r3151 - in trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian: . patches

Simon Horman horms@costa.debian.org
Thu, 19 May 2005 07:11:53 +0000 

Author: horms
Date: 2005-05-19 07:11:52 +0000 (Thu, 19 May 2005)
New Revision: 3151

Added:
   trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/net-ipv4-ipvs-icmp-leak.dpatch
Modified:
   trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
Log:
Fix leak in LVS ICMP handler that manifests under heavy traffic situations.

Modified: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog	2005-05-19 06:22:28 UTC (rev 3150)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/changelog	2005-05-19 07:11:52 UTC (rev 3151)
@@ -153,8 +153,12 @@
     [SECURITY] Fix root hole in raw device. See CAN-2005-1264.
     (closes: #309429) (Simon Horman)
 
- -- Simon Horman <horms@debian.org>  Thu, 19 May 2005 15:16:22 +0900
+  * net-ipv4-ipvs-icmp-leak.dpatch:
+    Fix leak in LVS ICMP handler that manifests under heavy traffic situations.
+    (Simon Horman)
 
+ -- Simon Horman <horms@debian.org>  Thu, 19 May 2005 15:38:22 +0900
+
 kernel-source-2.6.8 (2.6.8-15) unstable; urgency=high
 
   * [Security] Fix race in radeon driver which can result

Added: trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/net-ipv4-ipvs-icmp-leak.dpatch
===================================================================
--- trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/net-ipv4-ipvs-icmp-leak.dpatch	2005-05-19 06:22:28 UTC (rev 3150)
+++ trunk/kernel/source/kernel-source-2.6.8-2.6.8/debian/patches/net-ipv4-ipvs-icmp-leak.dpatch	2005-05-19 07:11:52 UTC (rev 3151)
@@ -0,0 +1,20 @@
+
+	Hello,
+
+	Dave, please apply a patch against 2.6.12-rc4
+
+	Remove extra __ip_vs_conn_put for incoming ICMP in direct routing
+mode. Mark de Vries reports that IPVS connections are not leaked anymore.
+
+Signed-off-by: Julian Anastasov <ja@ssi.bg>
+diff -ur v2.6.12-rc4/linux/net/ipv4/ipvs/ip_vs_xmit.c linux/net/ipv4/ipvs/ip_vs_xmit.c
+--- v2.6.12-rc4/linux/net/ipv4/ipvs/ip_vs_xmit.c	2004-08-31 08:09:31.000000000 +0300
++++ linux/net/ipv4/ipvs/ip_vs_xmit.c	2005-05-09 00:31:47.810807232 +0300
+@@ -520,7 +520,6 @@
+ 			rc = NF_ACCEPT;
+ 		/* do not touch skb anymore */
+ 		atomic_inc(&cp->in_pkts);
+-		__ip_vs_conn_put(cp);
+ 		goto out;
+ 	}
+