Skip to content

Commit

Permalink
Fixed race condition at ip_vs.ko module init.
Browse files Browse the repository at this point in the history 
Lists were initialized after the module was registered.  Multiple ipvsadm
processes at module load triggered a race condition that resulted in a null
pointer dereference in do_ip_vs_get_ctl(). As a result, __ip_vs_mutex
was left locked preventing all further ipvsadm commands.

Signed-off-by: Eduardo J. Blanco <ejblanco@google.com>
Signed-off-by: Simon Horman <horms@verge.net.au>
  • Loading branch information
Eduardo Blanco authored and Simon Horman committed Oct 19, 2010
1 parent 714f095 commit d86bef7
Showing 1 changed file with 10 additions and 9 deletions.
19 changes: 10 additions & 9 deletions net/netfilter/ipvs/ip_vs_ctl.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3400,6 +3400,16 @@ int __init ip_vs_control_init(void)

EnterFunction(2);

/* Initialize ip_vs_svc_table, ip_vs_svc_fwm_table, ip_vs_rtable */
for(idx = 0; idx < IP_VS_SVC_TAB_SIZE; idx++) {
INIT_LIST_HEAD(&ip_vs_svc_table[idx]);
INIT_LIST_HEAD(&ip_vs_svc_fwm_table[idx]);
}
for(idx = 0; idx < IP_VS_RTAB_SIZE; idx++) {
INIT_LIST_HEAD(&ip_vs_rtable[idx]);
}
smp_wmb();

ret = nf_register_sockopt(&ip_vs_sockopts);
if (ret) {
pr_err("cannot register sockopt.\n");
Expand All @@ -3418,15 +3428,6 @@ int __init ip_vs_control_init(void)

sysctl_header = register_sysctl_paths(net_vs_ctl_path, vs_vars);

/* Initialize ip_vs_svc_table, ip_vs_svc_fwm_table, ip_vs_rtable */
for(idx = 0; idx < IP_VS_SVC_TAB_SIZE; idx++) {
INIT_LIST_HEAD(&ip_vs_svc_table[idx]);
INIT_LIST_HEAD(&ip_vs_svc_fwm_table[idx]);
}
for(idx = 0; idx < IP_VS_RTAB_SIZE; idx++) {
INIT_LIST_HEAD(&ip_vs_rtable[idx]);
}

ip_vs_new_estimator(&ip_vs_stats);

/* Hook the defense timer */
Expand Down

0 comments on commit d86bef7

Please sign in to comment.