Open main menu

OpenVZ Virtuozzo Containers Wiki β

Download/kernel/2.6.16/026test015.1/changes

< Download‎ | kernel‎ | 2.6.16‎ | 026test015.1

Contents

Changes

  • IPv6 netfilter functionality, mainstream updates (up to 2.6.16.23), bugfixes in veth, netfilters, vpids, UBC.

Config changes

Same as 026test014.4, plus

  • +CONFIG_IP6_NF_IPTABLES=m
  • +CONFIG_IP6_NF_MATCH_RT=m
  • +CONFIG_IP6_NF_MATCH_OPTS=m
  • +CONFIG_IP6_NF_MATCH_FRAG=m
  • +CONFIG_IP6_NF_MATCH_HL=m
  • +CONFIG_IP6_NF_MATCH_MULTIPORT=m
  • +CONFIG_IP6_NF_MATCH_OWNER=m
  • +CONFIG_IP6_NF_MATCH_IPV6HEADER=m
  • +CONFIG_IP6_NF_MATCH_AHESP=m
  • +CONFIG_IP6_NF_MATCH_EUI64=m
  • +CONFIG_IP6_NF_FILTER=m
  • +CONFIG_IP6_NF_TARGET_LOG=m
  • +CONFIG_IP6_NF_TARGET_REJECT=m
  • +CONFIG_IP6_NF_MANGLE=m
  • +CONFIG_IP6_NF_TARGET_HL=m

For the complete list of changes in this release, see git changelog for kernel 026test014.4.


Patches

diff-broken-veprintk-20060623

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[PATCH] verbose "vzctl start" kills console

diff-cpt-ipt-conntrack-alloc-fix-20060623

Patch from Kirill Korotaev <dev@openvz.org>:
[CPT] ip_conntrack_alloc() can return ENOMEM now (#64293)

diff-debug-busy-inodes-misprint-20060620

Patch from Kirill Korotaev <dev@openvz.org>:
Fix inode debug misprint

diff-export-free-divert-blk-20060620

Patch from Dmitry V. Levin <ldv@altlinux.org>:
[PATCH] net/core/dv.c: Export free_divert_blk

I have no idea why ve_netdev_cleanup() from kernel/vecalls.c duplicates some code from net/core/dev.c, but if both CONFIG_NET_DIVERT and CONFIG_VE_CALLS_MODULE are defined, then vzmon gets undefined reference to free_divert_blk symbol. Here is a workaround.

Signed-off-by: Dmitry V. Levin <ldv@altlinux.org>
Signed-off-by: Kirill Korotaev <dev@openvz.org>
Signed-off-by: Pavel Emelianov <xemul@openvz.org>

diff-fairsched-wake-up-init-20060609

Patch from Kirill Korotaev <dev@openvz.org>:
Fix of init process wake up.

Since 2.6.9 kernel threads can't be spawned with CLONE_STOPPED as do_signal() ignores signals for kernel code. Instead, wake_up_init() is called now from wake_up_new_task().

diff-merge-2.6.16.23-20060704

Patch from OpenVZ team <devel@openvz.org>:
Merged 2.6.16.23 from /linux/kernel/git/stable/linux-2.6.16.y

diff-ms-exit-signal-fix-20060629

Patch from Pavel Emelianov <xemul@openvz.org>

Fix of signal_struct->curr_target value after __exit_signal(). When task calls __exit_signal() it moves curr_target pointer on the next thread. If task isn't changed - this pointer must be set to NULL. Otherwise race:

sys_execve()                                        sys_kill()
...                                                 ...
de_thread()
switch_exec_pids()
/* at this point thread and leader
* have shared signal_struct but splitted
* (empty) pids lists
*/
release_task()
sig-&gt;curr_target = next_thread(tsk);
/* at this point curr_target is set to
* tsk since it's PID_TYPE_TGID list is
* empty
*/
...                                                ___group_complete_signal()
                                                  `- t = p-&gt;signal-&gt;curr_target
                                                   /* t is the task which tries to
                                                    * exit on the 1st cpu so its
                                                    * memory may already be freed
                                                    */

diff-tcp-sg-export-20060605

Patch from Pavel Emelianov <xemul@openvz.org>:
Export sysctl_tcp_use_sg variable. Without it ipv6 module can't load.

diff-ubc-kmem-pipe-20060629

Patch from Vasily Tarasov <vtaras@openvz.org>:
Fix missing memory charging in pipe.c

diff-ve-net-conntrack-sysctl-alloc-fix-20060630

Patch from Kirill Korotaev <dev@openvz.org>:
Fix of conntracs' sysctl initialization

Conntracks initialization code allocates sysctl array for 15 elements, while requires 21 (#64594)

diff-ve-netfilter-ipv6-20060606

Patch from Dmitry Mishin <dim@openvz.org>:
Port of iptables virtualization to ip6tables

diff-ve-net-ipv6-addr-ve-access-20060607

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[IPV6] checks of address ownership were wrong

The intention was right (the functions get optional dev and when they do, it is not necessary to verify for VE ownership), but I was lost in mass of || and &&'s, so that only one of three places came out correct.

diff-ve-net-neigh-params-init-20060614

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[PATCH] incomplete initialization of virtual neighbor tables

neigh_tbl->parms.next was inherited from VE0 neighbour table. The effect is that when a device in VE0 was unregistered, VE still contained the reference to dead data.

diff-ve-net-proc-entries-create-20060704

Patch from Pavel Emelianov <xemul@openvz.org>:
Fix creation of tcp/udp proc entries.

When we didn't have ipv6 virtualized ipv6-related entries we created locally to ve0. Now we have ipv6 virtualized, so the entries in question must be visible in VEs.

diff-ve-net-tcp-udp-proc-20060615

Patch from Dmitry Mishin <dim@openvz.org>:
Small cleanup in net proc entries registration code

diff-ve-net-veth-caps-20060620

Patch from Andrey Mirkin <amirkin@openvz.org>:
[VETH] fix capabilities checking

diff-ve-net-veth-context-20060607

Patch from Andrey Mirkin <amirkin@openvz.org>:
Veth device fix.

There was a bug in veth_stop(): unregister_netdev() must be performed in right context. Plus cosmetic cleanups.

diff-ve-net-veth-overflow-20060609

Patch from Andrey Mirkin <amirkin@openvz.org>:
[VETH] one more buffer overflow in veth fix

diff-ve-net-veth-strcpy-fix-20060616

Patch from Andrey Mirkin <amirkin@openvz.org>:
[VETH] fix of potential buffer overflow in veth device name allocation

diff-ve-nf-ipv6-comp-fix-20060704

Patch from Pavel Emelianov <xemul@openvz.org>:
Compilation fix for ipv6 netfilter initialization.

diff-ve-vpid-rcu-20060620

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[PATCH] RCU for VPID hash table

In 2.6.16 pid hash table is not protected by tasklist_lock, it uses RCU now. We used to protect VPID hash table with this lock, but now we cannot because the functions, which used to be protected with read_lock(), are not anymore.

So, we switch to RCU for VPID hash table as well. It is quite simple, and unlike use of RCU for global pid hash tables, it is quite obvious that RCU is valid here.

diff-ve-vpid-setpgid-bug-20060620

Patch from Alexey Kuznetsov <alexey@openvz.org>:
[PATCH] setpgid() could corrupt pid hash table

Also I add new BUG() into pid.c to assert and obvious invariant that a free pid cannot be released.

This solves OpenVZ Bug #159.