Author | Commit | Message | Commit date | Issues | |
---|---|---|---|---|---|
Pavel Emelyanov | 92a5db8b8fa | linux-2.6.24-ovz008 released | |||
Den Lunev | a1a1303bf95 | fib: virtualize fib rules- this patch virtualizes IPv6 routing rules - fixes IPv4 routing rules implementation - adds UBC accounting to kmemsize for fibrules 90085 http://bugzilla.openvz.org/show_bug.cgi?id=1168 Signed-off-by: Denis Lunev <den@openvz.org> Signed-off-by: Pavel Emelyanov <xemul@openvz.org> | |||
Konstantin Khlebnikov | 20bd90762d4 | simfs: don't work with buggy inputSome (buggy) filesystems (aufs for example) pass NULL as mnt to getatts and hope for the better... Let's not confuse the user with the oops at least. http://bugzilla.openvz.org/show_bug.cgi?id=1054 Signed-off-by: Konstantin Khlebnikov <khlebnikov@openvz.org> Signed-off-by: Pavel Emelyanov <xemul@openvz.org> | |||
Pavel Emelyanov | b485138c7d3 | Replace swsoft mentions with parallelsReplaces COPYRIGHT statements, COPYING.SWsoft references and the file itself and module authors if any. Signed-off-by: Pavel Emelyanov <xemul@openvz.org> | |||
Pavel Emelyanov | 9d7b88f0fcd | bridge: don't leak master device on brctl addifIf we add a second ethernet device to bridge the former one leaks. http://bugzilla.openvz.org/show_bug.cgi?id=1145 Signed-off-by: Pavel Emelyanov <xemul@openvz.org> | |||
Den Lunev | 8fbbde15379 | net: NETIF_F_VIRTUAL intersects with NETIF_F_LROFortunately, this is not a part of user/kernel interface [xemul picked 2.6.27's 4826fea3] Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: Pavel Emelyanov <xemul@openvz.org> | |||
OpenVZ team | a393083829c | linux-2.6.24-ovz007 released | |||
Konstantin Khlebnikov | 93bfe3d113a | ve: sanitize capability checks for namespaces creationThe existing hard checking for namespaces mask is too bad. The intention was to ban namespaces creation for containers, but there aready exists a proper security mechanism to govern this question. Switch to existing capability-driven policy, thus allowing for namespaces creation from the HN. http://bugzilla.openvz.org/show_bug.cgi?id=1113 Signed-off-by: Konstantin Khlebnikov <khlebnikov@open... | |||
Den Lunev | 0c0e68ceffe | NFS: NFS super blocks in different VEs should be differentNFS: NFS super blocks in different VEs should be different Teach nfs_compare_super to this #265926 Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: Vitaliy Gusev <vgusev@openvz.org> Signed-off-by: Pavel Emelyanov <xemul@openvz.org> | |||
Konstantin Khlebnikov | 39f57fe7c81 | net: init init_net ve owner (to ve0)http://bugzilla.openvz.org/show_bug.cgi?id=1128 Signed-off-by: Konstantin Khlebnikov <khlebnikov@openvz.org> Signed-off-by: Pavel Emelyanov <xemul@openvz.org> | |||
Den Lunev | 8caa941fe7b | netns: enable cross-ve Unix socketsSigned-off-by: Denis V. Lunev <den@openvz.org> | |||
Pavel Emelyanov | 3d1a1f11068 | netlink: Fix oops in netlink conntrack moduleIf we load conntrack modules after ve start one pointer on ve_struct is NULL and accessing it causes an oops. This is handled in most of the places, but the netlink interface. Fix this one as well. http://bugzilla.openvz.org/show_bug.cgi?id=788 Signed-off-by: Pavel Emelyanov <xemul@openvz.org> | |||
Vitaliy Gusev | daddc1f5de4 | net: set ve context when init/exit method is calledBoth pernet init and exit methods are called: - from VE context when VE is created; - from VE0 context if module registers pernet operations This difference in approches leads to many nasty things, since the init callback can be actually called with wrong exec_env. Unify both approaches. Signed-off-by: Vitaliy Gusev <vgusev@openvz.org> Signed-off-by: Pavel Emelyanov <xemul@openvz.org> | |||
Vitaliy Gusev | 1d6bf20f29f | СPT: Use sock_create instead sock_create_kernsock_create_kern() uses init_net as default net namespace. Therefore sockets and net devices are belonged to init_net, though must belong to current net namespace. Signed-off-by: Vitaliy Gusev <vgusev@openvz.org> Signed-off-by: Pavel Emelyanov <xemul@openvz.org> | |||
Miklos Szeredi | 5565cf57ada | net: unix: fix inflight counting bug in garbage collectorPreviously I assumed that the receive queues of candidates don't change during the GC. This is only half true, nothing can be received from the queues (see comment in unix_gc()), but buffers could be added through the other half of the socket pair, which may still have file descriptors referring to it. This can result in inc_inflight_move_tail() erronously increasing the "inflight" counter fo... | |||
David Miller | bb8837f4c1d | net: Fix recursive descent in __scm_destroy().__scm_destroy() walks the list of file descriptors in the scm_fp_list pointed to by the scm_cookie argument. Those, in turn, can close sockets and invoke __scm_destroy() again. There is nothing which limits how deeply this can occur. The idea for how to fix this is from Linus. Basically, we do all of the fput()s at the top level by collecting all of the scm_fp_list objects hit by an fput().... | |||
Konstantin Khlebnikov | d54ea2a06c5 | Fix wrong size of ub0_percpuThe struct percpu_data dynamically allocated and have array only for 1 cpu, so static usage of it does not work. Plus rework macros for static percpu variables declaration and initialization. http://bugzilla.openvz.org/show_bug.cgi?id=1039 Singed-off-by: Konstantin Khlebnikov <khlebnikov@openvz.org> Signed-off-by: Pavel Emelyanov <xemul@openvz.org> | |||
Konstantin Khlebnikov | 750be8457d8 | sunrpc: fix lost set_exec_env-back and unlock the op_semAny NFS connect over TCP-IPv4 from VE block VE stop process. This patch add missed unlock op_sem and set_exec_env. http://bugzilla.openvz.org/show_bug.cgi?id=1007 (picked from openvz ubuntu branch patch 0145-VE-add-missed-semaphore-up-and-set-exec-env.patch 2.6.18 not affected, 2.6.26+ already fixed by den@) | |||
OpenVZ team | 9534606693f | linux-2.6.24-ovz006 released | |||
David S. Miller | ef84a771e3b | [NET]: sk_release_kernel needs to be exported to modulesFixes: ERROR: "sk_release_kernel" [net/ipv6/ipv6.ko] undefined! Signed-off-by: David S. Miller <davem@davemloft.net> (cherry picked from commit 45af1754bc09926b5e062bda24f789d7b320939f) | |||
Den Lunev | 9c9b8a79d90 | [NET]: Make netlink_kernel_release publically available as sk_release_kernel.This staff will be needed for non-netlink kernel sockets, which should also not pin a namespace like tcp_socket and icmp_socket. Signed-off-by: Denis V. Lunev <den@openvz.org> Acked-by: Daniel Lezcano <dlezcano@fr.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net> (cherry picked from commit edf0208702007ec1f6a36756fdd005f771a4cf17) | |||
Den Lunev | 99dfe5490d4 | [NETLINK]: No need for a separate __netlink_release call.Merge it to netlink_kernel_release. Signed-off-by: Denis V. Lunev <den@openvz.org> Acked-by: Daniel Lezcano <dlezcano@fr.ibm.com> Signed-off-by: David S. Miller <davem@davemloft.net> (cherry picked from commit 9dfbec1fb2bedff6b118504055cd9f0485edba45) | |||
Pavel Emelyanov | 19b9fdf565d | [NETNS]: Fix race between put_net() and netlink_kernel_create().The comment about "race free view of the set of network namespaces" was a bit hasty. Look (there even can be only one CPU, as discovered by Alexey Dobriyan and Denis Lunev): put_net() if (atomic_dec_and_test(&net->refcnt)) /* true */ __put_net(net); queue_work(...); /* * note: the net now has refcnt 0, but still in * the global list of net namespaces */ == re-schedule ... | |||
Den Lunev | 04fd8abede6 | [NETNS]: Namespace stop vs 'ip r l' race.backport mainline commit 775516bfa2bd7993620c9039191a0c30b8d8a496 During network namespace stop process kernel side netlink sockets belonging to a namespace should be closed. They should not prevent namespace to stop, so they do not increment namespace usage counter. Though this counter will be put during last sock_put. The raplacement of the correct netns for init_ns solves the problem only ... | |||
Den Lunev | c7b6f3ae6d0 | [NETNS]: Consolidate kernel netlink socket destruction.backport mainline commit b7c6ba6eb1234e35a74fb8ba8123232a7b1ba9e4 Create a specific helper for netlink kernel socket disposal. This just let the code look better and provides a ground for proper disposal inside a namespace. Signed-off-by: Denis V. Lunev <den@openvz.org> Tested-by: Alexey Dobriyan <adobriyan@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net> | |||
Den Lunev | 23455248263 | [NETNS]: Double free in netlink_release.Netlink protocol table is global for all namespaces. Some netlink protocols have been virtualized, i.e. they have per/namespace netlink socket. This difference can easily lead to double free if more than 1 namespace is started. Count the number of kernel netlink sockets to track that this table is not used any more. Signed-off-by: Denis V. Lunev <den@openvz.org> Tested-by: Alexey Dobriyan <ado... | |||
Den Lunev | 4d92a24aa85 | [UBC]: Double free for UDP socket akaThe socket resided in UB space waiting queue could be released. In this case ub_snd_wakeup running on the another CPU could hold/release that socket effectively hitting 0 refcounter second time. Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: Pavel Emelyanov <xemul@openvz.org> | |||
Den Lunev | 07dc3386215 | ubc: uncharging too much for TCPSNDBUFubc: uncharging too much for TCPSNDBUF It is not allowed to go to the label wait_for_memory with chargesize != 0 when this space is already placed to the skb. Signed-off-by: Denis V. Lunev <den@openvz.org> Signed-off-by: Pavel Emelyanov <xemul@openvz.org> | |||
Den Lunev | be11b25694a | Endless loop in __sk_stream_wait_memory.[UBC]: Endless loop in __sk_stream_wait_memory. The loop in __sk_stream_wait_memory when tcp_sendmsg asks to wait for TCPSNDBUF space is endless when the timeout is not specified. The only way out is to queue a signal for that process. Lets return a status flag from ub_sock_snd_queue_add that UB space is available. This is enough to make a correct decision to leave the cycle. Signed-off-by: ... | |||
Vitaliy Gusev | 2e5bd16d930 | Allow envID fields in /proc/self/status in VE. Also allow get VPid, PNState, StopState, etc.OpenVZ Bug #936 http://bugzilla.openvz.org/show_bug.cgi?id=936 Signed-off-by: Vitaliy Gusev <vgusev@openvz.org> Signed-off-by: Pavel Emelyanov <xemul@openvz.org> | |||
Thomas Gleixner | cade99e1743 | futexes: fix fault handling in futex_lock_pifutexes: fix fault handling in futex_lock_pi commit 1b7558e457ed0de61023cfc913d2c342c7c3d9f2 upstream This patch addresses a very sporadic pi-futex related failure in highly threaded java apps on large SMP systems. David Holmes reported that the pi_state consistency check in lookup_pi_state triggered with his test application. This means that the kernel internal pi_state and the user space f... | |||
Andrey Mirkin | 3042d780e8d | CPT: fix restore of inotify on symlinkInside VE file /etc/mtab is a symlink to /proc/mounts. FreeNX server with KDE creates inotify on /etc/mtab file. To restore such inotify we need to obtain dentry with path_lookup() and restore inotify on it. Bug #96464 | |||
Alexey Dobriyan | ed01627a83e | NETFILTER: destroy nf_conntrack_cache correctly | |||
Alexey Dobriyan | fce5e05ba80 | CPT: fix EXIT_DEAD/TASK_DEAD checksFor one thing EXIT_DEAD was moved to ->exit_state only. For another, this task state is called TASK_DEAD now and lives in ->state; | |||
Alexey Dobriyan | da8a02e8fc4 | CPT: assign ->net_ns of restored tun/tap deviceotherwise init_net is used and device becomes invisible in CT. | |||
Alexey Dobriyan | b63b0d6884f | VE: let ->ve_netns live a bit more1. netns shutdown is done asynchronously 2. nsproxy free is done synchronously which means we can't use "get_exec_env()->ve_ns->net_ns" construct anywhere in netns teardown codepath. ->ve_ns will be NULL (fixable) or will point to freed memory (hardly fixable). The solution it to pin netns one more time, and use get_exec_env()->ve_netns . get_exec_env() is always valid. It's ->ve_netns will al... | |||
Alexey Dobriyan | 45a08554c7c | VE: introduce ->ve_netnsPreparations for fixing "NULL ->ve_ns" oops in inet6_rt_notify(). | |||
Konstantin Khlebnikov | 64d5598cc99 | CPT: fix compilation with CONFIG_SYSVIPC=nhttp://bugzilla.openvz.org/show_bug.cgi?id=851 | |||
Den Lunev | 389336a5a20 | Memory leak on network namespace stop.mainline commit 4f84d82f7a623f8641af2574425c329431ff158f Network namespace allocates 2 kernel netlink sockets, fibnl & rtnl. These sockets should be disposed properly, i.e. by sock_release. Plain sock_put is not enough. Signed-off-by: Denis V. Lunev <den@openvz.org> Tested-by: Alexey Dobriyan <adobriyan@openvz.org> Signed-off-by: David S. Miller <davem@davemloft.net> | |||
Alexey Dobriyan | 3c7e408cc14 | Backport "[NET]: Make rtnetlink infrastructure network namespace aware (v3)"mainline commit 97c53cacf00d1f5aa04adabfebcc806ca8b22b10 + tweaks to get netns from either netdevice ot something else. http://bugzilla.openvz.org/show_bug.cgi?id=905 [NET]: Make rtnetlink infrastructure network namespace aware (v3) After this patch none of the netlink callback support anything except the initial network namespace but the rtnetlink infrastructure now handles multiple network... | |||
Alexey Dobriyan | 43bc20d9874 | IPv6: give owner_ve to fib_table and fib6_local_tableotherwise eventually fib6_clean_all will execute code in NULL context which is no-no. | |||
Alexey Dobriyan | 57a39eeffde | netlink: fix lookup checknetlink_unicast() is done in init_net context because a) rtnl socket is bound to init_net, b) kernel-space socket is successfully looked up by any VE, c) rtnl is kernel-spase socket. which is b-r-o-k-e-n, because e.g. just about any manipulation with netdevices via netlink will be projected onto VE0. Fix (after per-netns rtnl socket patches) http://bugzilla.openvz.org/show_bug.cgi?id=905 | |||
Alexey Dobriyan | 72746db0ffb | proc: fix proc_cwd_linkIf d_root_check() in there fails, we shouldn't pretend everything is OK and leave mnt unitialized or NULL (in case /proc/*/cwd). http://bugzilla.openvz.org/show_bug.cgi?id=900 | |||
Alexey Dobriyan | a628e361137 | IPv6: get frag's owner VE from inet_frag_queueIPv6 specific frag queue doesn't need owner_ve, because it's already in core data structure (struct inet_frag_queue). And it's in fact NULL, which is the cause of http://bugzilla.openvz.org/show_bug.cgi?id=899 | |||
Alexey Dobriyan | 24e7cd454bb | Remove spurious warnings in kernel/time.cE.g. code in clock_t_to_jiffies() divides ~0UL thus assuming that all "unsigned long" range is valid. Ditto for other functions. Alexey said these warnings are old debugging stuff. http://bugzilla.openvz.org/show_bug.cgi?id=898 | |||
Alexey Dobriyan | 5f318dd06be | UBC: drop cpuset lock from OOM handlingcpuset_lock dances around OOM killing are gone in main code, so no need to account for them. Mainline commit 3ff566963ce804809af9e32331b287eedeeff501 Bug 112959 ===================================== [ BUG: bad unlock balance detected! ] ------------------------------------- tstspoof/29391 is trying to release lock (callback_mutex) at: [<c04488d2>] ub_oom_lock+0x9a/0xd6 but there are no more l... | |||
Alexey Dobriyan | 734939adb27 | [PATCH] Stick back to mainline behaviour of zero length mmap(2)http://bugzilla.openvz.org/show_bug.cgi?id=893 | |||
Alexey Dobriyan | beee05115ef | VLAN: fix rmmod 8021q with vlan interface setup | |||
Alexey Dobriyan | 96919bc61ea | NETFILTER: make ip_conntrack_disable_ve0 option do something | |||
Alexey Dobriyan | a926aabfcdf | NETFILTER: changes for conntrack CPT |
Commits
Author | Commit | Commit date | Issues | |
---|---|---|---|---|
Pavel Emelyanov | 92a5db8b8fa | |||
Den Lunev | a1a1303bf95 | |||
Konstantin Khlebnikov | 20bd90762d4 | |||
Pavel Emelyanov | b485138c7d3 | |||
Pavel Emelyanov | 9d7b88f0fcd | |||
Den Lunev | 8fbbde15379 | |||
OpenVZ team | a393083829c | |||
Konstantin Khlebnikov | 93bfe3d113a | |||
Den Lunev | 0c0e68ceffe | |||
Konstantin Khlebnikov | 39f57fe7c81 | |||
Den Lunev | 8caa941fe7b | |||
Pavel Emelyanov | 3d1a1f11068 | |||
Vitaliy Gusev | daddc1f5de4 | |||
Vitaliy Gusev | 1d6bf20f29f | |||
Miklos Szeredi | 5565cf57ada | |||
David Miller | bb8837f4c1d | |||
Konstantin Khlebnikov | d54ea2a06c5 | |||
Konstantin Khlebnikov | 750be8457d8 | |||
OpenVZ team | 9534606693f | |||
David S. Miller | ef84a771e3b | |||
Den Lunev | 9c9b8a79d90 | |||
Den Lunev | 99dfe5490d4 | |||
Pavel Emelyanov | 19b9fdf565d | |||
Den Lunev | 04fd8abede6 | |||
Den Lunev | c7b6f3ae6d0 | |||
Den Lunev | 23455248263 | |||
Den Lunev | 4d92a24aa85 | |||
Den Lunev | 07dc3386215 | |||
Den Lunev | be11b25694a | |||
Vitaliy Gusev | 2e5bd16d930 | |||
Thomas Gleixner | cade99e1743 | |||
Andrey Mirkin | 3042d780e8d | |||
Alexey Dobriyan | ed01627a83e | |||
Alexey Dobriyan | fce5e05ba80 | |||
Alexey Dobriyan | da8a02e8fc4 | |||
Alexey Dobriyan | b63b0d6884f | |||
Alexey Dobriyan | 45a08554c7c | |||
Konstantin Khlebnikov | 64d5598cc99 | |||
Den Lunev | 389336a5a20 | |||
Alexey Dobriyan | 3c7e408cc14 | |||
Alexey Dobriyan | 43bc20d9874 | |||
Alexey Dobriyan | 57a39eeffde | |||
Alexey Dobriyan | 72746db0ffb | |||
Alexey Dobriyan | a628e361137 | |||
Alexey Dobriyan | 24e7cd454bb | |||
Alexey Dobriyan | 5f318dd06be | |||
Alexey Dobriyan | 734939adb27 | |||
Alexey Dobriyan | beee05115ef | |||
Alexey Dobriyan | 96919bc61ea | |||
Alexey Dobriyan | a926aabfcdf |