On netns cleanup path, before unregistration in __ip_vs_ftp_exit(),
there could still be existing conns with valid cp->app.

Suggested by Julian, this patch fixes this issue by checking ipvs->enable 
to ensure the right order of cleanup:
1. Set ipvs->enable to 0 in ipvs_core_dev_ops->exit_batch()
2. Skip app unregistration in ip_vs_ftp_ops->exit() by 
	checking ipvs->enable
3. Flush all conns in ipvs_core_ops->exit_batch()
4. Unregister all apps in ipvs_core_ops->exit_batch()

Access ipvs->enable by READ_ONCE to avoid concurrency issue.

Suggested-by: Julian Anastasov <ja@ssi.bg>
Signed-off-by: Slavin Liu <slavin452@gmail.com>
---
 net/netfilter/ipvs/ip_vs_ftp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/netfilter/ipvs/ip_vs_ftp.c b/net/netfilter/ipvs/ip_vs_ftp.c
index d8a284999544..d3e2f7798bf3 100644
--- a/net/netfilter/ipvs/ip_vs_ftp.c
+++ b/net/netfilter/ipvs/ip_vs_ftp.c
@@ -605,7 +605,7 @@ static void __ip_vs_ftp_exit(struct net *net)
 {
 	struct netns_ipvs *ipvs = net_ipvs(net);
 
-	if (!ipvs)
+	if (!ipvs || !READ_ONCE(ipvs->enable))
 		return;
 
 	unregister_ip_vs_app(ipvs, &ip_vs_ftp);
-- 
2.34.1