lk/linux-kernel-test
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

IPVS: bug in ip_vs_ftp, same list heaad used in all netns.

Browse Source 
When ip_vs was adapted to netns the ftp application was not adapted
in a correct way.
However this is a fix to avoid kernel errors. In the long term another solution
might be chosen.  I.e the ports that the ftp appl, uses should be per netns.

Signed-off-by: Hans Schillstrom <hans.schillstrom@ericsson.com>
Acked-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
This commit is contained in:
Hans Schillstrom
2011-05-24 14:11:05 +02:00
committed by Pablo Neira Ayuso
parent 97242c85a2
commit c74c0bfe0b
2 changed files with 21 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
include/net/ip_vs.h
View File

@@ -797,7 +797,8 @@ struct netns_ipvs {
struct list_head rs_table[IP_VS_RTAB_SIZE]; struct list_head rs_table[IP_VS_RTAB_SIZE];
/* ip_vs_app */ /* ip_vs_app */
struct list_head app_list; struct list_head app_list;
/* ip_vs_ftp */
struct ip_vs_app *ftp_app;
/* ip_vs_proto */ /* ip_vs_proto */
#define IP_VS_PROTO_TAB_SIZE 32 /* must be power of 2 */ #define IP_VS_PROTO_TAB_SIZE 32 /* must be power of 2 */
struct ip_vs_proto_data *proto_data_table[IP_VS_PROTO_TAB_SIZE]; struct ip_vs_proto_data *proto_data_table[IP_VS_PROTO_TAB_SIZE];

25
net/netfilter/ipvs/ip_vs_ftp.c
View File

@@ -411,25 +411,35 @@ static struct ip_vs_app ip_vs_ftp = {
static int __net_init __ip_vs_ftp_init(struct net *net) static int __net_init __ip_vs_ftp_init(struct net *net)
{ {
int i, ret; int i, ret;
struct ip_vs_app *app = &ip_vs_ftp; struct ip_vs_app *app;
struct netns_ipvs *ipvs = net_ipvs(net);
app = kmemdup(&ip_vs_ftp, sizeof(struct ip_vs_app), GFP_KERNEL);
if (!app)
return -ENOMEM;
INIT_LIST_HEAD(&app->a_list);
INIT_LIST_HEAD(&app->incs_list);
ipvs->ftp_app = app;
ret = register_ip_vs_app(net, app); ret = register_ip_vs_app(net, app);
if (ret) if (ret)
return ret; goto err_exit;
for (i=0; i<IP_VS_APP_MAX_PORTS; i++) { for (i=0; i<IP_VS_APP_MAX_PORTS; i++) {
if (!ports[i]) if (!ports[i])
continue; continue;
ret = register_ip_vs_app_inc(net, app, app->protocol, ports[i]); ret = register_ip_vs_app_inc(net, app, app->protocol, ports[i]);
if (ret) if (ret)
break; goto err_unreg;
pr_info("%s: loaded support on port[%d] = %d\n", pr_info("%s: loaded support on port[%d] = %d\n",
app->name, i, ports[i]); app->name, i, ports[i]);
} }
return 0;
if (ret) err_unreg:
unregister_ip_vs_app(net, app); unregister_ip_vs_app(net, app);
err_exit:
kfree(ipvs->ftp_app);
return ret; return ret;
} }
/* /*
@@ -437,9 +447,10 @@ static int __net_init __ip_vs_ftp_init(struct net *net)
*/ */
static void __ip_vs_ftp_exit(struct net *net) static void __ip_vs_ftp_exit(struct net *net)
{ {
struct ip_vs_app *app = &ip_vs_ftp; struct netns_ipvs *ipvs = net_ipvs(net);
unregister_ip_vs_app(net, app); unregister_ip_vs_app(net, ipvs->ftp_app);
kfree(ipvs->ftp_app);
} }
static struct pernet_operations ip_vs_ftp_ops = { static struct pernet_operations ip_vs_ftp_ops = {