forked from luck/tmp_suning_uos_patched
ipv4: Namespaceify tcp_fastopen knob
Different namespace application might require enable TCP Fast Open feature independently of the host. This patch series continues making more of the TCP Fast Open related sysctl knobs be per net-namespace. Reported-by: Luca BRUNO <lucab@debian.org> Signed-off-by: Haishuang Yan <yanhaishuang@cmss.chinamobile.com> Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
parent
506d0a3edb
commit
e1cfcbe82b
|
@ -128,6 +128,7 @@ struct netns_ipv4 {
|
||||||
int sysctl_tcp_timestamps;
|
int sysctl_tcp_timestamps;
|
||||||
struct inet_timewait_death_row tcp_death_row;
|
struct inet_timewait_death_row tcp_death_row;
|
||||||
int sysctl_max_syn_backlog;
|
int sysctl_max_syn_backlog;
|
||||||
|
int sysctl_tcp_fastopen;
|
||||||
|
|
||||||
#ifdef CONFIG_NET_L3_MASTER_DEV
|
#ifdef CONFIG_NET_L3_MASTER_DEV
|
||||||
int sysctl_udp_l3mdev_accept;
|
int sysctl_udp_l3mdev_accept;
|
||||||
|
|
|
@ -240,7 +240,6 @@ void tcp_time_wait(struct sock *sk, int state, int timeo);
|
||||||
|
|
||||||
|
|
||||||
/* sysctl variables for tcp */
|
/* sysctl variables for tcp */
|
||||||
extern int sysctl_tcp_fastopen;
|
|
||||||
extern int sysctl_tcp_retrans_collapse;
|
extern int sysctl_tcp_retrans_collapse;
|
||||||
extern int sysctl_tcp_stdurg;
|
extern int sysctl_tcp_stdurg;
|
||||||
extern int sysctl_tcp_rfc1337;
|
extern int sysctl_tcp_rfc1337;
|
||||||
|
|
|
@ -195,7 +195,7 @@ int inet_listen(struct socket *sock, int backlog)
|
||||||
{
|
{
|
||||||
struct sock *sk = sock->sk;
|
struct sock *sk = sock->sk;
|
||||||
unsigned char old_state;
|
unsigned char old_state;
|
||||||
int err;
|
int err, tcp_fastopen;
|
||||||
|
|
||||||
lock_sock(sk);
|
lock_sock(sk);
|
||||||
|
|
||||||
|
@ -217,8 +217,9 @@ int inet_listen(struct socket *sock, int backlog)
|
||||||
* because the socket was in TCP_LISTEN state previously but
|
* because the socket was in TCP_LISTEN state previously but
|
||||||
* was shutdown() rather than close().
|
* was shutdown() rather than close().
|
||||||
*/
|
*/
|
||||||
if ((sysctl_tcp_fastopen & TFO_SERVER_WO_SOCKOPT1) &&
|
tcp_fastopen = sock_net(sk)->ipv4.sysctl_tcp_fastopen;
|
||||||
(sysctl_tcp_fastopen & TFO_SERVER_ENABLE) &&
|
if ((tcp_fastopen & TFO_SERVER_WO_SOCKOPT1) &&
|
||||||
|
(tcp_fastopen & TFO_SERVER_ENABLE) &&
|
||||||
!inet_csk(sk)->icsk_accept_queue.fastopenq.max_qlen) {
|
!inet_csk(sk)->icsk_accept_queue.fastopenq.max_qlen) {
|
||||||
fastopen_queue_tune(sk, backlog);
|
fastopen_queue_tune(sk, backlog);
|
||||||
tcp_fastopen_init_key_once(true);
|
tcp_fastopen_init_key_once(true);
|
||||||
|
|
|
@ -400,13 +400,6 @@ static struct ctl_table ipv4_table[] = {
|
||||||
.mode = 0644,
|
.mode = 0644,
|
||||||
.proc_handler = proc_dointvec
|
.proc_handler = proc_dointvec
|
||||||
},
|
},
|
||||||
{
|
|
||||||
.procname = "tcp_fastopen",
|
|
||||||
.data = &sysctl_tcp_fastopen,
|
|
||||||
.maxlen = sizeof(int),
|
|
||||||
.mode = 0644,
|
|
||||||
.proc_handler = proc_dointvec,
|
|
||||||
},
|
|
||||||
{
|
{
|
||||||
.procname = "tcp_fastopen_key",
|
.procname = "tcp_fastopen_key",
|
||||||
.mode = 0600,
|
.mode = 0600,
|
||||||
|
@ -1085,6 +1078,13 @@ static struct ctl_table ipv4_net_table[] = {
|
||||||
.mode = 0644,
|
.mode = 0644,
|
||||||
.proc_handler = proc_dointvec
|
.proc_handler = proc_dointvec
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
.procname = "tcp_fastopen",
|
||||||
|
.data = &init_net.ipv4.sysctl_tcp_fastopen,
|
||||||
|
.maxlen = sizeof(int),
|
||||||
|
.mode = 0644,
|
||||||
|
.proc_handler = proc_dointvec,
|
||||||
|
},
|
||||||
#ifdef CONFIG_IP_ROUTE_MULTIPATH
|
#ifdef CONFIG_IP_ROUTE_MULTIPATH
|
||||||
{
|
{
|
||||||
.procname = "fib_multipath_use_neigh",
|
.procname = "fib_multipath_use_neigh",
|
||||||
|
|
|
@ -1126,7 +1126,7 @@ static int tcp_sendmsg_fastopen(struct sock *sk, struct msghdr *msg,
|
||||||
struct sockaddr *uaddr = msg->msg_name;
|
struct sockaddr *uaddr = msg->msg_name;
|
||||||
int err, flags;
|
int err, flags;
|
||||||
|
|
||||||
if (!(sysctl_tcp_fastopen & TFO_CLIENT_ENABLE) ||
|
if (!(sock_net(sk)->ipv4.sysctl_tcp_fastopen & TFO_CLIENT_ENABLE) ||
|
||||||
(uaddr && msg->msg_namelen >= sizeof(uaddr->sa_family) &&
|
(uaddr && msg->msg_namelen >= sizeof(uaddr->sa_family) &&
|
||||||
uaddr->sa_family == AF_UNSPEC))
|
uaddr->sa_family == AF_UNSPEC))
|
||||||
return -EOPNOTSUPP;
|
return -EOPNOTSUPP;
|
||||||
|
@ -2759,7 +2759,7 @@ static int do_tcp_setsockopt(struct sock *sk, int level,
|
||||||
case TCP_FASTOPEN_CONNECT:
|
case TCP_FASTOPEN_CONNECT:
|
||||||
if (val > 1 || val < 0) {
|
if (val > 1 || val < 0) {
|
||||||
err = -EINVAL;
|
err = -EINVAL;
|
||||||
} else if (sysctl_tcp_fastopen & TFO_CLIENT_ENABLE) {
|
} else if (net->ipv4.sysctl_tcp_fastopen & TFO_CLIENT_ENABLE) {
|
||||||
if (sk->sk_state == TCP_CLOSE)
|
if (sk->sk_state == TCP_CLOSE)
|
||||||
tp->fastopen_connect = val;
|
tp->fastopen_connect = val;
|
||||||
else
|
else
|
||||||
|
|
|
@ -9,8 +9,6 @@
|
||||||
#include <net/inetpeer.h>
|
#include <net/inetpeer.h>
|
||||||
#include <net/tcp.h>
|
#include <net/tcp.h>
|
||||||
|
|
||||||
int sysctl_tcp_fastopen __read_mostly = TFO_CLIENT_ENABLE;
|
|
||||||
|
|
||||||
struct tcp_fastopen_context __rcu *tcp_fastopen_ctx;
|
struct tcp_fastopen_context __rcu *tcp_fastopen_ctx;
|
||||||
|
|
||||||
static DEFINE_SPINLOCK(tcp_fastopen_ctx_lock);
|
static DEFINE_SPINLOCK(tcp_fastopen_ctx_lock);
|
||||||
|
@ -279,21 +277,22 @@ struct sock *tcp_try_fastopen(struct sock *sk, struct sk_buff *skb,
|
||||||
struct request_sock *req,
|
struct request_sock *req,
|
||||||
struct tcp_fastopen_cookie *foc)
|
struct tcp_fastopen_cookie *foc)
|
||||||
{
|
{
|
||||||
struct tcp_fastopen_cookie valid_foc = { .len = -1 };
|
|
||||||
bool syn_data = TCP_SKB_CB(skb)->end_seq != TCP_SKB_CB(skb)->seq + 1;
|
bool syn_data = TCP_SKB_CB(skb)->end_seq != TCP_SKB_CB(skb)->seq + 1;
|
||||||
|
int tcp_fastopen = sock_net(sk)->ipv4.sysctl_tcp_fastopen;
|
||||||
|
struct tcp_fastopen_cookie valid_foc = { .len = -1 };
|
||||||
struct sock *child;
|
struct sock *child;
|
||||||
|
|
||||||
if (foc->len == 0) /* Client requests a cookie */
|
if (foc->len == 0) /* Client requests a cookie */
|
||||||
NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPFASTOPENCOOKIEREQD);
|
NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPFASTOPENCOOKIEREQD);
|
||||||
|
|
||||||
if (!((sysctl_tcp_fastopen & TFO_SERVER_ENABLE) &&
|
if (!((tcp_fastopen & TFO_SERVER_ENABLE) &&
|
||||||
(syn_data || foc->len >= 0) &&
|
(syn_data || foc->len >= 0) &&
|
||||||
tcp_fastopen_queue_check(sk))) {
|
tcp_fastopen_queue_check(sk))) {
|
||||||
foc->len = -1;
|
foc->len = -1;
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (syn_data && (sysctl_tcp_fastopen & TFO_SERVER_COOKIE_NOT_REQD))
|
if (syn_data && (tcp_fastopen & TFO_SERVER_COOKIE_NOT_REQD))
|
||||||
goto fastopen;
|
goto fastopen;
|
||||||
|
|
||||||
if (foc->len >= 0 && /* Client presents or requests a cookie */
|
if (foc->len >= 0 && /* Client presents or requests a cookie */
|
||||||
|
@ -347,7 +346,7 @@ bool tcp_fastopen_cookie_check(struct sock *sk, u16 *mss,
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (sysctl_tcp_fastopen & TFO_CLIENT_NO_COOKIE) {
|
if (sock_net(sk)->ipv4.sysctl_tcp_fastopen & TFO_CLIENT_NO_COOKIE) {
|
||||||
cookie->len = -1;
|
cookie->len = -1;
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
|
@ -2472,6 +2472,8 @@ static int __net_init tcp_sk_init(struct net *net)
|
||||||
net->ipv4.sysctl_tcp_window_scaling = 1;
|
net->ipv4.sysctl_tcp_window_scaling = 1;
|
||||||
net->ipv4.sysctl_tcp_timestamps = 1;
|
net->ipv4.sysctl_tcp_timestamps = 1;
|
||||||
|
|
||||||
|
net->ipv4.sysctl_tcp_fastopen = TFO_CLIENT_ENABLE;
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
fail:
|
fail:
|
||||||
tcp_sk_exit(net);
|
tcp_sk_exit(net);
|
||||||
|
|
Loading…
Reference in New Issue
Block a user