Changes
- IPv6 netfilter functionality, mainstream updates (up to 2.6.16.23), bugfixes in veth, netfilters, vpids, UBC.
Config changes
Same as 026test014.4, plus Added:
* +CONFIG_IP6_NF_IPTABLES=m * +CONFIG_IP6_NF_MATCH_RT=m * +CONFIG_IP6_NF_MATCH_OPTS=m * +CONFIG_IP6_NF_MATCH_FRAG=m * +CONFIG_IP6_NF_MATCH_HL=m * +CONFIG_IP6_NF_MATCH_MULTIPORT=m * +CONFIG_IP6_NF_MATCH_OWNER=m * +CONFIG_IP6_NF_MATCH_IPV6HEADER=m * +CONFIG_IP6_NF_MATCH_AHESP=m * +CONFIG_IP6_NF_MATCH_EUI64=m * +CONFIG_IP6_NF_FILTER=m * +CONFIG_IP6_NF_TARGET_LOG=m * +CONFIG_IP6_NF_TARGET_REJECT=m * +CONFIG_IP6_NF_MANGLE=m * +CONFIG_IP6_NF_TARGET_HL=m
Patches
- diff-broken-veprintk-20060623
-
Patch from Alexey Kuznetsov <alexey@openvz.org>:
[PATCH] verbose "vzctl start" kills console - diff-cpt-ipt-conntrack-alloc-fix-20060623
-
Patch from Kirill Korotaev <dev@openvz.org>:
[CPT] ip_conntrack_alloc() can return ENOMEM now (#64293) - diff-debug-busy-inodes-misprint-20060620
-
Patch from Kirill Korotaev <dev@openvz.org>:
Fix inode debug misprint - diff-export-free-divert-blk-20060620
-
Patch from Dmitry V. Levin <ldv@altlinux.org>:
[PATCH] net/core/dv.c: Export free_divert_blkI have no idea why ve_netdev_cleanup() from kernel/vecalls.c duplicates some code from net/core/dev.c, but if both CONFIG_NET_DIVERT and CONFIG_VE_CALLS_MODULE are defined, then vzmon gets undefined reference to free_divert_blk symbol. Here is a workaround.
Signed-off-by: Dmitry V. Levin <ldv@altlinux.org>
Signed-off-by: Kirill Korotaev <dev@openvz.org>
Signed-off-by: Pavel Emelianov <xemul@openvz.org> - diff-fairsched-wake-up-init-20060609
-
Patch from Kirill Korotaev <dev@openvz.org>:
Fix of init process wake up.Since 2.6.9 kernel threads can't be spawned with CLONE_STOPPED as do_signal() ignores signals for kernel code. Instead, wake_up_init() is called now from wake_up_new_task().
- diff-merge-2.6.16.23-20060704
-
Patch from OpenVZ team <devel@openvz.org>:
Merged 2.6.16.23 from /linux/kernel/git/stable/linux-2.6.16.y - diff-ms-exit-signal-fix-20060629
-
Patch from Pavel Emelianov <xemul@openvz.org>
Fix of signal_struct->curr_target value after __exit_signal(). When task calls __exit_signal() it moves curr_target pointer on the next thread. If task isn't changed - this pointer must be set to NULL. Otherwise race:
sys_execve() sys_kill() ... ... de_thread() switch_exec_pids() /* at this point thread and leader * have shared signal_struct but splitted * (empty) pids lists */ release_task() sig->curr_target = next_thread(tsk); /* at this point curr_target is set to * tsk since it's PID_TYPE_TGID list is * empty */ ... ___group_complete_signal() `- t = p->signal->curr_target /* t is the task which tries to * exit on the 1st cpu so its * memory may already be freed */
- diff-tcp-sg-export-20060605
-
Patch from Pavel Emelianov <xemul@openvz.org>:
Export sysctl_tcp_use_sg variable. Without it ipv6 module can't load. - diff-ubc-kmem-pipe-20060629
-
Patch from Vasily Tarasov <vtaras@openvz.org>:
Fix missing memory charging in pipe.c - diff-ve-net-conntrack-sysctl-alloc-fix-20060630
-
Patch from Kirill Korotaev <dev@openvz.org>:
Fix of conntracs' sysctl initializationConntracks initialization code allocates sysctl array for 15 elements, while requires 21 (#64594)
- diff-ve-netfilter-ipv6-20060606
-
Patch from Dmitry Mishin <dim@openvz.org>:
Port of iptables virtualization to ip6tables - diff-ve-net-ipv6-addr-ve-access-20060607
-
Patch from Alexey Kuznetsov <alexey@openvz.org>:
[IPV6] checks of address ownership were wrongThe intention was right (the functions get optional dev and when they do, it is not necessary to verify for VE ownership), but I was lost in mass of || and &&'s, so that only one of three places came out correct.
- diff-ve-net-neigh-params-init-20060614
-
Patch from Alexey Kuznetsov <alexey@openvz.org>:
[PATCH] incomplete initialization of virtual neighbor tablesneigh_tbl->parms.next was inherited from VE0 neighbour table. The effect is that when a device in VE0 was unregistered, VE still contained the reference to dead data.
- diff-ve-net-proc-entries-create-20060704
-
Patch from Pavel Emelianov <xemul@openvz.org>:
Fix creation of tcp/udp proc entries.When we didn't have ipv6 virtualized ipv6-related entries we created locally to ve0. Now we have ipv6 virtualized, so the entries in question must be visible in VEs.
- diff-ve-net-tcp-udp-proc-20060615
-
Patch from Dmitry Mishin <dim@openvz.org>:
Small cleanup in net proc entries registration code - diff-ve-net-veth-caps-20060620
-
Patch from Andrey Mirkin <amirkin@openvz.org>:
[VETH] fix capabilities checking - diff-ve-net-veth-context-20060607
-
Patch from Andrey Mirkin <amirkin@openvz.org>:
Veth device fix.There was a bug in veth_stop(): unregister_netdev() must be performed in right context. Plus cosmetic cleanups.
- diff-ve-net-veth-overflow-20060609
-
Patch from Andrey Mirkin <amirkin@openvz.org>:
[VETH] one more buffer overflow in veth fix - diff-ve-net-veth-strcpy-fix-20060616
-
Patch from Andrey Mirkin <amirkin@openvz.org>:
[VETH] fix of potential buffer overflow in veth device name allocation - diff-ve-nf-ipv6-comp-fix-20060704
-
Patch from Pavel Emelianov <xemul@openvz.org>:
Compilation fix for ipv6 netfilter initialization. - diff-ve-vpid-rcu-20060620
-
Patch from Alexey Kuznetsov <alexey@openvz.org>:
[PATCH] RCU for VPID hash tableIn 2.6.16 pid hash table is not protected by tasklist_lock, it uses RCU now. We used to protect VPID hash table with this lock, but now we cannot because the functions, which used to be protected with read_lock(), are not anymore.
So, we switch to RCU for VPID hash table as well. It is quite simple, and unlike use of RCU for global pid hash tables, it is quite obvious that RCU is valid here.
- diff-ve-vpid-setpgid-bug-20060620
-
Patch from Alexey Kuznetsov <alexey@openvz.org>:
[PATCH] setpgid() could corrupt pid hash tableAlso I add new BUG() into pid.c to assert and obvious invariant that a free pid cannot be released.
This solves <a href="http://bugzilla.openvz.org/159">bug #159</a>.