Open main menu

OpenVZ Virtuozzo Containers Wiki β

Download/kernel/2.6.16/026test009.1/changes

< Download‎ | kernel‎ | 2.6.16‎ | 026test009.1

Contents

Changes

  • VPS checkpointing/restore (live migration)
  • UBC fixes
  • Mainstream updates (2.6.16.8)
  • Netfilter fixes
  • Security fixes
  • Compilation tunes
  • Quota improvements
  • Debugging facilities

Config changes

Changed:

  • CONFIG_MICROCODE=m (was y)
  • CONFIG_FUSION_SPI=m (was y)
  • CONFIG_FUSION_FC=m (was y)
  • CONFIG_FUSION_SAS=m (was y)
  • CONFIG_FUSION_CTL=m (was y)
  • CONFIG_FUSION_LAN=m (was y)

Added:

  • +CONFIG_VZ_CHECKPOINT=m
  • +CONFIG_DCDBAS=m
  • +CONFIG_MD_RAID10=y
  • +CONFIG_MD_MULTIPATH=y
  • +CONFIG_DM_CRYPT=y
  • +CONFIG_DM_MIRROR=y
  • +CONFIG_DM_ZERO=y
  • +CONFIG_DM_MULTIPATH=y
  • +CONFIG_DM_MULTIPATH_EMC=y
  • +CONFIG_SKY2=m
  • +CONFIG_OPROFILE=m

Compatibility notes

  • fusion driver is module now (was built-in)
  • microcode is module now (was built-in)

For the complete list of changes in this release, see git changelog for kernel 026test009.1.


Patches

diff-cpt-aio

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[CPT KERNEL] Comb AIO for CPT

diff-cpt-copy-page-range

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[CPT KERNEL] add __copy_page_range to clone arbitrary pages

diff-cpt-core-misc

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[CPT KERNEL] Misc core modifications required for CPT

  1. pn_state tracking
  2. disable_net
  3. TIF_FREEZE
  4. jiffies_fixup<
  5. remove bogus try_to_freeze() from sigtimedwait()
  6. VE_LOCK
  7. Export some symbols from VZ core

diff-cpt-cwd-error

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[CPT] error was not reported when CWD cannot be saved

NOTE. Until recently I honestly did not know that paths with length > PATH_MAX are not prohibited. At the moment checkpointing fails, when some file/cwd/... has such a path. We could save it correctly, it is not a problem, but I have no code for restore of such paths, it is going to be real tricky.

diff-cpt-direct-aio

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[CPT] AIO for O_DIRECT

It was supposed to work, but happened to be a little buggy. We waited for AIO completion _after_ dumping VM, so that the ring went out of sync.

Also, we cannot read/write on O_DIRECT files with kernel buffer Kernel tries get_user_pages() and fails.

diff-cpt-emt64-hrtimer

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[X86_64] Upgrade compat.c to use hrtimer

Must be pushed to mainstream

diff-cpt-emt64-segments

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[CPT X86_64] Renumber segment register on x86_64 to match i386

It is necessary to allow migration from ia32/x86_64 to/from i386

diff-cpt-emt64-sigmask

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[X86_64] TIF_RESTORE_SIGMASK for x86_64

We need this right now. It is going to be replaced with a version suggested by x86_64 maintainers

diff-cpt-emt64-strace

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[X86_64] An ugly fixup for previous patch to cure x86_64 strace

It is crazy, strace distinguishes ia32 emulated programs by numeric value of segment reg. :-)

diff-cpt-eventpoll

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[CPT KERNEL] Comb eventpoll for CPT

diff-cpt-exports

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[CPT KERNEL] Export miscellaneous symbols required for CPT

diff-cpt-ipc

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[CPT KERNEL] Comb SYSV IPC for CPT

diff-cpt-ipc-addid

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[CPT] check for succesful reallocation in ipc_addid

Found occasionally while searching for another bug in SYSV IPC.

diff-cpt-ip-conntrack

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[CPT KERNEL] Comb IP conntrack for CPT

diff-cpt-kconfig-fix

Patch from Pavel Emelianov <xemul@openvz.org>:

Fix kernel/power/Kconfig to remove SOFTWARE_SUSPEND dependency on SMP. Needed by CPT.

diff-cpt-makefile-kconfig

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[VZ] Hook cpt/ to build system

diff-cpt-modules

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[CPT] CPT modules

diff-cpt-networking

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[CPT KERNEL] Comb networking for CPT

diff-cpt-ngroups

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[CPT] > 32 supplementary groups are not checkpointed
Bug is not fixed, too hairy on pre-release time. We just fail. Comment is added.

diff-cpt-restore-tty-attrs

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[CPT] tty attributes were restored incorrectly

setattr mask was uninitialized and i_size on tty inodes was restored at a random value. At the first sight it is difficult to notice, i_size on tty inodes is never used. But glibc uses stat64 and translates the result. When i_size is weird enough, stat() returns EOVERFLOW. In this case ps skips correct path and find the next appropriate variant, which is /dev/pts/N.

BTW this opens another (minor) problem. If a process inside VE has controlling terminal, but it is not open by this process (f.e. do sleep 3600 < /dev/null >& /dev/null &), ps will show wrong pts path too.

diff-cpt-swap-err

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[KERNEL] Do not map random pages while swapoff errors

If read failed we cannot map not-uptodate page to user space. It is an obvious security issue, plus it is not sane. Actually, we are in serious troubles, we do not even know what process to kill. So, the only variant remains: to stop swapoff() and allow someone to kill processes to zap invalid pages.

diff-cpt-task-size

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[CPT X86_64] Fix task size for ia32/x86_64.

Otherwise we cannot migrate from ia32/x86_64 to i386

diff-cpt-vsyscall-disable

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[CPT KERNEL] Add sysctls to disable exporting vsyscall. Disable it by default.

Note, the page still exists and mapped. We just do not tell to dynamic loader about this.

diff-cpt-x8664-mm

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[CPT] forgotten chunk in cpt_mm.c

Ugly, but necessary.

diff-cpt-zombie-count

Patch from Pavel Emelianov <xemul@openvz.org>:
Increment zombie count on restoring if creating a zombie process.

diff-getppid-fix-20060307

Patch from Pavel Emelianov <xemul@openvz.org>:
Move old code in sys_getppid back when debugging is off. Taking tasklist_lock each time decreases performance and nothing more in non-debugging case.

Noticed by Kirill Korotaev <dev@openvz.org>

diff-ipc-memcpy-bug-20060413

Patch from Alexey Kuznetsov <alexey@openvz.org>:
SYSV IPC writes beyond allocated memory

diff-list-firt-entry

Patch from Pavel Emelianov <xemul@openvz.org>:
Add list_firt_entry() macro

diff-merge-2.6.16.5-20060413

Patch from OpenVZ team <devel@openvz.org>:
Merge /linux/kernel/git/stable/linux-2.6.16.y

diff-ms-ia64-unaligned-ratelimit

Patch from Pavel Emelianov <xemul@openvz.org>:
Rate limit unaligned access warnings from kernel

diff-ms-ia64-unalign-skrunfilter

Patch from Dmitry Mishin <dim@openvz.org>:
Fixed unaligned access in sk_run_filter. Data offset comes from userspace, so use of get_unaligned() is the best way.

diff-oops-decode

Patch from Kirill Korotaev <dev@openvz.org>:
Added sysctl variable to disable automatic call traces decoding. Required for machines not connected to any kind of console.

diff-security-ipid-20060324

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[TCP]: Do not use inet->id of global tcp_socket when sending RST.

The problem is in ip_push_pending_frames(), which uses:

if (!df) {
        __ip_select_ident(iph, &amp;rt-&gt;u.dst, 0);
} else {
        iph-&gt;id = htons(inet-&gt;id++);
}

instead of ip_select_ident().

Right now I think the code is a nonsense. Most likely, I copied it from old ip_build_xmit(), where it was really special, we had to decide whether to generate unique ID when generating the first (well, the last) fragment.

In ip_push_pending_frames() it does not make sense, it should use plain ip_select_ident() instead.

http://www.securityfocus.com/archive/1/427622/100/0/threaded

Signed-off-by: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru>
Signed-off-by: David S. Miller <davem@davemloft.net>

diff-smp-nmi-show-regs

Patch from OpenVZ team <devel@openvz.org>:
This patch adds dumping of calltraces on _all_ CPUs on AltSysRq-P and NMI LOCKUP. It does this via sending NMI IPI interrupts to the cpus. Taken back from -mm tree.

Signed-off-by: Kirill Korotaev <dev@sw.ru>
Signed-off-by: Pavel Emelianov <xemul@sw.ru>
Signed-off-by: Andrew Morton <akpm@osdl.org>

diff-smp-nmi-show-regs-emt64

Patch from Pavel Emelianov <xemul@openvz.org>:
Print calltraces on all CPUs on x86_64 arch. This patch supplements the one made for i386.

diff-smp-nmi-show-regs-fixes

Patch from OpenVZ team <devel@openvz.org>:
Fix of previous patch for voyager.

Cc: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Kirill Korotaev <dev@sw.ru>
Signed-off-by: Pavel Emelianov <xemul@sw.ru>
Signed-off-by: Andrew Morton <akpm@osdl.org>

diff-sw-lic-20060404

Patch from OpenVZ team <devel@openvz.org>:
Licensing

diff-ubc-copy-page-range-fix-20060406

Patch from Pavel Emelianov <xemul@openvz.org>:
Some fixes of page beancounters accounting.

  • moved pb_alloc_all closer to pb_alloc and co;
  • removed pb_add_list_ref - now pb_add_ref acts similar in both cases;
  • changed logic on copying pages - if a page isn't accounted in pbc for parent it will not be in child. pb_dup_ref was introduced for it.

diff-ubc-mlock-deadlock-20060412

Patch from Alexey Kuznetsov <alexey@openvz.org>:
Mlock was ported incorrectly

Two bugs actually:

  1. In 2.6 mlock_fixup _MUST_ return correct prev VMA, otherwise mlockall deadlocks.
  2. Inaccurate port: in error path memory is not uncharged.

diff-ubc-page-uncharge-race-20060414

Patch from Pavel Emelianov <xemul@openvz.org>:
Fix of race between ub_page_charge/_uncharge.

Pages were first put into global list of free pages and ther - uncharged. During this gap page_alloc could charge not uncharged yet page thus causing a BUG().

Moved ub_page_uncharge above freeing and out of local_irq_save to reduce time spent with irqs off.

http://forum.openvz.org/index.php?t=msg&th=465&start=0

diff-ubc-pbfree-oops-20060417

Patch from Pavel Emelianov <xemul@openvz.org>:
Wrong error path in copy_pte_range.

pb_free_list must be called since pbc may be
1. set to PB_COPE_SAME, but pb_free is unaware of it (OOPs);
2. allocated with pb_alloc_list and pb_free will leak all but one.

pb_alloc_list may be called more than once (goto again;) so pb_free_list must be called even on pb_alloc_list failure to cleanup first call allocations.

diff-ubc-zero-page-fix-20060417

Patch from Pavel Emelianov <xemul@openvz.org>:
Don't pb_add_ref to ZERO_PAGE in do_anonymous_page since ZERO_PAGE must not have refs at all. Also remove __pb_alloc as noone need it anymore.

diff-ve-exec-set-links-20060403

Patch from Pavel Emelianov <xemul@openvz.org>:
Add task to VPS task list on exec.
If a non-leader thread calls exec it becomes a thread group leader and thus SET_VE_LINKS/REMOVE_VE_LINKS will manipulate list on this task. Meanwhile such task after exec will not be in list because it was not added there on fork. This may lead to creation of invisible by ps task, unstopable VPS, since do_initproc_exit will not find this task to kill it, and even ve task list corruption.

OpenVZ Bug #129.

diff-ve-inkernel-compilation

Patch from OpenVZ team <devel@openvz.org>:
This patch fixes comilation with CONFIG_MODULES=n

diff-ve-ipc-freeids-20060405

Patch from Pavel Emelianov <xemul@openvz.org>:
Fix of VPS IPC ids cleanup. Do not try to free ipc_ids->entries in case their allocation failed before, i.e. they are set to &ids->nullentry.

diff-ve-net-netfilter-xt-lock-20060414

Patch from Dmitry Mishin <dim@openvz.org>:
Fixed lockup due to uninitialized lock

diff-ve-net-netfilter-xt-tcpudp-20060412

Patch from Dmitry Mishin <dim@openvz.org>:
Virtualized xt_tcpudp module, managed by VE_IP_TABLES mask.
http://forum.openvz.org/index.php?t=tree&th=466&start=0

diff-ve-net-nf-event-fix-20060403

Patch from Dmitry Mishin <dim@openvz.org>:
Fixed endless loop on VPS stop with CONFIG_IP_NF_CONNTRACK_EVENTS enabled. Loop was due to last put under wrong context.

diff-ve-net-nf-getorigdst-20060405

Patch from Dmitry Mishin <dim@openvz.org>:
Fixed oops introduced by previous patch

diff-ve-net-nf-icmp-errpath-20060406

Patch from Dmitry Mishin <dim@openvz.org>:
Fixed init_iptables error path

diff-ve-net-nf-ipt-proc-20060405

Patch from Dmitry Mishin <dim@openvz.org>:
Iptables related entries are visible under /proc/net/ now.

diff-ve-setxattr-20060403

Patch from Vasily Tarasov <vtaras@openvz.org>:
Setxattr and getxattr have to check CAP_VE_ADMIN in order to return proper errors inside VE, similar to host.

diff-ve-sysfs-root-20060405

Patch from Vasily Tarasov <vtaras@openvz.org>:
Fix of sysfs tree visibility in VPS. sysfs_root variable must be virtualized, so that VPS see only class subsystem and class net.

diff-ve-userhdrs-types

Patch from Kirill Korotaev <dev@openvz.org>:
This patch fixes usage of kernel type cycles_t in user interface header.

Related to OpenVZ Bug #123.

diff-ve-userhdrs-types2

Patch from Kirill Korotaev <dev@openvz.org>:
Fix of user space headers for vzctl

diff-ve-vzwdog-modparm-20060405

Patch from Dmitry Mishin <dim@openvz.org>:
Remove obsoleted MODULE_PARM call, use module_parm instead

diff-vzdq-mnt-20060410

Patch from Vasily Tarasov <vtaras@openvz.org>:
All root dentries are unhashed. We have to check for it in vzquota_check_dtree().

http://forum.openvz.org/index.php?t=tree&goto=2552&#msg_2552 OpenVZ Bug #133.

diff-vzdq-off-sync-20060407

Patch from Kirill Korotaev <dev@openvz.org>:
[VZDQ] Speed up vzquota-off process.

vzquota off syncs inodes, so that inodes are synced one by one and waited for. This is slow. This patch changes the logic: all inodes should be kicked for syncing first, and then only waited for. This makes VPS creation to be faster.

diff-merge-2.6.16.8-20060419

Merged linux-2.6.16.8 fixes

diff-suspend-traced

Roll back merged fix. Original fix's sha is 6b2467e45179a336f1e5b70d2b2ae1fe89a00133

diff-ubc-tsoaccount-20060419

Patch from Vasily Tarasov <vtaras@openvz.org>
Add tcpsndbuff charging in tso_fragment()

OpenVZ Bug #135.