[Devel] [PATCH] Porting diff-ve-net-sysfs-drop-redundant-net_ipv4_route_path and diff-ve-net-route-bring-back-route_src_check

Kirill Tkhai ktkhai at odin.com
Thu Jun 18 04:04:50 PDT 2015 

1)ve: net, sysfs -- Drop redundant net_ipv4_route_path

This procfs entry is registered in sysctl_route_net_init which is per-net
routine. In turn our call simply make a double entry in /proc/sys/net/ipv4/
directory. Lets rip it off. It looks like being leftover from previous
kernel versions.

https://bugzilla.openvz.org/show_bug.cgi?id=3039

Signed-off-by: Cyrill Gorcunov <gorcunov at parallels.com>

2)net: route -- Bring back route/src_check

While being removing doubled /proc/sys/net/ipv4/route table
(in patch diff-ve-net-sysfs-drop-redundant-net_ipv4_route_path)
I managed to miss the fact that we post @ip_rt_src_check kernel
variable outside but it is not revealed in default vanilla kernel.
So bring it back.

Previously route table has been overwritten by us on system starup
so that one can only see (on both container and node)

[root at ovz ~]# ls -l /proc/sys/net/ipv4/route/
--w------- 1 root root 0 Feb 26 13:23 flush
-rw-r--r-- 1 root root 0 Feb 26 13:23 src_check

With the patch applied we can see the complete output

[root at ovz /]# ls -l /proc/sys/net/ipv4/route/
-rw-r--r-- 1 root root 0 Feb 26 05:27 error_burst
-rw-r--r-- 1 root root 0 Feb 26 05:27 error_cost
--w------- 1 root root 0 Feb 26 05:27 flush
-rw-r--r-- 1 root root 0 Feb 26 05:27 gc_elasticity
-rw-r--r-- 1 root root 0 Feb 26 05:27 gc_interval
-rw-r--r-- 1 root root 0 Feb 26 05:27 gc_min_interval
-rw-r--r-- 1 root root 0 Feb 26 05:27 gc_min_interval_ms
-rw-r--r-- 1 root root 0 Feb 26 05:27 gc_thresh
-rw-r--r-- 1 root root 0 Feb 26 05:27 gc_timeout
-rw-r--r-- 1 root root 0 Feb 26 05:27 max_size
-rw-r--r-- 1 root root 0 Feb 26 05:27 min_adv_mss
-rw-r--r-- 1 root root 0 Feb 26 05:27 min_pmtu
-rw-r--r-- 1 root root 0 Feb 26 05:27 mtu_expires
-rw-r--r-- 1 root root 0 Feb 26 05:27 redirect_load
-rw-r--r-- 1 root root 0 Feb 26 05:27 redirect_number
-rw-r--r-- 1 root root 0 Feb 26 05:27 redirect_silence
-rw-r--r-- 1 root root 0 Feb 26 05:27 secret_interval
-rw-r--r-- 1 root root 0 Feb 26 05:27 src_check

The modification of these entries is disabled as it
was before.

https://jira.sw.ru/browse/PSBM-31818

Signed-off-by: Cyrill Gorcunov <gorcunov at parallels.com>

[These patches deletes old kernels leftovers, and we need
 them.

 But we still won't have /proc/sys/net/ipv4/route/ entries,
 because sysctl paths are virtualized now. It's necessay to
 dup ipv4_route_table like we do for ipv4_route_flush_table
 in pernet init]

Signed-off-by: Kirill Tkhai <ktkhai at odin.com>
---
 kernel/ve/veowner.c |   23 -----------------------
 net/ipv4/route.c    |    9 +++++++++
 2 files changed, 9 insertions(+), 23 deletions(-)

diff --git a/kernel/ve/veowner.c b/kernel/ve/veowner.c
index ada4df3..316e4d0 100644
--- a/kernel/ve/veowner.c
+++ b/kernel/ve/veowner.c
@@ -55,26 +55,6 @@ static void prepare_proc(void)
 int ve_xattr_policy = VE_XATTR_POLICY_ACCEPT;
 static int ve_area_access_check;
 
-#ifdef CONFIG_INET
-static struct ctl_table vz_ipv4_route_table[] = {
-	{
-		.procname	= "src_check",
-		.data		= &ip_rt_src_check,
-		.maxlen		= sizeof(int),
-		.mode		= 0644,
-		.proc_handler	= proc_dointvec,
-	},
-	{ 0 }
-};
-
-static struct ctl_path net_ipv4_route_path[] = {
-	{ .procname = "net", },
-	{ .procname = "ipv4", },
-	{ .procname = "route", },
-	{ }
-};
-#endif
-
 static struct ctl_table vz_fs_table[] = {
 	{
 		.procname	= "ve-area-access-check",
@@ -107,9 +87,6 @@ static struct ctl_path fs_path[] = {
 
 static void prepare_sysctl(void)
 {
-#ifdef CONFIG_INET
-	register_sysctl_paths(net_ipv4_route_path, vz_ipv4_route_table);
-#endif
 	register_sysctl_paths(fs_path, vz_fs_table);
 }
 
diff --git a/net/ipv4/route.c b/net/ipv4/route.c
index 123dd45..70bce4f 100644
--- a/net/ipv4/route.c
+++ b/net/ipv4/route.c
@@ -2557,6 +2557,15 @@ static struct ctl_table ipv4_route_table[] = {
 		.mode		= 0644,
 		.proc_handler	= proc_dointvec,
 	},
+#ifdef CONFIG_VE
+	{
+		.procname	= "src_check",
+		.data		= &ip_rt_src_check,
+		.maxlen		= sizeof(int),
+		.mode		= 0644,
+		.proc_handler	= proc_dointvec,
+	},
+#endif
 	{ }
 };

More information about the Devel mailing list