diff options
-rw-r--r-- | net/ipv4/ipvs/ip_vs_conn.c | 6 | ||||
-rw-r--r-- | net/ipv4/ipvs/ip_vs_ctl.c | 9 |
2 files changed, 9 insertions, 6 deletions
diff --git a/net/ipv4/ipvs/ip_vs_conn.c b/net/ipv4/ipvs/ip_vs_conn.c index 9f16ab309106..d0145a8b1551 100644 --- a/net/ipv4/ipvs/ip_vs_conn.c +++ b/net/ipv4/ipvs/ip_vs_conn.c | |||
@@ -758,7 +758,7 @@ static inline int todrop_entry(struct ip_vs_conn *cp) | |||
758 | return 1; | 758 | return 1; |
759 | } | 759 | } |
760 | 760 | ||
761 | 761 | /* Called from keventd and must protect itself from softirqs */ | |
762 | void ip_vs_random_dropentry(void) | 762 | void ip_vs_random_dropentry(void) |
763 | { | 763 | { |
764 | int idx; | 764 | int idx; |
@@ -773,7 +773,7 @@ void ip_vs_random_dropentry(void) | |||
773 | /* | 773 | /* |
774 | * Lock is actually needed in this loop. | 774 | * Lock is actually needed in this loop. |
775 | */ | 775 | */ |
776 | ct_write_lock(hash); | 776 | ct_write_lock_bh(hash); |
777 | 777 | ||
778 | list_for_each_entry(cp, &ip_vs_conn_tab[hash], c_list) { | 778 | list_for_each_entry(cp, &ip_vs_conn_tab[hash], c_list) { |
779 | if (!cp->cport && !(cp->flags & IP_VS_CONN_F_NO_CPORT)) | 779 | if (!cp->cport && !(cp->flags & IP_VS_CONN_F_NO_CPORT)) |
@@ -806,7 +806,7 @@ void ip_vs_random_dropentry(void) | |||
806 | ip_vs_conn_expire_now(cp->control); | 806 | ip_vs_conn_expire_now(cp->control); |
807 | } | 807 | } |
808 | } | 808 | } |
809 | ct_write_unlock(hash); | 809 | ct_write_unlock_bh(hash); |
810 | } | 810 | } |
811 | } | 811 | } |
812 | 812 | ||
diff --git a/net/ipv4/ipvs/ip_vs_ctl.c b/net/ipv4/ipvs/ip_vs_ctl.c index 12a82e91d22a..7d99ede2ef79 100644 --- a/net/ipv4/ipvs/ip_vs_ctl.c +++ b/net/ipv4/ipvs/ip_vs_ctl.c | |||
@@ -90,7 +90,8 @@ int ip_vs_get_debug_level(void) | |||
90 | #endif | 90 | #endif |
91 | 91 | ||
92 | /* | 92 | /* |
93 | * update_defense_level is called from keventd and from sysctl. | 93 | * update_defense_level is called from keventd and from sysctl, |
94 | * so it needs to protect itself from softirqs | ||
94 | */ | 95 | */ |
95 | static void update_defense_level(void) | 96 | static void update_defense_level(void) |
96 | { | 97 | { |
@@ -110,6 +111,8 @@ static void update_defense_level(void) | |||
110 | 111 | ||
111 | nomem = (availmem < sysctl_ip_vs_amemthresh); | 112 | nomem = (availmem < sysctl_ip_vs_amemthresh); |
112 | 113 | ||
114 | local_bh_disable(); | ||
115 | |||
113 | /* drop_entry */ | 116 | /* drop_entry */ |
114 | spin_lock(&__ip_vs_dropentry_lock); | 117 | spin_lock(&__ip_vs_dropentry_lock); |
115 | switch (sysctl_ip_vs_drop_entry) { | 118 | switch (sysctl_ip_vs_drop_entry) { |
@@ -206,6 +209,8 @@ static void update_defense_level(void) | |||
206 | if (to_change >= 0) | 209 | if (to_change >= 0) |
207 | ip_vs_protocol_timeout_change(sysctl_ip_vs_secure_tcp>1); | 210 | ip_vs_protocol_timeout_change(sysctl_ip_vs_secure_tcp>1); |
208 | write_unlock(&__ip_vs_securetcp_lock); | 211 | write_unlock(&__ip_vs_securetcp_lock); |
212 | |||
213 | local_bh_enable(); | ||
209 | } | 214 | } |
210 | 215 | ||
211 | 216 | ||
@@ -1360,9 +1365,7 @@ proc_do_defense_mode(ctl_table *table, int write, struct file * filp, | |||
1360 | /* Restore the correct value */ | 1365 | /* Restore the correct value */ |
1361 | *valp = val; | 1366 | *valp = val; |
1362 | } else { | 1367 | } else { |
1363 | local_bh_disable(); | ||
1364 | update_defense_level(); | 1368 | update_defense_level(); |
1365 | local_bh_enable(); | ||
1366 | } | 1369 | } |
1367 | } | 1370 | } |
1368 | return rc; | 1371 | return rc; |