[PATCH] another cond_resched() fix cond_resched() should check that it is not nexted via preempt_count() & PREEMPT_ACTIVE flag. Drop the whole super-logic from Den checking preempt count at al.Bug #92140
[PATCH] fix for cond_resched() fix: remove wrong WARN_ON(1) WARN_ON(1) is illegal, since when we return from cond_resched()->schedule() we have preempt_count = PREEMPT_ACTIVE, and if we have still current->need_resched flag set we can get to cond_resched() again from schedule()->reacquire_kernel_lock()->cond_resched() and thus this WARN_ON(1) gets triggered.Bug #92140
[PATCH] Fix needless SysRq help message Every time one does echo p >/proc/sysrq-trigger
newline sneaks into kernel buffer, sysrq code doesn't find it in
handlers table, and spits help banner.
[PATCH] x86_64: Zero extend all registers after ptrace in 32bit entry path.Strictly it's only needed for eax.
It actually does a little more than strictly needed -- the other registers
are already zero extended.
Also remove the now unnecessary and non functional compat task check
in ptrace.
This is CVE-2007-4573
Found by Wojciech Purczynski
Signed-off-by: Andi Kleen <ak@suse.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
X-Git-Url: http://git....
[FS]: disable O_DIRECT by default inside VEWe still have to disable O_DIRECT by default inside VE due to:
Compatibility with old broken software (e.g. rpm)
Bug #91550
[PATCH] fairsched: fix warning on preempt kernels rq->curr should be initialized to something to avoid its dereference e.g. in try_to_wakeup() on first process wakeup.Actually it doesn't matter to what it is initialized.
Let's use init_task for initial rq->curr.
[PATCH] cond_resched_lock() doesn't work in 2.6.18 When CONFIG_PREEMPT=n, cond_resched_lock() and cond_resched_softirq() don't work, since they check for preempt_count to be sane, but this counter is not tracked w/o preemption and is always 0.So the fix is:
- ignore preempt count when CONFIG_PREEMPT=n
- plus if we want to check preempt_count in CONFIG_PREEMPT=y case
(just to be on the safe side), we need to account lock_kernel()
effect on preempt_count correctly.
Bug #91012
[PATCH] BC: account fib rules to kmemsizeThis patch adds UB_KMEMSIZE accounting for:
- routing (fib) rules
- routing entries
- inet & inet6 addresses
All these objects are created by userspace and leaves in kernel memory.
[PATCH] VZDQ: report busy dentries on vzquota onIn case of vzquota ON fail, find and pass to the userspace
information about busy dentries.
vzquota must pass user buffer, and kernel fill it with found filenames.
[PATCH] VZDQ: report busy dentries on quota off In case of vzquota off fail, find and pass to the userspace information about busy dentries. vzquota must pass PAGE_SIZE buffer, and kernel fill it with found filenames.V2:
- use free_page() instead of kfree()
- remove unnecessary \n after the last file name
V3:
- use generic __d_path()
- don't call copy_to_user() if both ubuf and buf == NULL
V4:
- remove VZ_DQ_OFF_FORCED declaration from header, it relates to another
patch
Bug #86944
[PATCH] CPT: fix LDT pages leak with 4GB split In case 4GB split kernel is used, CPT can leak some of LDT pages - it allocates pages first, but doesn't set context->size, thus destroy_context() won't try to free these additional LDT pages.Relevant for -ent kernel flavors only.
[NET]: Do not dereference iov if length is zeroWhen msg_iovlen is zero we shouldn't try to dereference
msg_iov. Right now the only thing that tries to do so
is skb_copy_and_csum_datagram_iovec. Since the total
length should also be zero if msg_iovlen is zero, it's
sufficient to check the total length there and simply
return if it's zero.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Signed-off-by: David S. Miller <davem@davemlo...
[PATCH] BC: set correct ub context in netlink processing - rtnl netlink socket is asynchronous and can be processed during rtnl_unlock in the other context. - rtnl netlink socket is used to create kernel objects - these objects are planned to be accounted at least to UB_KMEMSIZESo, let's set correct UB context for packets processing.
[PATCH] net: allow SIOCSIFFLAGS in dev_ioctl() This patch allows ioctl SIOCSIFFLAGS from VE on PF_INET6 socket.In old VEs (with redhat-6.2) ifconfig calls ioctl() on IPv6 socket,
while tries to make venet UP inside VE. And fails.
Since this ioctl is prohibited in dev_ioctl(). Newer ifconfig's
call this ioctl() on IPv4 socket and thus end up with inet_ioctl().
Bug #91248
[PATCH][REVERT] proc: don't hash task dentries in VE0 Patch diff-ve-proc-hash-pid-dentries-20070516 is obsoleted by previous patch commit: diff-ubc-pid-uncharge-early-20070717Revert it.
[PATCH] uncharge pids from kmemsize a bit earlier When charged with generic slab charger pids hold the beancounter and may pin it to memory after VE is stopped. The proposal is to charge/uncharge pids manually letting them live longer than the beancounter. This is OK, since the only reason (in rhel5 kernel) they can do so is that proc inodes hold them. However, this is not a big deal, as inodes...Potential fix for bug #83891
BTW, patch named diff-ve-proc-hash-pid-dentries-20070516 may be
dropped from the list.
[IPV6]: /proc/net/anycast6 unbalanced inet6_dev refcntReading /proc/net/anycast6 when there is no anycast address
on an interface results in an ever-increasing inet6_dev reference
count, as well as a reference to the netdevice you can't get rid of.
Signed-off-by: David S. Miller <davem@davemloft.net>
Bug #75822
X-Git-Tag: v2.6.21-rc3~1492~5
X-Git-Url:
http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=a...
[PATCH] improve shrink_dcache_sb() This patch makes shrink_dcache_sb consistent with dentry pruning policy.On the first pass we iterate over dentry unused list and prepare some
dentries for removal.
However, since the existing code moves evicted dentries
to the beginning of the LRU it can happen that fresh dentries from
other superblocks will be inserted *before* our dentries.
This can result in significant slowdown of shrink_dcache_sb().
Moreover, for virtual filesystems like unionfs which can cal...
[PATCH] CPT: lock fd close correct error handlingLock fd close correct error handling:
on undump local variable 'err' was used to store an error,
that is why this error was ignored and undump continues
in spite of the error.
[ATM] he: Fix __init/__devinit conflicthe_init_one() is declared __devinit, but calls lots of init functions
that are marked __init. However, if CONFIG_HOTPLUG is enabled,
__devinit functions go into normal .text, which leads to
WARNING: drivers/atm/he.o - Section mismatch: reference to .init.text: from .text between 'he_start' (at offset 0x2130) and 'he_service_tbrq'
Fix this by changing the __init functions to __devinit.
S...
[PATCH] CPT: core changes to allow checkpointing inotify interface1. Cosmetic changes to export nessecary structs and variables
(time to start to think about moving those cpt bits to core to avoid
pollution. cpt interface could be ugly, but it is _one_ interface)
2. There is one essential change: each watchpoint refers to dentry/mnt.
The drawback: it means fs umount is blocked while some directory
on it is watched. With current uses of inotify it...
[PATCH] vzevent: fix netlink channel numberFix vzevent module. It is incompatible with kobject uevents in reallity.
Current code does *nothing*, since kobj is not fully configured.
Instead let's send messages via a separate netlink channel.
[PATCH] BC: fix unaliagned access on ia64struct page contains union of the fields:
union {
struct user_beancounter *page_ub;
struct page_beancounter *page_pb;
} bc;
and there are three cases for value 'bc':
1) pointer to user_beancounter
2) pointer to page_beancounter
3) IO marked pointer to page_beancounter
This patch corrects access to 3-rd case pointer.
Bug #86554
[PATCH] sigqueue_free: fix the race with collect_signal()Spotted by taoyue <yue.tao@windriver.com> and Jeremy Katz <jeremy.katz@windriver.com>.
collect_signal: sigqueue_free:
list_del_init(&first->list);
if (!list_empty(&q->list)) {
// not taken
}
q->flags &= ~SIGQUEUE_PREALLOC;
__sigqueue_free(first); __sigqueue_free(q);
Now, __sigqueue_free() is called twice on the same "struct sigqueue" with the
obviously bad im...
[PATCH] Reset current->pdeath_signal on SUID binary execution (CVE-2007-3848)Severity: minor
This fixes a vulnerability in the "parent process death signal"
implementation discoverd by Wojciech Purczynski of COSEINC PTE Ltd.
and iSEC Security Research.
http://marc.info/?l=bugtraq&m=118711306802632&w=2
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
X...
[PATCH] bonding: Fix 802.3ad no carrier on "no partner found" instanceModify carrier state determination for 802.3ad mode to comply
with section 43.3.9 of IEEE 802.3, which requires that "Links that are
not successful candidates for aggregation (e.g., links that are attached
to other devices that cannot perform aggregation or links that have been
manually configured to be non-aggregatable) are enabled to operate as
individual IEEE 802.3 links."
Bug reported by L...
[PATCH] CPT: correct handling of lock fd error codes Undump in CPT is performed in 2 stages (create env and init process; full undump). These 2 stages are separated with help of pipe: when this pipe is closed from vzctl we can proceed with second stage in CPT. So, possible scenario is following: 1. We are waiting in CPT in pipe_read() when pipe will be closed. 2. someone is sending signal to ou...Bug #88618
[PATCH] VENET: allow rmmod even if VE0 venet is UP This patch allows delete module even if venet ifterface in VE0 is up. Note, we must shutdown all interfaces in others VEs before delete module still.Bug #83537
[PATCH proc: return ENOENT instead of EACCESS when task is dead When reading the symlink /proc/<pid>/exe or /proc/<pid>/fd/<any> of a task, that has managed to die after opening the appropriate dir, but before reading the symlink, kernel returns -EACCESS due to strange code in proc_fd_access_allowed().Unlike the ms/RHEL5 kernel, the SuSE kernel returns -ENOENT in this
case and it turned out, that some SuSE software (inetd) is aware
of it and cannot stand any deviations.
Make the kernel return -ENOENT when the task is dead to make VEs
based on SuSE templates work. Keep the return value in any other
case (-EACCESS).
Bug #82009
[PATCH] UBC: missed wakup on one ub refill path The following scenario is possible: - TCPSNDBUF rejected by ub_sock_get_wreserv - sys_poll -> ub_sock_snd_queue_add - uncharge -> sk->sk_write_space DOES NOT wakeup the waiting poll as the queue is too long After this, no one will wakeup the process :( And it will block till the poll timeout end.The patch makes sure, that the generic code will send wakeup when appropriate.
Bug #89127
[PATCH] venet/veth: add ethtool supportThis patch adds ethtool features for the venet, veth devices. We are
interested in scatter-gather, TX/RX checksumming support manipulation. In
this implementation RX and TX checksumming considered as equal.
We have the two different approaches for manipulation the venet and veth
devices:
venet:
From VE0 is allowed get/set offload parameters for all venet devices;
From VE is all...
[PATCH] sched: notifier_block can be used after freenotifier_block can be used after free, since it is marked as __cpuinitdata,
while it can be registered and used in case of CPU hotplug/VCPU later...
[PATCH] NFS: nfs handling on VE stop fixThis patch:
- get rids register_ve_fs_type(nfs) and checks ve->features directly
on mount
- fixes NFS stop sequence if the mountpoint is still used on VE stop
- fixes racy access to xprt->sock in xs_close
[PATCH] Skip reboot fixups on Alt-SysRq-b The following calltrace is possible nowdays: handle_sysrq machine_emergency_restart mach_reboot_fixups pci_get_device pci_get_subsys down_readbut it is prohibited to do sleepy operations from interrupt context.
The patch skips reboot fixup if called from sysrq-B code.
Signed-off-by: Denis V. Lunev <den@openvz.org>