Author | Commit | Message | Commit date | Issues | |
---|---|---|---|---|---|
OpenVZ team | 602752a83d2 | linux-2.6.18-028stab053.14 released | |||
Nick Piggin | b0e178da720 | vm audit: add VM_DONTEXPAND to mmap for drivers that need itcommit 2f98735c9c24ea1f0d40a364d4e63611b689b795 Drivers that register a ->fault handler, but do not range-check the offset argument, must set VM_DONTEXPAND in the vm_flags in order to prevent an expanding mremap from overflowing the resource. I've audited the tree and attempted to fix these problems (usually by adding VM_DONTEXPAND where it is not obvious). Signed-off-by: Nick Piggin <npiggi... | |||
Denis V. Lunev | a368a9d78c3 | [NET]: Leak network device if refcount is positive.Unfortunately, there are some ways on which we have positive refcounters on network device on VE stop. This bugs are rather hard to debug and locate. The idea of this patch is to leave the loop waiting device to become free and _leak_ this device. This is better than a node freeze. Signed-off-by: Denis V. Lunev <den@parallels.com> | |||
Denis V. Lunev | 0b535d89600 | [IPV6]: Fix refcounting for anycast dst entries.The problem occures when we stop IPv6 device without dropping all addresses on it. For such a device addrconf_ifdown marks all entries as obsolete and ip6_del_rt called from __ipv6_dev_ac_dec return ENOENT. The referrence is not dropped. The fix is simple. DST entry should not keep referrence when stored in the FIB6 tree. Signed-off-by: Denis V. Lunev <den@openvz.org> | |||
Denis V. Lunev | 55961c8b56a | [IPV6]: inet6 device on the loopback should be kept until final stop.Additionally, addrconf_ifdown is broken in respect to how field. It is called with logical condition and "2" from IPv6 shutdown code. The latter case is the same as !0 but should really destroy a device as container is going down. Signed-off-by: Denis V. Lunev <den@openvz.org> | |||
Denis V. Lunev | b8e7422ef2c | [IPv6]: All IP6 fragments queues should be pruned on VE stop.Potential fix for bug 75822. | |||
Dmitry Mishin | 9acd0814e84 | NETFILTER: fix SNAT, DNAT in CT if ip_conntrack_disable_ve0 is usetIf ip_conntrack_disable_ve0 option is set, than it is impossible to use nat targets (DNAT, SNAT) inside Containers even if nat table is permitted for them and respective modules are loaded. This patch fixes above issue. Fixed and tested by Konstantin Khlebnikov <khlebnikov@openvz.org>. | |||
Konstantin Khlebnikov | 75a122518e2 | Cpu frequency switch may be incorrect on some hardwareOndemand use queue_delayed_work_on call and suppose that it works correctly. Farsched schedule kernel threads on random cpu and timer event may called not on supposed cpu. This leads to CPU frequency is set almost randomly. Bug 98868 | |||
Alexandr Andreev | 1662d0ddf31 | [SCHEDULER] fix load_balance() behavior, when it's invoked on a busy PCPU.Bug 93544 Bug 98868 Note: looks like it works, but not sure about any kind of performance any more. Now we can trust performance results for VE's with --cpus 1 | |||
Al Viro | 3a54bb81e1e | [PATCH] fix SMP ordering hole in fcntl_setlk()commit 0b2bac2f1ea0d33a3621b27ca68b9ae760fca2e9 fcntl_setlk()/close() race prevention has a subtle hole - we need to make sure that if we *do* have an fcntl/close race on SMP box, the access to descriptor table and inode->i_flock won't get reordered. As it is, we get STORE inode->i_flock, LOAD descriptor table entry vs. STORE descriptor table entry, LOAD inode->i_flock with not a single lock ... | |||
Al Viro | 8b545b4cbd8 | Fix dnotify/close racecommit 214b7049a7929f03bbd2786aaef04b8b79db34e2 We have a race between fcntl() and close() that can lead to dnotify_struct inserted into inode's list *after* the last descriptor had been gone from current->files. Since that's the only point where dnotify_struct gets evicted, we are screwed - it will stick around indefinitely. Even after struct file in question is gone and freed. Worse, we c... | |||
Aurelien Jarno | df87afba414 | x86: clear DF before calling signal handlercommit e40cd10ccff3d9fbffd57b93780bee4b7b9bff51 The Linux kernel currently does not clear the direction flag before calling a signal handler, whereas the x86/x86-64 ABI requires that. Linux had this behavior/bug forever, but this becomes a real problem with gcc version 4.3, which assumes that the direction flag is correctly cleared at the entry of a function. This patches changes the setup_f... | |||
Andrew Morton | 30f3657d481 | neofb: avoid overwriting fb_info fieldscommit 0e9045494aa50f34b774a7449dde4128240a7b00 Fix bug identified by Marcio Buss in http://bugzilla.kernel.org/show_bug.cgi?id=9565 - neofb can overwrite a field in the fb_info struct. This fix will result in truncated device identification strings - perhaps fb_innfo.fix.id can be made larger? Cc: Marcio Buss <marciobuss@gmail.com> Cc: "Antonino A. Daplas" <adaplas@pol.net> Cc: Christian Tr... | |||
Karsten Keil | fc8d2cabea6 | I4L: fix isdn_ioctl memory overrun vulnerabilitycommit eafe1aa37e6ec2d56f14732b5240c4dd09f0613a Fix possible memory overrun issue in the isdn ioctl code. Found by ADLAB <adlab@venustech.com.cn> Signed-off-by: Karsten Keil <kkeil@suse.de> Cc: ADLAB <adlab@venustech.com.cn> Cc: <stable@kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> | |||
Karsten Keil | ba72de9763b | isdn: avoid copying overly-long stringscommit 0f13864e5b24d9cbe18d125d41bfa4b726a82e40 Addresses http://bugzilla.kernel.org/show_bug.cgi?id=9416 Signed-off-by: Karsten Keil <kkeil@suse.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> | |||
Larry Woodman | d0bc34a7aa5 | fix hugepages leak due to pagetable page sharingcommit c5c99429fa57dcf6e05203ebe3676db1ec646793 The shared page table code for hugetlb memory on x86 and x86_64 is causing a leak. When a user of hugepages exits using this code the system leaks some of the hugepages. ------------------------------------------------------- Part of /proc/meminfo just before database startup: HugePages_Total: 5500 HugePages_Free: 5500 HugePages_Rsvd: 0... | |||
Eric W. Biederman | f0ca19c827b | [PATCH] Fix reparenting to the same thread group. (take 2)commit b2b2cbc4b2a2f389442549399a993a8306420baf This patch fixes the case when we reparent to a different thread in the same thread group. This modifies the code so that we do not send signals and do not change the signal to send to SIGCHLD unless we have change the thread group of our parents. It also suppresses sending pdeath_sig in this cas as well since the result of geppid doesn't chang... | |||
Steve French | 9fa7f9a663a | [CIFS] Fix buffer overflow if server sends corrupt response to small requestcommit 133672efbc1085f9af990bdc145e1822ea93bcf3 In SendReceive() function in transport.c - it memcpy's message payload into a buffer passed via out_buf param. The function assumes that all buffers are of size (CIFSMaxBufSize + MAX_CIFS_HDR_SIZE) , unfortunately it is also called with smaller (MAX_CIFS_SMALL_BUFFER_SIZE) buffers. There are eight callers (SMB worker functions) which are primari... | |||
Robin Holt | 43742b01ced | x86_64: fix HPET init racecommit b291aa7a6564e859af144e1bd14ffa463519b198 I have had four seperate system lockups attributable to this exact problem in two days of testing. Instead of trying to handle all the weird end cases and wrap, how about changing it to look for exactly what we appear to want. The following patch removes a couple races in setup_APIC_timer. One occurs when the HPET advances the COUNTER past the... | |||
Ingo Molnar | 738ab239fe8 | vfs: coredumping fixcommit c46f739dd39db3b07ab5deb4e3ec81e1c04a91af fix: http://bugzilla.kernel.org/show_bug.cgi?id=3043 only allow coredumping to the same uid that the coredumping task runs under. Signed-off-by: Ingo Molnar <mingo@elte.hu> Acked-by: Alan Cox <alan@redhat.com> Acked-by: Christoph Hellwig <hch@lst.de> Acked-by: Al Viro <viro@ftp.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundat... | |||
Andreas Schwab | ccf158a0f1a | [IA64] Remove stack hard limit on ia64mainline commit d826393cdebe340b3716002bfb1298ab19b57e83 Un-Breaks pthreads, since Oct 2003. Signed-off-by: Olaf Hering <olaf@aepfle.de> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Tony Luck <tony.luck@intel.com> | |||
Tejun Heo | 752da6c235c | sysfs: fix race condition around sd->s_dentry, take#2Allowing attribute and symlink dentries to be reclaimed means sd->s_dentry can change dynamically. However, updates to the field are unsynchronized leading to race conditions. This patch adds sysfs_lock and use it to synchronize updates to sd->s_dentry. Due to the locking around ->d_iput, the check in sysfs_drop_dentry() is complex. sysfs_lock only protect sd->s_dentry pointer itself. The ... | |||
Tejun Heo | 0e263a047de | sysfs: fix condition check in sysfs_drop_dentry()The condition check doesn't make much sense as it basically always succeeds. This causes NULL dereferencing on certain cases. It seems that parentheses are put in the wrong place. Fix it. Signed-off-by: Tejun Heo <htejun@gmail.com> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> | |||
Eric Sandeen | 88f6cb0a23e | sysfs: store sysfs inode nrs in s_ino to avoid readdir oopsesBackport of ftp://ftp.kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.22-rc1/2.6.22-rc1-mm1/broken-out/gregkh-driver-sysfs-allocate-inode-number-using-ida.patch For regular files in sysfs, sysfs_readdir wants to traverse sysfs_dirent->s_dentry->d_inode->i_ino to get to the inode number. But, the dentry can be reclaimed under memory pressure, and there is no synchronization with readdir... | |||
OpenVZ team | fc683838a60 | linux-2.6.18-028stab053.5 released | |||
Denis V. Lunev | 808c62582dc | Proper access checks for splice system callCVE-2008-0600 OpenVZ BUG #814 | CVE-2008 | ||
OpenVZ team | c2b9f4cb83b | linux-2.6.18-028stab053.4 released | |||
Linus Torvalds | aa177edeb1b | [PATCH] Use access mode instead of open flags to determine needed permissionsWay back when (in commit 834f2a4a1554dc5b2598038b3fe8703defcbe467, aka "VFS: Allow the filesystem to return a full file pointer on open intent" to be exact), Trond changed the open logic to keep track of the original flags to a file open, in order to pass down the the intent of a dentry lookup to the low-level filesystem. However, when doing that reorganization, it changed the meaning of namei... | |||
Alexandr Andreev | dc36e246167 | [FAIRSCHED] fix FSCH_TIMESLICE according to VCPU_TIMESLICE | |||
OpenVZ team | 6a97292456f | linux-2.6.18-028stab053 released | |||
Andrey Mirkin | 81bbb8aa50a | [PATCH] CPT: Add support for network statisticsIn current implementation network statistics are not dumped at all. This patch allows to save/restore network statistics on all supported network devices. Statistics is restored on current cpu. | |||
Andrey Mirkin | d976046de45 | [PATCH] CPT: enhance support of veth deviceIn current implementation veth devices are not dumped correctly and we can lose private veth data. This patch allows to save/restore private veth data. | |||
Andrey Mirkin | 81593f647c0 | [PATCH] CPT: Add support for netdevice hardware addressesIn current implementation netdevice hardware (MAC) address is not saved, so devices like tap will have different MAC address after restore. This will lead to creation of new local IPv6 address based on MAC address. This patch allows to save/restore hardware addresses on all netdevices. Also this patch changes cpt image version. This is done because of following code we have now: ... | |||
Vasily Averin | 5e0ce3bab76 | [PATCH] kernel.cap-bound sysctl cleanup - proc entry is global and therefore it is ReadOnly-accessible from inside VE - added check for sysctl handlerhttp://bugzilla.openvz.org/show_bug.cgi?id=524 | |||
Vasily Averin | 26ce4fccc23 | [PATCH] enhance "time wait bucket table overflow" messageCTID added to the message "TCP: time wait bucket table overflow" http://bugzilla.openvz.org/show_bug.cgi?id=767 | |||
Alexey Kuznetsov | ac91d56b360 | [CPT] ugly struts to migrate 64bit ipc limitsUgly mistake, only 32 bits of 64bit ipc limits migrate. Quick fix is to limit them to 0xFFFFFFFF while checkpointing. Even uglier strut is to check for 0 limit and to promote it to something meaningful. Probably, we can use the fact that image version is advanced, change the structure and promote this limit to 0xFFFFFFFF when we see old version. | |||
OpenVZ team | 30ca45c7487 | linux-2.6.18-028stab052 released | |||
Kirill Korotaev | 04da50d33b4 | [PATCH] CPT: fix non-i686/x8664 compilation due to mxcsr fixFix diff-cpt-rst-mask-mxcsr-bits-20071201 patch. MXSCR fixup is needed on i686 only. | |||
Vasily Averin | 7afd9d6fc6d | [PATCH] UBC: enhance orphan socket warningsMessages like "Out of socket memory" disturbs the customers, they would like to know what VE generates these messages. http://bugzilla.openvz.org/show_bug.cgi?id=760 | |||
Konstantin Khorenko | 31a395e587a | [PATCH] xt_MARK compat cleanupThe main change is usage of xt_entry_target instead of xt_entry_match (found by Evgeny). Previous patch is still ok due to these structs are equal. Nevertheless - cleanup. Also some local variables renames: match->target. | |||
Konstantin Khorenko | 6352c712406 | [PATCH] xt_CONNMARK compat cleanupThe main fix is usage of xt_entry_target instead of xt_entry_match (found by Evgeny). Previous patch is still ok due to these structs are equal. Nevertheless - cleanup. Also some local variables renames: match->target. | |||
Evgeny Kravtsunov | f9c77c64935 | [PATCH] VE: ipt_hashlimit virtualizationPatch virtualizes ipt_hashlimit match: 1) Introduced struct ve_ipt_hashlimit and corresponding _ipt_hashlimit entry in ve_struct. ve_ipt_hashlimit contains global variables from ipt_hashlimit module. 2) Functions init_ipt_hashlimit, fini_ipt_hashlimit implemented. Current functions designed to be called from ipt_hashlimit_init/fini and hashlimit_checkentry/destroy to alloc ve_ipt_hashlimit st... | |||
Kirill Shileev | 815bdcacf01 | [PATCH] fs: utimensat syscall backported Some newer glibc uses lutimes() syscall which asks for sys_utimensat(). sys_utimensat is backported from 2.6.23, with additional conversion timespec->timeval in order to get rid from "wrong pointer" warninghttp://bugzilla.openvz.org/show_bug.cgi?id=725 | |||
Steve French | 9b6527eeb8f | [CIFS] Fix oops in find_writable_fileThere was a case in which find_writable_file was not waiting long enough under heavy stress when writepages was racing with close of the file handle being used by the write. Signed-off-by: Steve French <sfrench@us.ibm.com> X-Git-Tag: v2.6.24-rc1~138^2~42 X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=15745320f374aa6cbfe4836b76469159c0f... | |||
Kirill Korotaev | fa23c2a6039 | [PATCH] VE: rename VE -> CT (container) in user visible messages | |||
Kirill Korotaev | 29732fe8734 | [PATCH] CPT: rename VE -> CT (container) in user visible messages | |||
Kirill Korotaev | 8f651ed7723 | [PATCH] VE: rename VE -> CT (container) in user visible messages | |||
Evgeny Kravtsunov | 685c1136b41 | [PATCH] fairsched: requires timer ints even with NOHZ We are facing hang on boot ovz-xen kernel on smp machines. Hang takes place on loading modules in stop_machine_run on waiting for completion do_stop thread (sys_init_module->stop_machine_run->__stop_machine_run-> wait_for_completion). This happens due to 1 or more of 4 physical cpus that are running idle tasks are not available for running s...The solution is to make next_timer_interrupt() return jiffies when CONFIG_SCHED_VCPU is defined. No better solution now available... http://bugzilla.openvz.org/show_bug.cgi?id=749 | |||
Andrey Mirkin | 9979bc0f01e | [PATCH] CPT: clone kernel threads for exec() with CLONE_VFORK During checkpointing kernel threads are created to dump tmpfs with help of tar. Arguments are passed to this kernel thread from parent. If parent exits due to recieved signal then created kernel thread will get oops during access to args. Create thread with CLONE_VFORK flag, so parent process will wait until thread will do exec().Bug #96002 | |||
Kirill Korotaev | 6a40ef7af2d | [PATCH] fix compilation in case CONFIG_PRINTK=nfix compilation in case CONFIG_PRINTK=n http://bugzilla.openvz.org/show_bug.cgi?id=746 |
Commits
Author | Commit | Commit date | Issues | |
---|---|---|---|---|
OpenVZ team | 602752a83d2 | |||
Nick Piggin | b0e178da720 | |||
Denis V. Lunev | a368a9d78c3 | |||
Denis V. Lunev | 0b535d89600 | |||
Denis V. Lunev | 55961c8b56a | |||
Denis V. Lunev | b8e7422ef2c | |||
Dmitry Mishin | 9acd0814e84 | |||
Konstantin Khlebnikov | 75a122518e2 | |||
Alexandr Andreev | 1662d0ddf31 | |||
Al Viro | 3a54bb81e1e | |||
Al Viro | 8b545b4cbd8 | |||
Aurelien Jarno | df87afba414 | |||
Andrew Morton | 30f3657d481 | |||
Karsten Keil | fc8d2cabea6 | |||
Karsten Keil | ba72de9763b | |||
Larry Woodman | d0bc34a7aa5 | |||
Eric W. Biederman | f0ca19c827b | |||
Steve French | 9fa7f9a663a | |||
Robin Holt | 43742b01ced | |||
Ingo Molnar | 738ab239fe8 | |||
Andreas Schwab | ccf158a0f1a | |||
Tejun Heo | 752da6c235c | |||
Tejun Heo | 0e263a047de | |||
Eric Sandeen | 88f6cb0a23e | |||
OpenVZ team | fc683838a60 | |||
Denis V. Lunev | 808c62582dc | CVE-2008 | ||
OpenVZ team | c2b9f4cb83b | |||
Linus Torvalds | aa177edeb1b | |||
Alexandr Andreev | dc36e246167 | |||
OpenVZ team | 6a97292456f | |||
Andrey Mirkin | 81bbb8aa50a | |||
Andrey Mirkin | d976046de45 | |||
Andrey Mirkin | 81593f647c0 | |||
Vasily Averin | 5e0ce3bab76 | |||
Vasily Averin | 26ce4fccc23 | |||
Alexey Kuznetsov | ac91d56b360 | |||
OpenVZ team | 30ca45c7487 | |||
Kirill Korotaev | 04da50d33b4 | |||
Vasily Averin | 7afd9d6fc6d | |||
Konstantin Khorenko | 31a395e587a | |||
Konstantin Khorenko | 6352c712406 | |||
Evgeny Kravtsunov | f9c77c64935 | |||
Kirill Shileev | 815bdcacf01 | |||
Steve French | 9b6527eeb8f | |||
Kirill Korotaev | fa23c2a6039 | |||
Kirill Korotaev | 29732fe8734 | |||
Kirill Korotaev | 8f651ed7723 | |||
Evgeny Kravtsunov | 685c1136b41 | |||
Andrey Mirkin | 9979bc0f01e | |||
Kirill Korotaev | 6a40ef7af2d |