tcp: Namespaceify sysctl_tcp_timestamps (5d2ed052) · Commits · EulixOS / Software / Kernel

include/net/netns/ipv4.h

+1 −0

Original line number	Diff line number	Diff line
		@@ -124,6 +124,7 @@ struct netns_ipv4 {
		int sysctl_tcp_tw_reuse;
		int sysctl_tcp_sack;
		int sysctl_tcp_window_scaling;
		int sysctl_tcp_timestamps;
		struct inet_timewait_death_row tcp_death_row;
		int sysctl_max_syn_backlog;

+3 −2

Original line number	Diff line number	Diff line
		@@ -8,10 +8,11 @@ u32 secure_ipv6_port_ephemeral(const __be32 saddr, const __be32 daddr,
		__be16 dport);
		u32 secure_tcp_seq(__be32 saddr, __be32 daddr,
		__be16 sport, __be16 dport);
		u32 secure_tcp_ts_off(__be32 saddr, __be32 daddr);
		u32 secure_tcp_ts_off(const struct net *net, __be32 saddr, __be32 daddr);
		u32 secure_tcpv6_seq(const __be32 saddr, const __be32 daddr,
		__be16 sport, __be16 dport);
		u32 secure_tcpv6_ts_off(const __be32 saddr, const __be32 daddr);
		u32 secure_tcpv6_ts_off(const struct net *net,
		const __be32 saddr, const __be32 daddr);
		u64 secure_dccp_sequence_number(__be32 saddr, __be32 daddr,
		__be16 sport, __be16 dport);
		u64 secure_dccpv6_sequence_number(__be32 saddr, __be32 daddr,

+1 −2

Original line number	Diff line number	Diff line
		@@ -237,7 +237,6 @@ void tcp_time_wait(struct sock *sk, int state, int timeo);


		/* sysctl variables for tcp */
		extern int sysctl_tcp_timestamps;
		extern int sysctl_tcp_fastopen;
		extern int sysctl_tcp_retrans_collapse;
		extern int sysctl_tcp_stdurg;
		@@ -1869,7 +1868,7 @@ struct tcp_request_sock_ops {
		struct dst_entry (route_req)(const struct sock sk, struct flowi fl,
		const struct request_sock *req);
		u32 (init_seq)(const struct sk_buff skb);
		u32 (init_ts_off)(const struct sk_buff skb);
		u32 (init_ts_off)(const struct net net, const struct sk_buff *skb);
		int (send_synack)(const struct sock sk, struct dst_entry *dst,
		struct flowi fl, struct request_sock req,
		struct tcp_fastopen_cookie *foc,

+5 −4

Original line number	Diff line number	Diff line
		@@ -51,7 +51,8 @@ static u32 seq_scale(u32 seq)
		#endif

		#if IS_ENABLED(CONFIG_IPV6)
		u32 secure_tcpv6_ts_off(const __be32 saddr, const __be32 daddr)
		u32 secure_tcpv6_ts_off(const struct net *net,
		const __be32 saddr, const __be32 daddr)
		{
		const struct {
		struct in6_addr saddr;
		@@ -61,7 +62,7 @@ u32 secure_tcpv6_ts_off(const __be32 saddr, const __be32 daddr)
		.daddr = (struct in6_addr )daddr,
		};

		if (sysctl_tcp_timestamps != 1)
		if (net->ipv4.sysctl_tcp_timestamps != 1)
		return 0;

		ts_secret_init();
		@@ -113,9 +114,9 @@ EXPORT_SYMBOL(secure_ipv6_port_ephemeral);
		#endif

		#ifdef CONFIG_INET
		u32 secure_tcp_ts_off(__be32 saddr, __be32 daddr)
		u32 secure_tcp_ts_off(const struct net *net, __be32 saddr, __be32 daddr)
		{
		if (sysctl_tcp_timestamps != 1)
		if (net->ipv4.sysctl_tcp_timestamps != 1)
		return 0;

		ts_secret_init();

+4 −2

Original line number	Diff line number	Diff line
		@@ -243,7 +243,7 @@ bool cookie_timestamp_decode(const struct net *net,
		return true;
		}

		if (!sysctl_tcp_timestamps)
		if (!net->ipv4.sysctl_tcp_timestamps)
		return false;

		tcp_opt->sack_ok = (options & TS_OPT_SACK) ? TCP_SACK_SEEN : 0;
		@@ -316,7 +316,9 @@ struct sock cookie_v4_check(struct sock sk, struct sk_buff *skb)
		tcp_parse_options(sock_net(sk), skb, &tcp_opt, 0, NULL);

		if (tcp_opt.saw_tstamp && tcp_opt.rcv_tsecr) {
		tsoff = secure_tcp_ts_off(ip_hdr(skb)->daddr, ip_hdr(skb)->saddr);
		tsoff = secure_tcp_ts_off(sock_net(sk),
		ip_hdr(skb)->daddr,
		ip_hdr(skb)->saddr);
		tcp_opt.rcv_tsecr -= tsoff;
		}