On Tue, Dec 20, 2016 at 8:48 AM, Pablo Neira Ayuso wrote:
> On Thu, Dec 15, 2016 at 12:31:40PM +0800, Xin Long wrote:
>> @@ -185,6 +186,17 @@ clusterip_config_init(const struct
>> ipt_clusterip_tgt_info *i, __be32 ip,
>> atomic_set(&c->refcount, 1);
>> atomic_set(&c->entries, 1);
>>
>
On Thu, Dec 15, 2016 at 12:31:40PM +0800, Xin Long wrote:
> @@ -185,6 +186,17 @@ clusterip_config_init(const struct
> ipt_clusterip_tgt_info *i, __be32 ip,
> atomic_set(&c->refcount, 1);
> atomic_set(&c->entries, 1);
>
> + spin_lock_bh(&cn->lock);
> + if (__clusterip_config_f
On Thu, Dec 15, 2016 at 12:31:40PM +0800, Xin Long wrote:
> Now when adding an ipt_CLUSTERIP rule, it only checks duplicate config in
> clusterip_config_find_get(). But after that, there may be still another
> thread to insert a config with the same ip, then it leaves proc_create_data
> to do dupli
Now when adding an ipt_CLUSTERIP rule, it only checks duplicate config in
clusterip_config_find_get(). But after that, there may be still another
thread to insert a config with the same ip, then it leaves proc_create_data
to do duplicate check.
It's more reasonable to check duplicate config by ipt
