Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2ad17def authored by Julian Anastasov's avatar Julian Anastasov Committed by David S. Miller
Browse files

ipvs: fix oops in backup for fwmark conn templates 

	Fixes bug http://bugzilla.kernel.org/show_bug.cgi?id=10556


where conn templates with protocol=IPPROTO_IP can oops backup box.

        Result from ip_vs_proto_get() should be checked because
protocol value can be invalid or unsupported in backup. But
for valid message we should not fail for templates which use
IPPROTO_IP. Also, add checks to validate message limits and
connection state. Show state NONE for templates using IPPROTO_IP.

Signed-off-by: default avatarJulian Anastasov <ja@ssi.bg>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent d69efb16

include/net/ip_vs.h

+2 −1
Original line number Diff line number Diff line
@@ -405,7 +405,8 @@ struct sk_buff; 
struct ip_vs_protocol {

	struct ip_vs_protocol	*next;

	char			*name;

	__u16			protocol;

	u16			protocol;

	u16			num_states;

	int			dont_defrag;

	atomic_t		appcnt;		/* counter of proto app incs */

	int			*timeout_table;	/* protocol timeout table */

net/ipv4/ipvs/ip_vs_proto.c

+1 −1
Original line number Diff line number Diff line
@@ -148,7 +148,7 @@ const char * ip_vs_state_name(__u16 proto, int state) 
	struct ip_vs_protocol *pp = ip_vs_proto_get(proto);



	if (pp == NULL || pp->state_name == NULL)

		return "ERR!";

		return (IPPROTO_IP == proto) ? "NONE" : "ERR!";

	return pp->state_name(state);

}

net/ipv4/ipvs/ip_vs_proto_ah.c

+1 −0
Original line number Diff line number Diff line
@@ -160,6 +160,7 @@ static void ah_exit(struct ip_vs_protocol *pp) 
struct ip_vs_protocol ip_vs_protocol_ah = {

	.name =			"AH",

	.protocol =		IPPROTO_AH,

	.num_states =		1,

	.dont_defrag =		1,

	.init =			ah_init,

	.exit =			ah_exit,

net/ipv4/ipvs/ip_vs_proto_esp.c

+1 −0
Original line number Diff line number Diff line
@@ -159,6 +159,7 @@ static void esp_exit(struct ip_vs_protocol *pp) 
struct ip_vs_protocol ip_vs_protocol_esp = {

	.name =			"ESP",

	.protocol =		IPPROTO_ESP,

	.num_states =		1,

	.dont_defrag =		1,

	.init =			esp_init,

	.exit =			esp_exit,

net/ipv4/ipvs/ip_vs_proto_tcp.c

+1 −0
Original line number Diff line number Diff line
@@ -594,6 +594,7 @@ static void ip_vs_tcp_exit(struct ip_vs_protocol *pp) 
struct ip_vs_protocol ip_vs_protocol_tcp = {

	.name =			"TCP",

	.protocol =		IPPROTO_TCP,

	.num_states =		IP_VS_TCP_S_LAST,

	.dont_defrag =		0,

	.appcnt =		ATOMIC_INIT(0),

	.init =			ip_vs_tcp_init,