[PATCH] Use access mode instead of open flags to determine needed permissionsWay back when (in commit 834f2a4a1554dc5b2598038b3fe8703defcbe467, aka
"VFS: Allow the filesystem to return a full file pointer on open intent"
to be exact), Trond changed the open logic to keep track of the original
flags to a file open, in order to pass down the the intent of a dentry
lookup to the low-level filesystem.
However, when doing that reorganization, it changed the meaning of
namei...
[PATCH] CPT: Add support for network statisticsIn current implementation network statistics are not dumped at all.
This patch allows to save/restore network statistics on all supported network
devices.
Statistics is restored on current cpu.
[PATCH] CPT: enhance support of veth deviceIn current implementation veth devices are not dumped correctly and
we can lose private veth data.
This patch allows to save/restore private veth data.
[PATCH] CPT: Add support for netdevice hardware addressesIn current implementation netdevice hardware (MAC) address is not saved, so
devices like tap will have different MAC address after restore. This will
lead to creation of new local IPv6 address based on MAC address.
This patch allows to save/restore hardware addresses on all netdevices.
Also this patch changes cpt image version.
This is done because of following code we have now:
...
[PATCH] kernel.cap-bound sysctl cleanup - proc entry is global and therefore it is ReadOnly-accessible from inside VE - added check for sysctl handlerhttp://bugzilla.openvz.org/show_bug.cgi?id=524
[CPT] ugly struts to migrate 64bit ipc limitsUgly mistake, only 32 bits of 64bit ipc limits migrate.
Quick fix is to limit them to 0xFFFFFFFF while checkpointing.
Even uglier strut is to check for 0 limit and to promote it
to something meaningful.
Probably, we can use the fact that image version is advanced,
change the structure and promote this limit to 0xFFFFFFFF when
we see old version.
[PATCH] UBC: enhance orphan socket warningsMessages like "Out of socket memory" disturbs the customers,
they would like to know what VE generates these messages.
http://bugzilla.openvz.org/show_bug.cgi?id=760
[PATCH] xt_MARK compat cleanupThe main change is usage of xt_entry_target instead of xt_entry_match (found by Evgeny).
Previous patch is still ok due to these structs are equal.
Nevertheless - cleanup. Also some local variables renames: match->target.
[PATCH] xt_CONNMARK compat cleanupThe main fix is usage of xt_entry_target instead of xt_entry_match (found by Evgeny).
Previous patch is still ok due to these structs are equal.
Nevertheless - cleanup. Also some local variables renames: match->target.
[PATCH] VE: ipt_hashlimit virtualizationPatch virtualizes ipt_hashlimit match:
1) Introduced struct ve_ipt_hashlimit and corresponding _ipt_hashlimit entry
in ve_struct. ve_ipt_hashlimit contains global variables from ipt_hashlimit
module.
2) Functions init_ipt_hashlimit, fini_ipt_hashlimit implemented.
Current functions designed to be called from ipt_hashlimit_init/fini and
hashlimit_checkentry/destroy to alloc ve_ipt_hashlimit
st...
[PATCH] fs: utimensat syscall backported Some newer glibc uses lutimes() syscall which asks for sys_utimensat(). sys_utimensat is backported from 2.6.23, with additional conversion timespec->timeval in order to get rid from "wrong pointer" warninghttp://bugzilla.openvz.org/show_bug.cgi?id=725
[CIFS] Fix oops in find_writable_fileThere was a case in which find_writable_file was not waiting long enough
under heavy stress when writepages was racing with close of the file
handle being used by the write.
Signed-off-by: Steve French <sfrench@us.ibm.com>
X-Git-Tag: v2.6.24-rc1~138^2~42
X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=15745320f374aa6cbfe4836b76469159c0f...
[PATCH] fairsched: requires timer ints even with NOHZ We are facing hang on boot ovz-xen kernel on smp machines. Hang takes place on loading modules in stop_machine_run on waiting for completion do_stop thread (sys_init_module->stop_machine_run->__stop_machine_run-> wait_for_completion). This happens due to 1 or more of 4 physical cpus that are running idle tasks are not available for running s...The solution is to make next_timer_interrupt() return jiffies when
CONFIG_SCHED_VCPU is defined.
No better solution now available...
http://bugzilla.openvz.org/show_bug.cgi?id=749
[PATCH] CPT: clone kernel threads for exec() with CLONE_VFORK During checkpointing kernel threads are created to dump tmpfs with help of tar. Arguments are passed to this kernel thread from parent. If parent exits due to recieved signal then created kernel thread will get oops during access to args. Create thread with CLONE_VFORK flag, so parent process will wait until thread will do exec().Bug #96002
[PATCH] CPT: be carefull with MXCSR register on restore Patch introduces rst_apply_mxcsr_mask function that is to be called from rst_restore_process for masking 6 and 16-31 bits in MXCSR register if SSE2 is not supported on destination HN.When VE migrates from i386 HN with sse2 support to i386 HN without sse2
support (P3) we are facing general protection fault on restore process
that uses fpu. The reason is described in Intel Architectures Software
Developer's Manual (Volume 1 Basic Architecture):
"
10.2.3 MXCSR Control and Status Register
The 32-bit MXCSR register contains control and status information for SSE,
SSE2, SSE3, a...
[PATCH] CPT: set correct context on socket close Sockets should be closed in context of VE, in other case resets can be sent and connection on other side will be closed prematurely during live migration.Bug #95113
[PATCH] proc: don't update /proc file permissions when not needed.Update only when needed fields in proc_dir_entry in proc_notify_change().
VE can mess VE0 /proc mode, uid, gid on entries which have global PDE only.
No much harm can be done, i.e. not exploitable. But still very unpleasant.
Bug #95301
[PATCH] simfs: fix statfs() in case of HUGE limits If quota is too big then unsigned becomes negative signed. Get rid of explicit type cast and do honest math.http://bugzilla.openvz.org/show_bug.cgi?id=722
[PATCH] fairsched: fixup per-VE nrrunning/nrunint stats on VCPU add/del When any online ( >=2 ) vcpu is removed and attached again then its statistic is initialized. It leads to bad loadavg results. Right way is merge statistic of deleted VCPU into any online VCPU.http://bugzilla.openvz.org/show_bug.cgi?id=732
[PATCH] CPT: another fix for TUN/TAP restore1) Restore of tun->bind_file attribute added in rst_restore_tuntap.
tun->bind_file contains the pointer to open file which tun_struct is binded
to. tun->bind_file data is used for cpt/rst only. This attribute is to be
initialized on creating tun/tap device (tun_set_iff) and on restore tun/tap
device (rst_restore_tuntap). If it is not initialized on restore, futher
dumps will not contain any in...
[PATCH] set PER_LINUX32 personality when restoring 32bit app on 64bit OSCurrent implementation of task personality migration is incorrect:
cpt:
static int dump_one_process(cpt_object_t *obj, struct cpt_context *ctx)
{
...
v->cpt_personality = tsk->personality;
...
}
rst:
static int hook(void *arg)
{
...
if (ti->cpt_personality != 0)
__set_personality(ti->cpt_personality);
...
}
On both i686 and x86_64 task->personality == 0 == PER_LINUX. But for 32-bit VE...
[PATCH] NFS: lockd has unclosed sockets when stopping VE.Try force destroy hosts (nlm_host) when VE is stopped. It is needed because some
hosts may exists and has opened sockets when we call fini_venet(). But at the
time of fini_venet() all sockets related to given VE must be closed.
Thanks Denis Lunev <den@sw.ru> for help.
Bug #94468
[PATCH] OOM if swap is full even for GFP_NOFS allocation. The problem is that when swap if over, the kernel can hang tens of minutes looking for a memory... So when swap is over we have to be more agressive...Bug #93284
[PATCH] Alt-sysrq-p: do synchronous NMI IPI Wait for completion of the NMI IPI callbacks then do sysrq_handle_showregs(). Otherwise nested bust_spinlocks() calls may occur.Bug #94875
[PATCH] CPT: fix tun/tap dev flags restoredev flags were corrupted in rst_restore_tuntap. As a result
dev->qdisc->enqueue was not set to &pfifo_fast_enqueue but stayed
to be &noop_enqueue after restore. noop_enqueue drops all the skbs.
Bug #94879
[PATCH] fairsched: increase max VCPU timeslice Increase default MAX VCPU timeslice, this increases performance under high load. (vConsolidate test)FYI: VMware uses VCPU timeslice much bigger, 50ms.
[PATCH] taskstats: consider the pid, coming from the user-space to be a virtual one When the user send a netlink message to get the taskstats it can validly be a virtual one, but the find_task_by_pid_all() (which is used to convert this pid to task) assumes (with the appropriate BUG_ON) that his pid is global.Fix it by using the find_task_by_pid_ve() searching routine.
The rest of the taskstats.c code seems to handle pids properly.
http://bugzilla.openvz.org/show_bug.cgi?id=730
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
[PATCH] CPT: improve dst capabilities checks1. Return different error codes in case of unsupported features
and insufficient cpu capabilities.
2. Print error messages with prefix "Error: ".
This should improve checks of dst node capabilities.
[CIFS] fix bad handling of EAGAIN error on kernel_recvmsg in cifs_demultiplex_threadIt's a part of the following commit from mainstream
---------------------------------------------------
When kernel_recvmsg returns -EAGAIN or -ERESTARTSYS, then
cifs_demultiplex_thread sleeps for a bit and then tries the read again.
When it does this, it's not zeroing out the length and that throws off
the value of total_read. Fix it to zero out the length.
Can cause memory corruption:
If ke...
wait_task_stopped: Check p->exit_state instead of TASK_TRACED (CVE-2007-5500)patch a3474224e6a01924be40a8255636ea5522c1023a in mainline
The original meaning of the old test (p->state > TASK_STOPPED) was
"not dead", since it was before TASK_TRACED existed and before the
state/exit_state split. It was a wrong correction in commit
14bf01bb0599c89fc7f426d20353b76e12555308 to make this test for
TASK_TRACED instead. It should have been changed when TASK_TRACED
was introduc...
[PATCH] netfilter: add ipt_hashlimit 32bit compat ipt_hashlimit doesn't have the compat function while its entry structure (ipt_hashlimit_info) requires it.The patch introduces compat function and fixes an oops
while trying to use ipt_hashlimit module from inside 32bit VE
on a 64bit host HN.
http://bugzilla.openvz.org/show_bug.cgi?id=707
[PATCH] netfilter: add xt_conntrack 32bit compatxt_conntrack doesn't have the compat function
while its entry structure (xt_conntrack_info) requires it.
[PATCH] netfilter: add xt_connmark 32bit compat ipt_connmark doesn't have the compat function while its entry structure (xt_connmark_info) requires it.Bug #93543
OpenVZ team
Linus Torvalds
Alexandr Andreev
Andrey Mirkin
Vasily Averin
Alexey Kuznetsov
Kirill Korotaev
Konstantin Khorenko
Evgeny Kravtsunov
Kirill Shileev
Steve French
Vitaliy Gusev
Denis V. Lunev
Pavel Emelianov
Jeff Layton
Roland McGrath