diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-10-26 12:42:45 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-10-26 12:42:45 +0200 |
commit | 52b33b4f8186669ab88b56cf5b2812e3996ef289 (patch) | |
tree | 77dd54571a465476c93e09d24321851f5d8aa88c /net/netfilter/ipvs/ip_vs_app.c | |
parent | netfilter: nft_payload: fix missing check for matching length in offloads (diff) | |
parent | ipvs: move old_secure_tcp into struct netns_ipvs (diff) | |
download | linux-dev-52b33b4f8186669ab88b56cf5b2812e3996ef289.tar.xz linux-dev-52b33b4f8186669ab88b56cf5b2812e3996ef289.zip |
Merge tag 'ipvs-fixes-for-v5.4' of https://git.kernel.org/pub/scm/linux/kernel/git/horms/ipvs
Simon Horman says:
====================
IPVS fixes for v5.4
* Eric Dumazet resolves a race condition in switching the defense level
* Davide Caratti resolves a race condition in module removal
====================
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'net/netfilter/ipvs/ip_vs_app.c')
-rw-r--r-- | net/netfilter/ipvs/ip_vs_app.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/net/netfilter/ipvs/ip_vs_app.c b/net/netfilter/ipvs/ip_vs_app.c index 4515056ef1c2..f9b16f2b2219 100644 --- a/net/netfilter/ipvs/ip_vs_app.c +++ b/net/netfilter/ipvs/ip_vs_app.c @@ -193,21 +193,29 @@ struct ip_vs_app *register_ip_vs_app(struct netns_ipvs *ipvs, struct ip_vs_app * mutex_lock(&__ip_vs_app_mutex); + /* increase the module use count */ + if (!ip_vs_use_count_inc()) { + err = -ENOENT; + goto out_unlock; + } + list_for_each_entry(a, &ipvs->app_list, a_list) { if (!strcmp(app->name, a->name)) { err = -EEXIST; + /* decrease the module use count */ + ip_vs_use_count_dec(); goto out_unlock; } } a = kmemdup(app, sizeof(*app), GFP_KERNEL); if (!a) { err = -ENOMEM; + /* decrease the module use count */ + ip_vs_use_count_dec(); goto out_unlock; } INIT_LIST_HEAD(&a->incs_list); list_add(&a->a_list, &ipvs->app_list); - /* increase the module use count */ - ip_vs_use_count_inc(); out_unlock: mutex_unlock(&__ip_vs_app_mutex); |