Difference between revisions of "Download/kernel/rhel5/028stab039.1/changes"
(cre (not yet finished)) |
m (Protected "Download/kernel/rhel5/028stab039.1/changes": Robot: Protecting a list of files. [edit=autoconfirmed:move=autoconfirmed]) |
||
(5 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
== Changes == | == Changes == | ||
− | * Critical fix in CPT | + | * Rebase to RHEL5 8.1.8 kernel |
+ | * Critical fix in CPT | ||
* Minor fixes for bridge, XEN x8664, CPT, 4GB split, nfs, vpids, etc. | * Minor fixes for bridge, XEN x8664, CPT, 4GB split, nfs, vpids, etc. | ||
− | * Fix swsusp on SLES | + | * Fix swsusp on SLES, CBQ fairness on low rates, NFS startup deadlock. |
* CBQ fairness on low rates fixed | * CBQ fairness on low rates fixed | ||
* NFS startup deadlock. | * NFS startup deadlock. | ||
− | |||
=== Config changes === | === Config changes === | ||
Line 15: | Line 15: | ||
==== diff-arch-4gb-xen-b-20070613 ==== | ==== diff-arch-4gb-xen-b-20070613 ==== | ||
<div class="change"> | <div class="change"> | ||
− | Patch from Sergey Ya Korshunoff (seyko2@) | + | Patch from Sergey Ya Korshunoff (seyko2@)<br/> |
− | <br/> | ||
Fix TSS handling in vm86.c in Xen kernel. | Fix TSS handling in vm86.c in Xen kernel. | ||
− | |||
Fix TSS handling in vm86.c in Xen kernel. | Fix TSS handling in vm86.c in Xen kernel. | ||
There was a stupid misprint due to which load_esp0() | There was a stupid misprint due to which load_esp0() | ||
was not called in Xen kernels at all. | was not called in Xen kernels at all. | ||
− | |||
</div> | </div> | ||
==== diff-cpt-deleted-ref-b-20070613 ==== | ==== diff-cpt-deleted-ref-b-20070613 ==== | ||
− | |||
<div class="change"> | <div class="change"> | ||
− | Patch from Andrey Mirkin <major@openvz.org> | + | Patch from Andrey Mirkin <major@openvz.org><br/> |
− | <br/> | ||
[PATCH] CPT: remove redundant kfree() | [PATCH] CPT: remove redundant kfree() | ||
− | |||
Remove redundant kfree() call from open_deleted() function. | Remove redundant kfree() call from open_deleted() function. | ||
Now ii is static structure and kfree on it leads to oops :/ | Now ii is static structure and kfree on it leads to oops :/ | ||
− | |||
− | |||
− | |||
+ | Bug #84173. | ||
</div> | </div> | ||
==== diff-ms-bridge-nf-ebt-among-20070607 ==== | ==== diff-ms-bridge-nf-ebt-among-20070607 ==== | ||
− | |||
<div class="change"> | <div class="change"> | ||
Patch from Evgeny Kravtsunov <emkravts@openvz.org><br/> | Patch from Evgeny Kravtsunov <emkravts@openvz.org><br/> | ||
[PATCH] ebtables: ebtables_among fails on check() on x86-64 | [PATCH] ebtables: ebtables_among fails on check() on x86-64 | ||
− | |||
ebtables module calls the checker ebt_among_check() | ebtables module calls the checker ebt_among_check() | ||
that compares the correct size of user supplied data. | that compares the correct size of user supplied data. | ||
Line 59: | Line 49: | ||
On x86_64 EBT_ALIGN does alignment on 8 bytes, so the problem arises. | On x86_64 EBT_ALIGN does alignment on 8 bytes, so the problem arises. | ||
− | |||
− | |||
− | |||
+ | {{bug|576}}. | ||
</div> | </div> | ||
==== diff-ms-net-bridge-via-eth-c-20070613 ==== | ==== diff-ms-net-bridge-via-eth-c-20070613 ==== | ||
<div class="change"> | <div class="change"> | ||
− | Patch from Dmitry Mishin <dim@openvz.org> | + | Patch from Dmitry Mishin <dim@openvz.org><br/> |
− | <br/> | ||
[PATCH] Fix bridge removal with active master device | [PATCH] Fix bridge removal with active master device | ||
− | |||
Fix bridge removal with active master device: | Fix bridge removal with active master device: | ||
− | simple misprint | + | simple misprint. |
− | |||
</div> | </div> | ||
==== diff-rh-mmap-return-addr-b-20070608 ==== | ==== diff-rh-mmap-return-addr-b-20070608 ==== | ||
− | |||
<div class="change"> | <div class="change"> | ||
− | Patch from Vitaliy Gusev <vgusev@openvz.org> | + | Patch from Vitaliy Gusev <vgusev@openvz.org><br/> |
− | <br/> | ||
[PATCH] IA64: mmap returns EINVAL if len==0 | [PATCH] IA64: mmap returns EINVAL if len==0 | ||
− | |||
mmap on IA64 architecture returns EINVAL when len==0, | mmap on IA64 architecture returns EINVAL when len==0, | ||
while old kernel behaviour is to return addr in this case. | while old kernel behaviour is to return addr in this case. | ||
Line 92: | Line 74: | ||
have to keep compatibility for some time with old stupid | have to keep compatibility for some time with old stupid | ||
apps like rpm which did exactly this and expected success :/ | apps like rpm which did exactly this and expected success :/ | ||
− | |||
− | |||
− | |||
+ | Bug #83938. | ||
</div> | </div> | ||
==== diff-arch-4gb-suspend-fix-20070629 ==== | ==== diff-arch-4gb-suspend-fix-20070629 ==== | ||
− | |||
<div class="change"> | <div class="change"> | ||
− | Patch from Dmitry Monakhov <dmonakhov@openvz.org> | + | Patch from Dmitry Monakhov <dmonakhov@openvz.org><br/> |
− | <br/> | ||
[PATCH] 4gb split: fix broken suspend | [PATCH] 4gb split: fix broken suspend | ||
− | |||
Following code was removed by 4gb split patch set, | Following code was removed by 4gb split patch set, | ||
after this suspend was broken. Fix it. | after this suspend was broken. Fix it. | ||
− | |||
− | |||
− | |||
+ | Bug #84909. | ||
</div> | </div> | ||
==== diff-cpt-dump-eintr-20070622 ==== | ==== diff-cpt-dump-eintr-20070622 ==== | ||
− | |||
<div class="change"> | <div class="change"> | ||
Patch from Andrey Mirkin <major@openvz.org><br/> | Patch from Andrey Mirkin <major@openvz.org><br/> | ||
[PATCH] CPT: check ctx->file for NULL | [PATCH] CPT: check ctx->file for NULL | ||
− | |||
We need to be sure that dumpfile pointer (ctx->file) is not NULL, because we | We need to be sure that dumpfile pointer (ctx->file) is not NULL, because we | ||
can't start dump without it. | can't start dump without it. | ||
Line 127: | Line 100: | ||
can't simply restart dump ioctl. The reason is that dumpfile is already | can't simply restart dump ioctl. The reason is that dumpfile is already | ||
closed and we need to reopen it before calling dump ioctl second time. | closed and we need to reopen it before calling dump ioctl second time. | ||
− | |||
− | |||
− | |||
+ | Bug #84412. | ||
</div> | </div> | ||
Line 138: | Line 109: | ||
[PATCH] CPT: ignore user signals in kernel threads | [PATCH] CPT: ignore user signals in kernel threads | ||
− | |||
Under ptrace signals are not handled immediately and we have non-zero | Under ptrace signals are not handled immediately and we have non-zero | ||
shared_pending mask on current task, so fork() returns -ERESTARTNOINTR and | shared_pending mask on current task, so fork() returns -ERESTARTNOINTR and | ||
Line 144: | Line 114: | ||
We need to block signals SIGCHLD, SIGWINCH, SIGCONT and SIGURG to be sure that | We need to block signals SIGCHLD, SIGWINCH, SIGCONT and SIGURG to be sure that | ||
this signals will be ignored while kernel thread creation. | this signals will be ignored while kernel thread creation. | ||
− | |||
− | |||
− | |||
+ | Bug #84412. | ||
</div> | </div> | ||
==== diff-cpt-rm-kill-external-process-20070702 ==== | ==== diff-cpt-rm-kill-external-process-20070702 ==== | ||
<div class="change"> | <div class="change"> | ||
− | Patch from Kirill Korotaev <dev@openvz.org> | + | Patch from Kirill Korotaev <dev@openvz.org><br/> |
− | <br/> | ||
[PATCH] CPT: remove killing of external processes | [PATCH] CPT: remove killing of external processes | ||
− | |||
External processes can't be easily detected. | External processes can't be easily detected. | ||
Even if process has a virtual pid, it doesn't | Even if process has a virtual pid, it doesn't | ||
Line 166: | Line 132: | ||
Revert of the patches: | Revert of the patches: | ||
− | + | * diff-cpt-kill-external-process-20070125 | |
− | + | * diff-cpt-kill-external-processes-b-20070515 | |
− | |||
</div> | </div> | ||
==== diff-ms-ia32-compat-autofs4-20070618 ==== | ==== diff-ms-ia32-compat-autofs4-20070618 ==== | ||
<div class="change"> | <div class="change"> | ||
− | + | Patch from Roman Chechnev <rchechnev@openvz.org><br/> | |
− | Patch from Roman Chechnev <rchechnev@openvz.org> | ||
− | <br/> | ||
[PATCH] autofs4: compat layer for x8664 | [PATCH] autofs4: compat layer for x8664 | ||
− | |||
autofs4 uses platform dependant protocol | autofs4 uses platform dependant protocol | ||
which has 'long' data types inside data structures | which has 'long' data types inside data structures | ||
Line 184: | Line 146: | ||
Thanks to this 32bit autofs tools do not work with 64 bit kernel. | Thanks to this 32bit autofs tools do not work with 64 bit kernel. | ||
− | |||
− | |||
− | |||
+ | Bug #82040. | ||
</div> | </div> | ||
==== diff-ms-jbd-cpt-list-20070702 ==== | ==== diff-ms-jbd-cpt-list-20070702 ==== | ||
− | |||
<div class="change"> | <div class="change"> | ||
Patch from Jan Kara <jack@suse.cz><br/> | Patch from Jan Kara <jack@suse.cz><br/> | ||
[PATCH] jbd: remove_transaction fix | [PATCH] jbd: remove_transaction fix | ||
− | |||
We have to check that also the second checkpoint list is non-empty before | We have to check that also the second checkpoint list is non-empty before | ||
dropping the transaction. | dropping the transaction. | ||
− | Signed-off-by: Jan Kara <jack@suse.cz> | + | Signed-off-by: Jan Kara <jack@suse.cz><br/> |
− | Signed-off-by: Andrew Morton <akpm@osdl.org> | + | Signed-off-by: Andrew Morton <akpm@osdl.org><br/> |
Signed-off-by: Linus Torvalds <torvalds@osdl.org> | Signed-off-by: Linus Torvalds <torvalds@osdl.org> | ||
− | X-Git-Tag: v2.6.16-rc2~350 | + | X-Git-Tag: v2.6.16-rc2~350<br/> |
− | X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=43c3e6f5abdf6acac9b90c86bf03f995bf7d3d92 | + | X-Git-Url: [http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=43c3e6f5abdf6acac9b90c86bf03f995bf7d3d92 43c3e6f5abdf6acac9b90c86bf03f995bf7d3d92] |
− | |||
</div> | </div> | ||
==== diff-ms-net-bridge-carrier-check-20070627 ==== | ==== diff-ms-net-bridge-carrier-check-20070627 ==== | ||
<div class="change"> | <div class="change"> | ||
− | Patch from Konstantin Khorenko <khorenko@openvz.org> | + | Patch from Konstantin Khorenko <khorenko@openvz.org><br/> |
− | <br/> | ||
[PATCH] bridge: race between br_del_if() and port_carrier_check() | [PATCH] bridge: race between br_del_if() and port_carrier_check() | ||
− | |||
This patch eliminates a race between br_del_if() and port_carrier_check() | This patch eliminates a race between br_del_if() and port_carrier_check() | ||
which leads to the oops in the latter function. | which leads to the oops in the latter function. | ||
This patch is a port of 2 mainstream patches: | This patch is a port of 2 mainstream patches: | ||
− | + | <pre> | |
[BRIDGE] br_if: Fix oops in port_carrier_check | [BRIDGE] br_if: Fix oops in port_carrier_check | ||
Signed-off-by: Jarek Poplawski <jarkao2@o2.pl> | Signed-off-by: Jarek Poplawski <jarkao2@o2.pl> | ||
− | |||
Acked-by: Stephen Hemminger <shemminger@linux-foundation.org> | Acked-by: Stephen Hemminger <shemminger@linux-foundation.org> | ||
Signed-off-by: David S. Miller <davem@davemloft.net> | Signed-off-by: David S. Miller <davem@davemloft.net> | ||
commit a10d567c89dfba90dde2e0515e25760fd74cde06 | commit a10d567c89dfba90dde2e0515e25760fd74cde06 | ||
− | + | </pre> | |
and | and | ||
− | + | <pre> | |
[BRIDGE]: eliminate workqueue for carrier check | [BRIDGE]: eliminate workqueue for carrier check | ||
Line 239: | Line 193: | ||
Signed-off-by: David S. Miller <davem@davemloft.net> | Signed-off-by: David S. Miller <davem@davemloft.net> | ||
commit 269def7c505b4d229f9ad49bf88543d1e605533e | commit 269def7c505b4d229f9ad49bf88543d1e605533e | ||
− | + | </pre> | |
http://bugzilla.kernel.org/show_bug.cgi?id=7962 | http://bugzilla.kernel.org/show_bug.cgi?id=7962 | ||
− | |||
− | |||
− | |||
+ | Bug #84789. | ||
</div> | </div> | ||
Line 252: | Line 204: | ||
[BRIDGE]: adding new device to bridge should enable if up | [BRIDGE]: adding new device to bridge should enable if up | ||
− | + | Port of mainstream patch: | |
− | Port of | ||
+ | <pre> | ||
[BRIDGE]: adding new device to bridge should enable if up | [BRIDGE]: adding new device to bridge should enable if up | ||
Aji Srinivas [Thu, 8 Mar 2007 00:10:53 +0000 (16:10 -0800)] | Aji Srinivas [Thu, 8 Mar 2007 00:10:53 +0000 (16:10 -0800)] | ||
Line 272: | Line 224: | ||
</pre> | </pre> | ||
− | Bug #84789 | + | Bug #84789. |
− | |||
</div> | </div> | ||
==== diff-ms-net-bridge-via-eth-d-20070622 ==== | ==== diff-ms-net-bridge-via-eth-d-20070622 ==== | ||
<div class="change"> | <div class="change"> | ||
− | Patch from Kirill Korotaev <dev@openvz.org> | + | Patch from Kirill Korotaev <dev@openvz.org><br/> |
− | <br/> | ||
[PATCH] bridge: fix unaligned access to br->bridge_id | [PATCH] bridge: fix unaligned access to br->bridge_id | ||
− | |||
bridge_id is an unaligned structure of chars, which | bridge_id is an unaligned structure of chars, which | ||
MUST be aligned on 2 bytes boundary for compare_ether_addr(). | MUST be aligned on 2 bytes boundary for compare_ether_addr(). | ||
Line 292: | Line 241: | ||
So move our field to a bit another place, | So move our field to a bit another place, | ||
returning back alignment of bridge_id. | returning back alignment of bridge_id. | ||
− | |||
− | |||
− | |||
+ | Bug #84852. | ||
</div> | </div> | ||
==== diff-ms-net-sched-cbq-dbg-20070626 ==== | ==== diff-ms-net-sched-cbq-dbg-20070626 ==== | ||
<div class="change"> | <div class="change"> | ||
− | Patch from Vitaliy Gusev <vgusev@openvz.org> | + | Patch from Vitaliy Gusev <vgusev@openvz.org><br/> |
− | <br/> | ||
− | |||
Debug and workaround patch for "division by zero" in sch_cbq module | Debug and workaround patch for "division by zero" in sch_cbq module | ||
− | |||
Debug and workaround patch for "division by zero" in sch_cbq module | Debug and workaround patch for "division by zero" in sch_cbq module | ||
(in cbq_normalize_quanta() function). | (in cbq_normalize_quanta() function). | ||
For some unknown reason "division by zero" occurs and this patch | For some unknown reason "division by zero" occurs and this patch | ||
should help to understand the broken math. | should help to understand the broken math. | ||
− | |||
− | |||
− | |||
+ | Bug #83243. | ||
</div> | </div> | ||
Line 319: | Line 261: | ||
<div class="change"> | <div class="change"> | ||
Patch from Kirill Korotaev <dev@openvz.org><br/> | Patch from Kirill Korotaev <dev@openvz.org><br/> | ||
− | |||
[PATCH] reiserfs: fix key decrementing | [PATCH] reiserfs: fix key decrementing | ||
− | |||
This patch fixes a bug in function decrementing a key of stat data item. | This patch fixes a bug in function decrementing a key of stat data item. | ||
Line 332: | Line 272: | ||
filesystem tree rebuilding. | filesystem tree rebuilding. | ||
− | Signed-off-by: Vladimir Saveliev <vs@namesys.com> | + | Signed-off-by: Vladimir Saveliev <vs@namesys.com><br/> |
− | Cc: <reiserfs-dev@namesys.com> | + | Cc: <reiserfs-dev@namesys.com><br/> |
− | Signed-off-by: Andrew Morton <akpm@linux-foundation.org> | + | Signed-off-by: Andrew Morton <akpm@linux-foundation.org><br/> |
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> | Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> | ||
− | X-Git-Tag: v2.6.21-rc7~16 | + | X-Git-Tag: v2.6.21-rc7~16<br/> |
− | X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=6d205f120547043de663315698dcf5f0eaa31b5c | + | X-Git-Url: [http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=6d205f120547043de663315698dcf5f0eaa31b5c 6d205f120547043de663315698dcf5f0eaa31b5c] |
− | |||
− | |||
</div> | </div> | ||
Line 348: | Line 286: | ||
[PATCH] proc: remove pathetic ->deleted WARN_ON | [PATCH] proc: remove pathetic ->deleted WARN_ON | ||
− | |||
WARN_ON(de && de->deleted); is sooo unreliable. Why? | WARN_ON(de && de->deleted); is sooo unreliable. Why? | ||
− | + | <pre> | |
proc_lookup remove_proc_entry | proc_lookup remove_proc_entry | ||
=========== ================= | =========== ================= | ||
Line 367: | Line 304: | ||
else | else | ||
de->deleted = 1; | de->deleted = 1; | ||
− | + | </pre> | |
So, if you have some strange oops [1], and doesn't see this WARN_ON it means | So, if you have some strange oops [1], and doesn't see this WARN_ON it means | ||
nothing. | nothing. | ||
[1] try_module_get() of module which doesn't exist, two lines below | [1] try_module_get() of module which doesn't exist, two lines below | ||
− | + | should suffice, or not? | |
Signed-off-by: Alexey Dobriyan <adobriyan@sw.ru> | Signed-off-by: Alexey Dobriyan <adobriyan@sw.ru> | ||
− | Signed-off-by: Andrew Morton <akpm@linux-foundation.org> | + | Signed-off-by: Andrew Morton <akpm@linux-foundation.org><br/> |
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> | Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> | ||
− | X-Git-Tag: v2.6.22-rc1~756 | + | X-Git-Tag: v2.6.22-rc1~756<br/> |
− | X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=578c8183c116e623d53b05d4c79762d053c7090f | + | X-Git-Url: [http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=578c8183c116e623d53b05d4c79762d053c7090f 578c8183c116e623d53b05d4c79762d053c7090f] |
− | |||
</div> | </div> | ||
==== diff-rh-utrace-late-ptrace-may-attach-20070626 ==== | ==== diff-rh-utrace-late-ptrace-may-attach-20070626 ==== | ||
<div class="change"> | <div class="change"> | ||
− | Patch from Alexey Dobriyan <adobriyan@openvz.org> | + | Patch from Alexey Dobriyan <adobriyan@openvz.org><br/> |
− | |||
− | <br/> | ||
Code implementing ptrace_attach() does ~1/3 of job of attaching _before_ | Code implementing ptrace_attach() does ~1/3 of job of attaching _before_ | ||
− | |||
Code implementing ptrace_attach() does ~1/3 of job of attaching _before_ | Code implementing ptrace_attach() does ~1/3 of job of attaching _before_ | ||
checking if attaching process have permissions to mess with target task | checking if attaching process have permissions to mess with target task | ||
Line 398: | Line 331: | ||
NOTE: Right now | NOTE: Right now | ||
− | + | <source lang="c"> | |
− | + | while (1) | |
− | + | ptrace(PTRACE_ATTACH, pid, NULL, NULL); | |
− | + | </source> | |
reliably (and _quickly_) crashes kernel if pid is pid of process | reliably (and _quickly_) crashes kernel if pid is pid of process | ||
like syslogd normal user can't attach to: | like syslogd normal user can't attach to: | ||
− | + | <pre> | |
Unable to handle kernel NULL pointer dereference at 0000000000000000 | Unable to handle kernel NULL pointer dereference at 0000000000000000 | ||
RIP: [<0000000000000000>] | RIP: [<0000000000000000>] | ||
Line 419: | Line 352: | ||
sysret_signal+0x21/0x31 | sysret_signal+0x21/0x31 | ||
ptregscall_common+0x67/0xac | ptregscall_common+0x67/0xac | ||
+ | </pre> | ||
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245735 | https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=245735 | ||
− | |||
</div> | </div> | ||
Line 429: | Line 362: | ||
[PATCH] netfilter: wrong debug assertion in nat code | [PATCH] netfilter: wrong debug assertion in nat code | ||
− | |||
Simple compilation fix if NETFILTER_DEBUG is on | Simple compilation fix if NETFILTER_DEBUG is on | ||
− | |||
</div> | </div> | ||
Line 439: | Line 370: | ||
[PATCH] netfilter: skb struct doesn't have nf_debug anymore | [PATCH] netfilter: skb struct doesn't have nf_debug anymore | ||
− | |||
nf_debug field is missing in modern kernels, | nf_debug field is missing in modern kernels, | ||
but in some places we still refer to it. | but in some places we still refer to it. | ||
− | |||
− | |||
− | |||
+ | {{bug|627}}. | ||
</div> | </div> | ||
Line 452: | Line 380: | ||
Patch from Vasily Tarasov <vtaras@openvz.org><br/> | Patch from Vasily Tarasov <vtaras@openvz.org><br/> | ||
[PATCH] venet: lots of spaces in /proc/vz/veinfo output | [PATCH] venet: lots of spaces in /proc/vz/veinfo output | ||
− | |||
− | |||
After introducing IPv6 support for venet device, field width for IP | After introducing IPv6 support for venet device, field width for IP | ||
Line 463: | Line 389: | ||
This patch corrects it and fixes the bug: | This patch corrects it and fixes the bug: | ||
− | |||
− | |||
− | |||
+ | {{bug|625}}. | ||
</div> | </div> | ||
==== diff-xen-x8664-subarch-changes-20070702 ==== | ==== diff-xen-x8664-subarch-changes-20070702 ==== | ||
<div class="change"> | <div class="change"> | ||
− | Patch from Evgeny Kravtsunov <emkravts@openvz.org> | + | Patch from Evgeny Kravtsunov <emkravts@openvz.org><br/> |
− | <br/> | ||
− | |||
[PATCH] Xen: x8664 OVZ changes | [PATCH] Xen: x8664 OVZ changes | ||
− | |||
x8664 Xen OVZ changes according to x8664 arch changes. | x8664 Xen OVZ changes according to x8664 arch changes. | ||
− | |||
</div> | </div> | ||
==== diff-arch-4gb-copy-mnt-options-20070703 ==== | ==== diff-arch-4gb-copy-mnt-options-20070703 ==== | ||
<div class="change"> | <div class="change"> | ||
− | Patch from Andrey Mirkin <major@openvz.org> | + | Patch from Andrey Mirkin <major@openvz.org><br/> |
− | <br/> | ||
[PATCH] 4GB split: add KERNEL_DS handling to copy_mount_options() | [PATCH] 4GB split: add KERNEL_DS handling to copy_mount_options() | ||
− | |||
− | |||
On i386 arch with 4gb split kernel addresses can be more than | On i386 arch with 4gb split kernel addresses can be more than | ||
Line 494: | Line 411: | ||
when called with kernel supplied buffers, i.e. | when called with kernel supplied buffers, i.e. | ||
when get_fs() == KERNEL_DS. | when get_fs() == KERNEL_DS. | ||
− | |||
− | |||
− | |||
+ | Bug #85041. | ||
</div> | </div> | ||
Line 504: | Line 419: | ||
Patch from Alexandr Andreev <aandreev@openvz.org><br/> | Patch from Alexandr Andreev <aandreev@openvz.org><br/> | ||
[PATCH]: small fix to compile kernel without VCPU support | [PATCH]: small fix to compile kernel without VCPU support | ||
− | |||
</div> | </div> | ||
Line 512: | Line 426: | ||
[NETFILTER]: nf_conntrack_h323: add checking of out-of-range on choices' index values | [NETFILTER]: nf_conntrack_h323: add checking of out-of-range on choices' index values | ||
− | |||
Choices' index values may be out of range while still encoded in the fixed | Choices' index values may be out of range while still encoded in the fixed | ||
length bit-field. This bug may cause access to undefined types (NULL | length bit-field. This bug may cause access to undefined types (NULL | ||
Line 519: | Line 432: | ||
This patch also adds checking of decode flag when decoding SEQUENCEs. | This patch also adds checking of decode flag when decoding SEQUENCEs. | ||
− | Signed-off-by: Jing Min Zhao <zhaojingmin@vivecode.com> | + | Signed-off-by: Jing Min Zhao <zhaojingmin@vivecode.com><br/> |
Signed-off-by: Patrick McHardy <kaber@trash.net> | Signed-off-by: Patrick McHardy <kaber@trash.net> | ||
− | |||
</pre> | </pre> | ||
</div> | </div> | ||
Line 527: | Line 439: | ||
==== diff-ms-security-random-buf-20070711 ==== | ==== diff-ms-security-random-buf-20070711 ==== | ||
<div class="change"> | <div class="change"> | ||
− | Patch from Matt Mackall <mpm@selenic.com> | + | Patch from Matt Mackall <mpm@selenic.com><br/> |
− | <br/> | ||
[PATCH] PaX: wakeup threshold limits | [PATCH] PaX: wakeup threshold limits | ||
− | |||
If root raised the default wakeup threshold over the size of the | If root raised the default wakeup threshold over the size of the | ||
output pool, the pool transfer function could overflow the stack with | output pool, the pool transfer function could overflow the stack with | ||
Line 538: | Line 448: | ||
(Bug reported by the PaX Team <pageexec@freemail.hu>) | (Bug reported by the PaX Team <pageexec@freemail.hu>) | ||
− | Cc: Theodore Tso <tytso@mit.edu> | + | Cc: Theodore Tso <tytso@mit.edu><br/> |
− | + | Cc: Willy Tarreau <w@1wt.eu><br/> | |
− | Cc: Willy Tarreau <w@1wt.eu> | + | Signed-off-by: Matt Mackall <mpm@selenic.com><br/> |
− | Signed-off-by: Matt Mackall <mpm@selenic.com> | ||
Signed-off-by: Chris Wright <chrisw@sous-sol.org> | Signed-off-by: Chris Wright <chrisw@sous-sol.org> | ||
drivers/char/random.c | 9 +++++++-- | drivers/char/random.c | 9 +++++++-- | ||
1 files changed, 7 insertions(+), 2 deletions(-) | 1 files changed, 7 insertions(+), 2 deletions(-) | ||
− | |||
</div> | </div> | ||
Line 552: | Line 460: | ||
<div class="change"> | <div class="change"> | ||
− | Patch from Pavel Emelianov <xemul@openvz.org> | + | Patch from Pavel Emelianov <xemul@openvz.org><br/> |
− | <br/> | ||
[PATCH] IPC: fix potential user leak | [PATCH] IPC: fix potential user leak | ||
− | |||
When user locks an ipc shmem segmant with SHM_LOCK ctl and the | When user locks an ipc shmem segmant with SHM_LOCK ctl and the | ||
segment is already locked the shmem_lock() function returns 0. After this the subsequent code leaks the existing user struct: | segment is already locked the shmem_lock() function returns 0. After this the subsequent code leaks the existing user struct: | ||
− | == ipc/shm.c: sys_shmctl() == | + | == ipc/shm.c: sys_shmctl() == |
− | + | <source lang="c"> | |
− | + | ... | |
− | + | err = shmem_lock(shp->shm_file, 1, user); | |
− | + | if (!err) { | |
− | + | shp->shm_perm.mode |= SHM_LOCKED; | |
− | + | shp->mlock_user = user; | |
− | + | } | |
− | + | ... | |
+ | </source> | ||
Other results of this are: | Other results of this are: | ||
− | + | # the new shp->mlock_user is not get-ed and will point to freed memory when the task dies. | |
− | + | # the RLIMIT_MEMLOCK is screwed on both user structs. | |
− | |||
The exploit looks like this: | The exploit looks like this: | ||
Line 584: | Line 490: | ||
My solution is to return 0 to the userspace and do not change the | My solution is to return 0 to the userspace and do not change the | ||
segment's user. | segment's user. | ||
− | |||
− | |||
− | |||
+ | Bug #78998. | ||
</div> | </div> | ||
Line 595: | Line 499: | ||
[PATCH] swiotlb: add missing phys_to_virt() call | [PATCH] swiotlb: add missing phys_to_virt() call | ||
− | |||
Adds missing call to phys_to_virt() in the | Adds missing call to phys_to_virt() in the | ||
lib/swiotlb.c:swiotlb_sync_sg() function. Without this change, a kernel | lib/swiotlb.c:swiotlb_sync_sg() function. Without this change, a kernel | ||
Line 602: | Line 505: | ||
machines with more than about 3 GB RAM. | machines with more than about 3 GB RAM. | ||
− | Signed-off-by: David Moore <dcm@acm.org> | + | Signed-off-by: David Moore <dcm@acm.org><br/> |
− | Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de> | + | Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de><br/> |
− | |||
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> | Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> | ||
− | http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Fstable%2Flinux-2.6.20.y.git;a=commitdiff_plain;h=e16b67f9a0ac6d9f89f680b7f3b439abfb1dac5e | + | [http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Fstable%2Flinux-2.6.20.y.git;a=commitdiff_plain;h=e16b67f9a0ac6d9f89f680b7f3b439abfb1dac5e e16b67f9a0ac6d9f89f680b7f3b439abfb1dac5e] |
− | |||
− | |||
− | |||
+ | {{bug|645}}. | ||
</div> | </div> | ||
Line 617: | Line 517: | ||
<div class="change"> | <div class="change"> | ||
− | Patch from Dmitry Monakhov <dmonakhov@openvz.org> | + | Patch from Dmitry Monakhov <dmonakhov@openvz.org><br/> |
− | <br/> | ||
[PATCH] BC: recharge vma if vm_flags changed after ->mmap() call | [PATCH] BC: recharge vma if vm_flags changed after ->mmap() call | ||
− | |||
Several device drivers (sigh... ATI) can change vm_flags | Several device drivers (sigh... ATI) can change vm_flags | ||
in their f_op->mmap method. Because of this mm->locked_vm | in their f_op->mmap method. Because of this mm->locked_vm | ||
changed after f_op->mmap was called. | changed after f_op->mmap was called. | ||
If ->vm_flags has been changed we have to recharge ub memory. | If ->vm_flags has been changed we have to recharge ub memory. | ||
− | |||
</div> | </div> | ||
Line 632: | Line 529: | ||
<div class="change"> | <div class="change"> | ||
− | Patch from Dmitry Monakhov <dmonakhov@openvz.org> | + | Patch from Dmitry Monakhov <dmonakhov@openvz.org><br/> |
− | <br/> | ||
[PATCH] BC: aidband - uncharge UB pages before charging to PB | [PATCH] BC: aidband - uncharge UB pages before charging to PB | ||
− | |||
By design we assume that page may be accounted only in UB or only | By design we assume that page may be accounted only in UB or only | ||
in PB counter. | in PB counter. | ||
Line 652: | Line 547: | ||
Changes from v1: Add WARN_ON_ONCE according to Pavel's cmomments. | Changes from v1: Add WARN_ON_ONCE according to Pavel's cmomments. | ||
− | |||
</div> | </div> | ||
==== diff-ve-allow-kthreads-20070716 ==== | ==== diff-ve-allow-kthreads-20070716 ==== | ||
<div class="change"> | <div class="change"> | ||
− | Patch from Denis Lunev <den@openvz.org> | + | Patch from Denis Lunev <den@openvz.org><br/> |
− | |||
− | <br/> | ||
[PATCH] allow kthreads by default in VE (for NFS) | [PATCH] allow kthreads by default in VE (for NFS) | ||
− | |||
This patch allows kernel threads by default inside VE. | This patch allows kernel threads by default inside VE. | ||
− | |||
</div> | </div> | ||
Line 673: | Line 563: | ||
<pre class="simple"> | <pre class="simple"> | ||
− | |||
----------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------- | ||
family | type | protocol | family | type | protocol | ||
Line 694: | Line 583: | ||
| | IPPROTO_IP | | | IPPROTO_IP | ||
-------------------------------------------------------------------------------- | -------------------------------------------------------------------------------- | ||
− | + | </pre> | |
− | + | Here "any existing" means that only SOCK_RAW and SOCK_DGRAM will work: | |
other ones will be rejected by corresponding ->create function (for.ex. | other ones will be rejected by corresponding ->create function (for.ex. | ||
netlink_create). And this reject is ok, as it is not bug provoking. | netlink_create). And this reject is ok, as it is not bug provoking. | ||
Line 719: | Line 608: | ||
Patch implements default deny security policy. | Patch implements default deny security policy. | ||
− | |||
− | |||
− | |||
+ | {{bug|611}}. | ||
</div> | </div> | ||
==== diff-ve-net-udp-regress-20070712 ==== | ==== diff-ve-net-udp-regress-20070712 ==== | ||
<div class="change"> | <div class="change"> | ||
− | Patch from Vitaliy Gusev <vgusev@openvz.org> | + | Patch from Vitaliy Gusev <vgusev@openvz.org><br/> |
− | |||
− | <br/> | ||
[PATCH] net: excessive UDP lost on VE send path | [PATCH] net: excessive UDP lost on VE send path | ||
− | |||
When tring to send big UDP packets from VE then other side | When tring to send big UDP packets from VE then other side | ||
receive about 60% of all IP fragmentated packets and about 10% of all UDP packets | receive about 60% of all IP fragmentated packets and about 10% of all UDP packets | ||
Line 753: | Line 637: | ||
Thanks to Denis Lunev and Alexey Kuznetsov for ideas and help. | Thanks to Denis Lunev and Alexey Kuznetsov for ideas and help. | ||
− | |||
</div> | </div> | ||
==== diff-ve-nfs-stop-c-20070704 ==== | ==== diff-ve-nfs-stop-c-20070704 ==== | ||
<div class="change"> | <div class="change"> | ||
− | Patch from Denis Lunev <den@openvz.org> | + | Patch from Denis Lunev <den@openvz.org><br/> |
− | <br/> | ||
This patch ensures that VE is up and running during RPC connect. This | This patch ensures that VE is up and running during RPC connect. This | ||
− | |||
This patch ensures that VE is up and running during RPC connect. This | This patch ensures that VE is up and running during RPC connect. This | ||
staff can be run as a schedule_work when all tasks has been dead. | staff can be run as a schedule_work when all tasks has been dead. | ||
− | |||
− | |||
− | |||
+ | {{bug|513}}. | ||
</div> | </div> | ||
==== diff-ve-vpid-tsk-pgid-20070706 ==== | ==== diff-ve-vpid-tsk-pgid-20070706 ==== | ||
<div class="change"> | <div class="change"> | ||
− | Patch from Kirill Korotaev <dev@openvz.org> | + | Patch from Kirill Korotaev <dev@openvz.org><br/> |
− | |||
− | <br/> | ||
[PATCH] VE: sys_getpgid/sid should depend on context | [PATCH] VE: sys_getpgid/sid should depend on context | ||
− | |||
sys_getpgid/sid() should return global pid of | sys_getpgid/sid() should return global pid of | ||
VE task if info is requisted from VE0 task. | VE task if info is requisted from VE0 task. | ||
Actually, not critical, but still. let's fix it. | Actually, not critical, but still. let's fix it. | ||
− | |||
− | |||
− | |||
+ | Bug #85662. | ||
</div> | </div> | ||
==== diff-xen-x8664-subarch-changes-b-20070709 ==== | ==== diff-xen-x8664-subarch-changes-b-20070709 ==== | ||
<div class="change"> | <div class="change"> | ||
− | Patch from Evgeny Kravtsunov <emkravts@openvz.org> | + | Patch from Evgeny Kravtsunov <emkravts@openvz.org><br/> |
− | |||
− | <br/> | ||
Patch fixes compilation error: XEN_CPUID is undefined in | Patch fixes compilation error: XEN_CPUID is undefined in | ||
− | |||
Patch fixes compilation error: XEN_CPUID is undefined in | Patch fixes compilation error: XEN_CPUID is undefined in | ||
include/asm-x86_64/mach-xen/asm/msr.h. To define XEN_CPUID on x84_64 patch | include/asm-x86_64/mach-xen/asm/msr.h. To define XEN_CPUID on x84_64 patch | ||
attached makes msr.h to include xen/interface/arch-x86_64.h. | attached makes msr.h to include xen/interface/arch-x86_64.h. | ||
− | + | <pre class="simple"> | |
linux-2.6.18-drbd-8.0.3-8.0.4.patch: | linux-2.6.18-drbd-8.0.3-8.0.4.patch: | ||
Patch prepared by Evgeniy Kravtsunov: | Patch prepared by Evgeniy Kravtsunov: | ||
DRBD driver update 8.0.3 -> 8.0.4 | DRBD driver update 8.0.3 -> 8.0.4 | ||
− | + | </pre> | |
Patch attached updates drbd version from 8.0.3 to 8.0.4. | Patch attached updates drbd version from 8.0.3 to 8.0.4. | ||
In 8.0.4 a set of oopses is fixed according to drbd changelog: | In 8.0.4 a set of oopses is fixed according to drbd changelog: | ||
http://svn.drbd.org/drbd/trunk/ChangeLog. | http://svn.drbd.org/drbd/trunk/ChangeLog. | ||
− | |||
− | |||
− | |||
+ | {{bug|615}}. | ||
</div> | </div> | ||
Line 817: | Line 686: | ||
<div class="change"> | <div class="change"> | ||
Patch from Vasily (vvs@): | Patch from Vasily (vvs@): | ||
− | |||
− | |||
− | |||
RHEL5 forget to apply last of our megaraid_mbox fixes: | RHEL5 forget to apply last of our megaraid_mbox fixes: | ||
http://forum.openvz.org/index.php?t=msg&goto=14975 | http://forum.openvz.org/index.php?t=msg&goto=14975 | ||
− | + | <pre class="simple"> | |
From: Andrey Mirkin <amirkin@sw.ru> | From: Andrey Mirkin <amirkin@sw.ru> | ||
Date: Mon, 16 Oct 2006 08:08:43 +0000 (+0400) | Date: Mon, 16 Oct 2006 08:08:43 +0000 (+0400) | ||
Line 840: | Line 706: | ||
Acked-by: Vasily Averin <vvs@sw.ru> | Acked-by: Vasily Averin <vvs@sw.ru> | ||
Signed-off-by: Linus Torvalds <torvalds@osdl.org> | Signed-off-by: Linus Torvalds <torvalds@osdl.org> | ||
− | |||
</pre> | </pre> | ||
</div> | </div> | ||
Line 860: | Line 725: | ||
vzabackup, filesystem tests, etc. | vzabackup, filesystem tests, etc. | ||
− | Backport from 2.6.22 | + | Backport from 2.6.22. |
− | |||
</div> | </div> | ||
Line 878: | Line 742: | ||
Signed-off-by: Andi Kleen <ak@suse.de> | Signed-off-by: Andi Kleen <ak@suse.de> | ||
− | http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1b29c1643c0d82512477ccd97dc290198fe23e22 | + | [http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=1b29c1643c0d82512477ccd97dc290198fe23e22 1b29c1643c0d82512477ccd97dc290198fe23e22] |
[SWSUSP]: correct virt_to_page() usage in swsusp | [SWSUSP]: correct virt_to_page() usage in swsusp | ||
− | Bug #86406 | + | Bug #86406. |
</div> | </div> | ||
==== diff-ms-net-cbq-fairness2-20070720 ==== | ==== diff-ms-net-cbq-fairness2-20070720 ==== | ||
<div class="change"> | <div class="change"> | ||
− | Patch from Vitaliy Gusev <vgusev@openvz.org> | + | Patch from Vitaliy Gusev <vgusev@openvz.org><br/> |
− | |||
− | <br/> | ||
[PATCH] CBQ: fix unfairness when gettimeofday clock source is used | [PATCH] CBQ: fix unfairness when gettimeofday clock source is used | ||
Line 907: | Line 769: | ||
<div class="change"> | <div class="change"> | ||
Patch from Pavel Emelianov <xemul@openvz.org><br/> | Patch from Pavel Emelianov <xemul@openvz.org><br/> | ||
− | |||
[PATCH] BC: fix several issues in /proc/bc | [PATCH] BC: fix several issues in /proc/bc | ||
− | |||
find /proc/bc doesn't work with several errors reported. | find /proc/bc doesn't work with several errors reported. | ||
Reasons: | Reasons: | ||
− | + | # getdents() sometimes returns EOVERFLOW due to sign expansion in generated entries' inode numbers; | |
− | + | # bc and subbc have equal generated inode numbers; | |
− | + | # /proc/bc has broken (from find's POV) nlink count. | |
− | |||
Fix it all. | Fix it all. | ||
− | |||
</div> | </div> | ||
Line 937: | Line 795: | ||
[PATCH] venet: compilation warning fix | [PATCH] venet: compilation warning fix | ||
− | |||
label "out" is not used anymore. Fix the warning. | label "out" is not used anymore. Fix the warning. | ||
− | |||
</div> | </div> | ||
Latest revision as of 18:29, 22 October 2009
Contents
- 1 Changes
- 1.1 Config changes
- 1.2 Patches
- 1.2.1 diff-arch-4gb-xen-b-20070613
- 1.2.2 diff-cpt-deleted-ref-b-20070613
- 1.2.3 diff-ms-bridge-nf-ebt-among-20070607
- 1.2.4 diff-ms-net-bridge-via-eth-c-20070613
- 1.2.5 diff-rh-mmap-return-addr-b-20070608
- 1.2.6 diff-arch-4gb-suspend-fix-20070629
- 1.2.7 diff-cpt-dump-eintr-20070622
- 1.2.8 diff-cpt-kernel-thread-ign-sigs-20070628
- 1.2.9 diff-cpt-rm-kill-external-process-20070702
- 1.2.10 diff-ms-ia32-compat-autofs4-20070618
- 1.2.11 diff-ms-jbd-cpt-list-20070702
- 1.2.12 diff-ms-net-bridge-carrier-check-20070627
- 1.2.13 diff-ms-net-bridge-port-enable-20070627
- 1.2.14 diff-ms-net-bridge-via-eth-d-20070622
- 1.2.15 diff-ms-net-sched-cbq-dbg-20070626
- 1.2.16 diff-ms-reiser-key-decr-20070412
- 1.2.17 diff-ms-rm-proc-warn-20070508
- 1.2.18 diff-rh-utrace-late-ptrace-may-attach-20070626
- 1.2.19 diff-ve-nf-nat-assertion-20070620
- 1.2.20 diff-ve-rm-nf_debug-20070620
- 1.2.21 diff-ve-veinfo-large-space-20070620
- 1.2.22 diff-xen-x8664-subarch-changes-20070702
- 1.2.23 diff-arch-4gb-copy-mnt-options-20070703
- 1.2.24 diff-fairsched-off-comp-20070712
- 1.2.25 diff-ms-security-h323-20070706
- 1.2.26 diff-ms-security-random-buf-20070711
- 1.2.27 diff-ms-shmem-lock-user-leak-20070716
- 1.2.28 diff-ms-swiotlb-phys-to-virt-20070713
- 1.2.29 diff-ubc-mmap-accounting-flags-20070709
- 1.2.30 diff-ubc-ub-pb-conflict-20070710
- 1.2.31 diff-ve-allow-kthreads-20070716
- 1.2.32 diff-ve-net-protocols-check-20070705
- 1.2.33 diff-ve-net-udp-regress-20070712
- 1.2.34 diff-ve-nfs-stop-c-20070704
- 1.2.35 diff-ve-vpid-tsk-pgid-20070706
- 1.2.36 diff-xen-x8664-subarch-changes-b-20070709
- 1.2.37 diff-megaraid-64bit-dma-20070716
- 1.2.38 diff-gfs-bh-leak-fix-20070716
- 1.2.39 diff-backport-dm-delay-20070716
- 1.2.40 diff-ms-emt64-swsusp-oops-20070717
- 1.2.41 diff-ms-net-cbq-fairness2-20070720
- 1.2.42 diff-ubc-proc-issues-20070717
- 1.2.43 diff-ve-allow-ethtool-20070718
- 1.2.44 diff-ve-net-udp-regress-b-20070716
- 1.2.45 diff-ve-opseminit-20070723
- 1.2.46 diff-ve-vpsdumpable-extend-b-20070718
Changes
- Rebase to RHEL5 8.1.8 kernel
- Critical fix in CPT
- Minor fixes for bridge, XEN x8664, CPT, 4GB split, nfs, vpids, etc.
- Fix swsusp on SLES, CBQ fairness on low rates, NFS startup deadlock.
- CBQ fairness on low rates fixed
- NFS startup deadlock.
Config changes
Added:
- +
CONFIG_DM_DELAY=m
Patches
diff-arch-4gb-xen-b-20070613
Patch from Sergey Ya Korshunoff (seyko2@)
Fix TSS handling in vm86.c in Xen kernel.
Fix TSS handling in vm86.c in Xen kernel. There was a stupid misprint due to which load_esp0() was not called in Xen kernels at all.
diff-cpt-deleted-ref-b-20070613
Patch from Andrey Mirkin <major@openvz.org>
[PATCH] CPT: remove redundant kfree()
Remove redundant kfree() call from open_deleted() function. Now ii is static structure and kfree on it leads to oops :/
Bug #84173.
diff-ms-bridge-nf-ebt-among-20070607
Patch from Evgeny Kravtsunov <emkravts@openvz.org>
[PATCH] ebtables: ebtables_among fails on check() on x86-64
ebtables module calls the checker ebt_among_check() that compares the correct size of user supplied data.
Userspace size is calculated in the following way (ebtables-2.0.8-1):
EBT_ALIGN(EBT_ALIGN(sizeof(struct ebt_among_info)) + X)
While kernel calculates size as:
EBT_ALIGN(sizeof(struct ebt_among_info) + X)
On x86_64 EBT_ALIGN does alignment on 8 bytes, so the problem arises.
diff-ms-net-bridge-via-eth-c-20070613
Patch from Dmitry Mishin <dim@openvz.org>
[PATCH] Fix bridge removal with active master device
Fix bridge removal with active master device: simple misprint.
diff-rh-mmap-return-addr-b-20070608
Patch from Vitaliy Gusev <vgusev@openvz.org>
[PATCH] IA64: mmap returns EINVAL if len==0
mmap on IA64 architecture returns EINVAL when len==0, while old kernel behaviour is to return addr in this case.
Though POSIX requires EINVAL in this case and it was fixed in mainstream around ~2.6.16, we still have to keep compatibility for some time with old stupid apps like rpm which did exactly this and expected success :/
Bug #83938.
diff-arch-4gb-suspend-fix-20070629
Patch from Dmitry Monakhov <dmonakhov@openvz.org>
[PATCH] 4gb split: fix broken suspend
Following code was removed by 4gb split patch set, after this suspend was broken. Fix it.
Bug #84909.
diff-cpt-dump-eintr-20070622
Patch from Andrey Mirkin <major@openvz.org>
[PATCH] CPT: check ctx->file for NULL
We need to be sure that dumpfile pointer (ctx->file) is not NULL, because we can't start dump without it.
Also we need to return error like EINTR instead of ERESTART*, because we just can't simply restart dump ioctl. The reason is that dumpfile is already closed and we need to reopen it before calling dump ioctl second time.
Bug #84412.
diff-cpt-kernel-thread-ign-sigs-20070628
Patch from Andrey Mirkin <major@openvz.org>
[PATCH] CPT: ignore user signals in kernel threads
Under ptrace signals are not handled immediately and we have non-zero shared_pending mask on current task, so fork() returns -ERESTARTNOINTR and wait4() returns -ERESTARTSYS. We need to block signals SIGCHLD, SIGWINCH, SIGCONT and SIGURG to be sure that this signals will be ignored while kernel thread creation.
Bug #84412.
diff-cpt-rm-kill-external-process-20070702
Patch from Kirill Korotaev <dev@openvz.org>
[PATCH] CPT: remove killing of external processes
External processes can't be easily detected. Even if process has a virtual pid, it doesn't mean it has no any connectiions to VE0 like opened files/libraries etc.
So remove this feature at all and return back as it was - external processes should prevent from CPT.
Revert of the patches:
- diff-cpt-kill-external-process-20070125
- diff-cpt-kill-external-processes-b-20070515
diff-ms-ia32-compat-autofs4-20070618
Patch from Roman Chechnev <rchechnev@openvz.org>
[PATCH] autofs4: compat layer for x8664
autofs4 uses platform dependant protocol which has 'long' data types inside data structures which are passed to/from user-space via pipe (sic!)...
Thanks to this 32bit autofs tools do not work with 64 bit kernel.
Bug #82040.
diff-ms-jbd-cpt-list-20070702
Patch from Jan Kara <jack@suse.cz>
[PATCH] jbd: remove_transaction fix
We have to check that also the second checkpoint list is non-empty before dropping the transaction.
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
X-Git-Tag: v2.6.16-rc2~350
X-Git-Url: 43c3e6f5abdf6acac9b90c86bf03f995bf7d3d92
diff-ms-net-bridge-carrier-check-20070627
Patch from Konstantin Khorenko <khorenko@openvz.org>
[PATCH] bridge: race between br_del_if() and port_carrier_check()
This patch eliminates a race between br_del_if() and port_carrier_check() which leads to the oops in the latter function. This patch is a port of 2 mainstream patches:
[BRIDGE] br_if: Fix oops in port_carrier_check Signed-off-by: Jarek Poplawski <jarkao2@o2.pl> Acked-by: Stephen Hemminger <shemminger@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net> commit a10d567c89dfba90dde2e0515e25760fd74cde06
and
[BRIDGE]: eliminate workqueue for carrier check Having a work queue for checking carrier leads to lots of race issues. Simpler to just get the cost when data structure is created and update on change. Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net> commit 269def7c505b4d229f9ad49bf88543d1e605533e
http://bugzilla.kernel.org/show_bug.cgi?id=7962
Bug #84789.
diff-ms-net-bridge-port-enable-20070627
Patch from Konstantin Khorenko <khorenko@openvz.org>
[BRIDGE]: adding new device to bridge should enable if up
Port of mainstream patch:
[BRIDGE]: adding new device to bridge should enable if up Aji Srinivas [Thu, 8 Mar 2007 00:10:53 +0000 (16:10 -0800)] One change introduced by the workqueue removal patch is that adding an interface that is up to a bridge which is also up does not ever call br_stp_enable_port(), leaving the port in DISABLED state until we do ifconfig down and up or link events occur. The following patch to the br_add_if function fixes it. This is a regression introduced in 2.6.21. Submitted-by: Aji_Srinivas@emc.com Signed-off-by: Stephen Hemminger <shemminger@linux-foundation.org> Signed-off-by: David S. Miller <davem@davemloft.net> commit de79059ecd7cd650f3788ece978a64586921d1f1
Bug #84789.
diff-ms-net-bridge-via-eth-d-20070622
Patch from Kirill Korotaev <dev@openvz.org>
[PATCH] bridge: fix unaligned access to br->bridge_id
bridge_id is an unaligned structure of chars, which MUST be aligned on 2 bytes boundary for compare_ether_addr().
However, when we added
unsigned char via_phys_dev;
field to struct net_bridge we broke this inexplicit alignment.
So move our field to a bit another place, returning back alignment of bridge_id.
Bug #84852.
diff-ms-net-sched-cbq-dbg-20070626
Patch from Vitaliy Gusev <vgusev@openvz.org>
Debug and workaround patch for "division by zero" in sch_cbq module
Debug and workaround patch for "division by zero" in sch_cbq module (in cbq_normalize_quanta() function). For some unknown reason "division by zero" occurs and this patch should help to understand the broken math.
Bug #83243.
diff-ms-reiser-key-decr-20070412
Patch from Kirill Korotaev <dev@openvz.org>
[PATCH] reiserfs: fix key decrementing
This patch fixes a bug in function decrementing a key of stat data item.
Offset of reiserfs keys are compared as signed values. To set key offset to maximal possible value maximal signed value has to be used.
This bug is responsible for severe reiserfs filesystem corruption which shows itself as warning vs-13060. reiserfsck fixes this corruption by filesystem tree rebuilding.
Signed-off-by: Vladimir Saveliev <vs@namesys.com>
Cc: <reiserfs-dev@namesys.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
X-Git-Tag: v2.6.21-rc7~16
X-Git-Url: 6d205f120547043de663315698dcf5f0eaa31b5c
diff-ms-rm-proc-warn-20070508
Patch from Alexey Dobriyan <adobriyan@openvz.org>
[PATCH] proc: remove pathetic ->deleted WARN_ON
WARN_ON(de && de->deleted); is sooo unreliable. Why?
proc_lookup remove_proc_entry =========== ================= lock_kernel(); spin_lock(&proc_subdir_lock); [find proc entry] spin_unlock(&proc_subdir_lock); spin_lock(&proc_subdir_lock); [find proc entry] proc_get_inode WARN_ON(de && de->deleted); ... if (!atomic_read(&de->count)) free_proc_entry(de); else de->deleted = 1;
So, if you have some strange oops [1], and doesn't see this WARN_ON it means nothing.
[1] try_module_get() of module which doesn't exist, two lines below should suffice, or not?
Signed-off-by: Alexey Dobriyan <adobriyan@sw.ru>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
X-Git-Tag: v2.6.22-rc1~756
X-Git-Url: 578c8183c116e623d53b05d4c79762d053c7090f
diff-rh-utrace-late-ptrace-may-attach-20070626
Patch from Alexey Dobriyan <adobriyan@openvz.org>
Code implementing ptrace_attach() does ~1/3 of job of attaching _before_
Code implementing ptrace_attach() does ~1/3 of job of attaching _before_ checking if attaching process have permissions to mess with target task at all. Given the overall raciness of utrace such code is recipe for trouble. Do ptrace_may_attach() check earlier.
NOTE: Right now
while (1)
ptrace(PTRACE_ATTACH, pid, NULL, NULL);
reliably (and _quickly_) crashes kernel if pid is pid of process like syslogd normal user can't attach to:
Unable to handle kernel NULL pointer dereference at 0000000000000000 RIP: [<0000000000000000>] report_quiescent+0x36/0x154 utrace_quiescent+0x2b/0x238 utrace_get_signal+0x45d/0x4c0 get_signal_to_deliver+0x169/0x47a do_notify_resume+0xd0/0x7e2 _spin_unlock_irqrestore+0x3f/0x45 trace_hardirqs_on+0x11b/0x13f tty_read+0x81/0xc7 trace_hardirqs_on_thunk+0x35/0x37 trace_hardirqs_on+0x11b/0x13f sysret_signal+0x21/0x31 ptregscall_common+0x67/0xac
diff-ve-nf-nat-assertion-20070620
Patch from Vasily Tarasov <vtaras@openvz.org>
[PATCH] netfilter: wrong debug assertion in nat code
Simple compilation fix if NETFILTER_DEBUG is on
diff-ve-rm-nf_debug-20070620
Patch from Vasily Tarasov <vtaras@openvz.org>
[PATCH] netfilter: skb struct doesn't have nf_debug anymore
nf_debug field is missing in modern kernels, but in some places we still refer to it.
diff-ve-veinfo-large-space-20070620
Patch from Vasily Tarasov <vtaras@openvz.org>
[PATCH] venet: lots of spaces in /proc/vz/veinfo output
After introducing IPv6 support for venet device, field width for IP addresses in /proc/vz/veinfo was increased from 15 to 39: http://git.openvz.org/?p=linux-2.6.16-openvz;a=commitdiff;h=ddb2b95ff38b528f5def1bd4ae87108bf3fa6b7a
The output seems a bit ridiculous, when VE owns only IPv4 addresses: to much strange spaces.
This patch corrects it and fixes the bug:
diff-xen-x8664-subarch-changes-20070702
Patch from Evgeny Kravtsunov <emkravts@openvz.org>
[PATCH] Xen: x8664 OVZ changes
x8664 Xen OVZ changes according to x8664 arch changes.
diff-arch-4gb-copy-mnt-options-20070703
Patch from Andrey Mirkin <major@openvz.org>
[PATCH] 4GB split: add KERNEL_DS handling to copy_mount_options()
On i386 arch with 4gb split kernel addresses can be more than TASK_SIZE (e.g. > 0xc0000000). That causes copy_mount_options() to return -EFAULT when called with kernel supplied buffers, i.e. when get_fs() == KERNEL_DS.
Bug #85041.
diff-fairsched-off-comp-20070712
Patch from Alexandr Andreev <aandreev@openvz.org>
[PATCH]: small fix to compile kernel without VCPU support
diff-ms-security-h323-20070706
Patch from Jing Min Zhao <zhaojingmin@vivecode.com>
[NETFILTER]: nf_conntrack_h323: add checking of out-of-range on choices' index values
Choices' index values may be out of range while still encoded in the fixed length bit-field. This bug may cause access to undefined types (NULL pointers) and thus crashes (Reported by Zhongling Wen).
This patch also adds checking of decode flag when decoding SEQUENCEs.
Signed-off-by: Jing Min Zhao <zhaojingmin@vivecode.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
diff-ms-security-random-buf-20070711
Patch from Matt Mackall <mpm@selenic.com>
[PATCH] PaX: wakeup threshold limits
If root raised the default wakeup threshold over the size of the output pool, the pool transfer function could overflow the stack with RNG bytes.
(Bug reported by the PaX Team <pageexec@freemail.hu>)
Cc: Theodore Tso <tytso@mit.edu>
Cc: Willy Tarreau <w@1wt.eu>
Signed-off-by: Matt Mackall <mpm@selenic.com>
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
drivers/char/random.c | 9 +++++++-- 1 files changed, 7 insertions(+), 2 deletions(-)
diff-ms-shmem-lock-user-leak-20070716
Patch from Pavel Emelianov <xemul@openvz.org>
[PATCH] IPC: fix potential user leak
When user locks an ipc shmem segmant with SHM_LOCK ctl and the segment is already locked the shmem_lock() function returns 0. After this the subsequent code leaks the existing user struct:
== ipc/shm.c: sys_shmctl() ==
...
err = shmem_lock(shp->shm_file, 1, user);
if (!err) {
shp->shm_perm.mode |= SHM_LOCKED;
shp->mlock_user = user;
}
...
Other results of this are:
- the new shp->mlock_user is not get-ed and will point to freed memory when the task dies.
- the RLIMIT_MEMLOCK is screwed on both user structs.
The exploit looks like this:
id = shmget(...); setresuid(uid, 0, 0); shmctl(id, SHM_LOCK, NULL); setresuid(uid + 1, 0, 0); shmctl(id, SHM_LOCK, NULL);
My solution is to return 0 to the userspace and do not change the segment's user.
Bug #78998.
diff-ms-swiotlb-phys-to-virt-20070713
Patch from David Moore <dcm@acm.org>
[PATCH] swiotlb: add missing phys_to_virt() call
Adds missing call to phys_to_virt() in the lib/swiotlb.c:swiotlb_sync_sg() function. Without this change, a kernel panic will always occur whenever a SWIOTLB bounce buffer from a scatter-gather list gets synced. Affected are especially Intel x86_64 machines with more than about 3 GB RAM.
Signed-off-by: David Moore <dcm@acm.org>
Signed-off-by: Stefan Richter <stefanr@s5r6.in-berlin.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
diff-ubc-mmap-accounting-flags-20070709
Patch from Dmitry Monakhov <dmonakhov@openvz.org>
[PATCH] BC: recharge vma if vm_flags changed after ->mmap() call
Several device drivers (sigh... ATI) can change vm_flags in their f_op->mmap method. Because of this mm->locked_vm changed after f_op->mmap was called. If ->vm_flags has been changed we have to recharge ub memory.
diff-ubc-ub-pb-conflict-20070710
Patch from Dmitry Monakhov <dmonakhov@openvz.org>
[PATCH] BC: aidband - uncharge UB pages before charging to PB
By design we assume that page may be accounted only in UB or only in PB counter.
Unfortunately this is not always true, and ATI driver does some strange things like mmaping pages with PTEs to user space (maybe it is even a security hole in ATI driver, who knows?)
So ATI driver exports pages via mmap(2) to userspace which was already accounted in UB (pte pages are charged to kmemsize). In this case accounting conflict happens and BUG_ON(head->pb_magic != PB_MAGIC) is triggered.
Solution: Uncharge page from UB counter and account it in PB.
Changes from v1: Add WARN_ON_ONCE according to Pavel's cmomments.
diff-ve-allow-kthreads-20070716
Patch from Denis Lunev <den@openvz.org>
[PATCH] allow kthreads by default in VE (for NFS)
This patch allows kernel threads by default inside VE.
diff-ve-net-protocols-check-20070705
Patch from Evgeny Kravtsunov <emkravts@openvz.org>
When creating socket within VE the following ones are allowed:
----------------------------------------------------------------------------------- family | type | protocol --------------------------------------------------------------------------------- PF_UNIX | | PF_LOCAL | | PF_PACKET | Any existing* | Any existing PF_NETLINK | | --------------------------------------------------------------------------------- PF_INET | SOCK_DGRAM + IPPROTO_UDP | SOCK_STREAM + IPPROTO_TCP | SOCK_RAW + Any | | forced to | | IPPROTO_IP --------------------------------------------------------------------------------- PF_INET6 | SOCK_DGRAM + IPPROTO_UDP | SOCK_STREAM + IPPROTO_TCP | SOCK_RAW + Any | | forced to | | IPPROTO_IP --------------------------------------------------------------------------------
Here "any existing" means that only SOCK_RAW and SOCK_DGRAM will work: other ones will be rejected by corresponding ->create function (for.ex. netlink_create). And this reject is ok, as it is not bug provoking.
Other families (PF_IPX, PF_X25, PF_AX25, PF_ATMPVC, PF_APPLETALK) are not allowed for sockets within VE as they are not virtualized.
The problem is function vz_security_proto_check prevents creating sockets with family=PF_INET/PF_INET6 type=SOCK_RAW protocol=(something except IP, UDP, TCP, ICMP, RAW) which are valid according to source.
Patch splits vz_security_proto_check into 2 separate checks: 1) family check vz_security_family_check and 2) protocol check vz_security_protocol_check. First one checks is the family value allowed in __sock_create, second one - checks if created socket contains the correct (virtualized) protocol. vz_security_protocol_check is placed inside create functions inet_create and inet6_create. This change will allow to create any socket within VE with type SOCK_RAW for any protocol that is not implemented in kernel and encapsulates its packets into IP packet (for example VRRP protocol).
In rtnetlink_dump_all and rtnetlink_rcv_msg functions calls of vz_security_proto_check are replaced by the call of vz_security_family_check.
Patch implements default deny security policy.
diff-ve-net-udp-regress-20070712
Patch from Vitaliy Gusev <vgusev@openvz.org>
[PATCH] net: excessive UDP lost on VE send path
When tring to send big UDP packets from VE then other side receive about 60% of all IP fragmentated packets and about 10% of all UDP packets that was sent from VE. Fragmentated IP-packets are dropped on an ethernet interface because an interface's queue is full.
The ethernet interface's queue get full as venet/veth device passes fragmentated IP-packet with calling a sk_buff's destructor (by skb_orphan), socket's buffer become free, although it IP-packet isn't passed through the ethernet device. Therefore bulk IP-packets are sent through venet/veth interface that is much more than the real ethernet interface can transfer.
Decision: venet/veth interface call skb_orphan only for non IP-packets. For IP packets skb_orhpan (actually destructor) is called later: in IP local or when skb is delivered to ethernet and __kfree_skb() is called.
Tested with venet, veth, veth + vlan (host-node).
Thanks to Denis Lunev and Alexey Kuznetsov for ideas and help.
diff-ve-nfs-stop-c-20070704
Patch from Denis Lunev <den@openvz.org>
This patch ensures that VE is up and running during RPC connect. This
This patch ensures that VE is up and running during RPC connect. This staff can be run as a schedule_work when all tasks has been dead.
diff-ve-vpid-tsk-pgid-20070706
Patch from Kirill Korotaev <dev@openvz.org>
[PATCH] VE: sys_getpgid/sid should depend on context
sys_getpgid/sid() should return global pid of VE task if info is requisted from VE0 task. Actually, not critical, but still. let's fix it.
Bug #85662.
diff-xen-x8664-subarch-changes-b-20070709
Patch from Evgeny Kravtsunov <emkravts@openvz.org>
Patch fixes compilation error: XEN_CPUID is undefined in
Patch fixes compilation error: XEN_CPUID is undefined in include/asm-x86_64/mach-xen/asm/msr.h. To define XEN_CPUID on x84_64 patch attached makes msr.h to include xen/interface/arch-x86_64.h.
linux-2.6.18-drbd-8.0.3-8.0.4.patch: Patch prepared by Evgeniy Kravtsunov: DRBD driver update 8.0.3 -> 8.0.4
Patch attached updates drbd version from 8.0.3 to 8.0.4. In 8.0.4 a set of oopses is fixed according to drbd changelog: http://svn.drbd.org/drbd/trunk/ChangeLog.
diff-megaraid-64bit-dma-20070716
Patch from Vasily (vvs@):
RHEL5 forget to apply last of our megaraid_mbox fixes: http://forum.openvz.org/index.php?t=msg&goto=14975
From: Andrey Mirkin <amirkin@sw.ru> Date: Mon, 16 Oct 2006 08:08:43 +0000 (+0400) Subject: [PATCH] scsi: megaraid_{mm,mbox}: 64-bit DMA capability fix X-Git-Tag: v2.6.19-rc3~208 X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=8741ca71a3f626a56595b88200ebf952ce77ceef [PATCH] scsi: megaraid_{mm,mbox}: 64-bit DMA capability fix It is known that 2 LSI Logic MegaRAID SATA RAID Controllers (150-4 and 150-6) don't support 64-bit DMA. Unfortunately currently this check is wrong and driver sets 64-bit DMA mode for these devices. Signed-off-by: Andrey Mirkin <amirkin@sw.ru> Acked-by: Vasily Averin <vvs@sw.ru> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
diff-gfs-bh-leak-fix-20070716
Patch from Dmitry Monakhov (dmonakhov@):
If gfs_blk2rgrpd() has failed bh is leaked on error path in gfs_shrink().
diff-backport-dm-delay-20070716
Patch from Vagin Andrey (avagin@):
Device-Mapper's "delay" target delays reads and/or writes and maps them to different devices.
QA team needs this feature to do certain tests on top of a slow storage: vzabackup, filesystem tests, etc.
Backport from 2.6.22.
diff-ms-emt64-swsusp-oops-20070717
Patch from Alexandr Andreev <aandreev@openvz.org>
[PATCH] x86-64: do not use virt_to_page on kernel data address
- virt_to_page() call should be used on kernel linear addresses and not on kernel text and data addresses. Swsusp code uses it on kernel data (statically allocated swsusp_header).
- Allocate swsusp_header dynamically so that virt_to_page() can be used safely.
- I am changing this because in next few patches, __pa() on x86_64 will no longer support kernel text and data addresses and hibernation breaks.
Signed-off-by: Vivek Goyal <vgoyal@in.ibm.com>
Signed-off-by: Andi Kleen <ak@suse.de>
1b29c1643c0d82512477ccd97dc290198fe23e22
[SWSUSP]: correct virt_to_page() usage in swsusp
Bug #86406.
diff-ms-net-cbq-fairness2-20070720
Patch from Vitaliy Gusev <vgusev@openvz.org>
[PATCH] CBQ: fix unfairness when gettimeofday clock source is used
sch_cbq with gettimeofday clock source has limit 2000000 usec for the idle (undertime) time. Therefore when we try to set bandwidth less than 10000 bits/s then sch_cbq doesn't work (idle time want to become about 4000000 usec).
Triggered by RHEL5 which switched from jiffies clocksource to gettimeofday() BTW, why? According to ANK this should work poorly, since gettimeofday can take as much as 100 microseconds...
Bug #86375.
diff-ubc-proc-issues-20070717
Patch from Pavel Emelianov <xemul@openvz.org>
[PATCH] BC: fix several issues in /proc/bc
find /proc/bc doesn't work with several errors reported.
Reasons:
- getdents() sometimes returns EOVERFLOW due to sign expansion in generated entries' inode numbers;
- bc and subbc have equal generated inode numbers;
- /proc/bc has broken (from find's POV) nlink count.
Fix it all.
diff-ve-allow-ethtool-20070718
Patch from Vitaliy Gusev <vgusev@openvz.org>
[PATCH] net: allow ethtool ops inside VE
This patch allows ethtool operations into VE with CAP_VE_NET_ADMIN capability.
diff-ve-net-udp-regress-b-20070716
Patch from Vitaliy Gusev <vgusev@openvz.org>
[PATCH] venet: compilation warning fix
label "out" is not used anymore. Fix the warning.
diff-ve-opseminit-20070723
Patch from Denis Lunev <den@openvz.org>
[PATCH] initialize ve0.op_sem earlier
ve0->op_sem has been initialized on vecalls modules loading, but nowdays can be used before vzmon during NFS initialization...
Bug #86869.
diff-ve-vpsdumpable-extend-b-20070718
Patch from Alexey Dobriyan <adobriyan@openvz.org>
[PATCH] ptrace: fix task->mm dereference out of task_lock()
Utrace code removed task_lock() around ->mm checks in ptrace_attach(), but ->mm->vps_dumpable continued to be checked without task_lock().