Changes

Jump to: navigation, search

Download/kernel/rhel5/028stab053.4/changes

11,821 bytes added, 21:03, 20 March 2008
created
== Changes ==
* Major mainstream security fix ({{CVE|2008-0001}}).
* Updated to latest RHEL5 kernel (2.6.18-53.1.4.el5) -- security fixes ({{RHSA|2007:0993|-13}}).
* utimensat() syscall backport for new distros.
* CPT fixes/improvements.
* CIFS bugfix.
* Other minor fixes.

=== Config changes ===
Added:
* +<code>CONFIG_FB_VESA=y</code>
Removed:
* -<code>CONFIG_FB_INTEL</code> (was m)

=== Compatibility notes ===

* Checkpointing file format changed; live migration to earlier kernels won't work.
<includeonly>[[{{PAGENAME}}/changes#Patches|{{Long changelog message}}]]</includeonly><noinclude>
=== Patches ===
==== diff-cifs-close-20071218 ====
<div class="change">Patch from Steve French &lt;sfrench@us.ibm.com&gt;<br/>
[CIFS] Fix oops in find_writable_file

There was a case in which find_writable_file was not waiting long enough
under heavy stress when writepages was racing with close of the file
handle being used by the write.

Signed-off-by: Steve French &lt;sfrench@us.ibm.com&gt;

X-Git-Tag: v2.6.24-rc1~1382~42<br/>
[http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=15745320f374aa6cbfe4836b76469159c0f49640 X-Git-Url]
</div>

==== diff-cpt-close-socket-in-correct-env-20071205 ====
<div class="change"> Patch from Andrey Mirkin &lt;major@openvz.org&gt;<br/>
[PATCH] CPT: set correct context on socket close

Sockets should be closed in context of VE,
in other case resets can be sent and connection
on other side will be closed prematurely during live migration.

Bug #95113.
</div>

==== diff-cpt-dump-tmpfs-fix-20071214 ====
<div class="change">Patch from Andrey Mirkin &lt;major@openvz.org&gt;<br/>
[PATCH] CPT: clone kernel threads for exec() with CLONE_VFORK

During checkpointing kernel threads are created to dump tmpfs with help of
tar. Arguments are passed to this kernel thread from parent. If parent exits
due to recieved signal then created kernel thread will get oops during access
to args.

Create thread with CLONE_VFORK flag, so parent process will wait until thread
will do exec().

Bug #96002.
</div>

==== diff-cpt-rename-ct-20071224 ====
<div class="change">Patch from Kirill Korotaev &lt;dev@openvz.org&gt;<br/>
[PATCH] CPT: rename VE -&gt; CT (container) in user visible messages
</div>

==== diff-cpt-rst-mask-mxcsr-bits-20071201: ====
<div class="change">Patch from Evgeny Kravtsunov &lt;emkravts@openvz.org&gt;<br/>
[PATCH] CPT: be carefull with MXCSR register on restore

Patch introduces rst_apply_mxcsr_mask function that is to be called from
rst_restore_process for masking 6 and 16-31 bits in MXCSR register if SSE2 is
not supported on destination HN.

When VE migrates from i386 HN with sse2 support to i386 HN without sse2
support (P3) we are facing general protection fault on restore process
that uses fpu. The reason is described in Intel Architectures Software
Developer's Manual (Volume 1 Basic Architecture):

<pre class="simple">
"
10.2.3 MXCSR Control and Status Register

The 32-bit MXCSR register contains control and status information for SSE,
SSE2, SSE3, and SSE3 SIMD floating-point operations. This register contains:
...
denormals-are-zeros flag that controls how SIMD floating-point instructions
handle denormal source operands
...
Bits 16 through 31 of MXCSR register are reserved and are cleared on a
power-up or reset of the processor; attempting to write a non-zero value to
these bits, using either FXRSTOR or LDMXCSR instructions, will result in a
general-protection exception (# GP) being generated.
...
10.2.3.4 Denormals-Are-Zeros
...
The denormals-are-zeros mode was introduced inthe Pentium 4 and Intel Xeon
processor with the SSE2 extensions... In earlier IA-32 processors and in some
models of Pentium 4 processor, this flag (bit 6) is reserved. Attempting to
set bit 6 of the MXCSR registers on processors that do not support the DAZ
flag will cause a general protection exception (# GP).
"
</pre>

{{bug|741}}.
</div>

==== diff-fairsched-timer-nohz-20071217 ====
<div class="change">Patch from Evgeny Kravtsunov &lt;emkravts@openvz.org&gt;<br/>
[PATCH] fairsched: requires timer ints even with NOHZ

We are facing hang on boot ovz-xen kernel on smp machines. Hang takes place
on loading modules in stop_machine_run on waiting for completion do_stop
thread (sys_init_module-&gt;stop_machine_run-&gt;__stop_machine_run-&gt;
wait_for_completion). This happens due to 1 or more of 4 physical cpus that
are running idle tasks are not available for running stopmachine thread.
The reason is next_timer_interrupt function prevents exiting tickless mode on an
idle cpu in xen's stop_hz_timer.

The solution is to make next_timer_interrupt() return jiffies when
CONFIG_SCHED_VCPU is defined.
No better solution now available...

{{bug|749}}.
</div>

==== diff-ms-fs-utimensat-20071225 ====
<div class="change">Patch from Kirill Shileev &lt;kshileev@sw.ru&gt;<br/>
[PATCH] fs: utimensat syscall backported

Some newer glibc uses lutimes() syscall which asks for sys_utimensat().
sys_utimensat is backported from 2.6.23, with additional conversion
timespec-&gt;timeval in order to get rid from "wrong pointer" warning.

{{bug|725}}.
</div>

==== diff-ms-nf-ipt-CONNMARK-compat-b-20071109 ====
<div class="change">Patch from Konstantin Khorenko &lt;khorenko@openvz.org&gt;<br/>
[PATCH] xt_CONNMARK compat cleanup

The main fix is usage of xt_entry_target instead of xt_entry_match (found by Evgeny).
Previous patch is still ok due to these structs are equal.
Nevertheless - cleanup. Also some local variables renames: match-&gt;target.

Bug #93689.
</div>

==== diff-ms-nf-ipt-MARK-compat-b-20071109 ====
<div class="change">Patch from Konstantin Khorenko &lt;khorenko@openvz.org&gt;<br/>
[PATCH] xt_MARK compat cleanup

The main change is usage of xt_entry_target instead of xt_entry_match (found by Evgeny).
Previous patch is still ok due to these structs are equal.
Nevertheless - cleanup. Also some local variables renames: match-&gt;target.
</div>

==== diff-ubc-net-orphan-msg-20071225 ====
<div class="change">Patch from Vasily Averin &lt;vvs@openvz.org&gt;<br/>
[PATCH] UBC: enhance orphan socket warnings

Messages like "Out of socket memory" disturbs the customers,
they would like to know what VE generates these messages.

{{bug|760}}.
</div>

==== diff-ve-ipt-hashlimit-20071220 ====
<div class="change">Patch from Evgeny Kravtsunov &lt;emkravts@openvz.org&gt;<br/>
[PATCH] VE: ipt_hashlimit virtualization

Patch virtualizes ipt_hashlimit match:

<ol>
<li>Introduced struct ve_ipt_hashlimit and corresponding _ipt_hashlimit entry
in ve_struct. ve_ipt_hashlimit contains global variables from ipt_hashlimit
module.</li>
<li>Functions init_ipt_hashlimit, fini_ipt_hashlimit implemented.
Current functions designed to be called from ipt_hashlimit_init/fini and
hashlimit_checkentry/destroy to alloc ve_ipt_hashlimit
structure and initialize/cleanup _ipt_hashlimit entry in ve_struct.</li>
<li> Functions ipt_hashlimit_init, ipt_hashlimit_exit updated.</li>
</ol>
</div>

==== diff-ve-ipt-rename-ct-20071224 ====
<div class="change">Patch from Kirill Korotaev &lt;dev@openvz.org&gt;<br/>
[PATCH] VE: rename VE -&gt; CT (container) in user visible messages
</div>

==== diff-ve-printk-decls-20071214 ====
<div class="change">Patch from Kirill Korotaev &lt;dev@openvz.org&gt;<br/>
[PATCH] fix compilation in case CONFIG_PRINTK=n

{{bug|746}}.
</div>

==== diff-ve-rename-ct-20071224 ====
<div class="change">[PATCH] VE: rename VE -&gt; CT (container) in user visible messages.
</div>

==== linux-2.6.18-r8169-2.2LK-NAPI-ms-2.6.24-rc3.patch ====
<div class="change">Patch from Kostya (khorenko@):<br/>
Updates r8169 driver up to latest mainstream version.

Bug #96092.
</div>

==== diff-snd-hda-intel ====
<div class="change">Patch from Kirill Korotaev:<br/>
Fix intel hda compilation.

{{bug|746}}.
</div>

==== diff-cpt-net-restore-hwaddr-20071228 ====
<div class="change">Patch from Andrey Mirkin &lt;major@openvz.org&gt;<br/>
[PATCH] CPT: Add support for netdevice hardware addresses

In current implementation netdevice hardware (MAC) address is not saved, so
devices like tap will have different MAC address after restore. This will
lead to creation of new local IPv6 address based on MAC address.

This patch allows to save/restore hardware addresses on all netdevices.

Also this patch changes cpt image version.
This is done because of following code we have now:

<pre>
err = rst_get_object(CPT_OBJ_NET_DEVICE, sec, &amp;di, ctx);
if (err)
return err;

if (di.cpt_next &gt; sizeof(di)) {
err = rst_restore_tuntap(sec, &amp;di, ctx);
if (err)
return err;
}
</pre>

It was supposed that we will have only netdevice image or netdevice image and
tuntap image.

With new code it will be possible to have netdevice and hwaddr image, so old
kernel will consider hwaddr image as tuntap image. And will return -EINVAL
while reading this image.
So, migration to old kernel is prohibited, just to be sure that sensible error
will be returned in this case.

Bug #96040.
</div>

==== diff-cpt-net-restore-stats-20071228 ====
<div class="change">Patch from Andrey Mirkin &lt;major@openvz.org&gt;<br/>
[PATCH] CPT: Add support for network statistics

In current implementation network statistics are not dumped at all.
This patch allows to save/restore network statistics on all supported network
devices.

Statistics is restored on current cpu.
</div>

==== diff-cpt-net-restore-veth-20071228 ====
<div class="change">Patch from Andrey Mirkin &lt;major@openvz.org&gt;<br/>
[PATCH] CPT: enhance support of veth device

In current implementation veth devices are not dumped correctly and
we can lose private veth data.

This patch allows to save/restore private veth data.
</div>

==== diff-cpt-shm-restore-iter-20071228 ====
<div class="change">Patch from Alexey Kuznetsov &lt;alexey@openvz.org&gt;<br/>
[CPT] iterative shmem migration: restore part

It is logically simple and cannot hurt normal functionality.
</div>

==== diff-cpt-shmem-restore-iter-support-20071228 ====
<div class="change">Patch from Alexey Kuznetsov &lt;alexey@openvz.org&gt;<br/>
[CPT] changes to core shmem to support iterative shmem migration

New exported function shmem_insert_page() to insert new page to shmem inode.
No ifdefs. It cannot be private to CPT because triggers too much of exports.
</div>

==== diff-cpt-shmlimits-20071228 ====
<div class="change">Patch from Alexey Kuznetsov &lt;alexey@openvz.org&gt;<br/>

[CPT] ugly struts to migrate 64bit ipc limits

Ugly mistake, only 32 bits of 64bit ipc limits migrate.
Quick fix is to limit them to 0xFFFFFFFF while checkpointing.

Even uglier strut is to check for 0 limit and to promote it
to something meaningful.

Probably, we can use the fact that image version is advanced,
change the structure and promote this limit to 0xFFFFFFFF when
we see old version.
</div>

==== diff-ubc-net-twbucket-msg-20071226 ====
<div class="change">Patch from Vasily Averin &lt;vvs@openvz.org&gt;<br/>

[PATCH] enhance "time wait bucket table overflow" message

CTID added to the message "TCP: time wait bucket table overflow"

{{bug|767}}.
</div>

==== diff-ve-cap-bset-b-20071228 ====
<div class="change">Patch from Vasily Averin &lt;vvs@openvz.org&gt;<br/>
[PATCH] kernel.cap-bound sysctl cleanup

* proc entry is global and therefore it is ReadOnly-accessible from inside VE
* added check for sysctl handler

{{bug|524}}.
</div>

==== diff-security-dir-truncate-20080114 ====
<div class="change">Mainstream security bug with O_TRUNC on directories.

{{CVE|2008-0001}}.
Linus commit 22d699aa88897de59b33ed8579e1df8331035b86
</div>

Navigation menu