On Fri, Dec 11, 2009 at 11:01:47AM +0200, Julian Anastasov wrote: > > Hello, > > On Fri, 11 Dec 2009, Simon Horman wrote: > > > Hi Julian, > > > > I took a look at your suggestion and zeroing usvc in > > ip_vs_genl_parse_service() also seems to does seem to resolve the problem > > that was reported. And inspecting the code it looks like it should > > be sufficient to resolve any similar problems that may be lurking. > > > > How do you feel about the following? > > Looks good. May be you can do the same for ip_vs_genl_parse_dest, > just to be safe, if new parameter is added but netlink does not support > it, we do not want random data from stack.
Good idea. How about this? ---------------------------------------------------------------------- ipvs: zero usvc and udest Make sure that any otherwise uninitialised fields of usvc are zero. This has been obvserved to cause a problem whereby the port of fwmark services may end up as a non-zero value which causes scheduling of a destination server to fail for persisitent services. As observed by Deon van der Merwe <[email protected]>. This fix suggested by Julian Anastasov <[email protected]>. For good measure also zero udest. Cc: Deon van der Merwe <[email protected]> Cc: Julian Anastasov <[email protected]> Signed-off-by: Simon Horman <[email protected]> Index: linux-2.6/net/netfilter/ipvs/ip_vs_ctl.c =================================================================== --- linux-2.6.orig/net/netfilter/ipvs/ip_vs_ctl.c 2009-12-11 14:22:23.000000000 +0900 +++ linux-2.6/net/netfilter/ipvs/ip_vs_ctl.c 2009-12-14 11:05:50.000000000 +0900 @@ -2714,6 +2714,8 @@ static int ip_vs_genl_parse_service(stru if (!(nla_af && (nla_fwmark || (nla_port && nla_protocol && nla_addr)))) return -EINVAL; + memset(usvc, 0, sizeof(*usvc)); + usvc->af = nla_get_u16(nla_af); #ifdef CONFIG_IP_VS_IPV6 if (usvc->af != AF_INET && usvc->af != AF_INET6) @@ -2901,6 +2903,8 @@ static int ip_vs_genl_parse_dest(struct if (!(nla_addr && nla_port)) return -EINVAL; + memset(udest, 0, sizeof(*udest)); + nla_memcpy(&udest->addr, nla_addr, sizeof(udest->addr)); udest->port = nla_get_u16(nla_port); _______________________________________________ Please read the documentation before posting - it's available at: http://www.linuxvirtualserver.org/ LinuxVirtualServer.org mailing list - [email protected] Send requests to [email protected] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
