctl.c
+++ b/net/netfilter/ipvs/ip_vs_ctl.c
@@ -3672,8 +3672,7 @@ int __net_init ip_vs_control_net_init_sysctl(struct net *net)
 	tbl[idx++].data = &ipvs->sysctl_nat_icmp_send;
 
 
-	ipvs->sysctl_hdr = register_net_sysctl_table(net, net_vs_ctl_path,
-						     tbl);
+	ipvs->sysctl_hdr = register_net_sysctl(net, "net/ipv4/vs", tbl);
 	if (ipvs->sysctl_hdr == NULL) {
 		if (!net_eq(net, &init_net))
 			kfree(tbl);
diff --git a/net/netfilter/ipvs/ip_vs_lblc.c b/net/netfilter/ipvs/ip_vs_lblc.c
index 27c24f1..1024466 100644
--- a/net/netfilter/ipvs/ip_vs_lblc.c
+++ b/net/netfilter/ipvs/ip_vs_lblc.c
@@ -563,8 +563,7 @@ static int __net_init __ip_vs_lblc_init(struct net *net)
 	ipvs->lblc_ctl_table[0].data = &ipvs->sysctl_lblc_expiration;
 
 	ipvs->lblc_ctl_header =
-		register_net_sysctl_table(net, net_vs_ctl_path,
-					  ipvs->lblc_ctl_table);
+		register_net_sysctl(net, "net/ipv4/vs", ipvs->lblc_ctl_table);
 	if (!ipvs->lblc_ctl_header) {
 		if (!net_eq(net, &init_net))
 			kfree(ipvs->lblc_ctl_table);
diff --git a/net/netfilter/ipvs/ip_vs_lblcr.c b/net/netfilter/ipvs/ip_vs_lblcr.c
index 7498756..9261825 100644
--- a/net/netfilter/ipvs/ip_vs_lblcr.c
+++ b/net/netfilter/ipvs/ip_vs_lblcr.c
@@ -757,8 +757,7 @@ static int __net_init __ip_vs_lblcr_init(struct net *net)
 	ipvs->lblcr_ctl_table[0].data = &ipvs->sysctl_lblcr_expiration;
 
 	ipvs->lblcr_ctl_header =
-		register_net_sysctl_table(net, net_vs_ctl_path,
-					  ipvs->lblcr_ctl_table);
+		register_net_sysctl(net, "net/ipv4/vs", ipvs->lblcr_ctl_table);
 	if (!ipvs->lblcr_ctl_header) {
 		if (!net_eq(net, &init_net))
 			kfree(ipvs->lblcr_ctl_table);
diff --git a/net/netfilter/nf_conntrack_acct.c b/net/netfilter/nf_conntrack_acct.c
index f4f8cda..d61e078 100644
--- a/net/netfilter/nf_conntrack_acct.c
+++ b/net/netfilter/nf_conntrack_acct.c
@@ -69,8 +69,8 @@ static int nf_conntrack_acct_init_sysctl(struct net *net)
 
 	table[0].data = &net->ct.sysctl_acct;
 
-	net->ct.acct_sysctl_header = register_net_sysctl_table(net,
-			nf_net_netfilter_sysctl_path, table);
+	net->ct.acct_sysctl_header = register_net_sysctl(net, "net/netfilter",
+							 table);
 	if (!net->ct.acct_sysctl_header) {
 		printk(KERN_ERR "nf_conntrack_acct: can't register to sysctl.\n");
 		goto out_register;
diff --git a/net/netfilter/nf_conntrack_ecache.c b/net/netfilter/nf_conntrack_ecache.c
index 5bd3047d..b924f3a 100644
--- a/net/netfilter/nf_conntrack_ecache.c
+++ b/net/netfilter/nf_conntrack_ecache.c
@@ -199,8 +199,7 @@ static int nf_conntrack_event_init_sysctl(struct net *net)
 	table[1].data = &net->ct.sysctl_events_retry_timeout;
 
 	net->ct.event_sysctl_header =
-		register_net_sysctl_table(net,
-					  nf_net_netfilter_sysctl_path, table);
+		register_net_sysctl(net, "net/netfilter", table);
 	if (!net->ct.event_sysctl_header) {
 		printk(KERN_ERR "nf_ct_event: can't register to sysctl.\n");
 		goto out_register;
diff --git a/net/netfilter/nf_conntrack_proto_dccp.c b/net/netfilter/nf_conntrack_proto_dccp.c
index a58998d..ef706a4 100644
--- a/net/netfilter/nf_conntrack_proto_dccp.c
+++ b/net/netfilter/nf_conntrack_proto_dccp.c
@@ -910,8 +910,8 @@ static __net_init int dccp_net_init(struct net *net)
 	dn->sysctl_table[6].data = &dn->dccp_timeout[CT_DCCP_TIMEWAIT];
 	dn->sysctl_table[7].data = &dn->dccp_loose;
 
-	dn->sysctl_header = register_net_sysctl_table(net,
-			nf_net_netfilter_sysctl_path, dn->sysctl_table);
+	dn->sysctl_header = register_net_sysctl(net, "net/netfilter",
+						dn->sysctl_table);
 	if (!dn->sysctl_header) {
 		kfree(dn->sysctl_table);
 		return -ENOMEM;
diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c
index 0c3888d..9b39432 100644
--- a/net/netfilter/nf_conntrack_standalone.c
+++ b/net/netfilter/nf_conntrack_standalone.c
@@ -468,18 +468,13 @@ static ctl_table nf_ct_netfilter_table[] = {
 	{ }
 };
 
-static struct ctl_path nf_ct_path[] = {
-	{ .procname = "net", },
-	{ }
-};
-
 static int nf_conntrack_standalone_init_sysctl(struct net *net)
 {
 	struct ctl_table *table;
 
 	if (net_eq(net, &init_net)) {
 		nf_ct_netfilter_header =
-		       register_net_sysctl_table(&init_net, nf_ct_path, nf_ct_netfilter_table);
+		       register_net_sysctl(&init_net, "net", nf_ct_netfilter_table);
 		if (!nf_ct_netfilter_header)
 			goto out;
 	}
@@ -494,8 +489,7 @@ static int nf_conntrack_standalone_init_sysctl(struct net *net)
 	table[3].data = &net->ct.sysctl_checksum;
 	table[4].data = &net->ct.sysctl_log_invalid;
 
-	net->ct.sysctl_header = register_net_sysctl_table(net,
-					nf_net_netfilter_sysctl_path, table);
+	net->ct.sysctl_header = register_net_sysctl(net, "net/netfilter", table);
 	if (!net->ct.sysctl_header)
 		goto out_unregister_netfilter;
 
diff --git a/net/netfilter/nf_conntrack_timestamp.c b/net/netfilter/nf_conntrack_timestamp.c
index e8d27af..dbb364f 100644
--- a/net/netfilter/nf_conntrack_timestamp.c
+++ b/net/netfilter/nf_conntrack_timestamp.c
@@ -51,8 +51,8 @@ static int nf_conntrack_tstamp_init_sysctl(struct net *net)
 
 	table[0].data = &net->ct.sysctl_tstamp;
 
-	net->ct.tstamp_sysctl_header = register_net_sysctl_table(net,
-			nf_net_netfilter_sysctl_path, table);
+	net->ct.tstamp_sysctl_header = register_net_sysctl(net,	"net/netfilter",
+							   table);
 	if (!net->ct.tstamp_sysctl_header) {
 		printk(KERN_ERR "nf_ct_tstamp: can't register to sysctl.\n");
 		goto out_register;
diff --git a/net/netfilter/nf_log.c b/net/netfilter/nf_log.c
index 04fca48..703fb26 100644
--- a/net/netfilter/nf_log.c
+++ b/net/netfilter/nf_log.c
@@ -214,13 +214,6 @@ static const struct file_operations nflog_file_ops = {
 #endif /* PROC_FS */
 
 #ifdef CONFIG_SYSCTL
-static struct ctl_path nf_log_sysctl_path[] = {
-	{ .procname = "net", },
-	{ .procname = "netfilter", },
-	{ .procname = "nf_log", },
-	{ }
-};
-
 static char nf_log_sysctl_fnames[NFPROTO_NUMPROTO-NFPROTO_UNSPEC][3];
 static struct ctl_table nf_log_sysctl_table[NFPROTO_NUMPROTO+1];
 static struct ctl_table_header *nf_log_dir_header;
@@ -283,7 +276,7 @@ static __init int netfilter_log_sysctl_init(void)
 		nf_log_sysctl_table[i].extra1 = (void *)(unsigned long) i;
 	}
 
-	nf_log_dir_header = register_net_sysctl_table(&init_net, nf_log_sysctl_path,
+	nf_log_dir_header = register_net_sysctl(&init_net, "net/netfilter/nf_log",
 				       nf_log_sysctl_table);
 	if (!nf_log_dir_header)
 		return -ENOMEM;
diff --git a/net/netrom/sysctl_net_netrom.c b/net/netrom/sysctl_net_netrom.c
index 4ed149e..42f630b 100644
--- a/net/netrom/sysctl_net_netrom.c
+++ b/net/netrom/sysctl_net_netrom.c
@@ -146,15 +146,9 @@ static ctl_table nr_table[] = {
 	{ }
 };
 
-static struct ctl_path nr_path[] = {
-	{ .procname = "net", },
-	{ .procname = "netrom", },
-	{ }
-};
-
 void __init nr_register_sysctl(void)
 {
-	nr_table_header = register_net_sysctl_table(&init_net, nr_path, nr_table);
+	nr_table_header = register_net_sysctl(&init_net, "net/netrom", nr_table);
 }
 
 void nr_unregister_sysctl(void)
diff --git a/net/phonet/sysctl.c b/net/phonet/sysctl.c
index aa55db5..696348f 100644
--- a/net/phonet/sysctl.c
+++ b/net/phonet/sysctl.c
@@ -98,15 +98,9 @@ static struct ctl_table phonet_table[] = {
 	{ }
 };
 
-static struct ctl_path phonet_ctl_path[] = {
-	{ .procname = "net", },
-	{ .procname = "phonet", },
-	{ },
-};
-
 int __init phonet_sysctl_init(void)
 {
-	phonet_table_hrd = register_net_sysctl_table(&init_net, phonet_ctl_path, phonet_table);
+	phonet_table_hrd = register_net_sysctl(&init_net, "net/phonet", phonet_table);
 	return phonet_table_hrd == NULL ? -ENOMEM : 0;
 }
 
diff --git a/net/rds/ib_sysctl.c b/net/rds/ib_sysctl.c
index 0fef3e1..7e643ba 100644
--- a/net/rds/ib_sysctl.c
+++ b/net/rds/ib_sysctl.c
@@ -106,13 +106,6 @@ static ctl_table rds_ib_sysctl_table[] = {
 	{ }
 };
 
-static struct ctl_path rds_ib_sysctl_path[] = {
-	{ .procname = "net", },
-	{ .procname = "rds", },
-	{ .procname = "ib", },
-	{ }
-};
-
 void rds_ib_sysctl_exit(void)
 {
 	if (rds_ib_sysctl_hdr)
@@ -121,7 +114,7 @@ void rds_ib_sysctl_exit(void)
 
 int rds_ib_sysctl_init(void)
 {
-	rds_ib_sysctl_hdr = register_net_sysctl_table(&init_net, rds_ib_sysctl_path, rds_ib_sysctl_table);
+	rds_ib_sysctl_hdr = register_net_sysctl(&init_net, "net/rds/ib", rds_ib_sysctl_table);
 	if (!rds_ib_sysctl_hdr)
 		return -ENOMEM;
 	return 0;
diff --git a/net/rds/iw_sysctl.c b/net/rds/iw_sysctl.c
index bcfe36d..5d5ebd5 100644
--- a/net/rds/iw_sysctl.c
+++ b/net/rds/iw_sysctl.c
@@ -109,13 +109,6 @@ static ctl_table rds_iw_sysctl_table[] = {
 	{ }
 };
 
-static struct ctl_path rds_iw_sysctl_path[] = {
-	{ .procname = "net", },
-	{ .procname = "rds", },
-	{ .procname = "iw", },
-	{ }
-};
-
 void rds_iw_sysctl_exit(void)
 {
 	if (rds_iw_sysctl_hdr)
@@ -124,7 +117,7 @@ void rds_iw_sysctl_exit(void)
 
 int rds_iw_sysctl_init(void)
 {
-	rds_iw_sysctl_hdr = register_net_sysctl_table(&init_net, rds_iw_sysctl_path, rds_iw_sysctl_table);
+	rds_iw_sysctl_hdr = register_net_sysctl(&init_net, "net/rds/iw", rds_iw_sysctl_table);
 	if (!rds_iw_sysctl_hdr)
 		return -ENOMEM;
 	return 0;
diff --git a/net/rds/sysctl.c b/net/rds/sysctl.c
index 30354b8..907214b 100644
--- a/net/rds/sysctl.c
+++ b/net/rds/sysctl.c
@@ -92,13 +92,6 @@ static ctl_table rds_sysctl_rds_table[] = {
 	{ }
 };
 
-static struct ctl_path rds_sysctl_path[] = {
-	{ .procname = "net", },
-	{ .procname = "rds", },
-	{ }
-};
-
-
 void rds_sysctl_exit(void)
 {
 	if (rds_sysctl_reg_table)
@@ -110,7 +103,7 @@ int rds_sysctl_init(void)
 	rds_sysctl_reconnect_min = msecs_to_jiffies(1);
 	rds_sysctl_reconnect_min_jiffies = rds_sysctl_reconnect_min;
 
-	rds_sysctl_reg_table = register_net_sysctl_table(&init_net, rds_sysctl_path, rds_sysctl_rds_table);
+	rds_sysctl_reg_table = register_net_sysctl(&init_net,"net/rds", rds_sysctl_rds_table);
 	if (!rds_sysctl_reg_table)
 		return -ENOMEM;
 	return 0;
diff --git a/net/rose/sysctl_net_rose.c b/net/rose/sysctl_net_rose.c
index 02b7397..94ca9c2 100644
--- a/net/rose/sysctl_net_rose.c
+++ b/net/rose/sysctl_net_rose.c
@@ -118,15 +118,9 @@ static ctl_table rose_table[] = {
 	{ }
 };
 
-static struct ctl_path rose_path[] = {
-	{ .procname = "net", },
-	{ .procname = "rose", },
-	{ }
-};
-
 void __init rose_register_sysctl(void)
 {
-	rose_table_header = register_net_sysctl_table(&init_net, rose_path, rose_table);
+	rose_table_header = register_net_sysctl(&init_net, "net/rose", rose_table);
 }
 
 void rose_unregister_sysctl(void)
diff --git a/net/sctp/sysctl.c b/net/sctp/sysctl.c
index 1e385b4..e5fe639 100644
--- a/net/sctp/sysctl.c
+++ b/net/sctp/sysctl.c
@@ -275,18 +275,12 @@ static ctl_table sctp_table[] = {
 	{ /* sentinel */ }
 };
 
-static struct ctl_path sctp_path[] = {
-	{ .procname = "net", },
-	{ .procname = "sctp", },
-	{ }
-};
-
 static struct ctl_table_header * sctp_sysctl_header;
 
 /* Sysctl registration.  */
 void sctp_sysctl_register(void)
 {
-	sctp_sysctl_header = register_net_sysctl_table(&init_net, sctp_path, sctp_table);
+	sctp_sysctl_header = register_net_sysctl(&init_net, "net/sctp", sctp_table);
 }
 
 /* Sysctl deregistration.  */
diff --git a/net/unix/sysctl_net_unix.c b/net/unix/sysctl_net_unix.c
index 4f6979c..b34b5b9 100644
--- a/net/unix/sysctl_net_unix.c
+++ b/net/unix/sysctl_net_unix.c
@@ -26,12 +26,6 @@ static ctl_table unix_table[] = {
 	{ }
 };
 
-static struct ctl_path unix_path[] = {
-	{ .procname = "net", },
-	{ .procname = "unix", },
-	{ },
-};
-
 int __net_init unix_sysctl_register(struct net *net)
 {
 	struct ctl_table *table;
@@ -41,7 +35,7 @@ int __net_init unix_sysctl_register(struct net *net)
 		goto err_alloc;
 
 	table[0].data = &net->unx.sysctl_max_dgram_qlen;
-	net->unx.ctl = register_net_sysctl_table(net, unix_path, table);
+	net->unx.ctl = register_net_sysctl(net, "net/unix", table);
 	if (net->unx.ctl == NULL)
 		goto err_reg;
 
diff --git a/net/x25/sysctl_net_x25.c b/net/x25/sysctl_net_x25.c
index 08337cb..4323952 100644
--- a/net/x25/sysctl_net_x25.c
+++ b/net/x25/sysctl_net_x25.c
@@ -73,15 +73,9 @@ static struct ctl_table x25_table[] = {
 	{ 0, },
 };
 
-static struct ctl_path x25_path[] = {
-	{ .procname = "net", },
-	{ .procname = "x25", },
-	{ }
-};
-
 void __init x25_register_sysctl(void)
 {
-	x25_table_header = register_net_sysctl_table(&init_net, x25_path, x25_table);
+	x25_table_header = register_net_sysctl(&init_net, "net/x25", x25_table);
 }
 
 void x25_unregister_sysctl(void)
diff --git a/net/xfrm/xfrm_sysctl.c b/net/xfrm/xfrm_sysctl.c
index 05640bc..380976f 100644
--- a/net/xfrm/xfrm_sysctl.c
+++ b/net/xfrm/xfrm_sysctl.c
@@ -54,7 +54,7 @@ int __net_init xfrm_sysctl_init(struct net *net)
 	table[2].data = &net->xfrm.sysctl_larval_drop;
 	table[3].data = &net->xfrm.sysctl_acq_expires;
 
-	net->xfrm.sysctl_hdr = register_net_sysctl_table(net, net_core_path, table);
+	net->xfrm.sysctl_hdr = register_net_sysctl(net, "net/core", table);
 	if (!net->xfrm.sysctl_hdr)
 		goto out_register;
 	return 0;
-- 
1.7.2.5

^ permalink raw reply related	[flat|nested] 33+ messages in thread

* [PATCH net-next 18/19] net: Delete all remaining instances of ctl_path
  2012-04-19 23:17 [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Eric W. Biederman
                   ` (16 preceding siblings ...)
  2012-04-19 23:44 ` [PATCH net-next 17/19] net: Convert all sysctl registrations to register_net_sysctl Eric W. Biederman
@ 2012-04-19 23:45 ` Eric W. Biederman
  2012-04-19 23:46 ` [PATCH net-next 19/19] net: Remove register_net_sysctl_table Eric W. Biederman
  2012-04-20  8:45 ` [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Pavel Emelyanov
  19 siblings, 0 replies; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-19 23:45 UTC (permalink / raw)
  To: David Miller
  Cc: netdev, Serge E. Hallyn, Gao feng, pablo, Stephen Hemminger,
	Pavel Emelyanov


We don't use struct ctl_path anymore so delete the exported constants.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
---
 include/linux/netfilter.h      |    6 ------
 include/net/ip.h               |    3 ---
 include/net/ip_vs.h            |    2 --
 include/net/ipv6.h             |    1 -
 net/core/sysctl_net_core.c     |    6 ------
 net/ipv4/netfilter.c           |   10 ----------
 net/ipv4/sysctl_net_ipv4.c     |    7 -------
 net/ipv6/sysctl_net_ipv6.c     |    7 -------
 net/netfilter/core.c           |    9 ---------
 net/netfilter/ipvs/ip_vs_ctl.c |    7 -------
 10 files changed, 0 insertions(+), 58 deletions(-)

diff --git a/include/linux/netfilter.h b/include/linux/netfilter.h
index 29734be..ff9c84c 100644
--- a/include/linux/netfilter.h
+++ b/include/linux/netfilter.h
@@ -154,12 +154,6 @@ void nf_unregister_hooks(struct nf_hook_ops *reg, unsigned int n);
 int nf_register_sockopt(struct nf_sockopt_ops *reg);
 void nf_unregister_sockopt(struct nf_sockopt_ops *reg);
 
-#ifdef CONFIG_SYSCTL
-/* Sysctl registration */
-extern struct ctl_path nf_net_netfilter_sysctl_path[];
-extern struct ctl_path nf_net_ipv4_netfilter_sysctl_path[];
-#endif /* CONFIG_SYSCTL */
-
 extern struct list_head nf_hooks[NFPROTO_NUMPROTO][NF_MAX_HOOKS];
 
 #if defined(CONFIG_JUMP_LABEL)
diff --git a/include/net/ip.h b/include/net/ip.h
index b53d65f..94ddb69c 100644
--- a/include/net/ip.h
+++ b/include/net/ip.h
@@ -222,9 +222,6 @@ static inline int inet_is_reserved_local_port(int port)
 
 extern int sysctl_ip_nonlocal_bind;
 
-extern struct ctl_path net_core_path[];
-extern struct ctl_path net_ipv4_ctl_path[];
-
 /* From inetpeer.c */
 extern int inet_peer_threshold;
 extern int inet_peer_minttl;
diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h
index a903a82..990216d 100644
--- a/include/net/ip_vs.h
+++ b/include/net/ip_vs.h
@@ -10,7 +10,6 @@
 
 #include <asm/types.h>                  /* for __uXX types */
 
-#include <linux/sysctl.h>               /* for ctl_path */
 #include <linux/list.h>                 /* for struct list_head */
 #include <linux/spinlock.h>             /* for struct rwlock_t */
 #include <linux/atomic.h>                 /* for struct atomic_t */
@@ -1184,7 +1183,6 @@ extern void ip_vs_scheduler_err(struct ip_vs_service *svc, const char *msg);
  *      IPVS control data and functions (from ip_vs_ctl.c)
  */
 extern struct ip_vs_stats ip_vs_stats;
-extern const struct ctl_path net_vs_ctl_path[];
 extern int sysctl_ip_vs_sync_ver;
 
 extern void ip_vs_sync_switch_mode(struct net *net, int mode);
diff --git a/include/net/ipv6.h b/include/net/ipv6.h
index e1a85ad..4332e9a 100644
--- a/include/net/ipv6.h
+++ b/include/net/ipv6.h
@@ -113,7 +113,6 @@ struct frag_hdr {
 
 /* sysctls */
 extern int sysctl_mld_max_msf;
-extern struct ctl_path net_ipv6_ctl_path[];
 
 #define _DEVINC(net, statname, modifier, idev, field)			\
 ({									\
diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c
index 286d739..92d2324 100644
--- a/net/core/sysctl_net_core.c
+++ b/net/core/sysctl_net_core.c
@@ -202,12 +202,6 @@ static struct ctl_table netns_core_table[] = {
 	{ }
 };
 
-__net_initdata struct ctl_path net_core_path[] = {
-	{ .procname = "net", },
-	{ .procname = "core", },
-	{ },
-};
-
 static __net_init int sysctl_core_net_init(struct net *net)
 {
 	struct ctl_table *tbl;
diff --git a/net/ipv4/netfilter.c b/net/ipv4/netfilter.c
index 3cd8c58..ed1b367 100644
--- a/net/ipv4/netfilter.c
+++ b/net/ipv4/netfilter.c
@@ -237,13 +237,3 @@ static void ipv4_netfilter_fini(void)
 
 module_init(ipv4_netfilter_init);
 module_exit(ipv4_netfilter_fini);
-
-#ifdef CONFIG_SYSCTL
-struct ctl_path nf_net_ipv4_netfilter_sysctl_path[] = {
-	{ .procname = "net", },
-	{ .procname = "ipv4", },
-	{ .procname = "netfilter", },
-	{ }
-};
-EXPORT_SYMBOL_GPL(nf_net_ipv4_netfilter_sysctl_path);
-#endif /* CONFIG_SYSCTL */
diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c
index 56e64f7..33417f8 100644
--- a/net/ipv4/sysctl_net_ipv4.c
+++ b/net/ipv4/sysctl_net_ipv4.c
@@ -768,13 +768,6 @@ static struct ctl_table ipv4_net_table[] = {
 	{ }
 };
 
-struct ctl_path net_ipv4_ctl_path[] = {
-	{ .procname = "net", },
-	{ .procname = "ipv4", },
-	{ },
-};
-EXPORT_SYMBOL_GPL(net_ipv4_ctl_path);
-
 static __net_init int ipv4_sysctl_init_net(struct net *net)
 {
 	struct ctl_table *table;
diff --git a/net/ipv6/sysctl_net_ipv6.c b/net/ipv6/sysctl_net_ipv6.c
index a52d820..e85c48b 100644
--- a/net/ipv6/sysctl_net_ipv6.c
+++ b/net/ipv6/sysctl_net_ipv6.c
@@ -38,13 +38,6 @@ static ctl_table ipv6_rotable[] = {
 	{ }
 };
 
-struct ctl_path net_ipv6_ctl_path[] = {
-	{ .procname = "net", },
-	{ .procname = "ipv6", },
-	{ },
-};
-EXPORT_SYMBOL_GPL(net_ipv6_ctl_path);
-
 static int __net_init ipv6_sysctl_net_init(struct net *net)
 {
 	struct ctl_table *ipv6_table;
diff --git a/net/netfilter/core.c b/net/netfilter/core.c
index e1b7e05..e19f365 100644
--- a/net/netfilter/core.c
+++ b/net/netfilter/core.c
@@ -290,12 +290,3 @@ void __init netfilter_init(void)
 	if (netfilter_log_init() < 0)
 		panic("cannot initialize nf_log");
 }
-
-#ifdef CONFIG_SYSCTL
-struct ctl_path nf_net_netfilter_sysctl_path[] = {
-	{ .procname = "net", },
-	{ .procname = "netfilter", },
-	{ }
-};
-EXPORT_SYMBOL_GPL(nf_net_netfilter_sysctl_path);
-#endif /* CONFIG_SYSCTL */
diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
index a606d6b..e3707d2 100644
--- a/net/netfilter/ipvs/ip_vs_ctl.c
+++ b/net/netfilter/ipvs/ip_vs_ctl.c
@@ -1846,13 +1846,6 @@ static struct ctl_table vs_vars[] = {
 	{ }
 };
 
-const struct ctl_path net_vs_ctl_path[] = {
-	{ .procname = "net", },
-	{ .procname = "ipv4", },
-	{ .procname = "vs", },
-	{ }
-};
-EXPORT_SYMBOL_GPL(net_vs_ctl_path);
 #endif
 
 #ifdef CONFIG_PROC_FS
-- 
1.7.2.5

^ permalink raw reply related	[flat|nested] 33+ messages in thread

* [PATCH net-next 19/19] net: Remove register_net_sysctl_table
  2012-04-19 23:17 [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Eric W. Biederman
                   ` (17 preceding siblings ...)
  2012-04-19 23:45 ` [PATCH net-next 18/19] net: Delete all remaining instances of ctl_path Eric W. Biederman
@ 2012-04-19 23:46 ` Eric W. Biederman
  2012-04-20  8:45 ` [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Pavel Emelyanov
  19 siblings, 0 replies; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-19 23:46 UTC (permalink / raw)
  To: David Miller
  Cc: netdev, Serge E. Hallyn, Gao feng, pablo, Stephen Hemminger,
	Pavel Emelyanov


All of the users have been converted to use registera_net_sysctl so we
no longer need register_net_sysctl.

Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
---
 include/net/net_namespace.h |    3 ---
 net/sysctl_net.c            |    7 -------
 2 files changed, 0 insertions(+), 10 deletions(-)

diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h
index 6413fcb..3ee4a3d 100644
--- a/include/net/net_namespace.h
+++ b/include/net/net_namespace.h
@@ -279,7 +279,6 @@ extern void unregister_pernet_subsys(struct pernet_operations *);
 extern int register_pernet_device(struct pernet_operations *);
 extern void unregister_pernet_device(struct pernet_operations *);
 
-struct ctl_path;
 struct ctl_table;
 struct ctl_table_header;
 
@@ -288,8 +287,6 @@ extern int net_sysctl_init(void);
 #else
 static inline int net_sysctl_init(void) { return 0; }
 #endif
-extern struct ctl_table_header *register_net_sysctl_table(struct net *net,
-	const struct ctl_path *path, struct ctl_table *table);
 extern struct ctl_table_header *register_net_sysctl(struct net *net,
 	const char *path, struct ctl_table *table);
 extern void unregister_net_sysctl_table(struct ctl_table_header *header);
diff --git a/net/sysctl_net.c b/net/sysctl_net.c
index 2b8d1d9..f3e813a 100644
--- a/net/sysctl_net.c
+++ b/net/sysctl_net.c
@@ -95,13 +95,6 @@ out:
 	return ret;
 }
 
-struct ctl_table_header *register_net_sysctl_table(struct net *net,
-	const struct ctl_path *path, struct ctl_table *table)
-{
-	return __register_sysctl_paths(&net->sysctls, path, table);
-}
-EXPORT_SYMBOL_GPL(register_net_sysctl_table);
-
 struct ctl_table_header *register_net_sysctl(struct net *net,
 	const char *path, struct ctl_table *table)
 {
-- 
1.7.2.5

^ permalink raw reply related	[flat|nested] 33+ messages in thread

* Re: [PATCH net-next 12/19] net neighbour:  Convert to use register_net_sysctl
  2012-04-19 23:38 ` [PATCH net-next 12/19] net neighbour: Convert to use register_net_sysctl Eric W. Biederman
@ 2012-04-20  5:21   ` Pavel Emelyanov
  2012-04-20  7:25     ` Eric W. Biederman
  0 siblings, 1 reply; 33+ messages in thread
From: Pavel Emelyanov @ 2012-04-20  5:21 UTC (permalink / raw)
  To: Eric W. Biederman
  Cc: David Miller, netdev, Serge E. Hallyn, Gao feng, pablo,
	Stephen Hemminger

> @@ -2925,19 +2924,7 @@ int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p,
>  {
>  	struct neigh_sysctl_table *t;
>  	const char *dev_name_source = NULL;
> -
> -#define NEIGH_CTL_PATH_ROOT	0
> -#define NEIGH_CTL_PATH_PROTO	1
> -#define NEIGH_CTL_PATH_NEIGH	2
> -#define NEIGH_CTL_PATH_DEV	3
> -
> -	struct ctl_path neigh_path[] = {
> -		{ .procname = "net",	 },
> -		{ .procname = "proto",	 },
> -		{ .procname = "neigh",	 },
> -		{ .procname = "default", },
> -		{ },
> -	};
> +	char neigh_path[ sizeof("net//neigh/") + IFNAMSIZ + IFNAMSIZ ];

Why two IFNAMSIZ-es? One is for the dev->name, but the other one is not.
Is it just for not having any other better constant at hands?

>  	t = kmemdup(&neigh_sysctl_template, sizeof(*t), GFP_KERNEL);
>  	if (!t)

^ permalink raw reply	[flat|nested] 33+ messages in thread

* Re: [PATCH net-next 01/19] net: Implement register_net_sysctl.
  2012-04-19 23:18 ` [PATCH net-next 01/19] net: Implement register_net_sysctl Eric W. Biederman
@ 2012-04-20  5:27   ` Pavel Emelyanov
  2012-04-20  8:11     ` Eric W. Biederman
  0 siblings, 1 reply; 33+ messages in thread
From: Pavel Emelyanov @ 2012-04-20  5:27 UTC (permalink / raw)
  To: Eric W. Biederman
  Cc: David Miller, netdev, Serge E. Hallyn, Gao feng, pablo,
	Stephen Hemminger

> @@ -117,6 +117,13 @@ struct ctl_table_header *register_net_sysctl_rotable(const
>  }
>  EXPORT_SYMBOL_GPL(register_net_sysctl_rotable);
>  
> +struct ctl_table_header *register_net_sysctl(struct net *net,
> +	const char *path, struct ctl_table *table)
> +{
> +	return __register_sysctl_table(&net->sysctls, path, table);

Eric, am I right, that after this all sysctl-s registered in init_net will
not be even visible in the non-init net namespaces?

If I'm not mistaken, before this all non-virtualized, i.e. "global" sysctls
were read-only in sub net namespaces and that solved lots of problems for us.

> +}
> +EXPORT_SYMBOL_GPL(register_net_sysctl);
> +
>  void unregister_net_sysctl_table(struct ctl_table_header *header)
>  {
>  	unregister_sysctl_table(header);

^ permalink raw reply	[flat|nested] 33+ messages in thread

* Re: [PATCH net-next 12/19] net neighbour:  Convert to use register_net_sysctl
  2012-04-20  5:21   ` Pavel Emelyanov
@ 2012-04-20  7:25     ` Eric W. Biederman
  2012-04-22  2:36       ` Ben Hutchings
  0 siblings, 1 reply; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-20  7:25 UTC (permalink / raw)
  To: Pavel Emelyanov
  Cc: David Miller, netdev, Serge E. Hallyn, Gao feng, pablo,
	Stephen Hemminger

Pavel Emelyanov <xemul@parallels.com> writes:

>> @@ -2925,19 +2924,7 @@ int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p,
>>  {
>>  	struct neigh_sysctl_table *t;
>>  	const char *dev_name_source = NULL;
>> -
>> -#define NEIGH_CTL_PATH_ROOT	0
>> -#define NEIGH_CTL_PATH_PROTO	1
>> -#define NEIGH_CTL_PATH_NEIGH	2
>> -#define NEIGH_CTL_PATH_DEV	3
>> -
>> -	struct ctl_path neigh_path[] = {
>> -		{ .procname = "net",	 },
>> -		{ .procname = "proto",	 },
>> -		{ .procname = "neigh",	 },
>> -		{ .procname = "default", },
>> -		{ },
>> -	};
>> +	char neigh_path[ sizeof("net//neigh/") + IFNAMSIZ + IFNAMSIZ ];
>
> Why two IFNAMSIZ-es? One is for the dev->name, but the other one is not.
> Is it just for not having any other better constant at hands?

Yep.  We don't seem to have any proto name size constants, and all
of decnet ipv4 and ipv6 are all shorter than the 16 bytes of IFNAMSIZ.

Even if I am wrong the snprintf below truncates it's output to the
buffer size and null terminates it so in the worst case we won't cause
a buffer overflow, we will just get a truncated path name to pass
to sysctl.

Shrug I stopped at good enough but I am happy for a better number.

Eric

>>  	t = kmemdup(&neigh_sysctl_template, sizeof(*t), GFP_KERNEL);
>>  	if (!t)

^ permalink raw reply	[flat|nested] 33+ messages in thread

* Re: [PATCH net-next 01/19] net: Implement register_net_sysctl.
  2012-04-20  5:27   ` Pavel Emelyanov
@ 2012-04-20  8:11     ` Eric W. Biederman
  2012-04-20  8:45       ` Pavel Emelyanov
  0 siblings, 1 reply; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-20  8:11 UTC (permalink / raw)
  To: Pavel Emelyanov
  Cc: David Miller, netdev, Serge E. Hallyn, Gao feng, pablo,
	Stephen Hemminger

Pavel Emelyanov <xemul@parallels.com> writes:

>> @@ -117,6 +117,13 @@ struct ctl_table_header *register_net_sysctl_rotable(const
>>  }
>>  EXPORT_SYMBOL_GPL(register_net_sysctl_rotable);
>>  
>> +struct ctl_table_header *register_net_sysctl(struct net *net,
>> +	const char *path, struct ctl_table *table)
>> +{
>> +	return __register_sysctl_table(&net->sysctls, path, table);
>
> Eric, am I right, that after this all sysctl-s registered in init_net will
> not be even visible in the non-init net namespaces?

Yes.

> If I'm not mistaken, before this all non-virtualized, i.e. "global" sysctls
> were read-only in sub net namespaces and that solved lots of problems for us.

Nope.  There are only 4 sysctls that were both global and read only, and
coincidentally I shoved them all into the initial network namespace in
patch 4.

So this part of the discussion really belongs about patch 4 but whatever.

In principle I don't mind the technique of sysctls that are writable
in the initial network namespace and readable everywhere else.  I hate
the name register_net_sysctl_rotable because it suggests that every
sysctl in the table will all be read-only or something like that.

In practice I think where we are at with converting and looking at
sysctls is disaster.

- People complain and want bad hacks so they can avoid writing to
  sysctls in containers but don't seem to work on the clean solutions.

- It is not discoverable which sysctls are per network namespace.

- We have only made a grand total 4 sysctls (in 3 tables) writable
  in the initial network namespace readable everywhere else.

So I think the best path forward is to just shove all sysctls that
aren't per network namespace into the initial network namespace so that
it is abundantly clear that they are not per network namespace, and
the fix the sysctls that people care about to be per network namespace.

I do admit their is actual interest in fixing some of the non-converted
netfliter sysctls.  So my perception of the situation may be wrong, but
right now I honestly think we have been too clever and no one knows what
is going on or cares enough to pay detailed attention.

Eric

^ permalink raw reply	[flat|nested] 33+ messages in thread

* Re: [PATCH net-next 01/19] net: Implement register_net_sysctl.
  2012-04-20  8:11     ` Eric W. Biederman
@ 2012-04-20  8:45       ` Pavel Emelyanov
  0 siblings, 0 replies; 33+ messages in thread
From: Pavel Emelyanov @ 2012-04-20  8:45 UTC (permalink / raw)
  To: Eric W. Biederman
  Cc: David Miller, netdev, Serge E. Hallyn, Gao feng, pablo,
	Stephen Hemminger

On 04/20/2012 12:11 PM, Eric W. Biederman wrote:
> Pavel Emelyanov <xemul@parallels.com> writes:
> 
>>> @@ -117,6 +117,13 @@ struct ctl_table_header *register_net_sysctl_rotable(const
>>>  }
>>>  EXPORT_SYMBOL_GPL(register_net_sysctl_rotable);
>>>  
>>> +struct ctl_table_header *register_net_sysctl(struct net *net,
>>> +	const char *path, struct ctl_table *table)
>>> +{
>>> +	return __register_sysctl_table(&net->sysctls, path, table);
>>
>> Eric, am I right, that after this all sysctl-s registered in init_net will
>> not be even visible in the non-init net namespaces?
> 
> Yes.
> 
>> If I'm not mistaken, before this all non-virtualized, i.e. "global" sysctls
>> were read-only in sub net namespaces and that solved lots of problems for us.
> 
> Nope.  There are only 4 sysctls that were both global and read only, and
> coincidentally I shoved them all into the initial network namespace in
> patch 4.

OK, thanks.

> So this part of the discussion really belongs about patch 4 but whatever.
> 
> In principle I don't mind the technique of sysctls that are writable
> in the initial network namespace and readable everywhere else.  I hate
> the name register_net_sysctl_rotable because it suggests that every
> sysctl in the table will all be read-only or something like that.
> 
> In practice I think where we are at with converting and looking at
> sysctls is disaster.
> 
> - People complain and want bad hacks so they can avoid writing to
>   sysctls in containers but don't seem to work on the clean solutions.
> 
> - It is not discoverable which sysctls are per network namespace.
> 
> - We have only made a grand total 4 sysctls (in 3 tables) writable
>   in the initial network namespace readable everywhere else.
> 
> So I think the best path forward is to just shove all sysctls that
> aren't per network namespace into the initial network namespace so that
> it is abundantly clear that they are not per network namespace, and
> the fix the sysctls that people care about to be per network namespace.

Agree.

> I do admit their is actual interest in fixing some of the non-converted
> netfliter sysctls.  So my perception of the situation may be wrong, but
> right now I honestly think we have been too clever and no one knows what
> is going on or cares enough to pay detailed attention.

We constantly see two types of problems with proc files and sysctls.
Various apps fail to work if they cannot do either of two

1. find some sysctl without trying to do anything with it
2. write to some sysctl without checking for the actual result

I don't see the ways of fixing any of the above in the generic way. However
step #1 can be ... work-around-ed by making all non-virtualized sysctls RO
in containers, but this is also not a perfect solution.

> Eric
> 
> .
> 

^ permalink raw reply	[flat|nested] 33+ messages in thread

* Re: [PATCH net-next 00/19] net: Sysctl simplifications and enhancements
  2012-04-19 23:17 [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Eric W. Biederman
                   ` (18 preceding siblings ...)
  2012-04-19 23:46 ` [PATCH net-next 19/19] net: Remove register_net_sysctl_table Eric W. Biederman
@ 2012-04-20  8:45 ` Pavel Emelyanov
  2012-04-21  1:24   ` David Miller
  19 siblings, 1 reply; 33+ messages in thread
From: Pavel Emelyanov @ 2012-04-20  8:45 UTC (permalink / raw)
  To: Eric W. Biederman, David Miller
  Cc: netdev, Serge E. Hallyn, Gao feng, pablo, Stephen Hemminger

On 04/20/2012 03:17 AM, Eric W. Biederman wrote:
> 
> Summary:
> - Kill approximately 400 lines of code
> - Allow all networking sysctls with just CAP_NET_ADMIN
> - Hide all networking sysctls that don't apply to your current network namespace.
> - Uniformly register flat sysctl tables not sysctl tables with .child entries
> - Readable string paths for registering sysctls
> 
> Eric W. Biederman (19):
>       net: Implement register_net_sysctl.
>       net sysctl:  Register an empty /proc/sys/net
>       net sysctl: Initialize the network sysctls sooner to avoid problems.
>       net: Kill register_sysctl_rotable
>       net: Move all of the network sysctls without a namespace into init_net.
>       net core: Remove unneded creation of an empty  net/core sysctl directory
>       net ipv6: Remove unneded registration of an empty net/ipv6/neigh
>       net ipv4: Remove the unneeded registration of an empty net/ipv4/neigh
>       net ax25: Simplify and cleanup the ax25 sysctl handling.
>       net llc: Don't use sysctl tables with .child entries.
>       net ipv6: Don't use sysctl tables with .child entries.
>       net neighbour:  Convert to use register_net_sysctl
>       net decnet:  Convert to use register_net_sysctl
>       net ipv6:  Convert addrconf to use register_net_sysctl
>       net ipv4:  Convert devinet to use register_net_sysctl
>       net: Convert nf_conntrack_proto to use register_net_sysctl
>       net: Convert all sysctl registrations to register_net_sysctl
>       net: Delete all remaining instances of ctl_path
>       net: Remove register_net_sysctl_table

After resolving issues with Eric

Acked-by: Pavel Emelyanov <xemul@parallels.com>

Thanks,
Pavel

>  drivers/infiniband/core/ucma.c                 |   10 +--
>  include/linux/netfilter.h                      |    6 --
>  include/net/ax25.h                             |   10 ++--
>  include/net/ip.h                               |    3 -
>  include/net/ip_vs.h                            |    2 -
>  include/net/ipv6.h                             |    3 -
>  include/net/net_namespace.h                    |   12 ++--
>  include/net/netfilter/nf_conntrack_l3proto.h   |    2 +-
>  include/net/netns/ipv6.h                       |    4 +-
>  net/802/tr.c                                   |    8 +--
>  net/appletalk/sysctl_net_atalk.c               |   10 +--
>  net/ax25/af_ax25.c                             |    2 -
>  net/ax25/ax25_dev.c                            |   10 +--
>  net/ax25/sysctl_net_ax25.c                     |   82 ++++++++---------------
>  net/bridge/br_netfilter.c                      |   10 +--
>  net/core/neighbour.c                           |   35 ++--------
>  net/core/sysctl_net_core.c                     |   14 +----
>  net/dccp/sysctl.c                              |   11 +---
>  net/decnet/dn_dev.c                            |   21 ++-----
>  net/decnet/sysctl_net_decnet.c                 |   10 +--
>  net/ipv4/devinet.c                             |   39 ++----------
>  net/ipv4/ip_fragment.c                         |    4 +-
>  net/ipv4/netfilter.c                           |   10 ---
>  net/ipv4/netfilter/ip_queue.c                  |    6 +-
>  net/ipv4/netfilter/nf_conntrack_l3proto_ipv4.c |    2 +-
>  net/ipv4/route.c                               |   29 +--------
>  net/ipv4/sysctl_net_ipv4.c                     |   14 +---
>  net/ipv4/xfrm4_policy.c                        |    4 +-
>  net/ipv6/addrconf.c                            |   32 +--------
>  net/ipv6/af_inet6.c                            |   15 ----
>  net/ipv6/netfilter/ip6_queue.c                 |    6 +-
>  net/ipv6/netfilter/nf_conntrack_reasm.c        |    6 +-
>  net/ipv6/reassembly.c                          |    4 +-
>  net/ipv6/sysctl_net_ipv6.c                     |   83 +++++++-----------------
>  net/ipv6/xfrm6_policy.c                        |    4 +-
>  net/ipx/sysctl_net_ipx.c                       |   11 +--
>  net/irda/irsysctl.c                            |   10 +--
>  net/llc/sysctl_net_llc.c                       |   52 +++++----------
>  net/netfilter/core.c                           |    9 ---
>  net/netfilter/ipvs/ip_vs_ctl.c                 |   10 +---
>  net/netfilter/ipvs/ip_vs_lblc.c                |    3 +-
>  net/netfilter/ipvs/ip_vs_lblcr.c               |    3 +-
>  net/netfilter/nf_conntrack_acct.c              |    4 +-
>  net/netfilter/nf_conntrack_ecache.c            |    3 +-
>  net/netfilter/nf_conntrack_proto.c             |   10 ++--
>  net/netfilter/nf_conntrack_proto_dccp.c        |    4 +-
>  net/netfilter/nf_conntrack_standalone.c        |   14 +---
>  net/netfilter/nf_conntrack_timestamp.c         |    4 +-
>  net/netfilter/nf_log.c                         |    9 +--
>  net/netrom/sysctl_net_netrom.c                 |   10 +--
>  net/phonet/sysctl.c                            |   10 +--
>  net/rds/ib_sysctl.c                            |   11 +---
>  net/rds/iw_sysctl.c                            |   11 +---
>  net/rds/sysctl.c                               |   11 +---
>  net/rose/sysctl_net_rose.c                     |   10 +--
>  net/sctp/sysctl.c                              |   10 +--
>  net/socket.c                                   |    6 ++
>  net/sysctl_net.c                               |   45 ++++---------
>  net/unix/sysctl_net_unix.c                     |   10 +--
>  net/x25/sysctl_net_x25.c                       |   10 +--
>  net/xfrm/xfrm_sysctl.c                         |    2 +-
>  61 files changed, 209 insertions(+), 606 deletions(-)
> .
> 

^ permalink raw reply	[flat|nested] 33+ messages in thread

* Re: [PATCH net-next 04/19] net: Kill register_sysctl_rotable
  2012-04-19 23:22 ` [PATCH net-next 04/19] net: Kill register_sysctl_rotable Eric W. Biederman
@ 2012-04-20 13:53   ` Serge E. Hallyn
  2012-04-20 14:42     ` Eric W. Biederman
  0 siblings, 1 reply; 33+ messages in thread
From: Serge E. Hallyn @ 2012-04-20 13:53 UTC (permalink / raw)
  To: Eric W. Biederman
  Cc: David Miller, netdev, Serge E. Hallyn, Gao feng, pablo,
	Stephen Hemminger, Pavel Emelyanov

Quoting Eric W. Biederman (ebiederm@xmission.com):
> 
> register_sysctl_rotable never caught on as an interesting way to
> register sysctls.  My take on the situation is that what we want are
> sysctls that we can only see in the initial network namespace.  What we
> have implemented with register_sysctl_rotable are sysctls that we can
> see in all of the network namespaces and can only change in the initial
> network namespace.
> 
> That is a very silly way to go.  Just register the network sysctls
> in the initial network namespace and we don't have any weird special
> cases to deal with.
> 
> The sysctls affected are:
> /proc/sys/net/ipv4/ipfrag_secret_interval
> /proc/sys/net/ipv4/ipfrag_max_dist
> /proc/sys/net/ipv6/ip6frag_secret_interval
> /proc/sys/net/ipv6/mld_max_msf
> 
> I really don't expect anyone will miss them if they can't read them in a
> child user namespace.

If there was something userspace could do to work around certain values
of these settings then I'd say keeping the readonly values is worthwhile,
but AFAICS if a bad network context requires ipfrag_max_dist 0, there's
nothing userspace can do about it...

So from a container pov view at least, I'm happy with this.  I'm far from
qualified on the netns code itself, but taking a look in the unlikely case
I can spot something :)

> CC: Pavel Emelyanov <xemul@openvz.org>
> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
> ---
>  include/net/net_namespace.h |    2 --
>  net/core/sysctl_net_core.c  |    2 +-
>  net/ipv4/ip_fragment.c      |    2 +-
>  net/ipv6/reassembly.c       |    2 +-
>  net/ipv6/sysctl_net_ipv6.c  |    2 +-
>  net/sysctl_net.c            |   23 -----------------------
>  6 files changed, 4 insertions(+), 29 deletions(-)
> 
> diff --git a/include/net/net_namespace.h b/include/net/net_namespace.h
> index 767dcd40..6413fcb 100644
> --- a/include/net/net_namespace.h
> +++ b/include/net/net_namespace.h
> @@ -290,8 +290,6 @@ static inline int net_sysctl_init(void) { return 0; }
>  #endif
>  extern struct ctl_table_header *register_net_sysctl_table(struct net *net,
>  	const struct ctl_path *path, struct ctl_table *table);
> -extern struct ctl_table_header *register_net_sysctl_rotable(
> -	const struct ctl_path *path, struct ctl_table *table);
>  extern struct ctl_table_header *register_net_sysctl(struct net *net,
>  	const char *path, struct ctl_table *table);
>  extern void unregister_net_sysctl_table(struct ctl_table_header *header);
> diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c
> index cee5991..9504086 100644
> --- a/net/core/sysctl_net_core.c
> +++ b/net/core/sysctl_net_core.c
> @@ -257,7 +257,7 @@ static __init int sysctl_core_init(void)
>  	static struct ctl_table empty[1];
>  
>  	kmemleak_not_leak(register_sysctl_paths(net_core_path, empty));
> -	register_net_sysctl_rotable(net_core_path, net_core_table);
> +	register_net_sysctl(&init_net, "net/core", net_core_table);
>  	return register_pernet_subsys(&sysctl_core_ops);
>  }
>  
> diff --git a/net/ipv4/ip_fragment.c b/net/ipv4/ip_fragment.c
> index 3727e23..a746cca 100644
> --- a/net/ipv4/ip_fragment.c
> +++ b/net/ipv4/ip_fragment.c
> @@ -807,7 +807,7 @@ static void __net_exit ip4_frags_ns_ctl_unregister(struct net *net)
>  
>  static void ip4_frags_ctl_register(void)
>  {
> -	register_net_sysctl_rotable(net_ipv4_ctl_path, ip4_frags_ctl_table);
> +	register_net_sysctl(&init_net, "net/ipv4", ip4_frags_ctl_table);
>  }
>  #else
>  static inline int ip4_frags_ns_ctl_register(struct net *net)
> diff --git a/net/ipv6/reassembly.c b/net/ipv6/reassembly.c
> index 9447bd6..42f4f7c 100644
> --- a/net/ipv6/reassembly.c
> +++ b/net/ipv6/reassembly.c
> @@ -674,7 +674,7 @@ static struct ctl_table_header *ip6_ctl_header;
>  
>  static int ip6_frags_sysctl_register(void)
>  {
> -	ip6_ctl_header = register_net_sysctl_rotable(net_ipv6_ctl_path,
> +	ip6_ctl_header = register_net_sysctl(&init_net, "net/ipv6",
>  			ip6_frags_ctl_table);
>  	return ip6_ctl_header == NULL ? -ENOMEM : 0;
>  }
> diff --git a/net/ipv6/sysctl_net_ipv6.c b/net/ipv6/sysctl_net_ipv6.c
> index 166a57c..06f21e5 100644
> --- a/net/ipv6/sysctl_net_ipv6.c
> +++ b/net/ipv6/sysctl_net_ipv6.c
> @@ -140,7 +140,7 @@ int ipv6_sysctl_register(void)
>  {
>  	int err = -ENOMEM;
>  
> -	ip6_header = register_net_sysctl_rotable(net_ipv6_ctl_path, ipv6_rotable);
> +	ip6_header = register_net_sysctl(&init_net, "net/ipv6", ipv6_rotable);
>  	if (ip6_header == NULL)
>  		goto out;
>  
> diff --git a/net/sysctl_net.c b/net/sysctl_net.c
> index ce97237..2b8d1d9 100644
> --- a/net/sysctl_net.c
> +++ b/net/sysctl_net.c
> @@ -59,19 +59,6 @@ static struct ctl_table_root net_sysctl_root = {
>  	.permissions = net_ctl_permissions,
>  };
>  
> -static int net_ctl_ro_header_perms(struct ctl_table_root *root,
> -		struct nsproxy *namespaces, struct ctl_table *table)
> -{
> -	if (net_eq(namespaces->net_ns, &init_net))
> -		return table->mode;
> -	else
> -		return table->mode & ~0222;
> -}
> -
> -static struct ctl_table_root net_sysctl_ro_root = {
> -	.permissions = net_ctl_ro_header_perms,
> -};
> -
>  static int __net_init sysctl_net_init(struct net *net)
>  {
>  	setup_sysctl_set(&net->sysctls, &net_sysctl_root, is_seen);
> @@ -103,8 +90,6 @@ __init int net_sysctl_init(void)
>  	ret = register_pernet_subsys(&sysctl_pernet_ops);
>  	if (ret)
>  		goto out;
> -	setup_sysctl_set(&net_sysctl_ro_root.default_set, &net_sysctl_ro_root, NULL);
> -	register_sysctl_root(&net_sysctl_ro_root);
>  	register_sysctl_root(&net_sysctl_root);
>  out:
>  	return ret;
> @@ -117,14 +102,6 @@ struct ctl_table_header *register_net_sysctl_table(struct net *net,
>  }
>  EXPORT_SYMBOL_GPL(register_net_sysctl_table);
>  
> -struct ctl_table_header *register_net_sysctl_rotable(const
> -		struct ctl_path *path, struct ctl_table *table)
> -{
> -	return __register_sysctl_paths(&net_sysctl_ro_root.default_set,
> -					path, table);
> -}
> -EXPORT_SYMBOL_GPL(register_net_sysctl_rotable);
> -
>  struct ctl_table_header *register_net_sysctl(struct net *net,
>  	const char *path, struct ctl_table *table)
>  {
> -- 
> 1.7.2.5

^ permalink raw reply	[flat|nested] 33+ messages in thread

* Re: [PATCH net-next 04/19] net: Kill register_sysctl_rotable
  2012-04-20 13:53   ` Serge E. Hallyn
@ 2012-04-20 14:42     ` Eric W. Biederman
  0 siblings, 0 replies; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-20 14:42 UTC (permalink / raw)
  To: Serge E. Hallyn
  Cc: David Miller, netdev, Gao feng, pablo, Stephen Hemminger,
	Pavel Emelyanov

"Serge E. Hallyn" <serge@hallyn.com> writes:

> Quoting Eric W. Biederman (ebiederm@xmission.com):
>> 
>> register_sysctl_rotable never caught on as an interesting way to
>> register sysctls.  My take on the situation is that what we want are
>> sysctls that we can only see in the initial network namespace.  What we
>> have implemented with register_sysctl_rotable are sysctls that we can
>> see in all of the network namespaces and can only change in the initial
>> network namespace.
>> 
>> That is a very silly way to go.  Just register the network sysctls
>> in the initial network namespace and we don't have any weird special
>> cases to deal with.
>> 
>> The sysctls affected are:
>> /proc/sys/net/ipv4/ipfrag_secret_interval
>> /proc/sys/net/ipv4/ipfrag_max_dist
>> /proc/sys/net/ipv6/ip6frag_secret_interval
>> /proc/sys/net/ipv6/mld_max_msf
>> 
>> I really don't expect anyone will miss them if they can't read them in a
>> child user namespace.
>
> If there was something userspace could do to work around certain values
> of these settings then I'd say keeping the readonly values is worthwhile,
> but AFAICS if a bad network context requires ipfrag_max_dist 0, there's
> nothing userspace can do about it...
>
>
> So from a container pov view at least, I'm happy with this.  I'm far from
> qualified on the netns code itself, but taking a look in the unlikely case
> I can spot something :)

In this case I figured I would copy you and a few others who have been
talking about similar things recently, and also because you might care
that a whole bunch of networking sysctls that aren't per network
namespace will stop showing up in containers.

It is my hope that we use some of these same mechanisms that allow per
network namespace sysctls will be used to allow per pid and uts
namespace sysctls as well.  It isn't as important as the files don't
change, but we can do it cleanly and one of these days I will get around
to making /proc/sys a symlink to /proc/<pid>/sys so that I can remove
the very unorthodox d_compare tricks that we use today.

The sysctl internal data structures are now a hair cleaner than what
sysfs uses for the same class of problem so I might someday go back and
fix sysfs to use the same idea of internal links, so I can get the sysfs
dirent size down some more, and be able to more cleanly isolate the
namespace handling from the rest of the sysfs code.  It isn't bad today
but it is the source of most of the surprises and bugs when people tweak
the sysfs code.

Anyway I ramble.  Now I need to get back to your review comments on my
user namespace patchset.

Thanks for taking a glance here,
Eric

^ permalink raw reply	[flat|nested] 33+ messages in thread

* Re: [PATCH net-next 00/19] net: Sysctl simplifications and enhancements
  2012-04-20  8:45 ` [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Pavel Emelyanov
@ 2012-04-21  1:24   ` David Miller
  0 siblings, 0 replies; 33+ messages in thread
From: David Miller @ 2012-04-21  1:24 UTC (permalink / raw)
  To: xemul; +Cc: ebiederm, netdev, serge, gaofeng, pablo, shemminger

From: Pavel Emelyanov <xemul@parallels.com>
Date: Fri, 20 Apr 2012 12:45:52 +0400

> On 04/20/2012 03:17 AM, Eric W. Biederman wrote:
>> 
>> Summary:
>> - Kill approximately 400 lines of code
>> - Allow all networking sysctls with just CAP_NET_ADMIN
>> - Hide all networking sysctls that don't apply to your current network namespace.
>> - Uniformly register flat sysctl tables not sysctl tables with .child entries
>> - Readable string paths for registering sysctls
>> 
>> Eric W. Biederman (19):
>>       net: Implement register_net_sysctl.
>>       net sysctl:  Register an empty /proc/sys/net
>>       net sysctl: Initialize the network sysctls sooner to avoid problems.
>>       net: Kill register_sysctl_rotable
>>       net: Move all of the network sysctls without a namespace into init_net.
>>       net core: Remove unneded creation of an empty  net/core sysctl directory
>>       net ipv6: Remove unneded registration of an empty net/ipv6/neigh
>>       net ipv4: Remove the unneeded registration of an empty net/ipv4/neigh
>>       net ax25: Simplify and cleanup the ax25 sysctl handling.
>>       net llc: Don't use sysctl tables with .child entries.
>>       net ipv6: Don't use sysctl tables with .child entries.
>>       net neighbour:  Convert to use register_net_sysctl
>>       net decnet:  Convert to use register_net_sysctl
>>       net ipv6:  Convert addrconf to use register_net_sysctl
>>       net ipv4:  Convert devinet to use register_net_sysctl
>>       net: Convert nf_conntrack_proto to use register_net_sysctl
>>       net: Convert all sysctl registrations to register_net_sysctl
>>       net: Delete all remaining instances of ctl_path
>>       net: Remove register_net_sysctl_table
> 
> After resolving issues with Eric
> 
> Acked-by: Pavel Emelyanov <xemul@parallels.com>

Series applied, thanks everyone.

^ permalink raw reply	[flat|nested] 33+ messages in thread

* Re: [PATCH net-next 12/19] net neighbour:  Convert to use register_net_sysctl
  2012-04-20  7:25     ` Eric W. Biederman
@ 2012-04-22  2:36       ` Ben Hutchings
  0 siblings, 0 replies; 33+ messages in thread
From: Ben Hutchings @ 2012-04-22  2:36 UTC (permalink / raw)
  To: Eric W. Biederman
  Cc: Pavel Emelyanov, David Miller, netdev, Serge E. Hallyn, Gao feng,
	pablo, Stephen Hemminger

On Fri, 2012-04-20 at 00:25 -0700, Eric W. Biederman wrote:
> Pavel Emelyanov <xemul@parallels.com> writes:
> 
> >> @@ -2925,19 +2924,7 @@ int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p,
> >>  {
> >>  	struct neigh_sysctl_table *t;
> >>  	const char *dev_name_source = NULL;
> >> -
> >> -#define NEIGH_CTL_PATH_ROOT	0
> >> -#define NEIGH_CTL_PATH_PROTO	1
> >> -#define NEIGH_CTL_PATH_NEIGH	2
> >> -#define NEIGH_CTL_PATH_DEV	3
> >> -
> >> -	struct ctl_path neigh_path[] = {
> >> -		{ .procname = "net",	 },
> >> -		{ .procname = "proto",	 },
> >> -		{ .procname = "neigh",	 },
> >> -		{ .procname = "default", },
> >> -		{ },
> >> -	};
> >> +	char neigh_path[ sizeof("net//neigh/") + IFNAMSIZ + IFNAMSIZ ];
> >
> > Why two IFNAMSIZ-es? One is for the dev->name, but the other one is not.
> > Is it just for not having any other better constant at hands?
> 
> Yep.  We don't seem to have any proto name size constants, and all
> of decnet ipv4 and ipv6 are all shorter than the 16 bytes of IFNAMSIZ.

I don't think it makes any sense to put in IFNAMSIZ as a size for a
string that isn't a device name.

> Even if I am wrong the snprintf below truncates it's output to the
> buffer size and null terminates it so in the worst case we won't cause
> a buffer overflow, we will just get a truncated path name to pass
> to sysctl.
> 
> Shrug I stopped at good enough but I am happy for a better number.

Truncation by snprintf() is definitely better than overflow, but we
should also check and WARN so that if someone breaks this it's hard to
miss.

Ben.

-- 
Ben Hutchings, Staff Engineer, Solarflare
Not speaking for my employer; that's the marketing department's job.
They asked us to note that Solarflare product names are trademarked.

^ permalink raw reply	[flat|nested] 33+ messages in thread

* Re: [PATCH net-next 05/19] net: Move all of the network sysctls without a namespace into init_net.
  2012-04-19 23:24 ` [PATCH net-next 05/19] net: Move all of the network sysctls without a namespace into init_net Eric W. Biederman
@ 2012-04-23  0:38   ` Gao feng
  2012-04-23  1:50     ` Eric W. Biederman
  0 siblings, 1 reply; 33+ messages in thread
From: Gao feng @ 2012-04-23  0:38 UTC (permalink / raw)
  To: Eric W. Biederman
  Cc: David Miller, netdev, Serge E. Hallyn, pablo, Stephen Hemminger,
	Pavel Emelyanov

于 2012年04月20日 07:24, Eric W. Biederman 写道:
> 
> This makes it clearer which sysctls are relative to your current network
> namespace.
> 
> This makes it a little less error prone by not exposing sysctls for the
> initial network namespace in other namespaces.
> 
> This is the same way we handle all of our other network interfaces to
> userspace and I can't honestly remember why we didn't do this for
> sysctls right from the start.
> 
> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
> ---
>  drivers/infiniband/core/ucma.c          |    4 ++--
>  net/802/tr.c                            |    2 +-
>  net/appletalk/sysctl_net_atalk.c        |    4 ++--
>  net/ax25/sysctl_net_ax25.c              |    4 ++--
>  net/bridge/br_netfilter.c               |    4 ++--
>  net/core/neighbour.c                    |    2 +-
>  net/core/sysctl_net_core.c              |    2 +-
>  net/dccp/sysctl.c                       |    4 ++--
>  net/decnet/dn_dev.c                     |    4 ++--
>  net/decnet/sysctl_net_decnet.c          |    4 ++--
>  net/ipv4/netfilter/ip_queue.c           |    6 +++---
>  net/ipv4/route.c                        |    2 +-
>  net/ipv4/sysctl_net_ipv4.c              |    4 ++--
>  net/ipv6/netfilter/ip6_queue.c          |    6 +++---
>  net/ipv6/netfilter/nf_conntrack_reasm.c |    4 ++--
>  net/ipv6/sysctl_net_ipv6.c              |    2 +-
>  net/ipx/sysctl_net_ipx.c                |    5 +++--
>  net/irda/irsysctl.c                     |    4 ++--
>  net/llc/sysctl_net_llc.c                |    5 +++--
>  net/netfilter/nf_conntrack_proto.c      |    4 ++--

Hi Eric

actually,I'm working on making the sysctl and data of nf_conntrack proto pernet,
and I think it's necessary,without the pernet proto timeout,we can't control
the container's conntrack timeout unless we change the host's timeout.

maybe somebody want the conntracks in container expired quickly.
So I will keep on doing this job base on your patchset.

what's your comment?

Thanks,
Gao

^ permalink raw reply	[flat|nested] 33+ messages in thread

* Re: [PATCH net-next 05/19] net: Move all of the network sysctls without a namespace into init_net.
  2012-04-23  0:38   ` Gao feng
@ 2012-04-23  1:50     ` Eric W. Biederman
  2012-04-23  2:29       ` Gao feng
  0 siblings, 1 reply; 33+ messages in thread
From: Eric W. Biederman @ 2012-04-23  1:50 UTC (permalink / raw)
  To: Gao feng
  Cc: David Miller, netdev, Serge E. Hallyn, pablo, Stephen Hemminger,
	Pavel Emelyanov

Gao feng <gaofeng@cn.fujitsu.com> writes:

> 于 2012年04月20日 07:24, Eric W. Biederman 写道:
>> 
>> This makes it clearer which sysctls are relative to your current network
>> namespace.
>> 
>> This makes it a little less error prone by not exposing sysctls for the
>> initial network namespace in other namespaces.
>> 
>> This is the same way we handle all of our other network interfaces to
>> userspace and I can't honestly remember why we didn't do this for
>> sysctls right from the start.
>> 
>> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
>> ---
>>  drivers/infiniband/core/ucma.c          |    4 ++--
>>  net/802/tr.c                            |    2 +-
>>  net/appletalk/sysctl_net_atalk.c        |    4 ++--
>>  net/ax25/sysctl_net_ax25.c              |    4 ++--
>>  net/bridge/br_netfilter.c               |    4 ++--
>>  net/core/neighbour.c                    |    2 +-
>>  net/core/sysctl_net_core.c              |    2 +-
>>  net/dccp/sysctl.c                       |    4 ++--
>>  net/decnet/dn_dev.c                     |    4 ++--
>>  net/decnet/sysctl_net_decnet.c          |    4 ++--
>>  net/ipv4/netfilter/ip_queue.c           |    6 +++---
>>  net/ipv4/route.c                        |    2 +-
>>  net/ipv4/sysctl_net_ipv4.c              |    4 ++--
>>  net/ipv6/netfilter/ip6_queue.c          |    6 +++---
>>  net/ipv6/netfilter/nf_conntrack_reasm.c |    4 ++--
>>  net/ipv6/sysctl_net_ipv6.c              |    2 +-
>>  net/ipx/sysctl_net_ipx.c                |    5 +++--
>>  net/irda/irsysctl.c                     |    4 ++--
>>  net/llc/sysctl_net_llc.c                |    5 +++--
>>  net/netfilter/nf_conntrack_proto.c      |    4 ++--
>
> Hi Eric
>
> actually,I'm working on making the sysctl and data of nf_conntrack proto pernet,
> and I think it's necessary,without the pernet proto timeout,we can't control
> the container's conntrack timeout unless we change the host's timeout.
>
> maybe somebody want the conntracks in container expired quickly.
> So I will keep on doing this job base on your patchset.
>
> what's your comment?

My quick skim of your patches suggested to me you are doing useful work.

Making sysctls that are not pernet init_net only serve two
purposes.
- Prevent mistakes by changing a sysctl you think is pernet but globally
  affects the networking stack.
- Make it easy to find which sysctls need to be converted.

I suspect a lot of sysctls have not been converted simply because no one
realized they had not been converted.

I hope my code cleanup did not set you back very much.  I don't believe
there were any conflicts in principle just a few places where we touched
the same code.

Eric

^ permalink raw reply	[flat|nested] 33+ messages in thread

* Re: [PATCH net-next 05/19] net: Move all of the network sysctls without a namespace into init_net.
  2012-04-23  1:50     ` Eric W. Biederman
@ 2012-04-23  2:29       ` Gao feng
  0 siblings, 0 replies; 33+ messages in thread
From: Gao feng @ 2012-04-23  2:29 UTC (permalink / raw)
  To: Eric W. Biederman
  Cc: David Miller, netdev, Serge E. Hallyn, pablo, Stephen Hemminger,
	Pavel Emelyanov

于 2012年04月23日 09:50, Eric W. Biederman 写道:
> Gao feng <gaofeng@cn.fujitsu.com> writes:
> 
>> 于 2012年04月20日 07:24, Eric W. Biederman 写道:
>>>
>>> This makes it clearer which sysctls are relative to your current network
>>> namespace.
>>>
>>> This makes it a little less error prone by not exposing sysctls for the
>>> initial network namespace in other namespaces.
>>>
>>> This is the same way we handle all of our other network interfaces to
>>> userspace and I can't honestly remember why we didn't do this for
>>> sysctls right from the start.
>>>
>>> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
>>> ---
>>>  drivers/infiniband/core/ucma.c          |    4 ++--
>>>  net/802/tr.c                            |    2 +-
>>>  net/appletalk/sysctl_net_atalk.c        |    4 ++--
>>>  net/ax25/sysctl_net_ax25.c              |    4 ++--
>>>  net/bridge/br_netfilter.c               |    4 ++--
>>>  net/core/neighbour.c                    |    2 +-
>>>  net/core/sysctl_net_core.c              |    2 +-
>>>  net/dccp/sysctl.c                       |    4 ++--
>>>  net/decnet/dn_dev.c                     |    4 ++--
>>>  net/decnet/sysctl_net_decnet.c          |    4 ++--
>>>  net/ipv4/netfilter/ip_queue.c           |    6 +++---
>>>  net/ipv4/route.c                        |    2 +-
>>>  net/ipv4/sysctl_net_ipv4.c              |    4 ++--
>>>  net/ipv6/netfilter/ip6_queue.c          |    6 +++---
>>>  net/ipv6/netfilter/nf_conntrack_reasm.c |    4 ++--
>>>  net/ipv6/sysctl_net_ipv6.c              |    2 +-
>>>  net/ipx/sysctl_net_ipx.c                |    5 +++--
>>>  net/irda/irsysctl.c                     |    4 ++--
>>>  net/llc/sysctl_net_llc.c                |    5 +++--
>>>  net/netfilter/nf_conntrack_proto.c      |    4 ++--
>>
>> Hi Eric
>>
>> actually,I'm working on making the sysctl and data of nf_conntrack proto pernet,
>> and I think it's necessary,without the pernet proto timeout,we can't control
>> the container's conntrack timeout unless we change the host's timeout.
>>
>> maybe somebody want the conntracks in container expired quickly.
>> So I will keep on doing this job base on your patchset.
>>
>> what's your comment?
> 
> My quick skim of your patches suggested to me you are doing useful work.
> 
> Making sysctls that are not pernet init_net only serve two
> purposes.
> - Prevent mistakes by changing a sysctl you think is pernet but globally
>   affects the networking stack.
> - Make it easy to find which sysctls need to be converted.

OK,I got it.

> 
> I suspect a lot of sysctls have not been converted simply because no one
> realized they had not been converted.
> 
> I hope my code cleanup did not set you back very much.  I don't believe
> there were any conflicts in principle just a few places where we touched
> the same code.

Yes,just a little of codes,Thanks for your comments.

Thanks,
Gao

> 
> Eric
> --
> To unsubscribe from this list: send the line "unsubscribe netdev" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> 

^ permalink raw reply	[flat|nested] 33+ messages in thread

end of thread, other threads:[~2012-04-23  2:29 UTC | newest]

Thread overview: 33+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-04-19 23:17 [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Eric W. Biederman
2012-04-19 23:18 ` [PATCH net-next 01/19] net: Implement register_net_sysctl Eric W. Biederman
2012-04-20  5:27   ` Pavel Emelyanov
2012-04-20  8:11     ` Eric W. Biederman
2012-04-20  8:45       ` Pavel Emelyanov
2012-04-19 23:19 ` [PATCH net-next 02/19] net sysctl: Register an empty /proc/sys/net Eric W. Biederman
2012-04-19 23:20 ` [PATCH net-next 03/19] net sysctl: Initialize the network sysctls sooner to avoid problems Eric W. Biederman
2012-04-19 23:22 ` [PATCH net-next 04/19] net: Kill register_sysctl_rotable Eric W. Biederman
2012-04-20 13:53   ` Serge E. Hallyn
2012-04-20 14:42     ` Eric W. Biederman
2012-04-19 23:24 ` [PATCH net-next 05/19] net: Move all of the network sysctls without a namespace into init_net Eric W. Biederman
2012-04-23  0:38   ` Gao feng
2012-04-23  1:50     ` Eric W. Biederman
2012-04-23  2:29       ` Gao feng
2012-04-19 23:25 ` [PATCH net-next 06/19] net core: Remove unneded creation of an empty net/core sysctl directory Eric W. Biederman
2012-04-19 23:26 ` [PATCH net-next 07/19] net ipv6: Remove unneded registration of an empty net/ipv6/neigh Eric W. Biederman
2012-04-19 23:32 ` [PATCH net-next 08/19] net ipv4: Remove the unneeded registration of an empty net/ipv4/neigh Eric W. Biederman
2012-04-19 23:34 ` [PATCH net-next 09/19] net ax25: Simplify and cleanup the ax25 sysctl handling Eric W. Biederman
2012-04-19 23:35 ` [PATCH net-next 10/19] net llc: Don't use sysctl tables with .child entries Eric W. Biederman
2012-04-19 23:37 ` [PATCH net-next 11/19] net ipv6: " Eric W. Biederman
2012-04-19 23:38 ` [PATCH net-next 12/19] net neighbour: Convert to use register_net_sysctl Eric W. Biederman
2012-04-20  5:21   ` Pavel Emelyanov
2012-04-20  7:25     ` Eric W. Biederman
2012-04-22  2:36       ` Ben Hutchings
2012-04-19 23:40 ` [PATCH net-next 13/19] net decnet: " Eric W. Biederman
2012-04-19 23:41 ` [PATCH net-next 14/19] net ipv6: Convert addrconf " Eric W. Biederman
2012-04-19 23:42 ` [PATCH net-next 15/19] net ipv4: Convert devinet " Eric W. Biederman
2012-04-19 23:43 ` [PATCH net-next 16/19] net: Convert nf_conntrack_proto " Eric W. Biederman
2012-04-19 23:44 ` [PATCH net-next 17/19] net: Convert all sysctl registrations to register_net_sysctl Eric W. Biederman
2012-04-19 23:45 ` [PATCH net-next 18/19] net: Delete all remaining instances of ctl_path Eric W. Biederman
2012-04-19 23:46 ` [PATCH net-next 19/19] net: Remove register_net_sysctl_table Eric W. Biederman
2012-04-20  8:45 ` [PATCH net-next 00/19] net: Sysctl simplifications and enhancements Pavel Emelyanov
2012-04-21  1:24   ` David Miller

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.