netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [GIT PULL nf] IPVS Fixes for v3.20
@ 2015-02-09  5:25 Simon Horman
  2015-02-09  5:25 ` [PATCH nf] ipvs: fix inability to remove a mixed-family RS Simon Horman
  2015-02-10  5:31 ` [GIT PULL nf] IPVS Fixes for v3.20 Pablo Neira Ayuso
  0 siblings, 2 replies; 4+ messages in thread
From: Simon Horman @ 2015-02-09  5:25 UTC (permalink / raw)
  To: Pablo Neira Ayuso
  Cc: lvs-devel, netdev, netfilter-devel, Wensong Zhang,
	Julian Anastasov, Simon Horman

Hi Pablo,

please consider this fix for v3.20

This patch prevents the kernel getting into a situation whereby a
real-server may not be removed from a heterogeneous IPVS virtual server.

This problem was introduced by  bc18d37f676f ("ipvs: Allow heterogeneous
pools now that we support them") in v3.18. This patch seems appropriate
for stable and I have checked that it applies cleanly to both v3.19 and
v3.18.6.


The following changes since commit 42b5212fee4f57907e9415b18fe19c13e65574bc:

  xen-netback: stop the guest rx thread after a fatal error (2015-02-02 19:39:04 -0800)

are available in the git repository at:

  https://git.kernel.org/pub/scm/linux/kernel/git/horms/ipvs.git tags/ipvs-fixes-for-v3.20

for you to fetch changes up to dd3733b3e798daf778a1ec08557f388f00fdc2f6:

  ipvs: fix inability to remove a mixed-family RS (2015-02-09 14:13:30 +0900)

----------------------------------------------------------------
Alexey Andriyanov (1):
      ipvs: fix inability to remove a mixed-family RS

 net/netfilter/ipvs/ip_vs_ctl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

^ permalink raw reply	[flat|nested] 4+ messages in thread
* [PATCH nf] ipvs: fix inability to remove a mixed-family RS
  2015-02-09  5:25 [GIT PULL nf] IPVS Fixes for v3.20 Simon Horman
@ 2015-02-09  5:25 ` Simon Horman
  2015-02-10  5:31 ` [GIT PULL nf] IPVS Fixes for v3.20 Pablo Neira Ayuso
  1 sibling, 0 replies; 4+ messages in thread
From: Simon Horman @ 2015-02-09  5:25 UTC (permalink / raw)
  To: Pablo Neira Ayuso
  Cc: lvs-devel, netdev, netfilter-devel, Wensong Zhang,
	Julian Anastasov, Alexey Andriyanov, Simon Horman

From: Alexey Andriyanov <alan@al-an.info>

The current code prevents any operation with a mixed-family dest
unless IP_VS_CONN_F_TUNNEL flag is set. The problem is that it's impossible
for the client to follow this rule, because ip_vs_genl_parse_dest does
not even read the destination conn_flags when cmd = IPVS_CMD_DEL_DEST
(need_full_dest = 0).

Also, not every client can pass this flag when removing a dest. ipvsadm,
for example, does not support the "-i" command line option together with
the "-d" option.

This change disables any checks for mixed-family on IPVS_CMD_DEL_DEST command.

Signed-off-by: Alexey Andriyanov <alan@al-an.info>
Fixes: bc18d37f676f ("ipvs: Allow heterogeneous pools now that we support them")
Acked-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Simon Horman <horms@verge.net.au>
---
 net/netfilter/ipvs/ip_vs_ctl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
index b8295a4..fdcda8b 100644
--- a/net/netfilter/ipvs/ip_vs_ctl.c
+++ b/net/netfilter/ipvs/ip_vs_ctl.c
@@ -3399,7 +3399,7 @@ static int ip_vs_genl_set_cmd(struct sk_buff *skb, struct genl_info *info)
 		if (udest.af == 0)
 			udest.af = svc->af;
 
-		if (udest.af != svc->af) {
+		if (udest.af != svc->af && cmd != IPVS_CMD_DEL_DEST) {
 			/* The synchronization protocol is incompatible
 			 * with mixed family services
 			 */
-- 
2.1.4


^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [GIT PULL nf] IPVS Fixes for v3.20
  2015-02-09  5:25 [GIT PULL nf] IPVS Fixes for v3.20 Simon Horman
  2015-02-09  5:25 ` [PATCH nf] ipvs: fix inability to remove a mixed-family RS Simon Horman
@ 2015-02-10  5:31 ` Pablo Neira Ayuso
  2015-02-10  5:44   ` Simon Horman
  1 sibling, 1 reply; 4+ messages in thread
From: Pablo Neira Ayuso @ 2015-02-10  5:31 UTC (permalink / raw)
  To: Simon Horman
  Cc: lvs-devel, netdev, netfilter-devel, Wensong Zhang, Julian Anastasov

On Mon, Feb 09, 2015 at 02:25:07PM +0900, Simon Horman wrote:
> Hi Pablo,
> 
> please consider this fix for v3.20
> 
> This patch prevents the kernel getting into a situation whereby a
> real-server may not be removed from a heterogeneous IPVS virtual server.
> 
> This problem was introduced by  bc18d37f676f ("ipvs: Allow heterogeneous
> pools now that we support them") in v3.18. This patch seems appropriate
> for stable and I have checked that it applies cleanly to both v3.19 and
> v3.18.6.
> 
> 
> The following changes since commit 42b5212fee4f57907e9415b18fe19c13e65574bc:
> 
>   xen-netback: stop the guest rx thread after a fatal error (2015-02-02 19:39:04 -0800)
> 
> are available in the git repository at:
> 
>   https://git.kernel.org/pub/scm/linux/kernel/git/horms/ipvs.git tags/ipvs-fixes-for-v3.20

Pulled, thanks Simon.

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [GIT PULL nf] IPVS Fixes for v3.20
  2015-02-10  5:31 ` [GIT PULL nf] IPVS Fixes for v3.20 Pablo Neira Ayuso
@ 2015-02-10  5:44   ` Simon Horman
  0 siblings, 0 replies; 4+ messages in thread
From: Simon Horman @ 2015-02-10  5:44 UTC (permalink / raw)
  To: Pablo Neira Ayuso
  Cc: lvs-devel, netdev, netfilter-devel, Wensong Zhang, Julian Anastasov

On Tue, Feb 10, 2015 at 06:31:41AM +0100, Pablo Neira Ayuso wrote:
> On Mon, Feb 09, 2015 at 02:25:07PM +0900, Simon Horman wrote:
> > Hi Pablo,
> > 
> > please consider this fix for v3.20
> > 
> > This patch prevents the kernel getting into a situation whereby a
> > real-server may not be removed from a heterogeneous IPVS virtual server.
> > 
> > This problem was introduced by  bc18d37f676f ("ipvs: Allow heterogeneous
> > pools now that we support them") in v3.18. This patch seems appropriate
> > for stable and I have checked that it applies cleanly to both v3.19 and
> > v3.18.6.
> > 
> > 
> > The following changes since commit 42b5212fee4f57907e9415b18fe19c13e65574bc:
> > 
> >   xen-netback: stop the guest rx thread after a fatal error (2015-02-02 19:39:04 -0800)
> > 
> > are available in the git repository at:
> > 
> >   https://git.kernel.org/pub/scm/linux/kernel/git/horms/ipvs.git tags/ipvs-fixes-for-v3.20
> 
> Pulled, thanks Simon.

Thanks Pablo.

I have an unrelated feature patch for v3.20 queued up.
I'll send a pull request for that shortly.

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2015-02-10  5:44 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-02-09  5:25 [GIT PULL nf] IPVS Fixes for v3.20 Simon Horman
2015-02-09  5:25 ` [PATCH nf] ipvs: fix inability to remove a mixed-family RS Simon Horman
2015-02-10  5:31 ` [GIT PULL nf] IPVS Fixes for v3.20 Pablo Neira Ayuso
2015-02-10  5:44   ` Simon Horman

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).