ipvs: prevent mixing heterogeneous pools and synchronization

The synchronization protocol is not compatible with heterogeneous pools, so
we need to verify that we're not turning both on at the same time.

Signed-off-by: Alex Gartrell <agartrell@fb.com>
Acked-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Simon Horman <horms@verge.net.au>

diff --git a/include/net/ip_vs.h b/include/net/ip_vs.h
index 7600dbe5780e22c5e959f913498d1b6595a79ee4..576d7f0bed5d2bf37ed54603307b5e8c70fa01fd 100644 (file)
--- a/include/net/ip_vs.h
+++ b/include/net/ip_vs.h
@@ -990,6 +990,10 @@ struct netns_ipvs {
        char                    backup_mcast_ifn[IP_VS_IFNAME_MAXLEN];
        /* net name space ptr */
        struct net              *net;            /* Needed by timer routines */
+       /* Number of heterogeneous destinations, needed because
+        * heterogeneous are not supported when synchronization is
+        * enabled */
+       unsigned int            mixed_address_family_dests;
 };
 
 #define DEFAULT_SYNC_THRESHOLD 3

diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
index 6bd2cc682137cd2c7da510f35d46b41d6c706b6a..462760eded94b512f28f96244b0bf6ff417eaacd 100644 (file)
--- a/net/netfilter/ipvs/ip_vs_ctl.c
+++ b/net/netfilter/ipvs/ip_vs_ctl.c
@@ -779,6 +779,12 @@ __ip_vs_update_dest(struct ip_vs_service *svc, struct ip_vs_dest *dest,
        struct ip_vs_scheduler *sched;
        int conn_flags;
 
+       /* We cannot modify an address and change the address family */
+       BUG_ON(!add && udest->af != dest->af);
+
+       if (add && udest->af != svc->af)
+               ipvs->mixed_address_family_dests++;
+
        /* set the weight and the flags */
        atomic_set(&dest->weight, udest->weight);
        conn_flags = udest->conn_flags & IP_VS_CONN_F_DEST_MASK;
@@ -1061,6 +1067,9 @@ static void __ip_vs_unlink_dest(struct ip_vs_service *svc,
        list_del_rcu(&dest->n_list);
        svc->num_dests--;
 
+       if (dest->af != svc->af)
+               net_ipvs(svc->net)->mixed_address_family_dests--;
+
        if (svcupd) {
                struct ip_vs_scheduler *sched;
 
@@ -3256,6 +3265,12 @@ static int ip_vs_genl_new_daemon(struct net *net, struct nlattr **attrs)
              attrs[IPVS_DAEMON_ATTR_SYNC_ID]))
                return -EINVAL;
 
+       /* The synchronization protocol is incompatible with mixed family
+        * services
+        */
+       if (net_ipvs(net)->mixed_address_family_dests > 0)
+               return -EINVAL;
+
        return start_sync_thread(net,
                                 nla_get_u32(attrs[IPVS_DAEMON_ATTR_STATE]),
                                 nla_data(attrs[IPVS_DAEMON_ATTR_MCAST_IFN]),