Commit 643bb5db authored by Alexander Mikhalitsyn's avatar Alexander Mikhalitsyn Committed by David S. Miller
Browse files

ipvs: add READ_ONCE barrier for ipvs->sysctl_amemthresh 



Cc: Julian Anastasov <ja@ssi.bg>
Cc: Simon Horman <horms@verge.net.au>
Cc: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: Jozsef Kadlecsik <kadlec@netfilter.org>
Cc: Florian Westphal <fw@strlen.de>
Suggested-by: default avatarJulian Anastasov <ja@ssi.bg>
Signed-off-by: default avatarAlexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
Acked-by: default avatarJulian Anastasov <ja@ssi.bg>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent abb45a24

net/netfilter/ipvs/ip_vs_ctl.c

+7 −7
Original line number Diff line number Diff line
@@ -94,6 +94,7 @@ static void update_defense_level(struct netns_ipvs *ipvs) 
{

	struct sysinfo i;

	int availmem;

	int amemthresh;

	int nomem;

	int to_change = -1;
@@ -105,7 +106,8 @@ static void update_defense_level(struct netns_ipvs *ipvs) 
	/* si_swapinfo(&i); */

	/* availmem = availmem - (i.totalswap - i.freeswap); */



	nomem = (availmem < ipvs->sysctl_amemthresh);

	amemthresh = max(READ_ONCE(ipvs->sysctl_amemthresh), 0);

	nomem = (availmem < amemthresh);



	local_bh_disable();
@@ -145,9 +147,8 @@ static void update_defense_level(struct netns_ipvs *ipvs) 
		break;

	case 1:

		if (nomem) {

			ipvs->drop_rate = ipvs->drop_counter

				= ipvs->sysctl_amemthresh /

				(ipvs->sysctl_amemthresh-availmem);

			ipvs->drop_counter = amemthresh / (amemthresh - availmem);

			ipvs->drop_rate = ipvs->drop_counter;

			ipvs->sysctl_drop_packet = 2;

		} else {

			ipvs->drop_rate = 0;
@@ -155,9 +156,8 @@ static void update_defense_level(struct netns_ipvs *ipvs) 
		break;

	case 2:

		if (nomem) {

			ipvs->drop_rate = ipvs->drop_counter

				= ipvs->sysctl_amemthresh /

				(ipvs->sysctl_amemthresh-availmem);

			ipvs->drop_counter = amemthresh / (amemthresh - availmem);

			ipvs->drop_rate = ipvs->drop_counter;

		} else {

			ipvs->drop_rate = 0;

			ipvs->sysctl_drop_packet = 1;