Gh0st
/
linux
mirror of https://github.com/torvalds/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux/net/netfilter/ipvs
History
Slavin Liu 134121bfd9 ipvs: Defer ip_vs_ftp unregister during netns cleanup 
On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp
before connections with valid cp->app pointers are flushed, leading to a
use-after-free.

Fix this by introducing a global `exiting_module` flag, set to true in
ip_vs_ftp_exit() before unregistering the pernet subsystem. In
__ip_vs_ftp_exit(), skip ip_vs_ftp unregister if called during netns
cleanup (when exiting_module is false) and defer it to
__ip_vs_cleanup_batch(), which unregisters all apps after all connections
are flushed. If called during module exit, unregister ip_vs_ftp
immediately.

Fixes: 61b1ab4583 ("IPVS: netns, add basic init per netns.")
Suggested-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Slavin Liu <slavin452@gmail.com>
Signed-off-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Florian Westphal <fw@strlen.de>
 		2025-09-24 11:50:28 +02:00
..
Kconfig sctp: use skb_crc32c() instead of __skb_checksum() 2025-05-21 15:40:16 -07:00
Makefile
ip_vs_app.c ipvs: fix WARNING in ip_vs_app_net_cleanup() 2022-11-02 09:39:14 +01:00
ip_vs_conn.c ipvs: Use READ_ONCE/WRITE_ONCE for ipvs->enable 2025-09-11 15:40:55 +02:00
ip_vs_core.c ipvs: Use READ_ONCE/WRITE_ONCE for ipvs->enable 2025-09-11 15:40:55 +02:00
ip_vs_ctl.c ipvs: Use READ_ONCE/WRITE_ONCE for ipvs->enable 2025-09-11 15:40:55 +02:00
ip_vs_dh.c ipvs: add missing module descriptions 2023-11-08 13:52:33 +01:00
ip_vs_est.c ipvs: Use READ_ONCE/WRITE_ONCE for ipvs->enable 2025-09-11 15:40:55 +02:00
ip_vs_fo.c ipvs: add missing module descriptions 2023-11-08 13:52:33 +01:00
ip_vs_ftp.c ipvs: Defer ip_vs_ftp unregister during netns cleanup 2025-09-24 11:50:28 +02:00
ip_vs_lblc.c treewide, timers: Rename from_timer() to timer_container_of() 2025-06-08 09:07:37 +02:00
ip_vs_lblcr.c treewide, timers: Rename from_timer() to timer_container_of() 2025-06-08 09:07:37 +02:00
ip_vs_lc.c ipvs: add missing module descriptions 2023-11-08 13:52:33 +01:00
ip_vs_mh.c
ip_vs_nfct.c
ip_vs_nq.c ipvs: add missing module descriptions 2023-11-08 13:52:33 +01:00
ip_vs_ovf.c ipvs: add missing module descriptions 2023-11-08 13:52:33 +01:00
ip_vs_pe.c
ip_vs_pe_sip.c ipvs: add missing module descriptions 2023-11-08 13:52:33 +01:00
ip_vs_proto.c ipvs: fix UB due to uninitialized stack access in ip_vs_protocol_init() 2024-11-28 13:14:23 +01:00
ip_vs_proto_ah_esp.c
ip_vs_proto_sctp.c ipvs: Avoid unnecessary calls to skb_is_gso_sctp 2024-06-26 00:54:45 +02:00
ip_vs_proto_tcp.c
ip_vs_proto_udp.c
ip_vs_rr.c ipvs: add missing module descriptions 2023-11-08 13:52:33 +01:00
ip_vs_sched.c
ip_vs_sed.c ipvs: add missing module descriptions 2023-11-08 13:52:33 +01:00
ip_vs_sh.c ipvs: add missing module descriptions 2023-11-08 13:52:33 +01:00
ip_vs_sync.c move asm/unaligned.h to linux/unaligned.h 2024-10-02 17:23:23 -04:00
ip_vs_twos.c ipvs: add missing module descriptions 2023-11-08 13:52:33 +01:00
ip_vs_wlc.c ipvs: add missing module descriptions 2023-11-08 13:52:33 +01:00
ip_vs_wrr.c ipvs: add missing module descriptions 2023-11-08 13:52:33 +01:00
ip_vs_xmit.c net: dst: annotate data-races around dst->obsolete 2025-07-02 14:32:29 -07:00