ve: show task's vpid and veid even inside a containerGetting task real virtual :) pid is tricky in 2.6.26 and above...
http://bugzilla.openvz.org/show_bug.cgi?id=1223
http://bugzilla.openvz.org/show_bug.cgi?id=1224
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
ubc: uncharging too much for TCPSNDBUFIt is not allowed to go to the label wait_for_memory with chargesize != 0
when this space is already placed to the skb.
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Endless loop in __sk_stream_wait_memory.[UBC]: Endless loop in __sk_stream_wait_memory.
The loop in __sk_stream_wait_memory when tcp_sendmsg asks to wait for
TCPSNDBUF space is endless when the timeout is not specified. The only way
out is to queue a signal for that process.
Lets return a status flag from ub_sock_snd_queue_add that UB space is
available. This is enough to make a correct decision to leave the cycle.
Signed-off-by: ...
ptrace: ban ptracing of a container init from inside the containerCurrent ptrace engine suffers from strange problems, one of which
is described in bug #1222 - init results in T state after incorrect
tracer detach.
Fixing it is not that easy, but since ptracing init was never alowed
before it's OK to ban this (for a while?).
http://bugzilla.openvz.org/show_bug.cgi?id=1222
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
VE: fix idle time accountingMake both account ways simmetic: idle time accounted as idle or iowait,
depending on number tasks in iowait state.
http://bugzilla.openvz.org/show_bug.cgi?id=1217
(#114633)
Signed-off-by: Konstantin Khlebnikov <khlebnikov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
cfq: revalidate cached async queueAsync queues are stored on struct cfq_bc_data
and are cached on per-process struct cfq_io_context.
The cached queue may be invalid due to io_page beancounter
driven io-context switch.
So, cfq_io_context gets cached queue, but corresponding
cfq_bc and user_beancounter may be already destroyed -- all
this leads to oops at get_beancounter in cfq_set_request.
Add check for async queue owner and ...
cfq link cfq_bc_data without bc io schedFixes oops at first IO with CONFIG_BC_IO_SCHED=n.
The cfq_set_request wants to get ub by cfqq->cfq_bc->ub_iopriv,
so save ref to ub0 there.
Signed-off-by: Konstantin Khlebnikov <khlebnikov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
bc: fix permissions on /proc/bcThe reading of /proc/bc/* is permitted for those only who
has CAP_DAC_OVERRIDE and CAP_DAC_READ_SEARCH attributes
set. We should not point files as "group" or "other"
readable/executable since they are not.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
NETLINK: disable netns broadcast filteringThere only one uevent_sock in init_net for all VE.
Broadcasts allready filtered by exec_env compare, drop netns check.
http://bugzilla.openvz.org/show_bug.cgi?id=1195
http://git.openvz.org/?p=linux-2.6.24-openvz;a=commit;h=0474535acfde6a
Signed-off-by: Alexey Dobriyan <adobriyan@openvz.org>
Signed-off-by: Konstantin Khlebnikov <khlebnikov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@ope...
pidns: zap ve process only when killing ve's init pid-nsThis prevents task genocide when zapping nested pid-ns in same ve,
and affects ve0 only.
Signed-off-by: Konstantin Khlebnikov <khlebnikov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
ve: fix sysfs warnings in case CONFIG_SYSFS_DEPRECATED_V2=nhttp://bugzilla.openvz.org/show_bug.cgi?id=1179
Signed-off-by: Konstantin Khlebnikov <khlebnikov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
pidns: update leader_pid at pidns attachafter commit fea9d17 it_real_fn send SIGALRM to task->signal->leader_pid
(used for sys_alarm(...) and sys_setitimer(ITIMER_REAL,...))
Thus, __pid_ns_attach_task hack-n-dirty cross pid-ns task movement must
update this pid too
http://bugzilla.openvz.org/show_bug.cgi?id=1160
127384
Signed-off-by: Konstantin Khlebnikov <khlebnikov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
simfs: don't work with buggy inputSome (buggy) filesystems (aufs for example) pass NULL as mnt to getatts
and hope for the better...
Let's not confuse the user with the oops at least.
http://bugzilla.openvz.org/show_bug.cgi?id=1054
Signed-off-by: Konstantin Khlebnikov <khlebnikov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Replace swsoft mentions with parallelsReplaces COPYRIGHT statements, COPYING.SWsoft references and
the file itself and module authors if any.
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
autofs4: fix ia32 compat modeautofs4_notify_daemon is called from the context of task accessing
the autofs, not the daemon one. Thus the bitness check of current is
wrong for mixed environments.
Signed-off-by: Konstantin Khlebnikov <khlebnikov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Free skb->nf_bridge in veth_xmit() and venet_xmit()We free skb->nfct in veth_xmit, but also have to free skb->nf_bridge.
Note: Why it works in 2.6.24-ovz but doesn't work in 2.6.26-ovz ?
1. It issue is only if BRIDGE_NETFILTER=y
2. nf_hook_register() has effect to all VEs in 2.6.26-ovz
(in 2.6.24-ovz doesn't).
Thus bridge hook ip_sabotage_in is not called for 2.6.24-ovz, but
is called for 2.6.26-ovz.
http://bugzilla....
Fix broken permissions for Unix98 pty.This bug is not very critical because modern software can
automatically choose between legacy pty or Unix98 one.
Signed-off-by: Konstantin Ozerkov <kozerkov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
net: NETIF_F_VIRTUAL intersects with NETIF_F_LROFortunately, this is not a part of user/kernel interface
[xemul picked 2.6.27's 4826fea3]
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
bridge: don't leak master device on brctl addifIf we add a second ethernet device to bridge the former one leaks.
http://bugzilla.openvz.org/show_bug.cgi?id=1145
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
tun: mark tun/tap devices with NETIF_F_VIRTUAL flagThis flag is not only a "don't register me in CTs" sign, but
also a "can be a bridge master device" one.
Need it back.
http://bugzilla.openvz.org/show_bug.cgi?id=1145
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
nfs: use kthread_run_ve to start lockdLockd is virtualized, so must be created in VE context.
The reason it worked before (in 2.6.18 kernel for example) is that lockd is
rewritten to use new kthread API, which was not capable for creating threads
in containers.
Signed-off-by: Vitaliy Gusev <vgusev@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Add kthread_create_ve() and kthread_run_ve() functions #2These functions are like kthread_create() and kthread_run()
but create threads in VE context.
Signed-off-by: Vitaliy Gusev <vgusev@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Add do_ve_enter_hookWe will call this hook to enter to VE.
Signed-off-by: Vitaliy Gusev <vgusev@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
ve: sanitize capability checks for namespaces creationThe existing hard checking for namespaces mask is too bad. The
intention was to ban namespaces creation for containers, but
there aready exists a proper security mechanism to govern this
question.
Switch to existing capability-driven policy, thus allowing for
namespaces creation from the HN.
http://bugzilla.openvz.org/show_bug.cgi?id=1113
Signed-off-by: Konstantin Khlebnikov <khlebnikov@open...
netlink: Fix oops in netlink conntrack moduleIf we load conntrack modules after ve start one pointer on ve_struct
is NULL and accessing it causes an oops.
This is handled in most of the places, but the netlink interface.
Fix this one as well.
http://bugzilla.openvz.org/show_bug.cgi?id=788
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
ms: fix inotify umountOn umount two event will be dispatched to watcher:
1: inotify_dev_queue_event(.., IN_UNMOUNT,..)
2: remove_watch(watch, dev)
->inotify_dev_queue_event(.., IN_IGNORED, ..)
But if watcher has IN_ONESHOT bit set then the watcher will be released
inside first event. Which result in accessing invalid object later.
IMHO it is not pure regression. This bug wasn't triggered while initial
inotify in...
NFS: NFS super blocks in different VEs should be differentNFS: NFS super blocks in different VEs should be different
Teach nfs_compare_super to this
Bug #265926
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Vitaliy Gusev <vgusev@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
nfs: Fix access to freed memoryrpc_shutdown_client() frees xprt, so we can't use this xprt.
So move put_ve() to xprt::destroy level.
Bug https://bugzilla.sw.ru/show_bug.cgi?id=265628
Signed-off-by: Vitaliy Gusev <vgusev@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
cpt: Make the proper check for sigmaskinvalid check of TS_RESTORE_SIGMASK (always false!)
original code ..rhel5..2.6.24 code from diff-cpt-sigsuspend-lockup-20070131
if (!signal_pending(current) &&
!test_thread_flag(TIF_RESTORE_SIGMASK)) {
TIF_RESTORE_SIGMASK replaced with TS_RESTORE_SIGMASK and
after commit 7648d96 setting TS_RESTORE_SIGMASK always set TIF_SIGPENDING.
so, second check is not needed.
http://bugzilla.openvz.org/...
netfilter: Add check to the nat hooksPass skb if VE wasn't granded to have nat table.
Related to bug #1051
http://bugzilla.openvz.org/show_bug.cgi?id=1051
Signed-off-by: Vitaliy Gusev <vgusev@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
netfilter: Fix NULL dereference in nf_nat_setup_infoIf conntrack is allowed in VE but iptable_nat is not allowed and loaded
then Oops occurs:
BUG: unable to handle kernel NULL pointer dereference at 0000000000000008
IP: [<ffffffffa0123df6>] :nf_nat:nf_nat_setup_info+0x343/0x489
Oops: 0000 [1] SMP DEBUG_PAGEALLOC
CPU: 1
[<ffffffff8028c277>] ? poison_obj+0x27/0x32
[<ffffffffa012a084>] :iptable_nat:alloc_null_binding+0x44/0x46
[<ffffffffa01...
Correct per-process capabilities bounding set in CTOtherwise tasks in container may have unlimited capabilities...
(#127136)
Singed-off-by: Konstantin Khlebnikov <khlebnikov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
netfilter: restore lost ifdef guarding defrag exceptionnetfilter: restore lost #ifdef guarding defrag exception
Upstream commit 38f7ac3eb:
Nir Tzachar <nir.tzachar@gmail.com> reported a warning when sending
fragments over loopback with NAT:
[ 6658.338121] WARNING: at net/ipv4/netfilter/nf_nat_standalone.c:89 nf_nat_fn+0x33/0x155()
The reason is that defragmentation is skipped for already tracked connections.
This is wrong in combination with NA...
netfilter: snmp nat leaks memory in case of failurenetfilter: snmp nat leaks memory in case of failure
Upstream commit 311670f3e:
Signed-off-by: Ilpo Jarvinen <ilpo.jarvinen@helsinki.fi>
Signed-off-by: Patrick McHardy <kaber@trash.net>
ACPI: dock: avoid check _STA methodcommit 8b59560a3baf2e7c24e0fb92ea5d09eca92805db upstream.
ACPI: dock: avoid check _STA method
In some BIOSes, every _STA method call will send a notification again,
this cause freeze. And in some BIOSes, it appears _STA should be called
after _DCK. This tries to avoid calls _STA, and still keep the device
present check.
http://bugzilla.kernel.org/show_bug.cgi?id=10431
Signed-off-by: Shaohua...
ACPI: video: fix brightness allocationupstream commit 469778c1740fcf3113498b6fdf4559bdec25c58f
Thanks to Arjan for spotting this
http://www.kerneloops.org/search.php?search=acpi_video_switch_brightness
and suggesting it for .stable
Fix use of uninitialized device->brightness.
Signed-off-by: Julia Jomantaite <julia.jomantaite@gmail.com>
Signed-off-by: Andi Kleen <ak@linux.intel.com>
Acked-by: Zhang Rui <rui.zhang@intel.com>
Sign...
sparc64: Fix race in arch/sparc64/kernel/trampoline.S[ Upstream commit e0037df3852b4b60edbe01f70f4968e4a9fdb272 ]
Make arch/sparc64/kernel/trampoline.S in 2.6.27.1 lock prom_entry_lock
when calling the PROM. This prevents a race condition that I observed
causing a hang on startup on a 12-CPU E4500.
I am not subscribed to this list, so please CC me on replies.
Signed-off-by: Andrea Shepard <andrea@persephoneslair.org>
Signed-off-by: David S. M...
math-emu: Fix signalling of underflow and inexact while packing result.[ Upstream commit 930cc144a043ff95e56b6888fa51c618b33f89e7 ]
I'm trying to move the powerpc math-emu code to use the include/math-emu bits.
In doing so I've been using TestFloat to see how good or bad we are
doing. For the most part the current math-emu code that PPC uses has
a number of issues that the code in include/math-emu seems to solve
(plus bugs we've had for ever that no one every r...
tcpv6: fix option space offsets with md5[ Upstream commit 53b125779fb0b29e5b316bf3dc7d199e6dcea567 ]
More breakage :-), part of timestamps just were previously
overwritten.
Signed-off-by: Ilpo Järvinen <ilpo.jarvinen@helsinki.fi>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
net: Fix netdev_run_todo dead-lock[ Upstream commit 58ec3b4db9eb5a28e3aec5f407a54e28f7039c19 ]
Benjamin Thery tracked down a bug that explains many instances
of the error
unregister_netdevice: waiting for %s to become free. Usage count = %d
It turns out that netdev_run_todo can dead-lock with itself if
a second instance of it is run in a thread that will then free
a reference to the device waited on by the first instance.
T...
scx200_i2c: Add missing class parametercommit 4a029abee0f1d69cb0445657d6fa5a38597bd17d upstream
The scx200_i2c driver is missing the .class parameter, which means no
i2c drivers are willing to probe for devices on the bus and attach to
them.
Signed-off-by: Len Sorensen <lsorense@csclub.uwaterloo.ca>
Signed-off-by: Jean Delvare <khali@linux-fr.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Pavel Emelyanov
Greg Kroah-Hartman
