Hello, Julian
On 2019/7/30 4:20, Julian Anastasov wrote:
>
> Hello,
>
> On Mon, 29 Jul 2019, Florian Westphal wrote:
>
>>> diff --git a/net/netfilter/ipvs/ip_vs_ctl.c b/net/netfilter/ipvs/ip_vs_ctl.c
>>> index 741d91aa4a8d..e78fd05f108b 100644
>>> --- a/net/netfilter/ipvs/ip_vs_ctl.c
>>> +++ b/net/netfilter/ipvs/ip_vs_ctl.c
>>> @@ -1680,12 +1680,18 @@ proc_do_defense_mode(struct ctl_table *table, int write,
>>> int val = *valp;
>>> int rc;
>>>
>>> - rc = proc_dointvec(table, write, buffer, lenp, ppos);
>>> + struct ctl_table tmp = {
>>> + .data = &val,
>>> + .maxlen = sizeof(int),
>>> + .mode = table->mode,
>>> + };
>>> +
>>> + rc = proc_dointvec(&tmp, write, buffer, lenp, ppos);
>>
>> Wouldn't it be better do use proc_dointvec_minmax and set the
>> constraints via .extra1,2 in the sysctl knob definition?
>
> We store the 'ipvs' back-ptr in extra2, so may be we
> can not use it in the table for proc_do_defense_mode, only for
> tmp. proc_do_sync_mode may use extra1/2 in table for the
> proc_dointvec_minmax call.
>
> Regards
>
> --
> Julian Anastasov <ja@xxxxxx>
>
> .
>
I agree with you, in these four function, only proc_do_sync_mode can
use extra1/2 in table for the proc_dointvec_minmax,
i will update it in patch v2. Thank you for reply.
Regards,
Junwei
