1 diff -NurpP --minimal linux-2.6.25.11/arch/alpha/Kconfig linux-2.6.25.11-vs2.3.0.34.14/arch/alpha/Kconfig
2 --- linux-2.6.25.11/arch/alpha/Kconfig 2008-04-17 12:05:26.000000000 -0400
3 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/alpha/Kconfig 2008-04-19 15:14:51.000000000 -0400
4 @@ -671,6 +671,8 @@ config DUMMY_CONSOLE
8 +source "kernel/vserver/Kconfig"
10 source "security/Kconfig"
12 source "crypto/Kconfig"
13 diff -NurpP --minimal linux-2.6.25.11/arch/alpha/kernel/entry.S linux-2.6.25.11-vs2.3.0.34.14/arch/alpha/kernel/entry.S
14 --- linux-2.6.25.11/arch/alpha/kernel/entry.S 2008-04-17 11:31:21.000000000 -0400
15 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/alpha/kernel/entry.S 2008-04-21 11:09:01.000000000 -0400
16 @@ -872,24 +872,15 @@ sys_getxgid:
25 - /* See linux/kernel/timer.c sys_getppid for discussion
27 - ldq $3, TASK_GROUP_LEADER($2)
28 - ldq $4, TASK_REAL_PARENT($3)
29 - ldl $0, TASK_TGID($2)
30 -1: ldl $1, TASK_TGID($4)
34 - ldq $3, TASK_GROUP_LEADER($2)
35 - ldq $4, TASK_REAL_PARENT($3)
48 diff -NurpP --minimal linux-2.6.25.11/arch/alpha/kernel/osf_sys.c linux-2.6.25.11-vs2.3.0.34.14/arch/alpha/kernel/osf_sys.c
49 --- linux-2.6.25.11/arch/alpha/kernel/osf_sys.c 2008-07-15 22:05:16.000000000 -0400
50 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/alpha/kernel/osf_sys.c 2008-05-21 14:30:40.000000000 -0400
51 @@ -883,7 +883,7 @@ osf_gettimeofday(struct timeval32 __user
55 - do_gettimeofday(&ktv);
56 + vx_gettimeofday(&ktv);
57 if (put_tv32(tv, &ktv))
60 diff -NurpP --minimal linux-2.6.25.11/arch/alpha/kernel/ptrace.c linux-2.6.25.11-vs2.3.0.34.14/arch/alpha/kernel/ptrace.c
61 --- linux-2.6.25.11/arch/alpha/kernel/ptrace.c 2008-04-17 11:31:21.000000000 -0400
62 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/alpha/kernel/ptrace.c 2008-04-19 15:14:51.000000000 -0400
64 #include <linux/slab.h>
65 #include <linux/security.h>
66 #include <linux/signal.h>
67 +#include <linux/vs_base.h>
69 #include <asm/uaccess.h>
70 #include <asm/pgtable.h>
71 diff -NurpP --minimal linux-2.6.25.11/arch/alpha/kernel/semaphore.c linux-2.6.25.11-vs2.3.0.34.14/arch/alpha/kernel/semaphore.c
72 --- linux-2.6.25.11/arch/alpha/kernel/semaphore.c 2008-04-17 11:31:21.000000000 -0400
73 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/alpha/kernel/semaphore.c 2008-04-19 15:14:51.000000000 -0400
74 @@ -68,8 +68,8 @@ __down_failed(struct semaphore *sem)
75 DECLARE_WAITQUEUE(wait, tsk);
77 #ifdef CONFIG_DEBUG_SEMAPHORE
78 - printk("%s(%d): down failed(%p)\n",
79 - tsk->comm, task_pid_nr(tsk), sem);
80 + printk("%s(%d:#%u): down failed(%p)\n",
81 + tsk->comm, task_pid_nr(tsk), tsk->xid, sem);
84 tsk->state = TASK_UNINTERRUPTIBLE;
85 @@ -97,8 +97,8 @@ __down_failed(struct semaphore *sem)
88 #ifdef CONFIG_DEBUG_SEMAPHORE
89 - printk("%s(%d): down acquired(%p)\n",
90 - tsk->comm, task_pid_nr(tsk), sem);
91 + printk("%s(%d:#%u): down acquired(%p)\n",
92 + tsk->comm, task_pid_nr(tsk), tsk->xid, sem);
96 @@ -110,8 +110,8 @@ __down_failed_interruptible(struct semap
99 #ifdef CONFIG_DEBUG_SEMAPHORE
100 - printk("%s(%d): down failed(%p)\n",
101 - tsk->comm, task_pid_nr(tsk), sem);
102 + printk("%s(%d:#%u): down failed(%p)\n",
103 + tsk->comm, task_pid_nr(tsk), tsk->xid, sem);
106 tsk->state = TASK_INTERRUPTIBLE;
107 diff -NurpP --minimal linux-2.6.25.11/arch/alpha/kernel/systbls.S linux-2.6.25.11-vs2.3.0.34.14/arch/alpha/kernel/systbls.S
108 --- linux-2.6.25.11/arch/alpha/kernel/systbls.S 2008-04-17 12:05:26.000000000 -0400
109 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/alpha/kernel/systbls.S 2008-04-19 15:14:51.000000000 -0400
110 @@ -446,7 +446,7 @@ sys_call_table:
111 .quad sys_stat64 /* 425 */
114 - .quad sys_ni_syscall /* sys_vserver */
115 + .quad sys_vserver /* sys_vserver */
116 .quad sys_ni_syscall /* sys_mbind */
117 .quad sys_ni_syscall /* sys_get_mempolicy */
118 .quad sys_ni_syscall /* sys_set_mempolicy */
119 diff -NurpP --minimal linux-2.6.25.11/arch/alpha/kernel/traps.c linux-2.6.25.11-vs2.3.0.34.14/arch/alpha/kernel/traps.c
120 --- linux-2.6.25.11/arch/alpha/kernel/traps.c 2008-04-17 11:31:21.000000000 -0400
121 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/alpha/kernel/traps.c 2008-04-19 15:14:51.000000000 -0400
122 @@ -182,7 +182,8 @@ die_if_kernel(char * str, struct pt_regs
124 printk("CPU %d ", hard_smp_processor_id());
126 - printk("%s(%d): %s %ld\n", current->comm, task_pid_nr(current), str, err);
127 + printk("%s(%d[#%u]): %s %ld\n", current->comm,
128 + task_pid_nr(current), current->xid, str, err);
129 dik_show_regs(regs, r9_15);
130 add_taint(TAINT_DIE);
131 dik_show_trace((unsigned long *)(regs+1));
132 diff -NurpP --minimal linux-2.6.25.11/arch/alpha/mm/fault.c linux-2.6.25.11-vs2.3.0.34.14/arch/alpha/mm/fault.c
133 --- linux-2.6.25.11/arch/alpha/mm/fault.c 2008-04-17 11:31:21.000000000 -0400
134 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/alpha/mm/fault.c 2008-04-19 15:14:51.000000000 -0400
135 @@ -193,8 +193,8 @@ do_page_fault(unsigned long address, uns
136 down_read(&mm->mmap_sem);
139 - printk(KERN_ALERT "VM: killing process %s(%d)\n",
140 - current->comm, task_pid_nr(current));
141 + printk(KERN_ALERT "VM: killing process %s(%d:#%u)\n",
142 + current->comm, task_pid_nr(current), current->xid);
143 if (!user_mode(regs))
145 do_group_exit(SIGKILL);
146 diff -NurpP --minimal linux-2.6.25.11/arch/arm/Kconfig linux-2.6.25.11-vs2.3.0.34.14/arch/arm/Kconfig
147 --- linux-2.6.25.11/arch/arm/Kconfig 2008-04-17 12:05:26.000000000 -0400
148 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/arm/Kconfig 2008-04-19 15:14:51.000000000 -0400
149 @@ -1180,6 +1180,8 @@ source "fs/Kconfig"
151 source "arch/arm/Kconfig.debug"
153 +source "kernel/vserver/Kconfig"
155 source "security/Kconfig"
157 source "crypto/Kconfig"
158 diff -NurpP --minimal linux-2.6.25.11/arch/arm/kernel/calls.S linux-2.6.25.11-vs2.3.0.34.14/arch/arm/kernel/calls.S
159 --- linux-2.6.25.11/arch/arm/kernel/calls.S 2008-04-17 12:05:26.000000000 -0400
160 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/arm/kernel/calls.S 2008-04-19 15:14:51.000000000 -0400
162 /* 310 */ CALL(sys_request_key)
164 CALL(ABI(sys_semtimedop, sys_oabi_semtimedop))
165 -/* vserver */ CALL(sys_ni_syscall)
168 /* 315 */ CALL(sys_ioprio_get)
169 CALL(sys_inotify_init)
170 diff -NurpP --minimal linux-2.6.25.11/arch/arm/kernel/process.c linux-2.6.25.11-vs2.3.0.34.14/arch/arm/kernel/process.c
171 --- linux-2.6.25.11/arch/arm/kernel/process.c 2008-04-17 12:05:26.000000000 -0400
172 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/arm/kernel/process.c 2008-04-21 11:09:01.000000000 -0400
173 @@ -264,7 +264,8 @@ void __show_regs(struct pt_regs *regs)
174 void show_regs(struct pt_regs * regs)
177 - printk("Pid: %d, comm: %20s\n", task_pid_nr(current), current->comm);
178 + printk("Pid: %d[#%u], comm: %20s\n",
179 + task_pid_nr(current), current->xid, current->comm);
183 diff -NurpP --minimal linux-2.6.25.11/arch/arm/kernel/traps.c linux-2.6.25.11-vs2.3.0.34.14/arch/arm/kernel/traps.c
184 --- linux-2.6.25.11/arch/arm/kernel/traps.c 2008-04-17 12:05:26.000000000 -0400
185 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/arm/kernel/traps.c 2008-04-19 15:14:51.000000000 -0400
186 @@ -214,8 +214,8 @@ static void __die(const char *str, int e
187 str, err, ++die_counter);
190 - printk("Process %s (pid: %d, stack limit = 0x%p)\n",
191 - tsk->comm, task_pid_nr(tsk), thread + 1);
192 + printk("Process %s (pid: %d:#%u, stack limit = 0x%p)\n",
193 + tsk->comm, task_pid_nr(tsk), tsk->xid, thread + 1);
195 if (!user_mode(regs) || in_interrupt()) {
196 dump_mem("Stack: ", regs->ARM_sp,
197 diff -NurpP --minimal linux-2.6.25.11/arch/arm/mm/fault.c linux-2.6.25.11-vs2.3.0.34.14/arch/arm/mm/fault.c
198 --- linux-2.6.25.11/arch/arm/mm/fault.c 2008-04-17 12:05:27.000000000 -0400
199 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/arm/mm/fault.c 2008-04-19 15:14:51.000000000 -0400
200 @@ -292,7 +292,8 @@ do_page_fault(unsigned long addr, unsign
201 * happened to us that made us unable to handle
202 * the page fault gracefully.
204 - printk("VM: killing process %s\n", tsk->comm);
205 + printk("VM: killing process %s(%d:#%u)\n",
206 + tsk->comm, task_pid_nr(tsk), tsk->xid);
207 do_group_exit(SIGKILL);
210 diff -NurpP --minimal linux-2.6.25.11/arch/cris/Kconfig linux-2.6.25.11-vs2.3.0.34.14/arch/cris/Kconfig
211 --- linux-2.6.25.11/arch/cris/Kconfig 2008-04-17 12:05:27.000000000 -0400
212 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/cris/Kconfig 2008-04-19 15:14:51.000000000 -0400
213 @@ -679,6 +679,8 @@ source "drivers/usb/Kconfig"
215 source "arch/cris/Kconfig.debug"
217 +source "kernel/vserver/Kconfig"
219 source "security/Kconfig"
221 source "crypto/Kconfig"
222 diff -NurpP --minimal linux-2.6.25.11/arch/frv/kernel/kernel_thread.S linux-2.6.25.11-vs2.3.0.34.14/arch/frv/kernel/kernel_thread.S
223 --- linux-2.6.25.11/arch/frv/kernel/kernel_thread.S 2007-02-04 13:44:54.000000000 -0500
224 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/frv/kernel/kernel_thread.S 2008-04-21 11:09:01.000000000 -0400
225 @@ -37,7 +37,7 @@ kernel_thread:
227 # start by forking the current process, but with shared VM
228 setlos.p #__NR_clone,gr7 ; syscall number
229 - ori gr10,#CLONE_VM,gr8 ; first syscall arg [clone_flags]
230 + ori gr10,#CLONE_KT,gr8 ; first syscall arg [clone_flags]
231 sethi.p #0xe4e4,gr9 ; second syscall arg [newsp]
233 setlos.p #0,gr10 ; third syscall arg [parent_tidptr]
234 diff -NurpP --minimal linux-2.6.25.11/arch/h8300/Kconfig linux-2.6.25.11-vs2.3.0.34.14/arch/h8300/Kconfig
235 --- linux-2.6.25.11/arch/h8300/Kconfig 2008-04-17 12:05:28.000000000 -0400
236 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/h8300/Kconfig 2008-04-19 15:14:51.000000000 -0400
237 @@ -233,6 +233,8 @@ source "fs/Kconfig"
239 source "arch/h8300/Kconfig.debug"
241 +source "kernel/vserver/Kconfig"
243 source "security/Kconfig"
245 source "crypto/Kconfig"
246 diff -NurpP --minimal linux-2.6.25.11/arch/ia64/ia32/ia32_entry.S linux-2.6.25.11-vs2.3.0.34.14/arch/ia64/ia32/ia32_entry.S
247 --- linux-2.6.25.11/arch/ia64/ia32/ia32_entry.S 2008-04-17 10:37:14.000000000 -0400
248 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/ia64/ia32/ia32_entry.S 2008-04-19 15:14:51.000000000 -0400
249 @@ -446,7 +446,7 @@ ia32_syscall_table:
250 data8 sys_tgkill /* 270 */
251 data8 compat_sys_utimes
252 data8 sys32_fadvise64_64
253 - data8 sys_ni_syscall
254 + data8 sys32_vserver
256 data8 sys_ni_syscall /* 275 */
258 diff -NurpP --minimal linux-2.6.25.11/arch/ia64/ia32/sys_ia32.c linux-2.6.25.11-vs2.3.0.34.14/arch/ia64/ia32/sys_ia32.c
259 --- linux-2.6.25.11/arch/ia64/ia32/sys_ia32.c 2008-04-17 12:05:28.000000000 -0400
260 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/ia64/ia32/sys_ia32.c 2008-04-19 15:14:51.000000000 -0400
261 @@ -1177,7 +1177,7 @@ sys32_gettimeofday (struct compat_timeva
265 - do_gettimeofday(&ktv);
266 + vx_gettimeofday(&ktv);
267 if (put_tv32(tv, &ktv))
270 diff -NurpP --minimal linux-2.6.25.11/arch/ia64/Kconfig linux-2.6.25.11-vs2.3.0.34.14/arch/ia64/Kconfig
271 --- linux-2.6.25.11/arch/ia64/Kconfig 2008-04-17 12:05:28.000000000 -0400
272 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/ia64/Kconfig 2008-04-19 15:14:51.000000000 -0400
273 @@ -615,6 +615,8 @@ source "arch/ia64/hp/sim/Kconfig"
275 source "arch/ia64/Kconfig.debug"
277 +source "kernel/vserver/Kconfig"
279 source "security/Kconfig"
281 source "crypto/Kconfig"
282 diff -NurpP --minimal linux-2.6.25.11/arch/ia64/kernel/entry.S linux-2.6.25.11-vs2.3.0.34.14/arch/ia64/kernel/entry.S
283 --- linux-2.6.25.11/arch/ia64/kernel/entry.S 2008-04-17 12:05:28.000000000 -0400
284 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/ia64/kernel/entry.S 2008-04-19 15:14:51.000000000 -0400
285 @@ -1547,7 +1547,7 @@ sys_call_table:
287 data8 sys_mq_getsetattr
289 - data8 sys_ni_syscall // reserved for vserver
291 data8 sys_waitid // 1270
293 data8 sys_request_key
294 diff -NurpP --minimal linux-2.6.25.11/arch/ia64/kernel/perfmon.c linux-2.6.25.11-vs2.3.0.34.14/arch/ia64/kernel/perfmon.c
295 --- linux-2.6.25.11/arch/ia64/kernel/perfmon.c 2008-04-17 12:05:28.000000000 -0400
296 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/ia64/kernel/perfmon.c 2008-04-19 15:14:51.000000000 -0400
298 #include <linux/capability.h>
299 #include <linux/rcupdate.h>
300 #include <linux/completion.h>
301 +#include <linux/vs_memory.h>
303 #include <asm/errno.h>
304 #include <asm/intrinsics.h>
305 @@ -2374,7 +2375,7 @@ pfm_smpl_buffer_alloc(struct task_struct
307 insert_vm_struct(mm, vma);
309 - mm->total_vm += size >> PAGE_SHIFT;
310 + vx_vmpages_add(mm, size >> PAGE_SHIFT);
311 vm_stat_account(vma->vm_mm, vma->vm_flags, vma->vm_file,
313 up_write(&task->mm->mmap_sem);
314 diff -NurpP --minimal linux-2.6.25.11/arch/ia64/kernel/process.c linux-2.6.25.11-vs2.3.0.34.14/arch/ia64/kernel/process.c
315 --- linux-2.6.25.11/arch/ia64/kernel/process.c 2008-04-17 12:05:28.000000000 -0400
316 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/ia64/kernel/process.c 2008-04-21 11:09:01.000000000 -0400
317 @@ -105,8 +105,8 @@ show_regs (struct pt_regs *regs)
318 unsigned long ip = regs->cr_iip + ia64_psr(regs)->ri;
321 - printk("\nPid: %d, CPU %d, comm: %20s\n", task_pid_nr(current),
322 - smp_processor_id(), current->comm);
323 + printk("\nPid: %d[#%u], CPU %d, comm: %20s\n", task_pid_nr(current),
324 + current->xid, smp_processor_id(), current->comm);
325 printk("psr : %016lx ifs : %016lx ip : [<%016lx>] %s (%s)\n",
326 regs->cr_ipsr, regs->cr_ifs, ip, print_tainted(),
327 init_utsname()->release);
328 diff -NurpP --minimal linux-2.6.25.11/arch/ia64/kernel/ptrace.c linux-2.6.25.11-vs2.3.0.34.14/arch/ia64/kernel/ptrace.c
329 --- linux-2.6.25.11/arch/ia64/kernel/ptrace.c 2008-04-17 12:05:28.000000000 -0400
330 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/ia64/kernel/ptrace.c 2008-04-19 15:14:51.000000000 -0400
332 #include <linux/security.h>
333 #include <linux/audit.h>
334 #include <linux/signal.h>
335 +#include <linux/vs_base.h>
337 #include <asm/pgtable.h>
338 #include <asm/processor.h>
339 diff -NurpP --minimal linux-2.6.25.11/arch/ia64/kernel/traps.c linux-2.6.25.11-vs2.3.0.34.14/arch/ia64/kernel/traps.c
340 --- linux-2.6.25.11/arch/ia64/kernel/traps.c 2008-04-17 12:05:28.000000000 -0400
341 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/ia64/kernel/traps.c 2008-04-21 10:33:04.000000000 -0400
342 @@ -60,8 +60,9 @@ die (const char *str, struct pt_regs *re
345 if (++die.lock_owner_depth < 3) {
346 - printk("%s[%d]: %s %ld [%d]\n",
347 - current->comm, task_pid_nr(current), str, err, ++die_counter);
348 + printk("%s[%d[#%u]]: %s %ld [%d]\n",
349 + current->comm, task_pid_nr(current), current->xid,
350 + str, err, ++die_counter);
351 if (notify_die(DIE_OOPS, str, regs, err, 255, SIGSEGV)
354 @@ -324,8 +325,9 @@ handle_fpu_swa (int fp_fault, struct pt_
355 if ((last.count & 15) < 5 && (ia64_fetchadd(1, &last.count, acq) & 15) < 5) {
356 last.time = current_jiffies + 5 * HZ;
358 - "%s(%d): floating-point assist fault at ip %016lx, isr %016lx\n",
359 - current->comm, task_pid_nr(current), regs->cr_iip + ia64_psr(regs)->ri, isr);
360 + "%s(%d[#%u]): floating-point assist fault at ip %016lx, isr %016lx\n",
361 + current->comm, task_pid_nr(current), current->xid,
362 + regs->cr_iip + ia64_psr(regs)->ri, isr);
366 diff -NurpP --minimal linux-2.6.25.11/arch/ia64/mm/fault.c linux-2.6.25.11-vs2.3.0.34.14/arch/ia64/mm/fault.c
367 --- linux-2.6.25.11/arch/ia64/mm/fault.c 2008-04-17 12:05:28.000000000 -0400
368 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/ia64/mm/fault.c 2008-04-19 15:14:52.000000000 -0400
370 #include <linux/interrupt.h>
371 #include <linux/kprobes.h>
372 #include <linux/kdebug.h>
373 +#include <linux/vs_memory.h>
375 #include <asm/pgtable.h>
376 #include <asm/processor.h>
377 diff -NurpP --minimal linux-2.6.25.11/arch/m32r/kernel/traps.c linux-2.6.25.11-vs2.3.0.34.14/arch/m32r/kernel/traps.c
378 --- linux-2.6.25.11/arch/m32r/kernel/traps.c 2008-04-17 11:31:23.000000000 -0400
379 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/m32r/kernel/traps.c 2008-04-19 15:14:52.000000000 -0400
380 @@ -195,8 +195,9 @@ static void show_registers(struct pt_reg
382 printk("SPI: %08lx\n", sp);
384 - printk("Process %s (pid: %d, process nr: %d, stackpage=%08lx)",
385 - current->comm, task_pid_nr(current), 0xffff & i, 4096+(unsigned long)current);
386 + printk("Process %s (pid: %d[#%u], process nr: %d, stackpage=%08lx)",
387 + current->comm, task_pid_nr(current), current->xid,
388 + 0xffff & i, 4096+(unsigned long)current);
391 * When in-kernel, we also print out the stack and code at the
392 diff -NurpP --minimal linux-2.6.25.11/arch/m68k/Kconfig linux-2.6.25.11-vs2.3.0.34.14/arch/m68k/Kconfig
393 --- linux-2.6.25.11/arch/m68k/Kconfig 2008-04-17 12:05:28.000000000 -0400
394 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/m68k/Kconfig 2008-04-19 15:14:52.000000000 -0400
395 @@ -674,6 +674,8 @@ source "fs/Kconfig"
397 source "arch/m68k/Kconfig.debug"
399 +source "kernel/vserver/Kconfig"
401 source "security/Kconfig"
403 source "crypto/Kconfig"
404 diff -NurpP --minimal linux-2.6.25.11/arch/m68k/kernel/ptrace.c linux-2.6.25.11-vs2.3.0.34.14/arch/m68k/kernel/ptrace.c
405 --- linux-2.6.25.11/arch/m68k/kernel/ptrace.c 2008-04-17 11:31:23.000000000 -0400
406 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/m68k/kernel/ptrace.c 2008-04-19 15:14:52.000000000 -0400
408 #include <linux/ptrace.h>
409 #include <linux/user.h>
410 #include <linux/signal.h>
411 +#include <linux/vs_base.h>
413 #include <asm/uaccess.h>
414 #include <asm/page.h>
415 @@ -269,6 +270,8 @@ long arch_ptrace(struct task_struct *chi
416 ret = ptrace_request(child, request, addr, data);
419 + if (!vx_check(vx_task_xid(child), VS_WATCH_P | VS_IDENT))
424 diff -NurpP --minimal linux-2.6.25.11/arch/m68k/kernel/traps.c linux-2.6.25.11-vs2.3.0.34.14/arch/m68k/kernel/traps.c
425 --- linux-2.6.25.11/arch/m68k/kernel/traps.c 2008-04-17 12:05:28.000000000 -0400
426 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/m68k/kernel/traps.c 2008-04-19 15:14:52.000000000 -0400
427 @@ -898,8 +898,8 @@ void show_registers(struct pt_regs *regs
428 printk("d4: %08lx d5: %08lx a0: %08lx a1: %08lx\n",
429 regs->d4, regs->d5, regs->a0, regs->a1);
431 - printk("Process %s (pid: %d, task=%p)\n",
432 - current->comm, task_pid_nr(current), current);
433 + printk("Process %s (pid: %d[#%u], task=%p)\n",
434 + current->comm, task_pid_nr(current), current->xid, current);
435 addr = (unsigned long)&fp->un;
436 printk("Frame format=%X ", regs->format);
437 switch (regs->format) {
438 diff -NurpP --minimal linux-2.6.25.11/arch/m68knommu/Kconfig linux-2.6.25.11-vs2.3.0.34.14/arch/m68knommu/Kconfig
439 --- linux-2.6.25.11/arch/m68knommu/Kconfig 2008-04-17 12:05:28.000000000 -0400
440 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/m68knommu/Kconfig 2008-04-19 15:14:52.000000000 -0400
441 @@ -722,6 +722,8 @@ source "fs/Kconfig"
443 source "arch/m68knommu/Kconfig.debug"
445 +source "kernel/vserver/Kconfig"
447 source "security/Kconfig"
449 source "crypto/Kconfig"
450 diff -NurpP --minimal linux-2.6.25.11/arch/m68knommu/kernel/traps.c linux-2.6.25.11-vs2.3.0.34.14/arch/m68knommu/kernel/traps.c
451 --- linux-2.6.25.11/arch/m68knommu/kernel/traps.c 2008-04-17 10:37:14.000000000 -0400
452 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/m68knommu/kernel/traps.c 2008-04-19 15:14:52.000000000 -0400
453 @@ -78,8 +78,9 @@ void die_if_kernel(char *str, struct pt_
454 printk(KERN_EMERG "d4: %08lx d5: %08lx a0: %08lx a1: %08lx\n",
455 fp->d4, fp->d5, fp->a0, fp->a1);
457 - printk(KERN_EMERG "Process %s (pid: %d, stackpage=%08lx)\n",
458 - current->comm, current->pid, PAGE_SIZE+(unsigned long)current);
459 + printk(KERN_EMERG "Process %s (pid: %d[#%u], stackpage=%08lx)\n",
460 + current->comm, task_pid_nr(current), current->xid,
461 + PAGE_SIZE+(unsigned long)current);
462 show_stack(NULL, (unsigned long *)(fp + 1));
463 add_taint(TAINT_DIE);
465 diff -NurpP --minimal linux-2.6.25.11/arch/mips/Kconfig linux-2.6.25.11-vs2.3.0.34.14/arch/mips/Kconfig
466 --- linux-2.6.25.11/arch/mips/Kconfig 2008-04-17 12:05:28.000000000 -0400
467 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/mips/Kconfig 2008-04-19 15:14:52.000000000 -0400
468 @@ -2099,6 +2099,8 @@ source "fs/Kconfig"
470 source "arch/mips/Kconfig.debug"
472 +source "kernel/vserver/Kconfig"
474 source "security/Kconfig"
476 source "crypto/Kconfig"
477 diff -NurpP --minimal linux-2.6.25.11/arch/mips/kernel/linux32.c linux-2.6.25.11-vs2.3.0.34.14/arch/mips/kernel/linux32.c
478 --- linux-2.6.25.11/arch/mips/kernel/linux32.c 2008-04-17 12:05:29.000000000 -0400
479 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/mips/kernel/linux32.c 2008-04-19 15:14:52.000000000 -0400
480 @@ -209,7 +209,7 @@ sys32_gettimeofday(struct compat_timeval
484 - do_gettimeofday(&ktv);
485 + vx_gettimeofday(&ktv);
486 if (put_tv32(tv, &ktv))
489 diff -NurpP --minimal linux-2.6.25.11/arch/mips/kernel/ptrace.c linux-2.6.25.11-vs2.3.0.34.14/arch/mips/kernel/ptrace.c
490 --- linux-2.6.25.11/arch/mips/kernel/ptrace.c 2008-04-17 11:31:23.000000000 -0400
491 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/mips/kernel/ptrace.c 2008-04-19 15:14:52.000000000 -0400
493 #include <linux/security.h>
494 #include <linux/audit.h>
495 #include <linux/seccomp.h>
496 +#include <linux/vs_base.h>
498 #include <asm/byteorder.h>
500 @@ -171,6 +172,9 @@ long arch_ptrace(struct task_struct *chi
504 + if (!vx_check(vx_task_xid(child), VS_WATCH_P | VS_IDENT))
508 /* when I and D space are separate, these will need to be fixed. */
509 case PTRACE_PEEKTEXT: /* read word at location addr. */
510 diff -NurpP --minimal linux-2.6.25.11/arch/mips/kernel/scall32-o32.S linux-2.6.25.11-vs2.3.0.34.14/arch/mips/kernel/scall32-o32.S
511 --- linux-2.6.25.11/arch/mips/kernel/scall32-o32.S 2008-04-17 12:05:29.000000000 -0400
512 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/mips/kernel/scall32-o32.S 2008-04-19 15:14:52.000000000 -0400
513 @@ -619,7 +619,7 @@ einval: li v0, -EINVAL
514 sys sys_mq_timedreceive 5
515 sys sys_mq_notify 2 /* 4275 */
516 sys sys_mq_getsetattr 3
517 - sys sys_ni_syscall 0 /* sys_vserver */
520 sys sys_ni_syscall 0 /* available, was setaltroot */
521 sys sys_add_key 5 /* 4280 */
522 diff -NurpP --minimal linux-2.6.25.11/arch/mips/kernel/scall64-64.S linux-2.6.25.11-vs2.3.0.34.14/arch/mips/kernel/scall64-64.S
523 --- linux-2.6.25.11/arch/mips/kernel/scall64-64.S 2008-04-17 12:05:29.000000000 -0400
524 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/mips/kernel/scall64-64.S 2008-04-19 15:14:52.000000000 -0400
525 @@ -434,7 +434,7 @@ sys_call_table:
526 PTR sys_mq_timedreceive
528 PTR sys_mq_getsetattr /* 5235 */
529 - PTR sys_ni_syscall /* sys_vserver */
532 PTR sys_ni_syscall /* available, was setaltroot */
534 diff -NurpP --minimal linux-2.6.25.11/arch/mips/kernel/scall64-n32.S linux-2.6.25.11-vs2.3.0.34.14/arch/mips/kernel/scall64-n32.S
535 --- linux-2.6.25.11/arch/mips/kernel/scall64-n32.S 2008-04-17 12:05:29.000000000 -0400
536 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/mips/kernel/scall64-n32.S 2008-04-19 15:14:52.000000000 -0400
537 @@ -360,7 +360,7 @@ EXPORT(sysn32_call_table)
538 PTR compat_sys_mq_timedreceive
539 PTR compat_sys_mq_notify
540 PTR compat_sys_mq_getsetattr
541 - PTR sys_ni_syscall /* 6240, sys_vserver */
542 + PTR sys32_vserver /* 6240 */
543 PTR compat_sys_waitid
544 PTR sys_ni_syscall /* available, was setaltroot */
546 diff -NurpP --minimal linux-2.6.25.11/arch/mips/kernel/scall64-o32.S linux-2.6.25.11-vs2.3.0.34.14/arch/mips/kernel/scall64-o32.S
547 --- linux-2.6.25.11/arch/mips/kernel/scall64-o32.S 2008-04-17 12:05:29.000000000 -0400
548 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/mips/kernel/scall64-o32.S 2008-04-19 15:14:52.000000000 -0400
549 @@ -482,7 +482,7 @@ sys_call_table:
550 PTR compat_sys_mq_timedreceive
551 PTR compat_sys_mq_notify /* 4275 */
552 PTR compat_sys_mq_getsetattr
553 - PTR sys_ni_syscall /* sys_vserver */
556 PTR sys_ni_syscall /* available, was setaltroot */
557 PTR sys_add_key /* 4280 */
558 diff -NurpP --minimal linux-2.6.25.11/arch/mips/kernel/traps.c linux-2.6.25.11-vs2.3.0.34.14/arch/mips/kernel/traps.c
559 --- linux-2.6.25.11/arch/mips/kernel/traps.c 2008-04-17 12:05:29.000000000 -0400
560 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/mips/kernel/traps.c 2008-04-19 15:14:52.000000000 -0400
561 @@ -313,8 +313,9 @@ void show_registers(const struct pt_regs
565 - printk("Process %s (pid: %d, threadinfo=%p, task=%p)\n",
566 - current->comm, task_pid_nr(current), current_thread_info(), current);
567 + printk("Process %s (pid: %d:#%u, threadinfo=%p, task=%p)\n",
568 + current->comm, task_pid_nr(current), current->xid,
569 + current_thread_info(), current);
570 show_stacktrace(current, regs);
571 show_code((unsigned int __user *) regs->cp0_epc);
573 diff -NurpP --minimal linux-2.6.25.11/arch/mips/mm/fault.c linux-2.6.25.11-vs2.3.0.34.14/arch/mips/mm/fault.c
574 --- linux-2.6.25.11/arch/mips/mm/fault.c 2008-04-17 11:31:24.000000000 -0400
575 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/mips/mm/fault.c 2008-04-19 15:14:52.000000000 -0400
576 @@ -178,7 +178,8 @@ out_of_memory:
577 down_read(&mm->mmap_sem);
580 - printk("VM: killing process %s\n", tsk->comm);
581 + printk("VM: killing process %s(%d:#%u)\n",
582 + tsk->comm, tsk->pid, tsk->xid);
584 do_group_exit(SIGKILL);
586 diff -NurpP --minimal linux-2.6.25.11/arch/parisc/Kconfig linux-2.6.25.11-vs2.3.0.34.14/arch/parisc/Kconfig
587 --- linux-2.6.25.11/arch/parisc/Kconfig 2008-04-17 12:05:29.000000000 -0400
588 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/parisc/Kconfig 2008-04-19 15:14:52.000000000 -0400
589 @@ -278,6 +278,8 @@ source "fs/Kconfig"
591 source "arch/parisc/Kconfig.debug"
593 +source "kernel/vserver/Kconfig"
595 source "security/Kconfig"
597 source "crypto/Kconfig"
598 diff -NurpP --minimal linux-2.6.25.11/arch/parisc/kernel/syscall_table.S linux-2.6.25.11-vs2.3.0.34.14/arch/parisc/kernel/syscall_table.S
599 --- linux-2.6.25.11/arch/parisc/kernel/syscall_table.S 2008-04-17 12:05:29.000000000 -0400
600 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/parisc/kernel/syscall_table.S 2008-04-19 15:14:52.000000000 -0400
602 ENTRY_COMP(mbind) /* 260 */
603 ENTRY_COMP(get_mempolicy)
604 ENTRY_COMP(set_mempolicy)
605 - ENTRY_SAME(ni_syscall) /* 263: reserved for vserver */
606 + ENTRY_DIFF(vserver)
608 ENTRY_SAME(request_key) /* 265 */
610 diff -NurpP --minimal linux-2.6.25.11/arch/parisc/kernel/sys_parisc32.c linux-2.6.25.11-vs2.3.0.34.14/arch/parisc/kernel/sys_parisc32.c
611 --- linux-2.6.25.11/arch/parisc/kernel/sys_parisc32.c 2008-04-17 11:31:24.000000000 -0400
612 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/parisc/kernel/sys_parisc32.c 2008-04-19 15:14:52.000000000 -0400
613 @@ -204,11 +204,11 @@ static inline long get_ts32(struct times
615 sys32_gettimeofday(struct compat_timeval __user *tv, struct timezone __user *tz)
617 - extern void do_gettimeofday(struct timeval *tv);
618 + extern void vx_gettimeofday(struct timeval *tv);
622 - do_gettimeofday(&ktv);
623 + vx_gettimeofday(&ktv);
624 if (put_compat_timeval(tv, &ktv))
627 diff -NurpP --minimal linux-2.6.25.11/arch/parisc/kernel/traps.c linux-2.6.25.11-vs2.3.0.34.14/arch/parisc/kernel/traps.c
628 --- linux-2.6.25.11/arch/parisc/kernel/traps.c 2008-04-17 12:05:29.000000000 -0400
629 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/parisc/kernel/traps.c 2008-04-19 15:14:52.000000000 -0400
630 @@ -237,8 +237,9 @@ void die_if_kernel(char *str, struct pt_
634 - printk(KERN_CRIT "%s (pid %d): %s (code %ld) at " RFMT "\n",
635 - current->comm, task_pid_nr(current), str, err, regs->iaoq[0]);
636 + printk(KERN_CRIT "%s (pid %d:#%u): %s (code %ld) at " RFMT "\n",
637 + current->comm, task_pid_nr(current), current->xid,
638 + str, err, regs->iaoq[0]);
639 #ifdef PRINT_USER_FAULTS
640 /* XXX for debugging only */
642 @@ -270,8 +271,8 @@ KERN_CRIT " || |
643 pdc_console_restart();
646 - printk(KERN_CRIT "%s (pid %d): %s (code %ld)\n",
647 - current->comm, task_pid_nr(current), str, err);
648 + printk(KERN_CRIT "%s (pid %d:#%u): %s (code %ld)\n",
649 + current->comm, task_pid_nr(current), current->xid, str, err);
651 /* Wot's wrong wif bein' racy? */
652 if (current->thread.flags & PARISC_KERNEL_DEATH) {
653 diff -NurpP --minimal linux-2.6.25.11/arch/parisc/mm/fault.c linux-2.6.25.11-vs2.3.0.34.14/arch/parisc/mm/fault.c
654 --- linux-2.6.25.11/arch/parisc/mm/fault.c 2008-04-17 11:31:24.000000000 -0400
655 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/parisc/mm/fault.c 2008-04-19 15:14:52.000000000 -0400
656 @@ -210,8 +210,9 @@ bad_area:
658 #ifdef PRINT_USER_FAULTS
659 printk(KERN_DEBUG "\n");
660 - printk(KERN_DEBUG "do_page_fault() pid=%d command='%s' type=%lu address=0x%08lx\n",
661 - task_pid_nr(tsk), tsk->comm, code, address);
662 + printk(KERN_DEBUG "do_page_fault() pid=%d:#%u "
663 + "command='%s' type=%lu address=0x%08lx\n",
664 + task_pid_nr(tsk), tsk->xid, tsk->comm, code, address);
666 printk(KERN_DEBUG "vm_start = 0x%08lx, vm_end = 0x%08lx\n",
667 vma->vm_start, vma->vm_end);
668 @@ -261,7 +262,8 @@ no_context:
671 up_read(&mm->mmap_sem);
672 - printk(KERN_CRIT "VM: killing process %s\n", current->comm);
673 + printk(KERN_CRIT "VM: killing process %s(%d:#%u)\n",
674 + current->comm, current->pid, current->xid);
676 do_group_exit(SIGKILL);
678 diff -NurpP --minimal linux-2.6.25.11/arch/powerpc/Kconfig linux-2.6.25.11-vs2.3.0.34.14/arch/powerpc/Kconfig
679 --- linux-2.6.25.11/arch/powerpc/Kconfig 2008-04-17 12:05:29.000000000 -0400
680 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/powerpc/Kconfig 2008-04-19 15:14:52.000000000 -0400
681 @@ -706,6 +706,8 @@ source "lib/Kconfig"
683 source "arch/powerpc/Kconfig.debug"
685 +source "kernel/vserver/Kconfig"
687 source "security/Kconfig"
690 diff -NurpP --minimal linux-2.6.25.11/arch/powerpc/kernel/irq.c linux-2.6.25.11-vs2.3.0.34.14/arch/powerpc/kernel/irq.c
691 --- linux-2.6.25.11/arch/powerpc/kernel/irq.c 2008-04-17 12:05:29.000000000 -0400
692 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/powerpc/kernel/irq.c 2008-04-19 15:14:52.000000000 -0400
694 #include <linux/bootmem.h>
695 #include <linux/pci.h>
696 #include <linux/debugfs.h>
697 +#include <linux/vs_context.h>
699 #include <asm/uaccess.h>
700 #include <asm/system.h>
701 diff -NurpP --minimal linux-2.6.25.11/arch/powerpc/kernel/process.c linux-2.6.25.11-vs2.3.0.34.14/arch/powerpc/kernel/process.c
702 --- linux-2.6.25.11/arch/powerpc/kernel/process.c 2008-04-17 12:05:30.000000000 -0400
703 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/powerpc/kernel/process.c 2008-04-19 15:14:52.000000000 -0400
704 @@ -464,8 +464,9 @@ void show_regs(struct pt_regs * regs)
706 printk("DAR: "REG", DSISR: "REG"\n", regs->dar, regs->dsisr);
708 - printk("TASK = %p[%d] '%s' THREAD: %p",
709 - current, task_pid_nr(current), current->comm, task_thread_info(current));
710 + printk("TASK = %p[%d,#%u] '%s' THREAD: %p",
711 + current, task_pid_nr(current), current->xid,
712 + current->comm, task_thread_info(current));
715 printk(" CPU: %d", raw_smp_processor_id());
716 diff -NurpP --minimal linux-2.6.25.11/arch/powerpc/kernel/sys_ppc32.c linux-2.6.25.11-vs2.3.0.34.14/arch/powerpc/kernel/sys_ppc32.c
717 --- linux-2.6.25.11/arch/powerpc/kernel/sys_ppc32.c 2008-04-17 11:31:24.000000000 -0400
718 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/powerpc/kernel/sys_ppc32.c 2008-04-19 15:14:52.000000000 -0400
719 @@ -205,7 +205,7 @@ asmlinkage long compat_sys_gettimeofday(
723 - do_gettimeofday(&ktv);
724 + vx_gettimeofday(&ktv);
725 if (put_tv32(tv, &ktv))
728 diff -NurpP --minimal linux-2.6.25.11/arch/powerpc/kernel/traps.c linux-2.6.25.11-vs2.3.0.34.14/arch/powerpc/kernel/traps.c
729 --- linux-2.6.25.11/arch/powerpc/kernel/traps.c 2008-04-17 12:05:30.000000000 -0400
730 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/powerpc/kernel/traps.c 2008-04-19 15:14:52.000000000 -0400
731 @@ -941,8 +941,9 @@ void nonrecoverable_exception(struct pt_
733 void trace_syscall(struct pt_regs *regs)
735 - printk("Task: %p(%d), PC: %08lX/%08lX, Syscall: %3ld, Result: %s%ld %s\n",
736 - current, task_pid_nr(current), regs->nip, regs->link, regs->gpr[0],
737 + printk("Task: %p(%d[#%u]), PC: %08lX/%08lX, Syscall: %3ld, Result: %s%ld %s\n",
738 + current, task_pid_nr(current), current->xid,
739 + regs->nip, regs->link, regs->gpr[0],
740 regs->ccr&0x10000000?"Error=":"", regs->gpr[3], print_tainted());
743 diff -NurpP --minimal linux-2.6.25.11/arch/powerpc/kernel/vdso.c linux-2.6.25.11-vs2.3.0.34.14/arch/powerpc/kernel/vdso.c
744 --- linux-2.6.25.11/arch/powerpc/kernel/vdso.c 2008-07-15 22:05:16.000000000 -0400
745 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/powerpc/kernel/vdso.c 2008-07-11 12:41:00.000000000 -0400
747 #include <linux/elf.h>
748 #include <linux/security.h>
749 #include <linux/bootmem.h>
750 +#include <linux/vs_memory.h>
752 #include <asm/pgtable.h>
753 #include <asm/system.h>
754 diff -NurpP --minimal linux-2.6.25.11/arch/powerpc/mm/fault.c linux-2.6.25.11-vs2.3.0.34.14/arch/powerpc/mm/fault.c
755 --- linux-2.6.25.11/arch/powerpc/mm/fault.c 2008-04-17 12:05:30.000000000 -0400
756 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/powerpc/mm/fault.c 2008-04-19 15:14:52.000000000 -0400
757 @@ -378,7 +378,8 @@ out_of_memory:
758 down_read(&mm->mmap_sem);
761 - printk("VM: killing process %s\n", current->comm);
762 + printk("VM: killing process %s(%d:#%u)\n",
763 + current->comm, current->pid, current->xid);
765 do_group_exit(SIGKILL);
767 diff -NurpP --minimal linux-2.6.25.11/arch/ppc/Kconfig linux-2.6.25.11-vs2.3.0.34.14/arch/ppc/Kconfig
768 --- linux-2.6.25.11/arch/ppc/Kconfig 2008-04-17 12:05:30.000000000 -0400
769 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/ppc/Kconfig 2008-04-19 15:14:52.000000000 -0400
770 @@ -1261,6 +1261,8 @@ source "lib/Kconfig"
772 source "arch/ppc/Kconfig.debug"
774 +source "kernel/vserver/Kconfig"
776 source "security/Kconfig"
778 source "crypto/Kconfig"
779 diff -NurpP --minimal linux-2.6.25.11/arch/ppc/kernel/traps.c linux-2.6.25.11-vs2.3.0.34.14/arch/ppc/kernel/traps.c
780 --- linux-2.6.25.11/arch/ppc/kernel/traps.c 2008-04-17 12:05:30.000000000 -0400
781 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/ppc/kernel/traps.c 2008-04-19 15:14:52.000000000 -0400
782 @@ -669,8 +669,9 @@ void nonrecoverable_exception(struct pt_
784 void trace_syscall(struct pt_regs *regs)
786 - printk("Task: %p(%d), PC: %08lX/%08lX, Syscall: %3ld, Result: %s%ld %s\n",
787 - current, current->pid, regs->nip, regs->link, regs->gpr[0],
788 + printk("Task: %p(%d[#%u]), PC: %08lX/%08lX, Syscall: %3ld, Result: %s%ld %s\n",
789 + current, current->pid, current->xid,
790 + regs->nip, regs->link, regs->gpr[0],
791 regs->ccr&0x10000000?"Error=":"", regs->gpr[3], print_tainted());
794 diff -NurpP --minimal linux-2.6.25.11/arch/ppc/mm/fault.c linux-2.6.25.11-vs2.3.0.34.14/arch/ppc/mm/fault.c
795 --- linux-2.6.25.11/arch/ppc/mm/fault.c 2008-04-17 11:31:25.000000000 -0400
796 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/ppc/mm/fault.c 2008-04-19 15:14:52.000000000 -0400
797 @@ -295,7 +295,8 @@ out_of_memory:
798 down_read(&mm->mmap_sem);
801 - printk("VM: killing process %s\n", current->comm);
802 + printk("VM: killing process %s(%d:#%u)\n",
803 + current->comm, current->pid, current->xid);
805 do_group_exit(SIGKILL);
807 diff -NurpP --minimal linux-2.6.25.11/arch/s390/Kconfig linux-2.6.25.11-vs2.3.0.34.14/arch/s390/Kconfig
808 --- linux-2.6.25.11/arch/s390/Kconfig 2008-04-17 12:05:30.000000000 -0400
809 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/s390/Kconfig 2008-04-19 15:14:52.000000000 -0400
810 @@ -544,6 +544,8 @@ source "fs/Kconfig"
812 source "arch/s390/Kconfig.debug"
814 +source "kernel/vserver/Kconfig"
816 source "security/Kconfig"
818 source "crypto/Kconfig"
819 diff -NurpP --minimal linux-2.6.25.11/arch/s390/kernel/compat_linux.c linux-2.6.25.11-vs2.3.0.34.14/arch/s390/kernel/compat_linux.c
820 --- linux-2.6.25.11/arch/s390/kernel/compat_linux.c 2008-04-17 11:31:25.000000000 -0400
821 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/s390/kernel/compat_linux.c 2008-04-19 15:14:52.000000000 -0400
822 @@ -567,7 +567,7 @@ asmlinkage long sys32_gettimeofday(struc
826 - do_gettimeofday(&ktv);
827 + vx_gettimeofday(&ktv);
828 if (put_tv32(tv, &ktv))
831 diff -NurpP --minimal linux-2.6.25.11/arch/s390/kernel/process.c linux-2.6.25.11-vs2.3.0.34.14/arch/s390/kernel/process.c
832 --- linux-2.6.25.11/arch/s390/kernel/process.c 2008-04-17 12:05:30.000000000 -0400
833 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/s390/kernel/process.c 2008-04-21 11:09:01.000000000 -0400
834 @@ -194,9 +194,9 @@ void show_regs(struct pt_regs *regs)
835 init_utsname()->release,
836 (int)strcspn(init_utsname()->version, " "),
837 init_utsname()->version);
838 - printk("Process %s (pid: %d, task: %p, ksp: %p)\n",
839 - current->comm, current->pid, current,
840 - (void *) current->thread.ksp);
841 + printk("Process %s (pid: %d[#%u], task: %p, ksp: %p)\n",
842 + current->comm, current->pid, current->xid,
843 + (void *) current, (void *) current->thread.ksp);
844 show_registers(regs);
845 /* Show stack backtrace if pt_regs is from kernel mode */
846 if (!(regs->psw.mask & PSW_MASK_PSTATE))
847 diff -NurpP --minimal linux-2.6.25.11/arch/s390/kernel/ptrace.c linux-2.6.25.11-vs2.3.0.34.14/arch/s390/kernel/ptrace.c
848 --- linux-2.6.25.11/arch/s390/kernel/ptrace.c 2008-04-17 12:05:30.000000000 -0400
849 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/s390/kernel/ptrace.c 2008-04-19 15:14:52.000000000 -0400
851 #include <linux/security.h>
852 #include <linux/audit.h>
853 #include <linux/signal.h>
854 +#include <linux/vs_base.h>
856 #include <asm/segment.h>
857 #include <asm/page.h>
858 @@ -710,7 +711,13 @@ sys_ptrace(long request, long pid, long
862 + if (!vx_check(vx_task_xid(child), VS_WATCH_P | VS_IDENT)) {
867 ret = do_ptrace(child, request, addr, data);
869 put_task_struct(child);
872 diff -NurpP --minimal linux-2.6.25.11/arch/s390/kernel/syscalls.S linux-2.6.25.11-vs2.3.0.34.14/arch/s390/kernel/syscalls.S
873 --- linux-2.6.25.11/arch/s390/kernel/syscalls.S 2008-04-17 12:05:30.000000000 -0400
874 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/s390/kernel/syscalls.S 2008-04-19 15:14:52.000000000 -0400
875 @@ -271,7 +271,7 @@ SYSCALL(sys_clock_settime,sys_clock_sett
876 SYSCALL(sys_clock_gettime,sys_clock_gettime,sys32_clock_gettime_wrapper) /* 260 */
877 SYSCALL(sys_clock_getres,sys_clock_getres,sys32_clock_getres_wrapper)
878 SYSCALL(sys_clock_nanosleep,sys_clock_nanosleep,sys32_clock_nanosleep_wrapper)
879 -NI_SYSCALL /* reserved for vserver */
880 +SYSCALL(sys_vserver,sys_vserver,sys32_vserver)
881 SYSCALL(s390_fadvise64_64,sys_ni_syscall,sys32_fadvise64_64_wrapper)
882 SYSCALL(sys_statfs64,sys_statfs64,compat_sys_statfs64_wrapper)
883 SYSCALL(sys_fstatfs64,sys_fstatfs64,compat_sys_fstatfs64_wrapper)
884 diff -NurpP --minimal linux-2.6.25.11/arch/s390/mm/fault.c linux-2.6.25.11-vs2.3.0.34.14/arch/s390/mm/fault.c
885 --- linux-2.6.25.11/arch/s390/mm/fault.c 2008-04-17 12:05:30.000000000 -0400
886 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/s390/mm/fault.c 2008-04-19 15:14:52.000000000 -0400
887 @@ -217,7 +217,8 @@ static int do_out_of_memory(struct pt_re
888 down_read(&mm->mmap_sem);
891 - printk("VM: killing process %s\n", tsk->comm);
892 + printk("VM: killing process %s(%d:#%u)\n",
893 + tsk->comm, tsk->pid, tsk->xid);
894 if (regs->psw.mask & PSW_MASK_PSTATE)
895 do_group_exit(SIGKILL);
896 do_no_context(regs, error_code, address);
897 diff -NurpP --minimal linux-2.6.25.11/arch/sh/Kconfig linux-2.6.25.11-vs2.3.0.34.14/arch/sh/Kconfig
898 --- linux-2.6.25.11/arch/sh/Kconfig 2008-04-17 12:05:30.000000000 -0400
899 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/sh/Kconfig 2008-04-19 15:14:52.000000000 -0400
900 @@ -913,6 +913,8 @@ source "fs/Kconfig"
902 source "arch/sh/Kconfig.debug"
904 +source "kernel/vserver/Kconfig"
906 source "security/Kconfig"
908 source "crypto/Kconfig"
909 diff -NurpP --minimal linux-2.6.25.11/arch/sh/kernel/irq.c linux-2.6.25.11-vs2.3.0.34.14/arch/sh/kernel/irq.c
910 --- linux-2.6.25.11/arch/sh/kernel/irq.c 2008-04-17 12:05:30.000000000 -0400
911 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/sh/kernel/irq.c 2008-04-19 15:14:52.000000000 -0400
913 #include <linux/module.h>
914 #include <linux/kernel_stat.h>
915 #include <linux/seq_file.h>
916 +#include <linux/vs_context.h>
917 #include <asm/processor.h>
918 #include <asm/machvec.h>
919 #include <asm/uaccess.h>
920 diff -NurpP --minimal linux-2.6.25.11/arch/sh/kernel/vsyscall/vsyscall.c linux-2.6.25.11-vs2.3.0.34.14/arch/sh/kernel/vsyscall/vsyscall.c
921 --- linux-2.6.25.11/arch/sh/kernel/vsyscall/vsyscall.c 2008-04-17 10:37:14.000000000 -0400
922 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/sh/kernel/vsyscall/vsyscall.c 2008-04-19 15:14:52.000000000 -0400
924 #include <linux/elf.h>
925 #include <linux/sched.h>
926 #include <linux/err.h>
927 +#include <linux/vs_memory.h>
930 * Should the kernel map a VDSO page into processes and pass its
931 diff -NurpP --minimal linux-2.6.25.11/arch/sparc/Kconfig linux-2.6.25.11-vs2.3.0.34.14/arch/sparc/Kconfig
932 --- linux-2.6.25.11/arch/sparc/Kconfig 2008-04-17 12:05:30.000000000 -0400
933 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/sparc/Kconfig 2008-04-19 15:14:52.000000000 -0400
934 @@ -330,6 +330,8 @@ source "fs/Kconfig"
936 source "arch/sparc/Kconfig.debug"
938 +source "kernel/vserver/Kconfig"
940 source "security/Kconfig"
942 source "crypto/Kconfig"
943 diff -NurpP --minimal linux-2.6.25.11/arch/sparc/kernel/ptrace.c linux-2.6.25.11-vs2.3.0.34.14/arch/sparc/kernel/ptrace.c
944 --- linux-2.6.25.11/arch/sparc/kernel/ptrace.c 2008-07-15 22:05:16.000000000 -0400
945 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/sparc/kernel/ptrace.c 2008-07-12 19:54:52.000000000 -0400
947 #include <linux/signal.h>
948 #include <linux/regset.h>
949 #include <linux/elf.h>
950 +#include <linux/vs_base.h>
952 #include <asm/pgtable.h>
953 #include <asm/system.h>
954 diff -NurpP --minimal linux-2.6.25.11/arch/sparc/kernel/systbls.S linux-2.6.25.11-vs2.3.0.34.14/arch/sparc/kernel/systbls.S
955 --- linux-2.6.25.11/arch/sparc/kernel/systbls.S 2008-04-17 12:05:30.000000000 -0400
956 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/sparc/kernel/systbls.S 2008-04-19 15:14:52.000000000 -0400
957 @@ -70,7 +70,7 @@ sys_call_table:
958 /*250*/ .long sparc_mremap, sys_sysctl, sys_getsid, sys_fdatasync, sys_nfsservctl
959 /*255*/ .long sys_sync_file_range, sys_clock_settime, sys_clock_gettime, sys_clock_getres, sys_clock_nanosleep
960 /*260*/ .long sys_sched_getaffinity, sys_sched_setaffinity, sys_timer_settime, sys_timer_gettime, sys_timer_getoverrun
961 -/*265*/ .long sys_timer_delete, sys_timer_create, sys_nis_syscall, sys_io_setup, sys_io_destroy
962 +/*265*/ .long sys_timer_delete, sys_timer_create, sys_vserver, sys_io_setup, sys_io_destroy
963 /*270*/ .long sys_io_submit, sys_io_cancel, sys_io_getevents, sys_mq_open, sys_mq_unlink
964 /*275*/ .long sys_mq_timedsend, sys_mq_timedreceive, sys_mq_notify, sys_mq_getsetattr, sys_waitid
965 /*280*/ .long sys_tee, sys_add_key, sys_request_key, sys_keyctl, sys_openat
966 diff -NurpP --minimal linux-2.6.25.11/arch/sparc/kernel/traps.c linux-2.6.25.11-vs2.3.0.34.14/arch/sparc/kernel/traps.c
967 --- linux-2.6.25.11/arch/sparc/kernel/traps.c 2008-04-17 11:31:25.000000000 -0400
968 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/sparc/kernel/traps.c 2008-04-19 15:14:52.000000000 -0400
969 @@ -99,7 +99,8 @@ void die_if_kernel(char *str, struct pt_
973 - printk("%s(%d): %s [#%d]\n", current->comm, task_pid_nr(current), str, ++die_counter);
974 + printk("%s(%d[#%u]): %s [#%d]\n", current->comm,
975 + task_pid_nr(current), current->xid, str, ++die_counter);
977 add_taint(TAINT_DIE);
979 diff -NurpP --minimal linux-2.6.25.11/arch/sparc/mm/fault.c linux-2.6.25.11-vs2.3.0.34.14/arch/sparc/mm/fault.c
980 --- linux-2.6.25.11/arch/sparc/mm/fault.c 2008-04-17 11:31:25.000000000 -0400
981 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/sparc/mm/fault.c 2008-04-19 15:14:52.000000000 -0400
982 @@ -367,7 +367,8 @@ no_context:
985 up_read(&mm->mmap_sem);
986 - printk("VM: killing process %s\n", tsk->comm);
987 + printk("VM: killing process %s(%d:#%u)\n",
988 + tsk->comm, tsk->pid, tsk->xid);
990 do_group_exit(SIGKILL);
992 diff -NurpP --minimal linux-2.6.25.11/arch/sparc64/Kconfig linux-2.6.25.11-vs2.3.0.34.14/arch/sparc64/Kconfig
993 --- linux-2.6.25.11/arch/sparc64/Kconfig 2008-04-17 12:05:30.000000000 -0400
994 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/sparc64/Kconfig 2008-04-19 15:14:52.000000000 -0400
995 @@ -471,6 +471,8 @@ source "fs/Kconfig"
997 source "arch/sparc64/Kconfig.debug"
999 +source "kernel/vserver/Kconfig"
1001 source "security/Kconfig"
1003 source "crypto/Kconfig"
1004 diff -NurpP --minimal linux-2.6.25.11/arch/sparc64/kernel/binfmt_aout32.c linux-2.6.25.11-vs2.3.0.34.14/arch/sparc64/kernel/binfmt_aout32.c
1005 --- linux-2.6.25.11/arch/sparc64/kernel/binfmt_aout32.c 2008-04-17 12:05:30.000000000 -0400
1006 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/sparc64/kernel/binfmt_aout32.c 2008-04-19 15:14:52.000000000 -0400
1008 #include <linux/binfmts.h>
1009 #include <linux/personality.h>
1010 #include <linux/init.h>
1011 +#include <linux/vs_memory.h>
1013 #include <asm/system.h>
1014 #include <asm/uaccess.h>
1015 diff -NurpP --minimal linux-2.6.25.11/arch/sparc64/kernel/ptrace.c linux-2.6.25.11-vs2.3.0.34.14/arch/sparc64/kernel/ptrace.c
1016 --- linux-2.6.25.11/arch/sparc64/kernel/ptrace.c 2008-07-15 22:05:16.000000000 -0400
1017 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/sparc64/kernel/ptrace.c 2008-07-12 19:51:45.000000000 -0400
1019 #include <linux/regset.h>
1020 #include <linux/compat.h>
1021 #include <linux/elf.h>
1022 +#include <linux/vs_base.h>
1024 #include <asm/asi.h>
1025 #include <asm/pgtable.h>
1026 diff -NurpP --minimal linux-2.6.25.11/arch/sparc64/kernel/sys_sparc32.c linux-2.6.25.11-vs2.3.0.34.14/arch/sparc64/kernel/sys_sparc32.c
1027 --- linux-2.6.25.11/arch/sparc64/kernel/sys_sparc32.c 2008-07-15 22:05:16.000000000 -0400
1028 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/sparc64/kernel/sys_sparc32.c 2008-05-21 14:30:40.000000000 -0400
1029 @@ -722,7 +722,7 @@ asmlinkage long sys32_gettimeofday(struc
1033 - do_gettimeofday(&ktv);
1034 + vx_gettimeofday(&ktv);
1035 if (put_tv32(tv, &ktv))
1038 diff -NurpP --minimal linux-2.6.25.11/arch/sparc64/kernel/systbls.S linux-2.6.25.11-vs2.3.0.34.14/arch/sparc64/kernel/systbls.S
1039 --- linux-2.6.25.11/arch/sparc64/kernel/systbls.S 2008-04-17 12:05:30.000000000 -0400
1040 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/sparc64/kernel/systbls.S 2008-04-19 15:14:52.000000000 -0400
1041 @@ -71,7 +71,7 @@ sys_call_table32:
1042 /*250*/ .word sys32_mremap, sys32_sysctl, sys32_getsid, sys_fdatasync, sys32_nfsservctl
1043 .word sys32_sync_file_range, compat_sys_clock_settime, compat_sys_clock_gettime, compat_sys_clock_getres, sys32_clock_nanosleep
1044 /*260*/ .word compat_sys_sched_getaffinity, compat_sys_sched_setaffinity, sys32_timer_settime, compat_sys_timer_gettime, sys_timer_getoverrun
1045 - .word sys_timer_delete, compat_sys_timer_create, sys_ni_syscall, compat_sys_io_setup, sys_io_destroy
1046 + .word sys_timer_delete, compat_sys_timer_create, sys32_vserver, compat_sys_io_setup, sys_io_destroy
1047 /*270*/ .word sys32_io_submit, sys_io_cancel, compat_sys_io_getevents, sys32_mq_open, sys_mq_unlink
1048 .word compat_sys_mq_timedsend, compat_sys_mq_timedreceive, compat_sys_mq_notify, compat_sys_mq_getsetattr, compat_sys_waitid
1049 /*280*/ .word sys32_tee, sys_add_key, sys_request_key, sys_keyctl, compat_sys_openat
1050 @@ -144,7 +144,7 @@ sys_call_table:
1051 /*250*/ .word sys64_mremap, sys_sysctl, sys_getsid, sys_fdatasync, sys_nfsservctl
1052 .word sys_sync_file_range, sys_clock_settime, sys_clock_gettime, sys_clock_getres, sys_clock_nanosleep
1053 /*260*/ .word sys_sched_getaffinity, sys_sched_setaffinity, sys_timer_settime, sys_timer_gettime, sys_timer_getoverrun
1054 - .word sys_timer_delete, sys_timer_create, sys_ni_syscall, sys_io_setup, sys_io_destroy
1055 + .word sys_timer_delete, sys_timer_create, sys_vserver, sys_io_setup, sys_io_destroy
1056 /*270*/ .word sys_io_submit, sys_io_cancel, sys_io_getevents, sys_mq_open, sys_mq_unlink
1057 .word sys_mq_timedsend, sys_mq_timedreceive, sys_mq_notify, sys_mq_getsetattr, sys_waitid
1058 /*280*/ .word sys_tee, sys_add_key, sys_request_key, sys_keyctl, sys_openat
1059 diff -NurpP --minimal linux-2.6.25.11/arch/sparc64/kernel/traps.c linux-2.6.25.11-vs2.3.0.34.14/arch/sparc64/kernel/traps.c
1060 --- linux-2.6.25.11/arch/sparc64/kernel/traps.c 2008-04-17 12:05:30.000000000 -0400
1061 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/sparc64/kernel/traps.c 2008-04-19 15:14:52.000000000 -0400
1062 @@ -2183,7 +2183,8 @@ void die_if_kernel(char *str, struct pt_
1066 - printk("%s(%d): %s [#%d]\n", current->comm, task_pid_nr(current), str, ++die_counter);
1067 + printk("%s(%d[#%u]): %s [#%d]\n", current->comm,
1068 + task_pid_nr(current), current->xid, str, ++die_counter);
1069 notify_die(DIE_OOPS, str, regs, 0, 255, SIGSEGV);
1070 __asm__ __volatile__("flushw");
1072 diff -NurpP --minimal linux-2.6.25.11/arch/sparc64/mm/fault.c linux-2.6.25.11-vs2.3.0.34.14/arch/sparc64/mm/fault.c
1073 --- linux-2.6.25.11/arch/sparc64/mm/fault.c 2008-04-17 12:05:30.000000000 -0400
1074 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/sparc64/mm/fault.c 2008-04-19 15:14:52.000000000 -0400
1075 @@ -453,7 +453,8 @@ handle_kernel_fault:
1077 insn = get_fault_insn(regs, insn);
1078 up_read(&mm->mmap_sem);
1079 - printk("VM: killing process %s\n", current->comm);
1080 + printk("VM: killing process %s(%d:#%u)\n",
1081 + current->comm, current->pid, current->xid);
1082 if (!(regs->tstate & TSTATE_PRIV))
1083 do_group_exit(SIGKILL);
1084 goto handle_kernel_fault;
1085 diff -NurpP --minimal linux-2.6.25.11/arch/sparc64/solaris/fs.c linux-2.6.25.11-vs2.3.0.34.14/arch/sparc64/solaris/fs.c
1086 --- linux-2.6.25.11/arch/sparc64/solaris/fs.c 2008-04-17 12:05:30.000000000 -0400
1087 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/sparc64/solaris/fs.c 2008-04-19 15:14:52.000000000 -0400
1088 @@ -368,7 +368,7 @@ static int report_statvfs(struct vfsmoun
1092 - if (IS_RDONLY(inode)) i = 1;
1093 + if (IS_RDONLY(inode) || MNT_IS_RDONLY(mnt)) i = 1;
1094 if (mnt->mnt_flags & MNT_NOSUID) i |= 2;
1095 if (!sysv_valid_dev(inode->i_sb->s_dev))
1097 @@ -404,7 +404,7 @@ static int report_statvfs64(struct vfsmo
1101 - if (IS_RDONLY(inode)) i = 1;
1102 + if (IS_RDONLY(inode) || MNT_IS_RDONLY(mnt)) i = 1;
1103 if (mnt->mnt_flags & MNT_NOSUID) i |= 2;
1104 if (!sysv_valid_dev(inode->i_sb->s_dev))
1106 diff -NurpP --minimal linux-2.6.25.11/arch/um/Kconfig linux-2.6.25.11-vs2.3.0.34.14/arch/um/Kconfig
1107 --- linux-2.6.25.11/arch/um/Kconfig 2008-04-17 12:05:30.000000000 -0400
1108 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/um/Kconfig 2008-04-19 15:14:52.000000000 -0400
1109 @@ -245,6 +245,8 @@ source "drivers/connector/Kconfig"
1113 +source "kernel/vserver/Kconfig"
1115 source "security/Kconfig"
1117 source "crypto/Kconfig"
1118 diff -NurpP --minimal linux-2.6.25.11/arch/um/kernel/trap.c linux-2.6.25.11-vs2.3.0.34.14/arch/um/kernel/trap.c
1119 --- linux-2.6.25.11/arch/um/kernel/trap.c 2008-04-17 12:05:30.000000000 -0400
1120 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/um/kernel/trap.c 2008-04-19 15:14:52.000000000 -0400
1121 @@ -215,7 +215,8 @@ unsigned long segv(struct faultinfo fi,
1122 current->thread.arch.faultinfo = fi;
1123 force_sig_info(SIGBUS, &si, current);
1124 } else if (err == -ENOMEM) {
1125 - printk(KERN_INFO "VM: killing process %s\n", current->comm);
1126 + printk(KERN_INFO "VM: killing process %s(%d:#%u)\n",
1127 + current->comm, task_pid_nr(current), current->xid);
1130 BUG_ON(err != -EFAULT);
1131 diff -NurpP --minimal linux-2.6.25.11/arch/v850/Kconfig linux-2.6.25.11-vs2.3.0.34.14/arch/v850/Kconfig
1132 --- linux-2.6.25.11/arch/v850/Kconfig 2008-04-17 12:05:30.000000000 -0400
1133 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/v850/Kconfig 2008-04-19 15:14:52.000000000 -0400
1134 @@ -344,6 +344,8 @@ source "drivers/usb/Kconfig"
1136 source "arch/v850/Kconfig.debug"
1138 +source "kernel/vserver/Kconfig"
1140 source "security/Kconfig"
1142 source "crypto/Kconfig"
1143 diff -NurpP --minimal linux-2.6.25.11/arch/v850/kernel/ptrace.c linux-2.6.25.11-vs2.3.0.34.14/arch/v850/kernel/ptrace.c
1144 --- linux-2.6.25.11/arch/v850/kernel/ptrace.c 2008-04-17 10:37:14.000000000 -0400
1145 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/v850/kernel/ptrace.c 2008-04-19 15:14:52.000000000 -0400
1147 #include <linux/sched.h>
1148 #include <linux/ptrace.h>
1149 #include <linux/signal.h>
1150 +#include <linux/vs_base.h>
1152 #include <asm/errno.h>
1153 #include <asm/ptrace.h>
1154 @@ -116,6 +117,9 @@ long arch_ptrace(struct task_struct *chi
1158 + if (!vx_check(vx_task_xid(child), VS_WATCH_P | VS_IDENT))
1164 diff -NurpP --minimal linux-2.6.25.11/arch/x86/ia32/ia32entry.S linux-2.6.25.11-vs2.3.0.34.14/arch/x86/ia32/ia32entry.S
1165 --- linux-2.6.25.11/arch/x86/ia32/ia32entry.S 2008-04-17 12:05:30.000000000 -0400
1166 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/x86/ia32/ia32entry.S 2008-04-22 20:07:49.000000000 -0400
1167 @@ -673,7 +673,7 @@ ia32_sys_call_table:
1168 .quad sys_tgkill /* 270 */
1169 .quad compat_sys_utimes
1170 .quad sys32_fadvise64_64
1171 - .quad quiet_ni_syscall /* sys_vserver */
1172 + .quad sys32_vserver
1174 .quad compat_sys_get_mempolicy /* 275 */
1175 .quad sys_set_mempolicy
1176 diff -NurpP --minimal linux-2.6.25.11/arch/x86/Kconfig linux-2.6.25.11-vs2.3.0.34.14/arch/x86/Kconfig
1177 --- linux-2.6.25.11/arch/x86/Kconfig 2008-07-15 22:05:16.000000000 -0400
1178 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/x86/Kconfig 2008-06-23 15:22:21.000000000 -0400
1179 @@ -1614,6 +1614,8 @@ source "fs/Kconfig"
1181 source "arch/x86/Kconfig.debug"
1183 +source "kernel/vserver/Kconfig"
1185 source "security/Kconfig"
1187 source "crypto/Kconfig"
1188 diff -NurpP --minimal linux-2.6.25.11/arch/x86/kernel/syscall_table_32.S linux-2.6.25.11-vs2.3.0.34.14/arch/x86/kernel/syscall_table_32.S
1189 --- linux-2.6.25.11/arch/x86/kernel/syscall_table_32.S 2008-04-17 12:05:30.000000000 -0400
1190 +++ linux-2.6.25.11-vs2.3.0.34.14/arch/x86/kernel/syscall_table_32.S 2008-04-19 15:14:52.000000000 -0400
1191 @@ -272,7 +272,7 @@ ENTRY(sys_call_table)
1192 .long sys_tgkill /* 270 */
1194 .long sys_fadvise64_64
1195 - .long sys_ni_syscall /* sys_vserver */
1198 .long sys_get_mempolicy
1199 .long sys_set_mempolicy
1200 diff -NurpP --minimal linux-2.6.25.11/Documentation/vserver/debug.txt linux-2.6.25.11-vs2.3.0.34.14/Documentation/vserver/debug.txt
1201 --- linux-2.6.25.11/Documentation/vserver/debug.txt 1969-12-31 19:00:00.000000000 -0500
1202 +++ linux-2.6.25.11-vs2.3.0.34.14/Documentation/vserver/debug.txt 2008-04-19 15:14:51.000000000 -0400
1207 + 2 4 "vx_map_tgid: %p/%llx: %d -> %d"
1208 + "vx_rmap_tgid: %p/%llx: %d -> %d"
1212 + 0 1 "ALLOC (%p,#%d)%c inode (%d)"
1213 + "FREE (%p,#%d)%c inode"
1214 + 1 2 "ALLOC (%p,#%d)%c %lld bytes (%d)"
1215 + "FREE (%p,#%d)%c %lld bytes"
1216 + 2 4 "ADJUST: %lld,%lld on %ld,%ld [mult=%d]"
1217 + 3 8 "ext3_has_free_blocks(%p): %lu<%lu+1, %c, %u!=%u r=%d"
1218 + "ext3_has_free_blocks(%p): free=%lu, root=%lu"
1219 + "rcu_free_dl_info(%p)"
1220 + 4 10 "alloc_dl_info(%p,%d) = %p"
1221 + "dealloc_dl_info(%p)"
1222 + "get_dl_info(%p[#%d.%d])"
1223 + "put_dl_info(%p[#%d.%d])"
1224 + 5 20 "alloc_dl_info(%p,%d)*"
1225 + 6 40 "__hash_dl_info: %p[#%d]"
1226 + "__unhash_dl_info: %p[#%d]"
1227 + 7 80 "locate_dl_info(%p,#%d) = %p"
1231 + 0 1 "destroy_dqhash: %p [#0x%08x] c=%d"
1232 + "new_dqhash: %p [#0x%08x]"
1233 + "vroot[%d]_clr_dev: dev=%p[%lu,%d:%d]"
1234 + "vroot[%d]_get_real_bdev: dev=%p[%lu,%d:%d]"
1235 + "vroot[%d]_set_dev: dev=%p[%lu,%d:%d]"
1236 + "vroot_get_real_bdev not set"
1237 + 1 2 "cow_break_link(»%s«)"
1238 + "temp copy »%s«"
1239 + 2 4 "dentry_open(new): %p"
1240 + "dentry_open(old): %p"
1241 + "lookup_create(new): %p"
1243 + "path_lookup(old): %d"
1244 + "vfs_create(new): %d"
1246 + "vfs_sendfile: %d"
1247 + 3 8 "fput(new_file=%p[#%d])"
1248 + "fput(old_file=%p[#%d])"
1249 + 4 10 "vx_info_kill(%p[#%d],%d,%d) = %d"
1250 + "vx_info_kill(%p[#%d],%d,%d)*"
1251 + 5 20 "vs_reboot(%p[#%d],%d)"
1252 + 6 40 "dropping task %p[#%u,%u] for %p[#%u,%u]"
1256 + 2 4 "nx_addr_conflict(%p,%p) %d.%d,%d.%d"
1257 + 3 8 "inet_bind(%p) %d.%d.%d.%d, %d.%d.%d.%d, %d.%d.%d.%d"
1258 + "inet_bind(%p)* %p,%p;%lx %d.%d.%d.%d"
1259 + 4 10 "ip_route_connect(%p) %p,%p;%lx"
1260 + 5 20 "__addr_in_socket(%p,%d.%d.%d.%d) %p:%d.%d.%d.%d %p;%lx"
1261 + 6 40 "sk,egf: %p [#%d] (from %d)"
1262 + "sk,egn: %p [#%d] (from %d)"
1263 + "sk,req: %p [#%d] (from %d)"
1264 + "sk: %p [#%d] (from %d)"
1265 + "tw: %p [#%d] (from %d)"
1266 + 7 80 "__sock_recvmsg: %p[%p,%p,%p;%d]:%d/%d"
1267 + "__sock_sendmsg: %p[%p,%p,%p;%d]:%d/%d"
1271 + 0 1 "__lookup_nx_info(#%u): %p[#%u]"
1272 + "alloc_nx_info(%d) = %p"
1273 + "create_nx_info(%d) (dynamic rejected)"
1274 + "create_nx_info(%d) = %p (already there)"
1275 + "create_nx_info(%d) = %p (new)"
1276 + "dealloc_nx_info(%p)"
1277 + 1 2 "alloc_nx_info(%d)*"
1278 + "create_nx_info(%d)*"
1279 + 2 4 "get_nx_info(%p[#%d.%d])"
1280 + "put_nx_info(%p[#%d.%d])"
1281 + 3 8 "claim_nx_info(%p[#%d.%d.%d]) %p"
1282 + "clr_nx_info(%p[#%d.%d])"
1283 + "init_nx_info(%p[#%d.%d])"
1284 + "release_nx_info(%p[#%d.%d.%d]) %p"
1285 + "set_nx_info(%p[#%d.%d])"
1286 + 4 10 "__hash_nx_info: %p[#%d]"
1287 + "__nx_dynamic_id: [#%d]"
1288 + "__unhash_nx_info: %p[#%d.%d.%d]"
1289 + 5 20 "moved task %p into nxi:%p[#%d]"
1290 + "nx_migrate_task(%p,%p[#%d.%d.%d])"
1291 + "task_get_nx_info(%p)"
1292 + 6 40 "nx_clear_persistent(%p[#%d])"
1296 + 0 1 "quota_sync_dqh(%p,%d) discard inode %p"
1297 + 1 2 "quota_sync_dqh(%p,%d)"
1298 + "sync_dquots(%p,%d)"
1299 + "sync_dquots_dqh(%p,%d)"
1300 + 3 8 "do_quotactl(%p,%d,cmd=%d,id=%d,%p)"
1304 + 0 1 "vc: VCMD_%02d_%d[%d], %d,%p [%d,%d,%x,%x]"
1305 + 1 2 "vc: VCMD_%02d_%d[%d] = %08lx(%ld) [%d,%d]"
1306 + 4 10 "%s: (%s %s) returned %s with %d"
1310 + 7 80 "dx_parse_tag(»%s«): %d:#%d"
1311 + "dx_propagate_tag(%p[#%lu.%d]): %d,%d"
1315 + 0 1 "__lookup_vx_info(#%u): %p[#%u]"
1316 + "alloc_vx_info(%d) = %p"
1317 + "alloc_vx_info(%d)*"
1318 + "create_vx_info(%d) (dynamic rejected)"
1319 + "create_vx_info(%d) = %p (already there)"
1320 + "create_vx_info(%d) = %p (new)"
1321 + "dealloc_vx_info(%p)"
1322 + "loc_vx_info(%d) = %p (found)"
1323 + "loc_vx_info(%d) = %p (new)"
1324 + "loc_vx_info(%d) = %p (not available)"
1325 + 1 2 "create_vx_info(%d)*"
1326 + "loc_vx_info(%d)*"
1327 + 2 4 "get_vx_info(%p[#%d.%d])"
1328 + "put_vx_info(%p[#%d.%d])"
1329 + 3 8 "claim_vx_info(%p[#%d.%d.%d]) %p"
1330 + "clr_vx_info(%p[#%d.%d])"
1331 + "init_vx_info(%p[#%d.%d])"
1332 + "release_vx_info(%p[#%d.%d.%d]) %p"
1333 + "set_vx_info(%p[#%d.%d])"
1334 + 4 10 "__hash_vx_info: %p[#%d]"
1335 + "__unhash_vx_info: %p[#%d.%d.%d]"
1336 + "__vx_dynamic_id: [#%d]"
1337 + 5 20 "enter_vx_info(%p[#%d],%p) %p[#%d,%p]"
1338 + "leave_vx_info(%p[#%d,%p]) %p[#%d,%p]"
1339 + "moved task %p into vxi:%p[#%d]"
1340 + "task_get_vx_info(%p)"
1341 + "vx_migrate_task(%p,%p[#%d.%d])"
1342 + 6 40 "vx_clear_persistent(%p[#%d])"
1343 + "vx_exit_init(%p[#%d],%p[#%d,%d,%d])"
1344 + "vx_set_init(%p[#%d],%p[#%d,%d,%d])"
1345 + "vx_set_persistent(%p[#%d])"
1346 + "vx_set_reaper(%p[#%d],%p[#%d,%d])"
1347 + 7 80 "vx_child_reaper(%p[#%u,%u]) = %p[#%u,%u]"
1352 + n 2^n "vx_acc_cres[%5d,%s,%2d]: %5d%s"
1353 + "vx_cres_avail[%5d,%s,%2d]: %5ld > %5d + %5d"
1355 + m 2^m "vx_acc_page[%5d,%s,%2d]: %5d%s"
1356 + "vx_acc_pages[%5d,%s,%2d]: %5d += %5d"
1357 + "vx_pages_avail[%5d,%s,%2d]: %5ld > %5d + %5d"
1358 diff -NurpP --minimal linux-2.6.25.11/drivers/block/Kconfig linux-2.6.25.11-vs2.3.0.34.14/drivers/block/Kconfig
1359 --- linux-2.6.25.11/drivers/block/Kconfig 2008-04-17 12:05:31.000000000 -0400
1360 +++ linux-2.6.25.11-vs2.3.0.34.14/drivers/block/Kconfig 2008-04-19 15:14:52.000000000 -0400
1361 @@ -263,6 +263,13 @@ config BLK_DEV_CRYPTOLOOP
1362 instead, which can be configured to be on-disk compatible with the
1365 +config BLK_DEV_VROOT
1366 + tristate "Virtual Root device support"
1367 + depends on QUOTACTL
1369 + Saying Y here will allow you to use quota/fs ioctls on a shared
1370 + partition within a virtual server without compromising security.
1373 tristate "Network block device support"
1375 diff -NurpP --minimal linux-2.6.25.11/drivers/block/loop.c linux-2.6.25.11-vs2.3.0.34.14/drivers/block/loop.c
1376 --- linux-2.6.25.11/drivers/block/loop.c 2008-04-17 12:05:32.000000000 -0400
1377 +++ linux-2.6.25.11-vs2.3.0.34.14/drivers/block/loop.c 2008-04-19 15:14:52.000000000 -0400
1379 #include <linux/gfp.h>
1380 #include <linux/kthread.h>
1381 #include <linux/splice.h>
1382 +#include <linux/vs_context.h>
1384 #include <asm/uaccess.h>
1386 @@ -789,6 +790,7 @@ static int loop_set_fd(struct loop_devic
1387 lo->lo_blocksize = lo_blocksize;
1388 lo->lo_device = bdev;
1389 lo->lo_flags = lo_flags;
1390 + lo->lo_xid = vx_current_xid();
1391 lo->lo_backing_file = file;
1392 lo->transfer = transfer_none;
1394 @@ -908,6 +910,7 @@ static int loop_clr_fd(struct loop_devic
1395 lo->lo_encrypt_key_size = 0;
1397 lo->lo_thread = NULL;
1399 memset(lo->lo_encrypt_key, 0, LO_KEY_SIZE);
1400 memset(lo->lo_crypt_name, 0, LO_NAME_SIZE);
1401 memset(lo->lo_file_name, 0, LO_NAME_SIZE);
1402 @@ -929,7 +932,7 @@ loop_set_status(struct loop_device *lo,
1403 struct loop_func_table *xfer;
1405 if (lo->lo_encrypt_key_size && lo->lo_key_owner != current->uid &&
1406 - !capable(CAP_SYS_ADMIN))
1407 + !vx_capable(CAP_SYS_ADMIN, VXC_ADMIN_CLOOP))
1409 if (lo->lo_state != Lo_bound)
1411 @@ -1013,7 +1016,8 @@ loop_get_status(struct loop_device *lo,
1412 memcpy(info->lo_crypt_name, lo->lo_crypt_name, LO_NAME_SIZE);
1413 info->lo_encrypt_type =
1414 lo->lo_encryption ? lo->lo_encryption->number : 0;
1415 - if (lo->lo_encrypt_key_size && capable(CAP_SYS_ADMIN)) {
1416 + if (lo->lo_encrypt_key_size &&
1417 + vx_capable(CAP_SYS_ADMIN, VXC_ADMIN_CLOOP)) {
1418 info->lo_encrypt_key_size = lo->lo_encrypt_key_size;
1419 memcpy(info->lo_encrypt_key, lo->lo_encrypt_key,
1420 lo->lo_encrypt_key_size);
1421 @@ -1322,6 +1326,9 @@ static int lo_open(struct inode *inode,
1423 struct loop_device *lo = inode->i_bdev->bd_disk->private_data;
1425 + if (!vx_check(lo->lo_xid, VS_IDENT|VS_HOSTID|VS_ADMIN_P))
1428 mutex_lock(&lo->lo_ctl_mutex);
1430 mutex_unlock(&lo->lo_ctl_mutex);
1431 diff -NurpP --minimal linux-2.6.25.11/drivers/block/Makefile linux-2.6.25.11-vs2.3.0.34.14/drivers/block/Makefile
1432 --- linux-2.6.25.11/drivers/block/Makefile 2008-04-17 12:05:31.000000000 -0400
1433 +++ linux-2.6.25.11-vs2.3.0.34.14/drivers/block/Makefile 2008-04-19 15:14:52.000000000 -0400
1434 @@ -29,5 +29,6 @@ obj-$(CONFIG_VIRTIO_BLK) += virtio_blk.o
1435 obj-$(CONFIG_VIODASD) += viodasd.o
1436 obj-$(CONFIG_BLK_DEV_SX8) += sx8.o
1437 obj-$(CONFIG_BLK_DEV_UB) += ub.o
1438 +obj-$(CONFIG_BLK_DEV_VROOT) += vroot.o
1440 obj-$(CONFIG_XEN_BLKDEV_FRONTEND) += xen-blkfront.o
1441 diff -NurpP --minimal linux-2.6.25.11/drivers/block/vroot.c linux-2.6.25.11-vs2.3.0.34.14/drivers/block/vroot.c
1442 --- linux-2.6.25.11/drivers/block/vroot.c 1969-12-31 19:00:00.000000000 -0500
1443 +++ linux-2.6.25.11-vs2.3.0.34.14/drivers/block/vroot.c 2008-04-19 15:14:52.000000000 -0400
1446 + * linux/drivers/block/vroot.c
1448 + * written by Herbert Pötzl, 9/11/2002
1449 + * ported to 2.6.10 by Herbert Pötzl, 30/12/2004
1451 + * based on the loop.c code by Theodore Ts'o.
1453 + * Copyright (C) 2002-2007 by Herbert Pötzl.
1454 + * Redistribution of this file is permitted under the
1455 + * GNU General Public License.
1459 +#include <linux/module.h>
1460 +#include <linux/moduleparam.h>
1461 +#include <linux/file.h>
1462 +#include <linux/major.h>
1463 +#include <linux/blkdev.h>
1465 +#include <linux/vroot.h>
1466 +#include <linux/vs_context.h>
1469 +static int max_vroot = 8;
1471 +static struct vroot_device *vroot_dev;
1472 +static struct gendisk **disks;
1475 +static int vroot_set_dev(
1476 + struct vroot_device *vr,
1477 + struct file *vr_file,
1478 + struct block_device *bdev,
1481 + struct block_device *real_bdev;
1482 + struct file *file;
1483 + struct inode *inode;
1487 + if (vr->vr_state != Vr_unbound)
1496 + inode = file->f_dentry->d_inode;
1499 + if (S_ISBLK(inode->i_mode)) {
1500 + real_bdev = inode->i_bdev;
1501 + vr->vr_device = real_bdev;
1502 + __iget(real_bdev->bd_inode);
1506 + vxdprintk(VXD_CBIT(misc, 0),
1507 + "vroot[%d]_set_dev: dev=" VXF_DEV,
1508 + vr->vr_number, VXD_DEV(real_bdev));
1510 + vr->vr_state = Vr_bound;
1519 +static int vroot_clr_dev(
1520 + struct vroot_device *vr,
1521 + struct file *vr_file,
1522 + struct block_device *bdev)
1524 + struct block_device *real_bdev;
1526 + if (vr->vr_state != Vr_bound)
1528 + if (vr->vr_refcnt > 1) /* we needed one fd for the ioctl */
1531 + real_bdev = vr->vr_device;
1533 + vxdprintk(VXD_CBIT(misc, 0),
1534 + "vroot[%d]_clr_dev: dev=" VXF_DEV,
1535 + vr->vr_number, VXD_DEV(real_bdev));
1538 + vr->vr_state = Vr_unbound;
1539 + vr->vr_device = NULL;
1544 +static int vr_ioctl(struct inode *inode, struct file *file,
1545 + unsigned int cmd, unsigned long arg)
1547 + struct vroot_device *vr = inode->i_bdev->bd_disk->private_data;
1550 + down(&vr->vr_ctl_mutex);
1552 + case VROOT_SET_DEV:
1553 + err = vroot_set_dev(vr, file, inode->i_bdev, arg);
1555 + case VROOT_CLR_DEV:
1556 + err = vroot_clr_dev(vr, file, inode->i_bdev);
1562 + up(&vr->vr_ctl_mutex);
1566 +static int vr_open(struct inode *inode, struct file *file)
1568 + struct vroot_device *vr = inode->i_bdev->bd_disk->private_data;
1570 + down(&vr->vr_ctl_mutex);
1572 + up(&vr->vr_ctl_mutex);
1576 +static int vr_release(struct inode *inode, struct file *file)
1578 + struct vroot_device *vr = inode->i_bdev->bd_disk->private_data;
1580 + down(&vr->vr_ctl_mutex);
1582 + up(&vr->vr_ctl_mutex);
1586 +static struct block_device_operations vr_fops = {
1587 + .owner = THIS_MODULE,
1589 + .release = vr_release,
1590 + .ioctl = vr_ioctl,
1593 +struct block_device *__vroot_get_real_bdev(struct block_device *bdev)
1595 + struct inode *inode = bdev->bd_inode;
1596 + struct vroot_device *vr;
1597 + struct block_device *real_bdev;
1598 + int minor = iminor(inode);
1600 + vr = &vroot_dev[minor];
1601 + real_bdev = vr->vr_device;
1603 + vxdprintk(VXD_CBIT(misc, 0),
1604 + "vroot[%d]_get_real_bdev: dev=" VXF_DEV,
1605 + vr->vr_number, VXD_DEV(real_bdev));
1607 + if (vr->vr_state != Vr_bound)
1608 + return ERR_PTR(-ENXIO);
1610 + __iget(real_bdev->bd_inode);
1615 + * And now the modules code and kernel interface.
1618 +module_param(max_vroot, int, 0);
1620 +MODULE_PARM_DESC(max_vroot, "Maximum number of vroot devices (1-256)");
1621 +MODULE_LICENSE("GPL");
1622 +MODULE_ALIAS_BLOCKDEV_MAJOR(VROOT_MAJOR);
1624 +MODULE_AUTHOR ("Herbert Pötzl");
1625 +MODULE_DESCRIPTION ("Virtual Root Device Mapper");
1628 +int __init vroot_init(void)
1632 + if (max_vroot < 1 || max_vroot > 256) {
1633 + max_vroot = MAX_VROOT_DEFAULT;
1634 + printk(KERN_WARNING "vroot: invalid max_vroot "
1635 + "(must be between 1 and 256), "
1636 + "using default (%d)\n", max_vroot);
1639 + if (register_blkdev(VROOT_MAJOR, "vroot"))
1643 + vroot_dev = kmalloc(max_vroot * sizeof(struct vroot_device), GFP_KERNEL);
1646 + memset(vroot_dev, 0, max_vroot * sizeof(struct vroot_device));
1648 + disks = kmalloc(max_vroot * sizeof(struct gendisk *), GFP_KERNEL);
1652 + for (i = 0; i < max_vroot; i++) {
1653 + disks[i] = alloc_disk(1);
1658 + for (i = 0; i < max_vroot; i++) {
1659 + struct vroot_device *vr = &vroot_dev[i];
1660 + struct gendisk *disk = disks[i];
1662 + memset(vr, 0, sizeof(*vr));
1663 + init_MUTEX(&vr->vr_ctl_mutex);
1664 + vr->vr_number = i;
1665 + disk->major = VROOT_MAJOR;
1666 + disk->first_minor = i;
1667 + disk->fops = &vr_fops;
1668 + sprintf(disk->disk_name, "vroot%d", i);
1669 + disk->private_data = vr;
1672 + err = register_vroot_grb(&__vroot_get_real_bdev);
1676 + for (i = 0; i < max_vroot; i++)
1677 + add_disk(disks[i]);
1678 + printk(KERN_INFO "vroot: loaded (max %d devices)\n", max_vroot);
1683 + put_disk(disks[i]);
1688 + unregister_blkdev(VROOT_MAJOR, "vroot");
1689 + printk(KERN_ERR "vroot: ran out of memory\n");
1693 +void vroot_exit(void)
1697 + if (unregister_vroot_grb(&__vroot_get_real_bdev))
1698 + printk(KERN_WARNING "vroot: cannot unregister grb\n");
1700 + for (i = 0; i < max_vroot; i++) {
1701 + del_gendisk(disks[i]);
1702 + put_disk(disks[i]);
1704 + unregister_blkdev(VROOT_MAJOR, "vroot");
1710 +module_init(vroot_init);
1711 +module_exit(vroot_exit);
1715 +static int __init max_vroot_setup(char *str)
1717 + max_vroot = simple_strtol(str, NULL, 0);
1721 +__setup("max_vroot=", max_vroot_setup);
1725 diff -NurpP --minimal linux-2.6.25.11/drivers/char/sysrq.c linux-2.6.25.11-vs2.3.0.34.14/drivers/char/sysrq.c
1726 --- linux-2.6.25.11/drivers/char/sysrq.c 2008-04-17 11:31:27.000000000 -0400
1727 +++ linux-2.6.25.11-vs2.3.0.34.14/drivers/char/sysrq.c 2008-04-19 15:14:52.000000000 -0400
1729 #include <linux/irq.h>
1730 #include <linux/hrtimer.h>
1731 #include <linux/oom.h>
1732 +#include <linux/vserver/debug.h>
1734 #include <asm/ptrace.h>
1735 #include <asm/irq_regs.h>
1736 @@ -310,6 +311,21 @@ static struct sysrq_key_op sysrq_unrt_op
1737 .enable_mask = SYSRQ_ENABLE_RTNICE,
1741 +#ifdef CONFIG_VSERVER_DEBUG
1742 +static void sysrq_handle_vxinfo(int key, struct tty_struct *tty)
1744 + dump_vx_info_inactive((key == 'x')?0:1);
1747 +static struct sysrq_key_op sysrq_showvxinfo_op = {
1748 + .handler = sysrq_handle_vxinfo,
1749 + .help_msg = "conteXt",
1750 + .action_msg = "Show Context Info",
1751 + .enable_mask = SYSRQ_ENABLE_DUMP,
1755 /* Key Operations table and lock */
1756 static DEFINE_SPINLOCK(sysrq_key_table_lock);
1758 @@ -358,7 +374,11 @@ static struct sysrq_key_op *sysrq_key_ta
1759 /* x: May be registered on ppc/powerpc for xmon */
1763 +#ifdef CONFIG_VSERVER_DEBUG
1764 + &sysrq_showvxinfo_op, /* z */
1770 /* key2index calculation, -1 on invalid index */
1771 @@ -370,6 +390,8 @@ static int sysrq_key_table_key2index(int
1773 else if ((key >= 'a') && (key <= 'z'))
1774 retval = key + 10 - 'a';
1775 + else if ((key >= 'A') && (key <= 'Z'))
1776 + retval = key + 10 - 'A';
1780 diff -NurpP --minimal linux-2.6.25.11/drivers/char/tty_io.c linux-2.6.25.11-vs2.3.0.34.14/drivers/char/tty_io.c
1781 --- linux-2.6.25.11/drivers/char/tty_io.c 2008-04-17 12:05:32.000000000 -0400
1782 +++ linux-2.6.25.11-vs2.3.0.34.14/drivers/char/tty_io.c 2008-07-11 16:57:01.000000000 -0400
1785 #include <linux/kmod.h>
1786 #include <linux/nsproxy.h>
1787 +#include <linux/vs_pid.h>
1789 #undef TTY_DEBUG_HANGUP
1791 @@ -3142,6 +3143,7 @@ static int tiocspgrp(struct tty_struct *
1793 if (get_user(pgrp_nr, p))
1795 + pgrp_nr = vx_rmap_pid(pgrp_nr);
1799 diff -NurpP --minimal linux-2.6.25.11/drivers/infiniband/hw/ipath/ipath_user_pages.c linux-2.6.25.11-vs2.3.0.34.14/drivers/infiniband/hw/ipath/ipath_user_pages.c
1800 --- linux-2.6.25.11/drivers/infiniband/hw/ipath/ipath_user_pages.c 2008-04-17 10:37:17.000000000 -0400
1801 +++ linux-2.6.25.11-vs2.3.0.34.14/drivers/infiniband/hw/ipath/ipath_user_pages.c 2008-04-19 15:14:52.000000000 -0400
1804 #include <linux/mm.h>
1805 #include <linux/device.h>
1806 +#include <linux/vs_memory.h>
1808 #include "ipath_kernel.h"
1810 @@ -61,7 +62,8 @@ static int __get_user_pages(unsigned lon
1811 lock_limit = current->signal->rlim[RLIMIT_MEMLOCK].rlim_cur >>
1814 - if (num_pages > lock_limit) {
1815 + if (num_pages > lock_limit ||
1816 + !vx_vmlocked_avail(current->mm, num_pages)) {
1820 @@ -78,7 +80,7 @@ static int __get_user_pages(unsigned lon
1824 - current->mm->locked_vm += num_pages;
1825 + vx_vmlocked_add(current->mm, num_pages);
1829 @@ -177,7 +179,7 @@ void ipath_release_user_pages(struct pag
1831 __ipath_release_user_pages(p, num_pages, 1);
1833 - current->mm->locked_vm -= num_pages;
1834 + vx_vmlocked_sub(current->mm, num_pages);
1836 up_write(¤t->mm->mmap_sem);
1838 @@ -194,7 +196,7 @@ static void user_pages_account(struct wo
1839 container_of(_work, struct ipath_user_pages_work, work);
1841 down_write(&work->mm->mmap_sem);
1842 - work->mm->locked_vm -= work->num_pages;
1843 + vx_vmlocked_sub(work->mm, work->num_pages);
1844 up_write(&work->mm->mmap_sem);
1847 diff -NurpP --minimal linux-2.6.25.11/drivers/md/dm.c linux-2.6.25.11-vs2.3.0.34.14/drivers/md/dm.c
1848 --- linux-2.6.25.11/drivers/md/dm.c 2008-04-17 12:05:33.000000000 -0400
1849 +++ linux-2.6.25.11-vs2.3.0.34.14/drivers/md/dm.c 2008-04-19 15:14:52.000000000 -0400
1851 #include <linux/hdreg.h>
1852 #include <linux/blktrace_api.h>
1853 #include <linux/smp_lock.h>
1854 +#include <linux/vs_base.h>
1856 #define DM_MSG_PREFIX "core"
1858 @@ -91,6 +92,7 @@ struct mapped_device {
1861 atomic_t open_count;
1864 unsigned long flags;
1866 @@ -250,6 +252,7 @@ static void __exit dm_exit(void)
1867 static int dm_blk_open(struct inode *inode, struct file *file)
1869 struct mapped_device *md;
1872 spin_lock(&_minor_lock);
1874 @@ -258,18 +261,19 @@ static int dm_blk_open(struct inode *ino
1877 if (test_bit(DMF_FREEING, &md->flags) ||
1878 - test_bit(DMF_DELETING, &md->flags)) {
1880 + test_bit(DMF_DELETING, &md->flags))
1884 + if (!vx_check(md->xid, VS_IDENT|VS_HOSTID))
1889 atomic_inc(&md->open_count);
1893 spin_unlock(&_minor_lock);
1895 - return md ? 0 : -ENXIO;
1899 static int dm_blk_close(struct inode *inode, struct file *file)
1900 @@ -465,6 +469,14 @@ int dm_set_geometry(struct mapped_device
1905 + * Get the xid associated with a dm device
1907 +xid_t dm_get_xid(struct mapped_device *md)
1912 /*-----------------------------------------------------------------
1914 * A more elegant soln is in the works that uses the queue
1915 @@ -1022,6 +1034,7 @@ static struct mapped_device *alloc_dev(i
1916 INIT_LIST_HEAD(&md->uevent_list);
1917 spin_lock_init(&md->uevent_lock);
1919 + md->xid = vx_current_xid();
1920 md->queue = blk_alloc_queue(GFP_KERNEL);
1923 diff -NurpP --minimal linux-2.6.25.11/drivers/md/dm.h linux-2.6.25.11-vs2.3.0.34.14/drivers/md/dm.h
1924 --- linux-2.6.25.11/drivers/md/dm.h 2008-04-17 11:31:28.000000000 -0400
1925 +++ linux-2.6.25.11-vs2.3.0.34.14/drivers/md/dm.h 2008-04-19 15:14:52.000000000 -0400
1926 @@ -127,6 +127,8 @@ void dm_put_target_type(struct target_ty
1927 int dm_target_iterate(void (*iter_func)(struct target_type *tt,
1928 void *param), void *param);
1930 +xid_t dm_get_xid(struct mapped_device *md);
1932 /*-----------------------------------------------------------------
1934 *---------------------------------------------------------------*/
1935 diff -NurpP --minimal linux-2.6.25.11/drivers/md/dm-ioctl.c linux-2.6.25.11-vs2.3.0.34.14/drivers/md/dm-ioctl.c
1936 --- linux-2.6.25.11/drivers/md/dm-ioctl.c 2008-04-17 12:05:33.000000000 -0400
1937 +++ linux-2.6.25.11-vs2.3.0.34.14/drivers/md/dm-ioctl.c 2008-04-21 10:45:53.000000000 -0400
1939 #include <linux/dm-ioctl.h>
1940 #include <linux/hdreg.h>
1941 #include <linux/compat.h>
1942 +#include <linux/vs_context.h>
1944 #include <asm/uaccess.h>
1946 @@ -101,7 +102,8 @@ static struct hash_cell *__get_name_cell
1947 unsigned int h = hash_str(str);
1949 list_for_each_entry (hc, _name_buckets + h, name_list)
1950 - if (!strcmp(hc->name, str)) {
1951 + if (vx_check(dm_get_xid(hc->md), VS_WATCH_P | VS_IDENT) &&
1952 + !strcmp(hc->name, str)) {
1956 @@ -115,7 +117,8 @@ static struct hash_cell *__get_uuid_cell
1957 unsigned int h = hash_str(str);
1959 list_for_each_entry (hc, _uuid_buckets + h, uuid_list)
1960 - if (!strcmp(hc->uuid, str)) {
1961 + if (vx_check(dm_get_xid(hc->md), VS_WATCH_P | VS_IDENT) &&
1962 + !strcmp(hc->uuid, str)) {
1966 @@ -352,6 +355,9 @@ typedef int (*ioctl_fn)(struct dm_ioctl
1968 static int remove_all(struct dm_ioctl *param, size_t param_size)
1970 + if (!vx_check(0, VS_ADMIN))
1973 dm_hash_remove_all(1);
1974 param->data_size = 0;
1976 @@ -399,6 +405,8 @@ static int list_devices(struct dm_ioctl
1978 for (i = 0; i < NUM_BUCKETS; i++) {
1979 list_for_each_entry (hc, _name_buckets + i, name_list) {
1980 + if (!vx_check(dm_get_xid(hc->md), VS_WATCH_P | VS_IDENT))
1982 needed += sizeof(struct dm_name_list);
1983 needed += strlen(hc->name) + 1;
1984 needed += ALIGN_MASK;
1985 @@ -422,6 +430,8 @@ static int list_devices(struct dm_ioctl
1987 for (i = 0; i < NUM_BUCKETS; i++) {
1988 list_for_each_entry (hc, _name_buckets + i, name_list) {
1989 + if (!vx_check(dm_get_xid(hc->md), VS_WATCH_P | VS_IDENT))
1992 old_nl->next = (uint32_t) ((void *) nl -
1994 @@ -612,10 +622,11 @@ static struct hash_cell *__find_device_h
1998 - mdptr = dm_get_mdptr(md);
1999 + if (vx_check(dm_get_xid(md), VS_WATCH_P | VS_IDENT))
2000 + mdptr = dm_get_mdptr(md);
2008 @@ -1406,8 +1417,8 @@ static int ctl_ioctl(uint command, struc
2012 - /* only root can play with this */
2013 - if (!capable(CAP_SYS_ADMIN))
2014 + /* only root and certain contexts can play with this */
2015 + if (!vx_capable(CAP_SYS_ADMIN, VXC_ADMIN_MAPPER))
2018 if (_IOC_TYPE(command) != DM_IOCTL)
2019 diff -NurpP --minimal linux-2.6.25.11/drivers/net/tun.c linux-2.6.25.11-vs2.3.0.34.14/drivers/net/tun.c
2020 --- linux-2.6.25.11/drivers/net/tun.c 2008-04-17 12:05:36.000000000 -0400
2021 +++ linux-2.6.25.11-vs2.3.0.34.14/drivers/net/tun.c 2008-04-19 15:39:04.000000000 -0400
2023 #include <linux/if_ether.h>
2024 #include <linux/if_tun.h>
2025 #include <linux/crc32.h>
2026 +#include <linux/vs_network.h>
2027 #include <net/net_namespace.h>
2029 #include <asm/system.h>
2030 @@ -86,6 +87,7 @@ struct tun_struct {
2036 wait_queue_head_t read_wait;
2037 struct sk_buff_head readq;
2038 @@ -465,6 +467,7 @@ static void tun_setup(struct net_device
2042 + tun->nid = current->nid;
2044 dev->open = tun_net_open;
2045 dev->hard_start_xmit = tun_net_xmit;
2046 @@ -494,6 +497,9 @@ static int tun_set_iff(struct file *file
2048 tun = tun_get_by_name(ifr->ifr_name);
2050 + if (!nx_check(tun->nid, VS_IDENT | VS_HOSTID | VS_ADMIN_P))
2056 @@ -502,7 +508,7 @@ static int tun_set_iff(struct file *file
2057 current->euid != tun->owner) ||
2058 (tun->group != -1 &&
2059 current->egid != tun->group)) &&
2060 - !capable(CAP_NET_ADMIN))
2061 + !cap_raised(current->cap_effective, CAP_NET_ADMIN))
2064 else if (__dev_get_by_name(&init_net, ifr->ifr_name))
2065 @@ -513,7 +519,7 @@ static int tun_set_iff(struct file *file
2069 - if (!capable(CAP_NET_ADMIN))
2070 + if (!nx_capable(CAP_NET_ADMIN, NXC_TUN_CREATE))
2074 @@ -656,6 +662,16 @@ static int tun_chr_ioctl(struct inode *i
2075 DBG(KERN_INFO "%s: group set to %d\n", tun->dev->name, tun->group);
2079 + if (!capable(CAP_CONTEXT))
2082 + /* Set nid owner of the device */
2083 + tun->nid = (nid_t) arg;
2085 + DBG(KERN_INFO "%s: nid owner set to %u\n", tun->dev->name, tun->nid);
2089 /* Only allow setting the type when the interface is down */
2090 if (tun->dev->flags & IFF_UP) {
2091 diff -NurpP --minimal linux-2.6.25.11/fs/attr.c linux-2.6.25.11-vs2.3.0.34.14/fs/attr.c
2092 --- linux-2.6.25.11/fs/attr.c 2008-04-17 11:31:35.000000000 -0400
2093 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/attr.c 2008-04-19 15:14:52.000000000 -0400
2095 #include <linux/fcntl.h>
2096 #include <linux/quotaops.h>
2097 #include <linux/security.h>
2098 +#include <linux/proc_fs.h>
2099 +#include <linux/devpts_fs.h>
2100 +#include <linux/vs_base.h>
2102 /* Taken over from the old code... */
2104 @@ -55,6 +58,27 @@ int inode_change_ok(struct inode *inode,
2105 if (!is_owner_or_cap(inode))
2109 + /* Check for evil vserver activity */
2110 + if (vx_check(0, VS_ADMIN))
2113 + if (IS_BARRIER(inode)) {
2114 + vxwprintk_task(1, "messing with the barrier.");
2117 + switch (inode->i_sb->s_magic) {
2118 + case PROC_SUPER_MAGIC:
2119 + /* maybe allow that in the future? */
2120 + vxwprintk_task(1, "messing with the procfs.");
2122 + case DEVPTS_SUPER_MAGIC:
2123 + /* devpts is xid tagged */
2124 + if (vx_check((xid_t)inode->i_tag, VS_IDENT))
2126 + vxwprintk_task(1, "messing with the devpts.");
2132 @@ -78,6 +102,8 @@ int inode_setattr(struct inode * inode,
2133 inode->i_uid = attr->ia_uid;
2134 if (ia_valid & ATTR_GID)
2135 inode->i_gid = attr->ia_gid;
2136 + if ((ia_valid & ATTR_TAG) && IS_TAGGED(inode))
2137 + inode->i_tag = attr->ia_tag;
2138 if (ia_valid & ATTR_ATIME)
2139 inode->i_atime = timespec_trunc(attr->ia_atime,
2140 inode->i_sb->s_time_gran);
2141 @@ -167,7 +193,8 @@ int notify_change(struct dentry * dentry
2142 error = security_inode_setattr(dentry, attr);
2144 if ((ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid) ||
2145 - (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid))
2146 + (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid) ||
2147 + (ia_valid & ATTR_TAG && attr->ia_tag != inode->i_tag))
2148 error = DQUOT_TRANSFER(inode, attr) ? -EDQUOT : 0;
2150 error = inode_setattr(inode, attr);
2151 diff -NurpP --minimal linux-2.6.25.11/fs/binfmt_aout.c linux-2.6.25.11-vs2.3.0.34.14/fs/binfmt_aout.c
2152 --- linux-2.6.25.11/fs/binfmt_aout.c 2008-04-17 12:05:39.000000000 -0400
2153 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/binfmt_aout.c 2008-04-19 15:14:52.000000000 -0400
2155 #include <linux/binfmts.h>
2156 #include <linux/personality.h>
2157 #include <linux/init.h>
2158 +#include <linux/vs_memory.h>
2160 #include <asm/system.h>
2161 #include <asm/uaccess.h>
2162 diff -NurpP --minimal linux-2.6.25.11/fs/binfmt_elf.c linux-2.6.25.11-vs2.3.0.34.14/fs/binfmt_elf.c
2163 --- linux-2.6.25.11/fs/binfmt_elf.c 2008-04-17 12:05:39.000000000 -0400
2164 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/binfmt_elf.c 2008-04-19 15:14:52.000000000 -0400
2166 #include <linux/random.h>
2167 #include <linux/elf.h>
2168 #include <linux/utsname.h>
2169 +#include <linux/vs_memory.h>
2170 #include <asm/uaccess.h>
2171 #include <asm/param.h>
2172 #include <asm/page.h>
2173 diff -NurpP --minimal linux-2.6.25.11/fs/binfmt_flat.c linux-2.6.25.11-vs2.3.0.34.14/fs/binfmt_flat.c
2174 --- linux-2.6.25.11/fs/binfmt_flat.c 2008-04-17 12:05:39.000000000 -0400
2175 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/binfmt_flat.c 2008-04-19 15:14:52.000000000 -0400
2177 #include <linux/init.h>
2178 #include <linux/flat.h>
2179 #include <linux/syscalls.h>
2180 +#include <linux/vs_memory.h>
2182 #include <asm/byteorder.h>
2183 #include <asm/system.h>
2184 diff -NurpP --minimal linux-2.6.25.11/fs/binfmt_som.c linux-2.6.25.11-vs2.3.0.34.14/fs/binfmt_som.c
2185 --- linux-2.6.25.11/fs/binfmt_som.c 2008-04-17 12:05:39.000000000 -0400
2186 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/binfmt_som.c 2008-04-19 15:14:52.000000000 -0400
2188 #include <linux/shm.h>
2189 #include <linux/personality.h>
2190 #include <linux/init.h>
2191 +#include <linux/vs_memory.h>
2193 #include <asm/uaccess.h>
2194 #include <asm/pgtable.h>
2195 diff -NurpP --minimal linux-2.6.25.11/fs/block_dev.c linux-2.6.25.11-vs2.3.0.34.14/fs/block_dev.c
2196 --- linux-2.6.25.11/fs/block_dev.c 2008-04-17 12:05:39.000000000 -0400
2197 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/block_dev.c 2008-04-19 15:14:52.000000000 -0400
2199 #include <linux/uio.h>
2200 #include <linux/namei.h>
2201 #include <linux/log2.h>
2202 +#include <linux/vs_device.h>
2203 #include <asm/uaccess.h>
2204 #include "internal.h"
2206 @@ -388,6 +389,7 @@ struct block_device *bdget(dev_t dev)
2207 bdev->bd_invalidated = 0;
2208 inode->i_mode = S_IFBLK;
2209 inode->i_rdev = dev;
2210 + inode->i_mdev = dev;
2211 inode->i_bdev = bdev;
2212 inode->i_data.a_ops = &def_blk_aops;
2213 mapping_set_gfp_mask(&inode->i_data, GFP_USER);
2214 @@ -424,6 +426,11 @@ EXPORT_SYMBOL(bdput);
2215 static struct block_device *bd_acquire(struct inode *inode)
2217 struct block_device *bdev;
2220 + if (!vs_map_blkdev(inode->i_rdev, &mdev, DATTR_OPEN))
2222 + inode->i_mdev = mdev;
2224 spin_lock(&bdev_lock);
2225 bdev = inode->i_bdev;
2226 @@ -434,7 +441,7 @@ static struct block_device *bd_acquire(s
2228 spin_unlock(&bdev_lock);
2230 - bdev = bdget(inode->i_rdev);
2231 + bdev = bdget(mdev);
2233 spin_lock(&bdev_lock);
2234 if (!inode->i_bdev) {
2235 diff -NurpP --minimal linux-2.6.25.11/fs/char_dev.c linux-2.6.25.11-vs2.3.0.34.14/fs/char_dev.c
2236 --- linux-2.6.25.11/fs/char_dev.c 2008-04-17 12:05:39.000000000 -0400
2237 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/char_dev.c 2008-04-29 18:44:50.000000000 -0400
2239 #include <linux/cdev.h>
2240 #include <linux/mutex.h>
2241 #include <linux/backing-dev.h>
2242 +#include <linux/vs_context.h>
2243 +#include <linux/vs_device.h>
2246 #include <linux/kmod.h>
2247 @@ -362,14 +364,21 @@ static int chrdev_open(struct inode *ino
2249 struct cdev *new = NULL;
2253 + if (!vs_map_chrdev(inode->i_rdev, &mdev, DATTR_OPEN))
2255 + inode->i_mdev = mdev;
2257 spin_lock(&cdev_lock);
2260 struct kobject *kobj;
2263 spin_unlock(&cdev_lock);
2264 - kobj = kobj_lookup(cdev_map, inode->i_rdev, &idx);
2266 + kobj = kobj_lookup(cdev_map, mdev, &idx);
2269 new = container_of(kobj, struct cdev, kobj);
2270 diff -NurpP --minimal linux-2.6.25.11/fs/dcache.c linux-2.6.25.11-vs2.3.0.34.14/fs/dcache.c
2271 --- linux-2.6.25.11/fs/dcache.c 2008-04-17 12:05:39.000000000 -0400
2272 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/dcache.c 2008-04-19 17:06:15.000000000 -0400
2274 #include <linux/seqlock.h>
2275 #include <linux/swap.h>
2276 #include <linux/bootmem.h>
2277 +#include <linux/vs_limit.h>
2278 #include "internal.h"
2281 @@ -184,6 +185,7 @@ void dput(struct dentry *dentry)
2285 + vx_dentry_dec(dentry);
2287 if (atomic_read(&dentry->d_count) == 1)
2289 @@ -197,6 +199,8 @@ repeat:
2293 + vx_dentry_dec(dentry);
2296 * AV: ->d_delete() is _NOT_ allowed to block now.
2298 @@ -288,6 +292,7 @@ static inline struct dentry * __dget_loc
2300 atomic_inc(&dentry->d_count);
2301 dentry_lru_remove(dentry);
2302 + vx_dentry_inc(dentry);
2306 @@ -885,6 +890,9 @@ struct dentry *d_alloc(struct dentry * p
2307 struct dentry *dentry;
2310 + if (!vx_dentry_avail(1))
2313 dentry = kmem_cache_alloc(dentry_cache, GFP_KERNEL);
2316 @@ -933,6 +941,7 @@ struct dentry *d_alloc(struct dentry * p
2318 list_add(&dentry->d_u.d_child, &parent->d_subdirs);
2319 dentry_stat.nr_dentry++;
2320 + vx_dentry_inc(dentry);
2321 spin_unlock(&dcache_lock);
2324 @@ -1282,6 +1291,7 @@ struct dentry * __d_lookup(struct dentry
2326 if (!d_unhashed(dentry)) {
2327 atomic_inc(&dentry->d_count);
2328 + vx_dentry_inc(dentry);
2331 spin_unlock(&dentry->d_lock);
2332 diff -NurpP --minimal linux-2.6.25.11/fs/devpts/inode.c linux-2.6.25.11-vs2.3.0.34.14/fs/devpts/inode.c
2333 --- linux-2.6.25.11/fs/devpts/inode.c 2008-04-17 12:05:39.000000000 -0400
2334 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/devpts/inode.c 2008-04-21 09:23:34.000000000 -0400
2336 #include <linux/namei.h>
2337 #include <linux/mount.h>
2338 #include <linux/tty.h>
2339 +#include <linux/magic.h>
2340 #include <linux/devpts_fs.h>
2341 #include <linux/parser.h>
2342 #include <linux/fsnotify.h>
2343 #include <linux/seq_file.h>
2344 +#include <linux/vs_base.h>
2346 -#define DEVPTS_SUPER_MAGIC 0x1cd1
2348 #define DEVPTS_DEFAULT_MODE 0600
2350 +static int devpts_permission(struct inode *inode, int mask, struct nameidata *nd)
2352 + int ret = -EACCES;
2354 + /* devpts is xid tagged */
2355 + if (vx_check((xid_t)inode->i_tag, VS_WATCH_P | VS_IDENT))
2356 + ret = generic_permission(inode, mask, NULL);
2360 +static struct inode_operations devpts_file_inode_operations = {
2361 + .permission = devpts_permission,
2364 static struct vfsmount *devpts_mnt;
2365 static struct dentry *devpts_root;
2367 @@ -106,6 +121,25 @@ static int devpts_show_options(struct se
2371 +static int devpts_filter(struct dentry *de)
2373 + /* devpts is xid tagged */
2374 + return vx_check((xid_t)de->d_inode->i_tag, VS_WATCH_P | VS_IDENT);
2377 +static int devpts_readdir(struct file * filp, void * dirent, filldir_t filldir)
2379 + return dcache_readdir_filter(filp, dirent, filldir, devpts_filter);
2382 +static struct file_operations devpts_dir_operations = {
2383 + .open = dcache_dir_open,
2384 + .release = dcache_dir_close,
2385 + .llseek = dcache_dir_lseek,
2386 + .read = generic_read_dir,
2387 + .readdir = devpts_readdir,
2390 static const struct super_operations devpts_sops = {
2391 .statfs = simple_statfs,
2392 .remount_fs = devpts_remount,
2393 @@ -132,8 +166,10 @@ devpts_fill_super(struct super_block *s,
2394 inode->i_uid = inode->i_gid = 0;
2395 inode->i_mode = S_IFDIR | S_IRUGO | S_IXUGO | S_IWUSR;
2396 inode->i_op = &simple_dir_inode_operations;
2397 - inode->i_fop = &simple_dir_operations;
2398 + inode->i_fop = &devpts_dir_operations;
2400 + /* devpts is xid tagged */
2401 + inode->i_tag = (tag_t)vx_current_xid();
2403 devpts_root = s->s_root = d_alloc_root(inode);
2405 @@ -191,6 +227,9 @@ int devpts_pty_new(struct tty_struct *tt
2406 inode->i_gid = config.setgid ? config.gid : current->fsgid;
2407 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME;
2408 init_special_inode(inode, S_IFCHR|config.mode, device);
2409 + /* devpts is xid tagged */
2410 + inode->i_tag = (tag_t)vx_current_xid();
2411 + inode->i_op = &devpts_file_inode_operations;
2412 inode->i_private = tty;
2414 dentry = get_node(number);
2415 diff -NurpP --minimal linux-2.6.25.11/fs/ecryptfs/inode.c linux-2.6.25.11-vs2.3.0.34.14/fs/ecryptfs/inode.c
2416 --- linux-2.6.25.11/fs/ecryptfs/inode.c 2008-07-15 22:05:17.000000000 -0400
2417 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ecryptfs/inode.c 2008-06-23 15:23:51.000000000 -0400
2418 @@ -394,7 +394,7 @@ static int ecryptfs_link(struct dentry *
2419 dget(lower_new_dentry);
2420 lower_dir_dentry = lock_parent(lower_new_dentry);
2421 rc = vfs_link(lower_old_dentry, lower_dir_dentry->d_inode,
2422 - lower_new_dentry);
2423 + lower_new_dentry, NULL);
2424 if (rc || !lower_new_dentry->d_inode)
2426 rc = ecryptfs_interpose(lower_new_dentry, new_dentry, dir->i_sb, 0);
2427 @@ -421,9 +421,9 @@ static int ecryptfs_unlink(struct inode
2428 struct dentry *lower_dentry = ecryptfs_dentry_to_lower(dentry);
2429 struct inode *lower_dir_inode = ecryptfs_inode_to_lower(dir);
2430 struct dentry *lower_dir_dentry;
2433 lower_dir_dentry = lock_parent(lower_dentry);
2434 - rc = vfs_unlink(lower_dir_inode, lower_dentry);
2435 + rc = vfs_unlink(lower_dir_inode, lower_dentry, NULL);
2437 printk(KERN_ERR "Error in vfs_unlink; rc = [%d]\n", rc);
2439 @@ -461,7 +461,7 @@ static int ecryptfs_symlink(struct inode
2442 rc = vfs_symlink(lower_dir_dentry->d_inode, lower_dentry,
2443 - encoded_symname, mode);
2444 + encoded_symname, mode, NULL);
2445 kfree(encoded_symname);
2446 if (rc || !lower_dentry->d_inode)
2448 @@ -486,7 +486,7 @@ static int ecryptfs_mkdir(struct inode *
2450 lower_dentry = ecryptfs_dentry_to_lower(dentry);
2451 lower_dir_dentry = lock_parent(lower_dentry);
2452 - rc = vfs_mkdir(lower_dir_dentry->d_inode, lower_dentry, mode);
2453 + rc = vfs_mkdir(lower_dir_dentry->d_inode, lower_dentry, mode, NULL);
2454 if (rc || !lower_dentry->d_inode)
2456 rc = ecryptfs_interpose(lower_dentry, dentry, dir->i_sb, 0);
2457 @@ -512,7 +512,7 @@ static int ecryptfs_rmdir(struct inode *
2459 lower_dir_dentry = lock_parent(lower_dentry);
2461 - rc = vfs_rmdir(lower_dir_dentry->d_inode, lower_dentry);
2462 + rc = vfs_rmdir(lower_dir_dentry->d_inode, lower_dentry, NULL);
2465 d_delete(lower_dentry);
2466 @@ -534,7 +534,7 @@ ecryptfs_mknod(struct inode *dir, struct
2468 lower_dentry = ecryptfs_dentry_to_lower(dentry);
2469 lower_dir_dentry = lock_parent(lower_dentry);
2470 - rc = vfs_mknod(lower_dir_dentry->d_inode, lower_dentry, mode, dev);
2471 + rc = vfs_mknod(lower_dir_dentry->d_inode, lower_dentry, mode, dev, NULL);
2472 if (rc || !lower_dentry->d_inode)
2474 rc = ecryptfs_interpose(lower_dentry, dentry, dir->i_sb, 0);
2475 diff -NurpP --minimal linux-2.6.25.11/fs/exec.c linux-2.6.25.11-vs2.3.0.34.14/fs/exec.c
2476 --- linux-2.6.25.11/fs/exec.c 2008-04-17 12:05:40.000000000 -0400
2477 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/exec.c 2008-04-19 15:14:52.000000000 -0400
2478 @@ -249,7 +249,9 @@ static int __bprm_mm_init(struct linux_b
2482 - mm->stack_vm = mm->total_vm = 1;
2484 + vx_vmpages_inc(mm);
2486 up_write(&mm->mmap_sem);
2488 bprm->p = vma->vm_end - sizeof(void *);
2489 @@ -1452,7 +1454,7 @@ static int format_corename(char *corenam
2490 /* UNIX time of coredump */
2493 - do_gettimeofday(&tv);
2494 + vx_gettimeofday(&tv);
2495 rc = snprintf(out_ptr, out_end - out_ptr,
2497 if (rc > out_end - out_ptr)
2498 diff -NurpP --minimal linux-2.6.25.11/fs/ext2/balloc.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext2/balloc.c
2499 --- linux-2.6.25.11/fs/ext2/balloc.c 2008-04-17 12:05:40.000000000 -0400
2500 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext2/balloc.c 2008-04-19 15:14:52.000000000 -0400
2502 #include <linux/sched.h>
2503 #include <linux/buffer_head.h>
2504 #include <linux/capability.h>
2505 +#include <linux/vs_dlimit.h>
2506 +#include <linux/vs_tag.h>
2509 * balloc.c contains the blocks allocation and deallocation routines
2510 @@ -569,6 +571,7 @@ do_more:
2514 + DLIMIT_FREE_BLOCK(inode, freed);
2515 release_blocks(sb, freed);
2516 DQUOT_FREE_BLOCK(inode, freed);
2518 @@ -701,7 +704,6 @@ ext2_try_to_allocate(struct super_block
2520 end = EXT2_BLOCKS_PER_GROUP(sb);
2523 BUG_ON(start > EXT2_BLOCKS_PER_GROUP(sb));
2526 @@ -1251,6 +1253,11 @@ ext2_fsblk_t ext2_new_blocks(struct inod
2530 + if (DLIMIT_ALLOC_BLOCK(inode, num)) {
2532 + DQUOT_FREE_BLOCK(inode, num);
2537 es = EXT2_SB(sb)->s_es;
2538 @@ -1403,6 +1410,7 @@ allocated:
2542 + DLIMIT_FREE_BLOCK(inode, *count-num);
2543 DQUOT_FREE_BLOCK(inode, *count-num);
2546 @@ -1413,8 +1421,10 @@ out:
2548 * Undo the block allocation
2550 - if (!performed_allocation)
2551 + if (!performed_allocation) {
2552 + DLIMIT_FREE_BLOCK(inode, *count);
2553 DQUOT_FREE_BLOCK(inode, *count);
2558 diff -NurpP --minimal linux-2.6.25.11/fs/ext2/ext2.h linux-2.6.25.11-vs2.3.0.34.14/fs/ext2/ext2.h
2559 --- linux-2.6.25.11/fs/ext2/ext2.h 2008-04-17 12:05:40.000000000 -0400
2560 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext2/ext2.h 2008-04-19 15:14:52.000000000 -0400
2561 @@ -168,6 +168,7 @@ extern const struct file_operations ext2
2562 extern const struct address_space_operations ext2_aops;
2563 extern const struct address_space_operations ext2_aops_xip;
2564 extern const struct address_space_operations ext2_nobh_aops;
2565 +extern int ext2_sync_flags(struct inode *inode);
2568 extern const struct inode_operations ext2_dir_inode_operations;
2569 diff -NurpP --minimal linux-2.6.25.11/fs/ext2/file.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext2/file.c
2570 --- linux-2.6.25.11/fs/ext2/file.c 2008-04-17 12:05:40.000000000 -0400
2571 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext2/file.c 2008-04-19 15:14:52.000000000 -0400
2572 @@ -86,4 +86,5 @@ const struct inode_operations ext2_file_
2574 .setattr = ext2_setattr,
2575 .permission = ext2_permission,
2576 + .sync_flags = ext2_sync_flags,
2578 diff -NurpP --minimal linux-2.6.25.11/fs/ext2/ialloc.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext2/ialloc.c
2579 --- linux-2.6.25.11/fs/ext2/ialloc.c 2008-04-17 11:31:35.000000000 -0400
2580 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext2/ialloc.c 2008-07-08 04:31:24.000000000 -0400
2582 #include <linux/backing-dev.h>
2583 #include <linux/buffer_head.h>
2584 #include <linux/random.h>
2585 +#include <linux/vs_dlimit.h>
2586 +#include <linux/vs_tag.h>
2590 @@ -125,6 +127,7 @@ void ext2_free_inode (struct inode * ino
2591 ext2_xattr_delete_inode(inode);
2592 DQUOT_FREE_INODE(inode);
2594 + DLIMIT_FREE_INODE(inode);
2597 es = EXT2_SB(sb)->s_es;
2598 @@ -456,6 +459,11 @@ struct inode *ext2_new_inode(struct inod
2600 return ERR_PTR(-ENOMEM);
2602 + inode->i_tag = dx_current_fstag(sb);
2603 + if (DLIMIT_ALLOC_INODE(inode)) {
2610 @@ -569,7 +577,8 @@ got:
2611 inode->i_blocks = 0;
2612 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME_SEC;
2613 memset(ei->i_data, 0, sizeof(ei->i_data));
2614 - ei->i_flags = EXT2_I(dir)->i_flags & ~EXT2_BTREE_FL;
2615 + ei->i_flags = EXT2_I(dir)->i_flags &
2616 + ~(EXT2_BTREE_FL|EXT2_IXUNLINK_FL|EXT2_BARRIER_FL);
2618 ei->i_flags &= ~(EXT2_IMMUTABLE_FL|EXT2_APPEND_FL);
2619 /* dirsync is only applied to directories */
2620 @@ -614,12 +623,15 @@ fail_free_drop:
2624 + DLIMIT_FREE_INODE(inode);
2625 inode->i_flags |= S_NOQUOTA;
2628 return ERR_PTR(err);
2631 + DLIMIT_FREE_INODE(inode);
2633 make_bad_inode(inode);
2635 return ERR_PTR(err);
2636 diff -NurpP --minimal linux-2.6.25.11/fs/ext2/inode.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext2/inode.c
2637 --- linux-2.6.25.11/fs/ext2/inode.c 2008-04-17 12:05:40.000000000 -0400
2638 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext2/inode.c 2008-07-08 16:53:21.000000000 -0400
2640 #include <linux/writeback.h>
2641 #include <linux/buffer_head.h>
2642 #include <linux/mpage.h>
2643 +#include <linux/vs_tag.h>
2647 @@ -1011,7 +1012,7 @@ void ext2_truncate(struct inode *inode)
2649 if (ext2_inode_is_fast_symlink(inode))
2651 - if (IS_APPEND(inode) || IS_IMMUTABLE(inode))
2652 + if (IS_APPEND(inode) || IS_IXORUNLINK(inode))
2655 blocksize = inode->i_sb->s_blocksize;
2656 @@ -1149,38 +1150,72 @@ void ext2_set_inode_flags(struct inode *
2658 unsigned int flags = EXT2_I(inode)->i_flags;
2660 - inode->i_flags &= ~(S_SYNC|S_APPEND|S_IMMUTABLE|S_NOATIME|S_DIRSYNC);
2661 + inode->i_flags &= ~(S_IMMUTABLE | S_IXUNLINK |
2662 + S_SYNC | S_APPEND | S_NOATIME | S_DIRSYNC);
2665 + if (flags & EXT2_IMMUTABLE_FL)
2666 + inode->i_flags |= S_IMMUTABLE;
2667 + if (flags & EXT2_IXUNLINK_FL)
2668 + inode->i_flags |= S_IXUNLINK;
2670 if (flags & EXT2_SYNC_FL)
2671 inode->i_flags |= S_SYNC;
2672 if (flags & EXT2_APPEND_FL)
2673 inode->i_flags |= S_APPEND;
2674 - if (flags & EXT2_IMMUTABLE_FL)
2675 - inode->i_flags |= S_IMMUTABLE;
2676 if (flags & EXT2_NOATIME_FL)
2677 inode->i_flags |= S_NOATIME;
2678 if (flags & EXT2_DIRSYNC_FL)
2679 inode->i_flags |= S_DIRSYNC;
2681 + inode->i_vflags &= ~(V_BARRIER | V_COW);
2683 + if (flags & EXT2_BARRIER_FL)
2684 + inode->i_vflags |= V_BARRIER;
2685 + if (flags & EXT2_COW_FL)
2686 + inode->i_vflags |= V_COW;
2689 /* Propagate flags from i_flags to EXT2_I(inode)->i_flags */
2690 void ext2_get_inode_flags(struct ext2_inode_info *ei)
2692 unsigned int flags = ei->vfs_inode.i_flags;
2693 + unsigned int vflags = ei->vfs_inode.i_vflags;
2695 + ei->i_flags &= ~(EXT2_SYNC_FL | EXT2_APPEND_FL |
2696 + EXT2_IMMUTABLE_FL | EXT2_IXUNLINK_FL |
2697 + EXT2_NOATIME_FL | EXT2_DIRSYNC_FL |
2698 + EXT2_BARRIER_FL | EXT2_COW_FL);
2700 + if (flags & S_IMMUTABLE)
2701 + ei->i_flags |= EXT2_IMMUTABLE_FL;
2702 + if (flags & S_IXUNLINK)
2703 + ei->i_flags |= EXT2_IXUNLINK_FL;
2705 - ei->i_flags &= ~(EXT2_SYNC_FL|EXT2_APPEND_FL|
2706 - EXT2_IMMUTABLE_FL|EXT2_NOATIME_FL|EXT2_DIRSYNC_FL);
2708 ei->i_flags |= EXT2_SYNC_FL;
2709 if (flags & S_APPEND)
2710 ei->i_flags |= EXT2_APPEND_FL;
2711 - if (flags & S_IMMUTABLE)
2712 - ei->i_flags |= EXT2_IMMUTABLE_FL;
2713 if (flags & S_NOATIME)
2714 ei->i_flags |= EXT2_NOATIME_FL;
2715 if (flags & S_DIRSYNC)
2716 ei->i_flags |= EXT2_DIRSYNC_FL;
2718 + if (vflags & V_BARRIER)
2719 + ei->i_flags |= EXT2_BARRIER_FL;
2720 + if (vflags & V_COW)
2721 + ei->i_flags |= EXT2_COW_FL;
2724 +int ext2_sync_flags(struct inode *inode)
2726 + ext2_get_inode_flags(EXT2_I(inode));
2727 + inode->i_ctime = CURRENT_TIME;
2728 + mark_inode_dirty(inode);
2733 struct inode *ext2_iget (struct super_block *sb, unsigned long ino)
2735 struct ext2_inode_info *ei;
2736 @@ -1188,6 +1223,8 @@ struct inode *ext2_iget (struct super_bl
2737 struct ext2_inode *raw_inode;
2738 struct inode *inode;
2744 inode = iget_locked(sb, ino);
2745 @@ -1210,12 +1247,17 @@ struct inode *ext2_iget (struct super_bl
2748 inode->i_mode = le16_to_cpu(raw_inode->i_mode);
2749 - inode->i_uid = (uid_t)le16_to_cpu(raw_inode->i_uid_low);
2750 - inode->i_gid = (gid_t)le16_to_cpu(raw_inode->i_gid_low);
2751 + uid = (uid_t)le16_to_cpu(raw_inode->i_uid_low);
2752 + gid = (gid_t)le16_to_cpu(raw_inode->i_gid_low);
2753 if (!(test_opt (inode->i_sb, NO_UID32))) {
2754 - inode->i_uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
2755 - inode->i_gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
2756 + uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
2757 + gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
2759 + inode->i_uid = INOTAG_UID(DX_TAG(inode), uid, gid);
2760 + inode->i_gid = INOTAG_GID(DX_TAG(inode), uid, gid);
2761 + inode->i_tag = INOTAG_TAG(DX_TAG(inode), uid, gid,
2762 + le16_to_cpu(raw_inode->i_raw_tag));
2764 inode->i_nlink = le16_to_cpu(raw_inode->i_links_count);
2765 inode->i_size = le32_to_cpu(raw_inode->i_size);
2766 inode->i_atime.tv_sec = (signed)le32_to_cpu(raw_inode->i_atime);
2767 @@ -1311,8 +1353,8 @@ static int ext2_update_inode(struct inod
2768 struct ext2_inode_info *ei = EXT2_I(inode);
2769 struct super_block *sb = inode->i_sb;
2770 ino_t ino = inode->i_ino;
2771 - uid_t uid = inode->i_uid;
2772 - gid_t gid = inode->i_gid;
2773 + uid_t uid = TAGINO_UID(DX_TAG(inode), inode->i_uid, inode->i_tag);
2774 + gid_t gid = TAGINO_GID(DX_TAG(inode), inode->i_gid, inode->i_tag);
2775 struct buffer_head * bh;
2776 struct ext2_inode * raw_inode = ext2_get_inode(sb, ino, &bh);
2778 @@ -1348,6 +1390,9 @@ static int ext2_update_inode(struct inod
2779 raw_inode->i_uid_high = 0;
2780 raw_inode->i_gid_high = 0;
2782 +#ifdef CONFIG_TAGGING_INTERN
2783 + raw_inode->i_raw_tag = cpu_to_le16(inode->i_tag);
2785 raw_inode->i_links_count = cpu_to_le16(inode->i_nlink);
2786 raw_inode->i_size = cpu_to_le32(inode->i_size);
2787 raw_inode->i_atime = cpu_to_le32(inode->i_atime.tv_sec);
2788 @@ -1434,7 +1479,8 @@ int ext2_setattr(struct dentry *dentry,
2791 if ((iattr->ia_valid & ATTR_UID && iattr->ia_uid != inode->i_uid) ||
2792 - (iattr->ia_valid & ATTR_GID && iattr->ia_gid != inode->i_gid)) {
2793 + (iattr->ia_valid & ATTR_GID && iattr->ia_gid != inode->i_gid) ||
2794 + (iattr->ia_valid & ATTR_TAG && iattr->ia_tag != inode->i_tag)) {
2795 error = DQUOT_TRANSFER(inode, iattr) ? -EDQUOT : 0;
2798 diff -NurpP --minimal linux-2.6.25.11/fs/ext2/ioctl.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext2/ioctl.c
2799 --- linux-2.6.25.11/fs/ext2/ioctl.c 2008-04-17 12:05:40.000000000 -0400
2800 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext2/ioctl.c 2008-07-11 02:48:03.000000000 -0400
2802 #include <linux/sched.h>
2803 #include <linux/compat.h>
2804 #include <linux/smp_lock.h>
2805 +#include <linux/mount.h>
2806 #include <asm/current.h>
2807 #include <asm/uaccess.h>
2809 @@ -34,7 +35,8 @@ long ext2_ioctl(struct file *filp, unsig
2810 case EXT2_IOC_SETFLAGS: {
2811 unsigned int oldflags;
2813 - if (IS_RDONLY(inode))
2814 + if (IS_RDONLY(inode) ||
2815 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
2818 if (!is_owner_or_cap(inode))
2819 @@ -46,6 +48,11 @@ long ext2_ioctl(struct file *filp, unsig
2820 if (!S_ISDIR(inode->i_mode))
2821 flags &= ~EXT2_DIRSYNC_FL;
2823 + if (IS_BARRIER(inode)) {
2824 + vxwprintk_task(1, "messing with the barrier.");
2828 mutex_lock(&inode->i_mutex);
2829 /* Is it quota file? Do not allow user to mess with it */
2830 if (IS_NOQUOTA(inode)) {
2831 @@ -60,7 +67,9 @@ long ext2_ioctl(struct file *filp, unsig
2833 * This test looks nicer. Thanks to Pauline Middelink
2835 - if ((flags ^ oldflags) & (EXT2_APPEND_FL | EXT2_IMMUTABLE_FL)) {
2836 + if ((oldflags & EXT2_IMMUTABLE_FL) ||
2837 + ((flags ^ oldflags) & (EXT2_APPEND_FL |
2838 + EXT2_IMMUTABLE_FL | EXT2_IXUNLINK_FL))) {
2839 if (!capable(CAP_LINUX_IMMUTABLE)) {
2840 mutex_unlock(&inode->i_mutex);
2842 @@ -82,7 +91,8 @@ long ext2_ioctl(struct file *filp, unsig
2843 case EXT2_IOC_SETVERSION:
2844 if (!is_owner_or_cap(inode))
2846 - if (IS_RDONLY(inode))
2847 + if (IS_RDONLY(inode) ||
2848 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
2850 if (get_user(inode->i_generation, (int __user *) arg))
2852 diff -NurpP --minimal linux-2.6.25.11/fs/ext2/namei.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext2/namei.c
2853 --- linux-2.6.25.11/fs/ext2/namei.c 2008-04-17 12:05:40.000000000 -0400
2854 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext2/namei.c 2008-04-21 10:12:49.000000000 -0400
2858 #include <linux/pagemap.h>
2859 +#include <linux/vs_tag.h>
2863 @@ -66,6 +67,7 @@ static struct dentry *ext2_lookup(struct
2864 inode = ext2_iget(dir->i_sb, ino);
2866 return ERR_CAST(inode);
2867 + dx_propagate_tag(nd, inode);
2869 return d_splice_alias(inode, dentry);
2871 @@ -391,6 +393,7 @@ const struct inode_operations ext2_dir_i
2873 .setattr = ext2_setattr,
2874 .permission = ext2_permission,
2875 + .sync_flags = ext2_sync_flags,
2878 const struct inode_operations ext2_special_inode_operations = {
2879 @@ -402,4 +405,5 @@ const struct inode_operations ext2_speci
2881 .setattr = ext2_setattr,
2882 .permission = ext2_permission,
2883 + .sync_flags = ext2_sync_flags,
2885 diff -NurpP --minimal linux-2.6.25.11/fs/ext2/super.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext2/super.c
2886 --- linux-2.6.25.11/fs/ext2/super.c 2008-04-17 12:05:40.000000000 -0400
2887 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext2/super.c 2008-04-19 15:14:52.000000000 -0400
2888 @@ -390,7 +390,8 @@ enum {
2889 Opt_err_ro, Opt_nouid32, Opt_nocheck, Opt_debug,
2890 Opt_oldalloc, Opt_orlov, Opt_nobh, Opt_user_xattr, Opt_nouser_xattr,
2891 Opt_acl, Opt_noacl, Opt_xip, Opt_ignore, Opt_err, Opt_quota,
2892 - Opt_usrquota, Opt_grpquota, Opt_reservation, Opt_noreservation
2893 + Opt_usrquota, Opt_grpquota, Opt_reservation, Opt_noreservation,
2894 + Opt_tag, Opt_notag, Opt_tagid
2897 static match_table_t tokens = {
2898 @@ -418,6 +419,9 @@ static match_table_t tokens = {
2900 {Opt_noacl, "noacl"},
2903 + {Opt_notag, "notag"},
2904 + {Opt_tagid, "tagid=%u"},
2905 {Opt_grpquota, "grpquota"},
2906 {Opt_ignore, "noquota"},
2907 {Opt_quota, "quota"},
2908 @@ -488,6 +492,20 @@ static int parse_options (char * options
2910 set_opt (sbi->s_mount_opt, NO_UID32);
2912 +#ifndef CONFIG_TAGGING_NONE
2914 + set_opt (sbi->s_mount_opt, TAGGED);
2917 + clear_opt (sbi->s_mount_opt, TAGGED);
2920 +#ifdef CONFIG_PROPAGATE
2923 + set_opt (sbi->s_mount_opt, TAGGED);
2927 clear_opt (sbi->s_mount_opt, CHECK);
2929 @@ -831,6 +849,8 @@ static int ext2_fill_super(struct super_
2930 if (!parse_options ((char *) data, sbi))
2933 + if (EXT2_SB(sb)->s_mount_opt & EXT2_MOUNT_TAGGED)
2934 + sb->s_flags |= MS_TAGGED;
2935 sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
2936 ((EXT2_SB(sb)->s_mount_opt & EXT2_MOUNT_POSIX_ACL) ?
2938 @@ -1164,6 +1184,13 @@ static int ext2_remount (struct super_bl
2942 + if ((sbi->s_mount_opt & EXT2_MOUNT_TAGGED) &&
2943 + !(sb->s_flags & MS_TAGGED)) {
2944 + printk("EXT2-fs: %s: tagging not permitted on remount.\n",
2949 sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
2950 ((sbi->s_mount_opt & EXT2_MOUNT_POSIX_ACL) ? MS_POSIXACL : 0);
2952 diff -NurpP --minimal linux-2.6.25.11/fs/ext2/symlink.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext2/symlink.c
2953 --- linux-2.6.25.11/fs/ext2/symlink.c 2008-04-17 10:32:27.000000000 -0400
2954 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext2/symlink.c 2008-04-19 15:14:52.000000000 -0400
2955 @@ -38,6 +38,7 @@ const struct inode_operations ext2_symli
2956 .listxattr = ext2_listxattr,
2957 .removexattr = generic_removexattr,
2959 + .sync_flags = ext2_sync_flags,
2962 const struct inode_operations ext2_fast_symlink_inode_operations = {
2963 @@ -49,4 +50,5 @@ const struct inode_operations ext2_fast_
2964 .listxattr = ext2_listxattr,
2965 .removexattr = generic_removexattr,
2967 + .sync_flags = ext2_sync_flags,
2969 diff -NurpP --minimal linux-2.6.25.11/fs/ext2/xattr.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext2/xattr.c
2970 --- linux-2.6.25.11/fs/ext2/xattr.c 2008-04-17 12:05:40.000000000 -0400
2971 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext2/xattr.c 2008-04-19 15:14:52.000000000 -0400
2973 #include <linux/mbcache.h>
2974 #include <linux/quotaops.h>
2975 #include <linux/rwsem.h>
2976 +#include <linux/vs_dlimit.h>
2980 @@ -641,8 +642,12 @@ ext2_xattr_set2(struct inode *inode, str
2982 ea_bdebug(new_bh, "reusing block");
2985 + if (DLIMIT_ALLOC_BLOCK(inode, 1))
2988 if (DQUOT_ALLOC_BLOCK(inode, 1)) {
2989 + DLIMIT_FREE_BLOCK(inode, 1);
2990 unlock_buffer(new_bh);
2993 @@ -735,6 +740,7 @@ ext2_xattr_set2(struct inode *inode, str
2994 le32_to_cpu(HDR(old_bh)->h_refcount) - 1);
2996 mb_cache_entry_release(ce);
2997 + DLIMIT_FREE_BLOCK(inode, 1);
2998 DQUOT_FREE_BLOCK(inode, 1);
2999 mark_buffer_dirty(old_bh);
3000 ea_bdebug(old_bh, "refcount now=%d",
3001 @@ -799,6 +805,7 @@ ext2_xattr_delete_inode(struct inode *in
3002 mark_buffer_dirty(bh);
3004 sync_dirty_buffer(bh);
3005 + DLIMIT_FREE_BLOCK(inode, 1);
3006 DQUOT_FREE_BLOCK(inode, 1);
3008 EXT2_I(inode)->i_file_acl = 0;
3009 diff -NurpP --minimal linux-2.6.25.11/fs/ext3/balloc.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext3/balloc.c
3010 --- linux-2.6.25.11/fs/ext3/balloc.c 2008-04-17 12:05:40.000000000 -0400
3011 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext3/balloc.c 2008-04-19 15:14:52.000000000 -0400
3013 #include <linux/ext3_jbd.h>
3014 #include <linux/quotaops.h>
3015 #include <linux/buffer_head.h>
3016 +#include <linux/vs_dlimit.h>
3017 +#include <linux/vs_tag.h>
3020 * balloc.c contains the blocks allocation and deallocation routines
3021 @@ -675,8 +677,10 @@ void ext3_free_blocks(handle_t *handle,
3024 ext3_free_blocks_sb(handle, sb, block, count, &dquot_freed_blocks);
3025 - if (dquot_freed_blocks)
3026 + if (dquot_freed_blocks) {
3027 + DLIMIT_FREE_BLOCK(inode, dquot_freed_blocks);
3028 DQUOT_FREE_BLOCK(inode, dquot_freed_blocks);
3033 @@ -1415,18 +1419,33 @@ out:
3035 * Check if filesystem has at least 1 free block available for allocation.
3037 -static int ext3_has_free_blocks(struct ext3_sb_info *sbi)
3038 +static int ext3_has_free_blocks(struct super_block *sb)
3040 - ext3_fsblk_t free_blocks, root_blocks;
3041 + struct ext3_sb_info *sbi = EXT3_SB(sb);
3042 + unsigned long long free_blocks, root_blocks;
3045 free_blocks = percpu_counter_read_positive(&sbi->s_freeblocks_counter);
3046 root_blocks = le32_to_cpu(sbi->s_es->s_r_blocks_count);
3047 - if (free_blocks < root_blocks + 1 && !capable(CAP_SYS_RESOURCE) &&
3049 + vxdprintk(VXD_CBIT(dlim, 3),
3050 + "ext3_has_free_blocks(%p): free=%llu, root=%llu",
3051 + sb, free_blocks, root_blocks);
3053 + DLIMIT_ADJUST_BLOCK(sb, dx_current_tag(), &free_blocks, &root_blocks);
3055 + cond = (free_blocks < root_blocks + 1 &&
3056 + !capable(CAP_SYS_RESOURCE) &&
3057 sbi->s_resuid != current->fsuid &&
3058 - (sbi->s_resgid == 0 || !in_group_p (sbi->s_resgid))) {
3062 + (sbi->s_resgid == 0 || !in_group_p (sbi->s_resgid)));
3064 + vxdprintk(VXD_CBIT(dlim, 3),
3065 + "ext3_has_free_blocks(%p): %llu<%llu+1, %c, %u!=%u r=%d",
3066 + sb, free_blocks, root_blocks,
3067 + !capable(CAP_SYS_RESOURCE)?'1':'0',
3068 + sbi->s_resuid, current->fsuid, cond?0:1);
3070 + return (cond ? 0 : 1);
3074 @@ -1443,7 +1462,7 @@ static int ext3_has_free_blocks(struct e
3076 int ext3_should_retry_alloc(struct super_block *sb, int *retries)
3078 - if (!ext3_has_free_blocks(EXT3_SB(sb)) || (*retries)++ > 3)
3079 + if (!ext3_has_free_blocks(sb) || (*retries)++ > 3)
3082 jbd_debug(1, "%s: retrying operation after ENOSPC\n", sb->s_id);
3083 @@ -1506,6 +1525,8 @@ ext3_fsblk_t ext3_new_blocks(handle_t *h
3087 + if (DLIMIT_ALLOC_BLOCK(inode, num))
3091 es = EXT3_SB(sb)->s_es;
3092 @@ -1522,7 +1543,7 @@ ext3_fsblk_t ext3_new_blocks(handle_t *h
3093 if (block_i && ((windowsz = block_i->rsv_window_node.rsv_goal_size) > 0))
3094 my_rsv = &block_i->rsv_window_node;
3096 - if (!ext3_has_free_blocks(sbi)) {
3097 + if (!ext3_has_free_blocks(sb)) {
3101 @@ -1710,12 +1731,16 @@ allocated:
3104 DQUOT_FREE_BLOCK(inode, *count-num);
3105 + DLIMIT_FREE_BLOCK(inode, *count-num);
3112 + if (!performed_allocation)
3113 + DLIMIT_FREE_BLOCK(inode, *count);
3117 ext3_std_error(sb, fatal);
3118 diff -NurpP --minimal linux-2.6.25.11/fs/ext3/file.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext3/file.c
3119 --- linux-2.6.25.11/fs/ext3/file.c 2008-04-17 10:37:23.000000000 -0400
3120 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext3/file.c 2008-04-19 15:14:52.000000000 -0400
3121 @@ -134,5 +134,6 @@ const struct inode_operations ext3_file_
3122 .removexattr = generic_removexattr,
3124 .permission = ext3_permission,
3125 + .sync_flags = ext3_sync_flags,
3128 diff -NurpP --minimal linux-2.6.25.11/fs/ext3/ialloc.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext3/ialloc.c
3129 --- linux-2.6.25.11/fs/ext3/ialloc.c 2008-04-17 12:05:40.000000000 -0400
3130 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext3/ialloc.c 2008-07-08 04:31:24.000000000 -0400
3132 #include <linux/buffer_head.h>
3133 #include <linux/random.h>
3134 #include <linux/bitops.h>
3135 +#include <linux/vs_dlimit.h>
3136 +#include <linux/vs_tag.h>
3138 #include <asm/byteorder.h>
3140 @@ -127,6 +129,7 @@ void ext3_free_inode (handle_t *handle,
3141 ext3_xattr_delete_inode(handle, inode);
3142 DQUOT_FREE_INODE(inode);
3144 + DLIMIT_FREE_INODE(inode);
3146 is_directory = S_ISDIR(inode->i_mode);
3148 @@ -440,6 +443,12 @@ struct inode *ext3_new_inode(handle_t *h
3149 inode = new_inode(sb);
3151 return ERR_PTR(-ENOMEM);
3153 + inode->i_tag = dx_current_fstag(sb);
3154 + if (DLIMIT_ALLOC_INODE(inode)) {
3161 @@ -559,7 +568,8 @@ got:
3162 ei->i_dir_start_lookup = 0;
3165 - ei->i_flags = EXT3_I(dir)->i_flags & ~EXT3_INDEX_FL;
3166 + ei->i_flags = EXT3_I(dir)->i_flags &
3167 + ~(EXT3_INDEX_FL|EXT3_IXUNLINK_FL|EXT3_BARRIER_FL);
3169 ei->i_flags &= ~(EXT3_IMMUTABLE_FL|EXT3_APPEND_FL);
3170 /* dirsync only applies to directories */
3171 @@ -614,6 +624,8 @@ got:
3173 ext3_std_error(sb, err);
3175 + DLIMIT_FREE_INODE(inode);
3180 @@ -625,6 +637,7 @@ fail_free_drop:
3184 + DLIMIT_FREE_INODE(inode);
3185 inode->i_flags |= S_NOQUOTA;
3188 diff -NurpP --minimal linux-2.6.25.11/fs/ext3/inode.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext3/inode.c
3189 --- linux-2.6.25.11/fs/ext3/inode.c 2008-04-17 12:05:40.000000000 -0400
3190 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext3/inode.c 2008-07-08 16:53:39.000000000 -0400
3192 #include <linux/mpage.h>
3193 #include <linux/uio.h>
3194 #include <linux/bio.h>
3195 +#include <linux/vs_tag.h>
3199 @@ -2300,7 +2301,7 @@ void ext3_truncate(struct inode *inode)
3201 if (ext3_inode_is_fast_symlink(inode))
3203 - if (IS_APPEND(inode) || IS_IMMUTABLE(inode))
3204 + if (IS_APPEND(inode) || IS_IXORUNLINK(inode))
3208 @@ -2622,36 +2623,84 @@ void ext3_set_inode_flags(struct inode *
3210 unsigned int flags = EXT3_I(inode)->i_flags;
3212 - inode->i_flags &= ~(S_SYNC|S_APPEND|S_IMMUTABLE|S_NOATIME|S_DIRSYNC);
3213 + inode->i_flags &= ~(S_IMMUTABLE | S_IXUNLINK |
3214 + S_SYNC | S_APPEND | S_NOATIME | S_DIRSYNC);
3216 + if (flags & EXT3_IMMUTABLE_FL)
3217 + inode->i_flags |= S_IMMUTABLE;
3218 + if (flags & EXT3_IXUNLINK_FL)
3219 + inode->i_flags |= S_IXUNLINK;
3221 if (flags & EXT3_SYNC_FL)
3222 inode->i_flags |= S_SYNC;
3223 if (flags & EXT3_APPEND_FL)
3224 inode->i_flags |= S_APPEND;
3225 - if (flags & EXT3_IMMUTABLE_FL)
3226 - inode->i_flags |= S_IMMUTABLE;
3227 if (flags & EXT3_NOATIME_FL)
3228 inode->i_flags |= S_NOATIME;
3229 if (flags & EXT3_DIRSYNC_FL)
3230 inode->i_flags |= S_DIRSYNC;
3232 + inode->i_vflags &= ~(V_BARRIER | V_COW);
3234 + if (flags & EXT3_BARRIER_FL)
3235 + inode->i_vflags |= V_BARRIER;
3236 + if (flags & EXT3_COW_FL)
3237 + inode->i_vflags |= V_COW;
3240 /* Propagate flags from i_flags to EXT3_I(inode)->i_flags */
3241 void ext3_get_inode_flags(struct ext3_inode_info *ei)
3243 unsigned int flags = ei->vfs_inode.i_flags;
3244 + unsigned int vflags = ei->vfs_inode.i_vflags;
3246 + ei->i_flags &= ~(EXT3_SYNC_FL | EXT3_APPEND_FL |
3247 + EXT3_IMMUTABLE_FL | EXT3_IXUNLINK_FL |
3248 + EXT3_NOATIME_FL | EXT3_DIRSYNC_FL |
3249 + EXT3_BARRIER_FL | EXT3_COW_FL);
3251 + if (flags & S_IMMUTABLE)
3252 + ei->i_flags |= EXT3_IMMUTABLE_FL;
3253 + if (flags & S_IXUNLINK)
3254 + ei->i_flags |= EXT3_IXUNLINK_FL;
3256 - ei->i_flags &= ~(EXT3_SYNC_FL|EXT3_APPEND_FL|
3257 - EXT3_IMMUTABLE_FL|EXT3_NOATIME_FL|EXT3_DIRSYNC_FL);
3259 ei->i_flags |= EXT3_SYNC_FL;
3260 if (flags & S_APPEND)
3261 ei->i_flags |= EXT3_APPEND_FL;
3262 - if (flags & S_IMMUTABLE)
3263 - ei->i_flags |= EXT3_IMMUTABLE_FL;
3264 if (flags & S_NOATIME)
3265 ei->i_flags |= EXT3_NOATIME_FL;
3266 if (flags & S_DIRSYNC)
3267 ei->i_flags |= EXT3_DIRSYNC_FL;
3269 + if (vflags & V_BARRIER)
3270 + ei->i_flags |= EXT3_BARRIER_FL;
3271 + if (vflags & V_COW)
3272 + ei->i_flags |= EXT3_COW_FL;
3275 +int ext3_sync_flags(struct inode *inode)
3277 + struct ext3_iloc iloc;
3281 + handle = ext3_journal_start(inode, 1);
3282 + if (IS_ERR(handle))
3283 + return PTR_ERR(handle);
3284 + if (IS_SYNC(inode))
3285 + handle->h_sync = 1;
3286 + err = ext3_reserve_inode_write(handle, inode, &iloc);
3290 + ext3_get_inode_flags(EXT3_I(inode));
3291 + inode->i_ctime = CURRENT_TIME;
3293 + err = ext3_mark_iloc_dirty(handle, inode, &iloc);
3295 + ext3_journal_stop(handle);
3299 struct inode *ext3_iget(struct super_block *sb, unsigned long ino)
3300 @@ -2663,6 +2712,8 @@ struct inode *ext3_iget(struct super_blo
3301 struct inode *inode;
3307 inode = iget_locked(sb, ino);
3309 @@ -2683,12 +2734,17 @@ struct inode *ext3_iget(struct super_blo
3311 raw_inode = ext3_raw_inode(&iloc);
3312 inode->i_mode = le16_to_cpu(raw_inode->i_mode);
3313 - inode->i_uid = (uid_t)le16_to_cpu(raw_inode->i_uid_low);
3314 - inode->i_gid = (gid_t)le16_to_cpu(raw_inode->i_gid_low);
3315 + uid = (uid_t)le16_to_cpu(raw_inode->i_uid_low);
3316 + gid = (gid_t)le16_to_cpu(raw_inode->i_gid_low);
3317 if(!(test_opt (inode->i_sb, NO_UID32))) {
3318 - inode->i_uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
3319 - inode->i_gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
3320 + uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
3321 + gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
3323 + inode->i_uid = INOTAG_UID(DX_TAG(inode), uid, gid);
3324 + inode->i_gid = INOTAG_GID(DX_TAG(inode), uid, gid);
3325 + inode->i_tag = INOTAG_TAG(DX_TAG(inode), uid, gid,
3326 + le16_to_cpu(raw_inode->i_raw_tag));
3328 inode->i_nlink = le16_to_cpu(raw_inode->i_links_count);
3329 inode->i_size = le32_to_cpu(raw_inode->i_size);
3330 inode->i_atime.tv_sec = (signed)le32_to_cpu(raw_inode->i_atime);
3331 @@ -2817,6 +2873,8 @@ static int ext3_do_update_inode(handle_t
3332 struct ext3_inode *raw_inode = ext3_raw_inode(iloc);
3333 struct ext3_inode_info *ei = EXT3_I(inode);
3334 struct buffer_head *bh = iloc->bh;
3335 + uid_t uid = TAGINO_UID(DX_TAG(inode), inode->i_uid, inode->i_tag);
3336 + gid_t gid = TAGINO_GID(DX_TAG(inode), inode->i_gid, inode->i_tag);
3337 int err = 0, rc, block;
3339 /* For fields not not tracking in the in-memory inode,
3340 @@ -2827,29 +2885,32 @@ static int ext3_do_update_inode(handle_t
3341 ext3_get_inode_flags(ei);
3342 raw_inode->i_mode = cpu_to_le16(inode->i_mode);
3343 if(!(test_opt(inode->i_sb, NO_UID32))) {
3344 - raw_inode->i_uid_low = cpu_to_le16(low_16_bits(inode->i_uid));
3345 - raw_inode->i_gid_low = cpu_to_le16(low_16_bits(inode->i_gid));
3346 + raw_inode->i_uid_low = cpu_to_le16(low_16_bits(uid));
3347 + raw_inode->i_gid_low = cpu_to_le16(low_16_bits(gid));
3349 * Fix up interoperability with old kernels. Otherwise, old inodes get
3350 * re-used with the upper 16 bits of the uid/gid intact
3353 raw_inode->i_uid_high =
3354 - cpu_to_le16(high_16_bits(inode->i_uid));
3355 + cpu_to_le16(high_16_bits(uid));
3356 raw_inode->i_gid_high =
3357 - cpu_to_le16(high_16_bits(inode->i_gid));
3358 + cpu_to_le16(high_16_bits(gid));
3360 raw_inode->i_uid_high = 0;
3361 raw_inode->i_gid_high = 0;
3364 raw_inode->i_uid_low =
3365 - cpu_to_le16(fs_high2lowuid(inode->i_uid));
3366 + cpu_to_le16(fs_high2lowuid(uid));
3367 raw_inode->i_gid_low =
3368 - cpu_to_le16(fs_high2lowgid(inode->i_gid));
3369 + cpu_to_le16(fs_high2lowgid(gid));
3370 raw_inode->i_uid_high = 0;
3371 raw_inode->i_gid_high = 0;
3373 +#ifdef CONFIG_TAGGING_INTERN
3374 + raw_inode->i_raw_tag = cpu_to_le16(inode->i_tag);
3376 raw_inode->i_links_count = cpu_to_le16(inode->i_nlink);
3377 raw_inode->i_size = cpu_to_le32(ei->i_disksize);
3378 raw_inode->i_atime = cpu_to_le32(inode->i_atime.tv_sec);
3379 @@ -3002,7 +3063,8 @@ int ext3_setattr(struct dentry *dentry,
3382 if ((ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid) ||
3383 - (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid)) {
3384 + (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid) ||
3385 + (ia_valid & ATTR_TAG && attr->ia_tag != inode->i_tag)) {
3388 /* (user+group)*(old+new) structure, inode write (sb,
3389 @@ -3024,6 +3086,8 @@ int ext3_setattr(struct dentry *dentry,
3390 inode->i_uid = attr->ia_uid;
3391 if (attr->ia_valid & ATTR_GID)
3392 inode->i_gid = attr->ia_gid;
3393 + if ((attr->ia_valid & ATTR_TAG) && IS_TAGGED(inode))
3394 + inode->i_tag = attr->ia_tag;
3395 error = ext3_mark_inode_dirty(handle, inode);
3396 ext3_journal_stop(handle);
3398 diff -NurpP --minimal linux-2.6.25.11/fs/ext3/ioctl.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext3/ioctl.c
3399 --- linux-2.6.25.11/fs/ext3/ioctl.c 2008-04-17 11:31:35.000000000 -0400
3400 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext3/ioctl.c 2008-07-11 02:49:40.000000000 -0400
3404 #include <linux/fs.h>
3405 +#include <linux/mount.h>
3406 #include <linux/jbd.h>
3407 #include <linux/capability.h>
3408 #include <linux/ext3_fs.h>
3410 #include <linux/time.h>
3411 #include <linux/compat.h>
3412 #include <linux/smp_lock.h>
3413 +#include <linux/vs_tag.h>
3414 #include <asm/uaccess.h>
3416 int ext3_ioctl (struct inode * inode, struct file * filp, unsigned int cmd,
3417 @@ -38,7 +40,8 @@ int ext3_ioctl (struct inode * inode, st
3418 unsigned int oldflags;
3421 - if (IS_RDONLY(inode))
3422 + if (IS_RDONLY(inode) ||
3423 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
3426 if (!is_owner_or_cap(inode))
3427 @@ -50,6 +53,11 @@ int ext3_ioctl (struct inode * inode, st
3428 if (!S_ISDIR(inode->i_mode))
3429 flags &= ~EXT3_DIRSYNC_FL;
3431 + if (IS_BARRIER(inode)) {
3432 + vxwprintk_task(1, "messing with the barrier.");
3436 mutex_lock(&inode->i_mutex);
3437 /* Is it quota file? Do not allow user to mess with it */
3438 if (IS_NOQUOTA(inode)) {
3439 @@ -67,7 +75,9 @@ int ext3_ioctl (struct inode * inode, st
3441 * This test looks nicer. Thanks to Pauline Middelink
3443 - if ((flags ^ oldflags) & (EXT3_APPEND_FL | EXT3_IMMUTABLE_FL)) {
3444 + if ((oldflags & EXT3_IMMUTABLE_FL) ||
3445 + ((flags ^ oldflags) & (EXT3_APPEND_FL |
3446 + EXT3_IMMUTABLE_FL | EXT3_IXUNLINK_FL))) {
3447 if (!capable(CAP_LINUX_IMMUTABLE)) {
3448 mutex_unlock(&inode->i_mutex);
3450 @@ -129,7 +139,8 @@ flags_err:
3452 if (!is_owner_or_cap(inode))
3454 - if (IS_RDONLY(inode))
3455 + if (IS_RDONLY(inode) ||
3456 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
3458 if (get_user(generation, (int __user *) arg))
3460 @@ -183,7 +194,8 @@ flags_err:
3461 if (!test_opt(inode->i_sb, RESERVATION) ||!S_ISREG(inode->i_mode))
3464 - if (IS_RDONLY(inode))
3465 + if (IS_RDONLY(inode) ||
3466 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
3469 if (!is_owner_or_cap(inode))
3470 @@ -218,7 +230,8 @@ flags_err:
3471 if (!capable(CAP_SYS_RESOURCE))
3474 - if (IS_RDONLY(inode))
3475 + if (IS_RDONLY(inode) ||
3476 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
3479 if (get_user(n_blocks_count, (__u32 __user *)arg))
3480 @@ -239,7 +252,8 @@ flags_err:
3481 if (!capable(CAP_SYS_RESOURCE))
3484 - if (IS_RDONLY(inode))
3485 + if (IS_RDONLY(inode) ||
3486 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
3489 if (copy_from_user(&input, (struct ext3_new_group_input __user *)arg,
3490 diff -NurpP --minimal linux-2.6.25.11/fs/ext3/namei.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext3/namei.c
3491 --- linux-2.6.25.11/fs/ext3/namei.c 2008-04-17 12:05:40.000000000 -0400
3492 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext3/namei.c 2008-04-19 15:14:52.000000000 -0400
3494 #include <linux/quotaops.h>
3495 #include <linux/buffer_head.h>
3496 #include <linux/bio.h>
3497 +#include <linux/vs_tag.h>
3501 @@ -907,6 +908,7 @@ restart:
3503 ll_rw_block(READ_META, 1, &bh);
3505 + dx_propagate_tag(nd, inode);
3507 if ((bh = bh_use[ra_ptr++]) == NULL)
3509 @@ -2417,6 +2419,7 @@ const struct inode_operations ext3_dir_i
3510 .removexattr = generic_removexattr,
3512 .permission = ext3_permission,
3513 + .sync_flags = ext3_sync_flags,
3516 const struct inode_operations ext3_special_inode_operations = {
3517 @@ -2428,4 +2431,5 @@ const struct inode_operations ext3_speci
3518 .removexattr = generic_removexattr,
3520 .permission = ext3_permission,
3521 + .sync_flags = ext3_sync_flags,
3523 diff -NurpP --minimal linux-2.6.25.11/fs/ext3/super.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext3/super.c
3524 --- linux-2.6.25.11/fs/ext3/super.c 2008-04-17 12:05:40.000000000 -0400
3525 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext3/super.c 2008-04-20 13:26:55.000000000 -0400
3526 @@ -756,7 +756,7 @@ enum {
3527 Opt_usrjquota, Opt_grpjquota, Opt_offusrjquota, Opt_offgrpjquota,
3528 Opt_jqfmt_vfsold, Opt_jqfmt_vfsv0, Opt_quota, Opt_noquota,
3529 Opt_ignore, Opt_barrier, Opt_err, Opt_resize, Opt_usrquota,
3531 + Opt_grpquota, Opt_tag, Opt_notag, Opt_tagid
3534 static match_table_t tokens = {
3535 @@ -807,6 +807,9 @@ static match_table_t tokens = {
3536 {Opt_usrquota, "usrquota"},
3537 {Opt_barrier, "barrier=%u"},
3538 {Opt_resize, "resize"},
3540 + {Opt_notag, "notag"},
3541 + {Opt_tagid, "tagid=%u"},
3545 @@ -899,6 +902,20 @@ static int parse_options (char *options,
3547 set_opt (sbi->s_mount_opt, NO_UID32);
3549 +#ifndef CONFIG_TAGGING_NONE
3551 + set_opt (sbi->s_mount_opt, TAGGED);
3554 + clear_opt (sbi->s_mount_opt, TAGGED);
3557 +#ifdef CONFIG_PROPAGATE
3560 + set_opt (sbi->s_mount_opt, TAGGED);
3564 clear_opt (sbi->s_mount_opt, CHECK);
3566 @@ -1591,6 +1608,9 @@ static int ext3_fill_super (struct super
3570 + if (EXT3_SB(sb)->s_mount_opt & EXT3_MOUNT_TAGGED)
3571 + sb->s_flags |= MS_TAGGED;
3573 sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
3574 ((sbi->s_mount_opt & EXT3_MOUNT_POSIX_ACL) ? MS_POSIXACL : 0);
3576 @@ -2428,6 +2448,12 @@ static int ext3_remount (struct super_bl
3578 if (sbi->s_mount_opt & EXT3_MOUNT_ABORT)
3579 ext3_abort(sb, __FUNCTION__, "Abort forced by user");
3580 + if ((sbi->s_mount_opt & EXT3_MOUNT_TAGGED) &&
3581 + !(sb->s_flags & MS_TAGGED)) {
3582 + printk("EXT3-fs: %s: tagging not permitted on remount.\n",
3587 sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
3588 ((sbi->s_mount_opt & EXT3_MOUNT_POSIX_ACL) ? MS_POSIXACL : 0);
3589 diff -NurpP --minimal linux-2.6.25.11/fs/ext3/symlink.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext3/symlink.c
3590 --- linux-2.6.25.11/fs/ext3/symlink.c 2008-04-17 10:32:27.000000000 -0400
3591 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext3/symlink.c 2008-04-19 15:14:52.000000000 -0400
3592 @@ -40,6 +40,7 @@ const struct inode_operations ext3_symli
3593 .listxattr = ext3_listxattr,
3594 .removexattr = generic_removexattr,
3596 + .sync_flags = ext3_sync_flags,
3599 const struct inode_operations ext3_fast_symlink_inode_operations = {
3600 @@ -51,4 +52,5 @@ const struct inode_operations ext3_fast_
3601 .listxattr = ext3_listxattr,
3602 .removexattr = generic_removexattr,
3604 + .sync_flags = ext3_sync_flags,
3606 diff -NurpP --minimal linux-2.6.25.11/fs/ext3/xattr.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext3/xattr.c
3607 --- linux-2.6.25.11/fs/ext3/xattr.c 2008-07-15 22:05:17.000000000 -0400
3608 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext3/xattr.c 2008-06-10 20:00:46.000000000 -0400
3610 #include <linux/mbcache.h>
3611 #include <linux/quotaops.h>
3612 #include <linux/rwsem.h>
3613 +#include <linux/vs_dlimit.h>
3617 @@ -496,6 +497,7 @@ ext3_xattr_release_block(handle_t *handl
3618 error = ext3_journal_dirty_metadata(handle, bh);
3621 + DLIMIT_FREE_BLOCK(inode, 1);
3622 DQUOT_FREE_BLOCK(inode, 1);
3623 ea_bdebug(bh, "refcount now=%d; releasing",
3624 le32_to_cpu(BHDR(bh)->h_refcount));
3625 @@ -769,11 +771,14 @@ inserted:
3626 if (new_bh == bs->bh)
3627 ea_bdebug(new_bh, "keeping");
3630 + if (DLIMIT_ALLOC_BLOCK(inode, 1))
3632 /* The old block is released after updating
3635 if (DQUOT_ALLOC_BLOCK(inode, 1))
3637 + goto cleanup_dlimit;
3638 error = ext3_journal_get_write_access(handle,
3641 @@ -849,6 +854,8 @@ cleanup:
3644 DQUOT_FREE_BLOCK(inode, 1);
3646 + DLIMIT_FREE_BLOCK(inode, 1);
3650 diff -NurpP --minimal linux-2.6.25.11/fs/ext4/balloc.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext4/balloc.c
3651 --- linux-2.6.25.11/fs/ext4/balloc.c 2008-04-17 12:05:40.000000000 -0400
3652 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext4/balloc.c 2008-04-21 10:23:33.000000000 -0400
3654 #include <linux/ext4_jbd2.h>
3655 #include <linux/quotaops.h>
3656 #include <linux/buffer_head.h>
3657 +#include <linux/vs_dlimit.h>
3658 +#include <linux/vs_tag.h>
3662 @@ -810,8 +812,10 @@ void ext4_free_blocks(handle_t *handle,
3664 ext4_mb_free_blocks(handle, inode, block, count,
3665 metadata, &dquot_freed_blocks);
3666 - if (dquot_freed_blocks)
3667 + if (dquot_freed_blocks) {
3668 + DLIMIT_FREE_BLOCK(inode, dquot_freed_blocks);
3669 DQUOT_FREE_BLOCK(inode, dquot_freed_blocks);
3674 @@ -1551,18 +1555,33 @@ out:
3676 * Check if filesystem has at least 1 free block available for allocation.
3678 -static int ext4_has_free_blocks(struct ext4_sb_info *sbi)
3679 +static int ext4_has_free_blocks(struct super_block *sb)
3681 + struct ext4_sb_info *sbi = EXT4_SB(sb);
3682 ext4_fsblk_t free_blocks, root_blocks;
3685 free_blocks = percpu_counter_read_positive(&sbi->s_freeblocks_counter);
3686 root_blocks = ext4_r_blocks_count(sbi->s_es);
3687 - if (free_blocks < root_blocks + 1 && !capable(CAP_SYS_RESOURCE) &&
3689 + vxdprintk(VXD_CBIT(dlim, 3),
3690 + "ext4_has_free_blocks(%p): free=%llu, root=%llu",
3691 + sb, free_blocks, root_blocks);
3693 + DLIMIT_ADJUST_BLOCK(sb, dx_current_tag(), &free_blocks, &root_blocks);
3695 + cond = (free_blocks < root_blocks + 1 &&
3696 + !capable(CAP_SYS_RESOURCE) &&
3697 sbi->s_resuid != current->fsuid &&
3698 - (sbi->s_resgid == 0 || !in_group_p (sbi->s_resgid))) {
3702 + (sbi->s_resgid == 0 || !in_group_p (sbi->s_resgid)));
3704 + vxdprintk(VXD_CBIT(dlim, 3),
3705 + "ext4_has_free_blocks(%p): %llu<%llu+1, %c, %u!=%u r=%d",
3706 + sb, free_blocks, root_blocks,
3707 + !capable(CAP_SYS_RESOURCE)?'1':'0',
3708 + sbi->s_resuid, current->fsuid, cond?0:1);
3710 + return (cond ? 0 : 1);
3714 @@ -1579,7 +1598,7 @@ static int ext4_has_free_blocks(struct e
3716 int ext4_should_retry_alloc(struct super_block *sb, int *retries)
3718 - if (!ext4_has_free_blocks(EXT4_SB(sb)) || (*retries)++ > 3)
3719 + if (!ext4_has_free_blocks(sb) || (*retries)++ > 3)
3722 jbd_debug(1, "%s: retrying operation after ENOSPC\n", sb->s_id);
3723 @@ -1639,6 +1658,8 @@ ext4_fsblk_t ext4_new_blocks_old(handle_
3727 + if (DLIMIT_ALLOC_BLOCK(inode, num))
3731 es = EXT4_SB(sb)->s_es;
3732 @@ -1655,7 +1676,7 @@ ext4_fsblk_t ext4_new_blocks_old(handle_
3733 if (block_i && ((windowsz = block_i->rsv_window_node.rsv_goal_size) > 0))
3734 my_rsv = &block_i->rsv_window_node;
3736 - if (!ext4_has_free_blocks(sbi)) {
3737 + if (!ext4_has_free_blocks(sb)) {
3741 @@ -1841,12 +1862,16 @@ allocated:
3744 DQUOT_FREE_BLOCK(inode, *count-num);
3745 + DLIMIT_FREE_BLOCK(inode, *count-num);
3752 + if (!performed_allocation)
3753 + DLIMIT_FREE_BLOCK(inode, *count);
3757 ext4_std_error(sb, fatal);
3758 diff -NurpP --minimal linux-2.6.25.11/fs/ext4/file.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext4/file.c
3759 --- linux-2.6.25.11/fs/ext4/file.c 2008-04-17 12:05:40.000000000 -0400
3760 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext4/file.c 2008-04-19 15:14:52.000000000 -0400
3761 @@ -152,5 +152,6 @@ const struct inode_operations ext4_file_
3763 .permission = ext4_permission,
3764 .fallocate = ext4_fallocate,
3765 + .sync_flags = ext4_sync_flags,
3768 diff -NurpP --minimal linux-2.6.25.11/fs/ext4/ialloc.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext4/ialloc.c
3769 --- linux-2.6.25.11/fs/ext4/ialloc.c 2008-04-17 12:05:40.000000000 -0400
3770 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext4/ialloc.c 2008-07-08 04:31:24.000000000 -0400
3772 #include <linux/random.h>
3773 #include <linux/bitops.h>
3774 #include <linux/blkdev.h>
3775 +#include <linux/vs_dlimit.h>
3776 +#include <linux/vs_tag.h>
3777 #include <asm/byteorder.h>
3780 @@ -186,6 +188,7 @@ void ext4_free_inode (handle_t *handle,
3781 ext4_xattr_delete_inode(handle, inode);
3782 DQUOT_FREE_INODE(inode);
3784 + DLIMIT_FREE_INODE(inode);
3786 is_directory = S_ISDIR(inode->i_mode);
3788 @@ -513,6 +516,12 @@ struct inode *ext4_new_inode(handle_t *h
3789 inode = new_inode(sb);
3791 return ERR_PTR(-ENOMEM);
3793 + inode->i_tag = dx_current_fstag(sb);
3794 + if (DLIMIT_ALLOC_INODE(inode)) {
3801 @@ -707,7 +716,8 @@ got:
3802 * newly created directory and file only if -o extent mount option is
3805 - ei->i_flags = EXT4_I(dir)->i_flags & ~(EXT4_INDEX_FL|EXT4_EXTENTS_FL);
3806 + ei->i_flags = EXT4_I(dir)->i_flags &
3807 + ~(EXT4_INDEX_FL|EXT4_EXTENTS_FL|EXT4_IXUNLINK_FL|EXT4_BARRIER_FL);
3809 ei->i_flags &= ~(EXT4_IMMUTABLE_FL|EXT4_APPEND_FL);
3810 /* dirsync only applies to directories */
3811 @@ -766,6 +776,8 @@ got:
3813 ext4_std_error(sb, err);
3815 + DLIMIT_FREE_INODE(inode);
3820 @@ -777,6 +789,7 @@ fail_free_drop:
3824 + DLIMIT_FREE_INODE(inode);
3825 inode->i_flags |= S_NOQUOTA;
3828 diff -NurpP --minimal linux-2.6.25.11/fs/ext4/inode.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext4/inode.c
3829 --- linux-2.6.25.11/fs/ext4/inode.c 2008-04-17 12:05:40.000000000 -0400
3830 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext4/inode.c 2008-07-11 03:12:05.000000000 -0400
3832 #include <linux/mpage.h>
3833 #include <linux/uio.h>
3834 #include <linux/bio.h>
3835 +#include <linux/vs_tag.h>
3839 @@ -2342,7 +2343,7 @@ void ext4_truncate(struct inode *inode)
3841 if (ext4_inode_is_fast_symlink(inode))
3843 - if (IS_APPEND(inode) || IS_IMMUTABLE(inode))
3844 + if (IS_APPEND(inode) || IS_IXORUNLINK(inode))
3848 @@ -2671,37 +2672,86 @@ void ext4_set_inode_flags(struct inode *
3850 unsigned int flags = EXT4_I(inode)->i_flags;
3852 - inode->i_flags &= ~(S_SYNC|S_APPEND|S_IMMUTABLE|S_NOATIME|S_DIRSYNC);
3853 + inode->i_flags &= ~(S_IMMUTABLE | S_IXUNLINK |
3854 + S_SYNC | S_APPEND | S_NOATIME | S_DIRSYNC);
3856 + if (flags & EXT4_IMMUTABLE_FL)
3857 + inode->i_flags |= S_IMMUTABLE;
3858 + if (flags & EXT4_IXUNLINK_FL)
3859 + inode->i_flags |= S_IXUNLINK;
3861 if (flags & EXT4_SYNC_FL)
3862 inode->i_flags |= S_SYNC;
3863 if (flags & EXT4_APPEND_FL)
3864 inode->i_flags |= S_APPEND;
3865 - if (flags & EXT4_IMMUTABLE_FL)
3866 - inode->i_flags |= S_IMMUTABLE;
3867 if (flags & EXT4_NOATIME_FL)
3868 inode->i_flags |= S_NOATIME;
3869 if (flags & EXT4_DIRSYNC_FL)
3870 inode->i_flags |= S_DIRSYNC;
3872 + inode->i_vflags &= ~(V_BARRIER | V_COW);
3874 + if (flags & EXT4_BARRIER_FL)
3875 + inode->i_vflags |= V_BARRIER;
3876 + if (flags & EXT4_COW_FL)
3877 + inode->i_vflags |= V_COW;
3880 /* Propagate flags from i_flags to EXT4_I(inode)->i_flags */
3881 void ext4_get_inode_flags(struct ext4_inode_info *ei)
3883 unsigned int flags = ei->vfs_inode.i_flags;
3884 + unsigned int vflags = ei->vfs_inode.i_vflags;
3886 + ei->i_flags &= ~(EXT4_SYNC_FL | EXT4_APPEND_FL |
3887 + EXT4_IMMUTABLE_FL | EXT4_IXUNLINK_FL |
3888 + EXT4_NOATIME_FL | EXT4_DIRSYNC_FL |
3889 + EXT4_BARRIER_FL | EXT4_COW_FL);
3891 + if (flags & S_IMMUTABLE)
3892 + ei->i_flags |= EXT4_IMMUTABLE_FL;
3893 + if (flags & S_IXUNLINK)
3894 + ei->i_flags |= EXT4_IXUNLINK_FL;
3896 - ei->i_flags &= ~(EXT4_SYNC_FL|EXT4_APPEND_FL|
3897 - EXT4_IMMUTABLE_FL|EXT4_NOATIME_FL|EXT4_DIRSYNC_FL);
3899 ei->i_flags |= EXT4_SYNC_FL;
3900 if (flags & S_APPEND)
3901 ei->i_flags |= EXT4_APPEND_FL;
3902 - if (flags & S_IMMUTABLE)
3903 - ei->i_flags |= EXT4_IMMUTABLE_FL;
3904 if (flags & S_NOATIME)
3905 ei->i_flags |= EXT4_NOATIME_FL;
3906 if (flags & S_DIRSYNC)
3907 ei->i_flags |= EXT4_DIRSYNC_FL;
3909 + if (vflags & V_BARRIER)
3910 + ei->i_flags |= EXT4_BARRIER_FL;
3911 + if (vflags & V_COW)
3912 + ei->i_flags |= EXT4_COW_FL;
3915 +int ext4_sync_flags(struct inode *inode)
3917 + struct ext4_iloc iloc;
3921 + handle = ext4_journal_start(inode, 1);
3922 + if (IS_ERR(handle))
3923 + return PTR_ERR(handle);
3924 + if (IS_SYNC(inode))
3925 + handle->h_sync = 1;
3926 + err = ext4_reserve_inode_write(handle, inode, &iloc);
3930 + ext4_get_inode_flags(EXT4_I(inode));
3931 + inode->i_ctime = CURRENT_TIME;
3933 + err = ext4_mark_iloc_dirty(handle, inode, &iloc);
3935 + ext4_journal_stop(handle);
3939 static blkcnt_t ext4_inode_blocks(struct ext4_inode *raw_inode,
3940 struct ext4_inode_info *ei)
3942 @@ -2734,6 +2784,8 @@ struct inode *ext4_iget(struct super_blo
3943 struct inode *inode;
3949 inode = iget_locked(sb, ino);
3951 @@ -2754,12 +2806,17 @@ struct inode *ext4_iget(struct super_blo
3953 raw_inode = ext4_raw_inode(&iloc);
3954 inode->i_mode = le16_to_cpu(raw_inode->i_mode);
3955 - inode->i_uid = (uid_t)le16_to_cpu(raw_inode->i_uid_low);
3956 - inode->i_gid = (gid_t)le16_to_cpu(raw_inode->i_gid_low);
3957 + uid = (uid_t)le16_to_cpu(raw_inode->i_uid_low);
3958 + gid = (gid_t)le16_to_cpu(raw_inode->i_gid_low);
3959 if(!(test_opt (inode->i_sb, NO_UID32))) {
3960 - inode->i_uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
3961 - inode->i_gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
3962 + uid |= le16_to_cpu(raw_inode->i_uid_high) << 16;
3963 + gid |= le16_to_cpu(raw_inode->i_gid_high) << 16;
3965 + inode->i_uid = INOTAG_UID(DX_TAG(inode), uid, gid);
3966 + inode->i_gid = INOTAG_GID(DX_TAG(inode), uid, gid);
3967 + inode->i_tag = INOTAG_TAG(DX_TAG(inode), uid, gid,
3968 + le16_to_cpu(raw_inode->i_raw_tag));
3970 inode->i_nlink = le16_to_cpu(raw_inode->i_links_count);
3973 @@ -2933,6 +2990,8 @@ static int ext4_do_update_inode(handle_t
3974 struct ext4_inode *raw_inode = ext4_raw_inode(iloc);
3975 struct ext4_inode_info *ei = EXT4_I(inode);
3976 struct buffer_head *bh = iloc->bh;
3977 + uid_t uid = TAGINO_UID(DX_TAG(inode), inode->i_uid, inode->i_tag);
3978 + gid_t gid = TAGINO_GID(DX_TAG(inode), inode->i_gid, inode->i_tag);
3979 int err = 0, rc, block;
3981 /* For fields not not tracking in the in-memory inode,
3982 @@ -2943,29 +3002,32 @@ static int ext4_do_update_inode(handle_t
3983 ext4_get_inode_flags(ei);
3984 raw_inode->i_mode = cpu_to_le16(inode->i_mode);
3985 if(!(test_opt(inode->i_sb, NO_UID32))) {
3986 - raw_inode->i_uid_low = cpu_to_le16(low_16_bits(inode->i_uid));
3987 - raw_inode->i_gid_low = cpu_to_le16(low_16_bits(inode->i_gid));
3988 + raw_inode->i_uid_low = cpu_to_le16(low_16_bits(uid));
3989 + raw_inode->i_gid_low = cpu_to_le16(low_16_bits(gid));
3991 * Fix up interoperability with old kernels. Otherwise, old inodes get
3992 * re-used with the upper 16 bits of the uid/gid intact
3995 raw_inode->i_uid_high =
3996 - cpu_to_le16(high_16_bits(inode->i_uid));
3997 + cpu_to_le16(high_16_bits(uid));
3998 raw_inode->i_gid_high =
3999 - cpu_to_le16(high_16_bits(inode->i_gid));
4000 + cpu_to_le16(high_16_bits(gid));
4002 raw_inode->i_uid_high = 0;
4003 raw_inode->i_gid_high = 0;
4006 raw_inode->i_uid_low =
4007 - cpu_to_le16(fs_high2lowuid(inode->i_uid));
4008 + cpu_to_le16(fs_high2lowuid(uid));
4009 raw_inode->i_gid_low =
4010 - cpu_to_le16(fs_high2lowgid(inode->i_gid));
4011 + cpu_to_le16(fs_high2lowgid(gid));
4012 raw_inode->i_uid_high = 0;
4013 raw_inode->i_gid_high = 0;
4015 +#ifdef CONFIG_TAGGING_INTERN
4016 + raw_inode->i_raw_tag = cpu_to_le16(inode->i_tag);
4018 raw_inode->i_links_count = cpu_to_le16(inode->i_nlink);
4020 EXT4_INODE_SET_XTIME(i_ctime, inode, raw_inode);
4021 @@ -3121,7 +3183,8 @@ int ext4_setattr(struct dentry *dentry,
4024 if ((ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid) ||
4025 - (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid)) {
4026 + (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid) ||
4027 + (ia_valid & ATTR_TAG && attr->ia_tag != inode->i_tag)) {
4030 /* (user+group)*(old+new) structure, inode write (sb,
4031 @@ -3143,6 +3206,8 @@ int ext4_setattr(struct dentry *dentry,
4032 inode->i_uid = attr->ia_uid;
4033 if (attr->ia_valid & ATTR_GID)
4034 inode->i_gid = attr->ia_gid;
4035 + if ((attr->ia_valid & ATTR_TAG) && IS_TAGGED(inode))
4036 + inode->i_tag = attr->ia_tag;
4037 error = ext4_mark_inode_dirty(handle, inode);
4038 ext4_journal_stop(handle);
4040 diff -NurpP --minimal linux-2.6.25.11/fs/ext4/ioctl.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext4/ioctl.c
4041 --- linux-2.6.25.11/fs/ext4/ioctl.c 2008-04-17 12:05:40.000000000 -0400
4042 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext4/ioctl.c 2008-07-11 02:49:54.000000000 -0400
4046 #include <linux/fs.h>
4047 +#include <linux/mount.h>
4048 #include <linux/jbd2.h>
4049 #include <linux/capability.h>
4050 #include <linux/ext4_fs.h>
4052 #include <linux/time.h>
4053 #include <linux/compat.h>
4054 #include <linux/smp_lock.h>
4055 +#include <linux/vs_tag.h>
4056 #include <asm/uaccess.h>
4058 int ext4_ioctl (struct inode * inode, struct file * filp, unsigned int cmd,
4059 @@ -38,7 +40,8 @@ int ext4_ioctl (struct inode * inode, st
4060 unsigned int oldflags;
4063 - if (IS_RDONLY(inode))
4064 + if (IS_RDONLY(inode) ||
4065 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
4068 if (!is_owner_or_cap(inode))
4069 @@ -50,6 +53,11 @@ int ext4_ioctl (struct inode * inode, st
4070 if (!S_ISDIR(inode->i_mode))
4071 flags &= ~EXT4_DIRSYNC_FL;
4073 + if (IS_BARRIER(inode)) {
4074 + vxwprintk_task(1, "messing with the barrier.");
4078 mutex_lock(&inode->i_mutex);
4079 /* Is it quota file? Do not allow user to mess with it */
4080 if (IS_NOQUOTA(inode)) {
4081 @@ -67,7 +75,9 @@ int ext4_ioctl (struct inode * inode, st
4083 * This test looks nicer. Thanks to Pauline Middelink
4085 - if ((flags ^ oldflags) & (EXT4_APPEND_FL | EXT4_IMMUTABLE_FL)) {
4086 + if ((oldflags & EXT4_IMMUTABLE_FL) ||
4087 + ((flags ^ oldflags) & (EXT4_APPEND_FL |
4088 + EXT4_IMMUTABLE_FL | EXT4_IXUNLINK_FL))) {
4089 if (!capable(CAP_LINUX_IMMUTABLE)) {
4090 mutex_unlock(&inode->i_mutex);
4092 @@ -129,7 +139,8 @@ flags_err:
4094 if (!is_owner_or_cap(inode))
4096 - if (IS_RDONLY(inode))
4097 + if (IS_RDONLY(inode) ||
4098 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
4100 if (get_user(generation, (int __user *) arg))
4102 @@ -183,7 +194,8 @@ flags_err:
4103 if (!test_opt(inode->i_sb, RESERVATION) ||!S_ISREG(inode->i_mode))
4106 - if (IS_RDONLY(inode))
4107 + if (IS_RDONLY(inode) ||
4108 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
4111 if (!is_owner_or_cap(inode))
4112 @@ -218,7 +230,8 @@ flags_err:
4113 if (!capable(CAP_SYS_RESOURCE))
4116 - if (IS_RDONLY(inode))
4117 + if (IS_RDONLY(inode) ||
4118 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
4121 if (get_user(n_blocks_count, (__u32 __user *)arg))
4122 @@ -239,7 +252,8 @@ flags_err:
4123 if (!capable(CAP_SYS_RESOURCE))
4126 - if (IS_RDONLY(inode))
4127 + if (IS_RDONLY(inode) ||
4128 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
4131 if (copy_from_user(&input, (struct ext4_new_group_input __user *)arg,
4132 diff -NurpP --minimal linux-2.6.25.11/fs/ext4/namei.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext4/namei.c
4133 --- linux-2.6.25.11/fs/ext4/namei.c 2008-04-17 12:05:40.000000000 -0400
4134 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext4/namei.c 2008-04-19 15:14:52.000000000 -0400
4136 #include <linux/quotaops.h>
4137 #include <linux/buffer_head.h>
4138 #include <linux/bio.h>
4139 +#include <linux/vs_tag.h>
4143 @@ -908,6 +909,7 @@ restart:
4145 ll_rw_block(READ_META, 1, &bh);
4147 + dx_propagate_tag(nd, inode);
4149 if ((bh = bh_use[ra_ptr++]) == NULL)
4151 @@ -2448,6 +2450,7 @@ const struct inode_operations ext4_dir_i
4152 .removexattr = generic_removexattr,
4154 .permission = ext4_permission,
4155 + .sync_flags = ext4_sync_flags,
4158 const struct inode_operations ext4_special_inode_operations = {
4159 @@ -2459,4 +2462,5 @@ const struct inode_operations ext4_speci
4160 .removexattr = generic_removexattr,
4162 .permission = ext4_permission,
4163 + .sync_flags = ext4_sync_flags,
4165 diff -NurpP --minimal linux-2.6.25.11/fs/ext4/super.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext4/super.c
4166 --- linux-2.6.25.11/fs/ext4/super.c 2008-04-17 12:05:40.000000000 -0400
4167 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext4/super.c 2008-04-21 10:31:22.000000000 -0400
4168 @@ -887,6 +887,7 @@ enum {
4169 Opt_ignore, Opt_barrier, Opt_err, Opt_resize, Opt_usrquota,
4170 Opt_grpquota, Opt_extents, Opt_noextents, Opt_i_version,
4171 Opt_mballoc, Opt_nomballoc, Opt_stripe,
4172 + Opt_tag, Opt_notag, Opt_tagid
4175 static match_table_t tokens = {
4176 @@ -944,8 +945,11 @@ static match_table_t tokens = {
4177 {Opt_mballoc, "mballoc"},
4178 {Opt_nomballoc, "nomballoc"},
4179 {Opt_stripe, "stripe=%u"},
4181 {Opt_resize, "resize"},
4183 + {Opt_notag, "notag"},
4184 + {Opt_tagid, "tagid=%u"},
4188 static ext4_fsblk_t get_sb_block(void **data)
4189 @@ -1037,6 +1041,20 @@ static int parse_options (char *options,
4191 set_opt (sbi->s_mount_opt, NO_UID32);
4193 +#ifndef CONFIG_TAGGING_NONE
4195 + set_opt (sbi->s_mount_opt, TAGGED);
4198 + clear_opt (sbi->s_mount_opt, TAGGED);
4201 +#ifdef CONFIG_PROPAGATE
4204 + set_opt (sbi->s_mount_opt, TAGGED);
4208 clear_opt (sbi->s_mount_opt, CHECK);
4210 @@ -1909,6 +1927,9 @@ static int ext4_fill_super (struct super
4214 + if (EXT4_SB(sb)->s_mount_opt & EXT4_MOUNT_TAGGED)
4215 + sb->s_flags |= MS_TAGGED;
4217 sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
4218 ((sbi->s_mount_opt & EXT4_MOUNT_POSIX_ACL) ? MS_POSIXACL : 0);
4220 @@ -2828,6 +2849,12 @@ static int ext4_remount (struct super_bl
4222 if (sbi->s_mount_opt & EXT4_MOUNT_ABORT)
4223 ext4_abort(sb, __FUNCTION__, "Abort forced by user");
4224 + if ((sbi->s_mount_opt & EXT4_MOUNT_TAGGED) &&
4225 + !(sb->s_flags & MS_TAGGED)) {
4226 + printk("EXT4-fs: %s: tagging not permitted on remount.\n",
4231 sb->s_flags = (sb->s_flags & ~MS_POSIXACL) |
4232 ((sbi->s_mount_opt & EXT4_MOUNT_POSIX_ACL) ? MS_POSIXACL : 0);
4233 diff -NurpP --minimal linux-2.6.25.11/fs/ext4/symlink.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext4/symlink.c
4234 --- linux-2.6.25.11/fs/ext4/symlink.c 2008-04-17 10:32:27.000000000 -0400
4235 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext4/symlink.c 2008-04-19 15:14:52.000000000 -0400
4236 @@ -40,6 +40,7 @@ const struct inode_operations ext4_symli
4237 .listxattr = ext4_listxattr,
4238 .removexattr = generic_removexattr,
4240 + .sync_flags = ext4_sync_flags,
4243 const struct inode_operations ext4_fast_symlink_inode_operations = {
4244 @@ -51,4 +52,5 @@ const struct inode_operations ext4_fast_
4245 .listxattr = ext4_listxattr,
4246 .removexattr = generic_removexattr,
4248 + .sync_flags = ext4_sync_flags,
4250 diff -NurpP --minimal linux-2.6.25.11/fs/ext4/xattr.c linux-2.6.25.11-vs2.3.0.34.14/fs/ext4/xattr.c
4251 --- linux-2.6.25.11/fs/ext4/xattr.c 2008-07-15 22:05:17.000000000 -0400
4252 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ext4/xattr.c 2008-06-10 20:00:46.000000000 -0400
4254 #include <linux/mbcache.h>
4255 #include <linux/quotaops.h>
4256 #include <linux/rwsem.h>
4257 +#include <linux/vs_dlimit.h>
4261 @@ -489,6 +490,7 @@ ext4_xattr_release_block(handle_t *handl
4262 error = ext4_journal_dirty_metadata(handle, bh);
4265 + DLIMIT_FREE_BLOCK(inode, 1);
4266 DQUOT_FREE_BLOCK(inode, 1);
4267 ea_bdebug(bh, "refcount now=%d; releasing",
4268 le32_to_cpu(BHDR(bh)->h_refcount));
4269 @@ -779,11 +781,14 @@ inserted:
4270 if (new_bh == bs->bh)
4271 ea_bdebug(new_bh, "keeping");
4274 + if (DLIMIT_ALLOC_BLOCK(inode, 1))
4276 /* The old block is released after updating
4279 if (DQUOT_ALLOC_BLOCK(inode, 1))
4281 + goto cleanup_dlimit;
4282 error = ext4_journal_get_write_access(handle,
4285 @@ -860,6 +865,8 @@ cleanup:
4288 DQUOT_FREE_BLOCK(inode, 1);
4290 + DLIMIT_FREE_BLOCK(inode, 1);
4294 diff -NurpP --minimal linux-2.6.25.11/fs/fcntl.c linux-2.6.25.11-vs2.3.0.34.14/fs/fcntl.c
4295 --- linux-2.6.25.11/fs/fcntl.c 2008-04-17 12:05:40.000000000 -0400
4296 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/fcntl.c 2008-04-19 15:14:52.000000000 -0400
4298 #include <linux/signal.h>
4299 #include <linux/rcupdate.h>
4300 #include <linux/pid_namespace.h>
4301 +#include <linux/vs_limit.h>
4303 #include <asm/poll.h>
4304 #include <asm/siginfo.h>
4305 @@ -85,6 +86,8 @@ repeat:
4307 if (newfd >= current->signal->rlim[RLIMIT_NOFILE].rlim_cur)
4309 + if (!vx_files_avail(1))
4312 error = expand_files(files, newfd);
4314 @@ -128,6 +131,7 @@ static int dupfd(struct file *file, unsi
4316 FD_CLR(fd, fdt->close_on_exec);
4317 spin_unlock(&files->file_lock);
4318 + vx_openfd_inc(fd);
4319 fd_install(fd, file);
4321 spin_unlock(&files->file_lock);
4322 @@ -180,6 +184,9 @@ asmlinkage long sys_dup2(unsigned int ol
4325 filp_close(tofree, files);
4327 + vx_openfd_inc(newfd); /* fd was unused */
4332 diff -NurpP --minimal linux-2.6.25.11/fs/file_table.c linux-2.6.25.11-vs2.3.0.34.14/fs/file_table.c
4333 --- linux-2.6.25.11/fs/file_table.c 2008-04-17 12:05:40.000000000 -0400
4334 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/file_table.c 2008-04-19 15:14:52.000000000 -0400
4336 #include <linux/fsnotify.h>
4337 #include <linux/sysctl.h>
4338 #include <linux/percpu_counter.h>
4339 +#include <linux/vs_limit.h>
4340 +#include <linux/vs_context.h>
4342 #include <asm/atomic.h>
4344 @@ -124,6 +126,8 @@ struct file *get_empty_filp(void)
4345 f->f_gid = tsk->fsgid;
4346 eventpoll_init_file(f);
4347 /* f->f_version: 0 */
4348 + f->f_xid = vx_current_xid();
4353 @@ -239,6 +243,8 @@ void __fput(struct file *file)
4354 if (file->f_mode & FMODE_WRITE)
4355 put_write_access(inode);
4356 put_pid(file->f_owner.pid);
4357 + vx_files_dec(file);
4360 file->f_path.dentry = NULL;
4361 file->f_path.mnt = NULL;
4362 @@ -304,6 +310,8 @@ void put_filp(struct file *file)
4364 if (atomic_dec_and_test(&file->f_count)) {
4365 security_file_free(file);
4366 + vx_files_dec(file);
4371 diff -NurpP --minimal linux-2.6.25.11/fs/hfsplus/ioctl.c linux-2.6.25.11-vs2.3.0.34.14/fs/hfsplus/ioctl.c
4372 --- linux-2.6.25.11/fs/hfsplus/ioctl.c 2008-04-17 10:37:23.000000000 -0400
4373 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/hfsplus/ioctl.c 2008-04-19 15:14:52.000000000 -0400
4375 #include <linux/fs.h>
4376 #include <linux/sched.h>
4377 #include <linux/xattr.h>
4378 +#include <linux/mount.h>
4379 #include <asm/uaccess.h>
4380 #include "hfsplus_fs.h"
4382 @@ -35,7 +36,8 @@ int hfsplus_ioctl(struct inode *inode, s
4383 flags |= FS_NODUMP_FL; /* EXT2_NODUMP_FL */
4384 return put_user(flags, (int __user *)arg);
4385 case HFSPLUS_IOC_EXT2_SETFLAGS: {
4386 - if (IS_RDONLY(inode))
4387 + if (IS_RDONLY(inode) ||
4388 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
4391 if (!is_owner_or_cap(inode))
4392 diff -NurpP --minimal linux-2.6.25.11/fs/inode.c linux-2.6.25.11-vs2.3.0.34.14/fs/inode.c
4393 --- linux-2.6.25.11/fs/inode.c 2008-04-17 12:05:40.000000000 -0400
4394 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/inode.c 2008-04-19 15:14:52.000000000 -0400
4395 @@ -124,6 +124,9 @@ static struct inode *alloc_inode(struct
4396 struct address_space * const mapping = &inode->i_data;
4400 + /* essential because of inode slab reuse */
4402 inode->i_blkbits = sb->s_blocksize_bits;
4404 atomic_set(&inode->i_count, 1);
4405 @@ -142,6 +145,7 @@ static struct inode *alloc_inode(struct
4406 inode->i_bdev = NULL;
4407 inode->i_cdev = NULL;
4409 + inode->i_mdev = 0;
4410 inode->dirtied_when = 0;
4411 if (security_inode_alloc(inode)) {
4412 if (inode->i_sb->s_op->destroy_inode)
4413 @@ -246,6 +250,8 @@ void __iget(struct inode * inode)
4414 inodes_stat.nr_unused--;
4417 +EXPORT_SYMBOL_GPL(__iget);
4420 * clear_inode - clear an inode
4421 * @inode: inode to clear
4422 @@ -1434,9 +1440,11 @@ void init_special_inode(struct inode *in
4423 if (S_ISCHR(mode)) {
4424 inode->i_fop = &def_chr_fops;
4425 inode->i_rdev = rdev;
4426 + inode->i_mdev = rdev;
4427 } else if (S_ISBLK(mode)) {
4428 inode->i_fop = &def_blk_fops;
4429 inode->i_rdev = rdev;
4430 + inode->i_mdev = rdev;
4431 } else if (S_ISFIFO(mode))
4432 inode->i_fop = &def_fifo_fops;
4433 else if (S_ISSOCK(mode))
4434 diff -NurpP --minimal linux-2.6.25.11/fs/ioctl.c linux-2.6.25.11-vs2.3.0.34.14/fs/ioctl.c
4435 --- linux-2.6.25.11/fs/ioctl.c 2008-04-17 12:05:40.000000000 -0400
4436 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ioctl.c 2008-04-21 09:25:46.000000000 -0400
4438 #include <linux/security.h>
4439 #include <linux/module.h>
4440 #include <linux/uaccess.h>
4441 +#include <linux/proc_fs.h>
4442 +#include <linux/vserver/inode.h>
4443 +#include <linux/vs_tag.h>
4445 #include <asm/ioctls.h>
4447 diff -NurpP --minimal linux-2.6.25.11/fs/ioprio.c linux-2.6.25.11-vs2.3.0.34.14/fs/ioprio.c
4448 --- linux-2.6.25.11/fs/ioprio.c 2008-04-17 12:05:40.000000000 -0400
4449 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ioprio.c 2008-04-19 15:14:52.000000000 -0400
4451 #include <linux/syscalls.h>
4452 #include <linux/security.h>
4453 #include <linux/pid_namespace.h>
4454 +#include <linux/vs_base.h>
4456 static int set_task_ioprio(struct task_struct *task, int ioprio)
4458 @@ -116,6 +117,8 @@ asmlinkage long sys_ioprio_set(int which
4460 pgrp = find_vpid(who);
4461 do_each_pid_task(pgrp, PIDTYPE_PGID, p) {
4462 + if (!vx_check(p->xid, VS_ADMIN_P | VS_IDENT))
4464 ret = set_task_ioprio(p, ioprio);
4467 @@ -205,6 +208,8 @@ asmlinkage long sys_ioprio_get(int which
4469 pgrp = find_vpid(who);
4470 do_each_pid_task(pgrp, PIDTYPE_PGID, p) {
4471 + if (!vx_check(p->xid, VS_ADMIN_P | VS_IDENT))
4473 tmpio = get_task_ioprio(p);
4476 diff -NurpP --minimal linux-2.6.25.11/fs/jfs/acl.c linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/acl.c
4477 --- linux-2.6.25.11/fs/jfs/acl.c 2007-02-04 13:44:54.000000000 -0500
4478 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/acl.c 2008-04-19 15:14:52.000000000 -0400
4479 @@ -232,7 +232,8 @@ int jfs_setattr(struct dentry *dentry, s
4482 if ((iattr->ia_valid & ATTR_UID && iattr->ia_uid != inode->i_uid) ||
4483 - (iattr->ia_valid & ATTR_GID && iattr->ia_gid != inode->i_gid)) {
4484 + (iattr->ia_valid & ATTR_GID && iattr->ia_gid != inode->i_gid) ||
4485 + (iattr->ia_valid & ATTR_TAG && iattr->ia_tag != inode->i_tag)) {
4486 if (DQUOT_TRANSFER(inode, iattr))
4489 diff -NurpP --minimal linux-2.6.25.11/fs/jfs/file.c linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/file.c
4490 --- linux-2.6.25.11/fs/jfs/file.c 2008-04-17 12:05:40.000000000 -0400
4491 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/file.c 2008-04-19 15:14:52.000000000 -0400
4492 @@ -98,6 +98,7 @@ const struct inode_operations jfs_file_i
4493 .setattr = jfs_setattr,
4494 .permission = jfs_permission,
4496 + .sync_flags = jfs_sync_flags,
4499 const struct file_operations jfs_file_operations = {
4500 diff -NurpP --minimal linux-2.6.25.11/fs/jfs/inode.c linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/inode.c
4501 --- linux-2.6.25.11/fs/jfs/inode.c 2008-04-17 12:05:40.000000000 -0400
4502 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/inode.c 2008-04-19 15:14:52.000000000 -0400
4504 #include <linux/buffer_head.h>
4505 #include <linux/pagemap.h>
4506 #include <linux/quotaops.h>
4507 +#include <linux/vs_dlimit.h>
4508 #include "jfs_incore.h"
4509 #include "jfs_inode.h"
4510 #include "jfs_filsys.h"
4511 @@ -155,6 +156,7 @@ void jfs_delete_inode(struct inode *inod
4513 DQUOT_FREE_INODE(inode);
4515 + DLIMIT_FREE_INODE(inode);
4519 diff -NurpP --minimal linux-2.6.25.11/fs/jfs/ioctl.c linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/ioctl.c
4520 --- linux-2.6.25.11/fs/jfs/ioctl.c 2008-04-17 12:05:40.000000000 -0400
4521 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/ioctl.c 2008-07-11 02:50:45.000000000 -0400
4523 #include <linux/capability.h>
4524 #include <linux/time.h>
4525 #include <linux/sched.h>
4526 +#include <linux/mount.h>
4527 #include <asm/current.h>
4528 #include <asm/uaccess.h>
4530 @@ -66,7 +67,8 @@ long jfs_ioctl(struct file *filp, unsign
4531 case JFS_IOC_SETFLAGS: {
4532 unsigned int oldflags;
4534 - if (IS_RDONLY(inode))
4535 + if (IS_RDONLY(inode) ||
4536 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
4539 if (!is_owner_or_cap(inode))
4540 @@ -79,6 +81,11 @@ long jfs_ioctl(struct file *filp, unsign
4541 if (!S_ISDIR(inode->i_mode))
4542 flags &= ~JFS_DIRSYNC_FL;
4544 + if (IS_BARRIER(inode)) {
4545 + vxwprintk_task(1, "messing with the barrier.");
4549 /* Is it quota file? Do not allow user to mess with it */
4550 if (IS_NOQUOTA(inode))
4552 @@ -94,8 +101,8 @@ long jfs_ioctl(struct file *filp, unsign
4553 * the relevant capability.
4555 if ((oldflags & JFS_IMMUTABLE_FL) ||
4556 - ((flags ^ oldflags) &
4557 - (JFS_APPEND_FL | JFS_IMMUTABLE_FL))) {
4558 + ((flags ^ oldflags) & (JFS_APPEND_FL |
4559 + JFS_IMMUTABLE_FL | JFS_IXUNLINK_FL))) {
4560 if (!capable(CAP_LINUX_IMMUTABLE)) {
4561 mutex_unlock(&inode->i_mutex);
4563 diff -NurpP --minimal linux-2.6.25.11/fs/jfs/jfs_dinode.h linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/jfs_dinode.h
4564 --- linux-2.6.25.11/fs/jfs/jfs_dinode.h 2008-04-17 12:05:40.000000000 -0400
4565 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/jfs_dinode.h 2008-07-08 13:52:44.000000000 -0400
4566 @@ -161,9 +161,13 @@ struct dinode {
4568 #define JFS_APPEND_FL 0x01000000 /* writes to file may only append */
4569 #define JFS_IMMUTABLE_FL 0x02000000 /* Immutable file */
4570 +#define JFS_IXUNLINK_FL 0x04000000 /* Immutable invert on unlink */
4572 -#define JFS_FL_USER_VISIBLE 0x03F80000
4573 -#define JFS_FL_USER_MODIFIABLE 0x03F80000
4574 +#define JFS_BARRIER_FL 0x10000000 /* Barrier for chroot() */
4575 +#define JFS_COW_FL 0x20000000 /* Copy on Write marker */
4577 +#define JFS_FL_USER_VISIBLE 0x07F80000
4578 +#define JFS_FL_USER_MODIFIABLE 0x07F80000
4579 #define JFS_FL_INHERIT 0x03C80000
4581 /* These are identical to EXT[23]_IOC_GETFLAGS/SETFLAGS */
4582 diff -NurpP --minimal linux-2.6.25.11/fs/jfs/jfs_dtree.c linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/jfs_dtree.c
4583 --- linux-2.6.25.11/fs/jfs/jfs_dtree.c 2008-04-17 12:05:40.000000000 -0400
4584 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/jfs_dtree.c 2008-04-19 15:14:52.000000000 -0400
4587 #include <linux/fs.h>
4588 #include <linux/quotaops.h>
4589 +#include <linux/vs_dlimit.h>
4590 #include "jfs_incore.h"
4591 #include "jfs_superblock.h"
4592 #include "jfs_filsys.h"
4593 @@ -383,10 +384,10 @@ static u32 add_index(tid_t tid, struct i
4595 if (DQUOT_ALLOC_BLOCK(ip, sbi->nbperpage))
4597 - if (dbAlloc(ip, 0, sbi->nbperpage, &xaddr)) {
4598 - DQUOT_FREE_BLOCK(ip, sbi->nbperpage);
4601 + if (DLIMIT_ALLOC_BLOCK(ip, sbi->nbperpage))
4602 + goto clean_up_dquot;
4603 + if (dbAlloc(ip, 0, sbi->nbperpage, &xaddr))
4604 + goto clean_up_dlimit;
4607 * Save the table, we're going to overwrite it with the
4608 @@ -480,6 +481,12 @@ static u32 add_index(tid_t tid, struct i
4613 + DLIMIT_FREE_BLOCK(ip, sbi->nbperpage);
4616 + DQUOT_FREE_BLOCK(ip, sbi->nbperpage);
4620 jfs_ip->next_index--;
4621 @@ -951,6 +958,7 @@ static int dtSplitUp(tid_t tid,
4624 int quota_allocation = 0;
4625 + int dlimit_allocation = 0;
4627 /* get split page */
4629 @@ -1033,6 +1041,12 @@ static int dtSplitUp(tid_t tid,
4631 quota_allocation += n;
4633 + if (DLIMIT_ALLOC_BLOCK(ip, n)) {
4637 + dlimit_allocation += n;
4639 if ((rc = dbReAlloc(sbi->ipbmap, xaddr, (s64) xlen,
4642 @@ -1306,6 +1320,9 @@ static int dtSplitUp(tid_t tid,
4646 + /* Rollback dlimit allocation */
4647 + if (rc && dlimit_allocation)
4648 + DLIMIT_FREE_BLOCK(ip, dlimit_allocation);
4649 /* Rollback quota allocation */
4650 if (rc && quota_allocation)
4651 DQUOT_FREE_BLOCK(ip, quota_allocation);
4652 @@ -1373,6 +1390,12 @@ static int dtSplitPage(tid_t tid, struct
4653 release_metapage(rmp);
4656 + /* Allocate blocks to dlimit. */
4657 + if (DLIMIT_ALLOC_BLOCK(ip, lengthPXD(pxd))) {
4658 + DQUOT_FREE_BLOCK(ip, lengthPXD(pxd));
4659 + release_metapage(rmp);
4663 jfs_info("dtSplitPage: ip:0x%p smp:0x%p rmp:0x%p", ip, smp, rmp);
4665 @@ -1920,6 +1943,12 @@ static int dtSplitRoot(tid_t tid,
4666 release_metapage(rmp);
4669 + /* Allocate blocks to dlimit. */
4670 + if (DLIMIT_ALLOC_BLOCK(ip, lengthPXD(pxd))) {
4671 + DQUOT_FREE_BLOCK(ip, lengthPXD(pxd));
4672 + release_metapage(rmp);
4676 BT_MARK_DIRTY(rmp, ip);
4678 @@ -2286,6 +2315,8 @@ static int dtDeleteUp(tid_t tid, struct
4680 xlen = lengthPXD(&fp->header.self);
4682 + /* Free dlimit allocation. */
4683 + DLIMIT_FREE_BLOCK(ip, xlen);
4684 /* Free quota allocation. */
4685 DQUOT_FREE_BLOCK(ip, xlen);
4687 @@ -2362,6 +2393,8 @@ static int dtDeleteUp(tid_t tid, struct
4689 xlen = lengthPXD(&p->header.self);
4691 + /* Free dlimit allocation */
4692 + DLIMIT_FREE_BLOCK(ip, xlen);
4693 /* Free quota allocation */
4694 DQUOT_FREE_BLOCK(ip, xlen);
4696 diff -NurpP --minimal linux-2.6.25.11/fs/jfs/jfs_extent.c linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/jfs_extent.c
4697 --- linux-2.6.25.11/fs/jfs/jfs_extent.c 2008-04-17 10:37:23.000000000 -0400
4698 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/jfs_extent.c 2008-04-19 15:14:52.000000000 -0400
4701 #include <linux/fs.h>
4702 #include <linux/quotaops.h>
4703 +#include <linux/vs_dlimit.h>
4704 #include "jfs_incore.h"
4705 #include "jfs_inode.h"
4706 #include "jfs_superblock.h"
4707 @@ -147,6 +148,14 @@ extAlloc(struct inode *ip, s64 xlen, s64
4711 + /* Allocate blocks to dlimit. */
4712 + if (DLIMIT_ALLOC_BLOCK(ip, nxlen)) {
4713 + DQUOT_FREE_BLOCK(ip, nxlen);
4714 + dbFree(ip, nxaddr, (s64) nxlen);
4715 + mutex_unlock(&JFS_IP(ip)->commit_mutex);
4719 /* determine the value of the extent flag */
4720 xflag = abnr ? XAD_NOTRECORDED : 0;
4722 @@ -164,6 +173,7 @@ extAlloc(struct inode *ip, s64 xlen, s64
4725 dbFree(ip, nxaddr, nxlen);
4726 + DLIMIT_FREE_BLOCK(ip, nxlen);
4727 DQUOT_FREE_BLOCK(ip, nxlen);
4728 mutex_unlock(&JFS_IP(ip)->commit_mutex);
4730 @@ -261,6 +271,13 @@ int extRealloc(struct inode *ip, s64 nxl
4731 mutex_unlock(&JFS_IP(ip)->commit_mutex);
4734 + /* Allocate blocks to dlimit. */
4735 + if (DLIMIT_ALLOC_BLOCK(ip, nxlen)) {
4736 + DQUOT_FREE_BLOCK(ip, nxlen);
4737 + dbFree(ip, nxaddr, (s64) nxlen);
4738 + up(&JFS_IP(ip)->commit_sem);
4742 delta = nxlen - xlen;
4744 @@ -297,6 +314,7 @@ int extRealloc(struct inode *ip, s64 nxl
4745 /* extend the extent */
4746 if ((rc = xtExtend(0, ip, xoff + xlen, (int) nextend, 0))) {
4747 dbFree(ip, xaddr + xlen, delta);
4748 + DLIMIT_FREE_BLOCK(ip, nxlen);
4749 DQUOT_FREE_BLOCK(ip, nxlen);
4752 @@ -308,6 +326,7 @@ int extRealloc(struct inode *ip, s64 nxl
4754 if ((rc = xtTailgate(0, ip, xoff, (int) ntail, nxaddr, 0))) {
4755 dbFree(ip, nxaddr, nxlen);
4756 + DLIMIT_FREE_BLOCK(ip, nxlen);
4757 DQUOT_FREE_BLOCK(ip, nxlen);
4760 diff -NurpP --minimal linux-2.6.25.11/fs/jfs/jfs_filsys.h linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/jfs_filsys.h
4761 --- linux-2.6.25.11/fs/jfs/jfs_filsys.h 2008-04-17 10:37:23.000000000 -0400
4762 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/jfs_filsys.h 2008-04-19 15:14:52.000000000 -0400
4764 #define JFS_NAME_MAX 255
4765 #define JFS_PATH_MAX BPSIZE
4767 +#define JFS_TAGGED 0x00800000 /* Context Tagging */
4770 * file system state (superblock state)
4771 diff -NurpP --minimal linux-2.6.25.11/fs/jfs/jfs_imap.c linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/jfs_imap.c
4772 --- linux-2.6.25.11/fs/jfs/jfs_imap.c 2008-04-17 12:05:40.000000000 -0400
4773 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/jfs_imap.c 2008-04-19 15:14:52.000000000 -0400
4775 #include <linux/buffer_head.h>
4776 #include <linux/pagemap.h>
4777 #include <linux/quotaops.h>
4778 +#include <linux/vs_tag.h>
4780 #include "jfs_incore.h"
4781 #include "jfs_inode.h"
4782 @@ -3061,6 +3062,8 @@ static int copy_from_dinode(struct dinod
4784 struct jfs_inode_info *jfs_ip = JFS_IP(ip);
4785 struct jfs_sb_info *sbi = JFS_SBI(ip->i_sb);
4789 jfs_ip->fileset = le32_to_cpu(dip->di_fileset);
4790 jfs_ip->mode2 = le32_to_cpu(dip->di_mode);
4791 @@ -3081,14 +3084,18 @@ static int copy_from_dinode(struct dinod
4793 ip->i_nlink = le32_to_cpu(dip->di_nlink);
4795 - jfs_ip->saved_uid = le32_to_cpu(dip->di_uid);
4796 + uid = le32_to_cpu(dip->di_uid);
4797 + gid = le32_to_cpu(dip->di_gid);
4798 + ip->i_tag = INOTAG_TAG(DX_TAG(ip), uid, gid, 0);
4800 + jfs_ip->saved_uid = INOTAG_UID(DX_TAG(ip), uid, gid);
4802 ip->i_uid = jfs_ip->saved_uid;
4804 ip->i_uid = sbi->uid;
4807 - jfs_ip->saved_gid = le32_to_cpu(dip->di_gid);
4808 + jfs_ip->saved_gid = INOTAG_GID(DX_TAG(ip), uid, gid);
4810 ip->i_gid = jfs_ip->saved_gid;
4812 @@ -3153,14 +3160,12 @@ static void copy_to_dinode(struct dinode
4813 dip->di_size = cpu_to_le64(ip->i_size);
4814 dip->di_nblocks = cpu_to_le64(PBLK2LBLK(ip->i_sb, ip->i_blocks));
4815 dip->di_nlink = cpu_to_le32(ip->i_nlink);
4816 - if (sbi->uid == -1)
4817 - dip->di_uid = cpu_to_le32(ip->i_uid);
4819 - dip->di_uid = cpu_to_le32(jfs_ip->saved_uid);
4820 - if (sbi->gid == -1)
4821 - dip->di_gid = cpu_to_le32(ip->i_gid);
4823 - dip->di_gid = cpu_to_le32(jfs_ip->saved_gid);
4825 + dip->di_uid = cpu_to_le32(TAGINO_UID(DX_TAG(ip),
4826 + (sbi->uid == -1) ? ip->i_uid : jfs_ip->saved_uid, ip->i_tag));
4827 + dip->di_gid = cpu_to_le32(TAGINO_GID(DX_TAG(ip),
4828 + (sbi->gid == -1) ? ip->i_gid : jfs_ip->saved_gid, ip->i_tag));
4830 jfs_get_inode_flags(jfs_ip);
4832 * mode2 is only needed for storing the higher order bits.
4833 diff -NurpP --minimal linux-2.6.25.11/fs/jfs/jfs_inode.c linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/jfs_inode.c
4834 --- linux-2.6.25.11/fs/jfs/jfs_inode.c 2008-04-17 10:33:02.000000000 -0400
4835 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/jfs_inode.c 2008-07-08 05:01:03.000000000 -0400
4838 #include <linux/fs.h>
4839 #include <linux/quotaops.h>
4840 +#include <linux/vs_dlimit.h>
4841 +#include <linux/vs_tag.h>
4842 #include "jfs_incore.h"
4843 #include "jfs_inode.h"
4844 #include "jfs_filsys.h"
4845 @@ -30,29 +32,46 @@ void jfs_set_inode_flags(struct inode *i
4847 unsigned int flags = JFS_IP(inode)->mode2;
4849 - inode->i_flags &= ~(S_IMMUTABLE | S_APPEND |
4850 - S_NOATIME | S_DIRSYNC | S_SYNC);
4851 + inode->i_flags &= ~(S_IMMUTABLE | S_IXUNLINK |
4852 + S_SYNC | S_APPEND | S_NOATIME | S_DIRSYNC);
4854 if (flags & JFS_IMMUTABLE_FL)
4855 inode->i_flags |= S_IMMUTABLE;
4856 + if (flags & JFS_IXUNLINK_FL)
4857 + inode->i_flags |= S_IXUNLINK;
4859 + if (flags & JFS_SYNC_FL)
4860 + inode->i_flags |= S_SYNC;
4861 if (flags & JFS_APPEND_FL)
4862 inode->i_flags |= S_APPEND;
4863 if (flags & JFS_NOATIME_FL)
4864 inode->i_flags |= S_NOATIME;
4865 if (flags & JFS_DIRSYNC_FL)
4866 inode->i_flags |= S_DIRSYNC;
4867 - if (flags & JFS_SYNC_FL)
4868 - inode->i_flags |= S_SYNC;
4870 + inode->i_vflags &= ~(V_BARRIER | V_COW);
4872 + if (flags & JFS_BARRIER_FL)
4873 + inode->i_vflags |= V_BARRIER;
4874 + if (flags & JFS_COW_FL)
4875 + inode->i_vflags |= V_COW;
4878 void jfs_get_inode_flags(struct jfs_inode_info *jfs_ip)
4880 unsigned int flags = jfs_ip->vfs_inode.i_flags;
4881 + unsigned int vflags = jfs_ip->vfs_inode.i_vflags;
4883 + jfs_ip->mode2 &= ~(JFS_IMMUTABLE_FL | JFS_IXUNLINK_FL |
4884 + JFS_APPEND_FL | JFS_NOATIME_FL |
4885 + JFS_DIRSYNC_FL | JFS_SYNC_FL |
4886 + JFS_BARRIER_FL | JFS_COW_FL);
4888 - jfs_ip->mode2 &= ~(JFS_IMMUTABLE_FL | JFS_APPEND_FL | JFS_NOATIME_FL |
4889 - JFS_DIRSYNC_FL | JFS_SYNC_FL);
4890 if (flags & S_IMMUTABLE)
4891 jfs_ip->mode2 |= JFS_IMMUTABLE_FL;
4892 + if (flags & S_IXUNLINK)
4893 + jfs_ip->mode2 |= JFS_IXUNLINK_FL;
4895 if (flags & S_APPEND)
4896 jfs_ip->mode2 |= JFS_APPEND_FL;
4897 if (flags & S_NOATIME)
4898 @@ -61,6 +80,19 @@ void jfs_get_inode_flags(struct jfs_inod
4899 jfs_ip->mode2 |= JFS_DIRSYNC_FL;
4901 jfs_ip->mode2 |= JFS_SYNC_FL;
4903 + if (vflags & V_BARRIER)
4904 + jfs_ip->mode2 |= JFS_BARRIER_FL;
4905 + if (vflags & V_COW)
4906 + jfs_ip->mode2 |= JFS_COW_FL;
4909 +int jfs_sync_flags(struct inode *inode)
4911 + jfs_get_inode_flags(JFS_IP(inode));
4912 + inode->i_ctime = CURRENT_TIME;
4913 + mark_inode_dirty(inode);
4918 @@ -108,10 +140,17 @@ struct inode *ialloc(struct inode *paren
4919 jfs_inode->saved_uid = inode->i_uid;
4920 jfs_inode->saved_gid = inode->i_gid;
4922 + inode->i_tag = dx_current_fstag(sb);
4923 + if (DLIMIT_ALLOC_INODE(inode)) {
4925 + return ERR_PTR(-ENOSPC);
4929 * Allocate inode to quota.
4931 if (DQUOT_ALLOC_INODE(inode)) {
4932 + DLIMIT_FREE_INODE(inode);
4934 inode->i_flags |= S_NOQUOTA;
4936 diff -NurpP --minimal linux-2.6.25.11/fs/jfs/jfs_inode.h linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/jfs_inode.h
4937 --- linux-2.6.25.11/fs/jfs/jfs_inode.h 2008-04-17 12:05:40.000000000 -0400
4938 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/jfs_inode.h 2008-04-19 15:14:52.000000000 -0400
4939 @@ -39,6 +39,7 @@ extern struct dentry *jfs_fh_to_dentry(s
4940 extern struct dentry *jfs_fh_to_parent(struct super_block *sb, struct fid *fid,
4941 int fh_len, int fh_type);
4942 extern void jfs_set_inode_flags(struct inode *);
4943 +extern int jfs_sync_flags(struct inode *);
4944 extern int jfs_get_block(struct inode *, sector_t, struct buffer_head *, int);
4946 extern const struct address_space_operations jfs_aops;
4947 diff -NurpP --minimal linux-2.6.25.11/fs/jfs/jfs_xtree.c linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/jfs_xtree.c
4948 --- linux-2.6.25.11/fs/jfs/jfs_xtree.c 2008-04-17 12:05:40.000000000 -0400
4949 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/jfs_xtree.c 2008-04-19 15:14:52.000000000 -0400
4952 #include <linux/fs.h>
4953 #include <linux/quotaops.h>
4954 +#include <linux/vs_dlimit.h>
4955 #include "jfs_incore.h"
4956 #include "jfs_filsys.h"
4957 #include "jfs_metapage.h"
4958 @@ -846,7 +847,12 @@ int xtInsert(tid_t tid, /* transaction
4960 if ((rc = DQUOT_ALLOC_BLOCK(ip, xlen)))
4962 + if ((rc = DLIMIT_ALLOC_BLOCK(ip, xlen))) {
4963 + DQUOT_FREE_BLOCK(ip, xlen);
4966 if ((rc = dbAlloc(ip, hint, (s64) xlen, &xaddr))) {
4967 + DLIMIT_FREE_BLOCK(ip, xlen);
4968 DQUOT_FREE_BLOCK(ip, xlen);
4971 @@ -876,6 +882,7 @@ int xtInsert(tid_t tid, /* transaction
4972 /* undo data extent allocation */
4974 dbFree(ip, xaddr, (s64) xlen);
4975 + DLIMIT_FREE_BLOCK(ip, xlen);
4976 DQUOT_FREE_BLOCK(ip, xlen);
4979 @@ -1236,6 +1243,7 @@ xtSplitPage(tid_t tid, struct inode *ip,
4981 struct xtlock *sxtlck = NULL, *rxtlck = NULL;
4982 int quota_allocation = 0;
4983 + int dlimit_allocation = 0;
4986 sp = XT_PAGE(ip, smp);
4987 @@ -1255,6 +1263,13 @@ xtSplitPage(tid_t tid, struct inode *ip,
4989 quota_allocation += lengthPXD(pxd);
4991 + /* Allocate blocks to dlimit. */
4992 + if (DLIMIT_ALLOC_BLOCK(ip, lengthPXD(pxd))) {
4996 + dlimit_allocation += lengthPXD(pxd);
4999 * allocate the new right page for the split
5001 @@ -1456,6 +1471,9 @@ xtSplitPage(tid_t tid, struct inode *ip,
5005 + /* Rollback dlimit allocation. */
5006 + if (dlimit_allocation)
5007 + DLIMIT_FREE_BLOCK(ip, dlimit_allocation);
5008 /* Rollback quota allocation. */
5009 if (quota_allocation)
5010 DQUOT_FREE_BLOCK(ip, quota_allocation);
5011 @@ -1519,6 +1537,12 @@ xtSplitRoot(tid_t tid,
5012 release_metapage(rmp);
5015 + /* Allocate blocks to dlimit. */
5016 + if (DLIMIT_ALLOC_BLOCK(ip, lengthPXD(pxd))) {
5017 + DQUOT_FREE_BLOCK(ip, lengthPXD(pxd));
5018 + release_metapage(rmp);
5022 jfs_info("xtSplitRoot: ip:0x%p rmp:0x%p", ip, rmp);
5024 @@ -3948,6 +3972,8 @@ s64 xtTruncate(tid_t tid, struct inode *
5026 ip->i_size = newsize;
5028 + /* update dlimit allocation to reflect freed blocks */
5029 + DLIMIT_FREE_BLOCK(ip, nfreed);
5030 /* update quota allocation to reflect freed blocks */
5031 DQUOT_FREE_BLOCK(ip, nfreed);
5033 diff -NurpP --minimal linux-2.6.25.11/fs/jfs/namei.c linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/namei.c
5034 --- linux-2.6.25.11/fs/jfs/namei.c 2008-04-17 12:05:40.000000000 -0400
5035 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/namei.c 2008-04-19 15:14:52.000000000 -0400
5037 #include <linux/ctype.h>
5038 #include <linux/quotaops.h>
5039 #include <linux/exportfs.h>
5040 +#include <linux/vs_tag.h>
5041 #include "jfs_incore.h"
5042 #include "jfs_superblock.h"
5043 #include "jfs_inode.h"
5044 @@ -1468,6 +1469,7 @@ static struct dentry *jfs_lookup(struct
5045 return ERR_CAST(ip);
5048 + dx_propagate_tag(nd, ip);
5049 dentry = d_splice_alias(ip, dentry);
5051 if (dentry && (JFS_SBI(dip->i_sb)->mntflag & JFS_OS2))
5052 @@ -1550,6 +1552,7 @@ const struct inode_operations jfs_dir_in
5053 .setattr = jfs_setattr,
5054 .permission = jfs_permission,
5056 + .sync_flags = jfs_sync_flags,
5059 const struct file_operations jfs_dir_operations = {
5060 diff -NurpP --minimal linux-2.6.25.11/fs/jfs/super.c linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/super.c
5061 --- linux-2.6.25.11/fs/jfs/super.c 2008-04-17 12:05:40.000000000 -0400
5062 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/super.c 2008-04-19 15:14:52.000000000 -0400
5063 @@ -195,7 +195,8 @@ static void jfs_put_super(struct super_b
5065 Opt_integrity, Opt_nointegrity, Opt_iocharset, Opt_resize,
5066 Opt_resize_nosize, Opt_errors, Opt_ignore, Opt_err, Opt_quota,
5067 - Opt_usrquota, Opt_grpquota, Opt_uid, Opt_gid, Opt_umask
5068 + Opt_usrquota, Opt_grpquota, Opt_uid, Opt_gid, Opt_umask,
5069 + Opt_tag, Opt_notag, Opt_tagid
5072 static match_table_t tokens = {
5073 @@ -205,6 +206,10 @@ static match_table_t tokens = {
5074 {Opt_resize, "resize=%u"},
5075 {Opt_resize_nosize, "resize"},
5076 {Opt_errors, "errors=%s"},
5078 + {Opt_notag, "notag"},
5079 + {Opt_tagid, "tagid=%u"},
5080 + {Opt_tag, "tagxid"},
5081 {Opt_ignore, "noquota"},
5082 {Opt_ignore, "quota"},
5083 {Opt_usrquota, "usrquota"},
5084 @@ -339,6 +344,20 @@ static int parse_options(char *options,
5088 +#ifndef CONFIG_TAGGING_NONE
5090 + *flag |= JFS_TAGGED;
5093 + *flag &= JFS_TAGGED;
5096 +#ifdef CONFIG_PROPAGATE
5099 + *flag |= JFS_TAGGED;
5103 printk("jfs: Unrecognized mount option \"%s\" "
5104 " or missing value\n", p);
5105 @@ -369,6 +388,13 @@ static int jfs_remount(struct super_bloc
5106 if (!parse_options(data, sb, &newLVSize, &flag)) {
5110 + if ((flag & JFS_TAGGED) && !(sb->s_flags & MS_TAGGED)) {
5111 + printk(KERN_ERR "JFS: %s: tagging not permitted on remount.\n",
5117 if (sb->s_flags & MS_RDONLY) {
5119 @@ -440,6 +466,9 @@ static int jfs_fill_super(struct super_b
5120 #ifdef CONFIG_JFS_POSIX_ACL
5121 sb->s_flags |= MS_POSIXACL;
5123 + /* map mount option tagxid */
5124 + if (sbi->flag & JFS_TAGGED)
5125 + sb->s_flags |= MS_TAGGED;
5128 printk(KERN_ERR "resize option for remount only\n");
5129 diff -NurpP --minimal linux-2.6.25.11/fs/jfs/xattr.c linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/xattr.c
5130 --- linux-2.6.25.11/fs/jfs/xattr.c 2008-04-17 10:37:23.000000000 -0400
5131 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/jfs/xattr.c 2008-04-19 15:14:52.000000000 -0400
5133 #include <linux/posix_acl_xattr.h>
5134 #include <linux/quotaops.h>
5135 #include <linux/security.h>
5136 +#include <linux/vs_dlimit.h>
5137 #include "jfs_incore.h"
5138 #include "jfs_superblock.h"
5139 #include "jfs_dmap.h"
5140 @@ -263,9 +264,16 @@ static int ea_write(struct inode *ip, st
5141 if (DQUOT_ALLOC_BLOCK(ip, nblocks)) {
5144 + /* Allocate new blocks to dlimit. */
5145 + if (DLIMIT_ALLOC_BLOCK(ip, nblocks)) {
5146 + DQUOT_FREE_BLOCK(ip, nblocks);
5150 rc = dbAlloc(ip, INOHINT(ip), nblocks, &blkno);
5152 + /*Rollback dlimit allocation. */
5153 + DLIMIT_FREE_BLOCK(ip, nblocks);
5154 /*Rollback quota allocation. */
5155 DQUOT_FREE_BLOCK(ip, nblocks);
5157 @@ -332,6 +340,8 @@ static int ea_write(struct inode *ip, st
5160 /* Rollback quota allocation. */
5161 + DLIMIT_FREE_BLOCK(ip, nblocks);
5162 + /* Rollback quota allocation. */
5163 DQUOT_FREE_BLOCK(ip, nblocks);
5165 dbFree(ip, blkno, nblocks);
5166 @@ -468,6 +478,7 @@ static int ea_get(struct inode *inode, s
5169 int quota_allocation = 0;
5170 + int dlimit_allocation = 0;
5172 /* When fsck.jfs clears a bad ea, it doesn't clear the size */
5173 if (ji->ea.flag == 0)
5174 @@ -543,6 +554,12 @@ static int ea_get(struct inode *inode, s
5176 quota_allocation = blocks_needed;
5178 + /* Allocate new blocks to dlimit. */
5180 + if (DLIMIT_ALLOC_BLOCK(inode, blocks_needed))
5182 + dlimit_allocation = blocks_needed;
5184 rc = dbAlloc(inode, INOHINT(inode), (s64) blocks_needed,
5187 @@ -600,6 +617,9 @@ static int ea_get(struct inode *inode, s
5191 + /* Rollback dlimit allocation */
5192 + if (dlimit_allocation)
5193 + DLIMIT_FREE_BLOCK(inode, dlimit_allocation);
5194 /* Rollback quota allocation */
5195 if (quota_allocation)
5196 DQUOT_FREE_BLOCK(inode, quota_allocation);
5197 @@ -676,8 +696,10 @@ static int ea_put(tid_t tid, struct inod
5200 /* If old blocks exist, they must be removed from quota allocation. */
5203 + DLIMIT_FREE_BLOCK(inode, old_blocks);
5204 DQUOT_FREE_BLOCK(inode, old_blocks);
5207 inode->i_ctime = CURRENT_TIME;
5209 diff -NurpP --minimal linux-2.6.25.11/fs/libfs.c linux-2.6.25.11-vs2.3.0.34.14/fs/libfs.c
5210 --- linux-2.6.25.11/fs/libfs.c 2008-04-17 12:05:40.000000000 -0400
5211 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/libfs.c 2008-04-19 15:14:52.000000000 -0400
5212 @@ -125,7 +125,8 @@ static inline unsigned char dt_type(stru
5213 * both impossible due to the lock on directory.
5216 -int dcache_readdir(struct file * filp, void * dirent, filldir_t filldir)
5217 +static inline int do_dcache_readdir_filter(struct file *filp,
5218 + void *dirent, filldir_t filldir, int (*filter)(struct dentry *dentry))
5220 struct dentry *dentry = filp->f_path.dentry;
5221 struct dentry *cursor = filp->private_data;
5222 @@ -158,6 +159,8 @@ int dcache_readdir(struct file * filp, v
5223 next = list_entry(p, struct dentry, d_u.d_child);
5224 if (d_unhashed(next) || !next->d_inode)
5226 + if (filter && !filter(next))
5229 spin_unlock(&dcache_lock);
5230 if (filldir(dirent, next->d_name.name,
5231 @@ -176,6 +179,18 @@ int dcache_readdir(struct file * filp, v
5235 +int dcache_readdir(struct file *filp, void *dirent, filldir_t filldir)
5237 + return do_dcache_readdir_filter(filp, dirent, filldir, NULL);
5240 +int dcache_readdir_filter(struct file *filp, void *dirent, filldir_t filldir,
5241 + int (*filter)(struct dentry *))
5243 + return do_dcache_readdir_filter(filp, dirent, filldir, filter);
5247 ssize_t generic_read_dir(struct file *filp, char __user *buf, size_t siz, loff_t *ppos)
5250 @@ -778,6 +793,7 @@ EXPORT_SYMBOL(dcache_dir_close);
5251 EXPORT_SYMBOL(dcache_dir_lseek);
5252 EXPORT_SYMBOL(dcache_dir_open);
5253 EXPORT_SYMBOL(dcache_readdir);
5254 +EXPORT_SYMBOL(dcache_readdir_filter);
5255 EXPORT_SYMBOL(generic_read_dir);
5256 EXPORT_SYMBOL(get_sb_pseudo);
5257 EXPORT_SYMBOL(simple_write_begin);
5258 diff -NurpP --minimal linux-2.6.25.11/fs/locks.c linux-2.6.25.11-vs2.3.0.34.14/fs/locks.c
5259 --- linux-2.6.25.11/fs/locks.c 2008-07-15 22:05:17.000000000 -0400
5260 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/locks.c 2008-05-21 14:30:41.000000000 -0400
5262 #include <linux/time.h>
5263 #include <linux/rcupdate.h>
5264 #include <linux/pid_namespace.h>
5265 +#include <linux/vs_base.h>
5266 +#include <linux/vs_limit.h>
5268 #include <asm/semaphore.h>
5269 #include <asm/uaccess.h>
5270 @@ -148,6 +150,8 @@ static struct kmem_cache *filelock_cache
5271 /* Allocate an empty lock structure. */
5272 static struct file_lock *locks_alloc_lock(void)
5274 + if (!vx_locks_avail(1))
5276 return kmem_cache_alloc(filelock_cache, GFP_KERNEL);
5279 @@ -173,6 +177,7 @@ static void locks_free_lock(struct file_
5280 BUG_ON(!list_empty(&fl->fl_block));
5281 BUG_ON(!list_empty(&fl->fl_link));
5284 locks_release_private(fl);
5285 kmem_cache_free(filelock_cache, fl);
5287 @@ -193,6 +198,7 @@ void locks_init_lock(struct file_lock *f
5288 fl->fl_start = fl->fl_end = 0;
5290 fl->fl_lmops = NULL;
5294 EXPORT_SYMBOL(locks_init_lock);
5295 @@ -246,6 +252,7 @@ void locks_copy_lock(struct file_lock *n
5296 new->fl_file = fl->fl_file;
5297 new->fl_ops = fl->fl_ops;
5298 new->fl_lmops = fl->fl_lmops;
5299 + new->fl_xid = fl->fl_xid;
5301 locks_copy_private(new, fl);
5303 @@ -284,6 +291,11 @@ static int flock_make_lock(struct file *
5304 fl->fl_flags = FL_FLOCK;
5306 fl->fl_end = OFFSET_MAX;
5308 + vxd_assert(filp->f_xid == vx_current_xid(),
5309 + "f_xid(%d) == current(%d)", filp->f_xid, vx_current_xid());
5310 + fl->fl_xid = filp->f_xid;
5315 @@ -449,6 +461,7 @@ static int lease_init(struct file *filp,
5317 fl->fl_owner = current->files;
5318 fl->fl_pid = current->tgid;
5319 + fl->fl_xid = vx_current_xid();
5322 fl->fl_flags = FL_LEASE;
5323 @@ -468,6 +481,11 @@ static struct file_lock *lease_alloc(str
5325 return ERR_PTR(error);
5327 + fl->fl_xid = vx_current_xid();
5329 + vxd_assert(filp->f_xid == fl->fl_xid,
5330 + "f_xid(%d) == fl_xid(%d)", filp->f_xid, fl->fl_xid);
5332 error = lease_init(filp, type, fl);
5334 locks_free_lock(fl);
5335 @@ -774,6 +792,7 @@ static int flock_lock_file(struct file *
5339 + new_fl->fl_xid = -1;
5341 for_each_lock(inode, before) {
5342 struct file_lock *fl = *before;
5343 @@ -792,6 +811,7 @@ find_conflict:
5345 locks_copy_lock(new_fl, request);
5346 locks_insert_lock(before, new_fl);
5347 + vx_locks_inc(new_fl);
5351 @@ -802,7 +822,8 @@ out:
5355 -static int __posix_lock_file(struct inode *inode, struct file_lock *request, struct file_lock *conflock)
5356 +static int __posix_lock_file(struct inode *inode, struct file_lock *request,
5357 + struct file_lock *conflock, xid_t xid)
5359 struct file_lock *fl;
5360 struct file_lock *new_fl = NULL;
5361 @@ -812,6 +833,8 @@ static int __posix_lock_file(struct inod
5362 struct file_lock **before;
5363 int error, added = 0;
5365 + vxd_assert(xid == vx_current_xid(),
5366 + "xid(%d) == current(%d)", xid, vx_current_xid());
5368 * We may need two file_lock structures for this operation,
5369 * so we get them in advance to avoid races.
5370 @@ -822,7 +845,11 @@ static int __posix_lock_file(struct inod
5371 (request->fl_type != F_UNLCK ||
5372 request->fl_start != 0 || request->fl_end != OFFSET_MAX)) {
5373 new_fl = locks_alloc_lock();
5374 + new_fl->fl_xid = xid;
5375 + vx_locks_inc(new_fl);
5376 new_fl2 = locks_alloc_lock();
5377 + new_fl2->fl_xid = xid;
5378 + vx_locks_inc(new_fl2);
5382 @@ -1021,7 +1048,8 @@ static int __posix_lock_file(struct inod
5383 int posix_lock_file(struct file *filp, struct file_lock *fl,
5384 struct file_lock *conflock)
5386 - return __posix_lock_file(filp->f_path.dentry->d_inode, fl, conflock);
5387 + return __posix_lock_file(filp->f_path.dentry->d_inode,
5388 + fl, conflock, filp->f_xid);
5390 EXPORT_SYMBOL(posix_lock_file);
5392 @@ -1111,7 +1139,7 @@ int locks_mandatory_area(int read_write,
5393 fl.fl_end = offset + count - 1;
5396 - error = __posix_lock_file(inode, &fl, NULL);
5397 + error = __posix_lock_file(inode, &fl, NULL, filp->f_xid);
5398 if (error != -EAGAIN)
5400 if (!(fl.fl_flags & FL_SLEEP))
5401 @@ -1425,6 +1453,7 @@ int generic_setlease(struct file *filp,
5403 locks_copy_lock(new_fl, lease);
5404 locks_insert_lock(before, new_fl);
5405 + vx_locks_inc(new_fl);
5409 @@ -1756,6 +1785,11 @@ int fcntl_setlk(unsigned int fd, struct
5410 if (file_lock == NULL)
5413 + vxd_assert(filp->f_xid == vx_current_xid(),
5414 + "f_xid(%d) == current(%d)", filp->f_xid, vx_current_xid());
5415 + file_lock->fl_xid = filp->f_xid;
5416 + vx_locks_inc(file_lock);
5419 * This might block, so we do it before checking the inode.
5421 @@ -1893,6 +1927,11 @@ int fcntl_setlk64(unsigned int fd, struc
5422 if (file_lock == NULL)
5425 + vxd_assert(filp->f_xid == vx_current_xid(),
5426 + "f_xid(%d) == current(%d)", filp->f_xid, vx_current_xid());
5427 + file_lock->fl_xid = filp->f_xid;
5428 + vx_locks_inc(file_lock);
5431 * This might block, so we do it before checking the inode.
5433 @@ -2176,8 +2215,11 @@ static int locks_show(struct seq_file *f
5435 lock_get_status(f, fl, (long)f->private, "");
5437 - list_for_each_entry(bfl, &fl->fl_block, fl_block)
5438 + list_for_each_entry(bfl, &fl->fl_block, fl_block) {
5439 + if (!vx_check(fl->fl_xid, VS_WATCH_P | VS_IDENT))
5441 lock_get_status(f, bfl, (long)f->private, " ->");
5446 diff -NurpP --minimal linux-2.6.25.11/fs/namei.c linux-2.6.25.11-vs2.3.0.34.14/fs/namei.c
5447 --- linux-2.6.25.11/fs/namei.c 2008-04-17 12:05:40.000000000 -0400
5448 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/namei.c 2008-07-11 03:07:10.000000000 -0400
5450 #include <linux/capability.h>
5451 #include <linux/file.h>
5452 #include <linux/fcntl.h>
5453 +#include <linux/proc_fs.h>
5454 +#include <linux/vserver/inode.h>
5455 +#include <linux/vs_base.h>
5456 +#include <linux/vs_tag.h>
5457 +#include <linux/vs_cowbl.h>
5458 +#include <linux/vs_device.h>
5459 +#include <linux/vs_context.h>
5460 #include <asm/namei.h>
5461 #include <asm/uaccess.h>
5463 @@ -225,6 +232,28 @@ int generic_permission(struct inode *ino
5467 +static inline int dx_barrier(struct inode *inode)
5469 + if (IS_BARRIER(inode) && !vx_check(0, VS_ADMIN)) {
5470 + vxwprintk_task(1, "did hit the barrier.");
5476 +static inline int dx_permission(struct inode *inode, int mask, struct nameidata *nd)
5478 + if (dx_barrier(inode))
5480 + if (dx_notagcheck(nd) ||
5481 + dx_check(inode->i_tag, DX_HOSTID|DX_ADMIN|DX_WATCH|DX_IDENT))
5484 + vxwprintk_task(1, "denied access to %p[#%d,%lu] »%s«.",
5485 + inode, inode->i_tag, inode->i_ino, vxd_cond_path(nd));
5489 int permission(struct inode *inode, int mask, struct nameidata *nd)
5491 int retval, submask;
5492 @@ -239,14 +268,14 @@ int permission(struct inode *inode, int
5494 * Nobody gets write access to a read-only fs.
5496 - if (IS_RDONLY(inode) &&
5497 + if ((IS_RDONLY(inode) || (nd && MNT_IS_RDONLY(nd->path.mnt))) &&
5498 (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode)))
5502 * Nobody gets write access to an immutable file.
5504 - if (IS_IMMUTABLE(inode))
5505 + if (IS_IMMUTABLE(inode) && !IS_COW(inode))
5509 @@ -261,6 +290,11 @@ int permission(struct inode *inode, int
5511 /* Ordinary permission routines do not understand MAY_APPEND. */
5512 submask = mask & ~MAY_APPEND;
5513 + if ((inode->i_sb->s_magic != DEVPTS_SUPER_MAGIC) &&
5514 + (inode->i_sb->s_magic != PROC_SUPER_MAGIC) &&
5515 + (retval = dx_permission(inode, mask, nd)))
5518 if (inode->i_op && inode->i_op->permission) {
5519 retval = inode->i_op->permission(inode, submask, nd);
5521 @@ -459,6 +493,8 @@ static int exec_permission_lite(struct i
5523 umode_t mode = inode->i_mode;
5525 + if (dx_barrier(inode))
5527 if (inode->i_op && inode->i_op->permission)
5530 @@ -789,7 +825,8 @@ static __always_inline void follow_dotdo
5531 if (nd->path.dentry == fs->root.dentry &&
5532 nd->path.mnt == fs->root.mnt) {
5533 read_unlock(&fs->lock);
5535 + /* for sane '/' avoid follow_mount() */
5538 read_unlock(&fs->lock);
5539 spin_lock(&dcache_lock);
5540 @@ -826,16 +863,39 @@ static int do_lookup(struct nameidata *n
5542 struct vfsmount *mnt = nd->path.mnt;
5543 struct dentry *dentry = __d_lookup(nd->path.dentry, name);
5544 + struct inode *inode;
5548 if (dentry->d_op && dentry->d_op->d_revalidate)
5549 goto need_revalidate;
5550 + inode = dentry->d_inode;
5554 + if (inode->i_sb->s_magic == PROC_SUPER_MAGIC) {
5555 + struct proc_dir_entry *de = PDE(inode);
5557 + if (de && !vx_hide_check(0, de->vx_flags))
5559 + } else if (inode->i_sb->s_magic == DEVPTS_SUPER_MAGIC) {
5560 + if (!vx_check((xid_t)inode->i_tag, VS_WATCH_P | VS_IDENT))
5563 + if (!dx_notagcheck(nd) && !dx_check(inode->i_tag,
5564 + DX_WATCH | DX_ADMIN | DX_HOSTID | DX_IDENT))
5569 path->dentry = dentry;
5570 __follow_mount(path);
5573 + vxwprintk_task(1, "did lookup hidden %p[#%d,%lu] »%s«.",
5574 + inode, inode->i_tag, inode->i_ino, vxd_path(path));
5579 dentry = real_lookup(nd->path.dentry, name, nd);
5580 @@ -1464,7 +1524,8 @@ static inline int check_sticky(struct in
5581 * 10. We don't allow removal of NFS sillyrenamed files; it's handled by
5582 * nfs_async_unlink().
5584 -static int may_delete(struct inode *dir,struct dentry *victim,int isdir)
5585 +static int may_delete(struct inode *dir, struct dentry *victim,
5586 + int isdir, struct nameidata *nd)
5590 @@ -1474,13 +1535,13 @@ static int may_delete(struct inode *dir,
5591 BUG_ON(victim->d_parent->d_inode != dir);
5592 audit_inode_child(victim->d_name.name, victim, dir);
5594 - error = permission(dir,MAY_WRITE | MAY_EXEC, NULL);
5595 + error = permission(dir,MAY_WRITE | MAY_EXEC, nd);
5600 if (check_sticky(dir, victim->d_inode)||IS_APPEND(victim->d_inode)||
5601 - IS_IMMUTABLE(victim->d_inode))
5602 + IS_IXORUNLINK(victim->d_inode))
5605 if (!S_ISDIR(victim->d_inode->i_mode))
5606 @@ -1626,6 +1687,14 @@ int may_open(struct nameidata *nd, int a
5607 } else if (IS_RDONLY(inode) && (acc_mode & MAY_WRITE))
5610 +#ifdef CONFIG_VSERVER_COWBL
5611 + if (IS_COW(inode) && (flag & FMODE_WRITE)) {
5612 + if (IS_COW_LINK(inode))
5614 + inode->i_flags &= ~(S_IXUNLINK|S_IMMUTABLE);
5615 + mark_inode_dirty(inode);
5618 error = vfs_permission(nd, acc_mode);
5621 @@ -1717,6 +1786,11 @@ int open_namei(int dfd, const char *path
5625 +#ifdef CONFIG_VSERVER_COWBL
5630 acc_mode = ACC_MODE(flag);
5632 /* O_TRUNC implies we need access checks for write permissions */
5633 @@ -1810,6 +1884,22 @@ do_last:
5636 error = may_open(nd, acc_mode, flag);
5637 +#ifdef CONFIG_VSERVER_COWBL
5638 + if (error == -EMLINK) {
5639 + struct dentry *dentry;
5640 + dentry = cow_break_link(pathname);
5641 + if (IS_ERR(dentry)) {
5642 + error = PTR_ERR(dentry);
5646 + release_open_intent(nd);
5647 + path_put(&nd->path);
5656 @@ -1921,16 +2011,25 @@ fail:
5658 EXPORT_SYMBOL_GPL(lookup_create);
5660 -int vfs_mknod(struct inode *dir, struct dentry *dentry, int mode, dev_t dev)
5661 +int vfs_mknod(struct inode *dir, struct dentry *dentry,
5662 + int mode, dev_t dev, struct nameidata *nd)
5664 - int error = may_create(dir, dentry, NULL);
5665 + int error = may_create(dir, dentry, nd);
5670 - if ((S_ISCHR(mode) || S_ISBLK(mode)) && !capable(CAP_MKNOD))
5671 + if (!(S_ISCHR(mode) || S_ISBLK(mode)))
5674 + if (!capable(CAP_MKNOD))
5677 + if (S_ISCHR(mode) && !vs_chrdev_perm(dev, DATTR_CREATE))
5679 + if (S_ISBLK(mode) && !vs_blkdev_perm(dev, DATTR_CREATE))
5682 if (!dir->i_op || !dir->i_op->mknod)
5685 @@ -1973,11 +2072,12 @@ asmlinkage long sys_mknodat(int dfd, con
5686 error = vfs_create(nd.path.dentry->d_inode,dentry,mode,&nd);
5688 case S_IFCHR: case S_IFBLK:
5689 - error = vfs_mknod(nd.path.dentry->d_inode,dentry,mode,
5690 - new_decode_dev(dev));
5691 + error = vfs_mknod(nd.path.dentry->d_inode, dentry, mode,
5692 + new_decode_dev(dev), &nd);
5694 case S_IFIFO: case S_IFSOCK:
5695 - error = vfs_mknod(nd.path.dentry->d_inode,dentry,mode,0);
5696 + error = vfs_mknod(nd.path.dentry->d_inode, dentry, mode,
5701 @@ -2000,9 +2100,10 @@ asmlinkage long sys_mknod(const char __u
5702 return sys_mknodat(AT_FDCWD, filename, mode, dev);
5705 -int vfs_mkdir(struct inode *dir, struct dentry *dentry, int mode)
5706 +int vfs_mkdir(struct inode *dir, struct dentry *dentry,
5707 + int mode, struct nameidata *nd)
5709 - int error = may_create(dir, dentry, NULL);
5710 + int error = may_create(dir, dentry, nd);
5714 @@ -2044,7 +2145,7 @@ asmlinkage long sys_mkdirat(int dfd, con
5716 if (!IS_POSIXACL(nd.path.dentry->d_inode))
5717 mode &= ~current->fs->umask;
5718 - error = vfs_mkdir(nd.path.dentry->d_inode, dentry, mode);
5719 + error = vfs_mkdir(nd.path.dentry->d_inode, dentry, mode, &nd);
5722 mutex_unlock(&nd.path.dentry->d_inode->i_mutex);
5723 @@ -2087,9 +2188,10 @@ void dentry_unhash(struct dentry *dentry
5724 spin_unlock(&dcache_lock);
5727 -int vfs_rmdir(struct inode *dir, struct dentry *dentry)
5728 +int vfs_rmdir(struct inode *dir, struct dentry *dentry,
5729 + struct nameidata *nd)
5731 - int error = may_delete(dir, dentry, 1);
5732 + int error = may_delete(dir, dentry, 1, nd);
5736 @@ -2151,7 +2253,7 @@ static long do_rmdir(int dfd, const char
5737 error = PTR_ERR(dentry);
5740 - error = vfs_rmdir(nd.path.dentry->d_inode, dentry);
5741 + error = vfs_rmdir(nd.path.dentry->d_inode, dentry, &nd);
5744 mutex_unlock(&nd.path.dentry->d_inode->i_mutex);
5745 @@ -2167,9 +2269,10 @@ asmlinkage long sys_rmdir(const char __u
5746 return do_rmdir(AT_FDCWD, pathname);
5749 -int vfs_unlink(struct inode *dir, struct dentry *dentry)
5750 +int vfs_unlink(struct inode *dir, struct dentry *dentry,
5751 + struct nameidata *nd)
5753 - int error = may_delete(dir, dentry, 0);
5754 + int error = may_delete(dir, dentry, 0, nd);
5758 @@ -2232,7 +2335,7 @@ static long do_unlinkat(int dfd, const c
5759 inode = dentry->d_inode;
5761 atomic_inc(&inode->i_count);
5762 - error = vfs_unlink(nd.path.dentry->d_inode, dentry);
5763 + error = vfs_unlink(nd.path.dentry->d_inode, dentry, &nd);
5767 @@ -2267,9 +2370,10 @@ asmlinkage long sys_unlink(const char __
5768 return do_unlinkat(AT_FDCWD, pathname);
5771 -int vfs_symlink(struct inode *dir, struct dentry *dentry, const char *oldname, int mode)
5772 +int vfs_symlink(struct inode *dir, struct dentry *dentry,
5773 + const char *oldname, int mode, struct nameidata *nd)
5775 - int error = may_create(dir, dentry, NULL);
5776 + int error = may_create(dir, dentry, nd);
5780 @@ -2313,7 +2417,8 @@ asmlinkage long sys_symlinkat(const char
5784 - error = vfs_symlink(nd.path.dentry->d_inode, dentry, from, S_IALLUGO);
5785 + error = vfs_symlink(nd.path.dentry->d_inode, dentry, from,
5789 mutex_unlock(&nd.path.dentry->d_inode->i_mutex);
5790 @@ -2330,7 +2435,8 @@ asmlinkage long sys_symlink(const char _
5791 return sys_symlinkat(oldname, AT_FDCWD, newname);
5794 -int vfs_link(struct dentry *old_dentry, struct inode *dir, struct dentry *new_dentry)
5795 +int vfs_link(struct dentry *old_dentry, struct inode *dir,
5796 + struct dentry *new_dentry, struct nameidata *nd)
5798 struct inode *inode = old_dentry->d_inode;
5800 @@ -2338,7 +2444,7 @@ int vfs_link(struct dentry *old_dentry,
5804 - error = may_create(dir, new_dentry, NULL);
5805 + error = may_create(dir, new_dentry, nd);
5809 @@ -2348,7 +2454,7 @@ int vfs_link(struct dentry *old_dentry,
5811 * A link to an append-only or immutable file cannot be created.
5813 - if (IS_APPEND(inode) || IS_IMMUTABLE(inode))
5814 + if (IS_APPEND(inode) || IS_IXORUNLINK(inode))
5816 if (!dir->i_op || !dir->i_op->link)
5818 @@ -2408,7 +2514,8 @@ asmlinkage long sys_linkat(int olddfd, c
5819 error = PTR_ERR(new_dentry);
5820 if (IS_ERR(new_dentry))
5822 - error = vfs_link(old_nd.path.dentry, nd.path.dentry->d_inode, new_dentry);
5823 + error = vfs_link(old_nd.path.dentry, nd.path.dentry->d_inode,
5827 mutex_unlock(&nd.path.dentry->d_inode->i_mutex);
5828 @@ -2540,14 +2647,14 @@ int vfs_rename(struct inode *old_dir, st
5829 if (old_dentry->d_inode == new_dentry->d_inode)
5832 - error = may_delete(old_dir, old_dentry, is_dir);
5833 + error = may_delete(old_dir, old_dentry, is_dir, NULL);
5837 if (!new_dentry->d_inode)
5838 error = may_create(new_dir, new_dentry, NULL);
5840 - error = may_delete(new_dir, new_dentry, is_dir);
5841 + error = may_delete(new_dir, new_dentry, is_dir, NULL);
5845 @@ -2625,6 +2732,9 @@ static int do_rename(int olddfd, const c
5847 if (old_dentry == trap)
5850 + if (MNT_IS_RDONLY(newnd.path.mnt))
5852 new_dentry = lookup_hash(&newnd);
5853 error = PTR_ERR(new_dentry);
5854 if (IS_ERR(new_dentry))
5855 @@ -2718,6 +2828,214 @@ int vfs_follow_link(struct nameidata *nd
5856 return __vfs_follow_link(nd, link);
5860 +#ifdef CONFIG_VSERVER_COWBL
5862 +#include <linux/file.h>
5865 +long do_cow_splice(struct file *in, struct file *out, size_t len)
5869 + return do_splice_direct(in, &ppos, out, len, 0);
5872 +struct dentry *cow_break_link(const char *pathname)
5874 + int ret, mode, pathlen, redo = 0;
5875 + struct nameidata old_nd, dir_nd;
5876 + struct path old_path, new_path;
5877 + struct dentry *dir, *res = NULL;
5878 + struct file *old_file;
5879 + struct file *new_file;
5880 + char *to, *path, pad='\251';
5883 + vxdprintk(VXD_CBIT(misc, 1), "cow_break_link(»%s«)", pathname);
5884 + path = kmalloc(PATH_MAX, GFP_KERNEL);
5889 + /* old_nd will have refs to dentry and mnt */
5890 + ret = path_lookup(pathname, LOOKUP_FOLLOW, &old_nd);
5891 + vxdprintk(VXD_CBIT(misc, 2), "path_lookup(old): %d", ret);
5893 + goto out_free_path;
5895 + old_path = old_nd.path;
5896 + mode = old_path.dentry->d_inode->i_mode;
5898 + to = d_path(&old_path, path, PATH_MAX-2);
5899 + pathlen = strlen(to);
5900 + vxdprintk(VXD_CBIT(misc, 2), "old path »%s« [»%.*s«:%d]", to,
5901 + old_path.dentry->d_name.len, old_path.dentry->d_name.name,
5902 + old_path.dentry->d_name.len);
5904 + to[pathlen + 1] = 0;
5906 + to[pathlen] = pad--;
5908 + if (pad <= '\240')
5911 + vxdprintk(VXD_CBIT(misc, 1), "temp copy »%s«", to);
5912 + /* dir_nd will have refs to dentry and mnt */
5913 + ret = path_lookup(to,
5914 + LOOKUP_PARENT | LOOKUP_OPEN | LOOKUP_CREATE, &dir_nd);
5915 + vxdprintk(VXD_CBIT(misc, 2),
5916 + "path_lookup(new): %d", ret);
5920 + /* this puppy downs the inode mutex */
5921 + new_path.dentry = lookup_create(&dir_nd, 0);
5922 + vxdprintk(VXD_CBIT(misc, 2),
5923 + "lookup_create(new): %p [»%.*s«:%d]", new_path.dentry,
5924 + new_path.dentry->d_name.len, new_path.dentry->d_name.name,
5925 + new_path.dentry->d_name.len);
5926 + if (!new_path.dentry || IS_ERR(new_path.dentry)) {
5927 + path_put(&dir_nd.path);
5930 + dir = dir_nd.path.dentry;
5932 + ret = vfs_create(dir_nd.path.dentry->d_inode, new_path.dentry, mode, &dir_nd);
5933 + vxdprintk(VXD_CBIT(misc, 2),
5934 + "vfs_create(new): %d", ret);
5935 + if (ret == -EEXIST) {
5936 + mutex_unlock(&dir->d_inode->i_mutex);
5937 + dput(new_path.dentry);
5938 + path_put(&dir_nd.path);
5942 + goto out_unlock_new;
5944 + /* drop out early, ret passes ENOENT */
5946 + if ((redo = d_unhashed(old_path.dentry)))
5947 + goto out_unlock_new;
5949 + new_path.mnt = dir_nd.path.mnt;
5950 + dget(old_path.dentry);
5951 + mntget(old_path.mnt);
5952 + /* this one cleans up the dentry/mnt in case of failure */
5953 + old_file = dentry_open(old_path.dentry, old_path.mnt, O_RDONLY);
5954 + vxdprintk(VXD_CBIT(misc, 2),
5955 + "dentry_open(old): %p", old_file);
5956 + if (!old_file || IS_ERR(old_file)) {
5957 + res = IS_ERR(old_file) ? (void *) old_file : res;
5958 + goto out_unlock_new;
5961 + dget(new_path.dentry);
5962 + mntget(new_path.mnt);
5963 + /* this one cleans up the dentry/mnt in case of failure */
5964 + new_file = dentry_open(new_path.dentry, new_path.mnt, O_WRONLY);
5965 + vxdprintk(VXD_CBIT(misc, 2),
5966 + "dentry_open(new): %p", new_file);
5968 + ret = IS_ERR(new_file) ? PTR_ERR(new_file) : -ENOENT;
5969 + if (!new_file || IS_ERR(new_file))
5970 + goto out_fput_old;
5972 + size = i_size_read(old_file->f_dentry->d_inode);
5973 + ret = do_cow_splice(old_file, new_file, size);
5974 + vxdprintk(VXD_CBIT(misc, 2), "do_splice_direct: %d", ret);
5976 + goto out_fput_both;
5977 + } else if (ret < size) {
5979 + goto out_fput_both;
5981 + struct inode *old_inode = old_path.dentry->d_inode;
5982 + struct inode *new_inode = new_path.dentry->d_inode;
5983 + struct iattr attr = {
5984 + .ia_uid = old_inode->i_uid,
5985 + .ia_gid = old_inode->i_gid,
5986 + .ia_valid = ATTR_UID | ATTR_GID
5989 + ret = inode_setattr(new_inode, &attr);
5991 + goto out_fput_both;
5994 + mutex_lock(&old_path.dentry->d_inode->i_sb->s_vfs_rename_mutex);
5996 + /* drop out late */
5998 + if ((redo = d_unhashed(old_path.dentry)))
6001 + vxdprintk(VXD_CBIT(misc, 2),
6002 + "vfs_rename: [»%*s«:%d] -> [»%*s«:%d]",
6003 + new_path.dentry->d_name.len, new_path.dentry->d_name.name,
6004 + new_path.dentry->d_name.len,
6005 + old_path.dentry->d_name.len, old_path.dentry->d_name.name,
6006 + old_path.dentry->d_name.len);
6007 + ret = vfs_rename(dir_nd.path.dentry->d_inode, new_path.dentry,
6008 + old_nd.path.dentry->d_parent->d_inode, old_path.dentry);
6009 + vxdprintk(VXD_CBIT(misc, 2), "vfs_rename: %d", ret);
6010 + res = new_path.dentry;
6013 + mutex_unlock(&old_path.dentry->d_inode->i_sb->s_vfs_rename_mutex);
6016 + vxdprintk(VXD_CBIT(misc, 3),
6017 + "fput(new_file=%p[#%d])", new_file,
6018 + atomic_read(&new_file->f_count));
6022 + vxdprintk(VXD_CBIT(misc, 3),
6023 + "fput(old_file=%p[#%d])", old_file,
6024 + atomic_read(&old_file->f_count));
6028 + mutex_unlock(&dir->d_inode->i_mutex);
6032 + /* error path cleanup */
6033 + vfs_unlink(dir->d_inode, new_path.dentry, &dir_nd);
6034 + dput(new_path.dentry);
6038 + goto out_rel_both;
6039 + /* lookup dentry once again */
6040 + path_put(&old_nd.path);
6041 + ret = path_lookup(pathname, LOOKUP_FOLLOW, &old_nd);
6043 + goto out_rel_both;
6045 + new_path.dentry = old_nd.path.dentry;
6046 + vxdprintk(VXD_CBIT(misc, 2),
6047 + "path_lookup(redo): %p [»%.*s«:%d]", new_path.dentry,
6048 + new_path.dentry->d_name.len, new_path.dentry->d_name.name,
6049 + new_path.dentry->d_name.len);
6050 + dget(new_path.dentry);
6051 + res = new_path.dentry;
6054 + path_put(&dir_nd.path);
6056 + path_put(&old_nd.path);
6061 + res = ERR_PTR(ret);
6067 /* get the link contents into pagecache */
6068 static char *page_getlink(struct dentry * dentry, struct page **ppage)
6070 diff -NurpP --minimal linux-2.6.25.11/fs/namespace.c linux-2.6.25.11-vs2.3.0.34.14/fs/namespace.c
6071 --- linux-2.6.25.11/fs/namespace.c 2008-04-17 12:05:40.000000000 -0400
6072 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/namespace.c 2008-04-21 17:20:53.000000000 -0400
6074 #include <linux/mount.h>
6075 #include <linux/ramfs.h>
6076 #include <linux/log2.h>
6077 +#include <linux/vs_base.h>
6078 +#include <linux/vs_context.h>
6079 +#include <linux/vs_tag.h>
6080 +#include <linux/vserver/space.h>
6081 +#include <linux/vserver/global.h>
6082 #include <asm/uaccess.h>
6083 #include <asm/unistd.h>
6085 @@ -244,6 +249,7 @@ static struct vfsmount *clone_mnt(struct
6086 mnt->mnt_root = dget(root);
6087 mnt->mnt_mountpoint = mnt->mnt_root;
6088 mnt->mnt_parent = mnt;
6089 + mnt->mnt_tag = old->mnt_tag;
6091 if (flag & CL_SLAVE) {
6092 list_add(&mnt->mnt_slave, &old->mnt_slave_list);
6093 @@ -323,6 +329,31 @@ static inline void mangle(struct seq_fil
6094 seq_escape(m, s, " \t\n\\");
6097 +static int mnt_is_reachable(struct vfsmount *mnt)
6100 + struct dentry *point;
6103 + if (mnt == mnt->mnt_ns->root)
6106 + spin_lock(&vfsmount_lock);
6107 + root = current->fs->root;
6108 + point = root.dentry;
6110 + while ((mnt != mnt->mnt_parent) && (mnt != root.mnt)) {
6111 + point = mnt->mnt_mountpoint;
6112 + mnt = mnt->mnt_parent;
6115 + ret = (mnt == root.mnt) && is_subdir(point, root.dentry);
6117 + spin_unlock(&vfsmount_lock);
6123 * Simple .show_options callback for filesystems which don't want to
6124 * implement more complex mount option showing.
6125 @@ -388,44 +419,61 @@ static int show_vfsmnt(struct seq_file *
6126 struct vfsmount *mnt = list_entry(v, struct vfsmount, mnt_list);
6128 static struct proc_fs_info {
6136 - { MS_SYNCHRONOUS, ",sync" },
6137 - { MS_DIRSYNC, ",dirsync" },
6138 - { MS_MANDLOCK, ",mand" },
6141 - static struct proc_fs_info mnt_info[] = {
6142 - { MNT_NOSUID, ",nosuid" },
6143 - { MNT_NODEV, ",nodev" },
6144 - { MNT_NOEXEC, ",noexec" },
6145 - { MNT_NOATIME, ",noatime" },
6146 - { MNT_NODIRATIME, ",nodiratime" },
6147 - { MNT_RELATIME, ",relatime" },
6149 + { MS_RDONLY, MNT_RDONLY, "ro", "rw" },
6150 + { MS_SYNCHRONOUS, 0, ",sync", NULL },
6151 + { MS_DIRSYNC, 0, ",dirsync", NULL },
6152 + { MS_MANDLOCK, 0, ",mand", NULL },
6153 + { MS_TAGGED, 0, ",tag", NULL },
6154 + { MS_NOATIME, MNT_NOATIME, ",noatime", NULL },
6155 + { MS_NODIRATIME, MNT_NODIRATIME, ",nodiratime", NULL },
6156 + { MS_RELATIME, MNT_RELATIME, ",relatime", NULL },
6157 + { 0, MNT_NOSUID, ",nosuid", NULL },
6158 + { 0, MNT_NODEV, ",nodev", NULL },
6159 + { 0, MNT_NOEXEC, ",noexec", NULL },
6160 + { 0, 0, NULL, NULL }
6162 - struct proc_fs_info *fs_infop;
6163 - struct path mnt_path = { .dentry = mnt->mnt_root, .mnt = mnt };
6164 + struct proc_fs_info *p;
6165 + unsigned long s_flags = mnt->mnt_sb->s_flags;
6166 + int mnt_flags = mnt->mnt_flags;
6168 - mangle(m, mnt->mnt_devname ? mnt->mnt_devname : "none");
6170 - seq_path(m, &mnt_path, " \t\n\\");
6172 - mangle(m, mnt->mnt_sb->s_type->name);
6173 - if (mnt->mnt_sb->s_subtype && mnt->mnt_sb->s_subtype[0]) {
6175 - mangle(m, mnt->mnt_sb->s_subtype);
6177 - seq_puts(m, mnt->mnt_sb->s_flags & MS_RDONLY ? " ro" : " rw");
6178 - for (fs_infop = fs_info; fs_infop->flag; fs_infop++) {
6179 - if (mnt->mnt_sb->s_flags & fs_infop->flag)
6180 - seq_puts(m, fs_infop->str);
6181 + if (vx_flags(VXF_HIDE_MOUNT, 0))
6183 + if (!mnt_is_reachable(mnt) && !vx_check(0, VS_WATCH_P))
6186 + if (!vx_check(0, VS_ADMIN|VS_WATCH) &&
6187 + mnt == current->fs->root.mnt) {
6188 + seq_puts(m, "/dev/root / ");
6190 + struct path mnt_path = { .dentry = mnt->mnt_root, .mnt = mnt };
6191 + mangle(m, mnt->mnt_devname ? mnt->mnt_devname : "none");
6193 + seq_path(m, &mnt_path, " \t\n\\");
6196 + if (mnt->mnt_sb->s_subtype && mnt->mnt_sb->s_subtype[0]) {
6198 + mangle(m, mnt->mnt_sb->s_subtype);
6201 - for (fs_infop = mnt_info; fs_infop->flag; fs_infop++) {
6202 - if (mnt->mnt_flags & fs_infop->flag)
6203 - seq_puts(m, fs_infop->str);
6204 + mangle(m, mnt->mnt_sb->s_type->name);
6206 + for (p = fs_info; (p->s_flag | p->mnt_flag) ; p++) {
6207 + if ((s_flags & p->s_flag) || (mnt_flags & p->mnt_flag)) {
6209 + seq_puts(m, p->set_str);
6212 + seq_puts(m, p->unset_str);
6215 + if (mnt->mnt_flags & MNT_TAGID)
6216 + seq_printf(m, ",tag=%d", mnt->mnt_tag);
6217 if (mnt->mnt_sb->s_op->show_options)
6218 err = mnt->mnt_sb->s_op->show_options(m, mnt);
6219 seq_puts(m, " 0 0\n");
6220 @@ -445,17 +493,27 @@ static int show_vfsstat(struct seq_file
6221 struct path mnt_path = { .dentry = mnt->mnt_root, .mnt = mnt };
6225 - if (mnt->mnt_devname) {
6226 - seq_puts(m, "device ");
6227 - mangle(m, mnt->mnt_devname);
6229 - seq_puts(m, "no device");
6230 + if (vx_flags(VXF_HIDE_MOUNT, 0))
6232 + if (!mnt_is_reachable(mnt) && !vx_check(0, VS_WATCH_P))
6236 - seq_puts(m, " mounted on ");
6237 - seq_path(m, &mnt_path, " \t\n\\");
6239 + if (!vx_check(0, VS_ADMIN|VS_WATCH) &&
6240 + mnt == current->fs->root.mnt) {
6241 + seq_puts(m, "device /dev/root mounted on / ");
6244 + if (mnt->mnt_devname) {
6245 + seq_puts(m, "device ");
6246 + mangle(m, mnt->mnt_devname);
6248 + seq_puts(m, "no device");
6251 + seq_puts(m, " mounted on ");
6252 + seq_path(m, &mnt_path, " \t\n\\");
6256 /* file system type */
6257 seq_puts(m, "with fstype ");
6258 @@ -693,7 +751,7 @@ asmlinkage long sys_umount(char __user *
6262 - if (!capable(CAP_SYS_ADMIN))
6263 + if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT))
6266 retval = do_umount(nd.path.mnt, flags);
6267 @@ -719,7 +777,7 @@ asmlinkage long sys_oldumount(char __use
6269 static int mount_is_safe(struct nameidata *nd)
6271 - if (capable(CAP_SYS_ADMIN))
6272 + if (vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT))
6276 @@ -974,11 +1032,13 @@ static noinline int do_change_type(struc
6277 * noinline this do_mount helper to save do_mount stack space.
6279 static noinline int do_loopback(struct nameidata *nd, char *old_name,
6281 + tag_t tag, unsigned long flags, int mnt_flags)
6283 struct nameidata old_nd;
6284 struct vfsmount *mnt = NULL;
6285 int err = mount_is_safe(nd);
6286 + int recurse = flags & MS_REC;
6290 if (!old_name || !*old_name)
6291 @@ -1004,6 +1064,12 @@ static noinline int do_loopback(struct n
6295 + mnt->mnt_flags = mnt_flags;
6296 + if (flags & MS_TAGID) {
6297 + mnt->mnt_tag = tag;
6298 + mnt->mnt_flags |= MNT_TAGID;
6301 err = graft_tree(mnt, nd);
6303 LIST_HEAD(umount_list);
6304 @@ -1012,6 +1078,7 @@ static noinline int do_loopback(struct n
6305 spin_unlock(&vfsmount_lock);
6306 release_mounts(&umount_list);
6308 + mnt->mnt_flags = mnt_flags;
6311 up_write(&namespace_sem);
6312 @@ -1026,12 +1093,12 @@ out:
6313 * noinline this do_mount helper to save do_mount stack space.
6315 static noinline int do_remount(struct nameidata *nd, int flags, int mnt_flags,
6317 + void *data, xid_t xid)
6320 struct super_block *sb = nd->path.mnt->mnt_sb;
6322 - if (!capable(CAP_SYS_ADMIN))
6323 + if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_REMOUNT))
6326 if (!check_mnt(nd->path.mnt))
6327 @@ -1069,7 +1136,7 @@ static noinline int do_move_mount(struct
6328 struct path parent_path;
6331 - if (!capable(CAP_SYS_ADMIN))
6332 + if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT))
6334 if (!old_name || !*old_name)
6336 @@ -1152,7 +1219,7 @@ static noinline int do_new_mount(struct
6339 /* we need capabilities... */
6340 - if (!capable(CAP_SYS_ADMIN))
6341 + if (!vx_capable(CAP_SYS_ADMIN, VXC_SECURE_MOUNT))
6344 mnt = do_kern_mount(type, flags, name, data);
6345 @@ -1397,6 +1464,7 @@ long do_mount(char *dev_name, char *dir_
6346 struct nameidata nd;
6352 if ((flags & MS_MGC_MSK) == MS_MGC_VAL)
6353 @@ -1412,7 +1480,17 @@ long do_mount(char *dev_name, char *dir_
6355 ((char *)data_page)[PAGE_SIZE - 1] = 0;
6357 + retval = dx_parse_tag(data_page, &tag, 1);
6359 + mnt_flags |= retval;
6360 + /* FIXME: bind and re-mounts get the tag flag? */
6361 + if (flags & (MS_BIND|MS_REMOUNT))
6362 + flags |= MS_TAGID;
6365 /* Separate the per-mountpoint flags */
6366 + if (flags & MS_RDONLY)
6367 + mnt_flags |= MNT_RDONLY;
6368 if (flags & MS_NOSUID)
6369 mnt_flags |= MNT_NOSUID;
6370 if (flags & MS_NODEV)
6371 @@ -1426,6 +1504,8 @@ long do_mount(char *dev_name, char *dir_
6372 if (flags & MS_RELATIME)
6373 mnt_flags |= MNT_RELATIME;
6375 + if (!capable(CAP_SYS_ADMIN))
6376 + mnt_flags |= MNT_NODEV;
6377 flags &= ~(MS_NOSUID | MS_NOEXEC | MS_NODEV | MS_ACTIVE |
6378 MS_NOATIME | MS_NODIRATIME | MS_RELATIME| MS_KERNMOUNT);
6380 @@ -1440,9 +1520,9 @@ long do_mount(char *dev_name, char *dir_
6382 if (flags & MS_REMOUNT)
6383 retval = do_remount(&nd, flags & ~MS_REMOUNT, mnt_flags,
6386 else if (flags & MS_BIND)
6387 - retval = do_loopback(&nd, dev_name, flags & MS_REC);
6388 + retval = do_loopback(&nd, dev_name, tag, flags, mnt_flags);
6389 else if (flags & (MS_SHARED | MS_PRIVATE | MS_SLAVE | MS_UNBINDABLE))
6390 retval = do_change_type(&nd, flags);
6391 else if (flags & MS_MOVE)
6392 @@ -1515,6 +1595,7 @@ static struct mnt_namespace *dup_mnt_ns(
6393 q = next_mnt(q, new_ns->root);
6395 up_write(&namespace_sem);
6396 + atomic_inc(&vs_global_mnt_ns);
6400 @@ -1850,5 +1931,6 @@ void __put_mnt_ns(struct mnt_namespace *
6401 spin_unlock(&vfsmount_lock);
6402 up_write(&namespace_sem);
6403 release_mounts(&umount_list);
6404 + atomic_dec(&vs_global_mnt_ns);
6407 diff -NurpP --minimal linux-2.6.25.11/fs/nfs/client.c linux-2.6.25.11-vs2.3.0.34.14/fs/nfs/client.c
6408 --- linux-2.6.25.11/fs/nfs/client.c 2008-04-17 12:05:40.000000000 -0400
6409 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/nfs/client.c 2008-04-19 15:14:52.000000000 -0400
6410 @@ -589,6 +589,9 @@ static int nfs_init_server_rpcclient(str
6411 if (server->flags & NFS_MOUNT_SOFT)
6412 server->client->cl_softrtry = 1;
6414 + server->client->cl_tag = 0;
6415 + if (server->flags & NFS_MOUNT_TAGGED)
6416 + server->client->cl_tag = 1;
6420 @@ -742,6 +745,10 @@ static void nfs_server_set_fsinfo(struct
6421 server->acdirmin = server->acdirmax = 0;
6424 + /* FIXME: needs fsinfo
6425 + if (server->flags & NFS_MOUNT_TAGGED)
6426 + sb->s_flags |= MS_TAGGED; */
6428 server->maxfilesize = fsinfo->maxfilesize;
6430 /* We're airborne Set socket buffersize */
6431 diff -NurpP --minimal linux-2.6.25.11/fs/nfs/dir.c linux-2.6.25.11-vs2.3.0.34.14/fs/nfs/dir.c
6432 --- linux-2.6.25.11/fs/nfs/dir.c 2008-04-17 12:05:40.000000000 -0400
6433 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/nfs/dir.c 2008-04-21 16:52:03.000000000 -0400
6435 #include <linux/namei.h>
6436 #include <linux/mount.h>
6437 #include <linux/sched.h>
6438 +#include <linux/vs_tag.h>
6440 #include "nfs4_fs.h"
6441 #include "delegation.h"
6442 @@ -930,6 +931,7 @@ static struct dentry *nfs_lookup(struct
6444 goto out_unblock_sillyrename;
6446 + dx_propagate_tag(nd, inode);
6448 res = d_materialise_unique(dentry, inode);
6450 @@ -967,7 +969,8 @@ static int is_atomic_open(struct inode *
6451 if (nd->flags & LOOKUP_DIRECTORY)
6453 /* Are we trying to write to a read only partition? */
6454 - if (IS_RDONLY(dir) && (nd->intent.open.flags & (O_CREAT|O_TRUNC|FMODE_WRITE)))
6455 + if ((IS_RDONLY(dir) || MNT_IS_RDONLY(nd->path.mnt)) &&
6456 + (nd->intent.open.flags & (O_CREAT|O_TRUNC|FMODE_WRITE)))
6460 diff -NurpP --minimal linux-2.6.25.11/fs/nfs/inode.c linux-2.6.25.11-vs2.3.0.34.14/fs/nfs/inode.c
6461 --- linux-2.6.25.11/fs/nfs/inode.c 2008-04-17 12:05:40.000000000 -0400
6462 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/nfs/inode.c 2008-04-19 15:14:52.000000000 -0400
6464 #include <linux/vfs.h>
6465 #include <linux/inet.h>
6466 #include <linux/nfs_xdr.h>
6467 +#include <linux/vs_tag.h>
6469 #include <asm/system.h>
6470 #include <asm/uaccess.h>
6471 @@ -316,8 +317,10 @@ nfs_fhget(struct super_block *sb, struct
6472 nfsi->change_attr = fattr->change_attr;
6473 inode->i_size = nfs_size_to_loff_t(fattr->size);
6474 inode->i_nlink = fattr->nlink;
6475 - inode->i_uid = fattr->uid;
6476 - inode->i_gid = fattr->gid;
6477 + inode->i_uid = INOTAG_UID(DX_TAG(inode), fattr->uid, fattr->gid);
6478 + inode->i_gid = INOTAG_GID(DX_TAG(inode), fattr->uid, fattr->gid);
6479 + inode->i_tag = INOTAG_TAG(DX_TAG(inode), fattr->uid, fattr->gid, 0);
6480 + /* maybe fattr->xid someday */
6481 if (fattr->valid & (NFS_ATTR_FATTR_V3 | NFS_ATTR_FATTR_V4)) {
6483 * report the blocks in 512byte units
6484 @@ -410,6 +413,8 @@ void nfs_setattr_update_inode(struct ino
6485 inode->i_uid = attr->ia_uid;
6486 if ((attr->ia_valid & ATTR_GID) != 0)
6487 inode->i_gid = attr->ia_gid;
6488 + if ((attr->ia_valid & ATTR_TAG) && IS_TAGGED(inode))
6489 + inode->i_tag = attr->ia_tag;
6490 spin_lock(&inode->i_lock);
6491 NFS_I(inode)->cache_validity |= NFS_INO_INVALID_ACCESS|NFS_INO_INVALID_ACL;
6492 spin_unlock(&inode->i_lock);
6493 @@ -841,6 +846,9 @@ static int nfs_check_inode_attributes(st
6494 struct nfs_inode *nfsi = NFS_I(inode);
6495 loff_t cur_size, new_isize;
6496 unsigned long invalid = 0;
6502 /* Has the inode gone and changed behind our back? */
6503 @@ -865,10 +873,15 @@ static int nfs_check_inode_attributes(st
6504 if (cur_size != new_isize && nfsi->npages == 0)
6505 invalid |= NFS_INO_INVALID_ATTR|NFS_INO_REVAL_PAGECACHE;
6507 + uid = INOTAG_UID(DX_TAG(inode), fattr->uid, fattr->gid);
6508 + gid = INOTAG_GID(DX_TAG(inode), fattr->uid, fattr->gid);
6509 + tag = INOTAG_TAG(DX_TAG(inode), fattr->uid, fattr->gid, 0);
6511 /* Have any file permissions changed? */
6512 if ((inode->i_mode & S_IALLUGO) != (fattr->mode & S_IALLUGO)
6513 - || inode->i_uid != fattr->uid
6514 - || inode->i_gid != fattr->gid)
6515 + || inode->i_uid != uid
6516 + || inode->i_gid != gid
6517 + || inode->i_tag != tag)
6518 invalid |= NFS_INO_INVALID_ATTR | NFS_INO_INVALID_ACCESS | NFS_INO_INVALID_ACL;
6520 /* Has the link count changed? */
6521 @@ -989,6 +1002,9 @@ static int nfs_update_inode(struct inode
6522 loff_t cur_isize, new_isize;
6523 unsigned long invalid = 0;
6524 unsigned long now = jiffies;
6529 dfprintk(VFS, "NFS: %s(%s/%ld ct=%d info=0x%x)\n",
6530 __FUNCTION__, inode->i_sb->s_id, inode->i_ino,
6531 @@ -1062,15 +1078,21 @@ static int nfs_update_inode(struct inode
6532 memcpy(&inode->i_atime, &fattr->atime, sizeof(inode->i_atime));
6533 nfsi->change_attr = fattr->change_attr;
6535 + uid = INOTAG_UID(DX_TAG(inode), fattr->uid, fattr->gid);
6536 + gid = INOTAG_GID(DX_TAG(inode), fattr->uid, fattr->gid);
6537 + tag = INOTAG_TAG(DX_TAG(inode), fattr->uid, fattr->gid, 0);
6539 if ((inode->i_mode & S_IALLUGO) != (fattr->mode & S_IALLUGO) ||
6540 - inode->i_uid != fattr->uid ||
6541 - inode->i_gid != fattr->gid)
6542 + inode->i_uid != uid ||
6543 + inode->i_gid != gid ||
6544 + inode->i_tag != tag)
6545 invalid |= NFS_INO_INVALID_ATTR|NFS_INO_INVALID_ACCESS|NFS_INO_INVALID_ACL;
6547 inode->i_mode = fattr->mode;
6548 inode->i_nlink = fattr->nlink;
6549 - inode->i_uid = fattr->uid;
6550 - inode->i_gid = fattr->gid;
6551 + inode->i_uid = uid;
6552 + inode->i_gid = gid;
6553 + inode->i_tag = tag;
6555 if (fattr->valid & (NFS_ATTR_FATTR_V3 | NFS_ATTR_FATTR_V4)) {
6557 diff -NurpP --minimal linux-2.6.25.11/fs/nfs/nfs3xdr.c linux-2.6.25.11-vs2.3.0.34.14/fs/nfs/nfs3xdr.c
6558 --- linux-2.6.25.11/fs/nfs/nfs3xdr.c 2008-04-17 12:05:40.000000000 -0400
6559 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/nfs/nfs3xdr.c 2008-04-19 15:14:52.000000000 -0400
6561 #include <linux/nfs3.h>
6562 #include <linux/nfs_fs.h>
6563 #include <linux/nfsacl.h>
6564 +#include <linux/vs_tag.h>
6565 #include "internal.h"
6567 #define NFSDBG_FACILITY NFSDBG_XDR
6568 @@ -180,7 +181,7 @@ xdr_decode_fattr(__be32 *p, struct nfs_f
6571 static inline __be32 *
6572 -xdr_encode_sattr(__be32 *p, struct iattr *attr)
6573 +xdr_encode_sattr(__be32 *p, struct iattr *attr, int tag)
6575 if (attr->ia_valid & ATTR_MODE) {
6577 @@ -188,15 +189,17 @@ xdr_encode_sattr(__be32 *p, struct iattr
6581 - if (attr->ia_valid & ATTR_UID) {
6582 + if (attr->ia_valid & ATTR_UID ||
6583 + (tag && (attr->ia_valid & ATTR_TAG))) {
6585 - *p++ = htonl(attr->ia_uid);
6586 + *p++ = htonl(TAGINO_UID(tag, attr->ia_uid, attr->ia_tag));
6590 - if (attr->ia_valid & ATTR_GID) {
6591 + if (attr->ia_valid & ATTR_GID ||
6592 + (tag && (attr->ia_valid & ATTR_TAG))) {
6594 - *p++ = htonl(attr->ia_gid);
6595 + *p++ = htonl(TAGINO_GID(tag, attr->ia_gid, attr->ia_tag));
6599 @@ -281,7 +284,8 @@ static int
6600 nfs3_xdr_sattrargs(struct rpc_rqst *req, __be32 *p, struct nfs3_sattrargs *args)
6602 p = xdr_encode_fhandle(p, args->fh);
6603 - p = xdr_encode_sattr(p, args->sattr);
6604 + p = xdr_encode_sattr(p, args->sattr,
6605 + req->rq_task->tk_client->cl_tag);
6606 *p++ = htonl(args->guard);
6608 p = xdr_encode_time3(p, &args->guardtime);
6609 @@ -386,7 +390,8 @@ nfs3_xdr_createargs(struct rpc_rqst *req
6610 *p++ = args->verifier[0];
6611 *p++ = args->verifier[1];
6613 - p = xdr_encode_sattr(p, args->sattr);
6614 + p = xdr_encode_sattr(p, args->sattr,
6615 + req->rq_task->tk_client->cl_tag);
6617 req->rq_slen = xdr_adjust_iovec(req->rq_svec, p);
6619 @@ -400,7 +405,8 @@ nfs3_xdr_mkdirargs(struct rpc_rqst *req,
6621 p = xdr_encode_fhandle(p, args->fh);
6622 p = xdr_encode_array(p, args->name, args->len);
6623 - p = xdr_encode_sattr(p, args->sattr);
6624 + p = xdr_encode_sattr(p, args->sattr,
6625 + req->rq_task->tk_client->cl_tag);
6626 req->rq_slen = xdr_adjust_iovec(req->rq_svec, p);
6629 @@ -413,7 +419,8 @@ nfs3_xdr_symlinkargs(struct rpc_rqst *re
6631 p = xdr_encode_fhandle(p, args->fromfh);
6632 p = xdr_encode_array(p, args->fromname, args->fromlen);
6633 - p = xdr_encode_sattr(p, args->sattr);
6634 + p = xdr_encode_sattr(p, args->sattr,
6635 + req->rq_task->tk_client->cl_tag);
6636 *p++ = htonl(args->pathlen);
6637 req->rq_slen = xdr_adjust_iovec(req->rq_svec, p);
6639 @@ -431,7 +438,8 @@ nfs3_xdr_mknodargs(struct rpc_rqst *req,
6640 p = xdr_encode_fhandle(p, args->fh);
6641 p = xdr_encode_array(p, args->name, args->len);
6642 *p++ = htonl(args->type);
6643 - p = xdr_encode_sattr(p, args->sattr);
6644 + p = xdr_encode_sattr(p, args->sattr,
6645 + req->rq_task->tk_client->cl_tag);
6646 if (args->type == NF3CHR || args->type == NF3BLK) {
6647 *p++ = htonl(MAJOR(args->rdev));
6648 *p++ = htonl(MINOR(args->rdev));
6649 diff -NurpP --minimal linux-2.6.25.11/fs/nfs/nfsroot.c linux-2.6.25.11-vs2.3.0.34.14/fs/nfs/nfsroot.c
6650 --- linux-2.6.25.11/fs/nfs/nfsroot.c 2008-04-17 12:05:40.000000000 -0400
6651 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/nfs/nfsroot.c 2008-04-19 15:14:52.000000000 -0400
6652 @@ -119,12 +119,12 @@ static int mount_port __initdata = 0; /
6654 /* Options that take integer arguments */
6655 Opt_port, Opt_rsize, Opt_wsize, Opt_timeo, Opt_retrans, Opt_acregmin,
6656 - Opt_acregmax, Opt_acdirmin, Opt_acdirmax,
6657 + Opt_acregmax, Opt_acdirmin, Opt_acdirmax, Opt_tagid,
6658 /* Options that take no arguments */
6659 Opt_soft, Opt_hard, Opt_intr,
6660 Opt_nointr, Opt_posix, Opt_noposix, Opt_cto, Opt_nocto, Opt_ac,
6661 Opt_noac, Opt_lock, Opt_nolock, Opt_v2, Opt_v3, Opt_udp, Opt_tcp,
6662 - Opt_acl, Opt_noacl,
6663 + Opt_acl, Opt_noacl, Opt_tag, Opt_notag,
6667 @@ -161,6 +161,9 @@ static match_table_t __initdata tokens =
6670 {Opt_noacl, "noacl"},
6672 + {Opt_notag, "notag"},
6673 + {Opt_tagid, "tagid=%u"},
6677 @@ -272,6 +275,20 @@ static int __init root_nfs_parse(char *n
6679 nfs_data.flags |= NFS_MOUNT_NOACL;
6681 +#ifndef CONFIG_TAGGING_NONE
6683 + nfs_data.flags |= NFS_MOUNT_TAGGED;
6686 + nfs_data.flags &= ~NFS_MOUNT_TAGGED;
6689 +#ifdef CONFIG_PROPAGATE
6692 + nfs_data.flags |= NFS_MOUNT_TAGGED;
6696 printk(KERN_WARNING "Root-NFS: unknown "
6698 diff -NurpP --minimal linux-2.6.25.11/fs/nfs/super.c linux-2.6.25.11-vs2.3.0.34.14/fs/nfs/super.c
6699 --- linux-2.6.25.11/fs/nfs/super.c 2008-04-17 12:05:40.000000000 -0400
6700 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/nfs/super.c 2008-04-19 15:14:52.000000000 -0400
6702 #include <linux/nfs_xdr.h>
6703 #include <linux/magic.h>
6704 #include <linux/parser.h>
6705 +#include <linux/vs_tag.h>
6707 #include <asm/system.h>
6708 #include <asm/uaccess.h>
6709 @@ -458,6 +459,7 @@ static void nfs_show_mount_options(struc
6710 { NFS_MOUNT_NOACL, ",noacl", "" },
6711 { NFS_MOUNT_NORDIRPLUS, ",nordirplus", "" },
6712 { NFS_MOUNT_UNSHARED, ",nosharecache", ""},
6713 + { NFS_MOUNT_TAGGED, ",tag", "" },
6716 const struct proc_nfs_info *nfs_infop;
6717 diff -NurpP --minimal linux-2.6.25.11/fs/nfsd/auth.c linux-2.6.25.11-vs2.3.0.34.14/fs/nfsd/auth.c
6718 --- linux-2.6.25.11/fs/nfsd/auth.c 2008-04-17 12:05:40.000000000 -0400
6719 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/nfsd/auth.c 2008-04-19 17:07:41.000000000 -0400
6721 #include <linux/sunrpc/svcauth.h>
6722 #include <linux/nfsd/nfsd.h>
6723 #include <linux/nfsd/export.h>
6724 +#include <linux/vs_tag.h>
6726 int nfsexp_flags(struct svc_rqst *rqstp, struct svc_export *exp)
6728 @@ -54,19 +55,23 @@ int nfsd_setuser(struct svc_rqst *rqstp,
6729 get_group_info(cred.cr_group_info);
6731 if (cred.cr_uid != (uid_t) -1)
6732 - current->fsuid = cred.cr_uid;
6733 + current->fsuid = INOTAG_UID(DX_TAG_NFSD, cred.cr_uid, cred.cr_gid);
6735 current->fsuid = exp->ex_anon_uid;
6736 if (cred.cr_gid != (gid_t) -1)
6737 - current->fsgid = cred.cr_gid;
6738 + current->fsgid = INOTAG_GID(DX_TAG_NFSD, cred.cr_uid, cred.cr_gid);
6740 current->fsgid = exp->ex_anon_gid;
6742 + /* this desperately needs a tag :) */
6743 + current->xid = (xid_t)INOTAG_TAG(DX_TAG_NFSD, cred.cr_uid, cred.cr_gid, 0);
6745 if (!cred.cr_group_info)
6747 ret = set_current_groups(cred.cr_group_info);
6748 put_group_info(cred.cr_group_info);
6749 - if ((cred.cr_uid)) {
6751 + if (INOTAG_UID(DX_TAG_NFSD, cred.cr_uid, cred.cr_gid)) {
6752 current->cap_effective =
6753 cap_drop_nfsd_set(current->cap_effective);
6755 diff -NurpP --minimal linux-2.6.25.11/fs/nfsd/nfs3xdr.c linux-2.6.25.11-vs2.3.0.34.14/fs/nfsd/nfs3xdr.c
6756 --- linux-2.6.25.11/fs/nfsd/nfs3xdr.c 2008-04-17 12:05:40.000000000 -0400
6757 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/nfsd/nfs3xdr.c 2008-04-19 17:08:09.000000000 -0400
6759 #include <linux/sunrpc/svc.h>
6760 #include <linux/nfsd/nfsd.h>
6761 #include <linux/nfsd/xdr3.h>
6762 +#include <linux/vs_tag.h>
6765 #define NFSDDBG_FACILITY NFSDDBG_XDR
6766 @@ -108,6 +109,8 @@ static __be32 *
6767 decode_sattr3(__be32 *p, struct iattr *iap)
6775 @@ -117,12 +120,15 @@ decode_sattr3(__be32 *p, struct iattr *i
6778 iap->ia_valid |= ATTR_UID;
6779 - iap->ia_uid = ntohl(*p++);
6780 + uid = ntohl(*p++);
6783 iap->ia_valid |= ATTR_GID;
6784 - iap->ia_gid = ntohl(*p++);
6785 + gid = ntohl(*p++);
6787 + iap->ia_uid = INOTAG_UID(DX_TAG_NFSD, uid, gid);
6788 + iap->ia_gid = INOTAG_GID(DX_TAG_NFSD, uid, gid);
6789 + iap->ia_tag = INOTAG_TAG(DX_TAG_NFSD, uid, gid, 0);
6793 @@ -178,8 +184,12 @@ encode_fattr3(struct svc_rqst *rqstp, __
6794 *p++ = htonl(nfs3_ftypes[(stat->mode & S_IFMT) >> 12]);
6795 *p++ = htonl((u32) stat->mode);
6796 *p++ = htonl((u32) stat->nlink);
6797 - *p++ = htonl((u32) nfsd_ruid(rqstp, stat->uid));
6798 - *p++ = htonl((u32) nfsd_rgid(rqstp, stat->gid));
6799 + *p++ = htonl((u32) nfsd_ruid(rqstp,
6800 + TAGINO_UID(0 /* FIXME: DX_TAG(dentry->d_inode) */,
6801 + stat->uid, stat->tag)));
6802 + *p++ = htonl((u32) nfsd_rgid(rqstp,
6803 + TAGINO_GID(0 /* FIXME: DX_TAG(dentry->d_inode) */,
6804 + stat->gid, stat->tag)));
6805 if (S_ISLNK(stat->mode) && stat->size > NFS3_MAXPATHLEN) {
6806 p = xdr_encode_hyper(p, (u64) NFS3_MAXPATHLEN);
6808 diff -NurpP --minimal linux-2.6.25.11/fs/nfsd/nfs4recover.c linux-2.6.25.11-vs2.3.0.34.14/fs/nfsd/nfs4recover.c
6809 --- linux-2.6.25.11/fs/nfsd/nfs4recover.c 2008-04-17 12:05:40.000000000 -0400
6810 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/nfsd/nfs4recover.c 2008-04-20 13:24:11.000000000 -0400
6811 @@ -154,7 +154,7 @@ nfsd4_create_clid_dir(struct nfs4_client
6812 dprintk("NFSD: nfsd4_create_clid_dir: DIRECTORY EXISTS\n");
6815 - status = vfs_mkdir(rec_dir.path.dentry->d_inode, dentry, S_IRWXU);
6816 + status = vfs_mkdir(rec_dir.path.dentry->d_inode, dentry, S_IRWXU, NULL);
6820 @@ -258,7 +258,7 @@ nfsd4_remove_clid_file(struct dentry *di
6823 mutex_lock_nested(&dir->d_inode->i_mutex, I_MUTEX_PARENT);
6824 - status = vfs_unlink(dir->d_inode, dentry);
6825 + status = vfs_unlink(dir->d_inode, dentry, NULL);
6826 mutex_unlock(&dir->d_inode->i_mutex);
6829 @@ -273,7 +273,7 @@ nfsd4_clear_clid_dir(struct dentry *dir,
6830 * a kernel from the future.... */
6831 nfsd4_list_rec_dir(dentry, nfsd4_remove_clid_file);
6832 mutex_lock_nested(&dir->d_inode->i_mutex, I_MUTEX_PARENT);
6833 - status = vfs_rmdir(dir->d_inode, dentry);
6834 + status = vfs_rmdir(dir->d_inode, dentry, NULL);
6835 mutex_unlock(&dir->d_inode->i_mutex);
6838 diff -NurpP --minimal linux-2.6.25.11/fs/nfsd/nfs4xdr.c linux-2.6.25.11-vs2.3.0.34.14/fs/nfsd/nfs4xdr.c
6839 --- linux-2.6.25.11/fs/nfsd/nfs4xdr.c 2008-04-17 12:05:40.000000000 -0400
6840 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/nfsd/nfs4xdr.c 2008-04-19 15:14:52.000000000 -0400
6842 #include <linux/nfs4_acl.h>
6843 #include <linux/sunrpc/gss_api.h>
6844 #include <linux/sunrpc/svcauth_gss.h>
6845 +#include <linux/vs_tag.h>
6847 #define NFSDDBG_FACILITY NFSDDBG_XDR
6849 @@ -1759,14 +1760,18 @@ out_acl:
6850 WRITE32(stat.nlink);
6852 if (bmval1 & FATTR4_WORD1_OWNER) {
6853 - status = nfsd4_encode_user(rqstp, stat.uid, &p, &buflen);
6854 + status = nfsd4_encode_user(rqstp,
6855 + TAGINO_UID(DX_TAG(dentry->d_inode),
6856 + stat.uid, stat.tag), &p, &buflen);
6857 if (status == nfserr_resource)
6862 if (bmval1 & FATTR4_WORD1_OWNER_GROUP) {
6863 - status = nfsd4_encode_group(rqstp, stat.gid, &p, &buflen);
6864 + status = nfsd4_encode_group(rqstp,
6865 + TAGINO_GID(DX_TAG(dentry->d_inode),
6866 + stat.gid, stat.tag), &p, &buflen);
6867 if (status == nfserr_resource)
6870 diff -NurpP --minimal linux-2.6.25.11/fs/nfsd/nfsxdr.c linux-2.6.25.11-vs2.3.0.34.14/fs/nfsd/nfsxdr.c
6871 --- linux-2.6.25.11/fs/nfsd/nfsxdr.c 2008-04-17 12:05:40.000000000 -0400
6872 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/nfsd/nfsxdr.c 2008-04-20 13:23:36.000000000 -0400
6874 #include <linux/nfsd/nfsd.h>
6875 #include <linux/nfsd/xdr.h>
6876 #include <linux/mm.h>
6877 +#include <linux/vs_tag.h>
6880 #define NFSDDBG_FACILITY NFSDDBG_XDR
6881 @@ -98,6 +99,8 @@ static __be32 *
6882 decode_sattr(__be32 *p, struct iattr *iap)
6890 @@ -111,12 +114,15 @@ decode_sattr(__be32 *p, struct iattr *ia
6892 if ((tmp = ntohl(*p++)) != (u32)-1) {
6893 iap->ia_valid |= ATTR_UID;
6894 - iap->ia_uid = tmp;
6897 if ((tmp = ntohl(*p++)) != (u32)-1) {
6898 iap->ia_valid |= ATTR_GID;
6899 - iap->ia_gid = tmp;
6902 + iap->ia_uid = INOTAG_UID(DX_TAG_NFSD, uid, gid);
6903 + iap->ia_gid = INOTAG_GID(DX_TAG_NFSD, uid, gid);
6904 + iap->ia_tag = INOTAG_TAG(DX_TAG_NFSD, uid, gid, 0);
6905 if ((tmp = ntohl(*p++)) != (u32)-1) {
6906 iap->ia_valid |= ATTR_SIZE;
6908 @@ -161,8 +167,10 @@ encode_fattr(struct svc_rqst *rqstp, __b
6909 *p++ = htonl(nfs_ftypes[type >> 12]);
6910 *p++ = htonl((u32) stat->mode);
6911 *p++ = htonl((u32) stat->nlink);
6912 - *p++ = htonl((u32) nfsd_ruid(rqstp, stat->uid));
6913 - *p++ = htonl((u32) nfsd_rgid(rqstp, stat->gid));
6914 + *p++ = htonl((u32) nfsd_ruid(rqstp,
6915 + TAGINO_UID(DX_TAG(dentry->d_inode), stat->uid, stat->tag)));
6916 + *p++ = htonl((u32) nfsd_rgid(rqstp,
6917 + TAGINO_GID(DX_TAG(dentry->d_inode), stat->gid, stat->tag)));
6919 if (S_ISLNK(type) && stat->size > NFS_MAXPATHLEN) {
6920 *p++ = htonl(NFS_MAXPATHLEN);
6921 diff -NurpP --minimal linux-2.6.25.11/fs/nfsd/vfs.c linux-2.6.25.11-vs2.3.0.34.14/fs/nfsd/vfs.c
6922 --- linux-2.6.25.11/fs/nfsd/vfs.c 2008-04-17 12:05:40.000000000 -0400
6923 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/nfsd/vfs.c 2008-04-21 17:24:34.000000000 -0400
6924 @@ -1258,13 +1258,13 @@ nfsd_create(struct svc_rqst *rqstp, stru
6925 host_err = vfs_create(dirp, dchild, iap->ia_mode, NULL);
6928 - host_err = vfs_mkdir(dirp, dchild, iap->ia_mode);
6929 + host_err = vfs_mkdir(dirp, dchild, iap->ia_mode, NULL);
6935 - host_err = vfs_mknod(dirp, dchild, iap->ia_mode, rdev);
6936 + host_err = vfs_mknod(dirp, dchild, iap->ia_mode, rdev, NULL);
6939 printk("nfsd: bad file type %o in nfsd_create\n", type);
6940 @@ -1529,11 +1529,13 @@ nfsd_symlink(struct svc_rqst *rqstp, str
6942 strncpy(path_alloced, path, plen);
6943 path_alloced[plen] = 0;
6944 - host_err = vfs_symlink(dentry->d_inode, dnew, path_alloced, mode);
6945 + host_err = vfs_symlink(dentry->d_inode, dnew,
6946 + path_alloced, mode, NULL);
6947 kfree(path_alloced);
6950 - host_err = vfs_symlink(dentry->d_inode, dnew, path, mode);
6951 + host_err = vfs_symlink(dentry->d_inode, dnew,
6952 + path, mode, NULL);
6955 if (EX_ISSYNC(fhp->fh_export))
6956 @@ -1592,7 +1594,7 @@ nfsd_link(struct svc_rqst *rqstp, struct
6957 dold = tfhp->fh_dentry;
6958 dest = dold->d_inode;
6960 - host_err = vfs_link(dold, dirp, dnew);
6961 + host_err = vfs_link(dold, dirp, dnew, NULL);
6963 if (EX_ISSYNC(ffhp->fh_export)) {
6964 err = nfserrno(nfsd_sync_dir(ddir));
6965 @@ -1757,9 +1759,9 @@ nfsd_unlink(struct svc_rqst *rqstp, stru
6969 - host_err = vfs_unlink(dirp, rdentry);
6970 + host_err = vfs_unlink(dirp, rdentry, NULL);
6971 } else { /* It's RMDIR */
6972 - host_err = vfs_rmdir(dirp, rdentry);
6973 + host_err = vfs_rmdir(dirp, rdentry, NULL);
6977 @@ -1876,7 +1878,8 @@ nfsd_permission(struct svc_rqst *rqstp,
6979 if (!(acc & MAY_LOCAL_ACCESS))
6980 if (acc & (MAY_WRITE | MAY_SATTR | MAY_TRUNC)) {
6981 - if (exp_rdonly(rqstp, exp) || IS_RDONLY(inode))
6982 + if (exp_rdonly(rqstp, exp) || IS_RDONLY(inode)
6983 + || MNT_IS_RDONLY(exp->ex_path.mnt))
6985 if (/* (acc & MAY_WRITE) && */ IS_IMMUTABLE(inode))
6987 diff -NurpP --minimal linux-2.6.25.11/fs/ocfs2/dlm/dlmfs.c linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/dlm/dlmfs.c
6988 --- linux-2.6.25.11/fs/ocfs2/dlm/dlmfs.c 2008-04-17 12:05:40.000000000 -0400
6989 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/dlm/dlmfs.c 2008-04-19 15:14:52.000000000 -0400
6991 #include <linux/init.h>
6992 #include <linux/string.h>
6993 #include <linux/backing-dev.h>
6994 +#include <linux/vs_tag.h>
6996 #include <asm/uaccess.h>
6998 @@ -342,6 +343,7 @@ static struct inode *dlmfs_get_root_inod
6999 inode->i_mode = mode;
7000 inode->i_uid = current->fsuid;
7001 inode->i_gid = current->fsgid;
7002 + inode->i_tag = dx_current_fstag(sb);
7003 inode->i_blocks = 0;
7004 inode->i_mapping->backing_dev_info = &dlmfs_backing_dev_info;
7005 inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME;
7006 @@ -368,6 +370,7 @@ static struct inode *dlmfs_get_inode(str
7007 inode->i_mode = mode;
7008 inode->i_uid = current->fsuid;
7009 inode->i_gid = current->fsgid;
7010 + inode->i_tag = dx_current_fstag(sb);
7011 inode->i_blocks = 0;
7012 inode->i_mapping->backing_dev_info = &dlmfs_backing_dev_info;
7013 inode->i_atime = inode->i_mtime = inode->i_ctime = CURRENT_TIME;
7014 diff -NurpP --minimal linux-2.6.25.11/fs/ocfs2/dlmglue.c linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/dlmglue.c
7015 --- linux-2.6.25.11/fs/ocfs2/dlmglue.c 2008-04-17 12:05:40.000000000 -0400
7016 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/dlmglue.c 2008-04-19 15:14:52.000000000 -0400
7017 @@ -1665,6 +1665,7 @@ static void __ocfs2_stuff_meta_lvb(struc
7018 lvb->lvb_iclusters = cpu_to_be32(oi->ip_clusters);
7019 lvb->lvb_iuid = cpu_to_be32(inode->i_uid);
7020 lvb->lvb_igid = cpu_to_be32(inode->i_gid);
7021 + lvb->lvb_itag = cpu_to_be16(inode->i_tag);
7022 lvb->lvb_imode = cpu_to_be16(inode->i_mode);
7023 lvb->lvb_inlink = cpu_to_be16(inode->i_nlink);
7024 lvb->lvb_iatime_packed =
7025 @@ -1719,6 +1720,7 @@ static void ocfs2_refresh_inode_from_lvb
7027 inode->i_uid = be32_to_cpu(lvb->lvb_iuid);
7028 inode->i_gid = be32_to_cpu(lvb->lvb_igid);
7029 + inode->i_tag = be16_to_cpu(lvb->lvb_itag);
7030 inode->i_mode = be16_to_cpu(lvb->lvb_imode);
7031 inode->i_nlink = be16_to_cpu(lvb->lvb_inlink);
7032 ocfs2_unpack_timespec(&inode->i_atime,
7033 diff -NurpP --minimal linux-2.6.25.11/fs/ocfs2/dlmglue.h linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/dlmglue.h
7034 --- linux-2.6.25.11/fs/ocfs2/dlmglue.h 2008-04-17 12:05:40.000000000 -0400
7035 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/dlmglue.h 2008-04-19 15:14:52.000000000 -0400
7036 @@ -46,7 +46,8 @@ struct ocfs2_meta_lvb {
7039 __be32 lvb_igeneration;
7040 - __be32 lvb_reserved2;
7042 + __be16 lvb_reserved2;
7045 /* ocfs2_inode_lock_full() 'arg_flags' flags */
7046 diff -NurpP --minimal linux-2.6.25.11/fs/ocfs2/file.c linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/file.c
7047 --- linux-2.6.25.11/fs/ocfs2/file.c 2008-04-17 12:05:40.000000000 -0400
7048 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/file.c 2008-04-19 15:14:52.000000000 -0400
7049 @@ -1054,13 +1054,15 @@ int ocfs2_setattr(struct dentry *dentry,
7050 mlog(0, "uid change: %d\n", attr->ia_uid);
7051 if (attr->ia_valid & ATTR_GID)
7052 mlog(0, "gid change: %d\n", attr->ia_gid);
7053 + if (attr->ia_valid & ATTR_TAG)
7054 + mlog(0, "tag change: %d\n", attr->ia_tag);
7055 if (attr->ia_valid & ATTR_SIZE)
7056 mlog(0, "size change...\n");
7057 if (attr->ia_valid & (ATTR_ATIME | ATTR_MTIME | ATTR_CTIME))
7058 mlog(0, "time change...\n");
7060 #define OCFS2_VALID_ATTRS (ATTR_ATIME | ATTR_MTIME | ATTR_CTIME | ATTR_SIZE \
7061 - | ATTR_GID | ATTR_UID | ATTR_MODE)
7062 + | ATTR_GID | ATTR_UID | ATTR_TAG | ATTR_MODE)
7063 if (!(attr->ia_valid & OCFS2_VALID_ATTRS)) {
7064 mlog(0, "can't handle attrs: 0x%x\n", attr->ia_valid);
7066 @@ -2229,6 +2231,7 @@ const struct inode_operations ocfs2_file
7067 const struct inode_operations ocfs2_special_file_iops = {
7068 .setattr = ocfs2_setattr,
7069 .getattr = ocfs2_getattr,
7070 + .sync_flags = ocfs2_sync_flags,
7071 .permission = ocfs2_permission,
7074 diff -NurpP --minimal linux-2.6.25.11/fs/ocfs2/inode.c linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/inode.c
7075 --- linux-2.6.25.11/fs/ocfs2/inode.c 2008-04-17 12:05:40.000000000 -0400
7076 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/inode.c 2008-07-11 18:24:40.000000000 -0400
7078 #include <linux/slab.h>
7079 #include <linux/highmem.h>
7080 #include <linux/pagemap.h>
7081 +#include <linux/vs_tag.h>
7083 #include <asm/byteorder.h>
7087 #include "heartbeat.h"
7090 #include "journal.h"
7092 #include "suballoc.h"
7093 @@ -74,11 +76,13 @@ void ocfs2_set_inode_flags(struct inode
7095 unsigned int flags = OCFS2_I(inode)->ip_attr;
7097 - inode->i_flags &= ~(S_IMMUTABLE |
7098 + inode->i_flags &= ~(S_IMMUTABLE | S_IXUNLINK |
7099 S_SYNC | S_APPEND | S_NOATIME | S_DIRSYNC);
7101 if (flags & OCFS2_IMMUTABLE_FL)
7102 inode->i_flags |= S_IMMUTABLE;
7103 + if (flags & OCFS2_IXUNLINK_FL)
7104 + inode->i_flags |= S_IXUNLINK;
7106 if (flags & OCFS2_SYNC_FL)
7107 inode->i_flags |= S_SYNC;
7108 @@ -88,25 +92,89 @@ void ocfs2_set_inode_flags(struct inode
7109 inode->i_flags |= S_NOATIME;
7110 if (flags & OCFS2_DIRSYNC_FL)
7111 inode->i_flags |= S_DIRSYNC;
7113 + inode->i_vflags &= ~(V_BARRIER | V_COW);
7115 + if (flags & OCFS2_BARRIER_FL)
7116 + inode->i_vflags |= V_BARRIER;
7117 + if (flags & OCFS2_COW_FL)
7118 + inode->i_vflags |= V_COW;
7121 /* Propagate flags from i_flags to OCFS2_I(inode)->ip_attr */
7122 void ocfs2_get_inode_flags(struct ocfs2_inode_info *oi)
7124 unsigned int flags = oi->vfs_inode.i_flags;
7125 + unsigned int vflags = oi->vfs_inode.i_vflags;
7127 + oi->ip_attr &= ~(OCFS2_SYNC_FL | OCFS2_APPEND_FL |
7128 + OCFS2_IMMUTABLE_FL | OCFS2_IXUNLINK_FL |
7129 + OCFS2_NOATIME_FL | OCFS2_DIRSYNC_FL |
7130 + OCFS2_BARRIER_FL | OCFS2_COW_FL);
7132 + if (flags & S_IMMUTABLE)
7133 + oi->ip_attr |= OCFS2_IMMUTABLE_FL;
7134 + if (flags & S_IXUNLINK)
7135 + oi->ip_attr |= OCFS2_IXUNLINK_FL;
7137 - oi->ip_attr &= ~(OCFS2_SYNC_FL|OCFS2_APPEND_FL|
7138 - OCFS2_IMMUTABLE_FL|OCFS2_NOATIME_FL|OCFS2_DIRSYNC_FL);
7140 oi->ip_attr |= OCFS2_SYNC_FL;
7141 if (flags & S_APPEND)
7142 oi->ip_attr |= OCFS2_APPEND_FL;
7143 - if (flags & S_IMMUTABLE)
7144 - oi->ip_attr |= OCFS2_IMMUTABLE_FL;
7145 if (flags & S_NOATIME)
7146 oi->ip_attr |= OCFS2_NOATIME_FL;
7147 if (flags & S_DIRSYNC)
7148 oi->ip_attr |= OCFS2_DIRSYNC_FL;
7150 + if (vflags & V_BARRIER)
7151 + oi->ip_attr |= OCFS2_BARRIER_FL;
7152 + if (vflags & V_COW)
7153 + oi->ip_attr |= OCFS2_COW_FL;
7156 +int ocfs2_sync_flags(struct inode *inode)
7158 + struct ocfs2_inode_info *ocfs2_inode = OCFS2_I(inode);
7159 + struct ocfs2_super *osb = OCFS2_SB(inode->i_sb);
7160 + handle_t *handle = NULL;
7161 + struct buffer_head *bh = NULL;
7164 + mutex_lock(&inode->i_mutex);
7166 + status = ocfs2_inode_lock(inode, &bh, 1);
7168 + mlog_errno(status);
7173 + if (IS_RDONLY(inode))
7176 + handle = ocfs2_start_trans(osb, OCFS2_INODE_UPDATE_CREDITS);
7177 + if (IS_ERR(handle)) {
7178 + status = PTR_ERR(handle);
7179 + mlog_errno(status);
7183 + ocfs2_set_inode_flags(inode);
7184 + status = ocfs2_mark_inode_dirty(handle, inode, bh);
7186 + mlog_errno(status);
7188 + ocfs2_commit_trans(osb, handle);
7190 + ocfs2_inode_unlock(inode, 1);
7192 + mutex_unlock(&inode->i_mutex);
7197 + mlog_exit(status);
7201 struct inode *ocfs2_iget(struct ocfs2_super *osb, u64 blkno, unsigned flags,
7202 @@ -219,6 +287,8 @@ int ocfs2_populate_inode(struct inode *i
7203 struct super_block *sb;
7204 struct ocfs2_super *osb;
7205 int status = -EINVAL;
7209 mlog_entry("(0x%p, size:%llu)\n", inode,
7210 (unsigned long long)le64_to_cpu(fe->i_size));
7211 @@ -254,8 +324,12 @@ int ocfs2_populate_inode(struct inode *i
7212 inode->i_generation = le32_to_cpu(fe->i_generation);
7213 inode->i_rdev = huge_decode_dev(le64_to_cpu(fe->id1.dev1.i_rdev));
7214 inode->i_mode = le16_to_cpu(fe->i_mode);
7215 - inode->i_uid = le32_to_cpu(fe->i_uid);
7216 - inode->i_gid = le32_to_cpu(fe->i_gid);
7217 + uid = le32_to_cpu(fe->i_uid);
7218 + gid = le32_to_cpu(fe->i_gid);
7219 + inode->i_uid = INOTAG_UID(DX_TAG(inode), uid, gid);
7220 + inode->i_gid = INOTAG_GID(DX_TAG(inode), uid, gid);
7221 + inode->i_tag = INOTAG_TAG(DX_TAG(inode), uid, gid,
7222 + /* le16_to_cpu(raw_inode->i_raw_tag)i */ 0);
7224 /* Fast symlinks will have i_size but no allocated clusters. */
7225 if (S_ISLNK(inode->i_mode) && !fe->i_clusters)
7226 @@ -1230,8 +1304,11 @@ int ocfs2_mark_inode_dirty(handle_t *han
7228 fe->i_size = cpu_to_le64(i_size_read(inode));
7229 fe->i_links_count = cpu_to_le16(inode->i_nlink);
7230 - fe->i_uid = cpu_to_le32(inode->i_uid);
7231 - fe->i_gid = cpu_to_le32(inode->i_gid);
7232 + fe->i_uid = cpu_to_le32(TAGINO_UID(DX_TAG(inode),
7233 + inode->i_uid, inode->i_tag));
7234 + fe->i_gid = cpu_to_le32(TAGINO_GID(DX_TAG(inode),
7235 + inode->i_gid, inode->i_tag));
7236 + /* i_tag = = cpu_to_le16(inode->i_tag); */
7237 fe->i_mode = cpu_to_le16(inode->i_mode);
7238 fe->i_atime = cpu_to_le64(inode->i_atime.tv_sec);
7239 fe->i_atime_nsec = cpu_to_le32(inode->i_atime.tv_nsec);
7240 @@ -1259,16 +1336,25 @@ leave:
7241 void ocfs2_refresh_inode(struct inode *inode,
7242 struct ocfs2_dinode *fe)
7247 spin_lock(&OCFS2_I(inode)->ip_lock);
7249 OCFS2_I(inode)->ip_clusters = le32_to_cpu(fe->i_clusters);
7250 OCFS2_I(inode)->ip_attr = le32_to_cpu(fe->i_attr);
7251 + /* OCFS2_I(inode)->ip_flags &= ~OCFS2_FL_MASK;
7252 + OCFS2_I(inode)->ip_flags |= le32_to_cpu(fe->i_flags) & OCFS2_FL_MASK; */
7253 OCFS2_I(inode)->ip_dyn_features = le16_to_cpu(fe->i_dyn_features);
7254 ocfs2_set_inode_flags(inode);
7255 i_size_write(inode, le64_to_cpu(fe->i_size));
7256 inode->i_nlink = le16_to_cpu(fe->i_links_count);
7257 - inode->i_uid = le32_to_cpu(fe->i_uid);
7258 - inode->i_gid = le32_to_cpu(fe->i_gid);
7259 + uid = le32_to_cpu(fe->i_uid);
7260 + gid = le32_to_cpu(fe->i_gid);
7261 + inode->i_uid = INOTAG_UID(DX_TAG(inode), uid, gid);
7262 + inode->i_gid = INOTAG_GID(DX_TAG(inode), uid, gid);
7263 + inode->i_tag = INOTAG_TAG(DX_TAG(inode), uid, gid,
7264 + /* le16_to_cpu(raw_inode->i_raw_tag)i */ 0);
7265 inode->i_mode = le16_to_cpu(fe->i_mode);
7266 if (S_ISLNK(inode->i_mode) && le32_to_cpu(fe->i_clusters) == 0)
7267 inode->i_blocks = 0;
7268 diff -NurpP --minimal linux-2.6.25.11/fs/ocfs2/inode.h linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/inode.h
7269 --- linux-2.6.25.11/fs/ocfs2/inode.h 2008-04-17 12:05:40.000000000 -0400
7270 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/inode.h 2008-04-19 15:14:52.000000000 -0400
7271 @@ -143,6 +143,7 @@ int ocfs2_aio_write(struct file *file, s
7273 void ocfs2_set_inode_flags(struct inode *inode);
7274 void ocfs2_get_inode_flags(struct ocfs2_inode_info *oi);
7275 +int ocfs2_sync_flags(struct inode *inode);
7277 static inline blkcnt_t ocfs2_inode_sector_count(struct inode *inode)
7279 diff -NurpP --minimal linux-2.6.25.11/fs/ocfs2/ioctl.c linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/ioctl.c
7280 --- linux-2.6.25.11/fs/ocfs2/ioctl.c 2008-04-17 12:05:40.000000000 -0400
7281 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/ioctl.c 2008-07-11 02:51:27.000000000 -0400
7282 @@ -41,7 +41,7 @@ static int ocfs2_get_inode_attr(struct i
7286 -static int ocfs2_set_inode_attr(struct inode *inode, unsigned flags,
7287 +int ocfs2_set_inode_attr(struct inode *inode, unsigned flags,
7290 struct ocfs2_inode_info *ocfs2_inode = OCFS2_I(inode);
7291 @@ -70,6 +70,11 @@ static int ocfs2_set_inode_attr(struct i
7292 if (!S_ISDIR(inode->i_mode))
7293 flags &= ~OCFS2_DIRSYNC_FL;
7295 + if (IS_BARRIER(inode)) {
7296 + vxwprintk_task(1, "messing with the barrier.");
7300 handle = ocfs2_start_trans(osb, OCFS2_INODE_UPDATE_CREDITS);
7301 if (IS_ERR(handle)) {
7302 status = PTR_ERR(handle);
7303 diff -NurpP --minimal linux-2.6.25.11/fs/ocfs2/ioctl.h linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/ioctl.h
7304 --- linux-2.6.25.11/fs/ocfs2/ioctl.h 2008-04-17 10:33:02.000000000 -0400
7305 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/ioctl.h 2008-04-19 15:14:52.000000000 -0400
7307 #ifndef OCFS2_IOCTL_H
7308 #define OCFS2_IOCTL_H
7310 +int ocfs2_set_inode_attr(struct inode *inode, unsigned flags,
7313 int ocfs2_ioctl(struct inode * inode, struct file * filp,
7314 unsigned int cmd, unsigned long arg);
7315 long ocfs2_compat_ioctl(struct file *file, unsigned cmd, unsigned long arg);
7316 diff -NurpP --minimal linux-2.6.25.11/fs/ocfs2/namei.c linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/namei.c
7317 --- linux-2.6.25.11/fs/ocfs2/namei.c 2008-04-17 12:05:40.000000000 -0400
7318 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/namei.c 2008-04-19 15:14:52.000000000 -0400
7320 #include <linux/types.h>
7321 #include <linux/slab.h>
7322 #include <linux/highmem.h>
7323 +#include <linux/vs_tag.h>
7325 #define MLOG_MASK_PREFIX ML_NAMEI
7326 #include <cluster/masklog.h>
7327 @@ -366,6 +367,9 @@ static int ocfs2_mknod_locked(struct ocf
7330 struct inode *inode = NULL;
7335 mlog_entry("(0x%p, 0x%p, %d, %lu, '%.*s')\n", dir, dentry, mode,
7336 (unsigned long)dev, dentry->d_name.len,
7337 @@ -425,13 +429,19 @@ static int ocfs2_mknod_locked(struct ocf
7338 fe->i_blkno = cpu_to_le64(fe_blkno);
7339 fe->i_suballoc_bit = cpu_to_le16(suballoc_bit);
7340 fe->i_suballoc_slot = cpu_to_le16(osb->slot_num);
7341 - fe->i_uid = cpu_to_le32(current->fsuid);
7343 + tag = dx_current_fstag(osb->sb);
7344 + uid = current->fsuid;
7345 if (dir->i_mode & S_ISGID) {
7346 - fe->i_gid = cpu_to_le32(dir->i_gid);
7351 - fe->i_gid = cpu_to_le32(current->fsgid);
7352 + gid = current->fsgid;
7354 + fe->i_uid = cpu_to_le32(TAGINO_UID(DX_TAG(inode), uid, tag));
7355 + fe->i_gid = cpu_to_le32(TAGINO_GID(DX_TAG(inode), gid, tag));
7356 + inode->i_tag = tag;
7357 fe->i_mode = cpu_to_le16(mode);
7358 if (S_ISCHR(mode) || S_ISBLK(mode))
7359 fe->id1.dev1.i_rdev = cpu_to_le64(huge_encode_dev(dev));
7360 @@ -1917,5 +1927,6 @@ const struct inode_operations ocfs2_dir_
7361 .rename = ocfs2_rename,
7362 .setattr = ocfs2_setattr,
7363 .getattr = ocfs2_getattr,
7364 + .sync_flags = ocfs2_sync_flags,
7365 .permission = ocfs2_permission,
7367 diff -NurpP --minimal linux-2.6.25.11/fs/ocfs2/ocfs2_fs.h linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/ocfs2_fs.h
7368 --- linux-2.6.25.11/fs/ocfs2/ocfs2_fs.h 2008-04-17 12:05:40.000000000 -0400
7369 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/ocfs2_fs.h 2008-07-08 13:51:49.000000000 -0400
7370 @@ -187,9 +187,14 @@
7371 #define OCFS2_NODUMP_FL (0x00000040) /* do not dump file */
7372 #define OCFS2_NOATIME_FL (0x00000080) /* do not update atime */
7373 #define OCFS2_DIRSYNC_FL (0x00010000) /* dirsync behaviour (directories only) */
7374 +#define OCFS2_IXUNLINK_FL (0x00020000) /* Immutable invert on unlink */
7376 -#define OCFS2_FL_VISIBLE (0x000100FF) /* User visible flags */
7377 -#define OCFS2_FL_MODIFIABLE (0x000100FF) /* User modifiable flags */
7378 +#define OCFS2_BARRIER_FL (0x01000000) /* Barrier for chroot() */
7379 +#define OCFS2_COW_FL (0x02000000) /* Copy on Write marker */
7381 +#define OCFS2_FL_VISIBLE (0x000300FF) /* User visible flags */
7382 +#define OCFS2_FL_MODIFIABLE (0x000300FF) /* User modifiable flags */
7383 +#define OCFS2_FL_MASK (0x030300FF)
7386 * Extent record flags (e_node.leaf.flags)
7387 diff -NurpP --minimal linux-2.6.25.11/fs/ocfs2/ocfs2.h linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/ocfs2.h
7388 --- linux-2.6.25.11/fs/ocfs2/ocfs2.h 2008-04-17 12:05:40.000000000 -0400
7389 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/ocfs2.h 2008-04-21 10:15:31.000000000 -0400
7390 @@ -171,6 +171,7 @@ enum ocfs2_mount_options
7391 OCFS2_MOUNT_ERRORS_PANIC = 1 << 3, /* Panic on errors */
7392 OCFS2_MOUNT_DATA_WRITEBACK = 1 << 4, /* No data ordering */
7393 OCFS2_MOUNT_LOCALFLOCKS = 1 << 5, /* No cluster aware user file locks */
7394 + OCFS2_MOUNT_TAGGED = 1 << 8, /* use tagging */
7397 #define OCFS2_OSB_SOFT_RO 0x0001
7398 diff -NurpP --minimal linux-2.6.25.11/fs/ocfs2/super.c linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/super.c
7399 --- linux-2.6.25.11/fs/ocfs2/super.c 2008-04-17 12:05:40.000000000 -0400
7400 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/ocfs2/super.c 2008-04-23 08:31:10.000000000 -0400
7401 @@ -154,6 +154,7 @@ enum {
7405 + Opt_tag, Opt_notag, Opt_tagid,
7409 @@ -172,6 +173,9 @@ static match_table_t tokens = {
7410 {Opt_commit, "commit=%u"},
7411 {Opt_localalloc, "localalloc=%d"},
7412 {Opt_localflocks, "localflocks"},
7414 + {Opt_notag, "notag"},
7415 + {Opt_tagid, "tagid=%u"},
7419 @@ -391,6 +395,13 @@ static int ocfs2_remount(struct super_bl
7423 + if ((parsed_options.mount_opt & OCFS2_MOUNT_TAGGED) &&
7424 + !(sb->s_flags & MS_TAGGED)) {
7426 + mlog(ML_ERROR, "Cannot change tagging on remount\n");
7430 if ((osb->s_mount_opt & OCFS2_MOUNT_HB_LOCAL) !=
7431 (parsed_options.mount_opt & OCFS2_MOUNT_HB_LOCAL)) {
7433 @@ -691,6 +702,9 @@ static int ocfs2_fill_super(struct super
7435 ocfs2_complete_mount_recovery(osb);
7437 + if (osb->s_mount_opt & OCFS2_MOUNT_TAGGED)
7438 + sb->s_flags |= MS_TAGGED;
7440 if (ocfs2_mount_local(osb))
7441 snprintf(nodestr, sizeof(nodestr), "local");
7443 @@ -864,6 +878,20 @@ static int ocfs2_parse_options(struct su
7445 mopt->mount_opt |= OCFS2_MOUNT_LOCALFLOCKS;
7447 +#ifndef CONFIG_TAGGING_NONE
7449 + mopt->mount_opt |= OCFS2_MOUNT_TAGGED;
7452 + mopt->mount_opt &= ~OCFS2_MOUNT_TAGGED;
7455 +#ifdef CONFIG_PROPAGATE
7458 + mopt->mount_opt |= OCFS2_MOUNT_TAGGED;
7463 "Unrecognized mount option \"%s\" "
7464 diff -NurpP --minimal linux-2.6.25.11/fs/open.c linux-2.6.25.11-vs2.3.0.34.14/fs/open.c
7465 --- linux-2.6.25.11/fs/open.c 2008-04-17 12:05:41.000000000 -0400
7466 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/open.c 2008-04-21 13:51:52.000000000 -0400
7468 #include <linux/rcupdate.h>
7469 #include <linux/audit.h>
7470 #include <linux/falloc.h>
7471 +#include <linux/vs_base.h>
7472 +#include <linux/vs_limit.h>
7473 +#include <linux/vs_dlimit.h>
7474 +#include <linux/vs_tag.h>
7475 +#include <linux/vs_cowbl.h>
7477 int vfs_statfs(struct dentry *dentry, struct kstatfs *buf)
7479 int retval = -ENODEV;
7482 + struct super_block *sb = dentry->d_sb;
7485 - if (dentry->d_sb->s_op->statfs) {
7486 + if (sb->s_op->statfs) {
7487 memset(buf, 0, sizeof(*buf));
7488 retval = security_sb_statfs(dentry);
7491 - retval = dentry->d_sb->s_op->statfs(dentry, buf);
7492 + retval = sb->s_op->statfs(dentry, buf);
7493 if (retval == 0 && buf->f_frsize == 0)
7494 buf->f_frsize = buf->f_bsize;
7496 + if (!vx_check(0, VS_ADMIN|VS_WATCH))
7497 + vx_vsi_statfs(sb, buf);
7501 @@ -249,7 +258,7 @@ static long do_sys_truncate(const char _
7505 - if (IS_RDONLY(inode))
7506 + if (IS_RDONLY(inode) || MNT_IS_RDONLY(nd.path.mnt))
7510 @@ -458,7 +467,7 @@ asmlinkage long sys_faccessat(int dfd, c
7511 special_file(nd.path.dentry->d_inode->i_mode))
7512 goto out_path_release;
7514 - if(IS_RDONLY(nd.path.dentry->d_inode))
7515 + if(IS_RDONLY(nd.path.dentry->d_inode) || MNT_IS_RDONLY(nd.path.mnt))
7519 @@ -568,7 +577,7 @@ asmlinkage long sys_fchmod(unsigned int
7520 audit_inode(NULL, dentry);
7523 - if (IS_RDONLY(inode))
7524 + if (IS_RDONLY(inode) || MNT_IS_RDONLY(file->f_vfsmnt))
7527 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
7528 @@ -598,11 +607,11 @@ asmlinkage long sys_fchmodat(int dfd, co
7529 error = __user_walk_fd(dfd, filename, LOOKUP_FOLLOW, &nd);
7532 - inode = nd.path.dentry->d_inode;
7535 - if (IS_RDONLY(inode))
7537 + error = cow_check_and_break(&nd);
7540 + inode = nd.path.dentry->d_inode;
7543 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
7544 @@ -627,7 +636,8 @@ asmlinkage long sys_chmod(const char __u
7545 return sys_fchmodat(AT_FDCWD, filename, mode);
7548 -static int chown_common(struct dentry * dentry, uid_t user, gid_t group)
7549 +static int chown_common(struct dentry *dentry, struct vfsmount *mnt,
7550 + uid_t user, gid_t group)
7552 struct inode * inode;
7554 @@ -639,7 +649,7 @@ static int chown_common(struct dentry *
7558 - if (IS_RDONLY(inode))
7559 + if (IS_RDONLY(inode) || MNT_IS_RDONLY(mnt))
7562 if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
7563 @@ -647,11 +657,11 @@ static int chown_common(struct dentry *
7564 newattrs.ia_valid = ATTR_CTIME;
7565 if (user != (uid_t) -1) {
7566 newattrs.ia_valid |= ATTR_UID;
7567 - newattrs.ia_uid = user;
7568 + newattrs.ia_uid = dx_map_uid(user);
7570 if (group != (gid_t) -1) {
7571 newattrs.ia_valid |= ATTR_GID;
7572 - newattrs.ia_gid = group;
7573 + newattrs.ia_gid = dx_map_gid(group);
7575 if (!S_ISDIR(inode->i_mode))
7576 newattrs.ia_valid |=
7577 @@ -671,7 +681,11 @@ asmlinkage long sys_chown(const char __u
7578 error = user_path_walk(filename, &nd);
7581 - error = chown_common(nd.path.dentry, user, group);
7582 +#ifdef CONFIG_VSERVER_COWBL
7583 + error = cow_check_and_break(&nd);
7586 + error = chown_common(nd.path.dentry, nd.path.mnt, user, group);
7590 @@ -691,7 +705,11 @@ asmlinkage long sys_fchownat(int dfd, co
7591 error = __user_walk_fd(dfd, filename, follow, &nd);
7594 - error = chown_common(nd.path.dentry, user, group);
7595 +#ifdef CONFIG_VSERVER_COWBL
7596 + error = cow_check_and_break(&nd);
7599 + error = chown_common(nd.path.dentry, nd.path.mnt, user, group);
7603 @@ -705,7 +723,11 @@ asmlinkage long sys_lchown(const char __
7604 error = user_path_walk_link(filename, &nd);
7607 - error = chown_common(nd.path.dentry, user, group);
7608 +#ifdef CONFIG_VSERVER_COWBL
7609 + error = cow_check_and_break(&nd);
7612 + error = chown_common(nd.path.dentry, nd.path.mnt, user, group);
7616 @@ -724,7 +746,7 @@ asmlinkage long sys_fchown(unsigned int
7618 dentry = file->f_path.dentry;
7619 audit_inode(NULL, dentry);
7620 - error = chown_common(dentry, user, group);
7621 + error = chown_common(dentry, file->f_vfsmnt, user, group);
7625 @@ -971,6 +993,7 @@ repeat:
7627 FD_CLR(fd, fdt->close_on_exec);
7628 files->next_fd = fd + 1;
7629 + vx_openfd_inc(fd);
7632 if (fdt->fd[fd] != NULL) {
7633 @@ -998,6 +1021,7 @@ static void __put_unused_fd(struct files
7634 __FD_CLR(fd, fdt->open_fds);
7635 if (fd < files->next_fd)
7636 files->next_fd = fd;
7637 + vx_openfd_dec(fd);
7640 void put_unused_fd(unsigned int fd)
7641 diff -NurpP --minimal linux-2.6.25.11/fs/proc/array.c linux-2.6.25.11-vs2.3.0.34.14/fs/proc/array.c
7642 --- linux-2.6.25.11/fs/proc/array.c 2008-07-15 22:05:17.000000000 -0400
7643 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/proc/array.c 2008-06-10 20:00:46.000000000 -0400
7645 #include <linux/delayacct.h>
7646 #include <linux/seq_file.h>
7647 #include <linux/pid_namespace.h>
7648 +#include <linux/vs_context.h>
7649 +#include <linux/vs_network.h>
7651 #include <asm/pgtable.h>
7652 #include <asm/processor.h>
7653 @@ -140,8 +142,9 @@ static const char *task_state_array[] =
7654 "D (disk sleep)", /* 2 */
7655 "T (stopped)", /* 4 */
7656 "T (tracing stop)", /* 8 */
7657 - "Z (zombie)", /* 16 */
7658 - "X (dead)" /* 32 */
7659 + "H (on hold)", /* 16 */
7660 + "Z (zombie)", /* 32 */
7661 + "X (dead)", /* 64 */
7664 static inline const char *get_task_state(struct task_struct *tsk)
7665 @@ -162,6 +165,7 @@ static inline void task_state(struct seq
7666 struct group_info *group_info;
7668 struct fdtable *fdt = NULL;
7669 +/* + pid_t pid, ptgid, tppid, tgid; */
7673 @@ -169,6 +173,12 @@ static inline void task_state(struct seq
7674 task_tgid_nr_ns(rcu_dereference(p->real_parent), ns) : 0;
7675 tpid = pid_alive(p) && p->ptrace ?
7676 task_pid_nr_ns(rcu_dereference(p->parent), ns) : 0;
7677 +/* tgid = vx_map_tgid(p->tgid);
7678 + pid = vx_map_pid(p->pid);
7679 + ptgid = vx_map_pid(pid_alive(p) ?
7680 + rcu_dereference(p->real_parent)->tgid : 0);
7681 + tppid = vx_map_pid(pid_alive(p) && p->ptrace ?
7682 + rcu_dereference(p->parent)->pid : 0); */
7686 @@ -280,7 +290,7 @@ static inline void task_sig(struct seq_f
7689 static void render_cap_t(struct seq_file *m, const char *header,
7691 + struct vx_info *vxi, kernel_cap_t *a)
7695 @@ -294,9 +304,9 @@ static void render_cap_t(struct seq_file
7697 static inline void task_cap(struct seq_file *m, struct task_struct *p)
7699 - render_cap_t(m, "CapInh:\t", &p->cap_inheritable);
7700 - render_cap_t(m, "CapPrm:\t", &p->cap_permitted);
7701 - render_cap_t(m, "CapEff:\t", &p->cap_effective);
7702 + render_cap_t(m, "CapInh:\t", p->vx_info, &p->cap_inheritable);
7703 + render_cap_t(m, "CapPrm:\t", p->vx_info, &p->cap_permitted);
7704 + render_cap_t(m, "CapEff:\t", p->vx_info, &p->cap_effective);
7707 static inline void task_context_switch_counts(struct seq_file *m,
7708 @@ -308,6 +318,45 @@ static inline void task_context_switch_c
7712 +int proc_pid_nsproxy(struct seq_file *m, struct pid_namespace *ns,
7713 + struct pid *pid, struct task_struct *task)
7715 + seq_printf(m, "Proxy:\t%p(%c)\n"
7724 + (task->nsproxy == init_task.nsproxy ? 'I' : '-'),
7725 + atomic_read(&task->nsproxy->count),
7726 + task->nsproxy->uts_ns,
7727 + (task->nsproxy->uts_ns == init_task.nsproxy->uts_ns ? 'I' : '-'),
7728 + task->nsproxy->ipc_ns,
7729 + (task->nsproxy->ipc_ns == init_task.nsproxy->ipc_ns ? 'I' : '-'),
7730 + task->nsproxy->mnt_ns,
7731 + (task->nsproxy->mnt_ns == init_task.nsproxy->mnt_ns ? 'I' : '-'),
7732 + task->nsproxy->pid_ns,
7733 + (task->nsproxy->pid_ns == init_task.nsproxy->pid_ns ? 'I' : '-'),
7734 + task->nsproxy->user_ns,
7735 + (task->nsproxy->user_ns == init_task.nsproxy->user_ns ? 'I' : '-'),
7736 + task->nsproxy->net_ns,
7737 + (task->nsproxy->net_ns == init_task.nsproxy->net_ns ? 'I' : '-'));
7741 +void task_vs_id(struct seq_file *m, struct task_struct *task)
7743 + if (task_vx_flags(task, VXF_HIDE_VINFO, 0))
7746 + seq_printf(m, "VxID: %d\n", vx_task_xid(task));
7747 + seq_printf(m, "NxID: %d\n", nx_task_nid(task));
7751 int proc_pid_status(struct seq_file *m, struct pid_namespace *ns,
7752 struct pid *pid, struct task_struct *task)
7754 @@ -323,6 +372,7 @@ int proc_pid_status(struct seq_file *m,
7757 cpuset_task_status_allowed(m, task);
7758 + task_vs_id(m, task);
7759 #if defined(CONFIG_S390)
7760 task_show_regs(m, task);
7762 @@ -494,6 +544,17 @@ static int do_task_stat(struct seq_file
7763 /* convert nsec -> ticks */
7764 start_time = nsec_to_clock_t(start_time);
7766 + /* fixup start time for virt uptime */
7767 + if (vx_flags(VXF_VIRT_UPTIME, 0)) {
7768 + unsigned long long bias =
7769 + current->vx_info->cvirt.bias_clock;
7771 + if (start_time > bias)
7772 + start_time -= bias;
7777 seq_printf(m, "%d (%s) %c %d %d %d %d %d %u %lu \
7778 %lu %lu %lu %lu %lu %ld %ld %ld %ld %d 0 %llu %lu %ld %lu %lu %lu %lu %lu \
7779 %lu %lu %lu %lu %lu %lu %lu %lu %d %d %u %u %llu %lu %ld\n",
7780 diff -NurpP --minimal linux-2.6.25.11/fs/proc/base.c linux-2.6.25.11-vs2.3.0.34.14/fs/proc/base.c
7781 --- linux-2.6.25.11/fs/proc/base.c 2008-07-15 22:05:17.000000000 -0400
7782 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/proc/base.c 2008-06-10 20:00:46.000000000 -0400
7784 #include <linux/oom.h>
7785 #include <linux/elf.h>
7786 #include <linux/pid_namespace.h>
7787 +#include <linux/vs_context.h>
7788 +#include <linux/vs_network.h>
7789 #include "internal.h"
7792 @@ -1309,6 +1311,8 @@ static struct inode *proc_pid_make_inode
7793 inode->i_uid = task->euid;
7794 inode->i_gid = task->egid;
7796 + /* procfs is xid tagged */
7797 + inode->i_tag = (tag_t)vx_task_xid(task);
7798 security_task_to_inode(task, inode);
7801 @@ -1852,6 +1856,13 @@ static struct dentry *proc_pident_lookup
7805 + /* TODO: maybe we can come up with a generic approach? */
7806 + if (task_vx_flags(task, VXF_HIDE_VINFO, 0) &&
7807 + (dentry->d_name.len == 5) &&
7808 + (!memcmp(dentry->d_name.name, "vinfo", 5) ||
7809 + !memcmp(dentry->d_name.name, "ninfo", 5)))
7813 * Yes, it does not scale. And it should not. Don't add
7814 * new entries into /proc/<tgid>/ without very good reasons.
7815 @@ -2239,7 +2250,7 @@ out_iput:
7816 static struct dentry *proc_base_lookup(struct inode *dir, struct dentry *dentry)
7818 struct dentry *error;
7819 - struct task_struct *task = get_proc_task(dir);
7820 + struct task_struct *task = get_proc_task_real(dir);
7821 const struct pid_entry *p, *last;
7823 error = ERR_PTR(-ENOENT);
7824 @@ -2304,6 +2315,9 @@ static int proc_pid_io_accounting(struct
7825 static const struct file_operations proc_task_operations;
7826 static const struct inode_operations proc_task_inode_operations;
7828 +extern int proc_pid_vx_info(struct task_struct *, char *);
7829 +extern int proc_pid_nx_info(struct task_struct *, char *);
7831 static const struct pid_entry tgid_base_stuff[] = {
7832 DIR("task", S_IRUGO|S_IXUGO, task),
7833 DIR("fd", S_IRUSR|S_IXUSR, fd),
7834 @@ -2354,6 +2368,8 @@ static const struct pid_entry tgid_base_
7835 #ifdef CONFIG_CGROUPS
7836 REG("cgroup", S_IRUGO, cgroup),
7838 + INF("vinfo", S_IRUGO, pid_vx_info),
7839 + INF("ninfo", S_IRUGO, pid_nx_info),
7840 INF("oom_score", S_IRUGO, oom_score),
7841 REG("oom_adj", S_IRUGO|S_IWUSR, oom_adjust),
7842 #ifdef CONFIG_AUDITSYSCALL
7843 @@ -2369,6 +2385,7 @@ static const struct pid_entry tgid_base_
7844 #ifdef CONFIG_TASK_IO_ACCOUNTING
7845 INF("io", S_IRUGO, pid_io_accounting),
7847 + ONE("nsproxy", S_IRUGO, pid_nsproxy),
7850 static int proc_tgid_base_readdir(struct file * filp,
7851 @@ -2565,7 +2582,7 @@ retry:
7853 pid = find_ge_pid(iter.tgid, ns);
7855 - iter.tgid = pid_nr_ns(pid, ns);
7856 + iter.tgid = pid_unmapped_nr_ns(pid, ns);
7857 iter.task = pid_task(pid, PIDTYPE_PID);
7858 /* What we to know is if the pid we have find is the
7859 * pid of a thread_group_leader. Testing for task
7860 @@ -2595,7 +2612,7 @@ static int proc_pid_fill_cache(struct fi
7861 struct tgid_iter iter)
7863 char name[PROC_NUMBUF];
7864 - int len = snprintf(name, sizeof(name), "%d", iter.tgid);
7865 + int len = snprintf(name, sizeof(name), "%d", vx_map_tgid(iter.tgid));
7866 return proc_fill_cache(filp, dirent, filldir, name, len,
7867 proc_pid_instantiate, iter.task, NULL);
7869 @@ -2604,7 +2621,7 @@ static int proc_pid_fill_cache(struct fi
7870 int proc_pid_readdir(struct file * filp, void * dirent, filldir_t filldir)
7872 unsigned int nr = filp->f_pos - FIRST_PROCESS_ENTRY;
7873 - struct task_struct *reaper = get_proc_task(filp->f_path.dentry->d_inode);
7874 + struct task_struct *reaper = get_proc_task_real(filp->f_path.dentry->d_inode);
7875 struct tgid_iter iter;
7876 struct pid_namespace *ns;
7878 @@ -2624,6 +2641,8 @@ int proc_pid_readdir(struct file * filp,
7880 iter.tgid += 1, iter = next_tgid(ns, iter)) {
7881 filp->f_pos = iter.tgid + TGID_OFFSET;
7882 + if (!vx_proc_task_visible(iter.task))
7884 if (proc_pid_fill_cache(filp, dirent, filldir, iter) < 0) {
7885 put_task_struct(iter.task);
7887 @@ -2759,6 +2778,8 @@ static struct dentry *proc_task_lookup(s
7888 tid = name_to_int(dentry);
7891 + if (vx_current_initpid(tid))
7894 ns = dentry->d_sb->s_fs_info;
7896 diff -NurpP --minimal linux-2.6.25.11/fs/proc/generic.c linux-2.6.25.11-vs2.3.0.34.14/fs/proc/generic.c
7897 --- linux-2.6.25.11/fs/proc/generic.c 2008-04-17 12:05:41.000000000 -0400
7898 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/proc/generic.c 2008-04-20 14:23:26.000000000 -0400
7900 #include <linux/bitops.h>
7901 #include <linux/spinlock.h>
7902 #include <linux/completion.h>
7903 +#include <linux/vserver/inode.h>
7904 #include <asm/uaccess.h>
7906 #include "internal.h"
7907 @@ -389,6 +390,8 @@ struct dentry *proc_lookup_de(struct pro
7908 for (de = de->subdir; de ; de = de->next) {
7909 if (de->namelen != dentry->d_name.len)
7911 + if (!vx_hide_check(0, de->vx_flags))
7913 if (!memcmp(dentry->d_name.name, de->name, de->namelen)) {
7916 @@ -397,6 +400,8 @@ struct dentry *proc_lookup_de(struct pro
7917 spin_unlock(&proc_subdir_lock);
7919 inode = proc_get_inode(dir->i_sb, ino, de);
7920 + /* generic proc entries belong to the host */
7925 @@ -481,6 +486,8 @@ int proc_readdir_de(struct proc_dir_entr
7927 /* filldir passes info to user space */
7929 + if (!vx_hide_check(0, de->vx_flags))
7931 spin_unlock(&proc_subdir_lock);
7932 if (filldir(dirent, de->name, de->namelen, filp->f_pos,
7933 de->low_ino, de->mode >> 12) < 0) {
7934 @@ -488,6 +495,7 @@ int proc_readdir_de(struct proc_dir_entr
7937 spin_lock(&proc_subdir_lock);
7942 @@ -602,6 +610,7 @@ static struct proc_dir_entry *__proc_cre
7944 atomic_set(&ent->count, 1);
7946 + ent->vx_flags = IATTR_PROC_DEFAULT;
7947 spin_lock_init(&ent->pde_unload_lock);
7948 ent->pde_unload_completion = NULL;
7950 @@ -624,7 +633,8 @@ struct proc_dir_entry *proc_symlink(cons
7956 + ent->vx_flags = IATTR_PROC_SYMLINK;
7960 diff -NurpP --minimal linux-2.6.25.11/fs/proc/inode.c linux-2.6.25.11-vs2.3.0.34.14/fs/proc/inode.c
7961 --- linux-2.6.25.11/fs/proc/inode.c 2008-04-17 12:05:41.000000000 -0400
7962 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/proc/inode.c 2008-04-19 15:14:52.000000000 -0400
7963 @@ -408,6 +408,8 @@ struct inode *proc_get_inode(struct supe
7964 inode->i_uid = de->uid;
7965 inode->i_gid = de->gid;
7968 + PROC_I(inode)->vx_flags = de->vx_flags;
7970 inode->i_size = de->size;
7972 diff -NurpP --minimal linux-2.6.25.11/fs/proc/internal.h linux-2.6.25.11-vs2.3.0.34.14/fs/proc/internal.h
7973 --- linux-2.6.25.11/fs/proc/internal.h 2008-04-17 12:05:41.000000000 -0400
7974 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/proc/internal.h 2008-05-21 14:08:19.000000000 -0400
7978 #include <linux/proc_fs.h>
7979 +#include <linux/vs_pid.h>
7981 #ifdef CONFIG_PROC_SYSCTL
7982 extern int proc_sys_init(void);
7983 @@ -57,6 +58,9 @@ extern int proc_pid_status(struct seq_fi
7984 struct pid *pid, struct task_struct *task);
7985 extern int proc_pid_statm(struct seq_file *m, struct pid_namespace *ns,
7986 struct pid *pid, struct task_struct *task);
7987 +extern int proc_pid_nsproxy(struct seq_file *m, struct pid_namespace *ns,
7988 + struct pid *pid, struct task_struct *task);
7990 extern loff_t mem_lseek(struct file *file, loff_t offset, int orig);
7992 extern const struct file_operations proc_maps_operations;
7993 @@ -76,11 +80,16 @@ static inline struct pid *proc_pid(struc
7994 return PROC_I(inode)->pid;
7997 -static inline struct task_struct *get_proc_task(struct inode *inode)
7998 +static inline struct task_struct *get_proc_task_real(struct inode *inode)
8000 return get_pid_task(proc_pid(inode), PIDTYPE_PID);
8003 +static inline struct task_struct *get_proc_task(struct inode *inode)
8005 + return vx_get_proc_task(inode, proc_pid(inode));
8008 static inline int proc_fd(struct inode *inode)
8010 return PROC_I(inode)->fd;
8011 diff -NurpP --minimal linux-2.6.25.11/fs/proc/proc_misc.c linux-2.6.25.11-vs2.3.0.34.14/fs/proc/proc_misc.c
8012 --- linux-2.6.25.11/fs/proc/proc_misc.c 2008-04-17 12:05:41.000000000 -0400
8013 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/proc/proc_misc.c 2008-04-23 11:56:24.000000000 -0400
8015 #include <asm/div64.h>
8016 #include "internal.h"
8018 +#include <linux/vs_cvirt.h>
8020 #define LOAD_INT(x) ((x) >> FSHIFT)
8021 #define LOAD_FRAC(x) LOAD_INT(((x) & (FIXED_1-1)) * 100)
8023 @@ -83,22 +85,38 @@ static int proc_calc_metrics(char *page,
8024 static int loadavg_read_proc(char *page, char **start, off_t off,
8025 int count, int *eof, void *data)
8027 + unsigned long running;
8028 + unsigned int threads;
8034 seq = read_seqbegin(&xtime_lock);
8035 - a = avenrun[0] + (FIXED_1/200);
8036 - b = avenrun[1] + (FIXED_1/200);
8037 - c = avenrun[2] + (FIXED_1/200);
8038 + if (vx_flags(VXF_VIRT_LOAD, 0)) {
8039 + struct vx_info *vxi = current->vx_info;
8041 + a = vxi->cvirt.load[0] + (FIXED_1/200);
8042 + b = vxi->cvirt.load[1] + (FIXED_1/200);
8043 + c = vxi->cvirt.load[2] + (FIXED_1/200);
8045 + running = atomic_read(&vxi->cvirt.nr_running);
8046 + threads = atomic_read(&vxi->cvirt.nr_threads);
8048 + a = avenrun[0] + (FIXED_1/200);
8049 + b = avenrun[1] + (FIXED_1/200);
8050 + c = avenrun[2] + (FIXED_1/200);
8052 + running = nr_running();
8053 + threads = nr_threads;
8055 } while (read_seqretry(&xtime_lock, seq));
8057 len = sprintf(page,"%d.%02d %d.%02d %d.%02d %ld/%d %d\n",
8058 LOAD_INT(a), LOAD_FRAC(a),
8059 LOAD_INT(b), LOAD_FRAC(b),
8060 LOAD_INT(c), LOAD_FRAC(c),
8061 - nr_running(), nr_threads,
8063 task_active_pid_ns(current)->last_pid);
8064 return proc_calc_metrics(page, start, off, count, eof, len);
8066 @@ -114,6 +132,9 @@ static int uptime_read_proc(char *page,
8067 do_posix_clock_monotonic_gettime(&uptime);
8068 monotonic_to_bootbased(&uptime);
8069 cputime_to_timespec(idletime, &idle);
8070 + if (vx_flags(VXF_VIRT_UPTIME, 0))
8071 + vx_vsi_uptime(&uptime, &idle);
8073 len = sprintf(page,"%lu.%02lu %lu.%02lu\n",
8074 (unsigned long) uptime.tv_sec,
8075 (uptime.tv_nsec / (NSEC_PER_SEC / 100)),
8076 @@ -145,7 +166,7 @@ static int meminfo_read_proc(char *page,
8078 cached = global_page_state(NR_FILE_PAGES) -
8079 total_swapcache_pages - i.bufferram;
8081 + if (cached < 0 || vx_flags(VXF_VIRT_MEM, 0))
8084 get_vmalloc_info(&vmi);
8085 diff -NurpP --minimal linux-2.6.25.11/fs/proc/root.c linux-2.6.25.11-vs2.3.0.34.14/fs/proc/root.c
8086 --- linux-2.6.25.11/fs/proc/root.c 2008-04-17 12:05:41.000000000 -0400
8087 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/proc/root.c 2008-04-19 15:14:52.000000000 -0400
8089 #include "internal.h"
8091 struct proc_dir_entry *proc_bus, *proc_root_fs, *proc_root_driver;
8092 +struct proc_dir_entry *proc_virtual;
8094 +extern void proc_vx_init(void);
8096 static int proc_test_super(struct super_block *sb, void *data)
8098 @@ -138,6 +141,7 @@ void __init proc_root_init(void)
8099 proc_device_tree_init();
8101 proc_bus = proc_mkdir("bus", NULL);
8106 diff -NurpP --minimal linux-2.6.25.11/fs/quota.c linux-2.6.25.11-vs2.3.0.34.14/fs/quota.c
8107 --- linux-2.6.25.11/fs/quota.c 2008-04-17 12:05:41.000000000 -0400
8108 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/quota.c 2008-04-21 09:21:04.000000000 -0400
8110 #include <linux/capability.h>
8111 #include <linux/quotaops.h>
8112 #include <linux/types.h>
8113 +#include <linux/vs_context.h>
8115 /* Check validity of generic quotactl commands */
8116 static int generic_quotactl_valid(struct super_block *sb, int type, int cmd, qid_t id)
8117 @@ -82,11 +83,11 @@ static int generic_quotactl_valid(struct
8118 if (cmd == Q_GETQUOTA) {
8119 if (((type == USRQUOTA && current->euid != id) ||
8120 (type == GRPQUOTA && !in_egroup_p(id))) &&
8121 - !capable(CAP_SYS_ADMIN))
8122 + !vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
8125 else if (cmd != Q_GETFMT && cmd != Q_SYNC && cmd != Q_GETINFO)
8126 - if (!capable(CAP_SYS_ADMIN))
8127 + if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
8131 @@ -133,10 +134,10 @@ static int xqm_quotactl_valid(struct sup
8132 if (cmd == Q_XGETQUOTA) {
8133 if (((type == XQM_USRQUOTA && current->euid != id) ||
8134 (type == XQM_GRPQUOTA && !in_egroup_p(id))) &&
8135 - !capable(CAP_SYS_ADMIN))
8136 + !vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
8138 } else if (cmd != Q_XGETQSTAT && cmd != Q_XQUOTASYNC) {
8139 - if (!capable(CAP_SYS_ADMIN))
8140 + if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
8144 @@ -329,6 +330,46 @@ static int do_quotactl(struct super_bloc
8148 +#if defined(CONFIG_BLK_DEV_VROOT) || defined(CONFIG_BLK_DEV_VROOT_MODULE)
8150 +#include <linux/vroot.h>
8151 +#include <linux/major.h>
8152 +#include <linux/module.h>
8153 +#include <linux/kallsyms.h>
8154 +#include <linux/vserver/debug.h>
8156 +static vroot_grb_func *vroot_get_real_bdev = NULL;
8158 +static spinlock_t vroot_grb_lock = SPIN_LOCK_UNLOCKED;
8160 +int register_vroot_grb(vroot_grb_func *func) {
8163 + spin_lock(&vroot_grb_lock);
8164 + if (!vroot_get_real_bdev) {
8165 + vroot_get_real_bdev = func;
8168 + spin_unlock(&vroot_grb_lock);
8171 +EXPORT_SYMBOL(register_vroot_grb);
8173 +int unregister_vroot_grb(vroot_grb_func *func) {
8174 + int ret = -EINVAL;
8176 + spin_lock(&vroot_grb_lock);
8177 + if (vroot_get_real_bdev) {
8178 + vroot_get_real_bdev = NULL;
8181 + spin_unlock(&vroot_grb_lock);
8184 +EXPORT_SYMBOL(unregister_vroot_grb);
8189 * look up a superblock on which quota ops will be performed
8190 * - use the name of a block device to find the superblock thereon
8191 @@ -346,6 +387,22 @@ static inline struct super_block *quotac
8194 return ERR_CAST(bdev);
8195 +#if defined(CONFIG_BLK_DEV_VROOT) || defined(CONFIG_BLK_DEV_VROOT_MODULE)
8196 + if (bdev && bdev->bd_inode &&
8197 + imajor(bdev->bd_inode) == VROOT_MAJOR) {
8198 + struct block_device *bdnew = (void *)-EINVAL;
8200 + if (vroot_get_real_bdev)
8201 + bdnew = vroot_get_real_bdev(bdev);
8203 + vxdprintk(VXD_CBIT(misc, 0),
8204 + "vroot_get_real_bdev not set");
8206 + if (IS_ERR(bdnew))
8207 + return ERR_PTR(PTR_ERR(bdnew));
8211 sb = get_super(bdev);
8214 diff -NurpP --minimal linux-2.6.25.11/fs/reiserfs/bitmap.c linux-2.6.25.11-vs2.3.0.34.14/fs/reiserfs/bitmap.c
8215 --- linux-2.6.25.11/fs/reiserfs/bitmap.c 2008-04-17 12:05:41.000000000 -0400
8216 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/reiserfs/bitmap.c 2008-04-19 15:14:52.000000000 -0400
8218 #include <linux/reiserfs_fs_sb.h>
8219 #include <linux/reiserfs_fs_i.h>
8220 #include <linux/quotaops.h>
8221 +#include <linux/vs_dlimit.h>
8223 #define PREALLOCATION_SIZE 9
8225 @@ -429,8 +430,10 @@ static void _reiserfs_free_block(struct
8226 set_sb_free_blocks(rs, sb_free_blocks(rs) + 1);
8228 journal_mark_dirty(th, s, sbh);
8229 - if (for_unformatted)
8230 + if (for_unformatted) {
8231 + DLIMIT_FREE_BLOCK(inode, 1);
8232 DQUOT_FREE_BLOCK_NODIRTY(inode, 1);
8236 void reiserfs_free_block(struct reiserfs_transaction_handle *th,
8237 @@ -1045,6 +1048,7 @@ static inline int blocknrs_and_prealloc_
8238 b_blocknr_t finish = SB_BLOCK_COUNT(s) - 1;
8240 int nr_allocated = 0;
8243 determine_prealloc_size(hint);
8244 if (!hint->formatted_node) {
8245 @@ -1054,19 +1058,30 @@ static inline int blocknrs_and_prealloc_
8246 "reiserquota: allocating %d blocks id=%u",
8247 amount_needed, hint->inode->i_uid);
8250 - DQUOT_ALLOC_BLOCK_NODIRTY(hint->inode, amount_needed);
8251 - if (quota_ret) /* Quota exceeded? */
8252 + quota_ret = DQUOT_ALLOC_BLOCK_NODIRTY(hint->inode,
8255 return QUOTA_EXCEEDED;
8256 + if (DLIMIT_ALLOC_BLOCK(hint->inode, amount_needed)) {
8257 + DQUOT_FREE_BLOCK_NODIRTY(hint->inode,
8259 + return NO_DISK_SPACE;
8262 if (hint->preallocate && hint->prealloc_size) {
8263 #ifdef REISERQUOTA_DEBUG
8264 reiserfs_debug(s, REISERFS_DEBUG_CODE,
8265 "reiserquota: allocating (prealloc) %d blocks id=%u",
8266 hint->prealloc_size, hint->inode->i_uid);
8269 - DQUOT_PREALLOC_BLOCK_NODIRTY(hint->inode,
8270 - hint->prealloc_size);
8271 + quota_ret = DQUOT_PREALLOC_BLOCK_NODIRTY(hint->inode,
8272 + hint->prealloc_size);
8274 + DLIMIT_ALLOC_BLOCK(hint->inode, hint->prealloc_size)) {
8275 + DQUOT_FREE_BLOCK_NODIRTY(hint->inode,
8276 + hint->prealloc_size);
8280 hint->preallocate = hint->prealloc_size = 0;
8282 @@ -1098,7 +1113,10 @@ static inline int blocknrs_and_prealloc_
8284 hint->inode->i_uid);
8286 - DQUOT_FREE_BLOCK_NODIRTY(hint->inode, amount_needed + hint->prealloc_size - nr_allocated); /* Free not allocated blocks */
8287 + /* Free not allocated blocks */
8288 + blocks = amount_needed + hint->prealloc_size - nr_allocated;
8289 + DLIMIT_FREE_BLOCK(hint->inode, blocks);
8290 + DQUOT_FREE_BLOCK_NODIRTY(hint->inode, blocks);
8292 while (nr_allocated--)
8293 reiserfs_free_block(hint->th, hint->inode,
8294 @@ -1129,10 +1147,10 @@ static inline int blocknrs_and_prealloc_
8295 REISERFS_I(hint->inode)->i_prealloc_count,
8296 hint->inode->i_uid);
8298 - DQUOT_FREE_BLOCK_NODIRTY(hint->inode, amount_needed +
8299 - hint->prealloc_size - nr_allocated -
8300 - REISERFS_I(hint->inode)->
8301 - i_prealloc_count);
8302 + blocks = amount_needed + hint->prealloc_size - nr_allocated -
8303 + REISERFS_I(hint->inode)->i_prealloc_count;
8304 + DLIMIT_FREE_BLOCK(hint->inode, blocks);
8305 + DQUOT_FREE_BLOCK_NODIRTY(hint->inode, blocks);
8309 diff -NurpP --minimal linux-2.6.25.11/fs/reiserfs/file.c linux-2.6.25.11-vs2.3.0.34.14/fs/reiserfs/file.c
8310 --- linux-2.6.25.11/fs/reiserfs/file.c 2008-04-17 11:31:38.000000000 -0400
8311 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/reiserfs/file.c 2008-04-19 15:14:52.000000000 -0400
8312 @@ -306,4 +306,5 @@ const struct inode_operations reiserfs_f
8313 .listxattr = reiserfs_listxattr,
8314 .removexattr = reiserfs_removexattr,
8315 .permission = reiserfs_permission,
8316 + .sync_flags = reiserfs_sync_flags,
8318 diff -NurpP --minimal linux-2.6.25.11/fs/reiserfs/inode.c linux-2.6.25.11-vs2.3.0.34.14/fs/reiserfs/inode.c
8319 --- linux-2.6.25.11/fs/reiserfs/inode.c 2008-04-17 12:05:41.000000000 -0400
8320 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/reiserfs/inode.c 2008-07-08 05:17:07.000000000 -0400
8322 #include <linux/writeback.h>
8323 #include <linux/quotaops.h>
8324 #include <linux/swap.h>
8325 +#include <linux/vs_dlimit.h>
8326 +#include <linux/vs_tag.h>
8328 int reiserfs_commit_write(struct file *f, struct page *page,
8329 unsigned from, unsigned to);
8330 @@ -52,6 +54,7 @@ void reiserfs_delete_inode(struct inode
8331 * stat data deletion */
8333 DQUOT_FREE_INODE(inode);
8334 + DLIMIT_FREE_INODE(inode);
8336 if (journal_end(&th, inode->i_sb, jbegin_count))
8338 @@ -1114,6 +1117,8 @@ static void init_inode(struct inode *ino
8339 struct buffer_head *bh;
8340 struct item_head *ih;
8344 //int version = ITEM_VERSION_1;
8346 bh = PATH_PLAST_BUFFER(path);
8347 @@ -1137,12 +1142,13 @@ static void init_inode(struct inode *ino
8348 (struct stat_data_v1 *)B_I_PITEM(bh, ih);
8349 unsigned long blocks;
8351 + uid = sd_v1_uid(sd);
8352 + gid = sd_v1_gid(sd);
8354 set_inode_item_key_version(inode, KEY_FORMAT_3_5);
8355 set_inode_sd_version(inode, STAT_DATA_V1);
8356 inode->i_mode = sd_v1_mode(sd);
8357 inode->i_nlink = sd_v1_nlink(sd);
8358 - inode->i_uid = sd_v1_uid(sd);
8359 - inode->i_gid = sd_v1_gid(sd);
8360 inode->i_size = sd_v1_size(sd);
8361 inode->i_atime.tv_sec = sd_v1_atime(sd);
8362 inode->i_mtime.tv_sec = sd_v1_mtime(sd);
8363 @@ -1184,11 +1190,12 @@ static void init_inode(struct inode *ino
8364 // (directories and symlinks)
8365 struct stat_data *sd = (struct stat_data *)B_I_PITEM(bh, ih);
8367 + uid = sd_v2_uid(sd);
8368 + gid = sd_v2_gid(sd);
8370 inode->i_mode = sd_v2_mode(sd);
8371 inode->i_nlink = sd_v2_nlink(sd);
8372 - inode->i_uid = sd_v2_uid(sd);
8373 inode->i_size = sd_v2_size(sd);
8374 - inode->i_gid = sd_v2_gid(sd);
8375 inode->i_mtime.tv_sec = sd_v2_mtime(sd);
8376 inode->i_atime.tv_sec = sd_v2_atime(sd);
8377 inode->i_ctime.tv_sec = sd_v2_ctime(sd);
8378 @@ -1218,6 +1225,10 @@ static void init_inode(struct inode *ino
8379 sd_attrs_to_i_attrs(sd_v2_attrs(sd), inode);
8382 + inode->i_uid = INOTAG_UID(DX_TAG(inode), uid, gid);
8383 + inode->i_gid = INOTAG_GID(DX_TAG(inode), uid, gid);
8384 + inode->i_tag = INOTAG_TAG(DX_TAG(inode), uid, gid, 0);
8387 if (S_ISREG(inode->i_mode)) {
8388 inode->i_op = &reiserfs_file_inode_operations;
8389 @@ -1240,13 +1251,15 @@ static void init_inode(struct inode *ino
8390 static void inode2sd(void *sd, struct inode *inode, loff_t size)
8392 struct stat_data *sd_v2 = (struct stat_data *)sd;
8393 + uid_t uid = TAGINO_UID(DX_TAG(inode), inode->i_uid, inode->i_tag);
8394 + gid_t gid = TAGINO_GID(DX_TAG(inode), inode->i_gid, inode->i_tag);
8397 + set_sd_v2_uid(sd_v2, uid);
8398 + set_sd_v2_gid(sd_v2, gid);
8399 set_sd_v2_mode(sd_v2, inode->i_mode);
8400 set_sd_v2_nlink(sd_v2, inode->i_nlink);
8401 - set_sd_v2_uid(sd_v2, inode->i_uid);
8402 set_sd_v2_size(sd_v2, size);
8403 - set_sd_v2_gid(sd_v2, inode->i_gid);
8404 set_sd_v2_mtime(sd_v2, inode->i_mtime.tv_sec);
8405 set_sd_v2_atime(sd_v2, inode->i_atime.tv_sec);
8406 set_sd_v2_ctime(sd_v2, inode->i_ctime.tv_sec);
8407 @@ -1769,6 +1782,10 @@ int reiserfs_new_inode(struct reiserfs_t
8409 BUG_ON(!th->t_trans_id);
8411 + if (DLIMIT_ALLOC_INODE(inode)) {
8413 + goto out_bad_dlimit;
8415 if (DQUOT_ALLOC_INODE(inode)) {
8418 @@ -1954,6 +1971,9 @@ int reiserfs_new_inode(struct reiserfs_t
8419 DQUOT_FREE_INODE(inode);
8422 + DLIMIT_FREE_INODE(inode);
8425 journal_end(th, th->t_super, th->t_blocks_allocated);
8426 /* Drop can be outside and it needs more credits so it's better to have it outside */
8428 @@ -2840,14 +2860,19 @@ int reiserfs_commit_write(struct file *f
8429 void sd_attrs_to_i_attrs(__u16 sd_attrs, struct inode *inode)
8431 if (reiserfs_attrs(inode->i_sb)) {
8432 - if (sd_attrs & REISERFS_SYNC_FL)
8433 - inode->i_flags |= S_SYNC;
8435 - inode->i_flags &= ~S_SYNC;
8436 if (sd_attrs & REISERFS_IMMUTABLE_FL)
8437 inode->i_flags |= S_IMMUTABLE;
8439 inode->i_flags &= ~S_IMMUTABLE;
8440 + if (sd_attrs & REISERFS_IXUNLINK_FL)
8441 + inode->i_flags |= S_IXUNLINK;
8443 + inode->i_flags &= ~S_IXUNLINK;
8445 + if (sd_attrs & REISERFS_SYNC_FL)
8446 + inode->i_flags |= S_SYNC;
8448 + inode->i_flags &= ~S_SYNC;
8449 if (sd_attrs & REISERFS_APPEND_FL)
8450 inode->i_flags |= S_APPEND;
8452 @@ -2860,6 +2885,15 @@ void sd_attrs_to_i_attrs(__u16 sd_attrs,
8453 REISERFS_I(inode)->i_flags |= i_nopack_mask;
8455 REISERFS_I(inode)->i_flags &= ~i_nopack_mask;
8457 + if (sd_attrs & REISERFS_BARRIER_FL)
8458 + inode->i_vflags |= V_BARRIER;
8460 + inode->i_vflags &= ~V_BARRIER;
8461 + if (sd_attrs & REISERFS_COW_FL)
8462 + inode->i_vflags |= V_COW;
8464 + inode->i_vflags &= ~V_COW;
8468 @@ -2870,6 +2904,11 @@ void i_attrs_to_sd_attrs(struct inode *i
8469 *sd_attrs |= REISERFS_IMMUTABLE_FL;
8471 *sd_attrs &= ~REISERFS_IMMUTABLE_FL;
8472 + if (inode->i_flags & S_IXUNLINK)
8473 + *sd_attrs |= REISERFS_IXUNLINK_FL;
8475 + *sd_attrs &= ~REISERFS_IXUNLINK_FL;
8477 if (inode->i_flags & S_SYNC)
8478 *sd_attrs |= REISERFS_SYNC_FL;
8480 @@ -2882,6 +2921,15 @@ void i_attrs_to_sd_attrs(struct inode *i
8481 *sd_attrs |= REISERFS_NOTAIL_FL;
8483 *sd_attrs &= ~REISERFS_NOTAIL_FL;
8485 + if (inode->i_vflags & V_BARRIER)
8486 + *sd_attrs |= REISERFS_BARRIER_FL;
8488 + *sd_attrs &= ~REISERFS_BARRIER_FL;
8489 + if (inode->i_vflags & V_COW)
8490 + *sd_attrs |= REISERFS_COW_FL;
8492 + *sd_attrs &= ~REISERFS_COW_FL;
8496 @@ -3049,6 +3097,22 @@ static ssize_t reiserfs_direct_IO(int rw
8497 reiserfs_get_blocks_direct_io, NULL);
8500 +int reiserfs_sync_flags(struct inode *inode)
8502 + u16 oldflags, newflags;
8504 + oldflags = REISERFS_I(inode)->i_attrs;
8505 + newflags = oldflags;
8506 + i_attrs_to_sd_attrs(inode, &newflags);
8508 + if (oldflags ^ newflags) {
8509 + REISERFS_I(inode)->i_attrs = newflags;
8510 + inode->i_ctime = CURRENT_TIME_SEC;
8511 + mark_inode_dirty(inode);
8516 int reiserfs_setattr(struct dentry *dentry, struct iattr *attr)
8518 struct inode *inode = dentry->d_inode;
8519 @@ -3102,9 +3166,11 @@ int reiserfs_setattr(struct dentry *dent
8522 error = inode_change_ok(inode, attr);
8525 if ((ia_valid & ATTR_UID && attr->ia_uid != inode->i_uid) ||
8526 - (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid)) {
8527 + (ia_valid & ATTR_GID && attr->ia_gid != inode->i_gid) ||
8528 + (ia_valid & ATTR_TAG && attr->ia_tag != inode->i_tag)) {
8529 error = reiserfs_chown_xattrs(inode, attr);
8532 @@ -3134,6 +3200,9 @@ int reiserfs_setattr(struct dentry *dent
8533 inode->i_uid = attr->ia_uid;
8534 if (attr->ia_valid & ATTR_GID)
8535 inode->i_gid = attr->ia_gid;
8536 + if ((attr->ia_valid & ATTR_TAG) &&
8538 + inode->i_tag = attr->ia_tag;
8539 mark_inode_dirty(inode);
8541 journal_end(&th, inode->i_sb, jbegin_count);
8542 diff -NurpP --minimal linux-2.6.25.11/fs/reiserfs/ioctl.c linux-2.6.25.11-vs2.3.0.34.14/fs/reiserfs/ioctl.c
8543 --- linux-2.6.25.11/fs/reiserfs/ioctl.c 2008-07-15 22:05:17.000000000 -0400
8544 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/reiserfs/ioctl.c 2008-07-11 02:52:05.000000000 -0400
8546 #include <linux/fs.h>
8547 #include <linux/reiserfs_fs.h>
8548 #include <linux/time.h>
8549 +#include <linux/mount.h>
8550 #include <asm/uaccess.h>
8551 #include <linux/pagemap.h>
8552 #include <linux/smp_lock.h>
8554 int reiserfs_ioctl(struct inode *inode, struct file *filp, unsigned int cmd,
8557 - unsigned int flags;
8558 + unsigned int flags, oldflags;
8561 case REISERFS_IOC_UNPACK:
8562 @@ -41,12 +42,14 @@ int reiserfs_ioctl(struct inode *inode,
8564 flags = REISERFS_I(inode)->i_attrs;
8565 i_attrs_to_sd_attrs(inode, (__u16 *) & flags);
8566 + flags &= REISERFS_FL_USER_VISIBLE;
8567 return put_user(flags, (int __user *)arg);
8568 case REISERFS_IOC_SETFLAGS:{
8569 if (!reiserfs_attrs(inode->i_sb))
8572 - if (IS_RDONLY(inode))
8573 + if (IS_RDONLY(inode) ||
8574 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
8577 if (!is_owner_or_cap(inode))
8578 @@ -55,6 +58,11 @@ int reiserfs_ioctl(struct inode *inode,
8579 if (get_user(flags, (int __user *)arg))
8582 + if (IS_BARRIER(inode)) {
8583 + vxwprintk_task(1, "messing with the barrier.");
8587 /* Is it quota file? Do not allow user to mess with it. */
8588 if (IS_NOQUOTA(inode))
8590 @@ -72,6 +80,10 @@ int reiserfs_ioctl(struct inode *inode,
8595 + oldflags = REISERFS_I(inode)->i_attrs;
8596 + flags = flags & REISERFS_FL_USER_MODIFIABLE;
8597 + flags |= oldflags & ~REISERFS_FL_USER_MODIFIABLE;
8598 sd_attrs_to_i_attrs(flags, inode);
8599 REISERFS_I(inode)->i_attrs = flags;
8600 inode->i_ctime = CURRENT_TIME_SEC;
8601 @@ -83,7 +95,8 @@ int reiserfs_ioctl(struct inode *inode,
8602 case REISERFS_IOC_SETVERSION:
8603 if (!is_owner_or_cap(inode))
8605 - if (IS_RDONLY(inode))
8606 + if (IS_RDONLY(inode) ||
8607 + (filp && MNT_IS_RDONLY(filp->f_vfsmnt)))
8609 if (get_user(inode->i_generation, (int __user *)arg))
8611 diff -NurpP --minimal linux-2.6.25.11/fs/reiserfs/namei.c linux-2.6.25.11-vs2.3.0.34.14/fs/reiserfs/namei.c
8612 --- linux-2.6.25.11/fs/reiserfs/namei.c 2008-04-17 12:05:41.000000000 -0400
8613 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/reiserfs/namei.c 2008-04-19 15:14:52.000000000 -0400
8615 #include <linux/reiserfs_acl.h>
8616 #include <linux/reiserfs_xattr.h>
8617 #include <linux/quotaops.h>
8618 +#include <linux/vs_tag.h>
8620 #define INC_DIR_INODE_NLINK(i) if (i->i_nlink != 1) { inc_nlink(i); if (i->i_nlink >= REISERFS_LINK_MAX) i->i_nlink=1; }
8621 #define DEC_DIR_INODE_NLINK(i) if (i->i_nlink != 1) drop_nlink(i);
8622 @@ -360,6 +361,7 @@ static struct dentry *reiserfs_lookup(st
8623 reiserfs_write_unlock(dir->i_sb);
8624 return ERR_PTR(-EACCES);
8626 + dx_propagate_tag(nd, inode);
8628 /* Propogate the priv_object flag so we know we're in the priv tree */
8629 if (is_reiserfs_priv_object(dir))
8630 @@ -595,6 +597,7 @@ static int new_inode_init(struct inode *
8632 inode->i_gid = current->fsgid;
8634 + inode->i_tag = dx_current_fstag(inode->i_sb);
8638 @@ -1541,6 +1544,7 @@ const struct inode_operations reiserfs_d
8639 .listxattr = reiserfs_listxattr,
8640 .removexattr = reiserfs_removexattr,
8641 .permission = reiserfs_permission,
8642 + .sync_flags = reiserfs_sync_flags,
8646 @@ -1557,6 +1561,7 @@ const struct inode_operations reiserfs_s
8647 .listxattr = reiserfs_listxattr,
8648 .removexattr = reiserfs_removexattr,
8649 .permission = reiserfs_permission,
8650 + .sync_flags = reiserfs_sync_flags,
8654 @@ -1570,5 +1575,6 @@ const struct inode_operations reiserfs_s
8655 .listxattr = reiserfs_listxattr,
8656 .removexattr = reiserfs_removexattr,
8657 .permission = reiserfs_permission,
8658 + .sync_flags = reiserfs_sync_flags,
8661 diff -NurpP --minimal linux-2.6.25.11/fs/reiserfs/stree.c linux-2.6.25.11-vs2.3.0.34.14/fs/reiserfs/stree.c
8662 --- linux-2.6.25.11/fs/reiserfs/stree.c 2008-04-17 11:31:38.000000000 -0400
8663 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/reiserfs/stree.c 2008-04-19 15:14:52.000000000 -0400
8665 #include <linux/reiserfs_fs.h>
8666 #include <linux/buffer_head.h>
8667 #include <linux/quotaops.h>
8668 +#include <linux/vs_dlimit.h>
8670 /* Does the buffer contain a disk block which is in the tree. */
8671 inline int B_IS_IN_TREE(const struct buffer_head *p_s_bh)
8672 @@ -1297,6 +1298,7 @@ int reiserfs_delete_item(struct reiserfs
8673 "reiserquota delete_item(): freeing %u, id=%u type=%c",
8674 quota_cut_bytes, p_s_inode->i_uid, head2type(&s_ih));
8676 + DLIMIT_FREE_SPACE(p_s_inode, quota_cut_bytes);
8677 DQUOT_FREE_SPACE_NODIRTY(p_s_inode, quota_cut_bytes);
8679 /* Return deleted body length */
8680 @@ -1385,6 +1387,7 @@ void reiserfs_delete_solid_item(struct r
8682 DQUOT_FREE_SPACE_NODIRTY(inode,
8684 + DLIMIT_FREE_SPACE(inode, quota_cut_bytes);
8688 @@ -1735,6 +1738,7 @@ int reiserfs_cut_from_item(struct reiser
8689 "reiserquota cut_from_item(): freeing %u id=%u type=%c",
8690 quota_cut_bytes, p_s_inode->i_uid, '?');
8692 + DLIMIT_FREE_SPACE(p_s_inode, quota_cut_bytes);
8693 DQUOT_FREE_SPACE_NODIRTY(p_s_inode, quota_cut_bytes);
8696 @@ -1976,6 +1980,11 @@ int reiserfs_paste_into_item(struct reis
8697 pathrelse(p_s_search_path);
8700 + if (DLIMIT_ALLOC_SPACE(inode, n_pasted_size)) {
8701 + DQUOT_FREE_SPACE_NODIRTY(inode, n_pasted_size);
8702 + pathrelse(p_s_search_path);
8705 init_tb_struct(th, &s_paste_balance, th->t_super, p_s_search_path,
8707 #ifdef DISPLACE_NEW_PACKING_LOCALITIES
8708 @@ -2028,6 +2037,7 @@ int reiserfs_paste_into_item(struct reis
8709 n_pasted_size, inode->i_uid,
8710 key2type(&(p_s_key->on_disk_key)));
8712 + DLIMIT_FREE_SPACE(inode, n_pasted_size);
8713 DQUOT_FREE_SPACE_NODIRTY(inode, n_pasted_size);
8716 @@ -2065,6 +2075,11 @@ int reiserfs_insert_item(struct reiserfs
8717 pathrelse(p_s_path);
8720 + if (DLIMIT_ALLOC_SPACE(inode, quota_bytes)) {
8721 + DQUOT_FREE_SPACE_NODIRTY(inode, quota_bytes);
8722 + pathrelse(p_s_path);
8726 init_tb_struct(th, &s_ins_balance, th->t_super, p_s_path,
8727 IH_SIZE + ih_item_len(p_s_ih));
8728 @@ -2112,7 +2127,9 @@ int reiserfs_insert_item(struct reiserfs
8729 "reiserquota insert_item(): freeing %u id=%u type=%c",
8730 quota_bytes, inode->i_uid, head2type(p_s_ih));
8734 + DLIMIT_FREE_SPACE(inode, quota_bytes);
8735 DQUOT_FREE_SPACE_NODIRTY(inode, quota_bytes);
8739 diff -NurpP --minimal linux-2.6.25.11/fs/reiserfs/super.c linux-2.6.25.11-vs2.3.0.34.14/fs/reiserfs/super.c
8740 --- linux-2.6.25.11/fs/reiserfs/super.c 2008-07-15 22:05:17.000000000 -0400
8741 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/reiserfs/super.c 2008-05-21 14:30:41.000000000 -0400
8742 @@ -896,6 +896,14 @@ static int reiserfs_parse_options(struct
8743 {"user_xattr",.setmask = 1 << REISERFS_UNSUPPORTED_OPT},
8744 {"nouser_xattr",.clrmask = 1 << REISERFS_UNSUPPORTED_OPT},
8746 +#ifndef CONFIG_TAGGING_NONE
8747 + {"tagxid",.setmask = 1 << REISERFS_TAGGED},
8748 + {"tag",.setmask = 1 << REISERFS_TAGGED},
8749 + {"notag",.clrmask = 1 << REISERFS_TAGGED},
8751 +#ifdef CONFIG_PROPAGATE
8752 + {"tag",.arg_required = 'T',.values = NULL},
8754 #ifdef CONFIG_REISERFS_FS_POSIX_ACL
8755 {"acl",.setmask = 1 << REISERFS_POSIXACL},
8756 {"noacl",.clrmask = 1 << REISERFS_POSIXACL},
8757 @@ -1159,6 +1167,12 @@ static int reiserfs_remount(struct super
8761 + if ((mount_options & (1 << REISERFS_TAGGED)) &&
8762 + !(s->s_flags & MS_TAGGED)) {
8763 + reiserfs_warning(s, "reiserfs: tagging not permitted on remount.");
8769 /* Add options that are safe here */
8770 @@ -1618,6 +1632,10 @@ static int reiserfs_fill_super(struct su
8774 + /* map mount option tagxid */
8775 + if (REISERFS_SB(s)->s_mount_opt & (1 << REISERFS_TAGGED))
8776 + s->s_flags |= MS_TAGGED;
8778 rs = SB_DISK_SUPER_BLOCK(s);
8779 /* Let's do basic sanity check to verify that underlying device is not
8780 smaller than the filesystem. If the check fails then abort and scream,
8781 diff -NurpP --minimal linux-2.6.25.11/fs/reiserfs/xattr.c linux-2.6.25.11-vs2.3.0.34.14/fs/reiserfs/xattr.c
8782 --- linux-2.6.25.11/fs/reiserfs/xattr.c 2008-04-17 12:05:41.000000000 -0400
8783 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/reiserfs/xattr.c 2008-04-19 15:14:52.000000000 -0400
8785 #include <linux/namei.h>
8786 #include <linux/errno.h>
8787 #include <linux/fs.h>
8788 +#include <linux/mount.h>
8789 #include <linux/file.h>
8790 #include <linux/pagemap.h>
8791 #include <linux/xattr.h>
8792 @@ -747,7 +748,7 @@ int reiserfs_delete_xattrs(struct inode
8793 if (dir->d_inode->i_nlink <= 2) {
8794 root = get_xa_root(inode->i_sb, XATTR_REPLACE);
8795 reiserfs_write_lock_xattrs(inode->i_sb);
8796 - err = vfs_rmdir(root->d_inode, dir);
8797 + err = vfs_rmdir(root->d_inode, dir, NULL);
8798 reiserfs_write_unlock_xattrs(inode->i_sb);
8801 diff -NurpP --minimal linux-2.6.25.11/fs/stat.c linux-2.6.25.11-vs2.3.0.34.14/fs/stat.c
8802 --- linux-2.6.25.11/fs/stat.c 2008-04-17 12:05:41.000000000 -0400
8803 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/stat.c 2008-04-19 15:14:52.000000000 -0400
8804 @@ -26,6 +26,7 @@ void generic_fillattr(struct inode *inod
8805 stat->nlink = inode->i_nlink;
8806 stat->uid = inode->i_uid;
8807 stat->gid = inode->i_gid;
8808 + stat->tag = inode->i_tag;
8809 stat->rdev = inode->i_rdev;
8810 stat->atime = inode->i_atime;
8811 stat->mtime = inode->i_mtime;
8812 diff -NurpP --minimal linux-2.6.25.11/fs/super.c linux-2.6.25.11-vs2.3.0.34.14/fs/super.c
8813 --- linux-2.6.25.11/fs/super.c 2008-04-17 12:05:41.000000000 -0400
8814 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/super.c 2008-04-19 15:14:52.000000000 -0400
8816 #include <linux/idr.h>
8817 #include <linux/kobject.h>
8818 #include <linux/mutex.h>
8819 +#include <linux/devpts_fs.h>
8820 +#include <linux/proc_fs.h>
8821 +#include <linux/vs_context.h>
8822 #include <asm/uaccess.h>
8825 @@ -859,12 +862,18 @@ struct vfsmount *
8826 vfs_kern_mount(struct file_system_type *type, int flags, const char *name, void *data)
8828 struct vfsmount *mnt;
8829 + struct super_block *sb;
8830 char *secdata = NULL;
8834 return ERR_PTR(-ENODEV);
8837 + if ((type->fs_flags & FS_BINARY_MOUNTDATA) &&
8838 + !vx_capable(CAP_SYS_ADMIN, VXC_BINARY_MOUNT))
8842 mnt = alloc_vfsmnt(name);
8844 @@ -885,7 +894,14 @@ vfs_kern_mount(struct file_system_type *
8845 goto out_free_secdata;
8846 BUG_ON(!mnt->mnt_sb);
8848 - error = security_sb_kern_mount(mnt->mnt_sb, secdata);
8851 + if (!vx_capable(CAP_SYS_ADMIN, VXC_BINARY_MOUNT) && !sb->s_bdev &&
8852 + (sb->s_magic != PROC_SUPER_MAGIC) &&
8853 + (sb->s_magic != DEVPTS_SUPER_MAGIC))
8856 + error = security_sb_kern_mount(sb, secdata);
8860 diff -NurpP --minimal linux-2.6.25.11/fs/sysfs/mount.c linux-2.6.25.11-vs2.3.0.34.14/fs/sysfs/mount.c
8861 --- linux-2.6.25.11/fs/sysfs/mount.c 2008-04-17 11:31:38.000000000 -0400
8862 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/sysfs/mount.c 2008-04-19 15:14:52.000000000 -0400
8867 -/* Random magic number */
8868 -#define SYSFS_MAGIC 0x62656572
8870 static struct vfsmount *sysfs_mount;
8871 struct super_block * sysfs_sb = NULL;
8872 @@ -46,7 +44,7 @@ static int sysfs_fill_super(struct super
8874 sb->s_blocksize = PAGE_CACHE_SIZE;
8875 sb->s_blocksize_bits = PAGE_CACHE_SHIFT;
8876 - sb->s_magic = SYSFS_MAGIC;
8877 + sb->s_magic = SYSFS_SUPER_MAGIC;
8878 sb->s_op = &sysfs_ops;
8879 sb->s_time_gran = 1;
8881 diff -NurpP --minimal linux-2.6.25.11/fs/utimes.c linux-2.6.25.11-vs2.3.0.34.14/fs/utimes.c
8882 --- linux-2.6.25.11/fs/utimes.c 2008-07-15 22:05:17.000000000 -0400
8883 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/utimes.c 2008-05-21 14:30:41.000000000 -0400
8885 #include <linux/stat.h>
8886 #include <linux/utime.h>
8887 #include <linux/syscalls.h>
8888 +#include <linux/mount.h>
8889 +#include <linux/vs_cowbl.h>
8890 #include <asm/uaccess.h>
8891 #include <asm/unistd.h>
8893 @@ -89,6 +91,9 @@ long do_utimes(int dfd, char __user *fil
8897 + error = cow_check_and_break(&nd);
8899 + goto dput_and_out;
8900 dentry = nd.path.dentry;
8903 diff -NurpP --minimal linux-2.6.25.11/fs/xattr.c linux-2.6.25.11-vs2.3.0.34.14/fs/xattr.c
8904 --- linux-2.6.25.11/fs/xattr.c 2008-04-17 12:05:41.000000000 -0400
8905 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/xattr.c 2008-04-21 13:52:50.000000000 -0400
8907 #include <linux/module.h>
8908 #include <linux/fsnotify.h>
8909 #include <linux/audit.h>
8910 +#include <linux/mount.h>
8911 #include <asm/uaccess.h>
8914 @@ -220,7 +221,7 @@ EXPORT_SYMBOL_GPL(vfs_removexattr);
8917 setxattr(struct dentry *d, char __user *name, void __user *value,
8918 - size_t size, int flags)
8919 + size_t size, int flags, struct vfsmount *mnt)
8922 void *kvalue = NULL;
8923 @@ -247,6 +248,9 @@ setxattr(struct dentry *d, char __user *
8927 + if (MNT_IS_RDONLY(mnt))
8930 error = vfs_setxattr(d, kname, kvalue, size, flags);
8933 @@ -262,7 +266,7 @@ sys_setxattr(char __user *path, char __u
8934 error = user_path_walk(path, &nd);
8937 - error = setxattr(nd.path.dentry, name, value, size, flags);
8938 + error = setxattr(nd.path.dentry, name, value, size, flags, nd.path.mnt);
8942 @@ -277,7 +281,7 @@ sys_lsetxattr(char __user *path, char __
8943 error = user_path_walk_link(path, &nd);
8946 - error = setxattr(nd.path.dentry, name, value, size, flags);
8947 + error = setxattr(nd.path.dentry, name, value, size, flags, nd.path.mnt);
8951 @@ -295,7 +299,7 @@ sys_fsetxattr(int fd, char __user *name,
8953 dentry = f->f_path.dentry;
8954 audit_inode(NULL, dentry);
8955 - error = setxattr(dentry, name, value, size, flags);
8956 + error = setxattr(dentry, name, value, size, flags, f->f_vfsmnt);
8960 @@ -459,7 +463,7 @@ sys_flistxattr(int fd, char __user *list
8961 * Extended attribute REMOVE operations
8964 -removexattr(struct dentry *d, char __user *name)
8965 +removexattr(struct dentry *d, char __user *name, struct vfsmount *mnt)
8968 char kname[XATTR_NAME_MAX + 1];
8969 @@ -470,6 +474,9 @@ removexattr(struct dentry *d, char __use
8973 + if (MNT_IS_RDONLY(mnt))
8976 return vfs_removexattr(d, kname);
8979 @@ -482,7 +489,7 @@ sys_removexattr(char __user *path, char
8980 error = user_path_walk(path, &nd);
8983 - error = removexattr(nd.path.dentry, name);
8984 + error = removexattr(nd.path.dentry, name, nd.path.mnt);
8988 @@ -496,7 +503,7 @@ sys_lremovexattr(char __user *path, char
8989 error = user_path_walk_link(path, &nd);
8992 - error = removexattr(nd.path.dentry, name);
8993 + error = removexattr(nd.path.dentry, name, nd.path.mnt);
8997 @@ -513,7 +520,7 @@ sys_fremovexattr(int fd, char __user *na
8999 dentry = f->f_path.dentry;
9000 audit_inode(NULL, dentry);
9001 - error = removexattr(dentry, name);
9002 + error = removexattr(dentry, name, f->f_vfsmnt);
9006 diff -NurpP --minimal linux-2.6.25.11/fs/xfs/linux-2.6/xfs_ioctl.c linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/linux-2.6/xfs_ioctl.c
9007 --- linux-2.6.25.11/fs/xfs/linux-2.6/xfs_ioctl.c 2008-04-17 12:05:41.000000000 -0400
9008 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/linux-2.6/xfs_ioctl.c 2008-07-11 02:57:05.000000000 -0400
9009 @@ -770,9 +770,13 @@ xfs_ioctl(
9010 return xfs_ioc_fsgetxattr(ip, 0, arg);
9011 case XFS_IOC_FSGETXATTRA:
9012 return xfs_ioc_fsgetxattr(ip, 1, arg);
9013 - case XFS_IOC_GETXFLAGS:
9014 case XFS_IOC_SETXFLAGS:
9015 case XFS_IOC_FSSETXATTR:
9016 + if (IS_BARRIER(inode)) {
9017 + vxwprintk_task(1, "messing with the barrier.");
9018 + return -XFS_ERROR(EACCES);
9020 + case XFS_IOC_GETXFLAGS:
9021 return xfs_ioc_xattr(ip, filp, cmd, arg);
9023 case XFS_IOC_FSSETDM: {
9024 @@ -1125,12 +1129,16 @@ xfs_merge_ioc_xflags(
9028 - __uint16_t di_flags)
9029 + __uint16_t di_flags,
9030 + __uint16_t di_vflags)
9032 unsigned int flags = 0;
9034 if (di_flags & XFS_DIFLAG_IMMUTABLE)
9035 flags |= FS_IMMUTABLE_FL;
9036 + if (di_flags & XFS_DIFLAG_IXUNLINK)
9037 + flags |= FS_IXUNLINK_FL;
9039 if (di_flags & XFS_DIFLAG_APPEND)
9040 flags |= FS_APPEND_FL;
9041 if (di_flags & XFS_DIFLAG_SYNC)
9042 @@ -1139,6 +1147,11 @@ xfs_di2lxflags(
9043 flags |= FS_NOATIME_FL;
9044 if (di_flags & XFS_DIFLAG_NODUMP)
9045 flags |= FS_NODUMP_FL;
9047 + if (di_vflags & XFS_DIVFLAG_BARRIER)
9048 + flags |= FS_BARRIER_FL;
9049 + if (di_vflags & XFS_DIVFLAG_COW)
9050 + flags |= FS_COW_FL;
9054 @@ -1219,7 +1232,7 @@ xfs_ioc_xattr(
9057 case XFS_IOC_GETXFLAGS: {
9058 - flags = xfs_di2lxflags(ip->i_d.di_flags);
9059 + flags = xfs_di2lxflags(ip->i_d.di_flags, ip->i_d.di_vflags);
9060 if (copy_to_user(arg, &flags, sizeof(flags)))
9063 diff -NurpP --minimal linux-2.6.25.11/fs/xfs/linux-2.6/xfs_iops.c linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/linux-2.6/xfs_iops.c
9064 --- linux-2.6.25.11/fs/xfs/linux-2.6/xfs_iops.c 2008-04-17 12:05:41.000000000 -0400
9065 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/linux-2.6/xfs_iops.c 2008-07-10 23:30:31.000000000 -0400
9067 #include <linux/namei.h>
9068 #include <linux/security.h>
9069 #include <linux/falloc.h>
9070 +#include <linux/vs_tag.h>
9073 * Bring the atime in the XFS inode uptodate.
9074 @@ -391,6 +392,7 @@ xfs_vn_lookup(
9075 d_add(dentry, NULL);
9078 + dx_propagate_tag(nd, vn_to_inode(cvp));
9080 return d_splice_alias(vn_to_inode(cvp), dentry);
9082 @@ -655,6 +657,10 @@ xfs_vn_setattr(
9086 + error = inode_change_ok(inode, attr);
9090 if (ia_valid & ATTR_UID) {
9091 vattr.va_mask |= XFS_AT_UID;
9092 vattr.va_uid = attr->ia_uid;
9093 @@ -663,6 +669,10 @@ xfs_vn_setattr(
9094 vattr.va_mask |= XFS_AT_GID;
9095 vattr.va_gid = attr->ia_gid;
9097 + if ((ia_valid & ATTR_TAG) && IS_TAGGED(inode)) {
9098 + vattr.va_mask |= XFS_AT_TAG;
9099 + vattr.va_tag = attr->ia_tag;
9101 if (ia_valid & ATTR_SIZE) {
9102 vattr.va_mask |= XFS_AT_SIZE;
9103 vattr.va_size = attr->ia_size;
9104 @@ -708,6 +718,45 @@ xfs_vn_truncate(
9108 +xfs_vn_sync_flags(struct inode *inode)
9110 + unsigned int oldflags, newflags;
9113 + bhv_vattr_t vattr;
9114 + bhv_vnode_t *vp = vn_from_inode(inode);
9116 + memset(&vattr, 0, sizeof vattr);
9118 + vattr.va_mask = XFS_AT_XFLAGS;
9119 + error = xfs_getattr(XFS_I(inode), &vattr, 0);
9123 + oldflags = vattr.va_xflags;
9124 + newflags = oldflags & ~(XFS_XFLAG_IMMUTABLE | XFS_XFLAG_IXUNLINK
9125 + | XFS_XFLAG_BARRIER | XFS_XFLAG_COW);
9127 + if (IS_IMMUTABLE(inode))
9128 + newflags |= XFS_XFLAG_IMMUTABLE;
9129 + if (IS_IXUNLINK(inode))
9130 + newflags |= XFS_XFLAG_IXUNLINK;
9132 + if (IS_BARRIER(inode))
9133 + newflags |= XFS_XFLAG_BARRIER;
9134 + if (IS_COW(inode))
9135 + newflags |= XFS_XFLAG_COW;
9137 + if (oldflags ^ newflags) {
9138 + vattr.va_xflags = newflags;
9139 + vattr.va_mask |= XFS_AT_XFLAGS;
9140 + error = xfs_setattr(XFS_I(inode), &vattr, flags, NULL);
9142 + vn_revalidate(vp);
9148 struct dentry *dentry,
9150 @@ -862,6 +911,7 @@ const struct inode_operations xfs_inode_
9151 .listxattr = xfs_vn_listxattr,
9152 .removexattr = xfs_vn_removexattr,
9153 .fallocate = xfs_vn_fallocate,
9154 + .sync_flags = xfs_vn_sync_flags,
9157 const struct inode_operations xfs_dir_inode_operations = {
9158 @@ -881,6 +931,7 @@ const struct inode_operations xfs_dir_in
9159 .getxattr = xfs_vn_getxattr,
9160 .listxattr = xfs_vn_listxattr,
9161 .removexattr = xfs_vn_removexattr,
9162 + .sync_flags = xfs_vn_sync_flags,
9165 const struct inode_operations xfs_symlink_inode_operations = {
9166 @@ -894,4 +945,5 @@ const struct inode_operations xfs_symlin
9167 .getxattr = xfs_vn_getxattr,
9168 .listxattr = xfs_vn_listxattr,
9169 .removexattr = xfs_vn_removexattr,
9170 + .sync_flags = xfs_vn_sync_flags,
9172 diff -NurpP --minimal linux-2.6.25.11/fs/xfs/linux-2.6/xfs_linux.h linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/linux-2.6/xfs_linux.h
9173 --- linux-2.6.25.11/fs/xfs/linux-2.6/xfs_linux.h 2008-04-17 12:05:41.000000000 -0400
9174 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/linux-2.6/xfs_linux.h 2008-04-19 15:14:52.000000000 -0400
9176 #define current_pid() (current->pid)
9177 #define current_fsuid(cred) (current->fsuid)
9178 #define current_fsgid(cred) (current->fsgid)
9179 +#define current_fstag(cred,vp) (dx_current_fstag(vn_to_inode(vp)->i_sb))
9180 #define current_test_flags(f) (current->flags & (f))
9181 #define current_set_flags_nested(sp, f) \
9182 (*(sp) = current->flags, current->flags |= (f))
9183 diff -NurpP --minimal linux-2.6.25.11/fs/xfs/linux-2.6/xfs_super.c linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/linux-2.6/xfs_super.c
9184 --- linux-2.6.25.11/fs/xfs/linux-2.6/xfs_super.c 2008-04-17 12:05:41.000000000 -0400
9185 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/linux-2.6/xfs_super.c 2008-07-11 00:48:43.000000000 -0400
9186 @@ -137,6 +137,9 @@ xfs_args_allocate(
9187 #define MNTOPT_DMAPI "dmapi" /* DMI enabled (DMAPI / XDSM) */
9188 #define MNTOPT_XDSM "xdsm" /* DMI enabled (DMAPI / XDSM) */
9189 #define MNTOPT_DMI "dmi" /* DMI enabled (DMAPI / XDSM) */
9190 +#define MNTOPT_TAGXID "tagxid" /* context tagging for inodes */
9191 +#define MNTOPT_TAGGED "tag" /* context tagging for inodes */
9192 +#define MNTOPT_NOTAGTAG "notag" /* do not use context tagging */
9194 STATIC unsigned long
9195 suffix_strtoul(char *s, char **endp, unsigned int base)
9196 @@ -355,6 +358,19 @@ xfs_parseargs(
9197 } else if (!strcmp(this_char, "irixsgid")) {
9199 "XFS: irixsgid is now a sysctl(2) variable, option is deprecated.");
9200 +#ifndef CONFIG_TAGGING_NONE
9201 + } else if (!strcmp(this_char, MNTOPT_TAGGED)) {
9202 + args->flags2 |= XFSMNT2_TAGGED;
9203 + } else if (!strcmp(this_char, MNTOPT_NOTAGTAG)) {
9204 + args->flags2 &= ~XFSMNT2_TAGGED;
9205 + } else if (!strcmp(this_char, MNTOPT_TAGXID)) {
9206 + args->flags2 |= XFSMNT2_TAGGED;
9208 +#ifdef CONFIG_PROPAGATE
9209 + } else if (!strcmp(this_char, MNTOPT_TAGGED)) {
9211 + args->flags2 |= XFSMNT2_TAGGED;
9215 "XFS: unknown mount option [%s].", this_char);
9216 @@ -591,6 +607,7 @@ xfs_revalidate_inode(
9217 inode->i_nlink = ip->i_d.di_nlink;
9218 inode->i_uid = ip->i_d.di_uid;
9219 inode->i_gid = ip->i_d.di_gid;
9220 + inode->i_tag = ip->i_d.di_tag;
9222 switch (inode->i_mode & S_IFMT) {
9224 @@ -612,10 +629,16 @@ xfs_revalidate_inode(
9225 inode->i_mtime.tv_nsec = ip->i_d.di_mtime.t_nsec;
9226 inode->i_ctime.tv_sec = ip->i_d.di_ctime.t_sec;
9227 inode->i_ctime.tv_nsec = ip->i_d.di_ctime.t_nsec;
9229 if (ip->i_d.di_flags & XFS_DIFLAG_IMMUTABLE)
9230 inode->i_flags |= S_IMMUTABLE;
9232 inode->i_flags &= ~S_IMMUTABLE;
9233 + if (ip->i_d.di_flags & XFS_DIFLAG_IXUNLINK)
9234 + inode->i_flags |= S_IXUNLINK;
9236 + inode->i_flags &= ~S_IXUNLINK;
9238 if (ip->i_d.di_flags & XFS_DIFLAG_APPEND)
9239 inode->i_flags |= S_APPEND;
9241 @@ -628,6 +651,16 @@ xfs_revalidate_inode(
9242 inode->i_flags |= S_NOATIME;
9244 inode->i_flags &= ~S_NOATIME;
9246 + if (ip->i_d.di_vflags & XFS_DIVFLAG_BARRIER)
9247 + inode->i_vflags |= V_BARRIER;
9249 + inode->i_vflags &= ~V_BARRIER;
9250 + if (ip->i_d.di_vflags & XFS_DIVFLAG_COW)
9251 + inode->i_vflags |= V_COW;
9253 + inode->i_vflags &= ~V_COW;
9255 xfs_iflags_clear(ip, XFS_IMODIFIED);
9258 @@ -1220,6 +1253,12 @@ xfs_fs_remount(
9261 error = xfs_parseargs(mp, options, args, 1);
9262 + if ((args->flags2 & XFSMNT2_TAGGED) &&
9263 + !(sb->s_flags & MS_TAGGED)) {
9264 + printk("XFS: %s: tagging not permitted on remount.\n",
9269 error = xfs_mntupdate(mp, flags, args);
9270 kmem_free(args, sizeof(*args));
9271 @@ -1336,6 +1375,9 @@ xfs_fs_fill_super(
9275 + if (mp->m_flags & XFS_MOUNT_TAGGED)
9276 + sb->s_flags |= MS_TAGGED;
9279 sb->s_magic = XFS_SB_MAGIC;
9280 sb->s_blocksize = mp->m_sb.sb_blocksize;
9281 diff -NurpP --minimal linux-2.6.25.11/fs/xfs/linux-2.6/xfs_vnode.c linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/linux-2.6/xfs_vnode.c
9282 --- linux-2.6.25.11/fs/xfs/linux-2.6/xfs_vnode.c 2008-04-17 12:05:41.000000000 -0400
9283 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/linux-2.6/xfs_vnode.c 2008-07-08 16:54:48.000000000 -0400
9284 @@ -105,6 +105,7 @@ vn_revalidate(
9285 inode->i_mode = ip->i_d.di_mode;
9286 inode->i_uid = ip->i_d.di_uid;
9287 inode->i_gid = ip->i_d.di_gid;
9288 + inode->i_tag = ip->i_d.di_tag;
9289 inode->i_mtime.tv_sec = ip->i_d.di_mtime.t_sec;
9290 inode->i_mtime.tv_nsec = ip->i_d.di_mtime.t_nsec;
9291 inode->i_ctime.tv_sec = ip->i_d.di_ctime.t_sec;
9292 @@ -115,6 +116,10 @@ vn_revalidate(
9293 inode->i_flags |= S_IMMUTABLE;
9295 inode->i_flags &= ~S_IMMUTABLE;
9296 + if (xflags & XFS_XFLAG_IXUNLINK)
9297 + inode->i_flags |= S_IXUNLINK;
9299 + inode->i_flags &= ~S_IXUNLINK;
9300 if (xflags & XFS_XFLAG_APPEND)
9301 inode->i_flags |= S_APPEND;
9303 @@ -127,6 +132,15 @@ vn_revalidate(
9304 inode->i_flags |= S_NOATIME;
9306 inode->i_flags &= ~S_NOATIME;
9308 + if (xflags & XFS_XFLAG_BARRIER)
9309 + inode->i_vflags |= V_BARRIER;
9311 + inode->i_vflags &= ~V_BARRIER;
9312 + if (xflags & XFS_XFLAG_COW)
9313 + inode->i_vflags |= V_COW;
9315 + inode->i_vflags &= ~V_COW;
9316 xfs_iunlock(ip, XFS_ILOCK_SHARED);
9318 xfs_iflags_clear(ip, XFS_IMODIFIED);
9319 diff -NurpP --minimal linux-2.6.25.11/fs/xfs/linux-2.6/xfs_vnode.h linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/linux-2.6/xfs_vnode.h
9320 --- linux-2.6.25.11/fs/xfs/linux-2.6/xfs_vnode.h 2008-04-17 12:05:41.000000000 -0400
9321 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/linux-2.6/xfs_vnode.h 2008-04-19 15:14:52.000000000 -0400
9322 @@ -99,6 +99,7 @@ typedef struct bhv_vattr {
9323 xfs_nlink_t va_nlink; /* number of references to file */
9324 uid_t va_uid; /* owner user id */
9325 gid_t va_gid; /* owner group id */
9326 + tag_t va_tag; /* owner group id */
9327 xfs_ino_t va_nodeid; /* file id */
9328 xfs_off_t va_size; /* file size in bytes */
9329 u_long va_blocksize; /* blocksize preferred for i/o */
9330 @@ -147,13 +148,15 @@ typedef struct bhv_vattr {
9331 #define XFS_AT_PROJID 0x04000000
9332 #define XFS_AT_SIZE_NOPERM 0x08000000
9333 #define XFS_AT_GENCOUNT 0x10000000
9334 +#define XFS_AT_TAG 0x20000000
9336 #define XFS_AT_ALL (XFS_AT_TYPE|XFS_AT_MODE|XFS_AT_UID|XFS_AT_GID|\
9337 XFS_AT_FSID|XFS_AT_NODEID|XFS_AT_NLINK|XFS_AT_SIZE|\
9338 XFS_AT_ATIME|XFS_AT_MTIME|XFS_AT_CTIME|XFS_AT_RDEV|\
9339 XFS_AT_BLKSIZE|XFS_AT_NBLOCKS|XFS_AT_VCODE|XFS_AT_MAC|\
9340 XFS_AT_ACL|XFS_AT_CAP|XFS_AT_INF|XFS_AT_XFLAGS|XFS_AT_EXTSIZE|\
9341 - XFS_AT_NEXTENTS|XFS_AT_ANEXTENTS|XFS_AT_PROJID|XFS_AT_GENCOUNT)
9342 + XFS_AT_NEXTENTS|XFS_AT_ANEXTENTS|XFS_AT_PROJID|XFS_AT_GENCOUNT\
9345 #define XFS_AT_STAT (XFS_AT_TYPE|XFS_AT_MODE|XFS_AT_UID|XFS_AT_GID|\
9346 XFS_AT_FSID|XFS_AT_NODEID|XFS_AT_NLINK|XFS_AT_SIZE|\
9347 diff -NurpP --minimal linux-2.6.25.11/fs/xfs/quota/xfs_qm_syscalls.c linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/quota/xfs_qm_syscalls.c
9348 --- linux-2.6.25.11/fs/xfs/quota/xfs_qm_syscalls.c 2008-04-17 12:05:42.000000000 -0400
9349 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/quota/xfs_qm_syscalls.c 2008-04-19 15:14:52.000000000 -0400
9353 #include <linux/capability.h>
9354 +#include <linux/vs_context.h>
9358 @@ -205,7 +206,7 @@ xfs_qm_scall_quotaoff(
9359 xfs_qoff_logitem_t *qoffstart;
9362 - if (!force && !capable(CAP_SYS_ADMIN))
9363 + if (!force && !vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
9364 return XFS_ERROR(EPERM);
9366 * No file system can have quotas enabled on disk but not in core.
9367 @@ -374,7 +375,7 @@ xfs_qm_scall_trunc_qfiles(
9371 - if (!capable(CAP_SYS_ADMIN))
9372 + if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
9373 return XFS_ERROR(EPERM);
9375 if (!xfs_sb_version_hasquota(&mp->m_sb) || flags == 0) {
9376 @@ -418,7 +419,7 @@ xfs_qm_scall_quotaon(
9380 - if (!capable(CAP_SYS_ADMIN))
9381 + if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
9382 return XFS_ERROR(EPERM);
9384 flags &= (XFS_ALL_QUOTA_ACCT | XFS_ALL_QUOTA_ENFD);
9385 @@ -587,7 +588,7 @@ xfs_qm_scall_setqlim(
9387 xfs_qcnt_t hard, soft;
9389 - if (!capable(CAP_SYS_ADMIN))
9390 + if (!vx_capable(CAP_SYS_ADMIN, VXC_QUOTA_CTL))
9391 return XFS_ERROR(EPERM);
9393 if ((newlim->d_fieldmask &
9394 diff -NurpP --minimal linux-2.6.25.11/fs/xfs/xfs_clnt.h linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/xfs_clnt.h
9395 --- linux-2.6.25.11/fs/xfs/xfs_clnt.h 2008-04-17 12:05:42.000000000 -0400
9396 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/xfs_clnt.h 2008-07-11 01:28:55.000000000 -0400
9397 @@ -100,5 +100,6 @@ struct xfs_mount_args {
9398 * I/O size in stat(2) */
9399 #define XFSMNT2_FILESTREAMS 0x00000002 /* enable the filestreams
9401 +#define XFSMNT2_TAGGED 0x10000000 /* context tagging */
9403 #endif /* __XFS_CLNT_H__ */
9404 diff -NurpP --minimal linux-2.6.25.11/fs/xfs/xfs_dinode.h linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/xfs_dinode.h
9405 --- linux-2.6.25.11/fs/xfs/xfs_dinode.h 2008-04-17 12:05:42.000000000 -0400
9406 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/xfs_dinode.h 2008-07-11 00:30:17.000000000 -0400
9407 @@ -53,7 +53,9 @@ typedef struct xfs_dinode_core {
9408 __be32 di_gid; /* owner's group id */
9409 __be32 di_nlink; /* number of links to file */
9410 __be16 di_projid; /* owner's project id */
9411 - __u8 di_pad[8]; /* unused, zeroed space */
9412 + __be16 di_tag; /* context tagging */
9413 + __be16 di_vflags; /* vserver specific flags */
9414 + __u8 di_pad[4]; /* unused, zeroed space */
9415 __be16 di_flushiter; /* incremented on flush */
9416 xfs_timestamp_t di_atime; /* time last accessed */
9417 xfs_timestamp_t di_mtime; /* time last modified */
9418 @@ -136,7 +138,9 @@ typedef struct xfs_dinode
9419 #define XFS_DI_NEXT_UNLINKED 0x1000000
9420 #define XFS_DI_U 0x2000000
9421 #define XFS_DI_A 0x4000000
9422 -#define XFS_DI_NUM_BITS 27
9423 +#define XFS_DI_TAG 0x8000000
9424 +#define XFS_DI_VFLAGS 0x10000000
9425 +#define XFS_DI_NUM_BITS 29
9426 #define XFS_DI_ALL_BITS ((1 << XFS_DI_NUM_BITS) - 1)
9427 #define XFS_DI_CORE_BITS (XFS_DI_ALL_BITS & ~(XFS_DI_U|XFS_DI_A))
9429 @@ -223,6 +227,8 @@ typedef enum xfs_dinode_fmt
9430 #define XFS_DIFLAG_EXTSZINHERIT_BIT 12 /* inherit inode extent size */
9431 #define XFS_DIFLAG_NODEFRAG_BIT 13 /* do not reorganize/defragment */
9432 #define XFS_DIFLAG_FILESTREAM_BIT 14 /* use filestream allocator */
9433 +#define XFS_DIFLAG_IXUNLINK_BIT 15 /* Immutable inver on unlink */
9435 #define XFS_DIFLAG_REALTIME (1 << XFS_DIFLAG_REALTIME_BIT)
9436 #define XFS_DIFLAG_PREALLOC (1 << XFS_DIFLAG_PREALLOC_BIT)
9437 #define XFS_DIFLAG_NEWRTBM (1 << XFS_DIFLAG_NEWRTBM_BIT)
9438 @@ -238,6 +244,7 @@ typedef enum xfs_dinode_fmt
9439 #define XFS_DIFLAG_EXTSZINHERIT (1 << XFS_DIFLAG_EXTSZINHERIT_BIT)
9440 #define XFS_DIFLAG_NODEFRAG (1 << XFS_DIFLAG_NODEFRAG_BIT)
9441 #define XFS_DIFLAG_FILESTREAM (1 << XFS_DIFLAG_FILESTREAM_BIT)
9442 +#define XFS_DIFLAG_IXUNLINK (1 << XFS_DIFLAG_IXUNLINK_BIT)
9444 #ifdef CONFIG_XFS_RT
9445 #define XFS_IS_REALTIME_INODE(ip) ((ip)->i_d.di_flags & XFS_DIFLAG_REALTIME)
9446 @@ -250,6 +257,10 @@ typedef enum xfs_dinode_fmt
9447 XFS_DIFLAG_IMMUTABLE | XFS_DIFLAG_APPEND | XFS_DIFLAG_SYNC | \
9448 XFS_DIFLAG_NOATIME | XFS_DIFLAG_NODUMP | XFS_DIFLAG_RTINHERIT | \
9449 XFS_DIFLAG_PROJINHERIT | XFS_DIFLAG_NOSYMLINKS | XFS_DIFLAG_EXTSIZE | \
9450 - XFS_DIFLAG_EXTSZINHERIT | XFS_DIFLAG_NODEFRAG | XFS_DIFLAG_FILESTREAM)
9451 + XFS_DIFLAG_EXTSZINHERIT | XFS_DIFLAG_NODEFRAG | XFS_DIFLAG_FILESTREAM | \
9452 + XFS_DIFLAG_IXUNLINK)
9454 +#define XFS_DIVFLAG_BARRIER 0x01
9455 +#define XFS_DIVFLAG_COW 0x02
9457 #endif /* __XFS_DINODE_H__ */
9458 diff -NurpP --minimal linux-2.6.25.11/fs/xfs/xfs_fs.h linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/xfs_fs.h
9459 --- linux-2.6.25.11/fs/xfs/xfs_fs.h 2008-04-17 12:05:42.000000000 -0400
9460 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/xfs_fs.h 2008-07-08 16:11:02.000000000 -0400
9461 @@ -67,6 +67,9 @@ struct fsxattr {
9462 #define XFS_XFLAG_EXTSZINHERIT 0x00001000 /* inherit inode extent size */
9463 #define XFS_XFLAG_NODEFRAG 0x00002000 /* do not defragment */
9464 #define XFS_XFLAG_FILESTREAM 0x00004000 /* use filestream allocator */
9465 +#define XFS_XFLAG_IXUNLINK 0x00008000 /* immutable invert on unlink */
9466 +#define XFS_XFLAG_BARRIER 0x10000000 /* chroot() barrier */
9467 +#define XFS_XFLAG_COW 0x20000000 /* copy on write mark */
9468 #define XFS_XFLAG_HASATTR 0x80000000 /* no DIFLAG for this */
9471 @@ -296,7 +299,8 @@ typedef struct xfs_bstat {
9472 __s32 bs_extents; /* number of extents */
9473 __u32 bs_gen; /* generation count */
9474 __u16 bs_projid; /* project id */
9475 - unsigned char bs_pad[14]; /* pad space, unused */
9476 + __u16 bs_tag; /* context tagging */
9477 + unsigned char bs_pad[12]; /* pad space, unused */
9478 __u32 bs_dmevmask; /* DMIG event mask */
9479 __u16 bs_dmstate; /* DMIG state info */
9480 __u16 bs_aextents; /* attribute number of extents */
9481 diff -NurpP --minimal linux-2.6.25.11/fs/xfs/xfs_ialloc.c linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/xfs_ialloc.c
9482 --- linux-2.6.25.11/fs/xfs/xfs_ialloc.c 2008-04-17 12:05:42.000000000 -0400
9483 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/xfs_ialloc.c 2008-07-11 00:30:58.000000000 -0400
9484 @@ -84,6 +84,8 @@ xfs_ialloc_log_di(
9485 offsetof(xfs_dinode_t, di_next_unlinked),
9486 offsetof(xfs_dinode_t, di_u),
9487 offsetof(xfs_dinode_t, di_a),
9488 + offsetof(xfs_dinode_core_t, di_tag),
9489 + offsetof(xfs_dinode_core_t, di_vflags),
9490 sizeof(xfs_dinode_t)
9493 diff -NurpP --minimal linux-2.6.25.11/fs/xfs/xfs_inode.c linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/xfs_inode.c
9494 --- linux-2.6.25.11/fs/xfs/xfs_inode.c 2008-04-17 12:05:42.000000000 -0400
9495 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/xfs_inode.c 2008-07-11 01:49:20.000000000 -0400
9496 @@ -219,6 +219,7 @@ xfs_inotobp(
9500 +#include <linux/vs_tag.h>
9503 * This routine is called to map an inode to the buffer containing
9504 @@ -714,15 +715,25 @@ xfs_iformat_btree(
9506 xfs_dinode_from_disk(
9508 - xfs_dinode_core_t *from)
9509 + xfs_dinode_core_t *from,
9512 + uint32_t uid, gid, tag;
9514 to->di_magic = be16_to_cpu(from->di_magic);
9515 to->di_mode = be16_to_cpu(from->di_mode);
9516 to->di_version = from ->di_version;
9517 to->di_format = from->di_format;
9518 to->di_onlink = be16_to_cpu(from->di_onlink);
9519 - to->di_uid = be32_to_cpu(from->di_uid);
9520 - to->di_gid = be32_to_cpu(from->di_gid);
9522 + uid = be32_to_cpu(from->di_uid);
9523 + gid = be32_to_cpu(from->di_gid);
9524 + tag = be16_to_cpu(from->di_tag);
9526 + to->di_uid = INOTAG_UID(tagged, uid, gid);
9527 + to->di_gid = INOTAG_GID(tagged, uid, gid);
9528 + to->di_tag = INOTAG_TAG(tagged, uid, gid, tag);
9530 to->di_nlink = be32_to_cpu(from->di_nlink);
9531 to->di_projid = be16_to_cpu(from->di_projid);
9532 memcpy(to->di_pad, from->di_pad, sizeof(to->di_pad));
9533 @@ -743,21 +754,26 @@ xfs_dinode_from_disk(
9534 to->di_dmevmask = be32_to_cpu(from->di_dmevmask);
9535 to->di_dmstate = be16_to_cpu(from->di_dmstate);
9536 to->di_flags = be16_to_cpu(from->di_flags);
9537 + to->di_vflags = be16_to_cpu(from->di_vflags);
9538 to->di_gen = be32_to_cpu(from->di_gen);
9543 xfs_dinode_core_t *to,
9544 - xfs_icdinode_t *from)
9545 + xfs_icdinode_t *from,
9548 to->di_magic = cpu_to_be16(from->di_magic);
9549 to->di_mode = cpu_to_be16(from->di_mode);
9550 to->di_version = from ->di_version;
9551 to->di_format = from->di_format;
9552 to->di_onlink = cpu_to_be16(from->di_onlink);
9553 - to->di_uid = cpu_to_be32(from->di_uid);
9554 - to->di_gid = cpu_to_be32(from->di_gid);
9556 + to->di_uid = cpu_to_be32(TAGINO_UID(tagged, from->di_uid, from->di_tag));
9557 + to->di_gid = cpu_to_be32(TAGINO_GID(tagged, from->di_gid, from->di_tag));
9558 + to->di_tag = cpu_to_be16(TAGINO_TAG(tagged, from->di_tag));
9560 to->di_nlink = cpu_to_be32(from->di_nlink);
9561 to->di_projid = cpu_to_be16(from->di_projid);
9562 memcpy(to->di_pad, from->di_pad, sizeof(to->di_pad));
9563 @@ -778,12 +794,14 @@ xfs_dinode_to_disk(
9564 to->di_dmevmask = cpu_to_be32(from->di_dmevmask);
9565 to->di_dmstate = cpu_to_be16(from->di_dmstate);
9566 to->di_flags = cpu_to_be16(from->di_flags);
9567 + to->di_vflags = cpu_to_be16(from->di_vflags);
9568 to->di_gen = cpu_to_be32(from->di_gen);
9573 - __uint16_t di_flags)
9574 + __uint16_t di_flags,
9575 + __uint16_t di_vflags)
9579 @@ -794,6 +812,8 @@ _xfs_dic2xflags(
9580 flags |= XFS_XFLAG_PREALLOC;
9581 if (di_flags & XFS_DIFLAG_IMMUTABLE)
9582 flags |= XFS_XFLAG_IMMUTABLE;
9583 + if (di_flags & XFS_DIFLAG_IXUNLINK)
9584 + flags |= XFS_XFLAG_IXUNLINK;
9585 if (di_flags & XFS_DIFLAG_APPEND)
9586 flags |= XFS_XFLAG_APPEND;
9587 if (di_flags & XFS_DIFLAG_SYNC)
9588 @@ -817,7 +837,10 @@ _xfs_dic2xflags(
9589 if (di_flags & XFS_DIFLAG_FILESTREAM)
9590 flags |= XFS_XFLAG_FILESTREAM;
9593 + if (di_vflags & XFS_DIVFLAG_BARRIER)
9594 + flags |= XFS_XFLAG_BARRIER;
9595 + if (di_vflags & XFS_DIVFLAG_COW)
9596 + flags |= XFS_XFLAG_COW;
9600 @@ -827,7 +850,7 @@ xfs_ip2xflags(
9602 xfs_icdinode_t *dic = &ip->i_d;
9604 - return _xfs_dic2xflags(dic->di_flags) |
9605 + return _xfs_dic2xflags(dic->di_flags, dic->di_vflags) |
9606 (XFS_IFORK_Q(ip) ? XFS_XFLAG_HASATTR : 0);
9609 @@ -837,7 +860,7 @@ xfs_dic2xflags(
9611 xfs_dinode_core_t *dic = &dip->di_core;
9613 - return _xfs_dic2xflags(be16_to_cpu(dic->di_flags)) |
9614 + return _xfs_dic2xflags(be16_to_cpu(dic->di_flags), be16_to_cpu(dic->di_vflags)) |
9615 (XFS_DFORK_Q(dip) ? XFS_XFLAG_HASATTR : 0);
9618 @@ -932,7 +955,8 @@ xfs_iread(
9619 * Otherwise, just get the truly permanent information.
9621 if (dip->di_core.di_mode) {
9622 - xfs_dinode_from_disk(&ip->i_d, &dip->di_core);
9623 + xfs_dinode_from_disk(&ip->i_d, &dip->di_core,
9624 + mp->m_flags & XFS_MOUNT_TAGGED);
9625 error = xfs_iformat(ip, dip);
9627 kmem_zone_free(xfs_inode_zone, ip);
9628 @@ -1138,6 +1162,7 @@ xfs_ialloc(
9629 ASSERT(ip->i_d.di_nlink == nlink);
9630 ip->i_d.di_uid = current_fsuid(cr);
9631 ip->i_d.di_gid = current_fsgid(cr);
9632 + ip->i_d.di_tag = current_fstag(cr, vp);
9633 ip->i_d.di_projid = prid;
9634 memset(&(ip->i_d.di_pad[0]), 0, sizeof(ip->i_d.di_pad));
9636 @@ -1192,6 +1217,7 @@ xfs_ialloc(
9637 ip->i_d.di_dmevmask = 0;
9638 ip->i_d.di_dmstate = 0;
9639 ip->i_d.di_flags = 0;
9640 + ip->i_d.di_vflags = 0;
9641 flags = XFS_ILOG_CORE;
9642 switch (mode & S_IFMT) {
9644 @@ -1944,8 +1970,8 @@ xfs_iunlink(
9646 be32_to_cpu(agi->agi_magicnum) == XFS_AGI_MAGIC &&
9647 XFS_AGI_GOOD_VERSION(be32_to_cpu(agi->agi_versionnum));
9648 - if (unlikely(XFS_TEST_ERROR(!agi_ok, mp, XFS_ERRTAG_IUNLINK,
9649 - XFS_RANDOM_IUNLINK))) {
9650 + if (unlikely(XFS_TEST_ERROR(!agi_ok, mp, XFS_ERRTAG_IXUNLINK,
9651 + XFS_RANDOM_IXUNLINK))) {
9652 XFS_CORRUPTION_ERROR("xfs_iunlink", XFS_ERRLEVEL_LOW, mp, agi);
9653 xfs_trans_brelse(tp, agibp);
9654 return XFS_ERROR(EFSCORRUPTED);
9655 @@ -2046,8 +2072,8 @@ xfs_iunlink_remove(
9657 be32_to_cpu(agi->agi_magicnum) == XFS_AGI_MAGIC &&
9658 XFS_AGI_GOOD_VERSION(be32_to_cpu(agi->agi_versionnum));
9659 - if (unlikely(XFS_TEST_ERROR(!agi_ok, mp, XFS_ERRTAG_IUNLINK_REMOVE,
9660 - XFS_RANDOM_IUNLINK_REMOVE))) {
9661 + if (unlikely(XFS_TEST_ERROR(!agi_ok, mp, XFS_ERRTAG_IXUNLINK_REMOVE,
9662 + XFS_RANDOM_IXUNLINK_REMOVE))) {
9663 XFS_CORRUPTION_ERROR("xfs_iunlink_remove", XFS_ERRLEVEL_LOW,
9665 xfs_trans_brelse(tp, agibp);
9666 @@ -2386,6 +2412,7 @@ xfs_ifree(
9668 ip->i_d.di_mode = 0; /* mark incore inode as free */
9669 ip->i_d.di_flags = 0;
9670 + ip->i_d.di_vflags = 0;
9671 ip->i_d.di_dmevmask = 0;
9672 ip->i_d.di_forkoff = 0; /* mark the attr fork not in use */
9673 ip->i_df.if_ext_max =
9674 @@ -3421,7 +3448,8 @@ xfs_iflush_int(
9675 * because if the inode is dirty at all the core must
9678 - xfs_dinode_to_disk(&dip->di_core, &ip->i_d);
9679 + xfs_dinode_to_disk(&dip->di_core, &ip->i_d,
9680 + mp->m_flags & XFS_MOUNT_TAGGED);
9682 /* Wrap, we never let the log put out DI_MAX_FLUSH */
9683 if (ip->i_d.di_flushiter == DI_MAX_FLUSH)
9684 diff -NurpP --minimal linux-2.6.25.11/fs/xfs/xfs_inode.h linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/xfs_inode.h
9685 --- linux-2.6.25.11/fs/xfs/xfs_inode.h 2008-04-17 12:05:42.000000000 -0400
9686 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/xfs_inode.h 2008-07-11 01:44:30.000000000 -0400
9687 @@ -187,7 +187,9 @@ typedef struct xfs_icdinode {
9688 __uint32_t di_gid; /* owner's group id */
9689 __uint32_t di_nlink; /* number of links to file */
9690 __uint16_t di_projid; /* owner's project id */
9691 - __uint8_t di_pad[8]; /* unused, zeroed space */
9692 + __uint16_t di_tag; /* context tagging */
9693 + __uint16_t di_vflags; /* vserver specific flags */
9694 + __uint8_t di_pad[4]; /* unused, zeroed space */
9695 __uint16_t di_flushiter; /* incremented on flush */
9696 xfs_ictimestamp_t di_atime; /* time last accessed */
9697 xfs_ictimestamp_t di_mtime; /* time last modified */
9698 @@ -523,9 +525,9 @@ int xfs_ialloc(struct xfs_trans *, xfs_
9699 xfs_nlink_t, xfs_dev_t, struct cred *, xfs_prid_t,
9700 int, struct xfs_buf **, boolean_t *, xfs_inode_t **);
9701 void xfs_dinode_from_disk(struct xfs_icdinode *,
9702 - struct xfs_dinode_core *);
9703 + struct xfs_dinode_core *, int tagged);
9704 void xfs_dinode_to_disk(struct xfs_dinode_core *,
9705 - struct xfs_icdinode *);
9706 + struct xfs_icdinode *, int tagged);
9708 uint xfs_ip2xflags(struct xfs_inode *);
9709 uint xfs_dic2xflags(struct xfs_dinode *);
9710 diff -NurpP --minimal linux-2.6.25.11/fs/xfs/xfs_itable.c linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/xfs_itable.c
9711 --- linux-2.6.25.11/fs/xfs/xfs_itable.c 2008-04-17 12:05:42.000000000 -0400
9712 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/xfs_itable.c 2008-04-19 15:14:52.000000000 -0400
9713 @@ -89,6 +89,7 @@ xfs_bulkstat_one_iget(
9714 buf->bs_mode = dic->di_mode;
9715 buf->bs_uid = dic->di_uid;
9716 buf->bs_gid = dic->di_gid;
9717 + buf->bs_tag = dic->di_tag;
9718 buf->bs_size = dic->di_size;
9719 vn_atime_to_bstime(vp, &buf->bs_atime);
9720 buf->bs_mtime.tv_sec = dic->di_mtime.t_sec;
9721 diff -NurpP --minimal linux-2.6.25.11/fs/xfs/xfs_log_recover.c linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/xfs_log_recover.c
9722 --- linux-2.6.25.11/fs/xfs/xfs_log_recover.c 2008-04-17 12:05:43.000000000 -0400
9723 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/xfs_log_recover.c 2008-07-11 01:52:59.000000000 -0400
9724 @@ -2410,7 +2410,8 @@ xlog_recover_do_inode_trans(
9726 /* The core is in in-core format */
9727 xfs_dinode_to_disk(&dip->di_core,
9728 - (xfs_icdinode_t *)item->ri_buf[1].i_addr);
9729 + (xfs_icdinode_t *)item->ri_buf[1].i_addr,
9730 + mp->m_flags & XFS_MOUNT_TAGGED);
9732 /* the rest is in on-disk format */
9733 if (item->ri_buf[1].i_len > sizeof(xfs_dinode_core_t)) {
9734 diff -NurpP --minimal linux-2.6.25.11/fs/xfs/xfs_mount.h linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/xfs_mount.h
9735 --- linux-2.6.25.11/fs/xfs/xfs_mount.h 2008-04-17 12:05:43.000000000 -0400
9736 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/xfs_mount.h 2008-04-19 15:14:52.000000000 -0400
9737 @@ -378,6 +378,7 @@ typedef struct xfs_mount {
9738 #define XFS_MOUNT_FILESTREAMS (1ULL << 24) /* enable the filestreams
9741 +#define XFS_MOUNT_TAGGED (1ULL << 31) /* context tagging */
9744 * Default minimum read and write sizes.
9745 diff -NurpP --minimal linux-2.6.25.11/fs/xfs/xfs_vfsops.c linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/xfs_vfsops.c
9746 --- linux-2.6.25.11/fs/xfs/xfs_vfsops.c 2008-04-17 12:05:43.000000000 -0400
9747 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/xfs_vfsops.c 2008-04-26 09:52:49.000000000 -0400
9748 @@ -290,6 +290,8 @@ xfs_start_flags(
9750 if (ap->flags2 & XFSMNT2_COMPAT_IOSIZE)
9751 mp->m_flags |= XFS_MOUNT_COMPAT_IOSIZE;
9752 + if (ap->flags2 & XFSMNT2_TAGGED)
9753 + mp->m_flags |= XFS_MOUNT_TAGGED;
9756 * no recovery flag requires a read-only mount
9757 @@ -402,7 +404,6 @@ xfs_finish_flags(
9758 if (ap->flags & XFSMNT_PQUOTAENF)
9759 mp->m_qflags |= XFS_OQUOTA_ENFD;
9765 diff -NurpP --minimal linux-2.6.25.11/fs/xfs/xfs_vnodeops.c linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/xfs_vnodeops.c
9766 --- linux-2.6.25.11/fs/xfs/xfs_vnodeops.c 2008-04-17 12:05:43.000000000 -0400
9767 +++ linux-2.6.25.11-vs2.3.0.34.14/fs/xfs/xfs_vnodeops.c 2008-07-08 16:08:14.000000000 -0400
9768 @@ -122,6 +122,7 @@ xfs_getattr(
9769 vap->va_mode = ip->i_d.di_mode;
9770 vap->va_uid = ip->i_d.di_uid;
9771 vap->va_gid = ip->i_d.di_gid;
9772 + vap->va_tag = ip->i_d.di_tag;
9773 vap->va_projid = ip->i_d.di_projid;
9776 @@ -221,6 +222,7 @@ xfs_setattr(
9777 uint commit_flags=0;
9778 uid_t uid=0, iuid=0;
9779 gid_t gid=0, igid=0;
9780 + tag_t tag=0, itag=0;
9782 xfs_prid_t projid=0, iprojid=0;
9783 int mandlock_before, mandlock_after;
9784 @@ -272,6 +274,7 @@ xfs_setattr(
9785 (mask & (XFS_AT_UID|XFS_AT_GID|XFS_AT_PROJID))) {
9788 + /* TODO: handle tagging? */
9789 if ((mask & XFS_AT_UID) && XFS_IS_UQUOTA_ON(mp)) {
9791 qflags |= XFS_QMOPT_UQUOTA;
9792 @@ -351,6 +354,8 @@ xfs_setattr(
9794 (XFS_AT_MODE|XFS_AT_XFLAGS|XFS_AT_EXTSIZE|XFS_AT_UID|
9795 XFS_AT_GID|XFS_AT_PROJID)) {
9796 + /* TODO: handle tagging? */
9799 * CAP_FOWNER overrides the following restrictions:
9801 @@ -399,7 +404,7 @@ xfs_setattr(
9802 * and can change the group id only to a group of which he
9803 * or she is a member.
9805 - if (mask & (XFS_AT_UID|XFS_AT_GID|XFS_AT_PROJID)) {
9806 + if (mask & (XFS_AT_UID|XFS_AT_GID|XFS_AT_TAG|XFS_AT_PROJID)) {
9808 * These IDs could have changed since we last looked at them.
9809 * But, we're assured that if the ownership did change
9810 @@ -407,10 +412,12 @@ xfs_setattr(
9811 * would have changed also.
9813 iuid = ip->i_d.di_uid;
9814 - iprojid = ip->i_d.di_projid;
9815 igid = ip->i_d.di_gid;
9816 - gid = (mask & XFS_AT_GID) ? vap->va_gid : igid;
9817 + itag = ip->i_d.di_tag;
9818 + iprojid = ip->i_d.di_projid;
9819 uid = (mask & XFS_AT_UID) ? vap->va_uid : iuid;
9820 + gid = (mask & XFS_AT_GID) ? vap->va_gid : igid;
9821 + tag = (mask & XFS_AT_TAG) ? vap->va_tag : itag;
9822 projid = (mask & XFS_AT_PROJID) ? (xfs_prid_t)vap->va_projid :
9825 @@ -438,6 +445,7 @@ xfs_setattr(
9826 if ((XFS_IS_UQUOTA_ON(mp) && iuid != uid) ||
9827 (XFS_IS_PQUOTA_ON(mp) && iprojid != projid) ||
9828 (XFS_IS_GQUOTA_ON(mp) && igid != gid)) {
9829 + /* TODO: handle tagging? */
9831 code = XFS_QM_DQVOPCHOWNRESV(mp, tp, ip, udqp, gdqp,
9832 capable(CAP_FOWNER) ?
9833 @@ -552,7 +560,7 @@ xfs_setattr(
9835 if ((mask & XFS_AT_XFLAGS) &&
9837 - (XFS_DIFLAG_IMMUTABLE|XFS_DIFLAG_APPEND) ||
9838 + (XFS_DIFLAG_IMMUTABLE | XFS_DIFLAG_APPEND) ||
9840 (XFS_XFLAG_IMMUTABLE | XFS_XFLAG_APPEND))) &&
9841 !capable(CAP_LINUX_IMMUTABLE)) {
9842 @@ -686,7 +694,7 @@ xfs_setattr(
9843 * and can change the group id only to a group of which he
9844 * or she is a member.
9846 - if (mask & (XFS_AT_UID|XFS_AT_GID|XFS_AT_PROJID)) {
9847 + if (mask & (XFS_AT_UID|XFS_AT_GID|XFS_AT_TAG|XFS_AT_PROJID)) {
9849 * CAP_FSETID overrides the following restrictions:
9851 @@ -702,6 +710,9 @@ xfs_setattr(
9852 * Change the ownerships and register quota modifications
9853 * in the transaction.
9855 + if (itag != tag) {
9856 + ip->i_d.di_tag = tag;
9859 if (XFS_IS_UQUOTA_ON(mp)) {
9860 ASSERT(mask & XFS_AT_UID);
9861 @@ -777,11 +788,14 @@ xfs_setattr(
9863 if (mask & XFS_AT_XFLAGS) {
9865 + uint di_vflags = 0;
9867 /* can't set PREALLOC this way, just preserve it */
9868 di_flags = (ip->i_d.di_flags & XFS_DIFLAG_PREALLOC);
9869 if (vap->va_xflags & XFS_XFLAG_IMMUTABLE)
9870 di_flags |= XFS_DIFLAG_IMMUTABLE;
9871 + if (vap->va_xflags & XFS_XFLAG_IXUNLINK)
9872 + di_flags |= XFS_DIFLAG_IXUNLINK;
9873 if (vap->va_xflags & XFS_XFLAG_APPEND)
9874 di_flags |= XFS_DIFLAG_APPEND;
9875 if (vap->va_xflags & XFS_XFLAG_SYNC)
9876 @@ -810,6 +824,11 @@ xfs_setattr(
9877 di_flags |= XFS_DIFLAG_EXTSIZE;
9879 ip->i_d.di_flags = di_flags;
9880 + if (vap->va_xflags & XFS_XFLAG_BARRIER)
9881 + di_vflags |= XFS_DIVFLAG_BARRIER;
9882 + if (vap->va_xflags & XFS_XFLAG_COW)
9883 + di_vflags |= XFS_DIVFLAG_COW;
9884 + ip->i_d.di_vflags = di_vflags;
9886 xfs_trans_log_inode(tp, ip, XFS_ILOG_CORE);
9887 timeflags |= XFS_ICHGTIME_CHG;
9888 diff -NurpP --minimal linux-2.6.25.11/include/asm-arm/tlb.h linux-2.6.25.11-vs2.3.0.34.14/include/asm-arm/tlb.h
9889 --- linux-2.6.25.11/include/asm-arm/tlb.h 2008-04-17 12:05:43.000000000 -0400
9890 +++ linux-2.6.25.11-vs2.3.0.34.14/include/asm-arm/tlb.h 2008-04-19 15:14:52.000000000 -0400
9892 #else /* !CONFIG_MMU */
9894 #include <asm/pgalloc.h>
9895 +#include <linux/vs_memory.h>
9898 * TLB handling. This allows us to remove pages from the page
9899 diff -NurpP --minimal linux-2.6.25.11/include/asm-blackfin/unistd.h linux-2.6.25.11-vs2.3.0.34.14/include/asm-blackfin/unistd.h
9900 --- linux-2.6.25.11/include/asm-blackfin/unistd.h 2008-04-17 12:05:43.000000000 -0400
9901 +++ linux-2.6.25.11-vs2.3.0.34.14/include/asm-blackfin/unistd.h 2008-04-19 15:14:52.000000000 -0400
9903 #define __NR_tgkill 271
9904 #define __NR_utimes 272
9905 #define __NR_fadvise64_64 273
9906 - /* 274 __NR_vserver */
9907 +#define __NR_vserver 274
9908 /* 275 __NR_mbind */
9909 /* 276 __NR_get_mempolicy */
9910 /* 277 __NR_set_mempolicy */
9911 diff -NurpP --minimal linux-2.6.25.11/include/asm-generic/tlb.h linux-2.6.25.11-vs2.3.0.34.14/include/asm-generic/tlb.h
9912 --- linux-2.6.25.11/include/asm-generic/tlb.h 2008-04-17 12:05:43.000000000 -0400
9913 +++ linux-2.6.25.11-vs2.3.0.34.14/include/asm-generic/tlb.h 2008-04-19 15:50:15.000000000 -0400
9915 #define _ASM_GENERIC__TLB_H
9917 #include <linux/swap.h>
9918 +#include <linux/vs_memory.h>
9919 #include <asm/pgalloc.h>
9920 #include <asm/tlbflush.h>
9922 diff -NurpP --minimal linux-2.6.25.11/include/asm-ia64/tlb.h linux-2.6.25.11-vs2.3.0.34.14/include/asm-ia64/tlb.h
9923 --- linux-2.6.25.11/include/asm-ia64/tlb.h 2007-02-04 13:44:54.000000000 -0500
9924 +++ linux-2.6.25.11-vs2.3.0.34.14/include/asm-ia64/tlb.h 2008-04-19 15:14:52.000000000 -0400
9926 #include <linux/mm.h>
9927 #include <linux/pagemap.h>
9928 #include <linux/swap.h>
9929 +#include <linux/vs_memory.h>
9931 #include <asm/pgalloc.h>
9932 #include <asm/processor.h>
9933 diff -NurpP --minimal linux-2.6.25.11/include/asm-powerpc/systbl.h linux-2.6.25.11-vs2.3.0.34.14/include/asm-powerpc/systbl.h
9934 --- linux-2.6.25.11/include/asm-powerpc/systbl.h 2008-04-17 12:05:44.000000000 -0400
9935 +++ linux-2.6.25.11-vs2.3.0.34.14/include/asm-powerpc/systbl.h 2008-04-19 15:14:52.000000000 -0400
9936 @@ -260,7 +260,7 @@ COMPAT_SYS_SPU(fstatfs64)
9937 SYSX(sys_ni_syscall, ppc_fadvise64_64, ppc_fadvise64_64)
9939 OLDSYS(debug_setcontext)
9940 -SYSCALL(ni_syscall)
9941 +SYSX(sys_vserver, sys32_vserver, sys_vserver)
9942 COMPAT_SYS(migrate_pages)
9944 COMPAT_SYS(get_mempolicy)
9945 diff -NurpP --minimal linux-2.6.25.11/include/asm-powerpc/unistd.h linux-2.6.25.11-vs2.3.0.34.14/include/asm-powerpc/unistd.h
9946 --- linux-2.6.25.11/include/asm-powerpc/unistd.h 2008-04-17 12:05:44.000000000 -0400
9947 +++ linux-2.6.25.11-vs2.3.0.34.14/include/asm-powerpc/unistd.h 2008-04-19 15:14:52.000000000 -0400
9950 #define __NR_rtas 255
9951 #define __NR_sys_debug_setcontext 256
9952 -/* Number 257 is reserved for vserver */
9953 +#define __NR_vserver 257
9954 #define __NR_migrate_pages 258
9955 #define __NR_mbind 259
9956 #define __NR_get_mempolicy 260
9957 diff -NurpP --minimal linux-2.6.25.11/include/asm-s390/unistd.h linux-2.6.25.11-vs2.3.0.34.14/include/asm-s390/unistd.h
9958 --- linux-2.6.25.11/include/asm-s390/unistd.h 2008-04-17 12:05:44.000000000 -0400
9959 +++ linux-2.6.25.11-vs2.3.0.34.14/include/asm-s390/unistd.h 2008-04-19 15:14:52.000000000 -0400
9961 #define __NR_clock_gettime (__NR_timer_create+6)
9962 #define __NR_clock_getres (__NR_timer_create+7)
9963 #define __NR_clock_nanosleep (__NR_timer_create+8)
9964 -/* Number 263 is reserved for vserver */
9965 +#define __NR_vserver 263
9966 #define __NR_statfs64 265
9967 #define __NR_fstatfs64 266
9968 #define __NR_remap_file_pages 267
9969 diff -NurpP --minimal linux-2.6.25.11/include/asm-sparc/unistd.h linux-2.6.25.11-vs2.3.0.34.14/include/asm-sparc/unistd.h
9970 --- linux-2.6.25.11/include/asm-sparc/unistd.h 2008-04-17 12:05:44.000000000 -0400
9971 +++ linux-2.6.25.11-vs2.3.0.34.14/include/asm-sparc/unistd.h 2008-04-19 15:14:52.000000000 -0400
9973 #define __NR_timer_getoverrun 264
9974 #define __NR_timer_delete 265
9975 #define __NR_timer_create 266
9976 -/* #define __NR_vserver 267 Reserved for VSERVER */
9977 +#define __NR_vserver 267
9978 #define __NR_io_setup 268
9979 #define __NR_io_destroy 269
9980 #define __NR_io_submit 270
9981 diff -NurpP --minimal linux-2.6.25.11/include/asm-sparc64/tlb.h linux-2.6.25.11-vs2.3.0.34.14/include/asm-sparc64/tlb.h
9982 --- linux-2.6.25.11/include/asm-sparc64/tlb.h 2008-04-17 12:05:44.000000000 -0400
9983 +++ linux-2.6.25.11-vs2.3.0.34.14/include/asm-sparc64/tlb.h 2008-04-19 15:14:52.000000000 -0400
9986 #include <linux/swap.h>
9987 #include <linux/pagemap.h>
9988 +#include <linux/vs_memory.h>
9989 #include <asm/pgalloc.h>
9990 #include <asm/tlbflush.h>
9991 #include <asm/mmu_context.h>
9992 diff -NurpP --minimal linux-2.6.25.11/include/asm-sparc64/unistd.h linux-2.6.25.11-vs2.3.0.34.14/include/asm-sparc64/unistd.h
9993 --- linux-2.6.25.11/include/asm-sparc64/unistd.h 2008-04-17 12:05:44.000000000 -0400
9994 +++ linux-2.6.25.11-vs2.3.0.34.14/include/asm-sparc64/unistd.h 2008-04-19 15:14:52.000000000 -0400
9996 #define __NR_timer_getoverrun 264
9997 #define __NR_timer_delete 265
9998 #define __NR_timer_create 266
9999 -/* #define __NR_vserver 267 Reserved for VSERVER */
10000 +#define __NR_vserver 267
10001 #define __NR_io_setup 268
10002 #define __NR_io_destroy 269
10003 #define __NR_io_submit 270
10004 diff -NurpP --minimal linux-2.6.25.11/include/asm-x86/unistd_64.h linux-2.6.25.11-vs2.3.0.34.14/include/asm-x86/unistd_64.h
10005 --- linux-2.6.25.11/include/asm-x86/unistd_64.h 2008-04-17 12:05:44.000000000 -0400
10006 +++ linux-2.6.25.11-vs2.3.0.34.14/include/asm-x86/unistd_64.h 2008-04-19 15:14:52.000000000 -0400
10007 @@ -535,7 +535,7 @@ __SYSCALL(__NR_tgkill, sys_tgkill)
10008 #define __NR_utimes 235
10009 __SYSCALL(__NR_utimes, sys_utimes)
10010 #define __NR_vserver 236
10011 -__SYSCALL(__NR_vserver, sys_ni_syscall)
10012 +__SYSCALL(__NR_vserver, sys_vserver)
10013 #define __NR_mbind 237
10014 __SYSCALL(__NR_mbind, sys_mbind)
10015 #define __NR_set_mempolicy 238
10016 diff -NurpP --minimal linux-2.6.25.11/include/linux/capability.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/capability.h
10017 --- linux-2.6.25.11/include/linux/capability.h 2008-07-15 22:05:17.000000000 -0400
10018 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/capability.h 2008-06-10 20:00:46.000000000 -0400
10019 @@ -273,6 +273,7 @@ typedef struct kernel_cap_struct {
10020 arbitrary SCSI commands */
10021 /* Allow setting encryption key on loopback filesystem */
10022 /* Allow setting zone reclaim policy */
10023 +/* Allow the selection of a security context */
10025 #define CAP_SYS_ADMIN 21
10027 @@ -345,7 +346,13 @@ typedef struct kernel_cap_struct {
10029 #define CAP_MAC_ADMIN 33
10031 -#define CAP_LAST_CAP CAP_MAC_ADMIN
10032 +/* Allow context manipulations */
10033 +/* Allow changing context info on files */
10035 +#define CAP_CONTEXT 34
10038 +#define CAP_LAST_CAP CAP_CONTEXT
10040 #define cap_valid(x) ((x) >= 0 && (x) <= CAP_LAST_CAP)
10042 diff -NurpP --minimal linux-2.6.25.11/include/linux/devpts_fs.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/devpts_fs.h
10043 --- linux-2.6.25.11/include/linux/devpts_fs.h 2007-02-04 13:44:54.000000000 -0500
10044 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/devpts_fs.h 2008-04-19 15:14:52.000000000 -0400
10045 @@ -30,5 +30,4 @@ static inline void devpts_pty_kill(int n
10050 #endif /* _LINUX_DEVPTS_FS_H */
10051 diff -NurpP --minimal linux-2.6.25.11/include/linux/ext2_fs.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/ext2_fs.h
10052 --- linux-2.6.25.11/include/linux/ext2_fs.h 2008-04-17 11:31:39.000000000 -0400
10053 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/ext2_fs.h 2008-07-08 13:53:46.000000000 -0400
10054 @@ -189,8 +189,12 @@ struct ext2_group_desc
10055 #define EXT2_NOTAIL_FL FS_NOTAIL_FL /* file tail should not be merged */
10056 #define EXT2_DIRSYNC_FL FS_DIRSYNC_FL /* dirsync behaviour (directories only) */
10057 #define EXT2_TOPDIR_FL FS_TOPDIR_FL /* Top of directory hierarchies*/
10058 +#define EXT2_IXUNLINK_FL FS_IXUNLINK_FL /* Immutable invert on unlink */
10059 #define EXT2_RESERVED_FL FS_RESERVED_FL /* reserved for ext2 lib */
10061 +#define EXT2_BARRIER_FL FS_BARRIER_FL /* Barrier for chroot() */
10062 +#define EXT2_COW_FL FS_COW_FL /* Copy on Write marker */
10064 #define EXT2_FL_USER_VISIBLE FS_FL_USER_VISIBLE /* User visible flags */
10065 #define EXT2_FL_USER_MODIFIABLE FS_FL_USER_MODIFIABLE /* User modifiable flags */
10067 @@ -247,7 +251,7 @@ struct ext2_inode {
10069 __u8 l_i_frag; /* Fragment number */
10070 __u8 l_i_fsize; /* Fragment size */
10072 + __u16 l_i_tag; /* Context Tag */
10073 __le16 l_i_uid_high; /* these 2 fields */
10074 __le16 l_i_gid_high; /* were reserved2[0] */
10075 __u32 l_i_reserved2;
10076 @@ -279,6 +283,7 @@ struct ext2_inode {
10077 #define i_gid_low i_gid
10078 #define i_uid_high osd2.linux2.l_i_uid_high
10079 #define i_gid_high osd2.linux2.l_i_gid_high
10080 +#define i_raw_tag osd2.linux2.l_i_tag
10081 #define i_reserved2 osd2.linux2.l_i_reserved2
10084 @@ -323,6 +328,7 @@ struct ext2_inode {
10085 #define EXT2_MOUNT_USRQUOTA 0x020000 /* user quota */
10086 #define EXT2_MOUNT_GRPQUOTA 0x040000 /* group quota */
10087 #define EXT2_MOUNT_RESERVATION 0x080000 /* Preallocation */
10088 +#define EXT2_MOUNT_TAGGED (1<<24) /* Enable Context Tags */
10091 #define clear_opt(o, opt) o &= ~EXT2_MOUNT_##opt
10092 diff -NurpP --minimal linux-2.6.25.11/include/linux/ext3_fs.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/ext3_fs.h
10093 --- linux-2.6.25.11/include/linux/ext3_fs.h 2008-04-17 12:05:44.000000000 -0400
10094 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/ext3_fs.h 2008-07-08 14:08:49.000000000 -0400
10095 @@ -173,10 +173,14 @@ struct ext3_group_desc
10096 #define EXT3_NOTAIL_FL 0x00008000 /* file tail should not be merged */
10097 #define EXT3_DIRSYNC_FL 0x00010000 /* dirsync behaviour (directories only) */
10098 #define EXT3_TOPDIR_FL 0x00020000 /* Top of directory hierarchies*/
10099 +#define EXT3_IXUNLINK_FL 0x01000000 /* Immutable invert on unlink */
10100 #define EXT3_RESERVED_FL 0x80000000 /* reserved for ext3 lib */
10102 -#define EXT3_FL_USER_VISIBLE 0x0003DFFF /* User visible flags */
10103 -#define EXT3_FL_USER_MODIFIABLE 0x000380FF /* User modifiable flags */
10104 +#define EXT3_BARRIER_FL 0x10000000 /* Barrier for chroot() */
10105 +#define EXT3_COW_FL 0x20000000 /* Copy on Write marker */
10107 +#define EXT3_FL_USER_VISIBLE 0x0103DFFF /* User visible flags */
10108 +#define EXT3_FL_USER_MODIFIABLE 0x010380FF /* User modifiable flags */
10111 * Inode dynamic state flags
10112 @@ -292,7 +296,7 @@ struct ext3_inode {
10114 __u8 l_i_frag; /* Fragment number */
10115 __u8 l_i_fsize; /* Fragment size */
10117 + __u16 l_i_tag; /* Context Tag */
10118 __le16 l_i_uid_high; /* these 2 fields */
10119 __le16 l_i_gid_high; /* were reserved2[0] */
10120 __u32 l_i_reserved2;
10121 @@ -326,6 +330,7 @@ struct ext3_inode {
10122 #define i_gid_low i_gid
10123 #define i_uid_high osd2.linux2.l_i_uid_high
10124 #define i_gid_high osd2.linux2.l_i_gid_high
10125 +#define i_raw_tag osd2.linux2.l_i_tag
10126 #define i_reserved2 osd2.linux2.l_i_reserved2
10128 #elif defined(__GNU__)
10129 @@ -380,6 +385,7 @@ struct ext3_inode {
10130 #define EXT3_MOUNT_QUOTA 0x80000 /* Some quota option set */
10131 #define EXT3_MOUNT_USRQUOTA 0x100000 /* "old" user quota */
10132 #define EXT3_MOUNT_GRPQUOTA 0x200000 /* "old" group quota */
10133 +#define EXT3_MOUNT_TAGGED (1<<24) /* Enable Context Tags */
10135 /* Compatibility, for having both ext2_fs.h and ext3_fs.h included at once */
10136 #ifndef _LINUX_EXT2_FS_H
10137 @@ -822,6 +828,7 @@ struct buffer_head * ext3_bread (handle_
10138 int ext3_get_blocks_handle(handle_t *handle, struct inode *inode,
10139 sector_t iblock, unsigned long maxblocks, struct buffer_head *bh_result,
10140 int create, int extend_disksize);
10141 +extern int ext3_sync_flags(struct inode *inode);
10143 extern struct inode *ext3_iget(struct super_block *, unsigned long);
10144 extern int ext3_write_inode (struct inode *, int);
10145 diff -NurpP --minimal linux-2.6.25.11/include/linux/ext4_fs.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/ext4_fs.h
10146 --- linux-2.6.25.11/include/linux/ext4_fs.h 2008-04-17 12:05:44.000000000 -0400
10147 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/ext4_fs.h 2008-07-08 14:09:54.000000000 -0400
10148 @@ -231,10 +231,14 @@ struct ext4_group_desc
10149 #define EXT4_TOPDIR_FL 0x00020000 /* Top of directory hierarchies*/
10150 #define EXT4_HUGE_FILE_FL 0x00040000 /* Set to each huge file */
10151 #define EXT4_EXTENTS_FL 0x00080000 /* Inode uses extents */
10152 +#define EXT4_IXUNLINK_FL 0x01000000 /* Immutable invert on unlink */
10153 #define EXT4_RESERVED_FL 0x80000000 /* reserved for ext4 lib */
10155 -#define EXT4_FL_USER_VISIBLE 0x000BDFFF /* User visible flags */
10156 -#define EXT4_FL_USER_MODIFIABLE 0x000380FF /* User modifiable flags */
10157 +#define EXT4_BARRIER_FL 0x10000000 /* Barrier for chroot() */
10158 +#define EXT4_COW_FL 0x20000000 /* Copy on Write marker */
10160 +#define EXT4_FL_USER_VISIBLE 0x010BDFFF /* User visible flags */
10161 +#define EXT4_FL_USER_MODIFIABLE 0x010380FF /* User modifiable flags */
10164 * Inode dynamic state flags
10165 @@ -359,7 +363,8 @@ struct ext4_inode {
10166 __le16 l_i_file_acl_high;
10167 __le16 l_i_uid_high; /* these 2 fields */
10168 __le16 l_i_gid_high; /* were reserved2[0] */
10169 - __u32 l_i_reserved2;
10170 + __u16 l_i_tag; /* Context Tag */
10171 + __u16 l_i_reserved2;
10174 __le16 h_i_reserved1; /* Obsoleted fragment number/size which are removed in ext4 */
10175 @@ -465,6 +470,7 @@ do { \
10176 #define i_gid_low i_gid
10177 #define i_uid_high osd2.linux2.l_i_uid_high
10178 #define i_gid_high osd2.linux2.l_i_gid_high
10179 +#define i_raw_tag osd2.linux2.l_i_tag
10180 #define i_reserved2 osd2.linux2.l_i_reserved2
10182 #elif defined(__GNU__)
10183 @@ -528,6 +534,7 @@ do { \
10184 #define EXT4_MOUNT_JOURNAL_ASYNC_COMMIT 0x1000000 /* Journal Async Commit */
10185 #define EXT4_MOUNT_I_VERSION 0x2000000 /* i_version support */
10186 #define EXT4_MOUNT_MBALLOC 0x4000000 /* Buddy allocation support */
10187 +#define EXT4_MOUNT_TAGGED 0x8000000 /* Enable Context Tags */
10188 /* Compatibility, for having both ext2_fs.h and ext4_fs.h included at once */
10189 #ifndef _LINUX_EXT2_FS_H
10190 #define clear_opt(o, opt) o &= ~EXT4_MOUNT_##opt
10191 @@ -1030,6 +1037,7 @@ int ext4_get_blocks_handle(handle_t *han
10192 ext4_lblk_t iblock, unsigned long maxblocks,
10193 struct buffer_head *bh_result,
10194 int create, int extend_disksize);
10195 +extern int ext4_sync_flags(struct inode *inode);
10197 extern struct inode *ext4_iget(struct super_block *, unsigned long);
10198 extern int ext4_write_inode (struct inode *, int);
10199 diff -NurpP --minimal linux-2.6.25.11/include/linux/fs.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/fs.h
10200 --- linux-2.6.25.11/include/linux/fs.h 2008-04-17 12:05:44.000000000 -0400
10201 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/fs.h 2008-07-08 16:56:52.000000000 -0400
10202 @@ -125,6 +125,8 @@ extern int dir_notify_enable;
10203 #define MS_RELATIME (1<<21) /* Update atime relative to mtime/ctime. */
10204 #define MS_KERNMOUNT (1<<22) /* this is a kern_mount call */
10205 #define MS_I_VERSION (1<<23) /* Update inode I_version field */
10206 +#define MS_TAGGED (1<<24) /* use generic inode tagging */
10207 +#define MS_TAGID (1<<25) /* use specific tag for this mount */
10208 #define MS_ACTIVE (1<<30)
10209 #define MS_NOUSER (1<<31)
10211 @@ -151,6 +153,14 @@ extern int dir_notify_enable;
10212 #define S_NOCMTIME 128 /* Do not update file c/mtime */
10213 #define S_SWAPFILE 256 /* Do not truncate: swapon got its bmaps */
10214 #define S_PRIVATE 512 /* Inode is fs-internal */
10215 +#define S_IXUNLINK 1024 /* Immutable Invert on unlink */
10217 +/* Linux-VServer related Inode flags */
10221 +#define V_BARRIER 4 /* Barrier for chroot() */
10222 +#define V_COW 8 /* Copy on Write */
10225 * Note that nosuid etc flags are inode-specific: setting some file-system
10226 @@ -167,18 +177,21 @@ extern int dir_notify_enable;
10228 #define __IS_FLG(inode,flg) ((inode)->i_sb->s_flags & (flg))
10230 -#define IS_RDONLY(inode) ((inode)->i_sb->s_flags & MS_RDONLY)
10231 +#define IS_RDONLY(inode) __IS_FLG(inode, MS_RDONLY)
10232 #define IS_SYNC(inode) (__IS_FLG(inode, MS_SYNCHRONOUS) || \
10233 ((inode)->i_flags & S_SYNC))
10234 #define IS_DIRSYNC(inode) (__IS_FLG(inode, MS_SYNCHRONOUS|MS_DIRSYNC) || \
10235 ((inode)->i_flags & (S_SYNC|S_DIRSYNC)))
10236 #define IS_MANDLOCK(inode) __IS_FLG(inode, MS_MANDLOCK)
10237 -#define IS_NOATIME(inode) __IS_FLG(inode, MS_RDONLY|MS_NOATIME)
10238 -#define IS_I_VERSION(inode) __IS_FLG(inode, MS_I_VERSION)
10239 +#define IS_NOATIME(inode) __IS_FLG(inode, MS_RDONLY|MS_NOATIME)
10240 +#define IS_I_VERSION(inode) __IS_FLG(inode, MS_I_VERSION)
10241 +#define IS_TAGGED(inode) __IS_FLG(inode, MS_TAGGED)
10243 #define IS_NOQUOTA(inode) ((inode)->i_flags & S_NOQUOTA)
10244 #define IS_APPEND(inode) ((inode)->i_flags & S_APPEND)
10245 #define IS_IMMUTABLE(inode) ((inode)->i_flags & S_IMMUTABLE)
10246 +#define IS_IXUNLINK(inode) ((inode)->i_flags & S_IXUNLINK)
10247 +#define IS_IXORUNLINK(inode) ((IS_IXUNLINK(inode) ? S_IMMUTABLE : 0) ^ IS_IMMUTABLE(inode))
10248 #define IS_POSIXACL(inode) __IS_FLG(inode, MS_POSIXACL)
10250 #define IS_DEADDIR(inode) ((inode)->i_flags & S_DEAD)
10251 @@ -186,6 +199,16 @@ extern int dir_notify_enable;
10252 #define IS_SWAPFILE(inode) ((inode)->i_flags & S_SWAPFILE)
10253 #define IS_PRIVATE(inode) ((inode)->i_flags & S_PRIVATE)
10255 +#define IS_BARRIER(inode) (S_ISDIR((inode)->i_mode) && ((inode)->i_vflags & V_BARRIER))
10257 +#ifdef CONFIG_VSERVER_COWBL
10258 +# define IS_COW(inode) (IS_IXUNLINK(inode) && IS_IMMUTABLE(inode))
10259 +# define IS_COW_LINK(inode) (S_ISREG((inode)->i_mode) && ((inode)->i_nlink > 1))
10261 +# define IS_COW(inode) (0)
10262 +# define IS_COW_LINK(inode) (0)
10265 /* the read-only stuff doesn't really belong here, but any other place is
10266 probably as bad and I don't want to create yet another include file. */
10268 @@ -259,11 +282,14 @@ extern int dir_notify_enable;
10269 #define FS_TOPDIR_FL 0x00020000 /* Top of directory hierarchies*/
10270 #define FS_EXTENT_FL 0x00080000 /* Extents */
10271 #define FS_DIRECTIO_FL 0x00100000 /* Use direct i/o */
10272 +#define FS_IXUNLINK_FL 0x01000000 /* Immutable invert on unlink */
10273 #define FS_RESERVED_FL 0x80000000 /* reserved for ext2 lib */
10275 -#define FS_FL_USER_VISIBLE 0x0003DFFF /* User visible flags */
10276 -#define FS_FL_USER_MODIFIABLE 0x000380FF /* User modifiable flags */
10277 +#define FS_BARRIER_FL 0x10000000 /* Barrier for chroot() */
10278 +#define FS_COW_FL 0x20000000 /* Copy on Write marker */
10280 +#define FS_FL_USER_VISIBLE 0x0103DFFF /* User visible flags */
10281 +#define FS_FL_USER_MODIFIABLE 0x010380FF /* User modifiable flags */
10283 #define SYNC_FILE_RANGE_WAIT_BEFORE 1
10284 #define SYNC_FILE_RANGE_WRITE 2
10285 @@ -334,6 +360,7 @@ typedef void (dio_iodone_t)(struct kiocb
10286 #define ATTR_FILE 8192
10287 #define ATTR_KILL_PRIV 16384
10288 #define ATTR_OPEN 32768 /* Truncating from open(O_TRUNC) */
10289 +#define ATTR_TAG 65536
10292 * This is the Inode Attributes structure, used for notify_change(). It
10293 @@ -349,6 +376,7 @@ struct iattr {
10299 struct timespec ia_atime;
10300 struct timespec ia_mtime;
10301 @@ -362,6 +390,9 @@ struct iattr {
10302 struct file *ia_file;
10305 +#define ATTR_FLAG_BARRIER 512 /* Barrier for chroot() */
10306 +#define ATTR_FLAG_IXUNLINK 1024 /* Immutable invert on unlink */
10309 * Includes for diskquotas.
10311 @@ -600,7 +631,9 @@ struct inode {
10312 unsigned int i_nlink;
10320 #ifdef __NEED_I_SIZE_ORDERED
10321 @@ -648,7 +681,8 @@ struct inode {
10322 unsigned long i_state;
10323 unsigned long dirtied_when; /* jiffies of first dirtying */
10325 - unsigned int i_flags;
10326 + unsigned short i_flags;
10327 + unsigned short i_vflags;
10329 atomic_t i_writecount;
10330 #ifdef CONFIG_SECURITY
10331 @@ -735,12 +769,12 @@ static inline void i_size_write(struct i
10333 static inline unsigned iminor(const struct inode *inode)
10335 - return MINOR(inode->i_rdev);
10336 + return MINOR(inode->i_mdev);
10339 static inline unsigned imajor(const struct inode *inode)
10341 - return MAJOR(inode->i_rdev);
10342 + return MAJOR(inode->i_mdev);
10345 extern struct block_device *I_BDEV(struct inode *inode);
10346 @@ -795,6 +829,7 @@ struct file {
10348 struct fown_struct f_owner;
10349 unsigned int f_uid, f_gid;
10351 struct file_ra_state f_ra;
10354 @@ -879,6 +914,7 @@ struct file_lock {
10355 unsigned char fl_type;
10360 struct fasync_struct * fl_fasync; /* for lease break notifications */
10361 unsigned long fl_break_time; /* for nonblocking lease breaks */
10362 @@ -1076,12 +1112,12 @@ extern void unlock_super(struct super_bl
10364 extern int vfs_permission(struct nameidata *, int);
10365 extern int vfs_create(struct inode *, struct dentry *, int, struct nameidata *);
10366 -extern int vfs_mkdir(struct inode *, struct dentry *, int);
10367 -extern int vfs_mknod(struct inode *, struct dentry *, int, dev_t);
10368 -extern int vfs_symlink(struct inode *, struct dentry *, const char *, int);
10369 -extern int vfs_link(struct dentry *, struct inode *, struct dentry *);
10370 -extern int vfs_rmdir(struct inode *, struct dentry *);
10371 -extern int vfs_unlink(struct inode *, struct dentry *);
10372 +extern int vfs_mkdir(struct inode *, struct dentry *, int, struct nameidata *);
10373 +extern int vfs_mknod(struct inode *, struct dentry *, int, dev_t, struct nameidata *);
10374 +extern int vfs_symlink(struct inode *, struct dentry *, const char *, int, struct nameidata *);
10375 +extern int vfs_link(struct dentry *, struct inode *, struct dentry *, struct nameidata *);
10376 +extern int vfs_rmdir(struct inode *, struct dentry *, struct nameidata *);
10377 +extern int vfs_unlink(struct inode *, struct dentry *, struct nameidata *);
10378 extern int vfs_rename(struct inode *, struct dentry *, struct inode *, struct dentry *);
10381 @@ -1223,6 +1259,7 @@ struct inode_operations {
10382 void (*truncate_range)(struct inode *, loff_t, loff_t);
10383 long (*fallocate)(struct inode *inode, int mode, loff_t offset,
10385 + int (*sync_flags) (struct inode *);
10389 @@ -1238,6 +1275,7 @@ extern ssize_t vfs_readv(struct file *,
10390 unsigned long, loff_t *);
10391 extern ssize_t vfs_writev(struct file *, const struct iovec __user *,
10392 unsigned long, loff_t *);
10393 +ssize_t vfs_sendfile(struct file *, struct file *, loff_t *, size_t, loff_t);
10396 * NOTE: write_inode, delete_inode, clear_inode, put_inode can be called
10397 @@ -1934,6 +1972,7 @@ extern int dcache_dir_open(struct inode
10398 extern int dcache_dir_close(struct inode *, struct file *);
10399 extern loff_t dcache_dir_lseek(struct file *, loff_t, int);
10400 extern int dcache_readdir(struct file *, void *, filldir_t);
10401 +extern int dcache_readdir_filter(struct file *, void *, filldir_t, int (*)(struct dentry *));
10402 extern int simple_getattr(struct vfsmount *, struct dentry *, struct kstat *);
10403 extern int simple_statfs(struct dentry *, struct kstatfs *);
10404 extern int simple_link(struct dentry *, struct inode *, struct dentry *);
10405 diff -NurpP --minimal linux-2.6.25.11/include/linux/if_tun.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/if_tun.h
10406 --- linux-2.6.25.11/include/linux/if_tun.h 2008-04-17 12:05:44.000000000 -0400
10407 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/if_tun.h 2008-04-19 15:14:52.000000000 -0400
10409 #define TUNSETOWNER _IOW('T', 204, int)
10410 #define TUNSETLINK _IOW('T', 205, int)
10411 #define TUNSETGROUP _IOW('T', 206, int)
10412 +#define TUNSETNID _IOW('T', 215, int)
10414 /* TUNSETIFF ifr flags */
10415 #define IFF_TUN 0x0001
10416 diff -NurpP --minimal linux-2.6.25.11/include/linux/init_task.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/init_task.h
10417 --- linux-2.6.25.11/include/linux/init_task.h 2008-04-17 12:05:44.000000000 -0400
10418 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/init_task.h 2008-04-19 15:14:52.000000000 -0400
10419 @@ -196,6 +196,10 @@ extern struct group_info init_groups;
10421 INIT_TRACE_IRQFLAGS \
10424 + .vx_info = NULL, \
10426 + .nx_info = NULL, \
10430 diff -NurpP --minimal linux-2.6.25.11/include/linux/interrupt.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/interrupt.h
10431 --- linux-2.6.25.11/include/linux/interrupt.h 2008-04-17 12:05:44.000000000 -0400
10432 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/interrupt.h 2008-04-19 15:14:52.000000000 -0400
10434 #include <linux/preempt.h>
10435 #include <linux/cpumask.h>
10436 #include <linux/irqreturn.h>
10437 -#include <linux/hardirq.h>
10438 #include <linux/sched.h>
10439 +#include <linux/hardirq.h>
10440 #include <linux/irqflags.h>
10441 #include <asm/atomic.h>
10442 #include <asm/ptrace.h>
10443 diff -NurpP --minimal linux-2.6.25.11/include/linux/ipc.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/ipc.h
10444 --- linux-2.6.25.11/include/linux/ipc.h 2008-04-17 12:05:44.000000000 -0400
10445 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/ipc.h 2008-04-19 15:14:52.000000000 -0400
10446 @@ -93,6 +93,7 @@ struct kern_ipc_perm
10454 diff -NurpP --minimal linux-2.6.25.11/include/linux/Kbuild linux-2.6.25.11-vs2.3.0.34.14/include/linux/Kbuild
10455 --- linux-2.6.25.11/include/linux/Kbuild 2008-04-17 12:05:44.000000000 -0400
10456 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/Kbuild 2008-04-19 15:14:52.000000000 -0400
10457 @@ -354,3 +354,6 @@ unifdef-y += xattr.h
10458 unifdef-y += xfrm.h
10460 objhdr-y += version.h
10462 +header-y += vserver/
10464 diff -NurpP --minimal linux-2.6.25.11/include/linux/loop.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/loop.h
10465 --- linux-2.6.25.11/include/linux/loop.h 2008-04-17 12:05:44.000000000 -0400
10466 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/loop.h 2008-04-19 15:14:52.000000000 -0400
10467 @@ -45,6 +45,7 @@ struct loop_device {
10468 struct loop_func_table *lo_encryption;
10470 uid_t lo_key_owner; /* Who set the key */
10472 int (*ioctl)(struct loop_device *, int cmd,
10473 unsigned long arg);
10475 diff -NurpP --minimal linux-2.6.25.11/include/linux/magic.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/magic.h
10476 --- linux-2.6.25.11/include/linux/magic.h 2008-04-17 11:31:39.000000000 -0400
10477 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/magic.h 2008-04-19 15:14:52.000000000 -0400
10480 #define ADFS_SUPER_MAGIC 0xadf5
10481 #define AFFS_SUPER_MAGIC 0xadff
10482 -#define AFS_SUPER_MAGIC 0x5346414F
10483 +#define AFS_SUPER_MAGIC 0x5346414F
10484 #define AUTOFS_SUPER_MAGIC 0x0187
10485 #define CODA_SUPER_MAGIC 0x73757245
10486 #define EFS_SUPER_MAGIC 0x414A53
10488 #define NFS_SUPER_MAGIC 0x6969
10489 #define OPENPROM_SUPER_MAGIC 0x9fa1
10490 #define PROC_SUPER_MAGIC 0x9fa0
10491 +#define DEVPTS_SUPER_MAGIC 0x1cd1
10492 #define QNX4_SUPER_MAGIC 0x002f /* qnx4 fs detection */
10494 #define REISERFS_SUPER_MAGIC 0x52654973 /* used by gcc */
10495 diff -NurpP --minimal linux-2.6.25.11/include/linux/major.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/major.h
10496 --- linux-2.6.25.11/include/linux/major.h 2008-04-17 10:37:24.000000000 -0400
10497 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/major.h 2008-04-19 15:14:52.000000000 -0400
10499 #define HD_MAJOR IDE0_MAJOR
10500 #define PTY_SLAVE_MAJOR 3
10501 #define TTY_MAJOR 4
10502 +#define VROOT_MAJOR 4
10503 #define TTYAUX_MAJOR 5
10505 #define VCS_MAJOR 7
10506 diff -NurpP --minimal linux-2.6.25.11/include/linux/mm_types.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/mm_types.h
10507 --- linux-2.6.25.11/include/linux/mm_types.h 2008-04-17 12:05:44.000000000 -0400
10508 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/mm_types.h 2008-04-19 15:14:52.000000000 -0400
10509 @@ -201,6 +201,7 @@ struct mm_struct {
10511 /* Architecture-specific MM context */
10512 mm_context_t context;
10513 + struct vx_info *mm_vx_info;
10515 /* Swap token stuff */
10517 diff -NurpP --minimal linux-2.6.25.11/include/linux/mount.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/mount.h
10518 --- linux-2.6.25.11/include/linux/mount.h 2008-04-17 12:05:44.000000000 -0400
10519 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/mount.h 2008-04-19 15:45:19.000000000 -0400
10520 @@ -28,6 +28,9 @@ struct mnt_namespace;
10521 #define MNT_NOATIME 0x08
10522 #define MNT_NODIRATIME 0x10
10523 #define MNT_RELATIME 0x20
10524 +#define MNT_RDONLY 0x40
10526 +#define MNT_IS_RDONLY(m) ((m) && ((m)->mnt_flags & MNT_RDONLY))
10528 #define MNT_SHRINKABLE 0x100
10530 @@ -35,6 +38,10 @@ struct mnt_namespace;
10531 #define MNT_UNBINDABLE 0x2000 /* if the vfsmount is a unbindable mount */
10532 #define MNT_PNODE_MASK 0x3000 /* propagation flag mask */
10534 +#define MNT_TAGID 0x10000
10535 +#define MNT_NOTAG 0x20000
10536 +#define MNT_NOTAGCHECK 0x40000
10539 struct list_head mnt_hash;
10540 struct vfsmount *mnt_parent; /* fs we are mounted on */
10541 @@ -62,6 +69,7 @@ struct vfsmount {
10542 int mnt_expiry_mark; /* true if marked for expiry */
10545 + tag_t mnt_tag; /* tagging used for vfsmount */
10548 static inline struct vfsmount *mntget(struct vfsmount *mnt)
10549 diff -NurpP --minimal linux-2.6.25.11/include/linux/net.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/net.h
10550 --- linux-2.6.25.11/include/linux/net.h 2008-04-17 12:05:44.000000000 -0400
10551 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/net.h 2008-04-19 15:14:52.000000000 -0400
10552 @@ -65,6 +65,7 @@ typedef enum {
10553 #define SOCK_NOSPACE 2
10554 #define SOCK_PASSCRED 3
10555 #define SOCK_PASSSEC 4
10556 +#define SOCK_USER_SOCKET 5
10558 #ifndef ARCH_HAS_SOCKET_TYPES
10560 diff -NurpP --minimal linux-2.6.25.11/include/linux/nfs_mount.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/nfs_mount.h
10561 --- linux-2.6.25.11/include/linux/nfs_mount.h 2008-04-17 12:05:44.000000000 -0400
10562 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/nfs_mount.h 2008-04-19 15:14:52.000000000 -0400
10563 @@ -63,6 +63,7 @@ struct nfs_mount_data {
10564 #define NFS_MOUNT_SECFLAVOUR 0x2000 /* 5 */
10565 #define NFS_MOUNT_NORDIRPLUS 0x4000 /* 5 */
10566 #define NFS_MOUNT_UNSHARED 0x8000 /* 5 */
10567 -#define NFS_MOUNT_FLAGMASK 0xFFFF
10568 +#define NFS_MOUNT_TAGGED 0x10000 /* context tagging */
10569 +#define NFS_MOUNT_FLAGMASK 0x1FFFF
10572 diff -NurpP --minimal linux-2.6.25.11/include/linux/nsproxy.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/nsproxy.h
10573 --- linux-2.6.25.11/include/linux/nsproxy.h 2008-04-17 11:31:39.000000000 -0400
10574 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/nsproxy.h 2008-04-19 15:14:52.000000000 -0400
10577 #include <linux/spinlock.h>
10578 #include <linux/sched.h>
10579 +#include <linux/vserver/debug.h>
10581 struct mnt_namespace;
10582 struct uts_namespace;
10583 @@ -63,22 +64,33 @@ static inline struct nsproxy *task_nspro
10586 int copy_namespaces(unsigned long flags, struct task_struct *tsk);
10587 +struct nsproxy *copy_nsproxy(struct nsproxy *orig);
10588 void exit_task_namespaces(struct task_struct *tsk);
10589 void switch_task_namespaces(struct task_struct *tsk, struct nsproxy *new);
10590 void free_nsproxy(struct nsproxy *ns);
10591 int unshare_nsproxy_namespaces(unsigned long, struct nsproxy **,
10592 struct fs_struct *);
10594 -static inline void put_nsproxy(struct nsproxy *ns)
10595 +#define get_nsproxy(n) __get_nsproxy(n, __FILE__, __LINE__)
10597 +static inline void __get_nsproxy(struct nsproxy *ns,
10598 + const char *_file, int _line)
10600 - if (atomic_dec_and_test(&ns->count)) {
10601 - free_nsproxy(ns);
10603 + vxlprintk(VXD_CBIT(space, 0), "get_nsproxy(%p[%u])",
10604 + ns, atomic_read(&ns->count), _file, _line);
10605 + atomic_inc(&ns->count);
10608 -static inline void get_nsproxy(struct nsproxy *ns)
10609 +#define put_nsproxy(n) __put_nsproxy(n, __FILE__, __LINE__)
10611 +static inline void __put_nsproxy(struct nsproxy *ns,
10612 + const char *_file, int _line)
10614 - atomic_inc(&ns->count);
10615 + vxlprintk(VXD_CBIT(space, 0), "put_nsproxy(%p[%u])",
10616 + ns, atomic_read(&ns->count), _file, _line);
10617 + if (atomic_dec_and_test(&ns->count)) {
10618 + free_nsproxy(ns);
10622 #ifdef CONFIG_CGROUP_NS
10623 diff -NurpP --minimal linux-2.6.25.11/include/linux/pid.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/pid.h
10624 --- linux-2.6.25.11/include/linux/pid.h 2008-04-17 12:05:44.000000000 -0400
10625 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/pid.h 2008-04-29 17:56:00.000000000 -0400
10626 @@ -8,7 +8,8 @@ enum pid_type
10636 @@ -142,6 +143,7 @@ static inline pid_t pid_nr(struct pid *p
10639 pid_t pid_nr_ns(struct pid *pid, struct pid_namespace *ns);
10640 +pid_t pid_unmapped_nr_ns(struct pid *pid, struct pid_namespace *ns);
10641 pid_t pid_vnr(struct pid *pid);
10643 #define do_each_pid_task(pid, type, task) \
10644 diff -NurpP --minimal linux-2.6.25.11/include/linux/proc_fs.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/proc_fs.h
10645 --- linux-2.6.25.11/include/linux/proc_fs.h 2008-04-17 12:05:44.000000000 -0400
10646 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/proc_fs.h 2008-04-19 15:44:54.000000000 -0400
10647 @@ -59,6 +59,7 @@ struct proc_dir_entry {
10653 const struct inode_operations *proc_iops;
10655 @@ -265,16 +266,23 @@ static inline void kclist_add(struct kco
10656 extern void kclist_add(struct kcore_list *, void *, size_t);
10663 int (*proc_get_link)(struct inode *, struct path *);
10664 int (*proc_read)(struct task_struct *task, char *page);
10665 int (*proc_show)(struct seq_file *m,
10666 struct pid_namespace *ns, struct pid *pid,
10667 struct task_struct *task);
10668 + int (*proc_vs_read)(char *page);
10669 + int (*proc_vxi_read)(struct vx_info *vxi, char *page);
10670 + int (*proc_nxi_read)(struct nx_info *nxi, char *page);
10673 struct proc_inode {
10678 struct proc_dir_entry *pde;
10679 diff -NurpP --minimal linux-2.6.25.11/include/linux/reiserfs_fs.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/reiserfs_fs.h
10680 --- linux-2.6.25.11/include/linux/reiserfs_fs.h 2008-07-15 22:05:17.000000000 -0400
10681 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/reiserfs_fs.h 2008-07-08 14:14:46.000000000 -0400
10682 @@ -837,6 +837,11 @@ struct stat_data_v1 {
10683 #define REISERFS_COMPR_FL FS_COMPR_FL
10684 #define REISERFS_NOTAIL_FL FS_NOTAIL_FL
10686 +/* unfortunately reiserfs sdattr is only 16 bit */
10687 +#define REISERFS_IXUNLINK_FL (FS_IXUNLINK_FL >> 16)
10688 +#define REISERFS_BARRIER_FL (FS_BARRIER_FL >> 16)
10689 +#define REISERFS_COW_FL (FS_COW_FL >> 16)
10691 /* persistent flags that file inherits from the parent directory */
10692 #define REISERFS_INHERIT_MASK ( REISERFS_IMMUTABLE_FL | \
10693 REISERFS_SYNC_FL | \
10694 @@ -846,6 +851,9 @@ struct stat_data_v1 {
10695 REISERFS_COMPR_FL | \
10696 REISERFS_NOTAIL_FL )
10698 +#define REISERFS_FL_USER_VISIBLE 0x80FF
10699 +#define REISERFS_FL_USER_MODIFIABLE 0x80FF
10701 /* Stat Data on disk (reiserfs version of UFS disk inode minus the
10704 @@ -1911,6 +1919,7 @@ static inline void reiserfs_update_sd(st
10705 void sd_attrs_to_i_attrs(__u16 sd_attrs, struct inode *inode);
10706 void i_attrs_to_sd_attrs(struct inode *inode, __u16 * sd_attrs);
10707 int reiserfs_setattr(struct dentry *dentry, struct iattr *attr);
10708 +int reiserfs_sync_flags(struct inode *inode);
10711 void set_de_name_and_namelen(struct reiserfs_dir_entry *de);
10712 diff -NurpP --minimal linux-2.6.25.11/include/linux/reiserfs_fs_sb.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/reiserfs_fs_sb.h
10713 --- linux-2.6.25.11/include/linux/reiserfs_fs_sb.h 2008-04-17 12:05:44.000000000 -0400
10714 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/reiserfs_fs_sb.h 2008-04-19 15:14:52.000000000 -0400
10715 @@ -456,6 +456,7 @@ enum reiserfs_mount_options {
10717 REISERFS_BARRIER_NONE,
10718 REISERFS_BARRIER_FLUSH,
10721 /* Actions on error */
10722 REISERFS_ERROR_PANIC,
10723 diff -NurpP --minimal linux-2.6.25.11/include/linux/sched.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/sched.h
10724 --- linux-2.6.25.11/include/linux/sched.h 2008-04-17 12:05:44.000000000 -0400
10725 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/sched.h 2008-04-21 11:09:01.000000000 -0400
10726 @@ -73,7 +73,6 @@ struct sched_param {
10727 #include <linux/fs_struct.h>
10728 #include <linux/compiler.h>
10729 #include <linux/completion.h>
10730 -#include <linux/pid.h>
10731 #include <linux/percpu.h>
10732 #include <linux/topology.h>
10733 #include <linux/proportions.h>
10734 @@ -89,6 +88,7 @@ struct sched_param {
10735 #include <linux/task_io_accounting.h>
10736 #include <linux/kobject.h>
10737 #include <linux/latencytop.h>
10738 +#include <linux/pid.h>
10740 #include <asm/processor.h>
10742 @@ -355,25 +355,27 @@ extern void arch_unmap_area_topdown(stru
10743 * The mm counters are not protected by its page_table_lock,
10744 * so must be incremented atomically.
10746 -#define set_mm_counter(mm, member, value) atomic_long_set(&(mm)->_##member, value)
10747 -#define get_mm_counter(mm, member) ((unsigned long)atomic_long_read(&(mm)->_##member))
10748 -#define add_mm_counter(mm, member, value) atomic_long_add(value, &(mm)->_##member)
10749 -#define inc_mm_counter(mm, member) atomic_long_inc(&(mm)->_##member)
10750 -#define dec_mm_counter(mm, member) atomic_long_dec(&(mm)->_##member)
10752 +#define __set_mm_counter(mm, member, value) \
10753 + atomic_long_set(&(mm)->_##member, value)
10754 +#define get_mm_counter(mm, member) \
10755 + ((unsigned long)atomic_long_read(&(mm)->_##member))
10756 #else /* NR_CPUS < CONFIG_SPLIT_PTLOCK_CPUS */
10758 * The mm counters are protected by its page_table_lock,
10759 * so can be incremented directly.
10761 -#define set_mm_counter(mm, member, value) (mm)->_##member = (value)
10762 +#define __set_mm_counter(mm, member, value) (mm)->_##member = (value)
10763 #define get_mm_counter(mm, member) ((mm)->_##member)
10764 -#define add_mm_counter(mm, member, value) (mm)->_##member += (value)
10765 -#define inc_mm_counter(mm, member) (mm)->_##member++
10766 -#define dec_mm_counter(mm, member) (mm)->_##member--
10768 #endif /* NR_CPUS < CONFIG_SPLIT_PTLOCK_CPUS */
10770 +#define set_mm_counter(mm, member, value) \
10771 + vx_ ## member ## pages_sub((mm), (get_mm_counter(mm, member) - value))
10772 +#define add_mm_counter(mm, member, value) \
10773 + vx_ ## member ## pages_add((mm), (value))
10774 +#define inc_mm_counter(mm, member) vx_ ## member ## pages_inc((mm))
10775 +#define dec_mm_counter(mm, member) vx_ ## member ## pages_dec((mm))
10777 #define get_mm_rss(mm) \
10778 (get_mm_counter(mm, file_rss) + get_mm_counter(mm, anon_rss))
10779 #define update_hiwater_rss(mm) do { \
10780 @@ -1162,6 +1164,14 @@ struct task_struct {
10784 +/* vserver context data */
10785 + struct vx_info *vx_info;
10786 + struct nx_info *nx_info;
10792 /* Thread group tracking */
10793 u32 parent_exec_id;
10795 @@ -1350,6 +1360,11 @@ struct pid_namespace;
10796 * see also pid_nr() etc in include/linux/pid.h
10799 +#include <linux/vserver/base.h>
10800 +#include <linux/vserver/context.h>
10801 +#include <linux/vserver/debug.h>
10802 +#include <linux/vserver/pid.h>
10804 static inline pid_t task_pid_nr(struct task_struct *tsk)
10807 @@ -1359,7 +1374,7 @@ pid_t task_pid_nr_ns(struct task_struct
10809 static inline pid_t task_pid_vnr(struct task_struct *tsk)
10811 - return pid_vnr(task_pid(tsk));
10812 + return vx_map_pid(pid_vnr(task_pid(tsk)));
10816 @@ -1372,7 +1387,7 @@ pid_t task_tgid_nr_ns(struct task_struct
10818 static inline pid_t task_tgid_vnr(struct task_struct *tsk)
10820 - return pid_vnr(task_tgid(tsk));
10821 + return vx_map_tgid(pid_vnr(task_tgid(tsk)));
10825 diff -NurpP --minimal linux-2.6.25.11/include/linux/shmem_fs.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/shmem_fs.h
10826 --- linux-2.6.25.11/include/linux/shmem_fs.h 2008-04-17 12:05:44.000000000 -0400
10827 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/shmem_fs.h 2008-04-19 15:14:52.000000000 -0400
10830 #define SHMEM_NR_DIRECT 16
10832 +#define TMPFS_SUPER_MAGIC 0x01021994
10835 struct shmem_inode_info {
10837 unsigned long flags;
10838 diff -NurpP --minimal linux-2.6.25.11/include/linux/stat.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/stat.h
10839 --- linux-2.6.25.11/include/linux/stat.h 2008-04-17 10:33:07.000000000 -0400
10840 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/stat.h 2008-04-19 15:14:52.000000000 -0400
10841 @@ -66,6 +66,7 @@ struct kstat {
10842 unsigned int nlink;
10848 struct timespec atime;
10849 diff -NurpP --minimal linux-2.6.25.11/include/linux/sunrpc/auth.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/sunrpc/auth.h
10850 --- linux-2.6.25.11/include/linux/sunrpc/auth.h 2008-04-17 10:37:24.000000000 -0400
10851 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/sunrpc/auth.h 2008-04-19 15:14:52.000000000 -0400
10857 struct group_info *group_info;
10860 diff -NurpP --minimal linux-2.6.25.11/include/linux/sunrpc/clnt.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/sunrpc/clnt.h
10861 --- linux-2.6.25.11/include/linux/sunrpc/clnt.h 2008-04-17 12:05:44.000000000 -0400
10862 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/sunrpc/clnt.h 2008-04-19 15:14:52.000000000 -0400
10863 @@ -42,7 +42,8 @@ struct rpc_clnt {
10865 unsigned int cl_softrtry : 1,/* soft timeouts */
10866 cl_discrtry : 1,/* disconnect before retry */
10867 - cl_autobind : 1;/* use getport() */
10868 + cl_autobind : 1,/* use getport() */
10869 + cl_tag : 1;/* context tagging */
10871 struct rpc_rtt * cl_rtt; /* RTO estimator data */
10872 const struct rpc_timeout *cl_timeout; /* Timeout strategy */
10873 diff -NurpP --minimal linux-2.6.25.11/include/linux/syscalls.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/syscalls.h
10874 --- linux-2.6.25.11/include/linux/syscalls.h 2008-04-17 12:05:44.000000000 -0400
10875 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/syscalls.h 2008-04-19 15:14:52.000000000 -0400
10876 @@ -294,6 +294,8 @@ asmlinkage long sys_symlink(const char _
10877 asmlinkage long sys_unlink(const char __user *pathname);
10878 asmlinkage long sys_rename(const char __user *oldname,
10879 const char __user *newname);
10880 +asmlinkage long sys_copyfile(const char __user *from, const char __user *to,
10882 asmlinkage long sys_chmod(const char __user *filename, mode_t mode);
10883 asmlinkage long sys_fchmod(unsigned int fd, mode_t mode);
10885 diff -NurpP --minimal linux-2.6.25.11/include/linux/sysctl.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/sysctl.h
10886 --- linux-2.6.25.11/include/linux/sysctl.h 2008-04-17 12:05:44.000000000 -0400
10887 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/sysctl.h 2008-04-19 15:14:52.000000000 -0400
10888 @@ -70,6 +70,7 @@ enum
10889 CTL_ABI=9, /* Binary emulation */
10890 CTL_CPU=10, /* CPU stuff (speed scaling, etc) */
10891 CTL_ARLAN=254, /* arlan wireless driver */
10892 + CTL_VSERVER=4242, /* Linux-VServer debug */
10893 CTL_S390DBF=5677, /* s390 debug */
10894 CTL_SUNRPC=7249, /* sunrpc debug */
10895 CTL_PM=9899, /* frv power management */
10896 @@ -104,6 +105,7 @@ enum
10898 KERN_PANIC=15, /* int: panic timeout */
10899 KERN_REALROOTDEV=16, /* real root device to mount after initrd */
10900 + KERN_VSHELPER=17, /* string: path to vshelper policy agent */
10902 KERN_SPARC_REBOOT=21, /* reboot command on Sparc */
10903 KERN_CTLALTDEL=22, /* int: allow ctl-alt-del to reboot */
10904 diff -NurpP --minimal linux-2.6.25.11/include/linux/sysfs.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/sysfs.h
10905 --- linux-2.6.25.11/include/linux/sysfs.h 2008-04-17 12:05:44.000000000 -0400
10906 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/sysfs.h 2008-04-19 15:14:52.000000000 -0400
10908 #include <linux/list.h>
10909 #include <asm/atomic.h>
10911 +#define SYSFS_SUPER_MAGIC 0x62656572
10916 diff -NurpP --minimal linux-2.6.25.11/include/linux/time.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/time.h
10917 --- linux-2.6.25.11/include/linux/time.h 2008-04-17 12:05:44.000000000 -0400
10918 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/time.h 2008-04-19 15:14:52.000000000 -0400
10919 @@ -183,6 +183,9 @@ static inline void timespec_add_ns(struc
10924 +#include <linux/vs_time.h>
10926 #endif /* __KERNEL__ */
10928 #define NFDBITS __NFDBITS
10929 diff -NurpP --minimal linux-2.6.25.11/include/linux/types.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/types.h
10930 --- linux-2.6.25.11/include/linux/types.h 2008-07-15 22:05:17.000000000 -0400
10931 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/types.h 2008-06-10 20:00:46.000000000 -0400
10932 @@ -36,6 +36,9 @@ typedef __kernel_uid32_t uid_t;
10933 typedef __kernel_gid32_t gid_t;
10934 typedef __kernel_uid16_t uid16_t;
10935 typedef __kernel_gid16_t gid16_t;
10936 +typedef unsigned int xid_t;
10937 +typedef unsigned int nid_t;
10938 +typedef unsigned int tag_t;
10940 typedef unsigned long uintptr_t;
10942 diff -NurpP --minimal linux-2.6.25.11/include/linux/vroot.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vroot.h
10943 --- linux-2.6.25.11/include/linux/vroot.h 1969-12-31 19:00:00.000000000 -0500
10944 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vroot.h 2008-04-19 15:14:52.000000000 -0400
10948 + * include/linux/vroot.h
10950 + * written by Herbert Pötzl, 9/11/2002
10951 + * ported to 2.6 by Herbert Pötzl, 30/12/2004
10953 + * Copyright (C) 2002-2007 by Herbert Pötzl.
10954 + * Redistribution of this file is permitted under the
10955 + * GNU General Public License.
10958 +#ifndef _LINUX_VROOT_H
10959 +#define _LINUX_VROOT_H
10964 +/* Possible states of device */
10970 +struct vroot_device {
10974 + struct semaphore vr_ctl_mutex;
10975 + struct block_device *vr_device;
10980 +typedef struct block_device *(vroot_grb_func)(struct block_device *);
10982 +extern int register_vroot_grb(vroot_grb_func *);
10983 +extern int unregister_vroot_grb(vroot_grb_func *);
10985 +#endif /* __KERNEL__ */
10987 +#define MAX_VROOT_DEFAULT 8
10990 + * IOCTL commands --- we will commandeer 0x56 ('V')
10993 +#define VROOT_SET_DEV 0x5600
10994 +#define VROOT_CLR_DEV 0x5601
10996 +#endif /* _LINUX_VROOT_H */
10997 diff -NurpP --minimal linux-2.6.25.11/include/linux/vs_base.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_base.h
10998 --- linux-2.6.25.11/include/linux/vs_base.h 1969-12-31 19:00:00.000000000 -0500
10999 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_base.h 2008-04-19 15:14:52.000000000 -0400
11001 +#ifndef _VS_BASE_H
11002 +#define _VS_BASE_H
11004 +#include "vserver/base.h"
11005 +#include "vserver/check.h"
11006 +#include "vserver/debug.h"
11009 +#warning duplicate inclusion
11011 diff -NurpP --minimal linux-2.6.25.11/include/linux/vs_context.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_context.h
11012 --- linux-2.6.25.11/include/linux/vs_context.h 1969-12-31 19:00:00.000000000 -0500
11013 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_context.h 2008-04-29 18:42:09.000000000 -0400
11015 +#ifndef _VS_CONTEXT_H
11016 +#define _VS_CONTEXT_H
11018 +#include "vserver/base.h"
11019 +#include "vserver/check.h"
11020 +#include "vserver/context.h"
11021 +#include "vserver/history.h"
11022 +#include "vserver/debug.h"
11024 +#include <linux/sched.h>
11027 +#define get_vx_info(i) __get_vx_info(i, __FILE__, __LINE__, __HERE__)
11029 +static inline struct vx_info *__get_vx_info(struct vx_info *vxi,
11030 + const char *_file, int _line, void *_here)
11035 + vxlprintk(VXD_CBIT(xid, 2), "get_vx_info(%p[#%d.%d])",
11036 + vxi, vxi ? vxi->vx_id : 0,
11037 + vxi ? atomic_read(&vxi->vx_usecnt) : 0,
11039 + __vxh_get_vx_info(vxi, _here);
11041 + atomic_inc(&vxi->vx_usecnt);
11046 +extern void free_vx_info(struct vx_info *);
11048 +#define put_vx_info(i) __put_vx_info(i, __FILE__, __LINE__, __HERE__)
11050 +static inline void __put_vx_info(struct vx_info *vxi,
11051 + const char *_file, int _line, void *_here)
11056 + vxlprintk(VXD_CBIT(xid, 2), "put_vx_info(%p[#%d.%d])",
11057 + vxi, vxi ? vxi->vx_id : 0,
11058 + vxi ? atomic_read(&vxi->vx_usecnt) : 0,
11060 + __vxh_put_vx_info(vxi, _here);
11062 + if (atomic_dec_and_test(&vxi->vx_usecnt))
11063 + free_vx_info(vxi);
11067 +#define init_vx_info(p, i) \
11068 + __init_vx_info(p, i, __FILE__, __LINE__, __HERE__)
11070 +static inline void __init_vx_info(struct vx_info **vxp, struct vx_info *vxi,
11071 + const char *_file, int _line, void *_here)
11074 + vxlprintk(VXD_CBIT(xid, 3),
11075 + "init_vx_info(%p[#%d.%d])",
11076 + vxi, vxi ? vxi->vx_id : 0,
11077 + vxi ? atomic_read(&vxi->vx_usecnt) : 0,
11079 + __vxh_init_vx_info(vxi, vxp, _here);
11081 + atomic_inc(&vxi->vx_usecnt);
11087 +#define set_vx_info(p, i) \
11088 + __set_vx_info(p, i, __FILE__, __LINE__, __HERE__)
11090 +static inline void __set_vx_info(struct vx_info **vxp, struct vx_info *vxi,
11091 + const char *_file, int _line, void *_here)
11093 + struct vx_info *vxo;
11098 + vxlprintk(VXD_CBIT(xid, 3), "set_vx_info(%p[#%d.%d])",
11099 + vxi, vxi ? vxi->vx_id : 0,
11100 + vxi ? atomic_read(&vxi->vx_usecnt) : 0,
11102 + __vxh_set_vx_info(vxi, vxp, _here);
11104 + atomic_inc(&vxi->vx_usecnt);
11105 + vxo = xchg(vxp, vxi);
11110 +#define clr_vx_info(p) __clr_vx_info(p, __FILE__, __LINE__, __HERE__)
11112 +static inline void __clr_vx_info(struct vx_info **vxp,
11113 + const char *_file, int _line, void *_here)
11115 + struct vx_info *vxo;
11117 + vxo = xchg(vxp, NULL);
11121 + vxlprintk(VXD_CBIT(xid, 3), "clr_vx_info(%p[#%d.%d])",
11122 + vxo, vxo ? vxo->vx_id : 0,
11123 + vxo ? atomic_read(&vxo->vx_usecnt) : 0,
11125 + __vxh_clr_vx_info(vxo, vxp, _here);
11127 + if (atomic_dec_and_test(&vxo->vx_usecnt))
11128 + free_vx_info(vxo);
11132 +#define claim_vx_info(v, p) \
11133 + __claim_vx_info(v, p, __FILE__, __LINE__, __HERE__)
11135 +static inline void __claim_vx_info(struct vx_info *vxi,
11136 + struct task_struct *task,
11137 + const char *_file, int _line, void *_here)
11139 + vxlprintk(VXD_CBIT(xid, 3), "claim_vx_info(%p[#%d.%d.%d]) %p",
11140 + vxi, vxi ? vxi->vx_id : 0,
11141 + vxi ? atomic_read(&vxi->vx_usecnt) : 0,
11142 + vxi ? atomic_read(&vxi->vx_tasks) : 0,
11143 + task, _file, _line);
11144 + __vxh_claim_vx_info(vxi, task, _here);
11146 + atomic_inc(&vxi->vx_tasks);
11150 +extern void unhash_vx_info(struct vx_info *);
11152 +#define release_vx_info(v, p) \
11153 + __release_vx_info(v, p, __FILE__, __LINE__, __HERE__)
11155 +static inline void __release_vx_info(struct vx_info *vxi,
11156 + struct task_struct *task,
11157 + const char *_file, int _line, void *_here)
11159 + vxlprintk(VXD_CBIT(xid, 3), "release_vx_info(%p[#%d.%d.%d]) %p",
11160 + vxi, vxi ? vxi->vx_id : 0,
11161 + vxi ? atomic_read(&vxi->vx_usecnt) : 0,
11162 + vxi ? atomic_read(&vxi->vx_tasks) : 0,
11163 + task, _file, _line);
11164 + __vxh_release_vx_info(vxi, task, _here);
11168 + if (atomic_dec_and_test(&vxi->vx_tasks))
11169 + unhash_vx_info(vxi);
11173 +#define task_get_vx_info(p) \
11174 + __task_get_vx_info(p, __FILE__, __LINE__, __HERE__)
11176 +static inline struct vx_info *__task_get_vx_info(struct task_struct *p,
11177 + const char *_file, int _line, void *_here)
11179 + struct vx_info *vxi;
11182 + vxlprintk(VXD_CBIT(xid, 5), "task_get_vx_info(%p)",
11183 + p, _file, _line);
11184 + vxi = __get_vx_info(p->vx_info, _file, _line, _here);
11190 +static inline void __wakeup_vx_info(struct vx_info *vxi)
11192 + if (waitqueue_active(&vxi->vx_wait))
11193 + wake_up_interruptible(&vxi->vx_wait);
11197 +#define enter_vx_info(v, s) __enter_vx_info(v, s, __FILE__, __LINE__)
11199 +static inline void __enter_vx_info(struct vx_info *vxi,
11200 + struct vx_info_save *vxis, const char *_file, int _line)
11202 + vxlprintk(VXD_CBIT(xid, 5), "enter_vx_info(%p[#%d],%p) %p[#%d,%p]",
11203 + vxi, vxi ? vxi->vx_id : 0, vxis, current,
11204 + current->xid, current->vx_info, _file, _line);
11205 + vxis->vxi = xchg(¤t->vx_info, vxi);
11206 + vxis->xid = current->xid;
11207 + current->xid = vxi ? vxi->vx_id : 0;
11210 +#define leave_vx_info(s) __leave_vx_info(s, __FILE__, __LINE__)
11212 +static inline void __leave_vx_info(struct vx_info_save *vxis,
11213 + const char *_file, int _line)
11215 + vxlprintk(VXD_CBIT(xid, 5), "leave_vx_info(%p[#%d,%p]) %p[#%d,%p]",
11216 + vxis, vxis->xid, vxis->vxi, current,
11217 + current->xid, current->vx_info, _file, _line);
11218 + (void)xchg(¤t->vx_info, vxis->vxi);
11219 + current->xid = vxis->xid;
11223 +static inline void __enter_vx_admin(struct vx_info_save *vxis)
11225 + vxis->vxi = xchg(¤t->vx_info, NULL);
11226 + vxis->xid = xchg(¤t->xid, (xid_t)0);
11229 +static inline void __leave_vx_admin(struct vx_info_save *vxis)
11231 + (void)xchg(¤t->xid, vxis->xid);
11232 + (void)xchg(¤t->vx_info, vxis->vxi);
11235 +extern void exit_vx_info(struct task_struct *, int);
11236 +extern void exit_vx_info_early(struct task_struct *, int);
11240 +#warning duplicate inclusion
11242 diff -NurpP --minimal linux-2.6.25.11/include/linux/vs_cowbl.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_cowbl.h
11243 --- linux-2.6.25.11/include/linux/vs_cowbl.h 1969-12-31 19:00:00.000000000 -0500
11244 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_cowbl.h 2008-07-08 04:31:24.000000000 -0400
11246 +#ifndef _VS_COWBL_H
11247 +#define _VS_COWBL_H
11249 +#include <linux/fs.h>
11250 +#include <linux/dcache.h>
11251 +#include <linux/namei.h>
11253 +extern struct dentry *cow_break_link(const char *pathname);
11255 +static inline int cow_check_and_break(struct nameidata *nd)
11257 + struct inode *inode = nd->path.dentry->d_inode;
11259 + if (IS_RDONLY(inode) || MNT_IS_RDONLY(nd->path.mnt))
11261 + if (IS_COW(inode)) {
11262 + if (IS_COW_LINK(inode)) {
11263 + struct dentry *new_dentry, *old_dentry = nd->path.dentry;
11264 + char *path, *buf;
11266 + buf = kmalloc(PATH_MAX, GFP_KERNEL);
11270 + path = d_path(&nd->path, buf, PATH_MAX);
11271 + new_dentry = cow_break_link(path);
11273 + if (!IS_ERR(new_dentry)) {
11274 + nd->path.dentry = new_dentry;
11275 + dput(old_dentry);
11277 + error = PTR_ERR(new_dentry);
11279 + inode->i_flags &= ~(S_IXUNLINK | S_IMMUTABLE);
11280 + inode->i_ctime = CURRENT_TIME;
11281 + mark_inode_dirty(inode);
11288 +#warning duplicate inclusion
11290 diff -NurpP --minimal linux-2.6.25.11/include/linux/vs_cvirt.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_cvirt.h
11291 --- linux-2.6.25.11/include/linux/vs_cvirt.h 1969-12-31 19:00:00.000000000 -0500
11292 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_cvirt.h 2008-04-19 15:14:52.000000000 -0400
11294 +#ifndef _VS_CVIRT_H
11295 +#define _VS_CVIRT_H
11297 +#include "vserver/cvirt.h"
11298 +#include "vserver/context.h"
11299 +#include "vserver/base.h"
11300 +#include "vserver/check.h"
11301 +#include "vserver/debug.h"
11304 +static inline void vx_activate_task(struct task_struct *p)
11306 + struct vx_info *vxi;
11308 + if ((vxi = p->vx_info)) {
11309 + vx_update_load(vxi);
11310 + atomic_inc(&vxi->cvirt.nr_running);
11314 +static inline void vx_deactivate_task(struct task_struct *p)
11316 + struct vx_info *vxi;
11318 + if ((vxi = p->vx_info)) {
11319 + vx_update_load(vxi);
11320 + atomic_dec(&vxi->cvirt.nr_running);
11324 +static inline void vx_uninterruptible_inc(struct task_struct *p)
11326 + struct vx_info *vxi;
11328 + if ((vxi = p->vx_info))
11329 + atomic_inc(&vxi->cvirt.nr_uninterruptible);
11332 +static inline void vx_uninterruptible_dec(struct task_struct *p)
11334 + struct vx_info *vxi;
11336 + if ((vxi = p->vx_info))
11337 + atomic_dec(&vxi->cvirt.nr_uninterruptible);
11342 +#warning duplicate inclusion
11344 diff -NurpP --minimal linux-2.6.25.11/include/linux/vs_device.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_device.h
11345 --- linux-2.6.25.11/include/linux/vs_device.h 1969-12-31 19:00:00.000000000 -0500
11346 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_device.h 2008-04-19 15:14:52.000000000 -0400
11348 +#ifndef _VS_DEVICE_H
11349 +#define _VS_DEVICE_H
11351 +#include "vserver/base.h"
11352 +#include "vserver/device.h"
11353 +#include "vserver/debug.h"
11356 +#ifdef CONFIG_VSERVER_DEVICE
11358 +int vs_map_device(struct vx_info *, dev_t, dev_t *, umode_t);
11360 +#define vs_device_perm(v, d, m, p) \
11361 + ((vs_map_device(current_vx_info(), d, NULL, m) & (p)) == (p))
11366 +int vs_map_device(struct vx_info *vxi,
11367 + dev_t device, dev_t *target, umode_t mode)
11370 + *target = device;
11374 +#define vs_device_perm(v, d, m, p) ((p) == (p))
11379 +#define vs_map_chrdev(d, t, p) \
11380 + ((vs_map_device(current_vx_info(), d, t, S_IFCHR) & (p)) == (p))
11381 +#define vs_map_blkdev(d, t, p) \
11382 + ((vs_map_device(current_vx_info(), d, t, S_IFBLK) & (p)) == (p))
11384 +#define vs_chrdev_perm(d, p) \
11385 + vs_device_perm(current_vx_info(), d, S_IFCHR, p)
11386 +#define vs_blkdev_perm(d, p) \
11387 + vs_device_perm(current_vx_info(), d, S_IFBLK, p)
11391 +#warning duplicate inclusion
11393 diff -NurpP --minimal linux-2.6.25.11/include/linux/vs_dlimit.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_dlimit.h
11394 --- linux-2.6.25.11/include/linux/vs_dlimit.h 1969-12-31 19:00:00.000000000 -0500
11395 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_dlimit.h 2008-04-19 15:14:52.000000000 -0400
11397 +#ifndef _VS_DLIMIT_H
11398 +#define _VS_DLIMIT_H
11400 +#include <linux/fs.h>
11402 +#include "vserver/dlimit.h"
11403 +#include "vserver/base.h"
11404 +#include "vserver/debug.h"
11407 +#define get_dl_info(i) __get_dl_info(i, __FILE__, __LINE__)
11409 +static inline struct dl_info *__get_dl_info(struct dl_info *dli,
11410 + const char *_file, int _line)
11414 + vxlprintk(VXD_CBIT(dlim, 4), "get_dl_info(%p[#%d.%d])",
11415 + dli, dli ? dli->dl_tag : 0,
11416 + dli ? atomic_read(&dli->dl_usecnt) : 0,
11418 + atomic_inc(&dli->dl_usecnt);
11423 +#define free_dl_info(i) \
11424 + call_rcu(&(i)->dl_rcu, rcu_free_dl_info)
11426 +#define put_dl_info(i) __put_dl_info(i, __FILE__, __LINE__)
11428 +static inline void __put_dl_info(struct dl_info *dli,
11429 + const char *_file, int _line)
11433 + vxlprintk(VXD_CBIT(dlim, 4), "put_dl_info(%p[#%d.%d])",
11434 + dli, dli ? dli->dl_tag : 0,
11435 + dli ? atomic_read(&dli->dl_usecnt) : 0,
11437 + if (atomic_dec_and_test(&dli->dl_usecnt))
11438 + free_dl_info(dli);
11442 +#define __dlimit_char(d) ((d) ? '*' : ' ')
11444 +static inline int __dl_alloc_space(struct super_block *sb,
11445 + tag_t tag, dlsize_t nr, const char *file, int line)
11447 + struct dl_info *dli = NULL;
11452 + dli = locate_dl_info(sb, tag);
11456 + spin_lock(&dli->dl_lock);
11457 + ret = (dli->dl_space_used + nr > dli->dl_space_total);
11459 + dli->dl_space_used += nr;
11460 + spin_unlock(&dli->dl_lock);
11461 + put_dl_info(dli);
11463 + vxlprintk(VXD_CBIT(dlim, 1),
11464 + "ALLOC (%p,#%d)%c %lld bytes (%d)",
11465 + sb, tag, __dlimit_char(dli), (long long)nr,
11466 + ret, file, line);
11470 +static inline void __dl_free_space(struct super_block *sb,
11471 + tag_t tag, dlsize_t nr, const char *_file, int _line)
11473 + struct dl_info *dli = NULL;
11477 + dli = locate_dl_info(sb, tag);
11481 + spin_lock(&dli->dl_lock);
11482 + if (dli->dl_space_used > nr)
11483 + dli->dl_space_used -= nr;
11485 + dli->dl_space_used = 0;
11486 + spin_unlock(&dli->dl_lock);
11487 + put_dl_info(dli);
11489 + vxlprintk(VXD_CBIT(dlim, 1),
11490 + "FREE (%p,#%d)%c %lld bytes",
11491 + sb, tag, __dlimit_char(dli), (long long)nr,
11495 +static inline int __dl_alloc_inode(struct super_block *sb,
11496 + tag_t tag, const char *_file, int _line)
11498 + struct dl_info *dli;
11501 + dli = locate_dl_info(sb, tag);
11505 + spin_lock(&dli->dl_lock);
11506 + ret = (dli->dl_inodes_used >= dli->dl_inodes_total);
11508 + dli->dl_inodes_used++;
11509 + spin_unlock(&dli->dl_lock);
11510 + put_dl_info(dli);
11512 + vxlprintk(VXD_CBIT(dlim, 0),
11513 + "ALLOC (%p,#%d)%c inode (%d)",
11514 + sb, tag, __dlimit_char(dli), ret, _file, _line);
11518 +static inline void __dl_free_inode(struct super_block *sb,
11519 + tag_t tag, const char *_file, int _line)
11521 + struct dl_info *dli;
11523 + dli = locate_dl_info(sb, tag);
11527 + spin_lock(&dli->dl_lock);
11528 + if (dli->dl_inodes_used > 1)
11529 + dli->dl_inodes_used--;
11531 + dli->dl_inodes_used = 0;
11532 + spin_unlock(&dli->dl_lock);
11533 + put_dl_info(dli);
11535 + vxlprintk(VXD_CBIT(dlim, 0),
11536 + "FREE (%p,#%d)%c inode",
11537 + sb, tag, __dlimit_char(dli), _file, _line);
11540 +static inline void __dl_adjust_block(struct super_block *sb, tag_t tag,
11541 + unsigned long long *free_blocks, unsigned long long *root_blocks,
11542 + const char *_file, int _line)
11544 + struct dl_info *dli;
11545 + uint64_t broot, bfree;
11547 + dli = locate_dl_info(sb, tag);
11551 + spin_lock(&dli->dl_lock);
11552 + broot = (dli->dl_space_total -
11553 + (dli->dl_space_total >> 10) * dli->dl_nrlmult)
11554 + >> sb->s_blocksize_bits;
11555 + bfree = (dli->dl_space_total - dli->dl_space_used)
11556 + >> sb->s_blocksize_bits;
11557 + spin_unlock(&dli->dl_lock);
11559 + vxlprintk(VXD_CBIT(dlim, 2),
11560 + "ADJUST: %lld,%lld on %lld,%lld [mult=%d]",
11561 + (long long)bfree, (long long)broot,
11562 + *free_blocks, *root_blocks, dli->dl_nrlmult,
11564 + if (free_blocks) {
11565 + if (*free_blocks > bfree)
11566 + *free_blocks = bfree;
11568 + if (root_blocks) {
11569 + if (*root_blocks > broot)
11570 + *root_blocks = broot;
11572 + put_dl_info(dli);
11575 +#define DLIMIT_ALLOC_SPACE(in, bytes) \
11576 + __dl_alloc_space((in)->i_sb, (in)->i_tag, (dlsize_t)(bytes), \
11577 + __FILE__, __LINE__ )
11579 +#define DLIMIT_FREE_SPACE(in, bytes) \
11580 + __dl_free_space((in)->i_sb, (in)->i_tag, (dlsize_t)(bytes), \
11581 + __FILE__, __LINE__ )
11583 +#define DLIMIT_ALLOC_BLOCK(in, nr) \
11584 + __dl_alloc_space((in)->i_sb, (in)->i_tag, \
11585 + ((dlsize_t)(nr)) << (in)->i_sb->s_blocksize_bits, \
11586 + __FILE__, __LINE__ )
11588 +#define DLIMIT_FREE_BLOCK(in, nr) \
11589 + __dl_free_space((in)->i_sb, (in)->i_tag, \
11590 + ((dlsize_t)(nr)) << (in)->i_sb->s_blocksize_bits, \
11591 + __FILE__, __LINE__ )
11594 +#define DLIMIT_ALLOC_INODE(in) \
11595 + __dl_alloc_inode((in)->i_sb, (in)->i_tag, __FILE__, __LINE__ )
11597 +#define DLIMIT_FREE_INODE(in) \
11598 + __dl_free_inode((in)->i_sb, (in)->i_tag, __FILE__, __LINE__ )
11601 +#define DLIMIT_ADJUST_BLOCK(sb, tag, fb, rb) \
11602 + __dl_adjust_block(sb, tag, fb, rb, __FILE__, __LINE__ )
11606 +#warning duplicate inclusion
11608 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/base.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/base.h
11609 --- linux-2.6.25.11/include/linux/vserver/base.h 1969-12-31 19:00:00.000000000 -0500
11610 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/base.h 2008-04-23 20:52:31.000000000 -0400
11612 +#ifndef _VX_BASE_H
11613 +#define _VX_BASE_H
11616 +/* context state changes */
11628 +#define vx_task_xid(t) ((t)->xid)
11630 +#define vx_current_xid() vx_task_xid(current)
11632 +#define current_vx_info() (current->vx_info)
11635 +#define nx_task_nid(t) ((t)->nid)
11637 +#define nx_current_nid() nx_task_nid(current)
11639 +#define current_nx_info() (current->nx_info)
11642 +/* generic flag merging */
11644 +#define vs_check_flags(v, m, f) (((v) & (m)) ^ (f))
11646 +#define vs_mask_flags(v, f, m) (((v) & ~(m)) | ((f) & (m)))
11648 +#define vs_mask_mask(v, f, m) (((v) & ~(m)) | ((v) & (f) & (m)))
11650 +#define vs_check_bit(v, n) ((v) & (1LL << (n)))
11653 +/* context flags */
11655 +#define __vx_flags(v) ((v) ? (v)->vx_flags : 0)
11657 +#define vx_current_flags() __vx_flags(current->vx_info)
11659 +#define vx_info_flags(v, m, f) \
11660 + vs_check_flags(__vx_flags(v), m, f)
11662 +#define task_vx_flags(t, m, f) \
11663 + ((t) && vx_info_flags((t)->vx_info, m, f))
11665 +#define vx_flags(m, f) vx_info_flags(current->vx_info, m, f)
11668 +/* context caps */
11670 +#define __vx_ccaps(v) ((v) ? (v)->vx_ccaps : 0)
11672 +#define vx_current_ccaps() __vx_ccaps(current->vx_info)
11674 +#define vx_info_ccaps(v, c) (__vx_ccaps(v) & (c))
11676 +#define vx_ccaps(c) vx_info_ccaps(current->vx_info, (c))
11680 +/* network flags */
11682 +#define __nx_flags(n) ((n) ? (n)->nx_flags : 0)
11684 +#define nx_current_flags() __nx_flags(current->nx_info)
11686 +#define nx_info_flags(n, m, f) \
11687 + vs_check_flags(__nx_flags(n), m, f)
11689 +#define task_nx_flags(t, m, f) \
11690 + ((t) && nx_info_flags((t)->nx_info, m, f))
11692 +#define nx_flags(m, f) nx_info_flags(current->nx_info, m, f)
11695 +/* network caps */
11697 +#define __nx_ncaps(n) ((n) ? (n)->nx_ncaps : 0)
11699 +#define nx_current_ncaps() __nx_ncaps(current->nx_info)
11701 +#define nx_info_ncaps(n, c) (__nx_ncaps(n) & (c))
11703 +#define nx_ncaps(c) nx_info_ncaps(current->nx_info, c)
11706 +/* context mask capabilities */
11708 +#define __vx_mcaps(v) ((v) ? (v)->vx_ccaps >> 32UL : ~0 )
11710 +#define vx_info_mcaps(v, c) (__vx_mcaps(v) & (c))
11712 +#define vx_mcaps(c) vx_info_mcaps(current->vx_info, c)
11715 +/* context bcap mask */
11717 +#define __vx_bcaps(v) ((v)->vx_bcaps)
11719 +#define vx_current_bcaps() __vx_bcaps(current->vx_info)
11722 +/* mask given bcaps */
11724 +#define vx_info_mbcaps(v, c) ((v) ? cap_intersect(__vx_bcaps(v), c) : c)
11726 +#define vx_mbcaps(c) vx_info_mbcaps(current->vx_info, c)
11729 +/* masked cap_bset */
11731 +#define vx_info_cap_bset(v) vx_info_mbcaps(v, current->cap_bset)
11733 +#define vx_current_cap_bset() vx_info_cap_bset(current->vx_info)
11736 +#define vx_info_mbcap(v, b) \
11737 + (!vx_info_flags(v, VXF_STATE_SETUP, 0) ? \
11738 + vx_info_bcaps(v, b) : (b))
11740 +#define task_vx_mbcap(t, b) \
11741 + vx_info_mbcap((t)->vx_info, (t)->b)
11743 +#define vx_mbcap(b) task_vx_mbcap(current, b)
11746 +#define vx_cap_raised(v, c, f) cap_raised(vx_info_mbcaps(v, c), f)
11748 +#define vx_capable(b, c) (capable(b) || \
11749 + (cap_raised(current->cap_effective, b) && vx_ccaps(c)))
11751 +#define nx_capable(b, c) (capable(b) || \
11752 + (cap_raised(current->cap_effective, b) && nx_ncaps(c)))
11754 +#define vx_current_initpid(n) \
11755 + (current->vx_info && \
11756 + (current->vx_info->vx_initpid == (n)))
11759 +#define __vx_state(v) ((v) ? ((v)->vx_state) : 0)
11761 +#define vx_info_state(v, m) (__vx_state(v) & (m))
11764 +#define __nx_state(n) ((n) ? ((n)->nx_state) : 0)
11766 +#define nx_info_state(n, m) (__nx_state(n) & (m))
11769 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/cacct_cmd.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/cacct_cmd.h
11770 --- linux-2.6.25.11/include/linux/vserver/cacct_cmd.h 1969-12-31 19:00:00.000000000 -0500
11771 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/cacct_cmd.h 2008-04-19 15:14:52.000000000 -0400
11773 +#ifndef _VX_CACCT_CMD_H
11774 +#define _VX_CACCT_CMD_H
11777 +/* virtual host info name commands */
11779 +#define VCMD_sock_stat VC_CMD(VSTAT, 5, 0)
11781 +struct vcmd_sock_stat_v0 {
11783 + uint32_t count[3];
11784 + uint64_t total[3];
11790 +#include <linux/compiler.h>
11792 +extern int vc_sock_stat(struct vx_info *, void __user *);
11794 +#endif /* __KERNEL__ */
11795 +#endif /* _VX_CACCT_CMD_H */
11796 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/cacct_def.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/cacct_def.h
11797 --- linux-2.6.25.11/include/linux/vserver/cacct_def.h 1969-12-31 19:00:00.000000000 -0500
11798 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/cacct_def.h 2008-04-19 15:14:52.000000000 -0400
11800 +#ifndef _VX_CACCT_DEF_H
11801 +#define _VX_CACCT_DEF_H
11803 +#include <asm/atomic.h>
11804 +#include <linux/vserver/cacct.h>
11807 +struct _vx_sock_acc {
11808 + atomic_long_t count;
11809 + atomic_long_t total;
11812 +/* context sub struct */
11814 +struct _vx_cacct {
11815 + struct _vx_sock_acc sock[VXA_SOCK_SIZE][3];
11816 + atomic_t slab[8];
11817 + atomic_t page[6][8];
11820 +#ifdef CONFIG_VSERVER_DEBUG
11822 +static inline void __dump_vx_cacct(struct _vx_cacct *cacct)
11826 + printk("\t_vx_cacct:");
11827 + for (i = 0; i < 6; i++) {
11828 + struct _vx_sock_acc *ptr = cacct->sock[i];
11830 + printk("\t [%d] =", i);
11831 + for (j = 0; j < 3; j++) {
11832 + printk(" [%d] = %8lu, %8lu", j,
11833 + atomic_long_read(&ptr[j].count),
11834 + atomic_long_read(&ptr[j].total));
11842 +#endif /* _VX_CACCT_DEF_H */
11843 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/cacct.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/cacct.h
11844 --- linux-2.6.25.11/include/linux/vserver/cacct.h 1969-12-31 19:00:00.000000000 -0500
11845 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/cacct.h 2008-04-19 15:14:52.000000000 -0400
11847 +#ifndef _VX_CACCT_H
11848 +#define _VX_CACCT_H
11851 +enum sock_acc_field {
11852 + VXA_SOCK_UNSPEC = 0,
11858 + VXA_SOCK_SIZE /* array size */
11861 +#endif /* _VX_CACCT_H */
11862 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/cacct_int.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/cacct_int.h
11863 --- linux-2.6.25.11/include/linux/vserver/cacct_int.h 1969-12-31 19:00:00.000000000 -0500
11864 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/cacct_int.h 2008-04-19 15:14:52.000000000 -0400
11866 +#ifndef _VX_CACCT_INT_H
11867 +#define _VX_CACCT_INT_H
11873 +unsigned long vx_sock_count(struct _vx_cacct *cacct, int type, int pos)
11875 + return atomic_long_read(&cacct->sock[type][pos].count);
11880 +unsigned long vx_sock_total(struct _vx_cacct *cacct, int type, int pos)
11882 + return atomic_long_read(&cacct->sock[type][pos].total);
11885 +#endif /* __KERNEL__ */
11886 +#endif /* _VX_CACCT_INT_H */
11887 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/check.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/check.h
11888 --- linux-2.6.25.11/include/linux/vserver/check.h 1969-12-31 19:00:00.000000000 -0500
11889 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/check.h 2008-04-19 15:14:52.000000000 -0400
11891 +#ifndef _VS_CHECK_H
11892 +#define _VS_CHECK_H
11895 +#define MAX_S_CONTEXT 65535 /* Arbitrary limit */
11897 +#ifdef CONFIG_VSERVER_DYNAMIC_IDS
11898 +#define MIN_D_CONTEXT 49152 /* dynamic contexts start here */
11900 +#define MIN_D_CONTEXT 65536
11903 +/* check conditions */
11905 +#define VS_ADMIN 0x0001
11906 +#define VS_WATCH 0x0002
11907 +#define VS_HIDE 0x0004
11908 +#define VS_HOSTID 0x0008
11910 +#define VS_IDENT 0x0010
11911 +#define VS_EQUIV 0x0020
11912 +#define VS_PARENT 0x0040
11913 +#define VS_CHILD 0x0080
11915 +#define VS_ARG_MASK 0x00F0
11917 +#define VS_DYNAMIC 0x0100
11918 +#define VS_STATIC 0x0200
11920 +#define VS_ATR_MASK 0x0F00
11922 +#ifdef CONFIG_VSERVER_PRIVACY
11923 +#define VS_ADMIN_P (0)
11924 +#define VS_WATCH_P (0)
11926 +#define VS_ADMIN_P VS_ADMIN
11927 +#define VS_WATCH_P VS_WATCH
11930 +#define VS_HARDIRQ 0x1000
11931 +#define VS_SOFTIRQ 0x2000
11932 +#define VS_IRQ 0x4000
11934 +#define VS_IRQ_MASK 0xF000
11936 +#include <linux/hardirq.h>
11939 + * check current context for ADMIN/WATCH and
11940 + * optionally against supplied argument
11942 +static inline int __vs_check(int cid, int id, unsigned int mode)
11944 + if (mode & VS_ARG_MASK) {
11945 + if ((mode & VS_IDENT) && (id == cid))
11948 + if (mode & VS_ATR_MASK) {
11949 + if ((mode & VS_DYNAMIC) &&
11950 + (id >= MIN_D_CONTEXT) &&
11951 + (id <= MAX_S_CONTEXT))
11953 + if ((mode & VS_STATIC) &&
11954 + (id > 1) && (id < MIN_D_CONTEXT))
11957 + if (mode & VS_IRQ_MASK) {
11958 + if ((mode & VS_IRQ) && unlikely(in_interrupt()))
11960 + if ((mode & VS_HARDIRQ) && unlikely(in_irq()))
11962 + if ((mode & VS_SOFTIRQ) && unlikely(in_softirq()))
11965 + return (((mode & VS_ADMIN) && (cid == 0)) ||
11966 + ((mode & VS_WATCH) && (cid == 1)) ||
11967 + ((mode & VS_HOSTID) && (id == 0)));
11970 +#define vx_check(c, m) __vs_check(vx_current_xid(), c, (m) | VS_IRQ)
11972 +#define vx_weak_check(c, m) ((m) ? vx_check(c, m) : 1)
11975 +#define nx_check(c, m) __vs_check(nx_current_nid(), c, m)
11977 +#define nx_weak_check(c, m) ((m) ? nx_check(c, m) : 1)
11980 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/context_cmd.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/context_cmd.h
11981 --- linux-2.6.25.11/include/linux/vserver/context_cmd.h 1969-12-31 19:00:00.000000000 -0500
11982 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/context_cmd.h 2008-04-19 15:14:52.000000000 -0400
11984 +#ifndef _VX_CONTEXT_CMD_H
11985 +#define _VX_CONTEXT_CMD_H
11988 +/* vinfo commands */
11990 +#define VCMD_task_xid VC_CMD(VINFO, 1, 0)
11993 +extern int vc_task_xid(uint32_t);
11995 +#endif /* __KERNEL__ */
11997 +#define VCMD_vx_info VC_CMD(VINFO, 5, 0)
11999 +struct vcmd_vx_info_v0 {
12001 + uint32_t initpid;
12002 + /* more to come */
12006 +extern int vc_vx_info(struct vx_info *, void __user *);
12008 +#endif /* __KERNEL__ */
12010 +#define VCMD_ctx_stat VC_CMD(VSTAT, 0, 0)
12012 +struct vcmd_ctx_stat_v0 {
12015 + /* more to come */
12019 +extern int vc_ctx_stat(struct vx_info *, void __user *);
12021 +#endif /* __KERNEL__ */
12023 +/* context commands */
12025 +#define VCMD_ctx_create_v0 VC_CMD(VPROC, 1, 0)
12026 +#define VCMD_ctx_create VC_CMD(VPROC, 1, 1)
12028 +struct vcmd_ctx_create {
12029 + uint64_t flagword;
12032 +#define VCMD_ctx_migrate_v0 VC_CMD(PROCMIG, 1, 0)
12033 +#define VCMD_ctx_migrate VC_CMD(PROCMIG, 1, 1)
12035 +struct vcmd_ctx_migrate {
12036 + uint64_t flagword;
12040 +extern int vc_ctx_create(uint32_t, void __user *);
12041 +extern int vc_ctx_migrate(struct vx_info *, void __user *);
12043 +#endif /* __KERNEL__ */
12046 +/* flag commands */
12048 +#define VCMD_get_cflags VC_CMD(FLAGS, 1, 0)
12049 +#define VCMD_set_cflags VC_CMD(FLAGS, 2, 0)
12051 +struct vcmd_ctx_flags_v0 {
12052 + uint64_t flagword;
12057 +extern int vc_get_cflags(struct vx_info *, void __user *);
12058 +extern int vc_set_cflags(struct vx_info *, void __user *);
12060 +#endif /* __KERNEL__ */
12063 +/* context caps commands */
12065 +#define VCMD_get_ccaps VC_CMD(FLAGS, 3, 1)
12066 +#define VCMD_set_ccaps VC_CMD(FLAGS, 4, 1)
12068 +struct vcmd_ctx_caps_v1 {
12074 +extern int vc_get_ccaps(struct vx_info *, void __user *);
12075 +extern int vc_set_ccaps(struct vx_info *, void __user *);
12077 +#endif /* __KERNEL__ */
12080 +/* bcaps commands */
12082 +#define VCMD_get_bcaps VC_CMD(FLAGS, 9, 0)
12083 +#define VCMD_set_bcaps VC_CMD(FLAGS, 10, 0)
12085 +struct vcmd_bcaps {
12091 +extern int vc_get_bcaps(struct vx_info *, void __user *);
12092 +extern int vc_set_bcaps(struct vx_info *, void __user *);
12094 +#endif /* __KERNEL__ */
12099 +#define VCMD_get_badness VC_CMD(MEMCTRL, 5, 0)
12100 +#define VCMD_set_badness VC_CMD(MEMCTRL, 6, 0)
12102 +struct vcmd_badness_v0 {
12107 +extern int vc_get_badness(struct vx_info *, void __user *);
12108 +extern int vc_set_badness(struct vx_info *, void __user *);
12110 +#endif /* __KERNEL__ */
12111 +#endif /* _VX_CONTEXT_CMD_H */
12112 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/context.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/context.h
12113 --- linux-2.6.25.11/include/linux/vserver/context.h 1969-12-31 19:00:00.000000000 -0500
12114 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/context.h 2008-04-22 15:14:28.000000000 -0400
12116 +#ifndef _VX_CONTEXT_H
12117 +#define _VX_CONTEXT_H
12119 +#include <linux/types.h>
12120 +#include <linux/capability.h>
12123 +/* context flags */
12125 +#define VXF_INFO_SCHED 0x00000002
12126 +#define VXF_INFO_NPROC 0x00000004
12127 +#define VXF_INFO_PRIVATE 0x00000008
12129 +#define VXF_INFO_INIT 0x00000010
12130 +#define VXF_INFO_HIDE 0x00000020
12131 +#define VXF_INFO_ULIMIT 0x00000040
12132 +#define VXF_INFO_NSPACE 0x00000080
12134 +#define VXF_SCHED_HARD 0x00000100
12135 +#define VXF_SCHED_PRIO 0x00000200
12136 +#define VXF_SCHED_PAUSE 0x00000400
12138 +#define VXF_VIRT_MEM 0x00010000
12139 +#define VXF_VIRT_UPTIME 0x00020000
12140 +#define VXF_VIRT_CPU 0x00040000
12141 +#define VXF_VIRT_LOAD 0x00080000
12142 +#define VXF_VIRT_TIME 0x00100000
12144 +#define VXF_HIDE_MOUNT 0x01000000
12145 +/* was VXF_HIDE_NETIF 0x02000000 */
12146 +#define VXF_HIDE_VINFO 0x04000000
12148 +#define VXF_STATE_SETUP (1ULL << 32)
12149 +#define VXF_STATE_INIT (1ULL << 33)
12150 +#define VXF_STATE_ADMIN (1ULL << 34)
12152 +#define VXF_SC_HELPER (1ULL << 36)
12153 +#define VXF_REBOOT_KILL (1ULL << 37)
12154 +#define VXF_PERSISTENT (1ULL << 38)
12156 +#define VXF_FORK_RSS (1ULL << 48)
12157 +#define VXF_PROLIFIC (1ULL << 49)
12159 +#define VXF_IGNEG_NICE (1ULL << 52)
12161 +#define VXF_ONE_TIME (0x0007ULL << 32)
12163 +#define VXF_INIT_SET (VXF_STATE_SETUP | VXF_STATE_INIT | VXF_STATE_ADMIN)
12166 +/* context migration */
12168 +#define VXM_SET_INIT 0x00000001
12169 +#define VXM_SET_REAPER 0x00000002
12171 +/* context caps */
12173 +#define VXC_CAP_MASK 0x00000000
12175 +#define VXC_SET_UTSNAME 0x00000001
12176 +#define VXC_SET_RLIMIT 0x00000002
12178 +/* was VXC_RAW_ICMP 0x00000100 */
12179 +#define VXC_SYSLOG 0x00001000
12181 +#define VXC_SECURE_MOUNT 0x00010000
12182 +#define VXC_SECURE_REMOUNT 0x00020000
12183 +#define VXC_BINARY_MOUNT 0x00040000
12185 +#define VXC_QUOTA_CTL 0x00100000
12186 +#define VXC_ADMIN_MAPPER 0x00200000
12187 +#define VXC_ADMIN_CLOOP 0x00400000
12189 +#define VXC_KTHREAD 0x01000000
12194 +#include <linux/list.h>
12195 +#include <linux/spinlock.h>
12196 +#include <linux/rcupdate.h>
12198 +#include "limit_def.h"
12199 +#include "sched_def.h"
12200 +#include "cvirt_def.h"
12201 +#include "cacct_def.h"
12202 +#include "device_def.h"
12204 +struct _vx_info_pc {
12205 + struct _vx_sched_pc sched_pc;
12206 + struct _vx_cvirt_pc cvirt_pc;
12210 + struct hlist_node vx_hlist; /* linked list of contexts */
12211 + xid_t vx_id; /* context id */
12212 + atomic_t vx_usecnt; /* usage count */
12213 + atomic_t vx_tasks; /* tasks count */
12214 + struct vx_info *vx_parent; /* parent context */
12215 + int vx_state; /* context state */
12217 + unsigned long vx_nsmask; /* assignment mask */
12218 + struct nsproxy *vx_nsproxy; /* private namespace */
12219 + struct fs_struct *vx_fs; /* private namespace fs */
12221 + uint64_t vx_flags; /* context flags */
12222 + uint64_t vx_ccaps; /* context caps (vserver) */
12223 + kernel_cap_t vx_bcaps; /* bounding caps (system) */
12224 + // kernel_cap_t vx_cap_bset; /* the guest's bset */
12226 + struct task_struct *vx_reaper; /* guest reaper process */
12227 + pid_t vx_initpid; /* PID of guest init */
12228 + int64_t vx_badness_bias; /* OOM points bias */
12230 + struct _vx_limit limit; /* vserver limits */
12231 + struct _vx_sched sched; /* vserver scheduler */
12232 + struct _vx_cvirt cvirt; /* virtual/bias stuff */
12233 + struct _vx_cacct cacct; /* context accounting */
12235 + struct _vx_device dmap; /* default device map targets */
12237 +#ifndef CONFIG_SMP
12238 + struct _vx_info_pc info_pc; /* per cpu data */
12240 + struct _vx_info_pc *ptr_pc; /* per cpu array */
12243 + wait_queue_head_t vx_wait; /* context exit waitqueue */
12244 + int reboot_cmd; /* last sys_reboot() cmd */
12245 + int exit_code; /* last process exit code */
12247 + char vx_name[65]; /* vserver name */
12250 +#ifndef CONFIG_SMP
12251 +#define vx_ptr_pc(vxi) (&(vxi)->info_pc)
12252 +#define vx_per_cpu(vxi, v, id) vx_ptr_pc(vxi)->v
12254 +#define vx_ptr_pc(vxi) ((vxi)->ptr_pc)
12255 +#define vx_per_cpu(vxi, v, id) per_cpu_ptr(vx_ptr_pc(vxi), id)->v
12258 +#define vx_cpu(vxi, v) vx_per_cpu(vxi, v, smp_processor_id())
12261 +struct vx_info_save {
12262 + struct vx_info *vxi;
12267 +/* status flags */
12269 +#define VXS_HASHED 0x0001
12270 +#define VXS_PAUSED 0x0010
12271 +#define VXS_SHUTDOWN 0x0100
12272 +#define VXS_HELPER 0x1000
12273 +#define VXS_RELEASED 0x8000
12276 +extern void claim_vx_info(struct vx_info *, struct task_struct *);
12277 +extern void release_vx_info(struct vx_info *, struct task_struct *);
12279 +extern struct vx_info *lookup_vx_info(int);
12280 +extern struct vx_info *lookup_or_create_vx_info(int);
12282 +extern int get_xid_list(int, unsigned int *, int);
12283 +extern int xid_is_hashed(xid_t);
12285 +extern int vx_migrate_task(struct task_struct *, struct vx_info *, int);
12287 +extern long vs_state_change(struct vx_info *, unsigned int);
12290 +#endif /* __KERNEL__ */
12291 +#endif /* _VX_CONTEXT_H */
12292 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/cvirt_cmd.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/cvirt_cmd.h
12293 --- linux-2.6.25.11/include/linux/vserver/cvirt_cmd.h 1969-12-31 19:00:00.000000000 -0500
12294 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/cvirt_cmd.h 2008-04-19 15:14:52.000000000 -0400
12296 +#ifndef _VX_CVIRT_CMD_H
12297 +#define _VX_CVIRT_CMD_H
12300 +/* virtual host info name commands */
12302 +#define VCMD_set_vhi_name VC_CMD(VHOST, 1, 0)
12303 +#define VCMD_get_vhi_name VC_CMD(VHOST, 2, 0)
12305 +struct vcmd_vhi_name_v0 {
12311 +enum vhi_name_field {
12312 + VHIN_CONTEXT = 0,
12324 +#include <linux/compiler.h>
12326 +extern int vc_set_vhi_name(struct vx_info *, void __user *);
12327 +extern int vc_get_vhi_name(struct vx_info *, void __user *);
12329 +#endif /* __KERNEL__ */
12331 +#define VCMD_virt_stat VC_CMD(VSTAT, 3, 0)
12333 +struct vcmd_virt_stat_v0 {
12336 + uint32_t nr_threads;
12337 + uint32_t nr_running;
12338 + uint32_t nr_uninterruptible;
12339 + uint32_t nr_onhold;
12340 + uint32_t nr_forks;
12341 + uint32_t load[3];
12345 +extern int vc_virt_stat(struct vx_info *, void __user *);
12347 +#endif /* __KERNEL__ */
12348 +#endif /* _VX_CVIRT_CMD_H */
12349 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/cvirt_def.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/cvirt_def.h
12350 --- linux-2.6.25.11/include/linux/vserver/cvirt_def.h 1969-12-31 19:00:00.000000000 -0500
12351 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/cvirt_def.h 2008-04-19 15:14:52.000000000 -0400
12353 +#ifndef _VX_CVIRT_DEF_H
12354 +#define _VX_CVIRT_DEF_H
12356 +#include <linux/jiffies.h>
12357 +#include <linux/spinlock.h>
12358 +#include <linux/wait.h>
12359 +#include <linux/time.h>
12360 +#include <asm/atomic.h>
12363 +struct _vx_usage_stat {
12367 + uint64_t softirq;
12373 +struct _vx_syslog {
12374 + wait_queue_head_t log_wait;
12375 + spinlock_t logbuf_lock; /* lock for the log buffer */
12377 + unsigned long log_start; /* next char to be read by syslog() */
12378 + unsigned long con_start; /* next char to be sent to consoles */
12379 + unsigned long log_end; /* most-recently-written-char + 1 */
12380 + unsigned long logged_chars; /* #chars since last read+clear operation */
12382 + char log_buf[1024];
12386 +/* context sub struct */
12388 +struct _vx_cvirt {
12389 + atomic_t nr_threads; /* number of current threads */
12390 + atomic_t nr_running; /* number of running threads */
12391 + atomic_t nr_uninterruptible; /* number of uninterruptible threads */
12393 + atomic_t nr_onhold; /* processes on hold */
12394 + uint32_t onhold_last; /* jiffies when put on hold */
12396 + struct timeval bias_tv; /* time offset to the host */
12397 + struct timespec bias_idle;
12398 + struct timespec bias_uptime; /* context creation point */
12399 + uint64_t bias_clock; /* offset in clock_t */
12401 + spinlock_t load_lock; /* lock for the load averages */
12402 + atomic_t load_updates; /* nr of load updates done so far */
12403 + uint32_t load_last; /* last time load was calculated */
12404 + uint32_t load[3]; /* load averages 1,5,15 */
12406 + atomic_t total_forks; /* number of forks so far */
12408 + struct _vx_syslog syslog;
12411 +struct _vx_cvirt_pc {
12412 + struct _vx_usage_stat cpustat;
12416 +#ifdef CONFIG_VSERVER_DEBUG
12418 +static inline void __dump_vx_cvirt(struct _vx_cvirt *cvirt)
12420 + printk("\t_vx_cvirt:\n");
12421 + printk("\t threads: %4d, %4d, %4d, %4d\n",
12422 + atomic_read(&cvirt->nr_threads),
12423 + atomic_read(&cvirt->nr_running),
12424 + atomic_read(&cvirt->nr_uninterruptible),
12425 + atomic_read(&cvirt->nr_onhold));
12426 + /* add rest here */
12427 + printk("\t total_forks = %d\n", atomic_read(&cvirt->total_forks));
12432 +#endif /* _VX_CVIRT_DEF_H */
12433 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/cvirt.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/cvirt.h
12434 --- linux-2.6.25.11/include/linux/vserver/cvirt.h 1969-12-31 19:00:00.000000000 -0500
12435 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/cvirt.h 2008-04-19 15:14:52.000000000 -0400
12437 +#ifndef _VX_CVIRT_H
12438 +#define _VX_CVIRT_H
12445 +void vx_vsi_uptime(struct timespec *, struct timespec *);
12450 +void vx_update_load(struct vx_info *);
12453 +int vx_do_syslog(int, char __user *, int);
12455 +#endif /* __KERNEL__ */
12456 +#endif /* _VX_CVIRT_H */
12457 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/debug_cmd.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/debug_cmd.h
12458 --- linux-2.6.25.11/include/linux/vserver/debug_cmd.h 1969-12-31 19:00:00.000000000 -0500
12459 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/debug_cmd.h 2008-04-19 15:14:52.000000000 -0400
12461 +#ifndef _VX_DEBUG_CMD_H
12462 +#define _VX_DEBUG_CMD_H
12465 +/* debug commands */
12467 +#define VCMD_dump_history VC_CMD(DEBUG, 1, 0)
12469 +#define VCMD_read_history VC_CMD(DEBUG, 5, 0)
12470 +#define VCMD_read_monitor VC_CMD(DEBUG, 6, 0)
12472 +struct vcmd_read_history_v0 {
12475 + char __user *data;
12478 +struct vcmd_read_monitor_v0 {
12481 + char __user *data;
12487 +#ifdef CONFIG_COMPAT
12489 +#include <asm/compat.h>
12491 +struct vcmd_read_history_v0_x32 {
12494 + compat_uptr_t data_ptr;
12497 +struct vcmd_read_monitor_v0_x32 {
12500 + compat_uptr_t data_ptr;
12503 +#endif /* CONFIG_COMPAT */
12505 +extern int vc_dump_history(uint32_t);
12507 +extern int vc_read_history(uint32_t, void __user *);
12508 +extern int vc_read_monitor(uint32_t, void __user *);
12510 +#ifdef CONFIG_COMPAT
12512 +extern int vc_read_history_x32(uint32_t, void __user *);
12513 +extern int vc_read_monitor_x32(uint32_t, void __user *);
12515 +#endif /* CONFIG_COMPAT */
12517 +#endif /* __KERNEL__ */
12518 +#endif /* _VX_DEBUG_CMD_H */
12519 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/debug.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/debug.h
12520 --- linux-2.6.25.11/include/linux/vserver/debug.h 1969-12-31 19:00:00.000000000 -0500
12521 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/debug.h 2008-04-21 13:55:14.000000000 -0400
12523 +#ifndef _VX_DEBUG_H
12524 +#define _VX_DEBUG_H
12527 +#define VXD_CBIT(n, m) (vx_debug_ ## n & (1 << (m)))
12528 +#define VXD_CMIN(n, m) (vx_debug_ ## n > (m))
12529 +#define VXD_MASK(n, m) (vx_debug_ ## n & (m))
12531 +#define VXD_DEV(d) (d), (d)->bd_inode->i_ino, \
12532 + imajor((d)->bd_inode), iminor((d)->bd_inode)
12533 +#define VXF_DEV "%p[%lu,%d:%d]"
12536 +#define __FUNC__ __func__
12539 +#define vxd_path(p) \
12540 + ({ static char _buffer[PATH_MAX]; \
12541 + d_path(p, _buffer, sizeof(_buffer)); })
12543 +#define vxd_cond_path(n) \
12544 + ((n) ? vxd_path(&(n)->path) : "<null>" )
12547 +#ifdef CONFIG_VSERVER_DEBUG
12549 +extern unsigned int vx_debug_switch;
12550 +extern unsigned int vx_debug_xid;
12551 +extern unsigned int vx_debug_nid;
12552 +extern unsigned int vx_debug_tag;
12553 +extern unsigned int vx_debug_net;
12554 +extern unsigned int vx_debug_limit;
12555 +extern unsigned int vx_debug_cres;
12556 +extern unsigned int vx_debug_dlim;
12557 +extern unsigned int vx_debug_quota;
12558 +extern unsigned int vx_debug_cvirt;
12559 +extern unsigned int vx_debug_space;
12560 +extern unsigned int vx_debug_misc;
12563 +#define VX_LOGLEVEL "vxD: "
12564 +#define VX_PROC_FMT "%p: "
12565 +#define VX_PROCESS current
12567 +#define vxdprintk(c, f, x...) \
12570 + printk(VX_LOGLEVEL VX_PROC_FMT f "\n", \
12571 + VX_PROCESS , ##x); \
12574 +#define vxlprintk(c, f, x...) \
12577 + printk(VX_LOGLEVEL f " @%s:%d\n", x); \
12580 +#define vxfprintk(c, f, x...) \
12583 + printk(VX_LOGLEVEL f " %s@%s:%d\n", x); \
12589 +void dump_vx_info(struct vx_info *, int);
12590 +void dump_vx_info_inactive(int);
12592 +#else /* CONFIG_VSERVER_DEBUG */
12594 +#define vx_debug_switch 0
12595 +#define vx_debug_xid 0
12596 +#define vx_debug_nid 0
12597 +#define vx_debug_tag 0
12598 +#define vx_debug_net 0
12599 +#define vx_debug_limit 0
12600 +#define vx_debug_cres 0
12601 +#define vx_debug_dlim 0
12602 +#define vx_debug_cvirt 0
12604 +#define vxdprintk(x...) do { } while (0)
12605 +#define vxlprintk(x...) do { } while (0)
12606 +#define vxfprintk(x...) do { } while (0)
12608 +#endif /* CONFIG_VSERVER_DEBUG */
12611 +#ifdef CONFIG_VSERVER_WARN
12613 +#define VX_WARNLEVEL KERN_WARNING "vxW: "
12614 +#define VX_WARN_TASK "[»%s«,%u:#%u|%u|%u] "
12615 +#define VX_WARN_XID "[xid #%u] "
12616 +#define VX_WARN_NID "[nid #%u] "
12617 +#define VX_WARN_TAG "[tag #%u] "
12619 +#define vxwprintk(c, f, x...) \
12622 + printk(VX_WARNLEVEL f "\n", ##x); \
12625 +#else /* CONFIG_VSERVER_WARN */
12627 +#define vxwprintk(x...) do { } while (0)
12629 +#endif /* CONFIG_VSERVER_WARN */
12631 +#define vxwprintk_task(c, f, x...) \
12632 + vxwprintk(c, VX_WARN_TASK f, \
12633 + current->comm, current->pid, \
12634 + current->xid, current->nid, current->tag, ##x)
12635 +#define vxwprintk_xid(c, f, x...) \
12636 + vxwprintk(c, VX_WARN_XID f, current->xid, x)
12637 +#define vxwprintk_nid(c, f, x...) \
12638 + vxwprintk(c, VX_WARN_NID f, current->nid, x)
12639 +#define vxwprintk_tag(c, f, x...) \
12640 + vxwprintk(c, VX_WARN_TAG f, current->tag, x)
12642 +#ifdef CONFIG_VSERVER_DEBUG
12643 +#define vxd_assert_lock(l) assert_spin_locked(l)
12644 +#define vxd_assert(c, f, x...) vxlprintk(!(c), \
12645 + "assertion [" f "] failed.", ##x, __FILE__, __LINE__)
12647 +#define vxd_assert_lock(l) do { } while (0)
12648 +#define vxd_assert(c, f, x...) do { } while (0)
12652 +#endif /* _VX_DEBUG_H */
12653 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/device_cmd.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/device_cmd.h
12654 --- linux-2.6.25.11/include/linux/vserver/device_cmd.h 1969-12-31 19:00:00.000000000 -0500
12655 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/device_cmd.h 2008-04-19 15:14:52.000000000 -0400
12657 +#ifndef _VX_DEVICE_CMD_H
12658 +#define _VX_DEVICE_CMD_H
12661 +/* device vserver commands */
12663 +#define VCMD_set_mapping VC_CMD(DEVICE, 1, 0)
12664 +#define VCMD_unset_mapping VC_CMD(DEVICE, 2, 0)
12666 +struct vcmd_set_mapping_v0 {
12667 + const char __user *device;
12668 + const char __user *target;
12675 +#ifdef CONFIG_COMPAT
12677 +#include <asm/compat.h>
12679 +struct vcmd_set_mapping_v0_x32 {
12680 + compat_uptr_t device_ptr;
12681 + compat_uptr_t target_ptr;
12685 +#endif /* CONFIG_COMPAT */
12687 +#include <linux/compiler.h>
12689 +extern int vc_set_mapping(struct vx_info *, void __user *);
12690 +extern int vc_unset_mapping(struct vx_info *, void __user *);
12692 +#ifdef CONFIG_COMPAT
12694 +extern int vc_set_mapping_x32(struct vx_info *, void __user *);
12695 +extern int vc_unset_mapping_x32(struct vx_info *, void __user *);
12697 +#endif /* CONFIG_COMPAT */
12699 +#endif /* __KERNEL__ */
12700 +#endif /* _VX_DEVICE_CMD_H */
12701 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/device_def.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/device_def.h
12702 --- linux-2.6.25.11/include/linux/vserver/device_def.h 1969-12-31 19:00:00.000000000 -0500
12703 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/device_def.h 2008-04-19 15:14:52.000000000 -0400
12705 +#ifndef _VX_DEVICE_DEF_H
12706 +#define _VX_DEVICE_DEF_H
12708 +#include <linux/types.h>
12710 +struct vx_dmap_target {
12715 +struct _vx_device {
12716 +#ifdef CONFIG_VSERVER_DEVICE
12717 + struct vx_dmap_target targets[2];
12721 +#endif /* _VX_DEVICE_DEF_H */
12722 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/device.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/device.h
12723 --- linux-2.6.25.11/include/linux/vserver/device.h 1969-12-31 19:00:00.000000000 -0500
12724 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/device.h 2008-04-19 15:14:52.000000000 -0400
12726 +#ifndef _VX_DEVICE_H
12727 +#define _VX_DEVICE_H
12730 +#define DATTR_CREATE 0x00000001
12731 +#define DATTR_OPEN 0x00000002
12733 +#define DATTR_REMAP 0x00000010
12735 +#define DATTR_MASK 0x00000013
12738 +#else /* _VX_DEVICE_H */
12739 +#warning duplicate inclusion
12740 +#endif /* _VX_DEVICE_H */
12741 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/dlimit_cmd.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/dlimit_cmd.h
12742 --- linux-2.6.25.11/include/linux/vserver/dlimit_cmd.h 1969-12-31 19:00:00.000000000 -0500
12743 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/dlimit_cmd.h 2008-04-19 15:14:52.000000000 -0400
12745 +#ifndef _VX_DLIMIT_CMD_H
12746 +#define _VX_DLIMIT_CMD_H
12749 +/* dlimit vserver commands */
12751 +#define VCMD_add_dlimit VC_CMD(DLIMIT, 1, 0)
12752 +#define VCMD_rem_dlimit VC_CMD(DLIMIT, 2, 0)
12754 +#define VCMD_set_dlimit VC_CMD(DLIMIT, 5, 0)
12755 +#define VCMD_get_dlimit VC_CMD(DLIMIT, 6, 0)
12757 +struct vcmd_ctx_dlimit_base_v0 {
12758 + const char __user *name;
12762 +struct vcmd_ctx_dlimit_v0 {
12763 + const char __user *name;
12764 + uint32_t space_used; /* used space in kbytes */
12765 + uint32_t space_total; /* maximum space in kbytes */
12766 + uint32_t inodes_used; /* used inodes */
12767 + uint32_t inodes_total; /* maximum inodes */
12768 + uint32_t reserved; /* reserved for root in % */
12772 +#define CDLIM_UNSET ((uint32_t)0UL)
12773 +#define CDLIM_INFINITY ((uint32_t)~0UL)
12774 +#define CDLIM_KEEP ((uint32_t)~1UL)
12778 +#ifdef CONFIG_COMPAT
12780 +#include <asm/compat.h>
12782 +struct vcmd_ctx_dlimit_base_v0_x32 {
12783 + compat_uptr_t name_ptr;
12787 +struct vcmd_ctx_dlimit_v0_x32 {
12788 + compat_uptr_t name_ptr;
12789 + uint32_t space_used; /* used space in kbytes */
12790 + uint32_t space_total; /* maximum space in kbytes */
12791 + uint32_t inodes_used; /* used inodes */
12792 + uint32_t inodes_total; /* maximum inodes */
12793 + uint32_t reserved; /* reserved for root in % */
12797 +#endif /* CONFIG_COMPAT */
12799 +#include <linux/compiler.h>
12801 +extern int vc_add_dlimit(uint32_t, void __user *);
12802 +extern int vc_rem_dlimit(uint32_t, void __user *);
12804 +extern int vc_set_dlimit(uint32_t, void __user *);
12805 +extern int vc_get_dlimit(uint32_t, void __user *);
12807 +#ifdef CONFIG_COMPAT
12809 +extern int vc_add_dlimit_x32(uint32_t, void __user *);
12810 +extern int vc_rem_dlimit_x32(uint32_t, void __user *);
12812 +extern int vc_set_dlimit_x32(uint32_t, void __user *);
12813 +extern int vc_get_dlimit_x32(uint32_t, void __user *);
12815 +#endif /* CONFIG_COMPAT */
12817 +#endif /* __KERNEL__ */
12818 +#endif /* _VX_DLIMIT_CMD_H */
12819 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/dlimit.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/dlimit.h
12820 --- linux-2.6.25.11/include/linux/vserver/dlimit.h 1969-12-31 19:00:00.000000000 -0500
12821 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/dlimit.h 2008-04-19 15:14:52.000000000 -0400
12823 +#ifndef _VX_DLIMIT_H
12824 +#define _VX_DLIMIT_H
12826 +#include "switch.h"
12831 +/* keep in sync with CDLIM_INFINITY */
12833 +#define DLIM_INFINITY (~0ULL)
12835 +#include <linux/spinlock.h>
12836 +#include <linux/rcupdate.h>
12838 +struct super_block;
12841 + struct hlist_node dl_hlist; /* linked list of contexts */
12842 + struct rcu_head dl_rcu; /* the rcu head */
12843 + tag_t dl_tag; /* context tag */
12844 + atomic_t dl_usecnt; /* usage count */
12845 + atomic_t dl_refcnt; /* reference count */
12847 + struct super_block *dl_sb; /* associated superblock */
12849 + spinlock_t dl_lock; /* protect the values */
12851 + unsigned long long dl_space_used; /* used space in bytes */
12852 + unsigned long long dl_space_total; /* maximum space in bytes */
12853 + unsigned long dl_inodes_used; /* used inodes */
12854 + unsigned long dl_inodes_total; /* maximum inodes */
12856 + unsigned int dl_nrlmult; /* non root limit mult */
12861 +extern void rcu_free_dl_info(struct rcu_head *);
12862 +extern void unhash_dl_info(struct dl_info *);
12864 +extern struct dl_info *locate_dl_info(struct super_block *, tag_t);
12869 +extern void vx_vsi_statfs(struct super_block *, struct kstatfs *);
12871 +typedef uint64_t dlsize_t;
12873 +#endif /* __KERNEL__ */
12874 +#else /* _VX_DLIMIT_H */
12875 +#warning duplicate inclusion
12876 +#endif /* _VX_DLIMIT_H */
12877 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/global.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/global.h
12878 --- linux-2.6.25.11/include/linux/vserver/global.h 1969-12-31 19:00:00.000000000 -0500
12879 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/global.h 2008-04-19 15:14:52.000000000 -0400
12881 +#ifndef _VX_GLOBAL_H
12882 +#define _VX_GLOBAL_H
12885 +extern atomic_t vx_global_ctotal;
12886 +extern atomic_t vx_global_cactive;
12888 +extern atomic_t nx_global_ctotal;
12889 +extern atomic_t nx_global_cactive;
12891 +extern atomic_t vs_global_nsproxy;
12892 +extern atomic_t vs_global_fs;
12893 +extern atomic_t vs_global_mnt_ns;
12894 +extern atomic_t vs_global_uts_ns;
12895 +extern atomic_t vs_global_ipc_ns;
12896 +extern atomic_t vs_global_user_ns;
12897 +extern atomic_t vs_global_pid_ns;
12900 +#endif /* _VX_GLOBAL_H */
12901 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/history.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/history.h
12902 --- linux-2.6.25.11/include/linux/vserver/history.h 1969-12-31 19:00:00.000000000 -0500
12903 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/history.h 2008-04-19 15:14:52.000000000 -0400
12905 +#ifndef _VX_HISTORY_H
12906 +#define _VX_HISTORY_H
12911 + VXH_THROW_OOPS = 1,
12915 + VXH_INIT_VX_INFO,
12918 + VXH_CLAIM_VX_INFO,
12919 + VXH_RELEASE_VX_INFO,
12920 + VXH_ALLOC_VX_INFO,
12921 + VXH_DEALLOC_VX_INFO,
12922 + VXH_HASH_VX_INFO,
12923 + VXH_UNHASH_VX_INFO,
12925 + VXH_LOOKUP_VX_INFO,
12926 + VXH_CREATE_VX_INFO,
12929 +struct _vxhe_vxi {
12930 + struct vx_info *ptr;
12936 +struct _vxhe_set_clr {
12940 +struct _vxhe_loc_lookup {
12944 +struct _vx_hist_entry {
12946 + unsigned short seq;
12947 + unsigned short type;
12948 + struct _vxhe_vxi vxi;
12950 + struct _vxhe_set_clr sc;
12951 + struct _vxhe_loc_lookup ll;
12955 +#ifdef CONFIG_VSERVER_HISTORY
12957 +extern unsigned volatile int vxh_active;
12959 +struct _vx_hist_entry *vxh_advance(void *loc);
12963 +void __vxh_copy_vxi(struct _vx_hist_entry *entry, struct vx_info *vxi)
12965 + entry->vxi.ptr = vxi;
12967 + entry->vxi.usecnt = atomic_read(&vxi->vx_usecnt);
12968 + entry->vxi.tasks = atomic_read(&vxi->vx_tasks);
12969 + entry->vxi.xid = vxi->vx_id;
12974 +#define __HERE__ current_text_addr()
12976 +#define __VXH_BODY(__type, __data, __here) \
12977 + struct _vx_hist_entry *entry; \
12979 + preempt_disable(); \
12980 + entry = vxh_advance(__here); \
12982 + entry->type = __type; \
12983 + preempt_enable();
12986 + /* pass vxi only */
12988 +#define __VXH_SMPL \
12989 + __vxh_copy_vxi(entry, vxi)
12992 +void __vxh_smpl(struct vx_info *vxi, int __type, void *__here)
12994 + __VXH_BODY(__type, __VXH_SMPL, __here)
12997 + /* pass vxi and data (void *) */
12999 +#define __VXH_DATA \
13000 + __vxh_copy_vxi(entry, vxi); \
13001 + entry->sc.data = data
13004 +void __vxh_data(struct vx_info *vxi, void *data,
13005 + int __type, void *__here)
13007 + __VXH_BODY(__type, __VXH_DATA, __here)
13010 + /* pass vxi and arg (long) */
13012 +#define __VXH_LONG \
13013 + __vxh_copy_vxi(entry, vxi); \
13014 + entry->ll.arg = arg
13017 +void __vxh_long(struct vx_info *vxi, long arg,
13018 + int __type, void *__here)
13020 + __VXH_BODY(__type, __VXH_LONG, __here)
13025 +void __vxh_throw_oops(void *__here)
13027 + __VXH_BODY(VXH_THROW_OOPS, {}, __here);
13028 + /* prevent further acquisition */
13033 +#define vxh_throw_oops() __vxh_throw_oops(__HERE__);
13035 +#define __vxh_get_vx_info(v, h) __vxh_smpl(v, VXH_GET_VX_INFO, h);
13036 +#define __vxh_put_vx_info(v, h) __vxh_smpl(v, VXH_PUT_VX_INFO, h);
13038 +#define __vxh_init_vx_info(v, d, h) \
13039 + __vxh_data(v, d, VXH_INIT_VX_INFO, h);
13040 +#define __vxh_set_vx_info(v, d, h) \
13041 + __vxh_data(v, d, VXH_SET_VX_INFO, h);
13042 +#define __vxh_clr_vx_info(v, d, h) \
13043 + __vxh_data(v, d, VXH_CLR_VX_INFO, h);
13045 +#define __vxh_claim_vx_info(v, d, h) \
13046 + __vxh_data(v, d, VXH_CLAIM_VX_INFO, h);
13047 +#define __vxh_release_vx_info(v, d, h) \
13048 + __vxh_data(v, d, VXH_RELEASE_VX_INFO, h);
13050 +#define vxh_alloc_vx_info(v) \
13051 + __vxh_smpl(v, VXH_ALLOC_VX_INFO, __HERE__);
13052 +#define vxh_dealloc_vx_info(v) \
13053 + __vxh_smpl(v, VXH_DEALLOC_VX_INFO, __HERE__);
13055 +#define vxh_hash_vx_info(v) \
13056 + __vxh_smpl(v, VXH_HASH_VX_INFO, __HERE__);
13057 +#define vxh_unhash_vx_info(v) \
13058 + __vxh_smpl(v, VXH_UNHASH_VX_INFO, __HERE__);
13060 +#define vxh_loc_vx_info(v, l) \
13061 + __vxh_long(v, l, VXH_LOC_VX_INFO, __HERE__);
13062 +#define vxh_lookup_vx_info(v, l) \
13063 + __vxh_long(v, l, VXH_LOOKUP_VX_INFO, __HERE__);
13064 +#define vxh_create_vx_info(v, l) \
13065 + __vxh_long(v, l, VXH_CREATE_VX_INFO, __HERE__);
13067 +extern void vxh_dump_history(void);
13070 +#else /* CONFIG_VSERVER_HISTORY */
13072 +#define __HERE__ 0
13074 +#define vxh_throw_oops() do { } while (0)
13076 +#define __vxh_get_vx_info(v, h) do { } while (0)
13077 +#define __vxh_put_vx_info(v, h) do { } while (0)
13079 +#define __vxh_init_vx_info(v, d, h) do { } while (0)
13080 +#define __vxh_set_vx_info(v, d, h) do { } while (0)
13081 +#define __vxh_clr_vx_info(v, d, h) do { } while (0)
13083 +#define __vxh_claim_vx_info(v, d, h) do { } while (0)
13084 +#define __vxh_release_vx_info(v, d, h) do { } while (0)
13086 +#define vxh_alloc_vx_info(v) do { } while (0)
13087 +#define vxh_dealloc_vx_info(v) do { } while (0)
13089 +#define vxh_hash_vx_info(v) do { } while (0)
13090 +#define vxh_unhash_vx_info(v) do { } while (0)
13092 +#define vxh_loc_vx_info(v, l) do { } while (0)
13093 +#define vxh_lookup_vx_info(v, l) do { } while (0)
13094 +#define vxh_create_vx_info(v, l) do { } while (0)
13096 +#define vxh_dump_history() do { } while (0)
13099 +#endif /* CONFIG_VSERVER_HISTORY */
13101 +#endif /* _VX_HISTORY_H */
13102 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/inode_cmd.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/inode_cmd.h
13103 --- linux-2.6.25.11/include/linux/vserver/inode_cmd.h 1969-12-31 19:00:00.000000000 -0500
13104 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/inode_cmd.h 2008-04-19 15:14:52.000000000 -0400
13106 +#ifndef _VX_INODE_CMD_H
13107 +#define _VX_INODE_CMD_H
13110 +/* inode vserver commands */
13112 +#define VCMD_get_iattr VC_CMD(INODE, 1, 1)
13113 +#define VCMD_set_iattr VC_CMD(INODE, 2, 1)
13115 +#define VCMD_fget_iattr VC_CMD(INODE, 3, 0)
13116 +#define VCMD_fset_iattr VC_CMD(INODE, 4, 0)
13118 +struct vcmd_ctx_iattr_v1 {
13119 + const char __user *name;
13125 +struct vcmd_ctx_fiattr_v0 {
13135 +#ifdef CONFIG_COMPAT
13137 +#include <asm/compat.h>
13139 +struct vcmd_ctx_iattr_v1_x32 {
13140 + compat_uptr_t name_ptr;
13146 +#endif /* CONFIG_COMPAT */
13148 +#include <linux/compiler.h>
13150 +extern int vc_get_iattr(void __user *);
13151 +extern int vc_set_iattr(void __user *);
13153 +extern int vc_fget_iattr(uint32_t, void __user *);
13154 +extern int vc_fset_iattr(uint32_t, void __user *);
13156 +#ifdef CONFIG_COMPAT
13158 +extern int vc_get_iattr_x32(void __user *);
13159 +extern int vc_set_iattr_x32(void __user *);
13161 +#endif /* CONFIG_COMPAT */
13163 +#endif /* __KERNEL__ */
13164 +#endif /* _VX_INODE_CMD_H */
13165 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/inode.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/inode.h
13166 --- linux-2.6.25.11/include/linux/vserver/inode.h 1969-12-31 19:00:00.000000000 -0500
13167 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/inode.h 2008-07-08 04:31:24.000000000 -0400
13169 +#ifndef _VX_INODE_H
13170 +#define _VX_INODE_H
13173 +#define IATTR_TAG 0x01000000
13175 +#define IATTR_ADMIN 0x00000001
13176 +#define IATTR_WATCH 0x00000002
13177 +#define IATTR_HIDE 0x00000004
13178 +#define IATTR_FLAGS 0x00000007
13180 +#define IATTR_BARRIER 0x00010000
13181 +#define IATTR_IXUNLINK 0x00020000
13182 +#define IATTR_IMMUTABLE 0x00040000
13187 +#ifdef CONFIG_VSERVER_PROC_SECURE
13188 +#define IATTR_PROC_DEFAULT ( IATTR_ADMIN | IATTR_HIDE )
13189 +#define IATTR_PROC_SYMLINK ( IATTR_ADMIN )
13191 +#define IATTR_PROC_DEFAULT ( IATTR_ADMIN )
13192 +#define IATTR_PROC_SYMLINK ( IATTR_ADMIN )
13195 +#define vx_hide_check(c, m) (((m) & IATTR_HIDE) ? vx_check(c, m) : 1)
13197 +#endif /* __KERNEL__ */
13199 +/* inode ioctls */
13201 +#define FIOC_GETXFLG _IOR('x', 5, long)
13202 +#define FIOC_SETXFLG _IOW('x', 6, long)
13204 +#else /* _VX_INODE_H */
13205 +#warning duplicate inclusion
13206 +#endif /* _VX_INODE_H */
13207 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/Kbuild linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/Kbuild
13208 --- linux-2.6.25.11/include/linux/vserver/Kbuild 1969-12-31 19:00:00.000000000 -0500
13209 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/Kbuild 2008-04-19 15:14:52.000000000 -0400
13212 +unifdef-y += context_cmd.h network_cmd.h space_cmd.h \
13213 + cacct_cmd.h cvirt_cmd.h limit_cmd.h dlimit_cmd.h \
13214 + inode_cmd.h tag_cmd.h sched_cmd.h signal_cmd.h \
13215 + debug_cmd.h device_cmd.h
13217 +unifdef-y += switch.h network.h monitor.h inode.h device.h
13219 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/limit_cmd.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/limit_cmd.h
13220 --- linux-2.6.25.11/include/linux/vserver/limit_cmd.h 1969-12-31 19:00:00.000000000 -0500
13221 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/limit_cmd.h 2008-04-19 15:14:52.000000000 -0400
13223 +#ifndef _VX_LIMIT_CMD_H
13224 +#define _VX_LIMIT_CMD_H
13227 +/* rlimit vserver commands */
13229 +#define VCMD_get_rlimit VC_CMD(RLIMIT, 1, 0)
13230 +#define VCMD_set_rlimit VC_CMD(RLIMIT, 2, 0)
13231 +#define VCMD_get_rlimit_mask VC_CMD(RLIMIT, 3, 0)
13232 +#define VCMD_reset_minmax VC_CMD(RLIMIT, 9, 0)
13234 +struct vcmd_ctx_rlimit_v0 {
13236 + uint64_t minimum;
13237 + uint64_t softlimit;
13238 + uint64_t maximum;
13241 +struct vcmd_ctx_rlimit_mask_v0 {
13242 + uint32_t minimum;
13243 + uint32_t softlimit;
13244 + uint32_t maximum;
13247 +#define VCMD_rlimit_stat VC_CMD(VSTAT, 1, 0)
13249 +struct vcmd_rlimit_stat_v0 {
13253 + uint64_t minimum;
13254 + uint64_t maximum;
13257 +#define CRLIM_UNSET (0ULL)
13258 +#define CRLIM_INFINITY (~0ULL)
13259 +#define CRLIM_KEEP (~1ULL)
13263 +#ifdef CONFIG_IA32_EMULATION
13265 +struct vcmd_ctx_rlimit_v0_x32 {
13267 + uint64_t minimum;
13268 + uint64_t softlimit;
13269 + uint64_t maximum;
13270 +} __attribute__ ((aligned (4)));
13272 +#endif /* CONFIG_IA32_EMULATION */
13274 +#include <linux/compiler.h>
13276 +extern int vc_get_rlimit_mask(uint32_t, void __user *);
13277 +extern int vc_get_rlimit(struct vx_info *, void __user *);
13278 +extern int vc_set_rlimit(struct vx_info *, void __user *);
13279 +extern int vc_reset_minmax(struct vx_info *, void __user *);
13281 +extern int vc_rlimit_stat(struct vx_info *, void __user *);
13283 +#ifdef CONFIG_IA32_EMULATION
13285 +extern int vc_get_rlimit_x32(struct vx_info *, void __user *);
13286 +extern int vc_set_rlimit_x32(struct vx_info *, void __user *);
13288 +#endif /* CONFIG_IA32_EMULATION */
13290 +#endif /* __KERNEL__ */
13291 +#endif /* _VX_LIMIT_CMD_H */
13292 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/limit_def.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/limit_def.h
13293 --- linux-2.6.25.11/include/linux/vserver/limit_def.h 1969-12-31 19:00:00.000000000 -0500
13294 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/limit_def.h 2008-04-19 15:14:52.000000000 -0400
13296 +#ifndef _VX_LIMIT_DEF_H
13297 +#define _VX_LIMIT_DEF_H
13299 +#include <asm/atomic.h>
13300 +#include <asm/resource.h>
13302 +#include "limit.h"
13305 +struct _vx_res_limit {
13306 + rlim_t soft; /* Context soft limit */
13307 + rlim_t hard; /* Context hard limit */
13309 + rlim_atomic_t rcur; /* Current value */
13310 + rlim_t rmin; /* Context minimum */
13311 + rlim_t rmax; /* Context maximum */
13313 + atomic_t lhit; /* Limit hits */
13316 +/* context sub struct */
13318 +struct _vx_limit {
13319 + struct _vx_res_limit res[NUM_LIMITS];
13322 +#ifdef CONFIG_VSERVER_DEBUG
13324 +static inline void __dump_vx_limit(struct _vx_limit *limit)
13328 + printk("\t_vx_limit:");
13329 + for (i = 0; i < NUM_LIMITS; i++) {
13330 + printk("\t [%2d] = %8lu %8lu/%8lu, %8ld/%8ld, %8d\n",
13331 + i, (unsigned long)__rlim_get(limit, i),
13332 + (unsigned long)__rlim_rmin(limit, i),
13333 + (unsigned long)__rlim_rmax(limit, i),
13334 + (long)__rlim_soft(limit, i),
13335 + (long)__rlim_hard(limit, i),
13336 + atomic_read(&__rlim_lhit(limit, i)));
13342 +#endif /* _VX_LIMIT_DEF_H */
13343 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/limit.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/limit.h
13344 --- linux-2.6.25.11/include/linux/vserver/limit.h 1969-12-31 19:00:00.000000000 -0500
13345 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/limit.h 2008-04-19 15:14:52.000000000 -0400
13347 +#ifndef _VX_LIMIT_H
13348 +#define _VX_LIMIT_H
13350 +#define VLIMIT_NSOCK 16
13351 +#define VLIMIT_OPENFD 17
13352 +#define VLIMIT_ANON 18
13353 +#define VLIMIT_SHMEM 19
13354 +#define VLIMIT_SEMARY 20
13355 +#define VLIMIT_NSEMS 21
13356 +#define VLIMIT_DENTRY 22
13357 +#define VLIMIT_MAPPED 23
13362 +#define VLIM_NOCHECK ((1L << VLIMIT_DENTRY) | (1L << RLIMIT_RSS))
13364 +/* keep in sync with CRLIM_INFINITY */
13366 +#define VLIM_INFINITY (~0ULL)
13368 +#include <asm/atomic.h>
13369 +#include <asm/resource.h>
13371 +#ifndef RLIM_INFINITY
13372 +#warning RLIM_INFINITY is undefined
13375 +#define __rlim_val(l, r, v) ((l)->res[r].v)
13377 +#define __rlim_soft(l, r) __rlim_val(l, r, soft)
13378 +#define __rlim_hard(l, r) __rlim_val(l, r, hard)
13380 +#define __rlim_rcur(l, r) __rlim_val(l, r, rcur)
13381 +#define __rlim_rmin(l, r) __rlim_val(l, r, rmin)
13382 +#define __rlim_rmax(l, r) __rlim_val(l, r, rmax)
13384 +#define __rlim_lhit(l, r) __rlim_val(l, r, lhit)
13385 +#define __rlim_hit(l, r) atomic_inc(&__rlim_lhit(l, r))
13387 +typedef atomic_long_t rlim_atomic_t;
13388 +typedef unsigned long rlim_t;
13390 +#define __rlim_get(l, r) atomic_long_read(&__rlim_rcur(l, r))
13391 +#define __rlim_set(l, r, v) atomic_long_set(&__rlim_rcur(l, r), v)
13392 +#define __rlim_inc(l, r) atomic_long_inc(&__rlim_rcur(l, r))
13393 +#define __rlim_dec(l, r) atomic_long_dec(&__rlim_rcur(l, r))
13394 +#define __rlim_add(l, r, v) atomic_long_add(v, &__rlim_rcur(l, r))
13395 +#define __rlim_sub(l, r, v) atomic_long_sub(v, &__rlim_rcur(l, r))
13398 +#if (RLIM_INFINITY == VLIM_INFINITY)
13399 +#define VX_VLIM(r) ((long long)(long)(r))
13400 +#define VX_RLIM(v) ((rlim_t)(v))
13402 +#define VX_VLIM(r) (((r) == RLIM_INFINITY) \
13403 + ? VLIM_INFINITY : (long long)(r))
13404 +#define VX_RLIM(v) (((v) == VLIM_INFINITY) \
13405 + ? RLIM_INFINITY : (rlim_t)(v))
13410 +void vx_vsi_meminfo(struct sysinfo *);
13411 +void vx_vsi_swapinfo(struct sysinfo *);
13413 +#define NUM_LIMITS 24
13415 +#endif /* __KERNEL__ */
13416 +#endif /* _VX_LIMIT_H */
13417 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/limit_int.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/limit_int.h
13418 --- linux-2.6.25.11/include/linux/vserver/limit_int.h 1969-12-31 19:00:00.000000000 -0500
13419 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/limit_int.h 2008-04-19 15:14:52.000000000 -0400
13421 +#ifndef _VX_LIMIT_INT_H
13422 +#define _VX_LIMIT_INT_H
13424 +#include "context.h"
13428 +#define VXD_RCRES_COND(r) VXD_CBIT(cres, r)
13429 +#define VXD_RLIMIT_COND(r) VXD_CBIT(limit, r)
13431 +extern const char *vlimit_name[NUM_LIMITS];
13433 +static inline void __vx_acc_cres(struct vx_info *vxi,
13434 + int res, int dir, void *_data, char *_file, int _line)
13436 + if (VXD_RCRES_COND(res))
13437 + vxlprintk(1, "vx_acc_cres[%5d,%s,%2d]: %5ld%s (%p)",
13438 + (vxi ? vxi->vx_id : -1), vlimit_name[res], res,
13439 + (vxi ? (long)__rlim_get(&vxi->limit, res) : 0),
13440 + (dir > 0) ? "++" : "--", _data, _file, _line);
13445 + __rlim_inc(&vxi->limit, res);
13447 + __rlim_dec(&vxi->limit, res);
13450 +static inline void __vx_add_cres(struct vx_info *vxi,
13451 + int res, int amount, void *_data, char *_file, int _line)
13453 + if (VXD_RCRES_COND(res))
13454 + vxlprintk(1, "vx_add_cres[%5d,%s,%2d]: %5ld += %5d (%p)",
13455 + (vxi ? vxi->vx_id : -1), vlimit_name[res], res,
13456 + (vxi ? (long)__rlim_get(&vxi->limit, res) : 0),
13457 + amount, _data, _file, _line);
13462 + __rlim_add(&vxi->limit, res, amount);
13466 +int __vx_cres_adjust_max(struct _vx_limit *limit, int res, rlim_t value)
13468 + int cond = (value > __rlim_rmax(limit, res));
13471 + __rlim_rmax(limit, res) = value;
13476 +int __vx_cres_adjust_min(struct _vx_limit *limit, int res, rlim_t value)
13478 + int cond = (value < __rlim_rmin(limit, res));
13481 + __rlim_rmin(limit, res) = value;
13486 +void __vx_cres_fixup(struct _vx_limit *limit, int res, rlim_t value)
13488 + if (!__vx_cres_adjust_max(limit, res, value))
13489 + __vx_cres_adjust_min(limit, res, value);
13494 + +1 ... no limit hit
13495 + -1 ... over soft limit
13496 + 0 ... over hard limit */
13498 +static inline int __vx_cres_avail(struct vx_info *vxi,
13499 + int res, int num, char *_file, int _line)
13501 + struct _vx_limit *limit;
13504 + if (VXD_RLIMIT_COND(res))
13505 + vxlprintk(1, "vx_cres_avail[%5d,%s,%2d]: %5ld/%5ld > %5ld + %5d",
13506 + (vxi ? vxi->vx_id : -1), vlimit_name[res], res,
13507 + (vxi ? (long)__rlim_soft(&vxi->limit, res) : -1),
13508 + (vxi ? (long)__rlim_hard(&vxi->limit, res) : -1),
13509 + (vxi ? (long)__rlim_get(&vxi->limit, res) : 0),
13510 + num, _file, _line);
13514 + limit = &vxi->limit;
13515 + value = __rlim_get(limit, res);
13517 + if (!__vx_cres_adjust_max(limit, res, value))
13518 + __vx_cres_adjust_min(limit, res, value);
13523 + if (__rlim_soft(limit, res) == RLIM_INFINITY)
13525 + if (value + num <= __rlim_soft(limit, res))
13528 + if (__rlim_hard(limit, res) == RLIM_INFINITY)
13530 + if (value + num <= __rlim_hard(limit, res))
13533 + __rlim_hit(limit, res);
13538 +static const int VLA_RSS[] = { RLIMIT_RSS, VLIMIT_ANON, VLIMIT_MAPPED, 0 };
13541 +rlim_t __vx_cres_array_sum(struct _vx_limit *limit, const int *array)
13543 + rlim_t value, sum = 0;
13546 + while ((res = *array++)) {
13547 + value = __rlim_get(limit, res);
13548 + __vx_cres_fixup(limit, res, value);
13555 +rlim_t __vx_cres_array_fixup(struct _vx_limit *limit, const int *array)
13557 + rlim_t value = __vx_cres_array_sum(limit, array + 1);
13558 + int res = *array;
13560 + if (value == __rlim_get(limit, res))
13563 + __rlim_set(limit, res, value);
13564 + /* now adjust min/max */
13565 + if (!__vx_cres_adjust_max(limit, res, value))
13566 + __vx_cres_adjust_min(limit, res, value);
13571 +static inline int __vx_cres_array_avail(struct vx_info *vxi,
13572 + const int *array, int num, char *_file, int _line)
13574 + struct _vx_limit *limit;
13575 + rlim_t value = 0;
13583 + limit = &vxi->limit;
13585 + value = __vx_cres_array_sum(limit, array + 1);
13587 + __rlim_set(limit, res, value);
13588 + __vx_cres_fixup(limit, res, value);
13590 + return __vx_cres_avail(vxi, res, num, _file, _line);
13594 +static inline void vx_limit_fixup(struct _vx_limit *limit, int id)
13599 + /* complex resources first */
13600 + if ((id < 0) || (id == RLIMIT_RSS))
13601 + __vx_cres_array_fixup(limit, VLA_RSS);
13603 + for (res = 0; res < NUM_LIMITS; res++) {
13604 + if ((id > 0) && (res != id))
13607 + value = __rlim_get(limit, res);
13608 + __vx_cres_fixup(limit, res, value);
13610 + /* not supposed to happen, maybe warn? */
13611 + if (__rlim_rmax(limit, res) > __rlim_hard(limit, res))
13612 + __rlim_rmax(limit, res) = __rlim_hard(limit, res);
13617 +#endif /* __KERNEL__ */
13618 +#endif /* _VX_LIMIT_INT_H */
13619 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/monitor.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/monitor.h
13620 --- linux-2.6.25.11/include/linux/vserver/monitor.h 1969-12-31 19:00:00.000000000 -0500
13621 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/monitor.h 2008-04-19 15:14:52.000000000 -0400
13623 +#ifndef _VX_MONITOR_H
13624 +#define _VX_MONITOR_H
13626 +#include <linux/types.h>
13633 + VXM_UPDATE = 0x20,
13637 + VXM_RQINFO_1 = 0x24,
13640 + VXM_ACTIVATE = 0x40,
13647 + VXM_MIGRATE = 0x48,
13650 + /* all other bits are flags */
13651 + VXM_SCHED = 0x80,
13654 +struct _vxm_update_1 {
13655 + uint32_t tokens_max;
13656 + uint32_t fill_rate;
13657 + uint32_t interval;
13660 +struct _vxm_update_2 {
13661 + uint32_t tokens_min;
13662 + uint32_t fill_rate;
13663 + uint32_t interval;
13666 +struct _vxm_rqinfo_1 {
13667 + uint16_t running;
13671 + uint32_t idle_tokens;
13674 +struct _vxm_rqinfo_2 {
13675 + uint32_t norm_time;
13676 + uint32_t idle_time;
13677 + uint32_t idle_skip;
13680 +struct _vxm_sched {
13682 + uint32_t norm_time;
13683 + uint32_t idle_time;
13686 +struct _vxm_task {
13691 +struct _vxm_event {
13700 + struct _vxm_task tsk;
13704 +struct _vx_mon_entry {
13708 + struct _vxm_event ev;
13709 + struct _vxm_sched sd;
13710 + struct _vxm_update_1 u1;
13711 + struct _vxm_update_2 u2;
13712 + struct _vxm_rqinfo_1 q1;
13713 + struct _vxm_rqinfo_2 q2;
13718 +#endif /* _VX_MONITOR_H */
13719 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/network_cmd.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/network_cmd.h
13720 --- linux-2.6.25.11/include/linux/vserver/network_cmd.h 1969-12-31 19:00:00.000000000 -0500
13721 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/network_cmd.h 2008-04-19 15:14:52.000000000 -0400
13723 +#ifndef _VX_NETWORK_CMD_H
13724 +#define _VX_NETWORK_CMD_H
13727 +/* vinfo commands */
13729 +#define VCMD_task_nid VC_CMD(VINFO, 2, 0)
13732 +extern int vc_task_nid(uint32_t);
13734 +#endif /* __KERNEL__ */
13736 +#define VCMD_nx_info VC_CMD(VINFO, 6, 0)
13738 +struct vcmd_nx_info_v0 {
13740 + /* more to come */
13744 +extern int vc_nx_info(struct nx_info *, void __user *);
13746 +#endif /* __KERNEL__ */
13748 +#include <linux/in.h>
13749 +#include <linux/in6.h>
13751 +#define VCMD_net_create_v0 VC_CMD(VNET, 1, 0)
13752 +#define VCMD_net_create VC_CMD(VNET, 1, 1)
13754 +struct vcmd_net_create {
13755 + uint64_t flagword;
13758 +#define VCMD_net_migrate VC_CMD(NETMIG, 1, 0)
13760 +#define VCMD_net_add VC_CMD(NETALT, 1, 0)
13761 +#define VCMD_net_remove VC_CMD(NETALT, 2, 0)
13763 +struct vcmd_net_addr_v0 {
13766 + struct in_addr ip[4];
13767 + struct in_addr mask[4];
13770 +#define VCMD_net_add_ipv4 VC_CMD(NETALT, 1, 1)
13771 +#define VCMD_net_remove_ipv4 VC_CMD(NETALT, 2, 1)
13773 +struct vcmd_net_addr_ipv4_v1 {
13776 + struct in_addr ip;
13777 + struct in_addr mask;
13780 +#define VCMD_net_add_ipv6 VC_CMD(NETALT, 3, 1)
13781 +#define VCMD_net_remove_ipv6 VC_CMD(NETALT, 4, 1)
13783 +struct vcmd_net_addr_ipv6_v1 {
13787 + struct in6_addr ip;
13788 + struct in6_addr mask;
13791 +#define VCMD_add_match_ipv4 VC_CMD(NETALT, 5, 0)
13792 +#define VCMD_get_match_ipv4 VC_CMD(NETALT, 6, 0)
13794 +struct vcmd_match_ipv4_v0 {
13799 + struct in_addr ip;
13800 + struct in_addr ip2;
13801 + struct in_addr mask;
13804 +#define VCMD_add_match_ipv6 VC_CMD(NETALT, 7, 0)
13805 +#define VCMD_get_match_ipv6 VC_CMD(NETALT, 8, 0)
13807 +struct vcmd_match_ipv6_v0 {
13812 + struct in6_addr ip;
13813 + struct in6_addr ip2;
13814 + struct in6_addr mask;
13819 +extern int vc_net_create(uint32_t, void __user *);
13820 +extern int vc_net_migrate(struct nx_info *, void __user *);
13822 +extern int vc_net_add(struct nx_info *, void __user *);
13823 +extern int vc_net_remove(struct nx_info *, void __user *);
13825 +extern int vc_net_add_ipv4(struct nx_info *, void __user *);
13826 +extern int vc_net_remove_ipv4(struct nx_info *, void __user *);
13828 +extern int vc_net_add_ipv6(struct nx_info *, void __user *);
13829 +extern int vc_net_remove_ipv6(struct nx_info *, void __user *);
13831 +extern int vc_add_match_ipv4(struct nx_info *, void __user *);
13832 +extern int vc_get_match_ipv4(struct nx_info *, void __user *);
13834 +extern int vc_add_match_ipv6(struct nx_info *, void __user *);
13835 +extern int vc_get_match_ipv6(struct nx_info *, void __user *);
13837 +#endif /* __KERNEL__ */
13840 +/* flag commands */
13842 +#define VCMD_get_nflags VC_CMD(FLAGS, 5, 0)
13843 +#define VCMD_set_nflags VC_CMD(FLAGS, 6, 0)
13845 +struct vcmd_net_flags_v0 {
13846 + uint64_t flagword;
13851 +extern int vc_get_nflags(struct nx_info *, void __user *);
13852 +extern int vc_set_nflags(struct nx_info *, void __user *);
13854 +#endif /* __KERNEL__ */
13857 +/* network caps commands */
13859 +#define VCMD_get_ncaps VC_CMD(FLAGS, 7, 0)
13860 +#define VCMD_set_ncaps VC_CMD(FLAGS, 8, 0)
13862 +struct vcmd_net_caps_v0 {
13868 +extern int vc_get_ncaps(struct nx_info *, void __user *);
13869 +extern int vc_set_ncaps(struct nx_info *, void __user *);
13871 +#endif /* __KERNEL__ */
13872 +#endif /* _VX_CONTEXT_CMD_H */
13873 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/network.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/network.h
13874 --- linux-2.6.25.11/include/linux/vserver/network.h 1969-12-31 19:00:00.000000000 -0500
13875 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/network.h 2008-04-19 15:14:52.000000000 -0400
13877 +#ifndef _VX_NETWORK_H
13878 +#define _VX_NETWORK_H
13880 +#include <linux/types.h>
13883 +#define MAX_N_CONTEXT 65535 /* Arbitrary limit */
13886 +/* network flags */
13888 +#define NXF_INFO_PRIVATE 0x00000008
13890 +#define NXF_SINGLE_IP 0x00000100
13891 +#define NXF_LBACK_REMAP 0x00000200
13892 +#define NXF_LBACK_ALLOW 0x00000400
13894 +#define NXF_HIDE_NETIF 0x02000000
13895 +#define NXF_HIDE_LBACK 0x04000000
13897 +#define NXF_STATE_SETUP (1ULL << 32)
13898 +#define NXF_STATE_ADMIN (1ULL << 34)
13900 +#define NXF_SC_HELPER (1ULL << 36)
13901 +#define NXF_PERSISTENT (1ULL << 38)
13903 +#define NXF_ONE_TIME (0x0005ULL << 32)
13906 +#define NXF_INIT_SET (__nxf_init_set())
13908 +static inline uint64_t __nxf_init_set(void) {
13909 + return NXF_STATE_ADMIN
13910 +#ifdef CONFIG_VSERVER_AUTO_LBACK
13911 + | NXF_LBACK_REMAP
13914 +#ifdef CONFIG_VSERVER_AUTO_SINGLE
13917 + | NXF_HIDE_NETIF;
13921 +/* network caps */
13923 +#define NXC_TUN_CREATE 0x00000001
13925 +#define NXC_RAW_ICMP 0x00000100
13928 +/* address types */
13930 +#define NXA_TYPE_IPV4 0x0001
13931 +#define NXA_TYPE_IPV6 0x0002
13933 +#define NXA_TYPE_NONE 0x0000
13934 +#define NXA_TYPE_ANY 0x00FF
13936 +#define NXA_TYPE_ADDR 0x0010
13937 +#define NXA_TYPE_MASK 0x0020
13938 +#define NXA_TYPE_RANGE 0x0040
13940 +#define NXA_MASK_ALL (NXA_TYPE_ADDR | NXA_TYPE_MASK | NXA_TYPE_RANGE)
13942 +#define NXA_MOD_BCAST 0x0100
13943 +#define NXA_MOD_LBACK 0x0200
13945 +#define NXA_LOOPBACK 0x1000
13947 +#define NXA_MASK_BIND (NXA_MASK_ALL | NXA_MOD_BCAST | NXA_MOD_LBACK)
13948 +#define NXA_MASK_SHOW (NXA_MASK_ALL | NXA_LOOPBACK)
13952 +#include <linux/list.h>
13953 +#include <linux/spinlock.h>
13954 +#include <linux/rcupdate.h>
13955 +#include <linux/in.h>
13956 +#include <linux/in6.h>
13957 +#include <asm/atomic.h>
13959 +struct nx_addr_v4 {
13960 + struct nx_addr_v4 *next;
13961 + struct in_addr ip[2];
13962 + struct in_addr mask;
13967 +struct nx_addr_v6 {
13968 + struct nx_addr_v6 *next;
13969 + struct in6_addr ip;
13970 + struct in6_addr mask;
13977 + struct hlist_node nx_hlist; /* linked list of nxinfos */
13978 + nid_t nx_id; /* vnet id */
13979 + atomic_t nx_usecnt; /* usage count */
13980 + atomic_t nx_tasks; /* tasks count */
13981 + int nx_state; /* context state */
13983 + uint64_t nx_flags; /* network flag word */
13984 + uint64_t nx_ncaps; /* network capabilities */
13986 + struct in_addr v4_lback; /* Loopback address */
13987 + struct in_addr v4_bcast; /* Broadcast address */
13988 + struct nx_addr_v4 v4; /* First/Single ipv4 address */
13989 +#ifdef CONFIG_IPV6
13990 + struct nx_addr_v6 v6; /* First/Single ipv6 address */
13992 + char nx_name[65]; /* network context name */
13996 +/* status flags */
13998 +#define NXS_HASHED 0x0001
13999 +#define NXS_SHUTDOWN 0x0100
14000 +#define NXS_RELEASED 0x8000
14002 +extern struct nx_info *lookup_nx_info(int);
14004 +extern int get_nid_list(int, unsigned int *, int);
14005 +extern int nid_is_hashed(nid_t);
14007 +extern int nx_migrate_task(struct task_struct *, struct nx_info *);
14009 +extern long vs_net_change(struct nx_info *, unsigned int);
14014 +#define NX_IPV4(n) ((n)->v4.type != NXA_TYPE_NONE)
14015 +#ifdef CONFIG_IPV6
14016 +#define NX_IPV6(n) ((n)->v6.type != NXA_TYPE_NONE)
14018 +#define NX_IPV6(n) (0)
14021 +#endif /* __KERNEL__ */
14022 +#endif /* _VX_NETWORK_H */
14023 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/percpu.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/percpu.h
14024 --- linux-2.6.25.11/include/linux/vserver/percpu.h 1969-12-31 19:00:00.000000000 -0500
14025 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/percpu.h 2008-04-19 15:14:52.000000000 -0400
14027 +#ifndef _VX_PERCPU_H
14028 +#define _VX_PERCPU_H
14030 +#include "cvirt_def.h"
14031 +#include "sched_def.h"
14033 +struct _vx_percpu {
14034 + struct _vx_cvirt_pc cvirt;
14035 + struct _vx_sched_pc sched;
14038 +#define PERCPU_PERCTX (sizeof(struct _vx_percpu))
14040 +#endif /* _VX_PERCPU_H */
14041 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/pid.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/pid.h
14042 --- linux-2.6.25.11/include/linux/vserver/pid.h 1969-12-31 19:00:00.000000000 -0500
14043 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/pid.h 2008-04-19 15:14:52.000000000 -0400
14045 +#ifndef _VSERVER_PID_H
14046 +#define _VSERVER_PID_H
14048 +/* pid faking stuff */
14050 +#define vx_info_map_pid(v, p) \
14051 + __vx_info_map_pid((v), (p), __FUNC__, __FILE__, __LINE__)
14052 +#define vx_info_map_tgid(v,p) vx_info_map_pid(v,p)
14053 +#define vx_map_pid(p) vx_info_map_pid(current->vx_info, p)
14054 +#define vx_map_tgid(p) vx_map_pid(p)
14056 +static inline int __vx_info_map_pid(struct vx_info *vxi, int pid,
14057 + const char *func, const char *file, int line)
14059 + if (vx_info_flags(vxi, VXF_INFO_INIT, 0)) {
14060 + vxfprintk(VXD_CBIT(cvirt, 2),
14061 + "vx_map_tgid: %p/%llx: %d -> %d",
14062 + vxi, (long long)vxi->vx_flags, pid,
14063 + (pid && pid == vxi->vx_initpid) ? 1 : pid,
14064 + func, file, line);
14067 + if (pid == vxi->vx_initpid)
14073 +#define vx_info_rmap_pid(v, p) \
14074 + __vx_info_rmap_pid((v), (p), __FUNC__, __FILE__, __LINE__)
14075 +#define vx_rmap_pid(p) vx_info_rmap_pid(current->vx_info, p)
14076 +#define vx_rmap_tgid(p) vx_rmap_pid(p)
14078 +static inline int __vx_info_rmap_pid(struct vx_info *vxi, int pid,
14079 + const char *func, const char *file, int line)
14081 + if (vx_info_flags(vxi, VXF_INFO_INIT, 0)) {
14082 + vxfprintk(VXD_CBIT(cvirt, 2),
14083 + "vx_rmap_tgid: %p/%llx: %d -> %d",
14084 + vxi, (long long)vxi->vx_flags, pid,
14085 + (pid == 1) ? vxi->vx_initpid : pid,
14086 + func, file, line);
14087 + if ((pid == 1) && vxi->vx_initpid)
14088 + return vxi->vx_initpid;
14089 + if (pid == vxi->vx_initpid)
14096 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/sched_cmd.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/sched_cmd.h
14097 --- linux-2.6.25.11/include/linux/vserver/sched_cmd.h 1969-12-31 19:00:00.000000000 -0500
14098 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/sched_cmd.h 2008-04-19 15:14:52.000000000 -0400
14100 +#ifndef _VX_SCHED_CMD_H
14101 +#define _VX_SCHED_CMD_H
14104 +/* sched vserver commands */
14106 +#define VCMD_set_sched_v2 VC_CMD(SCHED, 1, 2)
14107 +#define VCMD_set_sched_v3 VC_CMD(SCHED, 1, 3)
14108 +#define VCMD_set_sched_v4 VC_CMD(SCHED, 1, 4)
14110 +struct vcmd_set_sched_v2 {
14111 + int32_t fill_rate;
14112 + int32_t interval;
14114 + int32_t tokens_min;
14115 + int32_t tokens_max;
14116 + uint64_t cpu_mask;
14119 +struct vcmd_set_sched_v3 {
14120 + uint32_t set_mask;
14121 + int32_t fill_rate;
14122 + int32_t interval;
14124 + int32_t tokens_min;
14125 + int32_t tokens_max;
14126 + int32_t priority_bias;
14129 +struct vcmd_set_sched_v4 {
14130 + uint32_t set_mask;
14131 + int32_t fill_rate;
14132 + int32_t interval;
14134 + int32_t tokens_min;
14135 + int32_t tokens_max;
14136 + int32_t prio_bias;
14138 + int32_t bucket_id;
14141 +#define VCMD_set_sched VC_CMD(SCHED, 1, 5)
14142 +#define VCMD_get_sched VC_CMD(SCHED, 2, 5)
14144 +struct vcmd_sched_v5 {
14147 + int32_t bucket_id;
14148 + int32_t fill_rate[2];
14149 + int32_t interval[2];
14151 + int32_t tokens_min;
14152 + int32_t tokens_max;
14153 + int32_t prio_bias;
14156 +#define VXSM_FILL_RATE 0x0001
14157 +#define VXSM_INTERVAL 0x0002
14158 +#define VXSM_FILL_RATE2 0x0004
14159 +#define VXSM_INTERVAL2 0x0008
14160 +#define VXSM_TOKENS 0x0010
14161 +#define VXSM_TOKENS_MIN 0x0020
14162 +#define VXSM_TOKENS_MAX 0x0040
14163 +#define VXSM_PRIO_BIAS 0x0100
14165 +#define VXSM_IDLE_TIME 0x0200
14166 +#define VXSM_FORCE 0x0400
14168 +#define VXSM_V3_MASK 0x0173
14169 +#define VXSM_SET_MASK 0x01FF
14171 +#define VXSM_CPU_ID 0x1000
14172 +#define VXSM_BUCKET_ID 0x2000
14174 +#define VXSM_MSEC 0x4000
14176 +#define SCHED_KEEP (-2) /* only for v2 */
14180 +#include <linux/compiler.h>
14182 +extern int vc_set_sched_v2(struct vx_info *, void __user *);
14183 +extern int vc_set_sched_v3(struct vx_info *, void __user *);
14184 +extern int vc_set_sched_v4(struct vx_info *, void __user *);
14185 +extern int vc_set_sched(struct vx_info *, void __user *);
14186 +extern int vc_get_sched(struct vx_info *, void __user *);
14188 +#endif /* __KERNEL__ */
14190 +#define VCMD_sched_info VC_CMD(SCHED, 3, 0)
14192 +struct vcmd_sched_info {
14194 + int32_t bucket_id;
14195 + uint64_t user_msec;
14196 + uint64_t sys_msec;
14197 + uint64_t hold_msec;
14198 + uint32_t token_usec;
14199 + int32_t vavavoom;
14204 +extern int vc_sched_info(struct vx_info *, void __user *);
14206 +#endif /* __KERNEL__ */
14207 +#endif /* _VX_SCHED_CMD_H */
14208 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/sched_def.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/sched_def.h
14209 --- linux-2.6.25.11/include/linux/vserver/sched_def.h 1969-12-31 19:00:00.000000000 -0500
14210 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/sched_def.h 2008-04-19 15:14:52.000000000 -0400
14212 +#ifndef _VX_SCHED_DEF_H
14213 +#define _VX_SCHED_DEF_H
14215 +#include <linux/spinlock.h>
14216 +#include <linux/jiffies.h>
14217 +#include <linux/cpumask.h>
14218 +#include <asm/atomic.h>
14219 +#include <asm/param.h>
14222 +/* context sub struct */
14224 +struct _vx_sched {
14225 + spinlock_t tokens_lock; /* lock for token bucket */
14227 + int tokens; /* number of CPU tokens */
14228 + int fill_rate[2]; /* Fill rate: add X tokens... */
14229 + int interval[2]; /* Divisor: per Y jiffies */
14230 + int tokens_min; /* Limit: minimum for unhold */
14231 + int tokens_max; /* Limit: no more than N tokens */
14233 + int prio_bias; /* bias offset for priority */
14235 + unsigned update_mask; /* which features should be updated */
14236 + cpumask_t update; /* CPUs which should update */
14239 +struct _vx_sched_pc {
14240 + int tokens; /* number of CPU tokens */
14241 + int flags; /* bucket flags */
14243 + int fill_rate[2]; /* Fill rate: add X tokens... */
14244 + int interval[2]; /* Divisor: per Y jiffies */
14245 + int tokens_min; /* Limit: minimum for unhold */
14246 + int tokens_max; /* Limit: no more than N tokens */
14248 + int prio_bias; /* bias offset for priority */
14249 + int vavavoom; /* last calculated vavavoom */
14251 + unsigned long norm_time; /* last time accounted */
14252 + unsigned long idle_time; /* non linear time for fair sched */
14253 + unsigned long token_time; /* token time for accounting */
14254 + unsigned long onhold; /* jiffies when put on hold */
14256 + uint64_t user_ticks; /* token tick events */
14257 + uint64_t sys_ticks; /* token tick events */
14258 + uint64_t hold_ticks; /* token ticks paused */
14262 +#define VXSF_ONHOLD 0x0001
14263 +#define VXSF_IDLE_TIME 0x0100
14265 +#ifdef CONFIG_VSERVER_DEBUG
14267 +static inline void __dump_vx_sched(struct _vx_sched *sched)
14269 + printk("\t_vx_sched:\n");
14270 + printk("\t tokens: %4d/%4d, %4d/%4d, %4d, %4d\n",
14271 + sched->fill_rate[0], sched->interval[0],
14272 + sched->fill_rate[1], sched->interval[1],
14273 + sched->tokens_min, sched->tokens_max);
14274 + printk("\t priority = %4d\n", sched->prio_bias);
14279 +#endif /* _VX_SCHED_DEF_H */
14280 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/sched.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/sched.h
14281 --- linux-2.6.25.11/include/linux/vserver/sched.h 1969-12-31 19:00:00.000000000 -0500
14282 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/sched.h 2008-04-19 15:14:52.000000000 -0400
14284 +#ifndef _VX_SCHED_H
14285 +#define _VX_SCHED_H
14292 +void vx_vsi_uptime(struct timespec *, struct timespec *);
14297 +void vx_update_load(struct vx_info *);
14300 +int vx_tokens_recalc(struct _vx_sched_pc *,
14301 + unsigned long *, unsigned long *, int [2]);
14303 +void vx_update_sched_param(struct _vx_sched *sched,
14304 + struct _vx_sched_pc *sched_pc);
14306 +#endif /* __KERNEL__ */
14307 +#else /* _VX_SCHED_H */
14308 +#warning duplicate inclusion
14309 +#endif /* _VX_SCHED_H */
14310 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/signal_cmd.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/signal_cmd.h
14311 --- linux-2.6.25.11/include/linux/vserver/signal_cmd.h 1969-12-31 19:00:00.000000000 -0500
14312 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/signal_cmd.h 2008-04-19 15:14:52.000000000 -0400
14314 +#ifndef _VX_SIGNAL_CMD_H
14315 +#define _VX_SIGNAL_CMD_H
14318 +/* signalling vserver commands */
14320 +#define VCMD_ctx_kill VC_CMD(PROCTRL, 1, 0)
14321 +#define VCMD_wait_exit VC_CMD(EVENT, 99, 0)
14323 +struct vcmd_ctx_kill_v0 {
14328 +struct vcmd_wait_exit_v0 {
14329 + int32_t reboot_cmd;
14330 + int32_t exit_code;
14335 +extern int vc_ctx_kill(struct vx_info *, void __user *);
14336 +extern int vc_wait_exit(struct vx_info *, void __user *);
14338 +#endif /* __KERNEL__ */
14340 +/* process alteration commands */
14342 +#define VCMD_get_pflags VC_CMD(PROCALT, 5, 0)
14343 +#define VCMD_set_pflags VC_CMD(PROCALT, 6, 0)
14345 +struct vcmd_pflags_v0 {
14346 + uint32_t flagword;
14352 +extern int vc_get_pflags(uint32_t pid, void __user *);
14353 +extern int vc_set_pflags(uint32_t pid, void __user *);
14355 +#endif /* __KERNEL__ */
14356 +#endif /* _VX_SIGNAL_CMD_H */
14357 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/signal.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/signal.h
14358 --- linux-2.6.25.11/include/linux/vserver/signal.h 1969-12-31 19:00:00.000000000 -0500
14359 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/signal.h 2008-04-19 15:14:52.000000000 -0400
14361 +#ifndef _VX_SIGNAL_H
14362 +#define _VX_SIGNAL_H
14369 +int vx_info_kill(struct vx_info *, int, int);
14371 +#endif /* __KERNEL__ */
14372 +#else /* _VX_SIGNAL_H */
14373 +#warning duplicate inclusion
14374 +#endif /* _VX_SIGNAL_H */
14375 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/space_cmd.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/space_cmd.h
14376 --- linux-2.6.25.11/include/linux/vserver/space_cmd.h 1969-12-31 19:00:00.000000000 -0500
14377 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/space_cmd.h 2008-07-16 00:21:29.000000000 -0400
14379 +#ifndef _VX_SPACE_CMD_H
14380 +#define _VX_SPACE_CMD_H
14383 +#define VCMD_enter_space_v0 VC_CMD(PROCALT, 1, 0)
14384 +#define VCMD_enter_space VC_CMD(PROCALT, 1, 1)
14386 +#define VCMD_set_space_v0 VC_CMD(PROCALT, 3, 0)
14387 +#define VCMD_set_space VC_CMD(PROCALT, 3, 1)
14389 +#define VCMD_get_space_mask_v0 VC_CMD(PROCALT, 4, 0)
14391 +#define VCMD_get_space_mask VC_CMD(VSPACE, 0, 1)
14392 +#define VCMD_get_space_default VC_CMD(VSPACE, 1, 0)
14395 +struct vcmd_space_mask {
14402 +extern int vc_enter_space(struct vx_info *, void __user *);
14403 +extern int vc_set_space(struct vx_info *, void __user *);
14404 +extern int vc_get_space_mask(void __user *, int);
14406 +#endif /* __KERNEL__ */
14407 +#endif /* _VX_SPACE_CMD_H */
14408 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/space.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/space.h
14409 --- linux-2.6.25.11/include/linux/vserver/space.h 1969-12-31 19:00:00.000000000 -0500
14410 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/space.h 2008-04-19 15:14:52.000000000 -0400
14412 +#ifndef _VX_SPACE_H
14413 +#define _VX_SPACE_H
14416 +#include <linux/types.h>
14420 +int vx_set_space(struct vx_info *vxi, unsigned long mask);
14422 +#else /* _VX_SPACE_H */
14423 +#warning duplicate inclusion
14424 +#endif /* _VX_SPACE_H */
14425 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/switch.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/switch.h
14426 --- linux-2.6.25.11/include/linux/vserver/switch.h 1969-12-31 19:00:00.000000000 -0500
14427 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/switch.h 2008-07-15 22:47:32.000000000 -0400
14429 +#ifndef _VX_SWITCH_H
14430 +#define _VX_SWITCH_H
14432 +#include <linux/types.h>
14435 +#define VC_CATEGORY(c) (((c) >> 24) & 0x3F)
14436 +#define VC_COMMAND(c) (((c) >> 16) & 0xFF)
14437 +#define VC_VERSION(c) ((c) & 0xFFF)
14439 +#define VC_CMD(c, i, v) ((((VC_CAT_ ## c) & 0x3F) << 24) \
14440 + | (((i) & 0xFF) << 16) | ((v) & 0xFFF))
14444 + Syscall Matrix V2.8
14446 + |VERSION|CREATE |MODIFY |MIGRATE|CONTROL|EXPERIM| |SPECIAL|SPECIAL|
14447 + |STATS |DESTROY|ALTER |CHANGE |LIMIT |TEST | | | |
14448 + |INFO |SETUP | |MOVE | | | | | |
14449 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
14450 + SYSTEM |VERSION|VSETUP |VHOST | | | | |DEVICE | |
14451 + HOST | 00| 01| 02| 03| 04| 05| | 06| 07|
14452 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
14453 + CPU | |VPROC |PROCALT|PROCMIG|PROCTRL| | |SCHED. | |
14454 + PROCESS| 08| 09| 10| 11| 12| 13| | 14| 15|
14455 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
14456 + MEMORY | | | | |MEMCTRL| | |SWAP | |
14457 + | 16| 17| 18| 19| 20| 21| | 22| 23|
14458 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
14459 + NETWORK| |VNET |NETALT |NETMIG |NETCTL | | |SERIAL | |
14460 + | 24| 25| 26| 27| 28| 29| | 30| 31|
14461 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
14462 + DISK | | | |TAGMIG |DLIMIT | | |INODE | |
14463 + VFS | 32| 33| 34| 35| 36| 37| | 38| 39|
14464 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
14465 + OTHER |VSTAT | | | | | | |VINFO | |
14466 + | 40| 41| 42| 43| 44| 45| | 46| 47|
14467 + =======+=======+=======+=======+=======+=======+=======+ +=======+=======+
14468 + SPECIAL|EVENT | | | |FLAGS | | |VSPACE | |
14469 + | 48| 49| 50| 51| 52| 53| | 54| 55|
14470 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
14471 + SPECIAL|DEBUG | | | |RLIMIT |SYSCALL| | |COMPAT |
14472 + | 56| 57| 58| 59| 60|TEST 61| | 62| 63|
14473 + -------+-------+-------+-------+-------+-------+-------+ +-------+-------+
14477 +#define VC_CAT_VERSION 0
14479 +#define VC_CAT_VSETUP 1
14480 +#define VC_CAT_VHOST 2
14482 +#define VC_CAT_DEVICE 6
14484 +#define VC_CAT_VPROC 9
14485 +#define VC_CAT_PROCALT 10
14486 +#define VC_CAT_PROCMIG 11
14487 +#define VC_CAT_PROCTRL 12
14489 +#define VC_CAT_SCHED 14
14490 +#define VC_CAT_MEMCTRL 20
14492 +#define VC_CAT_VNET 25
14493 +#define VC_CAT_NETALT 26
14494 +#define VC_CAT_NETMIG 27
14495 +#define VC_CAT_NETCTRL 28
14497 +#define VC_CAT_TAGMIG 35
14498 +#define VC_CAT_DLIMIT 36
14499 +#define VC_CAT_INODE 38
14501 +#define VC_CAT_VSTAT 40
14502 +#define VC_CAT_VINFO 46
14503 +#define VC_CAT_EVENT 48
14505 +#define VC_CAT_FLAGS 52
14506 +#define VC_CAT_VSPACE 54
14507 +#define VC_CAT_DEBUG 56
14508 +#define VC_CAT_RLIMIT 60
14510 +#define VC_CAT_SYSTEST 61
14511 +#define VC_CAT_COMPAT 63
14513 +/* query version */
14515 +#define VCMD_get_version VC_CMD(VERSION, 0, 0)
14516 +#define VCMD_get_vci VC_CMD(VERSION, 1, 0)
14521 +#include <linux/errno.h>
14524 +#else /* __KERNEL__ */
14526 +#endif /* __KERNEL__ */
14528 +#endif /* _VX_SWITCH_H */
14529 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/tag_cmd.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/tag_cmd.h
14530 --- linux-2.6.25.11/include/linux/vserver/tag_cmd.h 1969-12-31 19:00:00.000000000 -0500
14531 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/tag_cmd.h 2008-04-19 15:14:52.000000000 -0400
14533 +#ifndef _VX_TAG_CMD_H
14534 +#define _VX_TAG_CMD_H
14537 +/* vinfo commands */
14539 +#define VCMD_task_tag VC_CMD(VINFO, 3, 0)
14542 +extern int vc_task_tag(uint32_t);
14544 +#endif /* __KERNEL__ */
14546 +/* context commands */
14548 +#define VCMD_tag_migrate VC_CMD(TAGMIG, 1, 0)
14551 +extern int vc_tag_migrate(uint32_t);
14553 +#endif /* __KERNEL__ */
14554 +#endif /* _VX_TAG_CMD_H */
14555 diff -NurpP --minimal linux-2.6.25.11/include/linux/vserver/tag.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/tag.h
14556 --- linux-2.6.25.11/include/linux/vserver/tag.h 1969-12-31 19:00:00.000000000 -0500
14557 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vserver/tag.h 2008-04-21 13:53:47.000000000 -0400
14562 +#include <linux/types.h>
14565 +#define DX_TAG(in) (IS_TAGGED(in))
14568 +#ifdef CONFIG_DX_TAG_NFSD
14569 +#define DX_TAG_NFSD 1
14571 +#define DX_TAG_NFSD 0
14575 +#ifdef CONFIG_TAGGING_NONE
14577 +#define MAX_UID 0xFFFFFFFF
14578 +#define MAX_GID 0xFFFFFFFF
14580 +#define INOTAG_TAG(cond, uid, gid, tag) (0)
14582 +#define TAGINO_UID(cond, uid, tag) (uid)
14583 +#define TAGINO_GID(cond, gid, tag) (gid)
14588 +#ifdef CONFIG_TAGGING_GID16
14590 +#define MAX_UID 0xFFFFFFFF
14591 +#define MAX_GID 0x0000FFFF
14593 +#define INOTAG_TAG(cond, uid, gid, tag) \
14594 + ((cond) ? (((gid) >> 16) & 0xFFFF) : 0)
14596 +#define TAGINO_UID(cond, uid, tag) (uid)
14597 +#define TAGINO_GID(cond, gid, tag) \
14598 + ((cond) ? (((gid) & 0xFFFF) | ((tag) << 16)) : (gid))
14603 +#ifdef CONFIG_TAGGING_ID24
14605 +#define MAX_UID 0x00FFFFFF
14606 +#define MAX_GID 0x00FFFFFF
14608 +#define INOTAG_TAG(cond, uid, gid, tag) \
14609 + ((cond) ? ((((uid) >> 16) & 0xFF00) | (((gid) >> 24) & 0xFF)) : 0)
14611 +#define TAGINO_UID(cond, uid, tag) \
14612 + ((cond) ? (((uid) & 0xFFFFFF) | (((tag) & 0xFF00) << 16)) : (uid))
14613 +#define TAGINO_GID(cond, gid, tag) \
14614 + ((cond) ? (((gid) & 0xFFFFFF) | (((tag) & 0x00FF) << 24)) : (gid))
14619 +#ifdef CONFIG_TAGGING_UID16
14621 +#define MAX_UID 0x0000FFFF
14622 +#define MAX_GID 0xFFFFFFFF
14624 +#define INOTAG_TAG(cond, uid, gid, tag) \
14625 + ((cond) ? (((uid) >> 16) & 0xFFFF) : 0)
14627 +#define TAGINO_UID(cond, uid, tag) \
14628 + ((cond) ? (((uid) & 0xFFFF) | ((tag) << 16)) : (uid))
14629 +#define TAGINO_GID(cond, gid, tag) (gid)
14634 +#ifdef CONFIG_TAGGING_INTERN
14636 +#define MAX_UID 0xFFFFFFFF
14637 +#define MAX_GID 0xFFFFFFFF
14639 +#define INOTAG_TAG(cond, uid, gid, tag) \
14640 + ((cond) ? (tag) : 0)
14642 +#define TAGINO_UID(cond, uid, tag) (uid)
14643 +#define TAGINO_GID(cond, gid, tag) (gid)
14648 +#ifndef CONFIG_TAGGING_NONE
14649 +#define dx_current_fstag(sb) \
14650 + ((sb)->s_flags & MS_TAGGED ? dx_current_tag() : 0)
14652 +#define dx_current_fstag(sb) (0)
14655 +#ifndef CONFIG_TAGGING_INTERN
14656 +#define TAGINO_TAG(cond, tag) (0)
14658 +#define TAGINO_TAG(cond, tag) ((cond) ? (tag) : 0)
14661 +#define INOTAG_UID(cond, uid, gid) \
14662 + ((cond) ? ((uid) & MAX_UID) : (uid))
14663 +#define INOTAG_GID(cond, uid, gid) \
14664 + ((cond) ? ((gid) & MAX_GID) : (gid))
14667 +static inline uid_t dx_map_uid(uid_t uid)
14669 + if ((uid > MAX_UID) && (uid != -1))
14671 + return (uid & MAX_UID);
14674 +static inline gid_t dx_map_gid(gid_t gid)
14676 + if ((gid > MAX_GID) && (gid != -1))
14678 + return (gid & MAX_GID);
14686 +#define dx_notagcheck(nd) ((nd) && (nd)->path.mnt && \
14687 + ((nd)->path.mnt->mnt_flags & MNT_NOTAGCHECK))
14689 +int dx_parse_tag(char *string, tag_t *tag, int remove);
14691 +#ifdef CONFIG_PROPAGATE
14693 +void __dx_propagate_tag(struct nameidata *nd, struct inode *inode);
14695 +#define dx_propagate_tag(n, i) __dx_propagate_tag(n, i)
14698 +#define dx_propagate_tag(n, i) do { } while (0)
14701 +#endif /* _DX_TAG_H */
14702 diff -NurpP --minimal linux-2.6.25.11/include/linux/vs_inet6.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_inet6.h
14703 --- linux-2.6.25.11/include/linux/vs_inet6.h 1969-12-31 19:00:00.000000000 -0500
14704 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_inet6.h 2008-04-19 15:14:52.000000000 -0400
14706 +#ifndef _VS_INET6_H
14707 +#define _VS_INET6_H
14709 +#include "vserver/base.h"
14710 +#include "vserver/network.h"
14711 +#include "vserver/debug.h"
14713 +#include <net/ipv6.h>
14715 +#define NXAV6(a) NIP6((a)->ip), NIP6((a)->mask), (a)->prefix, (a)->type
14716 +#define NXAV6_FMT "[" NIP6_FMT "/" NIP6_FMT "/%d:%04x]"
14719 +#ifdef CONFIG_IPV6
14722 +int v6_addr_match(struct nx_addr_v6 *nxa,
14723 + const struct in6_addr *addr, uint16_t mask)
14725 + switch (nxa->type & mask) {
14726 + case NXA_TYPE_MASK:
14727 + return ipv6_masked_addr_cmp(&nxa->ip, &nxa->mask, addr);
14728 + case NXA_TYPE_ADDR:
14729 + return ipv6_addr_equal(&nxa->ip, addr);
14730 + case NXA_TYPE_ANY:
14738 +int v6_addr_in_nx_info(struct nx_info *nxi,
14739 + const struct in6_addr *addr, uint16_t mask)
14741 + struct nx_addr_v6 *nxa;
14745 + for (nxa = &nxi->v6; nxa; nxa = nxa->next)
14746 + if (v6_addr_match(nxa, addr, mask))
14752 +int v6_nx_addr_match(struct nx_addr_v6 *nxa, struct nx_addr_v6 *addr, uint16_t mask)
14754 + /* FIXME: needs full range checks */
14755 + return v6_addr_match(nxa, &addr->ip, mask);
14759 +int v6_nx_addr_in_nx_info(struct nx_info *nxi, struct nx_addr_v6 *nxa, uint16_t mask)
14761 + struct nx_addr_v6 *ptr;
14763 + for (ptr = &nxi->v6; ptr; ptr = ptr->next)
14764 + if (v6_nx_addr_match(ptr, nxa, mask))
14771 + * Check if a given address matches for a socket
14773 + * nxi: the socket's nx_info if any
14774 + * addr: to be verified address
14777 +int v6_sock_addr_match (
14778 + struct nx_info *nxi,
14779 + struct inet_sock *inet,
14780 + struct in6_addr *addr)
14782 + struct sock *sk = &inet->sk;
14783 + struct in6_addr *saddr = inet6_rcv_saddr(sk);
14785 + if (!ipv6_addr_any(addr) &&
14786 + ipv6_addr_equal(saddr, addr))
14788 + if (ipv6_addr_any(saddr))
14789 + return v6_addr_in_nx_info(nxi, addr, -1);
14794 + * check if address is covered by socket
14796 + * sk: the socket to check against
14797 + * addr: the address in question (must be != 0)
14801 +int __v6_addr_match_socket(const struct sock *sk, struct nx_addr_v6 *nxa)
14803 + struct nx_info *nxi = sk->sk_nx_info;
14804 + struct in6_addr *saddr = inet6_rcv_saddr(sk);
14806 + vxdprintk(VXD_CBIT(net, 5),
14807 + "__v6_addr_in_socket(%p," NXAV6_FMT ") %p:" NIP6_FMT " %p;%lx",
14808 + sk, NXAV6(nxa), nxi, NIP6(*saddr), sk->sk_socket,
14809 + (sk->sk_socket?sk->sk_socket->flags:0));
14811 + if (!ipv6_addr_any(saddr)) { /* direct address match */
14812 + return v6_addr_match(nxa, saddr, -1);
14813 + } else if (nxi) { /* match against nx_info */
14814 + return v6_nx_addr_in_nx_info(nxi, nxa, -1);
14815 + } else { /* unrestricted any socket */
14821 +/* inet related checks and helpers */
14825 +struct net_device;
14829 +#include <linux/netdevice.h>
14830 +#include <linux/inetdevice.h>
14831 +#include <net/inet_timewait_sock.h>
14834 +int dev_in_nx_info(struct net_device *, struct nx_info *);
14835 +int v6_dev_in_nx_info(struct net_device *, struct nx_info *);
14836 +int nx_v6_addr_conflict(struct nx_info *, struct nx_info *);
14841 +int v6_ifa_in_nx_info(struct inet6_ifaddr *ifa, struct nx_info *nxi)
14847 + return v6_addr_in_nx_info(nxi, &ifa->addr, -1);
14851 +int nx_v6_ifa_visible(struct nx_info *nxi, struct inet6_ifaddr *ifa)
14853 + if (!nx_info_flags(nxi, NXF_HIDE_NETIF, 0))
14855 + if (v6_ifa_in_nx_info(ifa, nxi))
14861 +struct nx_v6_sock_addr {
14862 + struct in6_addr saddr; /* Address used for validation */
14863 + struct in6_addr baddr; /* Address used for socket bind */
14867 +int v6_map_sock_addr(struct inet_sock *inet, struct sockaddr_in6 *addr,
14868 + struct nx_v6_sock_addr *nsa)
14870 + // struct sock *sk = &inet->sk;
14871 + // struct nx_info *nxi = sk->sk_nx_info;
14872 + struct in6_addr saddr = addr->sin6_addr;
14873 + struct in6_addr baddr = saddr;
14875 + nsa->saddr = saddr;
14876 + nsa->baddr = baddr;
14881 +void v6_set_sock_addr(struct inet_sock *inet, struct nx_v6_sock_addr *nsa)
14883 + // struct sock *sk = &inet->sk;
14884 + // struct in6_addr *saddr = inet6_rcv_saddr(sk);
14886 + // *saddr = nsa->baddr;
14887 + // inet->saddr = nsa->baddr;
14891 +int nx_info_has_v6(struct nx_info *nxi)
14895 + if (NX_IPV6(nxi))
14900 +#else /* CONFIG_IPV6 */
14903 +int nx_v6_dev_visible(struct nx_info *n, struct net_device *d)
14910 +int nx_v6_addr_conflict(struct nx_info *n, uint32_t a, const struct sock *s)
14916 +int v6_ifa_in_nx_info(struct in_ifaddr *a, struct nx_info *n)
14922 +int nx_info_has_v6(struct nx_info *nxi)
14927 +#endif /* CONFIG_IPV6 */
14929 +#define current_nx_info_has_v6() \
14930 + nx_info_has_v6(current_nx_info())
14933 +#warning duplicate inclusion
14935 diff -NurpP --minimal linux-2.6.25.11/include/linux/vs_inet.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_inet.h
14936 --- linux-2.6.25.11/include/linux/vs_inet.h 1969-12-31 19:00:00.000000000 -0500
14937 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_inet.h 2008-04-19 15:14:52.000000000 -0400
14939 +#ifndef _VS_INET_H
14940 +#define _VS_INET_H
14942 +#include "vserver/base.h"
14943 +#include "vserver/network.h"
14944 +#include "vserver/debug.h"
14946 +#define IPI_LOOPBACK htonl(INADDR_LOOPBACK)
14948 +#define NXAV4(a) NIPQUAD((a)->ip[0]), NIPQUAD((a)->ip[1]), \
14949 + NIPQUAD((a)->mask), (a)->type
14950 +#define NXAV4_FMT "[" NIPQUAD_FMT "-" NIPQUAD_FMT "/" NIPQUAD_FMT ":%04x]"
14954 +int v4_addr_match(struct nx_addr_v4 *nxa, __be32 addr, uint16_t tmask)
14956 + __be32 ip = nxa->ip[0].s_addr;
14957 + __be32 mask = nxa->mask.s_addr;
14958 + __be32 bcast = ip | ~mask;
14961 + switch (nxa->type & tmask) {
14962 + case NXA_TYPE_MASK:
14963 + ret = (ip == (addr & mask));
14965 + case NXA_TYPE_ADDR:
14969 + /* fall through to broadcast */
14970 + case NXA_MOD_BCAST:
14971 + ret = ((tmask & NXA_MOD_BCAST) && (addr == bcast));
14973 + case NXA_TYPE_RANGE:
14974 + ret = ((nxa->ip[0].s_addr <= addr) &&
14975 + (nxa->ip[1].s_addr > addr));
14977 + case NXA_TYPE_ANY:
14982 + vxdprintk(VXD_CBIT(net, 0),
14983 + "v4_addr_match(%p" NXAV4_FMT "," NIPQUAD_FMT ",%04x) = %d",
14984 + nxa, NXAV4(nxa), NIPQUAD(addr), tmask, ret);
14989 +int v4_addr_in_nx_info(struct nx_info *nxi, __be32 addr, uint16_t tmask)
14991 + struct nx_addr_v4 *nxa;
14998 + /* allow 127.0.0.1 when remapping lback */
14999 + if ((tmask & NXA_LOOPBACK) &&
15000 + (addr == IPI_LOOPBACK) &&
15001 + nx_info_flags(nxi, NXF_LBACK_REMAP, 0))
15004 + /* check for lback address */
15005 + if ((tmask & NXA_MOD_LBACK) &&
15006 + (nxi->v4_lback.s_addr == addr))
15009 + /* check for broadcast address */
15010 + if ((tmask & NXA_MOD_BCAST) &&
15011 + (nxi->v4_bcast.s_addr == addr))
15014 + /* check for v4 addresses */
15015 + for (nxa = &nxi->v4; nxa; nxa = nxa->next)
15016 + if (v4_addr_match(nxa, addr, tmask))
15020 + vxdprintk(VXD_CBIT(net, 0),
15021 + "v4_addr_in_nx_info(%p[#%u]," NIPQUAD_FMT ",%04x) = %d",
15022 + nxi, nxi ? nxi->nx_id : 0, NIPQUAD(addr), tmask, ret);
15027 +int v4_nx_addr_match(struct nx_addr_v4 *nxa, struct nx_addr_v4 *addr, uint16_t mask)
15029 + /* FIXME: needs full range checks */
15030 + return v4_addr_match(nxa, addr->ip[0].s_addr, mask);
15034 +int v4_nx_addr_in_nx_info(struct nx_info *nxi, struct nx_addr_v4 *nxa, uint16_t mask)
15036 + struct nx_addr_v4 *ptr;
15038 + for (ptr = &nxi->v4; ptr; ptr = ptr->next)
15039 + if (v4_nx_addr_match(ptr, nxa, mask))
15044 +#include <net/inet_sock.h>
15047 + * Check if a given address matches for a socket
15049 + * nxi: the socket's nx_info if any
15050 + * addr: to be verified address
15053 +int v4_sock_addr_match (
15054 + struct nx_info *nxi,
15055 + struct inet_sock *inet,
15058 + __be32 saddr = inet->rcv_saddr;
15059 + __be32 bcast = nxi ? nxi->v4_bcast.s_addr : INADDR_BROADCAST;
15061 + if (addr && (saddr == addr || bcast == addr))
15064 + return v4_addr_in_nx_info(nxi, addr, NXA_MASK_BIND);
15069 +/* inet related checks and helpers */
15073 +struct net_device;
15076 +#ifdef CONFIG_INET
15078 +#include <linux/netdevice.h>
15079 +#include <linux/inetdevice.h>
15080 +#include <net/inet_sock.h>
15081 +#include <net/inet_timewait_sock.h>
15084 +int dev_in_nx_info(struct net_device *, struct nx_info *);
15085 +int v4_dev_in_nx_info(struct net_device *, struct nx_info *);
15086 +int nx_v4_addr_conflict(struct nx_info *, struct nx_info *);
15090 + * check if address is covered by socket
15092 + * sk: the socket to check against
15093 + * addr: the address in question (must be != 0)
15097 +int __v4_addr_match_socket(const struct sock *sk, struct nx_addr_v4 *nxa)
15099 + struct nx_info *nxi = sk->sk_nx_info;
15100 + __be32 saddr = inet_rcv_saddr(sk);
15102 + vxdprintk(VXD_CBIT(net, 5),
15103 + "__v4_addr_in_socket(%p," NXAV4_FMT ") %p:" NIPQUAD_FMT " %p;%lx",
15104 + sk, NXAV4(nxa), nxi, NIPQUAD(saddr), sk->sk_socket,
15105 + (sk->sk_socket?sk->sk_socket->flags:0));
15107 + if (saddr) { /* direct address match */
15108 + return v4_addr_match(nxa, saddr, -1);
15109 + } else if (nxi) { /* match against nx_info */
15110 + return v4_nx_addr_in_nx_info(nxi, nxa, -1);
15111 + } else { /* unrestricted any socket */
15119 +int nx_dev_visible(struct nx_info *nxi, struct net_device *dev)
15121 + vxdprintk(VXD_CBIT(net, 1), "nx_dev_visible(%p[#%u],%p »%s«) %d",
15122 + nxi, nxi ? nxi->nx_id : 0, dev, dev->name,
15123 + nxi ? dev_in_nx_info(dev, nxi) : 0);
15125 + if (!nx_info_flags(nxi, NXF_HIDE_NETIF, 0))
15127 + if (dev_in_nx_info(dev, nxi))
15134 +int v4_ifa_in_nx_info(struct in_ifaddr *ifa, struct nx_info *nxi)
15140 + return v4_addr_in_nx_info(nxi, ifa->ifa_local, NXA_MASK_SHOW);
15144 +int nx_v4_ifa_visible(struct nx_info *nxi, struct in_ifaddr *ifa)
15146 + vxdprintk(VXD_CBIT(net, 1), "nx_v4_ifa_visible(%p[#%u],%p) %d",
15147 + nxi, nxi ? nxi->nx_id : 0, ifa,
15148 + nxi ? v4_ifa_in_nx_info(ifa, nxi) : 0);
15150 + if (!nx_info_flags(nxi, NXF_HIDE_NETIF, 0))
15152 + if (v4_ifa_in_nx_info(ifa, nxi))
15158 +struct nx_v4_sock_addr {
15159 + __be32 saddr; /* Address used for validation */
15160 + __be32 baddr; /* Address used for socket bind */
15164 +int v4_map_sock_addr(struct inet_sock *inet, struct sockaddr_in *addr,
15165 + struct nx_v4_sock_addr *nsa)
15167 + struct sock *sk = &inet->sk;
15168 + struct nx_info *nxi = sk->sk_nx_info;
15169 + __be32 saddr = addr->sin_addr.s_addr;
15170 + __be32 baddr = saddr;
15172 + vxdprintk(VXD_CBIT(net, 3),
15173 + "inet_bind(%p)* %p,%p;%lx " NIPQUAD_FMT,
15174 + sk, sk->sk_nx_info, sk->sk_socket,
15175 + (sk->sk_socket ? sk->sk_socket->flags : 0),
15179 + if (saddr == INADDR_ANY) {
15180 + if (nx_info_flags(nxi, NXF_SINGLE_IP, 0))
15181 + baddr = nxi->v4.ip[0].s_addr;
15182 + } else if (saddr == IPI_LOOPBACK) {
15183 + if (nx_info_flags(nxi, NXF_LBACK_REMAP, 0))
15184 + baddr = nxi->v4_lback.s_addr;
15185 + } else { /* normal address bind */
15186 + if (!v4_addr_in_nx_info(nxi, saddr, NXA_MASK_BIND))
15187 + return -EADDRNOTAVAIL;
15191 + vxdprintk(VXD_CBIT(net, 3),
15192 + "inet_bind(%p) " NIPQUAD_FMT ", " NIPQUAD_FMT,
15193 + sk, NIPQUAD(saddr), NIPQUAD(baddr));
15195 + nsa->saddr = saddr;
15196 + nsa->baddr = baddr;
15201 +void v4_set_sock_addr(struct inet_sock *inet, struct nx_v4_sock_addr *nsa)
15203 + inet->saddr = nsa->baddr;
15204 + inet->rcv_saddr = nsa->baddr;
15209 + * helper to simplify inet_lookup_listener
15211 + * nxi: the socket's nx_info if any
15212 + * addr: to be verified address
15213 + * saddr: socket address
15215 +static inline int v4_inet_addr_match (
15216 + struct nx_info *nxi,
15220 + if (addr && (saddr == addr))
15223 + return nxi ? v4_addr_in_nx_info(nxi, addr, NXA_MASK_BIND) : 1;
15227 +static inline __be32 nx_map_sock_lback(struct nx_info *nxi, __be32 addr)
15229 + if (nx_info_flags(nxi, NXF_HIDE_LBACK, 0) &&
15230 + (addr == nxi->v4_lback.s_addr))
15231 + return IPI_LOOPBACK;
15236 +int nx_info_has_v4(struct nx_info *nxi)
15240 + if (NX_IPV4(nxi))
15242 + if (nx_info_flags(nxi, NXF_LBACK_REMAP, 0))
15247 +#else /* CONFIG_INET */
15250 +int nx_dev_visible(struct nx_info *n, struct net_device *d)
15256 +int nx_v4_addr_conflict(struct nx_info *n, uint32_t a, const struct sock *s)
15262 +int v4_ifa_in_nx_info(struct in_ifaddr *a, struct nx_info *n)
15268 +int nx_info_has_v4(struct nx_info *nxi)
15273 +#endif /* CONFIG_INET */
15275 +#define current_nx_info_has_v4() \
15276 + nx_info_has_v4(current_nx_info())
15279 +// #warning duplicate inclusion
15281 diff -NurpP --minimal linux-2.6.25.11/include/linux/vs_limit.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_limit.h
15282 --- linux-2.6.25.11/include/linux/vs_limit.h 1969-12-31 19:00:00.000000000 -0500
15283 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_limit.h 2008-04-19 15:14:52.000000000 -0400
15285 +#ifndef _VS_LIMIT_H
15286 +#define _VS_LIMIT_H
15288 +#include "vserver/limit.h"
15289 +#include "vserver/base.h"
15290 +#include "vserver/context.h"
15291 +#include "vserver/debug.h"
15292 +#include "vserver/context.h"
15293 +#include "vserver/limit_int.h"
15296 +#define vx_acc_cres(v, d, p, r) \
15297 + __vx_acc_cres(v, r, d, p, __FILE__, __LINE__)
15299 +#define vx_acc_cres_cond(x, d, p, r) \
15300 + __vx_acc_cres(((x) == vx_current_xid()) ? current->vx_info : 0, \
15301 + r, d, p, __FILE__, __LINE__)
15304 +#define vx_add_cres(v, a, p, r) \
15305 + __vx_add_cres(v, r, a, p, __FILE__, __LINE__)
15306 +#define vx_sub_cres(v, a, p, r) vx_add_cres(v, -(a), p, r)
15308 +#define vx_add_cres_cond(x, a, p, r) \
15309 + __vx_add_cres(((x) == vx_current_xid()) ? current->vx_info : 0, \
15310 + r, a, p, __FILE__, __LINE__)
15311 +#define vx_sub_cres_cond(x, a, p, r) vx_add_cres_cond(x, -(a), p, r)
15314 +/* process and file limits */
15316 +#define vx_nproc_inc(p) \
15317 + vx_acc_cres((p)->vx_info, 1, p, RLIMIT_NPROC)
15319 +#define vx_nproc_dec(p) \
15320 + vx_acc_cres((p)->vx_info,-1, p, RLIMIT_NPROC)
15322 +#define vx_files_inc(f) \
15323 + vx_acc_cres_cond((f)->f_xid, 1, f, RLIMIT_NOFILE)
15325 +#define vx_files_dec(f) \
15326 + vx_acc_cres_cond((f)->f_xid,-1, f, RLIMIT_NOFILE)
15328 +#define vx_locks_inc(l) \
15329 + vx_acc_cres_cond((l)->fl_xid, 1, l, RLIMIT_LOCKS)
15331 +#define vx_locks_dec(l) \
15332 + vx_acc_cres_cond((l)->fl_xid,-1, l, RLIMIT_LOCKS)
15334 +#define vx_openfd_inc(f) \
15335 + vx_acc_cres(current->vx_info, 1, (void *)(long)(f), VLIMIT_OPENFD)
15337 +#define vx_openfd_dec(f) \
15338 + vx_acc_cres(current->vx_info,-1, (void *)(long)(f), VLIMIT_OPENFD)
15341 +#define vx_cres_avail(v, n, r) \
15342 + __vx_cres_avail(v, r, n, __FILE__, __LINE__)
15345 +#define vx_nproc_avail(n) \
15346 + vx_cres_avail(current->vx_info, n, RLIMIT_NPROC)
15348 +#define vx_files_avail(n) \
15349 + vx_cres_avail(current->vx_info, n, RLIMIT_NOFILE)
15351 +#define vx_locks_avail(n) \
15352 + vx_cres_avail(current->vx_info, n, RLIMIT_LOCKS)
15354 +#define vx_openfd_avail(n) \
15355 + vx_cres_avail(current->vx_info, n, VLIMIT_OPENFD)
15358 +/* dentry limits */
15360 +#define vx_dentry_inc(d) do { \
15361 + if (atomic_read(&d->d_count) == 1) \
15362 + vx_acc_cres(current->vx_info, 1, d, VLIMIT_DENTRY); \
15365 +#define vx_dentry_dec(d) do { \
15366 + if (atomic_read(&d->d_count) == 0) \
15367 + vx_acc_cres(current->vx_info,-1, d, VLIMIT_DENTRY); \
15370 +#define vx_dentry_avail(n) \
15371 + vx_cres_avail(current->vx_info, n, VLIMIT_DENTRY)
15374 +/* socket limits */
15376 +#define vx_sock_inc(s) \
15377 + vx_acc_cres((s)->sk_vx_info, 1, s, VLIMIT_NSOCK)
15379 +#define vx_sock_dec(s) \
15380 + vx_acc_cres((s)->sk_vx_info,-1, s, VLIMIT_NSOCK)
15382 +#define vx_sock_avail(n) \
15383 + vx_cres_avail(current->vx_info, n, VLIMIT_NSOCK)
15386 +/* ipc resource limits */
15388 +#define vx_ipcmsg_add(v, u, a) \
15389 + vx_add_cres(v, a, u, RLIMIT_MSGQUEUE)
15391 +#define vx_ipcmsg_sub(v, u, a) \
15392 + vx_sub_cres(v, a, u, RLIMIT_MSGQUEUE)
15394 +#define vx_ipcmsg_avail(v, a) \
15395 + vx_cres_avail(v, a, RLIMIT_MSGQUEUE)
15398 +#define vx_ipcshm_add(v, k, a) \
15399 + vx_add_cres(v, a, (void *)(long)(k), VLIMIT_SHMEM)
15401 +#define vx_ipcshm_sub(v, k, a) \
15402 + vx_sub_cres(v, a, (void *)(long)(k), VLIMIT_SHMEM)
15404 +#define vx_ipcshm_avail(v, a) \
15405 + vx_cres_avail(v, a, VLIMIT_SHMEM)
15408 +#define vx_semary_inc(a) \
15409 + vx_acc_cres(current->vx_info, 1, a, VLIMIT_SEMARY)
15411 +#define vx_semary_dec(a) \
15412 + vx_acc_cres(current->vx_info, -1, a, VLIMIT_SEMARY)
15415 +#define vx_nsems_add(a,n) \
15416 + vx_add_cres(current->vx_info, n, a, VLIMIT_NSEMS)
15418 +#define vx_nsems_sub(a,n) \
15419 + vx_sub_cres(current->vx_info, n, a, VLIMIT_NSEMS)
15423 +#warning duplicate inclusion
15425 diff -NurpP --minimal linux-2.6.25.11/include/linux/vs_memory.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_memory.h
15426 --- linux-2.6.25.11/include/linux/vs_memory.h 1969-12-31 19:00:00.000000000 -0500
15427 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_memory.h 2008-04-19 15:14:52.000000000 -0400
15429 +#ifndef _VS_MEMORY_H
15430 +#define _VS_MEMORY_H
15432 +#include "vserver/limit.h"
15433 +#include "vserver/base.h"
15434 +#include "vserver/context.h"
15435 +#include "vserver/debug.h"
15436 +#include "vserver/context.h"
15437 +#include "vserver/limit_int.h"
15440 +#define __acc_add_long(a, v) (*(v) += (a))
15441 +#define __acc_inc_long(v) (++*(v))
15442 +#define __acc_dec_long(v) (--*(v))
15444 +#if NR_CPUS >= CONFIG_SPLIT_PTLOCK_CPUS
15445 +#define __acc_add_atomic(a, v) atomic_long_add(a, v)
15446 +#define __acc_inc_atomic(v) atomic_long_inc(v)
15447 +#define __acc_dec_atomic(v) atomic_long_dec(v)
15448 +#else /* NR_CPUS < CONFIG_SPLIT_PTLOCK_CPUS */
15449 +#define __acc_add_atomic(a, v) __acc_add_long(a, v)
15450 +#define __acc_inc_atomic(v) __acc_inc_long(v)
15451 +#define __acc_dec_atomic(v) __acc_dec_long(v)
15452 +#endif /* NR_CPUS < CONFIG_SPLIT_PTLOCK_CPUS */
15455 +#define vx_acc_page(m, d, v, r) do { \
15457 + __acc_inc_long(&(m)->v); \
15459 + __acc_dec_long(&(m)->v); \
15460 + __vx_acc_cres(m->mm_vx_info, r, d, m, __FILE__, __LINE__); \
15463 +#define vx_acc_page_atomic(m, d, v, r) do { \
15465 + __acc_inc_atomic(&(m)->v); \
15467 + __acc_dec_atomic(&(m)->v); \
15468 + __vx_acc_cres(m->mm_vx_info, r, d, m, __FILE__, __LINE__); \
15472 +#define vx_acc_pages(m, p, v, r) do { \
15473 + unsigned long __p = (p); \
15474 + __acc_add_long(__p, &(m)->v); \
15475 + __vx_add_cres(m->mm_vx_info, r, __p, m, __FILE__, __LINE__); \
15478 +#define vx_acc_pages_atomic(m, p, v, r) do { \
15479 + unsigned long __p = (p); \
15480 + __acc_add_atomic(__p, &(m)->v); \
15481 + __vx_add_cres(m->mm_vx_info, r, __p, m, __FILE__, __LINE__); \
15486 +#define vx_acc_vmpage(m, d) \
15487 + vx_acc_page(m, d, total_vm, RLIMIT_AS)
15488 +#define vx_acc_vmlpage(m, d) \
15489 + vx_acc_page(m, d, locked_vm, RLIMIT_MEMLOCK)
15490 +#define vx_acc_file_rsspage(m, d) \
15491 + vx_acc_page_atomic(m, d, _file_rss, VLIMIT_MAPPED)
15492 +#define vx_acc_anon_rsspage(m, d) \
15493 + vx_acc_page_atomic(m, d, _anon_rss, VLIMIT_ANON)
15495 +#define vx_acc_vmpages(m, p) \
15496 + vx_acc_pages(m, p, total_vm, RLIMIT_AS)
15497 +#define vx_acc_vmlpages(m, p) \
15498 + vx_acc_pages(m, p, locked_vm, RLIMIT_MEMLOCK)
15499 +#define vx_acc_file_rsspages(m, p) \
15500 + vx_acc_pages_atomic(m, p, _file_rss, VLIMIT_MAPPED)
15501 +#define vx_acc_anon_rsspages(m, p) \
15502 + vx_acc_pages_atomic(m, p, _anon_rss, VLIMIT_ANON)
15504 +#define vx_pages_add(s, r, p) __vx_add_cres(s, r, p, 0, __FILE__, __LINE__)
15505 +#define vx_pages_sub(s, r, p) vx_pages_add(s, r, -(p))
15507 +#define vx_vmpages_inc(m) vx_acc_vmpage(m, 1)
15508 +#define vx_vmpages_dec(m) vx_acc_vmpage(m, -1)
15509 +#define vx_vmpages_add(m, p) vx_acc_vmpages(m, p)
15510 +#define vx_vmpages_sub(m, p) vx_acc_vmpages(m, -(p))
15512 +#define vx_vmlocked_inc(m) vx_acc_vmlpage(m, 1)
15513 +#define vx_vmlocked_dec(m) vx_acc_vmlpage(m, -1)
15514 +#define vx_vmlocked_add(m, p) vx_acc_vmlpages(m, p)
15515 +#define vx_vmlocked_sub(m, p) vx_acc_vmlpages(m, -(p))
15517 +#define vx_file_rsspages_inc(m) vx_acc_file_rsspage(m, 1)
15518 +#define vx_file_rsspages_dec(m) vx_acc_file_rsspage(m, -1)
15519 +#define vx_file_rsspages_add(m, p) vx_acc_file_rsspages(m, p)
15520 +#define vx_file_rsspages_sub(m, p) vx_acc_file_rsspages(m, -(p))
15522 +#define vx_anon_rsspages_inc(m) vx_acc_anon_rsspage(m, 1)
15523 +#define vx_anon_rsspages_dec(m) vx_acc_anon_rsspage(m, -1)
15524 +#define vx_anon_rsspages_add(m, p) vx_acc_anon_rsspages(m, p)
15525 +#define vx_anon_rsspages_sub(m, p) vx_acc_anon_rsspages(m, -(p))
15528 +#define vx_pages_avail(m, p, r) \
15529 + __vx_cres_avail((m)->mm_vx_info, r, p, __FILE__, __LINE__)
15531 +#define vx_vmpages_avail(m, p) vx_pages_avail(m, p, RLIMIT_AS)
15532 +#define vx_vmlocked_avail(m, p) vx_pages_avail(m, p, RLIMIT_MEMLOCK)
15533 +#define vx_anon_avail(m, p) vx_pages_avail(m, p, VLIMIT_ANON)
15534 +#define vx_mapped_avail(m, p) vx_pages_avail(m, p, VLIMIT_MAPPED)
15536 +#define vx_rss_avail(m, p) \
15537 + __vx_cres_array_avail((m)->mm_vx_info, VLA_RSS, p, __FILE__, __LINE__)
15541 + VXPT_UNKNOWN = 0,
15550 +#define vx_page_fault(mm, vma, type, ret)
15554 +void __vx_page_fault(struct mm_struct *mm,
15555 + struct vm_area_struct *vma, int type, int ret)
15557 + struct vx_info *vxi = mm->mm_vx_info;
15560 + static char *page_type[6] =
15561 + { "UNKNOWN", "ANON", "NONE", "FILE", "SWAP", "WRITE" };
15562 + static char *page_what[4] =
15563 + { "FAULT_OOM", "FAULT_SIGBUS", "FAULT_MINOR", "FAULT_MAJOR" };
15569 + what = (ret & 0x3);
15571 +/* printk("[%d] page[%d][%d] %2x %s %s\n", vxi->vx_id,
15572 + type, what, ret, page_type[type], page_what[what]);
15574 + if (ret & VM_FAULT_WRITE)
15576 + atomic_inc(&vxi->cacct.page[type][what]);
15579 +#define vx_page_fault(mm, vma, type, ret) __vx_page_fault(mm, vma, type, ret)
15583 +extern unsigned long vx_badness(struct task_struct *task, struct mm_struct *mm);
15586 +#warning duplicate inclusion
15588 diff -NurpP --minimal linux-2.6.25.11/include/linux/vs_network.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_network.h
15589 --- linux-2.6.25.11/include/linux/vs_network.h 1969-12-31 19:00:00.000000000 -0500
15590 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_network.h 2008-04-29 18:42:49.000000000 -0400
15592 +#ifndef _NX_VS_NETWORK_H
15593 +#define _NX_VS_NETWORK_H
15595 +#include "vserver/context.h"
15596 +#include "vserver/network.h"
15597 +#include "vserver/base.h"
15598 +#include "vserver/check.h"
15599 +#include "vserver/debug.h"
15601 +#include <linux/sched.h>
15604 +#define get_nx_info(i) __get_nx_info(i, __FILE__, __LINE__)
15606 +static inline struct nx_info *__get_nx_info(struct nx_info *nxi,
15607 + const char *_file, int _line)
15612 + vxlprintk(VXD_CBIT(nid, 2), "get_nx_info(%p[#%d.%d])",
15613 + nxi, nxi ? nxi->nx_id : 0,
15614 + nxi ? atomic_read(&nxi->nx_usecnt) : 0,
15617 + atomic_inc(&nxi->nx_usecnt);
15622 +extern void free_nx_info(struct nx_info *);
15624 +#define put_nx_info(i) __put_nx_info(i, __FILE__, __LINE__)
15626 +static inline void __put_nx_info(struct nx_info *nxi, const char *_file, int _line)
15631 + vxlprintk(VXD_CBIT(nid, 2), "put_nx_info(%p[#%d.%d])",
15632 + nxi, nxi ? nxi->nx_id : 0,
15633 + nxi ? atomic_read(&nxi->nx_usecnt) : 0,
15636 + if (atomic_dec_and_test(&nxi->nx_usecnt))
15637 + free_nx_info(nxi);
15641 +#define init_nx_info(p, i) __init_nx_info(p, i, __FILE__, __LINE__)
15643 +static inline void __init_nx_info(struct nx_info **nxp, struct nx_info *nxi,
15644 + const char *_file, int _line)
15647 + vxlprintk(VXD_CBIT(nid, 3),
15648 + "init_nx_info(%p[#%d.%d])",
15649 + nxi, nxi ? nxi->nx_id : 0,
15650 + nxi ? atomic_read(&nxi->nx_usecnt) : 0,
15653 + atomic_inc(&nxi->nx_usecnt);
15659 +#define set_nx_info(p, i) __set_nx_info(p, i, __FILE__, __LINE__)
15661 +static inline void __set_nx_info(struct nx_info **nxp, struct nx_info *nxi,
15662 + const char *_file, int _line)
15664 + struct nx_info *nxo;
15669 + vxlprintk(VXD_CBIT(nid, 3), "set_nx_info(%p[#%d.%d])",
15670 + nxi, nxi ? nxi->nx_id : 0,
15671 + nxi ? atomic_read(&nxi->nx_usecnt) : 0,
15674 + atomic_inc(&nxi->nx_usecnt);
15675 + nxo = xchg(nxp, nxi);
15679 +#define clr_nx_info(p) __clr_nx_info(p, __FILE__, __LINE__)
15681 +static inline void __clr_nx_info(struct nx_info **nxp,
15682 + const char *_file, int _line)
15684 + struct nx_info *nxo;
15686 + nxo = xchg(nxp, NULL);
15690 + vxlprintk(VXD_CBIT(nid, 3), "clr_nx_info(%p[#%d.%d])",
15691 + nxo, nxo ? nxo->nx_id : 0,
15692 + nxo ? atomic_read(&nxo->nx_usecnt) : 0,
15695 + if (atomic_dec_and_test(&nxo->nx_usecnt))
15696 + free_nx_info(nxo);
15700 +#define claim_nx_info(v, p) __claim_nx_info(v, p, __FILE__, __LINE__)
15702 +static inline void __claim_nx_info(struct nx_info *nxi,
15703 + struct task_struct *task, const char *_file, int _line)
15705 + vxlprintk(VXD_CBIT(nid, 3), "claim_nx_info(%p[#%d.%d.%d]) %p",
15706 + nxi, nxi ? nxi->nx_id : 0,
15707 + nxi?atomic_read(&nxi->nx_usecnt):0,
15708 + nxi?atomic_read(&nxi->nx_tasks):0,
15709 + task, _file, _line);
15711 + atomic_inc(&nxi->nx_tasks);
15715 +extern void unhash_nx_info(struct nx_info *);
15717 +#define release_nx_info(v, p) __release_nx_info(v, p, __FILE__, __LINE__)
15719 +static inline void __release_nx_info(struct nx_info *nxi,
15720 + struct task_struct *task, const char *_file, int _line)
15722 + vxlprintk(VXD_CBIT(nid, 3), "release_nx_info(%p[#%d.%d.%d]) %p",
15723 + nxi, nxi ? nxi->nx_id : 0,
15724 + nxi ? atomic_read(&nxi->nx_usecnt) : 0,
15725 + nxi ? atomic_read(&nxi->nx_tasks) : 0,
15726 + task, _file, _line);
15730 + if (atomic_dec_and_test(&nxi->nx_tasks))
15731 + unhash_nx_info(nxi);
15735 +#define task_get_nx_info(i) __task_get_nx_info(i, __FILE__, __LINE__)
15737 +static __inline__ struct nx_info *__task_get_nx_info(struct task_struct *p,
15738 + const char *_file, int _line)
15740 + struct nx_info *nxi;
15743 + vxlprintk(VXD_CBIT(nid, 5), "task_get_nx_info(%p)",
15744 + p, _file, _line);
15745 + nxi = __get_nx_info(p->nx_info, _file, _line);
15751 +static inline void exit_nx_info(struct task_struct *p)
15754 + release_nx_info(p->nx_info, p);
15759 +#warning duplicate inclusion
15761 diff -NurpP --minimal linux-2.6.25.11/include/linux/vs_pid.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_pid.h
15762 --- linux-2.6.25.11/include/linux/vs_pid.h 1969-12-31 19:00:00.000000000 -0500
15763 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_pid.h 2008-04-19 15:14:52.000000000 -0400
15768 +#include "vserver/base.h"
15769 +#include "vserver/check.h"
15770 +#include "vserver/context.h"
15771 +#include "vserver/debug.h"
15772 +#include "vserver/pid.h"
15773 +#include <linux/pid_namespace.h>
15776 +#define VXF_FAKE_INIT (VXF_INFO_INIT | VXF_STATE_INIT)
15779 +int vx_proc_task_visible(struct task_struct *task)
15781 + if ((task->pid == 1) &&
15782 + !vx_flags(VXF_FAKE_INIT, VXF_FAKE_INIT))
15783 + /* show a blend through init */
15785 + if (vx_check(vx_task_xid(task), VS_WATCH | VS_IDENT))
15792 +#define find_task_by_real_pid find_task_by_pid
15797 +struct task_struct *vx_find_proc_task_by_pid(int pid)
15799 + struct task_struct *task = find_task_by_real_pid(pid);
15801 + if (task && !vx_proc_task_visible(task)) {
15802 + vxdprintk(VXD_CBIT(misc, 6),
15803 + "dropping task (find) %p[#%u,%u] for %p[#%u,%u]",
15804 + task, task->xid, task->pid,
15805 + current, current->xid, current->pid);
15814 +struct task_struct *vx_get_proc_task(struct inode *inode, struct pid *pid)
15816 + struct task_struct *task = get_pid_task(pid, PIDTYPE_PID);
15818 + if (task && !vx_proc_task_visible(task)) {
15819 + vxdprintk(VXD_CBIT(misc, 6),
15820 + "dropping task (get) %p[#%u,%u] for %p[#%u,%u]",
15821 + task, task->xid, task->pid,
15822 + current, current->xid, current->pid);
15823 + put_task_struct(task);
15832 +struct task_struct *vx_child_reaper(struct task_struct *p)
15834 + struct vx_info *vxi = p->vx_info;
15835 + struct task_struct *reaper = child_reaper(p);
15840 + BUG_ON(!p->vx_info->vx_reaper);
15842 + /* child reaper for the guest reaper */
15843 + if (vxi->vx_reaper == p)
15846 + reaper = vxi->vx_reaper;
15848 + vxdprintk(VXD_CBIT(xid, 7),
15849 + "vx_child_reaper(%p[#%u,%u]) = %p[#%u,%u]",
15850 + p, p->xid, p->pid, reaper, reaper->xid, reaper->pid);
15858 +#warning duplicate inclusion
15860 diff -NurpP --minimal linux-2.6.25.11/include/linux/vs_sched.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_sched.h
15861 --- linux-2.6.25.11/include/linux/vs_sched.h 1969-12-31 19:00:00.000000000 -0500
15862 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_sched.h 2008-04-19 15:14:52.000000000 -0400
15864 +#ifndef _VS_SCHED_H
15865 +#define _VS_SCHED_H
15867 +#include "vserver/base.h"
15868 +#include "vserver/context.h"
15869 +#include "vserver/sched.h"
15872 +#define VAVAVOOM_RATIO 50
15874 +#define MAX_PRIO_BIAS 20
15875 +#define MIN_PRIO_BIAS -20
15878 +#ifdef CONFIG_VSERVER_HARDCPU
15881 + * effective_prio - return the priority that is based on the static
15882 + * priority but is modified by bonuses/penalties.
15884 + * We scale the actual sleep average [0 .... MAX_SLEEP_AVG]
15885 + * into a -4 ... 0 ... +4 bonus/penalty range.
15887 + * Additionally, we scale another amount based on the number of
15888 + * CPU tokens currently held by the context, if the process is
15889 + * part of a context (and the appropriate SCHED flag is set).
15890 + * This ranges from -5 ... 0 ... +15, quadratically.
15892 + * So, the total bonus is -9 .. 0 .. +19
15893 + * We use ~50% of the full 0...39 priority range so that:
15895 + * 1) nice +19 interactive tasks do not preempt nice 0 CPU hogs.
15896 + * 2) nice -20 CPU hogs do not get preempted by nice 0 tasks.
15897 + * unless that context is far exceeding its CPU allocation.
15899 + * Both properties are important to certain workloads.
15902 +int vx_effective_vavavoom(struct _vx_sched_pc *sched_pc, int max_prio)
15904 + int vavavoom, max;
15906 + /* lots of tokens = lots of vavavoom
15907 + * no tokens = no vavavoom */
15908 + if ((vavavoom = sched_pc->tokens) >= 0) {
15909 + max = sched_pc->tokens_max;
15910 + vavavoom = max - vavavoom;
15912 + vavavoom = max_prio * VAVAVOOM_RATIO / 100
15913 + * (vavavoom*vavavoom - (max >> 2)) / max;
15921 +int vx_adjust_prio(struct task_struct *p, int prio, int max_user)
15923 + struct vx_info *vxi = p->vx_info;
15924 + struct _vx_sched_pc *sched_pc;
15929 + sched_pc = &vx_cpu(vxi, sched_pc);
15930 + if (vx_info_flags(vxi, VXF_SCHED_PRIO, 0)) {
15931 + int vavavoom = vx_effective_vavavoom(sched_pc, max_user);
15933 + sched_pc->vavavoom = vavavoom;
15934 + prio += vavavoom;
15936 + prio += sched_pc->prio_bias;
15940 +#else /* !CONFIG_VSERVER_HARDCPU */
15943 +int vx_adjust_prio(struct task_struct *p, int prio, int max_user)
15945 + struct vx_info *vxi = p->vx_info;
15948 + prio += vx_cpu(vxi, sched_pc).prio_bias;
15952 +#endif /* CONFIG_VSERVER_HARDCPU */
15955 +static inline void vx_account_user(struct vx_info *vxi,
15956 + cputime_t cputime, int nice)
15960 + vx_cpu(vxi, sched_pc).user_ticks += cputime;
15963 +static inline void vx_account_system(struct vx_info *vxi,
15964 + cputime_t cputime, int idle)
15968 + vx_cpu(vxi, sched_pc).sys_ticks += cputime;
15972 +#warning duplicate inclusion
15974 diff -NurpP --minimal linux-2.6.25.11/include/linux/vs_socket.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_socket.h
15975 --- linux-2.6.25.11/include/linux/vs_socket.h 1969-12-31 19:00:00.000000000 -0500
15976 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_socket.h 2008-04-23 14:32:00.000000000 -0400
15978 +#ifndef _VS_SOCKET_H
15979 +#define _VS_SOCKET_H
15981 +#include "vserver/debug.h"
15982 +#include "vserver/base.h"
15983 +#include "vserver/cacct.h"
15984 +#include "vserver/context.h"
15985 +#include "vserver/tag.h"
15988 +/* socket accounting */
15990 +#include <linux/socket.h>
15992 +static inline int vx_sock_type(int family)
15994 + switch (family) {
15996 + return VXA_SOCK_UNSPEC;
15998 + return VXA_SOCK_UNIX;
16000 + return VXA_SOCK_INET;
16002 + return VXA_SOCK_INET6;
16004 + return VXA_SOCK_PACKET;
16006 + return VXA_SOCK_OTHER;
16010 +#define vx_acc_sock(v, f, p, s) \
16011 + __vx_acc_sock(v, f, p, s, __FILE__, __LINE__)
16013 +static inline void __vx_acc_sock(struct vx_info *vxi,
16014 + int family, int pos, int size, char *file, int line)
16017 + int type = vx_sock_type(family);
16019 + atomic_long_inc(&vxi->cacct.sock[type][pos].count);
16020 + atomic_long_add(size, &vxi->cacct.sock[type][pos].total);
16024 +#define vx_sock_recv(sk, s) \
16025 + vx_acc_sock((sk)->sk_vx_info, (sk)->sk_family, 0, s)
16026 +#define vx_sock_send(sk, s) \
16027 + vx_acc_sock((sk)->sk_vx_info, (sk)->sk_family, 1, s)
16028 +#define vx_sock_fail(sk, s) \
16029 + vx_acc_sock((sk)->sk_vx_info, (sk)->sk_family, 2, s)
16032 +#define sock_vx_init(s) do { \
16033 + (s)->sk_xid = 0; \
16034 + (s)->sk_vx_info = NULL; \
16037 +#define sock_nx_init(s) do { \
16038 + (s)->sk_nid = 0; \
16039 + (s)->sk_nx_info = NULL; \
16043 +#warning duplicate inclusion
16045 diff -NurpP --minimal linux-2.6.25.11/include/linux/vs_tag.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_tag.h
16046 --- linux-2.6.25.11/include/linux/vs_tag.h 1969-12-31 19:00:00.000000000 -0500
16047 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_tag.h 2008-04-19 15:14:52.000000000 -0400
16052 +#include <linux/vserver/tag.h>
16054 +/* check conditions */
16056 +#define DX_ADMIN 0x0001
16057 +#define DX_WATCH 0x0002
16058 +#define DX_HOSTID 0x0008
16060 +#define DX_IDENT 0x0010
16062 +#define DX_ARG_MASK 0x0010
16065 +#define dx_task_tag(t) ((t)->tag)
16067 +#define dx_current_tag() dx_task_tag(current)
16069 +#define dx_check(c, m) __dx_check(dx_current_tag(), c, m)
16071 +#define dx_weak_check(c, m) ((m) ? dx_check(c, m) : 1)
16075 + * check current context for ADMIN/WATCH and
16076 + * optionally against supplied argument
16078 +static inline int __dx_check(tag_t cid, tag_t id, unsigned int mode)
16080 + if (mode & DX_ARG_MASK) {
16081 + if ((mode & DX_IDENT) && (id == cid))
16084 + return (((mode & DX_ADMIN) && (cid == 0)) ||
16085 + ((mode & DX_WATCH) && (cid == 1)) ||
16086 + ((mode & DX_HOSTID) && (id == 0)));
16090 +#warning duplicate inclusion
16092 diff -NurpP --minimal linux-2.6.25.11/include/linux/vs_time.h linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_time.h
16093 --- linux-2.6.25.11/include/linux/vs_time.h 1969-12-31 19:00:00.000000000 -0500
16094 +++ linux-2.6.25.11-vs2.3.0.34.14/include/linux/vs_time.h 2008-04-19 15:14:52.000000000 -0400
16096 +#ifndef _VS_TIME_H
16097 +#define _VS_TIME_H
16100 +/* time faking stuff */
16102 +#ifdef CONFIG_VSERVER_VTIME
16104 +extern void vx_gettimeofday(struct timeval *tv);
16105 +extern int vx_settimeofday(struct timespec *ts);
16108 +#define vx_gettimeofday(t) do_gettimeofday(t)
16109 +#define vx_settimeofday(t) do_settimeofday(t)
16113 +#warning duplicate inclusion
16115 diff -NurpP --minimal linux-2.6.25.11/include/net/addrconf.h linux-2.6.25.11-vs2.3.0.34.14/include/net/addrconf.h
16116 --- linux-2.6.25.11/include/net/addrconf.h 2008-04-17 12:05:44.000000000 -0400
16117 +++ linux-2.6.25.11-vs2.3.0.34.14/include/net/addrconf.h 2008-04-19 15:14:52.000000000 -0400
16118 @@ -75,10 +75,12 @@ extern struct inet6_ifaddr *ipv6_ge
16120 extern int ipv6_get_saddr(struct dst_entry *dst,
16121 struct in6_addr *daddr,
16122 - struct in6_addr *saddr);
16123 + struct in6_addr *saddr,
16124 + struct nx_info *nxi);
16125 extern int ipv6_dev_get_saddr(struct net_device *dev,
16126 struct in6_addr *daddr,
16127 - struct in6_addr *saddr);
16128 + struct in6_addr *saddr,
16129 + struct nx_info *nxi);
16130 extern int ipv6_get_lladdr(struct net_device *dev,
16131 struct in6_addr *addr,
16132 unsigned char banned_flags);
16133 diff -NurpP --minimal linux-2.6.25.11/include/net/af_unix.h linux-2.6.25.11-vs2.3.0.34.14/include/net/af_unix.h
16134 --- linux-2.6.25.11/include/net/af_unix.h 2008-04-17 12:05:44.000000000 -0400
16135 +++ linux-2.6.25.11-vs2.3.0.34.14/include/net/af_unix.h 2008-04-19 15:14:52.000000000 -0400
16137 #include <linux/socket.h>
16138 #include <linux/un.h>
16139 #include <linux/mutex.h>
16140 +#include <linux/vs_base.h>
16141 #include <net/sock.h>
16143 extern void unix_inflight(struct file *fp);
16144 diff -NurpP --minimal linux-2.6.25.11/include/net/inet_sock.h linux-2.6.25.11-vs2.3.0.34.14/include/net/inet_sock.h
16145 --- linux-2.6.25.11/include/net/inet_sock.h 2008-04-17 12:05:44.000000000 -0400
16146 +++ linux-2.6.25.11-vs2.3.0.34.14/include/net/inet_sock.h 2008-04-19 15:14:52.000000000 -0400
16148 #include <net/flow.h>
16149 #include <net/sock.h>
16150 #include <net/request_sock.h>
16151 -#include <net/route.h>
16152 +// #include <net/route.h>
16154 /** struct ip_options - IP Options
16156 @@ -193,9 +193,4 @@ static inline int inet_sk_ehashfn(const
16160 -static inline int inet_iif(const struct sk_buff *skb)
16162 - return ((struct rtable *)skb->dst)->rt_iif;
16165 #endif /* _INET_SOCK_H */
16166 diff -NurpP --minimal linux-2.6.25.11/include/net/inet_timewait_sock.h linux-2.6.25.11-vs2.3.0.34.14/include/net/inet_timewait_sock.h
16167 --- linux-2.6.25.11/include/net/inet_timewait_sock.h 2008-04-17 12:05:44.000000000 -0400
16168 +++ linux-2.6.25.11-vs2.3.0.34.14/include/net/inet_timewait_sock.h 2008-04-19 15:25:34.000000000 -0400
16169 @@ -15,15 +15,14 @@
16170 #ifndef _INET_TIMEWAIT_SOCK_
16171 #define _INET_TIMEWAIT_SOCK_
16173 +// #include <net/inet_sock.h>
16174 +#include <net/sock.h>
16176 #include <linux/list.h>
16177 #include <linux/module.h>
16178 #include <linux/timer.h>
16179 #include <linux/types.h>
16180 #include <linux/workqueue.h>
16182 -#include <net/inet_sock.h>
16183 -#include <net/sock.h>
16184 #include <net/tcp_states.h>
16185 #include <net/timewait_sock.h>
16187 @@ -116,6 +115,10 @@ struct inet_timewait_sock {
16188 #define tw_hash __tw_common.skc_hash
16189 #define tw_prot __tw_common.skc_prot
16190 #define tw_net __tw_common.skc_net
16191 +#define tw_xid __tw_common.skc_xid
16192 +#define tw_vx_info __tw_common.skc_vx_info
16193 +#define tw_nid __tw_common.skc_nid
16194 +#define tw_nx_info __tw_common.skc_nx_info
16196 volatile unsigned char tw_substate;
16197 /* 3 bits hole, try to pack */
16198 diff -NurpP --minimal linux-2.6.25.11/include/net/route.h linux-2.6.25.11-vs2.3.0.34.14/include/net/route.h
16199 --- linux-2.6.25.11/include/net/route.h 2008-04-17 12:05:44.000000000 -0400
16200 +++ linux-2.6.25.11-vs2.3.0.34.14/include/net/route.h 2008-04-21 12:39:35.000000000 -0400
16202 #include <linux/ip.h>
16203 #include <linux/cache.h>
16204 #include <linux/security.h>
16205 -#include <net/sock.h>
16206 +#include <linux/in.h>
16209 #warning This file is not supposed to be used outside of kernel.
16210 @@ -86,6 +86,11 @@ struct ip_rt_acct
16214 +static inline int inet_iif(const struct sk_buff *skb)
16216 + return ((struct rtable *)skb->dst)->rt_iif;
16219 struct rt_cache_stat
16221 unsigned int in_hit;
16222 @@ -136,6 +141,9 @@ static inline void ip_rt_put(struct rtab
16223 dst_release(&rt->u.dst);
16226 +#include <linux/vs_base.h>
16227 +#include <linux/vs_inet.h>
16229 #define IPTOS_RT_MASK (IPTOS_TOS_MASK & ~3)
16231 extern const __u8 ip_tos2prio[16];
16232 @@ -145,6 +153,9 @@ static inline char rt_tos2priority(u8 to
16233 return ip_tos2prio[IPTOS_TOS(tos)>>1];
16236 +extern int ip_v4_find_src(struct net *net, struct nx_info *,
16237 + struct rtable **, struct flowi *);
16239 static inline int ip_route_connect(struct rtable **rp, __be32 dst,
16240 __be32 src, u32 tos, int oif, u8 protocol,
16241 __be16 sport, __be16 dport, struct sock *sk,
16242 @@ -162,7 +173,21 @@ static inline int ip_route_connect(struc
16245 struct net *net = sk->sk_net;
16246 - if (!dst || !src) {
16247 + struct nx_info *nx_info = current->nx_info;
16250 + nx_info = sk->sk_nx_info;
16252 + vxdprintk(VXD_CBIT(net, 4),
16253 + "ip_route_connect(%p) %p,%p;%lx",
16254 + sk, nx_info, sk->sk_socket,
16255 + (sk->sk_socket?sk->sk_socket->flags:0));
16257 + err = ip_v4_find_src(net, nx_info, rp, &fl);
16261 + if (!fl.fl4_dst || !fl.fl4_src) {
16262 err = __ip_route_output_key(net, rp, &fl);
16265 diff -NurpP --minimal linux-2.6.25.11/include/net/sock.h linux-2.6.25.11-vs2.3.0.34.14/include/net/sock.h
16266 --- linux-2.6.25.11/include/net/sock.h 2008-04-17 12:05:44.000000000 -0400
16267 +++ linux-2.6.25.11-vs2.3.0.34.14/include/net/sock.h 2008-04-19 15:14:52.000000000 -0400
16268 @@ -123,6 +123,10 @@ struct sock_common {
16269 unsigned int skc_hash;
16270 struct proto *skc_prot;
16271 struct net *skc_net;
16273 + struct vx_info *skc_vx_info;
16275 + struct nx_info *skc_nx_info;
16279 @@ -205,6 +209,10 @@ struct sock {
16280 #define sk_hash __sk_common.skc_hash
16281 #define sk_prot __sk_common.skc_prot
16282 #define sk_net __sk_common.skc_net
16283 +#define sk_xid __sk_common.skc_xid
16284 +#define sk_vx_info __sk_common.skc_vx_info
16285 +#define sk_nid __sk_common.skc_nid
16286 +#define sk_nx_info __sk_common.skc_nx_info
16287 unsigned char sk_shutdown : 2,
16290 diff -NurpP --minimal linux-2.6.25.11/init/main.c linux-2.6.25.11-vs2.3.0.34.14/init/main.c
16291 --- linux-2.6.25.11/init/main.c 2008-04-17 12:05:44.000000000 -0400
16292 +++ linux-2.6.25.11-vs2.3.0.34.14/init/main.c 2008-04-21 10:46:10.000000000 -0400
16294 #include <linux/kthread.h>
16295 #include <linux/sched.h>
16296 #include <linux/signal.h>
16297 +#include <linux/vserver/percpu.h>
16299 #include <asm/io.h>
16300 #include <asm/bugs.h>
16301 @@ -370,12 +371,14 @@ EXPORT_SYMBOL(__per_cpu_offset);
16303 static void __init setup_per_cpu_areas(void)
16305 - unsigned long size, i;
16306 + unsigned long size, vspc, i;
16308 unsigned long nr_possible_cpus = num_possible_cpus();
16310 + vspc = PERCPU_PERCTX * CONFIG_VSERVER_CONTEXTS;
16312 /* Copy section for each CPU (we discard the original) */
16313 - size = ALIGN(PERCPU_ENOUGH_ROOM, PAGE_SIZE);
16314 + size = ALIGN(PERCPU_ENOUGH_ROOM + vspc, PAGE_SIZE);
16315 ptr = alloc_bootmem_pages(size * nr_possible_cpus);
16317 for_each_possible_cpu(i) {
16318 diff -NurpP --minimal linux-2.6.25.11/ipc/mqueue.c linux-2.6.25.11-vs2.3.0.34.14/ipc/mqueue.c
16319 --- linux-2.6.25.11/ipc/mqueue.c 2008-04-17 12:05:44.000000000 -0400
16320 +++ linux-2.6.25.11-vs2.3.0.34.14/ipc/mqueue.c 2008-04-19 15:14:52.000000000 -0400
16322 #include <linux/mutex.h>
16323 #include <linux/nsproxy.h>
16324 #include <linux/pid.h>
16325 +#include <linux/vs_context.h>
16326 +#include <linux/vs_limit.h>
16328 #include <net/sock.h>
16330 @@ -71,6 +73,7 @@ struct mqueue_inode_info {
16331 struct sigevent notify;
16332 struct pid* notify_owner;
16333 struct user_struct *user; /* user who created, for accounting */
16334 + struct vx_info *vxi;
16335 struct sock *notify_sock;
16336 struct sk_buff *notify_cookie;
16338 @@ -119,6 +122,7 @@ static struct inode *mqueue_get_inode(st
16339 struct mqueue_inode_info *info;
16340 struct task_struct *p = current;
16341 struct user_struct *u = p->user;
16342 + struct vx_info *vxi = p->vx_info;
16343 unsigned long mq_bytes, mq_msg_tblsz;
16345 inode->i_fop = &mqueue_file_operations;
16346 @@ -133,6 +137,7 @@ static struct inode *mqueue_get_inode(st
16347 info->notify_owner = NULL;
16349 info->user = NULL; /* set when all is ok */
16350 + info->vxi = NULL;
16351 memset(&info->attr, 0, sizeof(info->attr));
16352 info->attr.mq_maxmsg = DFLT_MSGMAX;
16353 info->attr.mq_msgsize = DFLT_MSGSIZEMAX;
16354 @@ -147,22 +152,26 @@ static struct inode *mqueue_get_inode(st
16355 spin_lock(&mq_lock);
16356 if (u->mq_bytes + mq_bytes < u->mq_bytes ||
16357 u->mq_bytes + mq_bytes >
16358 - p->signal->rlim[RLIMIT_MSGQUEUE].rlim_cur) {
16359 + p->signal->rlim[RLIMIT_MSGQUEUE].rlim_cur ||
16360 + !vx_ipcmsg_avail(vxi, mq_bytes)) {
16361 spin_unlock(&mq_lock);
16364 u->mq_bytes += mq_bytes;
16365 + vx_ipcmsg_add(vxi, u, mq_bytes);
16366 spin_unlock(&mq_lock);
16368 info->messages = kmalloc(mq_msg_tblsz, GFP_KERNEL);
16369 if (!info->messages) {
16370 spin_lock(&mq_lock);
16371 u->mq_bytes -= mq_bytes;
16372 + vx_ipcmsg_sub(vxi, u, mq_bytes);
16373 spin_unlock(&mq_lock);
16377 info->user = get_uid(u);
16378 + info->vxi = get_vx_info(vxi);
16379 } else if (S_ISDIR(mode)) {
16381 /* Some things misbehave if size == 0 on a directory */
16382 @@ -253,10 +262,14 @@ static void mqueue_delete_inode(struct i
16383 (info->attr.mq_maxmsg * info->attr.mq_msgsize));
16386 + struct vx_info *vxi = info->vxi;
16388 spin_lock(&mq_lock);
16389 user->mq_bytes -= mq_bytes;
16390 + vx_ipcmsg_sub(vxi, user, mq_bytes);
16392 spin_unlock(&mq_lock);
16393 + put_vx_info(vxi);
16397 @@ -743,7 +756,7 @@ asmlinkage long sys_mq_unlink(const char
16399 atomic_inc(&inode->i_count);
16401 - err = vfs_unlink(dentry->d_parent->d_inode, dentry);
16402 + err = vfs_unlink(dentry->d_parent->d_inode, dentry, NULL);
16406 diff -NurpP --minimal linux-2.6.25.11/ipc/msg.c linux-2.6.25.11-vs2.3.0.34.14/ipc/msg.c
16407 --- linux-2.6.25.11/ipc/msg.c 2008-04-17 12:05:44.000000000 -0400
16408 +++ linux-2.6.25.11-vs2.3.0.34.14/ipc/msg.c 2008-04-21 10:41:47.000000000 -0400
16410 #include <linux/rwsem.h>
16411 #include <linux/nsproxy.h>
16412 #include <linux/ipc_namespace.h>
16413 +#include <linux/vs_base.h>
16415 #include <asm/current.h>
16416 #include <asm/uaccess.h>
16417 @@ -168,6 +169,7 @@ static int newque(struct ipc_namespace *
16419 msq->q_perm.mode = msgflg & S_IRWXUGO;
16420 msq->q_perm.key = key;
16421 + msq->q_perm.xid = vx_current_xid();
16423 msq->q_perm.security = NULL;
16424 retval = security_msg_queue_alloc(msq);
16425 diff -NurpP --minimal linux-2.6.25.11/ipc/namespace.c linux-2.6.25.11-vs2.3.0.34.14/ipc/namespace.c
16426 --- linux-2.6.25.11/ipc/namespace.c 2008-04-17 12:05:44.000000000 -0400
16427 +++ linux-2.6.25.11-vs2.3.0.34.14/ipc/namespace.c 2008-04-21 10:44:58.000000000 -0400
16429 #include <linux/rcupdate.h>
16430 #include <linux/nsproxy.h>
16431 #include <linux/slab.h>
16432 +#include <linux/vs_base.h>
16433 +#include <linux/vserver/global.h>
16437 @@ -25,6 +27,7 @@ static struct ipc_namespace *clone_ipc_n
16440 kref_init(&ns->kref);
16441 + atomic_inc(&vs_global_ipc_ns);
16445 @@ -82,5 +85,6 @@ void free_ipc_ns(struct kref *kref)
16449 + atomic_dec(&vs_global_ipc_ns);
16452 diff -NurpP --minimal linux-2.6.25.11/ipc/sem.c linux-2.6.25.11-vs2.3.0.34.14/ipc/sem.c
16453 --- linux-2.6.25.11/ipc/sem.c 2008-04-17 12:05:44.000000000 -0400
16454 +++ linux-2.6.25.11-vs2.3.0.34.14/ipc/sem.c 2008-04-21 10:45:22.000000000 -0400
16456 #include <linux/rwsem.h>
16457 #include <linux/nsproxy.h>
16458 #include <linux/ipc_namespace.h>
16459 +#include <linux/vs_base.h>
16460 +#include <linux/vs_limit.h>
16462 #include <asm/uaccess.h>
16464 @@ -252,6 +254,7 @@ static int newary(struct ipc_namespace *
16466 sma->sem_perm.mode = (semflg & S_IRWXUGO);
16467 sma->sem_perm.key = key;
16468 + sma->sem_perm.xid = vx_current_xid();
16470 sma->sem_perm.security = NULL;
16471 retval = security_sem_alloc(sma);
16472 @@ -267,6 +270,9 @@ static int newary(struct ipc_namespace *
16475 ns->used_sems += nsems;
16476 + /* FIXME: obsoleted? */
16477 + vx_semary_inc(sma);
16478 + vx_nsems_add(sma, nsems);
16480 sma->sem_perm.id = sem_buildid(id, sma->sem_perm.seq);
16481 sma->sem_base = (struct sem *) &sma[1];
16482 diff -NurpP --minimal linux-2.6.25.11/ipc/shm.c linux-2.6.25.11-vs2.3.0.34.14/ipc/shm.c
16483 --- linux-2.6.25.11/ipc/shm.c 2008-04-17 12:05:44.000000000 -0400
16484 +++ linux-2.6.25.11-vs2.3.0.34.14/ipc/shm.c 2008-04-21 10:45:38.000000000 -0400
16486 #include <linux/nsproxy.h>
16487 #include <linux/mount.h>
16488 #include <linux/ipc_namespace.h>
16489 +#include <linux/vs_context.h>
16490 +#include <linux/vs_limit.h>
16492 #include <asm/uaccess.h>
16494 @@ -202,7 +204,12 @@ static void shm_open(struct vm_area_stru
16496 static void shm_destroy(struct ipc_namespace *ns, struct shmid_kernel *shp)
16498 - ns->shm_tot -= (shp->shm_segsz + PAGE_SIZE - 1) >> PAGE_SHIFT;
16499 + struct vx_info *vxi = lookup_vx_info(shp->shm_perm.xid);
16500 + int numpages = (shp->shm_segsz + PAGE_SIZE - 1) >> PAGE_SHIFT;
16502 + vx_ipcshm_sub(vxi, shp, numpages);
16503 + ns->shm_tot -= numpages;
16507 if (!is_file_hugepages(shp->shm_file))
16508 @@ -212,6 +219,7 @@ static void shm_destroy(struct ipc_names
16510 fput (shp->shm_file);
16511 security_shm_free(shp);
16512 + put_vx_info(vxi);
16513 ipc_rcu_putref(shp);
16516 @@ -383,11 +391,15 @@ static int newseg(struct ipc_namespace *
16517 if (ns->shm_tot + numpages > ns->shm_ctlall)
16520 + if (!vx_ipcshm_avail(current->vx_info, numpages))
16523 shp = ipc_rcu_alloc(sizeof(*shp));
16527 shp->shm_perm.key = key;
16528 + shp->shm_perm.xid = vx_current_xid();
16529 shp->shm_perm.mode = (shmflg & S_IRWXUGO);
16530 shp->mlock_user = NULL;
16532 @@ -441,6 +453,7 @@ static int newseg(struct ipc_namespace *
16533 ns->shm_tot += numpages;
16534 error = shp->shm_perm.id;
16536 + vx_ipcshm_add(current->vx_info, key, numpages);
16540 diff -NurpP --minimal linux-2.6.25.11/kernel/capability.c linux-2.6.25.11-vs2.3.0.34.14/kernel/capability.c
16541 --- linux-2.6.25.11/kernel/capability.c 2008-07-15 22:05:17.000000000 -0400
16542 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/capability.c 2008-06-10 20:00:46.000000000 -0400
16544 #include <linux/security.h>
16545 #include <linux/syscalls.h>
16546 #include <linux/pid_namespace.h>
16547 +#include <linux/vs_context.h>
16548 #include <asm/uaccess.h>
16551 @@ -220,6 +221,8 @@ static inline int cap_set_pg(int pgrp_nr
16553 pgrp = find_vpid(pgrp_nr);
16554 do_each_pid_task(pgrp, PIDTYPE_PGID, g) {
16555 + if (!vx_check(g->xid, VS_ADMIN_P | VS_IDENT))
16558 while_each_thread(g, target) {
16559 if (!security_capset_check(target, effective,
16560 @@ -370,8 +373,12 @@ int __capable(struct task_struct *t, int
16564 +#include <linux/vserver/base.h>
16565 int capable(int cap)
16567 + /* here for now so we don't require task locking */
16568 + if (vs_check_bit(VXC_CAP_MASK, cap) && !vx_mcaps(1L << cap))
16570 return __capable(current, cap);
16572 EXPORT_SYMBOL(capable);
16573 diff -NurpP --minimal linux-2.6.25.11/kernel/cgroup.c linux-2.6.25.11-vs2.3.0.34.14/kernel/cgroup.c
16574 --- linux-2.6.25.11/kernel/cgroup.c 2008-07-15 22:05:17.000000000 -0400
16575 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/cgroup.c 2008-06-10 20:00:46.000000000 -0400
16576 @@ -2833,7 +2833,7 @@ int cgroup_clone(struct task_struct *tsk
16579 /* Create the cgroup directory, which also creates the cgroup */
16580 - ret = vfs_mkdir(inode, dentry, S_IFDIR | 0755);
16581 + ret = vfs_mkdir(inode, dentry, S_IFDIR | 0755, NULL);
16582 child = __d_cgrp(dentry);
16585 diff -NurpP --minimal linux-2.6.25.11/kernel/compat.c linux-2.6.25.11-vs2.3.0.34.14/kernel/compat.c
16586 --- linux-2.6.25.11/kernel/compat.c 2008-04-17 12:05:44.000000000 -0400
16587 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/compat.c 2008-04-19 15:14:52.000000000 -0400
16588 @@ -846,7 +846,7 @@ asmlinkage long compat_sys_time(compat_t
16592 - do_gettimeofday(&tv);
16593 + vx_gettimeofday(&tv);
16597 @@ -870,7 +870,7 @@ asmlinkage long compat_sys_stime(compat_
16601 - do_settimeofday(&tv);
16602 + vx_settimeofday(&tv);
16606 diff -NurpP --minimal linux-2.6.25.11/kernel/exit.c linux-2.6.25.11-vs2.3.0.34.14/kernel/exit.c
16607 --- linux-2.6.25.11/kernel/exit.c 2008-04-17 12:05:44.000000000 -0400
16608 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/exit.c 2008-04-19 15:14:52.000000000 -0400
16610 #include <linux/resource.h>
16611 #include <linux/blkdev.h>
16612 #include <linux/task_io_accounting_ops.h>
16613 +#include <linux/vs_limit.h>
16614 +#include <linux/vs_context.h>
16615 +#include <linux/vs_network.h>
16616 +#include <linux/vs_pid.h>
16617 +#include <linux/vserver/global.h>
16619 #include <asm/uaccess.h>
16620 #include <asm/unistd.h>
16621 @@ -468,9 +473,11 @@ static void close_files(struct files_str
16622 filp_close(file, files);
16625 + vx_openfd_dec(i);
16633 @@ -1014,6 +1021,10 @@ NORET_TYPE void do_exit(long code)
16634 if (tsk->splice_pipe)
16635 __free_pipe_info(tsk->splice_pipe);
16637 + /* needs to stay after exit_notify() */
16638 + exit_vx_info(tsk, code);
16639 + exit_nx_info(tsk);
16642 /* causes final put_task_struct in finish_task_switch(). */
16643 tsk->state = TASK_DEAD;
16644 diff -NurpP --minimal linux-2.6.25.11/kernel/fork.c linux-2.6.25.11-vs2.3.0.34.14/kernel/fork.c
16645 --- linux-2.6.25.11/kernel/fork.c 2008-04-17 12:05:44.000000000 -0400
16646 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/fork.c 2008-04-21 11:09:01.000000000 -0400
16648 #include <linux/tty.h>
16649 #include <linux/proc_fs.h>
16650 #include <linux/blkdev.h>
16651 +#include <linux/vs_context.h>
16652 +#include <linux/vs_network.h>
16653 +#include <linux/vs_limit.h>
16654 +#include <linux/vs_memory.h>
16655 +#include <linux/vserver/global.h>
16657 #include <asm/pgtable.h>
16658 #include <asm/pgalloc.h>
16659 @@ -113,6 +118,8 @@ void free_task(struct task_struct *tsk)
16660 prop_local_destroy_single(&tsk->dirties);
16661 free_thread_info(tsk->stack);
16662 rt_mutex_debug_task_free(tsk);
16663 + clr_vx_info(&tsk->vx_info);
16664 + clr_nx_info(&tsk->nx_info);
16665 free_task_struct(tsk);
16667 EXPORT_SYMBOL(free_task);
16668 @@ -229,6 +236,8 @@ static int dup_mmap(struct mm_struct *mm
16669 mm->free_area_cache = oldmm->mmap_base;
16670 mm->cached_hole_size = ~0UL;
16672 + __set_mm_counter(mm, file_rss, 0);
16673 + __set_mm_counter(mm, anon_rss, 0);
16674 cpus_clear(mm->cpu_vm_mask);
16675 mm->mm_rb = RB_ROOT;
16676 rb_link = &mm->mm_rb.rb_node;
16677 @@ -240,7 +249,7 @@ static int dup_mmap(struct mm_struct *mm
16679 if (mpnt->vm_flags & VM_DONTCOPY) {
16680 long pages = vma_pages(mpnt);
16681 - mm->total_vm -= pages;
16682 + vx_vmpages_sub(mm, pages);
16683 vm_stat_account(mm, mpnt->vm_flags, mpnt->vm_file,
16686 @@ -351,8 +360,8 @@ static struct mm_struct * mm_init(struct
16687 : MMF_DUMP_FILTER_DEFAULT;
16688 mm->core_waiters = 0;
16690 - set_mm_counter(mm, file_rss, 0);
16691 - set_mm_counter(mm, anon_rss, 0);
16692 + __set_mm_counter(mm, file_rss, 0);
16693 + __set_mm_counter(mm, anon_rss, 0);
16694 spin_lock_init(&mm->page_table_lock);
16695 rwlock_init(&mm->ioctx_list_lock);
16696 mm->ioctx_list = NULL;
16697 @@ -362,6 +371,7 @@ static struct mm_struct * mm_init(struct
16699 if (likely(!mm_alloc_pgd(mm))) {
16701 + set_vx_info(&mm->mm_vx_info, p->vx_info);
16705 @@ -395,6 +405,7 @@ void __mmdrop(struct mm_struct *mm)
16706 BUG_ON(mm == &init_mm);
16708 destroy_context(mm);
16709 + clr_vx_info(&mm->mm_vx_info);
16712 EXPORT_SYMBOL_GPL(__mmdrop);
16713 @@ -511,6 +522,7 @@ static struct mm_struct *dup_mm(struct t
16716 memcpy(mm, oldmm, sizeof(*mm));
16717 + mm->mm_vx_info = NULL;
16719 /* Initializing for Swap token stuff */
16720 mm->token_priority = 0;
16721 @@ -542,6 +554,7 @@ fail_nocontext:
16722 * If init_new_context() failed, we cannot use mmput() to free the mm
16723 * because it calls destroy_context()
16725 + clr_vx_info(&mm->mm_vx_info);
16729 @@ -612,6 +625,7 @@ static struct fs_struct *__copy_fs_struc
16730 fs->altroot.dentry = NULL;
16732 read_unlock(&old->lock);
16733 + atomic_inc(&vs_global_fs);
16737 @@ -730,6 +744,8 @@ static struct files_struct *dup_fd(struc
16738 struct file *f = *old_fds++;
16741 + /* TODO: sum it first for check and performance */
16742 + vx_openfd_inc(open_files - i);
16745 * The fd may be claimed in the fd bitmap but not yet
16746 @@ -1011,6 +1027,8 @@ static struct task_struct *copy_process(
16748 struct task_struct *p;
16749 int cgroup_callbacks_done = 0;
16750 + struct vx_info *vxi;
16751 + struct nx_info *nxi;
16753 if ((clone_flags & (CLONE_NEWNS|CLONE_FS)) == (CLONE_NEWNS|CLONE_FS))
16754 return ERR_PTR(-EINVAL);
16755 @@ -1045,12 +1063,28 @@ static struct task_struct *copy_process(
16756 DEBUG_LOCKS_WARN_ON(!p->hardirqs_enabled);
16757 DEBUG_LOCKS_WARN_ON(!p->softirqs_enabled);
16759 + init_vx_info(&p->vx_info, current->vx_info);
16760 + init_nx_info(&p->nx_info, current->nx_info);
16762 + /* check vserver memory */
16763 + if (p->mm && !(clone_flags & CLONE_VM)) {
16764 + if (vx_vmpages_avail(p->mm, p->mm->total_vm))
16765 + vx_pages_add(p->vx_info, RLIMIT_AS, p->mm->total_vm);
16767 + goto bad_fork_free;
16769 + if (p->mm && vx_flags(VXF_FORK_RSS, 0)) {
16770 + if (!vx_rss_avail(p->mm, get_mm_counter(p->mm, file_rss)))
16771 + goto bad_fork_cleanup_vm;
16774 + if (!vx_nproc_avail(1))
16775 + goto bad_fork_cleanup_vm;
16776 if (atomic_read(&p->user->processes) >=
16777 p->signal->rlim[RLIMIT_NPROC].rlim_cur) {
16778 if (!capable(CAP_SYS_ADMIN) && !capable(CAP_SYS_RESOURCE) &&
16779 p->user != current->nsproxy->user_ns->root_user)
16780 - goto bad_fork_free;
16781 + goto bad_fork_cleanup_vm;
16784 atomic_inc(&p->user->__count);
16785 @@ -1352,6 +1386,18 @@ static struct task_struct *copy_process(
16788 spin_unlock(¤t->sighand->siglock);
16790 + /* p is copy of current */
16791 + vxi = p->vx_info;
16793 + claim_vx_info(vxi, p);
16794 + atomic_inc(&vxi->cvirt.nr_threads);
16795 + atomic_inc(&vxi->cvirt.total_forks);
16798 + nxi = p->nx_info;
16800 + claim_nx_info(nxi, p);
16801 write_unlock_irq(&tasklist_lock);
16802 proc_fork_connector(p);
16803 cgroup_post_fork(p);
16804 @@ -1398,6 +1444,9 @@ bad_fork_cleanup_count:
16805 put_group_info(p->group_info);
16806 atomic_dec(&p->user->processes);
16808 +bad_fork_cleanup_vm:
16809 + if (p->mm && !(clone_flags & CLONE_VM))
16810 + vx_pages_sub(p->vx_info, RLIMIT_AS, p->mm->total_vm);
16814 diff -NurpP --minimal linux-2.6.25.11/kernel/kthread.c linux-2.6.25.11-vs2.3.0.34.14/kernel/kthread.c
16815 --- linux-2.6.25.11/kernel/kthread.c 2008-04-17 12:05:44.000000000 -0400
16816 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/kthread.c 2008-04-19 15:14:52.000000000 -0400
16818 #include <linux/file.h>
16819 #include <linux/module.h>
16820 #include <linux/mutex.h>
16821 +#include <linux/vs_pid.h>
16822 #include <asm/semaphore.h>
16824 #define KTHREAD_NICE_LEVEL (-5)
16825 @@ -99,7 +100,7 @@ static void create_kthread(struct kthrea
16826 struct sched_param param = { .sched_priority = 0 };
16827 wait_for_completion(&create->started);
16828 read_lock(&tasklist_lock);
16829 - create->result = find_task_by_pid(pid);
16830 + create->result = find_task_by_real_pid(pid);
16831 read_unlock(&tasklist_lock);
16833 * root may have changed our (kthreadd's) priority or CPU mask.
16834 diff -NurpP --minimal linux-2.6.25.11/kernel/Makefile linux-2.6.25.11-vs2.3.0.34.14/kernel/Makefile
16835 --- linux-2.6.25.11/kernel/Makefile 2008-04-17 12:05:44.000000000 -0400
16836 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/Makefile 2008-04-19 15:14:52.000000000 -0400
16837 @@ -11,6 +11,8 @@ obj-y = sched.o fork.o exec_domain.o
16838 hrtimer.o rwsem.o nsproxy.o srcu.o \
16839 notifier.o ksysfs.o pm_qos_params.o
16843 obj-$(CONFIG_SYSCTL) += sysctl_check.o
16844 obj-$(CONFIG_STACKTRACE) += stacktrace.o
16846 diff -NurpP --minimal linux-2.6.25.11/kernel/nsproxy.c linux-2.6.25.11-vs2.3.0.34.14/kernel/nsproxy.c
16847 --- linux-2.6.25.11/kernel/nsproxy.c 2008-04-17 12:05:44.000000000 -0400
16848 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/nsproxy.c 2008-07-16 00:10:51.000000000 -0400
16850 #include <linux/mnt_namespace.h>
16851 #include <linux/utsname.h>
16852 #include <linux/pid_namespace.h>
16853 +#include <linux/vserver/global.h>
16854 +#include <linux/vserver/debug.h>
16855 #include <net/net_namespace.h>
16856 #include <linux/ipc_namespace.h>
16858 @@ -38,6 +40,9 @@ static inline struct nsproxy *clone_nspr
16860 memcpy(ns, orig, sizeof(struct nsproxy));
16861 atomic_set(&ns->count, 1);
16862 + vxdprintk(VXD_CBIT(space, 2), "clone_nsproxy(%p[%u] = %p[1]",
16863 + orig, atomic_read(&orig->count), ns);
16864 + atomic_inc(&vs_global_nsproxy);
16868 @@ -47,47 +52,51 @@ static inline struct nsproxy *clone_nspr
16869 * Return the newly created nsproxy. Do not attach this to the task,
16870 * leave it to the caller to do proper locking and attach it to task.
16872 -static struct nsproxy *create_new_namespaces(unsigned long flags,
16873 - struct task_struct *tsk, struct fs_struct *new_fs)
16874 +static struct nsproxy *unshare_namespaces(unsigned long flags,
16875 + struct nsproxy *orig, struct fs_struct *new_fs)
16877 struct nsproxy *new_nsp;
16880 - new_nsp = clone_nsproxy(tsk->nsproxy);
16881 + vxdprintk(VXD_CBIT(space, 4),
16882 + "unshare_namespaces(0x%08lx,%p,%p)",
16883 + flags, orig, new_fs);
16885 + new_nsp = clone_nsproxy(orig);
16887 return ERR_PTR(-ENOMEM);
16889 - new_nsp->mnt_ns = copy_mnt_ns(flags, tsk->nsproxy->mnt_ns, new_fs);
16890 + new_nsp->mnt_ns = copy_mnt_ns(flags, orig->mnt_ns, new_fs);
16891 if (IS_ERR(new_nsp->mnt_ns)) {
16892 err = PTR_ERR(new_nsp->mnt_ns);
16896 - new_nsp->uts_ns = copy_utsname(flags, tsk->nsproxy->uts_ns);
16897 + new_nsp->uts_ns = copy_utsname(flags, orig->uts_ns);
16898 if (IS_ERR(new_nsp->uts_ns)) {
16899 err = PTR_ERR(new_nsp->uts_ns);
16903 - new_nsp->ipc_ns = copy_ipcs(flags, tsk->nsproxy->ipc_ns);
16904 + new_nsp->ipc_ns = copy_ipcs(flags, orig->ipc_ns);
16905 if (IS_ERR(new_nsp->ipc_ns)) {
16906 err = PTR_ERR(new_nsp->ipc_ns);
16910 - new_nsp->pid_ns = copy_pid_ns(flags, task_active_pid_ns(tsk));
16911 + new_nsp->pid_ns = copy_pid_ns(flags, orig->pid_ns);
16912 if (IS_ERR(new_nsp->pid_ns)) {
16913 err = PTR_ERR(new_nsp->pid_ns);
16917 - new_nsp->user_ns = copy_user_ns(flags, tsk->nsproxy->user_ns);
16918 + new_nsp->user_ns = copy_user_ns(flags, orig->user_ns);
16919 if (IS_ERR(new_nsp->user_ns)) {
16920 err = PTR_ERR(new_nsp->user_ns);
16924 - new_nsp->net_ns = copy_net_ns(flags, tsk->nsproxy->net_ns);
16925 + new_nsp->net_ns = copy_net_ns(flags, orig->net_ns);
16926 if (IS_ERR(new_nsp->net_ns)) {
16927 err = PTR_ERR(new_nsp->net_ns);
16929 @@ -115,6 +124,37 @@ out_ns:
16930 return ERR_PTR(err);
16933 +static struct nsproxy *create_new_namespaces(int flags, struct task_struct *tsk,
16934 + struct fs_struct *new_fs)
16936 + return unshare_namespaces(flags, tsk->nsproxy, new_fs);
16940 + * copies the nsproxy, setting refcount to 1, and grabbing a
16941 + * reference to all contained namespaces.
16943 +struct nsproxy *copy_nsproxy(struct nsproxy *orig)
16945 + struct nsproxy *ns = clone_nsproxy(orig);
16949 + get_mnt_ns(ns->mnt_ns);
16951 + get_uts_ns(ns->uts_ns);
16953 + get_ipc_ns(ns->ipc_ns);
16955 + get_pid_ns(ns->pid_ns);
16957 + get_user_ns(ns->user_ns);
16959 + get_net(ns->net_ns);
16965 * called from clone. This now handles copy for nsproxy and all
16966 * namespaces therein.
16967 @@ -122,9 +162,12 @@ out_ns:
16968 int copy_namespaces(unsigned long flags, struct task_struct *tsk)
16970 struct nsproxy *old_ns = tsk->nsproxy;
16971 - struct nsproxy *new_ns;
16972 + struct nsproxy *new_ns = NULL;
16975 + vxdprintk(VXD_CBIT(space, 7), "copy_namespaces(0x%08lx,%p[%p])",
16976 + flags, tsk, old_ns);
16981 @@ -155,6 +198,9 @@ int copy_namespaces(unsigned long flags,
16984 put_nsproxy(old_ns);
16985 + vxdprintk(VXD_CBIT(space, 3),
16986 + "copy_namespaces(0x%08lx,%p[%p]) = %d [%p]",
16987 + flags, tsk, old_ns, err, new_ns);
16991 @@ -170,7 +216,9 @@ void free_nsproxy(struct nsproxy *ns)
16992 put_pid_ns(ns->pid_ns);
16994 put_user_ns(ns->user_ns);
16995 - put_net(ns->net_ns);
16997 + put_net(ns->net_ns);
16998 + atomic_dec(&vs_global_nsproxy);
16999 kmem_cache_free(nsproxy_cachep, ns);
17002 @@ -183,6 +231,10 @@ int unshare_nsproxy_namespaces(unsigned
17006 + vxdprintk(VXD_CBIT(space, 4),
17007 + "unshare_nsproxy_namespaces(0x%08lx,[%p])",
17008 + unshare_flags, current->nsproxy);
17010 if (!(unshare_flags & (CLONE_NEWNS | CLONE_NEWUTS | CLONE_NEWIPC |
17011 CLONE_NEWUSER | CLONE_NEWNET)))
17013 diff -NurpP --minimal linux-2.6.25.11/kernel/pid.c linux-2.6.25.11-vs2.3.0.34.14/kernel/pid.c
17014 --- linux-2.6.25.11/kernel/pid.c 2008-04-17 12:05:44.000000000 -0400
17015 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/pid.c 2008-04-29 17:56:00.000000000 -0400
17017 #include <linux/pid_namespace.h>
17018 #include <linux/init_task.h>
17019 #include <linux/syscalls.h>
17020 +#include <linux/vs_pid.h>
17021 +#include <linux/vserver/global.h>
17023 #define pid_hashfn(nr, ns) \
17024 hash_long((unsigned long)nr + (unsigned long)ns, pidhash_shift)
17025 @@ -303,7 +305,7 @@ EXPORT_SYMBOL_GPL(find_pid_ns);
17027 struct pid *find_vpid(int nr)
17029 - return find_pid_ns(nr, current->nsproxy->pid_ns);
17030 + return find_pid_ns(vx_rmap_pid(nr), current->nsproxy->pid_ns);
17032 EXPORT_SYMBOL_GPL(find_vpid);
17034 @@ -359,6 +361,9 @@ void transfer_pid(struct task_struct *ol
17035 struct task_struct *pid_task(struct pid *pid, enum pid_type type)
17037 struct task_struct *result = NULL;
17039 + if (type == PIDTYPE_REALPID)
17040 + type = PIDTYPE_PID;
17042 struct hlist_node *first;
17043 first = rcu_dereference(pid->tasks[type].first);
17044 @@ -388,14 +393,14 @@ EXPORT_SYMBOL(find_task_by_pid);
17046 struct task_struct *find_task_by_vpid(pid_t vnr)
17048 - return find_task_by_pid_type_ns(PIDTYPE_PID, vnr,
17049 + return find_task_by_pid_type_ns(PIDTYPE_PID, vx_rmap_pid(vnr),
17050 current->nsproxy->pid_ns);
17052 EXPORT_SYMBOL(find_task_by_vpid);
17054 struct task_struct *find_task_by_pid_ns(pid_t nr, struct pid_namespace *ns)
17056 - return find_task_by_pid_type_ns(PIDTYPE_PID, nr, ns);
17057 + return find_task_by_pid_type_ns(PIDTYPE_PID, vx_rmap_pid(nr), ns);
17059 EXPORT_SYMBOL(find_task_by_pid_ns);
17061 @@ -430,7 +435,7 @@ struct pid *find_get_pid(pid_t nr)
17065 -pid_t pid_nr_ns(struct pid *pid, struct pid_namespace *ns)
17066 +pid_t pid_unmapped_nr_ns(struct pid *pid, struct pid_namespace *ns)
17070 @@ -443,6 +448,11 @@ pid_t pid_nr_ns(struct pid *pid, struct
17074 +pid_t pid_nr_ns(struct pid *pid, struct pid_namespace *ns)
17076 + return vx_map_pid(pid_unmapped_nr_ns(pid, ns));
17079 pid_t pid_vnr(struct pid *pid)
17081 return pid_nr_ns(pid, current->nsproxy->pid_ns);
17082 diff -NurpP --minimal linux-2.6.25.11/kernel/pid_namespace.c linux-2.6.25.11-vs2.3.0.34.14/kernel/pid_namespace.c
17083 --- linux-2.6.25.11/kernel/pid_namespace.c 2008-04-17 12:05:44.000000000 -0400
17084 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/pid_namespace.c 2008-04-23 11:52:08.000000000 -0400
17086 #include <linux/pid_namespace.h>
17087 #include <linux/syscalls.h>
17088 #include <linux/err.h>
17089 +#include <linux/vserver/global.h>
17091 #define BITS_PER_PAGE (PAGE_SIZE*8)
17093 @@ -84,6 +85,7 @@ static struct pid_namespace *create_pid_
17096 kref_init(&ns->kref);
17097 + atomic_inc(&vs_global_pid_ns);
17099 ns->child_reaper = NULL;
17101 @@ -112,6 +114,7 @@ static void destroy_pid_namespace(struct
17103 for (i = 0; i < PIDMAP_ENTRIES; i++)
17104 kfree(ns->pidmap[i].page);
17105 + atomic_dec(&vs_global_pid_ns);
17106 kmem_cache_free(pid_ns_cachep, ns);
17109 diff -NurpP --minimal linux-2.6.25.11/kernel/posix-timers.c linux-2.6.25.11-vs2.3.0.34.14/kernel/posix-timers.c
17110 --- linux-2.6.25.11/kernel/posix-timers.c 2008-04-17 12:05:44.000000000 -0400
17111 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/posix-timers.c 2008-04-19 15:14:52.000000000 -0400
17113 #include <linux/wait.h>
17114 #include <linux/workqueue.h>
17115 #include <linux/module.h>
17116 +#include <linux/vs_context.h>
17119 * Management arrays for POSIX timers. Timers are kept in slab memory
17120 @@ -299,6 +300,12 @@ void do_schedule_next_timer(struct sigin
17122 int posix_timer_event(struct k_itimer *timr,int si_private)
17124 + struct vx_info_save vxis;
17125 + struct vx_info *vxi;
17128 + vxi = task_get_vx_info(timr->it_process);
17129 + enter_vx_info(vxi, &vxis);
17130 memset(&timr->sigq->info, 0, sizeof(siginfo_t));
17131 timr->sigq->info.si_sys_private = si_private;
17132 /* Send signal to the process that owns this timer.*/
17133 @@ -311,11 +318,11 @@ int posix_timer_event(struct k_itimer *t
17135 if (timr->it_sigev_notify & SIGEV_THREAD_ID) {
17136 struct task_struct *leader;
17137 - int ret = send_sigqueue(timr->it_sigev_signo, timr->sigq,
17138 - timr->it_process);
17140 + ret = send_sigqueue(timr->it_sigev_signo, timr->sigq,
17141 + timr->it_process);
17142 if (likely(ret >= 0))
17146 timr->it_sigev_notify = SIGEV_SIGNAL;
17147 leader = timr->it_process->group_leader;
17148 @@ -323,8 +330,12 @@ int posix_timer_event(struct k_itimer *t
17149 timr->it_process = leader;
17152 - return send_group_sigqueue(timr->it_sigev_signo, timr->sigq,
17153 + ret = send_group_sigqueue(timr->it_sigev_signo, timr->sigq,
17156 + leave_vx_info(&vxis);
17157 + put_vx_info(vxi);
17160 EXPORT_SYMBOL_GPL(posix_timer_event);
17162 diff -NurpP --minimal linux-2.6.25.11/kernel/printk.c linux-2.6.25.11-vs2.3.0.34.14/kernel/printk.c
17163 --- linux-2.6.25.11/kernel/printk.c 2008-04-17 12:05:44.000000000 -0400
17164 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/printk.c 2008-04-21 10:59:28.000000000 -0400
17166 #include <linux/security.h>
17167 #include <linux/bootmem.h>
17168 #include <linux/syscalls.h>
17169 +#include <linux/vs_cvirt.h>
17171 #include <asm/uaccess.h>
17173 @@ -297,18 +298,13 @@ int do_syslog(int type, char __user *buf
17174 unsigned i, j, limit, count;
17180 error = security_syslog(type);
17185 - case 0: /* Close log */
17187 - case 1: /* Open log */
17189 - case 2: /* Read from log */
17190 + if ((type >= 2) && (type <= 4)) {
17192 if (!buf || len < 0)
17194 @@ -319,6 +315,16 @@ int do_syslog(int type, char __user *buf
17199 + if (!vx_check(0, VS_ADMIN|VS_WATCH))
17200 + return vx_do_syslog(type, buf, len);
17203 + case 0: /* Close log */
17205 + case 1: /* Open log */
17207 + case 2: /* Read from log */
17208 error = wait_event_interruptible(log_wait,
17209 (log_start - log_end));
17211 @@ -343,16 +349,6 @@ int do_syslog(int type, char __user *buf
17214 case 3: /* Read last kernel messages */
17216 - if (!buf || len < 0)
17221 - if (!access_ok(VERIFY_WRITE, buf, len)) {
17226 if (count > log_buf_len)
17227 count = log_buf_len;
17228 diff -NurpP --minimal linux-2.6.25.11/kernel/ptrace.c linux-2.6.25.11-vs2.3.0.34.14/kernel/ptrace.c
17229 --- linux-2.6.25.11/kernel/ptrace.c 2008-04-17 12:05:44.000000000 -0400
17230 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/ptrace.c 2008-04-21 10:50:28.000000000 -0400
17232 #include <linux/audit.h>
17233 #include <linux/pid_namespace.h>
17234 #include <linux/syscalls.h>
17235 +#include <linux/vs_context.h>
17237 #include <asm/pgtable.h>
17238 #include <asm/uaccess.h>
17239 @@ -147,6 +148,11 @@ int __ptrace_may_attach(struct task_stru
17240 dumpable = get_dumpable(task->mm);
17241 if (!dumpable && !capable(CAP_SYS_PTRACE))
17243 + if (!vx_check(task->xid, VS_ADMIN_P|VS_IDENT))
17245 + if (!vx_check(task->xid, VS_IDENT) &&
17246 + !task_vx_flags(task, VXF_STATE_ADMIN, 0))
17249 return security_ptrace(current, task);
17251 @@ -562,6 +568,10 @@ asmlinkage long sys_ptrace(long request,
17256 + if (!vx_check(vx_task_xid(child), VS_WATCH_P | VS_IDENT))
17257 + goto out_put_task_struct;
17259 if (request == PTRACE_ATTACH) {
17260 ret = ptrace_attach(child);
17262 diff -NurpP --minimal linux-2.6.25.11/kernel/sched.c linux-2.6.25.11-vs2.3.0.34.14/kernel/sched.c
17263 --- linux-2.6.25.11/kernel/sched.c 2008-07-15 22:05:18.000000000 -0400
17264 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/sched.c 2008-07-11 12:41:01.000000000 -0400
17266 #include <linux/unistd.h>
17267 #include <linux/pagemap.h>
17268 #include <linux/hrtimer.h>
17269 +#include <linux/vs_sched.h>
17270 +#include <linux/vs_cvirt.h>
17272 #include <asm/tlb.h>
17273 #include <asm/irq_regs.h>
17274 @@ -375,6 +377,16 @@ struct root_domain {
17275 static struct root_domain def_root_domain;
17278 + unsigned long norm_time;
17279 + unsigned long idle_time;
17280 +#ifdef CONFIG_VSERVER_IDLETIME
17283 +#ifdef CONFIG_VSERVER_HARDCPU
17284 + struct list_head hold_queue;
17285 + unsigned long nr_onhold;
17290 * This is the main, per-CPU runqueue data structure.
17291 @@ -1366,6 +1378,7 @@ static void set_load_weight(struct task_
17293 static void enqueue_task(struct rq *rq, struct task_struct *p, int wakeup)
17295 + // BUG_ON(p->state & TASK_ONHOLD);
17296 sched_info_queued(p);
17297 p->sched_class->enqueue_task(rq, p, wakeup);
17299 @@ -1556,6 +1569,9 @@ struct migration_req {
17300 struct completion done;
17303 +#include "sched_mon.h"
17307 * The task's runqueue lock must be held.
17308 * Returns true if you have to wait for migration thread.
17309 @@ -1565,6 +1581,7 @@ migrate_task(struct task_struct *p, int
17311 struct rq *rq = task_rq(p);
17313 + vxm_migrate_task(p, rq, dest_cpu);
17315 * If the task is not on a runqueue (and not running), then
17316 * it is sufficient to simply update the task's cpu field.
17317 @@ -1926,6 +1943,12 @@ static int try_to_wake_up(struct task_st
17318 /* might preempt at this point */
17319 rq = task_rq_lock(p, &flags);
17320 old_state = p->state;
17322 + /* we need to unhold suspended tasks
17323 + if (old_state & TASK_ONHOLD) {
17324 + vx_unhold_task(p, rq);
17325 + old_state = p->state;
17327 if (!(old_state & state))
17330 @@ -3697,13 +3720,16 @@ unsigned long long task_sched_runtime(st
17331 void account_user_time(struct task_struct *p, cputime_t cputime)
17333 struct cpu_usage_stat *cpustat = &kstat_this_cpu.cpustat;
17334 + struct vx_info *vxi = p->vx_info; /* p is _always_ current */
17336 + int nice = (TASK_NICE(p) > 0);
17338 p->utime = cputime_add(p->utime, cputime);
17339 + vx_account_user(vxi, cputime, nice);
17341 /* Add user time to cpustat. */
17342 tmp = cputime_to_cputime64(cputime);
17343 - if (TASK_NICE(p) > 0)
17345 cpustat->nice = cputime64_add(cpustat->nice, tmp);
17347 cpustat->user = cputime64_add(cpustat->user, tmp);
17348 @@ -3748,6 +3774,7 @@ void account_system_time(struct task_str
17351 struct cpu_usage_stat *cpustat = &kstat_this_cpu.cpustat;
17352 + struct vx_info *vxi = p->vx_info; /* p is _always_ current */
17353 struct rq *rq = this_rq();
17356 @@ -3755,6 +3782,7 @@ void account_system_time(struct task_str
17357 return account_guest_time(p, cputime);
17359 p->stime = cputime_add(p->stime, cputime);
17360 + vx_account_system(vxi, cputime, (p == rq->idle));
17362 /* Add system time to cpustat. */
17363 tmp = cputime_to_cputime64(cputime);
17364 @@ -4500,7 +4528,7 @@ asmlinkage long sys_nice(int increment)
17367 if (increment < 0 && !can_nice(current, nice))
17369 + return vx_flags(VXF_IGNEG_NICE, 0) ? 0 : -EPERM;
17371 retval = security_task_setnice(current, nice);
17373 diff -NurpP --minimal linux-2.6.25.11/kernel/sched_fair.c linux-2.6.25.11-vs2.3.0.34.14/kernel/sched_fair.c
17374 --- linux-2.6.25.11/kernel/sched_fair.c 2008-04-17 12:05:44.000000000 -0400
17375 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/sched_fair.c 2008-04-19 15:14:52.000000000 -0400
17376 @@ -537,6 +537,8 @@ enqueue_entity(struct cfs_rq *cfs_rq, st
17377 check_spread(cfs_rq, se);
17378 if (se != cfs_rq->curr)
17379 __enqueue_entity(cfs_rq, se);
17380 + if (entity_is_task(se))
17381 + vx_activate_task(task_of(se));
17382 account_entity_enqueue(cfs_rq, se);
17385 @@ -580,6 +582,8 @@ dequeue_entity(struct cfs_rq *cfs_rq, st
17387 if (se != cfs_rq->curr)
17388 __dequeue_entity(cfs_rq, se);
17389 + if (entity_is_task(se))
17390 + vx_deactivate_task(task_of(se));
17391 account_entity_dequeue(cfs_rq, se);
17394 diff -NurpP --minimal linux-2.6.25.11/kernel/sched_hard.h linux-2.6.25.11-vs2.3.0.34.14/kernel/sched_hard.h
17395 --- linux-2.6.25.11/kernel/sched_hard.h 1969-12-31 19:00:00.000000000 -0500
17396 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/sched_hard.h 2008-04-19 15:14:52.000000000 -0400
17399 +#ifdef CONFIG_VSERVER_IDLELIMIT
17402 + * vx_idle_resched - reschedule after maxidle
17405 +void vx_idle_resched(struct rq *rq)
17407 + /* maybe have a better criterion for paused */
17408 + if (!--rq->idle_tokens && !list_empty(&rq->hold_queue))
17409 + set_need_resched();
17412 +#else /* !CONFIG_VSERVER_IDLELIMIT */
17414 +#define vx_idle_resched(rq)
17416 +#endif /* CONFIG_VSERVER_IDLELIMIT */
17420 +#ifdef CONFIG_VSERVER_IDLETIME
17422 +#define vx_set_rq_min_skip(rq, min) \
17423 + (rq)->idle_skip = (min)
17425 +#define vx_save_min_skip(ret, min, val) \
17426 + __vx_save_min_skip(ret, min, val)
17429 +void __vx_save_min_skip(int ret, int *min, int val)
17433 + if ((*min > val) || !*min)
17438 +int vx_try_skip(struct rq *rq, int cpu)
17440 + /* artificially advance time */
17441 + if (rq->idle_skip > 0) {
17442 + vxdprintk(list_empty(&rq->hold_queue),
17443 + "hold queue empty on cpu %d", cpu);
17444 + rq->idle_time += rq->idle_skip;
17445 + vxm_idle_skip(rq, cpu);
17451 +#else /* !CONFIG_VSERVER_IDLETIME */
17453 +#define vx_set_rq_min_skip(rq, min) \
17454 + ({ int dummy = (min); dummy; })
17456 +#define vx_save_min_skip(ret, min, val)
17459 +int vx_try_skip(struct rq *rq, int cpu)
17464 +#endif /* CONFIG_VSERVER_IDLETIME */
17468 +#ifdef CONFIG_VSERVER_HARDCPU
17470 +#define vx_set_rq_max_idle(rq, max) \
17471 + (rq)->idle_tokens = (max)
17473 +#define vx_save_max_idle(ret, min, val) \
17474 + __vx_save_max_idle(ret, min, val)
17477 +void __vx_save_max_idle(int ret, int *min, int val)
17485 + * vx_hold_task - put a task on the hold queue
17488 +void vx_hold_task(struct task_struct *p, struct rq *rq)
17490 + __deactivate_task(p, rq);
17491 + p->state |= TASK_ONHOLD;
17492 + /* a new one on hold */
17494 + vxm_hold_task(p, rq);
17495 + list_add_tail(&p->run_list, &rq->hold_queue);
17499 + * vx_unhold_task - put a task back to the runqueue
17502 +void vx_unhold_task(struct task_struct *p, struct rq *rq)
17504 + list_del(&p->run_list);
17505 + /* one less waiting */
17507 + p->state &= ~TASK_ONHOLD;
17508 + enqueue_task(p, rq->expired);
17509 + inc_nr_running(p, rq);
17510 + vxm_unhold_task(p, rq);
17512 + if (p->static_prio < rq->best_expired_prio)
17513 + rq->best_expired_prio = p->static_prio;
17516 +unsigned long nr_onhold(void)
17518 + unsigned long i, sum = 0;
17520 + for_each_online_cpu(i)
17521 + sum += cpu_rq(i)->nr_onhold;
17529 +int __vx_tokens_avail(struct _vx_sched_pc *sched_pc)
17531 + return sched_pc->tokens;
17535 +void __vx_consume_token(struct _vx_sched_pc *sched_pc)
17537 + sched_pc->tokens--;
17541 +int vx_need_resched(struct task_struct *p, int slice, int cpu)
17543 + struct vx_info *vxi = p->vx_info;
17545 + if (vx_info_flags(vxi, VXF_SCHED_HARD|VXF_SCHED_PRIO, 0)) {
17546 + struct _vx_sched_pc *sched_pc =
17547 + &vx_per_cpu(vxi, sched_pc, cpu);
17550 + /* maybe we can simplify that to decrement
17551 + the token counter unconditional? */
17553 + if ((tokens = __vx_tokens_avail(sched_pc)) > 0)
17554 + __vx_consume_token(sched_pc);
17556 + /* for tokens > 0, one token was consumed */
17560 + vxm_need_resched(p, slice, cpu);
17561 + return (slice == 0);
17565 +#define vx_set_rq_time(rq, time) do { \
17566 + rq->norm_time = time; \
17571 +void vx_try_unhold(struct rq *rq, int cpu)
17573 + struct vx_info *vxi = NULL;
17574 + struct list_head *l, *n;
17575 + int maxidle = HZ;
17578 + /* nothing to do? what about pause? */
17579 + if (list_empty(&rq->hold_queue))
17582 + list_for_each_safe(l, n, &rq->hold_queue) {
17583 + int ret, delta_min[2];
17584 + struct _vx_sched_pc *sched_pc;
17585 + struct task_struct *p;
17587 + p = list_entry(l, struct task_struct, run_list);
17588 + /* don't bother with same context */
17589 + if (vxi == p->vx_info)
17592 + vxi = p->vx_info;
17593 + /* ignore paused contexts */
17594 + if (vx_info_flags(vxi, VXF_SCHED_PAUSE, 0))
17597 + sched_pc = &vx_per_cpu(vxi, sched_pc, cpu);
17599 + /* recalc tokens */
17600 + vxm_sched_info(sched_pc, vxi, cpu);
17601 + ret = vx_tokens_recalc(sched_pc,
17602 + &rq->norm_time, &rq->idle_time, delta_min);
17603 + vxm_tokens_recalc(sched_pc, rq, vxi, cpu);
17606 + /* we found a runable context */
17607 + vx_unhold_task(p, rq);
17610 + vx_save_max_idle(ret, &maxidle, delta_min[0]);
17611 + vx_save_min_skip(ret, &minskip, delta_min[1]);
17613 + vx_set_rq_max_idle(rq, maxidle);
17614 + vx_set_rq_min_skip(rq, minskip);
17615 + vxm_rq_max_min(rq, cpu);
17620 +int vx_schedule(struct task_struct *next, struct rq *rq, int cpu)
17622 + struct vx_info *vxi = next->vx_info;
17623 + struct _vx_sched_pc *sched_pc;
17624 + int delta_min[2];
17630 + flags = vxi->vx_flags;
17632 + if (unlikely(vs_check_flags(flags, VXF_SCHED_PAUSE, 0)))
17633 + goto put_on_hold;
17634 + if (!vs_check_flags(flags, VXF_SCHED_HARD | VXF_SCHED_PRIO, 0))
17637 + sched_pc = &vx_per_cpu(vxi, sched_pc, cpu);
17639 + /* update scheduler params */
17640 + if (cpu_isset(cpu, vxi->sched.update)) {
17641 + vx_update_sched_param(&vxi->sched, sched_pc);
17642 + vxm_update_sched(sched_pc, vxi, cpu);
17643 + cpu_clear(cpu, vxi->sched.update);
17646 + vxm_sched_info(sched_pc, vxi, cpu);
17647 + ret = vx_tokens_recalc(sched_pc,
17648 + &rq->norm_time, &rq->idle_time, delta_min);
17649 + vxm_tokens_recalc(sched_pc, rq, vxi, cpu);
17651 + if (!vs_check_flags(flags, VXF_SCHED_HARD, 0))
17654 + if (unlikely(ret < 0)) {
17655 + vx_save_max_idle(ret, &rq->idle_tokens, delta_min[0]);
17656 + vx_save_min_skip(ret, &rq->idle_skip, delta_min[1]);
17657 + vxm_rq_max_min(rq, cpu);
17659 + vx_hold_task(next, rq);
17666 +#else /* CONFIG_VSERVER_HARDCPU */
17669 +void vx_hold_task(struct task_struct *p, struct rq *rq)
17675 +void vx_unhold_task(struct task_struct *p, struct rq *rq)
17680 +unsigned long nr_onhold(void)
17687 +int vx_need_resched(struct task_struct *p, int slice, int cpu)
17689 + return (slice == 0);
17693 +#define vx_set_rq_time(rq, time)
17696 +void vx_try_unhold(struct rq *rq, int cpu)
17702 +int vx_schedule(struct task_struct *next, struct rq *rq, int cpu)
17704 + struct vx_info *vxi = next->vx_info;
17705 + struct _vx_sched_pc *sched_pc;
17706 + int delta_min[2];
17709 + if (!vx_info_flags(vxi, VXF_SCHED_PRIO, 0))
17712 + sched_pc = &vx_per_cpu(vxi, sched_pc, cpu);
17713 + vxm_sched_info(sched_pc, vxi, cpu);
17714 + ret = vx_tokens_recalc(sched_pc,
17715 + &rq->norm_time, &rq->idle_time, delta_min);
17716 + vxm_tokens_recalc(sched_pc, rq, vxi, cpu);
17720 +#endif /* CONFIG_VSERVER_HARDCPU */
17722 diff -NurpP --minimal linux-2.6.25.11/kernel/sched_mon.h linux-2.6.25.11-vs2.3.0.34.14/kernel/sched_mon.h
17723 --- linux-2.6.25.11/kernel/sched_mon.h 1969-12-31 19:00:00.000000000 -0500
17724 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/sched_mon.h 2008-04-19 15:14:52.000000000 -0400
17727 +#include <linux/vserver/monitor.h>
17729 +#ifdef CONFIG_VSERVER_MONITOR
17731 +#ifdef CONFIG_VSERVER_HARDCPU
17732 +#define HARDCPU(x) (x)
17734 +#define HARDCPU(x) (0)
17737 +#ifdef CONFIG_VSERVER_IDLETIME
17738 +#define IDLETIME(x) (x)
17740 +#define IDLETIME(x) (0)
17743 +struct _vx_mon_entry *vxm_advance(int cpu);
17747 +void __vxm_basic(struct _vx_mon_entry *entry, xid_t xid, int type)
17749 + entry->type = type;
17750 + entry->xid = xid;
17754 +void __vxm_sync(int cpu)
17756 + struct _vx_mon_entry *entry = vxm_advance(cpu);
17758 + __vxm_basic(entry, 0, VXM_SYNC);
17759 + entry->ev.sec = xtime.tv_sec;
17760 + entry->ev.nsec = xtime.tv_nsec;
17764 +void __vxm_task(struct task_struct *p, int type)
17766 + struct _vx_mon_entry *entry = vxm_advance(task_cpu(p));
17768 + __vxm_basic(entry, p->xid, type);
17769 + entry->ev.tsk.pid = p->pid;
17770 + entry->ev.tsk.state = p->state;
17774 +void __vxm_sched(struct _vx_sched_pc *s, struct vx_info *vxi, int cpu)
17776 + struct _vx_mon_entry *entry = vxm_advance(cpu);
17778 + __vxm_basic(entry, vxi->vx_id, (VXM_SCHED | s->flags));
17779 + entry->sd.tokens = s->tokens;
17780 + entry->sd.norm_time = s->norm_time;
17781 + entry->sd.idle_time = s->idle_time;
17785 +void __vxm_rqinfo1(struct rq *q, int cpu)
17787 + struct _vx_mon_entry *entry = vxm_advance(cpu);
17789 + entry->type = VXM_RQINFO_1;
17790 + entry->xid = ((unsigned long)q >> 16) & 0xffff;
17791 + entry->q1.running = q->nr_running;
17792 + entry->q1.onhold = HARDCPU(q->nr_onhold);
17793 + entry->q1.iowait = atomic_read(&q->nr_iowait);
17794 + entry->q1.uintr = q->nr_uninterruptible;
17795 + entry->q1.idle_tokens = IDLETIME(q->idle_tokens);
17799 +void __vxm_rqinfo2(struct rq *q, int cpu)
17801 + struct _vx_mon_entry *entry = vxm_advance(cpu);
17803 + entry->type = VXM_RQINFO_2;
17804 + entry->xid = (unsigned long)q & 0xffff;
17805 + entry->q2.norm_time = q->norm_time;
17806 + entry->q2.idle_time = q->idle_time;
17807 + entry->q2.idle_skip = IDLETIME(q->idle_skip);
17811 +void __vxm_update(struct _vx_sched_pc *s, struct vx_info *vxi, int cpu)
17813 + struct _vx_mon_entry *entry = vxm_advance(cpu);
17815 + __vxm_basic(entry, vxi->vx_id, VXM_UPDATE);
17816 + entry->ev.tokens = s->tokens;
17820 +void __vxm_update1(struct _vx_sched_pc *s, struct vx_info *vxi, int cpu)
17822 + struct _vx_mon_entry *entry = vxm_advance(cpu);
17824 + __vxm_basic(entry, vxi->vx_id, VXM_UPDATE_1);
17825 + entry->u1.tokens_max = s->tokens_max;
17826 + entry->u1.fill_rate = s->fill_rate[0];
17827 + entry->u1.interval = s->interval[0];
17831 +void __vxm_update2(struct _vx_sched_pc *s, struct vx_info *vxi, int cpu)
17833 + struct _vx_mon_entry *entry = vxm_advance(cpu);
17835 + __vxm_basic(entry, vxi->vx_id, VXM_UPDATE_2);
17836 + entry->u2.tokens_min = s->tokens_min;
17837 + entry->u2.fill_rate = s->fill_rate[1];
17838 + entry->u2.interval = s->interval[1];
17842 +#define vxm_activate_task(p,q) __vxm_task(p, VXM_ACTIVATE)
17843 +#define vxm_activate_idle(p,q) __vxm_task(p, VXM_IDLE)
17844 +#define vxm_deactivate_task(p,q) __vxm_task(p, VXM_DEACTIVATE)
17845 +#define vxm_hold_task(p,q) __vxm_task(p, VXM_HOLD)
17846 +#define vxm_unhold_task(p,q) __vxm_task(p, VXM_UNHOLD)
17849 +void vxm_migrate_task(struct task_struct *p, struct rq *rq, int dest)
17851 + __vxm_task(p, VXM_MIGRATE);
17852 + __vxm_rqinfo1(rq, task_cpu(p));
17853 + __vxm_rqinfo2(rq, task_cpu(p));
17857 +void vxm_idle_skip(struct rq *rq, int cpu)
17859 + __vxm_rqinfo1(rq, cpu);
17860 + __vxm_rqinfo2(rq, cpu);
17864 +void vxm_need_resched(struct task_struct *p, int slice, int cpu)
17869 + __vxm_task(p, VXM_RESCHED);
17873 +void vxm_sync(unsigned long now, int cpu)
17875 + if (!CONFIG_VSERVER_MONITOR_SYNC ||
17876 + (now % CONFIG_VSERVER_MONITOR_SYNC))
17882 +#define vxm_sched_info(s,v,c) __vxm_sched(s,v,c)
17885 +void vxm_tokens_recalc(struct _vx_sched_pc *s, struct rq *rq,
17886 + struct vx_info *vxi, int cpu)
17888 + __vxm_sched(s, vxi, cpu);
17889 + __vxm_rqinfo2(rq, cpu);
17893 +void vxm_update_sched(struct _vx_sched_pc *s, struct vx_info *vxi, int cpu)
17895 + __vxm_sched(s, vxi, cpu);
17896 + __vxm_update(s, vxi, cpu);
17897 + __vxm_update1(s, vxi, cpu);
17898 + __vxm_update2(s, vxi, cpu);
17902 +void vxm_rq_max_min(struct rq *rq, int cpu)
17904 + __vxm_rqinfo1(rq, cpu);
17905 + __vxm_rqinfo2(rq, cpu);
17908 +#else /* CONFIG_VSERVER_MONITOR */
17910 +#define vxm_activate_task(t,q) do { } while (0)
17911 +#define vxm_activate_idle(t,q) do { } while (0)
17912 +#define vxm_deactivate_task(t,q) do { } while (0)
17913 +#define vxm_hold_task(t,q) do { } while (0)
17914 +#define vxm_unhold_task(t,q) do { } while (0)
17915 +#define vxm_migrate_task(t,q,d) do { } while (0)
17916 +#define vxm_idle_skip(q,c) do { } while (0)
17917 +#define vxm_need_resched(t,s,c) do { } while (0)
17918 +#define vxm_sync(s,c) do { } while (0)
17919 +#define vxm_sched_info(s,v,c) do { } while (0)
17920 +#define vxm_tokens_recalc(s,q,v,c) do { } while (0)
17921 +#define vxm_update_sched(s,v,c) do { } while (0)
17922 +#define vxm_rq_max_min(q,c) do { } while (0)
17924 +#endif /* CONFIG_VSERVER_MONITOR */
17926 diff -NurpP --minimal linux-2.6.25.11/kernel/signal.c linux-2.6.25.11-vs2.3.0.34.14/kernel/signal.c
17927 --- linux-2.6.25.11/kernel/signal.c 2008-04-17 12:05:44.000000000 -0400
17928 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/signal.c 2008-07-11 12:42:23.000000000 -0400
17930 #include <linux/freezer.h>
17931 #include <linux/pid_namespace.h>
17932 #include <linux/nsproxy.h>
17933 +#include <linux/vs_context.h>
17934 +#include <linux/vs_pid.h>
17936 #include <asm/param.h>
17937 #include <asm/uaccess.h>
17938 @@ -530,6 +532,14 @@ static int check_kill_permission(int sig
17939 if (!valid_signal(sig))
17942 + if ((info != SEND_SIG_NOINFO) &&
17943 + (is_si_special(info) || !SI_FROMUSER(info)))
17946 + vxdprintk(VXD_CBIT(misc, 7),
17947 + "check_kill_permission(%d,%p,%p[#%u,%u])",
17948 + sig, info, t, vx_task_xid(t), t->pid);
17950 if (info == SEND_SIG_NOINFO || (!is_si_special(info) && SI_FROMUSER(info))) {
17951 error = audit_signal_info(sig, t); /* Let audit system see the signal */
17953 @@ -543,6 +553,18 @@ static int check_kill_permission(int sig
17958 + if (t->pid == 1 && current->xid)
17962 + if (!vx_check(vx_task_xid(t), VS_WATCH_P | VS_IDENT)) {
17963 + vxdprintk(current->xid || VXD_CBIT(misc, 7),
17964 + "signal %d[%p] xid mismatch %p[#%u,%u] xid=#%u",
17965 + sig, info, t, vx_task_xid(t), t->pid, current->xid);
17969 return security_task_kill(t, info, sig, 0);
17972 @@ -1048,7 +1070,7 @@ int kill_pid_info(int sig, struct siginf
17975 p = pid_task(pid, PIDTYPE_PID);
17977 + if (p && vx_check(vx_task_xid(p), VS_WATCH | VS_IDENT)) {
17978 error = group_send_sig_info(sig, info, p);
17979 if (unlikely(error == -ESRCH))
17981 @@ -1088,7 +1110,7 @@ int kill_pid_info_as_uid(int sig, struct
17983 read_lock(&tasklist_lock);
17984 p = pid_task(pid, PIDTYPE_PID);
17986 + if (!p || !vx_check(vx_task_xid(p), VS_IDENT)) {
17990 @@ -1140,7 +1162,9 @@ static int kill_something_info(int sig,
17991 struct task_struct * p;
17993 for_each_process(p) {
17994 - if (p->pid > 1 && !same_thread_group(p, current)) {
17995 + if (vx_check(vx_task_xid(p), VS_ADMIN|VS_IDENT) &&
17996 + p->pid > 1 && !same_thread_group(p, current) &&
17997 + !vx_current_initpid(p->pid)) {
17998 int err = group_send_sig_info(sig, info, p);
18001 @@ -1842,6 +1866,11 @@ relock:
18002 if (is_global_init(current))
18005 + /* virtual init is protected against user signals */
18006 + if ((info->si_code == SI_USER) &&
18007 + vx_current_initpid(current->pid))
18010 if (sig_kernel_stop(signr)) {
18012 * The default action is to stop all threads in
18013 diff -NurpP --minimal linux-2.6.25.11/kernel/softirq.c linux-2.6.25.11-vs2.3.0.34.14/kernel/softirq.c
18014 --- linux-2.6.25.11/kernel/softirq.c 2008-04-17 12:05:44.000000000 -0400
18015 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/softirq.c 2008-04-19 15:14:52.000000000 -0400
18017 #include <linux/rcupdate.h>
18018 #include <linux/smp.h>
18019 #include <linux/tick.h>
18020 +#include <linux/vs_context.h>
18022 #include <asm/irq.h>
18024 diff -NurpP --minimal linux-2.6.25.11/kernel/sys.c linux-2.6.25.11-vs2.3.0.34.14/kernel/sys.c
18025 --- linux-2.6.25.11/kernel/sys.c 2008-04-17 12:05:44.000000000 -0400
18026 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/sys.c 2008-04-19 15:14:52.000000000 -0400
18028 #include <linux/syscalls.h>
18029 #include <linux/kprobes.h>
18030 #include <linux/user_namespace.h>
18031 +#include <linux/vs_pid.h>
18033 #include <asm/uaccess.h>
18034 #include <asm/io.h>
18035 @@ -116,7 +117,10 @@ static int set_one_prio(struct task_stru
18038 if (niceval < task_nice(p) && !can_nice(p, niceval)) {
18040 + if (vx_flags(VXF_IGNEG_NICE, 0))
18046 no_nice = security_task_setnice(p, niceval);
18047 @@ -164,6 +168,8 @@ asmlinkage long sys_setpriority(int whic
18049 pgrp = task_pgrp(current);
18050 do_each_pid_task(pgrp, PIDTYPE_PGID, p) {
18051 + if (!vx_check(p->xid, VS_ADMIN_P | VS_IDENT))
18053 error = set_one_prio(p, niceval, error);
18054 } while_each_pid_task(pgrp, PIDTYPE_PGID, p);
18056 @@ -224,6 +230,8 @@ asmlinkage long sys_getpriority(int whic
18058 pgrp = task_pgrp(current);
18059 do_each_pid_task(pgrp, PIDTYPE_PGID, p) {
18060 + if (!vx_check(p->xid, VS_ADMIN_P | VS_IDENT))
18062 niceval = 20 - task_nice(p);
18063 if (niceval > retval)
18065 @@ -353,6 +361,9 @@ void kernel_power_off(void)
18066 machine_power_off();
18068 EXPORT_SYMBOL_GPL(kernel_power_off);
18070 +long vs_reboot(unsigned int, void __user *);
18073 * Reboot system call: for obvious reasons only root may call it,
18074 * and even root needs to set up some magic numbers in the registers
18075 @@ -383,6 +394,9 @@ asmlinkage long sys_reboot(int magic1, i
18076 if ((cmd == LINUX_REBOOT_CMD_POWER_OFF) && !pm_power_off)
18077 cmd = LINUX_REBOOT_CMD_HALT;
18079 + if (!vx_check(0, VS_ADMIN|VS_WATCH))
18080 + return vs_reboot(cmd, arg);
18084 case LINUX_REBOOT_CMD_RESTART:
18085 @@ -1343,7 +1357,7 @@ asmlinkage long sys_sethostname(char __u
18087 char tmp[__NEW_UTS_LEN];
18089 - if (!capable(CAP_SYS_ADMIN))
18090 + if (!vx_capable(CAP_SYS_ADMIN, VXC_SET_UTSNAME))
18092 if (len < 0 || len > __NEW_UTS_LEN)
18094 @@ -1388,7 +1402,7 @@ asmlinkage long sys_setdomainname(char _
18096 char tmp[__NEW_UTS_LEN];
18098 - if (!capable(CAP_SYS_ADMIN))
18099 + if (!vx_capable(CAP_SYS_ADMIN, VXC_SET_UTSNAME))
18101 if (len < 0 || len > __NEW_UTS_LEN)
18103 @@ -1455,7 +1469,7 @@ asmlinkage long sys_setrlimit(unsigned i
18105 old_rlim = current->signal->rlim + resource;
18106 if ((new_rlim.rlim_max > old_rlim->rlim_max) &&
18107 - !capable(CAP_SYS_RESOURCE))
18108 + !vx_capable(CAP_SYS_RESOURCE, VXC_SET_RLIMIT))
18110 if (resource == RLIMIT_NOFILE && new_rlim.rlim_max > sysctl_nr_open)
18112 diff -NurpP --minimal linux-2.6.25.11/kernel/sysctl.c linux-2.6.25.11-vs2.3.0.34.14/kernel/sysctl.c
18113 --- linux-2.6.25.11/kernel/sysctl.c 2008-04-17 12:05:44.000000000 -0400
18114 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/sysctl.c 2008-04-19 15:14:52.000000000 -0400
18115 @@ -107,6 +107,7 @@ static int ngroups_max = NGROUPS_MAX;
18117 extern char modprobe_path[];
18119 +extern char vshelper_path[];
18120 #ifdef CONFIG_CHR_DEV_SG
18121 extern int sg_big_buff;
18123 @@ -492,6 +493,15 @@ static struct ctl_table kern_table[] = {
18124 .strategy = &sysctl_string,
18128 + .ctl_name = KERN_VSHELPER,
18129 + .procname = "vshelper",
18130 + .data = &vshelper_path,
18133 + .proc_handler = &proc_dostring,
18134 + .strategy = &sysctl_string,
18136 #ifdef CONFIG_CHR_DEV_SG
18138 .ctl_name = KERN_SG_BIG_BUFF,
18139 diff -NurpP --minimal linux-2.6.25.11/kernel/sysctl_check.c linux-2.6.25.11-vs2.3.0.34.14/kernel/sysctl_check.c
18140 --- linux-2.6.25.11/kernel/sysctl_check.c 2008-04-17 12:05:44.000000000 -0400
18141 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/sysctl_check.c 2008-04-21 13:42:56.000000000 -0400
18142 @@ -39,6 +39,7 @@ static const struct trans_ctl_table tran
18144 { KERN_PANIC, "panic" },
18145 { KERN_REALROOTDEV, "real-root-dev" },
18146 + { KERN_VSHELPER, "vshelper", },
18148 { KERN_SPARC_REBOOT, "reboot-cmd" },
18149 { KERN_CTLALTDEL, "ctrl-alt-del" },
18150 @@ -1217,6 +1218,22 @@ static const struct trans_ctl_table tran
18154 +static struct trans_ctl_table trans_vserver_table[] = {
18155 + { 1, "debug_switch" },
18156 + { 2, "debug_xid" },
18157 + { 3, "debug_nid" },
18158 + { 4, "debug_tag" },
18159 + { 5, "debug_net" },
18160 + { 6, "debug_limit" },
18161 + { 7, "debug_cres" },
18162 + { 8, "debug_dlim" },
18163 + { 9, "debug_quota" },
18164 + { 10, "debug_cvirt" },
18165 + { 11, "debug_space" },
18166 + { 12, "debug_misc" },
18170 static const struct trans_ctl_table trans_root_table[] = {
18171 { CTL_KERN, "kernel", trans_kern_table },
18172 { CTL_VM, "vm", trans_vm_table },
18173 @@ -1233,6 +1250,7 @@ static const struct trans_ctl_table tran
18174 { CTL_SUNRPC, "sunrpc", trans_sunrpc_table },
18175 { CTL_PM, "pm", trans_pm_table },
18176 { CTL_FRV, "frv", trans_frv_table },
18177 + { CTL_VSERVER, "vserver", trans_vserver_table },
18181 diff -NurpP --minimal linux-2.6.25.11/kernel/time.c linux-2.6.25.11-vs2.3.0.34.14/kernel/time.c
18182 --- linux-2.6.25.11/kernel/time.c 2008-04-17 12:05:44.000000000 -0400
18183 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/time.c 2008-04-19 15:14:52.000000000 -0400
18184 @@ -60,6 +60,7 @@ EXPORT_SYMBOL(sys_tz);
18185 asmlinkage long sys_time(time_t __user * tloc)
18187 time_t i = get_seconds();
18188 +/* FIXME: do_gettimeofday(&tv) -> vx_gettimeofday(&tv) */
18191 if (put_user(i,tloc))
18192 @@ -89,7 +90,7 @@ asmlinkage long sys_stime(time_t __user
18196 - do_settimeofday(&tv);
18197 + vx_settimeofday(&tv);
18201 @@ -100,7 +101,7 @@ asmlinkage long sys_gettimeofday(struct
18203 if (likely(tv != NULL)) {
18204 struct timeval ktv;
18205 - do_gettimeofday(&ktv);
18206 + vx_gettimeofday(&ktv);
18207 if (copy_to_user(tv, &ktv, sizeof(ktv)))
18210 @@ -175,7 +176,7 @@ int do_sys_settimeofday(struct timespec
18211 /* SMP safe, again the code in arch/foo/time.c should
18212 * globally block out interrupts when it runs.
18214 - return do_settimeofday(tv);
18215 + return vx_settimeofday(tv);
18219 @@ -307,7 +308,7 @@ void getnstimeofday(struct timespec *tv)
18223 - do_gettimeofday(&x);
18224 + vx_gettimeofday(&x);
18225 tv->tv_sec = x.tv_sec;
18226 tv->tv_nsec = x.tv_usec * NSEC_PER_USEC;
18228 diff -NurpP --minimal linux-2.6.25.11/kernel/timer.c linux-2.6.25.11-vs2.3.0.34.14/kernel/timer.c
18229 --- linux-2.6.25.11/kernel/timer.c 2008-04-17 12:05:44.000000000 -0400
18230 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/timer.c 2008-04-19 15:14:52.000000000 -0400
18232 #include <linux/delay.h>
18233 #include <linux/tick.h>
18234 #include <linux/kallsyms.h>
18235 +#include <linux/vs_base.h>
18236 +#include <linux/vs_cvirt.h>
18237 +#include <linux/vs_pid.h>
18238 +#include <linux/vserver/sched.h>
18240 #include <asm/uaccess.h>
18241 #include <asm/unistd.h>
18242 @@ -955,12 +959,6 @@ asmlinkage unsigned long sys_alarm(unsig
18249 - * The Alpha uses getxpid, getxuid, and getxgid instead. Maybe this
18250 - * should be moved into arch/i386 instead?
18254 * sys_getpid - return the thread group id of the current process
18255 @@ -989,10 +987,23 @@ asmlinkage long sys_getppid(void)
18257 pid = task_tgid_vnr(current->real_parent);
18259 + return vx_map_pid(pid);
18266 + * The Alpha uses getxpid, getxuid, and getxgid instead.
18269 +asmlinkage long do_getxpid(long *ppid)
18271 + *ppid = sys_getppid();
18272 + return sys_getpid();
18275 +#else /* _alpha_ */
18277 asmlinkage long sys_getuid(void)
18279 /* Only we change this so SMP safe */
18280 @@ -1160,6 +1171,8 @@ int do_sysinfo(struct sysinfo *info)
18281 tp.tv_nsec = tp.tv_nsec - NSEC_PER_SEC;
18284 + if (vx_flags(VXF_VIRT_UPTIME, 0))
18285 + vx_vsi_uptime(&tp, NULL);
18286 info->uptime = tp.tv_sec + (tp.tv_nsec ? 1 : 0);
18288 info->loads[0] = avenrun[0] << (SI_LOAD_SHIFT - FSHIFT);
18289 diff -NurpP --minimal linux-2.6.25.11/kernel/user.c linux-2.6.25.11-vs2.3.0.34.14/kernel/user.c
18290 --- linux-2.6.25.11/kernel/user.c 2008-04-17 12:05:44.000000000 -0400
18291 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/user.c 2008-04-23 16:24:56.000000000 -0400
18292 @@ -219,14 +219,15 @@ static struct kobj_type uids_ktype = {
18295 /* create /sys/kernel/uids/<uid>/cpu_share file for this user */
18296 -static int uids_user_create(struct user_struct *up)
18297 +static int uids_user_create(struct user_namespace *ns, struct user_struct *up)
18299 struct kobject *kobj = &up->kobj;
18302 memset(kobj, 0, sizeof(struct kobject));
18303 kobj->kset = uids_kset;
18304 - error = kobject_init_and_add(kobj, &uids_ktype, NULL, "%d", up->uid);
18305 + error = kobject_init_and_add(kobj, &uids_ktype, NULL,
18306 + "%p:%d", ns, up->uid);
18310 @@ -248,7 +249,7 @@ int __init uids_sysfs_init(void)
18314 - return uids_user_create(&root_user);
18315 + return uids_user_create(NULL, &root_user);
18318 /* work function to remove sysfs directory for a user and free up
18319 @@ -308,7 +309,8 @@ static inline void free_user(struct user
18320 #else /* CONFIG_USER_SCHED && CONFIG_SYSFS */
18322 int uids_sysfs_init(void) { return 0; }
18323 -static inline int uids_user_create(struct user_struct *up) { return 0; }
18324 +static inline int uids_user_create(struct user_namespace *ns,
18325 + struct user_struct *up) { return 0; }
18326 static inline void uids_mutex_lock(void) { }
18327 static inline void uids_mutex_unlock(void) { }
18329 @@ -399,7 +401,7 @@ struct user_struct * alloc_uid(struct us
18330 if (sched_create_user(new) < 0)
18333 - if (uids_user_create(new))
18334 + if (uids_user_create(ns, new))
18335 goto out_destoy_sched;
18338 diff -NurpP --minimal linux-2.6.25.11/kernel/user_namespace.c linux-2.6.25.11-vs2.3.0.34.14/kernel/user_namespace.c
18339 --- linux-2.6.25.11/kernel/user_namespace.c 2008-04-17 12:05:44.000000000 -0400
18340 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/user_namespace.c 2008-04-19 15:14:52.000000000 -0400
18342 #include <linux/version.h>
18343 #include <linux/nsproxy.h>
18344 #include <linux/user_namespace.h>
18345 +#include <linux/vserver/global.h>
18348 * Clone a new ns copying an original user ns, setting refcount to 1
18349 @@ -26,6 +27,7 @@ static struct user_namespace *clone_user
18350 return ERR_PTR(-ENOMEM);
18352 kref_init(&ns->kref);
18353 + atomic_inc(&vs_global_user_ns);
18355 for (n = 0; n < UIDHASH_SZ; ++n)
18356 INIT_HLIST_HEAD(ns->uidhash_table + n);
18357 @@ -71,5 +73,6 @@ void free_user_ns(struct kref *kref)
18359 ns = container_of(kref, struct user_namespace, kref);
18361 + atomic_dec(&vs_global_user_ns);
18364 diff -NurpP --minimal linux-2.6.25.11/kernel/utsname.c linux-2.6.25.11-vs2.3.0.34.14/kernel/utsname.c
18365 --- linux-2.6.25.11/kernel/utsname.c 2008-04-17 10:37:25.000000000 -0400
18366 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/utsname.c 2008-04-19 15:14:52.000000000 -0400
18368 #include <linux/utsname.h>
18369 #include <linux/version.h>
18370 #include <linux/err.h>
18371 +#include <linux/vserver/global.h>
18374 * Clone a new ns copying an original utsname, setting refcount to 1
18375 @@ -32,6 +33,7 @@ static struct uts_namespace *clone_uts_n
18376 memcpy(&ns->name, &old_ns->name, sizeof(ns->name));
18378 kref_init(&ns->kref);
18379 + atomic_inc(&vs_global_uts_ns);
18383 @@ -62,5 +64,6 @@ void free_uts_ns(struct kref *kref)
18384 struct uts_namespace *ns;
18386 ns = container_of(kref, struct uts_namespace, kref);
18387 + atomic_dec(&vs_global_uts_ns);
18390 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/cacct.c linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/cacct.c
18391 --- linux-2.6.25.11/kernel/vserver/cacct.c 1969-12-31 19:00:00.000000000 -0500
18392 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/cacct.c 2008-04-19 15:14:52.000000000 -0400
18395 + * linux/kernel/vserver/cacct.c
18397 + * Virtual Server: Context Accounting
18399 + * Copyright (C) 2006-2007 Herbert Pötzl
18401 + * V0.01 added accounting stats
18405 +#include <linux/types.h>
18406 +#include <linux/vs_context.h>
18407 +#include <linux/vserver/cacct_cmd.h>
18408 +#include <linux/vserver/cacct_int.h>
18410 +#include <asm/errno.h>
18411 +#include <asm/uaccess.h>
18414 +int vc_sock_stat(struct vx_info *vxi, void __user *data)
18416 + struct vcmd_sock_stat_v0 vc_data;
18419 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
18422 + field = vc_data.field;
18423 + if ((field < 0) || (field >= VXA_SOCK_SIZE))
18426 + for (j = 0; j < 3; j++) {
18427 + vc_data.count[j] = vx_sock_count(&vxi->cacct, field, j);
18428 + vc_data.total[j] = vx_sock_total(&vxi->cacct, field, j);
18431 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
18436 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/cacct_init.h linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/cacct_init.h
18437 --- linux-2.6.25.11/kernel/vserver/cacct_init.h 1969-12-31 19:00:00.000000000 -0500
18438 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/cacct_init.h 2008-04-19 15:14:52.000000000 -0400
18442 +static inline void vx_info_init_cacct(struct _vx_cacct *cacct)
18447 + for (i = 0; i < VXA_SOCK_SIZE; i++) {
18448 + for (j = 0; j < 3; j++) {
18449 + atomic_set(&cacct->sock[i][j].count, 0);
18450 + atomic_set(&cacct->sock[i][j].total, 0);
18453 + for (i = 0; i < 8; i++)
18454 + atomic_set(&cacct->slab[i], 0);
18455 + for (i = 0; i < 5; i++)
18456 + for (j = 0; j < 4; j++)
18457 + atomic_set(&cacct->page[i][j], 0);
18460 +static inline void vx_info_exit_cacct(struct _vx_cacct *cacct)
18465 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/cacct_proc.h linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/cacct_proc.h
18466 --- linux-2.6.25.11/kernel/vserver/cacct_proc.h 1969-12-31 19:00:00.000000000 -0500
18467 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/cacct_proc.h 2008-04-19 15:14:52.000000000 -0400
18469 +#ifndef _VX_CACCT_PROC_H
18470 +#define _VX_CACCT_PROC_H
18472 +#include <linux/vserver/cacct_int.h>
18475 +#define VX_SOCKA_TOP \
18476 + "Type\t recv #/bytes\t\t send #/bytes\t\t fail #/bytes\n"
18478 +static inline int vx_info_proc_cacct(struct _vx_cacct *cacct, char *buffer)
18480 + int i, j, length = 0;
18481 + static char *type[VXA_SOCK_SIZE] = {
18482 + "UNSPEC", "UNIX", "INET", "INET6", "PACKET", "OTHER"
18485 + length += sprintf(buffer + length, VX_SOCKA_TOP);
18486 + for (i = 0; i < VXA_SOCK_SIZE; i++) {
18487 + length += sprintf(buffer + length, "%s:", type[i]);
18488 + for (j = 0; j < 3; j++) {
18489 + length += sprintf(buffer + length,
18490 + "\t%10lu/%-10lu",
18491 + vx_sock_count(cacct, i, j),
18492 + vx_sock_total(cacct, i, j));
18494 + buffer[length++] = '\n';
18497 + length += sprintf(buffer + length, "\n");
18498 + length += sprintf(buffer + length,
18499 + "slab:\t %8u %8u %8u %8u\n",
18500 + atomic_read(&cacct->slab[1]),
18501 + atomic_read(&cacct->slab[4]),
18502 + atomic_read(&cacct->slab[0]),
18503 + atomic_read(&cacct->slab[2]));
18505 + length += sprintf(buffer + length, "\n");
18506 + for (i = 0; i < 5; i++) {
18507 + length += sprintf(buffer + length,
18508 + "page[%d]: %8u %8u %8u %8u\t %8u %8u %8u %8u\n", i,
18509 + atomic_read(&cacct->page[i][0]),
18510 + atomic_read(&cacct->page[i][1]),
18511 + atomic_read(&cacct->page[i][2]),
18512 + atomic_read(&cacct->page[i][3]),
18513 + atomic_read(&cacct->page[i][4]),
18514 + atomic_read(&cacct->page[i][5]),
18515 + atomic_read(&cacct->page[i][6]),
18516 + atomic_read(&cacct->page[i][7]));
18521 +#endif /* _VX_CACCT_PROC_H */
18522 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/context.c linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/context.c
18523 --- linux-2.6.25.11/kernel/vserver/context.c 1969-12-31 19:00:00.000000000 -0500
18524 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/context.c 2008-07-16 00:35:54.000000000 -0400
18527 + * linux/kernel/vserver/context.c
18529 + * Virtual Server: Context Support
18531 + * Copyright (C) 2003-2007 Herbert Pötzl
18533 + * V0.01 context helper
18534 + * V0.02 vx_ctx_kill syscall command
18535 + * V0.03 replaced context_info calls
18536 + * V0.04 redesign of struct (de)alloc
18537 + * V0.05 rlimit basic implementation
18538 + * V0.06 task_xid and info commands
18539 + * V0.07 context flags and caps
18540 + * V0.08 switch to RCU based hash
18541 + * V0.09 revert to non RCU for now
18542 + * V0.10 and back to working RCU hash
18543 + * V0.11 and back to locking again
18544 + * V0.12 referenced context store
18545 + * V0.13 separate per cpu data
18546 + * V0.14 changed vcmds to vxi arg
18547 + * V0.15 added context stat
18548 + * V0.16 have __create claim() the vxi
18549 + * V0.17 removed older and legacy stuff
18553 +#include <linux/slab.h>
18554 +#include <linux/types.h>
18555 +#include <linux/security.h>
18556 +#include <linux/pid_namespace.h>
18558 +#include <linux/vserver/context.h>
18559 +#include <linux/vserver/network.h>
18560 +#include <linux/vserver/debug.h>
18561 +#include <linux/vserver/limit.h>
18562 +#include <linux/vserver/limit_int.h>
18563 +#include <linux/vserver/space.h>
18565 +#include <linux/vs_context.h>
18566 +#include <linux/vs_limit.h>
18567 +#include <linux/vs_pid.h>
18568 +#include <linux/vserver/context_cmd.h>
18570 +#include "cvirt_init.h"
18571 +#include "cacct_init.h"
18572 +#include "limit_init.h"
18573 +#include "sched_init.h"
18576 +atomic_t vx_global_ctotal = ATOMIC_INIT(0);
18577 +atomic_t vx_global_cactive = ATOMIC_INIT(0);
18580 +/* now inactive context structures */
18582 +static struct hlist_head vx_info_inactive = HLIST_HEAD_INIT;
18584 +static spinlock_t vx_info_inactive_lock = SPIN_LOCK_UNLOCKED;
18587 +/* __alloc_vx_info()
18589 + * allocate an initialized vx_info struct
18590 + * doesn't make it visible (hash) */
18592 +static struct vx_info *__alloc_vx_info(xid_t xid)
18594 + struct vx_info *new = NULL;
18597 + vxdprintk(VXD_CBIT(xid, 0), "alloc_vx_info(%d)*", xid);
18599 + /* would this benefit from a slab cache? */
18600 + new = kmalloc(sizeof(struct vx_info), GFP_KERNEL);
18604 + memset(new, 0, sizeof(struct vx_info));
18606 + new->ptr_pc = alloc_percpu(struct _vx_info_pc);
18607 + if (!new->ptr_pc)
18610 + new->vx_id = xid;
18611 + INIT_HLIST_NODE(&new->vx_hlist);
18612 + atomic_set(&new->vx_usecnt, 0);
18613 + atomic_set(&new->vx_tasks, 0);
18614 + new->vx_parent = NULL;
18615 + new->vx_state = 0;
18616 + init_waitqueue_head(&new->vx_wait);
18618 + /* prepare reaper */
18619 + get_task_struct(init_pid_ns.child_reaper);
18620 + new->vx_reaper = init_pid_ns.child_reaper;
18621 + new->vx_badness_bias = 0;
18623 + /* rest of init goes here */
18624 + vx_info_init_limit(&new->limit);
18625 + vx_info_init_sched(&new->sched);
18626 + vx_info_init_cvirt(&new->cvirt);
18627 + vx_info_init_cacct(&new->cacct);
18629 + /* per cpu data structures */
18630 + for_each_possible_cpu(cpu) {
18631 + vx_info_init_sched_pc(
18632 + &vx_per_cpu(new, sched_pc, cpu), cpu);
18633 + vx_info_init_cvirt_pc(
18634 + &vx_per_cpu(new, cvirt_pc, cpu), cpu);
18637 + new->vx_flags = VXF_INIT_SET;
18638 + cap_set_init_eff(new->vx_bcaps);
18639 + new->vx_ccaps = 0;
18640 + // new->vx_cap_bset = current->cap_bset;
18642 + new->reboot_cmd = 0;
18643 + new->exit_code = 0;
18645 + vxdprintk(VXD_CBIT(xid, 0),
18646 + "alloc_vx_info(%d) = %p", xid, new);
18647 + vxh_alloc_vx_info(new);
18648 + atomic_inc(&vx_global_ctotal);
18657 +/* __dealloc_vx_info()
18659 + * final disposal of vx_info */
18661 +static void __dealloc_vx_info(struct vx_info *vxi)
18663 + struct vx_info_save vxis;
18666 + vxdprintk(VXD_CBIT(xid, 0),
18667 + "dealloc_vx_info(%p)", vxi);
18668 + vxh_dealloc_vx_info(vxi);
18670 +#ifdef CONFIG_VSERVER_WARN
18671 + enter_vx_info(vxi, &vxis);
18672 + vx_info_exit_limit(&vxi->limit);
18673 + vx_info_exit_sched(&vxi->sched);
18674 + vx_info_exit_cvirt(&vxi->cvirt);
18675 + vx_info_exit_cacct(&vxi->cacct);
18677 + for_each_possible_cpu(cpu) {
18678 + vx_info_exit_sched_pc(
18679 + &vx_per_cpu(vxi, sched_pc, cpu), cpu);
18680 + vx_info_exit_cvirt_pc(
18681 + &vx_per_cpu(vxi, cvirt_pc, cpu), cpu);
18683 + leave_vx_info(&vxis);
18687 + vxi->vx_state |= VXS_RELEASED;
18690 + free_percpu(vxi->ptr_pc);
18693 + atomic_dec(&vx_global_ctotal);
18696 +static void __shutdown_vx_info(struct vx_info *vxi)
18698 + struct nsproxy *nsproxy;
18699 + struct fs_struct *fs;
18703 + vxi->vx_state |= VXS_SHUTDOWN;
18704 + vs_state_change(vxi, VSC_SHUTDOWN);
18706 + nsproxy = xchg(&vxi->vx_nsproxy, NULL);
18707 + fs = xchg(&vxi->vx_fs, NULL);
18710 + put_nsproxy(nsproxy);
18712 + put_fs_struct(fs);
18715 +/* exported stuff */
18717 +void free_vx_info(struct vx_info *vxi)
18719 + unsigned long flags;
18721 + /* check for reference counts first */
18722 + BUG_ON(atomic_read(&vxi->vx_usecnt));
18723 + BUG_ON(atomic_read(&vxi->vx_tasks));
18725 + /* context must not be hashed */
18726 + BUG_ON(vx_info_state(vxi, VXS_HASHED));
18728 + /* context shutdown is mandatory */
18729 + BUG_ON(!vx_info_state(vxi, VXS_SHUTDOWN));
18731 + BUG_ON(vxi->vx_nsproxy);
18732 + BUG_ON(vxi->vx_fs);
18734 + spin_lock_irqsave(&vx_info_inactive_lock, flags);
18735 + hlist_del(&vxi->vx_hlist);
18736 + spin_unlock_irqrestore(&vx_info_inactive_lock, flags);
18738 + __dealloc_vx_info(vxi);
18742 +/* hash table for vx_info hash */
18744 +#define VX_HASH_SIZE 13
18746 +static struct hlist_head vx_info_hash[VX_HASH_SIZE] =
18747 + { [0 ... VX_HASH_SIZE-1] = HLIST_HEAD_INIT };
18749 +static spinlock_t vx_info_hash_lock = SPIN_LOCK_UNLOCKED;
18752 +static inline unsigned int __hashval(xid_t xid)
18754 + return (xid % VX_HASH_SIZE);
18759 +/* __hash_vx_info()
18761 + * add the vxi to the global hash table
18762 + * requires the hash_lock to be held */
18764 +static inline void __hash_vx_info(struct vx_info *vxi)
18766 + struct hlist_head *head;
18768 + vxd_assert_lock(&vx_info_hash_lock);
18769 + vxdprintk(VXD_CBIT(xid, 4),
18770 + "__hash_vx_info: %p[#%d]", vxi, vxi->vx_id);
18771 + vxh_hash_vx_info(vxi);
18773 + /* context must not be hashed */
18774 + BUG_ON(vx_info_state(vxi, VXS_HASHED));
18776 + vxi->vx_state |= VXS_HASHED;
18777 + head = &vx_info_hash[__hashval(vxi->vx_id)];
18778 + hlist_add_head(&vxi->vx_hlist, head);
18779 + atomic_inc(&vx_global_cactive);
18782 +/* __unhash_vx_info()
18784 + * remove the vxi from the global hash table
18785 + * requires the hash_lock to be held */
18787 +static inline void __unhash_vx_info(struct vx_info *vxi)
18789 + unsigned long flags;
18791 + vxd_assert_lock(&vx_info_hash_lock);
18792 + vxdprintk(VXD_CBIT(xid, 4),
18793 + "__unhash_vx_info: %p[#%d.%d.%d]", vxi, vxi->vx_id,
18794 + atomic_read(&vxi->vx_usecnt), atomic_read(&vxi->vx_tasks));
18795 + vxh_unhash_vx_info(vxi);
18797 + /* context must be hashed */
18798 + BUG_ON(!vx_info_state(vxi, VXS_HASHED));
18799 + /* but without tasks */
18800 + BUG_ON(atomic_read(&vxi->vx_tasks));
18802 + vxi->vx_state &= ~VXS_HASHED;
18803 + hlist_del_init(&vxi->vx_hlist);
18804 + spin_lock_irqsave(&vx_info_inactive_lock, flags);
18805 + hlist_add_head(&vxi->vx_hlist, &vx_info_inactive);
18806 + spin_unlock_irqrestore(&vx_info_inactive_lock, flags);
18807 + atomic_dec(&vx_global_cactive);
18811 +/* __lookup_vx_info()
18813 + * requires the hash_lock to be held
18814 + * doesn't increment the vx_refcnt */
18816 +static inline struct vx_info *__lookup_vx_info(xid_t xid)
18818 + struct hlist_head *head = &vx_info_hash[__hashval(xid)];
18819 + struct hlist_node *pos;
18820 + struct vx_info *vxi;
18822 + vxd_assert_lock(&vx_info_hash_lock);
18823 + hlist_for_each(pos, head) {
18824 + vxi = hlist_entry(pos, struct vx_info, vx_hlist);
18826 + if (vxi->vx_id == xid)
18831 + vxdprintk(VXD_CBIT(xid, 0),
18832 + "__lookup_vx_info(#%u): %p[#%u]",
18833 + xid, vxi, vxi ? vxi->vx_id : 0);
18834 + vxh_lookup_vx_info(vxi, xid);
18839 +/* __create_vx_info()
18841 + * create the requested context
18842 + * get(), claim() and hash it */
18844 +static struct vx_info *__create_vx_info(int id)
18846 + struct vx_info *new, *vxi = NULL;
18848 + vxdprintk(VXD_CBIT(xid, 1), "create_vx_info(%d)*", id);
18850 + if (!(new = __alloc_vx_info(id)))
18851 + return ERR_PTR(-ENOMEM);
18853 + /* required to make dynamic xids unique */
18854 + spin_lock(&vx_info_hash_lock);
18856 + /* static context requested */
18857 + if ((vxi = __lookup_vx_info(id))) {
18858 + vxdprintk(VXD_CBIT(xid, 0),
18859 + "create_vx_info(%d) = %p (already there)", id, vxi);
18860 + if (vx_info_flags(vxi, VXF_STATE_SETUP, 0))
18861 + vxi = ERR_PTR(-EBUSY);
18863 + vxi = ERR_PTR(-EEXIST);
18866 + /* new context */
18867 + vxdprintk(VXD_CBIT(xid, 0),
18868 + "create_vx_info(%d) = %p (new)", id, new);
18869 + claim_vx_info(new, NULL);
18870 + __hash_vx_info(get_vx_info(new));
18871 + vxi = new, new = NULL;
18874 + spin_unlock(&vx_info_hash_lock);
18875 + vxh_create_vx_info(IS_ERR(vxi) ? NULL : vxi, id);
18877 + __dealloc_vx_info(new);
18882 +/* exported stuff */
18885 +void unhash_vx_info(struct vx_info *vxi)
18887 + __shutdown_vx_info(vxi);
18888 + spin_lock(&vx_info_hash_lock);
18889 + __unhash_vx_info(vxi);
18890 + spin_unlock(&vx_info_hash_lock);
18891 + __wakeup_vx_info(vxi);
18895 +/* lookup_vx_info()
18897 + * search for a vx_info and get() it
18898 + * negative id means current */
18900 +struct vx_info *lookup_vx_info(int id)
18902 + struct vx_info *vxi = NULL;
18905 + vxi = get_vx_info(current->vx_info);
18906 + } else if (id > 1) {
18907 + spin_lock(&vx_info_hash_lock);
18908 + vxi = get_vx_info(__lookup_vx_info(id));
18909 + spin_unlock(&vx_info_hash_lock);
18914 +/* xid_is_hashed()
18916 + * verify that xid is still hashed */
18918 +int xid_is_hashed(xid_t xid)
18922 + spin_lock(&vx_info_hash_lock);
18923 + hashed = (__lookup_vx_info(xid) != NULL);
18924 + spin_unlock(&vx_info_hash_lock);
18928 +#ifdef CONFIG_PROC_FS
18932 + * get a subset of hashed xids for proc
18933 + * assumes size is at least one */
18935 +int get_xid_list(int index, unsigned int *xids, int size)
18937 + int hindex, nr_xids = 0;
18939 + /* only show current and children */
18940 + if (!vx_check(0, VS_ADMIN | VS_WATCH)) {
18943 + xids[nr_xids] = vx_current_xid();
18947 + for (hindex = 0; hindex < VX_HASH_SIZE; hindex++) {
18948 + struct hlist_head *head = &vx_info_hash[hindex];
18949 + struct hlist_node *pos;
18951 + spin_lock(&vx_info_hash_lock);
18952 + hlist_for_each(pos, head) {
18953 + struct vx_info *vxi;
18958 + vxi = hlist_entry(pos, struct vx_info, vx_hlist);
18959 + xids[nr_xids] = vxi->vx_id;
18960 + if (++nr_xids >= size) {
18961 + spin_unlock(&vx_info_hash_lock);
18965 + /* keep the lock time short */
18966 + spin_unlock(&vx_info_hash_lock);
18973 +#ifdef CONFIG_VSERVER_DEBUG
18975 +void dump_vx_info_inactive(int level)
18977 + struct hlist_node *entry, *next;
18979 + hlist_for_each_safe(entry, next, &vx_info_inactive) {
18980 + struct vx_info *vxi =
18981 + list_entry(entry, struct vx_info, vx_hlist);
18983 + dump_vx_info(vxi, level);
18990 +int vx_migrate_user(struct task_struct *p, struct vx_info *vxi)
18992 + struct user_struct *new_user, *old_user;
18997 + if (vx_info_flags(vxi, VXF_INFO_PRIVATE, 0))
19000 + new_user = alloc_uid(vxi->vx_id, p->uid);
19004 + old_user = p->user;
19005 + if (new_user != old_user) {
19006 + atomic_inc(&new_user->processes);
19007 + atomic_dec(&old_user->processes);
19008 + p->user = new_user;
19010 + free_uid(old_user);
19016 +void vx_mask_cap_bset(struct vx_info *vxi, struct task_struct *p)
19018 + // p->cap_effective &= vxi->vx_cap_bset;
19019 + p->cap_effective =
19020 + cap_intersect(p->cap_effective, vxi->cap_bset);
19021 + // p->cap_inheritable &= vxi->vx_cap_bset;
19022 + p->cap_inheritable =
19023 + cap_intersect(p->cap_inheritable, vxi->cap_bset);
19024 + // p->cap_permitted &= vxi->vx_cap_bset;
19025 + p->cap_permitted =
19026 + cap_intersect(p->cap_permitted, vxi->cap_bset);
19031 +#include <linux/file.h>
19033 +static int vx_openfd_task(struct task_struct *tsk)
19035 + struct files_struct *files = tsk->files;
19036 + struct fdtable *fdt;
19037 + const unsigned long *bptr;
19038 + int count, total;
19040 + /* no rcu_read_lock() because of spin_lock() */
19041 + spin_lock(&files->file_lock);
19042 + fdt = files_fdtable(files);
19043 + bptr = fdt->open_fds->fds_bits;
19044 + count = fdt->max_fds / (sizeof(unsigned long) * 8);
19045 + for (total = 0; count > 0; count--) {
19047 + total += hweight_long(*bptr);
19050 + spin_unlock(&files->file_lock);
19055 +/* for *space compatibility */
19057 +asmlinkage long sys_unshare(unsigned long);
19060 + * migrate task to new context
19061 + * gets vxi, puts old_vxi on change
19062 + * optionally unshares namespaces (hack)
19065 +int vx_migrate_task(struct task_struct *p, struct vx_info *vxi, int unshare)
19067 + struct vx_info *old_vxi;
19073 + vxdprintk(VXD_CBIT(xid, 5),
19074 + "vx_migrate_task(%p,%p[#%d.%d])", p, vxi,
19075 + vxi->vx_id, atomic_read(&vxi->vx_usecnt));
19077 + if (vx_info_flags(vxi, VXF_INFO_PRIVATE, 0) &&
19078 + !vx_info_flags(vxi, VXF_STATE_SETUP, 0))
19081 + if (vx_info_state(vxi, VXS_SHUTDOWN))
19084 + old_vxi = task_get_vx_info(p);
19085 + if (old_vxi == vxi)
19088 +// if (!(ret = vx_migrate_user(p, vxi))) {
19093 + openfd = vx_openfd_task(p);
19096 + atomic_dec(&old_vxi->cvirt.nr_threads);
19097 + atomic_dec(&old_vxi->cvirt.nr_running);
19098 + __rlim_dec(&old_vxi->limit, RLIMIT_NPROC);
19099 + /* FIXME: what about the struct files here? */
19100 + __rlim_sub(&old_vxi->limit, VLIMIT_OPENFD, openfd);
19101 + /* account for the executable */
19102 + __rlim_dec(&old_vxi->limit, VLIMIT_DENTRY);
19104 + atomic_inc(&vxi->cvirt.nr_threads);
19105 + atomic_inc(&vxi->cvirt.nr_running);
19106 + __rlim_inc(&vxi->limit, RLIMIT_NPROC);
19107 + /* FIXME: what about the struct files here? */
19108 + __rlim_add(&vxi->limit, VLIMIT_OPENFD, openfd);
19109 + /* account for the executable */
19110 + __rlim_inc(&vxi->limit, VLIMIT_DENTRY);
19113 + release_vx_info(old_vxi, p);
19114 + clr_vx_info(&p->vx_info);
19116 + claim_vx_info(vxi, p);
19117 + set_vx_info(&p->vx_info, vxi);
19118 + p->xid = vxi->vx_id;
19120 + vxdprintk(VXD_CBIT(xid, 5),
19121 + "moved task %p into vxi:%p[#%d]",
19122 + p, vxi, vxi->vx_id);
19124 + // vx_mask_cap_bset(vxi, p);
19127 + /* hack for *spaces to provide compatibility */
19129 + struct nsproxy *old_nsp, *new_nsp;
19131 + ret = unshare_nsproxy_namespaces(
19132 + CLONE_NEWUTS | CLONE_NEWIPC | CLONE_NEWUSER,
19137 + old_nsp = xchg(&p->nsproxy, new_nsp);
19138 + vx_set_space(vxi, CLONE_NEWUTS | CLONE_NEWIPC | CLONE_NEWUSER);
19139 + put_nsproxy(old_nsp);
19143 + put_vx_info(old_vxi);
19147 +int vx_set_reaper(struct vx_info *vxi, struct task_struct *p)
19149 + struct task_struct *old_reaper;
19154 + vxdprintk(VXD_CBIT(xid, 6),
19155 + "vx_set_reaper(%p[#%d],%p[#%d,%d])",
19156 + vxi, vxi->vx_id, p, p->xid, p->pid);
19158 + old_reaper = vxi->vx_reaper;
19159 + if (old_reaper == p)
19162 + /* set new child reaper */
19163 + get_task_struct(p);
19164 + vxi->vx_reaper = p;
19165 + put_task_struct(old_reaper);
19169 +int vx_set_init(struct vx_info *vxi, struct task_struct *p)
19174 + vxdprintk(VXD_CBIT(xid, 6),
19175 + "vx_set_init(%p[#%d],%p[#%d,%d,%d])",
19176 + vxi, vxi->vx_id, p, p->xid, p->pid, p->tgid);
19178 + vxi->vx_flags &= ~VXF_STATE_INIT;
19179 + vxi->vx_initpid = p->tgid;
19183 +void vx_exit_init(struct vx_info *vxi, struct task_struct *p, int code)
19185 + vxdprintk(VXD_CBIT(xid, 6),
19186 + "vx_exit_init(%p[#%d],%p[#%d,%d,%d])",
19187 + vxi, vxi->vx_id, p, p->xid, p->pid, p->tgid);
19189 + vxi->exit_code = code;
19190 + vxi->vx_initpid = 0;
19194 +void vx_set_persistent(struct vx_info *vxi)
19196 + vxdprintk(VXD_CBIT(xid, 6),
19197 + "vx_set_persistent(%p[#%d])", vxi, vxi->vx_id);
19199 + get_vx_info(vxi);
19200 + claim_vx_info(vxi, NULL);
19203 +void vx_clear_persistent(struct vx_info *vxi)
19205 + vxdprintk(VXD_CBIT(xid, 6),
19206 + "vx_clear_persistent(%p[#%d])", vxi, vxi->vx_id);
19208 + release_vx_info(vxi, NULL);
19209 + put_vx_info(vxi);
19212 +void vx_update_persistent(struct vx_info *vxi)
19214 + if (vx_info_flags(vxi, VXF_PERSISTENT, 0))
19215 + vx_set_persistent(vxi);
19217 + vx_clear_persistent(vxi);
19221 +/* task must be current or locked */
19223 +void exit_vx_info(struct task_struct *p, int code)
19225 + struct vx_info *vxi = p->vx_info;
19228 + atomic_dec(&vxi->cvirt.nr_threads);
19231 + vxi->exit_code = code;
19232 + release_vx_info(vxi, p);
19236 +void exit_vx_info_early(struct task_struct *p, int code)
19238 + struct vx_info *vxi = p->vx_info;
19241 + if (vxi->vx_initpid == p->tgid)
19242 + vx_exit_init(vxi, p, code);
19243 + if (vxi->vx_reaper == p)
19244 + vx_set_reaper(vxi, init_pid_ns.child_reaper);
19249 +/* vserver syscall commands below here */
19251 +/* taks xid and vx_info functions */
19253 +#include <asm/uaccess.h>
19256 +int vc_task_xid(uint32_t id)
19261 + struct task_struct *tsk;
19263 + read_lock(&tasklist_lock);
19264 + tsk = find_task_by_real_pid(id);
19265 + xid = (tsk) ? tsk->xid : -ESRCH;
19266 + read_unlock(&tasklist_lock);
19268 + xid = vx_current_xid();
19273 +int vc_vx_info(struct vx_info *vxi, void __user *data)
19275 + struct vcmd_vx_info_v0 vc_data;
19277 + vc_data.xid = vxi->vx_id;
19278 + vc_data.initpid = vxi->vx_initpid;
19280 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
19286 +int vc_ctx_stat(struct vx_info *vxi, void __user *data)
19288 + struct vcmd_ctx_stat_v0 vc_data;
19290 + vc_data.usecnt = atomic_read(&vxi->vx_usecnt);
19291 + vc_data.tasks = atomic_read(&vxi->vx_tasks);
19293 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
19299 +/* context functions */
19301 +int vc_ctx_create(uint32_t xid, void __user *data)
19303 + struct vcmd_ctx_create vc_data = { .flagword = VXF_INIT_SET };
19304 + struct vx_info *new_vxi;
19307 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
19310 + if ((xid > MAX_S_CONTEXT) || (xid < 2))
19313 + new_vxi = __create_vx_info(xid);
19314 + if (IS_ERR(new_vxi))
19315 + return PTR_ERR(new_vxi);
19317 + /* initial flags */
19318 + new_vxi->vx_flags = vc_data.flagword;
19321 + if (vs_state_change(new_vxi, VSC_STARTUP))
19324 + ret = vx_migrate_task(current, new_vxi, (!data));
19328 + /* return context id on success */
19329 + ret = new_vxi->vx_id;
19331 + /* get a reference for persistent contexts */
19332 + if ((vc_data.flagword & VXF_PERSISTENT))
19333 + vx_set_persistent(new_vxi);
19335 + release_vx_info(new_vxi, NULL);
19336 + put_vx_info(new_vxi);
19341 +int vc_ctx_migrate(struct vx_info *vxi, void __user *data)
19343 + struct vcmd_ctx_migrate vc_data = { .flagword = 0 };
19346 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
19349 + ret = vx_migrate_task(current, vxi, 0);
19352 + if (vc_data.flagword & VXM_SET_INIT)
19353 + ret = vx_set_init(vxi, current);
19356 + if (vc_data.flagword & VXM_SET_REAPER)
19357 + ret = vx_set_reaper(vxi, current);
19362 +int vc_get_cflags(struct vx_info *vxi, void __user *data)
19364 + struct vcmd_ctx_flags_v0 vc_data;
19366 + vc_data.flagword = vxi->vx_flags;
19368 + /* special STATE flag handling */
19369 + vc_data.mask = vs_mask_flags(~0ULL, vxi->vx_flags, VXF_ONE_TIME);
19371 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
19376 +int vc_set_cflags(struct vx_info *vxi, void __user *data)
19378 + struct vcmd_ctx_flags_v0 vc_data;
19379 + uint64_t mask, trigger;
19381 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
19384 + /* special STATE flag handling */
19385 + mask = vs_mask_mask(vc_data.mask, vxi->vx_flags, VXF_ONE_TIME);
19386 + trigger = (mask & vxi->vx_flags) ^ (mask & vc_data.flagword);
19388 + if (vxi == current->vx_info) {
19389 + /* if (trigger & VXF_STATE_SETUP)
19390 + vx_mask_cap_bset(vxi, current); */
19391 + if (trigger & VXF_STATE_INIT) {
19394 + ret = vx_set_init(vxi, current);
19397 + ret = vx_set_reaper(vxi, current);
19403 + vxi->vx_flags = vs_mask_flags(vxi->vx_flags,
19404 + vc_data.flagword, mask);
19405 + if (trigger & VXF_PERSISTENT)
19406 + vx_update_persistent(vxi);
19412 +static inline uint64_t caps_from_cap_t(kernel_cap_t c)
19414 + uint64_t v = c.cap[0] | ((uint64_t)c.cap[1] << 32);
19416 + // printk("caps_from_cap_t(%08x:%08x) = %016llx\n", c.cap[1], c.cap[0], v);
19420 +static inline kernel_cap_t cap_t_from_caps(uint64_t v)
19422 + kernel_cap_t c = __cap_empty_set;
19424 + c.cap[0] = v & 0xFFFFFFFF;
19425 + c.cap[1] = (v >> 32) & 0xFFFFFFFF;
19427 + // printk("cap_t_from_caps(%016llx) = %08x:%08x\n", v, c.cap[1], c.cap[0]);
19432 +static int do_get_caps(struct vx_info *vxi, uint64_t *bcaps, uint64_t *ccaps)
19435 + *bcaps = caps_from_cap_t(vxi->vx_bcaps);
19437 + *ccaps = vxi->vx_ccaps;
19442 +int vc_get_ccaps(struct vx_info *vxi, void __user *data)
19444 + struct vcmd_ctx_caps_v1 vc_data;
19447 + ret = do_get_caps(vxi, NULL, &vc_data.ccaps);
19450 + vc_data.cmask = ~0ULL;
19452 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
19457 +static int do_set_caps(struct vx_info *vxi,
19458 + uint64_t bcaps, uint64_t bmask, uint64_t ccaps, uint64_t cmask)
19460 + uint64_t bcold = caps_from_cap_t(vxi->vx_bcaps);
19463 + printk("do_set_caps(%16llx, %16llx, %16llx, %16llx)\n",
19464 + bcaps, bmask, ccaps, cmask);
19466 + vxi->vx_bcaps = cap_t_from_caps(
19467 + vs_mask_flags(bcold, bcaps, bmask));
19468 + vxi->vx_ccaps = vs_mask_flags(vxi->vx_ccaps, ccaps, cmask);
19473 +int vc_set_ccaps(struct vx_info *vxi, void __user *data)
19475 + struct vcmd_ctx_caps_v1 vc_data;
19477 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
19480 + return do_set_caps(vxi, 0, 0, vc_data.ccaps, vc_data.cmask);
19483 +int vc_get_bcaps(struct vx_info *vxi, void __user *data)
19485 + struct vcmd_bcaps vc_data;
19488 + ret = do_get_caps(vxi, &vc_data.bcaps, NULL);
19491 + vc_data.bmask = ~0ULL;
19493 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
19498 +int vc_set_bcaps(struct vx_info *vxi, void __user *data)
19500 + struct vcmd_bcaps vc_data;
19502 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
19505 + return do_set_caps(vxi, vc_data.bcaps, vc_data.bmask, 0, 0);
19509 +int vc_get_badness(struct vx_info *vxi, void __user *data)
19511 + struct vcmd_badness_v0 vc_data;
19513 + vc_data.bias = vxi->vx_badness_bias;
19515 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
19520 +int vc_set_badness(struct vx_info *vxi, void __user *data)
19522 + struct vcmd_badness_v0 vc_data;
19524 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
19527 + vxi->vx_badness_bias = vc_data.bias;
19531 +#include <linux/module.h>
19533 +EXPORT_SYMBOL_GPL(free_vx_info);
19535 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/cvirt.c linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/cvirt.c
19536 --- linux-2.6.25.11/kernel/vserver/cvirt.c 1969-12-31 19:00:00.000000000 -0500
19537 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/cvirt.c 2008-04-19 15:14:52.000000000 -0400
19540 + * linux/kernel/vserver/cvirt.c
19542 + * Virtual Server: Context Virtualization
19544 + * Copyright (C) 2004-2007 Herbert Pötzl
19546 + * V0.01 broken out from limit.c
19547 + * V0.02 added utsname stuff
19548 + * V0.03 changed vcmds to vxi arg
19552 +#include <linux/types.h>
19553 +#include <linux/utsname.h>
19554 +#include <linux/vs_cvirt.h>
19555 +#include <linux/vserver/switch.h>
19556 +#include <linux/vserver/cvirt_cmd.h>
19558 +#include <asm/uaccess.h>
19561 +void vx_vsi_uptime(struct timespec *uptime, struct timespec *idle)
19563 + struct vx_info *vxi = current->vx_info;
19565 + set_normalized_timespec(uptime,
19566 + uptime->tv_sec - vxi->cvirt.bias_uptime.tv_sec,
19567 + uptime->tv_nsec - vxi->cvirt.bias_uptime.tv_nsec);
19570 + set_normalized_timespec(idle,
19571 + idle->tv_sec - vxi->cvirt.bias_idle.tv_sec,
19572 + idle->tv_nsec - vxi->cvirt.bias_idle.tv_nsec);
19576 +uint64_t vx_idle_jiffies(void)
19578 + return init_task.utime + init_task.stime;
19583 +static inline uint32_t __update_loadavg(uint32_t load,
19584 + int wsize, int delta, int n)
19586 + unsigned long long calc, prev;
19588 + /* just set it to n */
19589 + if (unlikely(delta >= wsize))
19590 + return (n << FSHIFT);
19592 + calc = delta * n;
19594 + prev = (wsize - delta);
19597 + do_div(calc, wsize);
19602 +void vx_update_load(struct vx_info *vxi)
19604 + uint32_t now, last, delta;
19605 + unsigned int nr_running, nr_uninterruptible;
19606 + unsigned int total;
19607 + unsigned long flags;
19609 + spin_lock_irqsave(&vxi->cvirt.load_lock, flags);
19612 + last = vxi->cvirt.load_last;
19613 + delta = now - last;
19615 + if (delta < 5*HZ)
19618 + nr_running = atomic_read(&vxi->cvirt.nr_running);
19619 + nr_uninterruptible = atomic_read(&vxi->cvirt.nr_uninterruptible);
19620 + total = nr_running + nr_uninterruptible;
19622 + vxi->cvirt.load[0] = __update_loadavg(vxi->cvirt.load[0],
19623 + 60*HZ, delta, total);
19624 + vxi->cvirt.load[1] = __update_loadavg(vxi->cvirt.load[1],
19625 + 5*60*HZ, delta, total);
19626 + vxi->cvirt.load[2] = __update_loadavg(vxi->cvirt.load[2],
19627 + 15*60*HZ, delta, total);
19629 + vxi->cvirt.load_last = now;
19631 + atomic_inc(&vxi->cvirt.load_updates);
19632 + spin_unlock_irqrestore(&vxi->cvirt.load_lock, flags);
19637 + * Commands to do_syslog:
19639 + * 0 -- Close the log. Currently a NOP.
19640 + * 1 -- Open the log. Currently a NOP.
19641 + * 2 -- Read from the log.
19642 + * 3 -- Read all messages remaining in the ring buffer.
19643 + * 4 -- Read and clear all messages remaining in the ring buffer
19644 + * 5 -- Clear ring buffer.
19645 + * 6 -- Disable printk's to console
19646 + * 7 -- Enable printk's to console
19647 + * 8 -- Set level of messages printed to console
19648 + * 9 -- Return number of unread characters in the log buffer
19649 + * 10 -- Return size of the log buffer
19651 +int vx_do_syslog(int type, char __user *buf, int len)
19654 + int do_clear = 0;
19655 + struct vx_info *vxi = current->vx_info;
19656 + struct _vx_syslog *log;
19660 + log = &vxi->cvirt.syslog;
19663 + case 0: /* Close log */
19664 + case 1: /* Open log */
19666 + case 2: /* Read from log */
19667 + error = wait_event_interruptible(log->log_wait,
19668 + (log->log_start - log->log_end));
19671 + spin_lock_irq(&log->logbuf_lock);
19672 + spin_unlock_irq(&log->logbuf_lock);
19674 + case 4: /* Read/clear last kernel messages */
19676 + /* fall through */
19677 + case 3: /* Read last kernel messages */
19680 + case 5: /* Clear ring buffer */
19683 + case 6: /* Disable logging to console */
19684 + case 7: /* Enable logging to console */
19685 + case 8: /* Set level of messages printed to console */
19688 + case 9: /* Number of chars in the log buffer */
19690 + case 10: /* Size of the log buffer */
19700 +/* virtual host info names */
19702 +static char *vx_vhi_name(struct vx_info *vxi, int id)
19704 + struct nsproxy *nsproxy;
19705 + struct uts_namespace *uts;
19708 + if (id == VHIN_CONTEXT)
19709 + return vxi->vx_name;
19711 + nsproxy = vxi->vx_nsproxy;
19715 + uts = nsproxy->uts_ns;
19720 + case VHIN_SYSNAME:
19721 + return uts->name.sysname;
19722 + case VHIN_NODENAME:
19723 + return uts->name.nodename;
19724 + case VHIN_RELEASE:
19725 + return uts->name.release;
19726 + case VHIN_VERSION:
19727 + return uts->name.version;
19728 + case VHIN_MACHINE:
19729 + return uts->name.machine;
19730 + case VHIN_DOMAINNAME:
19731 + return uts->name.domainname;
19738 +int vc_set_vhi_name(struct vx_info *vxi, void __user *data)
19740 + struct vcmd_vhi_name_v0 vc_data;
19743 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
19746 + name = vx_vhi_name(vxi, vc_data.field);
19750 + memcpy(name, vc_data.name, 65);
19754 +int vc_get_vhi_name(struct vx_info *vxi, void __user *data)
19756 + struct vcmd_vhi_name_v0 vc_data;
19759 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
19762 + name = vx_vhi_name(vxi, vc_data.field);
19766 + memcpy(vc_data.name, name, 65);
19767 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
19773 +int vc_virt_stat(struct vx_info *vxi, void __user *data)
19775 + struct vcmd_virt_stat_v0 vc_data;
19776 + struct _vx_cvirt *cvirt = &vxi->cvirt;
19777 + struct timespec uptime;
19779 + do_posix_clock_monotonic_gettime(&uptime);
19780 + set_normalized_timespec(&uptime,
19781 + uptime.tv_sec - cvirt->bias_uptime.tv_sec,
19782 + uptime.tv_nsec - cvirt->bias_uptime.tv_nsec);
19784 + vc_data.offset = timeval_to_ns(&cvirt->bias_tv);
19785 + vc_data.uptime = timespec_to_ns(&uptime);
19786 + vc_data.nr_threads = atomic_read(&cvirt->nr_threads);
19787 + vc_data.nr_running = atomic_read(&cvirt->nr_running);
19788 + vc_data.nr_uninterruptible = atomic_read(&cvirt->nr_uninterruptible);
19789 + vc_data.nr_onhold = atomic_read(&cvirt->nr_onhold);
19790 + vc_data.nr_forks = atomic_read(&cvirt->total_forks);
19791 + vc_data.load[0] = cvirt->load[0];
19792 + vc_data.load[1] = cvirt->load[1];
19793 + vc_data.load[2] = cvirt->load[2];
19795 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
19801 +#ifdef CONFIG_VSERVER_VTIME
19803 +/* virtualized time base */
19805 +void vx_gettimeofday(struct timeval *tv)
19807 + do_gettimeofday(tv);
19808 + if (!vx_flags(VXF_VIRT_TIME, 0))
19811 + tv->tv_sec += current->vx_info->cvirt.bias_tv.tv_sec;
19812 + tv->tv_usec += current->vx_info->cvirt.bias_tv.tv_usec;
19814 + if (tv->tv_usec >= USEC_PER_SEC) {
19816 + tv->tv_usec -= USEC_PER_SEC;
19817 + } else if (tv->tv_usec < 0) {
19819 + tv->tv_usec += USEC_PER_SEC;
19823 +int vx_settimeofday(struct timespec *ts)
19825 + struct timeval tv;
19827 + if (!vx_flags(VXF_VIRT_TIME, 0))
19828 + return do_settimeofday(ts);
19830 + do_gettimeofday(&tv);
19831 + current->vx_info->cvirt.bias_tv.tv_sec =
19832 + ts->tv_sec - tv.tv_sec;
19833 + current->vx_info->cvirt.bias_tv.tv_usec =
19834 + (ts->tv_nsec/NSEC_PER_USEC) - tv.tv_usec;
19840 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/cvirt_init.h linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/cvirt_init.h
19841 --- linux-2.6.25.11/kernel/vserver/cvirt_init.h 1969-12-31 19:00:00.000000000 -0500
19842 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/cvirt_init.h 2008-04-19 15:14:52.000000000 -0400
19846 +extern uint64_t vx_idle_jiffies(void);
19848 +static inline void vx_info_init_cvirt(struct _vx_cvirt *cvirt)
19850 + uint64_t idle_jiffies = vx_idle_jiffies();
19851 + uint64_t nsuptime;
19853 + do_posix_clock_monotonic_gettime(&cvirt->bias_uptime);
19854 + nsuptime = (unsigned long long)cvirt->bias_uptime.tv_sec
19855 + * NSEC_PER_SEC + cvirt->bias_uptime.tv_nsec;
19856 + cvirt->bias_clock = nsec_to_clock_t(nsuptime);
19857 + cvirt->bias_tv.tv_sec = 0;
19858 + cvirt->bias_tv.tv_usec = 0;
19860 + jiffies_to_timespec(idle_jiffies, &cvirt->bias_idle);
19861 + atomic_set(&cvirt->nr_threads, 0);
19862 + atomic_set(&cvirt->nr_running, 0);
19863 + atomic_set(&cvirt->nr_uninterruptible, 0);
19864 + atomic_set(&cvirt->nr_onhold, 0);
19866 + spin_lock_init(&cvirt->load_lock);
19867 + cvirt->load_last = jiffies;
19868 + atomic_set(&cvirt->load_updates, 0);
19869 + cvirt->load[0] = 0;
19870 + cvirt->load[1] = 0;
19871 + cvirt->load[2] = 0;
19872 + atomic_set(&cvirt->total_forks, 0);
19874 + spin_lock_init(&cvirt->syslog.logbuf_lock);
19875 + init_waitqueue_head(&cvirt->syslog.log_wait);
19876 + cvirt->syslog.log_start = 0;
19877 + cvirt->syslog.log_end = 0;
19878 + cvirt->syslog.con_start = 0;
19879 + cvirt->syslog.logged_chars = 0;
19883 +void vx_info_init_cvirt_pc(struct _vx_cvirt_pc *cvirt_pc, int cpu)
19885 + // cvirt_pc->cpustat = { 0 };
19888 +static inline void vx_info_exit_cvirt(struct _vx_cvirt *cvirt)
19892 + vxwprintk_xid((value = atomic_read(&cvirt->nr_threads)),
19893 + "!!! cvirt: %p[nr_threads] = %d on exit.",
19895 + vxwprintk_xid((value = atomic_read(&cvirt->nr_running)),
19896 + "!!! cvirt: %p[nr_running] = %d on exit.",
19898 + vxwprintk_xid((value = atomic_read(&cvirt->nr_uninterruptible)),
19899 + "!!! cvirt: %p[nr_uninterruptible] = %d on exit.",
19901 + vxwprintk_xid((value = atomic_read(&cvirt->nr_onhold)),
19902 + "!!! cvirt: %p[nr_onhold] = %d on exit.",
19908 +void vx_info_exit_cvirt_pc(struct _vx_cvirt_pc *cvirt_pc, int cpu)
19913 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/cvirt_proc.h linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/cvirt_proc.h
19914 --- linux-2.6.25.11/kernel/vserver/cvirt_proc.h 1969-12-31 19:00:00.000000000 -0500
19915 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/cvirt_proc.h 2008-04-21 13:01:29.000000000 -0400
19917 +#ifndef _VX_CVIRT_PROC_H
19918 +#define _VX_CVIRT_PROC_H
19920 +#include <linux/nsproxy.h>
19921 +#include <linux/mnt_namespace.h>
19922 +#include <linux/ipc_namespace.h>
19923 +#include <linux/utsname.h>
19924 +#include <linux/ipc.h>
19928 +int vx_info_proc_nsproxy(struct nsproxy *nsproxy, char *buffer)
19930 + struct mnt_namespace *ns;
19931 + struct uts_namespace *uts;
19932 + struct ipc_namespace *ipc;
19933 + struct path path;
19934 + char *pstr, *root;
19940 + length += sprintf(buffer + length,
19941 + "NSProxy:\t%p [%p,%p,%p]\n",
19942 + nsproxy, nsproxy->mnt_ns,
19943 + nsproxy->uts_ns, nsproxy->ipc_ns);
19945 + ns = nsproxy->mnt_ns;
19949 + pstr = kmalloc(PATH_MAX, GFP_KERNEL);
19953 + path.mnt = ns->root;
19954 + path.dentry = ns->root->mnt_root;
19955 + root = d_path(&path, pstr, PATH_MAX - 2);
19956 + length += sprintf(buffer + length,
19957 + "Namespace:\t%p [#%u]\n"
19958 + "RootPath:\t%s\n",
19959 + ns, atomic_read(&ns->count),
19964 + uts = nsproxy->uts_ns;
19968 + length += sprintf(buffer + length,
19969 + "SysName:\t%.*s\n"
19970 + "NodeName:\t%.*s\n"
19971 + "Release:\t%.*s\n"
19972 + "Version:\t%.*s\n"
19973 + "Machine:\t%.*s\n"
19974 + "DomainName:\t%.*s\n",
19975 + __NEW_UTS_LEN, uts->name.sysname,
19976 + __NEW_UTS_LEN, uts->name.nodename,
19977 + __NEW_UTS_LEN, uts->name.release,
19978 + __NEW_UTS_LEN, uts->name.version,
19979 + __NEW_UTS_LEN, uts->name.machine,
19980 + __NEW_UTS_LEN, uts->name.domainname);
19983 + ipc = nsproxy->ipc_ns;
19987 + length += sprintf(buffer + length,
19988 + "SEMS:\t\t%d %d %d %d %d\n"
19989 + "MSG:\t\t%d %d %d\n"
19990 + "SHM:\t\t%lu %lu %d %d\n",
19991 + ipc->sem_ctls[0], ipc->sem_ctls[1],
19992 + ipc->sem_ctls[2], ipc->sem_ctls[3],
19994 + ipc->msg_ctlmax, ipc->msg_ctlmnb, ipc->msg_ctlmni,
19995 + (unsigned long)ipc->shm_ctlmax,
19996 + (unsigned long)ipc->shm_ctlall,
19997 + ipc->shm_ctlmni, ipc->shm_tot);
20004 +#include <linux/sched.h>
20006 +#define LOAD_INT(x) ((x) >> FSHIFT)
20007 +#define LOAD_FRAC(x) LOAD_INT(((x) & (FIXED_1 - 1)) * 100)
20010 +int vx_info_proc_cvirt(struct _vx_cvirt *cvirt, char *buffer)
20015 + length += sprintf(buffer + length,
20016 + "BiasUptime:\t%lu.%02lu\n",
20017 + (unsigned long)cvirt->bias_uptime.tv_sec,
20018 + (cvirt->bias_uptime.tv_nsec / (NSEC_PER_SEC / 100)));
20020 + a = cvirt->load[0] + (FIXED_1 / 200);
20021 + b = cvirt->load[1] + (FIXED_1 / 200);
20022 + c = cvirt->load[2] + (FIXED_1 / 200);
20023 + length += sprintf(buffer + length,
20024 + "nr_threads:\t%d\n"
20025 + "nr_running:\t%d\n"
20026 + "nr_unintr:\t%d\n"
20027 + "nr_onhold:\t%d\n"
20028 + "load_updates:\t%d\n"
20029 + "loadavg:\t%d.%02d %d.%02d %d.%02d\n"
20030 + "total_forks:\t%d\n",
20031 + atomic_read(&cvirt->nr_threads),
20032 + atomic_read(&cvirt->nr_running),
20033 + atomic_read(&cvirt->nr_uninterruptible),
20034 + atomic_read(&cvirt->nr_onhold),
20035 + atomic_read(&cvirt->load_updates),
20036 + LOAD_INT(a), LOAD_FRAC(a),
20037 + LOAD_INT(b), LOAD_FRAC(b),
20038 + LOAD_INT(c), LOAD_FRAC(c),
20039 + atomic_read(&cvirt->total_forks));
20044 +int vx_info_proc_cvirt_pc(struct _vx_cvirt_pc *cvirt_pc,
20045 + char *buffer, int cpu)
20051 +#endif /* _VX_CVIRT_PROC_H */
20052 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/debug.c linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/debug.c
20053 --- linux-2.6.25.11/kernel/vserver/debug.c 1969-12-31 19:00:00.000000000 -0500
20054 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/debug.c 2008-04-19 15:14:52.000000000 -0400
20057 + * kernel/vserver/debug.c
20059 + * Copyright (C) 2005-2007 Herbert Pötzl
20061 + * V0.01 vx_info dump support
20065 +#include <linux/module.h>
20067 +#include <linux/vserver/context.h>
20070 +void dump_vx_info(struct vx_info *vxi, int level)
20072 + printk("vx_info %p[#%d, %d.%d, %4x]\n", vxi, vxi->vx_id,
20073 + atomic_read(&vxi->vx_usecnt),
20074 + atomic_read(&vxi->vx_tasks),
20077 + __dump_vx_limit(&vxi->limit);
20078 + __dump_vx_sched(&vxi->sched);
20079 + __dump_vx_cvirt(&vxi->cvirt);
20080 + __dump_vx_cacct(&vxi->cacct);
20086 +EXPORT_SYMBOL_GPL(dump_vx_info);
20088 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/device.c linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/device.c
20089 --- linux-2.6.25.11/kernel/vserver/device.c 1969-12-31 19:00:00.000000000 -0500
20090 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/device.c 2008-04-21 12:35:24.000000000 -0400
20093 + * linux/kernel/vserver/device.c
20095 + * Linux-VServer: Device Support
20097 + * Copyright (C) 2006 Herbert Pötzl
20098 + * Copyright (C) 2007 Daniel Hokka Zakrisson
20100 + * V0.01 device mapping basics
20101 + * V0.02 added defaults
20105 +#include <linux/slab.h>
20106 +#include <linux/rcupdate.h>
20107 +#include <linux/fs.h>
20108 +#include <linux/namei.h>
20109 +#include <linux/hash.h>
20111 +#include <asm/errno.h>
20112 +#include <asm/uaccess.h>
20113 +#include <linux/vserver/base.h>
20114 +#include <linux/vserver/debug.h>
20115 +#include <linux/vserver/context.h>
20116 +#include <linux/vserver/device.h>
20117 +#include <linux/vserver/device_cmd.h>
20120 +#define DMAP_HASH_BITS 4
20123 +struct vs_mapping {
20125 + struct hlist_node hlist;
20126 + struct list_head list;
20128 +#define dm_hlist u.hlist
20129 +#define dm_list u.list
20132 + struct vx_dmap_target target;
20136 +static struct hlist_head dmap_main_hash[1 << DMAP_HASH_BITS];
20138 +static spinlock_t dmap_main_hash_lock = SPIN_LOCK_UNLOCKED;
20140 +static struct vx_dmap_target dmap_defaults[2] = {
20141 + { .flags = DATTR_OPEN },
20142 + { .flags = DATTR_OPEN },
20146 +struct kmem_cache *dmap_cachep __read_mostly;
20148 +int __init dmap_cache_init(void)
20150 + dmap_cachep = kmem_cache_create("dmap_cache",
20151 + sizeof(struct vs_mapping), 0,
20152 + SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
20156 +__initcall(dmap_cache_init);
20159 +static inline unsigned int __hashval(dev_t dev, int bits)
20161 + return hash_long((unsigned long)dev, bits);
20165 +/* __hash_mapping()
20166 + * add the mapping to the hash table
20168 +static inline void __hash_mapping(struct vx_info *vxi, struct vs_mapping *vdm)
20170 + spinlock_t *hash_lock = &dmap_main_hash_lock;
20171 + struct hlist_head *head, *hash = dmap_main_hash;
20172 + int device = vdm->device;
20174 + spin_lock(hash_lock);
20175 + vxdprintk(VXD_CBIT(misc, 8), "__hash_mapping: %p[#%d] %08x:%08x",
20176 + vxi, vxi ? vxi->vx_id : 0, device, vdm->target.target);
20178 + head = &hash[__hashval(device, DMAP_HASH_BITS)];
20179 + hlist_add_head(&vdm->dm_hlist, head);
20180 + spin_unlock(hash_lock);
20184 +static inline int __mode_to_default(umode_t mode)
20197 +/* __set_default()
20200 +static inline void __set_default(struct vx_info *vxi, umode_t mode,
20201 + struct vx_dmap_target *vdmt)
20203 + spinlock_t *hash_lock = &dmap_main_hash_lock;
20204 + spin_lock(hash_lock);
20207 + vxi->dmap.targets[__mode_to_default(mode)] = *vdmt;
20209 + dmap_defaults[__mode_to_default(mode)] = *vdmt;
20212 + spin_unlock(hash_lock);
20214 + vxdprintk(VXD_CBIT(misc, 8), "__set_default: %p[#%u] %08x %04x",
20215 + vxi, vxi ? vxi->vx_id : 0, vdmt->target, vdmt->flags);
20219 +/* __remove_default()
20220 + * remove a default
20222 +static inline int __remove_default(struct vx_info *vxi, umode_t mode)
20224 + spinlock_t *hash_lock = &dmap_main_hash_lock;
20225 + spin_lock(hash_lock);
20228 + vxi->dmap.targets[__mode_to_default(mode)].flags = 0;
20229 + else /* remove == reset */
20230 + dmap_defaults[__mode_to_default(mode)].flags = DATTR_OPEN | mode;
20232 + spin_unlock(hash_lock);
20237 +/* __find_mapping()
20238 + * find a mapping in the hash table
20240 + * caller must hold hash_lock
20242 +static inline int __find_mapping(xid_t xid, dev_t device, umode_t mode,
20243 + struct vs_mapping **local, struct vs_mapping **global)
20245 + struct hlist_head *hash = dmap_main_hash;
20246 + struct hlist_head *head = &hash[__hashval(device, DMAP_HASH_BITS)];
20247 + struct hlist_node *pos;
20248 + struct vs_mapping *vdm;
20254 + hlist_for_each(pos, head) {
20255 + vdm = hlist_entry(pos, struct vs_mapping, dm_hlist);
20257 + if ((vdm->device == device) &&
20258 + !((vdm->target.flags ^ mode) & S_IFMT)) {
20259 + if (vdm->xid == xid) {
20262 + } else if (global && vdm->xid == 0)
20267 + if (global && *global)
20274 +/* __lookup_mapping()
20275 + * find a mapping and store the result in target and flags
20277 +static inline int __lookup_mapping(struct vx_info *vxi,
20278 + dev_t device, dev_t *target, int *flags, umode_t mode)
20280 + spinlock_t *hash_lock = &dmap_main_hash_lock;
20281 + struct vs_mapping *vdm, *global;
20282 + struct vx_dmap_target *vdmt;
20284 + xid_t xid = vxi->vx_id;
20287 + spin_lock(hash_lock);
20288 + if (__find_mapping(xid, device, mode, &vdm, &global) > 0) {
20290 + vdmt = &vdm->target;
20294 + index = __mode_to_default(mode);
20295 + if (vxi && vxi->dmap.targets[index].flags) {
20297 + vdmt = &vxi->dmap.targets[index];
20298 + } else if (global) {
20300 + vdmt = &global->target;
20304 + vdmt = &dmap_defaults[index];
20308 + if (target && (vdmt->flags & DATTR_REMAP))
20309 + *target = vdmt->target;
20311 + *target = device;
20313 + *flags = vdmt->flags;
20315 + spin_unlock(hash_lock);
20321 +/* __remove_mapping()
20322 + * remove a mapping from the hash table
20324 +static inline int __remove_mapping(struct vx_info *vxi, dev_t device,
20327 + spinlock_t *hash_lock = &dmap_main_hash_lock;
20328 + struct vs_mapping *vdm = NULL;
20331 + spin_lock(hash_lock);
20333 + ret = __find_mapping((vxi ? vxi->vx_id : 0), device, mode, &vdm,
20335 + vxdprintk(VXD_CBIT(misc, 8), "__remove_mapping: %p[#%d] %08x %04x",
20336 + vxi, vxi ? vxi->vx_id : 0, device, mode);
20339 + hlist_del(&vdm->dm_hlist);
20342 + spin_unlock(hash_lock);
20344 + kmem_cache_free(dmap_cachep, vdm);
20350 +int vs_map_device(struct vx_info *vxi,
20351 + dev_t device, dev_t *target, umode_t mode)
20353 + int ret, flags = DATTR_MASK;
20357 + *target = device;
20360 + ret = __lookup_mapping(vxi, device, target, &flags, mode);
20361 + vxdprintk(VXD_CBIT(misc, 8), "vs_map_device: %08x target: %08x flags: %04x mode: %04x mapped=%d",
20362 + device, target ? *target : 0, flags, mode, ret);
20364 + return (flags & DATTR_MASK);
20369 +static int do_set_mapping(struct vx_info *vxi,
20370 + dev_t device, dev_t target, int flags, umode_t mode)
20373 + struct vs_mapping *new;
20375 + new = kmem_cache_alloc(dmap_cachep, GFP_KERNEL);
20379 + INIT_HLIST_NODE(&new->dm_hlist);
20380 + new->device = device;
20381 + new->target.target = target;
20382 + new->target.flags = flags | mode;
20383 + new->xid = (vxi ? vxi->vx_id : 0);
20385 + vxdprintk(VXD_CBIT(misc, 8), "do_set_mapping: %08x target: %08x flags: %04x", device, target, flags);
20386 + __hash_mapping(vxi, new);
20388 + struct vx_dmap_target new = {
20389 + .target = target,
20390 + .flags = flags | mode,
20392 + __set_default(vxi, mode, &new);
20398 +static int do_unset_mapping(struct vx_info *vxi,
20399 + dev_t device, dev_t target, int flags, umode_t mode)
20401 + int ret = -EINVAL;
20404 + ret = __remove_mapping(vxi, device, mode);
20408 + ret = __remove_default(vxi, mode);
20418 +static inline int __user_device(const char __user *name, dev_t *dev,
20421 + struct nameidata nd;
20428 + ret = user_path_walk_link(name, &nd);
20431 + if (nd.path.dentry->d_inode) {
20432 + *dev = nd.path.dentry->d_inode->i_rdev;
20433 + *mode = nd.path.dentry->d_inode->i_mode;
20435 + path_put(&nd.path);
20439 +static inline int __mapping_mode(dev_t device, dev_t target,
20440 + umode_t device_mode, umode_t target_mode, umode_t *mode)
20443 + *mode = device_mode & S_IFMT;
20445 + *mode = target_mode & S_IFMT;
20449 + /* if both given, device and target mode have to match */
20450 + if (device && target &&
20451 + ((device_mode ^ target_mode) & S_IFMT))
20457 +static inline int do_mapping(struct vx_info *vxi, const char __user *device_path,
20458 + const char __user *target_path, int flags, int set)
20460 + dev_t device = ~0, target = ~0;
20461 + umode_t device_mode = 0, target_mode = 0, mode;
20464 + ret = __user_device(device_path, &device, &device_mode);
20467 + ret = __user_device(target_path, &target, &target_mode);
20471 + ret = __mapping_mode(device, target,
20472 + device_mode, target_mode, &mode);
20477 + return do_set_mapping(vxi, device, target,
20480 + return do_unset_mapping(vxi, device, target,
20485 +int vc_set_mapping(struct vx_info *vxi, void __user *data)
20487 + struct vcmd_set_mapping_v0 vc_data;
20489 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20492 + return do_mapping(vxi, vc_data.device, vc_data.target,
20493 + vc_data.flags, 1);
20496 +int vc_unset_mapping(struct vx_info *vxi, void __user *data)
20498 + struct vcmd_set_mapping_v0 vc_data;
20500 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20503 + return do_mapping(vxi, vc_data.device, vc_data.target,
20504 + vc_data.flags, 0);
20508 +#ifdef CONFIG_COMPAT
20510 +int vc_set_mapping_x32(struct vx_info *vxi, void __user *data)
20512 + struct vcmd_set_mapping_v0_x32 vc_data;
20514 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20517 + return do_mapping(vxi, compat_ptr(vc_data.device_ptr),
20518 + compat_ptr(vc_data.target_ptr), vc_data.flags, 1);
20521 +int vc_unset_mapping_x32(struct vx_info *vxi, void __user *data)
20523 + struct vcmd_set_mapping_v0_x32 vc_data;
20525 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20528 + return do_mapping(vxi, compat_ptr(vc_data.device_ptr),
20529 + compat_ptr(vc_data.target_ptr), vc_data.flags, 0);
20532 +#endif /* CONFIG_COMPAT */
20535 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/dlimit.c linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/dlimit.c
20536 --- linux-2.6.25.11/kernel/vserver/dlimit.c 1969-12-31 19:00:00.000000000 -0500
20537 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/dlimit.c 2008-04-21 12:36:09.000000000 -0400
20540 + * linux/kernel/vserver/dlimit.c
20542 + * Virtual Server: Context Disk Limits
20544 + * Copyright (C) 2004-2007 Herbert Pötzl
20546 + * V0.01 initial version
20547 + * V0.02 compat32 splitup
20551 +#include <linux/statfs.h>
20552 +#include <linux/sched.h>
20553 +#include <linux/vs_tag.h>
20554 +#include <linux/vs_dlimit.h>
20555 +#include <linux/vserver/dlimit_cmd.h>
20557 +#include <asm/uaccess.h>
20559 +/* __alloc_dl_info()
20561 + * allocate an initialized dl_info struct
20562 + * doesn't make it visible (hash) */
20564 +static struct dl_info *__alloc_dl_info(struct super_block *sb, tag_t tag)
20566 + struct dl_info *new = NULL;
20568 + vxdprintk(VXD_CBIT(dlim, 5),
20569 + "alloc_dl_info(%p,%d)*", sb, tag);
20571 + /* would this benefit from a slab cache? */
20572 + new = kmalloc(sizeof(struct dl_info), GFP_KERNEL);
20576 + memset(new, 0, sizeof(struct dl_info));
20577 + new->dl_tag = tag;
20579 + INIT_RCU_HEAD(&new->dl_rcu);
20580 + INIT_HLIST_NODE(&new->dl_hlist);
20581 + spin_lock_init(&new->dl_lock);
20582 + atomic_set(&new->dl_refcnt, 0);
20583 + atomic_set(&new->dl_usecnt, 0);
20585 + /* rest of init goes here */
20587 + vxdprintk(VXD_CBIT(dlim, 4),
20588 + "alloc_dl_info(%p,%d) = %p", sb, tag, new);
20592 +/* __dealloc_dl_info()
20594 + * final disposal of dl_info */
20596 +static void __dealloc_dl_info(struct dl_info *dli)
20598 + vxdprintk(VXD_CBIT(dlim, 4),
20599 + "dealloc_dl_info(%p)", dli);
20601 + dli->dl_hlist.next = LIST_POISON1;
20602 + dli->dl_tag = -1;
20605 + BUG_ON(atomic_read(&dli->dl_usecnt));
20606 + BUG_ON(atomic_read(&dli->dl_refcnt));
20612 +/* hash table for dl_info hash */
20614 +#define DL_HASH_SIZE 13
20616 +struct hlist_head dl_info_hash[DL_HASH_SIZE];
20618 +static spinlock_t dl_info_hash_lock = SPIN_LOCK_UNLOCKED;
20621 +static inline unsigned int __hashval(struct super_block *sb, tag_t tag)
20623 + return ((tag ^ (unsigned long)sb) % DL_HASH_SIZE);
20628 +/* __hash_dl_info()
20630 + * add the dli to the global hash table
20631 + * requires the hash_lock to be held */
20633 +static inline void __hash_dl_info(struct dl_info *dli)
20635 + struct hlist_head *head;
20637 + vxdprintk(VXD_CBIT(dlim, 6),
20638 + "__hash_dl_info: %p[#%d]", dli, dli->dl_tag);
20639 + get_dl_info(dli);
20640 + head = &dl_info_hash[__hashval(dli->dl_sb, dli->dl_tag)];
20641 + hlist_add_head_rcu(&dli->dl_hlist, head);
20644 +/* __unhash_dl_info()
20646 + * remove the dli from the global hash table
20647 + * requires the hash_lock to be held */
20649 +static inline void __unhash_dl_info(struct dl_info *dli)
20651 + vxdprintk(VXD_CBIT(dlim, 6),
20652 + "__unhash_dl_info: %p[#%d]", dli, dli->dl_tag);
20653 + hlist_del_rcu(&dli->dl_hlist);
20654 + put_dl_info(dli);
20658 +/* __lookup_dl_info()
20660 + * requires the rcu_read_lock()
20661 + * doesn't increment the dl_refcnt */
20663 +static inline struct dl_info *__lookup_dl_info(struct super_block *sb, tag_t tag)
20665 + struct hlist_head *head = &dl_info_hash[__hashval(sb, tag)];
20666 + struct hlist_node *pos;
20667 + struct dl_info *dli;
20669 + hlist_for_each_entry_rcu(dli, pos, head, dl_hlist) {
20671 + if (dli->dl_tag == tag && dli->dl_sb == sb) {
20679 +struct dl_info *locate_dl_info(struct super_block *sb, tag_t tag)
20681 + struct dl_info *dli;
20684 + dli = get_dl_info(__lookup_dl_info(sb, tag));
20685 + vxdprintk(VXD_CBIT(dlim, 7),
20686 + "locate_dl_info(%p,#%d) = %p", sb, tag, dli);
20687 + rcu_read_unlock();
20691 +void rcu_free_dl_info(struct rcu_head *head)
20693 + struct dl_info *dli = container_of(head, struct dl_info, dl_rcu);
20694 + int usecnt, refcnt;
20696 + BUG_ON(!dli || !head);
20698 + usecnt = atomic_read(&dli->dl_usecnt);
20699 + BUG_ON(usecnt < 0);
20701 + refcnt = atomic_read(&dli->dl_refcnt);
20702 + BUG_ON(refcnt < 0);
20704 + vxdprintk(VXD_CBIT(dlim, 3),
20705 + "rcu_free_dl_info(%p)", dli);
20707 + __dealloc_dl_info(dli);
20709 + printk("!!! rcu didn't free\n");
20715 +static int do_addrem_dlimit(uint32_t id, const char __user *name,
20716 + uint32_t flags, int add)
20718 + struct nameidata nd;
20721 + ret = user_path_walk_link(name, &nd);
20723 + struct super_block *sb;
20724 + struct dl_info *dli;
20727 + if (!nd.path.dentry->d_inode)
20728 + goto out_release;
20729 + if (!(sb = nd.path.dentry->d_inode->i_sb))
20730 + goto out_release;
20733 + dli = __alloc_dl_info(sb, id);
20734 + spin_lock(&dl_info_hash_lock);
20737 + if (__lookup_dl_info(sb, id))
20739 + __hash_dl_info(dli);
20742 + spin_lock(&dl_info_hash_lock);
20743 + dli = __lookup_dl_info(sb, id);
20748 + __unhash_dl_info(dli);
20752 + spin_unlock(&dl_info_hash_lock);
20754 + __dealloc_dl_info(dli);
20756 + path_put(&nd.path);
20761 +int vc_add_dlimit(uint32_t id, void __user *data)
20763 + struct vcmd_ctx_dlimit_base_v0 vc_data;
20765 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20768 + return do_addrem_dlimit(id, vc_data.name, vc_data.flags, 1);
20771 +int vc_rem_dlimit(uint32_t id, void __user *data)
20773 + struct vcmd_ctx_dlimit_base_v0 vc_data;
20775 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20778 + return do_addrem_dlimit(id, vc_data.name, vc_data.flags, 0);
20781 +#ifdef CONFIG_COMPAT
20783 +int vc_add_dlimit_x32(uint32_t id, void __user *data)
20785 + struct vcmd_ctx_dlimit_base_v0_x32 vc_data;
20787 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20790 + return do_addrem_dlimit(id,
20791 + compat_ptr(vc_data.name_ptr), vc_data.flags, 1);
20794 +int vc_rem_dlimit_x32(uint32_t id, void __user *data)
20796 + struct vcmd_ctx_dlimit_base_v0_x32 vc_data;
20798 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20801 + return do_addrem_dlimit(id,
20802 + compat_ptr(vc_data.name_ptr), vc_data.flags, 0);
20805 +#endif /* CONFIG_COMPAT */
20809 +int do_set_dlimit(uint32_t id, const char __user *name,
20810 + uint32_t space_used, uint32_t space_total,
20811 + uint32_t inodes_used, uint32_t inodes_total,
20812 + uint32_t reserved, uint32_t flags)
20814 + struct nameidata nd;
20817 + ret = user_path_walk_link(name, &nd);
20819 + struct super_block *sb;
20820 + struct dl_info *dli;
20823 + if (!nd.path.dentry->d_inode)
20824 + goto out_release;
20825 + if (!(sb = nd.path.dentry->d_inode->i_sb))
20826 + goto out_release;
20827 + if ((reserved != CDLIM_KEEP &&
20828 + reserved > 100) ||
20829 + (inodes_used != CDLIM_KEEP &&
20830 + inodes_used > inodes_total) ||
20831 + (space_used != CDLIM_KEEP &&
20832 + space_used > space_total))
20833 + goto out_release;
20836 + dli = locate_dl_info(sb, id);
20838 + goto out_release;
20840 + spin_lock(&dli->dl_lock);
20842 + if (inodes_used != CDLIM_KEEP)
20843 + dli->dl_inodes_used = inodes_used;
20844 + if (inodes_total != CDLIM_KEEP)
20845 + dli->dl_inodes_total = inodes_total;
20846 + if (space_used != CDLIM_KEEP) {
20847 + dli->dl_space_used = space_used;
20848 + dli->dl_space_used <<= 10;
20850 + if (space_total == CDLIM_INFINITY)
20851 + dli->dl_space_total = DLIM_INFINITY;
20852 + else if (space_total != CDLIM_KEEP) {
20853 + dli->dl_space_total = space_total;
20854 + dli->dl_space_total <<= 10;
20856 + if (reserved != CDLIM_KEEP)
20857 + dli->dl_nrlmult = (1 << 10) * (100 - reserved) / 100;
20859 + spin_unlock(&dli->dl_lock);
20861 + put_dl_info(dli);
20865 + path_put(&nd.path);
20870 +int vc_set_dlimit(uint32_t id, void __user *data)
20872 + struct vcmd_ctx_dlimit_v0 vc_data;
20874 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20877 + return do_set_dlimit(id, vc_data.name,
20878 + vc_data.space_used, vc_data.space_total,
20879 + vc_data.inodes_used, vc_data.inodes_total,
20880 + vc_data.reserved, vc_data.flags);
20883 +#ifdef CONFIG_COMPAT
20885 +int vc_set_dlimit_x32(uint32_t id, void __user *data)
20887 + struct vcmd_ctx_dlimit_v0_x32 vc_data;
20889 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20892 + return do_set_dlimit(id, compat_ptr(vc_data.name_ptr),
20893 + vc_data.space_used, vc_data.space_total,
20894 + vc_data.inodes_used, vc_data.inodes_total,
20895 + vc_data.reserved, vc_data.flags);
20898 +#endif /* CONFIG_COMPAT */
20902 +int do_get_dlimit(uint32_t id, const char __user *name,
20903 + uint32_t *space_used, uint32_t *space_total,
20904 + uint32_t *inodes_used, uint32_t *inodes_total,
20905 + uint32_t *reserved, uint32_t *flags)
20907 + struct nameidata nd;
20910 + ret = user_path_walk_link(name, &nd);
20912 + struct super_block *sb;
20913 + struct dl_info *dli;
20916 + if (!nd.path.dentry->d_inode)
20917 + goto out_release;
20918 + if (!(sb = nd.path.dentry->d_inode->i_sb))
20919 + goto out_release;
20922 + dli = locate_dl_info(sb, id);
20924 + goto out_release;
20926 + spin_lock(&dli->dl_lock);
20927 + *inodes_used = dli->dl_inodes_used;
20928 + *inodes_total = dli->dl_inodes_total;
20929 + *space_used = dli->dl_space_used >> 10;
20930 + if (dli->dl_space_total == DLIM_INFINITY)
20931 + *space_total = CDLIM_INFINITY;
20933 + *space_total = dli->dl_space_total >> 10;
20935 + *reserved = 100 - ((dli->dl_nrlmult * 100 + 512) >> 10);
20936 + spin_unlock(&dli->dl_lock);
20938 + put_dl_info(dli);
20943 + path_put(&nd.path);
20949 +int vc_get_dlimit(uint32_t id, void __user *data)
20951 + struct vcmd_ctx_dlimit_v0 vc_data;
20954 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20957 + ret = do_get_dlimit(id, vc_data.name,
20958 + &vc_data.space_used, &vc_data.space_total,
20959 + &vc_data.inodes_used, &vc_data.inodes_total,
20960 + &vc_data.reserved, &vc_data.flags);
20964 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
20969 +#ifdef CONFIG_COMPAT
20971 +int vc_get_dlimit_x32(uint32_t id, void __user *data)
20973 + struct vcmd_ctx_dlimit_v0_x32 vc_data;
20976 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
20979 + ret = do_get_dlimit(id, compat_ptr(vc_data.name_ptr),
20980 + &vc_data.space_used, &vc_data.space_total,
20981 + &vc_data.inodes_used, &vc_data.inodes_total,
20982 + &vc_data.reserved, &vc_data.flags);
20986 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
20991 +#endif /* CONFIG_COMPAT */
20994 +void vx_vsi_statfs(struct super_block *sb, struct kstatfs *buf)
20996 + struct dl_info *dli;
20997 + __u64 blimit, bfree, bavail;
21000 + dli = locate_dl_info(sb, dx_current_tag());
21004 + spin_lock(&dli->dl_lock);
21005 + if (dli->dl_inodes_total == (unsigned long)DLIM_INFINITY)
21008 + /* reduce max inodes available to limit */
21009 + if (buf->f_files > dli->dl_inodes_total)
21010 + buf->f_files = dli->dl_inodes_total;
21012 + ifree = dli->dl_inodes_total - dli->dl_inodes_used;
21013 + /* reduce free inodes to min */
21014 + if (ifree < buf->f_ffree)
21015 + buf->f_ffree = ifree;
21018 + if (dli->dl_space_total == DLIM_INFINITY)
21021 + blimit = dli->dl_space_total >> sb->s_blocksize_bits;
21023 + if (dli->dl_space_total < dli->dl_space_used)
21026 + bfree = (dli->dl_space_total - dli->dl_space_used)
21027 + >> sb->s_blocksize_bits;
21029 + bavail = ((dli->dl_space_total >> 10) * dli->dl_nrlmult);
21030 + if (bavail < dli->dl_space_used)
21033 + bavail = (bavail - dli->dl_space_used)
21034 + >> sb->s_blocksize_bits;
21036 + /* reduce max space available to limit */
21037 + if (buf->f_blocks > blimit)
21038 + buf->f_blocks = blimit;
21040 + /* reduce free space to min */
21041 + if (bfree < buf->f_bfree)
21042 + buf->f_bfree = bfree;
21044 + /* reduce avail space to min */
21045 + if (bavail < buf->f_bavail)
21046 + buf->f_bavail = bavail;
21049 + spin_unlock(&dli->dl_lock);
21050 + put_dl_info(dli);
21055 +#include <linux/module.h>
21057 +EXPORT_SYMBOL_GPL(locate_dl_info);
21058 +EXPORT_SYMBOL_GPL(rcu_free_dl_info);
21060 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/helper.c linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/helper.c
21061 --- linux-2.6.25.11/kernel/vserver/helper.c 1969-12-31 19:00:00.000000000 -0500
21062 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/helper.c 2008-04-19 15:14:52.000000000 -0400
21065 + * linux/kernel/vserver/helper.c
21067 + * Virtual Context Support
21069 + * Copyright (C) 2004-2007 Herbert Pötzl
21071 + * V0.01 basic helper
21075 +#include <linux/kmod.h>
21076 +#include <linux/reboot.h>
21077 +#include <linux/vs_context.h>
21078 +#include <linux/vs_network.h>
21079 +#include <linux/vserver/signal.h>
21082 +char vshelper_path[255] = "/sbin/vshelper";
21085 +static int do_vshelper(char *name, char *argv[], char *envp[], int sync)
21089 + if ((ret = call_usermodehelper(name, argv, envp, sync))) {
21090 + printk( KERN_WARNING
21091 + "%s: (%s %s) returned %s with %d\n",
21092 + name, argv[1], argv[2],
21093 + sync ? "sync" : "async", ret);
21095 + vxdprintk(VXD_CBIT(switch, 4),
21096 + "%s: (%s %s) returned %s with %d",
21097 + name, argv[1], argv[2], sync ? "sync" : "async", ret);
21102 + * vshelper path is set via /proc/sys
21103 + * invoked by vserver sys_reboot(), with
21104 + * the following arguments
21106 + * argv [0] = vshelper_path;
21107 + * argv [1] = action: "restart", "halt", "poweroff", ...
21108 + * argv [2] = context identifier
21110 + * envp [*] = type-specific parameters
21113 +long vs_reboot_helper(struct vx_info *vxi, int cmd, void __user *arg)
21115 + char id_buf[8], cmd_buf[16];
21116 + char uid_buf[16], pid_buf[16];
21119 + char *argv[] = {vshelper_path, NULL, id_buf, 0};
21120 + char *envp[] = {"HOME=/", "TERM=linux",
21121 + "PATH=/sbin:/usr/sbin:/bin:/usr/bin",
21122 + uid_buf, pid_buf, cmd_buf, 0};
21124 + if (vx_info_state(vxi, VXS_HELPER))
21126 + vxi->vx_state |= VXS_HELPER;
21128 + snprintf(id_buf, sizeof(id_buf)-1, "%d", vxi->vx_id);
21130 + snprintf(cmd_buf, sizeof(cmd_buf)-1, "VS_CMD=%08x", cmd);
21131 + snprintf(uid_buf, sizeof(uid_buf)-1, "VS_UID=%d", current->uid);
21132 + snprintf(pid_buf, sizeof(pid_buf)-1, "VS_PID=%d", current->pid);
21135 + case LINUX_REBOOT_CMD_RESTART:
21136 + argv[1] = "restart";
21139 + case LINUX_REBOOT_CMD_HALT:
21140 + argv[1] = "halt";
21143 + case LINUX_REBOOT_CMD_POWER_OFF:
21144 + argv[1] = "poweroff";
21147 + case LINUX_REBOOT_CMD_SW_SUSPEND:
21148 + argv[1] = "swsusp";
21152 + vxi->vx_state &= ~VXS_HELPER;
21156 + ret = do_vshelper(vshelper_path, argv, envp, 0);
21157 + vxi->vx_state &= ~VXS_HELPER;
21158 + __wakeup_vx_info(vxi);
21159 + return (ret) ? -EPERM : 0;
21163 +long vs_reboot(unsigned int cmd, void __user *arg)
21165 + struct vx_info *vxi = current->vx_info;
21168 + vxdprintk(VXD_CBIT(misc, 5),
21169 + "vs_reboot(%p[#%d],%d)",
21170 + vxi, vxi ? vxi->vx_id : 0, cmd);
21172 + ret = vs_reboot_helper(vxi, cmd, arg);
21176 + vxi->reboot_cmd = cmd;
21177 + if (vx_info_flags(vxi, VXF_REBOOT_KILL, 0)) {
21179 + case LINUX_REBOOT_CMD_RESTART:
21180 + case LINUX_REBOOT_CMD_HALT:
21181 + case LINUX_REBOOT_CMD_POWER_OFF:
21182 + vx_info_kill(vxi, 0, SIGKILL);
21183 + vx_info_kill(vxi, 1, SIGKILL);
21193 + * argv [0] = vshelper_path;
21194 + * argv [1] = action: "startup", "shutdown"
21195 + * argv [2] = context identifier
21197 + * envp [*] = type-specific parameters
21200 +long vs_state_change(struct vx_info *vxi, unsigned int cmd)
21202 + char id_buf[8], cmd_buf[16];
21203 + char *argv[] = {vshelper_path, NULL, id_buf, 0};
21204 + char *envp[] = {"HOME=/", "TERM=linux",
21205 + "PATH=/sbin:/usr/sbin:/bin:/usr/bin", cmd_buf, 0};
21207 + if (!vx_info_flags(vxi, VXF_SC_HELPER, 0))
21210 + snprintf(id_buf, sizeof(id_buf)-1, "%d", vxi->vx_id);
21211 + snprintf(cmd_buf, sizeof(cmd_buf)-1, "VS_CMD=%08x", cmd);
21214 + case VSC_STARTUP:
21215 + argv[1] = "startup";
21217 + case VSC_SHUTDOWN:
21218 + argv[1] = "shutdown";
21224 + return do_vshelper(vshelper_path, argv, envp, 1);
21229 + * argv [0] = vshelper_path;
21230 + * argv [1] = action: "netup", "netdown"
21231 + * argv [2] = context identifier
21233 + * envp [*] = type-specific parameters
21236 +long vs_net_change(struct nx_info *nxi, unsigned int cmd)
21238 + char id_buf[8], cmd_buf[16];
21239 + char *argv[] = {vshelper_path, NULL, id_buf, 0};
21240 + char *envp[] = {"HOME=/", "TERM=linux",
21241 + "PATH=/sbin:/usr/sbin:/bin:/usr/bin", cmd_buf, 0};
21243 + if (!nx_info_flags(nxi, NXF_SC_HELPER, 0))
21246 + snprintf(id_buf, sizeof(id_buf)-1, "%d", nxi->nx_id);
21247 + snprintf(cmd_buf, sizeof(cmd_buf)-1, "VS_CMD=%08x", cmd);
21251 + argv[1] = "netup";
21253 + case VSC_NETDOWN:
21254 + argv[1] = "netdown";
21260 + return do_vshelper(vshelper_path, argv, envp, 1);
21263 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/history.c linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/history.c
21264 --- linux-2.6.25.11/kernel/vserver/history.c 1969-12-31 19:00:00.000000000 -0500
21265 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/history.c 2008-04-19 15:14:52.000000000 -0400
21268 + * kernel/vserver/history.c
21270 + * Virtual Context History Backtrace
21272 + * Copyright (C) 2004-2007 Herbert Pötzl
21274 + * V0.01 basic structure
21275 + * V0.02 hash/unhash and trace
21276 + * V0.03 preemption fixes
21280 +#include <linux/module.h>
21281 +#include <asm/uaccess.h>
21283 +#include <linux/vserver/context.h>
21284 +#include <linux/vserver/debug.h>
21285 +#include <linux/vserver/debug_cmd.h>
21286 +#include <linux/vserver/history.h>
21289 +#ifdef CONFIG_VSERVER_HISTORY
21290 +#define VXH_SIZE CONFIG_VSERVER_HISTORY_SIZE
21292 +#define VXH_SIZE 64
21295 +struct _vx_history {
21296 + unsigned int counter;
21298 + struct _vx_hist_entry entry[VXH_SIZE + 1];
21302 +DEFINE_PER_CPU(struct _vx_history, vx_history_buffer);
21304 +unsigned volatile int vxh_active = 1;
21306 +static atomic_t sequence = ATOMIC_INIT(0);
21311 + * requires disabled preemption */
21313 +struct _vx_hist_entry *vxh_advance(void *loc)
21315 + unsigned int cpu = smp_processor_id();
21316 + struct _vx_history *hist = &per_cpu(vx_history_buffer, cpu);
21317 + struct _vx_hist_entry *entry;
21318 + unsigned int index;
21320 + index = vxh_active ? (hist->counter++ % VXH_SIZE) : VXH_SIZE;
21321 + entry = &hist->entry[index];
21323 + entry->seq = atomic_inc_return(&sequence);
21324 + entry->loc = loc;
21328 +EXPORT_SYMBOL_GPL(vxh_advance);
21331 +#define VXH_LOC_FMTS "(#%04x,*%d):%p"
21333 +#define VXH_LOC_ARGS(e) (e)->seq, cpu, (e)->loc
21336 +#define VXH_VXI_FMTS "%p[#%d,%d.%d]"
21338 +#define VXH_VXI_ARGS(e) (e)->vxi.ptr, \
21339 + (e)->vxi.ptr ? (e)->vxi.xid : 0, \
21340 + (e)->vxi.ptr ? (e)->vxi.usecnt : 0, \
21341 + (e)->vxi.ptr ? (e)->vxi.tasks : 0
21343 +void vxh_dump_entry(struct _vx_hist_entry *e, unsigned cpu)
21345 + switch (e->type) {
21346 + case VXH_THROW_OOPS:
21347 + printk( VXH_LOC_FMTS " oops \n", VXH_LOC_ARGS(e));
21350 + case VXH_GET_VX_INFO:
21351 + case VXH_PUT_VX_INFO:
21352 + printk( VXH_LOC_FMTS " %s_vx_info " VXH_VXI_FMTS "\n",
21354 + (e->type == VXH_GET_VX_INFO) ? "get" : "put",
21355 + VXH_VXI_ARGS(e));
21358 + case VXH_INIT_VX_INFO:
21359 + case VXH_SET_VX_INFO:
21360 + case VXH_CLR_VX_INFO:
21361 + printk( VXH_LOC_FMTS " %s_vx_info " VXH_VXI_FMTS " @%p\n",
21363 + (e->type == VXH_INIT_VX_INFO) ? "init" :
21364 + ((e->type == VXH_SET_VX_INFO) ? "set" : "clr"),
21365 + VXH_VXI_ARGS(e), e->sc.data);
21368 + case VXH_CLAIM_VX_INFO:
21369 + case VXH_RELEASE_VX_INFO:
21370 + printk( VXH_LOC_FMTS " %s_vx_info " VXH_VXI_FMTS " @%p\n",
21372 + (e->type == VXH_CLAIM_VX_INFO) ? "claim" : "release",
21373 + VXH_VXI_ARGS(e), e->sc.data);
21376 + case VXH_ALLOC_VX_INFO:
21377 + case VXH_DEALLOC_VX_INFO:
21378 + printk( VXH_LOC_FMTS " %s_vx_info " VXH_VXI_FMTS "\n",
21380 + (e->type == VXH_ALLOC_VX_INFO) ? "alloc" : "dealloc",
21381 + VXH_VXI_ARGS(e));
21384 + case VXH_HASH_VX_INFO:
21385 + case VXH_UNHASH_VX_INFO:
21386 + printk( VXH_LOC_FMTS " __%s_vx_info " VXH_VXI_FMTS "\n",
21388 + (e->type == VXH_HASH_VX_INFO) ? "hash" : "unhash",
21389 + VXH_VXI_ARGS(e));
21392 + case VXH_LOC_VX_INFO:
21393 + case VXH_LOOKUP_VX_INFO:
21394 + case VXH_CREATE_VX_INFO:
21395 + printk( VXH_LOC_FMTS " __%s_vx_info [#%d] -> " VXH_VXI_FMTS "\n",
21397 + (e->type == VXH_CREATE_VX_INFO) ? "create" :
21398 + ((e->type == VXH_LOC_VX_INFO) ? "loc" : "lookup"),
21399 + e->ll.arg, VXH_VXI_ARGS(e));
21404 +static void __vxh_dump_history(void)
21406 + unsigned int i, cpu;
21408 + printk("History:\tSEQ: %8x\tNR_CPUS: %d\n",
21409 + atomic_read(&sequence), NR_CPUS);
21411 + for (i = 0; i < VXH_SIZE; i++) {
21412 + for_each_online_cpu(cpu) {
21413 + struct _vx_history *hist =
21414 + &per_cpu(vx_history_buffer, cpu);
21415 + unsigned int index = (hist->counter - i) % VXH_SIZE;
21416 + struct _vx_hist_entry *entry = &hist->entry[index];
21418 + vxh_dump_entry(entry, cpu);
21423 +void vxh_dump_history(void)
21427 + local_irq_enable();
21429 + local_irq_disable();
21431 + __vxh_dump_history();
21435 +/* vserver syscall commands below here */
21438 +int vc_dump_history(uint32_t id)
21441 + __vxh_dump_history();
21448 +int do_read_history(struct __user _vx_hist_entry *data,
21449 + int cpu, uint32_t *index, uint32_t *count)
21451 + int pos, ret = 0;
21452 + struct _vx_history *hist = &per_cpu(vx_history_buffer, cpu);
21453 + int end = hist->counter;
21454 + int start = end - VXH_SIZE + 2;
21455 + int idx = *index;
21457 + /* special case: get current pos */
21463 + /* have we lost some data? */
21467 + for (pos = 0; (pos < *count) && (idx < end); pos++, idx++) {
21468 + struct _vx_hist_entry *entry =
21469 + &hist->entry[idx % VXH_SIZE];
21471 + /* send entry to userspace */
21472 + ret = copy_to_user(&data[pos], entry, sizeof(*entry));
21476 + /* save new index and count */
21479 + return ret ? ret : (*index < end);
21482 +int vc_read_history(uint32_t id, void __user *data)
21484 + struct vcmd_read_history_v0 vc_data;
21487 + if (id >= NR_CPUS)
21490 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
21493 + ret = do_read_history((struct __user _vx_hist_entry *)vc_data.data,
21494 + id, &vc_data.index, &vc_data.count);
21496 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
21501 +#ifdef CONFIG_COMPAT
21503 +int vc_read_history_x32(uint32_t id, void __user *data)
21505 + struct vcmd_read_history_v0_x32 vc_data;
21508 + if (id >= NR_CPUS)
21511 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
21514 + ret = do_read_history((struct __user _vx_hist_entry *)
21515 + compat_ptr(vc_data.data_ptr),
21516 + id, &vc_data.index, &vc_data.count);
21518 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
21523 +#endif /* CONFIG_COMPAT */
21525 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/inet.c linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/inet.c
21526 --- linux-2.6.25.11/kernel/vserver/inet.c 1969-12-31 19:00:00.000000000 -0500
21527 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/inet.c 2008-05-29 18:56:59.000000000 -0400
21530 +#include <linux/in.h>
21531 +#include <linux/inetdevice.h>
21532 +#include <linux/vs_inet.h>
21533 +#include <linux/vs_inet6.h>
21534 +#include <linux/vserver/debug.h>
21535 +#include <net/route.h>
21536 +#include <net/addrconf.h>
21539 +int nx_v4_addr_conflict(struct nx_info *nxi1, struct nx_info *nxi2)
21543 + if (!nxi1 || !nxi2 || nxi1 == nxi2)
21546 + struct nx_addr_v4 *ptr;
21548 + for (ptr = &nxi1->v4; ptr; ptr = ptr->next) {
21549 + if (v4_nx_addr_in_nx_info(nxi2, ptr, -1)) {
21556 + vxdprintk(VXD_CBIT(net, 2),
21557 + "nx_v4_addr_conflict(%p,%p): %d",
21558 + nxi1, nxi2, ret);
21564 +#ifdef CONFIG_IPV6
21566 +int nx_v6_addr_conflict(struct nx_info *nxi1, struct nx_info *nxi2)
21570 + if (!nxi1 || !nxi2 || nxi1 == nxi2)
21573 + struct nx_addr_v6 *ptr;
21575 + for (ptr = &nxi1->v6; ptr; ptr = ptr->next) {
21576 + if (v6_nx_addr_in_nx_info(nxi2, ptr, -1)) {
21583 + vxdprintk(VXD_CBIT(net, 2),
21584 + "nx_v6_addr_conflict(%p,%p): %d",
21585 + nxi1, nxi2, ret);
21592 +int v4_dev_in_nx_info(struct net_device *dev, struct nx_info *nxi)
21594 + struct in_device *in_dev;
21595 + struct in_ifaddr **ifap;
21596 + struct in_ifaddr *ifa;
21601 + in_dev = in_dev_get(dev);
21605 + for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
21606 + ifap = &ifa->ifa_next) {
21607 + if (v4_addr_in_nx_info(nxi, ifa->ifa_local, NXA_MASK_SHOW)) {
21612 + in_dev_put(in_dev);
21618 +#ifdef CONFIG_IPV6
21620 +int v6_dev_in_nx_info(struct net_device *dev, struct nx_info *nxi)
21622 + struct inet6_dev *in_dev;
21623 + struct inet6_ifaddr **ifap;
21624 + struct inet6_ifaddr *ifa;
21629 + in_dev = in6_dev_get(dev);
21633 + for (ifap = &in_dev->addr_list; (ifa = *ifap) != NULL;
21634 + ifap = &ifa->if_next) {
21635 + if (v6_addr_in_nx_info(nxi, &ifa->addr, -1)) {
21640 + in6_dev_put(in_dev);
21647 +int dev_in_nx_info(struct net_device *dev, struct nx_info *nxi)
21653 + if (nxi->v4.type && v4_dev_in_nx_info(dev, nxi))
21655 +#ifdef CONFIG_IPV6
21657 + if (nxi->v6.type && v6_dev_in_nx_info(dev, nxi))
21662 + vxdprintk(VXD_CBIT(net, 3),
21663 + "dev_in_nx_info(%p,%p[#%d]) = %d",
21664 + dev, nxi, nxi ? nxi->nx_id : 0, ret);
21668 +int ip_v4_find_src(struct net *net, struct nx_info *nxi,
21669 + struct rtable **rp, struct flowi *fl)
21674 + /* FIXME: handle lback only case */
21675 + if (!NX_IPV4(nxi))
21678 + vxdprintk(VXD_CBIT(net, 4),
21679 + "ip_v4_find_src(%p[#%u]) " NIPQUAD_FMT " -> " NIPQUAD_FMT,
21680 + nxi, nxi ? nxi->nx_id : 0,
21681 + NIPQUAD(fl->fl4_src), NIPQUAD(fl->fl4_dst));
21683 + /* single IP is unconditional */
21684 + if (nx_info_flags(nxi, NXF_SINGLE_IP, 0) &&
21685 + (fl->fl4_src == INADDR_ANY))
21686 + fl->fl4_src = nxi->v4.ip[0].s_addr;
21688 + if (fl->fl4_src == INADDR_ANY) {
21689 + struct nx_addr_v4 *ptr;
21690 + __be32 found = 0;
21693 + err = __ip_route_output_key(net, rp, fl);
21695 + found = (*rp)->rt_src;
21697 + vxdprintk(VXD_CBIT(net, 4),
21698 + "ip_v4_find_src(%p[#%u]) rok[%u]: " NIPQUAD_FMT,
21699 + nxi, nxi ? nxi->nx_id : 0, fl->oif, NIPQUAD(found));
21700 + if (v4_addr_in_nx_info(nxi, found, NXA_MASK_BIND))
21704 + for (ptr = &nxi->v4; ptr; ptr = ptr->next) {
21705 + __be32 primary = ptr->ip[0].s_addr;
21706 + __be32 mask = ptr->mask.s_addr;
21707 + __be32 neta = primary & mask;
21709 + vxdprintk(VXD_CBIT(net, 4), "ip_v4_find_src(%p[#%u]) chk: "
21710 + NIPQUAD_FMT "/" NIPQUAD_FMT "/" NIPQUAD_FMT,
21711 + nxi, nxi ? nxi->nx_id : 0, NIPQUAD(primary),
21712 + NIPQUAD(mask), NIPQUAD(neta));
21713 + if ((found & mask) != neta)
21716 + fl->fl4_src = primary;
21717 + err = __ip_route_output_key(net, rp, fl);
21718 + vxdprintk(VXD_CBIT(net, 4),
21719 + "ip_v4_find_src(%p[#%u]) rok[%u]: " NIPQUAD_FMT,
21720 + nxi, nxi ? nxi->nx_id : 0, fl->oif, NIPQUAD(primary));
21722 + found = (*rp)->rt_src;
21724 + if (found == primary)
21728 + /* still no source ip? */
21729 + found = ipv4_is_loopback(fl->fl4_dst)
21730 + ? IPI_LOOPBACK : nxi->v4.ip[0].s_addr;
21732 + /* assign src ip to flow */
21733 + fl->fl4_src = found;
21736 + if (!v4_addr_in_nx_info(nxi, fl->fl4_src, NXA_MASK_BIND))
21740 + if (nx_info_flags(nxi, NXF_LBACK_REMAP, 0)) {
21741 + if (ipv4_is_loopback(fl->fl4_dst))
21742 + fl->fl4_dst = nxi->v4_lback.s_addr;
21743 + if (ipv4_is_loopback(fl->fl4_src))
21744 + fl->fl4_src = nxi->v4_lback.s_addr;
21745 + } else if (ipv4_is_loopback(fl->fl4_dst) &&
21746 + !nx_info_flags(nxi, NXF_LBACK_ALLOW, 0))
21752 +EXPORT_SYMBOL_GPL(ip_v4_find_src);
21754 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/init.c linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/init.c
21755 --- linux-2.6.25.11/kernel/vserver/init.c 1969-12-31 19:00:00.000000000 -0500
21756 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/init.c 2008-04-19 15:14:52.000000000 -0400
21759 + * linux/kernel/init.c
21761 + * Virtual Server Init
21763 + * Copyright (C) 2004-2007 Herbert Pötzl
21765 + * V0.01 basic structure
21769 +#include <linux/init.h>
21771 +int vserver_register_sysctl(void);
21772 +void vserver_unregister_sysctl(void);
21775 +static int __init init_vserver(void)
21779 +#ifdef CONFIG_VSERVER_DEBUG
21780 + vserver_register_sysctl();
21786 +static void __exit exit_vserver(void)
21789 +#ifdef CONFIG_VSERVER_DEBUG
21790 + vserver_unregister_sysctl();
21795 +/* FIXME: GFP_ZONETYPES gone
21796 +long vx_slab[GFP_ZONETYPES]; */
21800 +module_init(init_vserver);
21801 +module_exit(exit_vserver);
21803 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/inode.c linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/inode.c
21804 --- linux-2.6.25.11/kernel/vserver/inode.c 1969-12-31 19:00:00.000000000 -0500
21805 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/inode.c 2008-07-08 13:41:38.000000000 -0400
21808 + * linux/kernel/vserver/inode.c
21810 + * Virtual Server: File System Support
21812 + * Copyright (C) 2004-2007 Herbert Pötzl
21814 + * V0.01 separated from vcontext V0.05
21815 + * V0.02 moved to tag (instead of xid)
21819 +#include <linux/tty.h>
21820 +#include <linux/proc_fs.h>
21821 +#include <linux/devpts_fs.h>
21822 +#include <linux/fs.h>
21823 +#include <linux/file.h>
21824 +#include <linux/mount.h>
21825 +#include <linux/parser.h>
21826 +#include <linux/vserver/inode.h>
21827 +#include <linux/vserver/inode_cmd.h>
21828 +#include <linux/vs_base.h>
21829 +#include <linux/vs_tag.h>
21831 +#include <asm/uaccess.h>
21834 +static int __vc_get_iattr(struct inode *in, uint32_t *tag, uint32_t *flags, uint32_t *mask)
21836 + struct proc_dir_entry *entry;
21838 + if (!in || !in->i_sb)
21841 + *flags = IATTR_TAG
21842 + | (IS_BARRIER(in) ? IATTR_BARRIER : 0)
21843 + | (IS_IXUNLINK(in) ? IATTR_IXUNLINK : 0)
21844 + | (IS_IMMUTABLE(in) ? IATTR_IMMUTABLE : 0);
21845 + *mask = IATTR_IXUNLINK | IATTR_IMMUTABLE;
21847 + if (S_ISDIR(in->i_mode))
21848 + *mask |= IATTR_BARRIER;
21850 + if (IS_TAGGED(in)) {
21851 + *tag = in->i_tag;
21852 + *mask |= IATTR_TAG;
21855 + switch (in->i_sb->s_magic) {
21856 + case PROC_SUPER_MAGIC:
21857 + entry = PROC_I(in)->pde;
21859 + /* check for specific inodes? */
21861 + *mask |= IATTR_FLAGS;
21863 + *flags |= (entry->vx_flags & IATTR_FLAGS);
21865 + *flags |= (PROC_I(in)->vx_flags & IATTR_FLAGS);
21868 + case DEVPTS_SUPER_MAGIC:
21869 + *tag = in->i_tag;
21870 + *mask |= IATTR_TAG;
21879 +int vc_get_iattr(void __user *data)
21881 + struct nameidata nd;
21882 + struct vcmd_ctx_iattr_v1 vc_data = { .tag = -1 };
21885 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
21888 + ret = user_path_walk_link(vc_data.name, &nd);
21890 + ret = __vc_get_iattr(nd.path.dentry->d_inode,
21891 + &vc_data.tag, &vc_data.flags, &vc_data.mask);
21892 + path_put(&nd.path);
21897 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
21902 +#ifdef CONFIG_COMPAT
21904 +int vc_get_iattr_x32(void __user *data)
21906 + struct nameidata nd;
21907 + struct vcmd_ctx_iattr_v1_x32 vc_data = { .tag = -1 };
21910 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
21913 + ret = user_path_walk_link(compat_ptr(vc_data.name_ptr), &nd);
21915 + ret = __vc_get_iattr(nd.path.dentry->d_inode,
21916 + &vc_data.tag, &vc_data.flags, &vc_data.mask);
21917 + path_put(&nd.path);
21922 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
21927 +#endif /* CONFIG_COMPAT */
21930 +int vc_fget_iattr(uint32_t fd, void __user *data)
21932 + struct file *filp;
21933 + struct vcmd_ctx_fiattr_v0 vc_data = { .tag = -1 };
21936 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
21940 + if (!filp || !filp->f_dentry || !filp->f_dentry->d_inode)
21943 + ret = __vc_get_iattr(filp->f_dentry->d_inode,
21944 + &vc_data.tag, &vc_data.flags, &vc_data.mask);
21948 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
21954 +static int __vc_set_iattr(struct dentry *de, uint32_t *tag, uint32_t *flags, uint32_t *mask)
21956 + struct inode *in = de->d_inode;
21957 + int error = 0, is_proc = 0, has_tag = 0;
21958 + struct iattr attr = { 0 };
21960 + if (!in || !in->i_sb)
21963 + is_proc = (in->i_sb->s_magic == PROC_SUPER_MAGIC);
21964 + if ((*mask & IATTR_FLAGS) && !is_proc)
21967 + has_tag = IS_TAGGED(in) ||
21968 + (in->i_sb->s_magic == DEVPTS_SUPER_MAGIC);
21969 + if ((*mask & IATTR_TAG) && !has_tag)
21972 + mutex_lock(&in->i_mutex);
21973 + if (*mask & IATTR_TAG) {
21974 + attr.ia_tag = *tag;
21975 + attr.ia_valid |= ATTR_TAG;
21978 + if (*mask & IATTR_FLAGS) {
21979 + struct proc_dir_entry *entry = PROC_I(in)->pde;
21980 + unsigned int iflags = PROC_I(in)->vx_flags;
21982 + iflags = (iflags & ~(*mask & IATTR_FLAGS))
21983 + | (*flags & IATTR_FLAGS);
21984 + PROC_I(in)->vx_flags = iflags;
21986 + entry->vx_flags = iflags;
21989 + if (*mask & (IATTR_BARRIER | IATTR_IXUNLINK | IATTR_IMMUTABLE)) {
21990 + if (*mask & IATTR_IMMUTABLE) {
21991 + if (*flags & IATTR_IMMUTABLE)
21992 + in->i_flags |= S_IMMUTABLE;
21994 + in->i_flags &= ~S_IMMUTABLE;
21996 + if (*mask & IATTR_IXUNLINK) {
21997 + if (*flags & IATTR_IXUNLINK)
21998 + in->i_flags |= S_IXUNLINK;
22000 + in->i_flags &= ~S_IXUNLINK;
22002 + if (S_ISDIR(in->i_mode) && (*mask & IATTR_BARRIER)) {
22003 + if (*flags & IATTR_BARRIER)
22004 + in->i_vflags |= V_BARRIER;
22006 + in->i_vflags &= ~V_BARRIER;
22008 + if (in->i_op && in->i_op->sync_flags) {
22009 + error = in->i_op->sync_flags(in);
22015 + if (attr.ia_valid) {
22016 + if (in->i_op && in->i_op->setattr)
22017 + error = in->i_op->setattr(de, &attr);
22019 + error = inode_change_ok(in, &attr);
22021 + error = inode_setattr(in, &attr);
22026 + mutex_unlock(&in->i_mutex);
22030 +int vc_set_iattr(void __user *data)
22032 + struct nameidata nd;
22033 + struct vcmd_ctx_iattr_v1 vc_data;
22036 + if (!capable(CAP_LINUX_IMMUTABLE))
22038 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
22041 + ret = user_path_walk_link(vc_data.name, &nd);
22043 + ret = __vc_set_iattr(nd.path.dentry,
22044 + &vc_data.tag, &vc_data.flags, &vc_data.mask);
22045 + path_put(&nd.path);
22048 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
22053 +#ifdef CONFIG_COMPAT
22055 +int vc_set_iattr_x32(void __user *data)
22057 + struct nameidata nd;
22058 + struct vcmd_ctx_iattr_v1_x32 vc_data;
22061 + if (!capable(CAP_LINUX_IMMUTABLE))
22063 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
22066 + ret = user_path_walk_link(compat_ptr(vc_data.name_ptr), &nd);
22068 + ret = __vc_set_iattr(nd.path.dentry,
22069 + &vc_data.tag, &vc_data.flags, &vc_data.mask);
22070 + path_put(&nd.path);
22073 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
22078 +#endif /* CONFIG_COMPAT */
22080 +int vc_fset_iattr(uint32_t fd, void __user *data)
22082 + struct file *filp;
22083 + struct vcmd_ctx_fiattr_v0 vc_data;
22086 + if (!capable(CAP_LINUX_IMMUTABLE))
22088 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
22092 + if (!filp || !filp->f_dentry || !filp->f_dentry->d_inode)
22095 + ret = __vc_set_iattr(filp->f_dentry, &vc_data.tag,
22096 + &vc_data.flags, &vc_data.mask);
22100 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
22106 +enum { Opt_notagcheck, Opt_tag, Opt_notag, Opt_tagid, Opt_err };
22108 +static match_table_t tokens = {
22109 + {Opt_notagcheck, "notagcheck"},
22110 +#ifdef CONFIG_PROPAGATE
22111 + {Opt_notag, "notag"},
22112 + {Opt_tag, "tag"},
22113 + {Opt_tagid, "tagid=%u"},
22119 +static void __dx_parse_remove(char *string, char *opt)
22121 + char *p = strstr(string, opt);
22125 + while (*q != '\0' && *q != ',')
22135 +int __dx_parse_tag(char *string, tag_t *tag, int remove)
22137 + substring_t args[MAX_OPT_ARGS];
22138 + int token, option = 0;
22143 + token = match_token(string, tokens, args);
22145 + vxdprintk(VXD_CBIT(tag, 7),
22146 + "dx_parse_tag(»%s«): %d:#%d",
22147 + string, token, option);
22154 + __dx_parse_remove(string, "tag");
22155 + return MNT_TAGID;
22158 + __dx_parse_remove(string, "notag");
22159 + return MNT_NOTAG;
22160 + case Opt_notagcheck:
22162 + __dx_parse_remove(string, "notagcheck");
22163 + return MNT_NOTAGCHECK;
22165 + if (tag && !match_int(args, &option))
22168 + __dx_parse_remove(string, "tagid");
22169 + return MNT_TAGID;
22174 +int dx_parse_tag(char *string, tag_t *tag, int remove)
22176 + int retval, flags = 0;
22178 + while ((retval = __dx_parse_tag(string, tag, remove)))
22183 +#ifdef CONFIG_PROPAGATE
22185 +void __dx_propagate_tag(struct nameidata *nd, struct inode *inode)
22187 + tag_t new_tag = 0;
22188 + struct vfsmount *mnt;
22193 + mnt = nd->path.mnt;
22197 + propagate = (mnt->mnt_flags & MNT_TAGID);
22199 + new_tag = mnt->mnt_tag;
22201 + vxdprintk(VXD_CBIT(tag, 7),
22202 + "dx_propagate_tag(%p[#%lu.%d]): %d,%d",
22203 + inode, inode->i_ino, inode->i_tag,
22204 + new_tag, (propagate) ? 1 : 0);
22207 + inode->i_tag = new_tag;
22210 +#include <linux/module.h>
22212 +EXPORT_SYMBOL_GPL(__dx_propagate_tag);
22214 +#endif /* CONFIG_PROPAGATE */
22216 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/Kconfig linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/Kconfig
22217 --- linux-2.6.25.11/kernel/vserver/Kconfig 1969-12-31 19:00:00.000000000 -0500
22218 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/Kconfig 2008-07-15 22:46:23.000000000 -0400
22221 +# Linux VServer configuration
22224 +menu "Linux VServer"
22226 +config VSERVER_AUTO_LBACK
22227 + bool "Automatically Assign Loopback IP"
22230 + Automatically assign a guest specific loopback
22231 + IP and add it to the kernel network stack on
22234 +config VSERVER_AUTO_SINGLE
22235 + bool "Automatic Single IP Special Casing"
22236 + depends on EXPERIMENTAL
22239 + This allows network contexts with a single IP to
22240 + automatically remap 0.0.0.0 bindings to that IP,
22241 + avoiding further network checks and improving
22244 + (note: such guests do not allow to change the ip
22245 + on the fly and do not show loopback addresses)
22247 +config VSERVER_COWBL
22248 + bool "Enable COW Immutable Link Breaking"
22251 + This enables the COW (Copy-On-Write) link break code.
22252 + It allows you to treat unified files like normal files
22253 + when writing to them (which will implicitely break the
22254 + link and create a copy of the unified file)
22256 +config VSERVER_VTIME
22257 + bool "Enable Virtualized Guest Time"
22258 + depends on EXPERIMENTAL
22261 + This enables per guest time offsets to allow for
22262 + adjusting the system clock individually per guest.
22263 + this adds some overhead to the time functions and
22264 + therefore should not be enabled without good reason.
22266 +config VSERVER_DEVICE
22267 + bool "Enable Guest Device Mapping"
22268 + depends on EXPERIMENTAL
22271 + This enables generic device remapping.
22273 +config VSERVER_PROC_SECURE
22274 + bool "Enable Proc Security"
22275 + depends on PROC_FS
22278 + This configures ProcFS security to initially hide
22279 + non-process entries for all contexts except the main and
22280 + spectator context (i.e. for all guests), which is a secure
22283 + (note: on 1.2x the entries were visible by default)
22285 +config VSERVER_HARDCPU
22286 + bool "Enable Hard CPU Limits"
22289 + Activate the Hard CPU Limits
22291 + This will compile in code that allows the Token Bucket
22292 + Scheduler to put processes on hold when a context's
22293 + tokens are depleted (provided that its per-context
22294 + sched_hard flag is set).
22296 + Processes belonging to that context will not be able
22297 + to consume CPU resources again until a per-context
22298 + configured minimum of tokens has been reached.
22300 +config VSERVER_IDLETIME
22301 + bool "Avoid idle CPUs by skipping Time"
22302 + depends on VSERVER_HARDCPU
22305 + This option allows the scheduler to artificially
22306 + advance time (per cpu) when otherwise the idle
22307 + task would be scheduled, thus keeping the cpu
22308 + busy and sharing the available resources among
22309 + certain contexts.
22311 +config VSERVER_IDLELIMIT
22312 + bool "Limit the IDLE task"
22313 + depends on VSERVER_HARDCPU
22316 + Limit the idle slices, so the the next context
22317 + will be scheduled as soon as possible.
22319 + This might improve interactivity and latency, but
22320 + will also marginally increase scheduling overhead.
22323 + prompt "Persistent Inode Tagging"
22324 + default TAGGING_ID24
22326 + This adds persistent context information to filesystems
22327 + mounted with the tagxid option. Tagging is a requirement
22328 + for per-context disk limits and per-context quota.
22331 +config TAGGING_NONE
22334 + do not store per-context information in inodes.
22336 +config TAGGING_UID16
22337 + bool "UID16/GID32"
22339 + reduces UID to 16 bit, but leaves GID at 32 bit.
22341 +config TAGGING_GID16
22342 + bool "UID32/GID16"
22344 + reduces GID to 16 bit, but leaves UID at 32 bit.
22346 +config TAGGING_ID24
22347 + bool "UID24/GID24"
22349 + uses the upper 8bit from UID and GID for XID tagging
22350 + which leaves 24bit for UID/GID each, which should be
22351 + more than sufficient for normal use.
22353 +config TAGGING_INTERN
22354 + bool "UID32/GID32"
22356 + this uses otherwise reserved inode fields in the on
22357 + disk representation, which limits the use to a few
22358 + filesystems (currently ext2 and ext3)
22363 + bool "Tag NFSD User Auth and Files"
22366 + Enable this if you do want the in-kernel NFS
22367 + Server to use the tagging specified above.
22368 + (will require patched clients too)
22370 +config VSERVER_PRIVACY
22371 + bool "Honor Privacy Aspects of Guests"
22374 + When enabled, most context checks will disallow
22375 + access to structures assigned to a specific context,
22376 + like ptys or loop devices.
22378 +config VSERVER_CONTEXTS
22379 + int "Maximum number of Contexts (1-65533)" if EMBEDDED
22381 + default "768" if 64BIT
22384 + This setting will optimize certain data structures
22385 + and memory allocations according to the expected
22388 + note: this is not a strict upper limit.
22390 +config VSERVER_WARN
22391 + bool "VServer Warnings"
22394 + This enables various runtime warnings, which will
22395 + notify about potential manipulation attempts or
22396 + resource shortage. It is generally considered to
22397 + be a good idea to have that enabled.
22399 +config VSERVER_DEBUG
22400 + bool "VServer Debugging Code"
22403 + Set this to yes if you want to be able to activate
22404 + debugging output at runtime. It adds a very small
22405 + overhead to all vserver related functions and
22406 + increases the kernel size by about 20k.
22408 +config VSERVER_HISTORY
22409 + bool "VServer History Tracing"
22410 + depends on VSERVER_DEBUG
22413 + Set this to yes if you want to record the history of
22414 + linux-vserver activities, so they can be replayed in
22415 + the event of a kernel panic or oops.
22417 +config VSERVER_HISTORY_SIZE
22418 + int "Per-CPU History Size (32-65536)"
22419 + depends on VSERVER_HISTORY
22423 + This allows you to specify the number of entries in
22424 + the per-CPU history buffer.
22426 +config VSERVER_MONITOR
22427 + bool "VServer Scheduling Monitor"
22428 + depends on VSERVER_DISABLED
22431 + Set this to yes if you want to record the scheduling
22432 + decisions, so that they can be relayed to userspace
22433 + for detailed analysis.
22435 +config VSERVER_MONITOR_SIZE
22436 + int "Per-CPU Monitor Queue Size (32-65536)"
22437 + depends on VSERVER_MONITOR
22441 + This allows you to specify the number of entries in
22442 + the per-CPU scheduling monitor buffer.
22444 +config VSERVER_MONITOR_SYNC
22445 + int "Per-CPU Monitor Sync Interval (0-65536)"
22446 + depends on VSERVER_MONITOR
22450 + This allows you to specify the interval in ticks
22451 + when a time sync entry is inserted.
22459 + select NAMESPACES
22465 +config VSERVER_SECURITY
22467 + depends on SECURITY
22469 + select SECURITY_CAPABILITIES
22471 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/limit.c linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/limit.c
22472 --- linux-2.6.25.11/kernel/vserver/limit.c 1969-12-31 19:00:00.000000000 -0500
22473 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/limit.c 2008-04-19 15:14:52.000000000 -0400
22476 + * linux/kernel/vserver/limit.c
22478 + * Virtual Server: Context Limits
22480 + * Copyright (C) 2004-2007 Herbert Pötzl
22482 + * V0.01 broken out from vcontext V0.05
22483 + * V0.02 changed vcmds to vxi arg
22487 +#include <linux/sched.h>
22488 +#include <linux/module.h>
22489 +#include <linux/vs_limit.h>
22490 +#include <linux/vserver/limit.h>
22491 +#include <linux/vserver/limit_cmd.h>
22493 +#include <asm/uaccess.h>
22496 +const char *vlimit_name[NUM_LIMITS] = {
22497 + [RLIMIT_CPU] = "CPU",
22498 + [RLIMIT_RSS] = "RSS",
22499 + [RLIMIT_NPROC] = "NPROC",
22500 + [RLIMIT_NOFILE] = "NOFILE",
22501 + [RLIMIT_MEMLOCK] = "VML",
22502 + [RLIMIT_AS] = "VM",
22503 + [RLIMIT_LOCKS] = "LOCKS",
22504 + [RLIMIT_SIGPENDING] = "SIGP",
22505 + [RLIMIT_MSGQUEUE] = "MSGQ",
22507 + [VLIMIT_NSOCK] = "NSOCK",
22508 + [VLIMIT_OPENFD] = "OPENFD",
22509 + [VLIMIT_ANON] = "ANON",
22510 + [VLIMIT_SHMEM] = "SHMEM",
22511 + [VLIMIT_DENTRY] = "DENTRY",
22514 +EXPORT_SYMBOL_GPL(vlimit_name);
22516 +#define MASK_ENTRY(x) (1 << (x))
22518 +const struct vcmd_ctx_rlimit_mask_v0 vlimit_mask = {
22521 + , /* softlimit */
22522 + MASK_ENTRY( RLIMIT_RSS ) |
22523 + MASK_ENTRY( VLIMIT_ANON ) |
22526 + MASK_ENTRY( RLIMIT_RSS ) |
22527 + MASK_ENTRY( RLIMIT_NPROC ) |
22528 + MASK_ENTRY( RLIMIT_NOFILE ) |
22529 + MASK_ENTRY( RLIMIT_MEMLOCK ) |
22530 + MASK_ENTRY( RLIMIT_AS ) |
22531 + MASK_ENTRY( RLIMIT_LOCKS ) |
22532 + MASK_ENTRY( RLIMIT_MSGQUEUE ) |
22534 + MASK_ENTRY( VLIMIT_NSOCK ) |
22535 + MASK_ENTRY( VLIMIT_OPENFD ) |
22536 + MASK_ENTRY( VLIMIT_ANON ) |
22537 + MASK_ENTRY( VLIMIT_SHMEM ) |
22538 + MASK_ENTRY( VLIMIT_DENTRY ) |
22541 + /* accounting only */
22542 +uint32_t account_mask =
22543 + MASK_ENTRY( VLIMIT_SEMARY ) |
22544 + MASK_ENTRY( VLIMIT_NSEMS ) |
22545 + MASK_ENTRY( VLIMIT_MAPPED ) |
22549 +static int is_valid_vlimit(int id)
22551 + uint32_t mask = vlimit_mask.minimum |
22552 + vlimit_mask.softlimit | vlimit_mask.maximum;
22553 + return mask & (1 << id);
22556 +static int is_accounted_vlimit(int id)
22558 + if (is_valid_vlimit(id))
22560 + return account_mask & (1 << id);
22564 +static inline uint64_t vc_get_soft(struct vx_info *vxi, int id)
22566 + rlim_t limit = __rlim_soft(&vxi->limit, id);
22567 + return VX_VLIM(limit);
22570 +static inline uint64_t vc_get_hard(struct vx_info *vxi, int id)
22572 + rlim_t limit = __rlim_hard(&vxi->limit, id);
22573 + return VX_VLIM(limit);
22576 +static int do_get_rlimit(struct vx_info *vxi, uint32_t id,
22577 + uint64_t *minimum, uint64_t *softlimit, uint64_t *maximum)
22579 + if (!is_valid_vlimit(id))
22583 + *minimum = CRLIM_UNSET;
22585 + *softlimit = vc_get_soft(vxi, id);
22587 + *maximum = vc_get_hard(vxi, id);
22591 +int vc_get_rlimit(struct vx_info *vxi, void __user *data)
22593 + struct vcmd_ctx_rlimit_v0 vc_data;
22596 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
22599 + ret = do_get_rlimit(vxi, vc_data.id,
22600 + &vc_data.minimum, &vc_data.softlimit, &vc_data.maximum);
22604 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
22609 +static int do_set_rlimit(struct vx_info *vxi, uint32_t id,
22610 + uint64_t minimum, uint64_t softlimit, uint64_t maximum)
22612 + if (!is_valid_vlimit(id))
22615 + if (maximum != CRLIM_KEEP)
22616 + __rlim_hard(&vxi->limit, id) = VX_RLIM(maximum);
22617 + if (softlimit != CRLIM_KEEP)
22618 + __rlim_soft(&vxi->limit, id) = VX_RLIM(softlimit);
22620 + /* clamp soft limit */
22621 + if (__rlim_soft(&vxi->limit, id) > __rlim_hard(&vxi->limit, id))
22622 + __rlim_soft(&vxi->limit, id) = __rlim_hard(&vxi->limit, id);
22627 +int vc_set_rlimit(struct vx_info *vxi, void __user *data)
22629 + struct vcmd_ctx_rlimit_v0 vc_data;
22631 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
22634 + return do_set_rlimit(vxi, vc_data.id,
22635 + vc_data.minimum, vc_data.softlimit, vc_data.maximum);
22638 +#ifdef CONFIG_IA32_EMULATION
22640 +int vc_set_rlimit_x32(struct vx_info *vxi, void __user *data)
22642 + struct vcmd_ctx_rlimit_v0_x32 vc_data;
22644 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
22647 + return do_set_rlimit(vxi, vc_data.id,
22648 + vc_data.minimum, vc_data.softlimit, vc_data.maximum);
22651 +int vc_get_rlimit_x32(struct vx_info *vxi, void __user *data)
22653 + struct vcmd_ctx_rlimit_v0_x32 vc_data;
22656 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
22659 + ret = do_get_rlimit(vxi, vc_data.id,
22660 + &vc_data.minimum, &vc_data.softlimit, &vc_data.maximum);
22664 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
22669 +#endif /* CONFIG_IA32_EMULATION */
22672 +int vc_get_rlimit_mask(uint32_t id, void __user *data)
22674 + if (copy_to_user(data, &vlimit_mask, sizeof(vlimit_mask)))
22680 +static inline void vx_reset_minmax(struct _vx_limit *limit)
22685 + for (lim = 0; lim < NUM_LIMITS; lim++) {
22686 + value = __rlim_get(limit, lim);
22687 + __rlim_rmax(limit, lim) = value;
22688 + __rlim_rmin(limit, lim) = value;
22693 +int vc_reset_minmax(struct vx_info *vxi, void __user *data)
22695 + vx_reset_minmax(&vxi->limit);
22700 +int vc_rlimit_stat(struct vx_info *vxi, void __user *data)
22702 + struct vcmd_rlimit_stat_v0 vc_data;
22703 + struct _vx_limit *limit = &vxi->limit;
22706 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
22710 + if (!is_accounted_vlimit(id))
22713 + vx_limit_fixup(limit, id);
22714 + vc_data.hits = atomic_read(&__rlim_lhit(limit, id));
22715 + vc_data.value = __rlim_get(limit, id);
22716 + vc_data.minimum = __rlim_rmin(limit, id);
22717 + vc_data.maximum = __rlim_rmax(limit, id);
22719 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
22725 +void vx_vsi_meminfo(struct sysinfo *val)
22727 + struct vx_info *vxi = current->vx_info;
22728 + unsigned long totalram, freeram;
22731 + /* we blindly accept the max */
22732 + v = __rlim_soft(&vxi->limit, RLIMIT_RSS);
22733 + totalram = (v != RLIM_INFINITY) ? v : val->totalram;
22735 + /* total minus used equals free */
22736 + v = __vx_cres_array_fixup(&vxi->limit, VLA_RSS);
22737 + freeram = (v < totalram) ? totalram - v : 0;
22739 + val->totalram = totalram;
22740 + val->freeram = freeram;
22741 + val->bufferram = 0;
22742 + val->totalhigh = 0;
22743 + val->freehigh = 0;
22747 +void vx_vsi_swapinfo(struct sysinfo *val)
22749 + struct vx_info *vxi = current->vx_info;
22750 + unsigned long totalswap, freeswap;
22753 + v = __rlim_soft(&vxi->limit, RLIMIT_RSS);
22754 + if (v == RLIM_INFINITY) {
22755 + val->freeswap = val->totalswap;
22759 + /* we blindly accept the max */
22760 + w = __rlim_hard(&vxi->limit, RLIMIT_RSS);
22761 + totalswap = (w != RLIM_INFINITY) ? (w - v) : val->totalswap;
22763 + /* currently 'used' swap */
22764 + w = __vx_cres_array_fixup(&vxi->limit, VLA_RSS);
22765 + w -= (w > v) ? v : w;
22767 + /* total minus used equals free */
22768 + freeswap = (w < totalswap) ? totalswap - w : 0;
22770 + val->totalswap = totalswap;
22771 + val->freeswap = freeswap;
22776 +unsigned long vx_badness(struct task_struct *task, struct mm_struct *mm)
22778 + struct vx_info *vxi = mm->mm_vx_info;
22779 + unsigned long points;
22785 + points = vxi->vx_badness_bias;
22787 + v = __vx_cres_array_fixup(&vxi->limit, VLA_RSS);
22788 + w = __rlim_soft(&vxi->limit, RLIMIT_RSS);
22789 + points += (v > w) ? (v - w) : 0;
22794 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/limit_init.h linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/limit_init.h
22795 --- linux-2.6.25.11/kernel/vserver/limit_init.h 1969-12-31 19:00:00.000000000 -0500
22796 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/limit_init.h 2008-07-16 00:34:58.000000000 -0400
22800 +static inline void vx_info_init_limit(struct _vx_limit *limit)
22804 + for (lim = 0; lim < NUM_LIMITS; lim++) {
22805 + __rlim_soft(limit, lim) = RLIM_INFINITY;
22806 + __rlim_hard(limit, lim) = RLIM_INFINITY;
22807 + __rlim_set(limit, lim, 0);
22808 + atomic_set(&__rlim_lhit(limit, lim), 0);
22809 + __rlim_rmin(limit, lim) = 0;
22810 + __rlim_rmax(limit, lim) = 0;
22814 +static inline void vx_info_exit_limit(struct _vx_limit *limit)
22819 + for (lim = 0; lim < NUM_LIMITS; lim++) {
22820 + if ((1 << lim) & VLIM_NOCHECK)
22822 + value = __rlim_get(limit, lim);
22823 + vxwprintk_xid(value,
22824 + "!!! limit: %p[%s,%d] = %ld on exit.",
22825 + limit, vlimit_name[lim], lim, (long)value);
22829 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/limit_proc.h linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/limit_proc.h
22830 --- linux-2.6.25.11/kernel/vserver/limit_proc.h 1969-12-31 19:00:00.000000000 -0500
22831 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/limit_proc.h 2008-04-19 15:14:52.000000000 -0400
22833 +#ifndef _VX_LIMIT_PROC_H
22834 +#define _VX_LIMIT_PROC_H
22836 +#include <linux/vserver/limit_int.h>
22839 +#define VX_LIMIT_FMT ":\t%8ld\t%8ld/%8ld\t%8lld/%8lld\t%6d\n"
22840 +#define VX_LIMIT_TOP \
22841 + "Limit\t current\t min/max\t\t soft/hard\t\thits\n"
22843 +#define VX_LIMIT_ARG(r) \
22844 + (unsigned long)__rlim_get(limit, r), \
22845 + (unsigned long)__rlim_rmin(limit, r), \
22846 + (unsigned long)__rlim_rmax(limit, r), \
22847 + VX_VLIM(__rlim_soft(limit, r)), \
22848 + VX_VLIM(__rlim_hard(limit, r)), \
22849 + atomic_read(&__rlim_lhit(limit, r))
22851 +static inline int vx_info_proc_limit(struct _vx_limit *limit, char *buffer)
22853 + vx_limit_fixup(limit, -1);
22854 + return sprintf(buffer, VX_LIMIT_TOP
22855 + "PROC" VX_LIMIT_FMT
22856 + "VM" VX_LIMIT_FMT
22857 + "VML" VX_LIMIT_FMT
22858 + "RSS" VX_LIMIT_FMT
22859 + "ANON" VX_LIMIT_FMT
22860 + "RMAP" VX_LIMIT_FMT
22861 + "FILES" VX_LIMIT_FMT
22862 + "OFD" VX_LIMIT_FMT
22863 + "LOCKS" VX_LIMIT_FMT
22864 + "SOCK" VX_LIMIT_FMT
22865 + "MSGQ" VX_LIMIT_FMT
22866 + "SHM" VX_LIMIT_FMT
22867 + "SEMA" VX_LIMIT_FMT
22868 + "SEMS" VX_LIMIT_FMT
22869 + "DENT" VX_LIMIT_FMT,
22870 + VX_LIMIT_ARG(RLIMIT_NPROC),
22871 + VX_LIMIT_ARG(RLIMIT_AS),
22872 + VX_LIMIT_ARG(RLIMIT_MEMLOCK),
22873 + VX_LIMIT_ARG(RLIMIT_RSS),
22874 + VX_LIMIT_ARG(VLIMIT_ANON),
22875 + VX_LIMIT_ARG(VLIMIT_MAPPED),
22876 + VX_LIMIT_ARG(RLIMIT_NOFILE),
22877 + VX_LIMIT_ARG(VLIMIT_OPENFD),
22878 + VX_LIMIT_ARG(RLIMIT_LOCKS),
22879 + VX_LIMIT_ARG(VLIMIT_NSOCK),
22880 + VX_LIMIT_ARG(RLIMIT_MSGQUEUE),
22881 + VX_LIMIT_ARG(VLIMIT_SHMEM),
22882 + VX_LIMIT_ARG(VLIMIT_SEMARY),
22883 + VX_LIMIT_ARG(VLIMIT_NSEMS),
22884 + VX_LIMIT_ARG(VLIMIT_DENTRY));
22887 +#endif /* _VX_LIMIT_PROC_H */
22890 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/Makefile linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/Makefile
22891 --- linux-2.6.25.11/kernel/vserver/Makefile 1969-12-31 19:00:00.000000000 -0500
22892 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/Makefile 2008-07-11 03:07:10.000000000 -0400
22895 +# Makefile for the Linux vserver routines.
22899 +obj-y += vserver.o
22901 +vserver-y := switch.o context.o space.o sched.o network.o inode.o \
22902 + limit.o cvirt.o cacct.o signal.o helper.o init.o \
22905 +vserver-$(CONFIG_INET) += inet.o
22906 +vserver-$(CONFIG_PROC_FS) += proc.o
22907 +vserver-$(CONFIG_VSERVER_DEBUG) += sysctl.o debug.o
22908 +vserver-$(CONFIG_VSERVER_HISTORY) += history.o
22909 +vserver-$(CONFIG_VSERVER_MONITOR) += monitor.o
22910 +vserver-$(CONFIG_VSERVER_DEVICE) += device.o
22912 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/monitor.c linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/monitor.c
22913 --- linux-2.6.25.11/kernel/vserver/monitor.c 1969-12-31 19:00:00.000000000 -0500
22914 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/monitor.c 2008-04-19 15:14:52.000000000 -0400
22917 + * kernel/vserver/monitor.c
22919 + * Virtual Context Scheduler Monitor
22921 + * Copyright (C) 2006-2007 Herbert Pötzl
22923 + * V0.01 basic design
22927 +#include <linux/module.h>
22928 +#include <linux/jiffies.h>
22929 +#include <asm/uaccess.h>
22930 +#include <asm/atomic.h>
22932 +#include <linux/vserver/monitor.h>
22933 +#include <linux/vserver/debug_cmd.h>
22936 +#ifdef CONFIG_VSERVER_MONITOR
22937 +#define VXM_SIZE CONFIG_VSERVER_MONITOR_SIZE
22939 +#define VXM_SIZE 64
22942 +struct _vx_monitor {
22943 + unsigned int counter;
22945 + struct _vx_mon_entry entry[VXM_SIZE+1];
22949 +DEFINE_PER_CPU(struct _vx_monitor, vx_monitor_buffer);
22951 +unsigned volatile int vxm_active = 1;
22953 +static atomic_t sequence = ATOMIC_INIT(0);
22958 + * requires disabled preemption */
22960 +struct _vx_mon_entry *vxm_advance(int cpu)
22962 + struct _vx_monitor *mon = &per_cpu(vx_monitor_buffer, cpu);
22963 + struct _vx_mon_entry *entry;
22964 + unsigned int index;
22966 + index = vxm_active ? (mon->counter++ % VXM_SIZE) : VXM_SIZE;
22967 + entry = &mon->entry[index];
22969 + entry->ev.seq = atomic_inc_return(&sequence);
22970 + entry->ev.jif = jiffies;
22974 +EXPORT_SYMBOL_GPL(vxm_advance);
22977 +int do_read_monitor(struct __user _vx_mon_entry *data,
22978 + int cpu, uint32_t *index, uint32_t *count)
22980 + int pos, ret = 0;
22981 + struct _vx_monitor *mon = &per_cpu(vx_monitor_buffer, cpu);
22982 + int end = mon->counter;
22983 + int start = end - VXM_SIZE + 2;
22984 + int idx = *index;
22986 + /* special case: get current pos */
22992 + /* have we lost some data? */
22996 + for (pos = 0; (pos < *count) && (idx < end); pos++, idx++) {
22997 + struct _vx_mon_entry *entry =
22998 + &mon->entry[idx % VXM_SIZE];
23000 + /* send entry to userspace */
23001 + ret = copy_to_user(&data[pos], entry, sizeof(*entry));
23005 + /* save new index and count */
23008 + return ret ? ret : (*index < end);
23011 +int vc_read_monitor(uint32_t id, void __user *data)
23013 + struct vcmd_read_monitor_v0 vc_data;
23016 + if (id >= NR_CPUS)
23019 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
23022 + ret = do_read_monitor((struct __user _vx_mon_entry *)vc_data.data,
23023 + id, &vc_data.index, &vc_data.count);
23025 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
23030 +#ifdef CONFIG_COMPAT
23032 +int vc_read_monitor_x32(uint32_t id, void __user *data)
23034 + struct vcmd_read_monitor_v0_x32 vc_data;
23037 + if (id >= NR_CPUS)
23040 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
23043 + ret = do_read_monitor((struct __user _vx_mon_entry *)
23044 + compat_ptr(vc_data.data_ptr),
23045 + id, &vc_data.index, &vc_data.count);
23047 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
23052 +#endif /* CONFIG_COMPAT */
23054 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/network.c linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/network.c
23055 --- linux-2.6.25.11/kernel/vserver/network.c 1969-12-31 19:00:00.000000000 -0500
23056 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/network.c 2008-04-19 15:14:52.000000000 -0400
23059 + * linux/kernel/vserver/network.c
23061 + * Virtual Server: Network Support
23063 + * Copyright (C) 2003-2007 Herbert Pötzl
23065 + * V0.01 broken out from vcontext V0.05
23066 + * V0.02 cleaned up implementation
23067 + * V0.03 added equiv nx commands
23068 + * V0.04 switch to RCU based hash
23069 + * V0.05 and back to locking again
23070 + * V0.06 changed vcmds to nxi arg
23071 + * V0.07 have __create claim() the nxi
23075 +#include <linux/err.h>
23076 +#include <linux/slab.h>
23077 +#include <linux/rcupdate.h>
23079 +#include <linux/vs_network.h>
23080 +#include <linux/vs_pid.h>
23081 +#include <linux/vserver/network_cmd.h>
23084 +atomic_t nx_global_ctotal = ATOMIC_INIT(0);
23085 +atomic_t nx_global_cactive = ATOMIC_INIT(0);
23087 +static struct kmem_cache *nx_addr_v4_cachep = NULL;
23088 +static struct kmem_cache *nx_addr_v6_cachep = NULL;
23091 +static int __init init_network(void)
23093 + nx_addr_v4_cachep = kmem_cache_create("nx_v4_addr_cache",
23094 + sizeof(struct nx_addr_v4), 0,
23095 + SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
23096 + nx_addr_v6_cachep = kmem_cache_create("nx_v6_addr_cache",
23097 + sizeof(struct nx_addr_v6), 0,
23098 + SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
23103 +/* __alloc_nx_addr_v4() */
23105 +static inline struct nx_addr_v4 *__alloc_nx_addr_v4(void)
23107 + struct nx_addr_v4 *nxa = kmem_cache_alloc(
23108 + nx_addr_v4_cachep, GFP_KERNEL);
23110 + if (!IS_ERR(nxa))
23111 + memset(nxa, 0, sizeof(*nxa));
23115 +/* __dealloc_nx_addr_v4() */
23117 +static inline void __dealloc_nx_addr_v4(struct nx_addr_v4 *nxa)
23119 + kmem_cache_free(nx_addr_v4_cachep, nxa);
23122 +/* __dealloc_nx_addr_v4_all() */
23124 +static inline void __dealloc_nx_addr_v4_all(struct nx_addr_v4 *nxa)
23127 + struct nx_addr_v4 *next = nxa->next;
23129 + __dealloc_nx_addr_v4(nxa);
23135 +#ifdef CONFIG_IPV6
23137 +/* __alloc_nx_addr_v6() */
23139 +static inline struct nx_addr_v6 *__alloc_nx_addr_v6(void)
23141 + struct nx_addr_v6 *nxa = kmem_cache_alloc(
23142 + nx_addr_v6_cachep, GFP_KERNEL);
23144 + if (!IS_ERR(nxa))
23145 + memset(nxa, 0, sizeof(*nxa));
23149 +/* __dealloc_nx_addr_v6() */
23151 +static inline void __dealloc_nx_addr_v6(struct nx_addr_v6 *nxa)
23153 + kmem_cache_free(nx_addr_v6_cachep, nxa);
23156 +/* __dealloc_nx_addr_v6_all() */
23158 +static inline void __dealloc_nx_addr_v6_all(struct nx_addr_v6 *nxa)
23161 + struct nx_addr_v6 *next = nxa->next;
23163 + __dealloc_nx_addr_v6(nxa);
23168 +#endif /* CONFIG_IPV6 */
23170 +/* __alloc_nx_info()
23172 + * allocate an initialized nx_info struct
23173 + * doesn't make it visible (hash) */
23175 +static struct nx_info *__alloc_nx_info(nid_t nid)
23177 + struct nx_info *new = NULL;
23179 + vxdprintk(VXD_CBIT(nid, 1), "alloc_nx_info(%d)*", nid);
23181 + /* would this benefit from a slab cache? */
23182 + new = kmalloc(sizeof(struct nx_info), GFP_KERNEL);
23186 + memset(new, 0, sizeof(struct nx_info));
23187 + new->nx_id = nid;
23188 + INIT_HLIST_NODE(&new->nx_hlist);
23189 + atomic_set(&new->nx_usecnt, 0);
23190 + atomic_set(&new->nx_tasks, 0);
23191 + new->nx_state = 0;
23193 + new->nx_flags = NXF_INIT_SET;
23195 + /* rest of init goes here */
23197 + new->v4_lback.s_addr = htonl(INADDR_LOOPBACK);
23198 + new->v4_bcast.s_addr = htonl(INADDR_BROADCAST);
23200 + vxdprintk(VXD_CBIT(nid, 0),
23201 + "alloc_nx_info(%d) = %p", nid, new);
23202 + atomic_inc(&nx_global_ctotal);
23206 +/* __dealloc_nx_info()
23208 + * final disposal of nx_info */
23210 +static void __dealloc_nx_info(struct nx_info *nxi)
23212 + vxdprintk(VXD_CBIT(nid, 0),
23213 + "dealloc_nx_info(%p)", nxi);
23215 + nxi->nx_hlist.next = LIST_POISON1;
23218 + BUG_ON(atomic_read(&nxi->nx_usecnt));
23219 + BUG_ON(atomic_read(&nxi->nx_tasks));
23221 + __dealloc_nx_addr_v4_all(nxi->v4.next);
23223 + nxi->nx_state |= NXS_RELEASED;
23225 + atomic_dec(&nx_global_ctotal);
23228 +static void __shutdown_nx_info(struct nx_info *nxi)
23230 + nxi->nx_state |= NXS_SHUTDOWN;
23231 + vs_net_change(nxi, VSC_NETDOWN);
23234 +/* exported stuff */
23236 +void free_nx_info(struct nx_info *nxi)
23238 + /* context shutdown is mandatory */
23239 + BUG_ON(nxi->nx_state != NXS_SHUTDOWN);
23241 + /* context must not be hashed */
23242 + BUG_ON(nxi->nx_state & NXS_HASHED);
23244 + BUG_ON(atomic_read(&nxi->nx_usecnt));
23245 + BUG_ON(atomic_read(&nxi->nx_tasks));
23247 + __dealloc_nx_info(nxi);
23251 +void __nx_set_lback(struct nx_info *nxi)
23253 + int nid = nxi->nx_id;
23254 + __be32 lback = htonl(INADDR_LOOPBACK ^ ((nid & 0xFFFF) << 8));
23256 + nxi->v4_lback.s_addr = lback;
23259 +extern int __nx_inet_add_lback(__be32 addr);
23260 +extern int __nx_inet_del_lback(__be32 addr);
23263 +/* hash table for nx_info hash */
23265 +#define NX_HASH_SIZE 13
23267 +struct hlist_head nx_info_hash[NX_HASH_SIZE];
23269 +static spinlock_t nx_info_hash_lock = SPIN_LOCK_UNLOCKED;
23272 +static inline unsigned int __hashval(nid_t nid)
23274 + return (nid % NX_HASH_SIZE);
23279 +/* __hash_nx_info()
23281 + * add the nxi to the global hash table
23282 + * requires the hash_lock to be held */
23284 +static inline void __hash_nx_info(struct nx_info *nxi)
23286 + struct hlist_head *head;
23288 + vxd_assert_lock(&nx_info_hash_lock);
23289 + vxdprintk(VXD_CBIT(nid, 4),
23290 + "__hash_nx_info: %p[#%d]", nxi, nxi->nx_id);
23292 + /* context must not be hashed */
23293 + BUG_ON(nx_info_state(nxi, NXS_HASHED));
23295 + nxi->nx_state |= NXS_HASHED;
23296 + head = &nx_info_hash[__hashval(nxi->nx_id)];
23297 + hlist_add_head(&nxi->nx_hlist, head);
23298 + atomic_inc(&nx_global_cactive);
23301 +/* __unhash_nx_info()
23303 + * remove the nxi from the global hash table
23304 + * requires the hash_lock to be held */
23306 +static inline void __unhash_nx_info(struct nx_info *nxi)
23308 + vxd_assert_lock(&nx_info_hash_lock);
23309 + vxdprintk(VXD_CBIT(nid, 4),
23310 + "__unhash_nx_info: %p[#%d.%d.%d]", nxi, nxi->nx_id,
23311 + atomic_read(&nxi->nx_usecnt), atomic_read(&nxi->nx_tasks));
23313 + /* context must be hashed */
23314 + BUG_ON(!nx_info_state(nxi, NXS_HASHED));
23315 + /* but without tasks */
23316 + BUG_ON(atomic_read(&nxi->nx_tasks));
23318 + nxi->nx_state &= ~NXS_HASHED;
23319 + hlist_del(&nxi->nx_hlist);
23320 + atomic_dec(&nx_global_cactive);
23324 +/* __lookup_nx_info()
23326 + * requires the hash_lock to be held
23327 + * doesn't increment the nx_refcnt */
23329 +static inline struct nx_info *__lookup_nx_info(nid_t nid)
23331 + struct hlist_head *head = &nx_info_hash[__hashval(nid)];
23332 + struct hlist_node *pos;
23333 + struct nx_info *nxi;
23335 + vxd_assert_lock(&nx_info_hash_lock);
23336 + hlist_for_each(pos, head) {
23337 + nxi = hlist_entry(pos, struct nx_info, nx_hlist);
23339 + if (nxi->nx_id == nid)
23344 + vxdprintk(VXD_CBIT(nid, 0),
23345 + "__lookup_nx_info(#%u): %p[#%u]",
23346 + nid, nxi, nxi ? nxi->nx_id : 0);
23351 +/* __create_nx_info()
23353 + * create the requested context
23354 + * get(), claim() and hash it */
23356 +static struct nx_info *__create_nx_info(int id)
23358 + struct nx_info *new, *nxi = NULL;
23360 + vxdprintk(VXD_CBIT(nid, 1), "create_nx_info(%d)*", id);
23362 + if (!(new = __alloc_nx_info(id)))
23363 + return ERR_PTR(-ENOMEM);
23365 + /* required to make dynamic xids unique */
23366 + spin_lock(&nx_info_hash_lock);
23368 + /* static context requested */
23369 + if ((nxi = __lookup_nx_info(id))) {
23370 + vxdprintk(VXD_CBIT(nid, 0),
23371 + "create_nx_info(%d) = %p (already there)", id, nxi);
23372 + if (nx_info_flags(nxi, NXF_STATE_SETUP, 0))
23373 + nxi = ERR_PTR(-EBUSY);
23375 + nxi = ERR_PTR(-EEXIST);
23378 + /* new context */
23379 + vxdprintk(VXD_CBIT(nid, 0),
23380 + "create_nx_info(%d) = %p (new)", id, new);
23381 + claim_nx_info(new, NULL);
23382 + __nx_set_lback(new);
23383 + __hash_nx_info(get_nx_info(new));
23384 + nxi = new, new = NULL;
23387 + spin_unlock(&nx_info_hash_lock);
23389 + __dealloc_nx_info(new);
23395 +/* exported stuff */
23398 +void unhash_nx_info(struct nx_info *nxi)
23400 + __shutdown_nx_info(nxi);
23401 + spin_lock(&nx_info_hash_lock);
23402 + __unhash_nx_info(nxi);
23403 + spin_unlock(&nx_info_hash_lock);
23406 +/* lookup_nx_info()
23408 + * search for a nx_info and get() it
23409 + * negative id means current */
23411 +struct nx_info *lookup_nx_info(int id)
23413 + struct nx_info *nxi = NULL;
23416 + nxi = get_nx_info(current->nx_info);
23417 + } else if (id > 1) {
23418 + spin_lock(&nx_info_hash_lock);
23419 + nxi = get_nx_info(__lookup_nx_info(id));
23420 + spin_unlock(&nx_info_hash_lock);
23425 +/* nid_is_hashed()
23427 + * verify that nid is still hashed */
23429 +int nid_is_hashed(nid_t nid)
23433 + spin_lock(&nx_info_hash_lock);
23434 + hashed = (__lookup_nx_info(nid) != NULL);
23435 + spin_unlock(&nx_info_hash_lock);
23440 +#ifdef CONFIG_PROC_FS
23444 + * get a subset of hashed nids for proc
23445 + * assumes size is at least one */
23447 +int get_nid_list(int index, unsigned int *nids, int size)
23449 + int hindex, nr_nids = 0;
23451 + /* only show current and children */
23452 + if (!nx_check(0, VS_ADMIN | VS_WATCH)) {
23455 + nids[nr_nids] = nx_current_nid();
23459 + for (hindex = 0; hindex < NX_HASH_SIZE; hindex++) {
23460 + struct hlist_head *head = &nx_info_hash[hindex];
23461 + struct hlist_node *pos;
23463 + spin_lock(&nx_info_hash_lock);
23464 + hlist_for_each(pos, head) {
23465 + struct nx_info *nxi;
23470 + nxi = hlist_entry(pos, struct nx_info, nx_hlist);
23471 + nids[nr_nids] = nxi->nx_id;
23472 + if (++nr_nids >= size) {
23473 + spin_unlock(&nx_info_hash_lock);
23477 + /* keep the lock time short */
23478 + spin_unlock(&nx_info_hash_lock);
23487 + * migrate task to new network
23488 + * gets nxi, puts old_nxi on change
23491 +int nx_migrate_task(struct task_struct *p, struct nx_info *nxi)
23493 + struct nx_info *old_nxi;
23499 + vxdprintk(VXD_CBIT(nid, 5),
23500 + "nx_migrate_task(%p,%p[#%d.%d.%d])",
23501 + p, nxi, nxi->nx_id,
23502 + atomic_read(&nxi->nx_usecnt),
23503 + atomic_read(&nxi->nx_tasks));
23505 + if (nx_info_flags(nxi, NXF_INFO_PRIVATE, 0) &&
23506 + !nx_info_flags(nxi, NXF_STATE_SETUP, 0))
23509 + if (nx_info_state(nxi, NXS_SHUTDOWN))
23512 + /* maybe disallow this completely? */
23513 + old_nxi = task_get_nx_info(p);
23514 + if (old_nxi == nxi)
23519 + clr_nx_info(&p->nx_info);
23520 + claim_nx_info(nxi, p);
23521 + set_nx_info(&p->nx_info, nxi);
23522 + p->nid = nxi->nx_id;
23525 + vxdprintk(VXD_CBIT(nid, 5),
23526 + "moved task %p into nxi:%p[#%d]",
23527 + p, nxi, nxi->nx_id);
23530 + release_nx_info(old_nxi, p);
23533 + put_nx_info(old_nxi);
23538 +void nx_set_persistent(struct nx_info *nxi)
23540 + vxdprintk(VXD_CBIT(nid, 6),
23541 + "nx_set_persistent(%p[#%d])", nxi, nxi->nx_id);
23543 + get_nx_info(nxi);
23544 + claim_nx_info(nxi, NULL);
23547 +void nx_clear_persistent(struct nx_info *nxi)
23549 + vxdprintk(VXD_CBIT(nid, 6),
23550 + "nx_clear_persistent(%p[#%d])", nxi, nxi->nx_id);
23552 + release_nx_info(nxi, NULL);
23553 + put_nx_info(nxi);
23556 +void nx_update_persistent(struct nx_info *nxi)
23558 + if (nx_info_flags(nxi, NXF_PERSISTENT, 0))
23559 + nx_set_persistent(nxi);
23561 + nx_clear_persistent(nxi);
23564 +/* vserver syscall commands below here */
23566 +/* taks nid and nx_info functions */
23568 +#include <asm/uaccess.h>
23571 +int vc_task_nid(uint32_t id)
23576 + struct task_struct *tsk;
23578 + read_lock(&tasklist_lock);
23579 + tsk = find_task_by_real_pid(id);
23580 + nid = (tsk) ? tsk->nid : -ESRCH;
23581 + read_unlock(&tasklist_lock);
23583 + nid = nx_current_nid();
23588 +int vc_nx_info(struct nx_info *nxi, void __user *data)
23590 + struct vcmd_nx_info_v0 vc_data;
23592 + vc_data.nid = nxi->nx_id;
23594 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
23600 +/* network functions */
23602 +int vc_net_create(uint32_t nid, void __user *data)
23604 + struct vcmd_net_create vc_data = { .flagword = NXF_INIT_SET };
23605 + struct nx_info *new_nxi;
23608 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
23611 + if ((nid > MAX_S_CONTEXT) || (nid < 2))
23614 + new_nxi = __create_nx_info(nid);
23615 + if (IS_ERR(new_nxi))
23616 + return PTR_ERR(new_nxi);
23618 + /* initial flags */
23619 + new_nxi->nx_flags = vc_data.flagword;
23622 + if (vs_net_change(new_nxi, VSC_NETUP))
23625 + ret = nx_migrate_task(current, new_nxi);
23629 + /* return context id on success */
23630 + ret = new_nxi->nx_id;
23632 + /* get a reference for persistent contexts */
23633 + if ((vc_data.flagword & NXF_PERSISTENT))
23634 + nx_set_persistent(new_nxi);
23636 + release_nx_info(new_nxi, NULL);
23637 + put_nx_info(new_nxi);
23642 +int vc_net_migrate(struct nx_info *nxi, void __user *data)
23644 + return nx_migrate_task(current, nxi);
23649 +int do_add_v4_addr(struct nx_info *nxi, __be32 ip, __be32 ip2, __be32 mask,
23650 + uint16_t type, uint16_t flags)
23652 + struct nx_addr_v4 *nxa = &nxi->v4;
23654 + if (NX_IPV4(nxi)) {
23655 + /* locate last entry */
23656 + for (; nxa->next; nxa = nxa->next);
23657 + nxa->next = __alloc_nx_addr_v4();
23661 + return PTR_ERR(nxa);
23664 + if (nxi->v4.next)
23665 + /* remove single ip for ip list */
23666 + nxi->nx_flags &= ~NXF_SINGLE_IP;
23668 + nxa->ip[0].s_addr = ip;
23669 + nxa->ip[1].s_addr = ip2;
23670 + nxa->mask.s_addr = mask;
23671 + nxa->type = type;
23672 + nxa->flags = flags;
23677 +int vc_net_add(struct nx_info *nxi, void __user *data)
23679 + struct vcmd_net_addr_v0 vc_data;
23680 + int index, ret = 0;
23682 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
23685 + switch (vc_data.type) {
23686 + case NXA_TYPE_IPV4:
23687 + if ((vc_data.count < 1) || (vc_data.count > 4))
23691 + while (index < vc_data.count) {
23692 + ret = do_add_v4_addr(nxi, vc_data.ip[index].s_addr, 0,
23693 + vc_data.mask[index].s_addr, NXA_TYPE_ADDR, 0);
23701 + case NXA_TYPE_IPV4|NXA_MOD_BCAST:
23702 + nxi->v4_bcast = vc_data.ip[0];
23706 + case NXA_TYPE_IPV4|NXA_MOD_LBACK:
23707 + nxi->v4_lback = vc_data.ip[0];
23718 +int vc_net_remove(struct nx_info *nxi, void __user *data)
23720 + struct vcmd_net_addr_v0 vc_data;
23722 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
23725 + switch (vc_data.type) {
23726 + case NXA_TYPE_ANY:
23727 + __dealloc_nx_addr_v4_all(xchg(&nxi->v4.next, NULL));
23728 + memset(&nxi->v4, 0, sizeof(nxi->v4));
23738 +int vc_net_add_ipv4(struct nx_info *nxi, void __user *data)
23740 + struct vcmd_net_addr_ipv4_v1 vc_data;
23742 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
23745 + switch (vc_data.type) {
23746 + case NXA_TYPE_ADDR:
23747 + case NXA_TYPE_RANGE:
23748 + case NXA_TYPE_MASK:
23749 + return do_add_v4_addr(nxi, vc_data.ip.s_addr, 0,
23750 + vc_data.mask.s_addr, vc_data.type, vc_data.flags);
23752 + case NXA_TYPE_ADDR | NXA_MOD_BCAST:
23753 + nxi->v4_bcast = vc_data.ip;
23756 + case NXA_TYPE_ADDR | NXA_MOD_LBACK:
23757 + nxi->v4_lback = vc_data.ip;
23766 +int vc_net_remove_ipv4(struct nx_info *nxi, void __user *data)
23768 + struct vcmd_net_addr_ipv4_v1 vc_data;
23770 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
23773 + switch (vc_data.type) {
23774 +/* case NXA_TYPE_ADDR:
23777 + case NXA_TYPE_ANY:
23778 + __dealloc_nx_addr_v4_all(xchg(&nxi->v4.next, NULL));
23779 + memset(&nxi->v4, 0, sizeof(nxi->v4));
23789 +#ifdef CONFIG_IPV6
23791 +int do_add_v6_addr(struct nx_info *nxi,
23792 + struct in6_addr *ip, struct in6_addr *mask,
23793 + uint32_t prefix, uint16_t type, uint16_t flags)
23795 + struct nx_addr_v6 *nxa = &nxi->v6;
23797 + if (NX_IPV6(nxi)) {
23798 + /* locate last entry */
23799 + for (; nxa->next; nxa = nxa->next);
23800 + nxa->next = __alloc_nx_addr_v6();
23804 + return PTR_ERR(nxa);
23808 + nxa->mask = *mask;
23809 + nxa->prefix = prefix;
23810 + nxa->type = type;
23811 + nxa->flags = flags;
23816 +int vc_net_add_ipv6(struct nx_info *nxi, void __user *data)
23818 + struct vcmd_net_addr_ipv6_v1 vc_data;
23820 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
23823 + switch (vc_data.type) {
23824 + case NXA_TYPE_ADDR:
23825 + case NXA_TYPE_MASK:
23826 + return do_add_v6_addr(nxi, &vc_data.ip, &vc_data.mask,
23827 + vc_data.prefix, vc_data.type, vc_data.flags);
23834 +int vc_net_remove_ipv6(struct nx_info *nxi, void __user *data)
23836 + struct vcmd_net_addr_ipv6_v1 vc_data;
23838 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
23841 + switch (vc_data.type) {
23842 + case NXA_TYPE_ANY:
23843 + __dealloc_nx_addr_v6_all(xchg(&nxi->v6.next, NULL));
23844 + memset(&nxi->v6, 0, sizeof(nxi->v6));
23853 +#endif /* CONFIG_IPV6 */
23856 +int vc_get_nflags(struct nx_info *nxi, void __user *data)
23858 + struct vcmd_net_flags_v0 vc_data;
23860 + vc_data.flagword = nxi->nx_flags;
23862 + /* special STATE flag handling */
23863 + vc_data.mask = vs_mask_flags(~0ULL, nxi->nx_flags, NXF_ONE_TIME);
23865 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
23870 +int vc_set_nflags(struct nx_info *nxi, void __user *data)
23872 + struct vcmd_net_flags_v0 vc_data;
23873 + uint64_t mask, trigger;
23875 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
23878 + /* special STATE flag handling */
23879 + mask = vs_mask_mask(vc_data.mask, nxi->nx_flags, NXF_ONE_TIME);
23880 + trigger = (mask & nxi->nx_flags) ^ (mask & vc_data.flagword);
23882 + nxi->nx_flags = vs_mask_flags(nxi->nx_flags,
23883 + vc_data.flagword, mask);
23884 + if (trigger & NXF_PERSISTENT)
23885 + nx_update_persistent(nxi);
23890 +int vc_get_ncaps(struct nx_info *nxi, void __user *data)
23892 + struct vcmd_net_caps_v0 vc_data;
23894 + vc_data.ncaps = nxi->nx_ncaps;
23895 + vc_data.cmask = ~0ULL;
23897 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
23902 +int vc_set_ncaps(struct nx_info *nxi, void __user *data)
23904 + struct vcmd_net_caps_v0 vc_data;
23906 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
23909 + nxi->nx_ncaps = vs_mask_flags(nxi->nx_ncaps,
23910 + vc_data.ncaps, vc_data.cmask);
23915 +#include <linux/module.h>
23917 +module_init(init_network);
23919 +EXPORT_SYMBOL_GPL(free_nx_info);
23920 +EXPORT_SYMBOL_GPL(unhash_nx_info);
23922 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/proc.c linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/proc.c
23923 --- linux-2.6.25.11/kernel/vserver/proc.c 1969-12-31 19:00:00.000000000 -0500
23924 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/proc.c 2008-06-10 20:05:58.000000000 -0400
23927 + * linux/kernel/vserver/proc.c
23929 + * Virtual Context Support
23931 + * Copyright (C) 2003-2007 Herbert Pötzl
23933 + * V0.01 basic structure
23934 + * V0.02 adaptation vs1.3.0
23935 + * V0.03 proc permissions
23936 + * V0.04 locking/generic
23937 + * V0.05 next generation procfs
23938 + * V0.06 inode validation
23939 + * V0.07 generic rewrite vid
23940 + * V0.08 remove inode type
23944 +#include <linux/proc_fs.h>
23945 +#include <asm/unistd.h>
23947 +#include <linux/vs_context.h>
23948 +#include <linux/vs_network.h>
23949 +#include <linux/vs_cvirt.h>
23951 +#include <linux/in.h>
23952 +#include <linux/inetdevice.h>
23953 +#include <linux/vs_inet.h>
23954 +#include <linux/vs_inet6.h>
23956 +#include <linux/vserver/global.h>
23958 +#include "cvirt_proc.h"
23959 +#include "cacct_proc.h"
23960 +#include "limit_proc.h"
23961 +#include "sched_proc.h"
23962 +#include "vci_config.h"
23965 +static inline char *print_cap_t(char *buffer, kernel_cap_t *c)
23969 + CAP_FOR_EACH_U32(__capi) {
23970 + buffer += sprintf(buffer, "%08x",
23971 + c->cap[(_KERNEL_CAPABILITY_U32S-1) - __capi]);
23977 +static struct proc_dir_entry *proc_virtual;
23979 +static struct proc_dir_entry *proc_virtnet;
23982 +/* first the actual feeds */
23985 +static int proc_vci(char *buffer)
23987 + return sprintf(buffer,
23988 + "VCIVersion:\t%04x:%04x\n"
23989 + "VCISyscall:\t%d\n"
23990 + "VCIKernel:\t%08x\n",
23991 + VCI_VERSION >> 16,
23992 + VCI_VERSION & 0xFFFF,
23994 + vci_kernel_config());
23997 +static int proc_virtual_info(char *buffer)
23999 + return proc_vci(buffer);
24002 +static int proc_virtual_status(char *buffer)
24004 + return sprintf(buffer,
24006 + "#CActive:\t%d\n"
24007 + "#NSProxy:\t%d\t%d %d %d %d %d %d\n",
24008 + atomic_read(&vx_global_ctotal),
24009 + atomic_read(&vx_global_cactive),
24010 + atomic_read(&vs_global_nsproxy),
24011 + atomic_read(&vs_global_fs),
24012 + atomic_read(&vs_global_mnt_ns),
24013 + atomic_read(&vs_global_uts_ns),
24014 + atomic_read(&vs_global_ipc_ns),
24015 + atomic_read(&vs_global_user_ns),
24016 + atomic_read(&vs_global_pid_ns));
24020 +int proc_vxi_info(struct vx_info *vxi, char *buffer)
24024 + length = sprintf(buffer,
24032 + vxi->vx_badness_bias);
24036 +int proc_vxi_status(struct vx_info *vxi, char *buffer)
24038 + char *orig = buffer;
24040 + buffer += sprintf(buffer,
24043 + "Flags:\t%016llx\n",
24044 + atomic_read(&vxi->vx_usecnt),
24045 + atomic_read(&vxi->vx_tasks),
24046 + (unsigned long long)vxi->vx_flags);
24048 + buffer += sprintf(buffer, "BCaps:\t");
24049 + buffer = print_cap_t(buffer, &vxi->vx_bcaps);
24050 + buffer += sprintf(buffer, "\n");
24052 + buffer += sprintf(buffer,
24053 + "CCaps:\t%016llx\n"
24054 + "Spaces:\t%08lx\n",
24055 + (unsigned long long)vxi->vx_ccaps,
24057 + return buffer - orig;
24060 +int proc_vxi_limit(struct vx_info *vxi, char *buffer)
24062 + return vx_info_proc_limit(&vxi->limit, buffer);
24065 +int proc_vxi_sched(struct vx_info *vxi, char *buffer)
24069 + length = vx_info_proc_sched(&vxi->sched, buffer);
24070 + for_each_online_cpu(cpu) {
24071 + length += vx_info_proc_sched_pc(
24072 + &vx_per_cpu(vxi, sched_pc, cpu),
24073 + buffer + length, cpu);
24078 +int proc_vxi_nsproxy(struct vx_info *vxi, char *buffer)
24080 + return vx_info_proc_nsproxy(vxi->vx_nsproxy, buffer);
24083 +int proc_vxi_cvirt(struct vx_info *vxi, char *buffer)
24087 + vx_update_load(vxi);
24088 + length = vx_info_proc_cvirt(&vxi->cvirt, buffer);
24089 + for_each_online_cpu(cpu) {
24090 + length += vx_info_proc_cvirt_pc(
24091 + &vx_per_cpu(vxi, cvirt_pc, cpu),
24092 + buffer + length, cpu);
24097 +int proc_vxi_cacct(struct vx_info *vxi, char *buffer)
24099 + return vx_info_proc_cacct(&vxi->cacct, buffer);
24103 +static int proc_virtnet_info(char *buffer)
24105 + return proc_vci(buffer);
24108 +static int proc_virtnet_status(char *buffer)
24110 + return sprintf(buffer,
24112 + "#CActive:\t%d\n",
24113 + atomic_read(&nx_global_ctotal),
24114 + atomic_read(&nx_global_cactive));
24117 +int proc_nxi_info(struct nx_info *nxi, char *buffer)
24119 + struct nx_addr_v4 *v4a;
24120 +#ifdef CONFIG_IPV6
24121 + struct nx_addr_v6 *v6a;
24125 + length = sprintf(buffer,
24128 + "Bcast:\t" NIPQUAD_FMT "\n"
24129 + "Lback:\t" NIPQUAD_FMT "\n",
24132 + NIPQUAD(nxi->v4_bcast.s_addr),
24133 + NIPQUAD(nxi->v4_lback.s_addr));
24135 + if (!NX_IPV4(nxi))
24137 + for (i = 0, v4a = &nxi->v4; v4a; i++, v4a = v4a->next)
24138 + length += sprintf(buffer + length, "%d:\t" NXAV4_FMT "\n",
24141 +#ifdef CONFIG_IPV6
24142 + if (!NX_IPV6(nxi))
24144 + for (i = 0, v6a = &nxi->v6; v6a; i++, v6a = v6a->next)
24145 + length += sprintf(buffer + length, "%d:\t" NXAV6_FMT "\n",
24152 +int proc_nxi_status(struct nx_info *nxi, char *buffer)
24156 + length = sprintf(buffer,
24159 + "Flags:\t%016llx\n"
24160 + "NCaps:\t%016llx\n",
24161 + atomic_read(&nxi->nx_usecnt),
24162 + atomic_read(&nxi->nx_tasks),
24163 + (unsigned long long)nxi->nx_flags,
24164 + (unsigned long long)nxi->nx_ncaps);
24170 +/* here the inode helpers */
24176 + struct inode_operations *iop;
24177 + struct file_operations *fop;
24178 + union proc_op op;
24181 +static struct inode *vs_proc_make_inode(struct super_block *sb, struct vs_entry *p)
24183 + struct inode *inode = new_inode(sb);
24188 + inode->i_mode = p->mode;
24190 + inode->i_op = p->iop;
24192 + inode->i_fop = p->fop;
24194 + inode->i_nlink = (p->mode & S_IFDIR) ? 2 : 1;
24195 + inode->i_flags |= S_IMMUTABLE;
24197 + inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME;
24199 + inode->i_uid = 0;
24200 + inode->i_gid = 0;
24201 + inode->i_tag = 0;
24206 +static struct dentry *vs_proc_instantiate(struct inode *dir,
24207 + struct dentry *dentry, int id, void *ptr)
24209 + struct vs_entry *p = ptr;
24210 + struct inode *inode = vs_proc_make_inode(dir->i_sb, p);
24211 + struct dentry *error = ERR_PTR(-EINVAL);
24216 + PROC_I(inode)->op = p->op;
24217 + PROC_I(inode)->fd = id;
24218 + d_add(dentry, inode);
24226 +typedef struct dentry *instantiate_t(struct inode *, struct dentry *, int, void *);
24229 + * Fill a directory entry.
24231 + * If possible create the dcache entry and derive our inode number and
24232 + * file type from dcache entry.
24234 + * Since all of the proc inode numbers are dynamically generated, the inode
24235 + * numbers do not exist until the inode is cache. This means creating the
24236 + * the dcache entry in readdir is necessary to keep the inode numbers
24237 + * reported by readdir in sync with the inode numbers reported
24240 +static int proc_fill_cache(struct file *filp, void *dirent, filldir_t filldir,
24241 + char *name, int len, instantiate_t instantiate, int id, void *ptr)
24243 + struct dentry *child, *dir = filp->f_dentry;
24244 + struct inode *inode;
24245 + struct qstr qname;
24247 + unsigned type = DT_UNKNOWN;
24249 + qname.name = name;
24251 + qname.hash = full_name_hash(name, len);
24253 + child = d_lookup(dir, &qname);
24255 + struct dentry *new;
24256 + new = d_alloc(dir, &qname);
24258 + child = instantiate(dir->d_inode, new, id, ptr);
24265 + if (!child || IS_ERR(child) || !child->d_inode)
24266 + goto end_instantiate;
24267 + inode = child->d_inode;
24269 + ino = inode->i_ino;
24270 + type = inode->i_mode >> 12;
24275 + ino = find_inode_number(dir, &qname);
24278 + return filldir(dirent, name, len, filp->f_pos, ino, type);
24283 +/* get and revalidate vx_info/xid */
24286 +struct vx_info *get_proc_vx_info(struct inode *inode)
24288 + return lookup_vx_info(PROC_I(inode)->fd);
24291 +static int proc_xid_revalidate(struct dentry *dentry, struct nameidata *nd)
24293 + struct inode *inode = dentry->d_inode;
24294 + xid_t xid = PROC_I(inode)->fd;
24296 + if (!xid || xid_is_hashed(xid))
24303 +/* get and revalidate nx_info/nid */
24305 +static int proc_nid_revalidate(struct dentry *dentry, struct nameidata *nd)
24307 + struct inode *inode = dentry->d_inode;
24308 + nid_t nid = PROC_I(inode)->fd;
24310 + if (!nid || nid_is_hashed(nid))
24318 +#define PROC_BLOCK_SIZE (PAGE_SIZE - 1024)
24320 +static ssize_t proc_vs_info_read(struct file *file, char __user *buf,
24321 + size_t count, loff_t *ppos)
24323 + struct inode *inode = file->f_dentry->d_inode;
24324 + unsigned long page;
24325 + ssize_t length = 0;
24327 + if (count > PROC_BLOCK_SIZE)
24328 + count = PROC_BLOCK_SIZE;
24330 + /* fade that out as soon as stable */
24331 + WARN_ON(PROC_I(inode)->fd);
24333 + if (!(page = __get_free_page(GFP_KERNEL)))
24336 + BUG_ON(!PROC_I(inode)->op.proc_vs_read);
24337 + length = PROC_I(inode)->op.proc_vs_read((char *)page);
24340 + length = simple_read_from_buffer(buf, count, ppos,
24341 + (char *)page, length);
24347 +static ssize_t proc_vx_info_read(struct file *file, char __user *buf,
24348 + size_t count, loff_t *ppos)
24350 + struct inode *inode = file->f_dentry->d_inode;
24351 + struct vx_info *vxi = NULL;
24352 + xid_t xid = PROC_I(inode)->fd;
24353 + unsigned long page;
24354 + ssize_t length = 0;
24356 + if (count > PROC_BLOCK_SIZE)
24357 + count = PROC_BLOCK_SIZE;
24359 + /* fade that out as soon as stable */
24361 + vxi = lookup_vx_info(xid);
24365 + length = -ENOMEM;
24366 + if (!(page = __get_free_page(GFP_KERNEL)))
24369 + BUG_ON(!PROC_I(inode)->op.proc_vxi_read);
24370 + length = PROC_I(inode)->op.proc_vxi_read(vxi, (char *)page);
24373 + length = simple_read_from_buffer(buf, count, ppos,
24374 + (char *)page, length);
24378 + put_vx_info(vxi);
24383 +static ssize_t proc_nx_info_read(struct file *file, char __user *buf,
24384 + size_t count, loff_t *ppos)
24386 + struct inode *inode = file->f_dentry->d_inode;
24387 + struct nx_info *nxi = NULL;
24388 + nid_t nid = PROC_I(inode)->fd;
24389 + unsigned long page;
24390 + ssize_t length = 0;
24392 + if (count > PROC_BLOCK_SIZE)
24393 + count = PROC_BLOCK_SIZE;
24395 + /* fade that out as soon as stable */
24397 + nxi = lookup_nx_info(nid);
24401 + length = -ENOMEM;
24402 + if (!(page = __get_free_page(GFP_KERNEL)))
24405 + BUG_ON(!PROC_I(inode)->op.proc_nxi_read);
24406 + length = PROC_I(inode)->op.proc_nxi_read(nxi, (char *)page);
24409 + length = simple_read_from_buffer(buf, count, ppos,
24410 + (char *)page, length);
24414 + put_nx_info(nxi);
24421 +/* here comes the lower level */
24424 +#define NOD(NAME, MODE, IOP, FOP, OP) { \
24425 + .len = sizeof(NAME) - 1, \
24426 + .name = (NAME), \
24434 +#define DIR(NAME, MODE, OTYPE) \
24435 + NOD(NAME, (S_IFDIR | (MODE)), \
24436 + &proc_ ## OTYPE ## _inode_operations, \
24437 + &proc_ ## OTYPE ## _file_operations, { } )
24439 +#define INF(NAME, MODE, OTYPE) \
24440 + NOD(NAME, (S_IFREG | (MODE)), NULL, \
24441 + &proc_vs_info_file_operations, \
24442 + { .proc_vs_read = &proc_##OTYPE } )
24444 +#define VINF(NAME, MODE, OTYPE) \
24445 + NOD(NAME, (S_IFREG | (MODE)), NULL, \
24446 + &proc_vx_info_file_operations, \
24447 + { .proc_vxi_read = &proc_##OTYPE } )
24449 +#define NINF(NAME, MODE, OTYPE) \
24450 + NOD(NAME, (S_IFREG | (MODE)), NULL, \
24451 + &proc_nx_info_file_operations, \
24452 + { .proc_nxi_read = &proc_##OTYPE } )
24455 +static struct file_operations proc_vs_info_file_operations = {
24456 + .read = proc_vs_info_read,
24459 +static struct file_operations proc_vx_info_file_operations = {
24460 + .read = proc_vx_info_read,
24463 +static struct dentry_operations proc_xid_dentry_operations = {
24464 + .d_revalidate = proc_xid_revalidate,
24467 +static struct vs_entry vx_base_stuff[] = {
24468 + VINF("info", S_IRUGO, vxi_info),
24469 + VINF("status", S_IRUGO, vxi_status),
24470 + VINF("limit", S_IRUGO, vxi_limit),
24471 + VINF("sched", S_IRUGO, vxi_sched),
24472 + VINF("nsproxy", S_IRUGO, vxi_nsproxy),
24473 + VINF("cvirt", S_IRUGO, vxi_cvirt),
24474 + VINF("cacct", S_IRUGO, vxi_cacct),
24481 +static struct dentry *proc_xid_instantiate(struct inode *dir,
24482 + struct dentry *dentry, int id, void *ptr)
24484 + dentry->d_op = &proc_xid_dentry_operations;
24485 + return vs_proc_instantiate(dir, dentry, id, ptr);
24488 +static struct dentry *proc_xid_lookup(struct inode *dir,
24489 + struct dentry *dentry, struct nameidata *nd)
24491 + struct vs_entry *p = vx_base_stuff;
24492 + struct dentry *error = ERR_PTR(-ENOENT);
24494 + for (; p->name; p++) {
24495 + if (p->len != dentry->d_name.len)
24497 + if (!memcmp(dentry->d_name.name, p->name, p->len))
24503 + error = proc_xid_instantiate(dir, dentry, PROC_I(dir)->fd, p);
24508 +static int proc_xid_readdir(struct file *filp,
24509 + void *dirent, filldir_t filldir)
24511 + struct dentry *dentry = filp->f_dentry;
24512 + struct inode *inode = dentry->d_inode;
24513 + struct vs_entry *p = vx_base_stuff;
24514 + int size = sizeof(vx_base_stuff) / sizeof(struct vs_entry);
24518 + pos = filp->f_pos;
24521 + ino = inode->i_ino;
24522 + if (filldir(dirent, ".", 1, pos, ino, DT_DIR) < 0)
24525 + /* fall through */
24527 + ino = parent_ino(dentry);
24528 + if (filldir(dirent, "..", 2, pos, ino, DT_DIR) < 0)
24531 + /* fall through */
24534 + if (index >= size)
24536 + for (p += index; p->name; p++) {
24537 + if (proc_fill_cache(filp, dirent, filldir, p->name, p->len,
24538 + vs_proc_instantiate, PROC_I(inode)->fd, p))
24544 + filp->f_pos = pos;
24550 +static struct file_operations proc_nx_info_file_operations = {
24551 + .read = proc_nx_info_read,
24554 +static struct dentry_operations proc_nid_dentry_operations = {
24555 + .d_revalidate = proc_nid_revalidate,
24558 +static struct vs_entry nx_base_stuff[] = {
24559 + NINF("info", S_IRUGO, nxi_info),
24560 + NINF("status", S_IRUGO, nxi_status),
24565 +static struct dentry *proc_nid_instantiate(struct inode *dir,
24566 + struct dentry *dentry, int id, void *ptr)
24568 + dentry->d_op = &proc_nid_dentry_operations;
24569 + return vs_proc_instantiate(dir, dentry, id, ptr);
24572 +static struct dentry *proc_nid_lookup(struct inode *dir,
24573 + struct dentry *dentry, struct nameidata *nd)
24575 + struct vs_entry *p = nx_base_stuff;
24576 + struct dentry *error = ERR_PTR(-ENOENT);
24578 + for (; p->name; p++) {
24579 + if (p->len != dentry->d_name.len)
24581 + if (!memcmp(dentry->d_name.name, p->name, p->len))
24587 + error = proc_nid_instantiate(dir, dentry, PROC_I(dir)->fd, p);
24592 +static int proc_nid_readdir(struct file *filp,
24593 + void *dirent, filldir_t filldir)
24595 + struct dentry *dentry = filp->f_dentry;
24596 + struct inode *inode = dentry->d_inode;
24597 + struct vs_entry *p = nx_base_stuff;
24598 + int size = sizeof(nx_base_stuff) / sizeof(struct vs_entry);
24602 + pos = filp->f_pos;
24605 + ino = inode->i_ino;
24606 + if (filldir(dirent, ".", 1, pos, ino, DT_DIR) < 0)
24609 + /* fall through */
24611 + ino = parent_ino(dentry);
24612 + if (filldir(dirent, "..", 2, pos, ino, DT_DIR) < 0)
24615 + /* fall through */
24618 + if (index >= size)
24620 + for (p += index; p->name; p++) {
24621 + if (proc_fill_cache(filp, dirent, filldir, p->name, p->len,
24622 + vs_proc_instantiate, PROC_I(inode)->fd, p))
24628 + filp->f_pos = pos;
24633 +#define MAX_MULBY10 ((~0U - 9) / 10)
24635 +static inline int atovid(const char *str, int len)
24640 + while (len-- > 0) {
24645 + if (vid >= MAX_MULBY10)
24655 +/* now the upper level (virtual) */
24658 +static struct file_operations proc_xid_file_operations = {
24659 + .read = generic_read_dir,
24660 + .readdir = proc_xid_readdir,
24663 +static struct inode_operations proc_xid_inode_operations = {
24664 + .lookup = proc_xid_lookup,
24667 +static struct vs_entry vx_virtual_stuff[] = {
24668 + INF("info", S_IRUGO, virtual_info),
24669 + INF("status", S_IRUGO, virtual_status),
24670 + DIR(NULL, S_IRUGO | S_IXUGO, xid),
24674 +static struct dentry *proc_virtual_lookup(struct inode *dir,
24675 + struct dentry *dentry, struct nameidata *nd)
24677 + struct vs_entry *p = vx_virtual_stuff;
24678 + struct dentry *error = ERR_PTR(-ENOENT);
24681 + for (; p->name; p++) {
24682 + if (p->len != dentry->d_name.len)
24684 + if (!memcmp(dentry->d_name.name, p->name, p->len))
24688 + goto instantiate;
24690 + id = atovid(dentry->d_name.name, dentry->d_name.len);
24691 + if ((id < 0) || !xid_is_hashed(id))
24695 + error = proc_xid_instantiate(dir, dentry, id, p);
24700 +static struct file_operations proc_nid_file_operations = {
24701 + .read = generic_read_dir,
24702 + .readdir = proc_nid_readdir,
24705 +static struct inode_operations proc_nid_inode_operations = {
24706 + .lookup = proc_nid_lookup,
24709 +static struct vs_entry nx_virtnet_stuff[] = {
24710 + INF("info", S_IRUGO, virtnet_info),
24711 + INF("status", S_IRUGO, virtnet_status),
24712 + DIR(NULL, S_IRUGO | S_IXUGO, nid),
24716 +static struct dentry *proc_virtnet_lookup(struct inode *dir,
24717 + struct dentry *dentry, struct nameidata *nd)
24719 + struct vs_entry *p = nx_virtnet_stuff;
24720 + struct dentry *error = ERR_PTR(-ENOENT);
24723 + for (; p->name; p++) {
24724 + if (p->len != dentry->d_name.len)
24726 + if (!memcmp(dentry->d_name.name, p->name, p->len))
24730 + goto instantiate;
24732 + id = atovid(dentry->d_name.name, dentry->d_name.len);
24733 + if ((id < 0) || !nid_is_hashed(id))
24737 + error = proc_nid_instantiate(dir, dentry, id, p);
24743 +#define PROC_MAXVIDS 32
24745 +int proc_virtual_readdir(struct file *filp,
24746 + void *dirent, filldir_t filldir)
24748 + struct dentry *dentry = filp->f_dentry;
24749 + struct inode *inode = dentry->d_inode;
24750 + struct vs_entry *p = vx_virtual_stuff;
24751 + int size = sizeof(vx_virtual_stuff) / sizeof(struct vs_entry);
24753 + unsigned int xid_array[PROC_MAXVIDS];
24754 + char buf[PROC_NUMBUF];
24755 + unsigned int nr_xids, i;
24758 + pos = filp->f_pos;
24761 + ino = inode->i_ino;
24762 + if (filldir(dirent, ".", 1, pos, ino, DT_DIR) < 0)
24765 + /* fall through */
24767 + ino = parent_ino(dentry);
24768 + if (filldir(dirent, "..", 2, pos, ino, DT_DIR) < 0)
24771 + /* fall through */
24774 + if (index >= size)
24776 + for (p += index; p->name; p++) {
24777 + if (proc_fill_cache(filp, dirent, filldir, p->name, p->len,
24778 + vs_proc_instantiate, 0, p))
24783 + index = pos - size;
24784 + p = &vx_virtual_stuff[size - 1];
24785 + nr_xids = get_xid_list(index, xid_array, PROC_MAXVIDS);
24786 + for (i = 0; i < nr_xids; i++) {
24787 + int n, xid = xid_array[i];
24788 + unsigned int j = PROC_NUMBUF;
24792 + buf[--j] = '0' + (n % 10);
24795 + if (proc_fill_cache(filp, dirent, filldir,
24796 + buf + j, PROC_NUMBUF - j,
24797 + vs_proc_instantiate, xid, p))
24803 + filp->f_pos = pos;
24807 +static int proc_virtual_getattr(struct vfsmount *mnt,
24808 + struct dentry *dentry, struct kstat *stat)
24810 + struct inode *inode = dentry->d_inode;
24812 + generic_fillattr(inode, stat);
24813 + stat->nlink = 2 + atomic_read(&vx_global_cactive);
24817 +static struct file_operations proc_virtual_dir_operations = {
24818 + .read = generic_read_dir,
24819 + .readdir = proc_virtual_readdir,
24822 +static struct inode_operations proc_virtual_dir_inode_operations = {
24823 + .getattr = proc_virtual_getattr,
24824 + .lookup = proc_virtual_lookup,
24831 +int proc_virtnet_readdir(struct file *filp,
24832 + void *dirent, filldir_t filldir)
24834 + struct dentry *dentry = filp->f_dentry;
24835 + struct inode *inode = dentry->d_inode;
24836 + struct vs_entry *p = nx_virtnet_stuff;
24837 + int size = sizeof(nx_virtnet_stuff) / sizeof(struct vs_entry);
24839 + unsigned int nid_array[PROC_MAXVIDS];
24840 + char buf[PROC_NUMBUF];
24841 + unsigned int nr_nids, i;
24844 + pos = filp->f_pos;
24847 + ino = inode->i_ino;
24848 + if (filldir(dirent, ".", 1, pos, ino, DT_DIR) < 0)
24851 + /* fall through */
24853 + ino = parent_ino(dentry);
24854 + if (filldir(dirent, "..", 2, pos, ino, DT_DIR) < 0)
24857 + /* fall through */
24860 + if (index >= size)
24862 + for (p += index; p->name; p++) {
24863 + if (proc_fill_cache(filp, dirent, filldir, p->name, p->len,
24864 + vs_proc_instantiate, 0, p))
24869 + index = pos - size;
24870 + p = &nx_virtnet_stuff[size - 1];
24871 + nr_nids = get_nid_list(index, nid_array, PROC_MAXVIDS);
24872 + for (i = 0; i < nr_nids; i++) {
24873 + int n, nid = nid_array[i];
24874 + unsigned int j = PROC_NUMBUF;
24878 + buf[--j] = '0' + (n % 10);
24881 + if (proc_fill_cache(filp, dirent, filldir,
24882 + buf + j, PROC_NUMBUF - j,
24883 + vs_proc_instantiate, nid, p))
24889 + filp->f_pos = pos;
24893 +static int proc_virtnet_getattr(struct vfsmount *mnt,
24894 + struct dentry *dentry, struct kstat *stat)
24896 + struct inode *inode = dentry->d_inode;
24898 + generic_fillattr(inode, stat);
24899 + stat->nlink = 2 + atomic_read(&nx_global_cactive);
24903 +static struct file_operations proc_virtnet_dir_operations = {
24904 + .read = generic_read_dir,
24905 + .readdir = proc_virtnet_readdir,
24908 +static struct inode_operations proc_virtnet_dir_inode_operations = {
24909 + .getattr = proc_virtnet_getattr,
24910 + .lookup = proc_virtnet_lookup,
24915 +void proc_vx_init(void)
24917 + struct proc_dir_entry *ent;
24919 + ent = proc_mkdir("virtual", 0);
24921 + ent->proc_fops = &proc_virtual_dir_operations;
24922 + ent->proc_iops = &proc_virtual_dir_inode_operations;
24924 + proc_virtual = ent;
24926 + ent = proc_mkdir("virtnet", 0);
24928 + ent->proc_fops = &proc_virtnet_dir_operations;
24929 + ent->proc_iops = &proc_virtnet_dir_inode_operations;
24931 + proc_virtnet = ent;
24937 +/* per pid info */
24940 +int proc_pid_vx_info(struct task_struct *p, char *buffer)
24942 + struct vx_info *vxi;
24943 + char *orig = buffer;
24945 + buffer += sprintf(buffer, "XID:\t%d\n", vx_task_xid(p));
24947 + vxi = task_get_vx_info(p);
24951 + buffer += sprintf(buffer, "BCaps:\t");
24952 + buffer = print_cap_t(buffer, &vxi->vx_bcaps);
24953 + buffer += sprintf(buffer, "\n");
24954 + buffer += sprintf(buffer, "CCaps:\t%016llx\n",
24955 + (unsigned long long)vxi->vx_ccaps);
24956 + buffer += sprintf(buffer, "CFlags:\t%016llx\n",
24957 + (unsigned long long)vxi->vx_flags);
24958 + buffer += sprintf(buffer, "CIPid:\t%d\n", vxi->vx_initpid);
24960 + put_vx_info(vxi);
24962 + return buffer - orig;
24966 +int proc_pid_nx_info(struct task_struct *p, char *buffer)
24968 + struct nx_info *nxi;
24969 + struct nx_addr_v4 *v4a;
24970 +#ifdef CONFIG_IPV6
24971 + struct nx_addr_v6 *v6a;
24973 + char *orig = buffer;
24976 + buffer += sprintf(buffer, "NID:\t%d\n", nx_task_nid(p));
24978 + nxi = task_get_nx_info(p);
24982 + buffer += sprintf(buffer, "NCaps:\t%016llx\n",
24983 + (unsigned long long)nxi->nx_ncaps);
24984 + buffer += sprintf(buffer, "NFlags:\t%016llx\n",
24985 + (unsigned long long)nxi->nx_flags);
24987 + buffer += sprintf(buffer,
24988 + "V4Root[bcast]:\t" NIPQUAD_FMT "\n",
24989 + NIPQUAD(nxi->v4_bcast.s_addr));
24990 + buffer += sprintf (buffer,
24991 + "V4Root[lback]:\t" NIPQUAD_FMT "\n",
24992 + NIPQUAD(nxi->v4_lback.s_addr));
24993 + if (!NX_IPV4(nxi))
24995 + for (i = 0, v4a = &nxi->v4; v4a; i++, v4a = v4a->next)
24996 + buffer += sprintf(buffer, "V4Root[%d]:\t" NXAV4_FMT "\n",
24999 +#ifdef CONFIG_IPV6
25000 + if (!NX_IPV6(nxi))
25002 + for (i = 0, v6a = &nxi->v6; v6a; i++, v6a = v6a->next)
25003 + buffer += sprintf(buffer, "V6Root[%d]:\t" NXAV6_FMT "\n",
25007 + put_nx_info(nxi);
25009 + return buffer - orig;
25012 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/sched.c linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/sched.c
25013 --- linux-2.6.25.11/kernel/vserver/sched.c 1969-12-31 19:00:00.000000000 -0500
25014 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/sched.c 2008-04-29 18:40:09.000000000 -0400
25017 + * linux/kernel/vserver/sched.c
25019 + * Virtual Server: Scheduler Support
25021 + * Copyright (C) 2004-2007 Herbert Pötzl
25023 + * V0.01 adapted Sam Vilains version to 2.6.3
25024 + * V0.02 removed legacy interface
25025 + * V0.03 changed vcmds to vxi arg
25026 + * V0.04 removed older and legacy interfaces
25030 +#include <linux/vs_context.h>
25031 +#include <linux/vs_sched.h>
25032 +#include <linux/vserver/sched_cmd.h>
25034 +#include <asm/uaccess.h>
25037 +#define vxd_check_range(val, min, max) do { \
25038 + vxlprintk((val < min) || (val > max), \
25039 + "check_range(%ld,%ld,%ld)", \
25040 + (long)val, (long)min, (long)max, \
25041 + __FILE__, __LINE__); \
25045 +void vx_update_sched_param(struct _vx_sched *sched,
25046 + struct _vx_sched_pc *sched_pc)
25048 + unsigned int set_mask = sched->update_mask;
25050 + if (set_mask & VXSM_FILL_RATE)
25051 + sched_pc->fill_rate[0] = sched->fill_rate[0];
25052 + if (set_mask & VXSM_INTERVAL)
25053 + sched_pc->interval[0] = sched->interval[0];
25054 + if (set_mask & VXSM_FILL_RATE2)
25055 + sched_pc->fill_rate[1] = sched->fill_rate[1];
25056 + if (set_mask & VXSM_INTERVAL2)
25057 + sched_pc->interval[1] = sched->interval[1];
25058 + if (set_mask & VXSM_TOKENS)
25059 + sched_pc->tokens = sched->tokens;
25060 + if (set_mask & VXSM_TOKENS_MIN)
25061 + sched_pc->tokens_min = sched->tokens_min;
25062 + if (set_mask & VXSM_TOKENS_MAX)
25063 + sched_pc->tokens_max = sched->tokens_max;
25064 + if (set_mask & VXSM_PRIO_BIAS)
25065 + sched_pc->prio_bias = sched->prio_bias;
25067 + if (set_mask & VXSM_IDLE_TIME)
25068 + sched_pc->flags |= VXSF_IDLE_TIME;
25070 + sched_pc->flags &= ~VXSF_IDLE_TIME;
25073 + sched_pc->norm_time = jiffies;
25078 + * recalculate the context's scheduling tokens
25080 + * ret > 0 : number of tokens available
25081 + * ret < 0 : on hold, check delta_min[]
25082 + * -1 only jiffies
25083 + * -2 also idle time
25086 +int vx_tokens_recalc(struct _vx_sched_pc *sched_pc,
25087 + unsigned long *norm_time, unsigned long *idle_time, int delta_min[2])
25091 + int flags = sched_pc->flags;
25093 + /* how much time did pass? */
25094 + delta = *norm_time - sched_pc->norm_time;
25095 + vxd_check_range(delta, 0, INT_MAX);
25097 + if (delta >= sched_pc->interval[0]) {
25098 + long tokens, integral;
25100 + /* calc integral token part */
25101 + tokens = delta / sched_pc->interval[0];
25102 + integral = tokens * sched_pc->interval[0];
25103 + tokens *= sched_pc->fill_rate[0];
25104 +#ifdef CONFIG_VSERVER_HARDCPU
25105 + delta_min[0] = delta - integral;
25106 + vxd_check_range(delta_min[0], 0, sched_pc->interval[0]);
25108 + /* advance time */
25109 + sched_pc->norm_time += delta;
25112 + sched_pc->tokens += tokens;
25113 + sched_pc->token_time += tokens;
25115 + delta_min[0] = delta;
25117 +#ifdef CONFIG_VSERVER_IDLETIME
25118 + if (!(flags & VXSF_IDLE_TIME))
25121 + /* how much was the idle skip? */
25122 + delta = *idle_time - sched_pc->idle_time;
25123 + vxd_check_range(delta, 0, INT_MAX);
25125 + if (delta >= sched_pc->interval[1]) {
25126 + long tokens, integral;
25128 + /* calc fair share token part */
25129 + tokens = delta / sched_pc->interval[1];
25130 + integral = tokens * sched_pc->interval[1];
25131 + tokens *= sched_pc->fill_rate[1];
25132 + delta_min[1] = delta - integral;
25133 + vxd_check_range(delta_min[1], 0, sched_pc->interval[1]);
25135 + /* advance idle time */
25136 + sched_pc->idle_time += integral;
25139 + sched_pc->tokens += tokens;
25140 + sched_pc->token_time += tokens;
25142 + delta_min[1] = delta;
25146 + /* clip at maximum */
25147 + if (sched_pc->tokens > sched_pc->tokens_max)
25148 + sched_pc->tokens = sched_pc->tokens_max;
25149 + tokens = sched_pc->tokens;
25151 + if ((flags & VXSF_ONHOLD)) {
25152 + /* can we unhold? */
25153 + if (tokens >= sched_pc->tokens_min) {
25154 + flags &= ~VXSF_ONHOLD;
25155 + sched_pc->hold_ticks +=
25156 + *norm_time - sched_pc->onhold;
25160 + /* put on hold? */
25161 + if (tokens <= 0) {
25162 + flags |= VXSF_ONHOLD;
25163 + sched_pc->onhold = *norm_time;
25167 + sched_pc->flags = flags;
25171 + tokens = sched_pc->tokens_min - tokens;
25172 + sched_pc->flags = flags;
25173 + BUG_ON(tokens < 0);
25175 +#ifdef CONFIG_VSERVER_HARDCPU
25176 + /* next interval? */
25177 + if (!sched_pc->fill_rate[0])
25178 + delta_min[0] = HZ;
25179 + else if (tokens > sched_pc->fill_rate[0])
25180 + delta_min[0] += sched_pc->interval[0] *
25181 + tokens / sched_pc->fill_rate[0];
25183 + delta_min[0] = sched_pc->interval[0] - delta_min[0];
25184 + vxd_check_range(delta_min[0], 0, INT_MAX);
25186 +#ifdef CONFIG_VSERVER_IDLETIME
25187 + if (!(flags & VXSF_IDLE_TIME))
25190 + /* next interval? */
25191 + if (!sched_pc->fill_rate[1])
25192 + delta_min[1] = HZ;
25193 + else if (tokens > sched_pc->fill_rate[1])
25194 + delta_min[1] += sched_pc->interval[1] *
25195 + tokens / sched_pc->fill_rate[1];
25197 + delta_min[1] = sched_pc->interval[1] - delta_min[1];
25198 + vxd_check_range(delta_min[1], 0, INT_MAX);
25203 +#endif /* CONFIG_VSERVER_IDLETIME */
25206 +#endif /* CONFIG_VSERVER_HARDCPU */
25209 +static inline unsigned long msec_to_ticks(unsigned long msec)
25211 + return msecs_to_jiffies(msec);
25214 +static inline unsigned long ticks_to_msec(unsigned long ticks)
25216 + return jiffies_to_msecs(ticks);
25219 +static inline unsigned long ticks_to_usec(unsigned long ticks)
25221 + return jiffies_to_usecs(ticks);
25225 +static int do_set_sched(struct vx_info *vxi, struct vcmd_sched_v5 *data)
25227 + unsigned int set_mask = data->mask;
25228 + unsigned int update_mask;
25231 + /* Sanity check data values */
25232 + if (data->tokens_max <= 0)
25233 + data->tokens_max = HZ;
25234 + if (data->tokens_min < 0)
25235 + data->tokens_min = HZ / 3;
25236 + if (data->tokens_min >= data->tokens_max)
25237 + data->tokens_min = data->tokens_max;
25239 + if (data->prio_bias > MAX_PRIO_BIAS)
25240 + data->prio_bias = MAX_PRIO_BIAS;
25241 + if (data->prio_bias < MIN_PRIO_BIAS)
25242 + data->prio_bias = MIN_PRIO_BIAS;
25244 + spin_lock(&vxi->sched.tokens_lock);
25246 + /* sync up on delayed updates */
25247 + for_each_cpu_mask(cpu, vxi->sched.update)
25248 + vx_update_sched_param(&vxi->sched,
25249 + &vx_per_cpu(vxi, sched_pc, cpu));
25251 + if (set_mask & VXSM_FILL_RATE)
25252 + vxi->sched.fill_rate[0] = data->fill_rate[0];
25253 + if (set_mask & VXSM_FILL_RATE2)
25254 + vxi->sched.fill_rate[1] = data->fill_rate[1];
25255 + if (set_mask & VXSM_INTERVAL)
25256 + vxi->sched.interval[0] = (set_mask & VXSM_MSEC) ?
25257 + msec_to_ticks(data->interval[0]) : data->interval[0];
25258 + if (set_mask & VXSM_INTERVAL2)
25259 + vxi->sched.interval[1] = (set_mask & VXSM_MSEC) ?
25260 + msec_to_ticks(data->interval[1]) : data->interval[1];
25261 + if (set_mask & VXSM_TOKENS)
25262 + vxi->sched.tokens = data->tokens;
25263 + if (set_mask & VXSM_TOKENS_MIN)
25264 + vxi->sched.tokens_min = data->tokens_min;
25265 + if (set_mask & VXSM_TOKENS_MAX)
25266 + vxi->sched.tokens_max = data->tokens_max;
25267 + if (set_mask & VXSM_PRIO_BIAS)
25268 + vxi->sched.prio_bias = data->prio_bias;
25270 + /* Sanity check rate/interval */
25271 + for (i = 0; i < 2; i++) {
25272 + if (data->fill_rate[i] < 0)
25273 + data->fill_rate[i] = 0;
25274 + if (data->interval[i] <= 0)
25275 + data->interval[i] = HZ;
25278 + update_mask = vxi->sched.update_mask & VXSM_SET_MASK;
25279 + update_mask |= (set_mask & (VXSM_SET_MASK | VXSM_IDLE_TIME));
25280 + vxi->sched.update_mask = update_mask;
25284 + if (set_mask & VXSM_CPU_ID) {
25285 + vxi->sched.update = cpumask_of_cpu(data->cpu_id);
25286 + cpus_and(vxi->sched.update, cpu_online_map,
25287 + vxi->sched.update);
25289 + vxi->sched.update = cpu_online_map;
25291 + /* forced reload? */
25292 + if (set_mask & VXSM_FORCE) {
25293 + for_each_cpu_mask(cpu, vxi->sched.update)
25294 + vx_update_sched_param(&vxi->sched,
25295 + &vx_per_cpu(vxi, sched_pc, cpu));
25296 + vxi->sched.update = CPU_MASK_NONE;
25299 + /* on UP we update immediately */
25300 + vx_update_sched_param(&vxi->sched,
25301 + &vx_per_cpu(vxi, sched_pc, 0));
25304 + spin_unlock(&vxi->sched.tokens_lock);
25309 +#define COPY_IDS(C) C(cpu_id); C(bucket_id)
25310 +#define COPY_PRI(C) C(prio_bias)
25311 +#define COPY_TOK(C) C(tokens); C(tokens_min); C(tokens_max)
25312 +#define COPY_FRI(C) C(fill_rate[0]); C(interval[0]); \
25313 + C(fill_rate[1]); C(interval[1]);
25315 +#define COPY_VALUE(name) vc_data.name = data->name
25317 +static int do_set_sched_v4(struct vx_info *vxi, struct vcmd_set_sched_v4 *data)
25319 + struct vcmd_sched_v5 vc_data;
25321 + vc_data.mask = data->set_mask;
25322 + COPY_IDS(COPY_VALUE);
25323 + COPY_PRI(COPY_VALUE);
25324 + COPY_TOK(COPY_VALUE);
25325 + vc_data.fill_rate[0] = vc_data.fill_rate[1] = data->fill_rate;
25326 + vc_data.interval[0] = vc_data.interval[1] = data->interval;
25327 + return do_set_sched(vxi, &vc_data);
25330 +int vc_set_sched_v4(struct vx_info *vxi, void __user *data)
25332 + struct vcmd_set_sched_v4 vc_data;
25334 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
25337 + return do_set_sched_v4(vxi, &vc_data);
25340 + /* latest interface is v5 */
25342 +int vc_set_sched(struct vx_info *vxi, void __user *data)
25344 + struct vcmd_sched_v5 vc_data;
25346 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
25349 + return do_set_sched(vxi, &vc_data);
25353 +#define COPY_PRI(C) C(prio_bias)
25354 +#define COPY_TOK(C) C(tokens); C(tokens_min); C(tokens_max)
25355 +#define COPY_FRI(C) C(fill_rate[0]); C(interval[0]); \
25356 + C(fill_rate[1]); C(interval[1]);
25358 +#define COPY_VALUE(name) vc_data.name = data->name
25361 +int vc_get_sched(struct vx_info *vxi, void __user *data)
25363 + struct vcmd_sched_v5 vc_data;
25365 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
25368 + if (vc_data.mask & VXSM_CPU_ID) {
25369 + int cpu = vc_data.cpu_id;
25370 + struct _vx_sched_pc *data;
25372 + if (!cpu_possible(cpu))
25375 + data = &vx_per_cpu(vxi, sched_pc, cpu);
25376 + COPY_TOK(COPY_VALUE);
25377 + COPY_PRI(COPY_VALUE);
25378 + COPY_FRI(COPY_VALUE);
25380 + if (data->flags & VXSF_IDLE_TIME)
25381 + vc_data.mask |= VXSM_IDLE_TIME;
25383 + struct _vx_sched *data = &vxi->sched;
25385 + COPY_TOK(COPY_VALUE);
25386 + COPY_PRI(COPY_VALUE);
25387 + COPY_FRI(COPY_VALUE);
25390 + if (vc_data.mask & VXSM_MSEC) {
25391 + vc_data.interval[0] = ticks_to_msec(vc_data.interval[0]);
25392 + vc_data.interval[1] = ticks_to_msec(vc_data.interval[1]);
25395 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
25401 +int vc_sched_info(struct vx_info *vxi, void __user *data)
25403 + struct vcmd_sched_info vc_data;
25406 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
25409 + cpu = vc_data.cpu_id;
25410 + if (!cpu_possible(cpu))
25414 + struct _vx_sched_pc *sched_pc =
25415 + &vx_per_cpu(vxi, sched_pc, cpu);
25417 + vc_data.user_msec = ticks_to_msec(sched_pc->user_ticks);
25418 + vc_data.sys_msec = ticks_to_msec(sched_pc->sys_ticks);
25419 + vc_data.hold_msec = ticks_to_msec(sched_pc->hold_ticks);
25420 + vc_data.vavavoom = sched_pc->vavavoom;
25422 + vc_data.token_usec = ticks_to_usec(1);
25424 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
25429 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/sched_init.h linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/sched_init.h
25430 --- linux-2.6.25.11/kernel/vserver/sched_init.h 1969-12-31 19:00:00.000000000 -0500
25431 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/sched_init.h 2008-04-19 15:14:52.000000000 -0400
25434 +static inline void vx_info_init_sched(struct _vx_sched *sched)
25436 + static struct lock_class_key tokens_lock_key;
25438 + /* scheduling; hard code starting values as constants */
25439 + sched->fill_rate[0] = 1;
25440 + sched->interval[0] = 4;
25441 + sched->fill_rate[1] = 1;
25442 + sched->interval[1] = 8;
25443 + sched->tokens = HZ >> 2;
25444 + sched->tokens_min = HZ >> 4;
25445 + sched->tokens_max = HZ >> 1;
25446 + sched->tokens_lock = SPIN_LOCK_UNLOCKED;
25447 + sched->prio_bias = 0;
25449 + lockdep_set_class(&sched->tokens_lock, &tokens_lock_key);
25453 +void vx_info_init_sched_pc(struct _vx_sched_pc *sched_pc, int cpu)
25455 + sched_pc->fill_rate[0] = 1;
25456 + sched_pc->interval[0] = 4;
25457 + sched_pc->fill_rate[1] = 1;
25458 + sched_pc->interval[1] = 8;
25459 + sched_pc->tokens = HZ >> 2;
25460 + sched_pc->tokens_min = HZ >> 4;
25461 + sched_pc->tokens_max = HZ >> 1;
25462 + sched_pc->prio_bias = 0;
25463 + sched_pc->vavavoom = 0;
25464 + sched_pc->token_time = 0;
25465 + sched_pc->idle_time = 0;
25466 + sched_pc->norm_time = jiffies;
25468 + sched_pc->user_ticks = 0;
25469 + sched_pc->sys_ticks = 0;
25470 + sched_pc->hold_ticks = 0;
25473 +static inline void vx_info_exit_sched(struct _vx_sched *sched)
25479 +void vx_info_exit_sched_pc(struct _vx_sched_pc *sched_pc, int cpu)
25483 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/sched_proc.h linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/sched_proc.h
25484 --- linux-2.6.25.11/kernel/vserver/sched_proc.h 1969-12-31 19:00:00.000000000 -0500
25485 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/sched_proc.h 2008-04-19 15:14:52.000000000 -0400
25487 +#ifndef _VX_SCHED_PROC_H
25488 +#define _VX_SCHED_PROC_H
25492 +int vx_info_proc_sched(struct _vx_sched *sched, char *buffer)
25496 + length += sprintf(buffer,
25497 + "FillRate:\t%8d,%d\n"
25498 + "Interval:\t%8d,%d\n"
25499 + "TokensMin:\t%8d\n"
25500 + "TokensMax:\t%8d\n"
25501 + "PrioBias:\t%8d\n",
25502 + sched->fill_rate[0],
25503 + sched->fill_rate[1],
25504 + sched->interval[0],
25505 + sched->interval[1],
25506 + sched->tokens_min,
25507 + sched->tokens_max,
25508 + sched->prio_bias);
25513 +int vx_info_proc_sched_pc(struct _vx_sched_pc *sched_pc,
25514 + char *buffer, int cpu)
25518 + length += sprintf(buffer + length,
25519 + "cpu %d: %lld %lld %lld %ld %ld", cpu,
25520 + (unsigned long long)sched_pc->user_ticks,
25521 + (unsigned long long)sched_pc->sys_ticks,
25522 + (unsigned long long)sched_pc->hold_ticks,
25523 + sched_pc->token_time,
25524 + sched_pc->idle_time);
25525 + length += sprintf(buffer + length,
25526 + " %c%c %d %d %d %d/%d %d/%d",
25527 + (sched_pc->flags & VXSF_ONHOLD) ? 'H' : 'R',
25528 + (sched_pc->flags & VXSF_IDLE_TIME) ? 'I' : '-',
25529 + sched_pc->tokens,
25530 + sched_pc->tokens_min,
25531 + sched_pc->tokens_max,
25532 + sched_pc->fill_rate[0],
25533 + sched_pc->interval[0],
25534 + sched_pc->fill_rate[1],
25535 + sched_pc->interval[1]);
25536 + length += sprintf(buffer + length,
25538 + sched_pc->prio_bias,
25539 + sched_pc->vavavoom);
25543 +#endif /* _VX_SCHED_PROC_H */
25544 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/signal.c linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/signal.c
25545 --- linux-2.6.25.11/kernel/vserver/signal.c 1969-12-31 19:00:00.000000000 -0500
25546 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/signal.c 2008-04-19 15:14:52.000000000 -0400
25549 + * linux/kernel/vserver/signal.c
25551 + * Virtual Server: Signal Support
25553 + * Copyright (C) 2003-2007 Herbert Pötzl
25555 + * V0.01 broken out from vcontext V0.05
25556 + * V0.02 changed vcmds to vxi arg
25557 + * V0.03 adjusted siginfo for kill
25561 +#include <asm/uaccess.h>
25563 +#include <linux/vs_context.h>
25564 +#include <linux/vs_pid.h>
25565 +#include <linux/vserver/signal_cmd.h>
25568 +int vx_info_kill(struct vx_info *vxi, int pid, int sig)
25570 + int retval, count = 0;
25571 + struct task_struct *p;
25572 + struct siginfo *sip = SEND_SIG_PRIV;
25575 + vxdprintk(VXD_CBIT(misc, 4),
25576 + "vx_info_kill(%p[#%d],%d,%d)*",
25577 + vxi, vxi->vx_id, pid, sig);
25578 + read_lock(&tasklist_lock);
25582 + for_each_process(p) {
25585 + if (vx_task_xid(p) != vxi->vx_id || p->pid <= 1 ||
25586 + (pid && vxi->vx_initpid == p->pid))
25589 + err = group_send_sig_info(sig, sip, p);
25591 + if (err != -EPERM)
25597 + if (vxi->vx_initpid) {
25598 + pid = vxi->vx_initpid;
25599 + /* for now, only SIGINT to private init ... */
25600 + if (!vx_info_flags(vxi, VXF_STATE_ADMIN, 0) &&
25601 + /* ... as long as there are tasks left */
25602 + (atomic_read(&vxi->vx_tasks) > 1))
25605 + /* fallthrough */
25607 + p = find_task_by_real_pid(pid);
25609 + if (vx_task_xid(p) == vxi->vx_id)
25610 + retval = group_send_sig_info(sig, sip, p);
25614 + read_unlock(&tasklist_lock);
25615 + vxdprintk(VXD_CBIT(misc, 4),
25616 + "vx_info_kill(%p[#%d],%d,%d,%ld) = %d",
25617 + vxi, vxi->vx_id, pid, sig, (long)sip, retval);
25621 +int vc_ctx_kill(struct vx_info *vxi, void __user *data)
25623 + struct vcmd_ctx_kill_v0 vc_data;
25625 + if (copy_from_user(&vc_data, data, sizeof(vc_data)))
25628 + /* special check to allow guest shutdown */
25629 + if (!vx_info_flags(vxi, VXF_STATE_ADMIN, 0) &&
25630 + /* forbid killall pid=0 when init is present */
25631 + (((vc_data.pid < 1) && vxi->vx_initpid) ||
25632 + (vc_data.pid > 1)))
25635 + return vx_info_kill(vxi, vc_data.pid, vc_data.sig);
25639 +static int __wait_exit(struct vx_info *vxi)
25641 + DECLARE_WAITQUEUE(wait, current);
25644 + add_wait_queue(&vxi->vx_wait, &wait);
25645 + set_current_state(TASK_INTERRUPTIBLE);
25648 + if (vx_info_state(vxi,
25649 + VXS_SHUTDOWN | VXS_HASHED | VXS_HELPER) == VXS_SHUTDOWN)
25651 + if (signal_pending(current)) {
25652 + ret = -ERESTARTSYS;
25659 + set_current_state(TASK_RUNNING);
25660 + remove_wait_queue(&vxi->vx_wait, &wait);
25666 +int vc_wait_exit(struct vx_info *vxi, void __user *data)
25668 + struct vcmd_wait_exit_v0 vc_data;
25671 + ret = __wait_exit(vxi);
25672 + vc_data.reboot_cmd = vxi->reboot_cmd;
25673 + vc_data.exit_code = vxi->exit_code;
25675 + if (copy_to_user(data, &vc_data, sizeof(vc_data)))
25680 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/space.c linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/space.c
25681 --- linux-2.6.25.11/kernel/vserver/space.c 1969-12-31 19:00:00.000000000 -0500
25682 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/space.c 2008-07-16 00:21:04.000000000 -0400
25685 + * linux/kernel/vserver/space.c
25687 + * Virtual Server: Context Space Support
25689 + * Copyright (C) 2003-2007 Herbert Pötzl
25691 + * V0.01 broken out from context.c 0.07
25692 + * V0.02 added task locking for namespace
25693 + * V0.03 broken out vx_enter_namespace
25694 + * V0.04 added *space support and commands
25698 +#include <linux/utsname.h>
25699 +#include <linux/nsproxy.h>
25700 +#include <linux/err.h>
25701 +#include <asm/uaccess.h>
25703 +#include <linux/vs_context.h>
25704 +#include <linux/vserver/space.h>
25705 +#include <linux/vserver/space_cmd.h>
25707 +atomic_t vs_global_nsproxy = ATOMIC_INIT(0);
25708 +atomic_t vs_global_fs = ATOMIC_INIT(0);
25709 +atomic_t vs_global_mnt_ns = ATOMIC_INIT(0);
25710 +atomic_t vs_global_uts_ns = ATOMIC_INIT(0);
25711 +atomic_t vs_global_ipc_ns = ATOMIC_INIT(0);
25712 +atomic_t vs_global_user_ns = ATOMIC_INIT(0);
25713 +atomic_t vs_global_pid_ns = ATOMIC_INIT(0);
25716 +/* namespace functions */
25718 +#include <linux/mnt_namespace.h>
25719 +#include <linux/user_namespace.h>
25720 +#include <linux/pid_namespace.h>
25721 +#include <linux/ipc_namespace.h>
25722 +#include <net/net_namespace.h>
25725 +static const struct vcmd_space_mask space_mask_v0 = {
25726 + .mask = CLONE_FS |
25734 +static const struct vcmd_space_mask space_mask = {
25735 + .mask = CLONE_FS |
25740 +#ifdef CONFIG_PID_NS
25743 +#ifdef CONFIG_NET_NS
25749 +static const struct vcmd_space_mask default_space_mask = {
25750 + .mask = CLONE_FS |
25755 +#ifdef CONFIG_PID_NS
25762 + * build a new nsproxy mix
25763 + * assumes that both proxies are 'const'
25764 + * does not touch nsproxy refcounts
25765 + * will hold a reference on the result.
25768 +struct nsproxy *vs_mix_nsproxy(struct nsproxy *old_nsproxy,
25769 + struct nsproxy *new_nsproxy, unsigned long mask)
25771 + struct mnt_namespace *old_ns;
25772 + struct uts_namespace *old_uts;
25773 + struct ipc_namespace *old_ipc;
25774 + struct user_namespace *old_user;
25775 +#ifdef CONFIG_PID_NS
25776 + struct pid_namespace *old_pid;
25778 +#ifdef CONFIG_NET_NS
25779 + struct net *old_net;
25781 + struct nsproxy *nsproxy;
25783 + nsproxy = copy_nsproxy(old_nsproxy);
25787 + if (mask & CLONE_NEWNS) {
25788 + old_ns = nsproxy->mnt_ns;
25789 + nsproxy->mnt_ns = new_nsproxy->mnt_ns;
25790 + if (nsproxy->mnt_ns)
25791 + get_mnt_ns(nsproxy->mnt_ns);
25795 + if (mask & CLONE_NEWUTS) {
25796 + old_uts = nsproxy->uts_ns;
25797 + nsproxy->uts_ns = new_nsproxy->uts_ns;
25798 + if (nsproxy->uts_ns)
25799 + get_uts_ns(nsproxy->uts_ns);
25803 + if (mask & CLONE_NEWIPC) {
25804 + old_ipc = nsproxy->ipc_ns;
25805 + nsproxy->ipc_ns = new_nsproxy->ipc_ns;
25806 + if (nsproxy->ipc_ns)
25807 + get_ipc_ns(nsproxy->ipc_ns);
25811 + if (mask & CLONE_NEWUSER) {
25812 + old_user = nsproxy->user_ns;
25813 + nsproxy->user_ns = new_nsproxy->user_ns;
25814 + if (nsproxy->user_ns)
25815 + get_user_ns(nsproxy->user_ns);
25819 +#ifdef CONFIG_PID_NS
25820 + if (mask & CLONE_NEWPID) {
25821 + old_pid = nsproxy->pid_ns;
25822 + nsproxy->pid_ns = new_nsproxy->pid_ns;
25823 + if (nsproxy->pid_ns)
25824 + get_pid_ns(nsproxy->pid_ns);
25828 +#ifdef CONFIG_NET_NS
25829 + if (mask & CLONE_NEWNET) {
25830 + old_net = nsproxy->net_ns;
25831 + nsproxy->net_ns = new_nsproxy->net_ns;
25832 + if (nsproxy->net_ns)
25833 + get_net(nsproxy->net_ns);
25838 + put_mnt_ns(old_ns);
25840 + put_uts_ns(old_uts);
25842 + put_ipc_ns(old_ipc);
25844 + put_user_ns(old_user);
25845 +#ifdef CONFIG_PID_NS
25847 + put_pid_ns(old_pid);
25849 +#ifdef CONFIG_NET_NS
25851 + put_net(old_net);
25859 + * merge two nsproxy structs into a new one.
25860 + * will hold a reference on the result.
25864 +struct nsproxy *__vs_merge_nsproxy(struct nsproxy *old,
25865 + struct nsproxy *proxy, unsigned long mask)
25867 + struct nsproxy null_proxy = { .mnt_ns = NULL };
25873 + /* vs_mix_nsproxy returns with reference */
25874 + return vs_mix_nsproxy(old ? old : &null_proxy,
25877 + get_nsproxy(proxy);
25882 + * merge two fs structs into a new one.
25883 + * will take a reference on the result.
25887 +struct fs_struct *__vs_merge_fs(struct fs_struct *old,
25888 + struct fs_struct *fs, unsigned long mask)
25890 + if (!(mask & CLONE_FS)) {
25892 + atomic_inc(&old->count);
25899 + return copy_fs_struct(fs);
25903 +int vx_enter_space(struct vx_info *vxi, unsigned long mask)
25905 + struct nsproxy *proxy, *proxy_cur, *proxy_new;
25906 + struct fs_struct *fs, *fs_cur, *fs_new;
25909 + vxdprintk(VXD_CBIT(space, 8), "vx_enter_space(%p[#%u],0x%08lx)",
25910 + vxi, vxi->vx_id, mask);
25912 + if (vx_info_flags(vxi, VXF_INFO_PRIVATE, 0))
25916 + mask = vxi->vx_nsmask;
25918 + if ((mask & vxi->vx_nsmask) != mask)
25921 + proxy = vxi->vx_nsproxy;
25924 + task_lock(current);
25925 + fs_cur = current->fs;
25926 + atomic_inc(&fs_cur->count);
25927 + proxy_cur = current->nsproxy;
25928 + get_nsproxy(proxy_cur);
25929 + task_unlock(current);
25931 + fs_new = __vs_merge_fs(fs_cur, fs, mask);
25932 + if (IS_ERR(fs_new)) {
25933 + ret = PTR_ERR(fs_new);
25937 + proxy_new = __vs_merge_nsproxy(proxy_cur, proxy, mask);
25938 + if (IS_ERR(proxy_new)) {
25939 + ret = PTR_ERR(proxy_new);
25943 + fs_new = xchg(¤t->fs, fs_new);
25944 + proxy_new = xchg(¤t->nsproxy, proxy_new);
25948 + put_nsproxy(proxy_new);
25951 + put_fs_struct(fs_new);
25954 + put_nsproxy(proxy_cur);
25956 + put_fs_struct(fs_cur);
25961 +int vx_set_space(struct vx_info *vxi, unsigned long mask)
25963 + struct nsproxy *proxy_vxi, *proxy_cur, *proxy_new;
25964 + struct fs_struct *fs_vxi, *fs_cur, *fs_new;
25967 + vxdprintk(VXD_CBIT(space, 8), "vx_set_space(%p[#%u],0x%08lx)",
25968 + vxi, vxi->vx_id, mask);
25971 + mask = default_space_mask.mask;
25973 + if ((mask & space_mask.mask) != mask)
25976 + proxy_vxi = vxi->vx_nsproxy;
25977 + fs_vxi = vxi->vx_fs;
25979 + task_lock(current);
25980 + fs_cur = current->fs;
25981 + atomic_inc(&fs_cur->count);
25982 + proxy_cur = current->nsproxy;
25983 + get_nsproxy(proxy_cur);
25984 + task_unlock(current);
25986 + fs_new = __vs_merge_fs(fs_vxi, fs_cur, mask);
25987 + if (IS_ERR(fs_new)) {
25988 + ret = PTR_ERR(fs_new);
25992 + proxy_new = __vs_merge_nsproxy(proxy_vxi, proxy_cur, mask);
25993 + if (IS_ERR(proxy_new)) {
25994 + ret = PTR_ERR(proxy_new);
25998 + fs_new = xchg(&vxi->vx_fs, fs_new);
25999 + proxy_new = xchg(&vxi->vx_nsproxy, proxy_new);
26000 + vxi->vx_nsmask |= mask;
26004 + put_nsproxy(proxy_new);
26007 + put_fs_struct(fs_new);
26010 + put_nsproxy(proxy_cur);
26012 + put_fs_struct(fs_cur);
26017 +int vc_enter_space(struct vx_info *vxi, void __user *data)
26019 + struct vcmd_space_mask vc_data = { .mask = 0 };
26021 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
26024 + return vx_enter_space(vxi, vc_data.mask);
26027 +int vc_set_space(struct vx_info *vxi, void __user *data)
26029 + struct vcmd_space_mask vc_data = { .mask = 0 };
26031 + if (data && copy_from_user(&vc_data, data, sizeof(vc_data)))
26034 + return vx_set_space(vxi, vc_data.mask);
26037 +int vc_get_space_mask(void __user *data, int type)
26039 + const struct vcmd_space_mask *mask;
26042 + mask = &space_mask_v0;
26043 + else if (type == 1)
26044 + mask = &space_mask;
26046 + mask = &default_space_mask;
26048 + vxdprintk(VXD_CBIT(space, 10),
26049 + "vc_get_space_mask(%d) = %08llx", type, mask->mask);
26051 + if (copy_to_user(data, mask, sizeof(struct vcmd_space_mask)))
26056 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/switch.c linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/switch.c
26057 --- linux-2.6.25.11/kernel/vserver/switch.c 1969-12-31 19:00:00.000000000 -0500
26058 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/switch.c 2008-07-16 00:21:47.000000000 -0400
26061 + * linux/kernel/vserver/switch.c
26063 + * Virtual Server: Syscall Switch
26065 + * Copyright (C) 2003-2007 Herbert Pötzl
26067 + * V0.01 syscall switch
26068 + * V0.02 added signal to context
26069 + * V0.03 added rlimit functions
26070 + * V0.04 added iattr, task/xid functions
26071 + * V0.05 added debug/history stuff
26072 + * V0.06 added compat32 layer
26073 + * V0.07 vcmd args and perms
26074 + * V0.08 added status commands
26075 + * V0.09 added tag commands
26076 + * V0.10 added oom bias
26077 + * V0.11 added device commands
26081 +#include <linux/vs_context.h>
26082 +#include <linux/vs_network.h>
26083 +#include <linux/vserver/switch.h>
26085 +#include "vci_config.h"
26089 +int vc_get_version(uint32_t id)
26091 + return VCI_VERSION;
26095 +int vc_get_vci(uint32_t id)
26097 + return vci_kernel_config();
26100 +#include <linux/vserver/context_cmd.h>
26101 +#include <linux/vserver/cvirt_cmd.h>
26102 +#include <linux/vserver/cacct_cmd.h>
26103 +#include <linux/vserver/limit_cmd.h>
26104 +#include <linux/vserver/network_cmd.h>
26105 +#include <linux/vserver/sched_cmd.h>
26106 +#include <linux/vserver/debug_cmd.h>
26107 +#include <linux/vserver/inode_cmd.h>
26108 +#include <linux/vserver/dlimit_cmd.h>
26109 +#include <linux/vserver/signal_cmd.h>
26110 +#include <linux/vserver/space_cmd.h>
26111 +#include <linux/vserver/tag_cmd.h>
26112 +#include <linux/vserver/device_cmd.h>
26114 +#include <linux/vserver/inode.h>
26115 +#include <linux/vserver/dlimit.h>
26118 +#ifdef CONFIG_COMPAT
26119 +#define __COMPAT(name, id, data, compat) \
26120 + (compat) ? name ## _x32(id, data) : name(id, data)
26121 +#define __COMPAT_NO_ID(name, data, compat) \
26122 + (compat) ? name ## _x32(data) : name(data)
26124 +#define __COMPAT(name, id, data, compat) \
26126 +#define __COMPAT_NO_ID(name, data, compat) \
26132 +long do_vcmd(uint32_t cmd, uint32_t id,
26133 + struct vx_info *vxi, struct nx_info *nxi,
26134 + void __user *data, int compat)
26138 + case VCMD_get_version:
26139 + return vc_get_version(id);
26140 + case VCMD_get_vci:
26141 + return vc_get_vci(id);
26143 + case VCMD_task_xid:
26144 + return vc_task_xid(id);
26145 + case VCMD_vx_info:
26146 + return vc_vx_info(vxi, data);
26148 + case VCMD_task_nid:
26149 + return vc_task_nid(id);
26150 + case VCMD_nx_info:
26151 + return vc_nx_info(nxi, data);
26153 + case VCMD_task_tag:
26154 + return vc_task_tag(id);
26156 + /* this is version 1 */
26157 + case VCMD_set_space:
26158 + return vc_set_space(vxi, data);
26160 + case VCMD_get_space_mask_v0:
26161 + return vc_get_space_mask(data, 0);
26162 + /* this is version 1 */
26163 + case VCMD_get_space_mask:
26164 + return vc_get_space_mask(data, 1);
26166 + case VCMD_get_space_default:
26167 + return vc_get_space_mask(data, -1);
26169 +#ifdef CONFIG_IA32_EMULATION
26170 + case VCMD_get_rlimit:
26171 + return __COMPAT(vc_get_rlimit, vxi, data, compat);
26172 + case VCMD_set_rlimit:
26173 + return __COMPAT(vc_set_rlimit, vxi, data, compat);
26175 + case VCMD_get_rlimit:
26176 + return vc_get_rlimit(vxi, data);
26177 + case VCMD_set_rlimit:
26178 + return vc_set_rlimit(vxi, data);
26180 + case VCMD_get_rlimit_mask:
26181 + return vc_get_rlimit_mask(id, data);
26182 + case VCMD_reset_minmax:
26183 + return vc_reset_minmax(vxi, data);
26185 + case VCMD_get_vhi_name:
26186 + return vc_get_vhi_name(vxi, data);
26187 + case VCMD_set_vhi_name:
26188 + return vc_set_vhi_name(vxi, data);
26190 + case VCMD_ctx_stat:
26191 + return vc_ctx_stat(vxi, data);
26192 + case VCMD_virt_stat:
26193 + return vc_virt_stat(vxi, data);
26194 + case VCMD_sock_stat:
26195 + return vc_sock_stat(vxi, data);
26196 + case VCMD_rlimit_stat:
26197 + return vc_rlimit_stat(vxi, data);
26199 + case VCMD_set_cflags:
26200 + return vc_set_cflags(vxi, data);
26201 + case VCMD_get_cflags:
26202 + return vc_get_cflags(vxi, data);
26204 + /* this is version 1 */
26205 + case VCMD_set_ccaps:
26206 + return vc_set_ccaps(vxi, data);
26207 + /* this is version 1 */
26208 + case VCMD_get_ccaps:
26209 + return vc_get_ccaps(vxi, data);
26210 + case VCMD_set_bcaps:
26211 + return vc_set_bcaps(vxi, data);
26212 + case VCMD_get_bcaps:
26213 + return vc_get_bcaps(vxi, data);
26215 + case VCMD_set_badness:
26216 + return vc_set_badness(vxi, data);
26217 + case VCMD_get_badness:
26218 + return vc_get_badness(vxi, data);
26220 + case VCMD_set_nflags:
26221 + return vc_set_nflags(nxi, data);
26222 + case VCMD_get_nflags:
26223 + return vc_get_nflags(nxi, data);
26225 + case VCMD_set_ncaps:
26226 + return vc_set_ncaps(nxi, data);
26227 + case VCMD_get_ncaps:
26228 + return vc_get_ncaps(nxi, data);
26230 + case VCMD_set_sched_v4:
26231 + return vc_set_sched_v4(vxi, data);
26232 + /* this is version 5 */
26233 + case VCMD_set_sched:
26234 + return vc_set_sched(vxi, data);
26235 + case VCMD_get_sched:
26236 + return vc_get_sched(vxi, data);
26237 + case VCMD_sched_info:
26238 + return vc_sched_info(vxi, data);
26240 + case VCMD_add_dlimit:
26241 + return __COMPAT(vc_add_dlimit, id, data, compat);
26242 + case VCMD_rem_dlimit:
26243 + return __COMPAT(vc_rem_dlimit, id, data, compat);
26244 + case VCMD_set_dlimit:
26245 + return __COMPAT(vc_set_dlimit, id, data, compat);
26246 + case VCMD_get_dlimit:
26247 + return __COMPAT(vc_get_dlimit, id, data, compat);
26249 + case VCMD_ctx_kill:
26250 + return vc_ctx_kill(vxi, data);
26252 + case VCMD_wait_exit:
26253 + return vc_wait_exit(vxi, data);
26255 + case VCMD_get_iattr:
26256 + return __COMPAT_NO_ID(vc_get_iattr, data, compat);
26257 + case VCMD_set_iattr:
26258 + return __COMPAT_NO_ID(vc_set_iattr, data, compat);
26260 + case VCMD_fget_iattr:
26261 + return vc_fget_iattr(id, data);
26262 + case VCMD_fset_iattr:
26263 + return vc_fset_iattr(id, data);
26265 + case VCMD_enter_space_v0:
26266 + return vc_enter_space(vxi, NULL);
26267 + /* this is version 1 */
26268 + case VCMD_enter_space:
26269 + return vc_enter_space(vxi, data);
26271 + case VCMD_ctx_create_v0:
26272 + return vc_ctx_create(id, NULL);
26273 + case VCMD_ctx_create:
26274 + return vc_ctx_create(id, data);
26275 + case VCMD_ctx_migrate_v0:
26276 + return vc_ctx_migrate(vxi, NULL);
26277 + case VCMD_ctx_migrate:
26278 + return vc_ctx_migrate(vxi, data);
26280 + case VCMD_net_create_v0:
26281 + return vc_net_create(id, NULL);
26282 + case VCMD_net_create:
26283 + return vc_net_create(id, data);
26284 + case VCMD_net_migrate:
26285 + return vc_net_migrate(nxi, data);
26287 + case VCMD_tag_migrate:
26288 + return vc_tag_migrate(id);
26290 + case VCMD_net_add:
26291 + return vc_net_add(nxi, data);
26292 + case VCMD_net_remove:
26293 + return vc_net_remove(nxi, data);
26295 + case VCMD_net_add_ipv4:
26296 + return vc_net_add_ipv4(nxi, data);
26297 + case VCMD_net_remove_ipv4:
26298 + return vc_net_remove_ipv4(nxi, data);
26299 +#ifdef CONFIG_IPV6
26300 + case VCMD_net_add_ipv6:
26301 + return vc_net_add_ipv6(nxi, data);
26302 + case VCMD_net_remove_ipv6:
26303 + return vc_net_remove_ipv6(nxi, data);
26305 +/* case VCMD_add_match_ipv4:
26306 + return vc_add_match_ipv4(nxi, data);
26307 + case VCMD_get_match_ipv4:
26308 + return vc_get_match_ipv4(nxi, data);
26309 +#ifdef CONFIG_IPV6
26310 + case VCMD_add_match_ipv6:
26311 + return vc_add_match_ipv6(nxi, data);
26312 + case VCMD_get_match_ipv6:
26313 + return vc_get_match_ipv6(nxi, data);
26316 +#ifdef CONFIG_VSERVER_DEVICE
26317 + case VCMD_set_mapping:
26318 + return __COMPAT(vc_set_mapping, vxi, data, compat);
26319 + case VCMD_unset_mapping:
26320 + return __COMPAT(vc_unset_mapping, vxi, data, compat);
26322 +#ifdef CONFIG_VSERVER_HISTORY
26323 + case VCMD_dump_history:
26324 + return vc_dump_history(id);
26325 + case VCMD_read_history:
26326 + return __COMPAT(vc_read_history, id, data, compat);
26328 +#ifdef CONFIG_VSERVER_MONITOR
26329 + case VCMD_read_monitor:
26330 + return __COMPAT(vc_read_monitor, id, data, compat);
26333 + vxwprintk_task(1, "unimplemented VCMD_%02d_%d[%d]",
26334 + VC_CATEGORY(cmd), VC_COMMAND(cmd), VC_VERSION(cmd));
26340 +#define __VCMD(vcmd, _perm, _args, _flags) \
26341 + case VCMD_ ## vcmd: perm = _perm; \
26342 + args = _args; flags = _flags; break
26345 +#define VCA_NONE 0x00
26346 +#define VCA_VXI 0x01
26347 +#define VCA_NXI 0x02
26349 +#define VCF_NONE 0x00
26350 +#define VCF_INFO 0x01
26351 +#define VCF_ADMIN 0x02
26352 +#define VCF_ARES 0x06 /* includes admin */
26353 +#define VCF_SETUP 0x08
26355 +#define VCF_ZIDOK 0x10 /* zero id okay */
26359 +long do_vserver(uint32_t cmd, uint32_t id, void __user *data, int compat)
26362 + int permit = -1, state = 0;
26363 + int perm = -1, args = 0, flags = 0;
26364 + struct vx_info *vxi = NULL;
26365 + struct nx_info *nxi = NULL;
26368 + /* unpriviledged commands */
26369 + __VCMD(get_version, 0, VCA_NONE, 0);
26370 + __VCMD(get_vci, 0, VCA_NONE, 0);
26371 + __VCMD(get_rlimit_mask, 0, VCA_NONE, 0);
26372 + __VCMD(get_space_mask_v0,0, VCA_NONE, 0);
26373 + __VCMD(get_space_mask, 0, VCA_NONE, 0);
26374 + __VCMD(get_space_default,0, VCA_NONE, 0);
26376 + /* info commands */
26377 + __VCMD(task_xid, 2, VCA_NONE, 0);
26378 + __VCMD(reset_minmax, 2, VCA_VXI, 0);
26379 + __VCMD(vx_info, 3, VCA_VXI, VCF_INFO);
26380 + __VCMD(get_bcaps, 3, VCA_VXI, VCF_INFO);
26381 + __VCMD(get_ccaps, 3, VCA_VXI, VCF_INFO);
26382 + __VCMD(get_cflags, 3, VCA_VXI, VCF_INFO);
26383 + __VCMD(get_badness, 3, VCA_VXI, VCF_INFO);
26384 + __VCMD(get_vhi_name, 3, VCA_VXI, VCF_INFO);
26385 + __VCMD(get_rlimit, 3, VCA_VXI, VCF_INFO);
26387 + __VCMD(ctx_stat, 3, VCA_VXI, VCF_INFO);
26388 + __VCMD(virt_stat, 3, VCA_VXI, VCF_INFO);
26389 + __VCMD(sock_stat, 3, VCA_VXI, VCF_INFO);
26390 + __VCMD(rlimit_stat, 3, VCA_VXI, VCF_INFO);
26392 + __VCMD(task_nid, 2, VCA_NONE, 0);
26393 + __VCMD(nx_info, 3, VCA_NXI, VCF_INFO);
26394 + __VCMD(get_ncaps, 3, VCA_NXI, VCF_INFO);
26395 + __VCMD(get_nflags, 3, VCA_NXI, VCF_INFO);
26397 + __VCMD(task_tag, 2, VCA_NONE, 0);
26399 + __VCMD(get_iattr, 2, VCA_NONE, 0);
26400 + __VCMD(fget_iattr, 2, VCA_NONE, 0);
26401 + __VCMD(get_dlimit, 3, VCA_NONE, VCF_INFO);
26402 + __VCMD(get_sched, 3, VCA_VXI, VCF_INFO);
26403 + __VCMD(sched_info, 3, VCA_VXI, VCF_INFO | VCF_ZIDOK);
26405 + /* lower admin commands */
26406 + __VCMD(wait_exit, 4, VCA_VXI, VCF_INFO);
26407 + __VCMD(ctx_create_v0, 5, VCA_NONE, 0);
26408 + __VCMD(ctx_create, 5, VCA_NONE, 0);
26409 + __VCMD(ctx_migrate_v0, 5, VCA_VXI, VCF_ADMIN);
26410 + __VCMD(ctx_migrate, 5, VCA_VXI, VCF_ADMIN);
26411 + __VCMD(enter_space_v0, 5, VCA_VXI, VCF_ADMIN);
26412 + __VCMD(enter_space, 5, VCA_VXI, VCF_ADMIN);
26414 + __VCMD(net_create_v0, 5, VCA_NONE, 0);
26415 + __VCMD(net_create, 5, VCA_NONE, 0);
26416 + __VCMD(net_migrate, 5, VCA_NXI, VCF_ADMIN);
26418 + __VCMD(tag_migrate, 5, VCA_NONE, VCF_ADMIN);
26420 + /* higher admin commands */
26421 + __VCMD(ctx_kill, 6, VCA_VXI, VCF_ARES);
26422 + __VCMD(set_space, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
26424 + __VCMD(set_ccaps, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
26425 + __VCMD(set_bcaps, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
26426 + __VCMD(set_cflags, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
26427 + __VCMD(set_badness, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
26429 + __VCMD(set_vhi_name, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
26430 + __VCMD(set_rlimit, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
26431 + __VCMD(set_sched, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
26432 + __VCMD(set_sched_v4, 7, VCA_VXI, VCF_ARES | VCF_SETUP);
26434 + __VCMD(set_ncaps, 7, VCA_NXI, VCF_ARES | VCF_SETUP);
26435 + __VCMD(set_nflags, 7, VCA_NXI, VCF_ARES | VCF_SETUP);
26436 + __VCMD(net_add, 8, VCA_NXI, VCF_ARES | VCF_SETUP);
26437 + __VCMD(net_remove, 8, VCA_NXI, VCF_ARES | VCF_SETUP);
26438 + __VCMD(net_add_ipv4, 8, VCA_NXI, VCF_ARES | VCF_SETUP);
26439 + __VCMD(net_remove_ipv4, 8, VCA_NXI, VCF_ARES | VCF_SETUP);
26440 +#ifdef CONFIG_IPV6
26441 + __VCMD(net_add_ipv6, 8, VCA_NXI, VCF_ARES | VCF_SETUP);
26442 + __VCMD(net_remove_ipv6, 8, VCA_NXI, VCF_ARES | VCF_SETUP);
26444 + __VCMD(set_iattr, 7, VCA_NONE, 0);
26445 + __VCMD(fset_iattr, 7, VCA_NONE, 0);
26446 + __VCMD(set_dlimit, 7, VCA_NONE, VCF_ARES);
26447 + __VCMD(add_dlimit, 8, VCA_NONE, VCF_ARES);
26448 + __VCMD(rem_dlimit, 8, VCA_NONE, VCF_ARES);
26450 +#ifdef CONFIG_VSERVER_DEVICE
26451 + __VCMD(set_mapping, 8, VCA_VXI, VCF_ARES|VCF_ZIDOK);
26452 + __VCMD(unset_mapping, 8, VCA_VXI, VCF_ARES|VCF_ZIDOK);
26454 + /* debug level admin commands */
26455 +#ifdef CONFIG_VSERVER_HISTORY
26456 + __VCMD(dump_history, 9, VCA_NONE, 0);
26457 + __VCMD(read_history, 9, VCA_NONE, 0);
26459 +#ifdef CONFIG_VSERVER_MONITOR
26460 + __VCMD(read_monitor, 9, VCA_NONE, 0);
26467 + vxdprintk(VXD_CBIT(switch, 0),
26468 + "vc: VCMD_%02d_%d[%d], %d,%p [%d,%d,%x,%x]",
26469 + VC_CATEGORY(cmd), VC_COMMAND(cmd),
26470 + VC_VERSION(cmd), id, data, compat,
26471 + perm, args, flags);
26478 + if (!capable(CAP_CONTEXT))
26482 + /* moved here from the individual commands */
26484 + if ((perm > 1) && !capable(CAP_SYS_ADMIN))
26488 + /* vcmd involves resource management */
26490 + if ((flags & VCF_ARES) && !capable(CAP_SYS_RESOURCE))
26494 + /* various legacy exceptions */
26496 + /* will go away when spectator is a cap */
26497 + case VCMD_ctx_migrate_v0:
26498 + case VCMD_ctx_migrate:
26500 + current->xid = 1;
26506 + /* will go away when spectator is a cap */
26507 + case VCMD_net_migrate:
26509 + current->nid = 1;
26516 + /* vcmds are fine by default */
26519 + /* admin type vcmds require admin ... */
26520 + if (flags & VCF_ADMIN)
26521 + permit = vx_check(0, VS_ADMIN) ? 1 : 0;
26523 + /* ... but setup type vcmds override that */
26524 + if (!permit && (flags & VCF_SETUP))
26525 + permit = vx_flags(VXF_STATE_SETUP, 0) ? 2 : 0;
26533 + if (!id && (flags & VCF_ZIDOK))
26537 + if (args & VCA_VXI) {
26538 + vxi = lookup_vx_info(id);
26542 + if ((flags & VCF_ADMIN) &&
26543 + /* special case kill for shutdown */
26544 + (cmd != VCMD_ctx_kill) &&
26545 + /* can context be administrated? */
26546 + !vx_info_flags(vxi, VXF_STATE_ADMIN, 0)) {
26552 + if (args & VCA_NXI) {
26553 + nxi = lookup_nx_info(id);
26557 + if ((flags & VCF_ADMIN) &&
26558 + /* can context be administrated? */
26559 + !nx_info_flags(nxi, NXF_STATE_ADMIN, 0)) {
26566 + ret = do_vcmd(cmd, id, vxi, nxi, data, compat);
26569 + if ((args & VCA_NXI) && nxi)
26570 + put_nx_info(nxi);
26572 + if ((args & VCA_VXI) && vxi)
26573 + put_vx_info(vxi);
26575 + vxdprintk(VXD_CBIT(switch, 1),
26576 + "vc: VCMD_%02d_%d[%d] = %08lx(%ld) [%d,%d]",
26577 + VC_CATEGORY(cmd), VC_COMMAND(cmd),
26578 + VC_VERSION(cmd), ret, ret, state, permit);
26583 +sys_vserver(uint32_t cmd, uint32_t id, void __user *data)
26585 + return do_vserver(cmd, id, data, 0);
26588 +#ifdef CONFIG_COMPAT
26591 +sys32_vserver(uint32_t cmd, uint32_t id, void __user *data)
26593 + return do_vserver(cmd, id, data, 1);
26596 +#endif /* CONFIG_COMPAT */
26597 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/sysctl.c linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/sysctl.c
26598 --- linux-2.6.25.11/kernel/vserver/sysctl.c 1969-12-31 19:00:00.000000000 -0500
26599 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/sysctl.c 2008-04-19 15:14:52.000000000 -0400
26602 + * kernel/vserver/sysctl.c
26604 + * Virtual Context Support
26606 + * Copyright (C) 2004-2007 Herbert Pötzl
26608 + * V0.01 basic structure
26612 +#include <linux/module.h>
26613 +#include <linux/ctype.h>
26614 +#include <linux/sysctl.h>
26615 +#include <linux/parser.h>
26616 +#include <asm/uaccess.h>
26620 + CTL_DEBUG_ERROR = 0,
26621 + CTL_DEBUG_SWITCH = 1,
26636 +unsigned int vx_debug_switch = 0;
26637 +unsigned int vx_debug_xid = 0;
26638 +unsigned int vx_debug_nid = 0;
26639 +unsigned int vx_debug_tag = 0;
26640 +unsigned int vx_debug_net = 0;
26641 +unsigned int vx_debug_limit = 0;
26642 +unsigned int vx_debug_cres = 0;
26643 +unsigned int vx_debug_dlim = 0;
26644 +unsigned int vx_debug_quota = 0;
26645 +unsigned int vx_debug_cvirt = 0;
26646 +unsigned int vx_debug_space = 0;
26647 +unsigned int vx_debug_misc = 0;
26650 +static struct ctl_table_header *vserver_table_header;
26651 +static ctl_table vserver_root_table[];
26654 +void vserver_register_sysctl(void)
26656 + if (!vserver_table_header) {
26657 + vserver_table_header = register_sysctl_table(vserver_root_table);
26662 +void vserver_unregister_sysctl(void)
26664 + if (vserver_table_header) {
26665 + unregister_sysctl_table(vserver_table_header);
26666 + vserver_table_header = NULL;
26671 +static int proc_dodebug(ctl_table *table, int write,
26672 + struct file *filp, void __user *buffer, size_t *lenp, loff_t *ppos)
26674 + char tmpbuf[20], *p, c;
26675 + unsigned int value;
26676 + size_t left, len;
26678 + if ((*ppos && !write) || !*lenp) {
26686 + if (!access_ok(VERIFY_READ, buffer, left))
26688 + p = (char *)buffer;
26689 + while (left && __get_user(c, p) >= 0 && isspace(c))
26694 + if (left > sizeof(tmpbuf) - 1)
26696 + if (copy_from_user(tmpbuf, p, left))
26698 + tmpbuf[left] = '\0';
26700 + for (p = tmpbuf, value = 0; '0' <= *p && *p <= '9'; p++, left--)
26701 + value = 10 * value + (*p - '0');
26702 + if (*p && !isspace(*p))
26704 + while (left && isspace(*p))
26706 + *(unsigned int *)table->data = value;
26708 + if (!access_ok(VERIFY_WRITE, buffer, left))
26710 + len = sprintf(tmpbuf, "%d", *(unsigned int *)table->data);
26713 + if (__copy_to_user(buffer, tmpbuf, len))
26715 + if ((left -= len) > 0) {
26716 + if (put_user('\n', (char *)buffer + len))
26730 +#define CTL_ENTRY(ctl, name) \
26732 + .ctl_name = ctl, \
26733 + .procname = #name, \
26734 + .data = &vx_ ## name, \
26735 + .maxlen = sizeof(int), \
26737 + .proc_handler = &proc_dodebug, \
26738 + .strategy = &sysctl_intvec, \
26739 + .extra1 = &zero, \
26742 +static ctl_table vserver_debug_table[] = {
26743 + CTL_ENTRY(CTL_DEBUG_SWITCH, debug_switch),
26744 + CTL_ENTRY(CTL_DEBUG_XID, debug_xid),
26745 + CTL_ENTRY(CTL_DEBUG_NID, debug_nid),
26746 + CTL_ENTRY(CTL_DEBUG_TAG, debug_tag),
26747 + CTL_ENTRY(CTL_DEBUG_NET, debug_net),
26748 + CTL_ENTRY(CTL_DEBUG_LIMIT, debug_limit),
26749 + CTL_ENTRY(CTL_DEBUG_CRES, debug_cres),
26750 + CTL_ENTRY(CTL_DEBUG_DLIM, debug_dlim),
26751 + CTL_ENTRY(CTL_DEBUG_QUOTA, debug_quota),
26752 + CTL_ENTRY(CTL_DEBUG_CVIRT, debug_cvirt),
26753 + CTL_ENTRY(CTL_DEBUG_SPACE, debug_space),
26754 + CTL_ENTRY(CTL_DEBUG_MISC, debug_misc),
26755 + { .ctl_name = 0 }
26758 +static ctl_table vserver_root_table[] = {
26760 + .ctl_name = CTL_VSERVER,
26761 + .procname = "vserver",
26763 + .child = vserver_debug_table
26765 + { .ctl_name = 0 }
26769 +static match_table_t tokens = {
26770 + { CTL_DEBUG_SWITCH, "switch=%x" },
26771 + { CTL_DEBUG_XID, "xid=%x" },
26772 + { CTL_DEBUG_NID, "nid=%x" },
26773 + { CTL_DEBUG_TAG, "tag=%x" },
26774 + { CTL_DEBUG_NET, "net=%x" },
26775 + { CTL_DEBUG_LIMIT, "limit=%x" },
26776 + { CTL_DEBUG_CRES, "cres=%x" },
26777 + { CTL_DEBUG_DLIM, "dlim=%x" },
26778 + { CTL_DEBUG_QUOTA, "quota=%x" },
26779 + { CTL_DEBUG_CVIRT, "cvirt=%x" },
26780 + { CTL_DEBUG_SPACE, "space=%x" },
26781 + { CTL_DEBUG_MISC, "misc=%x" },
26782 + { CTL_DEBUG_ERROR, NULL }
26785 +#define HANDLE_CASE(id, name, val) \
26786 + case CTL_DEBUG_ ## id: \
26787 + vx_debug_ ## name = val; \
26788 + printk("vs_debug_" #name "=0x%x\n", val); \
26792 +static int __init vs_debug_setup(char *str)
26797 + printk("vs_debug_setup(%s)\n", str);
26798 + while ((p = strsep(&str, ",")) != NULL) {
26799 + substring_t args[MAX_OPT_ARGS];
26800 + unsigned int value;
26805 + token = match_token(p, tokens, args);
26806 + value = (token > 0) ? simple_strtoul(args[0].from, NULL, 0) : 0;
26809 + HANDLE_CASE(SWITCH, switch, value);
26810 + HANDLE_CASE(XID, xid, value);
26811 + HANDLE_CASE(NID, nid, value);
26812 + HANDLE_CASE(TAG, tag, value);
26813 + HANDLE_CASE(NET, net, value);
26814 + HANDLE_CASE(LIMIT, limit, value);
26815 + HANDLE_CASE(CRES, cres, value);
26816 + HANDLE_CASE(DLIM, dlim, value);
26817 + HANDLE_CASE(QUOTA, quota, value);
26818 + HANDLE_CASE(CVIRT, cvirt, value);
26819 + HANDLE_CASE(SPACE, space, value);
26820 + HANDLE_CASE(MISC, misc, value);
26829 +__setup("vsdebug=", vs_debug_setup);
26833 +EXPORT_SYMBOL_GPL(vx_debug_switch);
26834 +EXPORT_SYMBOL_GPL(vx_debug_xid);
26835 +EXPORT_SYMBOL_GPL(vx_debug_nid);
26836 +EXPORT_SYMBOL_GPL(vx_debug_net);
26837 +EXPORT_SYMBOL_GPL(vx_debug_limit);
26838 +EXPORT_SYMBOL_GPL(vx_debug_cres);
26839 +EXPORT_SYMBOL_GPL(vx_debug_dlim);
26840 +EXPORT_SYMBOL_GPL(vx_debug_quota);
26841 +EXPORT_SYMBOL_GPL(vx_debug_cvirt);
26842 +EXPORT_SYMBOL_GPL(vx_debug_space);
26843 +EXPORT_SYMBOL_GPL(vx_debug_misc);
26845 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/tag.c linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/tag.c
26846 --- linux-2.6.25.11/kernel/vserver/tag.c 1969-12-31 19:00:00.000000000 -0500
26847 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/tag.c 2008-04-19 15:14:52.000000000 -0400
26850 + * linux/kernel/vserver/tag.c
26852 + * Virtual Server: Shallow Tag Space
26854 + * Copyright (C) 2007 Herbert Pötzl
26856 + * V0.01 basic implementation
26860 +#include <linux/sched.h>
26861 +#include <linux/vserver/debug.h>
26862 +#include <linux/vs_pid.h>
26863 +#include <linux/vs_tag.h>
26865 +#include <linux/vserver/tag_cmd.h>
26868 +int dx_migrate_task(struct task_struct *p, tag_t tag)
26873 + vxdprintk(VXD_CBIT(tag, 5),
26874 + "dx_migrate_task(%p[#%d],#%d)", p, p->tag, tag);
26880 + vxdprintk(VXD_CBIT(tag, 5),
26881 + "moved task %p into [#%d]", p, tag);
26885 +/* vserver syscall commands below here */
26887 +/* taks xid and vx_info functions */
26890 +int vc_task_tag(uint32_t id)
26895 + struct task_struct *tsk;
26896 + read_lock(&tasklist_lock);
26897 + tsk = find_task_by_real_pid(id);
26898 + tag = (tsk) ? tsk->tag : -ESRCH;
26899 + read_unlock(&tasklist_lock);
26901 + tag = dx_current_tag();
26906 +int vc_tag_migrate(uint32_t tag)
26908 + return dx_migrate_task(current, tag & 0xFFFF);
26912 diff -NurpP --minimal linux-2.6.25.11/kernel/vserver/vci_config.h linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/vci_config.h
26913 --- linux-2.6.25.11/kernel/vserver/vci_config.h 1969-12-31 19:00:00.000000000 -0500
26914 +++ linux-2.6.25.11-vs2.3.0.34.14/kernel/vserver/vci_config.h 2008-07-15 22:48:08.000000000 -0400
26917 +/* interface version */
26919 +#define VCI_VERSION 0x00020303
26923 + VCI_KCBIT_NO_DYNAMIC = 0,
26925 + VCI_KCBIT_PROC_SECURE = 4,
26926 + VCI_KCBIT_HARDCPU = 5,
26927 + VCI_KCBIT_IDLELIMIT = 6,
26928 + VCI_KCBIT_IDLETIME = 7,
26930 + VCI_KCBIT_COWBL = 8,
26931 + VCI_KCBIT_FULLCOWBL = 9,
26932 + VCI_KCBIT_SPACES = 10,
26933 + VCI_KCBIT_NETV2 = 11,
26935 + VCI_KCBIT_DEBUG = 16,
26936 + VCI_KCBIT_HISTORY = 20,
26937 + VCI_KCBIT_TAGGED = 24,
26938 + VCI_KCBIT_PPTAG = 28,
26940 + VCI_KCBIT_MORE = 31,
26944 +static inline uint32_t vci_kernel_config(void)
26947 + (1 << VCI_KCBIT_NO_DYNAMIC) |
26949 + /* configured features */
26950 +#ifdef CONFIG_VSERVER_PROC_SECURE
26951 + (1 << VCI_KCBIT_PROC_SECURE) |
26953 +#ifdef CONFIG_VSERVER_HARDCPU
26954 + (1 << VCI_KCBIT_HARDCPU) |
26956 +#ifdef CONFIG_VSERVER_IDLELIMIT
26957 + (1 << VCI_KCBIT_IDLELIMIT) |
26959 +#ifdef CONFIG_VSERVER_IDLETIME
26960 + (1 << VCI_KCBIT_IDLETIME) |
26962 +#ifdef CONFIG_VSERVER_COWBL
26963 + (1 << VCI_KCBIT_COWBL) |
26964 + (1 << VCI_KCBIT_FULLCOWBL) |
26966 + (1 << VCI_KCBIT_SPACES) |
26967 + (1 << VCI_KCBIT_NETV2) |
26969 + /* debug options */
26970 +#ifdef CONFIG_VSERVER_DEBUG
26971 + (1 << VCI_KCBIT_DEBUG) |
26973 +#ifdef CONFIG_VSERVER_HISTORY
26974 + (1 << VCI_KCBIT_HISTORY) |
26977 + /* inode context tagging */
26978 +#if defined(CONFIG_TAGGING_NONE)
26979 + (0 << VCI_KCBIT_TAGGED) |
26980 +#elif defined(CONFIG_TAGGING_UID16)
26981 + (1 << VCI_KCBIT_TAGGED) |
26982 +#elif defined(CONFIG_TAGGING_GID16)
26983 + (2 << VCI_KCBIT_TAGGED) |
26984 +#elif defined(CONFIG_TAGGING_ID24)
26985 + (3 << VCI_KCBIT_TAGGED) |
26986 +#elif defined(CONFIG_TAGGING_INTERN)
26987 + (4 << VCI_KCBIT_TAGGED) |
26988 +#elif defined(CONFIG_TAGGING_RUNTIME)
26989 + (5 << VCI_KCBIT_TAGGED) |
26991 + (7 << VCI_KCBIT_TAGGED) |
26993 + (1 << VCI_KCBIT_PPTAG) |
26997 diff -NurpP --minimal linux-2.6.25.11/Makefile linux-2.6.25.11-vs2.3.0.34.14/Makefile
26998 --- linux-2.6.25.11/Makefile 2008-07-15 22:05:16.000000000 -0400
26999 +++ linux-2.6.25.11-vs2.3.0.34.14/Makefile 2008-07-16 00:41:15.000000000 -0400
27004 -EXTRAVERSION = .14
27005 +EXTRAVERSION = .14-vs2.3.0.34.14
27006 NAME = Funky Weasel is Jiggy wit it
27009 diff -NurpP --minimal linux-2.6.25.11/mm/filemap_xip.c linux-2.6.25.11-vs2.3.0.34.14/mm/filemap_xip.c
27010 --- linux-2.6.25.11/mm/filemap_xip.c 2008-04-17 12:05:44.000000000 -0400
27011 +++ linux-2.6.25.11-vs2.3.0.34.14/mm/filemap_xip.c 2008-04-19 15:14:52.000000000 -0400
27013 #include <linux/uio.h>
27014 #include <linux/rmap.h>
27015 #include <linux/sched.h>
27016 +#include <linux/vs_memory.h>
27017 #include <asm/tlbflush.h>
27020 diff -NurpP --minimal linux-2.6.25.11/mm/fremap.c linux-2.6.25.11-vs2.3.0.34.14/mm/fremap.c
27021 --- linux-2.6.25.11/mm/fremap.c 2008-04-17 12:05:44.000000000 -0400
27022 +++ linux-2.6.25.11-vs2.3.0.34.14/mm/fremap.c 2008-04-19 15:14:52.000000000 -0400
27024 #include <linux/rmap.h>
27025 #include <linux/module.h>
27026 #include <linux/syscalls.h>
27027 +#include <linux/vs_memory.h>
27029 #include <asm/mmu_context.h>
27030 #include <asm/cacheflush.h>
27031 diff -NurpP --minimal linux-2.6.25.11/mm/hugetlb.c linux-2.6.25.11-vs2.3.0.34.14/mm/hugetlb.c
27032 --- linux-2.6.25.11/mm/hugetlb.c 2008-04-17 12:05:44.000000000 -0400
27033 +++ linux-2.6.25.11-vs2.3.0.34.14/mm/hugetlb.c 2008-04-19 15:14:52.000000000 -0400
27035 #include <asm/pgtable.h>
27037 #include <linux/hugetlb.h>
27038 +#include <linux/vs_memory.h>
27039 #include "internal.h"
27041 const unsigned long hugetlb_zero = 0, hugetlb_infinity = ~0UL;
27042 diff -NurpP --minimal linux-2.6.25.11/mm/memory.c linux-2.6.25.11-vs2.3.0.34.14/mm/memory.c
27043 --- linux-2.6.25.11/mm/memory.c 2008-07-15 22:05:18.000000000 -0400
27044 +++ linux-2.6.25.11-vs2.3.0.34.14/mm/memory.c 2008-07-11 12:41:01.000000000 -0400
27045 @@ -505,6 +505,9 @@ static int copy_pte_range(struct mm_stru
27049 + if (!vx_rss_avail(dst_mm, ((end - addr)/PAGE_SIZE + 1)))
27053 rss[1] = rss[0] = 0;
27054 dst_pte = pte_alloc_map_lock(dst_mm, dst_pmd, addr, &dst_ptl);
27055 @@ -2085,6 +2088,11 @@ static int do_swap_page(struct mm_struct
27059 + if (!vx_rss_avail(mm, 1)) {
27060 + ret = VM_FAULT_OOM;
27064 mark_page_accessed(page);
27066 delayacct_clear_flag(DELAYACCT_PF_SWAPIN);
27067 @@ -2156,6 +2164,8 @@ static int do_anonymous_page(struct mm_s
27068 /* Allocate our own private page. */
27069 pte_unmap(page_table);
27071 + if (!vx_rss_avail(mm, 1))
27073 if (unlikely(anon_vma_prepare(vma)))
27075 page = alloc_zeroed_user_highpage_movable(vma, address);
27076 @@ -2480,6 +2490,7 @@ static inline int handle_pte_fault(struc
27080 + int ret = 0, type = VXPT_UNKNOWN;
27083 if (!pte_present(entry)) {
27084 @@ -2507,9 +2518,12 @@ static inline int handle_pte_fault(struc
27085 if (unlikely(!pte_same(*pte, entry)))
27087 if (write_access) {
27088 - if (!pte_write(entry))
27089 - return do_wp_page(mm, vma, address,
27090 + if (!pte_write(entry)) {
27091 + ret = do_wp_page(mm, vma, address,
27092 pte, pmd, ptl, entry);
27093 + type = VXPT_WRITE;
27096 entry = pte_mkdirty(entry);
27098 entry = pte_mkyoung(entry);
27099 @@ -2527,7 +2541,10 @@ static inline int handle_pte_fault(struc
27102 pte_unmap_unlock(pte, ptl);
27106 + vx_page_fault(mm, vma, type, ret);
27111 diff -NurpP --minimal linux-2.6.25.11/mm/mlock.c linux-2.6.25.11-vs2.3.0.34.14/mm/mlock.c
27112 --- linux-2.6.25.11/mm/mlock.c 2008-04-17 10:37:25.000000000 -0400
27113 +++ linux-2.6.25.11-vs2.3.0.34.14/mm/mlock.c 2008-04-19 15:14:52.000000000 -0400
27115 #include <linux/syscalls.h>
27116 #include <linux/sched.h>
27117 #include <linux/module.h>
27118 +#include <linux/vs_memory.h>
27120 int can_do_mlock(void)
27122 @@ -76,7 +77,7 @@ success:
27123 ret = make_pages_present(start, end);
27126 - mm->locked_vm -= pages;
27127 + vx_vmlocked_sub(mm, pages);
27129 if (ret == -ENOMEM)
27131 @@ -134,7 +135,7 @@ static int do_mlock(unsigned long start,
27133 asmlinkage long sys_mlock(unsigned long start, size_t len)
27135 - unsigned long locked;
27136 + unsigned long locked, grow;
27137 unsigned long lock_limit;
27138 int error = -ENOMEM;
27140 @@ -145,8 +146,10 @@ asmlinkage long sys_mlock(unsigned long
27141 len = PAGE_ALIGN(len + (start & ~PAGE_MASK));
27142 start &= PAGE_MASK;
27144 - locked = len >> PAGE_SHIFT;
27145 - locked += current->mm->locked_vm;
27146 + grow = len >> PAGE_SHIFT;
27147 + if (!vx_vmlocked_avail(current->mm, grow))
27149 + locked = current->mm->locked_vm + grow;
27151 lock_limit = current->signal->rlim[RLIMIT_MEMLOCK].rlim_cur;
27152 lock_limit >>= PAGE_SHIFT;
27153 @@ -154,6 +157,7 @@ asmlinkage long sys_mlock(unsigned long
27154 /* check against resource limits */
27155 if ((locked <= lock_limit) || capable(CAP_IPC_LOCK))
27156 error = do_mlock(start, len, 1);
27158 up_write(¤t->mm->mmap_sem);
27161 @@ -213,6 +217,8 @@ asmlinkage long sys_mlockall(int flags)
27162 lock_limit >>= PAGE_SHIFT;
27165 + if (!vx_vmlocked_avail(current->mm, current->mm->total_vm))
27167 if (!(flags & MCL_CURRENT) || (current->mm->total_vm <= lock_limit) ||
27168 capable(CAP_IPC_LOCK))
27169 ret = do_mlockall(flags);
27170 diff -NurpP --minimal linux-2.6.25.11/mm/mmap.c linux-2.6.25.11-vs2.3.0.34.14/mm/mmap.c
27171 --- linux-2.6.25.11/mm/mmap.c 2008-07-15 22:05:18.000000000 -0400
27172 +++ linux-2.6.25.11-vs2.3.0.34.14/mm/mmap.c 2008-06-10 20:00:46.000000000 -0400
27173 @@ -1203,10 +1203,10 @@ munmap_back:
27174 kmem_cache_free(vm_area_cachep, vma);
27177 - mm->total_vm += len >> PAGE_SHIFT;
27178 + vx_vmpages_add(mm, len >> PAGE_SHIFT);
27179 vm_stat_account(mm, vm_flags, file, len >> PAGE_SHIFT);
27180 if (vm_flags & VM_LOCKED) {
27181 - mm->locked_vm += len >> PAGE_SHIFT;
27182 + vx_vmlocked_add(mm, len >> PAGE_SHIFT);
27183 make_pages_present(addr, addr + len);
27185 if ((flags & MAP_POPULATE) && !(flags & MAP_NONBLOCK))
27186 @@ -1555,9 +1555,9 @@ static int acct_stack_growth(struct vm_a
27189 /* Ok, everything looks good - let it rip */
27190 - mm->total_vm += grow;
27191 + vx_vmpages_add(mm, grow);
27192 if (vma->vm_flags & VM_LOCKED)
27193 - mm->locked_vm += grow;
27194 + vx_vmlocked_add(mm, grow);
27195 vm_stat_account(mm, vma->vm_flags, vma->vm_file, grow);
27198 @@ -1728,9 +1728,9 @@ static void remove_vma_list(struct mm_st
27200 long nrpages = vma_pages(vma);
27202 - mm->total_vm -= nrpages;
27203 + vx_vmpages_sub(mm, nrpages);
27204 if (vma->vm_flags & VM_LOCKED)
27205 - mm->locked_vm -= nrpages;
27206 + vx_vmlocked_sub(mm, nrpages);
27207 vm_stat_account(mm, vma->vm_flags, vma->vm_file, -nrpages);
27208 vma = remove_vma(vma);
27210 @@ -1973,6 +1973,8 @@ unsigned long do_brk(unsigned long addr,
27211 lock_limit >>= PAGE_SHIFT;
27212 if (locked > lock_limit && !capable(CAP_IPC_LOCK))
27214 + if (!vx_vmlocked_avail(mm, len >> PAGE_SHIFT))
27219 @@ -1999,7 +2001,8 @@ unsigned long do_brk(unsigned long addr,
27220 if (mm->map_count > sysctl_max_map_count)
27223 - if (security_vm_enough_memory(len >> PAGE_SHIFT))
27224 + if (security_vm_enough_memory(len >> PAGE_SHIFT) ||
27225 + !vx_vmpages_avail(mm, len >> PAGE_SHIFT))
27228 /* Can we just expand an old private anonymous mapping? */
27229 @@ -2024,9 +2027,9 @@ unsigned long do_brk(unsigned long addr,
27230 vma->vm_page_prot = vm_get_page_prot(flags);
27231 vma_link(mm, vma, prev, rb_link, rb_parent);
27233 - mm->total_vm += len >> PAGE_SHIFT;
27234 + vx_vmpages_add(mm, len >> PAGE_SHIFT);
27235 if (flags & VM_LOCKED) {
27236 - mm->locked_vm += len >> PAGE_SHIFT;
27237 + vx_vmlocked_add(mm, len >> PAGE_SHIFT);
27238 make_pages_present(addr, addr + len);
27241 @@ -2055,6 +2058,11 @@ void exit_mmap(struct mm_struct *mm)
27242 free_pgtables(&tlb, vma, FIRST_USER_ADDRESS, 0);
27243 tlb_finish_mmu(tlb, 0, end);
27245 + set_mm_counter(mm, file_rss, 0);
27246 + set_mm_counter(mm, anon_rss, 0);
27247 + vx_vmpages_sub(mm, mm->total_vm);
27248 + vx_vmlocked_sub(mm, mm->locked_vm);
27251 * Walk the list again, actually closing and freeing it,
27252 * with preemption enabled, without holding any MM locks.
27253 @@ -2094,7 +2102,8 @@ int insert_vm_struct(struct mm_struct *
27254 if (__vma && __vma->vm_start < vma->vm_end)
27256 if ((vma->vm_flags & VM_ACCOUNT) &&
27257 - security_vm_enough_memory_mm(mm, vma_pages(vma)))
27258 + (security_vm_enough_memory_mm(mm, vma_pages(vma)) ||
27259 + !vx_vmpages_avail(mm, vma_pages(vma))))
27261 vma_link(mm, vma, prev, rb_link, rb_parent);
27263 @@ -2167,6 +2176,8 @@ int may_expand_vm(struct mm_struct *mm,
27265 if (cur + npages > lim)
27267 + if (!vx_vmpages_avail(mm, npages))
27272 @@ -2244,7 +2255,6 @@ int install_special_mapping(struct mm_st
27276 - mm->total_vm += len >> PAGE_SHIFT;
27278 + vx_vmpages_add(mm, len >> PAGE_SHIFT);
27281 diff -NurpP --minimal linux-2.6.25.11/mm/mremap.c linux-2.6.25.11-vs2.3.0.34.14/mm/mremap.c
27282 --- linux-2.6.25.11/mm/mremap.c 2008-04-17 11:31:40.000000000 -0400
27283 +++ linux-2.6.25.11-vs2.3.0.34.14/mm/mremap.c 2008-04-19 15:14:52.000000000 -0400
27285 #include <linux/highmem.h>
27286 #include <linux/security.h>
27287 #include <linux/syscalls.h>
27288 +#include <linux/vs_memory.h>
27290 #include <asm/uaccess.h>
27291 #include <asm/cacheflush.h>
27292 @@ -212,7 +213,7 @@ static unsigned long move_vma(struct vm_
27293 * If this were a serious issue, we'd add a flag to do_munmap().
27295 hiwater_vm = mm->hiwater_vm;
27296 - mm->total_vm += new_len >> PAGE_SHIFT;
27297 + vx_vmpages_add(mm, new_len >> PAGE_SHIFT);
27298 vm_stat_account(mm, vma->vm_flags, vma->vm_file, new_len>>PAGE_SHIFT);
27300 if (do_munmap(mm, old_addr, old_len) < 0) {
27301 @@ -230,7 +231,7 @@ static unsigned long move_vma(struct vm_
27304 if (vm_flags & VM_LOCKED) {
27305 - mm->locked_vm += new_len >> PAGE_SHIFT;
27306 + vx_vmlocked_add(mm, new_len >> PAGE_SHIFT);
27307 if (new_len > old_len)
27308 make_pages_present(new_addr + old_len,
27309 new_addr + new_len);
27310 @@ -341,6 +342,9 @@ unsigned long do_mremap(unsigned long ad
27312 if (locked > lock_limit && !capable(CAP_IPC_LOCK))
27314 + if (!vx_vmlocked_avail(current->mm,
27315 + (new_len - old_len) >> PAGE_SHIFT))
27318 if (!may_expand_vm(mm, (new_len - old_len) >> PAGE_SHIFT)) {
27320 @@ -369,10 +373,10 @@ unsigned long do_mremap(unsigned long ad
27321 vma_adjust(vma, vma->vm_start,
27322 addr + new_len, vma->vm_pgoff, NULL);
27324 - mm->total_vm += pages;
27325 + vx_vmpages_add(mm, pages);
27326 vm_stat_account(mm, vma->vm_flags, vma->vm_file, pages);
27327 if (vma->vm_flags & VM_LOCKED) {
27328 - mm->locked_vm += pages;
27329 + vx_vmlocked_add(mm, pages);
27330 make_pages_present(addr + old_len,
27333 diff -NurpP --minimal linux-2.6.25.11/mm/nommu.c linux-2.6.25.11-vs2.3.0.34.14/mm/nommu.c
27334 --- linux-2.6.25.11/mm/nommu.c 2008-04-17 12:05:44.000000000 -0400
27335 +++ linux-2.6.25.11-vs2.3.0.34.14/mm/nommu.c 2008-04-19 15:14:52.000000000 -0400
27336 @@ -991,7 +991,7 @@ unsigned long do_mmap_pgoff(struct file
27337 realalloc += kobjsize(vma);
27338 askedalloc += sizeof(*vma);
27340 - current->mm->total_vm += len >> PAGE_SHIFT;
27341 + vx_vmpages_add(current->mm, len >> PAGE_SHIFT);
27343 add_nommu_vma(vma);
27345 @@ -1117,7 +1117,7 @@ int do_munmap(struct mm_struct *mm, unsi
27348 update_hiwater_vm(mm);
27349 - mm->total_vm -= len >> PAGE_SHIFT;
27350 + vx_vmpages_sub(mm, len >> PAGE_SHIFT);
27353 show_process_blocks();
27354 @@ -1150,7 +1150,7 @@ void exit_mmap(struct mm_struct * mm)
27355 printk("Exit_mmap:\n");
27358 - mm->total_vm = 0;
27359 + vx_vmpages_sub(mm, mm->total_vm);
27361 while ((tmp = mm->context.vmlist)) {
27362 mm->context.vmlist = tmp->next;
27363 diff -NurpP --minimal linux-2.6.25.11/mm/oom_kill.c linux-2.6.25.11-vs2.3.0.34.14/mm/oom_kill.c
27364 --- linux-2.6.25.11/mm/oom_kill.c 2008-04-17 12:05:44.000000000 -0400
27365 +++ linux-2.6.25.11-vs2.3.0.34.14/mm/oom_kill.c 2008-04-19 16:55:20.000000000 -0400
27367 #include <linux/module.h>
27368 #include <linux/notifier.h>
27369 #include <linux/memcontrol.h>
27370 +#include <linux/vs_memory.h>
27372 int sysctl_panic_on_oom;
27373 int sysctl_oom_kill_allocating_task;
27374 @@ -73,6 +74,12 @@ unsigned long badness(struct task_struct
27375 points = mm->total_vm;
27378 + * add points for context badness
27381 + points += vx_badness(p, mm);
27384 * After this unlock we can no longer dereference local variable `mm'
27387 @@ -162,8 +169,8 @@ unsigned long badness(struct task_struct
27391 - printk(KERN_DEBUG "OOMkill: task %d (%s) got %lu points\n",
27392 - p->pid, p->comm, points);
27393 + printk(KERN_DEBUG "OOMkill: task %d:#%u (%s) got %d points\n",
27394 + task_pid_nr(p), p->xid, p->comm, points);
27398 @@ -322,8 +329,8 @@ static void __oom_kill_task(struct task_
27402 - printk(KERN_ERR "Killed process %d (%s)\n",
27403 - task_pid_nr(p), p->comm);
27404 + printk(KERN_ERR "Killed process %d:#%u (%s)\n",
27405 + task_pid_nr(p), p->xid, p->comm);
27408 * We give our sacrificial lamb high priority and access to
27409 @@ -403,8 +410,8 @@ static int oom_kill_process(struct task_
27413 - printk(KERN_ERR "%s: kill process %d (%s) score %li or a child\n",
27414 - message, task_pid_nr(p), p->comm, points);
27415 + printk(KERN_ERR "%s: kill process %d:#%u (%s) score %li or a child\n",
27416 + message, task_pid_nr(p), p->xid, p->comm, points);
27418 /* Try to kill a child first */
27419 list_for_each_entry(c, &p->children, sibling) {
27420 diff -NurpP --minimal linux-2.6.25.11/mm/page_alloc.c linux-2.6.25.11-vs2.3.0.34.14/mm/page_alloc.c
27421 --- linux-2.6.25.11/mm/page_alloc.c 2008-07-15 22:05:18.000000000 -0400
27422 +++ linux-2.6.25.11-vs2.3.0.34.14/mm/page_alloc.c 2008-06-10 20:00:46.000000000 -0400
27424 #include <linux/fault-inject.h>
27425 #include <linux/page-isolation.h>
27426 #include <linux/memcontrol.h>
27427 +#include <linux/vs_base.h>
27428 +#include <linux/vs_limit.h>
27430 #include <asm/tlbflush.h>
27431 #include <asm/div64.h>
27432 @@ -1762,6 +1764,9 @@ void si_meminfo(struct sysinfo *val)
27433 val->totalhigh = totalhigh_pages;
27434 val->freehigh = nr_free_highpages();
27435 val->mem_unit = PAGE_SIZE;
27437 + if (vx_flags(VXF_VIRT_MEM, 0))
27438 + vx_vsi_meminfo(val);
27441 EXPORT_SYMBOL(si_meminfo);
27442 @@ -1782,6 +1787,9 @@ void si_meminfo_node(struct sysinfo *val
27445 val->mem_unit = PAGE_SIZE;
27447 + if (vx_flags(VXF_VIRT_MEM, 0))
27448 + vx_vsi_meminfo(val);
27452 diff -NurpP --minimal linux-2.6.25.11/mm/rmap.c linux-2.6.25.11-vs2.3.0.34.14/mm/rmap.c
27453 --- linux-2.6.25.11/mm/rmap.c 2008-04-17 12:05:44.000000000 -0400
27454 +++ linux-2.6.25.11-vs2.3.0.34.14/mm/rmap.c 2008-04-19 16:53:36.000000000 -0400
27456 #include <linux/module.h>
27457 #include <linux/kallsyms.h>
27458 #include <linux/memcontrol.h>
27459 +#include <linux/vs_memory.h>
27461 #include <asm/tlbflush.h>
27463 diff -NurpP --minimal linux-2.6.25.11/mm/shmem.c linux-2.6.25.11-vs2.3.0.34.14/mm/shmem.c
27464 --- linux-2.6.25.11/mm/shmem.c 2008-04-17 12:05:44.000000000 -0400
27465 +++ linux-2.6.25.11-vs2.3.0.34.14/mm/shmem.c 2008-04-19 15:14:52.000000000 -0400
27467 #include <asm/pgtable.h>
27469 /* This magic number is used in glibc for posix shared memory */
27470 -#define TMPFS_MAGIC 0x01021994
27472 #define ENTRIES_PER_PAGE (PAGE_CACHE_SIZE/sizeof(unsigned long))
27473 #define ENTRIES_PER_PAGEPAGE (ENTRIES_PER_PAGE*ENTRIES_PER_PAGE)
27474 @@ -1773,7 +1772,7 @@ static int shmem_statfs(struct dentry *d
27476 struct shmem_sb_info *sbinfo = SHMEM_SB(dentry->d_sb);
27478 - buf->f_type = TMPFS_MAGIC;
27479 + buf->f_type = TMPFS_SUPER_MAGIC;
27480 buf->f_bsize = PAGE_CACHE_SIZE;
27481 buf->f_namelen = NAME_MAX;
27482 spin_lock(&sbinfo->stat_lock);
27483 @@ -2341,7 +2340,7 @@ static int shmem_fill_super(struct super
27484 sb->s_maxbytes = SHMEM_MAX_BYTES;
27485 sb->s_blocksize = PAGE_CACHE_SIZE;
27486 sb->s_blocksize_bits = PAGE_CACHE_SHIFT;
27487 - sb->s_magic = TMPFS_MAGIC;
27488 + sb->s_magic = TMPFS_SUPER_MAGIC;
27489 sb->s_op = &shmem_ops;
27490 sb->s_time_gran = 1;
27491 #ifdef CONFIG_TMPFS_POSIX_ACL
27492 diff -NurpP --minimal linux-2.6.25.11/mm/slab.c linux-2.6.25.11-vs2.3.0.34.14/mm/slab.c
27493 --- linux-2.6.25.11/mm/slab.c 2008-04-17 12:05:44.000000000 -0400
27494 +++ linux-2.6.25.11-vs2.3.0.34.14/mm/slab.c 2008-04-19 15:14:52.000000000 -0400
27495 @@ -509,6 +509,8 @@ struct kmem_cache {
27496 #define STATS_INC_FREEMISS(x) do { } while (0)
27499 +#include "slab_vs.h"
27504 @@ -3344,6 +3346,7 @@ retry:
27506 obj = slab_get_obj(cachep, slabp, nodeid);
27507 check_slabp(cachep, slabp);
27508 + vx_slab_alloc(cachep, flags);
27509 l3->free_objects--;
27510 /* move slabp to correct slabp list: */
27511 list_del(&slabp->list);
27512 @@ -3416,6 +3419,7 @@ __cache_alloc_node(struct kmem_cache *ca
27513 /* ___cache_alloc_node can fall back to other nodes */
27514 ptr = ____cache_alloc_node(cachep, flags, nodeid);
27516 + vx_slab_alloc(cachep, flags);
27517 local_irq_restore(save_flags);
27518 ptr = cache_alloc_debugcheck_after(cachep, flags, ptr, caller);
27520 @@ -3587,6 +3591,7 @@ static inline void __cache_free(struct k
27523 objp = cache_free_debugcheck(cachep, objp, __builtin_return_address(0));
27524 + vx_slab_free(cachep);
27527 * Skip calling cache_free_alien() when the platform is not numa.
27528 diff -NurpP --minimal linux-2.6.25.11/mm/slab_vs.h linux-2.6.25.11-vs2.3.0.34.14/mm/slab_vs.h
27529 --- linux-2.6.25.11/mm/slab_vs.h 1969-12-31 19:00:00.000000000 -0500
27530 +++ linux-2.6.25.11-vs2.3.0.34.14/mm/slab_vs.h 2008-04-19 15:14:52.000000000 -0400
27533 +#include <linux/vserver/context.h>
27535 +#include <linux/vs_context.h>
27538 +void vx_slab_alloc(struct kmem_cache *cachep, gfp_t flags)
27540 + int what = gfp_zone(cachep->gfpflags);
27542 + if (!current->vx_info)
27545 + atomic_add(cachep->buffer_size, ¤t->vx_info->cacct.slab[what]);
27549 +void vx_slab_free(struct kmem_cache *cachep)
27551 + int what = gfp_zone(cachep->gfpflags);
27553 + if (!current->vx_info)
27556 + atomic_sub(cachep->buffer_size, ¤t->vx_info->cacct.slab[what]);
27559 diff -NurpP --minimal linux-2.6.25.11/mm/swapfile.c linux-2.6.25.11-vs2.3.0.34.14/mm/swapfile.c
27560 --- linux-2.6.25.11/mm/swapfile.c 2008-04-17 12:05:44.000000000 -0400
27561 +++ linux-2.6.25.11-vs2.3.0.34.14/mm/swapfile.c 2008-04-19 15:14:52.000000000 -0400
27563 #include <asm/pgtable.h>
27564 #include <asm/tlbflush.h>
27565 #include <linux/swapops.h>
27566 +#include <linux/vs_base.h>
27567 +#include <linux/vs_memory.h>
27569 DEFINE_SPINLOCK(swap_lock);
27570 unsigned int nr_swapfiles;
27571 @@ -1743,6 +1745,8 @@ void si_swapinfo(struct sysinfo *val)
27572 val->freeswap = nr_swap_pages + nr_to_be_unused;
27573 val->totalswap = total_swap_pages + nr_to_be_unused;
27574 spin_unlock(&swap_lock);
27575 + if (vx_flags(VXF_VIRT_MEM, 0))
27576 + vx_vsi_swapinfo(val);
27580 diff -NurpP --minimal linux-2.6.25.11/net/core/dev.c linux-2.6.25.11-vs2.3.0.34.14/net/core/dev.c
27581 --- linux-2.6.25.11/net/core/dev.c 2008-07-15 22:05:18.000000000 -0400
27582 +++ linux-2.6.25.11-vs2.3.0.34.14/net/core/dev.c 2008-06-23 15:22:21.000000000 -0400
27583 @@ -119,6 +119,7 @@
27584 #include <linux/err.h>
27585 #include <linux/ctype.h>
27586 #include <linux/if_arp.h>
27587 +#include <linux/vs_inet.h>
27589 #include "net-sysfs.h"
27591 @@ -2336,6 +2337,8 @@ static int dev_ifconf(struct net *net, c
27594 for_each_netdev(net, dev) {
27595 + if (!nx_dev_visible(current->nx_info, dev))
27597 for (i = 0; i < NPROTO; i++) {
27598 if (gifconf_list[i]) {
27600 @@ -2404,6 +2407,9 @@ static void dev_seq_printf_stats(struct
27602 struct net_device_stats *stats = dev->get_stats(dev);
27604 + if (!nx_dev_visible(current->nx_info, dev))
27607 seq_printf(seq, "%6s:%8lu %7lu %4lu %4lu %4lu %5lu %10lu %9lu "
27608 "%8lu %7lu %4lu %4lu %4lu %5lu %7lu %10lu\n",
27609 dev->name, stats->rx_bytes, stats->rx_packets,
27610 diff -NurpP --minimal linux-2.6.25.11/net/core/rtnetlink.c linux-2.6.25.11-vs2.3.0.34.14/net/core/rtnetlink.c
27611 --- linux-2.6.25.11/net/core/rtnetlink.c 2008-07-15 22:05:18.000000000 -0400
27612 +++ linux-2.6.25.11-vs2.3.0.34.14/net/core/rtnetlink.c 2008-05-21 14:30:41.000000000 -0400
27613 @@ -674,6 +674,8 @@ static int rtnl_dump_ifinfo(struct sk_bu
27616 for_each_netdev(net, dev) {
27617 + if (!nx_dev_visible(skb->sk->sk_nx_info, dev))
27621 if (rtnl_fill_ifinfo(skb, dev, RTM_NEWLINK,
27622 @@ -1207,6 +1209,9 @@ void rtmsg_ifinfo(int type, struct net_d
27623 struct sk_buff *skb;
27624 int err = -ENOBUFS;
27626 + if (!nx_dev_visible(current->nx_info, dev))
27629 skb = nlmsg_new(if_nlmsg_size(dev), GFP_KERNEL);
27632 diff -NurpP --minimal linux-2.6.25.11/net/core/sock.c linux-2.6.25.11-vs2.3.0.34.14/net/core/sock.c
27633 --- linux-2.6.25.11/net/core/sock.c 2008-04-17 12:05:44.000000000 -0400
27634 +++ linux-2.6.25.11-vs2.3.0.34.14/net/core/sock.c 2008-04-23 14:31:31.000000000 -0400
27635 @@ -126,6 +126,10 @@
27636 #include <linux/ipsec.h>
27638 #include <linux/filter.h>
27639 +#include <linux/vs_socket.h>
27640 +#include <linux/vs_limit.h>
27641 +#include <linux/vs_context.h>
27642 +#include <linux/vs_network.h>
27645 #include <net/tcp.h>
27646 @@ -907,6 +911,8 @@ static struct sock *sk_prot_alloc(struct
27647 if (!try_module_get(prot->owner))
27650 + sock_vx_init(sk);
27651 + sock_nx_init(sk);
27655 @@ -984,6 +990,11 @@ void sk_free(struct sock *sk)
27656 __FUNCTION__, atomic_read(&sk->sk_omem_alloc));
27658 put_net(sk->sk_net);
27660 + clr_vx_info(&sk->sk_vx_info);
27662 + clr_nx_info(&sk->sk_nx_info);
27664 sk_prot_free(sk->sk_prot_creator, sk);
27667 @@ -999,6 +1010,8 @@ struct sock *sk_clone(const struct sock
27670 get_net(newsk->sk_net);
27671 + sock_vx_init(newsk);
27672 + sock_nx_init(newsk);
27673 sk_node_init(&newsk->sk_node);
27674 sock_lock_init(newsk);
27675 bh_lock_sock(newsk);
27676 @@ -1045,6 +1058,12 @@ struct sock *sk_clone(const struct sock
27677 newsk->sk_priority = 0;
27678 atomic_set(&newsk->sk_refcnt, 2);
27680 + set_vx_info(&newsk->sk_vx_info, sk->sk_vx_info);
27681 + newsk->sk_xid = sk->sk_xid;
27682 + vx_sock_inc(newsk);
27683 + set_nx_info(&newsk->sk_nx_info, sk->sk_nx_info);
27684 + newsk->sk_nid = sk->sk_nid;
27687 * Increment the counter in the same struct proto as the master
27688 * sock (sk_refcnt_debug_inc uses newsk->sk_prot->socks, that
27689 @@ -1727,6 +1746,11 @@ void sock_init_data(struct socket *sock,
27691 sk->sk_stamp = ktime_set(-1L, 0);
27693 + set_vx_info(&sk->sk_vx_info, current->vx_info);
27694 + sk->sk_xid = vx_current_xid();
27696 + set_nx_info(&sk->sk_nx_info, current->nx_info);
27697 + sk->sk_nid = nx_current_nid();
27698 atomic_set(&sk->sk_refcnt, 1);
27699 atomic_set(&sk->sk_drops, 0);
27701 diff -NurpP --minimal linux-2.6.25.11/net/ipv4/af_inet.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/af_inet.c
27702 --- linux-2.6.25.11/net/ipv4/af_inet.c 2008-04-17 12:05:44.000000000 -0400
27703 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/af_inet.c 2008-04-19 16:08:42.000000000 -0400
27704 @@ -115,6 +115,7 @@
27705 #ifdef CONFIG_IP_MROUTE
27706 #include <linux/mroute.h>
27708 +#include <linux/vs_limit.h>
27710 DEFINE_SNMP_STAT(struct linux_mib, net_statistics) __read_mostly;
27712 @@ -317,9 +318,12 @@ lookup_protocol:
27716 + if ((protocol == IPPROTO_ICMP) &&
27717 + nx_capable(answer->capability, NXC_RAW_ICMP))
27719 if (answer->capability > 0 && !capable(answer->capability))
27720 goto out_rcu_unlock;
27723 sock->ops = answer->ops;
27724 answer_prot = answer->prot;
27725 answer_no_check = answer->no_check;
27726 @@ -433,6 +437,7 @@ int inet_bind(struct socket *sock, struc
27727 struct sockaddr_in *addr = (struct sockaddr_in *)uaddr;
27728 struct sock *sk = sock->sk;
27729 struct inet_sock *inet = inet_sk(sk);
27730 + struct nx_v4_sock_addr nsa;
27731 unsigned short snum;
27734 @@ -446,7 +451,11 @@ int inet_bind(struct socket *sock, struc
27735 if (addr_len < sizeof(struct sockaddr_in))
27738 - chk_addr_ret = inet_addr_type(&init_net, addr->sin_addr.s_addr);
27739 + err = v4_map_sock_addr(inet, addr, &nsa);
27743 + chk_addr_ret = inet_addr_type(&init_net, nsa.saddr);
27745 /* Not specified by any standard per-se, however it breaks too
27746 * many applications when removed. It is unfortunate since
27747 @@ -458,7 +467,7 @@ int inet_bind(struct socket *sock, struc
27748 err = -EADDRNOTAVAIL;
27749 if (!sysctl_ip_nonlocal_bind &&
27751 - addr->sin_addr.s_addr != htonl(INADDR_ANY) &&
27752 + nsa.saddr != htonl(INADDR_ANY) &&
27753 chk_addr_ret != RTN_LOCAL &&
27754 chk_addr_ret != RTN_MULTICAST &&
27755 chk_addr_ret != RTN_BROADCAST)
27756 @@ -483,7 +492,7 @@ int inet_bind(struct socket *sock, struc
27757 if (sk->sk_state != TCP_CLOSE || inet->num)
27758 goto out_release_sock;
27760 - inet->rcv_saddr = inet->saddr = addr->sin_addr.s_addr;
27761 + v4_set_sock_addr(inet, &nsa);
27762 if (chk_addr_ret == RTN_MULTICAST || chk_addr_ret == RTN_BROADCAST)
27763 inet->saddr = 0; /* Use device */
27765 @@ -676,11 +685,13 @@ int inet_getname(struct socket *sock, st
27768 sin->sin_port = inet->dport;
27769 - sin->sin_addr.s_addr = inet->daddr;
27770 + sin->sin_addr.s_addr =
27771 + nx_map_sock_lback(sk->sk_nx_info, inet->daddr);
27773 __be32 addr = inet->rcv_saddr;
27775 addr = inet->saddr;
27776 + addr = nx_map_sock_lback(sk->sk_nx_info, addr);
27777 sin->sin_port = inet->sport;
27778 sin->sin_addr.s_addr = addr;
27780 diff -NurpP --minimal linux-2.6.25.11/net/ipv4/devinet.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/devinet.c
27781 --- linux-2.6.25.11/net/ipv4/devinet.c 2008-04-17 12:05:44.000000000 -0400
27782 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/devinet.c 2008-04-19 15:14:52.000000000 -0400
27783 @@ -421,6 +421,7 @@ struct in_device *inetdev_by_index(struc
27788 /* Called only from RTNL semaphored context. No locks. */
27790 struct in_ifaddr *inet_ifa_byprefix(struct in_device *in_dev, __be32 prefix,
27791 @@ -672,6 +673,8 @@ int devinet_ioctl(unsigned int cmd, void
27794 if ((in_dev = __in_dev_get_rtnl(dev)) != NULL) {
27795 + struct nx_info *nxi = current->nx_info;
27797 if (tryaddrmatch) {
27798 /* Matthias Andree */
27799 /* compare label and address (4.4BSD style) */
27800 @@ -680,6 +683,8 @@ int devinet_ioctl(unsigned int cmd, void
27801 This is checked above. */
27802 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
27803 ifap = &ifa->ifa_next) {
27804 + if (!nx_v4_ifa_visible(nxi, ifa))
27806 if (!strcmp(ifr.ifr_name, ifa->ifa_label) &&
27807 sin_orig.sin_addr.s_addr ==
27808 ifa->ifa_address) {
27809 @@ -692,9 +697,12 @@ int devinet_ioctl(unsigned int cmd, void
27810 comparing just the label */
27812 for (ifap = &in_dev->ifa_list; (ifa = *ifap) != NULL;
27813 - ifap = &ifa->ifa_next)
27814 + ifap = &ifa->ifa_next) {
27815 + if (!nx_v4_ifa_visible(nxi, ifa))
27817 if (!strcmp(ifr.ifr_name, ifa->ifa_label))
27823 @@ -846,6 +854,8 @@ static int inet_gifconf(struct net_devic
27826 for (; ifa; ifa = ifa->ifa_next) {
27827 + if (!nx_v4_ifa_visible(current->nx_info, ifa))
27830 done += sizeof(ifr);
27832 @@ -1171,6 +1181,7 @@ static int inet_dump_ifaddr(struct sk_bu
27833 struct net_device *dev;
27834 struct in_device *in_dev;
27835 struct in_ifaddr *ifa;
27836 + struct sock *sk = skb->sk;
27837 int s_ip_idx, s_idx = cb->args[0];
27839 if (net != &init_net)
27840 @@ -1188,6 +1199,8 @@ static int inet_dump_ifaddr(struct sk_bu
27842 for (ifa = in_dev->ifa_list, ip_idx = 0; ifa;
27843 ifa = ifa->ifa_next, ip_idx++) {
27844 + if (sk && !nx_v4_ifa_visible(sk->sk_nx_info, ifa))
27846 if (ip_idx < s_ip_idx)
27848 if (inet_fill_ifaddr(skb, ifa, NETLINK_CB(cb->skb).pid,
27849 diff -NurpP --minimal linux-2.6.25.11/net/ipv4/fib_hash.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/fib_hash.c
27850 --- linux-2.6.25.11/net/ipv4/fib_hash.c 2008-04-17 12:05:44.000000000 -0400
27851 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/fib_hash.c 2008-04-19 15:14:52.000000000 -0400
27852 @@ -1025,7 +1025,7 @@ static int fib_seq_show(struct seq_file
27853 prefix = f->fn_key;
27854 mask = FZ_MASK(iter->zone);
27855 flags = fib_flag_trans(fa->fa_type, mask, fi);
27857 + if (fi && nx_dev_visible(current->nx_info, fi->fib_dev))
27858 snprintf(bf, sizeof(bf),
27859 "%s\t%08X\t%08X\t%04X\t%d\t%u\t%d\t%08X\t%d\t%u\t%u",
27860 fi->fib_dev ? fi->fib_dev->name : "*", prefix,
27861 diff -NurpP --minimal linux-2.6.25.11/net/ipv4/inet_connection_sock.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/inet_connection_sock.c
27862 --- linux-2.6.25.11/net/ipv4/inet_connection_sock.c 2008-04-17 12:05:44.000000000 -0400
27863 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/inet_connection_sock.c 2008-04-19 15:14:52.000000000 -0400
27864 @@ -47,10 +47,40 @@ void inet_get_local_port_range(int *low,
27866 EXPORT_SYMBOL(inet_get_local_port_range);
27868 +int ipv4_rcv_saddr_equal(const struct sock *sk1, const struct sock *sk2)
27870 + __be32 sk1_rcv_saddr = inet_rcv_saddr(sk1),
27871 + sk2_rcv_saddr = inet_rcv_saddr(sk2);
27873 + if (inet_v6_ipv6only(sk2))
27876 + if (sk1_rcv_saddr &&
27878 + sk1_rcv_saddr == sk2_rcv_saddr)
27881 + if (sk1_rcv_saddr &&
27882 + !sk2_rcv_saddr &&
27883 + v4_addr_in_nx_info(sk2->sk_nx_info, sk1_rcv_saddr, NXA_MASK_BIND))
27886 + if (sk2_rcv_saddr &&
27887 + !sk1_rcv_saddr &&
27888 + v4_addr_in_nx_info(sk1->sk_nx_info, sk2_rcv_saddr, NXA_MASK_BIND))
27891 + if (!sk1_rcv_saddr &&
27892 + !sk2_rcv_saddr &&
27893 + nx_v4_addr_conflict(sk1->sk_nx_info, sk2->sk_nx_info))
27899 int inet_csk_bind_conflict(const struct sock *sk,
27900 const struct inet_bind_bucket *tb)
27902 - const __be32 sk_rcv_saddr = inet_rcv_saddr(sk);
27904 struct hlist_node *node;
27905 int reuse = sk->sk_reuse;
27906 @@ -63,9 +93,7 @@ int inet_csk_bind_conflict(const struct
27907 sk->sk_bound_dev_if == sk2->sk_bound_dev_if)) {
27908 if (!reuse || !sk2->sk_reuse ||
27909 sk2->sk_state == TCP_LISTEN) {
27910 - const __be32 sk2_rcv_saddr = inet_rcv_saddr(sk2);
27911 - if (!sk2_rcv_saddr || !sk_rcv_saddr ||
27912 - sk2_rcv_saddr == sk_rcv_saddr)
27913 + if (ipv4_rcv_saddr_equal(sk, sk2))
27917 diff -NurpP --minimal linux-2.6.25.11/net/ipv4/inet_diag.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/inet_diag.c
27918 --- linux-2.6.25.11/net/ipv4/inet_diag.c 2008-04-17 12:05:44.000000000 -0400
27919 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/inet_diag.c 2008-04-19 16:05:51.000000000 -0400
27921 #include <linux/stddef.h>
27923 #include <linux/inet_diag.h>
27924 +#include <linux/vs_network.h>
27925 +#include <linux/vs_inet.h>
27927 static const struct inet_diag_handler **inet_diag_table;
27929 @@ -122,8 +124,8 @@ static int inet_csk_diag_fill(struct soc
27931 r->id.idiag_sport = inet->sport;
27932 r->id.idiag_dport = inet->dport;
27933 - r->id.idiag_src[0] = inet->rcv_saddr;
27934 - r->id.idiag_dst[0] = inet->daddr;
27935 + r->id.idiag_src[0] = nx_map_sock_lback(sk->sk_nx_info, inet->rcv_saddr);
27936 + r->id.idiag_dst[0] = nx_map_sock_lback(sk->sk_nx_info, inet->daddr);
27938 #if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
27939 if (r->idiag_family == AF_INET6) {
27940 @@ -210,8 +212,8 @@ static int inet_twsk_diag_fill(struct in
27941 r->id.idiag_cookie[1] = (u32)(((unsigned long)tw >> 31) >> 1);
27942 r->id.idiag_sport = tw->tw_sport;
27943 r->id.idiag_dport = tw->tw_dport;
27944 - r->id.idiag_src[0] = tw->tw_rcv_saddr;
27945 - r->id.idiag_dst[0] = tw->tw_daddr;
27946 + r->id.idiag_src[0] = nx_map_sock_lback(tw->tw_nx_info, tw->tw_rcv_saddr);
27947 + r->id.idiag_dst[0] = nx_map_sock_lback(tw->tw_nx_info, tw->tw_daddr);
27948 r->idiag_state = tw->tw_substate;
27949 r->idiag_timer = 3;
27950 r->idiag_expires = DIV_ROUND_UP(tmo * 1000, HZ);
27951 @@ -268,6 +270,7 @@ static int inet_diag_get_exact(struct sk
27954 if (req->idiag_family == AF_INET) {
27955 + /* TODO: lback */
27956 sk = inet_lookup(&init_net, hashinfo, req->id.idiag_dst[0],
27957 req->id.idiag_dport, req->id.idiag_src[0],
27958 req->id.idiag_sport, req->id.idiag_if);
27959 @@ -510,6 +513,7 @@ static int inet_csk_diag_dump(struct soc
27963 + /* TODO: lback */
27964 entry.saddr = &inet->rcv_saddr;
27965 entry.daddr = &inet->daddr;
27967 @@ -546,6 +550,7 @@ static int inet_twsk_diag_dump(struct in
27971 + /* TODO: lback */
27972 entry.saddr = &tw->tw_rcv_saddr;
27973 entry.daddr = &tw->tw_daddr;
27975 @@ -592,8 +597,8 @@ static int inet_diag_fill_req(struct sk_
27977 r->id.idiag_sport = inet->sport;
27978 r->id.idiag_dport = ireq->rmt_port;
27979 - r->id.idiag_src[0] = ireq->loc_addr;
27980 - r->id.idiag_dst[0] = ireq->rmt_addr;
27981 + r->id.idiag_src[0] = nx_map_sock_lback(sk->sk_nx_info, ireq->loc_addr);
27982 + r->id.idiag_dst[0] = nx_map_sock_lback(sk->sk_nx_info, ireq->rmt_addr);
27983 r->idiag_expires = jiffies_to_msecs(tmo);
27984 r->idiag_rqueue = 0;
27985 r->idiag_wqueue = 0;
27986 @@ -663,6 +668,7 @@ static int inet_diag_dump_reqs(struct sk
27990 + /* TODO: lback */
27992 #if defined(CONFIG_IPV6) || defined (CONFIG_IPV6_MODULE)
27993 (entry.family == AF_INET6) ?
27994 @@ -731,6 +737,8 @@ static int inet_diag_dump(struct sk_buff
27995 sk_for_each(sk, node, &hashinfo->listening_hash[i]) {
27996 struct inet_sock *inet = inet_sk(sk);
27998 + if (!nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT))
28003 @@ -792,6 +800,8 @@ skip_listen_ht:
28004 sk_for_each(sk, node, &head->chain) {
28005 struct inet_sock *inet = inet_sk(sk);
28007 + if (!nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT))
28011 if (!(r->idiag_states & (1 << sk->sk_state)))
28012 @@ -816,6 +826,8 @@ next_normal:
28013 inet_twsk_for_each(tw, node,
28016 + if (!nx_check(tw->tw_nid, VS_WATCH_P | VS_IDENT))
28020 if (r->id.idiag_sport != tw->tw_sport &&
28021 diff -NurpP --minimal linux-2.6.25.11/net/ipv4/inet_hashtables.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/inet_hashtables.c
28022 --- linux-2.6.25.11/net/ipv4/inet_hashtables.c 2008-04-17 12:05:44.000000000 -0400
28023 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/inet_hashtables.c 2008-04-19 15:14:52.000000000 -0400
28026 #include <net/inet_connection_sock.h>
28027 #include <net/inet_hashtables.h>
28028 +#include <net/route.h>
28029 #include <net/ip.h>
28032 @@ -144,11 +145,10 @@ static struct sock *inet_lookup_listener
28033 const __be32 rcv_saddr = inet->rcv_saddr;
28034 int score = sk->sk_family == PF_INET ? 1 : 0;
28037 - if (rcv_saddr != daddr)
28039 + if (v4_inet_addr_match(sk->sk_nx_info, daddr, rcv_saddr))
28044 if (sk->sk_bound_dev_if) {
28045 if (sk->sk_bound_dev_if != dif)
28047 @@ -180,7 +180,7 @@ struct sock *__inet_lookup_listener(stru
28048 const struct inet_sock *inet = inet_sk((sk = __sk_head(head)));
28050 if (inet->num == hnum && !sk->sk_node.next &&
28051 - (!inet->rcv_saddr || inet->rcv_saddr == daddr) &&
28052 + v4_inet_addr_match(sk->sk_nx_info, daddr, inet->rcv_saddr) &&
28053 (sk->sk_family == PF_INET || !ipv6_only_sock(sk)) &&
28054 !sk->sk_bound_dev_if && sk->sk_net == net)
28056 diff -NurpP --minimal linux-2.6.25.11/net/ipv4/netfilter/nf_nat_helper.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/netfilter/nf_nat_helper.c
28057 --- linux-2.6.25.11/net/ipv4/netfilter/nf_nat_helper.c 2008-04-17 12:05:45.000000000 -0400
28058 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/netfilter/nf_nat_helper.c 2008-04-19 15:14:52.000000000 -0400
28060 #include <net/tcp.h>
28062 #include <linux/netfilter_ipv4.h>
28063 +#include <net/route.h>
28064 #include <net/netfilter/nf_conntrack.h>
28065 #include <net/netfilter/nf_conntrack_helper.h>
28066 #include <net/netfilter/nf_conntrack_ecache.h>
28067 diff -NurpP --minimal linux-2.6.25.11/net/ipv4/netfilter.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/netfilter.c
28068 --- linux-2.6.25.11/net/ipv4/netfilter.c 2008-04-17 12:05:45.000000000 -0400
28069 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/netfilter.c 2008-04-19 15:14:52.000000000 -0400
28071 #include <linux/netfilter_ipv4.h>
28072 #include <linux/ip.h>
28073 #include <linux/skbuff.h>
28074 -#include <net/route.h>
28075 +// #include <net/route.h>
28076 #include <net/xfrm.h>
28077 #include <net/ip.h>
28078 #include <net/netfilter/nf_queue.h>
28079 diff -NurpP --minimal linux-2.6.25.11/net/ipv4/raw.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/raw.c
28080 --- linux-2.6.25.11/net/ipv4/raw.c 2008-04-17 12:05:45.000000000 -0400
28081 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/raw.c 2008-04-29 20:28:52.000000000 -0400
28082 @@ -126,7 +126,7 @@ static struct sock *__raw_v4_lookup(stru
28084 if (sk->sk_net == net && inet->num == num &&
28085 !(inet->daddr && inet->daddr != raddr) &&
28086 - !(inet->rcv_saddr && inet->rcv_saddr != laddr) &&
28087 + v4_sock_addr_match(sk->sk_nx_info, inet, laddr) &&
28088 !(sk->sk_bound_dev_if && sk->sk_bound_dev_if != dif))
28089 goto found; /* gotcha */
28091 @@ -382,6 +382,12 @@ static int raw_send_hdrinc(struct sock *
28092 icmp_out_count(((struct icmphdr *)
28093 skb_transport_header(skb))->type);
28096 + if (!nx_check(0, VS_ADMIN) && !capable(CAP_NET_RAW) &&
28097 + sk->sk_nx_info &&
28098 + !v4_addr_in_nx_info(sk->sk_nx_info, iph->saddr, NXA_MASK_BIND))
28101 err = NF_HOOK(PF_INET, NF_INET_LOCAL_OUT, skb, NULL, rt->u.dst.dev,
28104 @@ -393,6 +399,7 @@ out:
28111 IP_INC_STATS(IPSTATS_MIB_OUTDISCARDS);
28112 @@ -560,6 +567,13 @@ static int raw_sendmsg(struct kiocb *ioc
28115 security_sk_classify_flow(sk, &fl);
28116 + if (sk->sk_nx_info) {
28117 + err = ip_v4_find_src(sk->sk_net,
28118 + sk->sk_nx_info, &rt, &fl);
28123 err = ip_route_output_flow(&init_net, &rt, &fl, sk, 1);
28126 @@ -622,17 +636,19 @@ static int raw_bind(struct sock *sk, str
28128 struct inet_sock *inet = inet_sk(sk);
28129 struct sockaddr_in *addr = (struct sockaddr_in *) uaddr;
28130 + struct nx_v4_sock_addr nsa = { 0 };
28134 if (sk->sk_state != TCP_CLOSE || addr_len < sizeof(struct sockaddr_in))
28136 - chk_addr_ret = inet_addr_type(sk->sk_net, addr->sin_addr.s_addr);
28137 + v4_map_sock_addr(inet, addr, &nsa);
28138 + chk_addr_ret = inet_addr_type(sk->sk_net, nsa.saddr);
28139 ret = -EADDRNOTAVAIL;
28140 - if (addr->sin_addr.s_addr && chk_addr_ret != RTN_LOCAL &&
28141 + if (nsa.saddr && chk_addr_ret != RTN_LOCAL &&
28142 chk_addr_ret != RTN_MULTICAST && chk_addr_ret != RTN_BROADCAST)
28144 - inet->rcv_saddr = inet->saddr = addr->sin_addr.s_addr;
28145 + v4_set_sock_addr(inet, &nsa);
28146 if (chk_addr_ret == RTN_MULTICAST || chk_addr_ret == RTN_BROADCAST)
28147 inet->saddr = 0; /* Use device */
28149 @@ -684,7 +700,8 @@ static int raw_recvmsg(struct kiocb *ioc
28150 /* Copy the address. */
28152 sin->sin_family = AF_INET;
28153 - sin->sin_addr.s_addr = ip_hdr(skb)->saddr;
28154 + sin->sin_addr.s_addr =
28155 + nx_map_sock_lback(sk->sk_nx_info, ip_hdr(skb)->saddr);
28157 memset(&sin->sin_zero, 0, sizeof(sin->sin_zero));
28159 @@ -862,7 +879,8 @@ static struct sock *raw_get_first(struct
28160 struct hlist_node *node;
28162 sk_for_each(sk, node, &state->h->ht[state->bucket])
28163 - if (sk->sk_net == state->p.net)
28164 + if ((sk->sk_net == state->p.net) &&
28165 + nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT))
28169 @@ -878,7 +896,8 @@ static struct sock *raw_get_next(struct
28173 - } while (sk && sk->sk_net != state->p.net);
28174 + } while (sk && ((sk->sk_net != state->p.net) ||
28175 + !nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT)));
28177 if (!sk && ++state->bucket < RAW_HTABLE_SIZE) {
28178 sk = sk_head(&state->h->ht[state->bucket]);
28179 @@ -937,7 +956,10 @@ static void raw_sock_seq_show(struct seq
28181 seq_printf(seq, "%4d: %08X:%04X %08X:%04X"
28182 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %d\n",
28183 - i, src, srcp, dest, destp, sp->sk_state,
28185 + nx_map_sock_lback(current_nx_info(), src), srcp,
28186 + nx_map_sock_lback(current_nx_info(), dest), destp,
28188 atomic_read(&sp->sk_wmem_alloc),
28189 atomic_read(&sp->sk_rmem_alloc),
28190 0, 0L, 0, sock_i_uid(sp), 0, sock_i_ino(sp),
28191 diff -NurpP --minimal linux-2.6.25.11/net/ipv4/syncookies.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/syncookies.c
28192 --- linux-2.6.25.11/net/ipv4/syncookies.c 2008-04-17 12:05:45.000000000 -0400
28193 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/syncookies.c 2008-04-19 15:14:52.000000000 -0400
28195 #include <linux/cryptohash.h>
28196 #include <linux/kernel.h>
28197 #include <net/tcp.h>
28198 +#include <net/route.h>
28200 extern int sysctl_tcp_syncookies;
28202 diff -NurpP --minimal linux-2.6.25.11/net/ipv4/tcp.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/tcp.c
28203 --- linux-2.6.25.11/net/ipv4/tcp.c 2008-04-17 12:05:45.000000000 -0400
28204 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/tcp.c 2008-04-19 15:14:52.000000000 -0400
28205 @@ -263,6 +263,7 @@
28206 #include <linux/cache.h>
28207 #include <linux/err.h>
28208 #include <linux/crypto.h>
28209 +#include <linux/in.h>
28211 #include <net/icmp.h>
28212 #include <net/tcp.h>
28213 diff -NurpP --minimal linux-2.6.25.11/net/ipv4/tcp_ipv4.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/tcp_ipv4.c
28214 --- linux-2.6.25.11/net/ipv4/tcp_ipv4.c 2008-04-17 12:05:45.000000000 -0400
28215 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/tcp_ipv4.c 2008-04-19 15:14:52.000000000 -0400
28216 @@ -1965,6 +1965,12 @@ static void *listening_get_next(struct s
28217 req = req->dl_next;
28220 + vxdprintk(VXD_CBIT(net, 6),
28221 + "sk,req: %p [#%d] (from %d)", req->sk,
28222 + (req->sk)?req->sk->sk_nid:0, nx_current_nid());
28224 + !nx_check(req->sk->sk_nid, VS_WATCH_P | VS_IDENT))
28226 if (req->rsk_ops->family == st->family) {
28229 @@ -1989,6 +1995,10 @@ get_req:
28232 sk_for_each_from(sk, node) {
28233 + vxdprintk(VXD_CBIT(net, 6), "sk: %p [#%d] (from %d)",
28234 + sk, sk->sk_nid, nx_current_nid());
28235 + if (!nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT))
28237 if (sk->sk_family == st->family) {
28240 @@ -2038,18 +2048,26 @@ static void *established_get_first(struc
28242 read_lock_bh(lock);
28243 sk_for_each(sk, node, &tcp_hashinfo.ehash[st->bucket].chain) {
28244 - if (sk->sk_family != st->family) {
28245 + vxdprintk(VXD_CBIT(net, 6),
28246 + "sk,egf: %p [#%d] (from %d)",
28247 + sk, sk->sk_nid, nx_current_nid());
28248 + if (!nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT))
28250 + if (sk->sk_family != st->family)
28256 st->state = TCP_SEQ_STATE_TIME_WAIT;
28257 inet_twsk_for_each(tw, node,
28258 &tcp_hashinfo.ehash[st->bucket].twchain) {
28259 - if (tw->tw_family != st->family) {
28260 + vxdprintk(VXD_CBIT(net, 6),
28261 + "tw: %p [#%d] (from %d)",
28262 + tw, tw->tw_nid, nx_current_nid());
28263 + if (!nx_check(tw->tw_nid, VS_WATCH_P | VS_IDENT))
28265 + if (tw->tw_family != st->family)
28271 @@ -2073,7 +2091,8 @@ static void *established_get_next(struct
28275 - while (tw && tw->tw_family != st->family) {
28276 + while (tw && (tw->tw_family != st->family ||
28277 + !nx_check(tw->tw_nid, VS_WATCH_P | VS_IDENT))) {
28281 @@ -2094,6 +2113,11 @@ get_tw:
28284 sk_for_each_from(sk, node) {
28285 + vxdprintk(VXD_CBIT(net, 6),
28286 + "sk,egn: %p [#%d] (from %d)",
28287 + sk, sk->sk_nid, nx_current_nid());
28288 + if (!nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT))
28290 if (sk->sk_family == st->family)
28293 @@ -2266,9 +2290,9 @@ static void get_openreq4(struct sock *sk
28294 sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X"
28295 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %u %d %p",
28298 + nx_map_sock_lback(current_nx_info(), ireq->loc_addr),
28299 ntohs(inet_sk(sk)->sport),
28301 + nx_map_sock_lback(current_nx_info(), ireq->rmt_addr),
28302 ntohs(ireq->rmt_port),
28304 0, 0, /* could print option size, but that is af dependent. */
28305 @@ -2310,7 +2334,10 @@ static void get_tcp4_sock(struct sock *s
28307 sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X %02X %08X:%08X %02X:%08lX "
28308 "%08X %5d %8d %lu %d %p %u %u %u %u %d",
28309 - i, src, srcp, dest, destp, sk->sk_state,
28311 + nx_map_sock_lback(current_nx_info(), src), srcp,
28312 + nx_map_sock_lback(current_nx_info(), dest), destp,
28314 tp->write_seq - tp->snd_una,
28315 sk->sk_state == TCP_LISTEN ? sk->sk_ack_backlog :
28316 (tp->rcv_nxt - tp->copied_seq),
28317 @@ -2345,7 +2372,10 @@ static void get_timewait4_sock(struct in
28319 sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X"
28320 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p",
28321 - i, src, srcp, dest, destp, tw->tw_substate, 0, 0,
28323 + nx_map_sock_lback(current_nx_info(), src), srcp,
28324 + nx_map_sock_lback(current_nx_info(), dest), destp,
28325 + tw->tw_substate, 0, 0,
28326 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
28327 atomic_read(&tw->tw_refcnt), tw);
28329 diff -NurpP --minimal linux-2.6.25.11/net/ipv4/tcp_minisocks.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/tcp_minisocks.c
28330 --- linux-2.6.25.11/net/ipv4/tcp_minisocks.c 2008-04-17 11:31:40.000000000 -0400
28331 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/tcp_minisocks.c 2008-04-19 15:14:52.000000000 -0400
28333 #include <net/inet_common.h>
28334 #include <net/xfrm.h>
28336 +#include <linux/vs_limit.h>
28337 +#include <linux/vs_socket.h>
28338 +#include <linux/vs_context.h>
28340 #ifdef CONFIG_SYSCTL
28341 #define SYNC_INIT 0 /* let the user enable it */
28343 @@ -293,6 +297,11 @@ void tcp_time_wait(struct sock *sk, int
28344 tcptw->tw_ts_recent = tp->rx_opt.ts_recent;
28345 tcptw->tw_ts_recent_stamp = tp->rx_opt.ts_recent_stamp;
28347 + tw->tw_xid = sk->sk_xid;
28348 + tw->tw_vx_info = NULL;
28349 + tw->tw_nid = sk->sk_nid;
28350 + tw->tw_nx_info = NULL;
28352 #if defined(CONFIG_IPV6) || defined(CONFIG_IPV6_MODULE)
28353 if (tw->tw_family == PF_INET6) {
28354 struct ipv6_pinfo *np = inet6_sk(sk);
28355 diff -NurpP --minimal linux-2.6.25.11/net/ipv4/udp.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/udp.c
28356 --- linux-2.6.25.11/net/ipv4/udp.c 2008-04-17 12:05:45.000000000 -0400
28357 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv4/udp.c 2008-04-21 12:41:01.000000000 -0400
28358 @@ -246,14 +246,7 @@ int udp_get_port(struct sock *sk, unsign
28359 return __udp_lib_get_port(sk, snum, udp_hash, scmp);
28362 -int ipv4_rcv_saddr_equal(const struct sock *sk1, const struct sock *sk2)
28364 - struct inet_sock *inet1 = inet_sk(sk1), *inet2 = inet_sk(sk2);
28366 - return ( !ipv6_only_sock(sk2) &&
28367 - (!inet1->rcv_saddr || !inet2->rcv_saddr ||
28368 - inet1->rcv_saddr == inet2->rcv_saddr ));
28370 +extern int ipv4_rcv_saddr_equal(const struct sock *sk1, const struct sock *sk2);
28372 static inline int udp_v4_get_port(struct sock *sk, unsigned short snum)
28374 @@ -273,16 +266,23 @@ static struct sock *__udp4_lib_lookup(st
28377 read_lock(&udp_hash_lock);
28379 sk_for_each(sk, node, &udptable[hnum & (UDP_HTABLE_SIZE - 1)]) {
28380 struct inet_sock *inet = inet_sk(sk);
28382 if (sk->sk_net == net && sk->sk_hash == hnum &&
28383 !ipv6_only_sock(sk)) {
28384 int score = (sk->sk_family == PF_INET ? 1 : 0);
28386 if (inet->rcv_saddr) {
28387 if (inet->rcv_saddr != daddr)
28391 + /* block non nx_info ips */
28392 + if (!v4_addr_in_nx_info(sk->sk_nx_info,
28393 + daddr, NXA_MASK_BIND))
28397 if (inet->daddr != saddr)
28398 @@ -308,6 +308,7 @@ static struct sock *__udp4_lib_lookup(st
28405 read_unlock(&udp_hash_lock);
28406 @@ -329,7 +330,7 @@ static inline struct sock *udp_v4_mcast_
28407 if (s->sk_hash != hnum ||
28408 (inet->daddr && inet->daddr != rmt_addr) ||
28409 (inet->dport != rmt_port && inet->dport) ||
28410 - (inet->rcv_saddr && inet->rcv_saddr != loc_addr) ||
28411 + !v4_sock_addr_match(sk->sk_nx_info, inet, loc_addr) ||
28412 ipv6_only_sock(s) ||
28413 (s->sk_bound_dev_if && s->sk_bound_dev_if != dif))
28415 @@ -662,7 +663,15 @@ int udp_sendmsg(struct kiocb *iocb, stru
28416 .uli_u = { .ports =
28417 { .sport = inet->sport,
28418 .dport = dport } } };
28419 + struct nx_info *nxi = sk->sk_nx_info;
28420 + struct net *net = sk->sk_net;
28422 security_sk_classify_flow(sk, &fl);
28424 + err = ip_v4_find_src(net, nxi, &rt, &fl);
28428 err = ip_route_output_flow(&init_net, &rt, &fl, sk, 1);
28430 if (err == -ENETUNREACH)
28431 @@ -905,7 +914,8 @@ try_again:
28433 sin->sin_family = AF_INET;
28434 sin->sin_port = udp_hdr(skb)->source;
28435 - sin->sin_addr.s_addr = ip_hdr(skb)->saddr;
28436 + sin->sin_addr.s_addr = nx_map_sock_lback(
28437 + skb->sk->sk_nx_info, ip_hdr(skb)->saddr);
28438 memset(sin->sin_zero, 0, sizeof(sin->sin_zero));
28440 if (inet->cmsg_flags)
28441 @@ -1516,7 +1526,8 @@ static struct sock *udp_get_first(struct
28442 for (state->bucket = 0; state->bucket < UDP_HTABLE_SIZE; ++state->bucket) {
28443 struct hlist_node *node;
28444 sk_for_each(sk, node, state->hashtable + state->bucket) {
28445 - if (sk->sk_family == state->family)
28446 + if (sk->sk_family == state->family &&
28447 + nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT))
28451 @@ -1533,7 +1544,8 @@ static struct sock *udp_get_next(struct
28455 - } while (sk && sk->sk_family != state->family);
28456 + } while (sk && (sk->sk_family != state->family ||
28457 + !nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT)));
28459 if (!sk && ++state->bucket < UDP_HTABLE_SIZE) {
28460 sk = sk_head(state->hashtable + state->bucket);
28461 @@ -1648,7 +1660,10 @@ static void udp4_format_sock(struct sock
28463 sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X"
28464 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p",
28465 - bucket, src, srcp, dest, destp, sp->sk_state,
28467 + nx_map_sock_lback(current_nx_info(), src), srcp,
28468 + nx_map_sock_lback(current_nx_info(), dest), destp,
28470 atomic_read(&sp->sk_wmem_alloc),
28471 atomic_read(&sp->sk_rmem_alloc),
28472 0, 0L, 0, sock_i_uid(sp), 0, sock_i_ino(sp),
28473 diff -NurpP --minimal linux-2.6.25.11/net/ipv6/addrconf.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv6/addrconf.c
28474 --- linux-2.6.25.11/net/ipv6/addrconf.c 2008-04-17 12:05:45.000000000 -0400
28475 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv6/addrconf.c 2008-06-23 16:09:17.000000000 -0400
28478 #include <linux/proc_fs.h>
28479 #include <linux/seq_file.h>
28480 +#include <linux/vs_network.h>
28481 +#include <linux/vs_inet6.h>
28483 /* Set to 3 to get tracing... */
28484 #define ACONF_DEBUG 2
28485 @@ -918,7 +920,8 @@ static inline int ipv6_saddr_preferred(i
28488 int ipv6_dev_get_saddr(struct net_device *daddr_dev,
28489 - struct in6_addr *daddr, struct in6_addr *saddr)
28490 + struct in6_addr *daddr, struct in6_addr *saddr,
28491 + struct nx_info *nxi)
28493 struct ipv6_saddr_score hiscore;
28494 struct inet6_ifaddr *ifa_result = NULL;
28495 @@ -964,6 +967,10 @@ int ipv6_dev_get_saddr(struct net_device
28497 score.addr_type = __ipv6_addr_type(&ifa->addr);
28499 + /* Use only addresses assigned to the context */
28500 + if (!v6_ifa_in_nx_info(ifa, nxi))
28504 * - Tentative Address (RFC2462 section 5.4)
28505 * - A tentative address is not considered
28506 @@ -1181,9 +1188,10 @@ record_it:
28509 int ipv6_get_saddr(struct dst_entry *dst,
28510 - struct in6_addr *daddr, struct in6_addr *saddr)
28511 + struct in6_addr *daddr, struct in6_addr *saddr,
28512 + struct nx_info *nxi)
28514 - return ipv6_dev_get_saddr(dst ? ip6_dst_idev(dst)->dev : NULL, daddr, saddr);
28515 + return ipv6_dev_get_saddr(dst ? ip6_dst_idev(dst)->dev : NULL, daddr, saddr, nxi);
28518 EXPORT_SYMBOL(ipv6_get_saddr);
28519 @@ -1287,35 +1295,46 @@ struct inet6_ifaddr *ipv6_get_ifaddr(str
28523 +extern int ipv4_rcv_saddr_equal(const struct sock *sk1, const struct sock *sk2);
28525 int ipv6_rcv_saddr_equal(const struct sock *sk, const struct sock *sk2)
28527 const struct in6_addr *sk_rcv_saddr6 = &inet6_sk(sk)->rcv_saddr;
28528 const struct in6_addr *sk2_rcv_saddr6 = inet6_rcv_saddr(sk2);
28529 - __be32 sk_rcv_saddr = inet_sk(sk)->rcv_saddr;
28530 __be32 sk2_rcv_saddr = inet_rcv_saddr(sk2);
28531 int sk_ipv6only = ipv6_only_sock(sk);
28532 int sk2_ipv6only = inet_v6_ipv6only(sk2);
28533 int addr_type = ipv6_addr_type(sk_rcv_saddr6);
28534 int addr_type2 = sk2_rcv_saddr6 ? ipv6_addr_type(sk2_rcv_saddr6) : IPV6_ADDR_MAPPED;
28536 - if (!sk2_rcv_saddr && !sk_ipv6only)
28537 + /* FIXME: needs handling for v4 ANY */
28538 + if (!sk2_rcv_saddr && !sk_ipv6only && !sk2->sk_nx_info)
28541 if (addr_type2 == IPV6_ADDR_ANY &&
28542 - !(sk2_ipv6only && addr_type == IPV6_ADDR_MAPPED))
28543 + !(sk2_ipv6only && addr_type == IPV6_ADDR_MAPPED) &&
28544 + v6_addr_in_nx_info(sk2->sk_nx_info, sk_rcv_saddr6, -1))
28547 if (addr_type == IPV6_ADDR_ANY &&
28548 - !(sk_ipv6only && addr_type2 == IPV6_ADDR_MAPPED))
28549 + !(sk_ipv6only && addr_type2 == IPV6_ADDR_MAPPED) &&
28550 + (sk2_rcv_saddr6 && v6_addr_in_nx_info(sk->sk_nx_info, sk2_rcv_saddr6, -1)))
28553 + if (addr_type == IPV6_ADDR_ANY &&
28554 + addr_type2 == IPV6_ADDR_ANY &&
28555 + nx_v6_addr_conflict(sk->sk_nx_info, sk2->sk_nx_info))
28558 if (sk2_rcv_saddr6 &&
28559 + addr_type != IPV6_ADDR_ANY &&
28560 + addr_type != IPV6_ADDR_ANY &&
28561 ipv6_addr_equal(sk_rcv_saddr6, sk2_rcv_saddr6))
28564 if (addr_type == IPV6_ADDR_MAPPED &&
28566 - (!sk2_rcv_saddr || !sk_rcv_saddr || sk_rcv_saddr == sk2_rcv_saddr))
28567 + ipv4_rcv_saddr_equal(sk, sk2))
28571 @@ -2846,7 +2865,10 @@ static void if6_seq_stop(struct seq_file
28572 static int if6_seq_show(struct seq_file *seq, void *v)
28574 struct inet6_ifaddr *ifp = (struct inet6_ifaddr *)v;
28577 + if (nx_check(0, VS_ADMIN|VS_WATCH) ||
28578 + v6_addr_in_nx_info(current_nx_info(), &ifp->addr, -1))
28580 NIP6_SEQFMT " %02x %02x %02x %02x %8s\n",
28582 ifp->idev->dev->ifindex,
28583 @@ -3337,6 +3359,11 @@ static int inet6_dump_addr(struct sk_buf
28584 struct inet6_ifaddr *ifa;
28585 struct ifmcaddr6 *ifmca;
28586 struct ifacaddr6 *ifaca;
28587 + struct nx_info *nxi = skb->sk ? skb->sk->sk_nx_info : NULL;
28589 + /* disable ipv6 on non v6 guests */
28590 + if (nxi && !nx_info_has_v6(nxi))
28593 s_idx = cb->args[0];
28594 s_ip_idx = ip_idx = cb->args[1];
28595 @@ -3358,6 +3385,8 @@ static int inet6_dump_addr(struct sk_buf
28596 ifa = ifa->if_next, ip_idx++) {
28597 if (ip_idx < s_ip_idx)
28599 + if (!v6_addr_in_nx_info(nxi, &ifa->addr, -1))
28601 err = inet6_fill_ifaddr(skb, ifa,
28602 NETLINK_CB(cb->skb).pid,
28603 cb->nlh->nlmsg_seq,
28604 @@ -3371,6 +3400,8 @@ static int inet6_dump_addr(struct sk_buf
28605 ifmca = ifmca->next, ip_idx++) {
28606 if (ip_idx < s_ip_idx)
28608 + if (!v6_addr_in_nx_info(nxi, &ifmca->mca_addr, -1))
28610 err = inet6_fill_ifmcaddr(skb, ifmca,
28611 NETLINK_CB(cb->skb).pid,
28612 cb->nlh->nlmsg_seq,
28613 @@ -3384,6 +3415,8 @@ static int inet6_dump_addr(struct sk_buf
28614 ifaca = ifaca->aca_next, ip_idx++) {
28615 if (ip_idx < s_ip_idx)
28617 + if (!v6_addr_in_nx_info(nxi, &ifaca->aca_addr, -1))
28619 err = inet6_fill_ifacaddr(skb, ifaca,
28620 NETLINK_CB(cb->skb).pid,
28621 cb->nlh->nlmsg_seq,
28622 @@ -3678,6 +3711,11 @@ static int inet6_dump_ifinfo(struct sk_b
28623 int s_idx = cb->args[0];
28624 struct net_device *dev;
28625 struct inet6_dev *idev;
28626 + struct nx_info *nxi = skb->sk ? skb->sk->sk_nx_info : NULL;
28628 + /* FIXME: maybe disable ipv6 on non v6 guests?
28629 + if (skb->sk && skb->sk->sk_vx_info)
28630 + return skb->len; */
28632 if (net != &init_net)
28634 @@ -3687,6 +3725,8 @@ static int inet6_dump_ifinfo(struct sk_b
28635 for_each_netdev(&init_net, dev) {
28638 + if (!v6_dev_in_nx_info(dev, nxi))
28640 if ((idev = in6_dev_get(dev)) == NULL)
28642 err = inet6_fill_ifinfo(skb, idev, NETLINK_CB(cb->skb).pid,
28643 diff -NurpP --minimal linux-2.6.25.11/net/ipv6/af_inet6.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv6/af_inet6.c
28644 --- linux-2.6.25.11/net/ipv6/af_inet6.c 2008-04-17 12:05:45.000000000 -0400
28645 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv6/af_inet6.c 2008-04-19 15:14:52.000000000 -0400
28647 #include <linux/netdevice.h>
28648 #include <linux/icmpv6.h>
28649 #include <linux/netfilter_ipv6.h>
28650 +#include <linux/vs_inet.h>
28651 +#include <linux/vs_inet6.h>
28653 #include <net/ip.h>
28654 #include <net/ipv6.h>
28656 #include <net/tcp.h>
28657 #include <net/ipip.h>
28658 #include <net/protocol.h>
28659 +#include <net/route.h>
28660 #include <net/inet_common.h>
28661 #include <net/transp_v6.h>
28662 #include <net/ip6_route.h>
28663 @@ -148,9 +151,12 @@ lookup_protocol:
28667 + if ((protocol == IPPROTO_ICMPV6) &&
28668 + nx_capable(answer->capability, NXC_RAW_ICMP))
28670 if (answer->capability > 0 && !capable(answer->capability))
28671 goto out_rcu_unlock;
28674 sock->ops = answer->ops;
28675 answer_prot = answer->prot;
28676 answer_no_check = answer->no_check;
28677 @@ -248,6 +254,7 @@ int inet6_bind(struct socket *sock, stru
28678 struct sock *sk = sock->sk;
28679 struct inet_sock *inet = inet_sk(sk);
28680 struct ipv6_pinfo *np = inet6_sk(sk);
28681 + struct nx_v6_sock_addr nsa;
28683 unsigned short snum;
28685 @@ -259,6 +266,11 @@ int inet6_bind(struct socket *sock, stru
28687 if (addr_len < SIN6_LEN_RFC2133)
28690 + err = v6_map_sock_addr(inet, addr, &nsa);
28694 addr_type = ipv6_addr_type(&addr->sin6_addr);
28695 if ((addr_type & IPV6_ADDR_MULTICAST) && sock->type == SOCK_STREAM)
28697 @@ -282,6 +294,10 @@ int inet6_bind(struct socket *sock, stru
28698 err = -EADDRNOTAVAIL;
28701 + if (!v4_addr_in_nx_info(sk->sk_nx_info, v4addr, NXA_MASK_BIND)) {
28702 + err = -EADDRNOTAVAIL;
28706 if (addr_type != IPV6_ADDR_ANY) {
28707 struct net_device *dev = NULL;
28708 @@ -307,6 +323,11 @@ int inet6_bind(struct socket *sock, stru
28712 + if (!v6_addr_in_nx_info(sk->sk_nx_info, &addr->sin6_addr, -1)) {
28713 + err = -EADDRNOTAVAIL;
28717 /* ipv4 addr of the socket is invalid. Only the
28718 * unspecified and mapped address have a v4 equivalent.
28720 @@ -325,6 +346,8 @@ int inet6_bind(struct socket *sock, stru
28724 + v6_set_sock_addr(inet, &nsa);
28726 inet->rcv_saddr = v4addr;
28727 inet->saddr = v4addr;
28729 @@ -419,9 +442,11 @@ int inet6_getname(struct socket *sock, s
28731 sin->sin6_port = inet->dport;
28732 ipv6_addr_copy(&sin->sin6_addr, &np->daddr);
28733 + /* FIXME: remap lback? */
28735 sin->sin6_flowinfo = np->flow_label;
28737 + /* FIXME: remap lback? */
28738 if (ipv6_addr_any(&np->rcv_saddr))
28739 ipv6_addr_copy(&sin->sin6_addr, &np->saddr);
28741 diff -NurpP --minimal linux-2.6.25.11/net/ipv6/fib6_rules.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv6/fib6_rules.c
28742 --- linux-2.6.25.11/net/ipv6/fib6_rules.c 2008-04-17 12:05:45.000000000 -0400
28743 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv6/fib6_rules.c 2008-04-19 15:14:52.000000000 -0400
28744 @@ -86,7 +86,7 @@ static int fib6_rule_action(struct fib_r
28745 r->src.plen && !(flags & RT6_LOOKUP_F_HAS_SADDR)) {
28746 struct in6_addr saddr;
28747 if (ipv6_get_saddr(&rt->u.dst, &flp->fl6_dst,
28751 if (!ipv6_prefix_equal(&saddr, &r->src.addr,
28753 diff -NurpP --minimal linux-2.6.25.11/net/ipv6/inet6_hashtables.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv6/inet6_hashtables.c
28754 --- linux-2.6.25.11/net/ipv6/inet6_hashtables.c 2008-04-17 12:05:45.000000000 -0400
28755 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv6/inet6_hashtables.c 2008-04-19 15:14:52.000000000 -0400
28758 #include <linux/module.h>
28759 #include <linux/random.h>
28760 +#include <linux/vs_inet6.h>
28762 #include <net/inet_connection_sock.h>
28763 #include <net/inet_hashtables.h>
28764 @@ -114,6 +115,9 @@ struct sock *inet6_lookup_listener(struc
28765 if (!ipv6_addr_equal(&np->rcv_saddr, daddr))
28769 + if (!v6_addr_in_nx_info(sk->sk_nx_info, daddr, -1))
28772 if (sk->sk_bound_dev_if) {
28773 if (sk->sk_bound_dev_if != dif)
28774 diff -NurpP --minimal linux-2.6.25.11/net/ipv6/ip6_output.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv6/ip6_output.c
28775 --- linux-2.6.25.11/net/ipv6/ip6_output.c 2008-04-17 12:05:45.000000000 -0400
28776 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv6/ip6_output.c 2008-04-19 15:14:52.000000000 -0400
28777 @@ -920,7 +920,7 @@ static int ip6_dst_lookup_tail(struct so
28778 goto out_err_release;
28780 if (ipv6_addr_any(&fl->fl6_src)) {
28781 - err = ipv6_get_saddr(*dst, &fl->fl6_dst, &fl->fl6_src);
28782 + err = ipv6_get_saddr(*dst, &fl->fl6_dst, &fl->fl6_src, sk->sk_nx_info);
28784 goto out_err_release;
28786 diff -NurpP --minimal linux-2.6.25.11/net/ipv6/Kconfig linux-2.6.25.11-vs2.3.0.34.14/net/ipv6/Kconfig
28787 --- linux-2.6.25.11/net/ipv6/Kconfig 2008-04-17 12:05:45.000000000 -0400
28788 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv6/Kconfig 2008-04-19 15:14:52.000000000 -0400
28791 # IPv6 as module will cause a CRASH if you try to unload it
28793 - tristate "The IPv6 protocol"
28795 + bool "The IPv6 protocol"
28798 This is complemental support for the IP version 6.
28799 You will still be able to do traditional IPv4 networking as well.
28800 diff -NurpP --minimal linux-2.6.25.11/net/ipv6/ndisc.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv6/ndisc.c
28801 --- linux-2.6.25.11/net/ipv6/ndisc.c 2008-04-17 12:05:45.000000000 -0400
28802 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv6/ndisc.c 2008-04-19 15:14:52.000000000 -0400
28803 @@ -563,7 +563,7 @@ static void ndisc_send_na(struct net_dev
28807 - if (ipv6_dev_get_saddr(dev, daddr, &tmpaddr))
28808 + if (ipv6_dev_get_saddr(dev, daddr, &tmpaddr, NULL))
28810 src_addr = &tmpaddr;
28812 diff -NurpP --minimal linux-2.6.25.11/net/ipv6/route.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv6/route.c
28813 --- linux-2.6.25.11/net/ipv6/route.c 2008-07-15 22:05:18.000000000 -0400
28814 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv6/route.c 2008-06-23 15:22:21.000000000 -0400
28815 @@ -2122,7 +2122,7 @@ static int rt6_fill_node(struct sk_buff
28816 NLA_PUT_U32(skb, RTA_IIF, iif);
28818 struct in6_addr saddr_buf;
28819 - if (ipv6_get_saddr(&rt->u.dst, dst, &saddr_buf) == 0)
28820 + if (ipv6_get_saddr(&rt->u.dst, dst, &saddr_buf, (skb->sk ? skb->sk->sk_nx_info : NULL)) == 0)
28821 NLA_PUT(skb, RTA_PREFSRC, 16, &saddr_buf);
28824 diff -NurpP --minimal linux-2.6.25.11/net/ipv6/tcp_ipv6.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv6/tcp_ipv6.c
28825 --- linux-2.6.25.11/net/ipv6/tcp_ipv6.c 2008-04-17 12:05:45.000000000 -0400
28826 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv6/tcp_ipv6.c 2008-04-19 15:14:52.000000000 -0400
28829 #include <linux/crypto.h>
28830 #include <linux/scatterlist.h>
28831 +#include <linux/vs_inet6.h>
28833 /* Socket used for sending RSTs and ACKs */
28834 static struct socket *tcp6_socket;
28835 @@ -154,8 +155,15 @@ static int tcp_v6_connect(struct sock *s
28836 * connect() to INADDR_ANY means loopback (BSD'ism).
28839 - if(ipv6_addr_any(&usin->sin6_addr))
28840 - usin->sin6_addr.s6_addr[15] = 0x1;
28841 + if(ipv6_addr_any(&usin->sin6_addr)) {
28842 + struct nx_info *nxi = sk->sk_nx_info;
28844 + if (nxi && nx_info_has_v6(nxi))
28845 + /* FIXME: remap lback? */
28846 + usin->sin6_addr = nxi->v6.ip;
28848 + usin->sin6_addr.s6_addr[15] = 0x1;
28851 addr_type = ipv6_addr_type(&usin->sin6_addr);
28853 diff -NurpP --minimal linux-2.6.25.11/net/ipv6/udp.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv6/udp.c
28854 --- linux-2.6.25.11/net/ipv6/udp.c 2008-04-17 12:05:45.000000000 -0400
28855 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv6/udp.c 2008-04-19 15:14:52.000000000 -0400
28858 #include <linux/proc_fs.h>
28859 #include <linux/seq_file.h>
28860 +#include <linux/vs_inet6.h>
28861 #include "udp_impl.h"
28863 static inline int udp_v6_get_port(struct sock *sk, unsigned short snum)
28864 @@ -83,6 +84,10 @@ static struct sock *__udp6_lib_lookup(st
28865 if (!ipv6_addr_equal(&np->rcv_saddr, daddr))
28869 + /* block non nx_info ips */
28870 + if (!v6_addr_in_nx_info(sk->sk_nx_info, daddr, -1))
28873 if (!ipv6_addr_any(&np->daddr)) {
28874 if (!ipv6_addr_equal(&np->daddr, saddr))
28875 diff -NurpP --minimal linux-2.6.25.11/net/ipv6/xfrm6_policy.c linux-2.6.25.11-vs2.3.0.34.14/net/ipv6/xfrm6_policy.c
28876 --- linux-2.6.25.11/net/ipv6/xfrm6_policy.c 2008-04-17 12:05:45.000000000 -0400
28877 +++ linux-2.6.25.11-vs2.3.0.34.14/net/ipv6/xfrm6_policy.c 2008-04-19 16:13:21.000000000 -0400
28878 @@ -58,7 +58,7 @@ static int xfrm6_get_saddr(xfrm_address_
28879 return -EHOSTUNREACH;
28881 ipv6_get_saddr(dst, (struct in6_addr *)&daddr->a6,
28882 - (struct in6_addr *)&saddr->a6);
28883 + (struct in6_addr *)&saddr->a6, NULL);
28887 diff -NurpP --minimal linux-2.6.25.11/net/netlink/af_netlink.c linux-2.6.25.11-vs2.3.0.34.14/net/netlink/af_netlink.c
28888 --- linux-2.6.25.11/net/netlink/af_netlink.c 2008-04-17 12:05:45.000000000 -0400
28889 +++ linux-2.6.25.11-vs2.3.0.34.14/net/netlink/af_netlink.c 2008-07-16 00:02:34.000000000 -0400
28891 #include <linux/audit.h>
28892 #include <linux/selinux.h>
28893 #include <linux/mutex.h>
28894 +#include <linux/vs_context.h>
28895 +#include <linux/vs_network.h>
28896 +#include <linux/vs_limit.h>
28898 #include <net/net_namespace.h>
28899 #include <net/sock.h>
28900 @@ -1761,6 +1764,8 @@ static struct sock *netlink_seq_socket_i
28901 sk_for_each(s, node, &hash->table[j]) {
28902 if (iter->p.net != s->sk_net)
28904 + if (!nx_check(s->sk_nid, VS_WATCH_P | VS_IDENT))
28908 iter->hash_idx = j;
28909 @@ -1795,7 +1800,8 @@ static void *netlink_seq_next(struct seq
28913 - } while (s && (iter->p.net != s->sk_net));
28914 + } while (s && (iter->p.net != s->sk_net ||
28915 + !nx_check(s->sk_nid, VS_WATCH_P | VS_IDENT)));
28919 @@ -1807,7 +1813,8 @@ static void *netlink_seq_next(struct seq
28921 for (; j <= hash->mask; j++) {
28922 s = sk_head(&hash->table[j]);
28923 - while (s && (iter->p.net != s->sk_net))
28924 + while (s && (iter->p.net != s->sk_net ||
28925 + !nx_check(s->sk_nid, VS_WATCH_P | VS_IDENT)))
28929 diff -NurpP --minimal linux-2.6.25.11/net/sctp/ipv6.c linux-2.6.25.11-vs2.3.0.34.14/net/sctp/ipv6.c
28930 --- linux-2.6.25.11/net/sctp/ipv6.c 2008-04-17 12:05:45.000000000 -0400
28931 +++ linux-2.6.25.11-vs2.3.0.34.14/net/sctp/ipv6.c 2008-04-19 15:14:52.000000000 -0400
28932 @@ -316,7 +316,7 @@ static void sctp_v6_get_saddr(struct sct
28933 __FUNCTION__, asoc, dst, NIP6(daddr->v6.sin6_addr));
28936 - ipv6_get_saddr(dst, &daddr->v6.sin6_addr,&saddr->v6.sin6_addr);
28937 + ipv6_get_saddr(dst, &daddr->v6.sin6_addr,&saddr->v6.sin6_addr, asoc->base.sk->sk_nx_info);
28938 SCTP_DEBUG_PRINTK("saddr from ipv6_get_saddr: " NIP6_FMT "\n",
28939 NIP6(saddr->v6.sin6_addr));
28941 diff -NurpP --minimal linux-2.6.25.11/net/socket.c linux-2.6.25.11-vs2.3.0.34.14/net/socket.c
28942 --- linux-2.6.25.11/net/socket.c 2008-04-17 12:05:45.000000000 -0400
28943 +++ linux-2.6.25.11-vs2.3.0.34.14/net/socket.c 2008-04-19 15:14:52.000000000 -0400
28946 #include <net/sock.h>
28947 #include <linux/netfilter.h>
28948 +#include <linux/vs_base.h>
28949 +#include <linux/vs_socket.h>
28950 +#include <linux/vs_inet.h>
28951 +#include <linux/vs_inet6.h>
28953 static int sock_no_open(struct inode *irrelevant, struct file *dontcare);
28954 static ssize_t sock_aio_read(struct kiocb *iocb, const struct iovec *iov,
28955 @@ -547,7 +551,7 @@ static inline int __sock_sendmsg(struct
28956 struct msghdr *msg, size_t size)
28958 struct sock_iocb *si = kiocb_to_siocb(iocb);
28964 @@ -558,7 +562,22 @@ static inline int __sock_sendmsg(struct
28968 - return sock->ops->sendmsg(iocb, sock, msg, size);
28969 + len = sock->ops->sendmsg(iocb, sock, msg, size);
28972 + vx_sock_send(sock->sk, size);
28974 + vx_sock_fail(sock->sk, size);
28976 + vxdprintk(VXD_CBIT(net, 7),
28977 + "__sock_sendmsg: %p[%p,%p,%p;%d/%d]:%d/%d",
28979 + (sock->sk)?sock->sk->sk_nx_info:0,
28980 + (sock->sk)?sock->sk->sk_vx_info:0,
28981 + (sock->sk)?sock->sk->sk_xid:0,
28982 + (sock->sk)?sock->sk->sk_nid:0,
28983 + (unsigned int)size, len);
28987 int sock_sendmsg(struct socket *sock, struct msghdr *msg, size_t size)
28988 @@ -627,7 +646,7 @@ EXPORT_SYMBOL_GPL(__sock_recv_timestamp)
28989 static inline int __sock_recvmsg(struct kiocb *iocb, struct socket *sock,
28990 struct msghdr *msg, size_t size, int flags)
28994 struct sock_iocb *si = kiocb_to_siocb(iocb);
28997 @@ -640,7 +659,18 @@ static inline int __sock_recvmsg(struct
29001 - return sock->ops->recvmsg(iocb, sock, msg, size, flags);
29002 + len = sock->ops->recvmsg(iocb, sock, msg, size, flags);
29003 + if ((len >= 0) && sock->sk)
29004 + vx_sock_recv(sock->sk, len);
29005 + vxdprintk(VXD_CBIT(net, 7),
29006 + "__sock_recvmsg: %p[%p,%p,%p;%d/%d]:%d/%d",
29008 + (sock->sk)?sock->sk->sk_nx_info:0,
29009 + (sock->sk)?sock->sk->sk_vx_info:0,
29010 + (sock->sk)?sock->sk->sk_xid:0,
29011 + (sock->sk)?sock->sk->sk_nid:0,
29012 + (unsigned int)size, len);
29016 int sock_recvmsg(struct socket *sock, struct msghdr *msg,
29017 @@ -1105,6 +1135,13 @@ static int __sock_create(struct net *net
29018 if (type < 0 || type >= SOCK_MAX)
29021 + if (!nx_check(0, VS_ADMIN)) {
29022 + if (family == PF_INET && !current_nx_info_has_v4())
29023 + return -EAFNOSUPPORT;
29024 + if (family == PF_INET6 && !current_nx_info_has_v6())
29025 + return -EAFNOSUPPORT;
29030 This uglymoron is moved from INET layer to here to avoid
29031 @@ -1222,6 +1259,7 @@ asmlinkage long sys_socket(int family, i
29035 + set_bit(SOCK_USER_SOCKET, &sock->flags);
29036 retval = sock_map_fd(sock);
29039 @@ -1254,10 +1292,12 @@ asmlinkage long sys_socketpair(int famil
29040 err = sock_create(family, type, protocol, &sock1);
29043 + set_bit(SOCK_USER_SOCKET, &sock1->flags);
29045 err = sock_create(family, type, protocol, &sock2);
29047 goto out_release_1;
29048 + set_bit(SOCK_USER_SOCKET, &sock2->flags);
29050 err = sock1->ops->socketpair(sock1, sock2);
29052 diff -NurpP --minimal linux-2.6.25.11/net/sunrpc/auth.c linux-2.6.25.11-vs2.3.0.34.14/net/sunrpc/auth.c
29053 --- linux-2.6.25.11/net/sunrpc/auth.c 2008-04-17 12:05:45.000000000 -0400
29054 +++ linux-2.6.25.11-vs2.3.0.34.14/net/sunrpc/auth.c 2008-04-19 15:14:52.000000000 -0400
29056 #include <linux/errno.h>
29057 #include <linux/sunrpc/clnt.h>
29058 #include <linux/spinlock.h>
29059 +#include <linux/vs_tag.h>
29062 # define RPCDBG_FACILITY RPCDBG_AUTH
29063 @@ -345,6 +346,7 @@ rpcauth_lookupcred(struct rpc_auth *auth
29064 struct auth_cred acred = {
29065 .uid = current->fsuid,
29066 .gid = current->fsgid,
29067 + .tag = dx_current_tag(),
29068 .group_info = current->group_info,
29070 struct rpc_cred *ret;
29071 @@ -382,6 +384,7 @@ rpcauth_bindcred(struct rpc_task *task)
29072 struct auth_cred acred = {
29073 .uid = current->fsuid,
29074 .gid = current->fsgid,
29075 + .tag = dx_current_tag(),
29076 .group_info = current->group_info,
29078 struct rpc_cred *ret;
29079 diff -NurpP --minimal linux-2.6.25.11/net/sunrpc/auth_unix.c linux-2.6.25.11-vs2.3.0.34.14/net/sunrpc/auth_unix.c
29080 --- linux-2.6.25.11/net/sunrpc/auth_unix.c 2008-04-17 10:37:27.000000000 -0400
29081 +++ linux-2.6.25.11-vs2.3.0.34.14/net/sunrpc/auth_unix.c 2008-04-19 15:14:52.000000000 -0400
29082 @@ -11,12 +11,14 @@
29083 #include <linux/module.h>
29084 #include <linux/sunrpc/clnt.h>
29085 #include <linux/sunrpc/auth.h>
29086 +#include <linux/vs_tag.h>
29088 #define NFS_NGROUPS 16
29091 struct rpc_cred uc_base;
29094 gid_t uc_gids[NFS_NGROUPS];
29096 #define uc_uid uc_base.cr_uid
29097 @@ -73,6 +75,7 @@ unx_create_cred(struct rpc_auth *auth, s
29098 if (flags & RPCAUTH_LOOKUP_ROOTCREDS) {
29101 + cred->uc_tag = dx_current_tag();
29102 cred->uc_gids[0] = NOGROUP;
29104 int groups = acred->group_info->ngroups;
29105 @@ -80,6 +83,7 @@ unx_create_cred(struct rpc_auth *auth, s
29106 groups = NFS_NGROUPS;
29108 cred->uc_gid = acred->gid;
29109 + cred->uc_tag = acred->tag;
29110 for (i = 0; i < groups; i++)
29111 cred->uc_gids[i] = GROUP_AT(acred->group_info, i);
29112 if (i < NFS_NGROUPS)
29113 @@ -124,7 +128,8 @@ unx_match(struct auth_cred *acred, struc
29116 if (cred->uc_uid != acred->uid
29117 - || cred->uc_gid != acred->gid)
29118 + || cred->uc_gid != acred->gid
29119 + || cred->uc_tag != acred->tag)
29122 groups = acred->group_info->ngroups;
29123 @@ -150,7 +155,7 @@ unx_marshal(struct rpc_task *task, __be3
29124 struct rpc_clnt *clnt = task->tk_client;
29125 struct unx_cred *cred = container_of(task->tk_msg.rpc_cred, struct unx_cred, uc_base);
29126 __be32 *base, *hold;
29130 *p++ = htonl(RPC_AUTH_UNIX);
29132 @@ -160,9 +165,12 @@ unx_marshal(struct rpc_task *task, __be3
29133 * Copy the UTS nodename captured when the client was created.
29135 p = xdr_encode_array(p, clnt->cl_nodename, clnt->cl_nodelen);
29136 + tag = task->tk_client->cl_tag;
29138 - *p++ = htonl((u32) cred->uc_uid);
29139 - *p++ = htonl((u32) cred->uc_gid);
29140 + *p++ = htonl((u32) TAGINO_UID(tag,
29141 + cred->uc_uid, cred->uc_tag));
29142 + *p++ = htonl((u32) TAGINO_GID(tag,
29143 + cred->uc_gid, cred->uc_tag));
29145 for (i = 0; i < 16 && cred->uc_gids[i] != (gid_t) NOGROUP; i++)
29146 *p++ = htonl((u32) cred->uc_gids[i]);
29147 diff -NurpP --minimal linux-2.6.25.11/net/sunrpc/clnt.c linux-2.6.25.11-vs2.3.0.34.14/net/sunrpc/clnt.c
29148 --- linux-2.6.25.11/net/sunrpc/clnt.c 2008-04-17 12:05:45.000000000 -0400
29149 +++ linux-2.6.25.11-vs2.3.0.34.14/net/sunrpc/clnt.c 2008-04-19 16:09:36.000000000 -0400
29151 #include <linux/utsname.h>
29152 #include <linux/workqueue.h>
29153 #include <linux/in6.h>
29154 +#include <linux/vs_cvirt.h>
29156 #include <linux/sunrpc/clnt.h>
29157 #include <linux/sunrpc/rpc_pipe_fs.h>
29158 @@ -324,7 +325,9 @@ struct rpc_clnt *rpc_create(struct rpc_c
29159 clnt->cl_autobind = 1;
29160 if (args->flags & RPC_CLNT_CREATE_DISCRTRY)
29161 clnt->cl_discrtry = 1;
29163 + /* TODO: handle RPC_CLNT_CREATE_TAGGED
29164 + if (args->flags & RPC_CLNT_CREATE_TAGGED)
29165 + clnt->cl_tag = 1; */
29168 EXPORT_SYMBOL_GPL(rpc_create);
29169 diff -NurpP --minimal linux-2.6.25.11/net/unix/af_unix.c linux-2.6.25.11-vs2.3.0.34.14/net/unix/af_unix.c
29170 --- linux-2.6.25.11/net/unix/af_unix.c 2008-04-17 12:05:45.000000000 -0400
29171 +++ linux-2.6.25.11-vs2.3.0.34.14/net/unix/af_unix.c 2008-07-16 00:03:11.000000000 -0400
29172 @@ -116,6 +116,8 @@
29173 #include <linux/mount.h>
29174 #include <net/checksum.h>
29175 #include <linux/security.h>
29176 +#include <linux/vs_context.h>
29177 +#include <linux/vs_limit.h>
29179 static struct hlist_head unix_socket_table[UNIX_HASH_SIZE + 1];
29180 static DEFINE_SPINLOCK(unix_table_lock);
29181 @@ -255,6 +257,8 @@ static struct sock *__unix_find_socket_b
29182 if (s->sk_net != net)
29185 + if (!nx_check(s->sk_nid, VS_WATCH_P | VS_IDENT))
29187 if (u->addr->len == len &&
29188 !memcmp(u->addr->name, sunname, len))
29190 @@ -819,7 +823,7 @@ static int unix_bind(struct socket *sock
29193 (SOCK_INODE(sock)->i_mode & ~current->fs->umask);
29194 - err = vfs_mknod(nd.path.dentry->d_inode, dentry, mode, 0);
29195 + err = vfs_mknod(nd.path.dentry->d_inode, dentry, mode, 0, NULL);
29197 goto out_mknod_dput;
29198 mutex_unlock(&nd.path.dentry->d_inode->i_mutex);
29199 @@ -2024,6 +2028,8 @@ static struct sock *unix_seq_idx(struct
29200 for (s = first_unix_socket(&iter->i); s; s = next_unix_socket(&iter->i, s)) {
29201 if (s->sk_net != iter->p.net)
29203 + if (!nx_check(s->sk_nid, VS_WATCH_P | VS_IDENT))
29208 @@ -2050,7 +2056,8 @@ static void *unix_seq_next(struct seq_fi
29209 sk = first_unix_socket(&iter->i);
29211 sk = next_unix_socket(&iter->i, sk);
29212 - while (sk && (sk->sk_net != iter->p.net))
29213 + while (sk && (sk->sk_net != iter->p.net ||
29214 + !nx_check(sk->sk_nid, VS_WATCH_P | VS_IDENT)))
29215 sk = next_unix_socket(&iter->i, sk);
29218 diff -NurpP --minimal linux-2.6.25.11/net/x25/af_x25.c linux-2.6.25.11-vs2.3.0.34.14/net/x25/af_x25.c
29219 --- linux-2.6.25.11/net/x25/af_x25.c 2008-04-17 12:05:45.000000000 -0400
29220 +++ linux-2.6.25.11-vs2.3.0.34.14/net/x25/af_x25.c 2008-04-19 15:14:52.000000000 -0400
29221 @@ -506,7 +506,10 @@ static int x25_create(struct net *net, s
29225 - sock_init_data(sock, sk);
29226 + sk->sk_socket = sock;
29227 + sk->sk_type = sock->type;
29228 + sk->sk_sleep = &sock->wait;
29231 x25_init_timers(sk);
29233 diff -NurpP --minimal linux-2.6.25.11/scripts/checksyscalls.sh linux-2.6.25.11-vs2.3.0.34.14/scripts/checksyscalls.sh
29234 --- linux-2.6.25.11/scripts/checksyscalls.sh 2008-04-17 11:31:42.000000000 -0400
29235 +++ linux-2.6.25.11-vs2.3.0.34.14/scripts/checksyscalls.sh 2008-04-19 15:14:52.000000000 -0400
29236 @@ -108,7 +108,6 @@ cat << EOF
29237 #define __IGNORE_afs_syscall
29238 #define __IGNORE_getpmsg
29239 #define __IGNORE_putpmsg
29240 -#define __IGNORE_vserver
29244 diff -NurpP --minimal linux-2.6.25.11/security/commoncap.c linux-2.6.25.11-vs2.3.0.34.14/security/commoncap.c
29245 --- linux-2.6.25.11/security/commoncap.c 2008-04-17 12:05:46.000000000 -0400
29246 +++ linux-2.6.25.11-vs2.3.0.34.14/security/commoncap.c 2008-04-23 22:22:54.000000000 -0400
29248 #include <linux/hugetlb.h>
29249 #include <linux/mount.h>
29250 #include <linux/sched.h>
29251 +#include <linux/vs_context.h>
29253 /* Global security state */
29255 @@ -32,7 +33,7 @@ EXPORT_SYMBOL(securebits);
29257 int cap_netlink_send(struct sock *sk, struct sk_buff *skb)
29259 - NETLINK_CB(skb).eff_cap = current->cap_effective;
29260 + NETLINK_CB(skb).eff_cap = vx_mbcaps(current->cap_effective);
29264 @@ -53,9 +54,24 @@ EXPORT_SYMBOL(cap_netlink_recv);
29266 int cap_capable (struct task_struct *tsk, int cap)
29268 + struct vx_info *vxi = tsk->vx_info;
29271 + printk("cap_capable() VXF_STATE_SETUP = %llx, raised = %x, eff = %08x:%08x\n",
29272 + vx_info_flags(vxi, VXF_STATE_SETUP, 0),
29273 + cap_raised(tsk->cap_effective, cap),
29274 + tsk->cap_effective.cap[1], tsk->cap_effective.cap[0]);
29277 + /* special case SETUP */
29278 + if (vx_info_flags(vxi, VXF_STATE_SETUP, 0) &&
29279 + cap_raised(tsk->cap_effective, cap))
29282 /* Derived from include/linux/sched.h:capable. */
29283 - if (cap_raised(tsk->cap_effective, cap))
29284 + if (vx_cap_raised(vxi, tsk->cap_effective, cap))
29290 @@ -583,7 +599,8 @@ void cap_task_reparent_to_init (struct t
29292 int cap_syslog (int type)
29294 - if ((type != 3 && type != 10) && !capable(CAP_SYS_ADMIN))
29295 + if ((type != 3 && type != 10) &&
29296 + !vx_capable(CAP_SYS_ADMIN, VXC_SYSLOG))
29300 diff -NurpP --minimal linux-2.6.25.11/security/dummy.c linux-2.6.25.11-vs2.3.0.34.14/security/dummy.c
29301 --- linux-2.6.25.11/security/dummy.c 2008-04-17 12:05:46.000000000 -0400
29302 +++ linux-2.6.25.11-vs2.3.0.34.14/security/dummy.c 2008-04-23 20:28:54.000000000 -0400
29304 #include <linux/hugetlb.h>
29305 #include <linux/ptrace.h>
29306 #include <linux/file.h>
29307 +#include <linux/vs_context.h>
29309 static int dummy_ptrace (struct task_struct *parent, struct task_struct *child)
29311 @@ -714,7 +715,7 @@ static int dummy_sem_semop (struct sem_a
29313 static int dummy_netlink_send (struct sock *sk, struct sk_buff *skb)
29315 - NETLINK_CB(skb).eff_cap = current->cap_effective;
29316 + NETLINK_CB(skb).eff_cap = vx_mbcaps(current->cap_effective);
29320 diff -NurpP --minimal linux-2.6.25.11/security/selinux/hooks.c linux-2.6.25.11-vs2.3.0.34.14/security/selinux/hooks.c
29321 --- linux-2.6.25.11/security/selinux/hooks.c 2008-07-15 22:05:18.000000000 -0400
29322 +++ linux-2.6.25.11-vs2.3.0.34.14/security/selinux/hooks.c 2008-05-21 14:30:41.000000000 -0400
29324 #include <linux/dccp.h>
29325 #include <linux/quota.h>
29326 #include <linux/un.h> /* for Unix socket types */
29327 -#include <net/af_unix.h> /* for Unix socket types */
29328 #include <linux/parser.h>
29329 #include <linux/nfs_mount.h>
29330 #include <net/ipv6.h>
projects / packages / kernel.git / blob