bridge: don't leak master device on brctl addifIf we add a second ethernet device to bridge the former one leaks.
http://bugzilla.openvz.org/show_bug.cgi?id=1145
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
tun: mark tun/tap devices with NETIF_F_VIRTUAL flagThis flag is not only a "don't register me in CTs" sign, but
also a "can be a bridge master device" one.
Need it back.
http://bugzilla.openvz.org/show_bug.cgi?id=1145
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
nfs: use kthread_run_ve to start lockdLockd is virtualized, so must be created in VE context.
The reason it worked before (in 2.6.18 kernel for example) is that lockd is
rewritten to use new kthread API, which was not capable for creating threads
in containers.
Signed-off-by: Vitaliy Gusev <vgusev@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Add kthread_create_ve() and kthread_run_ve() functions #2These functions are like kthread_create() and kthread_run()
but create threads in VE context.
Signed-off-by: Vitaliy Gusev <vgusev@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Add do_ve_enter_hookWe will call this hook to enter to VE.
Signed-off-by: Vitaliy Gusev <vgusev@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
ve: sanitize capability checks for namespaces creationThe existing hard checking for namespaces mask is too bad. The
intention was to ban namespaces creation for containers, but
there aready exists a proper security mechanism to govern this
question.
Switch to existing capability-driven policy, thus allowing for
namespaces creation from the HN.
http://bugzilla.openvz.org/show_bug.cgi?id=1113
Signed-off-by: Konstantin Khlebnikov <khlebnikov@open...
netlink: Fix oops in netlink conntrack moduleIf we load conntrack modules after ve start one pointer on ve_struct
is NULL and accessing it causes an oops.
This is handled in most of the places, but the netlink interface.
Fix this one as well.
http://bugzilla.openvz.org/show_bug.cgi?id=788
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
ms: fix inotify umountOn umount two event will be dispatched to watcher:
1: inotify_dev_queue_event(.., IN_UNMOUNT,..)
2: remove_watch(watch, dev)
->inotify_dev_queue_event(.., IN_IGNORED, ..)
But if watcher has IN_ONESHOT bit set then the watcher will be released
inside first event. Which result in accessing invalid object later.
IMHO it is not pure regression. This bug wasn't triggered while initial
inotify in...
NFS: NFS super blocks in different VEs should be differentNFS: NFS super blocks in different VEs should be different
Teach nfs_compare_super to this
Bug #265926
Signed-off-by: Denis V. Lunev <den@openvz.org>
Signed-off-by: Vitaliy Gusev <vgusev@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
nfs: Fix access to freed memoryrpc_shutdown_client() frees xprt, so we can't use this xprt.
So move put_ve() to xprt::destroy level.
Bug https://bugzilla.sw.ru/show_bug.cgi?id=265628
Signed-off-by: Vitaliy Gusev <vgusev@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
cpt: Make the proper check for sigmaskinvalid check of TS_RESTORE_SIGMASK (always false!)
original code ..rhel5..2.6.24 code from diff-cpt-sigsuspend-lockup-20070131
if (!signal_pending(current) &&
!test_thread_flag(TIF_RESTORE_SIGMASK)) {
TIF_RESTORE_SIGMASK replaced with TS_RESTORE_SIGMASK and
after commit 7648d96 setting TS_RESTORE_SIGMASK always set TIF_SIGPENDING.
so, second check is not needed.
http://bugzilla.openvz.org/...
netfilter: Add check to the nat hooksPass skb if VE wasn't granded to have nat table.
Related to bug #1051
http://bugzilla.openvz.org/show_bug.cgi?id=1051
Signed-off-by: Vitaliy Gusev <vgusev@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
netfilter: Fix NULL dereference in nf_nat_setup_infoIf conntrack is allowed in VE but iptable_nat is not allowed and loaded
then Oops occurs:
BUG: unable to handle kernel NULL pointer dereference at 0000000000000008
IP: [<ffffffffa0123df6>] :nf_nat:nf_nat_setup_info+0x343/0x489
Oops: 0000 [1] SMP DEBUG_PAGEALLOC
CPU: 1
[<ffffffff8028c277>] ? poison_obj+0x27/0x32
[<ffffffffa012a084>] :iptable_nat:alloc_null_binding+0x44/0x46
[<ffffffffa01...
Correct per-process capabilities bounding set in CTOtherwise tasks in container may have unlimited capabilities...
(#127136)
Singed-off-by: Konstantin Khlebnikov <khlebnikov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
net: set ve context when init/exit method is calledBoth pernet init and exit methods are called:
- from VE context when VE is created;
- from VE0 context if module registers pernet operations
This difference in approches leads to many nasty things, since the
init callback can be actually called with wrong exec_env.
Unify both approaches.
Signed-off-by: Vitaliy Gusev <vgusev@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
iptables: setup init iptables mask before net initializationNet initialization uses iptables init mask and checks
VE_IP_IPTABLES6, VE_IP_FILTER6, VE_IP_MANGLE6.
Thus without setup before net init, VE's ipv6 iptables
will not be initialized.
Signed-off-by: Vitaliy Gusev <vgusev@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
xilinx_hwicap: remove improper wording in license statementcommit 09a35ce00fa6bbb8bd130a828807e237488aa7ea upstream.
GPLv2 doesn't allow additional restrictions to be imposed on any
code, so this wording needs to be removed from these files.
Signed-off-by: Stephen Neuendorffer <stephen.neuendorffer@xilinx.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
setup_per_zone_pages_min(): take zone->lock instead of zone->lru_lockcommit 1125b4e3949949b44a7c80b619507c6f61d62911 upstream.
This replaces zone->lru_lock in setup_per_zone_pages_min() with zone->lock.
There seems to be no need for the lru_lock anymore, but there is a need for
zone->lock instead, because that function may call move_freepages() via
setup_zone_migrate_reserve().
Signed-off-by: Gerald Schaefer <gerald.schaefer@de.ibm.com>
Acked-by: KAMEZAWA Hiro...
V4L/DVB (9621): Avoid writing outside shadow.bytes[] arraycommit 494264379d186bf806613d27aafb7d88d42f4212 upstream.
There were no check about the limits of shadow.bytes array. This offers
a risk of writing values outside the limits, overriding other data
areas.
Signed-off-by: Mauro Carvalho Chehab <mchehab@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
macfb: Do not overflow fb_fix_screeninfo.idcommit 89c223a616cddd9eab792b860f61f99cec53c4e8 upstream.
Don't overflow the 16-character fb_fix_screeninfo id string (fixes some
console erasing and blanking artifacts). Have the ID default to "Unknown"
on machines with no built-in video and no nubus devices. Check for
fb_alloc_cmap failure.
Signed-off-by: Finn Thain <fthain@telegraphics.com.au>
Signed-off-by: Geert Uytterhoeven <geert@linux...
b1isa: fix b1isa_exit() to really remove registered capi controllerscommit 1c594c05a75770ab53a329fc4eb99c797a4bc7d7 upstream.
On "/etc/init.d/capiutils stop", this oops happened.
The oops happens on reading /proc/capi/controllers because
capi_ctrl->procinfo is called for the wrongly not unregistered
controller, which points to b1isa_procinfo(), which was removed on
module unload.
b1isa_exit() did not call b1isa_remove() for its controllers because
io[0] == 0...
SUNRPC: Fix a performance regression in the RPC authentication codecommit 23918b03060f6e572168fdde1798a905679d2e06 upstream.
Fix a regression reported by Max Kellermann whereby kernel profiling
showed that his clients were spending 45% of their time in
rpcauth_lookup_credcache.
It turns out that although his processes had identical uid/gid/groups,
generic_match() was failing to detect this, because the task->group_info
pointers were not shared. This again le...
ieee1394: add quirk fix for Freecom HDDcommit 25a41b280083259d05d68f61633194344a1f8a9f upstream.
According to http://bugzilla.kernel.org/show_bug.cgi?id=12206, Freecom
FireWire Hard Drive 1TB reports max_rom=2 but returns garbage if block
read requests are used to read the config ROM. Force max_rom=0 to limit
them to quadlet read requests.
Reported-by: Christian Mueller <cm1@mumac.de>
Signed-off-by: Stefan Richter <stefanr@s5r6.i...
firewire: fw-ohci: fix IOMMU resource exhaustioncommit 1d1dc5e83f3299c108a4e44d58cc4bfef48c876a upstream.
There is a DMA map/ unmap imbalance whenever a block write request
packet is sent and then dequeued with ohci_cancel_packet. The latter
may happen frequently if the AR resp tasklet is executed before the AT
req tasklet for the same transaction.
Add the missing dma_unmap_single. This fixes
https://bugzilla.redhat.com/show_bug.cgi?id=4...
iwlagn: fix RX skb alignmentcommit 4018517a1a69a85c3d61b20fa02f187b80773137 upstream.
So I dug deeper into the DMA problems I had with iwlagn and a kind soul
helped me in that he said something about pci-e alignment and mentioned
the iwl_rx_allocate function to check for crossing 4KB boundaries. Since
there's 8KB A-MPDU support, crossing 4k boundaries didn't seem like
something the device would fail with, but when I look...
console ASCII glyph 1:1 mappingcommit 1c55f18717304100a5f624c923f7cb6511b4116d upstream.
For the console, there is a 1:1 mapping of glyphs which cannot be found
in the current font. This seems to be meant as a kind of 'emergency
fallback' for fonts without unicode mapping which otherwise would
display nothing readable on the screen.
At the moment it affects all chars for which no substitution character
is defined. In par...
unicode table for cp437commit f75bc06e5d00a827d3ec5d57bbb5b73a4adec855 upstream.
There is a major bug in the cp437 to unicode translation table. Char
0x7c is mapped to U+00a5 which is the Yen sign and wrong. The right
mapping is U+00a6 (broken bar).
Furthermore, a mapping for U+00b4 (a widely used character) is missing
even though easily possible.
The patch fixes these, as well as it provides a few other useful
...
net: eliminate warning from NETIF_F_UFO on bridgeBased on commit b63365a2d60268a3988285d6c3c6003d7066f93a upstream, but
drastically cut down for 2.6.27.y
The bridge device always causes a warning because when it is first created
it has the no checksum flag set along with all the segmentation/fragmentation
offload bits. The code in register_netdevice incorrectly checks for only
hardware checksum bit and ignores no checksum bit.
Similar code...
iwlwifi: clean key table in iwl_clear_stations_table functioncommit 40a9a8299116297429298e8fcee08235134883f7 upstream.
This patch cleans uCode key table bit map iwl_clear_stations_table
since all stations are cleared also the key table must be.
Since the keys are not removed properly on suspend by mac80211
this may result in exhausting key table on resume leading
to memory corruption during removal
This patch also fixes a memory corruption problem rep...
can: omit received RTR frames for single ID filter listscommit f706644d55f90e8306d87060168fef33804d6dd9 upstream.
Since commit d253eee20195b25e298bf162a6e72f14bf4803e5 the single CAN
identifier filter lists handle only non-RTR CAN frames.
So we need to omit the check of these filter lists when receiving RTR
CAN frames.
Signed-off-by: Oliver Hartkopp <oliver@hartkopp.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kro...
can: Fix CAN_(EFF|RTR)_FLAG handling in can_filtercommit d253eee20195b25e298bf162a6e72f14bf4803e5 upstream.
Due to a wrong safety check in af_can.c it was not possible to filter
for SFF frames with a specific CAN identifier without getting the
same selected CAN identifier from a received EFF frame also.
This fix has a minimum (but user visible) impact on the CAN filter
API and therefore the CAN version is set to a new date.
Indeed the 'old'...
e1000e: fix double release of mutexcommit 30bb0e0dce78427f3e5cb728d6b5ea73acbefffa upstream.
During a reset, releasing the swflag after it failed to be acquired would
cause a double unlock of the mutex. Instead, test whether acquisition of
the swflag was successful and if not, do not release the swflag. The reset
must still be done to bring the device to a quiescent state.
This resolves [BUG 12200] BUG: bad unlock balance de...
lib/idr.c: Fix bug introduced by RCU fixcommit 711a49a07f84f914aac26a52143f6e7526571143 upstream.
The last patch to lib/idr.c caused a bug if idr_get_new_above() was
called on an empty idr.
Usually, nodes stay on the same layer. New layers are added to the top
of the tree.
The exception is idr_get_new_above() on an empty tree: In this case, the
new root node is first added on layer 0, then moved upwards. p->layer
was not updated...
x86 Fix VMI crash on boot in 2.6.28-rc8commit ae8d04e2ecbb233926860e9ce145eac19c7835dc upstream.
VMI initialiation can relocate the fixmap, causing early_ioremap to
malfunction if it is initialized before the relocation. To fix this,
VMI activation is split into two phases; the detection, which must
happen before setting up ioremap, and the activation, which must happen
after parsing early boot parameters.
This fixes a crash on b...
Revert "sched_clock: prevent scd->clock from moving backwards"commit ca7e716c7833aeaeb8fedd6d004c5f5d5e14d325 upstream.
This reverts commit 5b7dba4ff834259a5623e03a565748704a8fe449, which
caused a regression in hibernate, reported by and bisected by Fabio
Comolli.
This revert fixes
http://bugzilla.kernel.org/show_bug.cgi?id=12155
http://bugzilla.kernel.org/show_bug.cgi?id=12149
Bisected-by: Fabio Comolli <fabio.comolli@gmail.com>
Requested-by: Rafae...
bonding: fix miimon failure countercommit fba4acda35f3119328bcba28aacefae14245d2bb upstream.
During the rework of the mii monitor for:
commit f0c76d61779b153dbfb955db3f144c62d02173c2
Author: Jay Vosburgh <fubar@us.ibm.com>
Date: Wed Jul 2 18:21:58 2008 -0700
bonding: refactor mii monitor
I left out the increment of the link failure counter. This
patch corrects that omission.
Signed-off-by: Jay Vosburgh <fubar@u...
AMD IOMMU: enable device isolation per defaultcommit 3ce1f93c6d53c3f91c3846cf66b018276c8ac2e7 upstream.
Impact: makes device isolation the default for AMD IOMMU
Some device drivers showed double-free bugs of DMA memory while testing
them with AMD IOMMU. If all devices share the same protection domain
this can lead to data corruption and data loss. Prevent this by putting
each device into its own protection domain per default.
Signed-off...
ib700wdt.c - fix buffer_underflow bugcommit 7c2500f17d65092d93345f3996cf82ebca17e9ff upstream.
This fixes Bug 11399:
if ibwdt_set_heartbeat(int t) is called with value 30 then
the check "if ((t < 0) || (t > 30))" in ibwdt_set_heartbeat
is not going to fail because t == 30, but in the loop, the
check wd_times[i] > t is never going to be true because
none of the wd_times are greater than the value of t (i.e. 30).
So we are exiting ...
applicom: Fix an unchecked user ioctl range and an error returncommit a7be18d436f0c7007794965e5af29fa1ffff1e05 upstream.
Closes bug #11408 by checking the card index range for command 0
Fixes the ioctl to return ENOTTY which is correct for unknown ioctls
Signed-off-by: Alan Cox <alan@redhat.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
XFS: Fix hang after disallowed rename across directory quota domainscommit 576a488a27f267af203f3ea69c700a1612335e9f upstream.
When project quota is active and is being used for directory tree
quota control, we disallow rename outside the current directory
tree. This requires a check to be made after all the inodes
involved in the rename are locked. We fail to unlock the inodes
correctly if we disallow the rename when the target is outside the
current directory...
powerpc: Use cpu_thread_in_core in smp_init for of_spin_mapcommit 6a75a6b8e85e92cc774d42a4e113c76c30b5a539 upstream.
We used to assume that even numbered threads were the primary
threads, ie those that would be listed and started as a cpu from
open firmware. Replace a left over is even (% 2) check with a check
for it being a primary thread and update the comments.
Tested with a debug print on pseries, identical code found for cell.
Signed-off-by: M...
Pavel Emelyanov
Greg Kroah-Hartman
