Hello,
On Mon, 29 Jul 2019, Florian Westphal wrote:
> > diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
> > index 741d91aa4a8d..e78fd05f108b 100644
> > --- a/net/netfilter/ipvs/ip_vs_ctl.c
> > +++ b/net/netfilter/ipvs/ip_vs_ctl.c
> > @@ -1680,12 +1680,18 @@ proc_do_defense_mode(struct ctl_table *table, int write,
> > int val = *valp;
> > int rc;
> >
> > - rc = proc_dointvec(table, write, buffer, lenp, ppos);
> > + struct ctl_table tmp = {
> > + .data = &val,
> > + .maxlen = sizeof(int),
> > + .mode = table->mode,
> > + };
> > +
> > + rc = proc_dointvec(&tmp, write, buffer, lenp, ppos);
>
> Wouldn't it be better do use proc_dointvec_minmax and set the
> constraints via .extra1,2 in the sysctl knob definition?
We store the 'ipvs' back-ptr in extra2, so may be we
can not use it in the table for proc_do_defense_mode, only for
tmp. proc_do_sync_mode may use extra1/2 in table for the
proc_dointvec_minmax call.
Regards
--
Julian Anastasov <ja@xxxxxx>
