netfilter: ipv6: nf_defrag: no longer reference init_net in nf_ct_frag6_sysctl_table

(struct net *)->nf_frag.fqdir will soon be a pointer, so make
sure nf_ct_frag6_sysctl_table[] does not reference init_net.

nf_ct_frag6_sysctl_register() can perform the needed initialization
for all netns.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Eric Dumazet 2019-05-24 09:03:35 -07:00 committed by David S. Miller
parent 8668d0e2bf
commit 3bb13dd4ca
1 changed files with 7 additions and 12 deletions

View File

@ -58,26 +58,21 @@ static struct inet_frags nf_frags;
static struct ctl_table nf_ct_frag6_sysctl_table[] = { static struct ctl_table nf_ct_frag6_sysctl_table[] = {
{ {
.procname = "nf_conntrack_frag6_timeout", .procname = "nf_conntrack_frag6_timeout",
.data = &init_net.nf_frag.fqdir.timeout,
.maxlen = sizeof(unsigned int), .maxlen = sizeof(unsigned int),
.mode = 0644, .mode = 0644,
.proc_handler = proc_dointvec_jiffies, .proc_handler = proc_dointvec_jiffies,
}, },
{ {
.procname = "nf_conntrack_frag6_low_thresh", .procname = "nf_conntrack_frag6_low_thresh",
.data = &init_net.nf_frag.fqdir.low_thresh,
.maxlen = sizeof(unsigned long), .maxlen = sizeof(unsigned long),
.mode = 0644, .mode = 0644,
.proc_handler = proc_doulongvec_minmax, .proc_handler = proc_doulongvec_minmax,
.extra2 = &init_net.nf_frag.fqdir.high_thresh
}, },
{ {
.procname = "nf_conntrack_frag6_high_thresh", .procname = "nf_conntrack_frag6_high_thresh",
.data = &init_net.nf_frag.fqdir.high_thresh,
.maxlen = sizeof(unsigned long), .maxlen = sizeof(unsigned long),
.mode = 0644, .mode = 0644,
.proc_handler = proc_doulongvec_minmax, .proc_handler = proc_doulongvec_minmax,
.extra1 = &init_net.nf_frag.fqdir.low_thresh
}, },
{ } { }
}; };
@ -93,15 +88,15 @@ static int nf_ct_frag6_sysctl_register(struct net *net)
GFP_KERNEL); GFP_KERNEL);
if (table == NULL) if (table == NULL)
goto err_alloc; goto err_alloc;
table[0].data = &net->nf_frag.fqdir.timeout;
table[1].data = &net->nf_frag.fqdir.low_thresh;
table[1].extra2 = &net->nf_frag.fqdir.high_thresh;
table[2].data = &net->nf_frag.fqdir.high_thresh;
table[2].extra1 = &net->nf_frag.fqdir.low_thresh;
table[2].extra2 = &init_net.nf_frag.fqdir.high_thresh;
} }
table[0].data = &net->nf_frag.fqdir.timeout;
table[1].data = &net->nf_frag.fqdir.low_thresh;
table[1].extra2 = &net->nf_frag.fqdir.high_thresh;
table[2].data = &net->nf_frag.fqdir.high_thresh;
table[2].extra1 = &net->nf_frag.fqdir.low_thresh;
table[2].extra2 = &init_net.nf_frag.fqdir.high_thresh;
hdr = register_net_sysctl(net, "net/netfilter", table); hdr = register_net_sysctl(net, "net/netfilter", table);
if (hdr == NULL) if (hdr == NULL)
goto err_reg; goto err_reg;