/[linux-patches]/genpatches-2.6/tags/2.6.14-6/1008_2_ipvs-connection-leak.patch
Gentoo

Contents of /genpatches-2.6/tags/2.6.14-6/1008_2_ipvs-connection-leak.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 233 - (show annotations) (download)
Thu Dec 15 16:43:31 2005 UTC (12 years, 8 months ago) by dsd
File size: 1646 byte(s)
2.6.14-6 release
1 From stable-bounces@linux.kernel.org Tue Nov 8 13:15:57 2005
2 Date: Tue, 8 Nov 2005 23:16:08 +0200 (EET)
3 From: Julian Anastasov <ja@ssi.bg>
4 To: stable@kernel.org
5 Cc: "David S. Miller" <davem@davemloft.net>, Roberto Nibali <ratz@drugphish.ch>
6 Subject: [PATCH] ipvs: fix connection leak if expire_nodest_conn=1
7
8
9 There was a fix in 2.6.13 that changed the behaviour of
10 ip_vs_conn_expire_now function not to put reference to connection, its
11 callers should hold write lock or connection refcnt. But we forgot to
12 convert one caller, when the real server for connection is unavailable
13 caller should put the connection reference. It happens only when sysctl
14 var expire_nodest_conn is set to 1 and such connections never expire.
15 Thanks to Roberto Nibali who found the problem and tested a 2.4.32-rc2
16 patch, which is equal to this 2.6 version.
17
18 Signed-off-by: Julian Anastasov <ja@ssi.bg>
19 Signed-off-by: Roberto Nibali <ratz@drugphish.ch>
20 Signed-off-by: Chris Wright <chrisw@osdl.org>
21 Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
22 ---
23 net/ipv4/ipvs/ip_vs_core.c | 7 +++----
24 1 file changed, 3 insertions(+), 4 deletions(-)
25
26 --- linux-2.6.14.1.orig/net/ipv4/ipvs/ip_vs_core.c
27 +++ linux-2.6.14.1/net/ipv4/ipvs/ip_vs_core.c
28 @@ -1009,11 +1009,10 @@ ip_vs_in(unsigned int hooknum, struct sk
29 if (sysctl_ip_vs_expire_nodest_conn) {
30 /* try to expire the connection immediately */
31 ip_vs_conn_expire_now(cp);
32 - } else {
33 - /* don't restart its timer, and silently
34 - drop the packet. */
35 - __ip_vs_conn_put(cp);
36 }
37 + /* don't restart its timer, and silently
38 + drop the packet. */
39 + __ip_vs_conn_put(cp);
40 return NF_DROP;
41 }
42

  ViewVC Help
Powered by ViewVC 1.1.20